rsync & SSL 'for real'
jamie at shareable.org
Sat Apr 21 22:00:18 GMT 2007
Andreas Kotes wrote:
> > >> There is no license issue.
> There would be a serious licence issue the other way round, but BSD is a
> tad more permissive than the GPL is, so - no problem there BUT: there is
> an advertisement clause, so rsync would need to display certain messages
> when compiled with OpenSSL.
The modern BSD licenses, which are compatible with the GPL, are not
the same as OpenSSL's license, which is more like the _original_ BSD
license which isn't compatible with the GPL.
Any advertisement clause is widely considered to conflict with the
GPL's "no further restrictions" clause.
This conflict is important enough that Berkeley changed the BSD
license used for BSD itself, and FreeBSD changed their license, and so on.
The OpenSSL FAQ has a section on this question:
* Can I use OpenSSL with GPL software?
On many systems including the major Linux and BSD distributions,
yes (the GPL does not place restrictions on using libraries that
are part of the normal operating system distribution).
On other systems, the situation is less clear. Some GPL software
copyright holders claim that you infringe on their rights if you
use OpenSSL with their software on operating systems that don't
normally include OpenSSL.
If you develop open source software that uses OpenSSL, you may
find it useful to choose an other license than the GPL, or state
explicitly that "This program is released under the GPL with the
additional exemption that compiling, linking, and/or using
OpenSSL is allowed." If you are using GPL software developed by
others, you may want to ask the copyright holder for permission
to use their software with OpenSSL.
The FSF's considered position is that OpenSSL is incompatible with the
GPL. They say:
The license of OpenSSL is a conjunction of two licenses, one of
them being the license of SSLeay. You must follow both. The
combination results in a copyleft free software license that is
incompatible with the GNU GPL. It also has an advertising clause
like the original BSD license and the Apache license.
We recommend using GNUTLS instead of OpenSSL in software you
write. However, there is no reason not to use OpenSSL and
applications that work with OpenSSL.
I think libcurl supports both OpenSSL and GNUTLS for these sorts of
More information about the rsync