Hi Sebastian, Today Sebastian Harl wrote:
> Hi Kevin and Tobi, > > On Thu, Apr 09, 2009 at 03:49:57AM -0500, kevin brintnall wrote: > > I'm considering making a "soft" dependency on OpenSSL for the rrdcached > > auth code. > > Apart from the currently ongoing discussion about technical issues > regarding authentication concepts (in which I mostly share Florian's > point of view - quite frankly, I'm pretty disappointed about how > security is handled, driven by PR related arguments and irresponsible > users instead of real technical aspects of how to provide good and > _real_ security), we'll run into license issues when using OpenSSL. The > problem is that the OpenSSL / SSLeay license is incompatible to the GPL > (see [1]). In order to make it possible for users to link RRDtool > against libssl, a special exception has to be added to the license of > _each_ source file that will later be linked against libssl (see [2]). > Since this is a license change, it would require the permission of > _every_ copyright holder of those pieces of the software, which is > basically impossible in RRDtool. Using, e.g., GnuTLS would be a valid > option though ... What can I say ... the whole ssl situation is a dark place to be so many obstacles ... nearly on par with sasl ... :-( another reason to maybe use something simple for now ... cheers tobi > Cheers, > Sebastian > > [1] http://www.gnu.org/philosophy/license-list.html#OpenSSL > [2] http://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs > > -- Tobi Oetiker, OETIKER+PARTNER AG, Aarweg 15 CH-4600 Olten, Switzerland http://it.oetiker.ch t...@oetiker.ch ++41 62 775 9902 / sb: -9900 _______________________________________________ rrd-developers mailing list rrd-developers@lists.oetiker.ch https://lists.oetiker.ch/cgi-bin/listinfo/rrd-developers
