Re: GPL, OpenSSL and Non-Free
On Wed, Dec 29, 2004 at 04:47:06PM -0800, Don Armstrong wrote:
> On Thu, 30 Dec 2004, Paul Hampson wrote:
> > As I understand it, the issue is that anything in the Debian
> > archive is considered to be distributed with Debian, and so
> > the GPL's exception for libraries that come with the OS
> > doesn't apply since the application also comes with the OS.
> > (In GPL's terms, the OS comes with the application)
> Just for completeness, here's the clause in question:
> However, as a special exception, the source code distributed need
> not include anything that is normally distributed (in either
> source or binary form) with the major components (compiler,
> kernel, and so on) of the operating system on which the
> executable runs, unless that component itself accompanies the
> executable. (GNU GPL ???3)
> > However, non-free is not part of Debian (as per the social contract)
> > so it would be OK to put GPL'd programs that depend on OpenSSL into
> > non-free?
> Unfortunatly, it is not clear that openssl is normally distributed
> with the other components, as we do not require that people actually
> install openssl.
> Moreover, if we did claim that it did, the fact that they are both on
> the same mirror (in the typical case) leads to the conclusion that
> openssl accompanies an executable in non-free. [This becomes a "the
> result is not distributable" instead of a "the result is not DFSG
> In the end, your best bet is to either 1) get the exception from the
> FreeRadius upstream or 2) port FreeRadius to gnutls. Working around
> the problem using non-free really isn't going to work.
This permission would have to come from more than just FreeRadius
upstream, as it links in a number of other libraries including some that
are distributed under the GPL.