| Message ID | 20220216140457.6651-1-maximilian.fillinger@foxcrypto.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | [Openvpn-devel,v2] Add warning about mbed TLS licensing problem | expand |
> Max Fillinger <maximilian.fillinger@foxcrypto.com> hat am 16.02.2022 15:04 geschrieben: > > > Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com> > --- > README.mbedtls | 17 +++++++++++++++++ > 1 file changed, 17 insertions(+) Might be good to also add a note in the "Deprecated Features" section of Changes.rst? Just to increase visibility. Regards, -- Frank Lichtenheld
Hi, On Wed, Feb 16, 2022 at 05:51:02PM +0100, Frank Lichtenheld wrote: > > Max Fillinger <maximilian.fillinger@foxcrypto.com> hat am 16.02.2022 15:04 geschrieben: > > > > Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com> > > --- > > README.mbedtls | 17 +++++++++++++++++ > > 1 file changed, 17 insertions(+) > > Might be good to also add a note in the "Deprecated Features" section of Changes.rst? > Just to increase visibility. For v3, we've decided that we just mention the problem, but do not state a formal depreciation date - the license issue is still under debate, I've been told, so maybe we can continue to support mbedTLS. We'll see... and 2.7 is quite some time away. gert
diff --git a/README.mbedtls b/README.mbedtls index 4875822d..062ae470 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,23 @@ This version depends on mbed TLS 2.0 (and requires at least 2.0.0). ************************************************************************* +Warning: + +As of version 2.17, mbed TLS can be licensed *only* under the Apache v2.0 +license. That license is incompatible with OpenVPN's GPLv2. + +If you wish to distribute OpenVPN linked with mbed TLS, there are two options: + + * Ensure that your case falls under the system library exception in GPLv2, or + + * Use an earlier version of mbed TLS. Version 2.16.12 is the last release + that may be licensed under GPLv2. Unfortunately, this version is + unsupported and won't receive any more updates. + +Support for mbed TLS is likely to be removed in OpenVPN 2.7. + +************************************************************************* + Due to limitations in the mbed TLS library, the following features are missing in the mbed TLS version of OpenVPN:
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com> --- README.mbedtls | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)