On Sat, Aug 06, 2016 at 09:52:39AM +0800, Alex Vong wrote: > Ricardo Wurmus <rek...@elephly.net> writes: > > > Alex Vong <alexvong1...@gmail.com> writes: > > > >> I notice 'octave 4.0.2' has 'openssl@1.0.2h' as one of its inputs. As > >> far as I know, gplv3 is incompatible with openssl license > >> (https://people.gnome.org/~markmc/openssl-and-the-gpl.html). > > > > Looks like you’re right. Other projects add a special openSSL linking > > exception, but Octave does not seem to account for this. > > > >> How should we fix this? > > > > It seems that the use of openssl in Octave is optional, so we could > > probably just remove it. From a cursory look it appears that it is used > > for not much more than the MD5 algorithm. Would you like to submit a > > patch that removes openssl from the inputs? > > > Here it is. It takes a long time to track down that curl is pulling the > openssl depedency. I also upgrade octave to 4.0.3 and change to use > 'tar.xz'. > > > It would be good to ask the Octave project if it would be possible to > > replace OpenSSL with, say, GnuTLS. > > > I agree, should we CC/forward this discussion to octave-devel list?
Yes, I think we should work with them to resolve this issue.
