]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c4dc350) | patch
MINOR: ssl: load certificates in alphabetical order
authorCyril Bonté <cyril.bonte@free.fr>
Sat, 24 Jan 2015 23:16:08 +0000 (00:16 +0100)
committerWilly Tarreau <w@1wt.eu>
Sat, 24 Jan 2015 23:48:01 +0000 (00:48 +0100)
commit3180f7b55434f19ba65f262dea450c93c769228b
tree0524d953b661e4c4ad3b855835ab838a08ae5f1btree
parentc4dc35047d7bb8e308c3083dc63546006bf20766commit | diff
MINOR: ssl: load certificates in alphabetical order

As reported by Raphaël Enrici, certificates loaded from a directory are loaded
in a non predictive order. If no certificate was first loaded from a file, it
can result in different behaviours when haproxy is used in cluster.
We can also imagine other cases which weren't met yet.

Instead of using readdir(), we can use scandir() and sort files alphabetically.
This will ensure a predictive behaviour.

This patch should also be backported to 1.5.
doc/configuration.txt diff | blob | blame | history
src/ssl_sock.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git