Don't blindly use PKCS11 slot IDs in PKINIT

Passing invalid slot IDs to C_OpenSession can cause some PKCS #11
implementations (such as the Solaris one) to crash.  If a PKINIT
identity specifies a slotid, use it to filter the result of
C_GetSlotList, but don't try it if it does not appear in the list.

https://github.com/krb5/krb5/commit/ac406bac3d73a7e4efcc74adbb90c722457da969
Author: Greg Hudson <ghudson@mit.edu>
Commit: ac406bac3d73a7e4efcc74adbb90c722457da969
Branch: master
 src/plugins/preauth/pkinit/pkinit_crypto_openssl.c |   27 +++++++++----------
 1 files changed, 13 insertions(+), 14 deletions(-)