[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Can GPLed programs use Heimdal?



On Wed, Nov 14, 2001 at 09:21:04AM -0500, Sam Hartman wrote:
> [please respect mail-followup-to and keep debian-kerberos copied]

> Hi.  We're working on some consensus guidelines among the Kerberos
> maintainers to help packagers who want to add Kerberos support to
> their packages.  A legal question has come up.

> The Heimdal implementation links against libssl in order to get its
> crypto.  How does this effect GPLed applications?  Note that the
> applications do not normally call any routines from libssl; they only
> call Heimdal routines indirectly.

> Another thing that may make this different than the standard libssl
> linking question is that there are multiple implementations of
> Kerberos.  The APIs are not the same so some applications only work
> with Heimdal, but other applications work both with Heimdal and the
> MIT implementation.  Is the existence of another implementation enough
> to allow us to ignore the libssl dependency and link against Heimdal?

Would that MIT Kerberos and Heimdal were ABI-compatible; then there
would be no question that it was legal to link GPL software against
Heimdal, because it would be indistinguishable from linking against MIT
Kerberos, which is permitted.

Currently, however, it's my impression that indirect linking against
libssl is as prohibited as direct linking against libssl.  The net
result is the same, namely that the GPL binary has a dependency on
libraries that have an incompatible license.  This 'indirect linking' is
equivalent to someone writing a proprietary library, providing a GPL
wrapper that includes the only entry points that people will link
against, and claiming the whole unit is GPL-compatible.

Steve Langasek
postmodern programmer

Attachment: pgpPvQzBGZIFb.pgp
Description: PGP signature


Reply to: