Received: (at submit) by debbugs.gnu.org; 16 Mar 2019 00:04:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 15 20:04:19 2019
Received: from localhost ([127.0.0.1]:45662 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1h4woB-0007Vg-Qg
for submit <at> debbugs.gnu.org; Fri, 15 Mar 2019 20:04:19 -0400
Received: from eggs.gnu.org ([209.51.188.92]:35851)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <adfeno@HIDDEN>) id 1h4wo9-0007VR-Qe
for submit <at> debbugs.gnu.org; Fri, 15 Mar 2019 20:04:14 -0400
Received: from lists.gnu.org ([209.51.188.17]:48501)
by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
(Exim 4.71) (envelope-from <adfeno@HIDDEN>)
id 1h4wo2-0005ET-Cb
for submit <at> debbugs.gnu.org; Fri, 15 Mar 2019 20:04:06 -0400
Received: from eggs.gnu.org ([209.51.188.92]:50190)
by lists.gnu.org with esmtp (Exim 4.71)
(envelope-from <adfeno@HIDDEN>) id 1h4wo1-0000uc-0D
for bug-guix@HIDDEN; Fri, 15 Mar 2019 20:04:06 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level:
X-Spam-Status: No, score=0.1 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_LOW,
URIBL_BLOCKED autolearn=disabled version=3.3.2
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
(envelope-from <adfeno@HIDDEN>) id 1h4wgO-0008CD-Nh
for bug-guix@HIDDEN; Fri, 15 Mar 2019 19:56:13 -0400
Received: from relay4-d.mail.gandi.net ([217.70.183.196]:39109)
by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
(Exim 4.71) (envelope-from <adfeno@HIDDEN>)
id 1h4wgO-00085v-8a
for bug-guix@HIDDEN; Fri, 15 Mar 2019 19:56:12 -0400
X-Originating-IP: 181.223.68.64
Received: from [192.168.1.100] (unknown [181.223.68.64])
(Authenticated sender: adfeno@HIDDEN)
by relay4-d.mail.gandi.net (Postfix) with ESMTPSA id BC6C5E0003
for <bug-guix@HIDDEN>; Fri, 15 Mar 2019 23:56:07 +0000 (UTC)
Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and
possibly others
To: bug-guix@HIDDEN
References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN>
<87ftrzuxmh.fsf@ponder>
From: Adonay Felipe Nogueira <adfeno@HIDDEN>
Openpgp: preference=signencrypt
Autocrypt: addr=adfeno@HIDDEN; prefer-encrypt=mutual; keydata=
xsPuBFSdo9IRDACmvQCvDZOHZ33gwVtn//XtEmnlcl1yR6j06qvh2E22aK3bmom1y6HfgAVq
l+3R16sL27Y0cEeM12Xl2h1HrFiT3Hd/LGWNVC/osPAKrrs6bMRh3uUdOVWeVuM/7c6n5hvx
PAkZ6s70w1+y1ilG19aEpezFybAb9oE7+qBLjKAZPgceHeOxUthdfqDDqc/oenCGVEQNvPzK
jQVzE+NnB3KdbGNQKFjTuWutxHjMY61H06a824vMd4SU5ReHlDnhCfasJUYcT6ykijf5xeCU
icLvLowZl3rCjzjxFxKGnfh/vT6LqMNlfLfTKMR8zmXKHXC+KJjQG3Ohl++7BTGxIrxZtAr6
MKeNczQng0xJtGI/gSus+8Rt9GycMJ/TZh+CrMsRiWmleONsl2fYO5pd4P+hDcttVOmdI/dj
H3yycUt5nzgezid+O2NzsjJNNAgDy9uxOLa01aBpaSR94IsYPCxaHh9rBo27v5L8lm2DZTmy
CdTdJ/g7OETOSKGmrGywwmsBAO9f4sVideYrDJbEUcXkFSH19ctJYCgLHscWzpypGsQNC/9X
iq7fMCS5kAkK/ZcsPeaI4VIDkFJAF22oJyCvJwLWpaQKXBLAFYcAltEHfjdgrrYlexlgQ7SX
yX136hD8HJTe1oc2qHN/CXa+LDvxhhNLIgagKP13IIt8AS7U+3YsrCSgu1fjDpxoEP2+xXTS
jjcDmnJIWv1oDjIp57OfpKokvHtEsMgXrZI4Ft3ftpzN6o/YWVQeJ7VBdVeKPkzukMfHu04q
1O6TcfSVGLSjrSdTD8/0LcRmwEwgxRBbhp3kxmnUqV+/C/Cj1G2LurKBdqC/rGTSgR1TeQji
rTDvV4aReZ8swQS8dGoO4CoxG3ZVz0nsLs7Nl/wRoIMXVo/yMd03LIySSJuATWD6+0LOL5PT
gsIRYpBw3jcLTAwPsQd8M8CH9b07qGJ4roVkhEj3R09WeDmSSCLcyQERTzA3EskuaDF8qrRj
q68/6kZwhsmssBzAH1PWnFpBAqEaoyQZUisoCffbQwM31oYt04Ng7JXqKHVE+ZchcujtijK5
bPz9ARgL/11E5yq9Z9x+OIxVx1lhMadwH/ze2CrTUIMTo9ZAp8tBqDvXOr43FHPTYio0wycl
/anW2D6+4Q49/gK8GQS4xWo/jZnCjOaVIPRbH+y/HE4eXBwKA9UKHpYdZuL2z1zFLYvZd/LT
rX66q/+8YMETsu86e4J76lE0WhljWdseM4RFmKlPepSttgCS6iRcWZeuhpknqpOILBwNUtFA
Dnqbe9y5ZQ8xETy4/nDMIeWmiHIhQ5bzm+dzOVwtqOpDpTvMzZbU3buBCsZFVrzxuXa66sJu
W3fhc//cJ6GTlKz404tAuJrVr9q+uB4OOlkjoUYOIYnwwmKhZaqaUQDTpvK67QhWCZiDHJ/J
bvuMCv/XCVh/1IdTbe518jVzfcYjlyxcSHFq8TxiGhJYaBFF4vPC9+vf7l2fQVhDzzpBqMVH
5k9nGJXJ9M0mDO9e8O4CkV55YXzVQFVipiaGyd9DBKcWHAyprxj20MBkP0npXfGErkADCUEp
1MpKt0p3U3BJkoi2Ms0uQWRvbmF5IEZlbGlwZSBOb2d1ZWlyYSA8YWRmZW5vQGh5cGVyYm9s
YS5pbmZvPsJ6BBMRCAAiBQJZkFYUAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDI
1uFSAe6docKxAQCAKQxT1MlVJyXdFC7sGFH00jlHeybp6qgOVfJvpqLPGgD+ITwpdjy3RD2c
kuENzAKzvom8pnDrNW+oIIIYUaE5gMTOw00EVJ2j0hAQAPcu3bLnt0CqcF49mN0m7z13Fiqv
wLRxJe2sEeduZl146rqyNdv4XmaCSdsbgThfw7sW60/J4Gyianv2uzm9E4DpnSh/Ie4LGqXC
UALnIYhxeILOo8CvFW1hkF/AgZp0CNoXrP786Nh0rksHfwps0B7b6Vy/E0blioaijvUS2z3/
DKY6CXb7D8wRi64qTMarLaifRzIR/pbX29uBB2McOeoswSFob/McMA7AHp3p+lttR5J8eLc3
Ckj7OuJCY74XIAGq2B64RPmn617BD9ym83M3fcbEXgDBQtvLjznfKNzeMXOLXN/7/qKm1Sza
5NpeAGDg0YvXg6qIi0iyJw4RVzdCiqacO+G3Am/Ge2XDKsuBgsEf1YjlENINGS/ZmqfZd0sH
jCJHb/YOlEzVw8HVMzeES8aUOBDh+d2aWhYx30jXuFbMqvuOh4t7JZjBy8TQVuvVhIps0Qyu
/YnNxKzZ2F9keaN854KRtcGxaD/wOGpgoAOlyhH+pXVTTl3GCMCHonJ6Sn+jNGa6+oX7HF8h
wSevwzQ11WThTPmUTlPU96jN5kqE6qLKBo2msu2MxVQRo1kLlHCRfjvbNGf2iZXRKI+RARgv
a+7NZPtYDs1Sg/zw7HgUowImT6JGcN0ZgAMqw/V2nALvW+Caq03GCNiWR2elB/jmhHR+3Brj
18fsc25HAAMFEADViuPfdUqFHzmKgVdRH5A8NIZNTT/MMrYCqv5PAkEhnsXLXeHHV7a0cbfx
3yf86Pv8XMtBItShUVQ9UPVvmFW3ew5cqCCUF5MzrbOXrrso+78yflYjbh55Sf1HelG11eBT
xs2auCgMWVsxRjgk9sbzh0j+R9MCMXHw0H/x63BS+due6Z0PYlsgXxbtWxB0P7kiYekXn6xo
MeJco9CbWufnWdK4J5WylILQPNwI8uwrj56TUmh3PFnC2UmUa+KQ9m5gWHOIybWYZf4TTXBi
N6gvhUqN9IpGFaNG26sWWiOpEWAiVTwPE/lSB+yibouSfE3XLw1Q+FH7TqwmtVS6Kj+yC4Z7
GlDcmqlQxJhBdXTEpTk0rA1Bs4okjqVoQRpLPYUFkhVA15jJGrewUJuUhL128gL2Ek0A14FW
+zmi0Wi3tIrUQXovGy7eorIgq7M3/ri0ibbrS5jE4yfIZG/8nb1S/RX5JEwEaoe7izi+1GIi
