Software that uses OpenSSL
Jakob Bohm
jb-openssl at wisemo.com
Tue Aug 18 03:58:31 UTC 2020
On 06/08/2020 22:17, Quanah Gibson-Mount wrote:
>
>
> --On Thursday, August 6, 2020 1:21 PM -0700 Dan Kegel <dank at kegel.com>
> wrote:
>
>> lists 861 packages, belonging to something like 400 projects, that
>> depend
>> on openssl....
>
> Unfortunately, due to Debian's odd take on the OpenSSL license, many
> projects that can use OpenSSL are compiled against alternative SSL
> libraries, so this can miss a lot of potential applications (OpenLDAP,
> for example).
>
It's not an odd take. The SSLeay license explicitly bans releasing
OpenSSL code under the GPL (as part of SSLeay's own copyleft provisions).
GPL version 2 explicitly prohibits OS bundled GPL code from linking to
OS-bundled non-GPL code, so this can be done only by violating the
SSLeay license.
So no OS distribution can include GPL 2 code using OpenSSL 1.x.x
GPL version 2 explicitly allows independently distibuted copies of GPL 2
programs to link to any OS-bundled libs, including OS-bundled OpenSSL
(this clause was intended to allow linking to stuff like the Microsoft
or Sun OS libraries)
Some GPL version 2 programs include an extra license permission to link
against OpenSSL even when those GPL version 2 programs are bundled with
the OS.
> Hopefully with OpenSSL 3.0 and later, this won't be as much of an issue.
Does the Apache 2.0 license allow redistributing code under GPL 2 ?
>
> --Quanah
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2860 Soborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
More information about the openssl-users
mailing list