Bacula: GPL and OpenSSL

John Goerzen · External Since: Nov 08, 2004 Posts: 961

Hi legal folks,

Kern Sibbald, author of Bacula, contacted me today regarding its
license.

Some years ago, Jose Luis Tallon -- then the maintainer of Bacula --
asked Kern to add a clause to the Bacula license that would explicitly
permit linking with OpenSSL. Kern did. Kern also subsequently assigned
copyright to FSF Europe (FSFE).

Recently, Fedora developers noticed that there were a few files in the
Bacula source tree that were not copyrighted by Kern or FSFE. Since
Kern did not have written permission from these developers to relicense
Bacula with the OpenSSL exemption, Fedora believed the license as
written was problematic.

Kern approached me about this situation (see full correspondence below,
forwarded with his permission). He added that Bacula does not
statically link with OpenSSL, that OpenSSL support can be disabled at
build time, and that FSFE does not believe that an exception clause to
the GPL is necessary to legally link to OpenSSL in the manner that
Bacula is (dynamic linking). Further, could we not consider OpenSSL to
be a major component of the OS on which the executable runs, and thus
fall under that exemption in the GPL anyway?

I have not been able to pull up a succinct statement of why Debian
believes this is a problem when FSFE doesn't, or what we ought to do.
Can somebody please comment on the OpenSSL linking issue when OpenSSL is
only dynamically linked?

Kern believes that he must remove the explicit OpenSSL exemption from
the license in order to be fully GPL-compliant, and it appears that FSFE
agrees.

Thanks,

-- John

----- Forwarded message from Kern Sibbald <kern.TakeThisOut@sibbald.com> -----

From: Kern Sibbald <kern.TakeThisOut@sibbald.com>
Date: Thu, 7 Jun 2007 16:05:37 +0200
To: John Goerzen <jgoerzen.TakeThisOut@complete.org>
Subject: Bacula license

Hello John,

I hope things are going well for you.

There is an interesting issue that has come up with the Bacula license mainly
because of a request by Debian for me to add a specific clause that reads:

Linking:
Bacula may be linked with any libraries permitted under the GPL,
or with any non-GPLed libraries, including OpenSSL, that are
required for its proper functioning, providing the source code of
those non-GPLed libraries is non-proprietary and freely
available to the public.

Now, this was added because Debian asked me to add it because of the fact that
Bacula uses OpenSSL. However, in researching the issue a bit further, I
realize that Bacula does not link OpenSSL into the Bacula binary because the
OpenSSL (like glibc) is a shared object. Thus, no non-GPLed code is being
mixed with GPLed code, and hence there is no need for the above clause.

My question to you is: will there be any problems with Bacula in the Debian
distribution if I remove this clause and make the Bacula code simply pure GPL
v2?

Best regards,

Kern

PS: Here is an email that I sent to the Bacula list a while ago, that explains
in more detail the licensing problem.

==============================================
FYI An annoying GPL catch-22 concerning Bacula
Date: Today 11:38:01
From: Kern Sibbald <kern.TakeThisOut@sibbald.com>
To: "bacula-users" <bacula-users.TakeThisOut@lists.sourceforge.net>
CC: "bacula-devel" <bacula-devel.TakeThisOut@lists.sourceforge.net>

Hello,

For non-English speakers, a "catch-22" in English means a situation in which
there is no way out.

The following annoying and frustrating issue has come up with regard to the
Bacula source code:

As you probably know, Bacula is released with a modified GNU GPL licence. The
Bacula license modifies the GPL to permit Bacula to link to OpenSSL. This was
necessary because using MySQL libraries requires OpenSSL. This modification
was suggested by Debian to bring Bacula in compliance with their procedures.

The problem comes from including pure GNU GPL code, which is not compatible
with the OpenSSL license, inside Bacula itself (there are something like 8
such files). This works in the same way that Debian would not allow Bacula
as pure GNU GPL to link with OpenSSL. If Bacula uses any pure GNU GPL code
then that code cannot be subject to the GNU GPL modifications, and that code
technically cannot linked and distributed with Bacula because of OpenSSL.

I suspect that a lot of GPL projects are in a similar situation, but they do
not explicitly point out the exception as Bacula does. The real bummer here
is that this issue was flagged by someone involved in the Fedora packaging
process. From what I understand (I may be wrong here), Fedora and hence Red
Hat will not use Bacula because it uses some pure GPL code and OpenSSL
together raising potential license problems -- after the problems with SCO
and threats from Microsoft, their license concerns are quite understandable.

This is not a show-stopping issue because at least for the moment, no author
of pure GNU GPL code is lodging a complaint. In addition as I mentioned in a
previous email, this issue could potentially be resolved by GPL v3 (due at
the end of the month, if I remember right) because it is compatible with the
Apache license, which is apparently what OpenSSL uses.

In the mean time, until this problem is resolved, I've freezed all inclusion
of new GPL code (copyrighted by others) in Bacula.

The really complicated aspect of the above is that if you build a program such
as Bacula using all your own code, and you use OpenSSL then in linking it,
you just happen to drag some GPL'ed code from some library directly into your
binary (most libararies are shared objects so do not become part of your
binary), as is the case with the statically linked Bacula used in the rescue
package, you are in violation of the GPL if you distribute such a binary.

It seems that the only solution is that if you use GPL code, you must use
*all* GPL compatible code (not so easy), and if you don't use it, you
shouldn't even use the system libraries if there is any chance they could be
accidentally linked into your program.

Best regards,

Kern

----- End forwarded message -----
----- Forwarded message from Kern Sibbald <kern.TakeThisOut@sibbald.com> -----

From: Kern Sibbald <kern.TakeThisOut@sibbald.com>
Date: Thu, 7 Jun 2007 17:34:52 +0200
To: John Goerzen <jgoerzen.TakeThisOut@complete.org>
Subject: Re: Bacula license

On Thursday 07 June 2007 16:34, John Goerzen wrote:
> On Thu, Jun 07, 2007 at 04:05:37PM +0200, Kern Sibbald wrote:
> > Hello John,
> >
> > I hope things are going well for you.
>
> Hi Kern,
>
> > Now, this was added because Debian asked me to add it because of the fact
that
> > Bacula uses OpenSSL. However, in researching the issue a bit further, I
> > realize that Bacula does not link OpenSSL into the Bacula binary because
the
> > OpenSSL (like glibc) is a shared object. Thus, no non-GPLed code is being
> > mixed with GPLed code, and hence there is no need for the above clause.
>
> I remember, though somewhat vaguely, when all of this came up. I
> believe that the FSF considers dynamic linking to be linking that falls
> under the relevant clauses of the GPL. So I believe that the notice is
> still necessary.

