Many apologies; this got filed into my spam folder and I only just found it.
On 4/11/22 11:09, Teo Klestrup Röijezon wrote: > profile_init_vtable() (or building it with profile_add_relation()) would be > ideal, yes. [...] > However, the kadm5_init_*() family of functions (via init_any()) calls > kadm5_get_config_params(), which in turn always loads its own profile by > calling > krb5_aprof_init() with a hard-coded choice of either DEFAULT_PROFILE_PATH or > DEFAULT_KDC_PROFILE. This _is_ possible to override with environment > variables, but that's a pretty big ask when linking to the library in-process. I think this is a bug; the init functions and kadm5_get_config_params() should use the profile object from the context argument. I have a candidate patch that passes tests. Unfortunately I don't think there's a viable workaround beyond the options you have already considered. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
