Re: [Openvpn-devel] Amend OpenVPN license to allow continued mbed TLS support (allow mbed TLS 3.x linking)

Sun, 15 Jan 2023 08:34:28 -0800 



Yes but neither mbed TLS nor OpenSSL is a system library on Windows
or macOS. And even mbed TLS is sketchy as many distributions do not
have in their base system. So just assume, at least for the sake of
argument that they are not. In that case I think we need this
exception. So I am  asking if you are willing to allow this exception
to the license even though you think it is unnecessary to make the
people that think that it  is needed happy?


In that case your proposed exception doesn't work.  You've modelled it
on the OpenSSL exception which was designed to cover the use case where
OpenSSL *is* a system library (thus covered by the system library
exception) but imposes incompatible additional restrictions on whole
binary, specifically the GPLv2 pieces.

To make this work assuming the crypto library isn't a system one, you
need an exception to the section 2 requirement to ship the whole under
GPLv2 ... or a simple declaration that you think openssl and mbedtls
are system libraries for the purposes of OpenVPN, so the system library
exception applies to them regardless of how they are shipped.



The origin of the existing exception is the Debian project (or at least 
has been used a lot in relationship with the project). Until very 
recently Debian did NOT consider the OpenSSL library to be a system 
library, so they asked GPLv2 projects to add this clause to allow 
linking with the OpenSSL library. So that makes me believe that this 
clause is fit for the purpose that we are using it for.




See as an example here 
https://lists.debian.org/debian-legal/2004/05/msg00595.html




The change that Debian considers the OpenSSL library a system library in 
Debian is from 2020:


https://lists.debian.org/debian-devel/2020/10/msg00168.html
http://meetbot.debian.net/debian-ftp/2020/debian-ftp.2020-03-13-20.02.html



So I trust that the exception does indeed allow for linking against 
OpenSSL as a non-system library as otherwise adding this exception would 
have made no sense in the context that it was used.


Arne


_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel























					Reply via email to