On Sat, Aug 01, 2015 at 04:55:28PM +0200, Francesco Poli wrote: > As a consequence, I can think of the following possible strategies to > address this issue: > > A) persuade the OpenSSL copyright holders to switch to a sane 3-clause > BSD license (which is GPL-compatible) > > B) modify libruby to link with a GPL-compatible SSL/TLS implementation > (such as libgnutls or libnss or anything else fit for the purpose), > so that SSL/TLS is supported without loading GPL-incompatible > libraries > > Strategy A would solve a longstanding issue once and for all and would > greatly benefit the whole Free Software community, but is known to be > close to impossible. It has been probably attempted countless times in > some 15 years and hasn't yet succeeded. > > Would strategy B be feasible? I would only consider doing something like this if the code to make that work is accepted upstream, and properly supported by the upstream maintainers. It's probably easier to make apt-listbugs use ruby-curb instead of net/https. ruby-curb is a libcurl binding, that is linked against libcurl-gnutls by default on Debian. -- Antonio Terceiro <terceiro@debian.org>
Attachment:
signature.asc
Description: Digital signature