[PATCH 4/7] LICENSES: add OpenSSL exception

Roland Hieber rhi at pengutronix.de
Wed Sep 16 05:27:00 EDT 2020 

On Tue, Sep 15, 2020 at 10:54:14PM +0200, Uwe Kleine-König wrote:
> The GPL (both, version 2 and 3) are incompatible with the OpenSSL license.
> (OpenSSL has requirements on attribution, which from the GPL's point of
> view is a further requirement which is forbidden.)
> 
> See https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs for
> some more details.
> 
> Signed-off-by: Uwe Kleine-König <u.kleine-koenig at pengutronix.de>
> ---
>  LICENSES/exceptions/OpenSSL-exception | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
>  create mode 100644 LICENSES/exceptions/OpenSSL-exception
> 
> diff --git a/LICENSES/exceptions/OpenSSL-exception b/LICENSES/exceptions/OpenSSL-exception
> new file mode 100644
> index 000000000000..280c116d4e46
> --- /dev/null
> +++ b/LICENSES/exceptions/OpenSSL-exception
> @@ -0,0 +1,12 @@
> +SPDX-Exception-Identifier: OpenSSL-exception

I think we should not pollute SPDX's namespace with identifiers that
could be defined by them in the future. Instead, I would like use the
identifier "LicenseRef-OpenSSL-exception" in accordance with the SPDX
spec [1].

On the other hand, it's a bit unfortunate that the SPDX pull request [2]
introducing the debian-openssl-exception identifier is not merged yet,
otherwise we could use this one (it has a slightly different wording
compared to the version you used below). But now that some people have
already ACKed the wording below, it seems easier just to rename the
identifier.

[1]: https://spdx.github.io/spdx-spec/6-other-licensing-information-detected/#61-license-identifier
[2]: https://github.com/spdx/license-list-XML/pull/824

 - Roland

> +SPDX-Licenses: GPL-2.0-or-later, GPL-2.0-only
> +License-Text:
> +
> +In addition, as a special exception the copyright holders give
> +permission to link the code of this program with the OpenSSL Library (or with
> +modified versions of OpenSSL that use the same license as OpenSSL), and
> +distribute linked combinations including the two. You must obey the GNU General
> +Public License in all respects for all of the code used other than OpenSSL. If
> +you modify this file, you may extend this exception to your version of the
> +file, but you are not obligated to do so. If you do not wish to do so, delete
> +this exception statement from your version.
> -- 
> 2.27.0
> 
> 
> _______________________________________________
> barebox mailing list
> barebox at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/barebox

-- 
Roland Hieber, Pengutronix e.K.          | r.hieber at pengutronix.de     |
Steuerwalder Str. 21                     | https://www.pengutronix.de/ |
31137 Hildesheim, Germany                | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686         | Fax:   +49-5121-206917-5555 |

More information about the barebox mailing list