From 10e930c7445a425f43959aa0ffdec3a2f87466db Mon Sep 17 00:00:00 2001
From: Joe Orton <jorton@redhat.com>
Date: Fri, 22 Sep 2017 15:48:42 +0100
Subject: [PATCH] better error handling in httpd-ssl-gencerts (#1494556)
 Resolves: rhbz#1494556

---
 httpd-ssl-gencerts | 7 +++++++
 httpd.spec         | 5 ++++-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/httpd-ssl-gencerts b/httpd-ssl-gencerts
index 22aece4..350f5b5 100755
--- a/httpd-ssl-gencerts
+++ b/httpd-ssl-gencerts
@@ -3,6 +3,7 @@
 set -e
 
 FQDN=`hostname`
+ssldotconf=/etc/httpd/conf.d/ssl.conf
 
 if test -f /etc/pki/tls/certs/localhost.crt -a \
         -f /etc/pki/tls/private/localhost.key; then
@@ -21,6 +22,12 @@ if test ! -f /etc/pki/tls/certs/localhost.crt -a \
     exit 1
 fi
 
+if ! test -f ${ssldotconf} || \
+   ! grep -q '^SSLCertificateFile /etc/pki/tls/certs/localhost.crt' ${ssldotconf} || \
+   ! grep -q '^SSLCertificateKeyFile /etc/pki/tls/private/localhost.key' ${ssldotconf}; then
+    # Non-default configuration, do nothing.
+    exit 0
+fi
 
 sscg -q                                                             \
      --cert-file           /etc/pki/tls/certs/localhost.crt         \
diff --git a/httpd.spec b/httpd.spec
index b67946e..04bdce2 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -13,7 +13,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.4.27
-Release: 11%{?dist}
+Release: 12%{?dist}
 URL: https://httpd.apache.org/
 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: index.html
@@ -689,6 +689,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
+* Fri Sep 22 2017 Joe Orton <jorton@redhat.com> - 2.4.27-12
+- better error handling in httpd-ssl-gencerts (#1494556)
+
 * Thu Sep 21 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.4.27-11
 - Require sscg 2.2.0 for creating service and CA certificates together