particle-os/debian-koji
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

- make client certificate config global (in ssl.conf) to avoid SSL renegotiation and buffer overruns caused by it

Browse source 
- reorganize auth config in kojihub.conf
- don't set krb_principal for new hosts unless HostPrincipalFormat is set
This commit is contained in:
Mike Bonnet 2007-03-27 11:56:28 -04:00
parent 3f3d51c961
commit f71a80d167
3 changed files with 30 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

11
www/conf/kojiweb.conf
View file

@ -39,11 +39,12 @@ Alias /koji "/usr/share/koji-web/scripts/"
# </Location>
# uncomment this to enable authentication via SSL client certificates
<Location /koji/login>
SSLVerifyClient require
SSLVerifyDepth 10
SSLOptions +StdEnvVars
</Location>
# <Location /koji/login>
# SSLOptions +StdEnvVars
# </Location>
# these options must be enabled globally (in ssl.conf)
# SSLVerifyClient require
# SSLVerifyDepth 10
Alias /koji-static/ "/usr/share/koji-web/static/"