[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Linking against OpenSSL

On Thu, May 23, 2002 at 04:10:35PM +0200, Stefan Schwandter wrote:

> I intend to package a GPL'ed program that requires openssl. I've
> searched the archives and would like to hear if I understood
> correctly:

> If you want to package a GPL'ed program that links against OpenSSL and
> distribute it in debian, the upstream author has to permit that, like in
> the fetchmail-ssl package.

> What about the packages that don't mention such a permission in the
> copyright file (I think lynx-ssl and links-ssl are examples), are they
> "illegal"? Or does software in non-US don't have this restriction?

You can distribute binaries of GPL software if:

- all libraries the binary links against are under GPL-compatible

or if:

- the only libraries the binary links against which do NOT have
  GPL-compatible licenses are included with the operating system, AND
  the GPL binary is NOT included with the operating system.

This second option means that if OpenSSL is included with the operating
system, and links-ssl is not included with the operating system, it's ok.
Arguably, OpenSSL is in main and is included with the "operating system",
while links-ssl is distributed from a different server, making it not
part of the "operating system".  This may be enough to consider Debian's
own distribution of these binaries legal, but it doesn't protect anyone
who wants to ship links-ssl together with the rest of Debian main, i.e.,
a non-US/main+main bundled distribution.

All in all, the safest course of action is always to ask upstream for
the license exception.

Steve Langasek
postmodern programmer

Attachment: pgp6lR0E4qBIs.pgp
Description: PGP signature

Reply to: