697520 – mail-filter/opendkim with ed25519-sha256 - ?

Bug 697520 - mail-filter/opendkim with ed25519-sha256 - ?

Summary: mail-filter/opendkim with ed25519-sha256 - ?

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All All

Importance:	Normal normal
Assignee:	Ralph Seichter

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2019-10-11 22:41 UTC by Benny Pedersen
Modified:	2019-10-13 20:26 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Benny Pedersen 2019-10-11 22:41:38 UTC

https://github.com/trusteddomainproject/OpenDKIM/issues

unsure if ed25519-sha256 works with openssl or not :/

no patch ready imho

using beta2 is untrusted unstable, but it would be nice to see if it builds at all

https://github.com/trusteddomainproject/OpenDKIM/releases/tag/rel-opendkim-2-11-0-Beta2

Comment 1 Jeroen Roovers (RETIRED) gentoo-dev

2019-10-12 06:15:58 UTC

(In reply to Benny Pedersen from comment #0)
> https://github.com/trusteddomainproject/OpenDKIM/issues

I guess you mean [1] which currently lists 5 issues. Or [2] (which the HOMEPAGE links to for bug tracking) which lists many more, probably because of a misinterpretation of the dash in "ed25519-sha256".

> unsure if ed25519-sha256 works with openssl or not :/

Do you mean you are not sure of opendkim (somehow) configured for "ed25519-sha256" might work as expected with a specific version of dev-libs/openssl?

> no patch ready imho

Patch for what problem?

[1] https://github.com/trusteddomainproject/OpenDKIM/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aopen+ed25519
[2] https://sourceforge.net/p/opendkim/bugs/search/?q=ed25519-sha256&limit=50

Comment 2 Jeroen Roovers (RETIRED) gentoo-dev

2019-10-12 06:32:00 UTC

Perhaps maintainers can fix the Summary once you figure out what the problem is.

Comment 3 Ralph Seichter 2019-10-12 17:01:40 UTC

Upstream development has pretty much stopped. The referenced beta (!) release is almost a year old now. Also, I opened pull request https://github.com/trusteddomainproject/OpenDKIM/pull/41 on April 2, 2019 and we have not even received a comment yet.

My conclusion as of today is that spending time on OpenDKIM to support new signature types is not worth it as long as upstream development is paused. The combination of pymilter/dkimpy-milter seems more promising to me. Both authors have accepted my recent contributions, and the library/milter are actively maintained by them.

Comment 4 Ralph Seichter 2019-10-13 14:19:18 UTC

If neither Michael nor Francisco have an objection, I will close this issue.

Comment 5 Michael Orlitzky gentoo-dev

2019-10-13 14:43:39 UTC

(In reply to Ralph Seichter from comment #4)
> If neither Michael nor Francisco have an objection, I will close this issue.

None here.

Comment 6 Francisco Blas Izquierdo Riera (RETIRED) gentoo-dev

2019-10-13 16:55:56 UTC

I may try to fix this one a lot later on. Consider reopening this in December as I may have more time to try to backport the beta patches.

Comment 7 Benny Pedersen 2019-10-13 19:47:26 UTC

i have used opendkim 2.11 in last 24 hours, no problem with it, so beta2 is more or less ready for gentoo

i have disabled poll, it makes QA

atps its depricated
vbr experimental not used widely, this could be added to use flag if demend for it

my unstable ebuild is in ::fidonet overlay if there is some that would like to try it

i will make systemd work again, just to laysy not make it right now since i dont use systemd

also tarball have imho no working initd for openrc, so used the one from 2.10 that still works

https://tools.ietf.org/html/rfc6376#section-4.1

sha-1024 is planned in ietf

hope the best from here

Comment 8 Ralph Seichter 2019-10-13 20:05:05 UTC

Benny, what part of "Consider reopening this in December" do you find confusing?