opendkim: incompatible SSL versions redux :(

[MrPeteH]

I had a stock Debian 11 opendkim working kinda-sorta. Tried building the develop version and had issues. Uninstalled. Reinstalled stock opendkim Now I am getting a complaint about incompatible SSL versions. It says OpenDKIM was compiled to 0x0101010ef but 0x01010108f is installed. From opensslv.h.in, we see the difference is patch level 0x8 vs 0xe (1.1.1h vs 1.1.1n).

I have questions and a bug report: Questions:

1. Is it always correct that opendkim -V should correctly answer the question of which openSSL library version was compiled?
2. Can you think of how/why/where I am getting the above complaint on this system, when every binary I can find, for both openSSL and opendkim, claim to be compiled and/or are version 1.1.1n?!!

BUG: the only difference between these is at the minor patch level. That makes no sense.

Why in the world would we require an exact match on patch level? Seems to me at least the comparison ought to be (opendkim.c) if ((dkim_ssl_version()/256) != (OPENSSL_VERSION_NUMBER/256)) which would remove the final 8 bit patch number from the question. More likely, any version with same major and the minor being same or bigger ought to work, according to spec?

[MrPeteH]

FWIW:

• I still cannot fathom where the old (1.1.1h) version of OpenSSL exists or is referenced on this machine
• Having built the current (andreasschulze) develop branch, and installed, and worked through debian-specific wierdness :)...

I can say that patching source the way I did above has fully worked around this version-mismatch problem.