PostgreSQL, OpenSSL, and the GPL

Posted Feb 17, 2011 8:30 UTC (Thu) by branden (guest, #7029)
In reply to: PostgreSQL, OpenSSL, and the GPL by trasz
Parent article: PostgreSQL, OpenSSL, and the GPL

The OpenSSL license's incompatibility with the GNU GPL is likewise intentional and explicitly stated in its text.

PostgreSQL, OpenSSL, and the GPL

Posted Feb 17, 2011 8:45 UTC (Thu) by trasz (guest, #45786) [Link] (4 responses)

Not true - there are no claims from the OpenSSL people that you cannot link their software with <whatever>, because that would be a derived work. In other words, there are no SSL-incompatible licenses (other than GPL), no CDDL-incompatible licenses (other than GPL), no Mozilla-incompatible licenses (other than GPL), there is just a bunch of GPL-incompatible licenses, due to restrictions in GPL.

PostgreSQL, OpenSSL, and the GPL

Posted Feb 17, 2011 12:35 UTC (Thu) by rahulsundaram (subscriber, #21946) [Link] (3 responses)

Read the OpenSSL license. The incompatibility with GPL is very much intended and so was CDDL license incompatibility with GPL according to

http://lwn.net/Articles/198171/

" One current and one former Sun employee visited the annual Debian conference in Mexico in 2006. Danese Cooper clearly stated there that the CDDL was intentionally modelled on the MPL in order to make it GPL-
incompatible. For everyone who wants to hear this first-hand, we have
video from that talk available at [2]."

PostgreSQL, OpenSSL, and the GPL

Posted Feb 17, 2011 12:51 UTC (Thu) by trasz (guest, #45786) [Link] (2 responses)

Read the OpenSSL license. There is nothing there that would cause incompatibility with any other Open Source license, with the notable exception FSF interpretation of GPL, which basically requires everything to be GPL or a subset of GPL.

While one could claim that any license that is not GPL-compatible is being done "on purpose", it's good to keep in mind that the whole problem with incompatibility is on the GPL side. Again, that's why there are no OpenSSL-incompatible licenses, no Mozilla-incompatible licenses and no CDDL-incompatible licenses - except for GPL.

One more thing to note is that if Sun released their code under GPL, it would make it impossible to guarantee a patent protection to their users, or to use that code in any operating system other than Linux - and Linux folks wouldnt' accept that code anyway due to NIH.

PostgreSQL, OpenSSL, and the GPL

Posted Feb 17, 2011 15:51 UTC (Thu) by nye (subscriber, #51576) [Link] (1 responses)

Bear in mind that '*both* the conditions of the OpenSSL License *and* the original SSLeay license apply to the toolkit' [emphasis mine].

>The licence and distribution terms for any publically available version or
>derivative of this code cannot be changed. i.e. this code cannot simply be
>copied and put under another distribution licence
>[including the GNU Public Licence.]

So any derivative work must be released under the terms of the SSLeay license. This makes it incompatible with any copyleft license at the very least. For example, an MIT licensed piece of software can be combined with CDDL software, and the whole distributed under the CDDL, because adhering to the terms of the CDDL necessarily means adhering to the terms of the MIT license. With SSL, this is not the case; in fact it's similar to the GPL's requirement that no further restrictions be imposed, so probably has all the same incompatibilities.

PostgreSQL, OpenSSL, and the GPL

Posted Feb 17, 2011 17:39 UTC (Thu) by branden (guest, #7029) [Link]

Eric Young's licenses on his Blowfish and DES implementations are also in the mix.

Thanks for quoting the paragraph to which I referred. I don't understand how people can overlook that when it's been kept in the top-level license file for at least the past five years.