On 12/4/23 12:43 PM, João Valverde wrote:
On 04/12/23 18:45, Gerald Combs wrote:
The FAQ entry below makes it clear that developing an internal version of Wireshark is permitted, and that "within an organization" counts as "internal." As far as I know the GPL doesn't place any restrictions on making an internal combined work with GPL and non-GPL software, so writing a non-GPL, internal-only plugin is permitted as long as you take care to keep it internal. I'd personally prefer that plugins were GPL-compatible, but I also know that we live in a real world where that sometimes isn't possible.
There's two things here. Internal use of modified Wireshark source code is allowed, agreed, regardless of any software license. This includes writing and linking binary plugins. All the Wireshark copyright holders already gave permission for that when they licensed their code using the GPL.
I'm less happy about statements that could be construed to imply that GPL compatibility is a matter of convenience in the real world, even obliquely. At best it is an oversimplification to the point of incorrection that sends the wrong message.
I expect everyone who modifies or integrates with Wireshark to abide by its license. I've enforced the GPL on the project's behalf before and I'll do it again if needed, although I'd prefer to help people avoid violating the license in the first place.
https://www.gnu.org/licenses/gpl-faq.html#GPLAndPlugins
https://www.gnu.org/licenses/gpl-faq.html#LinkingWithGPL
Gerald: "As far as I know the GPL doesn't place any restrictions on making an internal combined work with GPL and non-GPL software"
Is this really correct? Is it possible to comply with the GPLv2 and modify Wireshark to use a third-party proprietary library, even if it is only used internally? Can corporation A legally modify Wireshark source code to use a proprietary library licensed by corporation B to corporation A, even if they never release this modified version outside of A's organization? I would be surprised if that were the case.
You're the one insisting that the GPLv2 prohibits this, so where does it say that? The only clause I can find in the GPLv2 that directly addresses modification is 2a:
"You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change."
That's it. I don't see anything that prohibits me from combining GPL code with proprietary code on my personal machine or my company laptop. *However*, the very next clause (2b) says
"You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License."
...so if you do combine Wireshark with some piece of GPL-incompatible code, you certainly can't distribute it under the terms of the GPL, and in Wireshark's case it means you can't distribute your combined work at all since Wireshark is only available under the GPL.
This isn't in contradiction with the fact that writing plugins and not distributing the source code is allowed by the GPL. It does not make much sense to ask if the plugin is compatible or incompatible with the GPL (unless the plugin uses other software already using other licenses). This question of GPL compatibility only poses itself when a license must be granted to a third party to use this (proprietary/secret/whatever) binary plugin as a combined work with Wireshark.
I'm not sure what you're getting at here. If we can determine that a plugin isn't GPL or GPL-compatible, we could expose that in the UI, which might help companies avoid distributing something that they shouldn't.
My former employer built an internal version of Wireshark which contained both modified Wireshark code and (as I recall) internal plugins. The installer and main screen were quite clear that it was internal only and should not be provided to anyone outside the company. Plugin license detection would probably have been useful in that case.