Hello,
I'm the maintainer of the Kamailio package and I would like to push the inclusion of the openssl linking exception to upstream but I'm not sure about what parts of the upstream program should be changed in order to satisfy the GPL.
Kamailio is a project with more that 10 years of existence and it's almost impossible to contact every single author of every single part of the program, but AFAIK it's quite possible to be able to add the exception to the core of the program.
Kamailio runs with a core process that loads the user's configured plugins. The tls module is the only module that needs openssl to run. This module provides the ability to use a TLS transport and the core process is the one that creates and maintains the different transports.
For sure that any plugin can use the provided transports, but all of them are using the core functions/structures to connect. They never connect directly to the tls module by themselves.
Modules are being packaged by groups and the tls module will have it's own package. The kamailio program can be used without the tls module.
Upstream is willing to add the openssl exception to core files but we want to be sure that this is enough to satisfy the GPL.
Thanks in advance, Victor Seva
http://people.gnome.org/~markmc/openssl-and-the-gpl.html http://lists.debian.org/debian-legal/2004/05/msg00595.html http://lists.debian.org/debian-legal/2004/07/msg00754.html http://www.gnu.org/licenses/gpl-faq.html#GPLAndPlugins
Hello,
The tls module is not the only module that needs OpenSSL to run.
The following modules also need OpenSSL:
- auth_ephemeral - auth_identity - osp - outbound - websocket
I am happy for the exception to be added to the modules I authored and maintain (that's, auth_ephemeral, outbound, and websocket). That leaves auth_identity and osp (and of course, tls itself).
Regards,
Peter
On 12 November 2013 10:22, Victor Seva linuxmaniac@torreviejawireless.orgwrote:
Hello,
I'm the maintainer of the Kamailio package and I would like to push the inclusion of the openssl linking exception to upstream but I'm not sure about what parts of the upstream program should be changed in order to satisfy the GPL.
Kamailio is a project with more that 10 years of existence and it's almost impossible to contact every single author of every single part of the program, but AFAIK it's quite possible to be able to add the exception to the core of the program.
Kamailio runs with a core process that loads the user's configured plugins. The tls module is the only module that needs openssl to run. This module provides the ability to use a TLS transport and the core process is the one that creates and maintains the different transports.
For sure that any plugin can use the provided transports, but all of them are using the core functions/structures to connect. They never connect directly to the tls module by themselves.
Modules are being packaged by groups and the tls module will have it's own package. The kamailio program can be used without the tls module.
Upstream is willing to add the openssl exception to core files but we want to be sure that this is enough to satisfy the GPL.
Thanks in advance, Victor Seva
http://people.gnome.org/~markmc/openssl-and-the-gpl.html http://lists.debian.org/debian-legal/2004/05/msg00595.html http://lists.debian.org/debian-legal/2004/07/msg00754.html http://www.gnu.org/licenses/gpl-faq.html#GPLAndPlugins
sr-dev mailing list sr-dev@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
2013/11/12 Peter Dunkley peter.dunkley@crocodilertc.net:
Hello,
The tls module is not the only module that needs OpenSSL to run.
The following modules also need OpenSSL:
auth_ephemeral auth_identity osp outbound websocket
Yes, thanks.
I am happy for the exception to be added to the modules I authored and maintain (that's, auth_ephemeral, outbound, and websocket). That leaves auth_identity and osp (and of course, tls itself).
With the response of debian-legal, it seems clear to me that we only need to add the OpenSSL exception to the modules that actually links to the openssl lib as long as the default config do not load them by default.
Cheers, Victor
-
Peter Dunkley -
Victor Seva