From 557823f847e4e7651f123ba0665d79bd3adf9fc0 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Wed, 1 Apr 2020 17:42:47 +0200
Subject: [PATCH] MINOR: ssl: add a comment above the ssl_bind_conf keywords

Add a warning above the ssl_bind_conf keywords list so developers check
if their keywords are relevant for the list.
---
 src/ssl_sock.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 17d793998..7be6d1ccf 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -12716,6 +12716,9 @@ INITCALL1(STG_REGISTER, acl_register_keywords, &acl_kws);
  * the config parser can report an appropriate error when a known keyword was
  * not enabled.
  */
+
+/* the <ssl_bind_kws> keywords are used for crt-list parsing, they *MUST* be safe
+ * with their proxy argument NULL and must only fill the ssl_bind_conf */
 static struct ssl_bind_kw ssl_bind_kws[] = {
 	{ "allow-0rtt",            ssl_bind_parse_allow_0rtt,       0 }, /* allow 0-RTT */
 	{ "alpn",                  ssl_bind_parse_alpn,             1 }, /* set ALPN supported protocols */