Merge r1861269 from trunk:

* modules/ssl/ssl_engine_config.c (ssl_cmd_check_file):
  If dumping the config, don't validate the paths.  Allows
  e.g. "httpd -L" to work w/ certs configured but not present,
  doesn't affect "httpd -t".

Reviewed by: jorton, rpluem, jim

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1906489 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index b6e8e7603c4b5a0cc684875165f80fe3a0b9f7b7..eaf9554f87e1344bc005cdb7b61e143fbf29905d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.55
 
+  *) mod_ssl: When dumping the configuration, the existence of
+     certificate/key files is no longer tested.  [Joe Orton]
+
   *) mod_ssl: when a proxy connection had handled a request using SSL, an
      error was logged when "SSLProxyEngine" was only configured in the
      location/proxy section and not the overall server. The connection

diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
index 01c5a17669741fa9cc6b3e60cae72b341ecdfa1c..de18b8fb25fbb90d0011a467100ce30af304bcab 100644 (file)
--- a/modules/ssl/ssl_engine_config.c
+++ b/modules/ssl/ssl_engine_config.c
@@ -810,8 +810,14 @@ const char *ssl_cmd_SSLCipherSuite(cmd_parms *cmd,
 static const char *ssl_cmd_check_file(cmd_parms *parms,
                                       const char **file)
 {
-    const char *filepath = ap_server_root_relative(parms->pool, *file);
+    const char *filepath;
 
+    /* If only dumping the config, don't verify the paths */
+    if (ap_state_query(AP_SQ_RUN_MODE) == AP_SQ_RM_CONFIG_DUMP) {
+        return NULL;
+    }
+
+    filepath = ap_server_root_relative(parms->pool, *file);
     if (!filepath) {
         return apr_pstrcat(parms->pool, parms->cmd->name,
                            ": Invalid file path ", *file, NULL);