From ff9693a15dbc820f1947f39c295313e0d8073447 Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Wed, 26 Aug 2009 23:12:47 +0000
Subject: [PATCH] Explanation and warnings about OPT_X_TLS_CTX and
 OPT_X_TLS_SSL_CTX.

---
 doc/man/man3/ldap_get_option.3 | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/doc/man/man3/ldap_get_option.3 b/doc/man/man3/ldap_get_option.3
index f444235f93..2a0890e0a5 100644
--- a/doc/man/man3/ldap_get_option.3
+++ b/doc/man/man3/ldap_get_option.3
@@ -653,13 +653,16 @@ and its contents need to be freed by the caller using
 This option is only valid for GnuTLS.
 .TP
 .B LDAP_OPT_X_TLS_CTX
-Sets/gets the OpenSSL CTX.
+Sets/gets the TLS library context associated with this handle.
 .BR invalue
 must be
 .BR "const void *" ;
 .BR outvalue
 must be
 .BR "void **" .
+When using the OpenSSL library this is an SSL_CTX*. When using other
+crypto libraries this is an OpenLDAP private structure. Applications
+generally should not use this option.
 .TP
 .B LDAP_OPT_X_TLS_DHFILE
 Gets/sets the full-path of the file containing the parameters
@@ -729,10 +732,13 @@ one of
 .BR LDAP_OPT_X_TLS_TRY .
 .TP
 .B LDAP_OPT_X_TLS_SSL_CTX
-Gets the OpenSSL SSL CTX;
+Gets the OpenSSL SSL CTX associated with this handle.
 .BR outvalue
 must be
 .BR "void **" .
+When using the OpenSSL library this is an SSL*. When using other
+crypto libraries this is an OpenLDAP private structure. Applications
+generally should not use this option.
 .SH ERRORS
 On success, the functions return
 .BR LDAP_OPT_SUCCESS ,
-- 
2.39.5