aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--docs/LICENSE-MIXING130
-rw-r--r--docs/LICENSE-MIXING.md124
-rw-r--r--docs/Makefile.am2
3 files changed, 125 insertions, 131 deletions
diff --git a/docs/LICENSE-MIXING b/docs/LICENSE-MIXING
deleted file mode 100644
index d8e36ca46..000000000
--- a/docs/LICENSE-MIXING
+++ /dev/null
@@ -1,130 +0,0 @@
- License Mixing with apps, libcurl and Third Party Libraries
- ===========================================================
-
-libcurl can be built to use a fair amount of various third party libraries,
-libraries that are written and provided by other parties that are distributed
-using their own licenses. Even libcurl itself contains code that may cause
-problems to some. This document attempts to describe what licenses libcurl and
-the other libraries use and what possible dilemmas linking and mixing them all
-can lead to for end users.
-
-I am not a lawyer and this is not legal advice!
-
-One common dilemma is that GPL[1]-licensed code is not allowed to be linked
-with code licensed under the Original BSD license (with the announcement
-clause). You may still build your own copies that use them all, but
-distributing them as binaries would be to violate the GPL license - unless you
-accompany your license with an exception[2]. This particular problem was
-addressed when the Modified BSD license was created, which does not have the
-announcement clause that collides with GPL.
-
-libcurl https://curl.haxx.se/docs/copyright.html
-
- Uses an MIT (or Modified BSD)-style license that is as liberal as
- possible.
-
-OpenSSL https://www.openssl.org/source/license.html
-
- (May be used for SSL/TLS support) Uses an Original BSD-style license
- with an announcement clause that makes it "incompatible" with GPL. You
- are not allowed to ship binaries that link with OpenSSL that includes
- GPL code (unless that specific GPL code includes an exception for
- OpenSSL - a habit that is growing more and more common). If OpenSSL's
- licensing is a problem for you, consider using another TLS library.
-
-GnuTLS http://www.gnutls.org/
-
- (May be used for SSL/TLS support) Uses the LGPL[3] license. If this is
- a problem for you, consider using another TLS library. Also note that
- GnuTLS itself depends on and uses other libs (libgcrypt and
- libgpg-error) and they too are LGPL- or GPL-licensed.
-
-WolfSSL https://www.wolfssl.com/
-
- (May be used for SSL/TLS support) Uses the GPL[1] license or a
- propietary license. If this is a problem for you, consider using
- another TLS library.
-
-NSS https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS
-
- (May be used for SSL/TLS support) Is covered by the MPL[4] license,
- the GPL[1] license and the LGPL[3] license. You may choose to license
- the code under MPL terms, GPL terms, or LGPL terms. These licenses
- grant you different permissions and impose different obligations. You
- should select the license that best meets your needs.
-
-axTLS http://axtls.sourceforge.net/
-
- (May be used for SSL/TLS support) Uses a Modified BSD-style license.
-
-mbedTLS https://tls.mbed.org/
-
- (May be used for SSL/TLS support) Uses the GPL[1] license or a
- propietary license. If this is a problem for you, consider using
- another TLS library.
-
-BoringSSL https://boringssl.googlesource.com/
-
- (May be used for SSL/TLS support) As an OpenSSL fork, it has the same
- license as that.
-
-libressl http://www.libressl.org/
-
- (May be used for SSL/TLS support) As an OpenSSL fork, it has the same
- license as that.
-
-c-ares https://daniel.haxx.se/projects/c-ares/license.html
-
- (Used for asynchronous name resolves) Uses an MIT license that is very
- liberal and imposes no restrictions on any other library or part you
- may link with.
-
-zlib http://www.zlib.net/zlib_license.html
-
- (Used for compressed Transfer-Encoding support) Uses an MIT-style
- license that shouldn't collide with any other library.
-
-MIT Kerberos http://web.mit.edu/kerberos/www/dist/
-
- (May be used for GSS support) MIT licensed, that shouldn't collide
- with any other parts.
-
-Heimdal http://www.h5l.org
-
- (May be used for GSS support) Heimdal is Original BSD licensed with
- the announcement clause.
-
-GNU GSS https://www.gnu.org/software/gss/
-
- (May be used for GSS support) GNU GSS is GPL licensed. Note that you
- may not distribute binary curl packages that uses this if you build
- curl to also link and use any Original BSD licensed libraries!
-
-libidn http://josefsson.org/libidn/
-
- (Used for IDNA support) Uses the GNU Lesser General Public
- License [3]. LGPL is a variation of GPL with slightly less aggressive
- "copyleft". This license requires more requirements to be met when
- distributing binaries, see the license for details. Also note that if
- you distribute a binary that includes this library, you must also
- include the full LGPL license text. Please properly point out what
- parts of the distributed package that the license addresses.
-
-OpenLDAP http://www.openldap.org/software/release/license.html
-
- (Used for LDAP support) Uses a Modified BSD-style license. Since
- libcurl uses OpenLDAP as a shared library only, I have not heard of
- anyone that ships OpenLDAP linked with libcurl in an app.
-
-libssh2 https://www.libssh2.org/
-
- (Used for scp and sftp support) libssh2 uses a Modified BSD-style
- license.
-
-[1] = GPL - GNU General Public License: https://www.gnu.org/licenses/gpl.html
-[2] = https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs details on
- how to write such an exception to the GPL
-[3] = LGPL - GNU Lesser General Public License:
- https://www.gnu.org/licenses/lgpl.html
-[4] = MPL - Mozilla Public License:
- https://www.mozilla.org/MPL/
diff --git a/docs/LICENSE-MIXING.md b/docs/LICENSE-MIXING.md
new file mode 100644
index 000000000..0bff73e6d
--- /dev/null
+++ b/docs/LICENSE-MIXING.md
@@ -0,0 +1,124 @@
+License Mixing
+==============
+
+libcurl can be built to use a fair amount of various third party libraries,
+libraries that are written and provided by other parties that are distributed
+using their own licenses. Even libcurl itself contains code that may cause
+problems to some. This document attempts to describe what licenses libcurl and
+the other libraries use and what possible dilemmas linking and mixing them all
+can lead to for end users.
+
+I am not a lawyer and this is not legal advice!
+
+One common dilemma is that [GPL](https://www.gnu.org/licenses/gpl.html)
+licensed code is not allowed to be linked with code licensed under the
+[Original BSD license](https://spdx.org/licenses/BSD-4-Clause.html) (with the
+announcement clause). You may still build your own copies that use them all,
+but distributing them as binaries would be to violate the GPL license - unless
+you accompany your license with an
+[exception](https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs). This
+particular problem was addressed when the [Modified BSD
+license](https://opensource.org/licenses/BSD-3-Clause) was created, which does
+not have the announcement clause that collides with GPL.
+
+## libcurl
+
+ Uses an [MIT style license](https://curl.haxx.se/docs/copyright.html) that is
+ very liberal.
+
+## OpenSSL
+
+ (May be used for SSL/TLS support) Uses an Original BSD-style license with an
+ announcement clause that makes it "incompatible" with GPL. You are not
+ allowed to ship binaries that link with OpenSSL that includes GPL code
+ (unless that specific GPL code includes an exception for OpenSSL - a habit
+ that is growing more and more common). If OpenSSL's licensing is a problem
+ for you, consider using another TLS library.
+
+## GnuTLS
+
+ (May be used for SSL/TLS support) Uses the
+ [LGPL](https://www.gnu.org/licenses/lgpl.html) license. If this is a problem
+ for you, consider using another TLS library. Also note that GnuTLS itself
+ depends on and uses other libs (libgcrypt and libgpg-error) and they too are
+ LGPL- or GPL-licensed.
+
+## WolfSSL
+
+ (May be used for SSL/TLS support) Uses the GPL license or a propietary
+ license. If this is a problem for you, consider using another TLS library.
+
+## NSS
+
+ (May be used for SSL/TLS support) Is covered by the
+ [MPL](https://www.mozilla.org/MPL/) license, the GPL license and the LGPL
+ license. You may choose to license the code under MPL terms, GPL terms, or
+ LGPL terms. These licenses grant you different permissions and impose
+ different obligations. You should select the license that best meets your
+ needs.
+
+## axTLS
+
+ (May be used for SSL/TLS support) Uses a Modified BSD-style license.
+
+## mbedTLS
+
+ (May be used for SSL/TLS support) Uses the GPL license or a propietary
+ license. If this is a problem for you, consider using another TLS library.
+
+## BoringSSL
+
+ (May be used for SSL/TLS support) As an OpenSSL fork, it has the same
+ license as that.
+
+## libressl
+
+ (May be used for SSL/TLS support) As an OpenSSL fork, it has the same
+ license as that.
+
+## c-ares
+
+ (Used for asynchronous name resolves) Uses an MIT license that is very
+ liberal and imposes no restrictions on any other library or part you may link
+ with.
+
+## zlib
+
+ (Used for compressed Transfer-Encoding support) Uses an MIT-style license
+ that shouldn't collide with any other library.
+
+## MIT Kerberos
+
+ (May be used for GSS support) MIT licensed, that shouldn't collide with any
+ other parts.
+
+## Heimdal
+
+ (May be used for GSS support) Heimdal is Original BSD licensed with the
+ announcement clause.
+
+## GNU GSS
+
+ (May be used for GSS support) GNU GSS is GPL licensed. Note that you may not
+ distribute binary curl packages that uses this if you build curl to also link
+ and use any Original BSD licensed libraries!
+
+## libidn
+
+ (Used for IDNA support) Uses the GNU Lesser General Public License [3]. LGPL
+ is a variation of GPL with slightly less aggressive "copyleft". This license
+ requires more requirements to be met when distributing binaries, see the
+ license for details. Also note that if you distribute a binary that includes
+ this library, you must also include the full LGPL license text. Please
+ properly point out what parts of the distributed package that the license
+ addresses.
+
+## OpenLDAP
+
+ (Used for LDAP support) Uses a Modified BSD-style license. Since libcurl uses
+ OpenLDAP as a shared library only, I have not heard of anyone that ships
+ OpenLDAP linked with libcurl in an app.
+
+## libssh2
+
+ (Used for scp and sftp support) libssh2 uses a Modified BSD-style license.
diff --git a/docs/Makefile.am b/docs/Makefile.am
index 445d3fa2e..149e0af42 100644
--- a/docs/Makefile.am
+++ b/docs/Makefile.am
@@ -36,7 +36,7 @@ CLEANFILES = $(GENHTMLPAGES) $(PDFPAGES)
EXTRA_DIST = MANUAL BUGS CONTRIBUTE.md FAQ FEATURES INTERNALS.md SSLCERTS.md \
README.win32 RESOURCES TODO TheArtOfHttpScripting THANKS VERSIONS \
KNOWN_BUGS BINDINGS $(man_MANS) $(HTMLPAGES) HISTORY.md INSTALL \
- $(PDFPAGES) LICENSE-MIXING README.netware INSTALL.devcpp \
+ $(PDFPAGES) LICENSE-MIXING.md README.netware INSTALL.devcpp \
MAIL-ETIQUETTE HTTP-COOKIES.md SECURITY.md RELEASE-PROCEDURE SSL-PROBLEMS.md \
HTTP2.md ROADMAP.md CODE_OF_CONDUCT.md CODE_STYLE.md CHECKSRC.md