Late reply. Urllib2 does not support NTLM proxying but pycurldoes. Excerpt:

迟回复。Urllib2 不支持 NTLM 代理，但pycurl支持。摘抄：

self._connection = pycurl.Curl()
self._connection.setopt(pycurl.PROXY, PROXY_HOST)
self._connection.setopt(pycurl.PROXYPORT, PROXY_PORT)
self._connection.setopt(pycurl.PROXYUSERPWD,
                        "%s:%s" % (PROXY_USER, PROXY_PASS))
...

http://code.google.com/p/python-ntlm/

http://code.google.com/p/python-ntlm/

I never tried with HTTPS but I think it should work.

我从未尝试过 HTTPS，但我认为它应该可以工作。

EDIT: If you are using SSL Tunneling, proxy authentication is a bad idea.

编辑：如果您使用 SSL 隧道，代理身份验证是一个坏主意。

Proxy using Basic Auth over HTTPS is not secure when the SSL is tunneled. Your password will be sent in clear (Base64-encoded) to proxy. Lots of people assumes the password will be encrypted inside SSL. It's not true in this case.

当 SSL 通过隧道时，通过 HTTPS 使用基本身份验证的代理是不安全的。您的密码将以明文（Base64 编码）发送给代理。许多人认为密码将在 SSL 内加密。在这种情况下，事实并非如此。

It's almost impossible to support other encrypted or hashed mechanisms like Digest/NTLM because they all require negotiation (multiple exchanges) and that's not defined in CONNECT protocol. This negotiation happens out of the band of the HTTP connection. It's very hard to implement in proxy/browser also.

支持其他加密或散列机制（如 Digest/NTLM）几乎是不可能的，因为它们都需要协商（多次交换）并且在 CONNECT 协议中没有定义。这种协商发生在 HTTP 连接的带外。在代理/浏览器中也很难实现。

If this is an enterprise proxy, IP ACL is the only secure solution.

如果这是企业代理，IP ACL 是唯一的安全解决方案。

Good recipe (for HTTPS w/proxy) and discussion here, it should be possible to meld that with the python-nltm code @ZZ has already suggested.

好的秘诀（用于 HTTPS 带代理）和这里的讨论，应该可以将其与 @ZZ 已经建议的 python-nltm 代码融合在一起。