Re: [Improved patch!] Was: Re: [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)

From: Anton Altaparmakov <aia21 cam ac uk>
To: Not Zed <notzed ximian com>
Cc: Rodney Dawes <dobey novell com>, evolution-hackers lists ximian com, adrian suse de, hhetter suse de, sbrabec suse cz, mmj suse de, Unix Support <unix-support ucs cam ac uk>
Subject: Re: [Improved patch!] Was: Re: [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)
Date: Thu, 19 Aug 2004 10:26:50 +0100

On Thu, 2004-08-19 at 10:15, Not Zed wrote:
> I don't want to prolong this overly, and i'm sorry if everyone on the
> CC list is already over-done on this, but I might add the argument is
> more legal than technical (at least by now, i presume it works better
> than it did).  I'd forgotten about all the details.
> 
> OpenSSL's license includes additional restrictions that make it
> incompatible with the GPL.  In much the same way the new xfree86
> license is.  i.e. the 'bsd advertising clause', and other
> restrictions.
> 
> I know distributions use the 'system software' argument to claim they
> are ok, but this doesn't actually seem to be the problem with
> openssl's license.  I suspect anyone distributing copies of evolution
> with openssl linked in are either violating evolution's gpl v2
> license, or openssl's license or both.  This doesn't affect
> individuals or organisations who compile it themselves for internal
> use (at least from the gpl side).
> 
> e.g.
> http://lists.debian.org/debian-legal/2002/05/msg00118.html
> and more recently another gpl'd project:
> http://www.ethereal.com/lists/ethereal-dev/200406/msg00052.html
> 
> We're not interested in changing evolution's license to suit, we have
> a perfectly usable alternative which we're using instead and don't
> need to have to worry about saying 'uses libfoo' everywhere.

Thank you for the explanation.  We have our own Linux distribution for
internal use only within the University of Cambridge so we are fine
anyway.  (-:

Would it be possible to include my patch, though?  You do have the
openssl support, you just don't build it by default.  So you might as
well have a working openssl support and not build it by default...

Best regards,

	Anton
-- 
Anton Altaparmakov <aia21 at cam.ac.uk> (replace at with @)
Unix Support, Computing Service, University of Cambridge, CB2 3QH, UK
Linux NTFS maintainer / IRC: #ntfs on irc.freenode.net
WWW: http://linux-ntfs.sf.net/, http://www-stu.christs.cam.ac.uk/~aia21/

Follow-Ups:
- Re: [Improved patch!] Was: Re: [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)
  - From: Enver ALTIN

References:
- [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)
  - From: Anton Altaparmakov
- Re: [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)
  - From: Not Zed
- Re: [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)
  - From: Rodney Dawes
- Re: [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)
  - From: Not Zed
- [Improved patch!] Was: Re: [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)
  - From: Anton Altaparmakov
- Re: [Improved patch!] Was: Re: [Evolution-hackers] [PATCH] Fix OpenSSL certificate validation in Evolution (1.4.4 and 1.4.6)
  - From: Not Zed

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]