Opened 6 months ago

Last modified 8 weeks ago

#1350 new defect/bug

Navit is licensed under GPL v2 with no OpenSSL exception

Reported by: pini Owned by: KaZeR
Priority: major Milestone: version 0.5.1
Component: core Version:
Severity: normal Keywords:
Cc: gilles.filippini@…

Description

Hi,

Navit wants to link against OpenSSL (libcrypto) while its current GPLv2 licensing (with no OpenSSL exception) is incompatible with the OpenSSL license. See [1], [2], [3].

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857199#17 [2] https://en.wikipedia.org/wiki/OpenSSL#Licensing [3] https://people.gnome.org/~markmc/openssl-and-the-gpl.html

Thanks,

_g.

Change History (3)

comment:1 Changed 2 months ago by kazer

  • Milestone set to version 0.5.1

comment:2 Changed 8 weeks ago by sleske

There is a PR on GitHub? with some discussion: https://github.com/navit-gps/navit/pull/212 .

comment:3 Changed 8 weeks ago by sleske

My opinion:

As far as I see, OpenSSL is used in two places only:

  • MD5 calculation in maptool (command line option --md5)
  • reading of encrypted binfiles (with password specified via attribute "map_pass")

As explained in PR 212 above, both features are no longer needed. So I think we should drop these two from the code, and get rid of OpenSSL.

Note: See TracTickets for help on using tickets.