Metadata-Version: 1.1
Name: Proxy-Negotiate
Version: 0.1.0
Summary: HTTP Negotiate (SPNEGO) proxy authentication support for applications.
Home-page: https://github.com/cour4g3/proxy-negotiate
Author: Michael de Villiers
Author-email: twistedcomplexity@gmail.com
License: MIT
Description: # Proxy-Negotiate
        
        HTTP Negotiate (SPNEGO) proxy authentication support for applications. This
        allows applications that do not support HTTP proxies or do not support HTTP
        proxies with Negotiate authentication to allow them to safely traverse
        corporate firewalls without whitelisting IP addresses or MAC addresses and
        rather relying on secure user authentication. This tool is not intended to
        bypass firewall or proxy restrictions, in fact this tool was designed for better
        corporate security and centralized control.
        
        ## Installation
        
        Install the easy way through PyPi:
        
            pip install proxy-negotiate
        
        Or alternatively download and build yourself:
        
        ```
        git clone https://github.com/cour4g3/proxy-negotiate
        cd proxy-negotiate
        python setup.py install
        ```
        
        ## Usage
        
        On Windows you need to be connected to a domain or alternatively running the MIT
        Kerberos Ticket Manager, on Linux you need to install and setup the MIT or
        Heimdal Kerberos client/workstation tools.
        
        ### nc-negotiate
        
        A netcat-like implementation for use with programs such as SSH; now by simply
        using ProxyCommand, SSH can safely traverse the proxy through an HTTP CONNECT
        TCP tunnel.
        
            nc-negotiate host port [proxy_host] [proxy_port]
        
        Example of usage with `ssh` command line:
        
            ssh -o ProxyCommand="nc-negotiate %h %p" myexternalhost.com
        
        Or in your `~/.ssh/config`:
        
        ```
        Host myexternalhost.com:
            ProxyCommand nc-negotiate %h %p
        ```
        
        ### proxy-negotiate
        
        For applications that support proxies but don't support authentication or don't
        support Negotiate, this acts a pseudo-proxy that applies the correct
        Authorization headers and then passes the connection request on:
        
            proxy-negotiate -d [port] [proxy_host] [proxy_port]
        
        Then set your proxy configuration in your application or alternatively your
        proxy environment variables:
        
            HTTP_PROXY=http://localhost:8080
        
        Now your application will correctly authenticate through the proxy without
        knowing how to. It also means no network passwords floating around in arbitary
        configuration files.
        
        ## Todo
        
        - Better parsing of the `http_proxy` and other proxy environment variables.
        - Implement a fake proxy to modify requests from applications that do not
          support HTTP Negotiate proxy authentication and pass it to the real proxy with
          the correct authentication header.
        - Consider methods to route requests from applications that do not support
          proxies at all.
        
        ## License
        
        Licensed under the MIT License.
        
Platform: any
Classifier: Environment :: Console
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 2.6
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Topic :: Internet :: Proxy Servers
Classifier: Topic :: Security
Classifier: Topic :: System :: Systems Administration :: Authentication/Directory
Classifier: Topic :: Utilities
