forked from pool/cntlm

Accepting request 19078 from server:proxy

Copy from server:proxy/cntlm based on submit request 19078 from user computersalat

This commit is contained in:
OBS User autobuild 2009-08-28 23:03:33 +00:00 committed by Git OBS Bridge
commit 8bd6705598
10 changed files with 471 additions and 0 deletions

.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore vendored Normal file
View File

@ -0,0 +1 @@

View File

@ -0,0 +1,18 @@
diff -ruN cntlm-0.35.1-orig/Makefile cntlm-0.35.1/Makefile
--- cntlm-0.35.1-orig/Makefile 2007-11-21 01:18:24.000000000 +0100
+++ cntlm-0.35.1/Makefile 2009-05-06 18:09:53.000000000 +0200
@@ -42,10 +42,10 @@
install -O root -G system -M 644 -f $(MANDIR)/man1 doc/$(NAME).1; \
install -O root -G system -M 600 -c $(SYSCONFDIR) doc/$(NAME).conf; \
else \
- install -D -o root -g root -m 755 -s $(NAME) $(BINDIR)/$(NAME); \
- install -D -o root -g root -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \
+ install -D -m 755 -s $(NAME) $(BINDIR)/$(NAME); \
+ install -D -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \
[ -f $(SYSCONFDIR)/$(NAME).conf -o -z "$(SYSCONFDIR)" ] \
- || install -D -o root -g root -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \
+ || install -D -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \
@echo; echo "Cntlm will look for configuration in $(SYSCONFDIR)/$(NAME).conf"
Dateien cntlm-0.35.1-orig/.Makefile.swp und cntlm-0.35.1/.Makefile.swp sind verschieden.

cntlm-0.35.1-config.patch Normal file
View File

@ -0,0 +1,35 @@
diff -ruN cntlm-0.35.1-orig/doc/cntlm.conf cntlm-0.35.1/doc/cntlm.conf
--- cntlm-0.35.1-orig/doc/cntlm.conf 2007-11-02 02:07:11.000000000 +0100
+++ cntlm-0.35.1/doc/cntlm.conf 2009-05-06 16:49:22.000000000 +0200
@@ -7,8 +7,15 @@
Username testuser
Domain corp-uk
-Password password # Use hashes instead (-H)
-#Workstation netbios_hostname # Should be auto-guessed
+Password password
+# Use hashes instead call "cntlm -H"
+#PassLM 1AD35398BE6565DDB5C4EF70C0593492
+#PassNT 77B9081511704EE852F94227CF48A793
+### Only for user 'testuser', domain 'corp-uk'
+#PassNTLMv2 D5826E9C665C37C80B53397D5C07BBCB
+### Should be auto-guessed
+#Workstation netbios_hostname
@@ -16,7 +23,12 @@
# This is the port number where Cntlm will listen
-Listen 3128
+# consider to change Listen Parameter in
+# /etc/sysconfig/cntlm
+# as a default is used
+# but if defined here it takes precedence over sysconfig
+#Listen 3128
# If you wish to use the SOCKS5 proxy feature as well, uncomment

cntlm-0.35.1.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
oid sha256:3f70729d48250b94e00002035398ebdf3ffb0c58d5b1e0db545210aaf97b251c
size 64798

cntlm.changes Normal file
View File

@ -0,0 +1,22 @@
Thu Aug 27 21:30:59 CEST 2009 -
- spec mods
o replace check for existing user with getent
Sat Aug 22 12:58:32 CEST 2009 -
- cleanup spec
o removed ^#-----
Mon Jul 6 14:55:07 CEST 2009 -
- added missing rclink
Wed May 6 18:37:10 CEST 2009 -
- initial build for Version 0.35.1

cntlm.init Normal file
View File

@ -0,0 +1,201 @@
# Copyright (c) 2009 Scorpio IT, Deidesheim, Germany
# Author: Christian Wittmer
# Please send feedback to rpm (at) scorpio-it (dot) net
# /etc/init.d/cntlm
# and its symbolic link
# /(usr/)sbin/rccntlm
# Provides: cntlm
# Required-Start: $syslog $network $time
# Should-Start: $remote_fs
# Required-Stop: $syslog $network $time
# Should-Stop: $remote_fs
# Default-Start: 2 3 5
# Default-Stop: 0 1 6
# Short-Description: start/stop the cntlm proxy
# Description: ntlm is meant to be given your proxy address and becomming
# the primary proxy then, listening on a selected local port.
# You point all your proxy-aware programs to it and don't ever
# have to deal with proxy authentication again.
# Note on runlevels:
# 0 - halt/poweroff 6 - reboot
# 1 - single user 2 - multiuser without network exported
# 3 - multiuser w/ network (text mode) 5 - multiuser w/ network and X11 (xdm)
# Check for missing binaries (stale symlinks should not happen)
# Note: Special treatment of stop for LSB conformance
test -x $cntlm_bin || { echo "$cntlm_bin not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
# Check for existence of needed sysconfig file and read it
test -r $cntlm_config || { echo "$cntlm_config not existing";
if [ "$1" = "stop" ]; then exit 0;
else exit 6; fi; }
# Check for existence of needed sysconfig file and read it
test -r $cntlm_sysconfig || { echo "$cntlm_sysconfig not existing";
if [ "$1" = "stop" ]; then exit 0;
else exit 6; fi; }
# Read config
. $cntlm_sysconfig
# some defaults
cntlm_desc="CNTLM Authentication Proxy"
cntlm_user="-U ${CNTLM_USER:=cntlm}"
# if no "Proxy" is set in cntlm.conf try '' as a default
if [ `/bin/cat $cntlm_config | grep -e "^Listen" >/dev/null; echo $?` -eq 0 ]; then
cntlm_listen="-l ${CNTLM_LISTEN:=}"
# Source LSB init functions
# providing start_daemon, killproc, pidofproc,
# log_success_msg, log_failure_msg and log_warning_msg.
# This is currently not used by UnitedLinux based distributions and
# not needed for init scripts for UnitedLinux only. If it is used,
# the functions from rc.status should not be sourced or used.
#. /lib/lsb/init-functions
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v be verbose in local rc status and clear it afterwards
# rc_status -v -r ditto and clear both the local and overall rc status
# rc_status -s display "skipped" and exit with status 3
# rc_status -u display "unused" and exit with status 3
# rc_failed set local and overall rc status to failed
# rc_failed <num> set local and overall rc status to <num>
# rc_reset clear both the local and overall rc status
# rc_exit exit appropriate to overall rc status
# rc_active checks whether a service is activated by symlinks
. /etc/rc.status
# Reset status of this service
# Return values acc. to LSB for all commands but status:
# 0 - success
# 1 - generic or unspecified error
# 2 - invalid or excess argument(s)
# 3 - unimplemented feature (e.g. "reload")
# 4 - user had insufficient privileges
# 5 - program is not installed
# 6 - program is not configured
# 7 - program is not running
# 8--199 - reserved (8--99 LSB, 100--149 distrib, 150--199 appl)
# Note that starting an already running service, stopping
# or restarting a not-running service as well as the restart
# with force-reload (in case signaling is not supported) are
# considered a success.
case "$1" in
echo -n "Starting ${cntlm_desc}: "
## Start daemon with startproc(8). If this fails
## the return value is set appropriately by startproc.
/sbin/startproc -p $cntlm_pid $cntlm_bin -P $cntlm_pid $cntlm_listen $cntlm_user $cntlm_opts &>/dev/null
# Remember status and be verbose
rc_status -v
echo -n "Shutting down ${cntlm_desc}: "
## Stop daemon with killproc(8) and if this fails
## killproc sets the return value according to LSB.
/sbin/killproc -p $cntlm_pid -TERM $cntlm_bin &>/dev/null
# Remember status and be verbose
rc_status -v
## Do a restart only if the service was active before.
## Note: try-restart is now part of LSB (as of 1.9).
## RH has a similar command named condrestart.
if test "$1" = "condrestart"; then
echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}"
$0 status
if test $? = 0; then
$0 restart
rc_reset # Not running is not a failure.
# Remember status and be quiet
## Stop the service and regardless of whether it was
## running or not, start it again.
$0 stop
$0 start
# Remember status and be quiet
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
## If it does not support it, restart the service if it
## is running.
# cntlm does not support SIGHUP, so restart
echo -n "Reload ${cntlm_desc}: "
## if it supports it:
#/sbin/killproc -p $cntlm_pid -HUP $cntlm_bin
# Remember status and be verbose
#rc_status -v
## Otherwise:
$0 try-restart
# Remember status and be quiet
echo -n "Checking for ${cntlm_desc}: "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Return value is slightly different for the status command:
# 0 - service up and running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running (unused)
# 4 - service status unknown :-(
# 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
# NOTE: checkproc returns LSB compliant status values.
/sbin/checkproc -p $cntlm_pid $cntlm_bin
# NOTE: rc_status knows that we called this init script with
# "status" option and adapts its messages accordingly.
# Remember status and be verbose
rc_status -v
echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}"
exit 1

cntlm.spec Normal file
View File

@ -0,0 +1,106 @@
# spec file for package cntlm (Version 0.35.1)
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2007 Scorpio IT, Deidesheim, Germany
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via
# norootforbuild
Name: cntlm
Summary: Fast NTLM authentication proxy with tunneling
Version: 0.35.1
Release: 1
License: GNU GPL V2
Group: Productivity/Networking/Web/Proxy
Source0: %{name}-%{version}.tar.bz2
Source1: %{name}.init
Source2: %{name}.sysconfig
Patch: %{name}-0.35.1-config.patch
Patch1: %{name}-0.35.1-Makefile.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: pwdutils grep
Cntlm is a fast and efficient NTLM proxy, with support for TCP/IP tunneling,
authenticated connection caching, ACLs, proper daemon logging and behaviour
and much more. It has up to ten times faster responses than similar NTLM
proxies, while using by orders or magnitude less RAM and CPU. Manual page
contains detailed information.
Contact: David Kubicek <>
%setup -q -n %{name}-%{version}
%patch -p1
%patch1 -p1
%{__make} SYSCONFDIR=%{_sysconfdir} \
BINDIR=%{_sbindir} \
%makeinstall SYSCONFDIR=$RPM_BUILD_ROOT/%{_sysconfdir} \
BINDIR=$RPM_BUILD_ROOT/%{_sbindir} \
%{__install} -d $RPM_BUILD_ROOT/var/run/%{name}
%{__install} -D -m 755 %{S:1} $RPM_BUILD_ROOT/%{_initrddir}/%{name}
%{__ln_s} -f ../..%{_sysconfdir}/init.d/%{name} ${RPM_BUILD_ROOT}/usr/sbin/rc%{name}
%{__install} -D -m 644 %{S:2} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.%{name}
# on `rpm -ivh` PARAM is 1
# on `rpm -Uvh` PARAM is 2
# user cntlm
if [ -z "`%{_bindir}/getent passwd "%{name}"`" ]; then
%{_sbindir}/useradd -c "CNTLM Proxy Auth" -d /var/run/%{name} -g nogroup \
-r -s /bin/false %{name} 2>/dev/null;
# on `rpm -e` PARAM is 0
%stop_on_removal cntlm
#if [ "$1" -eq 0 ]; then
# %{_sbindir}/userdel %{name} 2>/dev/null
# on `rpm -ivh` PARAM is 1
# on `rpm -Uvh` PARAM is 2
%{fillup_and_insserv cntlm}
# on `rpm -e` PARAM is 0
%restart_on_update cntlm
[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] && %{__rm} -rf $RPM_BUILD_ROOT
%config(noreplace) %{_sysconfdir}/%{name}.conf
%config(noreplace) %{_initrddir}/%{name}
%dir %attr(755,%{name},root) /var/run/%{name}

cntlm.sysconfig Normal file
View File

@ -0,0 +1,62 @@
## Path: Productivity/Networking/Web/Proxy
## Description: Basic configuration of cntlm auth proxy
## Config: cntlm
## Type: string
## Default: "cntlm"
## Type: string
## Default: ""
# -A <address>[/<net>]
# New ACL allow rule. Address can be an IP or a hostname, net must be a number (CIDR notation)
# -a ntlm | nt | lm
# Authentication parameter - combined NTLM, just LM, or just NT. Default is to,
# send both, NTLM. It is the most versatile setting and likely to work for you.
# -B Enable NTLM-to-basic authentication.
# -c <config_file>
# Configuration file. Other arguments can be used as well, overriding
# config file settings.
# -D <address>[/<net>]
# New ACL deny rule. Syntax same as -A.
# -d <domain>
# Domain/workgroup can be set separately.
# -f Run in foreground, do not fork into daemon mode.
# -F <flags>
# NTLM authentication flags.
# -G <pattern>
# User-Agent matching for the trans-isa-scan plugin.
# -g Gateway mode - listen on all interfaces, not only loopback.
# -L [<saddr>:]<lport>:<rhost>:<rport>
# Forwarding/tunneling a la OpenSSH. Same syntax - listen on lport
# and forward all connections through the proxy to rhost:rport.
# Can be used for direct tunneling without corkscrew, etc.
# -O [<saddr>:]<lport>
# Enable SOCKS5 proxy and make it listen on the specified port (and address).
# -p <password>
# Account password. Will not be visible in "ps", /proc, etc.
# -r "HeaderName: value"
# Add a header substitution. All such headers will be added/replaced
# in the client's requests.
# -S <size_in_kb>
# Enable transparent handler of ISA AV scanner plugin for files up to size_in_kb KiB.
# -s Do not use threads, serialize all requests - for debugging only.
# -U <uid>
# Run as uid. It is an important security measure not to run as root.
# -u <user>[@<domain]
# Domain/workgroup can be set separately.
# -v Print debugging information.
# -w <workstation>
# Some proxies require correct NetBIOS hostname.
## Type: string
## Default: "" if not set in cntlm.conf
# -l [<saddr>:]<lport>
# Main listening port for the NTLM proxy.

ready Normal file
View File