[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Wed May 12 21:20:01 UTC 2021


The branch, master has been updated
       via  2b9a1feae73 lib:util: Fix return value of tdb_fetch_uint32_byblob()
       via  b7ac9486452 s3:winbind: Code cleanup for initialize_winbindd_cache()
       via  1d5c546c8ea s3:winbind: Remove global variable for winbindd_offline_state
       via  8c5e94173e4 autobuild: Add ad_member_offline_logon
       via  08434e413fa testprogs: Add test for offline logon support
       via  763e0323546 selftest: Set winbind offline in ad_member_offline_logon target
       via  eef192b10e4 selftest: Add skip_wait to check_or_start
       via  a04a5885745 selftest: Turn on offline logon for ad_member_offline_logon
       via  6219eb52a24 selftest: Add ad_member_offline_logon env
       via  fbe68dcbb78 selftest: Pass down the machine account name to provision_ad_member
       via  79b848fe592 selftest: Also add SERVER_LOG_LEVEL support for s3 targets
       via  401ae83d5e6 s3: lib: If we're reporting getaddrinfo fail, print the name we were looking up in the same debug.
      from  4d54b602bde printing: Avoid a few references to background_lpq_updater_pid

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 2b9a1feae7364a294b024dbeaf6a0202bbad468a
Author: Andreas Schneider <asn at samba.org>
Date:   Tue May 11 11:31:33 2021 +0200

    lib:util: Fix return value of tdb_fetch_uint32_byblob()
    
    The initialize_winbindd_cache() function uses tdb_fetch_uint32_byblob()
    to check if the cache version is valid and up to date. As
    tdb_fetch_uint32_byblob() returns false for a successful fetch, we
    always remove the winbind cache database. This breaks the winbind
    offline logon feature.
    
    This also affects other caches and pdb.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=14702
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Wed May 12 21:19:03 UTC 2021 on sn-devel-184

commit b7ac9486452eb3f0d352b60def097e6aedccaee6
Author: Andreas Schneider <asn at samba.org>
Date:   Tue May 11 11:34:40 2021 +0200

    s3:winbind: Code cleanup for initialize_winbindd_cache()
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 1d5c546c8ea44798acd306a180c6dfddf9a8c816
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 10 17:55:13 2021 +0200

    s3:winbind: Remove global variable for winbindd_offline_state
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 8c5e94173e45edf5fcefea9aa82223dd52f60ddd
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 10 13:08:21 2021 +0200

    autobuild: Add ad_member_offline_logon
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 08434e413faaa142b9f9fb1f1b75822249fb81a9
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 10 12:52:18 2021 +0200

    testprogs: Add test for offline logon support
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 763e03235462adbe29edd92339e7a11b5a008556
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 10 10:40:31 2021 +0200

    selftest: Set winbind offline in ad_member_offline_logon target
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit eef192b10e4f07ed912286d94ceb1b119659dc68
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 10 16:37:16 2021 +0200

    selftest: Add skip_wait to check_or_start
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit a04a5885745533127c8eb36265f1eb664ab276a1
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 10 10:40:27 2021 +0200

    selftest: Turn on offline logon for ad_member_offline_logon
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 6219eb52a24d04cd03a0f1b66a26677c81a44fb9
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 10 10:37:11 2021 +0200

    selftest: Add ad_member_offline_logon env
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit fbe68dcbb783409589cdefd8ee551c9971c51f08
Author: Andreas Schneider <asn at samba.org>
Date:   Tue May 11 17:59:51 2021 +0200

    selftest: Pass down the machine account name to provision_ad_member
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 79b848fe592036a290941e5a7d44f355dd274fff
Author: Andreas Schneider <asn at samba.org>
Date:   Mon May 10 12:32:51 2021 +0200

    selftest: Also add SERVER_LOG_LEVEL support for s3 targets
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>

commit 401ae83d5e67571a134a8a855597c04ba206d746
Author: Richard Sharpe <realrichardsharpe at gmail.com>
Date:   Wed May 12 11:46:24 2021 -0700

    s3: lib: If we're reporting getaddrinfo fail, print the name we were looking up in the same debug.
    
