[Libwebsockets] License obligations
saki6809 at gmail.com
Tue May 4 19:13:45 CEST 2021
Hello Andy Green
Thank you so much for the information.
I have found LGPL 2.1 components at
*libwebsockets-4.1-stable/include/libwebsockets/lws-mqtt.h*, which was not
included in the license folder of your repository. If you have linked those
specific components statically, please let me know.
Thanks in advance.
On Tue, May 4, 2021 at 5:07 PM Andy Green <andy at warmcat.com> wrote:
> On 5/4/21 2:29 PM, krushith rao wrote:
> > Hello,
> > I am using libwebsockets to build a commercial application. Since
> > libwebsockets is under MIT license, I need to provide attribution and
> > copyright notice in the redistribution of my application.
> > Unfortunately, I have found that in the license folder that
> > libwebsockets also includes other programms which are under different
> > permissive licenses like BSD clause 2, Apache 2.0 and Public domain
> > license. So, to comply with license of the other components included in
> > the libwebsockets, do i need to provide a copy of BSD clause -2, apache
> > 2.0 and public domain license in the redistribution of my application.
> I Am Not A Lawyer, but from my side for my code, it's OK for me if you
> point to ./LICENSE in the version of lws gitweb you built, something like
> since that file describes the main license and the gnarly details.
> To help with that, I bolstered what's in LICENSE on main with copies of
> the mentioned licenses from the sources elsewhere in lws. There is no
> change to the license, it's just copying the unchanged license text from
> some lws files into one place as an additional convenience after the
> license stuff that was already there.
> Apart from MIT, and CC0 which has no requirements on you, the imported
> pieces are only built into binaries under specific circumstances.
> - BSD3: the related SHA-1 implementation for ws is only built if you
> a) use we protocol with lws, and b) don't build with
> `-DLWS_WITHOUT_BUILTIN_SHA1=1` ... that disables the code in question
> and uses the tls library sha-1 instead.
> - ZLIB: zlib... this is not built into your binary by default, you
> have to enable `-DLWS_WITH_ZLIB=1` and then be building for windows
> before it gets built into lws. So unless you did that, the license
> won't apply to the binary since no zlib code is built.
> - APACHE2: this is for the mbedtls wrapper, if you build against
> anything except mbedtls (openssl, wolfssl, libressl, boringssl etc) it
> will not apply to your binary since it's not built in there.
> So AIUI you have a way to avoid having to deal with the requirements of
> those additional licenses **for binary distribution** by ensuring the
> related code was not built into your binary. For source distribution,
> you have to observe them, but AFAIK just serving someone the unchanged
> tarball is compliant for that.
> You can also send patches with MIT-licensed alternatives I can swap
> these things out for. But I think you will find, if you have to
> consider that, it's not really so "unfortunate" we got some free
> implementations we can use or base off without rewriting them. It'd be
> ideal if everyone agreed on one liberal license so no impedance mismatch
> (some of the composed code was already MIT, so it does happen), but
> that's not how it is out there at the moment.
> > If so, please let me know.
> > Thanks in advance
> > Regards,
> > sand
> > _______________________________________________
> > Libwebsockets mailing list
> > Libwebsockets at ml.libwebsockets.org
> > https://libwebsockets.org/mailman/listinfo/libwebsockets
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Libwebsockets