[Bug 137418] Re: add ntlm (MS) proxy support (wishlist)

[Nelson Benitez]

Hi, this bug prevents me from using ubuntu/debian from my workplace
where my employer uses a NTLM proxy authentication to reach the
internet, I had the same problem with fedora and its yum package
manager, in fedora they use curl to download http requests so adding
NTLM support was just a one-liner patch, see:

https://bugzilla.redhat.com/show_bug.cgi?id=769254#c3

whereas in debian/ubuntu apt-get uses a custom c++ implementation of
http protocol[1] so adding NTLM proxy authentication support is a non
trivial issue, on the other hand apt uses libcurl for https requests[2]
so  I will send the one-liner patch to support it.

The solution for this bug would be:

- Port http download code to libcurl, same way https code is already using it.
- As a workaround till prior step is done the ntlmaps package[3] should be included by default in debian/ubuntu so any user behind a NTLM authenticated proxy can *use* apt-get to install/update any package.


[1] http://anonscm.debian.org/loggerhead/apt/debian-sid/annotate/head:/methods/http.cc

[2] http://anonscm.debian.org/loggerhead/apt/debian-
sid/annotate/head:/methods/https.cc

[3] http://packages.ubuntu.com/feisty/web/ntlmaps


Thanks,

** Bug watch added: Red Hat Bugzilla #769254
   https://bugzilla.redhat.com/show_bug.cgi?id=769254

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/137418

Title:
  add ntlm (MS) proxy support (wishlist)

Status in “apt” package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: apt

  I'm using Ubuntu Feisty Fawn 7.04 in my computer at work. The computer is behind a internet firewall (http://9.9.9.9:3128).
  The problems was:

  I have to log into the proxy server using a DOMAIN + username + server
  + port

  Ive tried to configure in this ways:
    - Menu : system > preferences > proxy
    - Synaptic: preferences > proxy server > proxy http [9.9.9.9 + 3128] + authentication [ DOMAIN\username + password]
    - Exporting the string http+proxy to the environment

  Nothing was working. In all cases, was returning: 407 Proxy
  Authentication Required

  But in last search, i found the package 
  http://packages.ubuntu.com/feisty/web/ntlmaps

  This is a local proxy that listen in a local port (in my case: 1080)
  that connects to proxy 9.9.9.9:3128 using NT authentication (DOMAIN +
  USER + PASSWORD)

  But after installing the package using the link above, i need to
  follow these steps:

  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

  1 - Change the file /etc/ntlmaps/server.cfg using the following
  parameters:

  LISTEN_PORT: 1080
  PARENT_PROXY: 9.9.9.9
  PARENT_PROXY_PORT: 3128
  NT_DOMAIN: DOMAIN
  USER: myuser
  PASSWORD: mypasswsord

  #Note: NT_HOSTNAME is empty!

  2 - Change the file /usr/share/ntlmaps/main.py. The last parameter of
  the calling of function findConfigFileNameInArgv was changed:

  conf = config_ntlmaps.read_config(config_ntlmaps.findConfigFileNameInArgv(sys.argv, '/etc/ntlmaps/'))
  #note the fixed string '/etc/ntlmaps/'

  3 - Execute the following command in a terminal: 
  export http_proxy=127.0.0.1:1080

  4 - Execute another command to restart the ntlmaps server:
  /etc/init.d/ntlmaps stop
  /etc/init.d/ntlmaps restart

  %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

  Finally i could use my apt-get via terminal.

  Best regards!

  Marcelo Amorim Ferreira
  Uberlândia - Minas Gerais
  Brasil [<o>]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/137418/+subscriptions