Joel Sing wrote: > > tls_configure_keypair() -> return EWANTSPASSWORD -> application decides how > > to proceed, possibly asking for password, calls > > tls_configure_keypair_this_time_with_password(). > > I'm not sure that I'd consider that sane. We already have tls_load_file() for > this purpose, although admittedly the API there could probably be friendlier. > Do we really want tls_configure_keypair() to become "maybe encrypted, maybe > unencrypted"? I'm not convinced that we should really be making libtls expect > to be dealing with encrypted keys at that point.
oh, i think the current API is fine. tls_load_file is the function i was proposing we add. :)
