22 Jun
2009
22 Jun
'09
3:51 p.m.
Hi, Kamailio trunk version requires libcurl4-gnutls-dev Debian Lenny package
while SIP-Router trunk version requires libcurl4-openssl-dev.
Both packages are not compatible (just one of them can be installed). This
means that it's not possible to install both, Kamailio and SIP-Router, as
Debian packages in the same host... :(
The fact is that both are the same but the first uses GnuTLS while the seconds
uses OpenSSL.
This is a big issue for people wanting to have both projects installed as Deb
packages.
Could it be modified? It there a real dependency on each package? or could any
of them be valid for both projects?
--
Iñaki Baz Castillo <ibc(a)aliax.net>
22 Jun
22 Jun
4:14 p.m.
New subject: Conflict between libcurl4-gnutls-dev and libcurl4-openssl-dev (Debian)
Iñaki Baz Castillo writes:
Hi, Kamailio trunk version requires
libcurl4-gnutls-dev Debian Lenny package
while SIP-Router trunk version requires libcurl4-openssl-dev.
looks like both libcurl4-gnutls-dev and libcurl4-openssl-dev provide
libcurl library. i think that my use of libcurl in k and sr modules
could use either package.
-- juha
4:26 p.m.
El Lunes, 22 de Junio de 2009, Juha Heinanen escribió:
Iñaki Baz Castillo writes:
I could try to compile Kamailio with libcurl4-openssl-dev (changing the debian
control file). Any issue with it?
In case both packages are valid, which is supposed to be the "correct way"?
--
Iñaki Baz Castillo <ibc(a)aliax.net>
Hi, Kamailio trunk version requires
libcurl4-gnutls-dev Debian Lenny
package while SIP-Router trunk version requires libcurl4-openssl-dev.
looks like both libcurl4-gnutls-dev and libcurl4-openssl-dev provide
libcurl library. i think that my use of libcurl in k and sr modules
could use either package.
5:07 p.m.
El Lunes, 22 de Junio de 2009, Iñaki Baz Castillo escribió:
El Lunes, 22 de Junio de 2009, Juha Heinanen
escribió:
I've done it and it compiles correctly but sinceI use nothing related to
SSL/TL...
--
Iñaki Baz Castillo <ibc(a)aliax.net>
Iñaki Baz Castillo writes:
I could try to compile Kamailio with libcurl4-openssl-dev (changing the
debian control file). Any issue with it? Hi, Kamailio trunk version requires
libcurl4-gnutls-dev Debian Lenny
package while SIP-Router trunk version requires libcurl4-openssl-dev.
looks like both libcurl4-gnutls-dev and libcurl4-openssl-dev provide
libcurl library. i think that my use of libcurl in k and sr modules
could use either package.
12:43 a.m.
New subject: Conflict between libcurl4-gnutls-dev and libcurl4-openssl-dev (Debian)
Iñaki Baz Castillo writes:
I could try to compile Kamailio with
libcurl4-openssl-dev (changing
the debian control file). Any issue with it?
there should not be any issues.
In case both packages are valid, which is supposed to
be the "correct
way"?
i would prefer gnutls version.
-- juha
4:02 a.m.
Iñaki Baz Castillo schrieb:
El Lunes, 22 de Junio de 2009, Juha Heinanen
escribió:
I think there is no difference in functionality - just differences in
licensing.
regards
klaus
Iñaki Baz Castillo writes:
I could try to compile Kamailio with libcurl4-openssl-dev (changing the debian
control file). Any issue with it? Hi, Kamailio trunk version requires
libcurl4-gnutls-dev Debian Lenny
package while SIP-Router trunk version requires libcurl4-openssl-dev.
looks like both libcurl4-gnutls-dev and libcurl4-openssl-dev provide
libcurl library. i think that my use of libcurl in k and sr modules
could use either package.
4:09 a.m.
Klaus Darilion schrieb:
Iñaki Baz Castillo schrieb:
Maybe there can be issues with libcurl4-openssl-dev as it is used also
for other parts (TLS, libpq?, ...) and openssl is know to cause problems
when it is initialized multiple times.
IIRC in ser the Identidy module uses static linking against openssl to
avoid this issue.
regards
klaus
El Lunes, 22 de Junio de 2009, Juha Heinanen
escribió:
I think there is no difference in functionality - just differences in
licensing. Iñaki Baz Castillo writes:
I could try to compile Kamailio with libcurl4-openssl-dev (changing
the debian control file). Any issue with it? Hi, Kamailio trunk version requires
libcurl4-gnutls-dev Debian Lenny
package while SIP-Router trunk version requires libcurl4-openssl-dev.
looks like both libcurl4-gnutls-dev and libcurl4-openssl-dev provide
libcurl library. i think that my use of libcurl in k and sr modules
could use either package. 
4:20 a.m.
New subject: Conflict between libcurl4-gnutls-dev and libcurl4-openssl-dev (Debian)
On 23-06 10:02, Klaus Darilion wrote:
Iñaki Baz Castillo schrieb:
El Lunes, 22 de Junio de 2009, Juha Heinanen
escribió:
I think there is no difference in functionality - just differences in
licensing. Iñaki Baz Castillo writes:
I could try to compile Kamailio with libcurl4-openssl-dev (changing the
debian control file). Any issue with it? Hi, Kamailio trunk version requires
libcurl4-gnutls-dev Debian Lenny
package while SIP-Router trunk version requires libcurl4-openssl-dev.
looks like both libcurl4-gnutls-dev and libcurl4-openssl-dev provide
libcurl library. i think that my use of libcurl in k and sr modules
could use either package. From what I have seen there appears to be a big
difference in performance, for example:
http://www.mail-archive.com/lftp-devel@uniyar.ac.ru/msg01486.html
and I have seen more such reports. Openssl received lots of speed
optimizations over time, unlike gnutls.
Jan.
7:15 a.m.
2009/6/23 Jan Janak <jan(a)iptel.org>rg>:
and I have seen more such reports. Openssl received
lots of speed
optimizations over time, unlike gnutls.
So, is it ok if I change the dependencies in Kamailio to require
libcurl4-openssl-dev instead of libcurl4-gnutls-dev?
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
7:18 a.m.
On Dienstag, 23. Juni 2009, Iñaki Baz Castillo wrote:
2009/6/23 Jan Janak <jan(a)iptel.org>rg>:
Hi Iñaki,
this would mean that the utils module can't be packaged with (official) debian
anymore, as the licence of openssl don't allow it. This is basically the same
problem as with the tls support, which is disabled in the debian package as
well.
Henning
and I have seen more such reports. Openssl
received lots of speed
optimizations over time, unlike gnutls.
So, is it ok if I change the dependencies in Kamailio to require
libcurl4-openssl-dev instead of libcurl4-gnutls-dev?
7:22 a.m.
2009/6/23 Henning Westerholt <henning.westerholt(a)1und1.de>de>:
On Dienstag, 23. Juni 2009, Iñaki Baz Castillo wrote:
So, what about SIP-Router and utils k-module? Note that SIP-Router
requires libcurl4-openssl-dev.
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
2009/6/23 Jan Janak <jan(a)iptel.org>rg>:
Hi Iñaki,
this would mean that the utils module can't be packaged with (official)
debian anymore, as the licence of openssl don't allow it. This is basically
the same problem as with the tls support, which is disabled in the debian
package as well. and I have seen more such reports. Openssl
received lots of speed
optimizations over time, unlike gnutls.
So, is it ok if I change the dependencies in Kamailio to require
libcurl4-openssl-dev instead of libcurl4-gnutls-dev? 
7:32 a.m.
On 06/23/2009 01:18 PM, Henning Westerholt wrote:
On Dienstag, 23. Juni 2009, Iñaki Baz Castillo wrote:
is it inherited in this case? the tls
implementation in core of kamailio
is binding directly to openssl library and therefore need for the gpl
disclaimer, but in this case utils binds to curl library.
In sip router this is fixed I guess and tls is shipped with debs --
anyhow, tls is a module in sr, the core is the same.
Cheers,
Daniel
--
Daniel-Constantin Mierla
http://www.asipto.com/
2009/6/23 Jan Janak <jan(a)iptel.org>rg>:
Hi Iñaki,
this would mean that the utils module can't be packaged with
(official) debian anymore, as the licence of openssl don't allow it.
This is basically the same problem as with the tls support, which is
disabled in the debian package as well. and I have seen more such reports. Openssl
received lots of speed
optimizations over time, unlike gnutls.
So, is it ok if I change the dependencies in Kamailio to require
libcurl4-openssl-dev instead of libcurl4-gnutls-dev?
8:24 a.m.
New subject: Conflict between libcurl4-gnutls-dev and libcurl4-openssl-dev (Debian)
On 23-06 13:32, Daniel-Constantin Mierla wrote:
On 06/23/2009 01:18 PM, Henning Westerholt wrote:
If I understand it correctly, we are talking here about Debian control files
that are being kept in the git repository, right? But aren't those files
intended for people who want to build Debian packages themselves, rather than
for official Debian developers? As far as I know official Debian developers
maintain their control files elsewhere, and in fact it is recommended that
upstream projects do not provide their own control files.
If this is the case, does it really matter if we keep libcurl4-openssl-dev in
our control files? We know that all the stuff should work (at least was
developed with) with openssl, so shouldn't this be the default for the people
who attempt to build the packages themselves?
Also note that the -dev packages are only needed to actually build packages,
they are not needed at runtime. They only contain files that are needed to
compile applications that use libcurl. Corresponding runtime libraries are in
libcurl3 (openssl version) and libcurl3-gnutls (gnutls version) and these can
be installed at the same time. What this means is that it is not possible to
*compile* applications for use with libcurl-openssl and libcurl-gnutls at the
same time.
Jan.
On Dienstag, 23. Juni 2009, Iñaki Baz Castillo
wrote:
is it inherited in this case? the tls
implementation in core of kamailio
is binding directly to openssl library and therefore need for the gpl
disclaimer, but in this case utils binds to curl library.
In sip router this is fixed I guess and tls is shipped with debs --
anyhow, tls is a module in sr, the core is the same. 2009/6/23 Jan Janak <jan(a)iptel.org>rg>:
Hi Iñaki,
this would mean that the utils module can't be packaged with
(official) debian anymore, as the licence of openssl don't allow it.
This is basically the same problem as with the tls support, which is
disabled in the debian package as well. and I have seen more such reports. Openssl
received lots of speed
optimizations over time, unlike gnutls.
So, is it ok if I change the dependencies in Kamailio to require
libcurl4-openssl-dev instead of libcurl4-gnutls-dev?
8:39 a.m.
2009/6/23 Jan Janak <jan(a)iptel.org>rg>:
If I understand it correctly, we are talking here
about Debian control files
that are being kept in the git repository, right? But aren't those files
intended for people who want to build Debian packages themselves, rather than
for official Debian developers? As far as I know official Debian developers
maintain their control files elsewhere, and in fact it is recommended that
upstream projects do not provide their own control files.
I was thinking exactly the same. The debian files in SR repository are
intended to build DEB packages, nothing related to Debian official
repositories.
If Debian wants to provide official SR packages, them they could
choose to use the GnuTLs version instead (by creating their own
"control" file).
If this is the case, does it really matter if we keep
libcurl4-openssl-dev in
our control files? We know that all the stuff should work (at least was
developed with) with openssl, so shouldn't this be the default for the people
who attempt to build the packages themselves?
100% agree.
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
8:54 a.m.
2009/6/23 Iñaki Baz Castillo <ibc(a)aliax.net>et>:
If Debian wants to provide official SR packages, them
they could
choose to use the GnuTLs version instead (by creating their own
"control" file).
ops, my mistake. The *already* compiled DEB packages don't require de
-dev packages, of course, but just the runtime libraries (libcurl3 or
libcurl3-gnutls).
Some questions:
- If the deb package is compiled with libcurl4-openssl-dev, could the
deb package itself require libcurl3-gnutls instead of libcurl3? Would
it work?
- If there any licence issue if a DEB package requires libcurl3 (OpenSSL)?
- If there any licence issue if an *official* DEB package is compiled
with libcurl4-openssl-dev instead of libcurl4-gnutls-dev?
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
9:40 a.m.
New subject: Conflict between libcurl4-gnutls-dev and libcurl4-openssl-dev (Debian)
On 23-06 14:54, Iñaki Baz Castillo wrote:
2009/6/23 Iñaki Baz Castillo <ibc(a)aliax.net>et>:
No, the binary package will depend on libcurl3-gnutls and libgnutls.
If Debian wants to provide official SR packages,
them they could
choose to use the GnuTLs version instead (by creating their own
"control" file).
ops, my mistake. The *already* compiled DEB packages don't require de
-dev packages, of course, but just the runtime libraries (libcurl3 or
libcurl3-gnutls).
Some questions:
- If the deb package is compiled with libcurl4-openssl-dev, could the
deb package itself require libcurl3-gnutls instead of libcurl3? Would
it work? - If there any licence issue if a DEB package requires
libcurl3 (OpenSSL)?
The OpenSSL license contains a clause which, according to the FSF, is
incompatible with GPL. (The clause requires certain text to be present in all
material). Thus GPL software, such as SER/Kamailio/sip-router, build with
openssl is not GPL compatible anymore.
The solution suggested by the OpenSSL project is to add an exception to the
license which explicitly permits to use the sofware with OpenSSL. This kind of
change needs to be approved by all (c) holders. In our case we would need to
get the approval from *all* contributors to both projects, which is probably
not feasible. IANAL but this applies to the whole source tree, not just
selected modules that use openssl.
To me this looks like a catch-22 situation more than a real licensing
issue. The OpenSSL license requires that extra acknowledgement in all
documents and according to FSF this make the license more restrictive than
GPL itself.
So, a .deb package of ser/kamailio/sr build with OpenSSL is not GPL compatible
anymore and this violates the license of the project if such package is
distributed.
I seriously doubt that we could find a single (c)-owner in both projects who
would be opposed to adding the exception to the license, so in my opinion the
problem is purely procedural--it is difficult to make a list of all
contributors and approach them individually.
- If there any licence issue if an *official* DEB
package is compiled
with libcurl4-openssl-dev instead of libcurl4-gnutls-dev?
Opinions differ on this, but Debian people think so. By distributing binary
packages of GPL software linked with openssl (and without the exception in the
license) they are afraid that they would violate the terms of GPL. Debian
probably wants to stay on the safe side, which is understandable given the
sheer volume of software they distribute.
Jan.
PS: IANAL so do not trust a single word I just wrote.
9:48 a.m.
New subject: Conflict between libcurl4-gnutls-dev and libcurl4-openssl-dev (Debian)
On 23-06 15:40, Jan Janak wrote:
On 23-06 14:54, Iñaki Baz Castillo wrote:
Errata: The other way around (libcurl3 and libssl).
sorry, Jan.
2009/6/23 Iñaki Baz Castillo
<ibc(a)aliax.net>et>:
No, the binary package will depend on libcurl3-gnutls and libgnutls. If Debian wants to provide official SR packages,
them they could
choose to use the GnuTLs version instead (by creating their own
"control" file).
ops, my mistake. The *already* compiled DEB packages don't require de
-dev packages, of course, but just the runtime libraries (libcurl3 or
libcurl3-gnutls).
Some questions:
- If the deb package is compiled with libcurl4-openssl-dev, could the
deb package itself require libcurl3-gnutls instead of libcurl3? Would
it work?
2:53 p.m.
El Martes, 23 de Junio de 2009, Jan Janak escribió:
So, a .deb package of ser/kamailio/sr build with
OpenSSL is not GPL
compatible anymore and this violates the license of the project if such
package is distributed.
However, the deb packages generated by "make deb" are not necessarily those to
be deitributed by Debian, rigth?
So we can use OpenSSL in our deb packages and Debian (or Alioth) could
recompile the packages with GnuTLS in order to provide them in their public
repositories.
--
Iñaki Baz Castillo <ibc(a)aliax.net>
12:59 p.m.
2009/6/23 Juha Heinanen <jh(a)tutpro.com>om>:
Iñaki Baz Castillo writes:
I've changed the dependencies in kamailio trunk version (local copy)
and it compiles fine. So, if there is no inconvenient I will commit
it.
However, I've realized that the Debian control file says:
Maintainer: Debian VoIP Team <pkg-voip-maintainers(a)lists.alioth.debian.org>
Uploaders: Kilian Krause <kilian(a)debian.org>
Perhaps we should change these values and use some "internal" name (as
"Kamailio Developers Team")?
And when the packages become Debian "official" packages (or those
mantained by Alioth) they could rename de Mantainer and Uploaders, and
could also change the dependencies not to use OpenSSL.
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
So, is it ok if I change the dependencies in
Kamailio to require
libcurl4-openssl-dev instead of libcurl4-gnutls-dev?
fine with me,
5638
days inactive
5639
days old
20 comments
6 participants
participants (6)
-
Daniel-Constantin Mierla -
Henning Westerholt -
Iñaki Baz Castillo -
Jan Janak -
jh@tutpro.com -
Klaus Darilion