    Signed-off-by: Richard Sharpe <realrichardsharpe at gmail.com>
    Reviewed-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 lib/util/util_tdb.c                      |   7 +-
 script/autobuild.py                      |   2 +
 selftest/target/Samba.pm                 |   2 +
 selftest/target/Samba3.pm                | 174 +++++++++++++++++++++++++++++--
 source3/lib/util.c                       |   5 +-
 source3/winbindd/winbindd_cache.c        |  82 ++++++++-------
 source4/selftest/tests.py                |  10 ++
 testprogs/blackbox/test_offline_logon.sh |  43 ++++++++
 8 files changed, 275 insertions(+), 50 deletions(-)
 create mode 100755 testprogs/blackbox/test_offline_logon.sh


Changeset truncated at 500 lines:

diff --git a/lib/util/util_tdb.c b/lib/util/util_tdb.c
index 70eeceff391..b00b5039ec1 100644
--- a/lib/util/util_tdb.c
+++ b/lib/util/util_tdb.c
@@ -203,7 +203,12 @@ static bool tdb_fetch_uint32_byblob(struct tdb_context *tdb, TDB_DATA key,
 				    uint32_t *value)
 {
 	int ret = tdb_parse_record(tdb, key, fetch_uint32_parser, value);
-	return ret;
+
+	if (ret == -1) {
+		return false;
+	}
+
+	return true;
 }
 
 /****************************************************************************
diff --git a/script/autobuild.py b/script/autobuild.py
index 6eb8c4124e8..aa968d842bd 100755
--- a/script/autobuild.py
+++ b/script/autobuild.py
@@ -441,6 +441,7 @@ tasks = {
             "ad_member_idmap_rid",
             "ad_member_idmap_ad",
             "ad_member_rfc2307",
+            "ad_member_offline_logon",
             ])),
             ("lcov", LCOV_CMD),
             ("check-clean-tree", CLEAN_SOURCE_TREE_CMD),
@@ -644,6 +645,7 @@ tasks = {
             "ad_member_idmap_rid",
             "ad_member_idmap_ad",
             "ad_member_rfc2307",
+            "ad_member_offline_logon",
             ])),
             ("lcov", LCOV_CMD),
             ("check-clean-tree", CLEAN_SOURCE_TREE_CMD),
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index 5a7efa9c280..c9104aa350e 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -588,6 +588,8 @@ sub get_interface($)
 		addcsmb1	  => 54,
 		lclnt4dc2smb1	  => 55,
 		fipsdc            => 56,
+		fipsadmember      => 57,
+		offlineadmem      => 58,
 
 		rootdnsforwarder  => 64,
 
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 410b0458a4d..69e7ff7d826 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -238,6 +238,7 @@ sub check_env($$)
 	ad_member_idmap_rid => ["ad_dc"],
 	ad_member_idmap_ad  => ["fl2008r2dc"],
 	ad_member_fips      => ["ad_dc_fips"],
+	ad_member_offline_logon => ["ad_dc"],
 
 	clusteredmember => ["nt4_dc"],
 );
@@ -646,10 +647,12 @@ sub provision_ad_member
 {
 	my ($self,
 	    $prefix,
+	    $machine_account,
 	    $dcvars,
 	    $trustvars_f,
 	    $trustvars_e,
-	    $force_fips_mode) = @_;
+	    $force_fips_mode,
+	    $offline_logon) = @_;
 
 	my $prefix_abs = abs_path($prefix);
 	my @dirs = ();
@@ -681,6 +684,11 @@ sub provision_ad_member
 	$substitution_path = "$share_dir/D_$dcvars->{DOMAIN}/u_$dcvars->{DOMAIN}/alice/g_$dcvars->{DOMAIN}/domain users";
 	push(@dirs, $substitution_path);
 
