When i first looked at the pem_passphrase_callback() function in ssl.c, I
though that the intention was to save the passphrase so the key could be
reloaded after a ping-restart, because you use:
static char passbuf[256];
So, I was surprised when my GUI now asked me for the passphrase a second
time (after a ping-restart).
A closer look at the function revealed that you do a CLEAR(passbuf)
before returning.
So, I just wonder, was the intention to save the passphrase or not? If
not, why do declare passbuf as static?
Also, is it safe todo
if (!strlen (passbuf))
when passbuf has not get been assigned any string?
--
_____________________________________________________________
Mathias Sundman (^) ASCII Ribbon Campaign
NILINGS AB X NO HTML/RTF in e-mail
Tel: +46-(0)8-666 32 28 / \ NO Word docs in e-mail
