From 8bd67055989a669ef9f9b218444902f2cca731b926bfaed11f89f28c6e786ace Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Fri, 28 Aug 2009 23:03:33 +0000 Subject: [PATCH] Accepting request 19078 from server:proxy Copy from server:proxy/cntlm based on submit request 19078 from user computersalat OBS-URL: https://build.opensuse.org/request/show/19078 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cntlm?expand=0&rev=1 --- .gitattributes | 23 +++++ .gitignore | 1 + cntlm-0.35.1-Makefile.patch | 18 ++++ cntlm-0.35.1-config.patch | 35 +++++++ cntlm-0.35.1.tar.bz2 | 3 + cntlm.changes | 22 ++++ cntlm.init | 201 ++++++++++++++++++++++++++++++++++++ cntlm.spec | 106 +++++++++++++++++++ cntlm.sysconfig | 62 +++++++++++ ready | 0 10 files changed, 471 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 cntlm-0.35.1-Makefile.patch create mode 100644 cntlm-0.35.1-config.patch create mode 100644 cntlm-0.35.1.tar.bz2 create mode 100644 cntlm.changes create mode 100644 cntlm.init create mode 100644 cntlm.spec create mode 100644 cntlm.sysconfig create mode 100644 ready diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/cntlm-0.35.1-Makefile.patch b/cntlm-0.35.1-Makefile.patch new file mode 100644 index 0000000..b8e1f09 --- /dev/null +++ b/cntlm-0.35.1-Makefile.patch @@ -0,0 +1,18 @@ +diff -ruN cntlm-0.35.1-orig/Makefile cntlm-0.35.1/Makefile +--- cntlm-0.35.1-orig/Makefile 2007-11-21 01:18:24.000000000 +0100 ++++ cntlm-0.35.1/Makefile 2009-05-06 18:09:53.000000000 +0200 +@@ -42,10 +42,10 @@ + install -O root -G system -M 644 -f $(MANDIR)/man1 doc/$(NAME).1; \ + install -O root -G system -M 600 -c $(SYSCONFDIR) doc/$(NAME).conf; \ + else \ +- install -D -o root -g root -m 755 -s $(NAME) $(BINDIR)/$(NAME); \ +- install -D -o root -g root -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \ ++ install -D -m 755 -s $(NAME) $(BINDIR)/$(NAME); \ ++ install -D -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \ + [ -f $(SYSCONFDIR)/$(NAME).conf -o -z "$(SYSCONFDIR)" ] \ +- || install -D -o root -g root -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \ ++ || install -D -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \ + fi + @echo; echo "Cntlm will look for configuration in $(SYSCONFDIR)/$(NAME).conf" + +Dateien cntlm-0.35.1-orig/.Makefile.swp und cntlm-0.35.1/.Makefile.swp sind verschieden. diff --git a/cntlm-0.35.1-config.patch b/cntlm-0.35.1-config.patch new file mode 100644 index 0000000..3fb4185 --- /dev/null +++ b/cntlm-0.35.1-config.patch @@ -0,0 +1,35 @@ +diff -ruN cntlm-0.35.1-orig/doc/cntlm.conf cntlm-0.35.1/doc/cntlm.conf +--- cntlm-0.35.1-orig/doc/cntlm.conf 2007-11-02 02:07:11.000000000 +0100 ++++ cntlm-0.35.1/doc/cntlm.conf 2009-05-06 16:49:22.000000000 +0200 +@@ -7,8 +7,15 @@ + + Username testuser + Domain corp-uk +-Password password # Use hashes instead (-H) +-#Workstation netbios_hostname # Should be auto-guessed ++Password password ++# Use hashes instead call "cntlm -H" ++#PassLM 1AD35398BE6565DDB5C4EF70C0593492 ++#PassNT 77B9081511704EE852F94227CF48A793 ++### Only for user 'testuser', domain 'corp-uk' ++#PassNTLMv2 D5826E9C665C37C80B53397D5C07BBCB ++ ++### Should be auto-guessed ++#Workstation netbios_hostname + + Proxy 10.217.112.41:8080 + Proxy 10.217.112.42:8080 +@@ -16,7 +23,12 @@ + # + # This is the port number where Cntlm will listen + # +-Listen 3128 ++################################################## ++# consider to change Listen Parameter in ++# /etc/sysconfig/cntlm ++# as a default 127.0.0.1:3128 is used ++# but if defined here it takes precedence over sysconfig ++#Listen 3128 + + # + # If you wish to use the SOCKS5 proxy feature as well, uncomment diff --git a/cntlm-0.35.1.tar.bz2 b/cntlm-0.35.1.tar.bz2 new file mode 100644 index 0000000..77d3899 --- /dev/null +++ b/cntlm-0.35.1.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3f70729d48250b94e00002035398ebdf3ffb0c58d5b1e0db545210aaf97b251c +size 64798 diff --git a/cntlm.changes b/cntlm.changes new file mode 100644 index 0000000..9a9732c --- /dev/null +++ b/cntlm.changes @@ -0,0 +1,22 @@ +------------------------------------------------------------------- +Thu Aug 27 21:30:59 CEST 2009 - chris@computersalat.de + +- spec mods + o replace check for existing user with getent + +------------------------------------------------------------------- +Sat Aug 22 12:58:32 CEST 2009 - chris@computersalat.de + +- cleanup spec + o removed ^#----- + +------------------------------------------------------------------- +Mon Jul 6 14:55:07 CEST 2009 - chris@computersalat.de + +- added missing rclink + +------------------------------------------------------------------- +Wed May 6 18:37:10 CEST 2009 - chris@computersalat.de + +- initial build for Version 0.35.1 + diff --git a/cntlm.init b/cntlm.init new file mode 100644 index 0000000..24548c9 --- /dev/null +++ b/cntlm.init @@ -0,0 +1,201 @@ +#!/bin/sh +# +# Copyright (c) 2009 Scorpio IT, Deidesheim, Germany +# +# Author: Christian Wittmer +# Please send feedback to rpm (at) scorpio-it (dot) net +# +# /etc/init.d/cntlm +# and its symbolic link +# /(usr/)sbin/rccntlm +# +### BEGIN INIT INFO +# Provides: cntlm +# Required-Start: $syslog $network $time +# Should-Start: $remote_fs +# Required-Stop: $syslog $network $time +# Should-Stop: $remote_fs +# Default-Start: 2 3 5 +# Default-Stop: 0 1 6 +# Short-Description: start/stop the cntlm proxy +# Description: ntlm is meant to be given your proxy address and becomming +# the primary proxy then, listening on a selected local port. +# You point all your proxy-aware programs to it and don't ever +# have to deal with proxy authentication again. +### END INIT INFO +# +# Note on runlevels: +# 0 - halt/poweroff 6 - reboot +# 1 - single user 2 - multiuser without network exported +# 3 - multiuser w/ network (text mode) 5 - multiuser w/ network and X11 (xdm) +# + +# Check for missing binaries (stale symlinks should not happen) +# Note: Special treatment of stop for LSB conformance +cntlm_bin="/usr/sbin/cntlm" +test -x $cntlm_bin || { echo "$cntlm_bin not installed"; + if [ "$1" = "stop" ]; then exit 0; + else exit 5; fi; } + +# Check for existence of needed sysconfig file and read it +cntlm_config="/etc/cntlm.conf" +test -r $cntlm_config || { echo "$cntlm_config not existing"; + if [ "$1" = "stop" ]; then exit 0; + else exit 6; fi; } + +# Check for existence of needed sysconfig file and read it +cntlm_sysconfig="/etc/sysconfig/cntlm" +test -r $cntlm_sysconfig || { echo "$cntlm_sysconfig not existing"; + if [ "$1" = "stop" ]; then exit 0; + else exit 6; fi; } + +# Read config +. $cntlm_sysconfig + +# some defaults +cntlm_desc="CNTLM Authentication Proxy" +cntlm_pid="/var/run/cntlm/cntlmd.pid" +cntlm_lock="/var/lock/subsys/cntlm" +cntlm_user="-U ${CNTLM_USER:=cntlm}" +cntlm_opts=${CNTLM_OPTS:=""} + +# if no "Proxy" is set in cntlm.conf try '127.0.0.1:3128' as a default +if [ `/bin/cat $cntlm_config | grep -e "^Listen" >/dev/null; echo $?` -eq 0 ]; then + cntlm_listen= +else + cntlm_listen="-l ${CNTLM_LISTEN:=127.0.0.1:3128}" +fi + +# Source LSB init functions +# providing start_daemon, killproc, pidofproc, +# log_success_msg, log_failure_msg and log_warning_msg. +# This is currently not used by UnitedLinux based distributions and +# not needed for init scripts for UnitedLinux only. If it is used, +# the functions from rc.status should not be sourced or used. +#. /lib/lsb/init-functions + +# Shell functions sourced from /etc/rc.status: +# rc_check check and set local and overall rc status +# rc_status check and set local and overall rc status +# rc_status -v be verbose in local rc status and clear it afterwards +# rc_status -v -r ditto and clear both the local and overall rc status +# rc_status -s display "skipped" and exit with status 3 +# rc_status -u display "unused" and exit with status 3 +# rc_failed set local and overall rc status to failed +# rc_failed set local and overall rc status to +# rc_reset clear both the local and overall rc status +# rc_exit exit appropriate to overall rc status +# rc_active checks whether a service is activated by symlinks +. /etc/rc.status + +# Reset status of this service +rc_reset + +# Return values acc. to LSB for all commands but status: +# 0 - success +# 1 - generic or unspecified error +# 2 - invalid or excess argument(s) +# 3 - unimplemented feature (e.g. "reload") +# 4 - user had insufficient privileges +# 5 - program is not installed +# 6 - program is not configured +# 7 - program is not running +# 8--199 - reserved (8--99 LSB, 100--149 distrib, 150--199 appl) +# +# Note that starting an already running service, stopping +# or restarting a not-running service as well as the restart +# with force-reload (in case signaling is not supported) are +# considered a success. + +case "$1" in + start) + echo -n "Starting ${cntlm_desc}: " + ## Start daemon with startproc(8). If this fails + ## the return value is set appropriately by startproc. + /sbin/startproc -p $cntlm_pid $cntlm_bin -P $cntlm_pid $cntlm_listen $cntlm_user $cntlm_opts &>/dev/null + + # Remember status and be verbose + rc_status -v + ;; + stop) + echo -n "Shutting down ${cntlm_desc}: " + ## Stop daemon with killproc(8) and if this fails + ## killproc sets the return value according to LSB. + /sbin/killproc -p $cntlm_pid -TERM $cntlm_bin &>/dev/null + + # Remember status and be verbose + rc_status -v + ;; + try-restart|condrestart) + ## Do a restart only if the service was active before. + ## Note: try-restart is now part of LSB (as of 1.9). + ## RH has a similar command named condrestart. + if test "$1" = "condrestart"; then + echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" + fi + $0 status + if test $? = 0; then + $0 restart + else + rc_reset # Not running is not a failure. + fi + + # Remember status and be quiet + rc_status + ;; + restart) + ## Stop the service and regardless of whether it was + ## running or not, start it again. + $0 stop + $0 start + + # Remember status and be quiet + rc_status + ;; + force-reload|reload) + ## Signal the daemon to reload its config. Most daemons + ## do this on signal 1 (SIGHUP). + ## If it does not support it, restart the service if it + ## is running. + + # cntlm does not support SIGHUP, so restart + echo -n "Reload ${cntlm_desc}: " + ## if it supports it: + #/sbin/killproc -p $cntlm_pid -HUP $cntlm_bin + + # Remember status and be verbose + #rc_status -v + + ## Otherwise: + $0 try-restart + + # Remember status and be quiet + rc_status + ;; + status) + echo -n "Checking for ${cntlm_desc}: " + ## Check status with checkproc(8), if process is running + ## checkproc will return with exit status 0. + + # Return value is slightly different for the status command: + # 0 - service up and running + # 1 - service dead, but /var/run/ pid file exists + # 2 - service dead, but /var/lock/ lock file exists + # 3 - service not running (unused) + # 4 - service status unknown :-( + # 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.) + + # NOTE: checkproc returns LSB compliant status values. + /sbin/checkproc -p $cntlm_pid $cntlm_bin + # NOTE: rc_status knows that we called this init script with + # "status" option and adapts its messages accordingly. + + # Remember status and be verbose + rc_status -v + ;; + *) + echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}" + exit 1 + ;; +esac +rc_exit diff --git a/cntlm.spec b/cntlm.spec new file mode 100644 index 0000000..b274b06 --- /dev/null +++ b/cntlm.spec @@ -0,0 +1,106 @@ +# +# spec file for package cntlm (Version 0.35.1) +# +# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2007 Scorpio IT, Deidesheim, Germany +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + +# norootforbuild + + +Name: cntlm +Summary: Fast NTLM authentication proxy with tunneling +Version: 0.35.1 +Release: 1 +License: GNU GPL V2 +Group: Productivity/Networking/Web/Proxy +Url: http://cntlm.sourceforge.net/ +Source0: %{name}-%{version}.tar.bz2 +Source1: %{name}.init +Source2: %{name}.sysconfig +Patch: %{name}-0.35.1-config.patch +Patch1: %{name}-0.35.1-Makefile.