From: Max Fillinger Date: Thu, 17 Feb 2022 14:27:56 +0000 (+0100) Subject: Add warning about mbed TLS licensing problem X-Git-Tag: v2.6_beta1~267 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=110eee0288cff0720952a2cf16c4fb191d0bd616;p=thirdparty%2Fopenvpn.git Add warning about mbed TLS licensing problem Signed-off-by: Max Fillinger Acked-by: Gert Doering Message-Id: <20220217142756.6581-1-maximilian.fillinger@foxcrypto.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23825.html Signed-off-by: Gert Doering --- diff --git a/README.mbedtls b/README.mbedtls index 4875822da..d3466fa90 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,24 @@ This version depends on mbed TLS 2.0 (and requires at least 2.0.0). ************************************************************************* +Warning: + +As of mbed TLS 2.17, it can be licensed *only* under the Apache v2.0 license. +That license is incompatible with OpenVPN's GPLv2. + +If you wish to distribute OpenVPN linked with mbed TLS, there are two options: + + * Ensure that your case falls under the system library exception in GPLv2, or + + * Use an earlier version of mbed TLS. Version 2.16.12 is the last release + that may be licensed under GPLv2. Unfortunately, this version is + unsupported and won't receive any more updates. + +If nothing changes about the license situation, mbed TLS support may be +deprecated in a future release of OpenVPN. + +************************************************************************* + Due to limitations in the mbed TLS library, the following features are missing in the mbed TLS version of OpenVPN: