On Saturday, June 27, 2020, Tom Lane <
tgl@sss.pgh.pa.us> wrote:
Christoph Berg <myon@debian.org> writes:
> Re: Ranier Vilela
>> Isn't LIbreSSL a better alternative?
> I don't know.
It should work all right --- it's the default ssl library on OpenBSD
and some other platforms, so we have some buildfarm coverage for it.
(AFAICT, none of the OpenBSD machines are running the ssl test, but
I tried that just now on OpenBSD 6.4 and it passed.)
However, I'm not exactly convinced that using LibreSSL gets you out
of the license compatibility bind. LibreSSL is a fork of OpenSSL,
and IIUC a fairly hostile fork at that, so how did they get permission
to remove OpenSSL's problematic license clauses? Did they remove them
at all? A quick look at the header files on my OpenBSD installation
shows a whole lot of ancient copyright text.
As I understand Libressl objective is not to change the license of existing code but to deprecate features they don't want in it.
They also include in Libressl a new libtls which is ISC licensed, but it's another history
regards, tom lane
