>>> I have committed the diff for 2.53.1 to -current without adding the
>>> flavor so that we can backport that if needed. However, I didn't see
>>> anything security related in the change log, so I did not do that.
>>>
>>
>> Thanks for your help!
>>
>>> I'm pretty sure we should not add a new flavor to -stable.
>>
>> I'm fine with that, in fact it looks like version 7.6 is just around the
>> corner, so I don't see the need to change the port on -stable. My intention
>> when I proposed these changes was to try to get them added to -current, and
>> not to -stable.
>>
>>>
>>> If you want the upnp flavor in -current, please resend the diff, but
>>> that will need a proper ok.
>>
>> Sure, here is the diff for the flavor I proposed for the net/i2pd port.
>> There is no need to create another PLIST file, because no new files are
>> added with this flavor.
> 
> In https://marc.info/?l=openbsd-ports&m=172385091022273&w=2 you argue
> for making the upnp functionality available.  miniupnpc is a
> standalone, lightweight library, and the UPnP functionality is hidden
> behind a config button anyway.  UPnP has a kind of bad reputation* but
> here I would suggest to just add the dep unconditionally.
> 
> Was there a particular reason why you proposed adding UPnP as a
> FLAVOR?  If not, the diff below would ease future maintenance.

I prefer to keep UPnP support as a flavor to avoid installing 
unnecessary dependencies for users who do not need this functionality.

Normally, what is done on servers is to statically set a port for 
incoming connections [1], UPnP is usually useful when I2Pd is used on 
the client side, which is typically behind a NAT.

[1]: https://comfy.guide/server/i2p-daemon/#improving-connectivity

> 
> * If we wanted to be paranoid, we could also preemptively patch the
>    config file to explicitely disable upnp by default, so that future
>    updates don't enable upnp behind the user's back.
> 
> 
> Index: Makefile
> ===================================================================
> RCS file: /home/cvs/ports/net/i2pd/Makefile,v
> diff -u -p -r1.25 Makefile
> --- Makefile	29 Aug 2024 15:49:13 -0000	1.25
> +++ Makefile	29 Aug 2024 21:34:00 -0000
> @@ -3,6 +3,7 @@ COMMENT =	client for the I2P anonymous n
>   GH_ACCOUNT =	PurpleI2P
>   GH_PROJECT =	i2pd
>   GH_TAGNAME =	2.53.1
> +REVISION =	0
>   
>   CATEGORIES =	net
>   HOMEPAGE =	https://i2pd.website
> @@ -12,14 +13,17 @@ PERMIT_PACKAGE = Yes
>   
>   WANTLIB += ${COMPILER_LIBCXX} boost_atomic-mt boost_date_time-mt
>   WANTLIB += boost_filesystem-mt boost_program_options-mt boost_system-mt
> -WANTLIB += c crypto m ssl z
> +WANTLIB += c crypto m miniupnpc ssl z
>   
>   COMPILER =	base-clang ports-gcc
>   MODULES =	devel/cmake
> -LIB_DEPENDS =	devel/boost
> +LIB_DEPENDS =	devel/boost \
> +		net/miniupnp/miniupnpc
>   
>   # for tests
>   USE_GMAKE =	Yes
> +
> +CONFIGURE_ARGS =	-DWITH_UPNP=ON
>   
>   WRKSRC =	${WRKDIST}/build
>   
>