ntlm_auth: Add --offline-logon

Signed-off-by: Wolfgang Ocker <weo@recco.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Sat Dec  5 01:24:56 CET 2015 on sn-devel-104

diff --git a/docs-xml/manpages/ntlm_auth.1.xml b/docs-xml/manpages/ntlm_auth.1.xml
index 97477af378fdc2baea0a877f3740509a5eea2d8c..3dfcc03c7b239fee836ac37a643afad1d427dcea 100644 (file)
--- a/docs-xml/manpages/ntlm_auth.1.xml
+++ b/docs-xml/manpages/ntlm_auth.1.xml
@@ -380,6 +380,12 @@
        <listitem><para>Whether to use credentials cached by winbindd.</para></listitem>
        </varlistentry>
 
+       <varlistentry>
+       <term>--offline-logon</term>
+       <listitem><para>Allow offline logons for plain text auth.
+       </para></listitem>
+       </varlistentry>
+
        <varlistentry>
        <term>--configfile=&lt;configuration file&gt;</term>
        <listitem><para>The file specified contains the

diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index a5fd249784e6054f002ea3644f62434ff66ea24e..4878aa15cd02ae0d8241c02b0c4fca09322b6ecf 100644 (file)
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -166,6 +166,7 @@ static DATA_BLOB opt_nt_response;
 static int request_lm_key;
 static int request_user_session_key;
 static int use_cached_creds;
+static int offline_logon;
 
 static const char *require_membership_of;
 static const char *require_membership_of_sid;
@@ -463,6 +464,10 @@ static bool check_plaintext_auth(const char *user, const char *pass,
                        sizeof(request.data.auth.require_membership_of_sid));
        }
 
+       if (offline_logon) {
+               request.flags |= WBFLAG_PAM_CACHED_LOGIN;
+       }
+
        result = winbindd_request_response(NULL, WINBINDD_PAM_AUTH, &request, &response);
 
        /* Display response */
@@ -2713,7 +2718,8 @@ enum {
        OPT_USE_CACHED_CREDS,
        OPT_PAM_WINBIND_CONF,
        OPT_TARGET_SERVICE,
-       OPT_TARGET_HOSTNAME
+       OPT_TARGET_HOSTNAME,
+       OPT_OFFLINE_LOGON
 };
 
  int main(int argc, const char **argv)
@@ -2750,6 +2756,9 @@ enum {
                { "request-lm-key", 0, POPT_ARG_NONE, &request_lm_key, OPT_LM_KEY, "Retrieve LM session key"},
                { "request-nt-key", 0, POPT_ARG_NONE, &request_user_session_key, OPT_USER_SESSION_KEY, "Retrieve User (NT) session key"},
                { "use-cached-creds", 0, POPT_ARG_NONE, &use_cached_creds, OPT_USE_CACHED_CREDS, "Use cached credentials if no password is given"},
+               { "offline-logon", 0, POPT_ARG_NONE, &offline_logon,
+                 OPT_OFFLINE_LOGON,
+                 "Use cached passwords when DC is offline"},
                { "diagnostics", 0, POPT_ARG_NONE, &diagnostics,
                  OPT_DIAGNOSTICS,
                  "Perform diagnostics on the authentication chain"},