diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..d07fd97
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/mod_auth_gssapi-1.6.3.tar.gz
diff --git a/.mod_auth_gssapi.metadata b/.mod_auth_gssapi.metadata
new file mode 100644
index 0000000..e562112
--- /dev/null
+++ b/.mod_auth_gssapi.metadata
@@ -0,0 +1 @@
+7ee7ca772b2fbfedbb98a7dc59edeb7bede27bf0 SOURCES/mod_auth_gssapi-1.6.3.tar.gz
diff --git a/SOURCES/crypto-Handle-EVP-changes-in-OpenSSL-3.patch b/SOURCES/crypto-Handle-EVP-changes-in-OpenSSL-3.patch
new file mode 100644
index 0000000..b0774f4
--- /dev/null
+++ b/SOURCES/crypto-Handle-EVP-changes-in-OpenSSL-3.patch
@@ -0,0 +1,36 @@
+From 74fd6dc6c3ba65e48c625d4724878721c46a5e6f Mon Sep 17 00:00:00 2001
+From: Robbie Harwood <rharwood@redhat.com>
+Date: Tue, 24 Aug 2021 15:04:13 -0400
+Subject: [PATCH] crypto: Handle EVP changes in OpenSSL 3
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+OpenSSL 3 changes the padding behavior of EVP_DecryptFinal_ex(), which
+causes our decryption to fail.  It is the opnion of the OpenSSL
+developers that mod_auth_gssapi's use of this function was incorrect.
+
+Patch suggested by Tomáš Mráz.
+
+Related: https://github.com/openssl/openssl/issues/16351
+
+Signed-off-by: Robbie Harwood <rharwood@redhat.com>
+(cherry picked from commit 06d1f7d36d2455747e6e8231d28e6524ea1181f1)
+(cherry picked from commit 915a3d7fca3beefadd751562abe2d481354a2a9c)
+---
+ src/crypto.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/crypto.c b/src/crypto.c
+index 3f372a0..b3f7fd9 100644
+--- a/src/crypto.c
++++ b/src/crypto.c
+@@ -262,7 +262,7 @@ apr_status_t UNSEAL_BUFFER(apr_pool_t *p, struct seal_key *skey,
+ 
+     totlen += outlen;
+     outlen = plain->length - totlen;
+-    ret = EVP_DecryptFinal_ex(ctx, plain->value, &outlen);
++    ret = EVP_DecryptFinal_ex(ctx, plain->value + totlen, &outlen);
+     if (ret == 0) goto done;
+ 
+     totlen += outlen;
diff --git a/SPECS/mod_auth_gssapi.spec b/SPECS/mod_auth_gssapi.spec
new file mode 100644
index 0000000..3f5b292
--- /dev/null
+++ b/SPECS/mod_auth_gssapi.spec
@@ -0,0 +1,205 @@
+Name:           mod_auth_gssapi
+Version:        1.6.3
+Release:        7%{?dist}
+Summary:        A GSSAPI Authentication module for Apache
+
+License:        MIT
+URL:            https://github.com/gssapi/mod_auth_gssapi
+Source0:        https://github.com/gssapi/%{name}/releases/download/v%{version}/%name-%{version}.tar.gz
+
+BuildRequires:  httpd-devel, krb5-devel, openssl-devel
+BuildRequires:  autoconf, automake, libtool, bison, flex, make
+BuildRequires:  git
+Requires:       httpd-mmn = %{_httpd_mmn}
+Requires:       krb5-libs >= 1.11.5
+
+Patch0: crypto-Handle-EVP-changes-in-OpenSSL-3.patch
+
+# If you're reading this: NTLM is insecure.  Migrate off it.
+%if 0%{?rhel}
+%else
+BuildRequires: gssntlmssp-devel
+%endif
+
+%description
+The mod_auth_gssapi module is an authentication service that implements the
+SPNEGO based HTTP Authentication protocol defined in RFC4559.
