fedora-infrastructure

History

Ricky Zhou ef148e8529 Sync changes from puppet.		2009-12-07 11:15:46 -05:00
..
README	Fix a few errors, some more cleanup.	2009-03-13 20:35:20 -04:00
upload.cgi	Sync changes from puppet.	2009-12-07 11:15:46 -05:00
upload.test.cgi	Fix error message.	2009-06-13 02:14:03 -04:00

README

Tell us if you have a better installation or one that is proven to work.
Also please let us know if there is a better or more efficient way to do
what we're trying to do here.  Technologies change over time, keep us up
to date ;)

Alias /repo/pkgs/ /repo/pkgs/

<Directory /repo/pkgs/>
  SSLVerifyClient optional
  SSLVerifyDepth 1
  SSLOptions +StrictRequire +StdEnvVars +OptRenegotiate
  # require that the access comes from internal or that
  # the client auth cert was created by us and signed by us
  SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
    and %{SSL_CLIENT_S_DN_O} eq "Fedora Project" \
    and %{SSL_CLIENT_I_DN_O} eq "Fedora Project" \
    and %{SSL_CLIENT_I_DN_OU} eq "Upload Files" )
</Directory>

<Location "/repo/pkgs/upload.cgi">
  SetHandler cgi-script
  Options ExecCGI
  Order Allow,Deny
  Allow from all
  SSLRequireSSL
</Location>