xrootd.security.tls.mode should immediately
tell the client to goToTLS on the kXR_protocol request if the mode is STRICT. This is not
happening because of a small oversight in two
places in the TLS session config.
Modification:
Provide the missing checks and side-effects.
Result:
The difference between STRICT and OPTIONAL
now behaves as expected.
Motivation:
xrootd.security.tls.modeshould immediately tell the client togoToTLSon thekXR_protocolrequest if the mode isSTRICT. This is not happening because of a small oversight in two places in the TLS session config.Modification:
Provide the missing checks and side-effects.
Result:
The difference between
STRICTandOPTIONALnow behaves as expected.Target: master Request: 4.5 Request: 4.4 Request: 4.3 Request: 4.2 Requires-notes: yes (with the subsequent dcache pom.xml update). Patch: https://rb.dcache.org/r/13851/ Acked-by: Dmitry