|
|
Log in / Subscribe / Register

PostgreSQL, OpenSSL, and the GPL

PostgreSQL, OpenSSL, and the GPL

Posted Feb 16, 2011 20:36 UTC (Wed) by josh (subscriber, #17465)
Parent article: PostgreSQL, OpenSSL, and the GPL

Technical considerations about library quality aside, quite a bit of software uses OpenSSL, and it represents one of the most common issues of GPL-incompatibility between FOSS licenses. If the OpenSSL license really comes down to a single developer objecting, with all other developers not caring about it, then perhaps someone could take the time to document precisely the contributions of that developer for wholesale rewriting?

Alternatively, I wonder just how much work it would take to make GnuTLS's OpenSSL compatibility layer complete and working, or create such a layer for NSS.

to post comments

PostgreSQL, OpenSSL, and the GPL

Posted Feb 16, 2011 21:07 UTC (Wed) by foom (subscriber, #14868) [Link] (1 responses)

GnuTLS's openssl layer is even worse license-wise: that's under the GPL! (not LGPL).

PostgreSQL, OpenSSL, and the GPL

Posted Feb 16, 2011 21:18 UTC (Wed) by josh (subscriber, #17465) [Link]

That wouldn't pose any problem for the various GPL code that currently links to OpenSSL and adds a license exception (or worse, doesn't).

It's not so easy...

Posted Feb 17, 2011 5:10 UTC (Thu) by khim (subscriber, #9252) [Link] (2 responses)

If the OpenSSL license really comes down to a single developer objecting, with all other developers not caring about it, then perhaps someone could take the time to document precisely the contributions of that developer for wholesale rewriting?

If only it were so easy. First of all: it's not "a single developer", it's two: Eric A. Young and Tim Hudson. And these are the guys who wrote the whole thing initially! It'll be very-very hard to rip all that code out, believe me. Not impossible, but "rewrite from scratch" will be simpler approach - and it was done quite few times. You only need to pick suitable library...

It's not so easy...

Posted Feb 17, 2011 6:48 UTC (Thu) by josh (subscriber, #17465) [Link]

Fair enough. Sounds like a compatibility layer for GnuTLS or NSS will prove far easier.

It's not so easy...

Posted Feb 18, 2011 5:21 UTC (Fri) by samroberts (subscriber, #46749) [Link]

And they work for RSA, who sells a commercial competitor to OpenSSL. They may have a financial disinterest in making OpenSSL easier to use, its not simply ego-stroking.

The problem with ossl is that horrid and old-school as the C API is (and the command line interface isn't much better), there is a HUGE amount of valuable code in it supporting tons of crypto algorithms and formats with very fast implementations and years and years of interoperability testing and hacks.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds