[ros-general] License issue with OpenSSL and ReactOS (GPL)

Mark IJbema mark at ijbema.xs4all.nl
Mon Feb 23 07:39:44 UTC 2004 

On Mon, Feb 23, 2004 at 12:18:12AM +0100, Casper Hornstrup wrote:
> 
> 
> > -----Original Message-----
> > From: ros-general-bounces at reactos.com [mailto:ros-general-
> > bounces at reactos.com] On Behalf Of Steven Edwards
> > Sent: 22. februar 2004 22:29
> > To: ros-general at reactos.com
> > Subject: [ros-general] License issue with OpenSSL and ReactOS (GPL)
> > 
> > Hello,
> > I am out of development for a few weeks but I have some ideas about
> > using OpenSSL in ReactOS but we have one minor show stoppper. The
> > OpenSSL license is not compatible with the GPL so any code that links
> > to OpenSSL is going to need to be either LGPL or GPL with a exception
> > for OpenSSL. We need to use OpenSSL in a few user-space dlls (wininet,
> > rsabase, cryptoapi) and in our implementation of the security subsystem
> > (lsass, ntoskrnl/se, samlib, etc). In the user-space stuff this isnt a
> > issue as nothing is really implemented anyway but in the security
> > subsystem side this may cause a problem because we already have some
> > existing code. Can we license all of ReactOS as GPL and only license
> > those files that directly link to OpenSSL as "GPL+Exception"? The is a
> > problem because OpenSSL uses a BSD style advertising clause that is
> > incompatible with the GPL.
> > 
> > Thanks
> > Steven
> 
> According to attorney Lawrence Rosen, whom specializes in technology,
> dynamic linking of program A with program B does not make program A a
> derivative work of program B. So if program B is GPL'ed then program A does
> not need to be GPL compatible. So you could build a DLL from OpenSSL without
> using GPL'ed code (like the GPL'ed ReactOS headers) and you could use that
> DLL in your GPL'ed program without imposing restrictions from the GPL on the
> non-GPL'ed program.

Probably this is true, legally spoken, but in the spirit of the GPL it
does. It does according to RMS, so the next version of GPL might very
well state something on linking explicitely. I'd think we better stay on
the safe site. The GPL never really was a legal document anyway.

Mark

More information about the Ros-general mailing list