On Wed, Jan 07, 2009 at 10:44:52AM +0100, Alan DeKok said:
It would be useful to be able to link FreeRADIUS with OpenSSL, for systems like Debian that have restrictive license policies. Upon auditing the source code (and some offline discussion), it looks like it may be possible.
The code using OpenSSL is:
src/main/threads.c src/modules/rlm_eap/ src/modules/rlm_otp/ src/modules/rlm_wimax/
The ownership of the relevant code is largely myself, a bankrupt company (rlm_eap), and Tri-D systems (rlm_otp). We've tried contacting Tri-D systems (now owned by RedHat), but have had little response.
My suggestion is to do the following:
1) add a license exception to the main LICENSE file:
In addition, as a special exception, the copyright holders give permission to link the code of portions of this program with the OpenSSL library, and distribute linked combinations including the two. This exception does not apply to the "rlm_otp" module. You must obey the GNU General Public License in all respects for all of the code used other than OpenSSL. If you modify file(s) with this exception, you may extend this exception to your version of the file(s), but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version.
2) remove rlm_otp from the "stable" module list. It's not being maintained, and I'm not sure anyone is using it.
This will make life easier for package maintainers, as they can just configure --without-rlm_otp. The result will be a version of the server that can be linked with OpenSSL on Debian-based systems.
Thoughts?
That is fantastic news! Thanks so much for doing the legwork for this, and I really look forward to the results. -- -------------------------------------------------------------------------- | Stephen Gran | May you do Good Magic with Perl. -- | | steve@lobefin.net | Larry Wall's blessing | | http://www.lobefin.net/~steve | | --------------------------------------------------------------------------