-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
License change #8462
Merged
gilles-peskine-arm
merged 10 commits into
Mbed-TLS:development
from
daverodgman:license-change
Nov 4, 2023
Merged
License change #8462
Changes from all commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
16799db
update headers
daverodgman 8ce5170
Update documentation
daverodgman 658bcff
Add Changelog for license
daverodgman f8be5f6
Fix overlooked files
daverodgman fffeae8
Update license for p256-m
daverodgman ce38adb
Fix header in ssl_tls13_keys.c
daverodgman af54378
README improvements to 3rdparty section
daverodgman aeaf1d7
Update license and copyright in config files
daverodgman 4eb44e4
Standardise some more headers
daverodgman be8b02b
Remove not-needed sentence
daverodgman File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m), which is distributed under the Apache 2.0 license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. | ||
| The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m). They are distributed here under a dual Apache-2.0 OR GPL-2.0-or-later license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project. | ||
|
|
||
| The files `p256-m.c` and `.h`, along with the license, have been taken from the `p256-m` repository. | ||
| The files `p256-m.c`, `p256-m.h` and `README.md` have been taken from the `p256-m` repository. | ||
| It should be noted that p256-m deliberately does not supply its own cryptographically secure RNG function. As a result, the PSA RNG is used, with `p256_generate_random()` wrapping `psa_generate_random()`. |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| Changes | ||
| * Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later | ||
| license. Users may choose which license they take the code under. |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We are now releasing everything under a dual license except Everest and p256-m. I assume this is deliberate.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For p256-m I wanted to check with @mpg first. For Everest, I don't know the situation. Are we permitted to release under GPL?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Everest was contributed through #2073 (eventually merged via ARMmbed/mbed-crypto#140). The Everest files have always had Apache-only header files. However, to the best of my knowledge, the contributor had signed the Contributor License Agreement (CLA) which allowed Arm to distribute the contribution under any other license at Arm's choice. The fact that there was no discussion of the license during the review is not particularly an indication that there was an agreement that Everest would be Apache-only: given our practice at the time, we may have just assumed that the overall license would apply. If there was any discussion between Arm and Microsoft about the license, I either wasn't in on it or have completely forgotten. We would need to dig through legal documents to figure it out for sure though.
In any case, it's not particularly surprising to recipients that the content of a
3rdpartyrepository might have a different license from the rest of the project, and everything under3rdpartyis optional, so this isn't critical.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For p256-m, I'm more than happy to relicense to Apache-or-GPL.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @mpg, I'll update p256-m.
For Everest: we have never distributed it as GPL, so there's no precedent, and it is marked as Apache 2.0. It is definitely quite possible that the authors did not realise/intend for it to be under a GPL license. On that basis I don't feel comfortable putting it under the dual license without consulting the authors. I will leave it as Apache 2.0 unless the situation changes. @wintersteiger - we would be grateful for your input here.