GkCRkzGT3VqG78ppH2166Bq9qDwGf3T/CmLMDNpxsc1qt857nz7RFBMM+dNs5h/Bh0t++i01
JJd/ykqdfUL8nHRwDO1Fkz/R5wugeJ/dB0TcqpnArjtTc+KVN/lRYfltEc5j0DqvFRwk3Ztd
5KocWrWD/MBAvZVYKzJ9Bov9FGRUIGDDTJyo5VVCSe1IeSYa9sJhBBgRCgAJBQJUnaPSAhsM
AAoJEMjW4VIB7p2h7ewBAMBCaE8lh2MyK8PBZ2rOSEYIQNjxADPt9Mri7CLnZxtPAQCwCO+a
x4WXJV0T1ZOOFa/esCB72RkEVZ7ArkTKQDnVng==
Message-ID: <9137e5b2-4fbb-c908-2b00-64c086d5f318@HIDDEN>
Date: Fri, 15 Mar 2019 20:55:43 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Icedove/52.9.1
MIME-Version: 1.0
In-Reply-To: <87ftrzuxmh.fsf@ponder>
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="zn4iu9YZS9ktYt1C4BnP2qKPauwpjAcDq"
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 217.70.183.196
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Spam-Score: 0.9 (/)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.1 (/)
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--zn4iu9YZS9ktYt1C4BnP2qKPauwpjAcDq
Content-Type: multipart/mixed; boundary="DwWt7XVbu1VZMkI082NKiSHX83slxV81e";
protected-headers="v1"
From: Adonay Felipe Nogueira <adfeno@HIDDEN>
To: bug-guix@HIDDEN
Message-ID: <9137e5b2-4fbb-c908-2b00-64c086d5f318@HIDDEN>
Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and
possibly others
References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN>
<87ftrzuxmh.fsf@ponder>
In-Reply-To: <87ftrzuxmh.fsf@ponder>
--DwWt7XVbu1VZMkI082NKiSHX83slxV81e
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Hi there! :D
Em 07/03/2019 01:17, Vagrant Cascadian escreveu:
> How many of them are also license:gpl* though? That would hopefully
My Guix pull is from commit d22d246a256814784dfb03437949bdc2efd746a5.
I made a little recsel trick to get all packages licensed under [A]GPL
(any version) and which are dependent on any package licensed under
OpenSSL. However, this doesn't check if the [A]GPL'd packages use the
OpenSSL'd dependencies' library or the object code/executable. That
said, there might be plenty of false entries here.
------------------------------------------------------------------------
$ guix package -s '' | recsel -CR "name,version" -e 'license ~
"([[:space:]]|^)[A]?GPL" && dependencies ~ "([[:space:]]|^)('$(guix
package -s '' | recsel -CR 'name,version' -e 'license ~ "OpenSSL"' | tr
'\n' '|' | sed 's/[[:space:]]/@/g; s/\(\.\)/\\\1/g;
s/|\($\)/\1/g')')([[:space:]]|$)"' | sed 's/ /@/g' | tr '\n' ' '
------------------------------------------------------------------------
This gives the following list:
------------------------------------------------------------------------
neon@HIDDEN fetchmail@HIDDEN git-crypt@HIDDEN socat@HIDDEN scribus@HIDDEN
389-ds-base@HIDDEN bigloo@HIDDEN kdelibs4support@HIDDEN munge@HIDDEN
gnunet@HIDDEN mupdf@HIDDEN slurm@HIDDEN sssd@HIDDEN wesnoth@HIDDEN
yapet@HIDDEN keepalived@HIDDEN perl-net-ssleay@HIDDEN r-ggally@HIDDEN
john-the-ripper-jumbo@HIDDEN psyclpc@HIDDEN hexchat@HIDDEN
glusterfs@HIDDEN openvpn@HIDDEN libesmtp@HIDDEN httping@HIDDEN
clamav@HIDDEN python2-mysqlclient@HIDDEN python-mysqlclient@HIDDEN
openrct2@HIDDEN calibre@HIDDEN encfs@HIDDEN mosh@HIDDEN qbittorrent@HIDDEN
mongodb@HIDDEN wimlib@HIDDEN libsignal-protocol-c@HIDDEN kicad@HIDDEN
stunnel@HIDDEN ceph@HIDDEN looking-glass-client@a12-182c475
warzone2100@HIDDEN linuxdcpp@HIDDEN openvswitch@HIDDEN transmission@HIDDEN
gvpe@HIDDEN ppp@HIDDEN libgit2@HIDDEN u-boot-novena@HIDDEN uwsgi@HIDDEN
icecast@HIDDEN rdesktop@HIDDEN gandi.cli@HIDDEN thc-ipv6@HIDDEN
linux-libre-arm-omap2plus@HIDDEN linux-libre-arm-omap2plus@HIDDEN
linux-libre-arm-omap2plus@HIDDEN linux-libre-arm-generic@HIDDEN
linux-libre-arm-generic@HIDDEN linux-libre-arm-generic@HIDDEN
cadaver@HIDDEN rtorrent@HIDDEN libmesode@HIDDEN restbed@HIDDEN
virtuoso-ose@HIDDEN libtorrent@HIDDEN libstrophe@HIDDEN
jupyter-guile-kernel@HIDDEN clementine@HIDDEN
linux-libre@HIDDEN linux-libre@HIDDEN linux-libre@HIDDEN
linux-libre@HIDDEN linux-libre@HIDDEN synergy@HIDDEN moc@HIDDEN
netsurf@HIDDEN git-minimal@HIDDEN kodi@HIDDEN mysql@HIDDEN strongswan@HIDDEN
perl-crypt-openssl-rsa@HIDDEN perl-crypt-openssl-random@HIDDEN libcmis@HIDDEN
git@HIDDEN hydra@HIDDEN perl-crypt-openssl-bignum@HIDDEN
links@HIDDEN neomutt@20180716 u-boot-tools@HIDDEN burp@HIDDEN
u-boot-nintendo-nes-classic-edition@HIDDEN cgit@HIDDEN dillo@HIDDEN
isync@HIDDEN testdisk@HIDDEN r-git2r@HIDDEN khtml@HIDDEN tinc@HIDDEN
4store@HIDDEN u-boot-a20-olinuxino-micro@HIDDEN
u-boot-a20-olinuxino-lime2@HIDDEN efitools@HIDDEN
u-boot-a20-olinuxino-lime@HIDDEN u-boot-bananapi-m2-ultra@HIDDEN
u-boot-am335x-boneblack@HIDDEN u-boot-vexpress-ca9x4@HIDDEN
profanity@HIDDEN virt-viewer@HIDDEN irssi@HIDDEN wesnoth-server@HIDDEN
u-boot-puma-rk3399@HIDDEN u-boot-pine64-plus@HIDDEN mariadb@HIDDEN
u-boot-cubietruck@HIDDEN u-boot-cubieboard@HIDDEN
u-boot-wandboard@HIDDEN u-boot-mx6cuboxi@HIDDEN
u-boot-pinebook@HIDDEN u-boot-malta@HIDDEN xen@HIDDEN faust@HIDDEN
mutt@HIDDEN sbsigntools@HIDDEN
------------------------------------------------------------------------
--=20
- P=C3=A1gina com formas de contato:
https://libreplanet.org/wiki/User:Adfeno#vCard
- Ativista do software livre (n=C3=A3o confundir com o gratuito). Avaliad=
or
da liberdade de software e de sites.
