Zandronum 1.3 Released

The Zandronum team is happy to announce the release of Zandronum 1.3! Aside from the usual truckload of fixes, this version brings some major new features, most notably, persistent storage based on an SQLite database backend and an optional (and still experimental) account system. Also included are a client-side option for overriding player colors and a server-side dmflag for sharing keys between players. The new version can be downloaded here. Further information about the release, including a full changelog, can be found here.

AlexMax said:

optional account system

hmmm

that said, I have good faith in Zandronum's team to use it for some kind of global fragstats system and/or to ban shitheads who blatantly cheat/DDoS servers rather than to police dissenting opinions

The zandronum community is not the cesspool that is zdaemon :-)

deathz0r said:

that said, I have good faith in Zandronum's team to use it for some kind of global fragstats system and/or to ban shitheads who blatantly cheat/DDoS servers rather than to police dissenting opinions

Torr and I wrote the protocol, and I am writing the authentication server. From day one, I decided that the system would be protected against bad actors in "source port administration", whatever that might actually mean in terms of Zandronum. What we have right now I believe empowers server administrators, empowers mod-makers, and most of all empowers the community.

Anybody can host an authentication server. Use of an authentication server is up to the individual server owners. They can elect to use whichever authentication server they wish, or no auth server. So if you're not a well behaved auth server administrator, server owners can elect to simply switch to another one (though there might be some migration pains in matching up usernames from the old system to the new, but it is certainly possible). Or if you're an jerk server administrator, people can just switch to another server that uses the same authentication server. The authentication server itself is open source and is licensed under the Affero GPL v3 - if a bad actor wants to add proprietary features they must build a new server that adheres to the authentication API from the ground up or release the source, they're not piggybacking off of our work.

It sounds scary and wild-westish, and right now it is - I'm hosting one that I develop on, best-ever.org is hosting one, there's another one used for testing that's floating around. However, I expect that as the system sees more use and the auth server becomes feature complete, there will be one or two 'canonical' servers that most server admins use. Eventually, when the authentication server reaches 1.0 and Zandronum 1.4/2.0 is released, I expect Zandronum.com to host the official one. But the fundamentals are still there - the community has an escape hatch if they so choose.

One important distinction, however, is that the authentication server only concerns itself with authentication, which means that there is no such thing as a built-in global experience system or anything like that. However, we did one better, there are now ACS hooks that allow you to retrieve the logged in state and username of an individual user, and paired with the new database API there are a number of exciting mods that have already sprung up, such as a player-aware ELO system for duels and rankers for jumpmaze-style race modifications. I'm sure an experience mod will be released soon, and that's probably just the start of the crazy stuff Zandronum modders will add in the coming months.

We're still working out the kinks. The authentication server works, but is not done yet, and player's might need to re-register occasionally as the database schema changes from now on, unless I'm REALLY careful about database migrations. The interface to logging in is nearly non-existant at this point - it's an inagme console command right now. The system also doesn't have many hooks in the game outside of ACS - you can blanketly prevent unauthenticated users from joining the game and that's about it, no whitelists/banlists/joinlists/whateverlists based on username, nothing of that sort. I don't think a player's logged-in name even shows up in their playerinfo. Like I said, the feature is still pretty experimental at this point. But it's out there.

After the protocol is finalized (the protocol used in 1.3 does not currently reflect the latest version of the authentication protocol, this will hopefully be rectified in a few days) and the authentication server reaches 1.0, I plan on bringing the feature to Odamex, if the patch will be accepted.

deathz0r said:

that said, I have good faith in Zandronum's team to use it for some kind of global fragstats system and/or to ban shitheads who blatantly cheat/DDoS servers rather than to police dissenting opinions

There are no plans to have a centralized stats system (stats will be local to server clusters, unless they choose to share/sync them with other clusters). Pretty much the only thing we plan to do is host an account server on zandronum.com which will hopefully be combined with a forum account and issue tracker account. I suppose in the future it could also be used for the bans you mention, but it wouldn't be particularly effective since not all servers will require an account (that feature is mostly for league/competitive play to be used in conjunction with stat tracking mods).

Congrats on the release!

About time.

Zandronum never seems to have many active servers when I play it, and sadly any servers from my own country are always dead.