* modules/ssl/ssl_engine_pphrase.c (modssl_load_engine_keypair):
Update to avoid GCC warning for no-engine builds where the
SSLModConfigRec is not used. Also log an error for the ENOTIMPL
path.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916057 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/docs/log-message-tags/next-number b/docs/log-message-tags/next-number
index 489281b..ca9bf0c 100644
--- a/docs/log-message-tags/next-number
+++ b/docs/log-message-tags/next-number
@@ -1 +1 @@
-10496
+10497
diff --git a/modules/ssl/ssl_engine_pphrase.c b/modules/ssl/ssl_engine_pphrase.c
index 689da30..5dd6bdd 100644
--- a/modules/ssl/ssl_engine_pphrase.c
+++ b/modules/ssl/ssl_engine_pphrase.c
@@ -979,22 +979,23 @@
const char *certid, const char *keyid,
X509 **pubkey, EVP_PKEY **privkey)
{
-#if MODSSL_HAVE_OPENSSL_STORE
+#if MODSSL_HAVE_ENGINE_API
SSLModConfigRec *mc = myModConfig(s);
/* For OpenSSL 3.x, use the STORE-based API if either ENGINE
* support was not present compile-time, or if it's built but
* SSLCryptoDevice is not configured. */
-#if MODSSL_HAVE_ENGINE_API
- if (!mc->szCryptoDevice)
+ if (mc->szCryptoDevice)
+ return modssl_load_keypair_engine(s, p, vhostid, certid, keyid,
+ pubkey, privkey);
#endif
- return modssl_load_keypair_store(s, p, vhostid, certid, keyid,
- pubkey, privkey);
-#endif
-#if MODSSL_HAVE_ENGINE_API
- return modssl_load_keypair_engine(s, p, vhostid, certid, keyid,
- pubkey, privkey);
+#if MODSSL_HAVE_OPENSSL_STORE
+ return modssl_load_keypair_store(s, p, vhostid, certid, keyid,
+ pubkey, privkey);
#else
+ ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(10496)
+ "Init: no method for loading keypair for %s (%s | %s)",
+ vhostid, certid ? certid : "no cert", keyid);
return APR_ENOTIMPL;
#endif
}