Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 587740 - net-misc/socat: USE="ssl readline" creates a license conflict
Summary: net-misc/socat: USE="ssl readline" creates a license conflict
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Netmon project
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-07-02 00:05 UTC by dwfreed
Modified: 2023-08-06 01:50 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description dwfreed 2016-07-02 00:05:01 UTC 
See ${URL} for similar report to Debian.  Socat is GPLv2 with OpenSSL exception, whereas readline is GPLv3 (notably *not* LGPL) without any exceptions.  This means that socat built with both OpenSSL and readline results in a license conflict.  I'm not a license expert, so it's not clear to me whether this is fine for a user's own builds and just not okay for binary distribution, though the readline website suggests this.  I've CCed licenses for clarification.  At the very least, socat would need "ssl? ( readline? ( bindist ) )" added to its RESTRICT, and a worst, a REQUIRED_USE="^^ ( ssl readline )"
Comment 1 Ulrich Müller gentoo-dev 2016-07-02 05:09:26 UTC 
Copyright will restrict distribution of the resulting binary but not its use. Therefore, adding "ssl? ( readline? ( bindist ) )" to RESTRICT (and maybe an elog message for the use ssl && use readline case) should be enough.

Disclaimer: IANAL, TINLA.
Comment 2 Matija "hook" Šuklje 2016-07-03 11:14:49 UTC 
(In reply to Ulrich Müller from comment #1)
> Copyright will restrict distribution of the resulting binary but not its
> use. Therefore, adding "ssl? ( readline? ( bindist ) )" to RESTRICT (and
> maybe an elog message for the use ssl && use readline case) should be enough.

As usual, I can only confirm Ulm’s analysis. While we shouldn’t provide binaries that combine the two, our users are free to compile the software in such a way.

(Only small nit-pick: Copyright can very much restrict use, but the GPL doesn’t and restricts only the distribution.)

IAAL, but IANYL & TINLA.
Comment 4 Larry the Git Cow gentoo-dev 2023-08-06 01:36:19 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=448cc0064cb40615ddd47f717b014680a6465d3e

commit 448cc0064cb40615ddd47f717b014680a6465d3e
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-08-06 01:33:41 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-08-06 01:36:08 +0000

    net-misc/socat: cleanup obsolete USE=bindist
    
    OpenSSL 3 is Apache-2.0 licenced which should resolve the conflict. OpenSSL 1.1.x
    is EOL in a month so I'm not worrying about it here (nobody should be running it
    and I'll be masking it shortly).
    
    Bug: https://bugs.gentoo.org/587740
    Signed-off-by: Sam James <sam@gentoo.org>

 net-misc/socat/socat-1.7.4.4-r1.ebuild | 49 ++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)