Client enforces this mode by setting XrdSecGISNOPROXY = 1.
Key file must be pass-less for this work.
NB: if the key-file is pass-less and XrdSecGISNOPROXY = 0 (default) authentication still works with the usual protocol, i.e. creating a proxy and using that for the handshake. Setting XrdSecGISNOPROXY = 1 avoids those additional steps.

You can view, comment on, or merge this pull request online at:

https://github.com/xrootd/xrootd/pull/1493

Commit Summary

Add support for reading the private key from a separate file
Add support for pure cert/key authentication (no proxy)

File Changes

M src/XrdCrypto/XrdCryptoFactory.hh (2)
M src/XrdCrypto/XrdCryptosslAux.cc (20)
M src/XrdCrypto/XrdCryptosslAux.hh (4)
M src/XrdSecgsi/XrdSecProtocolgsi.cc (73)
M src/XrdSecgsi/XrdSecProtocolgsi.hh (9)
M src/XrdSecgsi/XrdSecgsiProxy.cc (2)
M src/XrdSecgsi/XrdSecgsitest.cc (2)

Patch Links:

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/pull/1493", "url": "https://github.com/xrootd/xrootd/pull/1493", "name": "View Pull Request" }, "description": "View this Pull Request on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1