- if (S_ISREG (st.st_mode))
- gnutls_certificate_set_x509_trust_file (credentials, ca_file,
- GNUTLS_X509_FMT_PEM);
+ while ((dent = readdir (dir)) != NULL)
+ {
+ struct stat st;
+ char ca_file[dirlen + strlen(dent->d_name) + 2];
+
+ snprintf (ca_file, sizeof(ca_file), "%s/%s", ca_directory, dent->d_name);
+ if (stat (ca_file, &st) != 0)
+ continue;
+
+ if (! S_ISREG (st.st_mode))
+ continue;
+
+ /* avoid loading the same file twice by checking the inode. */
+ if (hash_table_contains (inode_map, (void *)(intptr_t) st.st_ino))
+ continue;
+
+ hash_table_put (inode_map, (void *)(intptr_t) st.st_ino, NULL);
+ if ((rc = gnutls_certificate_set_x509_trust_file (credentials, ca_file,
+ GNUTLS_X509_FMT_PEM)) <= 0)
+ logprintf (LOG_NOTQUIET, _("ERROR: Failed to open cert %s: (%d).\n"),
+ ca_file, rc);
+ else
+ ncerts += rc;
+ }