Red Hat Bugzilla – Bug 201351
pam_pkcs11 needs to record the certificate used.
Last modified: 2007-11-30 17:07:32 EST
Description of problem:
pam_pkcs11 will use a certificate to authenticate the user. It then needs to
pass that certificate to pam_krb so the pkinit engine can use that certificate
to get the kerberos credentials.
All of these bugs are being marked as targeted to be fixed in beta 2. However
only a subset of these bugs will be actual beta blockers. I am marking all of
these bugs a beta 2 target milestones.
Beta Blockers reflect bugs that are critical to this beta 2 release. Flags will
be set as appropriate on a case by case basis for each critical beta blocker.
Release Criteria match 16.d
Fixed in pam_pkcs11-0.5.3-21
Issuer is returned as a string in environment variable PKCS11_LOGIN_CERT_ISSUER
Serial number is returned as a hex string PKCS11_LOGIN_CERT_SERIAL
Closing out as included in latest RHEL5 builds (20061111.0)