I can keep my software closed if I dynamically link to the library. What I want to avoid is people replacing the DLL of the library, so would it be legal to put a check in my program that ensures it is using the dll that it was distributed with? (the dll I am referring to is the LGPL''ed libraries DLL) Help apprecietad.

Legal ? I don''t know.
Contrary to the spirit of the license ? It depends.
A good idea technically ? I don''t think so.

If the user cannot run your program with a freshly built version of the library - assuming version numbers match - then you are in hot waters. The LGPL intends for you to give back any modifications you do on the LGPLed library. Swapping library binaries, which is what dynamic linking enables, ensures that you have not violated the agreement by silently modifying the library.

Your install process should check version numbers for compatibility, not impose the use of a specific binary, especially not one you have provided.

Now, if your program can only run with this specific binary, then you MUST provide the library source code, especially if you modified it, as well as (obviously) all the configuration information necessary to rebuild the library so that it is usable by your program.

[ Start Here ! | How To Ask Smart Questions | Recommended C++ Books | C++ FAQ Lite | Function Ptrs | CppTips Archive ]
[ Header Files | File Format Docs | LNK2001 | C++ STL Doc | STLPort | Free C++ IDE | Boost C++ Lib | MSVC6 Lib Fixes ]

"Contrary to the spirit of the license ? It depends."

The reason is to prevent cheating, my software is to be used in a multiplayer setting, if people can use a different dll, my entire project will not work, it will fail, I will not even attempt to go through with it then.

It is not because I want to take credit for anything I didn''t do or go against the spirit of any license. I would state clearly what libraries I have used.

"A good idea technically ? I don''t think so."

But would there be any other way to get around my problem mentioned above, apart from not using the library?

Thanks for the feedback.

It is most certainly contrary to the license. The license requires that you allow people to replace the DLL in question:

quote:
b) Use a suitable shared library mechanism for linking with the Library. A suitable mechanism is one that (1) uses at run time a copy of the library already present on the user's computer system, rather than copying library functions into the executable, and (2) will operate properly with a modified version of the library, if the user installs one, as long as the modified version is interface-compatible with the version that the work was made with.

And if you're actually trusting a client-side DLL to prevent cheating in a multiplayer game, then you really need to sit down and read up on why that's a dumb idea.

How appropriate. You fight like a cow.

[edited by - sneftel on September 11, 2003 8:00:00 PM]

quote: Original post by FearedPixel
The reason is to prevent cheating, my software is to be used in a multiplayer setting, if people can use a different dll, my entire project will not work, it will fail, I will not even attempt to go through with it then.

What libraries are you talking about? Whatever it is, you *should* be able to perform checks so what it does is correct.

quote: But would there be any other way to get around my problem mentioned above, apart from not using the library?

When you do not describe what the problem is, besides "prevent cheating", it is really hard to give suggestions. We do not know what kind of cheating you worry about, not what functionality the library provides.

Basically, if they can get the source to the library (which they can, its a well known lgpl library) and modify some functions, then rebuild the dll and swap it in, then that is enough to cheat.




"And if you're actually trusting a client-side DLL to prevent cheating in a multiplayer game, then you really need to sit down and read up on why that's a dumb idea."

- could you elaborate? If my exe performs size and some checksum tests on the dll to make sure its the right one, is there still ways to get around that?




Which library it is really shouldn't be an issue, and i would rather leave that out so that it does not affect anything.



Yes, I can produce checks to make sure the dll does what it should, but I can't perform checks on any additional things it does which it shouldn't. That is my problem, if people make custom versions of the dll that work 100% like the original, but give out some extra information oerhaps.

[edited by - FearedPixel on September 11, 2003 9:14:55 PM]

quote: Original post by FearedPixel
If my exe performs size and some checksum tests on the dll to make sure its the right one, is there still ways to get around that?

Of course there is. Crackers could simply modify or disable those tests. The First Rule of Copy/Cheat Protection is "anything can be broken, eventually". And The First Rule of Cheat Protection In Multiplayer Games is "don''t trust the client". That means validate all data you get from the client; maintain all game state on the server; don''t send the client any information you wouldn''t want the player to see that very moment.

How appropriate. You fight like a cow.

I see, although that is a much harder task than just directly replacing the dll.

Out of curiosity, if I have a function pointer pointing to a dll function, is it possible to get to the actual binary definition of the function? In order to perform size and checksum tests on the actual code of the function? (actually this question is probably not as appropriate here, so ill post in in another forum)

And I assume using a DLL->Static Lib converter would definitly be illegal yes? Even if apropriate credit is clearly given..

[edited by - FearedPixel on September 12, 2003 7:48:11 AM]

quote: Original post by FearedPixel
And I assume using a DLL->Static Lib converter would definitly be illegal yes? Even if apropriate credit is clearly given..

It seems to me you need to think a bit about the purpose and philosophy of Open Source and, to some extent, Free Software. You talk like this library you are using, and its license, is your enemy, rather than your friend. Think/read some about it and you may be enlightened and solve your problem.

A GREAT book I recently read that deals with topics concerning you is The Art of Unix Programming, by Eric S. Raymond. Great book, although a bit biased.

[edited by - CWizard on September 12, 2003 11:46:42 AM]

quote: Original post by CWizard
It seems to me you need to think a bit about the purpose and philosophy of Open Source and, to some extent, Free Software. You talk like this library you are using, and its license, is your enemy, rather than your friend. Think/read some about it and you may be enlightened and solve your problem.

A GREAT book I recently read that deals with topics concerning you is The Art of Unix Programming, by Eric S. Raymond. Great book, although a bit biased.

[edited by - CWizard on September 12, 2003 11:46:42 AM]

No, I have nothing against the philosophy of open source, I am all for it. The problem is, that my project will fail if people can use customized versions of an open source library. Its as simple as that. The simple conclusion is that opens source libs are not the way forward for my project, and I accept that; not everything is suitable for everything.