On January 20, 2020 10:59:48 Drew Parsons <dpars...@debian.org> wrote:
Has the self-service wannabuild giveback script been disabled? It's now rejecting connections, e.g. https://buildd.debian.org/auth/giveback.cgi?pkg=ga&suite=sid&arch=armel generates Forbidden You don't have permission to access this resource.Reason: Cannot perform Post-Handshake Authentication. Apache Server at buildd.debian.org Port 443 My SSO is otherwise working fine, e.g. triggering debci tests at https://ci.debian.net/user
I'm told it was broken by the upgrade of Apache - apparently it can no longer do per path client certificate authentication. There is a pending RT ticket from DSA to fix that but I don't think there is anything I can do at the moment - except turn on SSO for the whole vhost. Maybe that could even be a workaround for now and we could check if someone is annoyed by that. :)
Kind regards Philipp Kern
