diff --git a/0006-fix-compilation-error-by-adding-stdint.h.patch b/0006-fix-compilation-error-by-adding-stdint.h.patch
deleted file mode 100644
index 7e9a923..0000000
--- a/0006-fix-compilation-error-by-adding-stdint.h.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 831a9ea232f128c13c36066a704f6ccafa335244 Mon Sep 17 00:00:00 2001
-From: Nirmoy Das <ndas@suse.de>
-Date: Tue, 5 Sep 2017 11:17:16 +0200
-Subject: [PATCH] fix compilation error by adding stdint.h
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-error:
-utils/utils/memory.h:99:15: error: ‘uintptr_t’ undeclared (first use in this function); did you mean ‘__intptr_t’?
-  for (i = 0; (uintptr_t)&c[i] % sizeof(long) && i < n; i++)
-               ^~~~~~~~~
-               __intptr_t
----
- src/libstrongswan/utils/utils/memory.h | 2 ++
- 1 file changed, 2 insertions(+)
-
-Index: strongswan-5.6.2/src/libstrongswan/utils/utils/memory.h
-===================================================================
---- strongswan-5.6.2.orig/src/libstrongswan/utils/utils/memory.h	2017-08-14 08:48:41.000000000 +0200
-+++ strongswan-5.6.2/src/libstrongswan/utils/utils/memory.h	2018-04-17 16:53:57.590335103 +0200
-@@ -22,6 +22,8 @@
- #ifndef MEMORY_H_
- #define MEMORY_H_
- 
-+#include <stdint.h>
-+
- /**
-  * Helper function that compares two binary blobs for equality
-  */
diff --git a/strongswan.changes b/strongswan.changes
index 476e2b0..0967b92 100644
--- a/strongswan.changes
+++ b/strongswan.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Thu Jan 30 13:43:50 UTC 2020 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Drop upstream fixed patches:
+  * strongswan_modprobe_syslog.patch
+  * strongswan_fipsfilter.patch
+  * 0006-fix-compilation-error-by-adding-stdint.h.patch
+
 -------------------------------------------------------------------
 Sun Jan 26 08:54:01 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
 
diff --git a/strongswan.spec b/strongswan.spec
index d4a0ca6..740769e 100644
--- a/strongswan.spec
+++ b/strongswan.spec
@@ -75,17 +75,12 @@ Source5:        %{name}.keyring
 Source6:        fipscheck.sh.in
 Source7:        fips-enforce.conf
 %endif
-# Needs rebase
-Patch1:         %{name}_modprobe_syslog.patch
 Patch2:         %{name}_ipsec_service.patch
 %if %{with fipscheck}
 Patch3:         %{name}_fipscheck.patch
-# Patch4 needs rebase, file it patches no longer exists in tarball.
-Patch4:         %{name}_fipsfilter.patch
 %endif
 Patch5:         0005-ikev1-Don-t-retransmit-Aggressive-Mode-response.patch
-# Needs rebase
-Patch6:         0006-fix-compilation-error-by-adding-stdint.h.patch
+
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  bison
 BuildRequires:  curl-devel
@@ -257,17 +252,11 @@ and the load testing plugin for IKEv2 daemon.
 
 %prep
 %setup -q -n %{name}-%{upstream_version}
-# Needs rebase, file it patches no longer exists.
-#patch1 -p1
 %patch2 -p1
 %if %{with fipscheck}
 %patch3 -p1
-# Needs rebase, file it patches no longer exists.
-#patch4 -p1
 %endif
 %patch5 -p1
-# Needs rebase.
