[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [hpoj-devel] RE: Bug#147430: hpoj: Linking against OpenSSL licensing modificat ion (GPL)

Jeff Licquia wrote:
> My gut reaction is to trust that you (David) are a reasonable person,
> seeing as how you've been forthright so far, and will intentionally
> refuse to take advantage of our situation.  Should you suddenly
> metamorphize into an ogre, however, we do have the legal recourse of
> quickly doing a point release of woody without linking to libsnmp; since
> we brought up the problem, it's hard to imagine a court accusing Debian
> of acting in bad faith, so it would seem difficult to fall under any
> real liability.
I trust you will find me to be a very reasonable person.  Besides, I
would effectively be shooting myself in the foot if I were to force you
to remove the libsnmp linkage and disable full JetDirect support, since
my "real" job at HP is JetDirect firmware development.  :-)

> The problematic section of the GPL reads as follows (section 3):
> "However, as a special exception, the source code distributed need not
> include anything that is normally distributed (in either source or
> binary form) with the major components (compiler, kernel, and so on) of
> the operating system on which the executable runs, unless that component
> itself accompanies the executable."
> So, we're fine because OpenSSL is normally distributed with Debian,
> except that hpoj is also normally distributed with Debian, which means
> that "that component itself [OpenSSL] accompanies the executable
> [hpoj]", which means that we're not fine.
> It would seem that you are the victim of success. :-)
Ah yes, the devil's in the details, in this case, the exception to the
exception!  :-)

Mark Purcell wrote:
> Actually it doesn't change things.  Hpoj in woody isn't linked against
> OpenSSL so it doesn't have this problem, when woody becomes the stable
> release, Debian is fine as far as HPOJ licencing issues go.
> For David Engle. Is there a way to link with libsnmp but not libcrypto?
Are you absolutely sure that going from hpoj-0.8 to the CVS version is
what caused libcrypto to start getting linked in, and not a change in
libsnmp that added the necessity to link with libcrypto?  Both versions
have the capability to link libptal with libcrypto if necessary, and
although I did make some changes in how that necessity is detected, I
just now double-checked configure.in from CVS and verified that it first
attempts to link with libsnmp without libcrypto before it tries to link
with libcrypto.


To UNSUBSCRIBE, email to debian-legal-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: