[sane-devel] Cleanup and small fixes

Olaf Meeuwissen paddy-hack at member.fsf.org
Fri Jan 8 12:29:13 UTC 2016


Hi Volker,

Volker Diels-Grabsch writes:

> Hi Olaf,
>
> (Sorry for the previous email.  I overlooked that one.)
>
> Thanks for reviewing my proposals!

You're welcome.

> Olaf Meeuwissen schrieb:
>> 
>> * 0001-Fix-typos-in-comments.patch.gz
>> 
>>   There's about 100 other "annoying" `dont`'s you didn't fix ;-), but
>>   there is nothing wrong with your patch.
>
> That's strange.  I thought I did a full-text search.  Anyway! :-)

Try: git grep -wi dont

> [...]
>
>> * 0005-Introduce-md5_set_uint32.patch.gz
>> 
>>   Hmm, fixing code that originated from glibc an aeon ago.
>>   Maybe we should consider updating with more recent upstreams rather
>>   than trying to patch up things ourselves.
>> 
>>   Skipping this for now.
>
> That was my first attempt, too.  Indeed, there are newer versions of
> GNUlib!  However, early on, GNUlib's license changed into a strong
> copyleft license (GPL or something).  That happened long before they
> updated their MD5 implementation.

I've discovered the same.  Both gnulib and gcc have GPL'd versions of
md5.c.  The one in glibc is still LGPL but doesn't fix the strict
aliasing issue that your patch fixes.

> So if you use a newer GNUlib, sane-backends will effectively have a
> stronger license.  I, personally, would have no problem with that.
> But I thought it would be inappropriate for a contribution to impose
> a different license on a project.

I was thinking along the same lines but also had a look at what is using
the MD5 code.  Turns out that it is only used by the scanimage and saned
frontends, both of which are plain GPL-v2 or later.  That is, no SANE
exception is applied.

The sanei/sanei_auth.c file also includes it but apart from saned, there
is nothing that includes the corresponding sanei_auth.h header.  None of
the backends link with sanei_auth.lo either.

Now there is one possible catch: the MD5 code is used in the bowels of
the auth_callback() function that is passed to the backend(s) by the
scanimage frontend.  However, the rest of the function is already GPL-v2.
Hence, whether the MD5 code is LGPL or GPL doesn't really matter, AFAIU,
for scanimage.

For saned, the situation is slightly different as that uses the
sanei_authorize() function from sanei/sanei_auth.c which is GPL-v2 w/
SANE exception.  In this case it might matter whether the MD5 code is
LGPL or GPL but I am not quite sure how the GPL status of saned itself
affects the whole thing.

# The GPL FAQ[1] makes my head swim :-(, once again
# [1] http://www.gnu.org/licenses/gpl-faq.html

> My patch was an attempt to fix exactly that one issue on my own,
> isolated, leaving everything else untouched, so that no licensing
> issues occur.

Your attention to the licensing details is to be commended and, given
the above, I think that applying your patch is the best solution.  I'll
push it shortly together with a minor tweak of my own to get rid of the
(char *) casts.

Hope this helps,
-- 
Olaf Meeuwissen, LPIC-2            FSF Associate Member since 2004-01-27
 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13  F43E B8A4 A88A F84A 2DD9
 Support Free Software                        https://my.fsf.org/donate
 Support the Free Software Foundation           https://my.fsf.org/join





More information about the sane-devel mailing list