add ntlm (MS) proxy support (wishlist)

Feisty is not supported anymore.

Contrary to the subject, this is not feisty specific.

If your must close this bug, please unlink mine ( 137800 ) as a dupe.

Thanks
Chad

Could you update the Bug summary/description then?

This was the description from my bug marked as a dupe Bug #137800

Binary package hint: apt

Please add NTLM (MS) proxy support to apt.

Currently the Acquire::http::Proxy parameter is incompatible with the domain\username syntax.

That proxy I used as a test was MS ISA I get the following with all attempts:
 "( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy service is denied. )"

See also:
 https://lists.ubuntu.com/archives/ubuntu-us-pa/2007-September/000262.html

I just tested with:

apt/intrepid uptodate 0.7.14ubuntu6

W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/intrepid/main/binary-i386/Packages.gz 407 Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. ) [IP: X 8080]

Hi.
Same problem with 8.04.1.
i'm using an Isa server proxy.
I installed ntlmaps and it's good for Firefox, but i'm not able to apt-get update by Update manager. I entered all the informations (proxy, port (8080), userid, password) in Synaptics Packages Manager but it doesn't work.
I receive a 407 proxy.......
All is fine if i use a Squid proxy (with userid+password+port 8080)

Best regards.

Hi, this bug prevents me from using ubuntu/debian from my workplace where my employer uses a NTLM proxy authentication to reach the internet, I had the same problem with fedora and its yum package manager, in fedora they use curl to download http requests so adding NTLM support was just a one-liner patch, see:

https://bugzilla.redhat.com/show_bug.cgi?id=769254#c3

whereas in debian/ubuntu apt-get uses a custom c++ implementation of http protocol[1] so adding NTLM proxy authentication support is a non trivial issue, on the other hand apt uses libcurl for https requests[2] so I will send the one-liner patch to support it.

The solution for this bug would be:

- Port http download code to libcurl, same way https code is already using it.
- As a workaround till prior step is done the ntlmaps package[3] should be included by default in debian/ubuntu so any user behind a NTLM authenticated proxy can *use* apt-get to install/update any package.

[1] http://anonscm.debian.org/loggerhead/apt/debian-sid/annotate/head:/methods/http.cc

[2] http://anonscm.debian.org/loggerhead/apt/debian-sid/annotate/head:/methods/https.cc

[3] http://packages.ubuntu.com/feisty/web/ntlmaps

Thanks,

As mentioned in my above comment, because apt uses libcurl for accessing https urls, we can easily have support for NTLM and several other proxy authentication methods [1] thanks to libcurl.

It is a pity that the http code in contrast does not use libcurl.

[1] http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTHTTPAUTH

The attachment "Fix NTLM proxy authentication for https destination urls" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-reviewers team please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

We will not add support for NTLM proxies in APT.