Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation

To: Adrian Bunk <bunk@stusta.de>
Cc: debian-legal@lists.debian.org
Subject: Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
From: Cristian Greco <cristian.debian@gmail.com>
Date: Fri, 3 Apr 2009 23:06:34 +0200
Message-id: <[🔎] 20090403210634.GA6930@regolo>
Mail-followup-to: Adrian Bunk <bunk@stusta.de>, debian-legal@lists.debian.org
Reply-to: cristian.debian@gmail.com
In-reply-to: <20090403193749.GB26145@localhost.pp.htv.fi>
References: <20090402172719.27444.25491.reportbug@localhost> <20090402233530.GA22781@regolo> <20090403193749.GB26145@localhost.pp.htv.fi>

[ CCing debian-legal for comments ]

On Fri, Apr 03, 2009 at 10:37:49PM +0300, Adrian Bunk wrote:

> On Fri, Apr 03, 2009 at 01:35:30AM +0200, Cristian Greco wrote:
> > On Thu, Apr 02, 2009 at 08:27:19PM +0300, Adrian Bunk wrote:
> > 
> > > $ ldd /usr/bin/qbittorrent | grep ssl
> > >         libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x00007fd73085a000)
> > > $ 
> > > 
> > > 
> > > /usr/share/doc/qbittorrent/copyright states that much of the code
> > > is GPL-licenced.
> > > 
> > > I didn't find any statement that all copyright holders of GPL'ed code
> > > in tracker have given extra permission to link with OpenSSL.
> > > 
> > > 
> > > See also question 28 at
> > >   http://people.debian.org/~bap/dfsg-faq
> > 
> > Hi Adrian,
> > 
> > first of all thanks for your report.
> > 
> > qbittorrent does not use directly the OpenSSL library, as you can see looking
> > at the source code and the symbols table of the (unstripped) executable file.
> > It is linked against two libraries using libssl (libtorrent-rasterbar and
> > libcurl), and there are some symbols from boost::asio related to 'ssl'.
> > 
> > And by the way, even if the majority of the C++ code in qbittorrent is released
> > under the GPL, the debian/copyright file includes a mix of files with different
> > licenses (LGPL, BSD, MIT), so that lintian does not complain about linking
> > against libssl.
> > 
> > Any suggestion?
> 
> The libcurl case might be easy to resolve, but I don't know anything 
> about the libtorrent-rasterbar.
> 
> It might be required that you get all copyright holders to agree on a 
> licence exception.

The point is that qbittorrent doesn't directly link against libssl and the
source code doesn't really use that library. Is it really necessary to add the
exception? 

I'm not sure if the executable linking is caused by libtorrent-rasterbar (BSD
code linked against libssl) or some other required libraries/headers. In the
former case, if linking is caused by the torrent library, all of its clients
should add such exception.

My thought is that qbittorrent shouldn't be affected by this problem because it
doesn't really link against libssl. And BTW, the source code includes licenses
such as LGPL, BSD and MIT, so it shouldn't need the exception anyway.

Thanks,
--
Cristian Greco
GPG key ID: 0x0C095825

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
  - From: LI Daobing <lidaobing@gmail.com>

Prev by Date: Re: distributing precompiled binaries
Next by Date: Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
Previous by thread: Re: Combining Apache with GPL in one package - Re: libxdoclet-java_1.2.3-2_i386.changes REJECTED
Next by thread: Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
Index(es):
- Date
- Thread