Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation

To: cristian.debian@gmail.com, Adrian Bunk <bunk@stusta.de>, debian-legal@lists.debian.org
Subject: Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
From: LI Daobing <lidaobing@gmail.com>
Date: Sat, 4 Apr 2009 12:00:56 +0800
Message-id: <[🔎] 8eae5a660904032100w32d271d9i1defb6f6e50d2b1f@mail.gmail.com>
In-reply-to: <[🔎] 20090403210634.GA6930@regolo>
References: <20090402172719.27444.25491.reportbug@localhost> <20090402233530.GA22781@regolo> <20090403193749.GB26145@localhost.pp.htv.fi> <[🔎] 20090403210634.GA6930@regolo>

On Sat, Apr 4, 2009 at 05:06, Cristian Greco <cristian.debian@gmail.com> wrote:
> [ CCing debian-legal for comments ]
>
> On Fri, Apr 03, 2009 at 10:37:49PM +0300, Adrian Bunk wrote:
>
>> On Fri, Apr 03, 2009 at 01:35:30AM +0200, Cristian Greco wrote:
>> > On Thu, Apr 02, 2009 at 08:27:19PM +0300, Adrian Bunk wrote:
>> >
>> > > $ ldd /usr/bin/qbittorrent | grep ssl
>> > >         libssl.so.0.9.8 => /usr/lib/libssl.so.0.9.8 (0x00007fd73085a000)
>> > > $
>> > >
>> > >
>> > > /usr/share/doc/qbittorrent/copyright states that much of the code
>> > > is GPL-licenced.
>> > >
>> > > I didn't find any statement that all copyright holders of GPL'ed code
>> > > in tracker have given extra permission to link with OpenSSL.
>> > >
>> > >
>> > > See also question 28 at
>> > >   http://people.debian.org/~bap/dfsg-faq
>> >
>> > Hi Adrian,
>> >
>> > first of all thanks for your report.
>> >
>> > qbittorrent does not use directly the OpenSSL library, as you can see looking
>> > at the source code and the symbols table of the (unstripped) executable file.
>> > It is linked against two libraries using libssl (libtorrent-rasterbar and
>> > libcurl), and there are some symbols from boost::asio related to 'ssl'.
>> >
>> > And by the way, even if the majority of the C++ code in qbittorrent is released
>> > under the GPL, the debian/copyright file includes a mix of files with different
>> > licenses (LGPL, BSD, MIT), so that lintian does not complain about linking
>> > against libssl.
>> >
>> > Any suggestion?
>>
>> The libcurl case might be easy to resolve, but I don't know anything
>> about the libtorrent-rasterbar.
>>
>> It might be required that you get all copyright holders to agree on a
>> licence exception.
>
> The point is that qbittorrent doesn't directly link against libssl and the
> source code doesn't really use that library. Is it really necessary to add the
> exception?
>
> I'm not sure if the executable linking is caused by libtorrent-rasterbar (BSD
> code linked against libssl) or some other required libraries/headers. In the
> former case, if linking is caused by the torrent library, all of its clients
> should add such exception.
>
> My thought is that qbittorrent shouldn't be affected by this problem because it
> doesn't really link against libssl. And BTW, the source code includes licenses
> such as LGPL, BSD and MIT, so it shouldn't need the exception anyway.
>
I think it need an exception.

GPL licensed code and OpenSSL licensed code should not run in the same process.

-- 
Best Regards
LI Daobing

Reply to:

Follow-Ups:
- Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
  - From: Cristian Greco <cristian.debian@gmail.com>

References:
- Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
  - From: Cristian Greco <cristian.debian@gmail.com>

Prev by Date: Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
Next by Date: Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
Previous by thread: Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
Next by thread: Re: Bug#522311: qbittorrent: Linked with OpenSSL, seems to be a GPL violation
Index(es):
- Date
- Thread