* Tom Lane (tgl@xxxxxxxxxxxxx) wrote: > Tyler MacDonald <tyler@xxxxxx> writes: > > OK, I'm kind of confused about how the legal red tape works here. > > Debian packages all sorts of GPL code, and both openssl and postgres are > > released under more liberal licenses. About the only legal issue I could see > > is the legalities surrounding the export of openssl, but I thought debian > > had already found it's own way around that. > > [ looks in openssl tarball... ] It looks like the openssl license is > essentially old-style BSD (ie, with advertising clause). If Debian is > being anal about refusing to ship old-BSD code linked to GPL code, > there's going to be a whole lot of stuff that doesn't support SSL on > Debian, not only Postgres. Or are they selectively enforcing this > policy against PG? It's enforced whenever we discover it, really... Alot of applications are able to be built against GNUTLS which is LGPL and removes the issue as well. Debian actually worked to port OpenLDAP to GNUTLS to deal with this problem with all of the (quite a few...) GPL'd LDAP-using applications we package. I was involved in that effort actually (though didn't actually do the GNUTLS port, that was mainly done by Steve Langasek). I'd like to look into doing this for Postgres, actually... I don't think it'd hurt for Postgres to support OpenSSL and GNUTLS. Thanks, Stephen
Attachment:
signature.asc
Description: Digital signature
