Russ Allbery wrote:
Dan Prittsdanno@internet2.edu writes:
On Thu, Mar 18, 2010 at 04:38:32PM -0700, Russ Allbery wrote:
Out of fairness want to note that the most significant component of the problems with the OpenLDAP packages for Debian (and Ubuntu, to a somewhat lesser degree) is that the packaging team has basically no resources.
Interesting about the Debian situation. Another reminder to me of why I don't use Debian; the project's concerns about absolute "freedom" don't mesh with my concerns about getting real work done.
Well, I certainly won't debate that here, but just to be clear, nothing that I said has anything whatsoever to do with Debian's definition of freedom or free software. Debian doesn't object to OpenSSL for any grounds related to free software definitions or licensing. Everyone agrees that the licenses of all software involved qualify as free software.
Debian doesn't distribute GPL'd software linked (via OpenLDAP) to OpenSSL because we believe doing so would be *illegal*. Not non-free, not falling astray of some Debian licensing principle, but an actual legal violation of the OpenSSL and GPL licenses for which we could be sued.
If you build the software yourself against OpenSSL but don't distribute it, the relevant clause of the GPL doesn't apply and there is no issue.
Getting far into digression here, but this is another reason to switch to the nssov / nss-pam-ldapd model. Remove libldap from PAM/NSS and a lot of these linking issues disappear.