We're looking at several distinct OTP types for user/WAS combinations, and I found that the webkdc-validate remctl command does not pass the OTP type along. It looks like we can get around it by prefixing the OTP itself with the type. Is there a better way to inform the webkdc-validate logic of the OTP type to validate?
I'll defer just sending patches along until told to send them this time. :) Lastly, the excellent documentation on http://webauth.stanford.edu/install-multifactor.html needs a minor update for the webkdc-userinfo remctl command parameters, which is missing the WAS as the 5th param. Ben
signature.asc
Description: Message signed with OpenPGP using GPGMail