+
+%prep
+%autosetup -S git_am
+
+%build
+export APXS=%{_httpd_apxs}
+autoreconf -fi
+%configure
+make %{?_smp_mflags}
+
+%install
+mkdir -p %{buildroot}%{_httpd_moddir}
+install -m 755 src/.libs/%{name}.so %{buildroot}%{_httpd_moddir}
+
+# Apache configuration for the module
+echo "LoadModule auth_gssapi_module modules/mod_auth_gssapi.so" > 10-auth_gssapi.conf
+mkdir -p %{buildroot}%{_httpd_modconfdir}
+install -m 644 10-auth_gssapi.conf %{buildroot}%{_httpd_modconfdir}
+
+%files
+%doc
+%defattr(-,root,root)
+%doc README COPYING
+%config(noreplace) %{_httpd_modconfdir}/10-auth_gssapi.conf
+%{_httpd_moddir}/mod_auth_gssapi.so
+
+%changelog
+* Wed Aug 25 2021 Robbie Harwood <rharwood@redhat.com> - 1.6.3-7
+- crypto: Handle EVP changes in OpenSSL 3
+- Resolves: #1992648
+
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.6.3-6
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.6.3-5
+- Rebuilt for RHEL 9 BETA for openssl 3.0
+  Related: rhbz#1971065
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.6.3-4
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Tue Mar 16 2021 Robbie Harwood <rharwood@redhat.com> - 1.6.3-3
+- Build dep adjustments; no Fedora code changes
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Wed Aug 05 2020 Robbie Harwood <rharwood@redhat.com> - 1.6.3-1
+- New upstream release (1.6.3)
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Mon Apr 27 2020 Robbie Harwood <rharwood@redhat.com> - 1.6.2-1
+- New upstream release (1.6.2)
+- Resolves: #1828142
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.1-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.1-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Mon Mar 18 2019 Robbie Harwood <rharwood@redhat.com> - 1.6.1-6
+- Test suite fixes for virtualenv and clang
+
+* Tue Feb 19 2019 Robbie Harwood <rharwood@redhat.com> - 1.6.1-5
+- Fix integer sizes used with ap_set_flag_slot()
+- Resolves: #1678872
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Jan 03 2019 Robbie Harwood <rharwood@redhat.com> - 1.6.1-3
+- Fix tests to work with python3
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Mon Apr 23 2018 Robbie Harwood <rharwood@redhat.com> - 1.6.1-1
+- Release 1.6.1
+- Resolves: #1570271
+
+* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.6.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Mon Nov 06 2017 Robbie Harwood <rharwood@redhat.com> - 1.6.0-1
+- Release 1.6.0
+
+* Fri Oct 27 2017 Robbie Harwood <rharwood@redhat.com> - 1.5.1-6
+- Document gssapi-no-negotiate
+
+* Tue Oct 03 2017 Robbie Harwood <rharwood@redhat.com> - 1.5.1-5
+- Handle extra large NSS entries
+- Resolves: #1498175
+
+* Mon Oct 02 2017 Robbie Harwood <rharwood@redhat.com> - 1.5.1-4
+- Allow admins to selectively suppress negotiation
+- Migrate to autosetup
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Thu Mar  9 2017 Simo Sorce <simo@redhat.com> - 1.5.1-1
+- Korabl-Sputnik 4 launch (1.5.1)
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Mon Jan 16 2017 Simo Sorce <simo@redhat.com> - 1.5.0-1
+- Last listoff of Space Shuttle Columbia release (1.5.0)
+
+* Mon Nov 14 2016 Joe Orton <jorton@redhat.com> - 1.4.1-2
+- rebuild for new OpenSSL
+
+* Mon Aug 15 2016 Robbie Harwood <rharwood@redhat.com> 1.4.1-1
+- Mishka & Chizhik fly on a rocket release (1.4.1)
+- Fix bogus changelog date
+
+* Fri Jun 17 2016 Simo Sorce <simo@redhat.com> 1.4.0-1
+- Lunar Reconnaissance Orbiter (2009) release (1.4.0)
+
+* Mon Feb 22 2016 Simo Sorce <simo@redhat.com> 1.3.2-1
+- NEAR Shoemaker launch (1996) release (1.3.2)
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.3.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Thu Sep  3 2015 Simo Sorce <simo@redhat.com> 1.3.1-1
+- Viking 2 landing (1976) release (1.3.1)
+
+* Tue Jul  7 2015 Simo Sorce <simo@redhat.com> 1.3.0-2
+- Fix annoying incorrect behavior with simple configuration where
+  GssapiAllowedMech is not used.
+
+* Sat Jul  4 2015 Simo Sorce <simo@redhat.com> 1.3.0-1
+- US Independence Day Release
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Tue Apr 21 2015 Simo Sorce <simo@redhat.com> 1.2.0-1
+- New minor release 1.2.0
+- Adds delegation support on Basic Auth
+- Response fix, send last auth token on successful auth
+
+* Tue Mar 31 2015 Simo Sorce <simo@redhat.com> 1.1.0-3
+- Fix some authentication issues
+
+* Thu Mar 26 2015 Simo Sorce <simo@redhat.com> 1.1.0-2
+- Fix saving delegated credentials for SPNs
+
+* Thu Mar 12 2015 Simo Sorce <simo@redhat.com> 1.1.0-1
+- New minor release 1.1.0
+- New feature: Basic Auth support
+- Improvements: Better crypto for sesison cookies
+
+* Sat Nov  8 2014 Simo Sorce <simo@redhat.com> 1.0.4-1
+- Patch release 1.0.4
+- logging initialization fixes
+- additional build fixes
+
+* Sat Oct 11 2014 Simo Sorce <simo@redhat.com> 1.0.3-1
+- Patch release 1.0.3
+- fixes some build issues on various distros
+
+* Wed Aug 27 2014 Simo Sorce <simo@redhat.com> 1.0.2-1
+- Adds documntation to README
+- fixes bad bug that crippled configuration
+
+* Thu Aug 14 2014 Simo Sorce <simo@redhat.com> 1.0.1-1
+- Patch release 1.0.1
+
+* Mon Aug  4 2014 Simo Sorce <simo@redhat.com> 1.0.0-1
+- First release