On 05/27/2014 09:43 AM, Jeff Darcy wrote:
So, before I expend a ton of effort replacing this code, does anyone else think it shouldn't be done and that the enhancements should be made to the current OpenSSL code instead?
The most compelling arguments — to me — are the speed with which things are fixed and the lack of Heartbleed vuln. PolarSSL appears to be the clear winner on both counts.
My only concern is its 'pure' GPLv2+ license — is that compatible with with our 'GPLv2 or LGPLv3+' license.
I'm not sure why the BSD-style OpenSSL license was an issue; perhaps just the GPL compatibility due to what looks like a weak advertising clause. In any event, it's license didn't pollute our code. Do we need to have our attorney bless the change.
-- Kaleb _______________________________________________ Gluster-devel mailing list Gluster-devel@gluster.org http://supercolony.gluster.org/mailman/listinfo/gluster-devel
