dCache / xrootd4j

Implementation of the xrootd data access protocol in Java
Other
3 stars 8 forks source link

xrootd4j: fix source TLS check for TPC client #164

Closed alrossi closed 1 year ago

alrossi commented 1 year ago

Motivation:

The changes made in https://rb.dcache.org/r/13229/ silently affected the way the TLS requirements of the source server are determined for the third-party-client.

Since we no longer require any of those special properties to be set when the mode is STRICT, the client now thinks that the endpoint for the source does not support TLS (because when all those properties are false, the mode is set to NONE, which is now incorrect behavior).

Modification:

Deduce the server mode from the two CGI values for kXR_haveTLS and kXR_gotoTLS.

Result:

Correct TPC client behavior regarding the establishment of a secure connection.

Will require update of the libraries in dCache.

Target: master Request: 4.5 Request: 4.4 Request: 4.3 Requires-notes: yes Patch: https://rb.dcache.org/r/13925/ Acked-by: Tigran