From 622ad8fc2810794e02266e65c64bc5eba260a656 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20=C5=A0abata?= <contyk@redhat.com>
Date: Thu, 15 Oct 2020 19:55:30 +0200
Subject: [PATCH] RHEL 9.0.0 Alpha bootstrap

The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/mod_md#f7596f09e7e16418a6242f868039d6723133b00e
---
 .gitignore                              |  4 ++
 mod_md-2.0.8-state_dir.patch            | 23 ++++++
 mod_md-2.0.8-tolerate-missing-res.patch | 22 ++++++
 mod_md-2.2.6-warnfix.patch              | 11 +++
 mod_md.spec                             | 96 +++++++++++++++++++++++++
 sources                                 |  1 +
 6 files changed, 157 insertions(+)
 create mode 100644 mod_md-2.0.8-state_dir.patch
 create mode 100644 mod_md-2.0.8-tolerate-missing-res.patch
 create mode 100644 mod_md-2.2.6-warnfix.patch
 create mode 100644 mod_md.spec
 create mode 100644 sources

diff --git a/.gitignore b/.gitignore
index e69de29..569a318 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1,4 @@
+/mod_md-2.0.3.tar.gz
+/mod_md-2.0.8.tar.gz
+/mod_md-2.2.6.tar.gz
+/mod_md-2.2.7.tar.gz
diff --git a/mod_md-2.0.8-state_dir.patch b/mod_md-2.0.8-state_dir.patch
new file mode 100644
index 0000000..ba4e9c4
--- /dev/null
+++ b/mod_md-2.0.8-state_dir.patch
@@ -0,0 +1,23 @@
+
+Enable state_dir support for 2.4.x.
+
+--- mod_md-2.2.6/src/mod_md_config.c.state_dir
++++ mod_md-2.2.6/src/mod_md_config.c
+@@ -54,7 +54,7 @@
+ /* Default settings for the global conf */
+ static md_mod_conf_t defmc = {
+     NULL,                      /* list of mds */
+-#if AP_MODULE_MAGIC_AT_LEAST(20180906, 2)
++#if 1
+     NULL,                      /* base dirm by default state-dir-relative */
+ #else
+     MD_DEFAULT_BASE_DIR,
+@@ -1039,7 +1039,7 @@
+         mc->hsts_header = apr_psprintf(p, "max-age=%d", mc->hsts_max_age);
+     }
+ 
+-#if AP_MODULE_MAGIC_AT_LEAST(20180906, 2)
++#if 1
+     if (mc->base_dir == NULL) {
+         mc->base_dir = ap_state_dir_relative(p, MD_DEFAULT_BASE_DIR);
+     }
diff --git a/mod_md-2.0.8-tolerate-missing-res.patch b/mod_md-2.0.8-tolerate-missing-res.patch
new file mode 100644
index 0000000..37819cc
--- /dev/null
+++ b/mod_md-2.0.8-tolerate-missing-res.patch
@@ -0,0 +1,22 @@
+diff --git a/src/md_acme.c b/src/md_acme.c
+index d2cc00a..005a387 100644
+--- a/src/md_acme.c
++++ b/src/md_acme.c
+@@ -728,8 +728,15 @@ static apr_status_t update_directory(const md_http_response_t *res)
+         acme->api.v2.revoke_cert = md_json_dups(acme->p, json, "revokeCert", NULL);
+         acme->api.v2.key_change = md_json_dups(acme->p, json, "keyChange", NULL);
+         acme->api.v2.new_nonce = md_json_dups(acme->p, json, "newNonce", NULL);
+-        if (acme->api.v2.new_account && acme->api.v2.new_order 
+-            && acme->api.v2.revoke_cert && acme->api.v2.key_change
++        /* RFC 8555 only requires "directory" and "newNonce" resources.
++         * mod_md uses "newAccount" and "newOrder" so check for them.
