Created attachment 234463 [details] Patch against the current port tree A new version of my port of OpenCA’s libpki (used by OpenCA’s OCSP responder in separate post). Updated to the last version published (0.9.2).
Created attachment 234482 [details] Patch against current ports tree Corrected patch.
Created attachment 234505 [details] Patch against current ports tree Cleaner version (cf. Comments in openca-ocspd)
Hello, 1. "# Created by .." is deprecated, you can remove it 2. "DISTNAME=libpki-0.9.2" must be removed because it is implicit since it is equal "${PORTNAME}-${DISTVERSION}" Errors to be corrected: - Portlint -C --- WARN: ###/security/libpki/pkg-descr: includes lines that exceed 80 characters. FATAL: Makefile: [5]: use a tab (not space) after a variable name WARN: ###/security/libpki/files/patch-configure.ac: patch was not generated using ``make makepatch''. It is recommended to use ``make makepatch'' when you need to [re-]generate a patch to ensure proper patch format.[1] 1 fatal error and 2 warnings found. --- [1] to generate a patch with 'make makepatch': (inside security/libpki) > make extract > cp work/libpki-0.9.2/configure.ac work/libpki-0.9.2/configure.ac.orig (edit and change work/libpki-0.9.2/configure.ac) > make makepatch - portclippy Makefile --- # USES block USES USE_GITHUB GH_ACCOUNT +USE_GNOME USE_LDCONFIG -USE_GNOME --- Cheers
Created attachment 234686 [details] Patch against current ports tree - removed “created by” comment - removed unnecessary DISTNAME - corrected order in variables as recommended by portclippy - regenerated patch with make makepatch instead of patch
Hi, maintainer == bruno@ruomad.net author == freebsd@ruomad.net This will make some confusion committing
... I could sugest use maintainer email on bugs.freebsd.org account for example to simplify things or the reverse. I will start doing tests now. cheers
Created attachment 234689 [details] Patch against current ports tree OK, I changed the committer email in the patch to my main email bruno@ruomad.net. I change the login in bugzilla as well. Sorry for the confusion.
Created attachment 234690 [details] libpki-0.9.2 complete diff with security/Makefile libpki added with small fixes: - remove some Makefile extra tabs - reformat CONFIGURE_ARGS for better reading - reformat pkg-descr for 72 columns Please use this diff for future changes/updates for an easier patch apply
ok, I've fount some Q/A plist issues: --- ====> Running Q/A tests (stage-qa) ====> Checking for pkg-plist issues (check-plist) ===> Parsing plist ===> Checking for items in STAGEDIR missing from pkg-plist Error: Orphaned: include/internal/ossl_1_0_x/cms_lcl.h Error: Orphaned: include/internal/ossl_1_1_0/cms_lcl.h Error: Orphaned: include/internal/ossl_1_1_0/ocsp_lcl.h Error: Orphaned: include/internal/ossl_1_1_0/x509_int.h Error: Orphaned: include/internal/ossl_1_1_0/x509_lcl.h Error: Orphaned: include/internal/ossl_1_1_1/cms_lcl.h Error: Orphaned: include/internal/ossl_1_1_1/ocsp_lcl.h Error: Orphaned: include/internal/ossl_1_1_1/refcount.h Error: Orphaned: include/internal/ossl_1_1_1/x509_int.h Error: Orphaned: include/internal/ossl_1_1_1/x509_lcl.h Error: Orphaned: %%DATADIR%%/README.data_structures Error: Orphaned: %%DATADIR%%/README.functions Error: Orphaned: %%DATADIR%%/doxygen-man.conf Error: Orphaned: %%DATADIR%%/doxygen-pdf.conf Error: Orphaned: %%DATADIR%%/doxygen.conf Error: Orphaned: %%DATADIR%%/pkginfo ===> Checking for items in pkg-plist which are not in STAGEDIR ===> Error: Plist issues found. *** Error code 1 --- You can take a look at poudriere logs: https://people.freebsd.org/~eduardo/logs/libpki-0.9.2/ If you need help just ask. Nuno Eduardo Teixeira
Well, I somehow thought these where not necessary even if upstream includes them (the ports works o for me without them), I suppose i could just re-add them to the plist, or delete them in the Makefile (just a plain rm ?) What do you think would be most appropriate ? I'm not sure Sorry for a newbie question... Bruno
(In reply to Bruno Damour from comment #10) First of all you don't need to say sorry because lots of times I've learn with hight experienced maintainers that sometimes are programers etc, other times I need to help them, other times I need to ask help to other commiters and maintainers to help me.. So in this world a committer or a maintainer are always learning and teaching and, thats why I love what I do, not just be a committer because I'm a maintainer too :) The more I learn, the more I feel a newbie lol Ok, orphanad files shoudm't be removed with RM, only on very special cases but this one it doesn't apply. ''make makeplist' should do the job and some times need some editing but manual editing like adding/removing entries is not so good. try make makeplist, update patch, I will be here for a few hours for tests
