11 Apr
2013
11 Apr
'13
2:58 p.m.
Timo Sirainen <tss@iki.fi> wrote:
By this I think you don't mean special authentication mechanisms, or even AUTHENTICATE PLAIN mechanism, but you mean that someone is using LOGIN command in such a kludgy way that the password field is over 1024 bytes long?
This is for pam_saml. The webmail sends a signed SAML assertion as the password, and the PAM module validates it.
You did support in in 1.x and it did not harm anyone...
-- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@netbsd.org