I've been in conversation with FSFE, and from what they tell me, the GPL
prevents distribution of non-GPLed code not loading it in dynamic modules,
which is done quite frequently. Bacula does not distribute any OpenSSL code,
and there is no OpenSSL code mixed with the Bacula binaries, therefore
according to FSFE there is no problem.

>
> > My question to you is: will there be any problems with Bacula in the
Debian
> > distribution if I remove this clause and make the Bacula code simply pure
GPL
> > v2?
>
> I believe that this would cause us to have to stop distributing Bacula,
> because we can't do so in a way that meets the requirements of all
> licenses.

I've modified the license so that there are no changes to the GPL. If Debian
wants to be so strict as not allow dynamic linking to OpenSSL, which
according to FSFE is not prohibited, then my suggestion would be for Debian
to build and distribute a Bacula without the openssl option. That should in
the strictest sense solve the problem -- it would be a pity for the Debian
users if they could not have encryption.

>
> [ snip ]
>
> > I suspect that a lot of GPL projects are in a similar situation, but they
do
> > not explicitly point out the exception as Bacula does. The real bummer
here
> > is that this issue was flagged by someone involved in the Fedora packaging
> > process. From what I understand (I may be wrong here), Fedora and hence
Red
> > Hat will not use Bacula because it uses some pure GPL code and OpenSSL
> > together raising potential license problems -- after the problems with SCO
> > and threats from Microsoft, their license concerns are quite
understandable.
>
> This sounds like Fedora raised the same question that Debian did? Is
> your workaround clause not acceptable to them for some reason?

The Fedora problem was that there are something like 8 files included in
Bacula that are GPL and copyrighted by other people. Hence there is a
conflict if I modify the GPL for the Bacula code. I.e. the solution found
for Debian was technically not workable.

Personally, I really don't care if OpenSSL or any other program is linked in
to it providing the source is available, and I feel these license details are
a real pain in the neck for Open Source developers such as myself.

I believe that the current license as in the SVN, which has no modifications
to the GPL is perfectly fine.

>
> You might also want to seek advice on debian-legal.TakeThisOut@lists.debian.org.
> They are (usually) very helpful and are happy to help upstream authors
> over there. I do skim the list, and would be happy to help if there is
> a need for that.

Best regards,

Kern

>
> -- John
>

----- End forwarded message -----

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.TakeThisOut@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.TakeThisOut@lists.debian.org

Michael Poole · External Since: Apr 12, 2004 Posts: 135

John Goerzen writes:

> Kern approached me about this situation (see full correspondence below,
> forwarded with his permission). He added that Bacula does not
> statically link with OpenSSL, that OpenSSL support can be disabled at
> build time, and that FSFE does not believe that an exception clause to
> the GPL is necessary to legally link to OpenSSL in the manner that
> Bacula is (dynamic linking). Further, could we not consider OpenSSL to
> be a major component of the OS on which the executable runs, and thus
> fall under that exemption in the GPL anyway?
>
> I have not been able to pull up a succinct statement of why Debian
> believes this is a problem when FSFE doesn't, or what we ought to do.
> Can somebody please comment on the OpenSSL linking issue when OpenSSL is
> only dynamically linked?

Debian generally distributes OpenSSL logically near the packages that
dynamically link against it, so the major system component option is
not available to Debian ("... unless that component itself accompanies
the executable").

GPL section 3(a) also uses "accompany" in a way that Debian and others
interpret to include distribution in the same directory tree on a
particular server, so -- the usual line of reasoning goes -- it would
be inconsistent to interpret "accompany" one way at the start of
section 3 and a different way at the end of section 3.

Michael Poole

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.TakeThisOut@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.TakeThisOut@lists.debian.org

John Goerzen · External Since: Nov 08, 2004 Posts: 961

On Thu, Jun 07, 2007 at 10:50:39AM -0700, Walter Landry wrote:
> John Goerzen <jgoerzen RemoveThis @complete.org> wrote:
> > Kern believes that he must remove the explicit OpenSSL exemption from
> > the license in order to be fully GPL-compliant, and it appears that FSFE
> > agrees.
>
> I just read the contents of
>
> /usr/share/doc/bacula-director-sqlite/copyright
>
> I have reproduced it below for debian-legal. The Linking section,
> which is needed for linking with OpenSSL, is not a problem for
> GPL-compatibility. The other parts may or may not be a problem, and
> indeed seem superfluous, but all that is needed is the Linking
> section.

But the problem is that parts of Bacula's code are copyrighted by third
parties, and licensed under plain GPL (or Kern's license before he added
this exception), and may be unreachable for obtaining permission to
relicense with this exception. (Kern, have you tried contacting them?)

So the question really is: how can we have Bacula in Debian, with SSL
support, but without that clause? And why does FSFE disagree with our
interpretation?

-- John

--
To UNSUBSCRIBE, email to debian-legal-REQUEST RemoveThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster RemoveThis @lists.debian.org

Walter Landry · External Since: Mar 31, 2004 Posts: 32

John Goerzen <jgoerzen RemoveThis @complete.org> wrote:
> On Thu, Jun 07, 2007 at 10:50:39AM -0700, Walter Landry wrote:
> > John Goerzen <jgoerzen RemoveThis @complete.org> wrote:
> > > Kern believes that he must remove the explicit OpenSSL exemption from
> > > the license in order to be fully GPL-compliant, and it appears that FSFE
> > > agrees.
> >
> > I just read the contents of
> >
> > /usr/share/doc/bacula-director-sqlite/copyright
> >
> > I have reproduced it below for debian-legal. The Linking section,
> > which is needed for linking with OpenSSL, is not a problem for
> > GPL-compatibility. The other parts may or may not be a problem, and
> > indeed seem superfluous, but all that is needed is the Linking
> > section.
>
> But the problem is that parts of Bacula's code are copyrighted by third
> parties, and licensed under plain GPL (or Kern's license before he added
> this exception), and may be unreachable for obtaining permission to
> relicense with this exception. (Kern, have you tried contacting them?)

I understand. My impression was that there was a claim that the
exemption had to be removed for all files, not just the problematic
ones. So I tried to allay that particular concern.

> So the question really is: how can we have Bacula in Debian, with SSL
> support, but without that clause?

Make Bacula use GnuTLS. Unfortunately, that may take some effort.
Downloading the 2.0.3 release, it seems that bacula uses the headers

<openssl/ssl.h>
<openssl/evp.h>
<openssl/x509v3.h>
<openssl/rand.h>
<openssl/err.h>
<openssl/asn1.h>
<openssl/asn1t.h>

According to this page

http://www.gnu.org/software/gnutls/comparison.html

GnuTLS + libgcrypt + libtasn1 implements everything unless you need
ECC.

> And why does FSFE disagree with our interpretation?

Michael Poole gave a good answer.

Cheers,
Walter Landry
wlandry RemoveThis @ucsd.edu

--
To UNSUBSCRIBE, email to debian-legal-REQUEST RemoveThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster RemoveThis @lists.debian.org

John Goerzen · External Since: Nov 08, 2004 Posts: 961

On Thu, Jun 07, 2007 at 12:17:28PM -0700, Walter Landry wrote:
> GnuTLS + libgcrypt + libtasn1 implements everything unless you need
> ECC.
>
> > And why does FSFE disagree with our interpretation?
>
> Michael Poole gave a good answer.

He didn't address the FSFE -- where are they taking a different analysis
than us on this?

Kern, is it possible to remove the OpenSSL exception from the license of only
those third-party sources, and keep it in the master license?

--
To UNSUBSCRIBE, email to debian-legal-REQUEST RemoveThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster RemoveThis @lists.debian.org

Kern Sibbald · External Since: Jun 29, 2006 Posts: 43

On Thursday 07 June 2007 19:00, Michael Poole wrote:
> John Goerzen writes:
>
> > Kern approached me about this situation (see full correspondence below,
> > forwarded with his permission). He added that Bacula does not
> > statically link with OpenSSL, that OpenSSL support can be disabled at
> > build time, and that FSFE does not believe that an exception clause to
> > the GPL is necessary to legally link to OpenSSL in the manner that
> > Bacula is (dynamic linking). Further, could we not consider OpenSSL to
> > be a major component of the OS on which the executable runs, and thus
> > fall under that exemption in the GPL anyway?
> >
> > I have not been able to pull up a succinct statement of why Debian
> > believes this is a problem when FSFE doesn't, or what we ought to do.
> > Can somebody please comment on the OpenSSL linking issue when OpenSSL is
> > only dynamically linked?
>
> Debian generally distributes OpenSSL logically near the packages that
> dynamically link against it, so the major system component option is
> not available to Debian ("... unless that component itself accompanies
> the executable").
>
> GPL section 3(a) also uses "accompany" in a way that Debian and others
> interpret to include distribution in the same directory tree on a
> particular server, so -- the usual line of reasoning goes -- it would
> be inconsistent to interpret "accompany" one way at the start of
> section 3 and a different way at the end of section 3.

Well, the above is total Greek to me. However, I must say that there is
absolutely no reason why Bacula would every accompany OpenSSL in any sense of
the the English meaning of accompany that I am aware of, nor is Bacula in the
same directory tree as any OpenSSL shared object unless you consider
everything is under root thus everything on the server is in the same
directory "tree".

By the way, just to be clear, I consider all this (not you guys but these
license difficulties) to be a real pain. As long as the code is Open Source
(i.e. I can get it, see it and modify it), I have no problem with it being
linked with Bacula.

I modified the Bacula GPL license at Debian's request to remove the issue you
find with OpenSSL, however, that created a much bigger problem for me -- it
made Bacula in violation of other peoples GPLed code that is used in Bacula.
As a consequence, I removed all Bacula modifications to the GPL making Bacula
clean -- it violates no one's license. Each person, distributor, packager
can decide for himself whether or not to enable Bacula to use encryption. At
the current time if encryption is turned on, Bacula expects an OpenSSL
interface.

I much appreciate that Debian has for a long time packaged Bacula as part of
the Debian system. If it were only a simple matter of keeping that clause
rather than a question of violating other people's copyright, I would keep
the clause despite what Fedora/Red Hat think/want. So, sorry if this causes
you problems, but I prefer to be in compliance.

Best regards,

Kern

--
To UNSUBSCRIBE, email to debian-legal-REQUEST DeleteThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster DeleteThis @lists.debian.org

Michael Poole · External Since: Apr 12, 2004 Posts: 135

John Goerzen <jgoerzen.RemoveThis@complete.org> writes:

> On Thu, Jun 07, 2007 at 12:17:28PM -0700, Walter Landry wrote:
>> GnuTLS + libgcrypt + libtasn1 implements everything unless you need
>> ECC.
>>
>> > And why does FSFE disagree with our interpretation?
>>
>> Michael Poole gave a good answer.
>
> He didn't address the FSFE -- where are they taking a different analysis
> than us on this?

I have not seen a specific statement from FSFE on the question, so I
do not know and I had preferred not to guess.

I suspect that their analysis was more liberal on -- or overlooked --
the angle of Debian as distributor of OpenSSL in accompaniment with
GPLed works that are linked against it. Perhaps the FSF's intent for
the GPL is to allow a more LGPL-like option with regards to system
libraries; that would make sense and I think not sacrifice software
freedoms. However, I have not seen a defensible way to construe the
actual wording other than the one that classifies Debian's method of
distribution as each work accompanied by the other(s).

[As a side note, I think that resolving this in favor of allowing
works under the plain GPL to dynamically link against OpenSSL would
allow the aggregation of binary firmware blobs into a package of the
Linux kernel. The lack of source for those blobs would still bar them
from "main", but it would not be a license issue. This is meant
simply as an observation, not a judgment of whether that would be a
good or bad result.]

I am not a lawyer, but I belive that most lawyers urge clients to err
on the side of caution when straying from a strict interpretation of
license -- or even when interpreting ambiguous clauses. I try to
follow that guide when making suggestions on what a license permits.
In this case, the wording is consistent and clear, although in an
unfortunate direction, and I would not want to rely on extrinsic
evidence[1] about the GPL's meaning if I were in court.

[1]- http://en.wikipedia.org/wiki/Parol_evidence_rule

Michael Poole

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.RemoveThis@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.RemoveThis@lists.debian.org

Kern Sibbald · External Since: Jun 29, 2006 Posts: 43

On Thursday 07 June 2007 20:15, John Goerzen wrote:
> On Thu, Jun 07, 2007 at 10:50:39AM -0700, Walter Landry wrote:
> > John Goerzen <jgoerzen DeleteThis @complete.org> wrote:
> > > Kern believes that he must remove the explicit OpenSSL exemption from
> > > the license in order to be fully GPL-compliant, and it appears that FSFE
> > > agrees.
> >
> > I just read the contents of
> >
> > /usr/share/doc/bacula-director-sqlite/copyright
> >
> > I have reproduced it below for debian-legal. The Linking section,
> > which is needed for linking with OpenSSL, is not a problem for
> > GPL-compatibility. The other parts may or may not be a problem, and
> > indeed seem superfluous, but all that is needed is the Linking
> > section.
>
> But the problem is that parts of Bacula's code are copyrighted by third
> parties, and licensed under plain GPL (or Kern's license before he added
> this exception), and may be unreachable for obtaining permission to
> relicense with this exception. (Kern, have you tried contacting them?)

Well, most of the other files are FSF copyrighted, and FSFE told me that FSF
always sticks to the letter of the license (logical) so I haven't tried to
contact the other users.

I could have gone on with the current situation because no one has filed a
formal complaint. However, I *much* prefer to be in compliance and not to
violate anyone's copyright.

>
> So the question really is: how can we have Bacula in Debian, with SSL
> support, but without that clause?

This is apparently possible because GNUTLS seems to have an OpenSSL
compatiblity layer. However, this is not something that I can personally
look at in the very near future.

In addition, over time, I will remove *all* code that is not copyrighted with
the "Bacula" license, but that will probably take even longer to fix.

> And why does FSFE disagree with our interpretation?

I don't know. One possibility is that I misunderstood them. My understanding
is that it all has to do with distribution. If one does not distribute GPLed
binaries mixed with non-GPLed code and one's distributed binaries use only
shared objects that are on the user's system, there is no problem. This is in
fact what happens with glibc and many other libraries, which are not
*required* to run a system, but are on the system. That is my understanding.

In any case, that is how I am going to interprete it until someone threatens
me, and if that happens, which I doubt, the project will simply stop
releasing binaries that can run with OpenSSL, and hopefully by then everyone
will have switchted to GPL v3 where this stupid problem does not exist. I
don't imagine that is a solution for Debian though.

>
> -- John
>

--
To UNSUBSCRIBE, email to debian-legal-REQUEST DeleteThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster DeleteThis @lists.debian.org

Kern Sibbald · External Since: Jun 29, 2006 Posts: 43

On Thursday 07 June 2007 23:51, John Goerzen wrote:
> On Thu, Jun 07, 2007 at 12:17:28PM -0700, Walter Landry wrote:
> > GnuTLS + libgcrypt + libtasn1 implements everything unless you need
> > ECC.
> >
> > > And why does FSFE disagree with our interpretation?
> >
> > Michael Poole gave a good answer.
>
> He didn't address the FSFE -- where are they taking a different analysis
> than us on this?
>
> Kern, is it possible to remove the OpenSSL exception from the license of
only
> those third-party sources, and keep it in the master license?

The problem is that those third-party sources are linked into the Bacula
binaries, and since they are licensed as GPL with no modifications, I cannot
include them in a binary that has code that is licensed in a way that is
incompatible with the GPL. Adding the OpenSSL exception to my license makes
my code incompatible with the non-modified GPL, and hence I was violating the
license on those 3rd party files (copyrighted by FSF, ATT, Sun, and a few
others ...).

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.TakeThisOut@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.TakeThisOut@lists.debian.org

Michael Poole · External Since: Apr 12, 2004 Posts: 135

Kern Sibbald writes:

> On Thursday 07 June 2007 19:00, Michael Poole wrote:
>>
>> Debian generally distributes OpenSSL logically near the packages that
>> dynamically link against it, so the major system component option is
>> not available to Debian ("... unless that component itself accompanies
>> the executable").
>>
>> GPL section 3(a) also uses "accompany" in a way that Debian and others
>> interpret to include distribution in the same directory tree on a
>> particular server, so -- the usual line of reasoning goes -- it would
>> be inconsistent to interpret "accompany" one way at the start of
>> section 3 and a different way at the end of section 3.
>
> Well, the above is total Greek to me. However, I must say that there is
> absolutely no reason why Bacula would every accompany OpenSSL in any sense of
> the the English meaning of accompany that I am aware of, nor is Bacula in the
> same directory tree as any OpenSSL shared object unless you consider
> everything is under root thus everything on the server is in the same
> directory "tree".

Bacula and OpenSSL packages are both found on Debian install media and
on mirrors. I am not sure how to define "accompany" in a way that
excludes that. In addition, Debian Bacula packages are marked to work
with the specific OpenSSL package at the same place (although others
are compatible). GPL section 3 provides three options to someone who
wishes to distribute executable binary versions of GPLed works:

3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:

a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,

b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,

c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)

3(c) is not available to Debian. 3(b) is prohibitively expensive.
That leaves 3(a), with this clarification at the end of section 3:

If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.

This seems to say that "offering equivalent access to copy [] from the
same place" is one way to "accompany", at least in the sense used by
section 3 of the GPL.

> By the way, just to be clear, I consider all this (not you guys but these
> license difficulties) to be a real pain. As long as the code is Open Source
> (i.e. I can get it, see it and modify it), I have no problem with it being
> linked with Bacula.

I think most of the Debian community that has dealt with this shares
the sentiment. I certainly do; it has pushed me to make sure that my
(small amount of) encryption-using code can use either OpenSSL or
GnuTLS's OpenSSL compatibility mode.

Michael Poole

--
To UNSUBSCRIBE, email to debian-legal-REQUEST DeleteThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster DeleteThis @lists.debian.org

Anthony W. Youngman · External Since: Nov 02, 2004 Posts: 26

In message <20070607181511.GA1025.DeleteThis@excelhustler.com>, John Goerzen
<jgoerzen.DeleteThis@complete.org> writes
>On Thu, Jun 07, 2007 at 10:50:39AM -0700, Walter Landry wrote:
>> John Goerzen <jgoerzen.DeleteThis@complete.org> wrote:
>> > Kern believes that he must remove the explicit OpenSSL exemption from
>> > the license in order to be fully GPL-compliant, and it appears that FSFE
>> > agrees.
>>
>> I just read the contents of
>>
>> /usr/share/doc/bacula-director-sqlite/copyright
>>
>> I have reproduced it below for debian-legal. The Linking section,
>> which is needed for linking with OpenSSL, is not a problem for
>> GPL-compatibility. The other parts may or may not be a problem, and
>> indeed seem superfluous, but all that is needed is the Linking
>> section.
>
>But the problem is that parts of Bacula's code are copyrighted by third
>parties, and licensed under plain GPL (or Kern's license before he added
>this exception), and may be unreachable for obtaining permission to
>relicense with this exception. (Kern, have you tried contacting them?)

The "Kern's licence" thingy isn't a problem.

If I, for example, release a load of code under the GPL, and then later
say "I'm releasing all my code - *including stuff already out there* -
under the GPL", the fact that there may be loads of stuff of mine out
there saying "GPL" is irrelevant.

Anybody can now either add a copy of my statement about the LGPL to the
licencing file, or add a pointer to my statement, and then they can take
any of my code that claims to be GPL'd and use it under the LGPL.

So if Kern has said that the addition of this extra freedom "applies to
all his code in Bacula", then anybody can add a copy of this statement
to COPYING.TXT and be covered.

Cheers,
Wol
--
Anthony W. Youngman - anthony.DeleteThis@thewolery.demon.co.uk

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.DeleteThis@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.DeleteThis@lists.debian.org

Steve Langasek · External Since: Dec 13, 2004 Posts: 2140

Hi Kern,

On Thu, Jun 07, 2007 at 11:53:19PM +0200, Kern Sibbald wrote:
> Well, the above is total Greek to me. However, I must say that there is
> absolutely no reason why Bacula would every accompany OpenSSL in any sense
> of the the English meaning of accompany that I am aware of

Bacula doesn't accompany OpenSSL when you distribute it, but they certainly
do accompany one another when we distribute them both as part of the Debian
OS. This is a plain English meaning of "accompany".

I have seen various FSF FAQs over the years that have claimed that
distributing binaries linked against OpenSSL is ok, but these FAQs have been
mute on the matter of distribution as part of an OS. In recent times, it
appears that some Unix vendors such as Sun and Apple have also begun
distributing GNU software as part of systems whose cores are not licensed
compatibly with the GPL, with the FSF's tacit consent; that seems
ill-advised to me, but in any case the FSF's interpretations of the GPL
aren't binding on other copyright holders where those interpretations don't
follow logically from the text of the license.

> By the way, just to be clear, I consider all this (not you guys but these
> license difficulties) to be a real pain. As long as the code is Open Source
> (i.e. I can get it, see it and modify it), I have no problem with it being
> linked with Bacula.

Ah, well, that right there is sufficient for us to use as a license
exception grant. Smile

But of course it's not binding on other copyright
holders.

> > So the question really is: how can we have Bacula in Debian, with SSL
> > support, but without that clause?

> This is apparently possible because GNUTLS seems to have an OpenSSL
> compatiblity layer.

Not much of one, I fear...

> The problem is that those third-party sources are linked into the Bacula
> binaries, and since they are licensed as GPL with no modifications, I cannot
> include them in a binary that has code that is licensed in a way that is
> incompatible with the GPL. Adding the OpenSSL exception to my license makes
> my code incompatible with the non-modified GPL, and hence I was violating the
> license on those 3rd party files (copyrighted by FSF, ATT, Sun, and a few
> others ...).

To be clear here, it's not incompatible with the GPL for you to grant
additional linking permissions, which is what is being done. The only real
issue is that you can't grant such permission on behalf of other copyright
holders.

Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon.TakeThisOut@debian.org http://www.debian.org/

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.TakeThisOut@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.TakeThisOut@lists.debian.org

Kern Sibbald · External Since: Jun 29, 2006 Posts: 43

On Friday 08 June 2007 01:46, Steve Langasek wrote:
> Hi Kern,
>
> On Thu, Jun 07, 2007 at 11:53:19PM +0200, Kern Sibbald wrote:
> > Well, the above is total Greek to me. However, I must say that there is
> > absolutely no reason why Bacula would every accompany OpenSSL in any sense
> > of the the English meaning of accompany that I am aware of
>
> Bacula doesn't accompany OpenSSL when you distribute it, but they certainly
> do accompany one another when we distribute them both as part of the Debian
> OS. This is a plain English meaning of "accompany".

Yes, sorry, I was looking at distribution from the Bacula standpoint rather
than from a Debian distribution until I though this through last night.

However, the "strict" interpretation would imply that the GPL is not fair (in
the sense of compaints about the Novell - Microsoft contract), because I can
distribute Bacula binaries because no where on any of the project sites do we
distribute OpenSSL, but then the strict definition says that you cannot
distribute Bacula because you have OpenSSL someplace on the distribution
disks, or on your servers.

>
> I have seen various FSF FAQs over the years that have claimed that
> distributing binaries linked against OpenSSL is ok, but these FAQs have been
> mute on the matter of distribution as part of an OS.

I haven't seen them, but that doesn't surprise me as I don't believe that FSF
ever really wanted to prohibit linking against OpenSSL, and if they did, they
have clearly changed their minds since the GPL v3 permits it.

> In recent times, it
> appears that some Unix vendors such as Sun and Apple have also begun
> distributing GNU software as part of systems whose cores are not licensed
> compatibly with the GPL, with the FSF's tacit consent; that seems
> ill-advised to me, but in any case the FSF's interpretations of the GPL
> aren't binding on other copyright holders where those interpretations don't
> follow logically from the text of the license.

I'm not sure Sun and Apple are so ill-advised. While I admit that the strict
interpretion is possible and one never knows what a judge would decide, it is
sort of like the possibility of a magic asteroid striking earth. It is
possible that an asteroid could strike earth, but it is so remote that it
doesn't make sense to work in caves rather than skyscrapers to try to avoid
being killed. In the case of the strict interpretation, IMO it is equally
unlikely to create a court case, and in any case, the consequences would be
rather minor -- simply remove OpenSSL.

>
> > By the way, just to be clear, I consider all this (not you guys but these
> > license difficulties) to be a real pain. As long as the code is Open
Source
> > (i.e. I can get it, see it and modify it), I have no problem with it being
> > linked with Bacula.
>
> Ah, well, that right there is sufficient for us to use as a license
> exception grant. Smile

But of course it's not binding on other copyright
> holders.

If that resoves the problems, great. Here is what I have just added to the
LICENSE file -- hopefully it should be clear. Here is a snippet from the
LICENSE file ...

....
License:
For the most part, Bacula is licensed under the GPL version 2
this code is listed under Copyright Free Software Foundation
Europe e.V. A small part of the code (less than 20 files) is
copyrighted under the GPL by other people (FSF, Sun, ...).

What follows is information from the authors of the code:

Linking:
Bacula may be linked with any libraries permitted under the GPL.
However, if configured with encryption Bacula does use the
OpenSSL libraries which are, unfortunately, not compatible with
GPL v2. To the best of our knowledge these libaries are not
distributed with Bacula code because they are shared objects, and
as such there is no conflict with the GPL according what I (Kern)
understand in talking to FSFE, and in any case, for the code that
I have written, I have no problems linking in OpenSSL (of course
this does not speak for the few files in Bacula that are
copyrighted by others). If you take a more severe stance on this
issue, and you are going to distribute Bacula, then simply do not
use the --with-openssl when building your package, and no use of
OpenSSL even through dynamic linking will be included.
....

>
>
> > > So the question really is: how can we have Bacula in Debian, with SSL
> > > support, but without that clause?
>
> > This is apparently possible because GNUTLS seems to have an OpenSSL
> > compatiblity layer.
>
> Not much of one, I fear...

Yes, and they don't have an official certification of their code as OpenSSL
does, so I for one (and I suspect it applies even more to corporate users)
would much prefer to use OpenSSL -- at least at the current time.

>
> > The problem is that those third-party sources are linked into the Bacula
> > binaries, and since they are licensed as GPL with no modifications, I
cannot
> > include them in a binary that has code that is licensed in a way that is
> > incompatible with the GPL. Adding the OpenSSL exception to my license
makes
> > my code incompatible with the non-modified GPL, and hence I was violating
the
> > license on those 3rd party files (copyrighted by FSF, ATT, Sun, and a few
> > others ...).
>
> To be clear here, it's not incompatible with the GPL for you to grant
> additional linking permissions, which is what is being done. The only real
> issue is that you can't grant such permission on behalf of other copyright
> holders.

That is what I believed, but according to Fedora/Red Hat and FSFE, the fact
that I have mixed code in a single binary that is "pure" GPL for which I
(FSFE) do not hold the copyright and GPL with a modified license violates the
license given by the authors of the "pure" GPL. Since that is serious to me,
and I am not a lawyer, and I have first hand experience in how "illogical"
(IMO) judges can be, I prefer to avoid the problem and not modify the GPL.
So now Bacula is all "pure" GPL with no modifications with my explanations in
notes rather than as modifications of the license.

>
> Cheers,
> --
> Steve Langasek Give me a lever long enough and a Free OS
> Debian Developer to set it on, and I can move the world.
> vorlon RemoveThis @debian.org http://www.debian.org/
>

--
To UNSUBSCRIBE, email to debian-legal-REQUEST RemoveThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster RemoveThis @lists.debian.org

Walter Landry · External Since: Mar 31, 2004 Posts: 32

Kern Sibbald <kern.RemoveThis@sibbald.com> wrote:
> On Friday 08 June 2007 01:46, Steve Langasek wrote:
> > I have seen various FSF FAQs over the years that have claimed that
> > distributing binaries linked against OpenSSL is ok, but these FAQs
> > have been mute on the matter of distribution as part of an OS. >
>
> I haven't seen them, but that doesn't surprise me as I don't believe
> that FSF ever really wanted to prohibit linking against OpenSSL, and
> if they did, they have clearly changed their minds since the GPL v3
> permits it.

I do not think that GPLv3 permits it. The OpenSSL license has the
obnoxious advertising clause

* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related Smile

.

The current draft of GPLv3 allows some additional provisions such as

d. limiting the use for publicity purposes of names of licensors or
authors of the material; or

but nothing like the advertising clause.

Cheers,
Walter Landry
wlandry.RemoveThis@ucsd.edu

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.RemoveThis@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.RemoveThis@lists.debian.org

MJ Ray · External Since: Jun 02, 2005 Posts: 273

John Goerzen <jgoerzen.RemoveThis@complete.org> wrote:
> [...] FSFE does not believe that an exception clause to
> the GPL is necessary to legally link to OpenSSL in the manner that
> Bacula is (dynamic linking).

I'm always open to learning more about this fiddly problem.
FSFE's reasoning for this seems to be:

[Kern's mail]
> I've been in conversation with FSFE, and from what they tell me, the GPL
> prevents distribution of non-GPLed code not loading it in dynamic modules,
> which is done quite frequently. Bacula does not distribute any OpenSSL code,
> and there is no OpenSSL code mixed with the Bacula binaries, therefore
> according to FSFE there is no problem.

This seems to contradict oft-repeated views such as:
http://www.openssl.org/support/faq.html#LEGAL2
http://www.gnome.org/~markmc/openssl-and-the-gpl.html

Further, if Bacula uses openssl-specific calls, isn't it a derived work
of openssl?

Finally, does licensing@FSF agree with the FSFE opinion? Having the
licence author on board would probably strengthen the argument for
including a whole range of plain-GPL+OpenSSL software.

[back to John's mail]
> Further, could we not consider OpenSSL to
> be a major component of the OS on which the executable runs, and thus
> fall under that exemption in the GPL anyway? [...]

No. At least we haven't in the past AIUI because OpenSSL is not a
required part of debian installations. See end of Anthony Towns's
Message-id: <20010616160333.A21471.RemoveThis@azure.humbug.org.au>
http://lists.debian.org/debian-legal/2001/06/msg00043.html

Should we ask bap to add this link to the FAQ?

Can Bacula build against GNUTLS or Mozilla NSS?

Will the copyright holders of other code grant the exception?
Who are they?

(+1 to the 'pain in the neck' comment, by the way.)

Hope that helps,
--
MJR/slef
My Opinion Only: see http://people.debian.org/~mjr/
Please follow http://www.uk.debian.org/MailingLists/#codeofconduct

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.RemoveThis@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.RemoveThis@lists.debian.org

MJ Ray · External Since: Jun 02, 2005 Posts: 273

John Goerzen <jgoerzen.TakeThisOut@complete.org> wrote:
> But the problem is that parts of Bacula's code are copyrighted by third
> parties [...]

Why isn't that in the copyright file, JOOI?
--
MJR/slef
My Opinion Only: see http://people.debian.org/~mjr/
Please follow http://www.uk.debian.org/MailingLists/#codeofconduct

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.TakeThisOut@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.TakeThisOut@lists.debian.org

John Goerzen · External Since: Nov 08, 2004 Posts: 961

On Thu, Jun 07, 2007 at 11:57:22PM +0200, Kern Sibbald wrote:
> However, I have now removed *all* modifications, so that the current Bacula
> code as of a few hours ago has no modifications to GPL v2. I am attaching a
> copy of the current LICENSE file as it is at this moment in the SVN

I'm not quite following; what modifications have you removed here?

Is this still current, BTW? In a later message you mentioned changing
the OpenSSL exemption to a "note frmo the author", but still in the
LICENSE file. I wonder if Debian could consider that legally
sufficient?

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.DeleteThis@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.DeleteThis@lists.debian.org

Steve Langasek · External Since: Dec 13, 2004 Posts: 2140

On Fri, Jun 08, 2007 at 09:11:45AM +0200, Kern Sibbald wrote:

> However, the "strict" interpretation would imply that the GPL is not fair (in
> the sense of compaints about the Novell - Microsoft contract), because I can
> distribute Bacula binaries because no where on any of the project sites do we
> distribute OpenSSL, but then the strict definition says that you cannot
> distribute Bacula because you have OpenSSL someplace on the distribution
> disks, or on your servers.

I'm not familiar with the arguments that have been made in the case of
Novell-Microsoft. I'm certainly not aware of any argument why this aspect
of the GPL is not "fair" (=permitted under law) in a legal sense.

> > In recent times, it
> > appears that some Unix vendors such as Sun and Apple have also begun
> > distributing GNU software as part of systems whose cores are not licensed
> > compatibly with the GPL, with the FSF's tacit consent; that seems
> > ill-advised to me, but in any case the FSF's interpretations of the GPL
> > aren't binding on other copyright holders where those interpretations don't
> > follow logically from the text of the license.

> I'm not sure Sun and Apple are so ill-advised.

Sorry, I meant that I considered it ill-advised for the FSF to give their
tacit approval. Smile

> > > By the way, just to be clear, I consider all this (not you guys but these
> > > license difficulties) to be a real pain. As long as the code is Open
> Source
> > > (i.e. I can get it, see it and modify it), I have no problem with it being
> > > linked with Bacula.

> > Ah, well, that right there is sufficient for us to use as a license
> > exception grant. Smile

But of course it's not binding on other copyright
> > holders.

> If that resoves the problems, great. Here is what I have just added to the
> LICENSE file -- hopefully it should be clear. Here is a snippet from the
> LICENSE file ...

> ...
> License:
> For the most part, Bacula is licensed under the GPL version 2
> this code is listed under Copyright Free Software Foundation
> Europe e.V. A small part of the code (less than 20 files) is
> copyrighted under the GPL by other people (FSF, Sun, ...).

Oh. So this is a case where you've assigned copyright to FSFE? Does the
FSFE's copyright assignment procedure give you the right to continue
licensing your code under any license of your choice?

> What follows is information from the authors of the code:

> Linking:
> Bacula may be linked with any libraries permitted under the GPL.
> However, if configured with encryption Bacula does use the
> OpenSSL libraries which are, unfortunately, not compatible with
> GPL v2. To the best of our knowledge these libaries are not
> distributed with Bacula code because they are shared objects, and
> as such there is no conflict with the GPL according what I (Kern)
> understand in talking to FSFE, and in any case, for the code that
> I have written, I have no problems linking in OpenSSL (of course
> this does not speak for the few files in Bacula that are
> copyrighted by others). If you take a more severe stance on this
> issue, and you are going to distribute Bacula, then simply do not
> use the --with-openssl when building your package, and no use of
> OpenSSL even through dynamic linking will be included.
> ...

Seems rather overwrought to me for inclusion in a license file. I would
suggest one of the following two approaches, either:

In addition, for code copyright $foo, permission is explicitly granted to
distribute binaries dynamically linked with libraries distributed under
the OpenSSL license, even in cases where those libraries are distributed
together with the binaries.

or:

It is the understanding of $foo that the GPL permits distribution of
binaries dynamically linked to OpenSSL, even in cases where OpenSSL is
distributed together with the binaries.

But if the code is copyright: FSFE, I don't know if this is something you
would have to clear with them first.

> > > The problem is that those third-party sources are linked into the Bacula
> > > binaries, and since they are licensed as GPL with no modifications, I
> > > cannot include them in a binary that has code that is licensed in a way
> > > that is incompatible with the GPL. Adding the OpenSSL exception to my
> > > license makes my code incompatible with the non-modified GPL, and
> > > hence I was violating the license on those 3rd party files
> > > (copyrighted by FSF, ATT, Sun, and a few others ...).

> > To be clear here, it's not incompatible with the GPL for you to grant
> > additional linking permissions, which is what is being done. The only real
> > issue is that you can't grant such permission on behalf of other copyright
> > holders.

> That is what I believed, but according to Fedora/Red Hat and FSFE, the fact
> that I have mixed code in a single binary that is "pure" GPL for which I
> (FSFE) do not hold the copyright and GPL with a modified license violates the
> license given by the authors of the "pure" GPL. Since that is serious to me,
> and I am not a lawyer, and I have first hand experience in how "illogical"
> (IMO) judges can be, I prefer to avoid the problem and not modify the GPL.
> So now Bacula is all "pure" GPL with no modifications with my explanations in
> notes rather than as modifications of the license.

What I understand from your other message is that previously, you had
modified the text of the license under which the code was being distributed.
That in particular is something that you can't do without permission from
all of the copyright holders, AFAICS.

Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon DeleteThis @debian.org http://www.debian.org/

--
To UNSUBSCRIBE, email to debian-legal-REQUEST DeleteThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster DeleteThis @lists.debian.org

Kern Sibbald · External Since: Jun 29, 2006 Posts: 43

On Saturday 09 June 2007 08:26, Steve Langasek wrote:
> On Fri, Jun 08, 2007 at 09:11:45AM +0200, Kern Sibbald wrote:
>
> > However, the "strict" interpretation would imply that the GPL is not fair
(in
> > the sense of compaints about the Novell - Microsoft contract), because I
can
> > distribute Bacula binaries because no where on any of the project sites do
we
> > distribute OpenSSL, but then the strict definition says that you cannot
> > distribute Bacula because you have OpenSSL someplace on the distribution
> > disks, or on your servers.
>
> I'm not familiar with the arguments that have been made in the case of
> Novell-Microsoft. I'm certainly not aware of any argument why this aspect
> of the GPL is not "fair" (=permitted under law) in a legal sense.

Well, one of the main objections to the Novell-Microsoft contract from what I
understand is that Microsoft has promissed not to pursue Novell or Novell's
customers for any violation of Microsoft patents. According to FSF, if I
understand it right, this is unfair because it only protects a part of the
GPL users and not everyone. Any such license should, according to them,
apply to all or none.

>
> > > In recent times, it
> > > appears that some Unix vendors such as Sun and Apple have also begun
> > > distributing GNU software as part of systems whose cores are not
licensed
> > > compatibly with the GPL, with the FSF's tacit consent; that seems
> > > ill-advised to me, but in any case the FSF's interpretations of the GPL
> > > aren't binding on other copyright holders where those interpretations
don't
> > > follow logically from the text of the license.
>
> > I'm not sure Sun and Apple are so ill-advised.
>
> Sorry, I meant that I considered it ill-advised for the FSF to give their
> tacit approval. Smile

I suspect that they are trying to be "practical" and don't want to chase after
users in "technical" violations where there is no intent to subvert Open
Source objectives.

