K 10
svn:author
V 3
des
K 8
svn:date
V 27
2011-11-20T15:18:49.290192Z
K 7
svn:log
V 435
key_load_private() ignores the passphrase argument if the private key
is unencrypted.  This defeats the nullok check, because it means a
non-null passphrase will successfully unlock the key.

To address this, try at first to load the key without a passphrase.
If this succeeds and the user provided a non-empty passphrase *or*
nullok is false, reject the key.

MFC after:	1 week
Noticed by:	Guy Helmer <guy.helmer@palisadesystems.com>

END