Re: tcltls & possible-gpl-code-linked-with-openssl

To: debian-mentors@lists.debian.org
Subject: Re: tcltls & possible-gpl-code-linked-with-openssl
From: Vincent Bernat <bernat@debian.org>
Date: Sat, 19 Apr 2008 20:54:52 +0200
Message-id: <m3od85y8sj.fsf@neo.luffy.cx>
Mail-followup-to: debian-mentors@lists.debian.org
In-reply-to: <480A3B8B.3080503@gmail.com> (Muammar El Khatib's message of "Sat, 19 Apr 2008 14:05:55 -0430")
References: <480A3B8B.3080503@gmail.com>

OoO Pendant  le journal  télévisé du samedi  19 avril 2008,  vers 20:35,
Muammar El Khatib <muammarelkhatib@gmail.com> disait:

> I am maintaining tcltls, and now I have to upload a new version. When I ran
> lintian -iI I got this:

> W: tcltls: possible-gpl-code-linked-with-openssl
> N:
> N:   This package appears to be covered by the GNU GPL but depends on the
> N:   OpenSSL libssl package and does not mention a license exemption or
> N:   exception for OpenSSL in its copyright file. The GPL (including
> N:   version 3) is incompatible with some terms of the OpenSSL license, and
> N:   therefore Debian does not allow GPL-licensed code linked with OpenSSL
> N:   libraries unless there is a license exception explicitly permitting
> N:   this.
> N:
> N:   If only the Debian packaging, or some other part of the package not
> N:   linked with OpenSSL, is covered by the GNU GPL, please add a lintian
> N:   override for this tag. Lintian currently has no good way of
> N:   distinguishing between that case and problematic packages.

> I am not sure how to handle this Lintian Warning. I'd be glad if someone could
> tell me what I have to do in this case. I added copyright terms of openssl, but
> Lintian still showing that warning. So in this case, how a license exemption for
> OpenSSL should be done?

Hi Muammar!

You  cannot just  add yourself  the exception  in  debian/copyright. You
should ask upstream  about this issue and tell him  to add the exception
which allows to link OpenSSL to  his program. This is an important issue
since your have a copyright problem with your package.

Another solution is to use GNU TLS instead of OpenSSL. But this leads to
some invasive changes I think.

When  upstream fixes this  copyright issue,  you need  to add  a lintian
override as stated in the warning. A lintian override is a file that you
install in /usr/share/lintian/overrides/tcltls and that contains:

tcltls: possible-gpl-code-linked-with-openssl
-- 
panic("Lucy in the sky....");
	2.2.16 /usr/src/linux/arch/sparc64/kernel/starfire.c

Attachment: pgpRa7TCIJJg0.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: tcltls & possible-gpl-code-linked-with-openssl
  - From: Russ Allbery <rra@debian.org>
- Re: tcltls & possible-gpl-code-linked-with-openssl
  - From: Muammar El Khatib <muammarelkhatib@gmail.com>

References:
- tcltls & possible-gpl-code-linked-with-openssl
  - From: Muammar El Khatib <muammarelkhatib@gmail.com>

Prev by Date: tcltls & possible-gpl-code-linked-with-openssl
Next by Date: Re: buildd is not building my package.
Previous by thread: tcltls & possible-gpl-code-linked-with-openssl
Next by thread: Re: tcltls & possible-gpl-code-linked-with-openssl
Index(es):
- Date
- Thread