>
> > > > By the way, just to be clear, I consider all this (not you guys but
these
> > > > license difficulties) to be a real pain. As long as the code is Open
> > Source
> > > > (i.e. I can get it, see it and modify it), I have no problem with it
being
> > > > linked with Bacula.
>
> > > Ah, well, that right there is sufficient for us to use as a license
> > > exception grant. Smile

But of course it's not binding on other copyright
> > > holders.
>
> > If that resoves the problems, great. Here is what I have just added to
the
> > LICENSE file -- hopefully it should be clear. Here is a snippet from the
> > LICENSE file ...
>
> > ...
> > License:
> > For the most part, Bacula is licensed under the GPL version 2
> > this code is listed under Copyright Free Software Foundation
> > Europe e.V. A small part of the code (less than 20 files) is
> > copyrighted under the GPL by other people (FSF, Sun, ...).
>
> Oh. So this is a case where you've assigned copyright to FSFE? Does the
> FSFE's copyright assignment procedure give you the right to continue
> licensing your code under any license of your choice?

Yes. They have a fiduciary licence arrangement with us (me). The project can
decide what license it will use. There is a certain amount of mutual
consentment, but there is no question that they are not going to (and did not
when I told them) complain about removing modifications to the GPL.

So it is clear, I do have the right to license the software anyway I want, but
of course, if I license it differently, that would be a fork or a special
deal, and might not hold for the project, which is dedicated to Open Source.
FSFE also has certain rights and obligations. 99.9% of it is spelled out on
their web site.

>
> > What follows is information from the authors of the code:
>
> > Linking:
> > Bacula may be linked with any libraries permitted under the GPL.
> > However, if configured with encryption Bacula does use the
> > OpenSSL libraries which are, unfortunately, not compatible with
> > GPL v2. To the best of our knowledge these libaries are not
> > distributed with Bacula code because they are shared objects, and
> > as such there is no conflict with the GPL according what I (Kern)
> > understand in talking to FSFE, and in any case, for the code that
> > I have written, I have no problems linking in OpenSSL (of course
> > this does not speak for the few files in Bacula that are
> > copyrighted by others). If you take a more severe stance on this
> > issue, and you are going to distribute Bacula, then simply do not
> > use the --with-openssl when building your package, and no use of
> > OpenSSL even through dynamic linking will be included.
> > ...
>
> Seems rather overwrought to me for inclusion in a license file. I would
> suggest one of the following two approaches, either:
>
> In addition, for code copyright $foo, permission is explicitly granted to
> distribute binaries dynamically linked with libraries distributed under
> the OpenSSL license, even in cases where those libraries are distributed
> together with the binaries.
>
> or:
>
> It is the understanding of $foo that the GPL permits distribution of
> binaries dynamically linked to OpenSSL, even in cases where OpenSSL is
> distributed together with the binaries.
>
> But if the code is copyright: FSFE, I don't know if this is something you
> would have to clear with them first.

I believe that doing what you suggest would modify the GPL, and I don't want
to do that since it puts me according to FSFE and Red Hat in violation of
other people's licenses.

>
> > > > The problem is that those third-party sources are linked into the
Bacula
> > > > binaries, and since they are licensed as GPL with no modifications, I
> > > > cannot include them in a binary that has code that is licensed in a
way
> > > > that is incompatible with the GPL. Adding the OpenSSL exception to my
> > > > license makes my code incompatible with the non-modified GPL, and
> > > > hence I was violating the license on those 3rd party files
> > > > (copyrighted by FSF, ATT, Sun, and a few others ...).
>
> > > To be clear here, it's not incompatible with the GPL for you to grant
> > > additional linking permissions, which is what is being done. The only
real
> > > issue is that you can't grant such permission on behalf of other
copyright
> > > holders.
>
> > That is what I believed, but according to Fedora/Red Hat and FSFE, the
fact
> > that I have mixed code in a single binary that is "pure" GPL for which I
> > (FSFE) do not hold the copyright and GPL with a modified license violates
the
> > license given by the authors of the "pure" GPL. Since that is serious to
me,
> > and I am not a lawyer, and I have first hand experience in how "illogical"
> > (IMO) judges can be, I prefer to avoid the problem and not modify the GPL.
> > So now Bacula is all "pure" GPL with no modifications with my explanations
in
> > notes rather than as modifications of the license.
>
> What I understand from your other message is that previously, you had
> modified the text of the license under which the code was being distributed.
> That in particular is something that you can't do without permission from
> all of the copyright holders, AFAICS.

Yes.

>
> Cheers,
> --
> Steve Langasek Give me a lever long enough and a Free OS
> Debian Developer to set it on, and I can move the world.
> vorlon DeleteThis @debian.org http://www.debian.org/
>

--
To UNSUBSCRIBE, email to debian-legal-REQUEST DeleteThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster DeleteThis @lists.debian.org

Kern Sibbald · External Since: Jun 29, 2006 Posts: 43

On Friday 08 June 2007 10:30, Walter Landry wrote:
> Kern Sibbald <kern.RemoveThis@sibbald.com> wrote:
> > On Friday 08 June 2007 01:46, Steve Langasek wrote:
> > > I have seen various FSF FAQs over the years that have claimed that
> > > distributing binaries linked against OpenSSL is ok, but these FAQs
> > > have been mute on the matter of distribution as part of an OS. >
> >
> > I haven't seen them, but that doesn't surprise me as I don't believe
> > that FSF ever really wanted to prohibit linking against OpenSSL, and
> > if they did, they have clearly changed their minds since the GPL v3
> > permits it.
>
> I do not think that GPLv3 permits it.

GPL v3 *is* compatible with the OpenSSL (actually the Apache) license
according to FSF.

> The OpenSSL license has the
> obnoxious advertising clause
>
> * 3. All advertising materials mentioning features or use of this software
> * must display the following acknowledgement:
> * "This product includes cryptographic software written by
> * Eric Young (eay@cryptsoft.com)"
> * The word 'cryptographic' can be left out if the rouines from the
library
> * being used are not cryptographic related Smile

.

I don't particularly like the above, but I don't find it obnoxious,
particularly because Bacula doesn't do advertising (I don't consider our
manual as advertising materials), and if we did, I don't see any reason not
to mention OpenSSL.

I can understand that other people have different feelings about it, but what
bothers me is that because FSF does not like this kind of clause, they
declare that the OpenSSL license is not compatible with GPL v2 and thus they
restrict my rights ... so much for Free Software !

>
> The current draft of GPLv3 allows some additional provisions such as
>
> d. limiting the use for publicity purposes of names of licensors or
> authors of the material; or
>
> but nothing like the advertising clause.
>
> Cheers,
> Walter Landry
> wlandry.RemoveThis@ucsd.edu
>

--
To UNSUBSCRIBE, email to debian-legal-REQUEST.RemoveThis@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster.RemoveThis@lists.debian.org