[CentOS] Patching openssl rpms

Fri Oct 1 01:14:51 UTC 2010
Al Sparks <data345 at yahoo.com>

Running CentOS release 5.5.

I'm trying to update or patch an SRPMS file, specifically 
openssl-0.9.8e-12.el5_4.6.src.rpm.

Basically, I'm trying to change one line in the source, in ssl/ssl.h.  I create 
a "diff –u" file called openssl-ssl-h.patch.

I then edit the openssl.spec file, and add 2 lines to that in the appropriate 
place:

    Patch88: openssl-ssl-h.patch

And

    %patch88 -p1

I then do 
    rpmbuild -ba openssl.spec
and the last lines of output are:

   
   Patch #87 (openssl-fips-0.9.8e-cve-2009-3245.patch):
   + patch -p1 -b --suffix .wexpand -s
   + echo 'Patch #88 (openssl-ssl-h.patch):'
   Patch #88 (openssl-ssl-h.patch):
   + patch -p1 -s
   1 out of 1 hunk FAILED -- saving rejects to file ssl/ssl.h.rej
   error: Bad exit status from /var/tmp/rpm-tmp.52066 (%prep)

The ssl.h.rej file has:
    ***************
  *** 497,503 ****
    
    /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
     *             This used to be 0x000FFFFFL before 0.9.7. */
  - #define SSL_OP_ALL                                    0x00000FFFL
    
    /* DTLS options */
    #define SSL_OP_NO_QUERY_MTU                 0x00001000L
  --- 497,503 ----
    
    /* SSL_OP_ALL: various bug workarounds that should be rather harmless.
     *             This used to be 0x000FFFFFL before 0.9.7. */
  + #define SSL_OP_ALL                                    
(0x00000FFFL^SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
    
    /* DTLS options */
    #define SSL_OP_NO_QUERY_MTU                 0x00001000L


How do I go about troubleshooting this?
    === Al