[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: libreadline



On Sat, May 04, 2002 at 06:01:24PM +0200, Matthias Klose wrote:
> Brian May writes:
> > Hello,

> > It has come to my attention that a number of packages may be breaching
> > the GPL by linking with libreadline instead of libeditline.

> > For instance, I asked on debian-legal, and was told that no program may
> > link both with libreadline and openssl because the licenses of these two
> > packages are incompatible (if you disagree, please bring it up on
> > debian-legal, not here).

> > However, a number of programs do exactly this. Probably the most popular
> > package is python2.1.

> - the python binary is not linked against readline and openssl.
> - the readline module is linked against libreadline
> - the _socket module is linked against libssl

> Is one of the following solutions legal:

> - Build the standard _socket module without SSL support and add a
>   new (well, it was called python-ssl) package which builds the ssl
>   module with ssl support and diverts the package.

> - Add a hack to the interpreter, so that the readline and _socket
>   modules cannot be loaded together.

> - Replace readline with editline. Yes this solution is legal, but
>   I didn't check yet, if it's doable.

I believe this is only an issue if we also ship python programs that
use both modules.  It may be the case that we do; but simply having both
python modules available on the system is not a license conflict, and
end-users are even allowed to write programs using both modules; they
just can't be distributed with Debian without some resolution to the
above issue.

If we don't ship any python programs that depend on both SSL socket
support and readline support, I believe providing a non-SSL-enabled
socket module as the preferred socket module will satisfy the license
requirements.  If we have programs that do need both SSL and readline,
then something needs to be changed -- either readline must be replaced
with editline, or OpenSSL must be replaced with gnutls.

Steve Langasek
postmodern programmer

Attachment: pgpE9hErDzHQr.pgp
Description: PGP signature


Reply to: