1. Mark Smithwick
  2. PowerBuilder
  3. Friday, 28 September 2018 15:44 PM UTC

Hello all,

We recently delivered an application to a client that is missing a runtime dll.  We sent a copy of this dll (pbacc170.dll in this case) to them to verify it did indeed resolve their issue. However, the client will not accept a direct delivery of this dll from us. They require that we provide a valid source for this dll. 

The dll we sent them was from our install of PB 2017 R3 (\Program Files\Appeon\Shared\PowerBuilder folder). Additionally, they will not accept  files from DLL archive sites such as  dlldump.com or driverskit.com either.

So, is there an official Appeon source from which our client can obtain an copy of this dll?

Thanks for any help,

Mark

 

Brad Mettee Accepted Answer Pending Moderation
  1. Saturday, 29 September 2018 13:06 PM UTC
  2. PowerBuilder
  3. # 1

Somewhat stream of thought here, but maybe something will help.

Why not use something like NSIS and have it install that one DLL. Codesign the installer, make it depend on the PBVM dll being present, and they shouldn't have a problem with it. Additionally, PBACC170.dll has the Appeon code signature itself, so they can compare an existing DLL (PBVM170 is also signed) that's already on one of their systems. Codesigning is designed exactly for things like this. One BIT changed in a codesigned file makes the signature invalid. They shouldn't be able to complain about the possibility of tampering.

If they're really concerned about sourcing. They can validate the DLL themselves, and copy it to the machines that need it. Are they aware that it's only a 22k dll file? (16k for the 64bit version)

It sounds like their IT guys are being deliberately obtuse. Strong security is one thing, but making it onerous, for a firm that already has a product in place, to correct a problem is not helpful.

Comment
There are no comments made yet.
Roland Smith Accepted Answer Pending Moderation
  1. Friday, 28 September 2018 17:16 PM UTC
  2. PowerBuilder
  3. # 2

pbacc170.dll is for accessibility features. If you can get them to disable accessibility in Windows, your app will no longer require it. They could do it temporarily until you are able to deliver a new installer.

Comment
There are no comments made yet.
Mark Smithwick Accepted Answer Pending Moderation
  1. Friday, 28 September 2018 16:32 PM UTC
  2. PowerBuilder
  3. # 3

Chris and David,

Thanks for the quick responses.

I suspected Appeon did not give access to source...just wishful thinking. 

Ultimately, a re-delivery is what is required and in a nice world this would be easy. However, here (this is a government agency) any package re-build requires a full test cycle before deployment. To which you may reply "how did it pass testing in the first place". That is a whole other story...

Thanks again for the responses.

Mark

Comment
There are no comments made yet.
David Peace (Powersoft) Accepted Answer Pending Moderation
  1. Friday, 28 September 2018 16:12 PM UTC
  2. PowerBuilder
  3. # 4

Similar to Chris,

But how did you ship the application to the client in the first place? Can you not build a new package with the missing dll and send them that as an update. They must have accepted the initial installer you sent them so would accept another from you as a legitimate source.

It would seem that you are looking for a solution for a problem that is not really there.

All the best

David

Comment
There are no comments made yet.
Chris Pollach @Appeon Accepted Answer Pending Moderation
  1. Friday, 28 September 2018 16:06 PM UTC
  2. PowerBuilder
  3. # 5

Hi Mark;

   No, Appeon does not publish any source code publically for any components of its various products & compilers.

   However, why not deliver the PB run-time via an MSI built by the PB Packager Utility?

Regards ... chris

Comment
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.