YesProxy to complement NoProxy
Brought to you by:
mavey
Menu
▾
▴
#41 YesProxy to complement NoProxy
This is a feature request, but I have already implemented the feature in my own copy of cntlm. I have attach the patch file containing the changes relative to the source code of version 0.92.1.
The feature is the addition of a YesProxy configuration option to complement the existing NoProxy support. NoProxy allows us the specify sites which should not be proxied. Typically all other sites are proxied. The purpose of YesProxy is the reverse. In my use case I set NoProxy to prevent cntlm from proxying anything, but I have YesProxy set to veto the decision for specific sites.
Thus a site is proxied if it is not excluded by NoProxy, or if it is specifically selected by YesProxy. I think this broadens the use cases for cntlm somewhat. In our case, user internet browsers negotiate through a Microsoft proxy, but many open source tools could not get through. Users could run cntlm on their local machines, but they would then have to learn how to configure it. I implemented this change so that I could set up a second cntlm proxy that handles proxy authentication for specific sites accessed by free and open source tools, such as the MikTeX package manager. You may think of similar scenarios of use.
The changes to the code are not very substantial. I have tested the changed code in my environment and have found no problems. Feel free to vett my changes and incorporate them into future versions of cntlm.
Best regards,
Kevin
Patch file to add YesProxy support to version 0.92.1 of cntlm
This calls for a better solution. For example a way to specify whether deny (NoProxy) or allow (YesProxy) take precedence. Just like in Apache. You have Allow from..., Deny from..., but then you must use "Order deny, allow".
This is on the backburner for now, though, because I have some pressing issues before releasing 0.93. Many users are testing the new 0.93beta's and that's my focus now.
I make patch for this feature too. I dont see "YesProxy" patch. In my patch this feature is named "ProxyFor".
I think CNTLM no need "Order" declaration.
Default for CNTLM is "YesProxy", is implicit,
"NoProxy" is for exception for implicit "YesProxy" declaration.
"YesProxy/ProxyFor" is for exception for "NoProxy" feature. No needs for "Order" feature.
Ex.:
NoProxy *.test.com
ProxyFor local1.test.com, local2.test.com
"ProxyFor" takes precedence over the "NoProxy", no needs "order" declaration.
ProxyFor local1.test.com, local2.test.com
NoProxy *.test.com
This declaration takes equal effect in my patch, no needs for "order" declaration, I think.
Feature request will be accepted.