We are compiling stunnel source without any modification for different platform supported of our product. Then we are running stunnel as a standalone process after making changes to stunnel.conf file. In stunnel.conf file we are providing location of certificates and ports to be used
We would distribute stunnel binary along with our product. Given the scenario I have mentioned do you foresee legal problems in usage of stunnel.
I understand that OpenSSL uses OpenSSL license but I got this for openssl website.
====================================================
On many systems including the major Linux and BSD distributions, yes (the GPL does not place restrictions on using libraries that are part of the normal operating system distribution).
On other systems, the situation is less clear. Some GPL software copyright holders claim that you infringe on their rights if you use OpenSSL with their software on operating systems that don't normally include OpenSSL.
If you develop open source software that uses OpenSSL, you may find it useful to choose another license than the GPL, or state explicitly that "This program is released under the GPL with the additional exemption that compiling, linking, and/or using OpenSSL is allowed." If you are using GPL software developed by others, you may want to ask the copyright holder for permission to use their software with OpenSSL.
=====================================================
Specifically I am concerned if Stunnel states that compiling, linking, and/or using OpenSSL is allowed
Thanks
Gaurav
________________________________
From: Bansal, Gaurav (Gaurav) Sent: Wednesday, September 24, 2008 5:27 PM To: 'webmaster@stunnel.org'; 'stunnel-users@mirt.net'; 'stunnel-users-owner@mirt.net'; 'Michal.Trojnara@mirt.net' Subject: Stunnel License
Hi,
We are planning to use Stunnel to encrypt traffic between Apache mod_jk and AJP connector of JBoss Tomcat.
It seems that Stunnel uses OpenSSL APIs. Since Stunnel is available under GPL license, the license terms prevents us from using Stunnel in our product since it exposes OpenSSL which is also available under GPL license.
I would like to know if there is also a commercial license available for stunnel? I would appreciate if you can throw pointers on how to package Stunnel with a commercial product.
Thank
Gaurav
"Bansal, Gaurav (Gaurav)" gbansal@avaya.com wrote:
We are planning to use Stunnel to encrypt traffic between Apache mod_jk and AJP connector of JBoss Tomcat.
Using stunnel does not create a derivative work. GPL license does not restrict the way you *use* stunnel. It only restricts the way you distribute it.
It seems that Stunnel uses OpenSSL APIs. Since Stunnel is available under GPL license, the license terms prevents us from using Stunnel in our product since it exposes OpenSSL which is also available under GPL license.
Your product "exposes OpenSSL"? I'm not sure what you mean. AFAIK OpenSSL is not available under GPL license.
I would like to know if there is also a commercial license available for stunnel? I would appreciate if you can throw pointers on how to package Stunnel with a commercial product.
You can package stunnel with a commercial product as long as it does not create a derivative work. Roughly speaking creating derivative work is linking your code against stunnel. See GPL license for the detailed description.
Yes - commercial licenses are available, but it looks like you don't need one.
We would distribute stunnel binary along with our product. Given the scenario I have mentioned do you foresee legal problems in usage of stunnel.
Just make sure to distribute stunnel source and its license along with your product.
Specifically I am concerned if Stunnel states that compiling, linking, and/or using OpenSSL is allowed
Stunnel license allows linking with OpenSSL. See: http://stunnel.mirt.net/?page=license
Best regards, Mike
-
Bansal, Gaurav (Gaurav) -
Michal Trojnara