- P=C3=A1gina com lista de contribui=C3=A7=C3=B5es:
https://libreplanet.org/wiki/User:Adfeno#Contribs
- Para uso em escrit=C3=B3rios e trabalhos, favor enviar arquivos do padr=
=C3=A3o
internacional OpenDocument/ODF 1.2 (ISO/IEC 26300-1:2015 e
correlatos). S=C3=A3o os .odt/.ods/.odp/odg. O LibreOffice =C3=A9 a su=C3=
=ADte de
escrit=C3=B3rio recomendada para editar tais arquivos.
- Para outros formatos de arquivos, veja:
https://libreplanet.org/wiki/User:Adfeno#Arquivos
- Gosta do meu trabalho? Contrate-me ou doe algo para mim!
https://libreplanet.org/wiki/User:Adfeno#Suporte
- Use comunica=C3=A7=C3=B5es sociais federadas padronizadas, onde o "soci=
al"
permanece independente do fornecedor. #DeleteWhatsApp. Use #XMPP
(https://libreplanet.org/wiki/XMPP.pt), #DeleteFacebook
#DeleteInstagram #DeleteTwitter #DeleteYouTube. Use #ActivityPub via
#Mastodon (https://joinmastodon.org/).
- #DeleteNetflix #CancelNetflix. Evite #DRM:
https://www.defectivebydesign.org/
--DwWt7XVbu1VZMkI082NKiSHX83slxV81e--
--zn4iu9YZS9ktYt1C4BnP2qKPauwpjAcDq
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iF4EAREIAAYFAlyMO4kACgkQyNbhUgHunaHFYgD/YNIHwmvruAOy9xY4wa7yyU3L
PagKrpQznuOcRBcFAQEBAJLFKYiRp48AqxpLeG3HT3DAYCWcTKLQQHcom07ueu25
=Fomx
-----END PGP SIGNATURE-----
--zn4iu9YZS9ktYt1C4BnP2qKPauwpjAcDq--
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 10 Mar 2019 17:13:07 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Mar 10 13:13:07 2019 Received: from localhost ([127.0.0.1]:38255 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h320Z-0003A6-0N for submit <at> debbugs.gnu.org; Sun, 10 Mar 2019 13:13:07 -0400 Received: from eggs.gnu.org ([209.51.188.92]:43964) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1h320X-00039b-9p for 34717 <at> debbugs.gnu.org; Sun, 10 Mar 2019 13:13:05 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:50442) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@HIDDEN>) id 1h320Q-0003qw-7O; Sun, 10 Mar 2019 13:12:58 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=41234 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <ludo@HIDDEN>) id 1h320O-00053R-Rv; Sun, 10 Mar 2019 13:12:57 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Vagrant Cascadian <vagrant@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> <87ftrzuxmh.fsf@ponder> <87o96m8f09.fsf@ponder> <871s3his1i.fsf@HIDDEN> <87k1h9i3gl.fsf@ponder> <87h8cb4sou.fsf@HIDDEN> <871s3f1w5d.fsf@ponder> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 20 =?utf-8?Q?Vent=C3=B4se?= an 227 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Sun, 10 Mar 2019 18:12:54 +0100 In-Reply-To: <871s3f1w5d.fsf@ponder> (Vagrant Cascadian's message of "Sat, 09 Mar 2019 15:10:54 -0800") Message-ID: <87tvga3b6x.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 34717 Cc: Danny Milosavljevic <dannym@HIDDEN>, 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Hi, Vagrant Cascadian <vagrant@HIDDEN> skribis: > On 2019-03-09, Ludovic Court=C3=A8s wrote: >> Vagrant Cascadian <vagrant@HIDDEN> skribis: >>> On 2019-03-08, Ludovic Court=C3=A8s wrote: >>>> Vagrant Cascadian <vagrant@HIDDEN> skribis: >>>> In addition, we can add a =E2=80=98lint=E2=80=99 checker for this case= , WDYT? >>> >>> Does the lint checker have a way to identify a confidence level, >>> e.g. *maybe* it has this issue vs. *certainly*? Is there a way to >>> override the lint checker issues for known false positives? Otherwise, >>> it might just be annoying noise for packagers where it isn't >>> appropriate. >> >> No it doesn=E2=80=99t have that notion of a confidence level. > > And I presume no overrides either, given no comment about that? We could arrange for this lint =E2=80=9Cchecker=E2=80=9D to honor some per-= package property that would silence it. We do that with the =E2=80=98cve=E2=80=99 = checker and the =E2=80=98lint-hidden-cve=E2=80=99 property. >> The warning could be triggered only when a package is GPL=E2=80=99d and = has a >> direct dependency on OpenSSL (we=E2=80=99d forget about indirect depende= ncies in >> this case.) The noise would be rather limited and justified in this >> case, I think. WDYT? > > The openssl package currently ships the "openssl" binary, as well as the > libraries. I suspect there are at least three potential cases where a > package might depend on it: > > * Calls the "openssl" binary as part of test suite or run-time. No > licensing compatibility issue, no worries! > > * Using include files from the openssl headers; I guess you could search > for "include .* openssl/*.h" in the source code. Might get some false > positives. Can be run without actually even building it. > > * Linking against the library which should actually be easy to detect > with ldd or other tools. Would need to build and then run the checks to > be sure. So for the 1st case we=E2=80=99d definitely need that property to tell =E2= =80=98lint=E2=80=99 that everything is known-good. =E2=80=98guix lint=E2=80=99 does very inexpensive tests, so unpacking the t= arball and grepping it would be beyond its scope. However, if we can provide the warning and people have a way to silence it, I guess we=E2=80=99re fine? Thanks, Ludo=E2=80=99.
