Recompiling CentOS's stock openssl
On Tue, Sep 21, 2010 at 04:17:54PM -0700, Al Sparks wrote:
> I'm running CentOS release 4.8.
> For security reasons, I have to modify openssl's ssl.h in /usr/include/openssl/.
> That's easy. But for the new settings to take effect, I have to recompile
> openssl. I do have openssl-devel installed.
> How do I recompile?
The right way to do this would be to get the openssl SRPM, create a
patch against the stock sources that modifies the .h file you need to
change and include that patch in the .spec file build process.
You'd then generate a custom RPM that would replace the stock RPM.
Of course, make sure you _really_ need to do this. You'll now need to
track security changes yourself.
CentOS mailing list