Hello,

It seems that all versions of BIND with native PKCS#11 support are limited to 
32 bytes of PIN length and didn't actually check the PIN length which can 
later cause login failures.

First patch adds check for PIN length to prevent too long PINs from causing 
login failures later.

Second patch extends maximal PIN length to 1023 bytes so it should be enough 
for everyone including me :-)

Patches are also in Git branch 'pinlen' on my Github:
https://github.com/spacekpe/bind/tree/pinlen

Have a nice day!

-- 
Petr Spacek  @  Red Hat