Yeah, I guess you're right.

Hmm, good point. I was thinking more of perhaps having it encrypt the pw into the db by a fashion (or more just put it in raw, and read it like that or something) perhaps the same as ignoring it which would be another way to go.
Either way, it doesn't need to store pws, since it is a private access server only, and if it's encrypted in the db, that should be fine as well. Just not source then at that point, and precompiled.

Why are you wasting your time debating this? Source code will not be released. a full version of a login server will not be released. be happy we give out minilogin at all....


You give them the world and they still want more.

You just don't get it, we don't give a damn if you know the passwords of ppl logging into your login server, we care about people getting the encryption from client->server, because we can't alter it, its the same as eqlive's and we aren't going to let someone go off and start packetlogging EQ passwords.

To add: DLL's are linked to exes so someone could take the DLL and make it into a DLL useable by a packetcollector, get the idea?

Do not try to argue that statement because they have the DLL on their computer and any modifying that needs to be done to the DLL they can and will do.

Hey, wasn't trying to piss anyone off, was just trying to be helpful in general, sorry for trying guys.

Yes

Don't want to argue.

I just wanted to state what I was thinking. Someone makes an open source login for example, as a basic framework with functionality of little things like checking ip's etc etc.
In the source code would be a blank function to encrypt and decrypt whatever and it's left blank. Then the source is submitted for approval to the EQEMu team to overlook it and if it's deemed ok to use, the dev team inserts the functions and then releases the binary. No one other than the devs would still have access the the secret information but, other people who want to help could make the basic program for approval.

That was my line of thinking on that part. I know you guys are right and the encryption/decryption routines shouldn't be given out.

Secondly, I thought as far as DLLs go, it's basically a header file with functions in it, and you just call those functions to do what you want. Am I wrong in that assumption? I know shit about how windows works.


PS-THIS IS NOT AN ARGUMENT I just want to discuss some ideas and stuff. It is by no means to cause trouble or anything, just to learn. Just in this post, I have learned the overview and I guess it helps with having a better understanding of the entire structure.

DLLs are compiled binaries in essence are they not?

Anyways this conversation is is very deja-vu. I'm sure I missed past threads regarding the closed source decryption used by EQEMu but I was whitness to many such threads over at the ShowEQ boards.

Best to keep the decryption out of the hands of the masses.

Yeah I know I didn't want to stir up anything heh!

My understanding of a DLL is it is compiled but, it has "holes" where the program using it hooks into to be able to use the funcions not access the data unless the function specifically says it can. In this case, the function would pass the secret stuff over to the program for handling.

Anything that can be used in many different programs, best to put into a DLL and release an API so the programs you wrtie can actually use the functions in the DLL. Better than writing source code every single time =)

Ok, I won't post anymore... I have those hairs standing on end on my neck... something bad is abo.......

Not saying you were im saying not to argue it :P

Its pointless to try putting in checks because the exe/dll is on your computer and you can just hex edit it, so anything could be disabled.

Carp I just got laid off... something bad did happen =P