Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
CUPS license upgrade to GPLv2+ ? #4337
I know this is quite a sensitive topic but I thought asking in public wouldn't hurt�
While we were discussing how Debian would handle the license-wise impossibility to build CUPS against 3.x GnuTLS versions on the thread starting on https://lists.debian.org/debian-devel/2014/01/msg00205.html , Daniel Kahn Gillmor suggested to ask CUPS' upstream to relicense it under GPLv2+, so here I am.
Licensing CUPS under GPLv2+ would allow linking it against 3.x GnuTLS versions which are incompatible with GPL-2-only softwares because libgmp is licensed in LGPLv3+. On the other hand, while CUPS does have an OpenSSL exception to its GPLv2 license, many software out there is licensed without this exception, forbidding the linking of these against libcups2 if it links with OpenSSL.
See https://lists.debian.org/debian-devel/2013/12/msg00329.html for the start of thread discussing the status of GnuTLS in Debian.
Without a licensing of CUPS compatible with GnuTLS 3.x (in fact, with GNU MP), the situation essentially boils down to either:
None of these are really acceptable (or event doable in the case of b) in my opinion; so here I am asking Apple for a license upgrade of CUPS to GPLv2+. We will likely also ask GNU MP to revert their license upgrade, which would also solve this problem.
As mentionned in introduction, I very much understand the sensitivity of this topic and would perfectly understand an expeditive answer.
With my best regards,
CUPS.org User: mike
We cannot, for a number of legal and (Apple) liability reasons, relicense CUPS as [L]GPL2+. It will never happen.
OpenSSL support has been removed from the CUPS 2.0 source code and is not an option.
That leaves you with using GnuTLS ([L]GPL2/3) or porting Apple's CDSA/Security code (Apache license), although the Apache license may not be GPL3 compatible according to the FSF. Given that GnuTLS is included with basically every Linux distribution as a standard OS component, it SHOULD automatically fall under the [L]GPL2/3 exception for system libraries (just as OpenSSL should have fallen under the same exception...) If not, then I humbly suggest you talk to the FSF.