Add comments

2 files changed, 5 insertions, 1 deletions

diff --git a/src/rabbit_access_control.erl b/src/rabbit_access_control.erl
index 222820f5d9..954d003991 100644
--- a/src/rabbit_access_control.erl
+++ b/src/rabbit_access_control.erl
@@ -133,9 +133,11 @@ get_authz_data_from({socket, Sock}) ->
 get_authz_data_from(undefined) ->
     undefined.
 
+% Note: ip can be either a tuple or, a binary if reverse_dns_lookups
+% is enabled and it's a direct connection.
 -spec check_vhost_access(User :: rabbit_types:user(),
                          VHostPath :: rabbit_types:vhost(),
-                         AuthzRawData :: {socket, rabbit_net:socket()} | {ip, inet:ip_address()} | undefined) ->
+                         AuthzRawData :: {socket, rabbit_net:socket()} | {ip, inet:ip_address() | binary()} | undefined) ->
     'ok' | rabbit_types:channel_exit().
 check_vhost_access(User = #user{username       = Username,
                                 authz_backends = Modules}, VHostPath, AuthzRawData) ->
diff --git a/src/rabbit_direct.erl b/src/rabbit_direct.erl
index d928b7df1a..6a3cafbc28 100644
--- a/src/rabbit_direct.erl
+++ b/src/rabbit_direct.erl
@@ -182,6 +182,8 @@ notify_auth_result(Username, AuthResult, ExtraProps) ->
     rabbit_event:notify(AuthResult, [P || {_, V} = P <- EventProps, V =/= '']).
 
 connect1(User, VHost, Protocol, Pid, Infos) ->
+    % Note: peer_host can be either a tuple or
+    % a binary if reverse_dns_lookups is enabled
     PeerHost = proplists:get_value(peer_host, Infos),
     try rabbit_access_control:check_vhost_access(User, VHost, {ip, PeerHost}) of
         ok -> ok = pg_local:join(rabbit_direct, Pid),