GPL exception for the OpenSSL library
I have a question to ask of you, which involves exception
statements to the GNU General Public License. It is slightly
complicated, so I will give you some background.
Hewlett-Packard released a driver called the "HP OfficeJet Linux
Driver" which is packaged in the Debian GNU/Linux system as "hpoj" A
description can be found at
Fortunately, HP was wise enough to license hpoj under the GNU
GPL. Unfortunately, it is linked to the OpenSSL library (libcrypto)
which you and I know is GPL-incompatible. This was reported to Debian
HP looked at the exception presented at in the FSF's GPL FAQ
http://www.gnu.org/licenses/gpl-faq.html#WritingFSWithNFLibs and decided
that it was too broad for their tastes. They were afraid that if
someone were to link a library that was not OpenSSL from the OpenBSD
team, and their "OpenSSL" non-free; the exception statement would apply
to it. Another developer, Renaud de Raison of Nessus, had the same
difficulty with the exception statement; and was also worried that
someone could hijack his GPLed software by using this exception
On debian-legal, we ask if it is possible to use a GPL
compatible library, such as GNU TLS, but in both cases the authors
prefered to use OpenSSL as it fit their needs better.
HP went to its corporate attorney, and it drafted this exception
statement, presented on firstname.lastname@example.org (and archived at
In addition, as a special exception, Hewlett-Packard Company
gives permission to link the code of this program with any
version of the OpenSSL library which is distributed under a
license identical to that listed in the included COPYING.OpenSSL
file, and distribute linked combinations including the two.
You must obey the GNU General Public License in all respects
for all of the code used other than OpenSSL. If you modify
this file, you may extend this exception to your version of the
file, but you are not obligated to do so. If you do not wish to
do so, delete this exception statement from your version.
Notice how it is very similar to the FSF approved statement.
The only difference is that the license of OpenSSL is bundled with the
Free software, and referenced in the exception, so it appears that no
proprietary hijacking can occur.
My question is: do you think this license exception is
acceptable for use? That is, does it prevent the proprietary hijacking
of the linked GPL-incompatible library? Can you see any flaws in this?
As well, if you believe this is a good exception statement,
perhaps you could revise the GPL FAQ in some manner to present a
generalised version of this statement as an alternative to the one you
currently provide? I can see how this exception may be applicable and
useful for linking with non-OpenSSL works (that is Free Software that is
Thank you for your input in this complicated manner. I hope I
have not wasted any of your time.
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org