Bug#409154: What is the status on libapache2-mod-auth-openid,, for debian?
Mod_auth_openid version 0.1 can now be downloaded from http://butterfat.net/wiki/Projects/ModAuthOpenID/Releases . It has been released under the MIT license, so all the licensing issues should be taken care of now. Brian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#409154: What is the status on libapache2-mod-auth-openid,, for debian?
For what it's worth, i used the packaging supplied by NIIBE Yutaka to package svn r60 (0.1 came from svn r78, i think), and the package i built appears to be functional in production. I think this should progress into debian proper for wider testing. Thanks for all the work on this, folks. --dkg pgplfudbwSeLK.pgp Description: PGP signature
Bug#409154: What is the status on libapache2-mod-auth-openid, for debian?
I spoke with the developer for libopkele, and he's going to look into using GNUTLS (soon). He's pretty responsive and understanding of the licensing issue. There is only a small portion of libopkele that uses OpenSSL; hopefully it shouldn't be hard to offer a GNUTLS option. For now, I'm going to go ahead and add the OpenSSL exception to the upcoming release of version 0.1 (this will be available within the next week or two). I'll send a notice to the bug post when the next version is released. Thanks, Brian -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#409154: What is the status on libapache2-mod-auth-openid for debian?
Daniel Kahn Gillmor wrote: I see that in february, this ITP for libapache2-mod-auth-openid was claimed to be fixed by a package in the NEW queue, but now (nearly 6 months later) nothing has even shown up in unstable or experimental. What's the status on this package? I once built the package and uploaded. But we found license problem. This software is licensed under GPL, and it depends on OpenSSL library, which is incompatible to GPL. If we could consider OpenSSL is system library, it can be distributed. I will contact about this issue to the author. -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#409154: What is the status on libapache2-mod-auth-openid for debian?
On Wed 2007-08-01 03:19:28 -0400, NIIBE Yutaka wrote: I once built the package and uploaded. But we found license problem. This software is licensed under GPL, and it depends on OpenSSL library, which is incompatible to GPL. If we could consider OpenSSL is system library, it can be distributed. I will contact about this issue to the author. Interesting. Have you tried building it against one of the other TLS implementations (e.g. gnutls, nss, yassl, etc?) http://www.gnu.org/software/gnutls/comparison.html Would you mind publishing your packaging details? I'd be willing to try to switch TLS implementations if that's a possiblity. i'd very much like to see this functionality be easily accessible in debian. Also: is it that mod_auth_openid requires linking with openssl directly? or is it that libopkele1 links to openssl, and therefore can't be used in a GPL'ed program? Or is it both? the fact that libaprutil1-dev depends on libssl-dev (via libpq-dev) makes it a bit hairy to even try to build a GPL'ed apache module. Nonetheless, there are many GPL'ed apache modules available, if you believe the licensing on this page: http://modules.apache.org/search Regards, --dkg pgpEgmcx2IcKK.pgp Description: PGP signature
Bug#409154: What is the status on libapache2-mod-auth-openid for debian?
Just a quick replay, Daniel Kahn Gillmor wrote: Would you mind publishing your packaging details? I'd be willing to try to switch TLS implementations if that's a possiblity. i'd very much like to see this functionality be easily accessible in debian. Here it is: http://www.gniibe.org/oitoite/libapache-mod-auth-openid/ That's for your reference. I think that distribution of this diff is OK, and people can build the binary package by themselves. -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#409154: What is the status on libapache2-mod-auth-openid, for debian?
Posting this exchange with Brian's permission: On Wed 2007-08-01 15:07:48 -0400, [EMAIL PROTECTED] wrote: Hello - I'm the lead developer for mod_auth_openid. Would it be sufficient for me to distribute mod_auth_openid with an OpenSSL exemption to the GPL (as described at http://lists.debian.org/debian-legal/2004/05/msg00595.html )? I'm not enough of a debian-legal person to say conclusively that it'd be acceptable for debian, but since mod_auth_openid is the only piece of code here under the GPL and you control the entire copyright (afaict) i think this would be a legitimate course of action. I've contacted the libopkele (the dependency that actually uses OpenSSL) developer about possibly using GNUTLS instead of OpenSSL, but I'm fairly certain that he's not going to be willing to change. sigh. yeah, that could well be an uphill battle. Thanks for pinging further upstream about it. I'll drop them a note myself to see if it'll help any. debian's libopkele is already building cleanly against libcurl-gnutls, so there's only the direct use of openssl that they'd need to worry about. What a chain of dependencies! If necessary, I can revert to a less restrictive license, but would prefer to go with the GPL. I don't know that you'd need to do anything less restrictive than the OpenSSL exemption you describe. Thank you very much for both taking the license wrangling seriously and for being reasonable about it. Regards, --dkg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#409154: What is the status on libapache2-mod-auth-openid for debian?
Hello folks-- I see that in february, this ITP for libapache2-mod-auth-openid was claimed to be fixed by a package in the NEW queue, but now (nearly 6 months later) nothing has even shown up in unstable or experimental. What's the status on this package? Thanks for preparing it for debian! --dkg pgptFZll9LiFh.pgp Description: PGP signature