Openssl: built-in or ports?

Joshua Root jmr at macports.org
Wed Apr 1 19:20:25 PDT 2009 

Ryan Schmidt wrote:
> On Mar 31, 2009, at 09:09, Anders F Björklund wrote:
> 
>> Using the MacPorts version of OpenSSL has a licensing problem with
>> GPL ports, though... When distributing package binaries, that is.
> 
> Oh. Good. Grief.
> 
> So when we get going on binaries, we're going to have to provide
> portfile syntax to indicate whether we may distribute binaries of the
> built thing?
> 
> Sheesh.

Absolutely. And you wonder why we don't have binaries yet? ;-)

This is being tracked in <http://trac.macports.org/ticket/7493>.

>> Like
>> http://www.finkproject.org/doc/packaging/policy.php?phpLang=en#openssl
> 
> That says use of OpenSSL with GPL-licensed software is questionable. It
> says Fink won't distribute such binaries, and implies users building
> from source are no better off, legally. To me, this says that if there
> is a problem for MacPorts to distribute binaries including OpenSSL
> support, then the problem exists for all users of MacPorts using these
> ports, regardless of whether it was provided as a binary or compiled by
> the user.

Not at all. The licenses are copyright licenses, and hence can only
specify conditions for distribution. You don't need a license to build
or run software. You can build any license-incompatible mess you like,
you just won't be able to distribute it to anyone else.

>> http://www.openssl.org/support/faq.html#LEGAL2 (using system openssl
>> is ok)
> 
> 
> That doesn't seem to prohibit the use of OpenSSL for us. It says nothing
> about binaries. It says "the GPL does not place restrictions on using
> libraries that are part of the normal operating system distribution".
> OpenSSL is part of the normal Mac OS X distribution. It says "Some GPL
> software copyright holders claim that you infringe on their rights if
> you use OpenSSL with their software on operating systems that don't
> normally include OpenSSL." Mac OS X does normally include OpenSSL, so I
> don't see any problem here. But, I'm not a lawyer.
> 
> 
> The situation might be different for people who use MacPorts on other
> operating systems that don't come with OpenSSL. Not sure what that OS
> would be. But  I have no plans to provide binaries for anything other
> than Mac OS X.

The actual wording in GPLv2 is "However, as a special exception, the
source code distributed need not include anything that is normally
distributed (in either source or binary form) with the major components
(compiler, kernel, and so on) of the operating system on which the
executable runs, unless that component itself accompanies the executable."

Even that paragraph seems open to different interpretations. (Does
downloading an openssl binary as a dependency count as "accompanying the
executable"?) And then there's the question of whether that exception
also gets you out of the "no further restrictions" clause, since the
program presumably includes code from the openssl headers, which is
covered by the openssl license which has the extra requirement of an
acknowledgement.

In short, you do probably have to be a lawyer to have a hope of knowing.
(And the verdict would probably vary by jurisdiction and judicial
interpretation, sigh...)

- Josh

More information about the macports-dev mailing list