Beno, Tal wrote:
> *Quick legal question please:*
>
> I want to extend Wireshark (tshark) with one proprietary dissector. I
> want it to save the data into a file and I will read the file with my
> commercial process.
>
> Can I package it as part of my commercial product that way? Does the
> LGPL license mean that my dissector code is automatically also an open
> source and freely distributed to parties that I sell to? Is there any
> way for me to keep that one dissector proprietary?
Firstly, I'm not aware of any lawyers on the wireshark-users list. It's
a great place for technical questions, but you should contact an actual
attorney about this.
Secondly, Wireshark is distributed under the GPL version 2. The LGPL is
a separate license with different terms.
When you ship a dissector with Wireshark, it constitutes something
called a "combined work". This means that your dissector is subject to
the terms and conditions of the GPLv2. As a general rule, you can keep
your dissector proprietary as long as you keep it private within your
organization. The instant you distribute your dissector externally, you
need to make its source available.
Is a proprietary dissector an absolute requirement? Keep in mind that
it's nearly impossible to keep someone from reverse-engineering your
protocol. Microsoft, U.C. Berkeley, and the U.S. Air Force all say so,
so it must be true:
http://research.microsoft.com/en-us/um/people/helenw/papers/discoverer.pdf
http://handle.dtic.mil/100.2/ADA484312
http://www.breakingpointsystems.com/community/blog/automated-protocol-reverse-engineering