++         * But mod_md does not use the "revokeCert" or "keyChange"
++         * resources, so tolerate the absense of those keys.  In the
++         * future if mod_md implements revocation or key rollover then
++         * the use of those features should be predicated on the
++         * server's advertised capabilities. */
++        if (acme->api.v2.new_account
++            && acme->api.v2.new_order
+             && acme->api.v2.new_nonce) {
+             acme->version = MD_ACME_VERSION_2;
+         }
diff --git a/mod_md-2.2.6-warnfix.patch b/mod_md-2.2.6-warnfix.patch
new file mode 100644
index 0000000..cc6d404
--- /dev/null
+++ b/mod_md-2.2.6-warnfix.patch
@@ -0,0 +1,11 @@
+--- mod_md-2.2.6/src/md_store_fs.c.warnfix
++++ mod_md-2.2.6/src/md_store_fs.c
+@@ -502,7 +502,7 @@
+             }
+         }
+     }
+-    md_log_perror(MD_LOG_MARK, MD_LOG_TRACE3, 0, p, "mk_group_dir %d %s", group, name);
++    md_log_perror(MD_LOG_MARK, MD_LOG_TRACE3, 0, p, "mk_group_dir %d %s", group, name ? name : "(none)");
+     return rv;
+ }
+ 
diff --git a/mod_md.spec b/mod_md.spec
new file mode 100644
index 0000000..1bc70c0
--- /dev/null
+++ b/mod_md.spec
@@ -0,0 +1,96 @@
+# Module Magic Number
+%{!?_httpd_mmn: %global _httpd_mmn %(cat %{_includedir}/httpd/.mmn 2>/dev/null || echo 0-0)}
+
+Name:           mod_md
+Version:        2.2.7
+Release:        4%{?dist}
+Summary:        Certificate provisioning using ACME for the Apache HTTP Server
+License:        ASL 2.0
+URL:            https://icing.github.io/mod_md/
+Source0:        https://github.com/icing/mod_md/releases/download/v%{version}/mod_md-%{version}.tar.gz
+Patch1:         mod_md-2.0.8-state_dir.patch
+Patch2:         mod_md-2.2.6-warnfix.patch
+Patch3:         mod_md-2.0.8-tolerate-missing-res.patch
+BuildRequires:  gcc
+BuildRequires:  pkgconfig, httpd-devel >= 2.4.41, openssl-devel >= 1.1.0, jansson-devel, libcurl-devel, xmlto
+Requires:       httpd-mmn = %{_httpd_mmn}, mod_ssl >= 1:2.4.41
+Conflicts:      httpd < 2.4.39-7
+Epoch:          1
+
+%description
+This module manages common properties of domains for one or more
+virtual hosts. Specifically it can use the ACME protocol to automate
+certificate provisioning.  Certificates will be configured for managed
+domains and their virtual hosts automatically, including at renewal.
+
+%prep
+%setup -q
+%patch1 -p1 -b .state_dir
+%patch2 -p1 -b .warnfix
+%patch3 -p1 -b .tol_missing_res
+
+%build
+%configure --with-apxs=%{_httpd_apxs}
+# remove rpath
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
+
+%make_build V=1
+
+%check
+%make_build check
+
+%install
+%make_install
+rm -rf %{buildroot}/etc/httpd/share/doc/
+
+# remove links and rename SO files
+rm -f %{buildroot}%{_httpd_moddir}/mod_md.so
+mv %{buildroot}%{_httpd_moddir}/mod_md.so.0.0.0 %{buildroot}%{_httpd_moddir}/mod_md.so
+
+# create configuration
+mkdir -p %{buildroot}%{_httpd_modconfdir}
+echo "LoadModule md_module modules/mod_md.so" > %{buildroot}%{_httpd_modconfdir}/01-md.conf
+
+%files
+%doc README.md ChangeLog AUTHORS
+%license LICENSE
+%config(noreplace) %{_httpd_modconfdir}/01-md.conf
+%{_httpd_moddir}/mod_md.so
+%{_bindir}/a2md
+%{_mandir}/man1/*
+
+%changelog
+* Fri Aug 28 2020 Joe Orton <jorton@redhat.com> - 1:2.2.7-4
+- use _httpd_apxs macro
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.2.7-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jun 23 2020 Alexander Bokovoy <abokovoy@redhat.com> - 1:2.2.7-2
+- mod_md does not work with ACME server that does not provide revokeCert or
+  keyChange resource (#1832841)
+
+* Tue Feb 11 2020 Joe Orton <jorton@redhat.com> - 1:2.2.7-1
+- update to 2.2.7
+
+* Fri Feb  7 2020 Joe Orton <jorton@redhat.com> - 1:2.2.6-1
+- update to 2.2.6 (#1799660)
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.0.8-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Fri Aug 30 2019 Joe Orton <jorton@redhat.com> - 1:2.0.8-4
+- require mod_ssl, update package description
+
+* Fri Aug 30 2019 Joe Orton <jorton@redhat.com> - 1:2.0.8-3
+- rebuild against 2.4.41
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.0.8-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Fri Jul 12 2019 Joe Orton <jorton@redhat.com> - 1:2.0.8-1
+- update to 2.0.8
+
+* Tue Jun 11 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.0.3-1
+- Initial import (#1719248).
diff --git a/sources b/sources
new file mode 100644
index 0000000..584f024
--- /dev/null
+++ b/sources
@@ -0,0 +1 @@
+SHA512 (mod_md-2.2.7.tar.gz) = 54b61977dc00582024ea8b5f996810d02852faa577c46595748ae7d1d764b05be771c29138c7d993ddc758dc8d658d36757e1bddfa375e3681fc17b01e58efbf