Openssl: built-in or ports?

Rainer Müller raimue at macports.org
Wed Apr 1 19:02:00 PDT 2009 

On 2009-04-02 03:02, Ryan Schmidt wrote:
> On Mar 31, 2009, at 09:09, Anders F Björklund wrote:
> 
>> Using the MacPorts version of OpenSSL has a licensing problem with
>> GPL ports, though... When distributing package binaries, that is.
> 
> Oh. Good. Grief.
> 
> So when we get going on binaries, we're going to have to provide  
> portfile syntax to indicate whether we may distribute binaries of the  
> built thing?

Having license information would be nice anyway in my opinion,
regardless if it will be used for building binaries.

It sounds easy to just add a new license field to the Portfile syntax.
But the hard part will be to fill it with actual values.

Maybe we could script something which asks freshmeat/sourceforge/ohloh
for license information or scan for LICENSE in the work dir. But of
course it would still require manual acknowledgment, I would not
entirely rely on a script here.

>> Like http://www.finkproject.org/doc/packaging/policy.php? 
>> phpLang=en#openssl
> 
> That says use of OpenSSL with GPL-licensed software is questionable.  
> It says Fink won't distribute such binaries, and implies users  
> building from source are no better off, legally. To me, this says  
> that if there is a problem for MacPorts to distribute binaries  
> including OpenSSL support, then the problem exists for all users of  
> MacPorts using these ports, regardless of whether it was provided as  
> a binary or compiled by the user.

In my opinion this is not a problem as long as you build from source.
GPL only covers "terms and conditions for copying, distribution and
modification".

>> http://www.openssl.org/support/faq.html#LEGAL2 (using system  
>> openssl is ok)
> 
> 
> That doesn't seem to prohibit the use of OpenSSL for us. It says  
> nothing about binaries. It says "the GPL does not place restrictions  
> on using libraries that are part of the normal operating system  
> distribution". OpenSSL is part of the normal Mac OS X distribution.

Hmmmm, but it is not the OpenSSL installation of the system we use. So
those are actually not part of the OS distribution.

> It says "Some GPL software copyright holders claim that you infringe  
> on their rights if you use OpenSSL with their software on operating  
> systems that don't normally include OpenSSL." Mac OS X does normally  
> include OpenSSL, so I don't see any problem here. But, I'm not a lawyer.

I never met any programmer claiming to be a lawyer :-D
But you might have a valid point here...

Rainer

More information about the macports-dev mailing list