[cntlm] Initial import of cntlm after passing review
Matt Domsch
mdomsch at fedoraproject.org
Wed Sep 1 20:06:33 UTC 2010
commit 8ba2153067b069860adbeb5edf9d3e086fdec1a4
Author: Matt Domsch <Matt_Domsch at dell.com>
Date: Wed Sep 1 15:05:50 2010 -0500
Initial import of cntlm after passing review
.gitignore | 1 +
cntlm-0.35.1-Makefile.patch | 56 ++++++++++++++
cntlm.init | 173 +++++++++++++++++++++++++++++++++++++++++++
cntlm.init.fedora | 109 +++++++++++++++++++++++++++
cntlm.spec | 99 ++++++++++++++++++++++++
cntlm.sysconfig | 15 ++++
sources | 1 +
7 files changed, 454 insertions(+), 0 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index e69de29..b9b98c7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/cntlm-0.35.1.tar.gz
diff --git a/cntlm-0.35.1-Makefile.patch b/cntlm-0.35.1-Makefile.patch
new file mode 100644
index 0000000..e52db0b
--- /dev/null
+++ b/cntlm-0.35.1-Makefile.patch
@@ -0,0 +1,56 @@
+diff -urNp --exclude-from=/home/mdomsch/excludes --minimal cntlm-0.35.1.orig/Makefile cntlm-0.35.1/Makefile
+--- cntlm-0.35.1.orig/Makefile 2007-11-20 18:18:24.000000000 -0600
++++ cntlm-0.35.1/Makefile 2010-08-25 12:24:44.556317839 -0500
+@@ -13,41 +13,34 @@ MANDIR=/usr/local/man
+ #
+ CC=gcc
+ OBJS=utils.o ntlm.o xcrypt.o config.o socket.o acl.o auth.o http.o proxy.o
+-CFLAGS=$(FLAGS) -std=c99 -Wall -pedantic -O3 -D__BSD_VISIBLE -D_ALL_SOURCE -D_XOPEN_SOURCE=600 -D_POSIX_C_SOURCE=200112 -D_ISOC99_SOURCE -D_REENTRANT -DVERSION=\"`cat VERSION`\"
+-LDFLAGS=-lpthread
++MYFLAGS=-std=c99 -pedantic -D__BSD_VISIBLE -D_ALL_SOURCE -D_XOPEN_SOURCE=600 -D_POSIX_C_SOURCE=200112 -D_ISOC99_SOURCE -D_REENTRANT -DVERSION=\"`cat VERSION`\"
++MYLDFLAGS=-lpthread
+ NAME=cntlm
+ VER=`cat VERSION`
+ DIR=`pwd`
+
+ $(NAME): configure-stamp $(OBJS)
+ @echo "Linking $@"
+- @$(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS)
++ $(CC) $(CFLAGS) $(MYCFLAGS) -o $@ $(OBJS) $(LDFLAGS) $(MYLDFLAGS)
+
+ proxy.o: proxy.c
+ @echo "Compiling $<"
+ @if [ -z "$(SYSCONFDIR)" ]; then \
+- $(CC) $(CFLAGS) -c proxy.c -o $@; \
++ $(CC) $(CFLAGS) $(MYFLAGS) -c proxy.c -o $@; \
+ else \
+- $(CC) $(CFLAGS) -DSYSCONFDIR=\"$(SYSCONFDIR)\" -c proxy.c -o $@; \
++ $(CC) $(CFLAGS) $(MYFLAGS) -DSYSCONFDIR=\"$(SYSCONFDIR)\" -c proxy.c -o $@; \
+ fi
+
+ .c.o:
+ @echo "Compiling $<"
+- @$(CC) $(CFLAGS) -c -o $@ $<
++ $(CC) $(CFLAGS) $(MYFLAGS) -c -o $@ $<
+
+ install: $(NAME)
+- # AIX?
