I've read up on pages like https://people.gnome.org/~markmc/openssl-and-the-gpl.html and https://www.openssl.org/support/faq.html#LEGAL2. Getting a permission statement for a GPL-OpenSSL exception (which basically is only needed for Debian as others don't interpret GPL in such a strict way) from all of MariaDB/MySQL copyright holders is an impossible task for a packager like me.
For 10.0 I've now switched using the bundled YaSSL in commit http://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.0.git/commit/?id=477bad781a9338ff6542d71c78432b387dedb05f and so far builds and tests suites have passed OK. If Debian starts to ship YaSSL as a package we could start to rely on a distro provided build dependency, or if CYaSSL develops to be on par with YaSSL in terms of OpenSSL API compatibility and upstream MariaDB would adopt their fork to it, we in Debian could also switch to CYaSSL and benefit of using a distro packaged build dependency. Until then, the bundled YaSSL is our solution. The same applies also for the Debian MySQL packages. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
