Hi guys,
- We have a 100% reproducible case with bare Xrootd where, when session reuse is enabled
gfal2
breaks and when session reuse is disabled from the client side, gfal2
works.
- We have logging lines from the server that states clearly the peer cert chain pointer is
0x0
for reused sessions.
- We have the OpenSSL code to look at as well. Here's the code serializing the session: https://github.com/openssl/openssl/blob/OpenSSL_1_1_0-stable/ssl/ssl_asn1.c#L69. It clearly copies out the peer cert but not the cert chain (also verified this with other older versions of the file).
To me, this is sufficient - the server logs, the client behavior, and the OpenSSL code all line up. What further are we looking for?
Brian
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/xrootd/xrootd/commit/14a693077f201e4b6a30973456008eaa23c53e2d#commitcomment-38798320",
"url": "https://github.com/xrootd/xrootd/commit/14a693077f201e4b6a30973456008eaa23c53e2d#commitcomment-38798320",
"name": "View Commit"
},
"description": "View this Commit on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1