Bug 487241

Summary: Review Request: ntlmaps - NTLM Authentication Proxy Service
Product: [Fedora] Fedora Reporter: Matt Domsch <matt_domsch>
Component: Package ReviewAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: dan, fedora, fedora-package-review, notting, rebus, sanne.grinovero, tiagomatos
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-08-18 14:44:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Matt Domsch 2009-02-24 22:34:34 UTC 
Spec URL: http://domsch.com/linux/fedora/ntlmaps/ntlmaps.spec
SRPM URL: http://domsch.com/linux/fedora/ntlmaps/ntlmaps-1.0-1.src.rpm
Description: 
NTLM Authorization Proxy Server is a proxy software that allows you to
authenticate via a Microsoft Proxy Server using the proprietary NTLM
protocol. Since version 0.9.5 APS has an ability to behave as a
standalone proxy server and authenticate http clients at web servers
using NTLM method.


rpmlint output:
2 packages and 0 specfiles checked; 0 errors, 0 warnings.

Note, I am a new upstream maintainer for this very old project.  As such, the current source code is not tagged as version 1.0 yet in the upstream SVN, but I intend to tag it as version 1.0 quite soon, pending any major bugs found over the next few days.  I won't request a Fedora build of the code until I have tagged the upstream as version 1.0, but also wanted to get the review started now.

Thanks,
Matt
Comment 1 Dan HorĂ¡k 2009-08-27 09:01:41 UTC 
few notes before a formal review:
- you can drop the version specification in BR: python-devel, we have 2.x for a long time
- as it is supposed to be run as a service it should have an init script and an own user
- the dos2unix conversion is better done in %prep
Comment 2 Michal Ambroz 2010-05-10 15:03:08 UTC 
(In reply to comment #0)
> intend to tag it as version 1.0 quite soon, pending any major bugs found over
> the next few days.  

Hello Matt,
please do you still intend to issue version 1.0 of ntlmaps?
Best regards
Michal Ambroz
Comment 3 Sanne Grinovero 2010-06-03 06:48:11 UTC 
Hi Matt, are you not maintainig this any more?

This package is very useful; Big enterprises often require this kind of authorization and I would be totally stuck in a windows vm without it.

Please have it integrated in Fedora's repositories; Ubuntu is having it, and provides the required init scripts.

thanks
Sanne
Comment 4 Matt Domsch 2010-08-18 14:44:23 UTC 
I'm now running cntlm instead of ntlmaps where I need to.  I've only been running it for a few days, but it seems to be working well, and as expected.  ntlmaps has been getting threads stuck polling, taking up 100% CPU time, quite frequently.

As such, I would like to close this request, and open a new request to get cntlm included in Fedora instead.
Comment 5 Chris Smart 2010-08-18 22:41:18 UTC 
Thanks for posting that link, Matt. You are right, NTLMAPS can be quite unreliable and a resource hog - but it was better than nothing!

I have tested cntlm too and so far it seems to work *much* more reliably. They provide a 32bit RPM which worked just fine on my 64bit Fedora 13 install.

I agree with Matt, and vote for cntlm over ntlmaps.

However, I wonder whether there might be patent / licensing issues for Red Hat to include this - which is why it never has been before?

-c
Comment 6 Matt Domsch 2010-08-24 15:16:17 UTC 
See the cntlm package review ticket.
https://bugzilla.redhat.com/show_bug.cgi?id=626862