cvs-import.sh and transparent proxies
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Mon Mar 7 18:25:44 UTC 2005
shahms at shahms.com (Shahms King) writes:
> I recently tried to import ipython-0.6.11-2.src.rpm into Extras CVS and
> got about 50% done when the cvs-import.sh script failed due to a 403
> error on the upload.cgi script. I'm guessing that this is due to the
> transparent proxy setup here at work. Clearly, removing source-ip
> checking from the upload script is not an option.
It is the only option... IP based authentication for public HTTP servers
is not a very clever solution (to say it politely). It does not gain any
security but destroys functionality.
A better option would be HTTP(S) auth for the upload script or auth by
SSL/TLS client certificates. Login data for the former method could be
reused from Bugzilla; the latter option requires some CA infrastructure
at RH.
Enrico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 480 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20050307/148b7cfc/attachment.sig>
More information about the Fedora-maintainers
mailing list