Instead of generating the source code differently what if the source was constant and variables were just changed. If all dll were required to contain cert variables something 2048 bits long. At server startup the key could be generated and the dll compiled and distributed. That way every game the libraries would be different. The authentication could involve returning the cert along with a MD5 of the library? With a cert and the MD5 as the password I think we getting into a self authenticating library? (I am sure I have missed something in here) I agree that this method would force a ------------long------------ server start up time... and a long client connect time.. however if the server is intended to be running for a long time, it might be worth considering? Just crazy ideas... 25+ pages of design documentation generated already.. I will probably have a working document to post sometime in the next few weeks. I would really like to be able to capture these discussions inside that document. Regards, ~Aaron Steve Baker wrote: > I suppose you could imagine a scheme where the server created some > key part of the data verification/transmission algorithm on-the-fly. > It could send this to the clients as both source and dynamically > linked binary - thus maintaining GPL compliance. However, the end > users would only be in posession of the code for the duration of the > session - which wouldn't give them enough time to understand the source > code, compile it and install it into the tool before the game is over. > > So - could you write code to generate a verification/transmission > library on-the-fly that would be sufficiently different from the > one you sent the last time? > > ---------------------------- Steve Baker ------------------------- > HomeEmail: <sjbaker1@airmail.net> WorkEmail: <sjbaker@link.com> > HomePage : http://www.sjbaker.org > Projects : http://plib.sf.net http://tuxaqfh.sf.net > http://tuxkart.sf.net http://prettypoly.sf.net > -----BEGIN GEEK CODE BLOCK----- > GCS d-- s:+ a+ C++++$ UL+++$ P--- L++++$ E--- W+++ N o+ K? w--- !O M- > V-- PS++ PE- Y-- PGP-- t+ 5 X R+++ tv b++ DI++ D G+ e++ h--(-) r+++ y++++ > -----END GEEK CODE BLOCK-----
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature