Software that uses OpenSSL

Jakob Bohm jb-openssl at
Tue Aug 18 03:58:31 UTC 2020

On 06/08/2020 22:17, Quanah Gibson-Mount wrote:
> --On Thursday, August 6, 2020 1:21 PM -0700 Dan Kegel <dank at> 
> wrote:
>> lists 861 packages, belonging to something like 400 projects, that 
>> depend
>> on openssl....
> Unfortunately, due to Debian's odd take on the OpenSSL license, many 
> projects that can use OpenSSL are compiled against alternative SSL 
> libraries, so this can miss a lot of potential applications (OpenLDAP, 
> for example).
It's not an odd take.  The SSLeay license explicitly bans releasing 
OpenSSL code under the GPL (as part of SSLeay's own copyleft provisions).

GPL version 2 explicitly prohibits OS bundled GPL code from linking to 
OS-bundled non-GPL code, so this can be done only by violating the 
SSLeay license.

So no OS distribution can include GPL 2 code using OpenSSL 1.x.x

GPL version 2 explicitly allows independently distibuted copies of GPL 2 
programs to link to any OS-bundled libs, including OS-bundled OpenSSL 
(this clause was intended to allow linking to stuff like the Microsoft 
or Sun OS libraries)

Some GPL version 2 programs include an extra license permission to link 
against OpenSSL even when those GPL version 2 programs are bundled with 
the OS.

> Hopefully with OpenSSL 3.0 and later, this won't be as much of an issue.
Does the Apache 2.0 license allow redistributing code under GPL 2 ?
> --Quanah
> -- 
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <>


Jakob Bohm, CIO, Partner, WiseMo A/S.
Transformervej 29, 2860 Soborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list