Hi, I've recently been discussing[1] with another developer his libs3 library - a library to access amazon's S3. It is licensed under the GPLv3, but links to curl, which in turn links to openssl. It's possible to port libs3 to use curl+libgnutls instead (although not as easy as rebuilding curl, as libs3 makes use of certain cryptographic primitives itself), but the result breaks on windows.
Although libs3's copyright holder is willing to add an exemption to the license to allow openssl to link, this would not seem to automatically cover the library's users. My questions are, then: 1) If the library is conditionally compilable against either curl+openssl or curl+gnutls, only dynamically links against either (neither the library nor user executables would directly reference openssl or its symbols), and doesn't make direct use of the library (the aforementioned crypto primitives can be replaced with public domain reference implementations), wouldn't this be sufficient to make the library's users not derivative works of openssl, and thus allow ordinary GPL code to link? 2) If not, is there a recommended way to deal with this situation? As-is, since the library is GPL, not LGPL, not even BSD code can make use of it - only this special "GPLv3 with OpenSSL exception" license; and although the curl+gnutls route is unencumbered, it would make it all too easy to accidentally build against curl+openssl on windows, and produce an unredistributable binary without realizing. Any advice would be appreciated. Thanks, Bryan Donlan [1] - http://developer.amazonwebservices.com/connect/thread.jspa?threadID=23723&start=0&tstart=0 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
