Please bump opendkim to 2.11.0beta2 Normally I'd say that alphas/betas are ~arch only, or maybe p.mask'd, but upstream moves incredibly slowly. debian's buster release (oldoldstable) ships 2.11.0alpha. debian's bullseyes release (oldstable) ships 2.11.0beta2. This is needed as the beta includes a number of fixes, as well as support for ed25519 keys https://salsa.debian.org/debian/opendkim/-/blob/master/RELEASE_NOTES?ref_type=heads#L6-51
The bigger problem here is that upstream is completely dead, so that beta branch is never going to be released, and is thus a dead-end fork of something in between 2.10.3 and the "develop" branch in their git repo. We've got 11(?) patches against 2.10.3 that would likely need to be re-rolled. And I don't think that most of those new features are 100% working in the beta -- they would need new patches pulled from github (or debian) first. I'm pretty reluctant to spend the time upgrading from a version that's dying to another six-year old version that's also dying. For new features and bug fixes, I think the effort is better directed in one of two ways: 1. There is a fork at https://github.com/futatuki/OpenDKIM where the author is doing a pretty good job of merging/fixing the open PRs/issues in the main repo. Maybe he could be talked into making the fork official, and doing releases? 2. https://launchpad.net/dkimpy-milter needs some packaging work, but otherwise has an author that is knowledgable and reasonably active (he also maintains spf-engine, and was the debian postfix maintainer for many years). Switching daemons would be a PITA but has to happen eventually if no one going to keep OpenDKIM alive. In any case, I certainly wouldn't stop you if you wanted to try this (just commit it if you get it working), but I've got a huge backlog of other stuff with much higher priority.
Futatuki maintains a FreeBSD "opendkim-devel" port. https://ports.freebsd.org/cgi/ports.cgi?query=opendkim-devel It uses a FreeBSD-hosted distfile that already has almost all the patches in it. Could a Gentoo ebuild grab that FreeBSD distfile as a base or does it have to use the upstream tag plus 30+ patches?
(In reply to gen2dev from comment #2) > Futatuki maintains a FreeBSD "opendkim-devel" port. > https://ports.freebsd.org/cgi/ports.cgi?query=opendkim-devel > It uses a FreeBSD-hosted distfile that already has almost all the patches in > it. > > Could a Gentoo ebuild grab that FreeBSD distfile as a base or does it have > to use the upstream tag plus 30+ patches? Hmmmm, are you sure? FreeBSD says the maintainer is Yasuhiro Kimura, and the Makefile suggests that it's just pulling the latest github tarball: https://cgit.freebsd.org/ports/tree/mail/opendkim-devel/Makefile#n21 In any case, there's no technical issue using some other tarball. We could easily switch to git HEAD on Futatsuki's repo. There two main issues are, 1. Figuring out what patches have been applied, and which ones still need to be applied, and then rebasing them. The OpenRC patches in particular I expect to be a headache. 2. It is a bit sneaky to switch upstreams on users who are expecting "OpenDKIM" to be the OpenDKIM project who makes releases and signs them on opendkim.org. Personally I think it's safe, but it's not a decision that I'm 100% comfortable making for other people. If he made his fork official and gave it some other name, it would solve this problem.
Someone beat me to it: https://github.com/futatuki/OpenDKIM/issues/1
Created attachment 922560 [details] My overlay directory Here's my local overlay for 2.11.0 Beta2 plus bug fixes. It works for me. Use it as you like. It starts with the upstream 2.11.0 Beta2 tar file then applies All upstream PRs that were committed to the 'develop' branch, to catch up to FreeBSD's opendkim-devel: set-freebsd-2.11.0.b2.patch 5 more upstream PRs and 1 issue that haven't been committed but are in Debian's 2.11.0~Beta2-9.1: set-debian_2.11.0_beta2-9.1.patch More upstream PRs that are good but haven't been committed: PR162 OpenSSL 1.1.1 and 3.X compatibility, get rid of deprecated functions. PR201 Lua 5.3+ lua_pop() bug found in FreeBSD PR239 Overlapping strlcpy() More uncommitted upstream PRs that I submitted while working up this overlay: openssl3-fixes.patch Minor fixes for PR162. (PR1 on the fork that 162 comes from) PR243 Add ed25519 tests and fix bugs they exposed PR244 -DFORTIFY_SOURCE issues from Debian and Fedora build logs PR245 ed25519 support in dkim_test_key() PR246 ed25519 support in opendkim-genkey, -genzone, -testkey Plus 8 more patches from Gentoo's 2.10.3 that are still good for 2.11.0 but aren't in any of the above. Even with big useless commits trimmed out of the PR patch files to keep the file size down, like 800+ kbytes updating 'configure' which Gentoo regenerates from configure.ac anyway, it's still 208 kbytes in files/. They might need be moved into a compressed distfile or something. Signed-off-by: gen2dev@qsr.us
