Fredrik Liljegren <[EMAIL PROTECTED]> writes:
> For reasons stated below, I think of adding pam to cvs. My thought is
> that it could be done by making "cvs login" more interactive and making
> the serving cvs-process forward the pam-modules messages to the client
> via the conv()-function.
> This would require another name for the protocol to make cvs still be
> compatible backwards. I suggest "pamserver". The communication between
> client and server would be exactly like pserver; and all after the
> authentication too. This would only be an "add-on" to pserver for those
> wanting to use PAM.
If you're going to generalize the authentication mechanism, I strongly
recommend generalizing it in the direction of SASL rather than just PAM.
They're not opposing ideas; in fact, PAM becomes considerably more useful
in more circumstances if you have SASL as well.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
