[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Providing an openssl-linked pycurl

On Mon,  5 Jul 2010 16:09:07 +0100 (BST) MJ Ray wrote:

> If it's using
> libfoo which can be linked against OpenSSL/GnuTLS, is the source
> of the GPL program derived from OpenSSL, though?

AFAIUI, the point is not whether the source of the GPL program is or is
not derived from OpenSSL.
At least, various lawyers and scholars seem to claim that a program
that uses library functions will not be considered as a derivative work
of the library.

The last time I read this was in

Johnny, Omar; Miller, Marc; Webbink, Mark (2010) 'Copyright in Open
Source Software – Understanding the Boundaries', IFOSS L. Rev., 2(1),
pp 13 – 38

HTML: http://www.ifosslr.org/ifosslr/article/view/30/64
PDF : http://www.ifosslr.org/ifosslr/article/view/30/54

At the end of Section "Testing For Derivation", the authors state:

| a work will not be held to be a derivative work where the developer
| uses library functions and other off-the-shelf routines contained in an
| original program, without ever touching the original program's source
| code.

AFAICT, the problem with linking a GPL program with OpenSSL seems to
be (simply) that the GPL does not give us permission to distribute the
program in object/executable form, unless we make the complete source
available under the terms of the GPL itself (for the GPLv2, see Section
3, for the GPLv3, see Section 6). The complete source definition
includes the source for linked libraries, but we cannot make OpenSSL
available under the terms of the GPL, since it is only available under
GPL-incompatible terms.

> If not, we can still distribute the version that doesn't link against
> libssl.

I agree with this conclusion, but for the reasons explained above,
rather than for the linking-is-derivation theory.

 Need some pdebuild hook scripts?
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgpVNf3RKYmh2.pgp
Description: PGP signature

Reply to: