[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers-public] openssl license
|
From: |
Sylvain Beucler |
|
Subject: |
Re: [Savannah-hackers-public] openssl license |
|
Date: |
Fri, 23 Jan 2009 22:34:24 +0100 |
|
User-agent: |
Mutt/1.5.18 (2008-05-17) |
Hi,
One thing you didn't mention is using GnuTLS.
It's LGPL'd, it's GNU, and it even has a partial openssl-compatible
layer. That's what we recommend before considering adding an exception
(which has the problems you mentioned).
--
Sylvain
On Thu, Jan 22, 2009 at 08:56:53AM +0200, Yavor Doganov wrote:
> Nicodemo Alvaro wrote:
> > If you take a look at this license notice you would find that it is
> > incompatible with the GPL.
>
> Yes, that's a well known issue, see
> http://www.gnome.org/~markmc/openssl-and-the-gpl.html.
>
> > The project GiVME has a dependency on openssl.
>
> It should have a special exception similar to other packages linking
> against openssl (see gnubiff, for example). The tricky part is that
> it's not sufficient that only the program has the exception, the
> licenses of other libraries must be compatible as well. So if you
> have an app foo under GPL+OpenSSL exception linking both against
> libopenssl and libbar (pure GPL), that's not OK.
>
> It becomes even trickier for indirect linking. For example, Gajim is
> under GPLv3 only and optionally depends on python-openssl (OpenSSL
> Python bindings), which is under LGPL, but links against libopenssl.
> I'm not sure whether an exception is required in this case, but it
> seems logical that it should be.
>
> Another classic example of indirect linking is if you link against a
> library which itself links with openssl (like libsnmp).
>
> > Openssl is distributed with GNewSense, so maybe I am missing
> > something.
>
> Sure, it's free software, so why not?
>
> FWIW, there was a discussion between Brett Smith and some Debian folks
> (Steve Langasek, Anthony Towns, IIRC) a few years ago on debian-legal.
> They defended the position that openssl fulfils the criteria of a
> "system library" in a distro like Debian, as it's part of the minimal
> installation and too many packages of priority
> "required|important|standard" depend on it. I don't remember whether
> Brett bought the argument.
- [Savannah-hackers-public] openssl license, Nicodemo Alvaro, 2009/01/21
- Re: [Savannah-hackers-public] openssl license, Yavor Doganov, 2009/01/22
- Re: [Savannah-hackers-public] openssl license,
Sylvain Beucler <=
- Re: [Savannah-hackers-public] openssl license, Yavor Doganov, 2009/01/23
- Re: [Savannah-hackers-public] openssl license, Sylvain Beucler, 2009/01/23
- Re: [Savannah-hackers-public] openssl license, Yavor Doganov, 2009/01/23
- Re: [Savannah-hackers-public] openssl license, Sylvain Beucler, 2009/01/23
- Re: [Savannah-hackers-public] openssl license, Nicodemo Alvaro, 2009/01/24
- Re: [Savannah-hackers-public] openssl license, Yavor Doganov, 2009/01/25
- Re: [Savannah-hackers-public] openssl license, Nicodemo Alvaro, 2009/01/25
- Re: [Savannah-hackers-public] openssl license, Yavor Doganov, 2009/01/25