Actualy, I'm not sure if indirect linking of GPL with "original BSD" license is a violation as well.
Summary for debian-legal: - zabbix (GPL) links with libsnmp (revised BSD) - libsnmp links with libssl (original BSD) On Thu, Jul 27, 2006 at 11:32:04AM +0200, Robert Millan [ackstorm] wrote: > On Thu, Jul 27, 2006 at 10:50:05AM +0200, Michael Ablassmeier wrote: > > hi robert, > > > > On Thu, Jul 27, 2006 at 10:07:38AM +0200, Robert Millan [ackstorm] wrote: > > > It seems that zabbix is explicitly checking for and linking with libz and > > > libcrypto. Look at the logs: > > > > > > checking for compress in -lz... yes > > > [...] > > > checking for main in -lcrypto... yes > > > [...] > > > gcc -Wall -g -O2 -o zabbix_server [...] -lz [...] -lcrypto > > > > well, i have just had a look at other packages build-depending on > > libsnmp-dev, and all ive had a look at add -lcrypto to the linking > > flags on build time, as this seems to bee needed when linking against > > snmp stuff: > > > > from ifstat's configure.in: > > # Setting to be able to force linking with -lcrypto.. > > > > from netmgr's configure.in: > > # Net/UCD-SNMP includes v3 support and insists on crypto unless > > # compiled --without-openssl > > Since libsnmp is *already* linking with libz and libcrypto, if zabbix itself > doesn't use them directly, there's no need for a direct link. > > > > However (and this a more important fact that I overlooked), in the case of > > > openssl it would be illegal to link a GPL program with it, since the > > > OpenSSL > > > developers added an advertising clausse that makes it incompatible. A > > > Build-Conflicts should be present in order to avoid this from happening. > > > Alternatively, you could link it with GnuTLS compat layer to see how it > > > works > > > out. > > > > *sight*, i have feared this might be the case. However, i dont quite > > understand the case here. Zabbix does not use any of the openssl headers > > or functions in its code and is nevertheless linking against libcrypto > > which is needed because libsnmp9-dev is linked against openssl. > > Then it's not really needed. Just disable the -lcrypto flag (or add a > Build-Conflicts). > > If you want an explanation for this non-sense, I think the most plausible one > is > that they enabled direct linking with libz/libcrypto as a workaround for > static > binary brokenness. I.e. you can't build a static zabbix without "-lz > -lcrypto" > > > Fabio, > > what do you think about this? Should i start ask Alexei for permission > > about linking against openssl so we are on the safe side? > > Unless Alexei recieved copyright assignment papers from all significant > (~>15 lines) contributions, he can't really (legaly) do that. > > -- > Robert Millan > > ACK STORM, S.L. - http://www.ackstorm.es -- Robert Millan ACK STORM, S.L. - http://www.ackstorm.es -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]