[jdev] Jabberd 1.4.x license concerns/questions

Fri Apr 1 03:51:31 CST 2005

Hi Jamin!

I now had my own review of the code ... but used 1.4.4.

I understand that you don't want to use something that is called beta,
but I consider it to be more stable than 1.4.3.1 (which is our latest
release). 1.4.3.1 already misses most of the files, that are not
JOSL/GPL-dual licenced as expat had been removed from the source.
Most of the other files not under this dual licence are not used by a
build on Linux/glibc at all, so the problems even for 1.4.3.1 shouldn't
be big, you might just have to remove some files you don't need anyway.
I might help you with this.

In jabberd 1.4.4 RC 1 (which I plan to publish tomorrow), all is
JOSL/GPL-dual licenced and has this declarations in the files, with the
following exceptions:

- Documentation and configuration files don't carry licence information
  (I think you don't need this, do you?)
- Files generated by autoconf/automake/libtool don't have our own
  copyright, but this is standard on programms build using these tools,
  no?
- generateSSLkey is a bash script with no licence declaration, I will
  find out who wrote it and ask him if JOSL+GPL is okay.
- jabberd/mio_ssl.c and jabberd/lib/jabberdlib.h are missing licence
  declarations. I guess they were intended to be JOSL+GPL and I have to
  check who has more information on it
- jsm/modules/mod_groups.c and jsm/modules/mod_auth_crypt.c only declare
  the JOSL licence. Both modules are not used in a standard install,
  they could be removed. mod_groups.c may even be unusable, I havn't
  tried it myself.
- jabberd/jabberd.h and jabberd/lib/base64.c only declare JOSL and not
  GPL and in deed are needed files. I think this isn't on purpose, and
  I have to check.
- jabberd/lib/snprintf.c has the Apache Licence, it is an implementation
  of snprintf, if this function is missing in the libc.
- jabberd/lib/sha.c has the Mozilla Public Licence 1.1, it is an
  implementation of the SHA1 hashing algorithm.

Well if you really have problems with mixed licences in the code, the
biggest problem might be the last two files, where we don't use our own
code, but code from other projects. If this is a problem, we would have
to reimplement snprintf.c on our own ... sha.c could be replaced by
makeing linkage of openssl a requirement and using the SHA function
provided by them.

In all other cases I think we are just missing to declare both licences
as applicable. A LICENCE file is present in all beta releases and
snapshots of 1.4.4 as well and will be in the final release too.

Tot kijk
    Matthias

-- 
Fon: +49-(0)70 0770 07770          http://web.amessage.info
Fax: +49-(0)89 312 88 654          xmpp:mawis at amessage.info
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://www.jabber.org/jdev/attachments/20050401/addb1522/attachment-0002.pgp>