+- if [ -f /usr/bin/oslevel ]; then \
+- install -O root -G system -M 755 -S -f $(BINDIR) $(NAME); \
+- install -O root -G system -M 644 -f $(MANDIR)/man1 doc/$(NAME).1; \
+- install -O root -G system -M 600 -c $(SYSCONFDIR) doc/$(NAME).conf; \
+- else \
+- install -D -o root -g root -m 755 -s $(NAME) $(BINDIR)/$(NAME); \
+- install -D -o root -g root -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \
+- [ -f $(SYSCONFDIR)/$(NAME).conf -o -z "$(SYSCONFDIR)" ] \
+- || install -D -o root -g root -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \
+- fi
+- @echo; echo "Cntlm will look for configuration in $(SYSCONFDIR)/$(NAME).conf"
++ install -D -m 755 $(NAME) $(BINDIR)/$(NAME); \
++ install -D -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \
++ [ -f $(SYSCONFDIR)/$(NAME).conf -o -z "$(SYSCONFDIR)" ] \
++ || install -D -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \
++ echo; echo "Cntlm will look for configuration in $(SYSCONFDIR)/$(NAME).conf"
+
+ rpm:
+ if [ `id -u` = 0 ]; then \
diff --git a/cntlm.init b/cntlm.init
new file mode 100644
index 0000000..964fe04
--- /dev/null
+++ b/cntlm.init
@@ -0,0 +1,173 @@
+#!/bin/sh
+#
+# cntlmd: Start/stop the cntlm proxy.
+#
+# chkconfig: - 26 89
+# Description: Cntlm is meant to be given your proxy address and becomming
+# the primary proxy then, listening on a selected local port.
+# You point all your proxy-aware programs to it and don't ever
+# have to deal with proxy authentication again.
+#
+### BEGIN INIT INFO
+# Provides: cntlm
+# Required-Start: $syslog $network $time
+# Required-Stop: $syslog $network $time
+# Short-Description: Authenticating HTTP accelerator for NTLM secured proxies
+# Description: Cntlm is meant to be given your proxy address and becomming
+# the primary proxy then, listening on a selected local port.
+# You point all your proxy-aware programs to it and don't ever
+# have to deal with proxy authentication again.
+### END INIT INFO
+
+# Determining Linux RedHat/SuSE
+#
+# /etc/redhat-release
+# /etc/SuSE-release
+
+SuSE=false
+RedHat=false
+
+if [ -f /etc/SuSE-release ]; then
+ SuSE=true
+elif [ -f /etc/redhat-release ]; then
+ RedHat=true
+else
+ echo "Error: your platform is not supported by $0" > /dev/stderr
+ exit 1
+fi
+
+# Source function library SuSE/RedHat.
+
+if $SuSE; then
+ if [ -f /lib/lsb/init-functions ]; then
+ . /lib/lsb/init-functions
+ else
+ echo "Error: your platform is not supported by $0" > /dev/stderr
+ exit 1
+ fi
+else
+ if [ -f /etc/init.d/functions ]; then
+ . /etc/init.d/functions
+ else
+ echo "Error: your platform is not supported by $0" > /dev/stderr
+ exit 1
+ fi
+fi
+
+[ -r /etc/sysconfig/cntlmd ] && . /etc/sysconfig/cntlmd
+
+# First reset status of this service SuSE/RedHat
+
+if $SuSE; then
+ rc_reset
+else
+ RETVAL=0
+fi
+
+# Return values acc. to LSB for all commands but status:
+# 0 - success
+# 1 - generic or unspecified error
+# 2 - invalid or excess argument(s)
+# 3 - unimplemented feature (e.g. "reload")
+# 4 - insufficient privilege
+# 5 - program is not installed
+# 6 - program is not configured
+# 7 - program is not running
+#
+# Note that starting an already running service, stopping
+# or restarting a not-running service as well as the restart
+# with force-reload (in case signalling is not supported) are
+# considered a success.
+
+# Shell functions sourced from /etc/rc.status only on SuSE Linux:
+# rc_check check and set local and overall rc status
+# rc_status check and set local and overall rc status
+# rc_status -v ditto but be verbose in local rc status
+# rc_status -v -r ditto and clear the local rc status
+# rc_failed set local and overall rc status to failed
+# rc_failed <num> set local and overall rc status to <num><num>
+# rc_reset clear local rc status (overall remains)
+# rc_exit exit appropriate to overall rc status
+
+test -f $DAEMON || exit 5
+
+start() {
+ # Start daemons.
+ echo -n "Starting $DESC: "
+
+ if $SuSE; then
+ startproc -p $PIDFILE $DAEMON $OPTARGS 2>/dev/null
+ rc_status -v
+ else
+ daemon cntlm $OPTARGS 2>/dev/null
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && touch $LOCKFILE
+ return $RETVAL
+ fi
+}
+
+stop() {
+ echo -n "Shutting down $DESC: "
+
+ if $SuSE; then
+ ## Stop daemon with killproc(8) and if this fails
+ ## set echo the echo return value.
+
+ killproc -p $PIDFILE -TERM $DAEMON
+
+ # Remember status and be verbose
+ rc_status -v
+
+ else
+ killproc cntlm
+ RETVAL=$?
