Can GPLv3+ applications written in Python exist in Debian main? The applications in question do not use an openssl exception.
Python uses OpenSSL so the moment the application starts, it is linking against it too: $ objdump -p /usr/bin/python2.6 | grep NEEDED NEEDED libpthread.so.0 NEEDED libdl.so.2 NEEDED libutil.so.1 NEEDED libssl.so.0.9.8 NEEDED libcrypto.so.0.9.8 NEEDED libz.so.1 NEEDED libm.so.6 NEEDED libc.so.6 In my case I am talking about a GPLv3+ package that exists in Debian -- kupfer Where do I draw the line for using/linking against ssl? a) Using Python2.6 b) Unintentionally introducing _ssl or ssl into the imported modules (import any of urllib, httplib, socket etc!) c) Unintentionally using ssl (use urllib.urlopen on URL provided by user -- if it's https we are using openssl) d) Intentionally using ssl (import ssl and use httplib.HTTPSConnection and verify certificates) Kupfer is today at (c) in the debian archive. It exists in development version at (d). Clearly (d) has provoked thought but upon investigation I see that "import ssl" only triggers "import _ssl" which in turn is an almost no-op because _ssl is a built-in module in Python 2.6. Is this easier to answer than I think it is? Ulrik -- To UNSUBSCRIBE, email to debian-python-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktik0qlvls_1ugcwbzeu3skmbfxzmeuf6na8p1...@mail.gmail.com