+	my $option_offline_logon = "no";
+	if (defined($offline_logon)) {
+		$option_offline_logon = "yes";
+	}
+
 	my $member_options = "
 	security = ads
         workgroup = $dcvars->{DOMAIN}
@@ -691,6 +699,7 @@ sub provision_ad_member
 	password server = $dcvars->{SERVER}
 	winbind scan trusted domains = no
 	winbind use krb5 enterprise principals = yes
+	winbind offline logon = $option_offline_logon
 
 	allow dcerpc auth level connect:lsarpc = yes
 	dcesrv:max auth states = 8
@@ -758,7 +767,7 @@ sub provision_ad_member
 	    prefix => $prefix,
 	    domain => $dcvars->{DOMAIN},
 	    realm => $dcvars->{REALM},
-	    server => "LOCALADMEMBER",
+	    server => $machine_account,
 	    password => "loCalMemberPass",
 	    extra_options => $member_options,
 	    resolv_conf => $dcvars->{RESOLV_CONF});
@@ -819,12 +828,122 @@ sub provision_ad_member
 	# access the share for tests.
 	chmod 0777, "$prefix/share";
 
-	if (not $self->check_or_start(
-		env_vars => $ret,
-		nmbd => "yes",
-		winbindd => "yes",
-		smbd => "yes")) {
-		return undef;
+	if (defined($offline_logon)) {
+		my $wbinfo = Samba::bindir_path($self, "wbinfo");
+
+		if (not $self->check_or_start(
+			env_vars => $ret,
+			winbindd => "yes")) {
+			return undef;
+		}
+
+		# Fill samlogoncache for alice
+		$cmd = "NSS_WRAPPER_PASSWD='$ret->{NSS_WRAPPER_PASSWD}' ";
+		$cmd .= "NSS_WRAPPER_GROUP='$ret->{NSS_WRAPPER_GROUP}' ";
+		$cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+		$cmd .= "$wbinfo --pam-logon=ADDOMAIN/alice%Secret007";
+		if (system($cmd) != 0) {
+			warn("Filling the cache failed\n$cmd");
+			return undef;
+		}
+
+		$cmd = "NSS_WRAPPER_PASSWD='$ret->{NSS_WRAPPER_PASSWD}' ";
+		$cmd .= "NSS_WRAPPER_GROUP='$ret->{NSS_WRAPPER_GROUP}' ";
+		$cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+		$cmd .= "$wbinfo --ccache-save=ADDOMAIN/alice%Secret007";
+		if (system($cmd) != 0) {
+			warn("Filling the cache failed\n$cmd");
+			return undef;
+		}
+
+		# Fill samlogoncache for bob
+		$cmd = "NSS_WRAPPER_PASSWD='$ret->{NSS_WRAPPER_PASSWD}' ";
+		$cmd .= "NSS_WRAPPER_GROUP='$ret->{NSS_WRAPPER_GROUP}' ";
+		$cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+		$cmd .= "$wbinfo --pam-logon=ADDOMAIN/bob%Secret007";
+		if (system($cmd) != 0) {
+			warn("Filling the cache failed\n$cmd");
+			return undef;
+		}
+
+		$cmd = "NSS_WRAPPER_PASSWD='$ret->{NSS_WRAPPER_PASSWD}' ";
+		$cmd .= "NSS_WRAPPER_GROUP='$ret->{NSS_WRAPPER_GROUP}' ";
+		$cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+		$cmd .= "$wbinfo --ccache-save=ADDOMAIN/bob%Secret007";
+		if (system($cmd) != 0) {
+			warn("Filling the cache failed\n$cmd");
+			return undef;
+		}
+
+		# Set windindd offline
+		my $smbcontrol = Samba::bindir_path($self, "smbcontrol");
+		$cmd = "NSS_WRAPPER_PASSWD='$ret->{NSS_WRAPPER_PASSWD}' ";
+		$cmd .= "NSS_WRAPPER_GROUP='$ret->{NSS_WRAPPER_GROUP}' ";
+		$cmd .= "UID_WRAPPER_ROOT='1' ";
+		$cmd .= "$smbcontrol $ret->{CONFIGURATION} winbindd offline";
+		if (system($cmd) != 0) {
+			warn("Setting winbindd offline failed\n$cmd");
+			return undef;
+		}
+
+		# Validate the offline cache
+		my $smbcontrol = Samba::bindir_path($self, "smbcontrol");
+		$cmd = "NSS_WRAPPER_PASSWD='$ret->{NSS_WRAPPER_PASSWD}' ";
+		$cmd .= "NSS_WRAPPER_GROUP='$ret->{NSS_WRAPPER_GROUP}' ";
+		$cmd .= "UID_WRAPPER_ROOT='1' ";
+		$cmd .= "$smbcontrol $ret->{CONFIGURATION} winbindd validate-cache";
+		if (system($cmd) != 0) {
+			warn("Validation of winbind credential cache failed\n$cmd");
+			teardown_env($self, $ret);
+			return undef;
+		}
+
+		# Shut down winbindd
+		teardown_env($self, $ret);
+
+		### Change SOCKET_WRAPPER_DIR so it can't connect to AD
+		my $swrap_env = $ENV{SOCKET_WRAPPER_DIR};
+		$ENV{SOCKET_WRAPPER_DIR} = "$prefix_abs";
+
+		# Start winbindd in offline mode
+		if (not $self->check_or_start(
+			env_vars => $ret,
+			winbindd => "yes",
+			skip_wait => 1)) {
+			return undef;
+		}
+
+		# Set socket dir again
+		$ENV{SOCKET_WRAPPER_DIR} = $swrap_env;
+
+		print "checking for winbindd\n";
+		my $count = 0;
+		my $rc = 0;
+		$cmd = "NSS_WRAPPER_PASSWD='$ret->{NSS_WRAPPER_PASSWD}' ";
+		$cmd .= "NSS_WRAPPER_GROUP='$ret->{NSS_WRAPPER_GROUP}' ";
+		$cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+		$cmd .= "$wbinfo --ping";
+
+		do {
+			$rc = system($cmd);
+			if ($rc != 0) {
+				sleep(1);
+			}
+			$count++;
+		} while ($rc != 0 && $count < 20);
+		if ($count == 20) {
+			print "WINBINDD not reachable after 20 seconds\n";
+			teardown_env($self, $ret);
+			return undef;
+		}
+	} else {
+		if (not $self->check_or_start(
+			env_vars => $ret,
+			nmbd => "yes",
+			winbindd => "yes",
+			smbd => "yes")) {
+			return undef;
+		}
 	}
 
 	$ret->{DC_SERVER} = $dcvars->{SERVER};
@@ -873,7 +992,11 @@ sub setup_ad_member
 
 	print "PROVISIONING AD MEMBER...";
 
-	return $self->provision_ad_member($prefix, $dcvars, $trustvars_f, $trustvars_e);
+	return $self->provision_ad_member($prefix,
+					  "LOCALADMEMBER",
+					  $dcvars,
+					  $trustvars_f,
+					  $trustvars_e);
 }
 
 sub setup_ad_member_rfc2307
@@ -1199,9 +1322,34 @@ sub setup_ad_member_fips
 	print "PROVISIONING AD FIPS MEMBER...";
 
 	return $self->provision_ad_member($prefix,
+					  "FIPSADMEMBER",
+					  $dcvars,
+					  $trustvars_f,
+					  $trustvars_e,
+					  1);
+}
+
+sub setup_ad_member_offline_logon
+{
+	my ($self,
+	    $prefix,
+	    $dcvars,
+	    $trustvars_f,
+	    $trustvars_e) = @_;
+
+	# If we didn't build with ADS, pretend this env was never available
+	if (not $self->have_ads()) {
+	        return "UNKNOWN";
+	}
+
+	print "PROVISIONING AD MEMBER OFFLINE LOGON...";
+
+	return $self->provision_ad_member($prefix,
+					  "OFFLINEADMEM",
 					  $dcvars,
 					  $trustvars_f,
 					  $trustvars_e,
+					  undef,
 					  1);
 }
 
