LGPL library using only LGPL-parts of partially GPL shared library (gnutls, nettle)

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Feb 20 16:12:39 CET 2011

On 02/20/2011 11:23 AM, Andreas Metzler wrote:

> Hello, That would break the ABI and require a soname change, afaiui.
> I have the feeling that the discussion I started is an academic one 
> anyway. Nettle's public key library (libhogweed) uses and links 
> against libgmp, which is LGPLv3+. Therefore switching gnutls from 
> gcrypt to nettle would break GPLv2-compatibility (GPLv2 without the 
> "or any later version " clause). Oh dear.

That's pretty bad news... Although it doesn't affect 2.12 too seriously.
nettle was a factor of 2x faster in the combination of AES/RSA/SHA-1 in
the software implementation of algorithms (no asm except for gmp), and
didn't impose restrictions on the applications that used it (i.e.
suid/non-suid), thus it was selected for default back-end of gnutls.

However since in 2.12 all the features used by gnutls are supported by
libgcrypt there is no problem for debian linking with it[0].


[0]. This might be an issue in later releases that support
the GCM ciphersuites (in master only) that are not supported
by libgcrypt.

More information about the Gnutls-devel mailing list