From 110eee0288cff0720952a2cf16c4fb191d0bd616 Mon Sep 17 00:00:00 2001 From: Max Fillinger Date: Thu, 17 Feb 2022 15:27:56 +0100 Subject: [PATCH] Add warning about mbed TLS licensing problem Signed-off-by: Max Fillinger Acked-by: Gert Doering Message-Id: <20220217142756.6581-1-maximilian.fillinger@foxcrypto.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23825.html Signed-off-by: Gert Doering --- README.mbedtls | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/README.mbedtls b/README.mbedtls index 4875822da..d3466fa90 100644 --- a/README.mbedtls +++ b/README.mbedtls @@ -11,6 +11,24 @@ This version depends on mbed TLS 2.0 (and requires at least 2.0.0). ************************************************************************* +Warning: + +As of mbed TLS 2.17, it can be licensed *only* under the Apache v2.0 license. +That license is incompatible with OpenVPN's GPLv2. + +If you wish to distribute OpenVPN linked with mbed TLS, there are two options: + + * Ensure that your case falls under the system library exception in GPLv2, or + + * Use an earlier version of mbed TLS. Version 2.16.12 is the last release + that may be licensed under GPLv2. Unfortunately, this version is + unsupported and won't receive any more updates. + +If nothing changes about the license situation, mbed TLS support may be +deprecated in a future release of OpenVPN. + +************************************************************************* + Due to limitations in the mbed TLS library, the following features are missing in the mbed TLS version of OpenVPN: -- 2.47.3