+ echo
+ [ $RETVAL -eq 0 ] && rm -f $LOCKFILE
+ return $RETVAL
+ fi
+}
+
+
+# See how we were called.
+case "$1" in
+ start)
+ start
+ ;;
+ stop)
+ stop
+ ;;
+ status)
+ echo -n "Checking for $DESC: "
+
+ if $SuSE; then
+ ## Check status with checkproc(8), if process is running
+ ## checkproc will return with exit status 0.
+
+ # Status has a slightly different for the status command:
+ # 0 - service running
+ # 1 - service dead, but /var/run/ pid file exists
+ # 2 - service dead, but /var/lock/ lock file exists
+ # 3 - service not running
+
+ # NOTE: checkproc returns LSB compliant status values.
+ checkproc -p $PIDFILE $DAEMON
+ rc_status -v
+ else
+ status cntlm
+ fi
+ ;;
+ restart|reload)
+ stop
+ start
+ ;;
+ *)
+ echo $"Usage: $0 {start|stop|restart|status}"
+ exit 1
+esac
+
+if $SuSE; then
+ rc_exit
+else
+ exit $RETVAL
+fi
diff --git a/cntlm.init.fedora b/cntlm.init.fedora
new file mode 100644
index 0000000..f494862
--- /dev/null
+++ b/cntlm.init.fedora
@@ -0,0 +1,109 @@
+#!/bin/sh
+#
+# cntlmd: Start/stop the cntlm proxy.
+#
+# chkconfig: - 26 89
+# description: Cntlm is meant to be given your proxy address and becomming \
+# the primary proxy then, listening on a selected local port. \
+# You point all your proxy-aware programs to it and don't ever \
+# have to deal with proxy authentication again. \
+
+
+### BEGIN INIT INFO
+# Provides: cntlm
+# Required-Start: $syslog $network $time
+# Required-Stop: $syslog $network $time
+# Short-Description: Authenticating HTTP accelerator for NTLM secured proxies
+# Description: Cntlm is meant to be given your proxy address and becomming
+# the primary proxy then, listening on a selected local port.
+# You point all your proxy-aware programs to it and don't ever
+# have to deal with proxy authentication again.
+### END INIT INFO
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+exec="/usr/sbin/cntlm"
+prog="cntlmd"
+config="/etc/cntlm.conf"
+
+[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
+
+lockfile=/var/lock/subsys/$prog
+
+start() {
+ [ -x $exec ] || exit 5
+ [ -f $config ] || exit 6
+ echo -n $"Starting $prog: "
+ daemon $exec -c $config $OPTARGS
+ retval=$?
+ echo
+ [ $retval -eq 0 ] && touch $lockfile
+ return $retval
+}
+
+stop() {
+ echo -n $"Stopping $prog: "
+ killproc -p $PIDFILE $prog
+ retval=$?
+ echo
+ [ $retval -eq 0 ] && rm -f $lockfile
+ return $retval
+}
+
+restart() {
+ stop
+ start
+}
+
+reload() {
+ restart
+}
+
+force_reload() {
+ restart
+}
+
+rh_status() {
+ # run checks to determine if the service is running or use generic
+ status
+ status -p $PIDFILE $prog
+}
+
+rh_status_q() {
+ rh_status >/dev/null 2>&1
+}
+
+
+case "$1" in
+ start)
+ rh_status_q && exit 0
+ $1
+ ;;
+ stop)
+ rh_status_q || exit 0
+ $1
+ ;;
+ restart)
+ $1
+ ;;
+ reload)
+ rh_status_q || exit 7
+ $1
+ ;;
+ force-reload)
+ force_reload
+ ;;
+ status)
+ rh_status
+ ;;
+ condrestart|try-restart)
+ rh_status_q || exit 0
+ restart
+ ;;
+ *)
+ echo $"Usage: $0
+ {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
+ exit 2
+esac
+exit $?
diff --git a/cntlm.spec b/cntlm.spec
new file mode 100644
index 0000000..08c8d8f
--- /dev/null
+++ b/cntlm.spec
@@ -0,0 +1,99 @@
+Summary: Fast NTLM authentication proxy with tunneling
+Name: cntlm
+Version: 0.35.1
+Release: 4%{?dist}
+License: GPLv2+
+Group: System Environment/Daemons
+URL: http://cntlm.sourceforge.net/
+Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
+Source1: cntlm.init
+Source2: cntlm.init.fedora
+Source3: cntlm.sysconfig
+Patch0: cntlm-0.35.1-Makefile.patch
+BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
+Requires(post): chkconfig
+Requires(preun): chkconfig
+Requires(preun): initscripts
+Requires(pre): shadow-utils
+
+%description
+Cntlm is a fast and efficient NTLM proxy, with support for TCP/IP tunneling,
+authenticated connection caching, ACLs, proper daemon logging and behavior
+and much more. It has up to ten times faster responses than similar NTLM
+proxies, while using by orders or magnitude less RAM and CPU. Manual page
+contains detailed information.
