Kaspar Brand wrote: > On 19.05.2014 10:15, Plüm, Rüdiger, Vodafone Group wrote: >> Maybe stupid idea, but can't we do that once and hand it out over >> and over again? >
> >> So something like: > > Looks good to me. I suggest adding a short comment which explains > the rationale for using dh and dh_tmp (the SSL_CTX_set_tmp_dh_callback(3) > man page e.g. doesn't make it clear that reusing the parameters > within the lifetime of a process is actually a must to prevent memory > from leaking). Thanks for the detailed review. r1597349. Feel free to tune the comment. Regards Rüdiger
