Prevent joins as different player (within the lobby).
To achieve that, several things have been changed:
- The server and not the client chooses the GUID and sends it with the CSrvHandshakeMessage
- Added PM support to XmppClient
When lobby authentification is enabled, the server sets the LOBBY_AUTH_FLAG in CSrvHandshakeMessage.
The client recieving that, proves his identity, by sending the assigned guid back to the server via a Lobby xmpp Private Message.
When the server receives that, he sends an empty CAuthenticateMessage to the client to request the normal authentication message.
After the server received that message, it compares the sent playername with the username of the xmpp account.
Here is the whole procedure: