From c38b1d9b5a48b606135a4b9e566261b9186ee30e Mon Sep 17 00:00:00 2001
From: Jan Kaluza <jkaluza@redhat.com>
Date: Mar 03 2014 12:06:34 +0000
Subject: fix graceful restart using legacy actions


- Create drop directory for systemd snippets
- use 2048-bit RSA key with SHA-256 signature in dummy certificate

---

diff --git a/action-graceful.sh b/action-graceful.sh
index 3d28f0e..dc68b2e 100644
--- a/action-graceful.sh
+++ b/action-graceful.sh
@@ -1,2 +1,2 @@
 #!/bin/sh
-exec /sbin/apachectl -k graceful "$@"
+exec /sbin/apachectl graceful "$@"
diff --git a/httpd.spec b/httpd.spec
index 4bd92e8..587dfc5 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -15,7 +15,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.4.7
-Release: 2%{?dist}
+Release: 3%{?dist}
 URL: http://httpd.apache.org/
 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: index.html
@@ -293,6 +293,11 @@ for f in 00-base.conf 00-mpm.conf 00-lua.conf 01-cgi.conf 00-dav.conf \
         $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/$f
 done
 
+# install systemd override drop directory
+# Web application packages can drop snippets into this location if
+# they need ExecStart[pre|post].
+mkdir $RPM_BUILD_ROOT%{_unitdir}/httpd.service.d
+
 for f in welcome.conf ssl.conf manual.conf userdir.conf; do
   install -m 644 -p $RPM_SOURCE_DIR/$f \
         $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
@@ -465,7 +470,7 @@ if [ -f %{sslkey} -o -f %{sslcert} ]; then
    exit 0
 fi
 
-%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 1024 > %{sslkey} 2> /dev/null
+%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > %{sslkey} 2> /dev/null
 
 FQDN=`hostname`
 if [ "x${FQDN}" = "x" ]; then
@@ -473,7 +478,7 @@ if [ "x${FQDN}" = "x" ]; then
 fi
 
 cat << EOF | %{_bindir}/openssl req -new -key %{sslkey} \
-         -x509 -days 365 -set_serial $RANDOM -extensions v3_req \
+         -x509 -sha256 -days 365 -set_serial $RANDOM -extensions v3_req \
          -out %{sslcert} 2>/dev/null
 --
 SomeState
@@ -571,6 +576,7 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/*
 
 %{_unitdir}/*.service
+%attr(755,root,root) %dir %{_unitdir}/httpd.service.d
 
 %files tools
 %defattr(-,root,root)
@@ -621,6 +627,11 @@ rm -rf $RPM_BUILD_ROOT
 %{_sysconfdir}/rpm/macros.httpd
 
 %changelog
+* Thu Feb 20 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.7-3
+- fix graceful restart using legacy actions
+- Create drop directory for systemd snippets
+- use 2048-bit RSA key with SHA-256 signature in dummy certificate
+
 * Thu Dec 12 2013 Joe Orton <jorton@redhat.com> - 2.4.7-2
 - conflict with pre-1.5.0 APR
 - fix sslsninotreq patch