LISTSERV 16.5 - XROOTD-DEV Archives

Hi,

 IMO disabling the session cache is not a good idea, as it will have
destructive consequences on the performance. Better to fix it if it's
broken.

Fabrizio



Il 13/04/20 22:25, Brian P Bockelman ha scritto:
> @wyang007 <https://github.com/wyang007> - you could reasonably argue
> that this and #750 <https://github.com/xrootd/xrootd/issues/750> are
> really issues with |XrdHttp| that are bypassed by |XrdLCMAPS|.
> 
>   * This ticket is caused because the session cache is not disabled in
>     |XrdHttp|. |XrdLCMAPS| does this when it is loaded.
>   * #750 <https://github.com/xrootd/xrootd/issues/750> is caused because
>     the |SSL_CTX| object is loaded at initialization by |XrdHttp| and a
>     corresponding |X509_STORE| is never refreshed. The |X509_STORE|
>     pointer is passed from |XrdHttp| to the VOMS library and things blow
>     up when VOMS attempts the CRL check (note the error message from
>     #750 <https://github.com/xrootd/xrootd/issues/750> is from
>     |libvomsapi|, not OpenSSL). |XrdLCMAPS| isn't affected because it
>     doesn't use |XrdHttp|'s |X509_STORE| object periodically reloads its
>     |X509_STORE| objects every 10 minutes (it also gets a bit clever in
>     that is hashes the activity over 63 copies of the cert store so
>     multiple threads don't have to share a single global mutex).
> 
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <https://github.com/xrootd/xrootd/issues/1177#issuecomment-613080475>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AA7NRDTQ3WO5FGW7BZ7IMWTRMNYJ3ANCNFSM4MG7LP2A>.
> 
> 
> ------------------------------------------------------------------------
> 
> Use REPLY-ALL to reply to list
> 
> To unsubscribe from the XROOTD-DEV list, click the following link:
> https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1
> 

########################################################################
Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1