Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Alan DeKok [EMAIL PROTECTED] wrote: Nicolas Baradakis [EMAIL PROTECTED] wrote: Perhaps it's fine if the copyright owners distribute the binaries themselves, I don't know. Copyright owners can do whatever they want with their copyrighted material, including changing the copyright, or distributing the material in ways that are denied to others. Aside the legal problem, I believe it's a great idea: we could provide an apt repository with the latest version of FreeRADIUS for Debian stable, testing and unstable. Ok. Let's get it set up. If we go down that route, though, I'd like to make RPM's available, Solaris PKG's, etc. That involves some additional resources which might not be readily available. I've had my eye on this package, it may help: http://www.autobuild.org/ I think even if we do this, I'd like to see the FreeRadius license change to allow linking against OpenSSL, the OpenSSL license to change to allow linking against GPL, and the GPL license to change to allow linking against whatever. - Tyler - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Alan DeKok [EMAIL PROTECTED] wrote: I also note the current situation is really a minor problem for our users, because we're maintaining the necessary files to build the Debian packages in our CVS. Anybody can easily build a Debian package of the freeradius-postgresql module from a sources tarball with a single command line. (dpkg-buildpackage) How about an additional idea: I don't think it's a problem for copyright owners to distribute binaries, so if we set up a mini apt system (say apt.freeradius.org), we could put problematic debian packages there. According to a previous email from nick, you'd have to still put te license exemption in there to make that happen. Seems kinda odd that somebody could be liable for violating their own license... - Tyler - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Tyler MacDonald [EMAIL PROTECTED] wrote: How about an additional idea: I don't think it's a problem for copyright owners to distribute binaries, so if we set up a mini apt system (say apt.freeradius.org), we could put problematic debian packages there. According to a previous email from nick, you'd have to still put te license exemption in there to make that happen. Seems kinda odd that somebody could be liable for violating their own license... Martijn van Oosterhout posted this topical URL to the PostgreSQL mailing list: http://www.gnome.org/~markmc/openssl-and-the-gpl.html Cheers, Tyler - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Nicolas Baradakis [EMAIL PROTECTED] wrote: - Ask OpenSSL to remove the advertising clause from their license. This is the most compelling alternative on your list, since this clause is the reason why all these other software packages have had to add special clauses to their own licenses. Has this been attempted before, I wonder... I also note the current situation is really a minor problem for our users, because we're maintaining the necessary files to build the Debian packages in our CVS. Anybody can easily build a Debian package of the freeradius-postgresql module from a sources tarball with a single command line. (dpkg-buildpackage) I agree that it's still trivial to get freeradius-postgresql *onto* a server, but I don't think that makes the problem minor. It requires that the user has development tools installed on their server, which is not the most secure thing to do. Either that, or they have to roll their own package on one system and upload it to their server and maintain that separately from the rest of their installation. This can have security implications too, since the end user will have to manually keep an eye out for security updates instead of just upgrading against security.debian.org. So you provide a way of debianizing freeradius packages easily, even ones that aren't included with debian. Given that, another alternative (admittedly with it's own set of problems) would be an official freeradius apt repository. Cheers, Tyler - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Nicolas Baradakis [EMAIL PROTECTED] wrote: Personally I really dislike the idea: FreeRADIUS code is released under the GPL and there is nothing wrong with that. You are right, there is nothing wrong with that. But is there anything wrong with the FreeRADIUS code released under the GPL with an additional clause allowing linking against OpenSSL, even as a temporary measure until either OpenSSL fixes it's license or PostgreSQL supports gnu TLS? I can't think of anybody or anything that would hurt, and it would have the immediate practical benefit of allowing the freeradius-postgresql package into the official debian repo. - Tyler - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Nicolas Baradakis [EMAIL PROTECTED] wrote: So you provide a way of debianizing freeradius packages easily, even ones that aren't included with debian. Given that, another alternative (admittedly with it's own set of problems) would be an official freeradius apt repository. This doesn't solve anything. The problem is that such packages aren't distributable in binary form. If someone provides a repository, he becomes an outlaw. (exaggeratedly) *sigh* You're right. And I wouldn't want to suggest an illegal apt repo either (although I've used ones in the past, like one that provides a nice .deb full of win32 codec dlls for use with mplayer). It's rediculous that this is so simple to achieve technically, and all products involved are being provided for free, yet there's still all this beaurocratic red tape involved in getting them to play nice together... - Tyler - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Alan DeKok [EMAIL PROTECTED] wrote: It appears that several other GPL apps have added a special clause to their license that allows them to be linked against OpenSSL. Could this be done for freeradius/freeradius-postgresql as well? I have no objection to that. Debian should at least be able to distribute their version of source packages, that will build binaries against the distributed binary packages. Alan DeKok. Thanks Alan!!! Can we look forward to this clause in the next version of FreeRadius? Is the next version due to come out anytime soon? Thanks, Tyler - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Allow linking against OpenSSL? (Was Re: [GENERAL] Debian package for freeradius_postgresql module)
Greetings FreeRadius people, This discussion started on the postgresql's pgsql-general mailing list. The problem here is that the freeradius-postgresql package needs to link against libpgsql, which means that it may be indirectly linked against openssl. There is a conflict between OpenSSL's BSD license and the GPL which means that it's not legal to distribute a copy of GPL code that is linked in this way. It appears that several other GPL apps have added a special clause to their license that allows them to be linked against OpenSSL. Could this be done for freeradius/freeradius-postgresql as well? This could pave the way towards enhanced freeradius support in Debian, specifically the addition of freeradius-postgresql to Debian's mainline. For your reference, here is the start of the thread on the pgsql-general list that got us to this point: http://archives.postgresql.org/pgsql-general/2006-04/msg00247.php Thanks, Tyler Tom Lane [EMAIL PROTECTED] wrote: I don't think so. I got curious and looked at what's on my Ubuntu system: Courier IMAP is GPL with an additional clause that explicitly allows linking with OpenSSL; Postfix has an Apache-ish license; Exim is GPL and also explicitly allows linking with OpenSSL; Cyrus IMAP is BSDish; Apache is non-GPL... I can't think offhand of anything that is GPL and links with OpenSSL without an explicit clause permitting same. Hm. So can we lobby freeradius to tweak their license similarly? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html