[gnutls-dev]GPL/LGPL license changes

Andrew McDonald andrew@mcdonald.org.uk
Thu May 16 21:56:01 2002


Hi,

I notice that gnutls (and libgcrypt) have (very) recently changed
licenses from GPL to LGPL. I've a few queries about the new gnutls
license.

As I understand it libgnutls is now LGPL, unless it is built with SRP
or OpenPGP support, in which case it is GPL. I guess that one
consequence of this is that any application can use gnutls (where they
might have used OpenSSL before), but only get the 'extra features' of
gnutls when they are GPL licensed (and opencdk is still GPL licensed
anyway).

However, it seems to me that if a user has the GPL version installed
then they can only run GPL'ed applications that link with gnutls.
(Whereas if the LGPL version is installed then any applications under
any license linking to gnutls can be installed). It means that you
can't have a GPL'ed application using OpenPGP keys at the same time as
another application (using basic TLS) under a GPL-incompatible license.
Was this intended?

If no, one solution would be to have different SONAMES for the GPL and
LGPL versions, but that seems undesirable. Alternatively, I'm wondering
if the GPL bits could be moved to an auxilary library. A GPL'ed app
could then link with libgnutls and libgnutls-extra to be able to use
SRP and OpenPGP. Any thoughts?

I guess an application can detect OpenPGP support at run time through
by calling one of the _openpgp_ functions and SRP through one of the
_srp_ functions. However, would it be useful to have a more formalised
way of doing this? Also, is there a way to detect at compile time
whether SRP or OpenPGP support is available?


Sorry it's such a long e-mail.

Regards,

Andrew
-- 
Andrew McDonald
E-mail: andrew@mcdonald.org.uk
http://www.mcdonald.org.uk/andrew/