KlassMaster obfuscation ....
shott at snf.stanford.edu
Mon Nov 19 18:23:09 PST 2001
Bill and Mike:
I think that I'm getting pretty close to having obfuscation working with the
new Zelix KlassMaster. They have a problem with 1.4 that Sun is aware of ...
so that if you actually run ZKM you have to run it under some other JDK, but
it seems to work with 1.4 beta 3 class files.
In any event, I've modified my copy of labnet/Makefile to use this stuff ...
it's a little different in that if you read in a jar file to be obfuscated we
can specify the directory in which the obfuscated file is stored ... but not
the name. In other words in the old days we used to read in coral.jar and
store the obfuscated file as coral-o.jar in the same directory. Now, it
appears as if it is easiest to read in coral.jar (stored in ~/labnet/lib) and
then store the obfuscated version as ~/labnet/lib/obfuscated/coral.jar. Then
during install, depending on whether obfuscation is on or not, we install
either coral.jar or obfuscated/coral.jar.
Since the development version isn't quite working, I've tried to test this by
obfuscating coral.jar, signed it (in the normal way), and then manually copied
it to coral-dev.jar. In other words, temporarily our "remote development
coral" is really "obfuscated production remote coral". When I do this, it
seems to work.
I probably won't check this in until we get the development system back when
we can test it more thoroughly.
Note, although we may not want to do it now, since we are now running local
clients and servers from jar files, we could consider obfuscating ALL of our
jar files: they would probably load incrementally faster and if anyone thinks
that they are going to "steal" coral, this may make it a bit more difficult
(depending on how closely we protect source access in our system, of course).
This would probably take a bit of playing around to figure out what we don't
need to obfuscate for each server ... and, of course, if we are obfuscating
everything, it makes it more difficult to diagnose error conditions (although
ZKM generates a nice listing that indicates that class
labnet.equipment.server.something was obfuscated to labnet.a.a.a, etc.).
In any event, I will probably play with this a bit more, but I think that we
can count on the fact that we can resume obfuscating the remote client the
next time that we make a major release.
More information about the coral