Hi, None of your patches seems to be submitted upstream, please do and by doing so we can also utilize GitHub to pull those patches back in. Best regards, Daniel
(In reply to Daniel Engberg from comment #12) Hello Daniel, Ok, then we should wait until upstream import those patches and when its done we can use something like: --- PATCH_SITES= https://github.com/openca/libpki/commit/ PATCHFILES= <hash>.patch:-p1 (etc) --- It's that it? Thanks
(In reply to Nuno Teixeira from comment #13) Correct given that they apply cleanly otherwise we need to backport by hand Best regards, Daniel
(In reply to Daniel Engberg from comment #14) ok, in my previous reply I forgot to ask a second question: What happens if upstream doesn't accept this patches? What we should do then? Thanks
(In reply to Nuno Teixeira from comment #15) In my experience this is rarely an issue unless the patch(es) breaks functionality for other platforms in which case it'll need to be reworked. In case upstream is unresponsive just refer to PR(s). If upstream flat out refuses we should make sure that patches are as "generic" as possible and document why they are committed in the first place. Documentation save a lot of time and neither submitter or committer might be around next time to update the port. Needing to do guesswork usually results in ports being neglected (ie no one touches it).
Hello all, Sorry I have been unavailable, and will not be able to amend my ports draft until this weekend or next week. My understanding of your recommandations : I will submit my patches to upstream, I haven’t done it in the last months because I understood that the project was more or less unattended, but the last commits seem to suggest that there is still a possibility. The last commit fixed the majority of patches I previously had to apply to get it to compile on freeBSD, and this is the reason why I decided to submit this ports. I realised that some patches may still be unnecessary, so I will also review them to try to stick to current upstream as much as possible (the patch replacing strncpy bystrcpy for example seems not needed and I cannot figure out why it was when I had to apply it a year ago). In fact only patches to configure seem necessary, they should not be a problem for upstream to accept, they are pretty trivial. Thanks a lot for your comments. Bruno
Hello, I revised the patches in a minimal approach and it boils down to only 2 very small patches. I submitted them to upstream in a pull request, let’s see what happens… For information the patches only fix the following : - ensure install refers to lib and not lib64 (configure.ac) - consider amd64 as meaning x86_64 (configure.ac) - include sys/socket.h in header files (src/include/pki.h) With these patches openca-ocspd builds nicely without any patch (and works). Bruno
(In reply to Bruno Damour from comment #18) Hello Bruno! Can you link these pull(s) request here so we can follow? cheers
Here is the link to the pull request : https://github.com/openca/libpki/pull/54
Created attachment 234910 [details] New patch against ports tree using upstream PR New port proposal using upstream PR on github (waiting for upstream to accept it).
Hello, My upstream PR did not (yet ?) receive any answer, which is not surprising considering the very low activity of the project (which I even thought completely dead when I first tried to draft a port). Not sure of what I should do next...
Hi, As long as you've submitted upstream I think you've done a great job. I'll update the URL to use this one instead to avoid file names clashing in distfiles. https://github.com/openca/libpki/commit/d7617046e9da97473a140c02582fa571f6359ae3.patch
Created attachment 235225 [details] Revised patch Revised version, we can add information regarding the PR in commit message. No need to explain the sample stuff as its clear what it does Poudriere testport OK 12.3-RELEASE (amd64) Poudriere testport OK 13.0-RELEASE (i386)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=93db311c5f7a2da50f3b8414c68a3f20c241354c commit 93db311c5f7a2da50f3b8414c68a3f20c241354c Author: Bruno Damour <bruno@ruomad.net> AuthorDate: 2022-07-13 09:48:20 +0000 Commit: Nuno Teixeira <eduardo@FreeBSD.org> CommitDate: 2022-07-13 09:53:32 +0000 security/libpki: New port: OpenCA PKI library (libpki) and tools - submitter becomes maintainer OpenCA LibPKI provides an easy-to-use PKI library for PKI enabled application development. The library provides the developer with all the needed functionalities to manage certificates, from generation to validation. WWW: https://www.openca.org/projects/libpki PR: 264474 Reviewed by: diizzy security/Makefile | 1 + security/libpki/Makefile (new) | 37 +++++++++ security/libpki/distinfo (new) | 5 ++ security/libpki/pkg-descr (new) | 6 ++ security/libpki/pkg-plist (new) | 178 ++++++++++++++++++++++++++++++++++++++++ 5 files changed, 227 insertions(+)
Committed, thank you!