oh great it's right next to a string buffer labeled "verify_password"

I'm sure that'll come in handy

oh my god

I think this is even easier than I thought.

So the function looks basically like this:
validate_authorization_code (serial_number, expiration_date, max_users, authorization_code), right?

and it takes the serial number and expiration_date and max_users and confirms the authorization_code matches some hash or something to make sure it fits those serial numbers and expiration_date and max_users

a less sensible way to do this would be to have validate_authorization_code be implemented like this:

correct_authorization_code = generate_authorization_code(serial, expiration, max_users);
return strcmp(correct_authorization_code, authorization_code) == 0;

the authorization_code generator has an "encrypt" parameter that does some simple XORing

this code passes 0 for it, so that's not even turned on

the most infuriating thing in computers is when you have a program that does X, so you modify it, and it still does X. so you modify it more, and it still does X. so you change a bunch of stuff, and it still does X.

AM I MAKING CHANGES OR NOT? STOP IGNORING ME

these punks put in a specific check for the "add serial number authorization" dialog changing the serial number.
So you're allowed to add more users, extend expiration date, but not change your base serial.

mean. time to add more 0x90s

the worst part is that the config file is named something like ".config"

perfectly normal filename, on unix. on NT4, windows won't let you create it, or rename to it