 |
 |
> That is, if the settings between the server and the DAVIX is the same (both on or both off) it all works. No, what I am trying to say is that with session caching on server ON (or missing) AND DAVIX session on, things BREAK. My _manual_ tests only work if I **disable** DAVIX session cache. I have to retract my findings regarding `DAVIX_DISABLE_SESSION_CACHING=false` and `http.tlsreuse off` - it seems `false` is still interpreted as "disable cache". Only if `DAVIX_DISABLE_SESSION_CACHING` is unset, I can reproduce the FTS issue. In short: no setting of `http.tlsreuse` (missing, `on`, or `off`) works if DAVIX session reuse is enabled. Since it seems to work for other sites, I guess it is a problem with my config or xrootd installation. <details> <summary> Config redirector (xrdconfig display)</summary> <pre> acc.audit deny grant acc.authdb /etc/xrootd/Authfile acc.authrefresh 60 all.adminpath /var/spool/xrootd all.export / nostage all.manager meta all xrootd-cms.infn.it+ 1213 all.pidpath /var/run/xrootd all.role manager all.sitename UKI-SOUTHGRID-BRIS-HEP cms.allow host * cms.delay startup 10 servers 1 cms.dfs limit 0 lookup distrib mdhold 0 redirect immed retries 2 cms.fxhold 60s cms.trace all http.desthttps yes http.exthandler xrdtpc libXrdHttpTPC.so http.header2cgi Authorization authz http.listingdeny no http.secxtractor /usr/lib64/libXrdVoms.so certfmt=raw|grpopt=useall|vos=atlas,cms,dteam,dune,gridpp,lz,mu3e.org,ops,wlcg|grps=/atlas,/cms,/dteam,/dune,/gridpp,/lz,/mu3e,/ops,/wlcg|dbg http.staticpreload http://static/robots.txt /etc/xrootd/robots.txt http.tlsreuse off macaroons.secretkey /etc/xrootd/macaroon-secret ofs.authlib ++ libXrdMacaroons.so ofs.authorize 1 ofs.osslib /usr/lib64/libXrdHdfs.so ofs.trace none oss.namelib libXrdCmsTfc.so file:/etc/xrootd/storage.xml?protocol=direct sec.protocol /usr/lib64 gsi -dlgpxy:1 -exppxy:=creds -ca:1 -crl:3 -cert:/etc/grid-security/xrd/hostcert.pem -key:/etc/grid-security/xrd/hostkey.pem -certdir:/etc/grid-security/certificates -vomsfun:/usr/lib64/libXrdVoms.so -vomsfunparms:certfmt=raw|grpopt=useall|vos=atlas,cms,dteam,dune,gridpp,lz,mu3e.org,ops,wlcg|grps=/atlas,/cms,/dteam,/dune,/gridpp,/lz,/mu3e,/ops,/wlcg|dbg tpc.trace info voms.trace debug xrd.protocol http:1194 +port xrd.tls /etc/grid-security/xrd/hostcert.pem /etc/grid-security/xrd/hostkey.pem xrd.tlsca certdir /etc/grid-security/certificates refresh 8h xrd.trace conn xrootd.async off nosf xrootd.monitor all flush 30s ident 5m fstat 60 lfn ops ssq xfr 5 window 5s dest fstat info user redir CMS-AAA-EU-COLLECTOR.cern.ch:9330 dest fstat info user redir atlas-fax-eu-collector.cern.ch:9330 xrootd.seclib libXrdSec.so xrootd.tls capable all xrootd.trace all -debug -request -response -fsio -fsaio </pre> </details> <details> <summary> Config server (xrdconfig display) </summary> <pre> acc.audit deny grant acc.authdb /etc/xrootd/Authfile acc.authrefresh 60 all.adminpath /var/spool/xrootd all.export / nostage all.manager xrootd.phy.bris.ac.uk:3121 all.pidpath /var/run/xrootd all.role server all.sitename UKI-SOUTHGRID-BRIS-HEP cms.allow host * cms.delay startup 10 servers 1 cms.dfs lookup central redirect verify cms.fxhold 60s cms.space min 2g 5g cms.trace all http.exthandler xrdmacaroons libXrdMacaroons.so http.header2cgi Authorization authz http.listingdeny no http.secxtractor /usr/lib64/libXrdVoms.so certfmt=raw|grpopt=useall|vos=atlas,cms,dteam,dune,gridpp,lz,mu3e.org,ops,wlcg|grps=/atlas,/cms,/dteam,/dune,/gridpp,/lz,/mu3e,/ops,/wlcg|dbg http.staticpreload http://static/robots.txt /etc/xrootd/robots.txt http.tlsreuse off macaroons.secretkey /etc/xrootd/macaroon-secret ofs.authlib ++ libXrdMacaroons.so ofs.authorize 1 ofs.osslib /usr/lib64/libXrdHdfs.so ofs.persist off ofs.trace none oss.namelib libXrdCmsTfc.so file:/etc/xrootd/storage.xml?protocol=direct sec.protocol /usr/lib64 gsi -dlgpxy:1 -exppxy:=creds -ca:1 -crl:3 -cert:/etc/grid-security/xrd/hostcert.pem -key:/etc/grid-security/xrd/hostkey.pem -certdir:/etc/grid-security/certificates -vomsfun:/usr/lib64/libXrdVoms.so -vomsfunparms:certfmt=raw|grpopt=useall|vos=atlas,cms,dteam,dune,gridpp,lz,mu3e.org,ops,wlcg|grps=/atlas,/cms,/dteam,/dune,/gridpp,/lz,/mu3e,/ops,/wlcg|dbg tpc.trace info voms.trace debug xrd.port 1194 xrd.protocol http:1194 +port xrd.tls /etc/grid-security/xrd/hostcert.pem /etc/grid-security/xrd/hostkey.pem xrd.tlsca certdir /etc/grid-security/certificates refresh 8h xrd.trace conn xrootd.async off nosf xrootd.chksum max 100 adler32 /etc/xrootd/xrdsum.sh xrootd.monitor all flush 30s ident 5m fstat 60 lfn ops ssq xfr 5 window 5s dest fstat info user redir CMS-AAA-EU-COLLECTOR.cern.ch:9330 dest fstat info user redir atlas-fax-eu-collector.cern.ch:9330 xrootd.seclib libXrdSec.so xrootd.tls capable all xrootd.trace all -debug -request -response -fsio -fsaio </pre> </details> ## Updated | client | server | works? | | ------- | -------- | ---------- | | `DAVIX_DISABLE_SESSION_CACHING=false` | `http.tlsreuse` missing | no | | `DAVIX_DISABLE_SESSION_CACHING=false` | `http.tlsreuse on` | no | | `DAVIX_DISABLE_SESSION_CACHING=true` | `http.tlsreuse` missing | yes | | `DAVIX_DISABLE_SESSION_CACHING=true` | `http.tlsreuse on` | yes | | `DAVIX_DISABLE_SESSION_CACHING=false` | `http.tlsreuse off` | yes | | `DAVIX_DISABLE_SESSION_CACHING` unset | `http.tlsreuse off` | no | -- Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1736#issuecomment-1270223582 You are receiving this because you commented. Message ID: <[log in to unmask]> ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1