[Bug 188400] Review Request: ssmtp

[bugzilla at redhat.com]

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: ssmtp


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=188400





------- Additional Comments From wolfy at nobugconsulting.ro  2006-10-30 10:41 EST -------
In order to complete the submission of this package, I have just taken a deeper
look at the patches included by debian/unstable since my first submission ssmtp
package and a few questions have arisen.

Patch number 8 switches from using openssl to gnutls, the reason behind the
change being pointed in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=374327.
Quoting from there: 
"as written in debian/copyright ssmtp is now GPL. Your package is linked
against OpenSSL, which is not licensed under the GPL, this is a license
violation. Upstream should add an exception to the license (in COPYING)
which allows the linking with OpenSSL, this you should also write in
debian/copyright. The second choice would be to port ssmtp to gnutls which
is GPL."
Now the facts:
- ssmtp is GPL (the original tar.gz includes the file named COPYING which is the
GPLv2 license)
- openssl is BSDish (quote from pm -q --qf "%{license}\n" openssl) 
- gnutls is LGPL
I am far from being a legal expert (au contraire actually :) ) but I have just
read the LICENSE file included in the openssl rpm package and I am not convinced
at all about the need for the change. So. my question is: leaving aside the
obvious "better to be in sync with upstream", is this change (openssl -> gnutls)
really needed for FE ? Especially since ssmtp does NOT modify in any way the
openssl toolkit, it just links against the libraries ?

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.