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 10 Mar 2019 03:59:04 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 09 22:59:04 2019 Received: from localhost ([127.0.0.1]:37594 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h2pc8-0004bu-Ft for submit <at> debbugs.gnu.org; Sat, 09 Mar 2019 22:59:04 -0500 Received: from minsky.hcoop.net ([104.248.1.95]:48120) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <jackhill@HIDDEN>) id 1h2pc6-0004bO-4O for 34717 <at> debbugs.gnu.org; Sat, 09 Mar 2019 22:59:03 -0500 Received: from marsh.hcoop.net ([45.55.52.66]) by minsky.hcoop.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from <jackhill@HIDDEN>) id 1h2pbz-0002nL-GU for 34717 <at> debbugs.gnu.org; Sat, 09 Mar 2019 22:58:56 -0500 Date: Sat, 9 Mar 2019 22:58:22 -0500 (EST) From: Jack Hill <jackhill@HIDDEN> X-X-Sender: jackhill@HIDDEN To: 34717 <at> debbugs.gnu.org Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others In-Reply-To: <871s3f1w5d.fsf@ponder> Message-ID: <alpine.DEB.2.20.1903092253180.16784@HIDDEN> References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> <87ftrzuxmh.fsf@ponder> <87o96m8f09.fsf@ponder> <871s3his1i.fsf@HIDDEN> <87k1h9i3gl.fsf@ponder> <87h8cb4sou.fsf@HIDDEN> <871s3f1w5d.fsf@ponder> User-Agent: Alpine 2.20 (DEB 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 34717 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Hi, Hopefully the OpenSSL re-licensing [0] will help with this problem in the long-term. At least for code that can be distributed under GPLv3, which may include u-boot [1]. Best, Jack [0] https://www.openssl.org/blog/blog/2018/03/01/last-license/ [1] https://www.denx.de/wiki/U-Boot/Licensing
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 9 Mar 2019 23:11:33 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 09 18:11:33 2019 Received: from localhost ([127.0.0.1]:37509 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h2l7t-00060J-K3 for submit <at> debbugs.gnu.org; Sat, 09 Mar 2019 18:11:33 -0500 Received: from cascadia.aikidev.net ([173.255.214.101]:48766) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <vagrant@HIDDEN>) id 1h2l7r-000603-I7 for 34717 <at> debbugs.gnu.org; Sat, 09 Mar 2019 18:11:32 -0500 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:21:21:0:100e]) (Authenticated sender: vagrant@HIDDEN) by cascadia.aikidev.net (Postfix) with ESMTPSA id D9E521AA27; Sat, 9 Mar 2019 15:11:23 -0800 (PST) From: Vagrant Cascadian <vagrant@HIDDEN> To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others In-Reply-To: <87h8cb4sou.fsf@HIDDEN> References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> <87ftrzuxmh.fsf@ponder> <87o96m8f09.fsf@ponder> <871s3his1i.fsf@HIDDEN> <87k1h9i3gl.fsf@ponder> <87h8cb4sou.fsf@HIDDEN> Date: Sat, 09 Mar 2019 15:10:54 -0800 Message-ID: <871s3f1w5d.fsf@ponder> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 34717 Cc: Danny Milosavljevic <dannym@HIDDEN>, 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2019-03-09, Ludovic Court=C3=A8s wrote: > Vagrant Cascadian <vagrant@HIDDEN> skribis: >> On 2019-03-08, Ludovic Court=C3=A8s wrote: >>> Vagrant Cascadian <vagrant@HIDDEN> skribis: >>> In addition, we can add a =E2=80=98lint=E2=80=99 checker for this case,= WDYT? >> >> Does the lint checker have a way to identify a confidence level, >> e.g. *maybe* it has this issue vs. *certainly*? Is there a way to >> override the lint checker issues for known false positives? Otherwise, >> it might just be annoying noise for packagers where it isn't >> appropriate. > > No it doesn=E2=80=99t have that notion of a confidence level. And I presume no overrides either, given no comment about that? > The warning could be triggered only when a package is GPL=E2=80=99d and h= as a > direct dependency on OpenSSL (we=E2=80=99d forget about indirect dependen= cies in > this case.) The noise would be rather limited and justified in this > case, I think. WDYT? The openssl package currently ships the "openssl" binary, as well as the libraries. I suspect there are at least three potential cases where a package might depend on it: * Calls the "openssl" binary as part of test suite or run-time. No licensing compatibility issue, no worries! * Using include files from the openssl headers; I guess you could search for "include .* openssl/*.h" in the source code. Might get some false positives. Can be run without actually even building it. * Linking against the library which should actually be easy to detect with ldd or other tools. Would need to build and then run the checks to be sure. live well, vagrant --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCXIRIAAAKCRDcUY/If5cW qqQ6AP9s1kqBzKCk/E1isIYoAqG4Wm5vclZ2dGtd0XZ8WJFTqwD/VHC5r3ue4Giv pg+mJl6s5mVQsGLYLjE1PWsRv8RmXQo= =ljv9 -----END PGP SIGNATURE----- --=-=-=--
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 9 Mar 2019 21:57:33 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 09 16:57:32 2019 Received: from localhost ([127.0.0.1]:37479 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h2jyG-0004JK-L2 for submit <at> debbugs.gnu.org; Sat, 09 Mar 2019 16:57:32 -0500 Received: from eggs.gnu.org ([209.51.188.92]:38979) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1h2jyE-0004J7-Tt for 34717 <at> debbugs.gnu.org; Sat, 09 Mar 2019 16:57:31 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:37254) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@HIDDEN>) id 1h2jy8-000715-Nw; Sat, 09 Mar 2019 16:57:24 -0500 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=39196 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <ludo@HIDDEN>) id 1h2jy8-0004kR-7C; Sat, 09 Mar 2019 16:57:24 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Vagrant Cascadian <vagrant@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> <87ftrzuxmh.fsf@ponder> <87o96m8f09.fsf@ponder> <871s3his1i.fsf@HIDDEN> <87k1h9i3gl.fsf@ponder> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 19 =?utf-8?Q?Vent=C3=B4se?= an 227 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Sat, 09 Mar 2019 22:57:21 +0100 In-Reply-To: <87k1h9i3gl.fsf@ponder> (Vagrant Cascadian's message of "Fri, 08 Mar 2019 11:14:02 -0800") Message-ID: <87h8cb4sou.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 34717 Cc: Danny Milosavljevic <dannym@HIDDEN>, 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Vagrant Cascadian <vagrant@HIDDEN> skribis: > On 2019-03-08, Ludovic Court=C3=A8s wrote: >> Vagrant Cascadian <vagrant@HIDDEN> skribis: >>> I'm not sure where it would be appropriate to add more comments >>> regarding the GPL/Openssl incompatibilities; e.g. if someone were to >>> propose adding one of the u-boot targets that requires it, they might >>> just go ahead and re-add the openssl input... >> >> There=E2=80=99s always a risk. I guess we=E2=80=99ll have to be careful= when doing >> reviews. > > Sure. I was thinking maybe putting a comment in the native-inputs where > "openssl" was removed, but wasn't sure what the conventions might be. Yeah that would have worked I guess. >> In addition, we can add a =E2=80=98lint=E2=80=99 checker for this case, = WDYT? > > Does the lint checker have a way to identify a confidence level, > e.g. *maybe* it has this issue vs. *certainly*? Is there a way to > override the lint checker issues for known false positives? Otherwise, > it might just be annoying noise for packagers where it isn't > appropriate. No it doesn=E2=80=99t have that notion of a confidence level. The warning could be triggered only when a package is GPL=E2=80=99d and has= a direct dependency on OpenSSL (we=E2=80=99d forget about indirect dependenci= es in this case.) The noise would be rather limited and justified in this case, I think. WDYT? Thanks, Ludo=E2=80=99.
