Peter, Daniel,
The recent commit 8a3d9425 which has introduced SSL passphrase support
has also added be-secure-common.c, which works similarly to
fe-secure-common.c but for the backend.
I was just reading this code area, when I noticed that
check_ssl_key_file_permissions is called by be-secure-openssl.c but the
routine is defined in be-secure.c, causing some back-and-forth between
the two files.
It seems to me that this routine should be logically put into
be-secure-common.c so as future SSL implementations can use it. This
makes the code more consistent with the frontend refactoring that has
happened in f75a959. I would not have bothered about this refactoring
if be-secure-openssl.c did not exist yet, but as it does I think that we
should bite the bullet, and do that for v11 so as a good base is in
place for the future.
A patch is attached.
Thanks,
--
Michael