[dm-crypt] License Clarification

Nathaniel McCallum npmccallum at redhat.com
Thu Nov 10 20:41:24 CET 2016


In reviewing the license choices of a set of my projects, I have
noticed an inconsistency in licensing and I would like to receive some
clarification.

There is a commit that changes some of the code to LGPLv2.1+:
https://gitlab.com/cryptsetup/cryptsetup/commit/7eccb7ff5031a4f42f1ae8f7ffaefe80ba0d53dd

However, the main header still reads GPLv2+:
https://gitlab.com/cryptsetup/cryptsetup/blob/master/lib/libcryptsetup.h

Further, the API examples have LGPLv2.1+:
https://gitlab.com/cryptsetup/cryptsetup/wikis/API/index.html

Again, the openssl crypto backend are licensed as LGPLv2.1+ w/ openssl
exception. However, this exception doesn't seem to apply to the whole
library:
https://gitlab.com/cryptsetup/cryptsetup/blob/master/lib/crypto_backend/crypto_openssl.c

In short, it is very unclear to me how this licensing is supposed to work.

The best I can ascertain is this:

crypto-backend (LGPLv2+) ==> libcryptsetup (GPLv2+) ==> API examples (LGPLv2+)

It would, thus, seem to me that the API examples are incompatibly
licensed and cannot actually link against libcryptsetup.

Further, it seems to me that the crypto-backend can link against
openssl, but not libcryptsetup itself. This further implies that
consumers of libcryptsetup cannot link against openssl.

Have I understood this correctly?


More information about the dm-crypt mailing list