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 8 Mar 2019 19:14:17 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 08 14:14:17 2019 Received: from localhost ([127.0.0.1]:36678 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h2Kwj-0001NR-3Y for submit <at> debbugs.gnu.org; Fri, 08 Mar 2019 14:14:17 -0500 Received: from cascadia.aikidev.net ([173.255.214.101]:46814) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <vagrant@HIDDEN>) id 1h2Kwg-0001NB-Qt for 34717 <at> debbugs.gnu.org; Fri, 08 Mar 2019 14:14:15 -0500 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:21:21:0:100e]) (Authenticated sender: vagrant@HIDDEN) by cascadia.aikidev.net (Postfix) with ESMTPSA id B2DE41AA27; Fri, 8 Mar 2019 11:14:08 -0800 (PST) From: Vagrant Cascadian <vagrant@HIDDEN> To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others In-Reply-To: <871s3his1i.fsf@HIDDEN> References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> <87ftrzuxmh.fsf@ponder> <87o96m8f09.fsf@ponder> <871s3his1i.fsf@HIDDEN> Date: Fri, 08 Mar 2019 11:14:02 -0800 Message-ID: <87k1h9i3gl.fsf@ponder> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 34717 Cc: Danny Milosavljevic <dannym@HIDDEN>, 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2019-03-08, Ludovic Court=C3=A8s wrote: > Vagrant Cascadian <vagrant@HIDDEN> skribis: >> I'm not sure where it would be appropriate to add more comments >> regarding the GPL/Openssl incompatibilities; e.g. if someone were to >> propose adding one of the u-boot targets that requires it, they might >> just go ahead and re-add the openssl input... > > There=E2=80=99s always a risk. I guess we=E2=80=99ll have to be careful = when doing > reviews. Sure. I was thinking maybe putting a comment in the native-inputs where "openssl" was removed, but wasn't sure what the conventions might be. > In addition, we can add a =E2=80=98lint=E2=80=99 checker for this case, W= DYT? Does the lint checker have a way to identify a confidence level, e.g. *maybe* it has this issue vs. *certainly*? Is there a way to override the lint checker issues for known false positives? Otherwise, it might just be annoying noise for packagers where it isn't appropriate. live well, vagrant --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCXIK+/AAKCRDcUY/If5cW quhvAQDhH6LGasQ+bEPiayw0lRVOy+wQ1G9tonnTYZf7Slg8WwD/YHtuLplr6HTf Q13lEIYqEm/OZi4pan+meRF64kwAxAs= =zy4Q -----END PGP SIGNATURE----- --=-=-=--
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 8 Mar 2019 10:23:21 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 08 05:23:21 2019 Received: from localhost ([127.0.0.1]:35860 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h2Cev-0006cQ-4X for submit <at> debbugs.gnu.org; Fri, 08 Mar 2019 05:23:21 -0500 Received: from eggs.gnu.org ([209.51.188.92]:39326) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1h2Ces-0006cC-Pj for 34717 <at> debbugs.gnu.org; Fri, 08 Mar 2019 05:23:19 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:53851) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@HIDDEN>) id 1h2Cek-0001dr-N6; Fri, 08 Mar 2019 05:23:10 -0500 Received: from [2001:660:6102:320:e120:2c8f:8909:cdfe] (port=39188 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <ludo@HIDDEN>) id 1h2Cei-0008PX-I0; Fri, 08 Mar 2019 05:23:09 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Vagrant Cascadian <vagrant@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> <87ftrzuxmh.fsf@ponder> <87o96m8f09.fsf@ponder> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 18 =?utf-8?Q?Vent=C3=B4se?= an 227 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Fri, 08 Mar 2019 11:23:05 +0100 In-Reply-To: <87o96m8f09.fsf@ponder> (Vagrant Cascadian's message of "Thu, 07 Mar 2019 15:02:30 -0800") Message-ID: <871s3his1i.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 34717 Cc: Danny Milosavljevic <dannym@HIDDEN>, 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Hi, Vagrant Cascadian <vagrant@HIDDEN> skribis: > I've tested that the attached patch builds all u-boot-* targets on > x86_64 (cross-building most of them), with openssl removed from > native-inputs. > > Unfortunately, u-boot-tools fails it's tests on aarch64 and armhf, but > that appears to be the case with or without this patch, so it's no worse > off than it was... This can be fixed separately then. > I'm not sure where it would be appropriate to add more comments > regarding the GPL/Openssl incompatibilities; e.g. if someone were to > propose adding one of the u-boot targets that requires it, they might > just go ahead and re-add the openssl input... There=E2=80=99s always a risk. I guess we=E2=80=99ll have to be careful wh= en doing reviews. In addition, we can add a =E2=80=98lint=E2=80=99 checker for this case, WDY= T? > From ee613387c49ca60905e0a40af8af017828c8aec8 Mon Sep 17 00:00:00 2001 > From: Vagrant Cascadian <vagrant@HIDDEN> > Date: Thu, 7 Mar 2019 21:50:58 +0000 > Subject: [PATCH] gnu: u-boot: Remove openssl input. > > Fixes: https://bugs.gnu.org/34717 > > * gnu/packages/bootloaders (u-boot): Remove openssl from native-inputs. > (u-boot-tools): Disable FIT_SIGNATURES in tests. Applied, thanks! Ludo=E2=80=99.
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.
Received: (at 34717) by debbugs.gnu.org; 8 Mar 2019 10:16:57 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 08 05:16:57 2019
Received: from localhost ([127.0.0.1]:35856 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1h2CYj-0006S2-AV
for submit <at> debbugs.gnu.org; Fri, 08 Mar 2019 05:16:57 -0500
Received: from eggs.gnu.org ([209.51.188.92]:37770)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ludo@HIDDEN>) id 1h2CYf-0006Rn-Lk
for 34717 <at> debbugs.gnu.org; Fri, 08 Mar 2019 05:16:54 -0500
Received: from fencepost.gnu.org ([2001:470:142:3::e]:53422)
by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@HIDDEN>)
id 1h2CYa-00025S-Gz; Fri, 08 Mar 2019 05:16:48 -0500
Received: from [2001:660:6102:320:e120:2c8f:8909:cdfe] (port=39176 helo=ribbon)
by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
(Exim 4.82) (envelope-from <ludo@HIDDEN>)
id 1h2CYa-0007Ym-26; Fri, 08 Mar 2019 05:16:48 -0500
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Vagrant Cascadian <vagrant@HIDDEN>
Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and
possibly others
References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN>
<87ftrzuxmh.fsf@ponder> <87bm2lispp.fsf@HIDDEN>
Date: Fri, 08 Mar 2019 11:16:45 +0100
In-Reply-To: <87bm2lispp.fsf@HIDDEN> ("Ludovic
\=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\=
\=\?utf-8\?Q\?s\?\= message of "Fri, 08 Mar 2019 11:08:34 +0100")
Message-ID: <877ed9isc2.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34717
Cc: 34717 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
Ludovic Court=C3=A8s <ludo@HIDDEN> skribis:
> Here=E2=80=99s an estimate:
Oops, I was doing an =E2=80=9Cor=E2=80=9D instead of an =E2=80=9Cand=E2=80=
=9D; here=E2=80=99s the fix:
--8<---------------cut here---------------start------------->8---
$ guix package -s "" |recsel -e 'license ~ "GPL" && dependencies ~ "openssl=
"' |grep ^name | wc -l
154
--8<---------------cut here---------------end--------------->8---
Still a lot, and that doesn=E2=80=99t take into account indirect GPL depend=
ents.
Ludo=E2=80=99.
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 8 Mar 2019 10:08:47 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 08 05:08:47 2019 Received: from localhost ([127.0.0.1]:35851 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h2CQp-0006Em-BT for submit <at> debbugs.gnu.org; Fri, 08 Mar 2019 05:08:47 -0500 Received: from eggs.gnu.org ([209.51.188.92]:35307) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1h2CQl-0006ET-UQ for 34717 <at> debbugs.gnu.org; Fri, 08 Mar 2019 05:08:46 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:52847) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@HIDDEN>) id 1h2CQf-0001fV-CQ; Fri, 08 Mar 2019 05:08:37 -0500 Received: from [2001:660:6102:320:e120:2c8f:8909:cdfe] (port=39158 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <ludo@HIDDEN>) id 1h2CQe-0006I2-RG; Fri, 08 Mar 2019 05:08:37 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Vagrant Cascadian <vagrant@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> <87ftrzuxmh.fsf@ponder> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 18 =?utf-8?Q?Vent=C3=B4se?= an 227 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Fri, 08 Mar 2019 11:08:34 +0100 In-Reply-To: <87ftrzuxmh.fsf@ponder> (Vagrant Cascadian's message of "Wed, 06 Mar 2019 20:17:10 -0800") Message-ID: <87bm2lispp.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 34717 Cc: 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Hi Vagrant Cascadian <vagrant@HIDDEN> skribis: > On 2019-03-06, Ludovic Court=C3=A8s wrote: [...] >> openssl@HIDDEN has 7,029 dependent packages, so it may be hard to sort it >> out. I wonder what would be the best way to approach it. > > How many of them are also license:gpl* though? That would hopefully > reduce the scope somewhat, or maybe even significantly... > > If "guix package --search=3D ..." could be extended to to also search > other fields, e.g. license: and dependencies: ... it might not be so > difficult a search. Here=E2=80=99s an estimate: --8<---------------cut here---------------start------------->8--- $ guix package -s "" |recsel -e 'license ~ "GPL"' -e 'dependencies ~ "opens= sl"' |grep ^name| wc -l 265 --8<---------------cut here---------------end--------------->8--- You can view the list of packages like this: --8<---------------cut here---------------start------------->8--- guix package -s "" |recsel -e 'license ~ "GPL"' -e 'dependencies ~ "openssl= "' -p name,version --8<---------------cut here---------------end--------------->8--- >>> In the Debian u-boot packaging, some of the features using openssl are >>> disabled, and some of the u-boot targets that require openssl are not >>> part of the packages. I'd be happy to help with making such adjustments >>> if this is deemed the better approach for u-boot specifically. >> >> That=E2=80=99d be great. We could definitely remove the OpenSSL depende= ncy when >> it=E2=80=99s not needed. > > For what it's worth, I did do local builds of all the current u-boot-* > targets in guix with openssl removed from inputs, and the only one that > failed to build without openssl was u-boot-tools. Not that bad! >> In cases where it is needed, it would be nice to see what it=E2=80=99s u= sed >> for. Many projects use OpenSSL just for its cryptographic hash >> functions, for example, and there=E2=80=99s plenty of options to choose = from if >> that=E2=80=99s all that=E2=80=99s needed (Gcrypt, Nettle, etc.). > > I think it is using it for generating and verifying rsa signatures, and > probably other similar basic things. So far I had only thought about > gnutls, but if gcrypt or nettle are other options, then so much the > better. > > I briefly looked at gnutls's openssl compatibility layers, but it didn't > seem to implement sufficiently similar include files, which is largely > all that it is doing. Yeah, GnuTLS=E2=80=99 OpenSSL compat layer has been bitrotting since foreve= r. But really rather than GnuTLS they should target one of these crypto libraries, which seem to be a better fit. >> I guess this should be discussed with upstream. > > I did bring it upstream a little over a year ago, and the response was > pretty much to rewrite it with gnutls, and I pointed out the most likely > files that needed updating: > > https://lists.denx.de/pipermail/u-boot/2017-November/312483.html > https://lists.denx.de/pipermail/u-boot/2017-December/313616.html > https://lists.denx.de/pipermail/u-boot/2017-December/313742.html > > I suspect it's pretty much a "patches accepted" sort of scenario. I guess =E2=80=9Cwe=E2=80=9D should consider doing it at some point. Chang= ing the RSA signature code to use another API can=E2=80=99t be that hard=E2=84=A2. ;-) I see from the message above that PEM encoding/decoding may also be needed, which Gcrypt doesn=E2=80=99t provide. Thanks, Ludo=E2=80=99.