@@ -1859,6 +2007,7 @@ sub check_or_start($$) {
 	my $winbindd = $args{winbindd} // "no";
 	my $smbd = $args{smbd} // "no";
 	my $child_cleanup = $args{child_cleanup};
+	my $skip_wait = $args{skip_wait} // 0;
 
 	my $STDIN_READER;
 
@@ -1943,6 +2092,10 @@ sub check_or_start($$) {
 	# close the parent's read-end of the pipe
 	close($STDIN_READER);
 
+	if ($skip_wait) {
+		return 1;
+	}
+
 	return $self->wait_for_start($env_vars, $nmbd, $winbindd, $smbd);
 }
 
@@ -1980,6 +2133,7 @@ sub provision($$)
 	my $resolv_conf = $args{resolv_conf};
 	my $no_delete_prefix= $args{no_delete_prefix};
 	my $netbios_name = $args{netbios_name} // $server;
+	my $server_log_level = $ENV{SERVER_LOG_LEVEL} || 1;
 
 	##
 	## setup the various environment variables we need
@@ -2287,7 +2441,7 @@ sub provision($$)
 	pid directory = $piddir
 	lock directory = $lockdir
 	log file = $logdir/log.\%m
-	log level = 1
+	log level = $server_log_level
 	debug pid = yes
         max log size = 0
 
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 1a0bc5003cd..7d9af875a74 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -1549,8 +1549,9 @@ bool name_to_fqdn(fstring fqdn, const char *name)
 
 	s = getaddrinfo(name, NULL, &hints, &result);
 	if (s != 0) {
-		DEBUG(1, ("getaddrinfo: %s\n", gai_strerror(s)));
-		DEBUG(10,("name_to_fqdn: lookup for %s failed.\n", name));
+		DBG_WARNING("getaddrinfo lookup for %s failed: %s\n",
+			name,
+			gai_strerror(s));
 		fstrcpy(fqdn, name);
 		return false;
 	}
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index 4a366ee6ff8..01bf94855c0 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -95,12 +95,6 @@ static bool is_non_centry_key(TDB_DATA kbuf)
 	return false;
 }
 
-/* Global online/offline state - False when online. winbindd starts up online
-   and sets this to true if the first query fails and there's an entry in
-   the cache tdb telling us to stay offline. */
-
-static bool global_winbindd_offline_state;
-
 struct winbind_cache {
 	TDB_CONTEXT *tdb;
 };
@@ -575,7 +569,7 @@ done:
 static bool centry_expired(struct winbindd_domain *domain, const char *keystr, struct cache_entry *centry)
 {
 	/* If we've been told to be offline - stay in that state... */
-	if (lp_winbind_offline_logon() && global_winbindd_offline_state) {
+	if (lp_winbind_offline_logon() && get_global_winbindd_state_offline()) {
 		DEBUG(10,("centry_expired: Key %s for domain %s valid as winbindd is globally offline.\n",
 			keystr, domain->name ));
 		return false;
@@ -3063,8 +3057,9 @@ static bool init_wcache(void)
 
 bool initialize_winbindd_cache(void)
 {
-	bool cache_bad = true;
-	uint32_t vers;
+	bool cache_bad = false;
+	uint32_t vers = 0;
+	bool ok;
 
 	if (!init_wcache()) {
 		DEBUG(0,("initialize_winbindd_cache: init_wcache failed.\n"));
@@ -3072,9 +3067,16 @@ bool initialize_winbindd_cache(void)
 	}
 
 	/* Check version number. */
-	if (tdb_fetch_uint32(wcache->tdb, WINBINDD_CACHE_VERSION_KEYSTR, &vers) &&
-			vers == WINBINDD_CACHE_VERSION) {
-		cache_bad = false;
+	ok = tdb_fetch_uint32(wcache->tdb, WINBINDD_CACHE_VERSION_KEYSTR, &vers);
+	if (!ok) {
+		DBG_DEBUG("Failed to get cache version\n");
+		cache_bad = true;
+	}
+	if (vers != WINBINDD_CACHE_VERSION) {
+		DBG_DEBUG("Invalid cache version %u != %u\n",
+			  vers,
+			  WINBINDD_CACHE_VERSION);
+		cache_bad = true;
 	}
 
 	if (cache_bad) {
@@ -3420,40 +3422,43 @@ done:
 /* Change the global online/offline state. */
 bool set_global_winbindd_state_offline(void)
 {
-	TDB_DATA data;
-
-	DEBUG(10,("set_global_winbindd_state_offline: offline requested.\n"));
+	bool ok;
+	uint8_t buf[4] = {0};
+	TDB_DATA data = {
+		.dptr = buf,
+		.dsize = sizeof(buf)
+	};
+	int rc;
 
