Labels Milestones

[__opendkim_key] Overall improvements in key management #22

Open

evilham wants to merge 4 commits from opendkim-improvements into master

pull from: opendkim-improvements

merge into: ungleich-public:master

ungleich-public:haproxy-dualstack

ungleich-public:kjg_passwordconfig

ungleich-public:master

ungleich-public:php

ungleich-public:root-mail-dma

ungleich-public:synapse-upstream-apt-repository

ungleich-public:synapse-upstream-repository

Conversation 0 Commits 4 Files Changed 11

evilham commented 3 months ago

Collaborator

While developing this, I noticed that the type was handling inconsistently the
expectation that a cdist object with the same __object_id gets modified.
Instead more and more lines were added to, e.g. SigningTable and KeyTable.

In order to solve this, some backwards compatibility breaking is necessary.

This is probably not too terrible since:

• the --selector parameter was mandatory, therefore the fallback for the key
  location is triggered.
• OpenDKIM uses the first match in SigningTable and KeyTable
• __line and __block respectively append if they do not match

Closes #19 and #20

While developing this, I noticed that the type was handling inconsistently the expectation that a cdist object with the same __object_id gets *modified*. Instead more and more lines were added to, e.g. SigningTable and KeyTable. In order to solve this, some backwards compatibility breaking is necessary. This is probably not too terrible since: - the `--selector` parameter was mandatory, therefore the fallback for the key location is triggered. - OpenDKIM uses the first match in `SigningTable` and `KeyTable` - __line and __block respectively append if they do not match Closes #19 and #20

evilham added 3 commits 3 months ago

9473f34910 [__opendkim] FreeBSD: Fix service name inconsistency ...

This was going to be taken care of in __start_on_boot, but the solution to that
ended up not being generic enough; so this is what we get >,<.

While at it, add various variable value checks where it made sense.

91e8020837 [__opendkim] Deprecate --userid ...

The parameter could produce inconsistencies permissions-wise.

Users of the type that need this functionality can still use:
--custom-config 'UserId $USERID'

Closes #17

60c6ee54a1

[__opendkim_key] Overall improvements in key management ...

While developing this, I noticed that the type was handling inconsistently the
expectation that a cdist object with the same __object_id gets *modified*.
Instead more and more lines were added to, e.g. SigningTable and KeyTable.

In order to solve this, some backwards compatibility breaking is necessary.

This is probably not too terrible since:

- the `--selector` parameter was mandatory, therefore the fallback for the key
location is triggered.
- OpenDKIM uses the first match in `SigningTable` and `KeyTable`
- __line and __block respectively append if they do not match

Closes #19 and #20.

evilham added 1 commit 3 months ago

c47d4dbaf2

[__opendkim_genkey] Improve error text for unsupported OS ...

It was not listing FreeBSD, which is currently supported.

This pull request can be merged automatically.

This branch is out-of-date with the base branch

You are not authorized to merge this pull request.

Sign in to join this conversation.

Reviewers

Request review

No reviewers

Labels

Apply labels

Clear labels

bug confirmed critical discussion documentation enhancement feedback-required good-first-issue ready reviewed suggestion support

No Label bug confirmed critical discussion documentation enhancement feedback-required good-first-issue ready reviewed suggestion support

Milestone

Set milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Assign users

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

This pull request currently doesn't have any dependencies.

Write Preview

Loading…

Cancel

Save

There is no content yet.