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 8 Mar 2019 09:59:47 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 08 04:59:47 2019 Received: from localhost ([127.0.0.1]:35845 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h2CI7-0005zu-Bv for submit <at> debbugs.gnu.org; Fri, 08 Mar 2019 04:59:47 -0500 Received: from eggs.gnu.org ([209.51.188.92]:60775) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1h2CI5-0005zf-R2 for 34717 <at> debbugs.gnu.org; Fri, 08 Mar 2019 04:59:46 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:52226) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@HIDDEN>) id 1h2CHy-00026J-Dk; Fri, 08 Mar 2019 04:59:39 -0500 Received: from [2001:660:6102:320:e120:2c8f:8909:cdfe] (port=39128 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <ludo@HIDDEN>) id 1h2CHw-0000Ii-92; Fri, 08 Mar 2019 04:59:36 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Danny Milosavljevic <dannym@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others In-Reply-To: <20190306191252.577335c1@HIDDEN> (Danny Milosavljevic's message of "Wed, 6 Mar 2019 19:12:52 +0100") References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> <20190306191252.577335c1@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 18 =?utf-8?Q?Vent=C3=B4se?= an 227 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Fri, 08 Mar 2019 10:59:34 +0100 Message-ID: <87imwtit4p.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 34717 Cc: Vagrant Cascadian <vagrant@HIDDEN>, 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) Danny Milosavljevic <dannym@HIDDEN> skribis: > I can't believe I seriously suggest the following but: > > A license algebra [...] Yeah, licensing is anything but an algebra, so let=E2=80=99s not take that = path. :-) Ludo=E2=80=99.
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.
Received: (at 34717) by debbugs.gnu.org; 7 Mar 2019 23:02:48 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu Mar 07 18:02:48 2019
Received: from localhost ([127.0.0.1]:35681 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1h222K-0006M1-Bs
for submit <at> debbugs.gnu.org; Thu, 07 Mar 2019 18:02:48 -0500
Received: from cascadia.aikidev.net ([173.255.214.101]:45026)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <vagrant@HIDDEN>) id 1h222I-0006Ln-I9
for 34717 <at> debbugs.gnu.org; Thu, 07 Mar 2019 18:02:47 -0500
Received: from localhost (unknown [IPv6:2600:3c01:e000:21:21:21:0:100e])
(Authenticated sender: vagrant@HIDDEN)
by cascadia.aikidev.net (Postfix) with ESMTPSA id 8CF221AA27;
Thu, 7 Mar 2019 15:02:39 -0800 (PST)
From: Vagrant Cascadian <vagrant@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and
possibly others
In-Reply-To: <87ftrzuxmh.fsf@ponder>
References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN>
<87ftrzuxmh.fsf@ponder>
Date: Thu, 07 Mar 2019 15:02:30 -0800
Message-ID: <87o96m8f09.fsf@ponder>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="==-=-=";
micalg=pgp-sha512; protocol="application/pgp-signature"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 34717
Cc: Danny Milosavljevic <dannym@HIDDEN>, 34717 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
--==-=-=
Content-Type: multipart/mixed; boundary="=-=-="
--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
On 2019-03-06, Vagrant Cascadian wrote:
> On 2019-03-06, Ludovic Court=C3=A8s wrote:
>> Vagrant Cascadian <vagrant@HIDDEN> skribis:
>>> The u-boot package definition includes openssl amoung it's inputs, but
>>> is also a GPL2+ software project... but the GPL and OpenSSL licenses are
>>> incompatible:
>>>
>>> https://www.gnu.org/licenses/license-list.html#OpenSSL
...
>>> In the Debian u-boot packaging, some of the features using openssl are
>>> disabled, and some of the u-boot targets that require openssl are not
>>> part of the packages. I'd be happy to help with making such adjustments
>>> if this is deemed the better approach for u-boot specifically.
>>
>> That=E2=80=99d be great. We could definitely remove the OpenSSL depende=
ncy when
>> it=E2=80=99s not needed.
>
> For what it's worth, I did do local builds of all the current u-boot-*
> targets in guix with openssl removed from inputs, and the only one that
> failed to build without openssl was u-boot-tools.
I've tested that the attached patch builds all u-boot-* targets on
x86_64 (cross-building most of them), with openssl removed from
native-inputs.
Unfortunately, u-boot-tools fails it's tests on aarch64 and armhf, but
that appears to be the case with or without this patch, so it's no worse
off than it was...
I'm not sure where it would be appropriate to add more comments
regarding the GPL/Openssl incompatibilities; e.g. if someone were to
propose adding one of the u-boot targets that requires it, they might
just go ahead and re-add the openssl input...
live well,
vagrant
--=-=-=
Content-Type: text/x-diff
Content-Disposition: inline;
filename=0001-gnu-u-boot-Remove-openssl-input.patch
Content-Transfer-Encoding: quoted-printable
From=20ee613387c49ca60905e0a40af8af017828c8aec8 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@HIDDEN>
Date: Thu, 7 Mar 2019 21:50:58 +0000
Subject: [PATCH] gnu: u-boot: Remove openssl input.
Fixes: https://bugs.gnu.org/34717
* gnu/packages/bootloaders (u-boot): Remove openssl from native-inputs.
(u-boot-tools): Disable FIT_SIGNATURES in tests.
=2D--
gnu/packages/bootloaders.scm | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/bootloaders.scm b/gnu/packages/bootloaders.scm
index b0617f452a..15953ab75e 100644
=2D-- a/gnu/packages/bootloaders.scm
+++ b/gnu/packages/bootloaders.scm
@@ -391,7 +391,6 @@ tree binary files. These are board description files u=
sed by Linux and BSD.")
("dtc" ,dtc)
("flex" ,flex)
("lz4" ,lz4)
=2D ("openssl" ,openssl)
("python-2" ,python-2)
("python2-coverage" ,python2-coverage)
("python2-pytest" ,python2-pytest)
@@ -440,9 +439,14 @@ also initializes the boards (RAM etc).")
