See ${URL} for similar report to Debian. Socat is GPLv2 with OpenSSL exception, whereas readline is GPLv3 (notably *not* LGPL) without any exceptions. This means that socat built with both OpenSSL and readline results in a license conflict. I'm not a license expert, so it's not clear to me whether this is fine for a user's own builds and just not okay for binary distribution, though the readline website suggests this. I've CCed licenses for clarification. At the very least, socat would need "ssl? ( readline? ( bindist ) )" added to its RESTRICT, and a worst, a REQUIRED_USE="^^ ( ssl readline )"
Copyright will restrict distribution of the resulting binary but not its use. Therefore, adding "ssl? ( readline? ( bindist ) )" to RESTRICT (and maybe an elog message for the use ssl && use readline case) should be enough. Disclaimer: IANAL, TINLA.
(In reply to Ulrich Müller from comment #1) > Copyright will restrict distribution of the resulting binary but not its > use. Therefore, adding "ssl? ( readline? ( bindist ) )" to RESTRICT (and > maybe an elog message for the use ssl && use readline case) should be enough. As usual, I can only confirm Ulm’s analysis. While we shouldn’t provide binaries that combine the two, our users are free to compile the software in such a way. (Only small nit-pick: Copyright can very much restrict use, but the GPL doesn’t and restricts only the distribution.) IAAL, but IANYL & TINLA.
Fixed https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b46ade639dea1b83feb4ed821fa12f58ec0780a1 https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=699d4c3617e48a9b1d66879e56b34479cf647a5f
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=448cc0064cb40615ddd47f717b014680a6465d3e commit 448cc0064cb40615ddd47f717b014680a6465d3e Author: Sam James <sam@gentoo.org> AuthorDate: 2023-08-06 01:33:41 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-08-06 01:36:08 +0000 net-misc/socat: cleanup obsolete USE=bindist OpenSSL 3 is Apache-2.0 licenced which should resolve the conflict. OpenSSL 1.1.x is EOL in a month so I'm not worrying about it here (nobody should be running it and I'll be masking it shortly). Bug: https://bugs.gentoo.org/587740 Signed-off-by: Sam James <sam@gentoo.org> net-misc/socat/socat-1.7.4.4-r1.ebuild | 49 ++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+)