Projects/Master Key DAL Redesign
This project has been split out of Projects/Database Access Layer cleanup.
As of krb5 1.8, the DAL interface for master keys was very confusing. Some of the most glaring inefficiencies have been removed as part of simple cleanups, but the interface remains inconvenient for modules which do not implement master key encryption.
This project is to create a new design for the DAL access routines related to master key encryption. Specific desirables include:
- Modules which don't use master key encryption can simply decline to implement the relevant interfaces, rather than having to fake them out.
- Memory allocated by fetch_master_key_list (or equivalent) should be freed inside the module, not by the caller.
- Eliminate set_master_key_list and get_master_key_list, making the caller responsible for caching those.