On Thu, Jan 07, 2021 at 09:51:00AM +0200, Heikki Linnakangas wrote: > Hmm. Perhaps it would be best to change all the errors in mock > authentication to COMMERROR. It'd be nice to have an accurate error message > in the log, but no need to send it to the client.
Yeah, we could do that. Still, this mode still requires a hard failure because COMMERROR is just a log, and if only COMMERROR is done we still expect a salt to be generated to send a challenge back to the client, which would require a fallback for the salt if the one generated from the mock nonce cannot. Need to think more about that. >> Using separate fields looked cleaner to me if it came to debugging, >> and the cleanup was rather minimal except if we use more switch/case >> to set up the various variables. What about something like the >> attached? > > +1 Thanks, I have committed this part. -- Michael
signature.asc
Description: PGP signature
