Openssl: built-in or ports?

[Ryan Schmidt]

On Mar 31, 2009, at 09:09, Anders F Björklund wrote:

> Using the MacPorts version of OpenSSL has a licensing problem with
> GPL ports, though... When distributing package binaries, that is.

Oh. Good. Grief.

So when we get going on binaries, we're going to have to provide  
portfile syntax to indicate whether we may distribute binaries of the  
built thing?

Sheesh.


> Like http://www.finkproject.org/doc/packaging/policy.php? 
> phpLang=en#openssl

That says use of OpenSSL with GPL-licensed software is questionable.  
It says Fink won't distribute such binaries, and implies users  
building from source are no better off, legally. To me, this says  
that if there is a problem for MacPorts to distribute binaries  
including OpenSSL support, then the problem exists for all users of  
MacPorts using these ports, regardless of whether it was provided as  
a binary or compiled by the user.


> http://www.openssl.org/support/faq.html#LEGAL2 (using system  
> openssl is ok)


That doesn't seem to prohibit the use of OpenSSL for us. It says  
nothing about binaries. It says "the GPL does not place restrictions  
on using libraries that are part of the normal operating system  
distribution". OpenSSL is part of the normal Mac OS X distribution.  
It says "Some GPL software copyright holders claim that you infringe  
on their rights if you use OpenSSL with their software on operating  
systems that don't normally include OpenSSL." Mac OS X does normally  
include OpenSSL, so I don't see any problem here. But, I'm not a lawyer.


The situation might be different for people who use MacPorts on other  
operating systems that don't come with OpenSSL. Not sure what that OS  
would be. But  I have no plans to provide binaries for anything other  
than Mac OS X.