Hi Raphaël,
Le 12/01/2015 17:10, Raphaël Enrici a écrit :
Dear all,
nice to meet you (first post since a very loooong time here).
As far as I understand it, when using the crt option of bind directive with a
directory as parameter, cert files from the specified directory are loaded...
Well, good, that's great :)
Today we faced an issue on two hosts working in active/passive mode
which lead us to some cold sweat...
(...)
>
It seems to be due to the use of readdir in the function ssl_sock_load_cert()
located in src/ssl_sock.c. As readdir does not guarantee any order or at least
not an alphabetical or time order, both the instance did not have the same
answer although the configuration were exactly the same.
(...)
Or may be the listing of certs could be alphabetically sorted although it may
break existing deployments and so may not be a good thing at all.
I have a small patch ready for this, I think I can send it tomorrow or
during the week-end.
--
Cyril Bonté
