OpenSSL - GPL issue
Dear Debian-legal,
I've encountered possible OpenSSL issue, while creating package for
LibRHash shared library
(http://mentors.debian.net/cgi-bin/sponsor-pkglist?action=details;package=rhash
).
The LibRHash library can be compiled without functionality loss:
(1) ether without OpenSSL,
(2) or with runtime OpenSSL loading via dlopen() if OpenSSL is installed,
(3) or with constant linker dependency on OpenSSL.
The LibRHash itself is distributed under MIT-derived 'RHash License' (
http://rhash.anz.ru/license.php?l=en ) which is OpenSSL compatible.
The question is:
will GPL programs linked against LibRHash have license troubles in the
(2) and (3) cases despite of not using OpenSSL directly?
Three SHA1-dependent algorithms (SHA1, BTIH, AICH) in LibRHash work 2
times faster, when OpenSSL is loaded, due to assembler optimizations.
Thats why I was considering compiling the package agains OpenSSL, though
don't want to limit GPL-people.
Do we need in Debian the "No SSL" packages for static, shared library
and it's *-dbg package, or can avoid this by using (2) configuration?
Best regards,
Aleksey
Reply to: