On Tue, Sep 15, 2020 at 10:54:14PM +0200, Uwe Kleine-König wrote: > The GPL (both, version 2 and 3) are incompatible with the OpenSSL license. > (OpenSSL has requirements on attribution, which from the GPL's point of > view is a further requirement which is forbidden.) > > See https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs for > some more details. > > Signed-off-by: Uwe Kleine-König <u.kleine-koenig@xxxxxxxxxxxxxx> > --- > LICENSES/exceptions/OpenSSL-exception | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > create mode 100644 LICENSES/exceptions/OpenSSL-exception > > diff --git a/LICENSES/exceptions/OpenSSL-exception b/LICENSES/exceptions/OpenSSL-exception > new file mode 100644 > index 000000000000..280c116d4e46 > --- /dev/null > +++ b/LICENSES/exceptions/OpenSSL-exception > @@ -0,0 +1,12 @@ > +SPDX-Exception-Identifier: OpenSSL-exception I think we should not pollute SPDX's namespace with identifiers that could be defined by them in the future. Instead, I would like use the identifier "LicenseRef-OpenSSL-exception" in accordance with the SPDX spec [1]. On the other hand, it's a bit unfortunate that the SPDX pull request [2] introducing the debian-openssl-exception identifier is not merged yet, otherwise we could use this one (it has a slightly different wording compared to the version you used below). But now that some people have already ACKed the wording below, it seems easier just to rename the identifier. [1]: https://spdx.github.io/spdx-spec/6-other-licensing-information-detected/#61-license-identifier [2]: https://github.com/spdx/license-list-XML/pull/824 - Roland > +SPDX-Licenses: GPL-2.0-or-later, GPL-2.0-only > +License-Text: > + > +In addition, as a special exception the copyright holders give > +permission to link the code of this program with the OpenSSL Library (or with > +modified versions of OpenSSL that use the same license as OpenSSL), and > +distribute linked combinations including the two. You must obey the GNU General > +Public License in all respects for all of the code used other than OpenSSL. If > +you modify this file, you may extend this exception to your version of the > +file, but you are not obligated to do so. If you do not wish to do so, delete > +this exception statement from your version. > -- > 2.27.0 > > > _______________________________________________ > barebox mailing list > barebox@xxxxxxxxxxxxxxxxxxx > http://lists.infradead.org/mailman/listinfo/barebox -- Roland Hieber, Pengutronix e.K. | r.hieber@xxxxxxxxxxxxxx | Steuerwalder Str. 21 | https://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ barebox mailing list barebox@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/barebox