[Interest] Qt, openssl and redistribution (of binary packages)

[Constantin Makshin]

Hi René.

Qt can be redistributed under the terms of LGPL which allows linking
against everything so there are no license-related issues in linking Qt
and OpenSSL.
AFAIK the primary (if not the only one) reason against linking to
libraries like OpenSSL is that redistribution of cryptographic software
is forbidden in some countries. Loading these libraries at runtime is
probably the best solution to this problem because, if we're talking
about Qt, most of its functionality, being independent from OpenSSL,
remains available to everyone and users who live in those countries and
need cryptography have to compile only OpenSSL without [re]building the
whole Qt.

On 01/22/2017 05:44 PM, René J.V. Bertin wrote:
> Hello,
> 
> Can anyone on here give an informed break-down of the implications of the incompatibility between the GPL and OpenSSL licenses on redistribution of binary builds of Qt itself, and of dependents, and their severity when Qt is linked to OpenSSL vs. when OpenSSL is loaded at runtime?
> 
> As an example, MacPorts currently doesn't provide a binary package of Qt Creator because the Qt port is configured with -openssl-linked (i.e. linked to libssl). I find it surprising that Qt itself could be distributed that way in binary form but not a dependent, and would hope that configuring with -openssl-runtime could change that.
> 
> FWIW, on Mac we could get around that by using SecureTransport, but I think that using OpenSSL has the benefit of allowing security updates even on OS versions Apple dropped.
> 
> Feedback appreciated!
> 
> Thanks,
> René

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: OpenPGP digital signature
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20170123/03cf4d1f/attachment.sig>