On Mon, Jul 04, 2016 at 08:27:55AM +0200, Florian Weimer wrote:
Historically, the Sleepycat license was deemed compatible with the
GPL,
version 2, because it was another (soft) copyleft license.
However, I'm not so sure if this is true for GPL, version 3. The Sleepycat
license implements copyleft like this:
“
3. Redistributions in any form must be accompanied by information on how
to
obtain complete source code for the cryptlib software and any
accompanying
software that uses the cryptlib software. The source code must either
be
included in the distribution or be available for no more than the cost
of
distribution, and must be freely redistributable under reasonable
conditions. For an executable file, complete source code means the
source
code for all modules it contains or uses. […]
”
The above appears to be a further restriction on top of the GPL, version 3,
which gives this permission:
“
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
”
I think it is impossible to grant a downstream user these additional
permissions if the combined work also needs to comply with the Sleepycat
license.
I think the question comes down to whether source code that is subject
to the kind of contract contemplated in the quoted language of GPLv3
section 2 is "freely redistributable under reasonable conditions". In
particular are the contemplated restrictions on distribution of trade
secret modifications by a contractor "reasonable conditions" on the
free redistribution of the source code actually given to the
contractor?
I don't recall addressing Sleepycat/GPLv3 compatibility before but I'm
inclined to say "by default, no". Here, though, you have a developer
who has evidently continued to put cryptlib under a Sleepycat-like
license continuously even after the introduction of GPLv3, with a
continued insistence on that license being GPL-compatible in an
obvious attempt to benefit from such a characterization. As such I
think for purposes of cryptlib the license should be interpreted in
such a way that it does not give rise to a conflict with GPLv3.
Richard