[cas-dev] Licenses incompatibilities betw mod_auth_cas and OpenSSL ?
Olivier Berger
olivier.berger at it-sudparis.eu
Fri Aug 8 07:57:51 EDT 2008
Le jeudi 07 août 2008 à 20:57 +0200, Michele Baldessari a écrit :
> Hi Matt et all,
>
> On Thu, 2008-08-07 at 16:24 +0200, Olivier Berger wrote:
> > Le jeudi 07 août 2008 à 07:10 -0700, Patrick Berry a écrit :
> > > Debian includes openssl in utils. I'm not familiar with the conflict
> > > between GPL and OpenSSL, but it they include it, I'm thinking it would
> > > be okay to link against it.
> > >
> >
> > The problem is not to link against it in general, but to link a *GPL
> > program* against it.
> >
> > That's the case for mod-auth_cas, which is GPL V3.
> >
> > More details about the incompatibilities here :
> > http://www.gnome.org/~markmc/openssl-and-the-gpl.html
> >
> > So yes, openssl is in Debian, so one may build mod-auth_cas on his/her
> > machine, but redistribution of a package may not be possible by
> > Debian :(
>
> in order to redistribute a binary GPL package which links to OpenSSL you
> have to add an exemption like the following [1]:
SNIP
> This unless you're willing (and have the right) to switch to a license
> that isn't conflicting with OpenSSL's.
>
> hth,
> Michele
>
Another alternative may be to link against an OpenSSL-like lib under a
GPL-compatible license, like GNU-TLS
(http://www.gnu.org/software/gnutls/). There should be some
compatibility layer I guess :
http://www.gnu.org/software/gnutls/manual/html_node/Compatibility-with-the-OpenSSL-library.html
My 2 cents,
--
Olivier BERGER <olivier.berger at it-sudparis.eu>
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC
Ingénieur Recherche - Dept INF
Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France)
More information about the cas-dev
mailing list