Hello,

I understand that you were trying to remove opendir, which is good idea.
However, I find it kind of confusing: if ssl_sock_load_ckchs() returns an
error, this error will be added to the "unable to scan directory" message, and
at this point it is not trying to scan a directory anymore.

However, there is already a call to stat(), we could probably skip the
call to opendir() by checking S_IFDIR in the stat structure.


>               n = scandir(path, &de_list, 0, alphasort);
>               if (n < 0) {
> -                     memprintf(err, "%sunable to scan directory '%s' : 
> %s.\n",
> -                               err && *err ? *err : "", path, 
> strerror(errno));
> -                     cfgerr |= ERR_ALERT | ERR_FATAL;
> -             }
> -             else {
> +                     memprintf(err, "%sunable to scan directory '%s': %s; "
> +                                     "trying to load as file.\n",
> +                                     err && *err ? *err : "", path, 
> strerror(errno));
> +                     ckchs = ckchs_load_cert_file(path, 0,  err);
> +                     if (!ckchs)
> +                             return ERR_ALERT | ERR_FATAL;
> +                     return ssl_sock_load_ckchs(path, ckchs, bind_conf, 
> NULL, NULL, 0, err);
> +             } else {

-- 
William Lallemand

Reply via email to