Bug#309089: gkrellm is under GPL and is linked with openssl

Sat, 14 May 2005 07:53:11 -0700 

Package: gkrellm
Version: 2.2.5-1
Severity: serious


Hi,

Gkrellm is under the GPL license which is considered not compatible with
openssl's license (see [1], [2], [3]). Therefore it should not be linked with
this library.

However I have recently sent a patch upstream which was integrated in
the 2.2.6 version for gkrellm to be able to be linked with gnutls
(attaced to this mail). So, could you please use this version and link with
gnutls?

Thanks.

Regards,

Samuel.

[1] http://www.gnome.org/~markmc/openssl-and-the-gpl.html
[2] http://lists.debian.org/debian-legal/2002/04/msg00072.html
[3] http://www.openssl.org/support/faq.html#LEGAL2

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages gkrellm depends on:
ii  gkrellm-common           2.2.5-1         multiple stacked system monitors: 
ii  libatk1.0-0              1.8.0-4         The ATK accessibility toolkit
ii  libc6                    2.3.2.ds1-22    GNU C Library: Shared libraries an
ii  libglib2.0-0             2.6.4-1         The GLib library of C routines
ii  libgtk2.0-0              2.6.4-3         The GTK+ graphical user interface 
ii  libice6                  4.3.0.dfsg.1-13 Inter-Client Exchange library
ii  libpango1.0-0            1.8.1-1         Layout and rendering of internatio
ii  libsm6                   4.3.0.dfsg.1-13 X Window System Session Management
ii  libssl0.9.7              0.9.7g-1        SSL shared libraries
ii  libx11-6                 4.3.0.dfsg.1-13 X Window System protocol client li
ii  xlibs                    4.3.0.dfsg.1-13 X Keyboard Extension (XKB) configu

-- no debconf information

diff -ru ../gkrellm-2.2.5.orig/src/configure ./src/configure
--- ../gkrellm-2.2.5.orig/src/configure	2005-05-06 22:57:44.000000000 +0200
+++ ./src/configure	2005-05-06 23:39:38.000000000 +0200
@@ -7,6 +7,10 @@
 
 for i
 do
+	if [ "$i" = "--without-gnutls" ]
+	then
+		without_gnutls=yes
+	fi
 	if [ "$i" = "--without-ssl" ]
 	then
 		without_ssl=yes
@@ -24,6 +28,46 @@
 
 exec 5>./configure.log
 
+if [ "$without_gnutls" != "yes" ]
+then
+# echo "Checking for gnutls... " 1>& 2
+echo "Checking for gnutls... " 1>& 5
+
+cat << EOF > test.c
+#include <gnutls/openssl.h>
+
+int main()
+	{
+	SSL_METHOD	*ssl_method  = NULL;
+
+	SSLeay_add_ssl_algorithms();
+	SSL_load_error_strings();
+	if ((ssl_method = SSLv23_client_method()) == NULL)
+		return 1;
+	return 0;
+	}
+EOF
+
+$CC ${PKG_INCLUDE} -c test.c -o test.o 2>& 5
+$CC test.o -o test ${PKG_LIBS} -lgnutls-openssl 2>& 5
+
+if [ -e ./test ] && ./test
+then
+#	echo 'Defining HAVE_GNUTLS' 1>& 2
+	echo 'Defining HAVE_GNUTLS' 1>& 5
+	echo '#define HAVE_GNUTLS 1' >> configure.h
+	echo '#define HAVE_SSL 1' >> configure.h
+	without_ssl=yes
+else
+#	echo "Not found, mail check will not have gnutls support..." 1>& 2
+	echo "Not found, mail check will not have gnutls support..." 1>& 5
+fi
+fi
+# end of gnutls check
+
+rm -f test test.o test.c
+
+
 if [ "$without_ssl" != "yes" ]
 then
 # echo "Checking for ssl... " 1>& 2
diff -ru ../gkrellm-2.2.5.orig/src/mail.c ./src/mail.c
--- ../gkrellm-2.2.5.orig/src/mail.c	2005-05-06 22:57:44.000000000 +0200
+++ ./src/mail.c	2005-05-06 23:57:59.000000000 +0200
@@ -37,6 +37,12 @@
 #define HAVE_MD5_H
 #endif
 
+#if defined(HAVE_GNUTLS)
+#include <gnutls/openssl.h>
+#define MD5Init		MD5_Init
+#define MD5Update	MD5_Update
+#define MD5Final	MD5_Final
+#else
 #if defined(HAVE_SSL)
 #include <openssl/ssl.h>
 #include <openssl/md5.h>
@@ -50,6 +56,7 @@
 #include "md5.h"
 #endif
 #endif
+#endif
 
 #include "ntlm.h"
 
@@ -641,8 +648,10 @@
 tcp_close(ConnInfo *conn)
 	{
 #ifdef HAVE_SSL
+#ifndef HAVE_GNUTLS
 	SSL_SESSION *session;
 #endif
+#endif
 
 	if (conn->fd != -1)
 		{
@@ -656,9 +665,11 @@
 #ifdef HAVE_SSL
 	if (conn->ssl)
 		{
+#ifndef HAVE_GNUTLS
 		session = SSL_get_session(conn->ssl);
 		if (session)
 			SSL_CTX_remove_session(conn->ssl_ctx, session);
+#endif
 		SSL_free(conn->ssl);
 		conn->ssl = NULL;
 		}
@@ -707,7 +718,7 @@
 	SSL_load_error_strings();
 
 	if (mbox->account->use_ssl == SSL_TRANSPORT)
-		ssl_method = SSLv2_client_method();
+		ssl_method = SSLv23_client_method();
 	else
 		ssl_method = TLSv1_client_method();
 	if (ssl_method == NULL)
@@ -724,7 +735,9 @@
 		return tcp_shutdown(conn, mbox,
 				    N_("Cannot initialize SSL handler."),
 				    FALSE);
+#ifndef HAVE_GNUTLS
 	SSL_clear(conn->ssl);
+#endif
 
 	SSL_set_fd(conn->ssl, conn->fd);
 	SSL_set_connect_state(conn->ssl);
diff -ru ../gkrellm-2.2.5.orig/src/Makefile ./src/Makefile
--- ../gkrellm-2.2.5.orig/src/Makefile	2005-05-06 22:57:44.000000000 +0200
+++ ./src/Makefile	2005-05-06 23:42:45.000000000 +0200
@@ -19,6 +19,12 @@
 LINK_FLAGS ?= -Wl,-E
 SMC_LIBS ?= -L/usr/X11R6/lib -lSM -lICE
 
+ifeq ($(without-gnutls),1)
+	CONFIGURE_ARGS += --without-gnutls
+endif
+ifeq ($(without-gnutls),yes)
+	CONFIGURE_ARGS += --without-gnutls
+endif
 ifeq ($(without-ssl),1)
 	CONFIGURE_ARGS += --without-ssl
 endif
@@ -28,13 +34,18 @@
 
 DUMMY_VAR := $(shell ./configure $(CONFIGURE_ARGS))
 
+HAVE_GNUTLS = $(shell grep -c HAVE_GNUTLS configure.h)
 HAVE_SSL = $(shell grep -c HAVE_SSL configure.h)
 
+ifeq ($(HAVE_GNUTLS),1)
+    SSL_LIBS ?= -lgnutls-openssl
+else
 ifeq ($(HAVE_SSL),1)
     SSL_LIBS ?= -lssl -lcrypto
 else
     EXTRAOBJS ?= md5c.o
 endif
+endif
 
 CC ?= gcc
 STRIP ?= -s

Reply via email to