* modules/ssl/ssl_private.h: Clarify comment on modssl_pk_server_t.

author Joe Orton <jorton@apache.org>

Fri, 11 Feb 2011 09:48:00 +0000 (09:48 +0000)

committer Joe Orton <jorton@apache.org>

Fri, 11 Feb 2011 09:48:00 +0000 (09:48 +0000)
author Joe Orton <jorton@apache.org>
Fri, 11 Feb 2011 09:48:00 +0000 (09:48 +0000)
committer Joe Orton <jorton@apache.org>
Fri, 11 Feb 2011 09:48:00 +0000 (09:48 +0000)
diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h

index 7c7cda84b46e03acace35b06e6023cce2f8d318d..99635c8dad7cdb24e184ff62f0cc06ad64c6cfb7 100644 (file)
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -446,14 +446,19 @@ typedef struct {
      } rCtx;
  } SSLModConfigRec;
  
-/** public cert/private key */
+/** Structure representing configured filenames for certs and keys for
+ * a given vhost, and the corresponding in-memory structures once the
+ * files are parsed.  */
  typedef struct {
-    /** 
-     * server only has 1-2 certs/keys
-     * 1 RSA and/or 1 DSA
-     */
+    /* Lists of configured certs and keys for this server; from index
+     * 0 up to SSL_AIDX_MAX-1 or the first NULL pointer.  Note that
+     * these arrays are NOT indexed by algorithm type, they are simply
+     * unordered lists. */
      const char  *cert_files[SSL_AIDX_MAX];
      const char  *key_files[SSL_AIDX_MAX];
+    /* Loaded certs and keys; these arrays ARE indexed by the
+     * algorithm type, i.e.  keys[SSL_AIDX_RSA] maps to the RSA
+     * private key. */
      X509        *certs[SSL_AIDX_MAX];
      EVP_PKEY    *keys[SSL_AIDX_MAX];
author	Joe Orton <jorton@apache.org>
	Fri, 11 Feb 2011 09:48:00 +0000 (09:48 +0000)
committer	Joe Orton <jorton@apache.org>
	Fri, 11 Feb 2011 09:48:00 +0000 (09:48 +0000)