Re: new release of pam-pkcs11?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: new release of pam-pkcs11?

Jonsy (teleline)
El lun, 29-08-2005 a las 15:13 +0200, Ludovic Rousseau escribió:
> Hello Jonsy,
>
> I would like to have an official release of pam-pkcs11 soon (say by
> mid-septembre).
> Do you think we can make a 0.5.3 release by that date?

Expected yes.

> What do you want to add or modify in the source code before a release?

1- I've just upload preliminary support for static linked mappers.
The idea is leave mappers that depends on external libraries
( ie: kerberos, ldap, or so ) as dynamic loadable modules, and get all
others statically linked together.

Remaining task is define in mapper.h and mapperlist.h the list
of modules that will be statically linked, and export internal
init() and data structures of each one. Expected to finnish in a
few days

2- opensc mapper is fake: just now is a copy of openssh mapper. Need
to get and parse certificates from ${HOME}/.eid/authorized_certificates
file.

Also, openssh mapper should be revisited: worked for me, but only
ssh-rsa keyformat is recognized, and not sure of correctness of the
code...

3- Dominik: ¿What is the state-of-the-art on your ldap mapper?
Could you submit then to svn before 15th Sept?

4- I'd like to add support for uri-based (not just file based)
ca_dir and crl_dir entries. But not sure if will be on time

5- libp11 integration is left to 0.6 release

Any other pending tasks?

Cheers
Juan Antonio

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel

signature.asc (196 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: new release of pam-pkcs11?

Dominik Fischer
Hi Juan, hi Ludovic,

I've got the ldap-mapper almost working. I think I can submit a version
to svn soon (before 15th, Sept). Supposably with some restrictions: no
support for multiple values for usercertificates in ldap, ...

Can I have write-access to svn?

Regards,
Dominik Fischer

Am Montag, den 29.08.2005, 15:38 +0200 schrieb Jonsy (teleline):

> El lun, 29-08-2005 a las 15:13 +0200, Ludovic Rousseau escribió:
> > Hello Jonsy,
> >
> > I would like to have an official release of pam-pkcs11 soon (say by
> > mid-septembre).
> > Do you think we can make a 0.5.3 release by that date?
>
> Expected yes.
>
> > What do you want to add or modify in the source code before a release?
>
> 1- I've just upload preliminary support for static linked mappers.
> The idea is leave mappers that depends on external libraries
> ( ie: kerberos, ldap, or so ) as dynamic loadable modules, and get all
> others statically linked together.
>
> Remaining task is define in mapper.h and mapperlist.h the list
> of modules that will be statically linked, and export internal
> init() and data structures of each one. Expected to finnish in a
> few days
>
> 2- opensc mapper is fake: just now is a copy of openssh mapper. Need
> to get and parse certificates from ${HOME}/.eid/authorized_certificates
> file.
>
> Also, openssh mapper should be revisited: worked for me, but only
> ssh-rsa keyformat is recognized, and not sure of correctness of the
> code...
>
> 3- Dominik: ¿What is the state-of-the-art on your ldap mapper?
> Could you submit then to svn before 15th Sept?
>
> 4- I'd like to add support for uri-based (not just file based)
> ca_dir and crl_dir entries. But not sure if will be on time
>
> 5- libp11 integration is left to 0.6 release
>
> Any other pending tasks?
>
> Cheers
> Juan Antonio

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel