Client Server handshake
The client/server handshake sequence begins when the client side calls
CL_CheckForResend(). If the client is not yet connected to a server, the connection handshake ensues with a sequence of OOB commands in roughly the following order:
- Client sends a getKeyAuthorize command that contains its CD key to
- Client sends a getchallenge command to server.
- Server sends a getIpAuthorize command with client's IP address to
- Auth server sends a "ipAuthorize" command back to server. If a client with the given IP has submitted a getKeyAuthorize command with a valid CD key in the last 15 minutes, the "ipAuthorize" command will contain an "accept" status.
- Server sends a challengeResponse command to the client that contains a randomly generated challenge key.
- Client responds with a connect command that contains the given challenge key.
- Server responds back with a connectResponse command to acknowledge a successful connection.
- If the client and server are on the same LAN, neither side bothers to authorize with the authorize server.
- If the server does not receive a response from the authorize server after a while, the client will be let in anyway.
- Since these commands are sent via UDP, which does not guarantee delivery, there is some resending involved on both sides when it does not receive a timely response.