Re: openssl vs. GPL question

To: debian-legal@lists.debian.org
Subject: Re: openssl vs. GPL question
From: Måns Rullgård <mru@inprovide.com>
Date: Sun, 05 Jun 2005 11:04:13 +0200
Message-id: <[🔎] yw1xacm5npiq.fsf@ford.inprovide.com>
References: <20050604184850.GT10552@muse.19inch.net> <[🔎] 625a0e65050604232742104cc2@mail.gmail.com>

"Michael K. Edwards" <m.k.edwards@gmail.com> writes:

> (copied to debian-legal, where the discussion belongs; next person
> please cut debian-mentors)
>
> On 6/4/05, Dafydd Harries <daf@muse.19inch.net> wrote:
>> I have a package Alexandria, written in Ruby, which will depend on a
>> new library in the next version. This library, ruby-zoom, is an LGPL Ruby
>> binding of libyaz. libyaz links to OpenSSL and is, as far as I can tell,
>> under a 2-clause BSD licence. Everything fine so far.
>> 
>> But it seems to me that it will be impossible for Alexandria, which is
>> under the GPL, to use ruby-zoom legally as, by doing so, it will be
>> linking against OpenSSL, which is under a GPL-incompatible licence. Am I
>> right in thinking so?
>
> It is Debian's historical practice, and the FSF's stance, not to
> permit this kind of dependency (direct or indirect).  I believe
> strongly, and have adduced plenty of case law to demonstrate, that the
> FSF's GPL FAQ is in error on this point.  I would not say, however,
> that my opinion represents a debian-legal consensus.  See recent
> debian-legal threads about Quagga, which is in a similar position.

Does Alexandria make direct use of any OpenSSL functionality, or do
only parts of libyaz not used by Alexandria use OpenSSL?  In the
latter case, claiming derivedness from OpenSSL is outright bizarre, if
it ever made any sense.  For the record, I'm with Edwards here.  I
think it's time to stop this totally non-productive nonsense.
Seriously, how many people actually care whether some GPL code links
with OpenSSL?  My guess is two: RMS and EM.

>> I notice that the Tellico package, which is GPL, already links against
>> libyaz. Is this a licence violation?
>
> No; but there again, it would probably be best to check with upstream
> about whether they would mind adding an explicit "OpenSSL exemption". 
> Wishlist bug?

If the program makes explicit use of OpenSSL, I'd consider it fairly
safe to assume an implicit permission to do so, even in the absence a
written clause to that effect.

IANAL, etc.

-- 
Måns Rullgård
mru@inprovide.com

Reply to:

Follow-Ups:
- Re: openssl vs. GPL question
  - From: Steve Langasek <vorlon@debian.org>

References:
- Re: openssl vs. GPL question
  - From: "Michael K. Edwards" <m.k.edwards@gmail.com>

Prev by Date: Re: openssl vs. GPL question
Next by Date: Re: openssl vs. GPL question
Previous by thread: Re: openssl vs. GPL question
Next by thread: Re: openssl vs. GPL question
Index(es):
- Date
- Thread