[CCing you since I presume you aren't subscribed, apologies if you are] On Fri, May 21, 2010 at 1:17 AM, Robin Gareus <ro...@gareus.org> wrote:
>> xmalloc is GPL not LGPL so I'm wondering why upstream and >> debian/copyright refer to the LGPL. > > xmalloc is 'generated' by autotools (autotools replaces the project-name in > there) and /usr/share/doc/autoproject/README reads: > > "autoproject itself is distributed under the GNU General Public License. > As a special exception to the GNU General Public License, you may > use the files generated by autoproject without any restriction." Hmm. I'd say that exception is so vague as to be useless. A permissive license would be much better. >> xmalloc reduces the amount of software that can link with liboauth >> (due to GPL licensing incompatibilities), it would be nice if upstream >> could use plain malloc. You may want to send upstream a patch. > > no need to send a patch: > xmalloc is only used IFF liboauth is configured with --enable-gpl. Ah. The README says that --disable-gpl may cause segfaults, that doesn't sound good. Also, by using OpenSSL, you are preventing GPLed apps from using liboauth due to license incompatibility between the apps and OpenSSL, yay transitive license violations :D http://lists.debian.org/debian-legal/2007/11/msg00061.html Providing GnuTLS and or NSS backends might be one option to fix this. Another might be to delegate SSL stuff to the app using liboauth. Also, in 0.7.1, xmalloc is still linked into the library, you need to do some ifdefs in src/Makefile.am. libtool: link: x86_64-linux-gnu-gcc -shared .libs/liboauth_la-oauth.o .libs/liboauth_la-hash.o .libs/liboauth_la-xmalloc.o .libs/liboauth_la-oauth_http.o -lm -lcrypto /usr/lib/libcurl.so -Wl,-z -Wl,defs -Wl,-soname -Wl,liboauth.so.0 -o .libs/liboauth.so.0.5.2 >> Uhh, actually since you are linking xmalloc and OpenSSL (GPL & OpenSSL >> licenses are not compatible), the liboath0 binary package is not >> distributable! > > Thanks for bringing this to my attention, I've added an exemption as suggested > by http://lists.debian.org/debian-legal/2004/05/msg00595.htm Uh, you are not the copyright holder of the xmalloc code, so you cannot do this. As said above, --disable-gpl and dropping OpenSSL is the solution here. >> libtoolize: rerunning libtoolize, to keep the correct libtool macros in-tree. >> libtoolize: Consider adding `-I m4' to ACLOCAL_AMFLAGS in Makefile.am. > > ?? I don't use ACLOCAL_AMFLAGS in Makefile.am. Probably it is prompting you to add it. >> lintian complaints (send most upstream): >> X: liboauth0: shlib-calls-exit usr/lib/liboauth.so.0.5.2 Looks like that was caused by using xmalloc. >> I: liboauth-dev: hyphen-used-as-minus-sign usr/share/man/man3/oauth.3.gz:374 >> I: liboauth-dev: hyphen-used-as-minus-sign usr/share/man/man3/oauth.3.gz:376 >> I: liboauth-dev: hyphen-used-as-minus-sign usr/share/man/man3/oauth.3.gz:403 >> I: liboauth-dev: hyphen-used-as-minus-sign usr/share/man/man3/oauth.3.gz:405 >> I: liboauth-dev: hyphen-used-as-minus-sign usr/share/man/man3/oauth.3.gz:863 > > Well, these are tricky! Said man-page is generated by Doxygen. Any ideas how > to > tell doxygen to properly escape those hyphens? > > I've found > http://www.mail-archive.com/debian-mentors@lists.debian.org/msg39606.html > but replacing them is not really an option since doxygen is also generating > html > from the same sources. How are you building the manual page? Your Makefile.am doesn't list any commands for doing so. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinojwjnpwxtmphirchilyitui0kjjce2zhz_...@mail.gmail.com