On Thu, Jun 18, 2009 at 09:01:39PM +0200, Devid Antonio Filoni wrote:
On Thu, Jun 18, 2009 at 6:57 PM, Jorge Arellano Cid<jcid@dillo.org> wrote:
Hi,
?Working on:
? ? 1.- Solve the OpenSSL license issue and upload rc3.
On Thu, Jun 18, 2009 at 05:24:25PM +0200, Devid Antonio Filoni wrote:
On Wed, Jun 17, 2009 at 11:45 PM, Jorge Arellano Cid<jcid@dillo.org> wrote:
On Wed, Jun 17, 2009 at 10:01:12PM +0200, Devid Antonio Filoni wrote: [...] ?Devid: please send me the .deb and its directions when done. DONE! You can find it at https://launchpad.net/~d.filoni/+archive/ppa . However I found an error checking my package using lintian:
E: dillo: possible-gpl-code-linked-with-openssl N: N: ? ?This package appears to be covered by the GNU GPL but depends on the N: ? ?OpenSSL libssl package and does not mention a license exemption or N: ? ?exception for OpenSSL in its copyright file. The GPL (including version N: ? ?3) is incompatible with some terms of the OpenSSL license, and therefore N: ? ?Debian does not allow GPL-licensed code linked with OpenSSL libraries N: ? ?unless there is a license exception explicitly permitting this. N: N: ? ?If only the Debian packaging, or some other part of the package not N: ? ?linked with OpenSSL, is covered by the GNU GPL, please add a lintian N: ? ?override for this tag. Lintian currently has no good way of N: ? ?distinguishing between that case and problematic packages. N: N: ? ?Severity: serious, Certainty: wild-guess
Can you please fix it?
?AFAIS, the only program that links to OpenSSL is the https dpi. i.e. The ssl-enabled dillo binary doesn't link to it. ? ? https.filter.dpi links to it.
?IANAL, but it looks like giving permission for this dpi is enough, and it's already done in its sources (dpi/https.c):
?* [...] ?* As a special exception permission is granted to link the code of ?* the https dillo plugin with the OpenSSL project's "OpenSSL" ?* library, and distribute the linked executables, without including ?* the source code for OpenSSL in the source distribution. You must ?* obey the GNU General Public License, version 3, in all respects ?* for all of the code used other than "OpenSSL". ?* ?*/
?Please let me know if this is _really_ enough or if some extra legal formula must be added somewhere else. It should be enough, at least this is what I see for example at http://lists.octality.com/pipermail/cherokee/2008-November/009408.html (take a look in that page for more infos)
Good! After reading it and the suggested URLs, especially [1], it looks like our current tarball (rc2) is enough. No new tarball is needed! I consider this point solved, so let's move to the second one... [1] http://www.openssl.org/support/faq.html#LEGAL2 -- Cheers Jorge.-