global: session 2.0
2176d09ba1a9
Actions

Authored by Marco Neumann <marco@crepererum.net> on May 26 2015, 09:22.

Description

global: session 2.0

Implements session signing. This avoids cache request for invalid sessions and reduces the DDoS attack surface.

Removes IP address storage+checks. This avoids data privacy issues and enables users with multiple connections (e.g. WIFI+LTE, multiple WIFI connections on trains+stations) to stay signed in.

INCOMPATIBLE Drops all active sessions during upgrade. Might result in log entries about non-restorable sessions.

Signed-off-by: Marco Neumann <marco@crepererum.net>

Committed

Marco Neumann <marco@crepererum.net>

May 26 2015, 13:20

Parents

R3600:275cc2a106a6: global: LZMA serializer

Branches

Unknown

Tags

Unknown

Marco Neumann <marco@crepererum.net> committed R3600:2176d09ba1a9: global: session 2.0 (authored by Marco Neumann <marco@crepererum.net>).May 26 2015, 13:20