-#patch6 -p1
 sed -e 's|@libexecdir@|%_libexecdir|g'    \
      < %{_sourcedir}/strongswan.init.in \
      > strongswan.init
diff --git a/strongswan_fipsfilter.patch b/strongswan_fipsfilter.patch
deleted file mode 100644
index f523913..0000000
--- a/strongswan_fipsfilter.patch
+++ /dev/null
@@ -1,283 +0,0 @@
-From 8f3f1bd6907df8221a93c849ed4b43474444e13b Mon Sep 17 00:00:00 2001
-From: Marius Tomaschewski <mt@suse.de>
-Date: Mon, 5 Jan 2015 14:57:39 +0100
-Subject: [PATCH] strongswan: filter algorithms for fips mode
-
-References: fate#316931,bnc#856322
-
-From 818cd5f1b6455237a82f385b60a2513cdd9c5eef Mon Sep 17 00:00:00 2001
-From: Nirmoy Das <ndas@suse.de>
-Date: Mon, 17 Jul 2017 15:15:14 +0200
-Subject: [PATCH] strongswan_fipsfilter
-
----
- src/libcharon/config/proposal.c | 184 +++++++++++++++++++++++++++++++++++-----
- 1 file changed, 165 insertions(+), 19 deletions(-)
-
-diff --git a/src/libcharon/config/proposal.c b/src/libcharon/config/proposal.c
-index 6c71f78..0640140 100644
---- a/src/libcharon/config/proposal.c
-+++ b/src/libcharon/config/proposal.c
-@@ -27,6 +27,11 @@
- #include <crypto/prfs/prf.h>
- #include <crypto/crypters/crypter.h>
- #include <crypto/signers/signer.h>
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+#include <fcntl.h>
-+#include <unistd.h>
-+#include <errno.h>
- 
- ENUM(protocol_id_names, PROTO_NONE, PROTO_IPCOMP,
- 	"PROTO_NONE",
-@@ -190,6 +195,122 @@ METHOD(proposal_t, strip_dh, void,
- 	enumerator->destroy(enumerator);
- }
- 
-+static bool kernel_fips_enabled(void)
-+{
-+	char buf[1] = { '\0' };
-+	int fd;
-+
-+	fd = open("/proc/sys/crypto/fips_enabled", O_RDONLY);
-+	if (fd >= 0) {
-+		while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR);
-+		close(fd);
-+	}
-+	return buf[0] == '1';
-+}
-+
-+static bool fips_enabled(void)
-+{
-+	static int enabled = -1;
-+	if (enabled == -1)
-+		enabled = kernel_fips_enabled();
-+	return enabled;
-+}
-+
-+static bool fips_filter(protocol_id_t protocol, transform_type_t type, u_int16_t alg)
-+{
-+	switch (protocol)
-+	{
-+		case PROTO_IKE:
-+		case PROTO_ESP:
-+		case PROTO_AH:
-+			break;
-+		default:
-+			/* not applicable protocol */
-+			return TRUE;
-+	}
-+
-+	switch (type)
-+	{
-+		case ENCRYPTION_ALGORITHM:
-+			switch (alg)
-+			{
-+				/* crypter */
-+				case ENCR_3DES:
-+				case ENCR_AES_CBC:
-+				case ENCR_AES_CTR:
-+				/* aead */
-+				case ENCR_AES_GCM_ICV8:
-+				case ENCR_AES_GCM_ICV12:
-+				case ENCR_AES_GCM_ICV16:
-+				case ENCR_AES_CCM_ICV8:
-+				case ENCR_AES_CCM_ICV12:
-+				case ENCR_AES_CCM_ICV16:
-+					return TRUE;
-+				default:
-+					break;
-+			}
-+			break;
-+		case INTEGRITY_ALGORITHM:
-+			switch (alg)
-+			{
-+				case AUTH_HMAC_SHA1_96:
-+				case AUTH_HMAC_SHA1_160:
-+				case AUTH_HMAC_SHA2_256_96:
-+				case AUTH_HMAC_SHA2_256_128:
-+				case AUTH_HMAC_SHA2_384_192:
-+				case AUTH_HMAC_SHA2_512_256:
-+				case AUTH_AES_CMAC_96:
-+					return TRUE;
-+				default:
-+					break;
-+			}
-+			break;
-+		case PSEUDO_RANDOM_FUNCTION:
-+			switch (alg)
-+			{
-+				case PRF_HMAC_SHA1:
-+				case PRF_HMAC_SHA2_256:
-+				case PRF_HMAC_SHA2_384:
-+				case PRF_HMAC_SHA2_512:
-+				case PRF_AES128_CMAC:
-+					return TRUE;
-+				default:
-+					break;
-+			}
-+			break;
-+		case DIFFIE_HELLMAN_GROUP:
-+			switch (alg)
-+			{
-+				case MODP_2048_BIT:
-+				case MODP_3072_BIT:
-+				case MODP_4096_BIT:
-+				case MODP_8192_BIT:
-+				case MODP_2048_224:
-+				case MODP_2048_256:
-+				case ECP_224_BIT:
-+				case ECP_256_BIT:
-+				case ECP_384_BIT:
-+				case ECP_521_BIT:
-+					return TRUE;
-+				default:
-+					break;
-+			}
-+			break;
-+		case EXTENDED_SEQUENCE_NUMBERS:
-+			switch (alg)
-+			{
-+				case EXT_SEQ_NUMBERS:
-+				case NO_EXT_SEQ_NUMBERS:
-+					return TRUE;
-+				default:
-+					break;
-+			}
-+		default:
-+			break;
-+	}
-+	return !fips_enabled();
-+}
-+
- /**
-  * Select a matching proposal from this and other, insert into selected.
