This is a repost from dev/noobs topic becuase from a point of view other than mine, it twists the orignal topic, so i appolize to those parties who beleived this to be a hyjack.
You know i am curious i was talking with someone in irc last night and we debated for a bit, and finally came to an agreement.. so i wanted to put in my 2c.
First off, i have noticed that alot of this thread (not all of it) has to do with the way image was having a "powertrip" here, so i am going to touch on that here, because quite frankly i think its funny that the devs (like wiz wrote "But I really never wanted anything else than getting rid of the powertripping.") think that requiring people to use their login server isn't a "power trip", I mean after all, people can't run their server without a login server, and that gives the devs a feeling of "power" over the project.
First of all, as was put by my friend in irc (and is commented at the top of every single source/header/text file that is in the eqemu source) this project is protected, and follows the rules of the public GNU agreement.
Quote:
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
(( Copy of the GPL can be found
>>HERE<< ))
And there is a text file called GPL.txt in the source folder. So as such, it should follow the rules, one more important one follows
Quote:
|
The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.
|
And ofcourse this doesn't include the Operating system, or compiler etc.., however correct me if i am wrong, but as of 2 or 3 versions ago, (when mini login no longer worked) this program required
A Login Server.
The reason i put A in bold is to make the point, that no this project does not infact require YOUR login server. however it requires
A login server. But the problem with this fact is that, according to the GNU you must supply all aspects of the project that allow it to work, at compile time, This server source will not run without a login server.
You did infact at one time supply everything that was needed to run a server, (this is when minilogin worked) the problem was, you never released the source to minilogin, or atleast i have never seen one. It could be debated that under the GPL it does state that any code that is not copied or modifed from the program under the GPL, and you could by reading the source say it was written without any direct refrence to the program (hard to believe a server meant to work with another server doesn't have some direct refrence to it but <shrug>,) then it it isn't subject to the GPL and thus it can be closed source.
So now we see that in distributing a working minilogin you are IN A WAY following the rules, however... i just don't see how this can be correct if the minilogin has to directly connect and pipe all the information going into world.exe
And as such i would believe the true login server uses code that directly refrences or corilates with code in the standard eqemu source (Someone prove me wrong), and thus is considered a module of the program and as such, even though it may have be written with clearly identifiable code that has nothing to do with the eqemu server. (I.e. some of the interal workings of the login) it is subject to the following
Quote:
|
These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.
|
however you can also see in there if it is part of the whole, then no matter what it does, and who wrote it, it now becomes a part of the main project, and thus anyone should be able to find a copy of the login source at any time, by simply asking..
Now, again someone prove me wrong, but this also means minilogin source should have at anytime been at public grasp, and it was not.
So if this program does infact (which i would believe it does) contain code that is directly linked, or copied/modified from the code in the eqemu server code, its part of the whole ( i think i have said that enough times now).
But let me try to answer a question before any devs ask it.
that question would be of course, what about crypto?
Well there were a few things i was thinking about before i posted this, and i conducted a tiny experiment.
While running the following command in windump.exe (from
http://windump.polito.it/install/default.htm )
Code:
windump -s 1000 -x -i 2 port 5995 or port 9000 > info.txt
i the following packet info.
Code:
02:08:48.667321 IP Charmys.hostname.2487 > www.eqemulator.net.5995: UDP, length: 42
0x0000: 4500 0046 6fbc 0000 8011 8657 c0a8 0004 E..Fo......W....
0x0010: cf24 b4c2 09b7 176b 0032 8db3 0003 0400 .$.....k.2......
0x0020: 1500 0022 0009 0001 0200 0200 0000 0000 ..."............
0x0030: 0000 0000 6368 6172 6d79 0063 6861 6d6f ....charmy.$$$
0x0040: 6e69 7800 0000 $$$$$$$$...
(( Replaced a few things for my own protection )).
The $ represent characters in my password, which in the unmodifed file, is sent in pure plain text. with no encryption what so ever.
however after running windump.exe while running the eqlive version listening on all ports. i found an enourmous amount of server communication between my computer and the eqive login, but i found no evidence of plain text information, but plenty of cases where encryption is evident.
So my question is, where exactly does the eqemu crypto come into effect? My guess would be that the eqlive servers send some sort of command that tells the client what encryption algorithim to use, allowing them to change it from time to time, sadly i don't know the answer to this. but why is it that when using the eqemu login the names/passes are sent in plain text format.
With this, it doesn't seem as if there is any crypto going on at all.
I do not in anyway agree with the fact that they keep the login source to themselves, and that they do control 90% of the eqemu communties servers by making them pipeline all the server information through them first, before anyone can play on any of the servers..
And although i do not agree with it, the alternative is somthing i don't want to see, which ofcourse would be for them to close the project, but in that they would lose the support of the community (which is stated as the only alternative in the GPL, don't follow the rules, close the project).
And trust me there are several ways you could still get people out there to use the eqemu login without keeping the code to yourself.
- 1. You could not realease any binaries, ever, and atleast 30% of the people out there wouldn't have any way, or knowledge of how to compile it, thus they would use the eqemus login.
2. People don't have the kind of internet connection or computer resources that are required to support both a world server, sql server and login server, and as such they would want someone who could handle the workload needed and would use the eqemu login.
3. Release a working copy of minilogin source (yea that means it would have to be fixed), and then the community could update it as needed, and they could host their own privite server again. And if they wanted to host a public server they would have to use the eqemu login. This is a very viable solution, which would allow you to once again follow the rules of the GPL.
So ask yourself, as of right now, 99% of the servers based on eqemu use the public eqemu login servers, the devs have never offered the source to the login, as they should under the GNU GPL, call me stupid, but thats sounds alot like project control to me. I understand the devs don't want people going off and just taking the source as they see fit, and as such they require people to use their login so they will keep comming back, otherwise many people would possibly deadlock their client version, and never have to get new source code to work with the newer eqemu login server.
This in my book, could be defined as a "power trip" They sure seem to like having control over the project, (not managment over it, managing a project, and controling it are very different), and as such i think they would enjoy the power it gives them.
If anyone out there that has somthing meaningful to say other than, Shut the fuck up your stupid. Then i want to hear it, but don't make it all sum up to somthing stupid, and show me a funny picture that shows me how stupid you are.
Login Power~
. i can read little bashing if any.
Linear Mode
