From: Kaspar Brand <kbrand@apache.org>
Date: Wed, 9 Apr 2014 08:24:25 +0000 (+0000)
Subject: Update SSLPassPhraseDialog directive docs to correctly describe the
X-Git-Tag: 2.4.10~371
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=38b98d5c8b31835fcd599a49eec958a33d32cda9;p=apache

Update SSLPassPhraseDialog directive docs to correctly describe the
current behavior for "exec"-type programs in 2.4.x, at least.
The new argument structure is a consequence of r1573360 (backport
to 2.4.8 [unreleased]).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1585902 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/mod_ssl.html.en b/docs/manual/mod/mod_ssl.html.en
index 73ef658064..a6afad46d8 100644
--- a/docs/manual/mod/mod_ssl.html.en
+++ b/docs/manual/mod/mod_ssl.html.en
@@ -1258,11 +1258,16 @@ query can be done in two ways which can be configured by
 <li><code>exec:/path/to/program</code>
     <p>
     Here an external program is configured which is called at startup for each
-    encrypted Private Key file. It is called with two arguments (the first is
+    encrypted Private Key file.
+    For versions up to 2.4.7, it is called with two arguments (the first is
     of the form ``<code>servername:portnumber</code>'', the second is either
     ``<code>RSA</code>'', ``<code>DSA</code>'', or ``<code>ECC</code>''), which
     indicate for which server and algorithm it has to print the corresponding
-    Pass Phrase to <code>stdout</code>.  The intent is that this external
+    Pass Phrase to <code>stdout</code>.
+    Starting with version 2.4.9, it is called with one argument, a string of the
+    form ``<code>servername:portnumber:index</code>'' (with <code>index</code>
+    being a zero-based sequence number), which indicate the server, TCP port
+    and certificate number.  The intent is that this external
     program first runs security checks to make sure that the system is not
     compromised by an attacker, and only when these checks were passed
     successfully it provides the Pass Phrase.</p>
diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml
index 582dbd1cb4..ceda50a0aa 100644
--- a/docs/manual/mod/mod_ssl.xml
+++ b/docs/manual/mod/mod_ssl.xml
@@ -295,11 +295,16 @@ query can be done in two ways which can be configured by
 <li><code>exec:/path/to/program</code>
     <p>
     Here an external program is configured which is called at startup for each
-    encrypted Private Key file. It is called with two arguments (the first is
+    encrypted Private Key file.
+    For versions up to 2.4.7, it is called with two arguments (the first is
     of the form ``<code>servername:portnumber</code>'', the second is either
     ``<code>RSA</code>'', ``<code>DSA</code>'', or ``<code>ECC</code>''), which
     indicate for which server and algorithm it has to print the corresponding
-    Pass Phrase to <code>stdout</code>.  The intent is that this external
+    Pass Phrase to <code>stdout</code>.
+    Starting with version 2.4.9, it is called with one argument, a string of the
+    form ``<code>servername:portnumber:index</code>'' (with <code>index</code>
+    being a zero-based sequence number), which indicate the server, TCP port
+    and certificate number.  The intent is that this external
     program first runs security checks to make sure that the system is not
     compromised by an attacker, and only when these checks were passed
     successfully it provides the Pass Phrase.</p>
diff --git a/docs/manual/mod/mod_ssl.xml.meta b/docs/manual/mod/mod_ssl.xml.meta
index be20a51f56..736a11a017 100644
--- a/docs/manual/mod/mod_ssl.xml.meta
+++ b/docs/manual/mod/mod_ssl.xml.meta
@@ -8,6 +8,6 @@
 
   <variants>
     <variant>en</variant>
-    <variant outdated="yes">fr</variant>
+    <variant>fr</variant>
   </variants>
 </metafile>