On Mon, Aug 24, 2020 at 11:05:20AM +0200, Roland Hieber wrote: > On Mon, Aug 24, 2020 at 10:22:13AM +0200, Ladislav Michl wrote: [...] > > This "unknown-exception" seems to be OpenSSL, so we get: > > OPENFORTIVPN_LICENSE := GPL-3.0-or-later AND OpenSSL > > I meant the exception at the end of LICENSE: > > | Exception > | > | In addition, as a special exception, the copyright holders give > permission > | to link the code of portions of this program with the OpenSSL library > under > | certain conditions as described in each individual source file, and > distribute > | linked combinations including the two. > | You must obey the GNU General Public License in all respects for all of > the > | code used other than OpenSSL. If you modify file(s) with this > exception, you > | may extend this exception to your version of the file(s), but you are > not > | obligated to do so. If you do not wish to do so, delete this exception > | statement from your version. If you delete this exception statement > from all > | source files in the program, then also delete it here. > > This is not part of the GPL-3.0 license text, and the OpenSSL text is > different: <https://spdx.org/licenses/OpenSSL> > > Putting "GPL-3.0-or-later AND OpenSSL" in SPDX syntax would mean that > there is code under GPL, and code under OpenSSL, which when linked > together would create an undistributable binary because the two licenses > are not compatible. But the exception here clearly allows this use case. > So I would classify it as an exception to the GPL-3.0, but since there > is no SPDX identifier for that exact wording yet, we can use "WITH > unknown-exception" as a placeholder, so any users who need to collect > licensing information will stumble upon it and are forced to investigate > further.
Ah, seems you already take an effort to solve this :) https://github.com/spdx/license-list-XML/issues/939 Ready to send v2 "WITH unknown-exception", either separately or as whole serie resend - I'll wait a bit more for eventual comments to show up. > > > > + > > > > file://src/main.c;startline=4;endline=15;md5=2d74bd9c818c4c3009c1c8782aaa23e7 > > > > > > Also there is LICENSE.OpenSSL, is this used anywhere? > > > > Yes, I overlooked its use in two files: tunnel.c and > > openssl_hostname_validation.c > > which is ifdefed out. What about: > > OPENFORTIVPN_LICENSE_FILES := \ > > file://LICENSE;md5=1d58d8f3da4c52035c4ad376ffabb44a \ > > file://LICENSE.OpenSSL;md5=f3317a38a556060e468331158cc43fe3 \ > > > > file://src/main.c;startline=4;endline=15;md5=2d74bd9c818c4c3009c1c8782aaa23e7 > > \ > > > > file://src/tunnel.c;startline=4;endline=26;md5=5454796bf6fd04c7e4ad6bd83a627e4f > > Yes, this looks good to me. > > > One more question before v2: package is lacking configure script and > > autogen.sh > > is expected to be run. I solved this creating empty patch directory with > > symlink. > > Any other preferred solution? > > The autogen.sh symlink is fine. This just happens when the distributed > tarballs are created automatically by git-archive. I didn't see any > other official tarballs either. > > - Roland > > -- > Roland Hieber, Pengutronix e.K. | [email protected] | > Steuerwalder Str. 21 | https://www.pengutronix.de/ | > 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | > Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | _______________________________________________ ptxdist mailing list [email protected] To unsubscribe, send a mail with subject "unsubscribe" to [email protected]
