diff --git a/.gitignore b/.gitignore
index c756d11..2f86aa1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-/ntpsec-1.2.1.tar.gz
-/ntpsec-1.2.1.tar.gz.asc
+/ntpsec-1.2.2.tar.gz
+/ntpsec-1.2.2.tar.gz.asc
diff --git a/ntpsec-openssl.patch b/ntpsec-openssl.patch
deleted file mode 100644
index 6fd1202..0000000
--- a/ntpsec-openssl.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-commit ba368822d0a197cb84c46c911d40d0c52cf9c391
-Author: Hal Murray <hmurray@megapathdsl.net>
-Date:   Sun May 2 22:24:26 2021 -0700
-
-    Update to OpenSSL 3.0.0-alpha15
-
-diff --git a/attic/cmac-timing.c b/attic/cmac-timing.c
-index c2088db63..464daa76b 100644
---- a/attic/cmac-timing.c
-+++ b/attic/cmac-timing.c
-@@ -225,28 +225,14 @@ static void DoPKEY(
- #if OPENSSL_VERSION_NUMBER > 0x20000000L
- static size_t One_EVP_MAC(
-   EVP_MAC_CTX *ctx,         /* context  */
--  char *cipher,
-   uint8_t *key,             /* key pointer */
-   int     keylength,        /* key length */
-   uint8_t *pkt,             /* packet pointer */
-   int     pktlength         /* packet length */
- ) {
--	OSSL_PARAM params[3];
- 	size_t len = EVP_MAX_MD_SIZE;
- 
--	params[0] =
--          OSSL_PARAM_construct_utf8_string("cipher", cipher, 0);
--	params[1] =
--          OSSL_PARAM_construct_octet_string("key", key, keylength);
--	params[2] = OSSL_PARAM_construct_end();
--	if (0 == EVP_MAC_CTX_set_params(ctx, params)) {
--		unsigned long err = ERR_get_error();
--		char * str = ERR_error_string(err, NULL);
--		printf("## Oops, EVP_MAC_CTX_set_params() failed: %s.\n", str);
--		return 0;
--	}
--
--	if (0 == EVP_MAC_init(ctx)) {
-+	if (0 == EVP_MAC_init(ctx, key, keylength, NULL)) {
- 		unsigned long err = ERR_get_error();
- 		char * str = ERR_error_string(err, NULL);
- 		printf("## Oops, EVP_MAC_init() failed: %s.\n", str);
-@@ -255,13 +241,13 @@ static size_t One_EVP_MAC(
- 	if (0 == EVP_MAC_update(ctx, pkt, pktlength)) {
- 		unsigned long err = ERR_get_error();
- 		char * str = ERR_error_string(err, NULL);
--		printf("## Oops, EVP_MAC_init() failed: %s.\n", str);
-+		printf("## Oops, EVP_MAC_update() failed: %s.\n", str);
- 		return 0;
- 	}
- 	if (0 == EVP_MAC_final(ctx, answer, &len, sizeof(answer))) {
- 		unsigned long err = ERR_get_error();
- 		char * str = ERR_error_string(err, NULL);
--		printf("## Oops, EVP_MAC_init() failed: %s.\n", str);
-+		printf("## Oops, EVP_MAC_final() failed: %s.\n", str);
- 		return 0;
- 	}
- 	return len;
-@@ -290,7 +276,7 @@ static void Do_EVP_MAC(
- 
- 	clock_gettime(CLOCK_MONOTONIC, &start);
- 	for (int i = 0; i < SAMPLESIZE; i++) {
--		digestlength = One_EVP_MAC(evp, cbc, key, keylength, pkt, pktlength);
-+		digestlength = One_EVP_MAC(evp, key, keylength, pkt, pktlength);
- if (0 == digestlength) break;
- 	}
- 	clock_gettime(CLOCK_MONOTONIC, &stop);
-@@ -305,26 +291,31 @@ static size_t One_EVP_MAC2(
-   uint8_t *pkt,             /* packet pointer */
-   int     pktlength         /* packet length */
- ) {
-+	EVP_MAC_CTX *dup;
- 	size_t len = EVP_MAX_MD_SIZE;
- 
--	if (0 == EVP_MAC_init(ctx)) {
-+	// dup = ctx;
-+	dup = EVP_MAC_CTX_dup(ctx);
-+
-+	if (0 == EVP_MAC_init(dup, NULL, 0, NULL)) {
- 		unsigned long err = ERR_get_error();
- 		char * str = ERR_error_string(err, NULL);
- 		printf("## Oops, EVP_MAC_init() failed: %s.\n", str);
- 		return 0;
- 	}
--	if (0 == EVP_MAC_update(ctx, pkt, pktlength)) {
-+	if (0 == EVP_MAC_update(dup, pkt, pktlength)) {
- 		unsigned long err = ERR_get_error();
- 		char * str = ERR_error_string(err, NULL);
--		printf("## Oops, EVP_MAC_init() failed: %s.\n", str);
-+		printf("## Oops, EVP_MAC_update() failed: %s.\n", str);
- 		return 0;
- 	}
--	if (0 == EVP_MAC_final(ctx, answer, &len, sizeof(answer))) {
-+	if (0 == EVP_MAC_final(dup, answer, &len, sizeof(answer))) {
- 		unsigned long err = ERR_get_error();
- 		char * str = ERR_error_string(err, NULL);
--		printf("## Oops, EVP_MAC_init() failed: %s.\n", str);
-+		printf("## Oops, EVP_MAC_final() failed: %s.\n", str);
- 		return 0;
- 	}
-+	EVP_MAC_CTX_free(dup);
- 	return len;
- }
- 
diff --git a/ntpsec.spec b/ntpsec.spec
index c575b02..91d21b4 100644
--- a/ntpsec.spec
+++ b/ntpsec.spec
@@ -1,5 +1,5 @@
 Name:           ntpsec
-Version:        1.2.1
+Version:        1.2.2
 Release:        9%{?dist}
 Summary:        NTP daemon and utilities
 
