aboutsummaryrefslogtreecommitdiff
path: root/docs/LICENSE-MIXING
diff options
context:
space:
mode:
Diffstat (limited to 'docs/LICENSE-MIXING')
-rw-r--r--docs/LICENSE-MIXING83
1 files changed, 83 insertions, 0 deletions
diff --git a/docs/LICENSE-MIXING b/docs/LICENSE-MIXING
new file mode 100644
index 000000000..375f17aea
--- /dev/null
+++ b/docs/LICENSE-MIXING
@@ -0,0 +1,83 @@
+ License Mixing with apps, libcurl and Third Party Libraries
+ ===========================================================
+
+libcurl can be built to use a fair amount of various third party libraries,
+libraries that are written and provided by other parties that are distributed
+using their own licenses. Even libcurl itself contains code that may cause
+problems to some. This document attempts to describe what licenses libcurl and
+the other libraries use and what possible dilemmas linking and mixing them all
+can lead to for end users.
+
+I am not a lawyer and this is not legal advice!
+
+One common dilemma is that GPL[*]-licensed code is not allowed to be linked
+with code licensed under the Original BSD license (with the announcement
+clause, unless there's a specified exception in the GPL-licensed module). You
+may still build your own copies that use them all, but distributing them as
+binaries would be to violate the GPL license. This particular problem was
+addressed when the Modified BSD license was created, which does not have the
+annoncement clause that collides with GPL.
+
+libcurl http://curl.haxx.se/docs/copyright.html
+
+ Uses an MIT (or Modified BSD)-style license that is as liberal as
+ possible. Some of the source files that deal with KRB4 have Original
+ BSD-style announce-clause licenses. You may not distribute binaries
+ with krb4-enabled libcurl that also link with GPL-licensed code!
+
+OpenSSL http://www.openssl.org/source/license.html
+
+ Uses an Original BSD-style license with an announement clause that
+ makes it "incompatible" with GPL. You are not allowed to ship binaries
+ that link with OpenSSL that includes GPL code (unless that specific
+ GPL code includes an exception for OpenSSL - a habit that is growing
+ more and more common).
+
+c-ares http://daniel.haxx.se/projects/c-ares/license.html
+
+ Uses an MIT license that is very liberal and imposes no restrictions
+ on any other library or part you may link with.
+
+zlib http://www.gzip.org/zlib/zlib_license.html
+
+ Uses an MIT-style license that shouldn't collide with any other
+ library.
+
+krb4
+
+ While nothing in particular says that a Kerberos4 library must use any
+ particular license, the one I've tried and used successfully so far
+ (kth-krb4) is Original BSD-licensed with the announcement clause. Some
+ of the code in libcurl that is written to deal with Kerberos4 likewise
+ have such a license.
+
+GSSAPI
+
+ While nothing in particular says that a GSS/Kerberos5 library must use
+ any particular license, the one I've used (Heimdal) is Original BSD-
+ licensed with the announcement clause.
+
+fbopenssl
+
+ Unclear license. Based on its name, I assume that it uses the OpenSSL
+ license and thus shares the same issues as described for OpenSSL
+ above.
+
+libidn http://www.gnu.org/licenses/lgpl.html
+
+ Uses the GNU Lesser General Public License. LGPL is a variation of GPL
+ with slightly less aggressive "copyleft". This license requires more
+ requirements to be met when distributing binaries, see the license for
+ details. Also note that if you distribute a binary that includes this
+ library, you must also include the full LGPL license text. Please
+ properly point out what parts of the distributed package that the
+ license addresses.
+
+OpenLDAP http://www.openldap.org/software/release/license.html
+
+ Uses a Modified BSD-style license. Since libcurl uses OpenLDAP as a
+ shared library only, I have not heard of anyone that ships OpenLDAP
+ linked with libcurl in an app.
+
+
+[*] = GPL - GNU General Public License: http://www.gnu.org/licenses/gpl.html