I have the same problem you do since there aren't any "blessed" compiled versions of gl-proquake for linux. I have tried putting the qsecurity.so file into the quake directory and it gets as far as "connected to a cheat-free server" but then hangs. This is most likely because the server asks the security module for some sort of checksum of the quake binary and the module returns the wrong one since you compiled it yourself.

The only way I can see to fix this is to get the proquake author to compile a gl version and add its key/checksum/whatever into the accepted list for the servers.
Even if he did that I still wouldn't be able to use it because v3.5 has an annoying titlebar problem that I had to fix before compiling it =/. Good thing there are active non-cheatfree servers

Its possible that some other clients like darkplaces might have cheatfree support under linux but I don't know for sure.

If you're really desperate you could try to reverse engineer the server's closed source counterpart module and figure out what it wants to hear

Well, since I guess nobody knows the answer or wants to help does anyone happen to have JPG's email address? I'd like to at least see if he is willing to do a quick compile and source modification so we can use GL in Linux. Thanks.

Strangely enough I was quaking today with p4r14h and he claimed to be running a pre-compiled gl-proquake that works on cheat-free and said he got it off the proquake site. I just checked the site again and its definitely not there, so if he's reading this thread maybe he'll chime in.

It's there, but it does not work for me. I get an sys_printf error and it will not load. This is due to a certain variable being set to 1024 instead of 2048 or 4096. So I still need to have JPG recompile a new GL version with this variable set correctly.

maybe it's the same one you're using mithril except he changed the checksum to be the same as the proquake cheatfree check

So it turns out there IS a gl-proquake binary for linux available from this site - click on the "File Downloads" link under "QuakeOne Help". For some reason the same file is not available from the actual proquake homepage.

I downloaded the file and it runs fine for me - I was able to connect to quake.crmod.com ok - didn't get any of those sys_printf errors you had. However it has that darn titlebar problem I've talked about in other threads, so I'll have to continue using the client I compiled. I'm surprised it won't work for you. There's nothing too special about my setup...

The cheat-free is based on CRC and Grossman digitally signed his builds (and the GLX build hosted here) and unless those work, you can't play on cheat-free servers because your self-compiled one isn't digitally signed by Grossman.

You could email JPG your build and see if he'll digitally sign it, his email address is on the ProQuake page.

/ProQuake + Linux ... what a mess. At least Mithril, you and Pariah get to work.

The whole concept of closed-source security modules / checksums applied to binaries etc. doesn't transfer very well to Linux. It is also an accident waiting to happen.

Operating systems are ever-changing. Proquake is not only apparently unmaintained, but also unmaintainable. Explanation:

It depends on a closed-source module that may very well cease to work with future kernel/glibc versions etc. Closed-source meaning that only one guy knows the arcane secrets.

It is checksummed or "signed" and thus can't be altered/recompiled if that should be required in the future (well it can, but cheat-free stops working.) Again, only one guy knows the details.

Of course I can see what the motivation is (security by obscurity) but that's asking for problems.

With the "security-module" approach, you're totally dependent on one developer (the guy who knows the secrets) to keep maintaining it (adapting it to new OS/kernel/library versions etc.) And that's where I say it becomes an accident waiting to happen.

Alternative: A community-wide trust system using keys. To log onto a cheat-free server, you'd require a "key" given to you by a trusted community member OR the server admin (like PGP for emails.)

The clients (and the dedicated server) would just need a simple facility to enter a security key (cvar) and the server would keep a table on which key belongs to which user. The admin (or even the community, via vote) could just invalidate a cheater's key (nearly instantly because the community is small - we're not talking battle.net proportions!) if the majority of experienced players decides that the guy's definitely cheating. *poof* gone is the key.

There, much more intelligent, grown-up and OS-independent.

We do have mod and engine coders, don't we.

What you're suggesting is just password protecting the server, although there would be multiple allowed passwords since there are multiple keys. Something like this would never work in a large gaming community, since how is a new player supposed to play if he doesn't know anyone to get the password from? I think the idea will fail also in the smaller quake community, because there are still players who just log on a few times a week to relax and play and may not know the other players very well - at least not well enough to contact them and get the key. So how are these players supposed to play?

I'm a big proponent of free software, and I hate the closed source solution to the cheating problem, but I have never heard of any other practical method. The multiplayer linux game "nettrek" had a long debate once about this and many were against a closed source solution, but no-one could come up with a better method, and the nettrek community is even smaller than the q1 community . They currently also use a closed source solution.

Plus, with your idea, if a cheater's key is invalidated, wouldn't that also invalidate the key of the guy who gave it to him, plus all the other keys given out by that guy?

How does PunkBuster work? I know I play America's Army and it connects to a PunkBuster server to check your files. I think that concept works on Windows and *nix machines doesn't it?