From 760795a253919a83cedb4e47c1b46620f2c0d624 Mon Sep 17 00:00:00 2001
From: Neel Goyal <ngoyal@fb.com>
Date: Mon, 1 Feb 2016 05:52:01 -0800
Subject: [PATCH] Comments for SSLVerifyPeerEnum

Summary:
Document what the enum settings mean since they can be
somewhat confusing.

Reviewed By: shamdor-fb

Differential Revision: D2882929

fb-gh-sync-id: 74ec30132bf5d2dce42f51a0b7b30cf2fae12dbf
---
 folly/io/async/SSLContext.h | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/folly/io/async/SSLContext.h b/folly/io/async/SSLContext.h
index b6742bcc..538e41d5 100644
--- a/folly/io/async/SSLContext.h
+++ b/folly/io/async/SSLContext.h
@@ -77,10 +77,22 @@ class SSLContext {
      TLSv1
   };
 
-  enum SSLVerifyPeerEnum{
+  /**
+   * Defines the way that peers are verified.
+   **/
+  enum SSLVerifyPeerEnum {
+    // Used by AsyncSSLSocket to delegate to the SSLContext's setting
     USE_CTX,
+    // For server side - request a client certificate and verify the
+    // certificate if it is sent.  Does not fail if the client does not present
+    // a certificate.
+    // For client side - validates the server certificate or fails.
     VERIFY,
+    // For server side - same as VERIFY but will fail if no certificate
+    // is sent.
+    // For client side - same as VERIFY.
     VERIFY_REQ_CLIENT_CERT,
+    // No verification is done for both server and client side.
     NO_VERIFY
   };
 
-- 
2.34.1