[Openvpn-devel,v3] Add warning about mbed TLS licensing problem

Message ID 20220217142756.6581-1-maximilian.fillinger@foxcrypto.com
State Accepted
Headers show
Series [Openvpn-devel,v3] Add warning about mbed TLS licensing problem | expand

Commit Message

Maximilian Fillinger Feb. 17, 2022, 3:27 a.m. UTC
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
---
 README.mbedtls | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

Comments

Gert Doering Feb. 17, 2022, 4:14 a.m. UTC | #1
Acked-by: Gert Doering <gert@greenie.muc.de>

"Raising awareness", without putting in any hard dates / versions.

Your patch has been applied to the master branch.

commit 110eee0288cff0720952a2cf16c4fb191d0bd616
Author: Max Fillinger
Date:   Thu Feb 17 15:27:56 2022 +0100

     Add warning about mbed TLS licensing problem

     Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
     Acked-by: Gert Doering <gert@greenie.muc.de>
     Message-Id: <20220217142756.6581-1-maximilian.fillinger@foxcrypto.com>
     URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23825.html
     Signed-off-by: Gert Doering <gert@greenie.muc.de>


--
kind regards,

Gert Doering

Patch

diff --git a/README.mbedtls b/README.mbedtls
index 4875822d..d3466fa9 100644
--- a/README.mbedtls
+++ b/README.mbedtls
@@ -11,6 +11,24 @@  This version depends on mbed TLS 2.0 (and requires at least 2.0.0).
 
 *************************************************************************
 
+Warning:
+
+As of mbed TLS 2.17, it can be licensed *only* under the Apache v2.0 license.
+That license is incompatible with OpenVPN's GPLv2.
+
+If you wish to distribute OpenVPN linked with mbed TLS, there are two options:
+
+ * Ensure that your case falls under the system library exception in GPLv2, or
+
+ * Use an earlier version of mbed TLS. Version 2.16.12 is the last release
+   that may be licensed under GPLv2. Unfortunately, this version is
+   unsupported and won't receive any more updates.
+
+If nothing changes about the license situation, mbed TLS support may be
+deprecated in a future release of OpenVPN.
+
+*************************************************************************
+
 Due to limitations in the mbed TLS library, the following features are missing
 in the mbed TLS version of OpenVPN: