Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.420 (Entity 5.420) Subject: kdb5_ldap_util broken by virtualization of krb5_dbekd_encrypt_key_data X-RT-Original-Encoding: iso-8859-1 Content-Length: 737 The merge of Luke's code in r21690 changed krb5_dbekd_encrypt_key_data into a virtual function indirecting through lib_handle. This breaks kdb_ldap_util, which uses a dal_handle with a NULL lib_handle and makes direct calls to libkdb_ldap and (formerly) non-virtual functions in libkdb. The reason for using this faked-up dal_handle is that there is possibly no valid LDAP back end to open. Sam's opinion is that the best fix is to expose kdb_setup_lib_handle, thus allowing kdb5_util to set up a dal_handle with a valid lib_handle (and then fill in the db_context itself, as it does now). There is also the option of using a krb5_db_create or krb5_db_open depending on the kdap_ldap_util operation, and adjust the code accordingly.