[Pkg-iscsi-maintainers] open-iscsi vs. open-isns vs. openssl licensing issues
Christian Seiler
christian at iwakd.de
Mon Jul 25 19:08:10 UTC 2016
Hi Ritesh,
I was just working on updating open-iscsi to the newest upstream git
snapshot. During an initial test build, lintian gave me
E: possible-gpl-code-linked-with-openssl
After checking this, there's the following problem:
- libisns.so.0 (package libisns0, libisns-dev) links against
-lcrypto of OpenSSL
open-isns is LGPL -> linking against OpenSSL is OK
- newer open-iscsi wants to link against external libisns0
open-iscsi is GPL -> linking against OpenSSL is _not_ OK
(even indirectly)
So yeah, lintian is correct here. Unfortunately, I didn't notice that
before packaging open-isns. (open-isns can link against OpenSSL just
fine, so lintian didn't complain.) :-(
Funnily enough, open-iscsi doesn't use libisns for anything related
to OpenSSL (the functionality is not used, open-iscsi's iSNS
discovery is always unauthenticated), so this isn't really a technical
problem.
>From what I can tell, the simplest solution would probably be:
- update open-isns to create a new library libisns-nocrypto.so.0
that doesn't link against -lcrypto
(there's a configure flag in open-isns to build that, so one
could easily build the library twice when building open-isns,
once regularily with -lcrypto, once without; I'd simply put it
in the same package libisns0 for simplicity)
- locally patch open-iscsi to build against -lisns-nocrypto
instead of -lisns -lcrypto
Before I go and do that I'd like to ask you if you agree with
that solution? (While the change itself is not complicated, it
is not just some packaging change or some porting fix that I'd
simply do without asking, but rather some more fundamental change
I'd like a second opinion on.)
Regards,
Christian
More information about the Pkg-iscsi-maintainers
mailing list