dpkg-source: error: diff 'openssl/debian/patches/pr12272.patch' patches files multiple times; split the diff in multiple files or merge the hunks into a single one

I split 'pr12272.patch' into one file per commit, and I did a diff to ensure that there is no changes to the code:

https://paste.ubuntu.com/p/zDqqXmsM8c/

When using these split up patches "dpkg-buildpackage -d -S" completes successfully.

Attached is a debdiff for impish which fixes this problem.

Attached is a debdiff for openssl on hirsute which fixes this problem.

Attached is a debdiff for openssl on groovy, which fixes this issue, and also bug 1926254

Attached is a V2 for impish which correctly has d/p/ in the debian/changelog.

Attached is a V2 for hirsute which correctly has d/p/ in the debian/changelog.

The attachment "debdiff for openssl on groovy" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

uploaded to g/h/i, thanks!

I also added block-proposed-hirsute tag, since it's a build-time-only problem and doesn't need to get moved to hirsute-updates until (if) another openssl patch comes along.

Hello Dan, or anyone else affected,

Accepted openssl into hirsute-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openssl/1.1.1j-1ubuntu3.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-hirsute to verification-done-hirsute. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-hirsute. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Dan, or anyone else affected,

Accepted openssl into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openssl/1.1.1f-1ubuntu4.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-groovy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

All autopkgtests for the newly accepted openssl (1.1.1j-1ubuntu3.1) for hirsute have finished running.
The following regressions have been reported in tests triggered by the package:

serf/1.3.9-10 (s390x)
qcalcfilehash/1.0.7+git20200816.1eb8770-2 (s390x)
cockpit/238-1 (arm64)
scapy/2.4.4-4ubuntu1 (ppc64el, amd64, armhf, arm64)
ngircd/26.1-1 (arm64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/hirsute/update_excuses.html#openssl

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

All autopkgtests for the newly accepted openssl (1.1.1f-1ubuntu4.4) for groovy have finished running.
The following regressions have been reported in tests triggered by the package:

libcrypt-ssleay-perl/0.73.06-1build3 (arm64)
resource-agents/1:4.6.1-1ubuntu2 (s390x)
puma/3.12.4-1ubuntu2 (arm64)
uftp/4.10.2-1 (amd64)
python3.8/3.8.6-1ubuntu0.2 (arm64)
ecflow/5.5.1-1 (s390x)
python3.9/3.9.0-5 (amd64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/groovy/update_excuses.html#openssl

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

ubuntu@lp1927161-h:~$ pull-lp-source openssl hirsute
...
ubuntu@lp1927161-h:~$ cd openssl-1.1.1j/
ubuntu@lp1927161-h:~/openssl-1.1.1j$ dpkg-parsechangelog | grep Version
Version: 1.1.1j-1ubuntu3.1
ubuntu@lp1927161-h:~/openssl-1.1.1j$ quilt pop -a
ubuntu@lp1927161-h:~/openssl-1.1.1j$ dpkg-buildpackage -d -S
dpkg-buildpackage: info: source package openssl
dpkg-buildpackage: info: source version 1.1.1j-1ubuntu3.1
dpkg-buildpackage: info: source distribution hirsute
dpkg-buildpackage: info: source changed by Matthew Ruffell <email address hidden>
...
dpkg-buildpackage: info: binary and diff upload (original source NOT included)

ubuntu@lp1927161-g:~$ pull-lp-source openssl groovy
...
ubuntu@lp1927161-g:~$ cd openssl-1.1.1f/
ubuntu@lp1927161-g:~/openssl-1.1.1f$ dpkg-parsechangelog | grep Version
Version: 1.1.1f-1ubuntu4.4
ubuntu@lp1927161-g:~/openssl-1.1.1f$ quilt pop -a
...
ubuntu@lp1927161-g:~/openssl-1.1.1f$ dpkg-buildpackage -d -S
dpkg-buildpackage: info: source package openssl
dpkg-buildpackage: info: source version 1.1.1f-1ubuntu4.4
dpkg-buildpackage: info: source distribution groovy
dpkg-buildpackage: info: source changed by Matthew Ruffell <email address hidden>
...
dpkg-buildpackage: info: binary and diff upload (original source NOT included)

The only autopkgtests still failing are for 'scapy', those fail due to bug 1928081 and there is an upload of scapy in the queue to fix that

This bug was fixed in the package openssl - 1.1.1j-1ubuntu4

---------------
openssl (1.1.1j-1ubuntu4) impish; urgency=medium

  * Split d/p/pr12272.patch into multiple patchfiles to fix dpkg-source
    error when attempting to build a source package, due to pr12272.patch
    patching files multiple times within the same patch. (LP: #1927161)
    - d/p/lp-1927161-1-x86-Add-endbranch-to-indirect-branch-targets-fo.patch
    - d/p/lp-1927161-2-Use-swapcontext-for-Intel-CET.patch
    - d/p/lp-1927161-3-x86-Always-generate-note-gnu-property-section-f.patch
    - d/p/lp-1927161-4-x86_64-Always-generate-note-gnu-property-sectio.patch
    - d/p/lp-1927161-5-x86_64-Add-endbranch-at-function-entries-for-In.patch

 -- Matthew Ruffell <email address hidden> Wed, 05 May 2021 11:49:27 +1200

The verification of the Stable Release Update for openssl has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package openssl - 1.1.1f-1ubuntu4.4

---------------
openssl (1.1.1f-1ubuntu4.4) groovy; urgency=medium

  * Allow x509 certificates which set basicConstraints=CA:FALSE,pathlen:0
    to validate, as it is common on self-signed leaf certificates.
    (LP: #1926254)
    - d/p/lp-1926254-1-Allow-certificates-with-Basic-Constraints-CA-fa.patch
    - d/p/lp-1926254-2-Set-X509_V_ERR_INVALID_EXTENSION-error-for-inva.patch
    - d/p/lp-1926254-3-Add-test-cases-for-the-non-CA-certificate-with-.patch
  * Split d/p/pr12272.patch into multiple patchfiles to fix dpkg-source
    error when attempting to build a source package, due to pr12272.patch
    patching files multiple times within the same patch. (LP: #1927161)
    - d/p/lp-1927161-1-x86-Add-endbranch-to-indirect-branch-targets-fo.patch
    - d/p/lp-1927161-2-Use-swapcontext-for-Intel-CET.patch
    - d/p/lp-1927161-3-x86-Always-generate-note-gnu-property-section-f.patch
    - d/p/lp-1927161-4-x86_64-Always-generate-note-gnu-property-sectio.patch
    - d/p/lp-1927161-5-x86_64-Add-endbranch-at-function-entries-for-In.patch

 -- Matthew Ruffell <email address hidden> Wed, 05 May 2021 12:13:30 +1200

I am quite surprised by this behaviour.

Especially since, `quilt push -a; debuild -S` works find, unpacks fine, applies fine etc.

Quite a weird limitation imho. Do you think this warrants an upstream dpkg bug report?

> I am quite surprised by this behaviour.

I'm not, I hit it all the time with git-style multiple patches in one file. I always split them into multiple files now.

multiple patches shouldn't ever be cat'ed into a single file; that is awful. One patch file per actual patch.

This fails because quilt allows fuzz, while dpkg-source doesn't, and it shouldn't.

Hello Dan, or anyone else affected,

Accepted openssl into hirsute-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/openssl/1.1.1j-1ubuntu3.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-hirsute to verification-done-hirsute. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-hirsute. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

All autopkgtests for the newly accepted openssl (1.1.1j-1ubuntu3.2) for hirsute have finished running.
The following regressions have been reported in tests triggered by the package:

ruby-eventmachine/1.3~pre20201020-b50c135-2 (amd64)
scapy/2.4.4-4ubuntu1 (armhf, amd64, arm64, ppc64el)
python-a38/0.1.3-1 (armhf, amd64, s390x, arm64, ppc64el)
xmltooling/3.2.0-2 (amd64, arm64, s390x, ppc64el, armhf)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/hirsute/update_excuses.html#openssl

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

This bug was fixed in the package openssl - 1.1.1j-1ubuntu3.2

---------------
openssl (1.1.1j-1ubuntu3.2) hirsute; urgency=medium

  * Cherry-pick an upstream patch to fix s390x AES code (LP: #1931994)

openssl (1.1.1j-1ubuntu3.1) hirsute; urgency=medium

  * Split d/p/pr12272.patch into multiple patchfiles to fix dpkg-source
    error when attempting to build a source package, due to pr12272.patch
    patching files multiple times within the same patch. (LP: #1927161)
    - d/p/lp-1927161-1-x86-Add-endbranch-to-indirect-branch-targets-fo.patch
    - d/p/lp-1927161-2-Use-swapcontext-for-Intel-CET.patch
    - d/p/lp-1927161-3-x86-Always-generate-note-gnu-property-section-f.patch
    - d/p/lp-1927161-4-x86_64-Always-generate-note-gnu-property-sectio.patch
    - d/p/lp-1927161-5-x86_64-Add-endbranch-at-function-entries-for-In.patch

 -- Simon Chopin <email address hidden> Fri, 23 Jul 2021 14:32:42 +0200