On Sun, 2023-01-15 at 05:23 +0100, Arne Schwabe wrote: > > Even if, for the sake of argument, I assume that what you're doing > > isn't covered by the system library exception, then what you're > > proposing doesn't fix your problem. Your problem becomes section 2 > > of the GPLv2: you must distribute the whole thing under GPLv2. No > > amount of permissions to link can get you out of this if, as you're > > assuming, Apache-2 and GPLv2 are incompatible because you're still > > required to ship an Apache-2 piece (mbedtld) under GPLv2. You > > would have to frame your additional license permission as an > > exception to the section 2 requirement to distribute the whole > > under GPLv2 > > I am confused here. The proposed paragraph is phrased that it is a > special exception that allows doing this. The paragraph explicitly > states that we allow as a special exception to distribute the > binaries containing the Apache2 library and the OpenVPN code. This > uses the same wording as the existing OpenSSL exception.
If that's the source of this issue, then I think there's a misunderstanding about the problem the OpenSSL exception is addressing. The problem was that the OpenSSL licence required additional conditions be imposed on the binary as a whole, even though openssl itself was a system library. https://spdx.org/licenses/OpenSSL.html Specifically the advertising and redistribution clauses. The OpenSSL exception is to make GPLv2 compatible with the OpenSSL licence's additional restrictions, not the other way around. There is still a considerable body of opinion that thinks the system exception covers this case as well, but just in case, people added the OpenSSL compatibility exception to GPLv2. The goal of changing OpenSSL to Apache-2 was to remove those additional restrictions and make the library behave like a normal linked library from a licensing point of view. The Apache-2 licence imposes no additional restrictions on the binary as a whole, which is why no exception is necessary. Specifically the patent retaliation and indemnity clauses which some people think cause the cut and paste incompatibility don't apply to the binary as a whole, only to the Apache2 pieces. Mark McLouglin (Red Hat and Openstack) did an excellent analysis at the time the licence change was announced explaining the issues (unfortunately it seems to have gone from gnome but the wayback machine still has it): https://web.archive.org/web/20220204042851/https://people.gnome.org/~markmc/openssl-and-the-gpl.html James _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel