I am not sure whether this is indeed a bug in the xrootd client, but am posting this issue to get some feedback to verify if the dCache pool (data server) is doing everything it should be doing.
Below, please find three logs: the xrdcp log, the dCache door log and the dCache pool log.
Configuration for the run is as follows:
xrdcp500 -f -d 3 xroots://dmsdca15.fnal.gov:1094//pnfs/fs/usr/test/arossi/volatile/tls-5/testdata /dev/null >& xrdcp.log
The dCache door (manager) is configured:
GSI TLS LOGIN STRICT
which, in terms of the xrootd server configuration, would be equivalent to
xrootd.tls login
plus GSI settings.
The pool (data server) is configured:
TLS OFF
which means no TLS support.
As you can see, the transfer succeeds.
I direct your attention to the pool log in particular:
[] Sending protocol message with server flags mode: OFF, flags: 1 ...
that is, the protocol response flag has only the least significant bit set, so there are no TLS directives sent back to the client.
I note in the client log that there is no indication that the client is trying to do TLS on the redirected endpoint. I would expect a login failure, however, because the transfer uses 'xroots' and the pool (data server endpoint) does not support it.
If there is something else that needs to be done in order to get the client to fail in this case, or if the client shouldn't fail (though I would expect it to), I'd appreciate hearing the details.
Thanks, Al Rossi
xrdcp.log
xrootd-gsi-dmsdca15Domain.log
dmsdca21-Domain.log
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1