[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GNU TLS OpenSSL compatibility layer under GPL, not LGPL

On Thu, Jan 16, 2003 at 05:40:47PM +0100, Simon Josefsson wrote:
> Steve Langasek <vorlon@netexpress.net> writes:

> > Think of the case of an LGPL library that wants to include SSL
> > functionality.  If it links against the GPLed GNU TLS layer, it cannot be
> > used by GPL-incompatible apps, because the GPL requires the application
> > to be distributed under the terms of the GPL; if it links against the
> > OpenSSL libs, it cannot be used by GPL apps, which require the same thing
> > of the libraries.

> There is a third option: Make the library use GNU TLS natively,
> without the OpenSSL compatibility layer.  GNU TLS core is LGPL.

While true, this doesn't address the fundamental complaint that the
licensing of the OpenSSL compatibility layer renders it worthless for
most applications.  The ironic result is that those who write
GPL-compatible software are free to use the older APIs that are
historically associated with GPL-incompatible code; and those who write
GPL-incompatible software, free or not, must choose between using
libraries that are wholly GPL-incompatible, or using libraries with a
learning curve.

And Debian is stuck in the middle.

Sure, code can be rewritten to use gnutls natively.  But I don't
understand why anyone would consider this a useful expenditure of
developer resources when the necessary OpenSSL compat glue could simply
be made available under the LGPL.

Steve Langasek
postmodern programmer

Attachment: pgpQN88xBrbDP.pgp
Description: PGP signature

Reply to: