From: Vagrant Cascadian <vagrant@debian.org>
To: u-boot@lists.denx.de
Subject: [U-Boot] u-boot Licensing exception with OpenSSL
Date: Tue, 05 Dec 2017 07:31:47 -0800 [thread overview]
Message-ID: <87po7tw5r0.fsf@aikidev.net> (raw)
In-Reply-To: <20171204204512.GI3587@bill-the-cat>
On 2017-12-04, Tom Rini wrote:
> On Sat, Nov 25, 2017 at 12:50:47PM -0800, Vagrant Cascadian wrote:
>
>> There are a few targets (clearfog, turris_omnia) and features (signing
>> in mkimage) in the Debian build of u-boot that have been avoided due to
>> lack of clarity on Licensing issues regarding GPL and OpenSSL
>> compatibility issues.
...
> So, the most likely thing that could be accomplished (as I don't see how
> we could add exemptions without some legal consult) would be to re-write
> the small areas in question to use libgnutls rather than openssl for
> checking the certificates, etc.
Thanks for the response!
Yes, adding an exception would require, at the very least, tracking down
all copyright holders to the portions of the code that include openssl
headers and/or code...
Switching to gnutls would definitely be an ideal solution from my
perspective packaging u-boot in Debian, though I'm not sure I can
personally commit to making it happen.
A rough starting point for which code may need to be modified:
$ git grep -i include.*openssl
include/image.h:# include <openssl/evp.h>
lib/rsa/rsa-sign.c:#include <openssl/bn.h>
lib/rsa/rsa-sign.c:#include <openssl/rsa.h>
lib/rsa/rsa-sign.c:#include <openssl/pem.h>
lib/rsa/rsa-sign.c:#include <openssl/err.h>
lib/rsa/rsa-sign.c:#include <openssl/ssl.h>
lib/rsa/rsa-sign.c:#include <openssl/evp.h>
lib/rsa/rsa-sign.c:#include <openssl/engine.h>
tools/kwbimage.c:#include <openssl/bn.h>
tools/kwbimage.c:#include <openssl/rsa.h>
tools/kwbimage.c:#include <openssl/pem.h>
tools/kwbimage.c:#include <openssl/err.h>
tools/kwbimage.c:#include <openssl/evp.h>
tools/mxsimage.c:#include <openssl/evp.h>
live well,
vagrant
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20171205/0a7aec6b/attachment.sig>
prev parent reply other threads:[~2017-12-05 15:31 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-25 20:50 [U-Boot] u-boot Licensing exception with OpenSSL Vagrant Cascadian
2017-12-04 20:45 ` Tom Rini
2017-12-05 15:31 ` Vagrant Cascadian [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87po7tw5r0.fsf@aikidev.net \
--to=vagrant@debian.org \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox