Hi Volker, Volker Diels-Grabsch writes:
> Hi Olaf, > > (Sorry for the previous email. I overlooked that one.) > > Thanks for reviewing my proposals! You're welcome. > Olaf Meeuwissen schrieb: >> >> * 0001-Fix-typos-in-comments.patch.gz >> >> There's about 100 other "annoying" `dont`'s you didn't fix ;-), but >> there is nothing wrong with your patch. > > That's strange. I thought I did a full-text search. Anyway! :-) Try: git grep -wi dont > [...] > >> * 0005-Introduce-md5_set_uint32.patch.gz >> >> Hmm, fixing code that originated from glibc an aeon ago. >> Maybe we should consider updating with more recent upstreams rather >> than trying to patch up things ourselves. >> >> Skipping this for now. > > That was my first attempt, too. Indeed, there are newer versions of > GNUlib! However, early on, GNUlib's license changed into a strong > copyleft license (GPL or something). That happened long before they > updated their MD5 implementation. I've discovered the same. Both gnulib and gcc have GPL'd versions of md5.c. The one in glibc is still LGPL but doesn't fix the strict aliasing issue that your patch fixes. > So if you use a newer GNUlib, sane-backends will effectively have a > stronger license. I, personally, would have no problem with that. > But I thought it would be inappropriate for a contribution to impose > a different license on a project. I was thinking along the same lines but also had a look at what is using the MD5 code. Turns out that it is only used by the scanimage and saned frontends, both of which are plain GPL-v2 or later. That is, no SANE exception is applied. The sanei/sanei_auth.c file also includes it but apart from saned, there is nothing that includes the corresponding sanei_auth.h header. None of the backends link with sanei_auth.lo either. Now there is one possible catch: the MD5 code is used in the bowels of the auth_callback() function that is passed to the backend(s) by the scanimage frontend. However, the rest of the function is already GPL-v2. Hence, whether the MD5 code is LGPL or GPL doesn't really matter, AFAIU, for scanimage. For saned, the situation is slightly different as that uses the sanei_authorize() function from sanei/sanei_auth.c which is GPL-v2 w/ SANE exception. In this case it might matter whether the MD5 code is LGPL or GPL but I am not quite sure how the GPL status of saned itself affects the whole thing. # The GPL FAQ[1] makes my head swim :-(, once again # [1] http://www.gnu.org/licenses/gpl-faq.html > My patch was an attempt to fix exactly that one issue on my own, > isolated, leaving everything else untouched, so that no licensing > issues occur. Your attention to the licensing details is to be commended and, given the above, I think that applying your patch is the best solution. I'll push it shortly together with a minor tweak of my own to get rid of the (char *) casts. Hope this helps, -- Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9 Support Free Software https://my.fsf.org/donate Support the Free Software Foundation https://my.fsf.org/join -- sane-devel mailing list: sane-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/sane-devel Unsubscribe: Send mail with subject "unsubscribe your_password" to sane-devel-requ...@lists.alioth.debian.org