On Mon, Mar 7, 2011 at 7:48 PM, Ulrik Sverdrup <ulrik.sverd...@gmail.com> wrote: > Can GPLv3+ applications written in Python exist in Debian main? The > applications in question do not use an openssl exception. > > Python uses OpenSSL so the moment the application starts, it is linking > against it too: > > $ objdump -p /usr/bin/python2.6 | grep NEEDED > NEEDED libpthread.so.0 > NEEDED libdl.so.2 > NEEDED libutil.so.1 > NEEDED libssl.so.0.9.8 > NEEDED libcrypto.so.0.9.8 > NEEDED libz.so.1 > NEEDED libm.so.6 > NEEDED libc.so.6 > > In my case I am talking about a GPLv3+ package that exists in Debian -- > kupfer > > Where do I draw the line for using/linking against ssl? > > a) Using Python2.6 > b) Unintentionally introducing _ssl or ssl into the imported modules > (import any of urllib, httplib, socket etc!) > c) Unintentionally using ssl (use urllib.urlopen on URL provided by > user -- if it's https we are using openssl) > d) Intentionally using ssl (import ssl and use httplib.HTTPSConnection > and verify certificates)
e) use something like http://fedoraproject.org/wiki/FedoraCryptoConsolidation and port python to http://fedoraproject.org/wiki/Nss_compat_ossl Bastien -- To UNSUBSCRIBE, email to debian-python-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/AANLkTikNs1j0DyR9KD0ra4dZ0wU2b=wsl0ctdcyqf...@mail.gmail.com