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-build +PreReq: pwdutils grep + +%description +Cntlm is a fast and efficient NTLM proxy, with support for TCP/IP tunneling, +authenticated connection caching, ACLs, proper daemon logging and behaviour +and much more. It has up to ten times faster responses than similar NTLM +proxies, while using by orders or magnitude less RAM and CPU. Manual page +contains detailed information. + + Contact: David Kubicek + + +%prep +%setup -q -n %{name}-%{version} +%patch -p1 +%patch1 -p1 + +%build +./configure +%{__make} SYSCONFDIR=%{_sysconfdir} \ + BINDIR=%{_sbindir} \ + MANDIR=%{_mandir} + +%install +%makeinstall SYSCONFDIR=$RPM_BUILD_ROOT/%{_sysconfdir} \ + BINDIR=$RPM_BUILD_ROOT/%{_sbindir} \ + MANDIR=$RPM_BUILD_ROOT/%{_mandir} +%{__install} -d $RPM_BUILD_ROOT/var/run/%{name} +%{__install} -D -m 755 %{S:1} $RPM_BUILD_ROOT/%{_initrddir}/%{name} +%{__ln_s} -f ../..%{_sysconfdir}/init.d/%{name} ${RPM_BUILD_ROOT}/usr/sbin/rc%{name} +%{__install} -D -m 644 %{S:2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.%{name} + +%pre +# on `rpm -ivh` PARAM is 1 +# on `rpm -Uvh` PARAM is 2 + # user cntlm + if [ -z "`%{_bindir}/getent passwd "%{name}"`" ]; then + %{_sbindir}/useradd -c "CNTLM Proxy Auth" -d /var/run/%{name} -g nogroup \ + -r -s /bin/false %{name} 2>/dev/null; + fi + +%preun +# on `rpm -e` PARAM is 0 +%stop_on_removal cntlm +#if [ "$1" -eq 0 ]; then +# %{_sbindir}/userdel %{name} 2>/dev/null +#fi + +%post +# on `rpm -ivh` PARAM is 1 +# on `rpm -Uvh` PARAM is 2 +%{fillup_and_insserv cntlm} + +%postun +# on `rpm -e` PARAM is 0 +%restart_on_update cntlm +%{insserv_cleanup} + +%clean +[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] && %{__rm} -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root,-) +%doc COPYRIGHT LICENSE README VERSION +%config(noreplace) %{_sysconfdir}/%{name}.conf +%config(noreplace) %{_initrddir}/%{name} +%{_sbindir}/* +%{_mandir}/man1/%{name}.1* +%dir %attr(755,%{name},root) /var/run/%{name} +/var/adm/fillup-templates/sysconfig.%{name} + +%changelog diff --git a/cntlm.sysconfig b/cntlm.sysconfig new file mode 100644 index 0000000..3fc6d2d --- /dev/null +++ b/cntlm.sysconfig @@ -0,0 +1,62 @@ +## Path: Productivity/Networking/Web/Proxy +## Description: Basic configuration of cntlm auth proxy +## Config: cntlm +## Type: string +## Default: "cntlm" +# +CNTLM_USER="" + +## Type: string +## Default: "" +# +# -A
[/] +# New ACL allow rule. Address can be an IP or a hostname, net must be a number (CIDR notation) +# -a ntlm | nt | lm +# Authentication parameter - combined NTLM, just LM, or just NT. Default is to, +# send both, NTLM. It is the most versatile setting and likely to work for you. +# -B Enable NTLM-to-basic authentication. +# -c +# Configuration file. Other arguments can be used as well, overriding +# config file settings. +# -D
[/] +# New ACL deny rule. Syntax same as -A. +# -d +# Domain/workgroup can be set separately. +# -f Run in foreground, do not fork into daemon mode. +# -F +# NTLM authentication flags. +# -G +# User-Agent matching for the trans-isa-scan plugin. +# -g Gateway mode - listen on all interfaces, not only loopback. +# -L [:]:: +# Forwarding/tunneling a la OpenSSH. Same syntax - listen on lport +# and forward all connections through the proxy to rhost:rport. +# Can be used for direct tunneling without corkscrew, etc. +# -O [:] +# Enable SOCKS5 proxy and make it listen on the specified port (and address). +# -p +# Account password. Will not be visible in "ps", /proc, etc. +# -r "HeaderName: value" +# Add a header substitution. All such headers will be added/replaced +# in the client's requests. +# -S +# Enable transparent handler of ISA AV scanner plugin for files up to size_in_kb KiB. +# -s Do not use threads, serialize all requests - for debugging only. +# -U +# Run as uid. It is an important security measure not to run as root. +# -u [@ +# Some proxies require correct NetBIOS hostname. +# +CNTLM_OPTS="" + +## Type: string +## Default: "127.0.0.1:3128" if not set in cntlm.conf +# +# -l [:] +# Main listening port for the NTLM proxy. +# +CNTLM_LISTEN="" + diff --git a/ready b/ready new file mode 100644 index 0000000..473a0f4