Packets/Login/Vanilla
It's worth noting that, for build (1.1.2.4125), the client automatically disconnects after a successful login challenge and proof exchange and sends a reconnect packet right away instead of asking for the realm list.
Opcodes and Errors
See Login Packets. The opcode value corresponds to the packet name.
See Login Packet Results for result values.
See Login Packet Security Flags for security flag values. These are only used for and later.
Challenge packets
Client
See CMD_AUTH_LOGON_CHALLENGE_Client.
Server
See CMD_AUTH_LOGON_CHALLENGE_Server.
Proof packets
Client
See CMD_AUTH_LOGON_PROOF_Client.
Server
See CMD_AUTH_LOGON_PROOF_Server.
Reconnection challenge packets
Client
The reconnect client packet has the same format as CMD_AUTH_LOGON_CHALLENGE_Client except that the opcode field is 0x2 instead of 0x0.
Server
See CMD_AUTH_RECONNECT_CHALLENGE_Server.
Reconnection proof packets
Client
See CMD_AUTH_RECONNECT_PROOF_Client.
To check if the client proof is correct, the server must calculate SHA1(account_name | proof_data | challenge_data | session_key) and compare it to client_proof.
Server
See CMD_AUTH_RECONNECT_PROOF_Server.