LDAP keyserver patch

[gnupg-devel@gnupg.org]

On Mon, Sep 10, 2001 at 07:58:18AM +0200, Florian Weimer wrote:
> David Shaw <dshaw@jabberwocky.com> writes:
> 
> > Included in the patch is a helper application for LDAP and another one
> > for email keyservers.  You need OpenLDAP installed to enable LDAP
> > support.
> 
> Note that the OpenLDAP license is in a constant flux.  The most recent
> version (2.7) seems to be GPL-compatible (so that you can distribute
> binaries), but some of the previous ones were definitely not.
> 
> I don't know if the current GPL compatibility is a mere accident, or
> if it is by design.

It is by design. We were going to bring up the issue and emailed
licensing@gnu.org but were told not to as RMS was going to handle
this. I emailed licensing@gnu.org to confirm the 2.7 license as being
GPL compatible and received a response that RMS has agreed that it is.

You will need to find a version of OpenLDAP with this license to be
able to use it though (I have not looked at the license on the latest
1.2 and 2.0 versions). Note though that I think this applies mainly to
commercial unixen that do not have OpenLDAP as part of the base OS
(same exception clause that allows GPL software on Solaris to link
against Solaris libc).

Note that OpenLDAP 2.0.x can use SASL which uses OpenSSL. The OpenSSL
license is *incompatible* with the GPL. So, I believe (IANAL)
that OpenLDAP + Cyrus SASL would be imcompatible with the GPL (hence
incompatible with GnuPG). Ugh! To overcome this, some GPL programs
like fetchmail add the following to the GPL license:
  Specific permission is granted for this code to be linked to OpenSSL
  (this is necessary becuse the OpenSSL license is not GPL-compatible).

-- 
albert chin (china@thewrittenword.com)