-  */
-@@ -611,6 +732,11 @@ static bool add_string_algo(private_proposal_t *this, const char *alg)
- 		return FALSE;
- 	}
- 
-+	if (!fips_filter(this->protocol, token->type, token->algorithm))
-+	{
-+		DBG1(DBG_CFG, "algorithm '%s' not permitted in fips mode", alg);
-+		return FALSE;
-+	}
- 	add_algorithm(this, token->type, token->algorithm, token->keysize);
- 
- 	return TRUE;
-@@ -753,6 +879,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead)
- 		enumerator = lib->crypto->create_aead_enumerator(lib->crypto);
- 		while (enumerator->enumerate(enumerator, &encryption, &plugin_name))
- 		{
-+			if (!fips_filter(PROTO_IKE, ENCRYPTION_ALGORITHM, encryption))
-+				continue;
-+
- 			switch (encryption)
- 			{
- 				case ENCR_AES_GCM_ICV16:
-@@ -806,6 +935,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead)
- 		enumerator = lib->crypto->create_crypter_enumerator(lib->crypto);
- 		while (enumerator->enumerate(enumerator, &encryption, &plugin_name))
- 		{
-+			if (!fips_filter(PROTO_IKE, ENCRYPTION_ALGORITHM, encryption))
-+				continue;
-+
- 			switch (encryption)
- 			{
- 				case ENCR_AES_CBC:
-@@ -850,6 +982,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead)
- 		enumerator = lib->crypto->create_signer_enumerator(lib->crypto);
- 		while (enumerator->enumerate(enumerator, &integrity, &plugin_name))
- 		{
-+			if (!fips_filter(PROTO_IKE, INTEGRITY_ALGORITHM, integrity))
-+				continue;
-+
- 			switch (integrity)
- 			{
- 				case AUTH_HMAC_SHA2_256_128:
-@@ -905,6 +1040,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead)
- 	enumerator = lib->crypto->create_prf_enumerator(lib->crypto);
- 	while (enumerator->enumerate(enumerator, &prf, &plugin_name))
- 	{
-+		if (!fips_filter(PROTO_IKE, PSEUDO_RANDOM_FUNCTION, prf))
-+			continue;
-+
- 		switch (prf)
- 		{
- 			case PRF_HMAC_SHA1:
-@@ -964,6 +1102,9 @@ static bool proposal_add_supported_ike(private_proposal_t *this, bool aead)
- 	enumerator = lib->crypto->create_dh_enumerator(lib->crypto);
- 	while (enumerator->enumerate(enumerator, &group, &plugin_name))
- 	{
-+		if (!fips_filter(PROTO_IKE, DIFFIE_HELLMAN_GROUP, group))
-+			continue;
-+
- 		switch (group)
- 		{
- 			case MODP_NULL:
-@@ -1004,6 +1145,10 @@ proposal_t *proposal_create_default(protocol_id_t protocol)
- {
- 	private_proposal_t *this = (private_proposal_t*)proposal_create(protocol, 0);
- 
-+#define fips_add_algorithm(this, type, alg, len)	\
-+	if (fips_filter(this->protocol, type, alg))	\
-+		add_algorithm(this, type, alg, len);
-+
- 	switch (protocol)
- 	{
- 		case PROTO_IKE:
-@@ -1014,31 +1159,32 @@ proposal_t *proposal_create_default(protocol_id_t protocol)
- 			}
- 			break;
- 		case PROTO_ESP:
--			add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC,          128);
--			add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC,          192);
--			add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC,          256);
--			add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_3DES,               0);
--			add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,         256);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_128,  0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_384_192,  0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_512_256,  0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_96,       0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_AES_XCBC_96,        0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_MD5_96,        0);
--			add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
-+			fips_add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC,          128);
-+			fips_add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC,          192);
-+			fips_add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC,          256);
-+			fips_add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_3DES,               0);
-+			fips_add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,         256);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_128,  0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_384_192,  0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_512_256,  0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_96,       0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_AES_XCBC_96,        0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_MD5_96,        0);
-+			fips_add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
- 			break;
- 		case PROTO_AH:
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_128,  0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_384_192,  0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_512_256,  0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_96,       0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_AES_XCBC_96,        0);
--			add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_MD5_96,        0);
--			add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_128,  0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_384_192,  0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_512_256,  0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_96,       0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_AES_XCBC_96,        0);
-+			fips_add_algorithm(this, INTEGRITY_ALGORITHM,  AUTH_HMAC_MD5_96,        0);
-+			fips_add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
- 			break;
- 		default:
- 			break;
- 	}
-+#undef fips_add_algorithm
- 	return &this->public;
- }
- 
--- 
-2.13.2
-
diff --git a/strongswan_modprobe_syslog.patch b/strongswan_modprobe_syslog.patch
deleted file mode 100644
index 30c021c..0000000
--- a/strongswan_modprobe_syslog.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-Index: strongswan-5.6.2/src/starter/klips.c
-===================================================================
---- strongswan-5.6.2.orig/src/starter/klips.c	2016-04-22 22:01:35.000000000 +0200
-+++ strongswan-5.6.2/src/starter/klips.c	2018-04-17 16:53:57.534334655 +0200
-@@ -30,7 +30,7 @@ bool starter_klips_init(void)
- 		/* ipsec module makes the pf_key proc interface visible */
- 		if (stat(PROC_MODULES, &stb) == 0)
- 		{
--			ignore_result(system("modprobe -qv ipsec"));
-+			ignore_result(system("modprobe -s ipsec"));
- 		}
- 
- 		/* now test again */
-@@ -42,9 +42,9 @@ bool starter_klips_init(void)
- 	}
- 
- 	/* load crypto algorithm modules */
--	ignore_result(system("modprobe -qv ipsec_aes"));
--	ignore_result(system("modprobe -qv ipsec_blowfish"));
--	ignore_result(system("modprobe -qv ipsec_sha2"));
-+	ignore_result(system("modprobe -s ipsec_aes"));
-+	ignore_result(system("modprobe -s ipsec_blowfish"));
-+	ignore_result(system("modprobe -s ipsec_sha2"));
- 
- 	DBG2(DBG_APP, "found KLIPS IPsec stack");
- 	return TRUE;
-Index: strongswan-5.6.2/src/starter/netkey.c
-===================================================================
---- strongswan-5.6.2.orig/src/starter/netkey.c	2016-04-22 22:01:35.000000000 +0200
-+++ strongswan-5.6.2/src/starter/netkey.c	2018-04-17 16:53:57.534334655 +0200
-@@ -30,7 +30,7 @@ bool starter_netkey_init(void)
- 		/* af_key module makes the netkey proc interface visible */
- 		if (stat(PROC_MODULES, &stb) == 0)
- 		{
--			ignore_result(system("modprobe -qv af_key"));
-+			ignore_result(system("modprobe -s af_key"));
- 		}
- 
- 		/* now test again */
-@@ -44,11 +44,11 @@ bool starter_netkey_init(void)
- 	/* make sure that all required IPsec modules are loaded */
- 	if (stat(PROC_MODULES, &stb) == 0)
- 	{
--		ignore_result(system("modprobe -qv ah4"));
--		ignore_result(system("modprobe -qv esp4"));
--		ignore_result(system("modprobe -qv ipcomp"));
--		ignore_result(system("modprobe -qv xfrm4_tunnel"));
--		ignore_result(system("modprobe -qv xfrm_user"));
-+		ignore_result(system("modprobe -s ah4"));
-+		ignore_result(system("modprobe -s esp4"));
-+		ignore_result(system("modprobe -s ipcomp"));
-+		ignore_result(system("modprobe -s xfrm4_tunnel"));
-+		ignore_result(system("modprobe -s xfrm_user"));
- 	}
- 
- 	DBG2(DBG_APP, "found netkey IPsec stack");