@masneyb

It has come to my attention that gFTP's license conflicts with the license used by OpenSSL, so distros like Debian might not include libSSL support in gftp binaries

https://people.gnome.org/~markmc/openssl-and-the-gpl.html

The conclusion I draw from all this is that if want to use OpenSSL with a GPL program you should consider whether an OpenSSL exemption to the license is viable - i.e. do all the copyright holders for the affected code agree? Failing that, you could distribute the GPL program using OpenSSL but you are effectively trusting that the copyright holders for that program don't care. A much safer option is to use either the GNU TLS or Mozilla NSS library.

The new OpenSSL 3.0, that is yet to be adopted by distros, is under the apache 2.0 license, which is compatible with GPL3 and "GPL2 and later", but only in one direction
https://www.apache.org/licenses/GPL-compatibility.html

FileZilla uses GnuTLS and is released under the GPL3
GFTP uses OpenSSL and is released under the GPL2 (or later) -- license conflict here

Light side vs dark side, you have to choose wisely, but there is no choice Anakin.

I suggest changing the license to MIT or ISC to avoid past, present and future license incompatibilities..

Of course all past contributors must agree, assuming their changes are still here... but I've undone almost everything while updating the code. I identify a few contributions, fsp.c and the OpenSSL fixes, RocketMan/hsn10 Solaris/FreeBSD, so that's a given

So it's up to @masneyb to accept (choose the new license) or reject the change I'm proposing