-	/* Only go offline if someone has created
-	   the key "WINBINDD_OFFLINE" in the cache tdb. */
+	DBG_ERR("Offline requested\n");
 
 	if (wcache == NULL || wcache->tdb == NULL) {
-		DEBUG(10,("set_global_winbindd_state_offline: wcache not open yet.\n"));
+		DBG_ERR("Winbind cache doesn't exist yet\n");
 		return false;
 	}
 
 	if (!lp_winbind_offline_logon()) {
-		DEBUG(10,("set_global_winbindd_state_offline: rejecting.\n"));
+		DBG_ERR("Rejecting to set winbind offline\n");
 		return false;
 	}
 
-	if (global_winbindd_offline_state) {
-		/* Already offline. */
+	ok = get_global_winbindd_state_offline();
+	if (ok) {
 		return true;
 	}
 
-	data = tdb_fetch_bystring( wcache->tdb, "WINBINDD_OFFLINE" );
+	PUSH_LE_U32(buf, 0, time(NULL));
 
-	if (!data.dptr || data.dsize != 4) {
-		DEBUG(10,("set_global_winbindd_state_offline: offline state not set.\n"));
-		SAFE_FREE(data.dptr);
+	rc = tdb_store_bystring(wcache->tdb,
+				"WINBINDD_OFFLINE",
+				data,
+				TDB_INSERT);
+	if (rc != 0) {
 		return false;
-	} else {
-		DEBUG(10,("set_global_winbindd_state_offline: offline state set.\n"));
-		global_winbindd_offline_state = true;
-		SAFE_FREE(data.dptr);
-		return true;
 	}
+
+	return true;
+
 }
 
 void set_global_winbindd_state_online(void)
@@ -3465,12 +3470,6 @@ void set_global_winbindd_state_online(void)
 		return;
 	}
 
-	if (!global_winbindd_offline_state) {
-		/* Already online. */
-		return;
-	}
-	global_winbindd_offline_state = false;
-
 	if (!wcache->tdb) {
 		return;
 	}
@@ -3481,7 +3480,16 @@ void set_global_winbindd_state_online(void)
 
 bool get_global_winbindd_state_offline(void)
 {
-	return global_winbindd_offline_state;
+	TDB_DATA data;
+
+	data = tdb_fetch_bystring(wcache->tdb, "WINBINDD_OFFLINE");
+	if (data.dptr == NULL || data.dsize != 4) {
+		DBG_DEBUG("Offline state not set.\n");
+		SAFE_FREE(data.dptr);
+		return false;
+	}
+
+	return true;
 }
 
 /***********************************************************************
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index cdaced0e1c1..f686754fa53 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -1348,6 +1348,16 @@ planoldpythontestsuite("chgdcpass:local", "samba.tests.blackbox.samba_dnsupdate"
 for env in ["ad_dc_ntvfs", "s4member", "rodc", "promoted_dc", "ad_dc", "ad_member"]:
     plantestsuite("samba.blackbox.wbinfo(%s:local)" % env, "%s:local" % env, [os.path.join(samba4srcdir, "../nsswitch/tests/test_wbinfo.sh"), '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', env])
 
+# Offline logon (ad_member)
+plantestsuite("samba.blackbox.offline_logon",
+              "ad_member_offline_logon",
+              [os.path.join(bbdir, "test_offline_logon.sh"),
+               '$DOMAIN',
+               'alice', 'Secret007',


-- 
Samba Shared Repository



More information about the samba-cvs mailing list