+
+%prep
+%setup -q
+%patch0 -p1
+
+%build
+%configure
+make %{?_smp_mflags}
+
+%install
+rm -rf %{buildroot}
+make BINDIR=%{buildroot}%{_sbindir} MANDIR=%{buildroot}%{_mandir} SYSCONFDIR=%{buildroot}%{_sysconfdir} install
+
+install -D -m 0755 %{SOURCE2} %{buildroot}%{_initddir}/cntlmd
+install -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/sysconfig/cntlmd
+mkdir -p -m 0755 %{buildroot}%{_localstatedir}/run/%{name}
+
+%clean
+rm -rf %{buildroot}
+
+%files
+%defattr(-,root,root,-)
+%doc LICENSE README COPYRIGHT
+%{_sbindir}/%{name}
+%{_mandir}/man1/%{name}.1*
+%{_initddir}/cntlmd
+%attr(-,cntlm,cntlm) %{_localstatedir}/run/%{name}
+%config(noreplace) %{_sysconfdir}/%{name}.conf
+%config(noreplace) %{_sysconfdir}/sysconfig/cntlmd
+
+%pre
+getent group %{name} > /dev/null || groupadd -r %{name}
+getent passwd %{name} > /dev/null || \
+ useradd -r -g %{name} -d %{_localstatedir}/run/%{name} -s /sbin/nologin \
+ -c "%{name} daemon" %{name}
+exit 0
+
+%post
+/sbin/chkconfig --add cntlmd
+exit 0
+
+%preun
+if [ $1 = 0 ]; then
+ /sbin/service cntlmd stop > /dev/null 2>&1
+ /sbin/chkconfig --del cntlmd
+fi
+exit 0
+
+%postun
+if [ "$1" -ge "1" ]; then
+ /sbin/service cntlmd condrestart > /dev/null 2>&1 || :
+fi
+exit 0
+
+%changelog
+* Thu Aug 26 2010 Matt Domsch <mdomsch at fedoraproject.org> - 0.35.1-4
+- initscript: use pidfile to killproc
+
+* Wed Aug 25 2010 Matt Domsch <mdomsch at fedoraproject.org> - 0.35.1-3
+- additional fixes per package review
+
+* Tue Aug 24 2010 Matt Domsch <mdomsch at fedoraproject.org> - 0.35.1-2
+- updated spec to match Fedora packaging guidelines
+
+* Fri Jul 27 2007 Radislav Vrnata <vrnata at gedas.cz>
+- added support for SuSE Linux
+
+* Wed Jul 26 2007 Radislav Vrnata <vrnata at gedas.cz>
+- fixed pre, post, preun, postun macros bugs affecting upgrade process
+
+* Mon May 30 2007 Since 0.28 maintained by <dave at awk.cz>
+
+* Mon May 28 2007 Radislav Vrnata <vrnata at gedas.cz>
+- Version 0.27
+- First release
diff --git a/cntlm.sysconfig b/cntlm.sysconfig
new file mode 100644
index 0000000..b6e19b1
--- /dev/null
+++ b/cntlm.sysconfig
@@ -0,0 +1,15 @@
+#
+# DAEMON Location of the binary
+# PIDFILE Make sure that you or, if used, -U uid can create/write it
+# TIMEOUT How long to wait before forcing cntlm to stop with a second
+# signal when active connections are still not finished
+# RUNAS Name or number of the non-privileged account to run as
+#
+
+DAEMON=/usr/sbin/cntlm
+PIDFILE=/var/run/cntlm/cntlmd.pid
+LOCKFILE=/var/lock/subsys/cntlmd
+TIMEOUT=5
+RUNAS=cntlm
+DESC="CNTLM Authentication Proxy"
+OPTARGS="-U $RUNAS -P $PIDFILE"
diff --git a/sources b/sources
index e69de29..dd833dd 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+95c4f76829624db9440795a36c626ebd cntlm-0.35.1.tar.gz
More information about the scm-commits
mailing list