embedaddon/curl/docs/LICENSE-MIXING.md - view

File: [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / docs / LICENSE-MIXING.md
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Jun 3 10:01:15 2020 UTC (4 years, 10 months ago) by misho
Branches: curl, MAIN
CVS tags: v7_70_0p4, HEAD

curl

1: License Mixing 2: ============== 3: 4: libcurl can be built to use a fair amount of various third party libraries, 5: libraries that are written and provided by other parties that are distributed 6: using their own licenses. Even libcurl itself contains code that may cause 7: problems to some. This document attempts to describe what licenses libcurl and 8: the other libraries use and what possible dilemmas linking and mixing them all 9: can lead to for end users. 10: 11: I am not a lawyer and this is not legal advice! 12: 13: One common dilemma is that [GPL](https://www.gnu.org/licenses/gpl.html) 14: licensed code is not allowed to be linked with code licensed under the 15: [Original BSD license](https://spdx.org/licenses/BSD-4-Clause.html) (with the 16: announcement clause). You may still build your own copies that use them all, 17: but distributing them as binaries would be to violate the GPL license - unless 18: you accompany your license with an 19: [exception](https://www.gnu.org/licenses/gpl-faq.html#GPLIncompatibleLibs). This 20: particular problem was addressed when the [Modified BSD 21: license](https://opensource.org/licenses/BSD-3-Clause) was created, which does 22: not have the announcement clause that collides with GPL. 23: 24: ## libcurl 25: 26: Uses an [MIT style license](https://curl.haxx.se/docs/copyright.html) that is 27: very liberal. 28: 29: ## OpenSSL 30: 31: (May be used for SSL/TLS support) Uses an Original BSD-style license with an 32: announcement clause that makes it "incompatible" with GPL. You are not 33: allowed to ship binaries that link with OpenSSL that includes GPL code 34: (unless that specific GPL code includes an exception for OpenSSL - a habit 35: that is growing more and more common). If OpenSSL's licensing is a problem 36: for you, consider using another TLS library. 37: 38: ## GnuTLS 39: 40: (May be used for SSL/TLS support) Uses the 41: [LGPL](https://www.gnu.org/licenses/lgpl.html) license. If this is a problem 42: for you, consider using another TLS library. Also note that GnuTLS itself 43: depends on and uses other libs (libgcrypt and libgpg-error) and they too are 44: LGPL- or GPL-licensed. 45: 46: ## WolfSSL 47: 48: (May be used for SSL/TLS support) Uses the GPL license or a proprietary 49: license. If this is a problem for you, consider using another TLS library. 50: 51: ## NSS 52: 53: (May be used for SSL/TLS support) Is covered by the 54: [MPL](https://www.mozilla.org/MPL/) license, the GPL license and the LGPL 55: license. You may choose to license the code under MPL terms, GPL terms, or 56: LGPL terms. These licenses grant you different permissions and impose 57: different obligations. You should select the license that best meets your 58: needs. 59: 60: ## mbedTLS 61: 62: (May be used for SSL/TLS support) Uses the [Apache 2.0 63: license](https://opensource.org/licenses/Apache-2.0) or the GPL license. 64: You may choose to license the code under Apache 2.0 terms or GPL terms. 65: These licenses grant you different permissions and impose different 66: obligations. You should select the license that best meets your needs. 67: 68: ## BoringSSL 69: 70: (May be used for SSL/TLS support) As an OpenSSL fork, it has the same 71: license as that. 72: 73: ## libressl 74: 75: (May be used for SSL/TLS support) As an OpenSSL fork, it has the same 76: license as that. 77: 78: ## BearSSL 79: 80: (May be used for SSL/TLS support) Uses an MIT license that is very liberal 81: and imposes no restrictions on any other library or part you may link with. 82: 83: ## c-ares 84: 85: (Used for asynchronous name resolves) Uses an MIT license that is very 86: liberal and imposes no restrictions on any other library or part you may link 87: with. 88: 89: ## zlib 90: 91: (Used for compressed Transfer-Encoding support) Uses an MIT-style license 92: that shouldn't collide with any other library. 93: 94: ## MIT Kerberos 95: 96: (May be used for GSS support) MIT licensed, that shouldn't collide with any 97: other parts. 98: 99: ## Heimdal 100: 101: (May be used for GSS support) Heimdal is Original BSD licensed with the 102: announcement clause. 103: 104: ## GNU GSS 105: 106: (May be used for GSS support) GNU GSS is GPL licensed. Note that you may not 107: distribute binary curl packages that uses this if you build curl to also link 108: and use any Original BSD licensed libraries! 109: 110: ## libidn 111: 112: (Used for IDNA support) Uses the GNU Lesser General Public License [3]. LGPL 113: is a variation of GPL with slightly less aggressive "copyleft". This license 114: requires more requirements to be met when distributing binaries, see the 115: license for details. Also note that if you distribute a binary that includes 116: this library, you must also include the full LGPL license text. Please 117: properly point out what parts of the distributed package that the license 118: addresses. 119: 120: ## OpenLDAP 121: 122: (Used for LDAP support) Uses a Modified BSD-style license. Since libcurl uses 123: OpenLDAP as a shared library only, I have not heard of anyone that ships 124: OpenLDAP linked with libcurl in an app. 125: 126: ## libssh2 127: 128: (Used for scp and sftp support) libssh2 uses a Modified BSD-style license.