@@ -42,8 +42,6 @@ Source3:        ntp.conf
 
 # Detect weak keys generated by ntpkeygen (CVE-2021-22212)
 Patch1:         ntpsec-weakkeys.patch
-# Fix building with OpenSSL-3.0
-Patch2:         ntpsec-openssl.patch
 
 BuildRequires:  bison
 BuildRequires:  gcc
@@ -122,6 +120,7 @@ install -p -m644 etc/logrotate-config.ntpd \
         %{buildroot}%{_sysconfdir}/logrotate.d/ntpsec.conf
 
 rm -rf %{buildroot}%{_docdir}
+rm %{buildroot}%{_bindir}/runtests
 
 pushd %{buildroot}
 
@@ -192,7 +191,7 @@ sed -i.bak -E '/^restrict/s/no(e?peer|trap)//g' %{_sysconfdir}/ntp.conf
 :
 
 %files
-%license LICENSE.adoc
+%license LICENSES/*
 %doc NEWS.adoc README.adoc
 %config(noreplace) %{_sysconfdir}/ntp.conf
 %dir %{_sysconfdir}/logrotate.d
diff --git a/sources b/sources
index dd427f4..54a2980 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-SHA512 (ntpsec-1.2.1.tar.gz) = 0b8b0bda52d3025f6e9a06c00b1e0c25c595ada72b87ed0e5d3d6f77a034f557745156bc6d9a263c9876c041efffa38d42fa93ba8bfda31f67efbd842a726277
-SHA512 (ntpsec-1.2.1.tar.gz.asc) = 9f5da76dc538aeee3fcd34f18b29566a122d2a08f5070ec662f7e1ddbd0f3518f9350479fc121afa9f7b55f107d1864f30ced564ae6ee6ef7cdb8b44f694d157
+SHA512 (ntpsec-1.2.2.tar.gz) = 864afb72c4bd8bc439ee06d343893cf92b3893c26c972a7bd1ff2713f0ad1f50704b6d0c6f155e6373c9747efff3ea36097a590be0d53e1a7ea7f429ba409cd1
+SHA512 (ntpsec-1.2.2.tar.gz.asc) = e797606ad71ffa4438e7db56431d1ff97b0e6b68ac95f9c28cf5c4ab92e939a9692d6b0046af7d1150f4667d9d01469e7017b38776bc0fbc5f66145be2aff594