https://bugs.openldap.org/show_bug.cgi?id=10093
Issue ID: 10093 Summary: Unclear licenses in certain places Product: OpenLDAP Version: 2.6.6 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs@openldap.org Reporter: thegeorg@yandex-team.com Target Milestone: ---
We use scancode-toolkit in order to perform automatic license analysis.
At the time, this toolkit reports certain places with unclear license status.
In particular, libraries/libldap/modrdn.c (lines 19 to 24) bear the following notice:
``` /* Copyright 1999, Juan C. Gomez, All rights reserved. * This software is not subject to any license of Silicon Graphics * Inc. or Purdue University. * * Redistribution and use in source and binary forms are permitted * without restriction or fee of any kind as long as this notice * is preserved. */ ```
While copyright notice is completely fine, the second part can not be recognised as any SPDX acknowledged license.
Is it possible to unify the text across other parts of OpenLDAP?
https://bugs.openldap.org/show_bug.cgi?id=10093
--- Comment #1 from thegeorg@yandex-team.com --- Same problem also applies to libraries/libldap/os-local.c (lines 20..21)
/* Portions (C) Copyright PADL Software Pty Ltd. 1999 * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that this notice is preserved * and that due credit is given to PADL Software Pty Ltd. This software * is provided ``as is'' without express or implied warranty. */
https://bugs.openldap.org/show_bug.cgi?id=10093
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@openldap.org |hyc@openldap.org Keywords|needs_review |
https://bugs.openldap.org/show_bug.cgi?id=10093
--- Comment #2 from Howard Chu hyc@openldap.org --- As those headers clearly state, they are owned by their respective authors and the OpenLDAP Project has no authority to modify their license terms. We see no issue here since their redistribution terms are liberal and fully compatible with the OpenLDAP Public License. There is no action to take here, so this ticket will be closed.
https://bugs.openldap.org/show_bug.cgi?id=10093
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |INVALID Status|UNCONFIRMED |RESOLVED
https://bugs.openldap.org/show_bug.cgi?id=10093
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
https://bugs.openldap.org/show_bug.cgi?id=10093
--- Comment #3 from Richard Fontana rfontana@redhat.com --- I found a comment by Juan C. Gomez here https://answers.launchpad.net/ubuntu-rtm/14.09-factory/+source/openldap/+cop... which I read as saying that their license notices should be treated as equivalent to the OpenLDAP license.
Regarding the other one, I've submitted this to SPDX for potential inclusion in the SPDX license list with a distinct identifier. (https://github.com/spdx/license-list-XML/issues/2141) However, that is neither here nor there; Howard Chu is correct, there's nothing wrong with OpenLDAP's inclusion of code under this license and OpenLDAP should not be expected to care about SPDX identifiers if it doesn't want to. The reason this came to my attention is that we are using SPDX identifiers in the Fedora Project to classify licenses and for use in RPM package metadata.
https://bugs.openldap.org/show_bug.cgi?id=10093
--- Comment #4 from thegeorg@yandex-team.com --- Nothing is wrong, but using custom text without specific SPDX identifier makes it hard to do automatic license analysis (we use scancode-toolkit).
Thanks for passing this to the SPDX project, Richard.
-
openldap-its@openldap.org