(("def test_ctrl_c")
"@pytest.mark.skip(reason=3D'Guix has problems with SIGINT')
def test_ctrl_c"))
=2D ;; This test requires a sound system, which is un-used in u=
-boot-tools.
(for-each (lambda (file)
(substitute* file
+ ;; Disable signatures, due to GPL/Openssl
+ ;; license incompatibilities. See
+ ;; https://bugs.gnu.org/34717 for detail=
s.
+ (("CONFIG_FIT_SIGNATURE=3Dy") "CONFIG_FI=
T_SIGNATURE=3Dn")
+ ;; This test requires a sound system, wh=
ich is un-used
+ ;; in u-boot-tools.
(("CONFIG_SOUND=3Dy") "CONFIG_SOUND=3Dn"=
)))
(find-files "configs" "sandbox_.*defconfig$"=
))
#t))
=2D-=20
2.20.1
--=-=-=--
--==-=-=
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCXIGjCAAKCRDcUY/If5cW
qtC9AQCxXgZ4A+ZUWsro4IGGBHoxoNvhGIxLvlKKKhjU3IFtJwEAyLgcEDnw6zlK
3gBaT/P4/RQGQJh9nPCsyM31s/KkcA4=
=fg6f
-----END PGP SIGNATURE-----
--==-=-=--
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 7 Mar 2019 04:17:24 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 06 23:17:24 2019 Received: from localhost ([127.0.0.1]:34853 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h1kTE-0007d8-5x for submit <at> debbugs.gnu.org; Wed, 06 Mar 2019 23:17:24 -0500 Received: from cascadia.aikidev.net ([173.255.214.101]:43360) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <vagrant@HIDDEN>) id 1h1kTC-0007cw-MC for 34717 <at> debbugs.gnu.org; Wed, 06 Mar 2019 23:17:23 -0500 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:21:21:0:100e]) (Authenticated sender: vagrant@HIDDEN) by cascadia.aikidev.net (Postfix) with ESMTPSA id C1D561AA27; Wed, 6 Mar 2019 20:17:15 -0800 (PST) From: Vagrant Cascadian <vagrant@HIDDEN> To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others In-Reply-To: <87zhq8f2zz.fsf@HIDDEN> References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> Date: Wed, 06 Mar 2019 20:17:10 -0800 Message-ID: <87ftrzuxmh.fsf@ponder> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 34717 Cc: 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2019-03-06, Ludovic Court=C3=A8s wrote: > Vagrant Cascadian <vagrant@HIDDEN> skribis: > >> The u-boot package definition includes openssl amoung it's inputs, but >> is also a GPL2+ software project... but the GPL and OpenSSL licenses are >> incompatible: >> >> https://www.gnu.org/licenses/license-list.html#OpenSSL > > Thanks for bringing it up. > >> I'm not sure if there's a simple way to search for other packages with >> license:gpl and openssl as an input in order to do a quick pass at >> auditing... some packages may use the openssl binary as part of the >> build process or tests, and not linking any GPLed code against it; in >> those cases there would be no license conflict. > > openssl@HIDDEN has 7,029 dependent packages, so it may be hard to sort it > out. I wonder what would be the best way to approach it. How many of them are also license:gpl* though? That would hopefully reduce the scope somewhat, or maybe even significantly... If "guix package --search=3D ..." could be extended to to also search other fields, e.g. license: and dependencies: ... it might not be so difficult a search. >> In the Debian u-boot packaging, some of the features using openssl are >> disabled, and some of the u-boot targets that require openssl are not >> part of the packages. I'd be happy to help with making such adjustments >> if this is deemed the better approach for u-boot specifically. > > That=E2=80=99d be great. We could definitely remove the OpenSSL dependen= cy when > it=E2=80=99s not needed. For what it's worth, I did do local builds of all the current u-boot-* targets in guix with openssl removed from inputs, and the only one that failed to build without openssl was u-boot-tools. > In cases where it is needed, it would be nice to see what it=E2=80=99s us= ed > for. Many projects use OpenSSL just for its cryptographic hash > functions, for example, and there=E2=80=99s plenty of options to choose f= rom if > that=E2=80=99s all that=E2=80=99s needed (Gcrypt, Nettle, etc.). I think it is using it for generating and verifying rsa signatures, and probably other similar basic things. So far I had only thought about gnutls, but if gcrypt or nettle are other options, then so much the better. I briefly looked at gnutls's openssl compatibility layers, but it didn't seem to implement sufficiently similar include files, which is largely all that it is doing. > I guess this should be discussed with upstream. I did bring it upstream a little over a year ago, and the response was pretty much to rewrite it with gnutls, and I pointed out the most likely files that needed updating: https://lists.denx.de/pipermail/u-boot/2017-November/312483.html https://lists.denx.de/pipermail/u-boot/2017-December/313616.html https://lists.denx.de/pipermail/u-boot/2017-December/313742.html I suspect it's pretty much a "patches accepted" sort of scenario. live well, vagrant --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCXICbRwAKCRDcUY/If5cW qslIAP9ScQrLSi6R54J1NV5/L6Uh/os0qMg+RiswaDGV+kWtvQEAlfpxaLRUbI7+ Bt+71U4GBtM71PoXnDh1xExzjF9A5Ag= =JlTa -----END PGP SIGNATURE----- --=-=-=--
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 6 Mar 2019 18:13:01 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 06 13:13:01 2019 Received: from localhost ([127.0.0.1]:34654 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h1b2L-0007Yl-4O for submit <at> debbugs.gnu.org; Wed, 06 Mar 2019 13:13:01 -0500 Received: from dd26836.kasserver.com ([85.13.145.193]:59952) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <dannym@HIDDEN>) id 1h1b2J-0007Yd-HZ for 34717 <at> debbugs.gnu.org; Wed, 06 Mar 2019 13:13:00 -0500 Received: from localhost (178.113.143.124.wireless.dyn.drei.com [178.113.143.124]) by dd26836.kasserver.com (Postfix) with ESMTPSA id C37E933610B9; Wed, 6 Mar 2019 19:12:57 +0100 (CET) Date: Wed, 6 Mar 2019 19:12:52 +0100 From: Danny Milosavljevic <dannym@HIDDEN> To: Ludovic =?ISO-8859-1?Q?Court=E8s?= <ludo@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others Message-ID: <20190306191252.577335c1@HIDDEN> In-Reply-To: <87zhq8f2zz.fsf@HIDDEN> References: <87tvgkiurn.fsf@ponder> <87zhq8f2zz.fsf@HIDDEN> X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-unknown-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/jPsCwQ_WMPfIlcICTkXEN.k"; protocol="application/pgp-signature" X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 34717 Cc: Vagrant Cascadian <vagrant@HIDDEN>, 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) --Sig_/jPsCwQ_WMPfIlcICTkXEN.k Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Hi, > openssl@HIDDEN has 7,029 dependent packages, so it may be hard to sort it > out. I wonder what would be the best way to approach it. I can't believe I seriously suggest the following but: A license algebra and guix commands that automate part of the lawyering, by using the "license" field of the packages, which would now have at least "and-license" and "or-license" operators and maybe also finer-grained ones, and a placeholder for "it's too difficult, sort it out manually" (maybe just detect the list we have now as "it's too difficult"). If we do it, we should add a disclaimer that it doesn't replace the need for legal counsel entirely. --Sig_/jPsCwQ_WMPfIlcICTkXEN.k Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEds7GsXJ0tGXALbPZ5xo1VCwwuqUFAlyADaQACgkQ5xo1VCww uqUcfQf/evYYUJTPsIxtOB2gIzcrO3GAluInaWhNSbYX29HbvxukUou4FEBxMqd5 qxm6G8jaKiwwSm9KgDEmp6hQ6B/nWzKHq0ZjSryX3QWG3nO/wr8rw3BtgWv/bAr0 IKhcw9lO+dV9OXDN6LLM/8oQ83hyyJpez2NkHQaOAJQ2bl5dNnMErtwFSZ2FCb+b R0Y3sJOb6Ni5eQ1iCHWaQqWjyMsV+7+dKHMqZ66jX/nKcfw7DTCEdmtFFPW/0nqL H/tzqTwaQtQp5WboYu2n8rPbHBEc4xRSCADgCIh7bOFgpN5rTM6aMicSfOjdFsuo vPqUYRv0OnCiMgrzBlu1BYLpbj3fyg== =dirL -----END PGP SIGNATURE----- --Sig_/jPsCwQ_WMPfIlcICTkXEN.k--
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at 34717) by debbugs.gnu.org; 6 Mar 2019 15:15:34 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Mar 06 10:15:34 2019 Received: from localhost ([127.0.0.1]:34578 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h1YGc-0001C7-Dg for submit <at> debbugs.gnu.org; Wed, 06 Mar 2019 10:15:34 -0500 Received: from hera.aquilenet.fr ([185.233.100.1]:60210) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1h1YGa-0001By-42 for 34717 <at> debbugs.gnu.org; Wed, 06 Mar 2019 10:15:33 -0500 Received: from localhost (localhost [127.0.0.1]) by hera.aquilenet.fr (Postfix) with ESMTP id CB744A9B4; Wed, 6 Mar 2019 16:15:30 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at aquilenet.fr Received: from hera.aquilenet.fr ([127.0.0.1]) by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8RDqM6qBJntS; Wed, 6 Mar 2019 16:15:30 +0100 (CET) Received: from ribbon (unknown [IPv6:2a01:e0a:1d:7270:af76:b9b:ca24:c465]) by hera.aquilenet.fr (Postfix) with ESMTPSA id D1AEEA939; Wed, 6 Mar 2019 16:15:29 +0100 (CET) From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Vagrant Cascadian <vagrant@HIDDEN> Subject: Re: bug#34717: GPL and Openssl incompatibilities in u-boot and possibly others References: <87tvgkiurn.fsf@ponder> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 16 =?utf-8?Q?Vent=C3=B4se?= an 227 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Wed, 06 Mar 2019 16:15:28 +0100 In-Reply-To: <87tvgkiurn.fsf@ponder> (Vagrant Cascadian's message of "Sat, 02 Mar 2019 17:58:20 -0800") Message-ID: <87zhq8f2zz.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 1.0 (+) X-Debbugs-Envelope-To: 34717 Cc: 34717 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.0 (/) Hi Vagrant, Vagrant Cascadian <vagrant@HIDDEN> skribis: > The u-boot package definition includes openssl amoung it's inputs, but > is also a GPL2+ software project... but the GPL and OpenSSL licenses are > incompatible: > > https://www.gnu.org/licenses/license-list.html#OpenSSL Thanks for bringing it up. > I'm not sure if there's a simple way to search for other packages with > license:gpl and openssl as an input in order to do a quick pass at > auditing... some packages may use the openssl binary as part of the > build process or tests, and not linking any GPLed code against it; in > those cases there would be no license conflict. openssl@HIDDEN has 7,029 dependent packages, so it may be hard to sort it out. I wonder what would be the best way to approach it. > Since I believe the incompatibility is only invoked when distributing > binaries, GNU Guix may be in an interesting position to at least make a > simple workaround for affected packages by using: > > (arguments `(#:substitutable? #f)) > > Thus disabling substitutes. Though it poses a curious philosophical > question weather that is an acceptible/appropriate workaround for GNU > Guix... Hmm yeah, that doesn=E2=80=99t sound right. :-) > In the Debian u-boot packaging, some of the features using openssl are > disabled, and some of the u-boot targets that require openssl are not > part of the packages. I'd be happy to help with making such adjustments > if this is deemed the better approach for u-boot specifically. That=E2=80=99d be great. We could definitely remove the OpenSSL dependency= when it=E2=80=99s not needed. In cases where it is needed, it would be nice to see what it=E2=80=99s used for. Many projects use OpenSSL just for its cryptographic hash functions, for example, and there=E2=80=99s plenty of options to choose fro= m if that=E2=80=99s all that=E2=80=99s needed (Gcrypt, Nettle, etc.). I guess this should be discussed with upstream. Thanks, Ludo=E2=80=99.
bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.Received: (at submit) by debbugs.gnu.org; 3 Mar 2019 01:58:40 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 02 20:58:40 2019 Received: from localhost ([127.0.0.1]:57985 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1h0GOm-00028W-Cc for submit <at> debbugs.gnu.org; Sat, 02 Mar 2019 20:58:40 -0500 Received: from eggs.gnu.org ([209.51.188.92]:49181) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <vagrant@HIDDEN>) id 1h0GOk-00028J-0L for submit <at> debbugs.gnu.org; Sat, 02 Mar 2019 20:58:38 -0500 Received: from lists.gnu.org ([209.51.188.17]:50831) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from <vagrant@HIDDEN>) id 1h0GOe-0007Go-NZ for submit <at> debbugs.gnu.org; Sat, 02 Mar 2019 20:58:32 -0500 Received: from eggs.gnu.org ([209.51.188.92]:35329) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <vagrant@HIDDEN>) id 1h0GOd-0003zL-P7 for bug-guix@HIDDEN; Sat, 02 Mar 2019 20:58:32 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_NONE, URIBL_BLOCKED autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from <vagrant@HIDDEN>) id 1h0GOc-0007Eq-Cp for bug-guix@HIDDEN; Sat, 02 Mar 2019 20:58:31 -0500 Received: from cascadia.aikidev.net ([173.255.214.101]:54026) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <vagrant@HIDDEN>) id 1h0GOc-0007CS-4f for bug-guix@HIDDEN; Sat, 02 Mar 2019 20:58:30 -0500 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:21:21:0:100e]) (Authenticated sender: vagrant@HIDDEN) by cascadia.aikidev.net (Postfix) with ESMTPSA id 9DC5A1AA27 for <bug-guix@HIDDEN>; Sat, 2 Mar 2019 17:58:25 -0800 (PST) From: Vagrant Cascadian <vagrant@HIDDEN> To: bug-guix@HIDDEN Subject: GPL and Openssl incompatibilities in u-boot and possibly others Date: Sat, 02 Mar 2019 17:58:20 -0800 Message-ID: <87tvgkiurn.fsf@ponder> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 173.255.214.101 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain The u-boot package definition includes openssl amoung it's inputs, but is also a GPL2+ software project... but the GPL and OpenSSL licenses are incompatible: https://www.gnu.org/licenses/license-list.html#OpenSSL It doesn't explain the details of *why* they're incompatibly, which is astoundingly unhelpful. The best explanation I've found is here: https://people.gnome.org/~markmc/openssl-and-the-gpl.html Essentially, the Openssl/SSLeay license(s) place additional restrictions requiring "advertising" clause when distributing in binary form, while the GPL forbids placing additional restrictions on distribution. I'm not sure if there's a simple way to search for other packages with license:gpl and openssl as an input in order to do a quick pass at auditing... some packages may use the openssl binary as part of the build process or tests, and not linking any GPLed code against it; in those cases there would be no license conflict. Since I believe the incompatibility is only invoked when distributing binaries, GNU Guix may be in an interesting position to at least make a simple workaround for affected packages by using: (arguments `(#:substitutable? #f)) Thus disabling substitutes. Though it poses a curious philosophical question weather that is an acceptible/appropriate workaround for GNU Guix... In the Debian u-boot packaging, some of the features using openssl are disabled, and some of the u-boot targets that require openssl are not part of the packages. I'd be happy to help with making such adjustments if this is deemed the better approach for u-boot specifically. Other more long-term approaches: Patch (and submit upstream) the affected packages to support using other GPL compatible libraries, such as gnutls. If upstream is reasonably able to add a license exception, that could also resolve the issue: https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs live well, vagrant --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCXHs0vAAKCRDcUY/If5cW qpx5AQD1tIZOPkaVIfPvFxiCO5fh+3pHugUaX4ysih2phFjTAAEAvlbLHriinnPU PbP4TpS6+1WPLiuGiADU1wz75h8LZQk= =iuiX -----END PGP SIGNATURE----- --=-=-=--
Vagrant Cascadian <vagrant@HIDDEN>:bug-guix@HIDDEN.
Full text available.bug-guix@HIDDEN:bug#34717; Package guix.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.