thr3ads.net - CentOS - [CentOS] Patching openssl rpms [Oct 2010]

If this information is useful, please help other people find it:
Share via:

Al Sparks

2010-Oct-01 01:14 UTC

[CentOS] Patching openssl rpms

Running CentOS release 5.5.

I'm trying to update or patch an SRPMS file, specifically 
openssl-0.9.8e-12.el5_4.6.src.rpm.

Basically, I'm trying to change one line in the source, in ssl/ssl.h.  I
create
a "diff ?u" file called openssl-ssl-h.patch.

I then edit the openssl.spec file, and add 2 lines to that in the appropriate 
place:

    Patch88: openssl-ssl-h.patch

And

    %patch88 -p1

I then do 
    rpmbuild -ba openssl.spec
and the last lines of output are:

   
   Patch #87 (openssl-fips-0.9.8e-cve-2009-3245.patch):
   + patch -p1 -b --suffix .wexpand -s
   + echo 'Patch #88 (openssl-ssl-h.patch):'
   Patch #88 (openssl-ssl-h.patch):
   + patch -p1 -s
   1 out of 1 hunk FAILED -- saving rejects to file ssl/ssl.h.rej
   error: Bad exit status from /var/tmp/rpm-tmp.52066 (%prep)

The ssl.h.rej file has:
    ***************
  *** 497,503 ****
    
    /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
     *             This used to be 0x000FFFFFL before 0.9.7. */
  - #define SSL_OP_ALL                                    0x00000FFFL
    
    /* DTLS options */
    #define SSL_OP_NO_QUERY_MTU                 0x00001000L
  --- 497,503 ----
    
    /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
     *             This used to be 0x000FFFFFL before 0.9.7. */
  + #define SSL_OP_ALL                                    
(0x00000FFFL^SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
    
    /* DTLS options */
    #define SSL_OP_NO_QUERY_MTU                 0x00001000L


How do I go about troubleshooting this?
    === Al

Joseph L. Casale

2010-Oct-01 01:37 UTC

head link

[CentOS] Patching openssl rpms

>I then edit the openssl.spec file, and add 2 lines to that in the
appropriate
>place:
>
>    Patch88: openssl-ssl-h.patch
>
>And
>
>    %patch88 -p1
/snip>How do I go about troubleshooting this?
Post the top lines in your patch file, are you certain "p1" is what
you need?
My bet is that it can't find the files to patch...

Patrick Lists

2010-Oct-01 02:02 UTC

head link

[CentOS] Patching openssl rpms

On 10/01/2010 03:14 AM, Al Sparks wrote:
[snip]>
> How do I go about troubleshooting this?
Judging from the high number (patch88) my guess is that a bunch of 
(backported) patches are applied first (which change a bunch of files). 
When your patch is up various files have changed such that your patch 
can no longer be applied because the source has changed too much.

Either you make your changes to the source tree + the Red Hat patches 
applied or have your patch applied earlier in the spec file and hope you 
don't break something.

Hope this makes sense.

Regards,
Patrick

Al Sparks

2010-Oct-02 00:19 UTC

head link

[CentOS] Patching openssl rpms

Here's the full output in a text file.
    === Al



----- Original Message ----
From: Al Sparks <data345 at yahoo.com>
To: Centos List <centos at centos.org>
Sent: Thu, September 30, 2010 5:14:51 PM
Subject: [CentOS] Patching openssl rpms

Running CentOS release 5.5.

I'm trying to update or patch an SRPMS file, specifically 
openssl-0.9.8e-12.el5_4.6.src.rpm.

Basically, I'm trying to change one line in the source, in ssl/ssl.h.  I
create
a "diff ?u" file called openssl-ssl-h.patch.

I then edit the openssl.spec file, and add 2 lines to that in the appropriate 
place:

    Patch88: openssl-ssl-h.patch

And

    %patch88 -p1

I then do 
    rpmbuild -ba openssl.spec
and the last lines of output are:

  
   Patch #87 (openssl-fips-0.9.8e-cve-2009-3245.patch):
   + patch -p1 -b --suffix .wexpand -s
   + echo 'Patch #88 (openssl-ssl-h.patch):'
   Patch #88 (openssl-ssl-h.patch):
   + patch -p1 -s
   1 out of 1 hunk FAILED -- saving rejects to file ssl/ssl.h.rej
   error: Bad exit status from /var/tmp/rpm-tmp.52066 (%prep)

The ssl.h.rej file has:
    ***************
  *** 497,503 ****
    
    /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
     *             This used to be 0x000FFFFFL before 0.9.7. */
  - #define SSL_OP_ALL                                    0x00000FFFL
    
    /* DTLS options */
    #define SSL_OP_NO_QUERY_MTU                 0x00001000L
  --- 497,503 ----
    
    /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
     *             This used to be 0x000FFFFFL before 0.9.7. */
  + #define SSL_OP_ALL                                    
(0x00000FFFL^SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
    
    /* DTLS options */
    #define SSL_OP_NO_QUERY_MTU                 0x00001000L


How do I go about troubleshooting this?
    === Al
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch-output
Type: application/octet-stream
Size: 6054 bytes
Desc: not available
URL:
<http://lists.centos.org/pipermail/centos/attachments/20101001/9fc470f0/attachment-0002.obj>

James Pearson

2010-Oct-02 10:05 UTC

head link

[CentOS] Patching openssl rpms

Al Sparks wrote:> Here's the full output in a text file.
Doesn't really help - post the patch file you are using

James Pearson

Maybe Matching Threads

Search for more maybe matching threads

CentOS - Oct 2010 - Patching openssl rpms

[CentOS] Patching openssl rpms

[CentOS] Patching openssl rpms

[CentOS] Patching openssl rpms

[CentOS] Patching openssl rpms

[CentOS] Patching openssl rpms

Maybe Matching Threads