[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL OTP and syncrepl
> IMO, OTP is inherently incompatible with replicas because a client can
> authenticate to each replica with what is intended to be a one time
> password. The only way to preclude this is, as was basically suggested,
> is to chain it to the master such that each password can only be used one
> time.
I have an "easy" fix in this direction; however, I stumbled into another
issue: if slapo-chain(5) gets involved in an internal operation, it does
not honor custom callbacks registered for the internal operation, and
rather attempts to return the result to the caller. As a consequence, I
need to address this issue first, before solving the original one.
p.