From 779360709abbf1f7bf582f4b1a149f5295ff4c6e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= <luhliari@redhat.com>
Date: Mon, 27 Jan 2025 21:09:03 +0100
Subject: [PATCH] Resolves: RHEL-76413 - mod_proxy_http2 failures after
 CVE-2024-38477 fix

---
 mod_http2-2.0.26-r1918628.patch | 21 +++++++++++++++++++++
 mod_http2.spec                  |  9 +++++++--
 2 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 mod_http2-2.0.26-r1918628.patch

diff --git a/mod_http2-2.0.26-r1918628.patch b/mod_http2-2.0.26-r1918628.patch
new file mode 100644
index 0000000..2e5a71e
--- /dev/null
+++ b/mod_http2-2.0.26-r1918628.patch
@@ -0,0 +1,21 @@
+diff --git a/mod_http2/mod_proxy_http2.c b/mod_http2/mod_proxy_http2.c
+index ebf8f61..e5cb0ba 100644
+--- a/mod_http2/mod_proxy_http2.c
++++ b/mod_http2/mod_proxy_http2.c
+@@ -317,7 +317,7 @@ static int proxy_http2_handler(request_rec *r,
+                                apr_port_t proxyport)
+ {
+     const char *proxy_func;
+-    char *locurl = url, *u;
++    char *locurl, *u;
+     apr_size_t slen;
+     int is_ssl = 0;
+     apr_status_t status;
+@@ -382,6 +382,7 @@ run_connect:
+         goto cleanup;
+     }
+ 
++    locurl = url;
+     ctx->p_conn->is_ssl = ctx->is_ssl;
+ 
+     /* Step One: Determine the URL to connect to (might be a proxy),
diff --git a/mod_http2.spec b/mod_http2.spec
index 31b33d3..6e3373a 100644
--- a/mod_http2.spec
+++ b/mod_http2.spec
@@ -3,12 +3,14 @@
 
 Name:		mod_http2
 Version:	2.0.26
-Release:	3%{?dist}
+Release:	4%{?dist}
 Summary:	module implementing HTTP/2 for Apache 2
 License:	ASL 2.0
 URL:		https://icing.github.io/mod_h2/
 Source0:	https://github.com/icing/mod_h2/releases/download/v%{version}/mod_http2-%{version}.tar.gz
-# Patch1:       ...
+
+# https://issues.redhat.com/browse/RHEL-76413
+Patch1:         mod_http2-2.0.26-r1918628.patch
 
 # Security patches:
 #
@@ -55,6 +57,9 @@ echo "LoadModule proxy_http2_module modules/mod_proxy_http2.so" > %{buildroot}%{
 %{_httpd_moddir}/mod_proxy_http2.so
 
 %changelog
+* Mon Jan 27 2025 Luboš Uhliarik <luhliari@redhat.com> - 2.0.26-4
+- Resolves: RHEL-76413 - mod_proxy_http2 failures after CVE-2024-38477 fix
+
 * Tue Jul 09 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.0.26-3
 - Resolves: RHEL-45806 - mod_http2: DoS by null pointer in websocket
   over HTTP/2 (CVE-2024-36387)