Comments.
diff --git a/apps/s_client.c b/apps/s_client.c
index ff97f0b..b061041 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -142,7 +142,7 @@
 #ifdef FIONBIO
 	BIO_printf(bio_err," -nbio         - Run with non-blocking IO\n");
 #endif
-#ifdef APPS_CRLF
+#ifdef APPS_CRLF /* won't be #ifdef'd in next release */
 	BIO_printf(bio_err," -crlf         - convert LF from terminal into CRLF\n");
 #endif
 	BIO_printf(bio_err," -quiet        - no s_client output\n");
diff --git a/apps/s_server.c b/apps/s_server.c
index a78a4bc..9a81418 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -169,8 +169,8 @@
 static int s_nbio=0;
 #endif
 static int s_nbio_test=0;
-#ifdef APPS_CRLF
-	int s_crlf=0;
+#ifdef APPS_CRLF /* won't be #ifdef'd in next release */
+int s_crlf=0;
 #endif
 static SSL_CTX *ctx=NULL;
 static int www=0;
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 498cd9f..fbe4f66 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -413,7 +413,7 @@
 
 	/* if defined, these override the X509_verify_cert() calls */
 /**/	int (*app_verify_callback)();
-/**/	char *app_verify_arg; /* never used */
+/**/	char *app_verify_arg; /* never used; should be void * */
 
 	/* default values to use in SSL structures */
 /**/	struct cert_st /* CERT */ *cert;
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index b33658f..6d2511f 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -426,7 +426,7 @@
 		(char *)s);
 
 	if (s->ctx->app_verify_callback != NULL)
-		i=s->ctx->app_verify_callback(&ctx);
+		i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
 	else
 		{
 #ifndef NO_X509_VERIFY
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d99c7d9..e192fc4 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1142,6 +1142,11 @@
 
 void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,int (*cb)(),char *arg)
 	{
+	/* now
+	 *     int (*cb)(X509_STORE_CTX *),
+	 * but should be
+	 *     int (*cb)(X509_STORE_CTX *, void *arg)
+	 */
 	ctx->app_verify_callback=cb;
 	ctx->app_verify_arg=arg; /* never used */
 	}