> Dividing up the patch proved to be a challenge but was the right thing to do.
Many thanks for doing this! Can you please fix the "Origin: http://dl.fedoraproject.org/pub/fedora/linux/development" fields still? They should point to a particular patch in a place like http://pkgs.fedoraproject.org/cgit/rpms/openssl.git/tree/, but that does not have "openssl-1.0.2g-fips-ctor.patch", only "openssl-1.0.2a-fips- ctor.patch". Although the patch there is almost identical, except for some patch header noise. So I suppose pointing to those is fine (bonus points if you just add the DEP-3 patch header but otherwise leave the patch intact, but that's not a biggie). But e. g. your openssl-1.0.2g-fips-ec.patch has quite a lot of changes compared to http://pkgs.fedoraproject.org/cgit/rpms/openssl.git/plain/openssl-1.0 .2a-fips-ec.patch (Note, Ubuntu modifications should go into openssl-1.0 .2g-ubuntu-fips-cleanup.patch). Same for http://pkgs.fedoraproject.org/cgit/rpms/openssl.git/plain/openssl-1.0 .2f-new-fips-reqs.patch. Current Fedora rawhide's package is openssl1.0.2g as well, just like our's, so these patches ought to be identical? Maybe you took them from a different branch, but the Fedora 24 version http://pkgs.fedoraproject.org/cgit/rpms/openssl.git/plain/openssl-1.0 .2f-new-fips-reqs.patch?h=f24 is also different than your's. > Weird, but the fedora patches were not independent of each other. That's quite normal, and it would actually be a surprise if patches that are this big were independent. I'll upload this now so that we can see the autopkgtests against this version, and we have at least a few days of testing this in the wild before the final release. But please still clean up the patches as above (Origin: and patches differing from Fedora) with a follow-up upload. Thanks for bearing with me! ** Changed in: openssl (Ubuntu) Status: Incomplete => In Progress ** Changed in: openssl (Ubuntu) Assignee: (unassigned) => Joy Latten (j-latten) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553309 Title: [FFe]: Include FIPS 140-2 into openssl package To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1553309/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs