Ethereal-dev: Re: [Ethereal-dev] Possible license problem with Ethereal and OpenSSL

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: ethereal-dev@xxxxxxxxxxxxxxxxxx
Date: Mon, 20 Aug 2001 00:27:36 -0500
On Sun, Aug 19, 2001 at 09:40:58PM -0700, Guy Harris wrote:
> On Sun, Aug 19, 2001 at 11:21:28PM -0500, ethereal-dev@xxxxxxxxxxxxxxxxxx wrote:
> > I don't know the specifics but the following is included in the
> > license for fetchmail 5.8.17 (5.9.0 most recent version):
> > 
> >   Specific permission is granted for this code to be linked to OpenSSL
> >   (this is necessary becuse the OpenSSL license is not GPL-compatible).
> > 
> > Because ethereal is GPL, I presume it is not legal to redistribute
> > binaries linked against OpenSSL. Any problems adding the above clause
> > to the ethereal license to make it legal?
> 
> Do we, in fact, link against any SSL library, as in a library that
> implements SSL?
> 
> "AC_ETHEREAL_SSL_CHECK" is a somewhat misnamed macro; in fact, the
> library it deals with is a crypto library, and we link against that
> because some versions of UCD SNMP/NETSNMP apparently require it, not
> because we use it for anything related to SSL.

OpenSSL provides -lcrypto and -lssl. I think you're right about the
requirement for UCD-SNMP and SSL.

The ucd-snmp 4.2.1 configure program has the following option:
  --with-openssl=PATH             Look for openssl in PATH/lib.

However, UCD-SNMP is under a BSD-like license so I believe it can
cleanly link against OpenSSL. So, if Ethereal links against UCD-SNMP
which links against OpenSSL, what happens?

It seems though that because Ethereal doesn't *use* OpenSSL for
anything, there's not a problem. I should have dug further. Sorry.

> Is any version of that crypto library licensed under a
> non-GPL-compatible license?

As -lcrypto is provided by OpenSSL, I guess this applies to OpenSSL.

> > According to packet-ssl.c, the copyright owner is:
> > /* packet-ssl.c
> >  * Routines for ssl dissection
> >  * Copyright (c) 2000-2001, Scott Renfro <scott@xxxxxxxxxx>
> > 
> > so he would need to give his permission for the license change. I don't
> > know if it is sufficient for only packet-ssl.c to have the license
> > change mentioned above.
> 
> As per the above, we don't, as far as I know, use any SSL library, so
> the fact that "packet-ssl.c" happens to be an SSL dissector doesn't, as
> far as I know, matter - Scott's permission is no more or less relevant
> than anybody else's permission.  If anybody needs to give permission for
> a license change, *everybody* who's contributed code to Ethereal needs
> to do so, as far as I know.

Thanks for the clarification. You are, of course, correct with the
last sentence.

-- 
albert chin (china@xxxxxxxxxxxxxxxxxx)