Cleanse memory using the new OPENSSL_cleanse() function.

		if (buff)

			{

			memset(buff,0,(unsigned int)bufsiz);

			OPENSSL_cleanse(buff,(unsigned int)bufsiz);

			OPENSSL_free(buff);

			}

			{

			BIO_printf(bio_err, "User interface error\n");

			ERR_print_errors(bio_err);

			memset(buf,0,(unsigned int)bufsiz);

			OPENSSL_cleanse(buf,(unsigned int)bufsiz);

			res = 0;

			}

		if (ok == -2)

			{

			BIO_printf(bio_err,"aborted!\n");

			memset(buf,0,(unsigned int)bufsiz);

			OPENSSL_cleanse(buf,(unsigned int)bufsiz);

			res = 0;

			}

		UI_free(ui);

		}

	pkey = load_key(bio_err, keyfile, keyform, 0, key, e, 

		"CA private key");

	if (key) memset(key,0,strlen(key));

	if (key) OPENSSL_cleanse(key,strlen(key));

	if (pkey == NULL)

		{

		/* load_key() has already printed an appropriate message */

end:

	if (buf != NULL)

		{

		memset(buf,0,BUFSIZE);

		OPENSSL_cleanse(buf,BUFSIZE);

		OPENSSL_free(buf);

		}

	if (in != NULL) BIO_free(in);

			 * bug picked up by

			 * Larry J. Hughes Jr. <hughes@indiana.edu> */

			if (str == strbuf)

				memset(str,0,SIZE);

				OPENSSL_cleanse(str,SIZE);

			else

				memset(str,0,strlen(str));

				OPENSSL_cleanse(str,strlen(str));

			}

		if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))

			{

	if (con != NULL) SSL_free(con);

	if (con2 != NULL) SSL_free(con2);

	if (ctx != NULL) SSL_CTX_free(ctx);

	if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); }

	if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); }

	if (mbuf != NULL) { memset(mbuf,0,BUFSIZZ); OPENSSL_free(mbuf); }

	if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }

	if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }

	if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }

	if (bio_c_out != NULL)

		{

		BIO_free(bio_c_out);