Fossil SCM
Update sync.wiki for [12cc5bbf227e3].
Commit
a4c5a2a9618bf458cad1dcf9c46670e30e9af4669560fd5a925568e4bfc0188d
Parent
12cc5bbf227e390…
1 file changed
+10
-10
+10
-10
| --- www/sync.wiki | ||
| +++ www/sync.wiki | ||
| @@ -226,20 +226,20 @@ | ||
| 226 | 226 | from the server. The nonce is the SHA1 hash of the remainder of |
| 227 | 227 | the message - all text that follows the newline character that |
| 228 | 228 | terminates the login card. The signature is the SHA1 hash of |
| 229 | 229 | the concatenation of the nonce and the users password. |
| 230 | 230 | |
| 231 | -For each login card, the server looks up the user and verifies | |
| 232 | -that the nonce matches the SHA1 hash of the remainder of the | |
| 233 | -message. It then checks the signature hash to make sure the | |
| 234 | -signature matches. If everything | |
| 235 | -checks out, then the client is granted all privileges of the | |
| 236 | -specified user. | |
| 237 | - | |
| 238 | -Privileges are cumulative. There can be multiple successful | |
| 239 | -login cards. The session privilege is the union of all | |
| 240 | -privileges from all login cards. | |
| 231 | +When receving a login card, the server looks up the user and verifies | |
| 232 | +that the nonce matches the SHA1 hash of the remainder of the message. | |
| 233 | +It then checks the signature hash to make sure the signature matches. | |
| 234 | +If everything checks out, then the client is granted all privileges of | |
| 235 | +the specified user. | |
| 236 | + | |
| 237 | +Only one login in card is permitted. A second login card will trigger | |
| 238 | +a sync error. (Prior to 2025-07-21, the protocol permitted multiple | |
| 239 | +logins, treating the login as the union of all privilges from all | |
| 240 | +login cards. That capability was never used and has been removed.) | |
| 241 | 241 | |
| 242 | 242 | <h3 id="file">3.3 File Cards</h3> |
| 243 | 243 | |
| 244 | 244 | Artifacts are transferred using either "file" cards, or "cfile" |
| 245 | 245 | or "uvfile" cards. |
| 246 | 246 |
| --- www/sync.wiki | |
| +++ www/sync.wiki | |
| @@ -226,20 +226,20 @@ | |
| 226 | from the server. The nonce is the SHA1 hash of the remainder of |
| 227 | the message - all text that follows the newline character that |
| 228 | terminates the login card. The signature is the SHA1 hash of |
| 229 | the concatenation of the nonce and the users password. |
| 230 | |
| 231 | For each login card, the server looks up the user and verifies |
| 232 | that the nonce matches the SHA1 hash of the remainder of the |
| 233 | message. It then checks the signature hash to make sure the |
| 234 | signature matches. If everything |
| 235 | checks out, then the client is granted all privileges of the |
| 236 | specified user. |
| 237 | |
| 238 | Privileges are cumulative. There can be multiple successful |
| 239 | login cards. The session privilege is the union of all |
| 240 | privileges from all login cards. |
| 241 | |
| 242 | <h3 id="file">3.3 File Cards</h3> |
| 243 | |
| 244 | Artifacts are transferred using either "file" cards, or "cfile" |
| 245 | or "uvfile" cards. |
| 246 |
| --- www/sync.wiki | |
| +++ www/sync.wiki | |
| @@ -226,20 +226,20 @@ | |
| 226 | from the server. The nonce is the SHA1 hash of the remainder of |
| 227 | the message - all text that follows the newline character that |
| 228 | terminates the login card. The signature is the SHA1 hash of |
| 229 | the concatenation of the nonce and the users password. |
| 230 | |
| 231 | When receving a login card, the server looks up the user and verifies |
| 232 | that the nonce matches the SHA1 hash of the remainder of the message. |
| 233 | It then checks the signature hash to make sure the signature matches. |
| 234 | If everything checks out, then the client is granted all privileges of |
| 235 | the specified user. |
| 236 | |
| 237 | Only one login in card is permitted. A second login card will trigger |
| 238 | a sync error. (Prior to 2025-07-21, the protocol permitted multiple |
| 239 | logins, treating the login as the union of all privilges from all |
| 240 | login cards. That capability was never used and has been removed.) |
| 241 | |
| 242 | <h3 id="file">3.3 File Cards</h3> |
| 243 | |
| 244 | Artifacts are transferred using either "file" cards, or "cfile" |
| 245 | or "uvfile" cards. |
| 246 |