Re: freeradius and EAP-TLS

To: debian-amd64@lists.debian.org
Subject: Re: freeradius and EAP-TLS
From: A J Stiles <deb64@earthshod.co.uk>
Date: Fri, 13 Jan 2006 10:32:27 +0000
Message-id: <[🔎] 200601131032.27435.deb64@earthshod.co.uk>
In-reply-to: <[🔎] 20060112T2047.GA.c46de.stse@fsing.rootsland.net>
References: <[🔎] 1137085136.7603.2.camel@whale.core.arhont.com> <[🔎] 20060112T2047.GA.c46de.stse@fsing.rootsland.net>

On Thursday 12 Jan 2006 19:54, Stephan Seitz wrote:
> EAP-TLS would mean linking against openssl. Since freeradius is GPL, you
> can't link against openssl (which has another licence) without exeption
> rule in freeradius (this is the consensus from Debian legal).
> This is the same reason why there is no freeradius-postgres package.
> Postgresql is linked against openssl which would mean that freeradius
> would pull in openssl through Postgresql which is a no no.
>
> If someone would write a patch for freeradius for linking againts GnuTLS
> instead of openssl, you would get eap-tls support.

There's nothing to stop you from obtaining the sources and compiling them 
yourself with the appropriate options enabled.  You just would not be allowed 
to redistribute the resulting binaries  {since you would not be able to 
satisfy the conditions for both licences}.

Note that a licence never _prevents_ you from doing anything:  it can only 
give you permissions above and beyond what the Law of the Land already says 
you may do  {though this permission may be conditional upon you doing 
something else; e.g.  making the source code available, displaying a message 
of acknowledgement, or not imposing additional restrictions on future 
redistribution}.  And copyright law most probably would not stop you from 
distributing a patch for the configuration files to cause the two to be 
linked.  Even though the patch contains snippets of the original source code, 
it's so little that this use would almost certainly qualify as Fair Dealing.  
At any rate, until the code is compiled and linked, no derivative work is 
created:  distributing incompatibly-licenced source code together is just 
"aggregation", which the GPL permits.

You might even be able to make a Debian package which depends on the necessary 
source packages and toolchain elements, and as part of its installation 
process performs the patching and compilation.  I admit this would be an ugly 
bodge for anyone used to quick binary package installation, but at least it 
would circumvent the issues neatly.  I personally have no problem at all with 
the idea of a "source only" distribution licence; CPU time and disk space are 
cheap enough nowadays that it isn't unreasonable to expect users to compile 
software at their end.  It's like the electronic equivalent of flatpack 
furniture.

-- 
AJS
delta echo bravo six four at earthshod dot co dot uk

Reply to:

Follow-Ups:
- Re: freeradius and EAP-TLS
  - From: Stephan Seitz <nur-ab-sal@gmx.de>

References:
- freeradius and EAP-TLS
  - From: Andrei Mikhailovsky <andrei@arhont.com>
- Re: freeradius and EAP-TLS
  - From: Stephan Seitz <nur-ab-sal@gmx.de>

Prev by Date: AMD64 autobuilder(s), KDE 3.5
Next by Date: Problem with gnome-volume-manager
Previous by thread: Re: freeradius and EAP-TLS
Next by thread: Re: freeradius and EAP-TLS
Index(es):
- Date
- Thread