[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-5346-g7253d96

Karolin Seeger kseeger at samba.org
Wed Sep 2 02:43:13 MDT 2009 

The branch, v3-3-test has been updated
       via  7253d96fc205717d9fed973bbcad2884ce656fd9 (commit)
      from  983c6f22f411aab2488fe41b5b06174c55108868 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test


- Log -----------------------------------------------------------------
commit 7253d96fc205717d9fed973bbcad2884ce656fd9
Author: Günther Deschner <gd at samba.org>
Date:   Tue Sep 1 11:58:05 2009 +0200

    wbclient: Fix Bug #6680: always activate handling of large (> 256 byte) ntlmv2 blobs in wbcAuthenticateUserEx().
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source/nsswitch/libwbclient/wbc_pam.c |   19 +++++++++++++++----
 1 files changed, 15 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/nsswitch/libwbclient/wbc_pam.c b/source/nsswitch/libwbclient/wbc_pam.c
index 401d2ad..3f44681 100644
--- a/source/nsswitch/libwbclient/wbc_pam.c
+++ b/source/nsswitch/libwbclient/wbc_pam.c
@@ -439,15 +439,24 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params,
 		request.data.auth_crap.lm_resp_len =
 				MIN(params->password.response.lm_length,
 				    sizeof(request.data.auth_crap.lm_resp));
-		request.data.auth_crap.nt_resp_len =
-				MIN(params->password.response.nt_length,
-				    sizeof(request.data.auth_crap.nt_resp));
 		if (params->password.response.lm_data) {
 			memcpy(request.data.auth_crap.lm_resp,
 			       params->password.response.lm_data,
 			       request.data.auth_crap.lm_resp_len);
 		}
-		if (params->password.response.nt_data) {
+		request.data.auth_crap.nt_resp_len = params->password.response.nt_length;
+		if (params->password.response.nt_length > sizeof(request.data.auth_crap.nt_resp)) {
+			request.flags |= WBFLAG_BIG_NTLMV2_BLOB;
+			request.extra_len = params->password.response.nt_length;
+			request.extra_data.data = talloc_zero_array(NULL, char, request.extra_len);
+			if (request.extra_data.data == NULL) {
+				wbc_status = WBC_ERR_NO_MEMORY;
+				BAIL_ON_WBC_ERROR(wbc_status);
+			}
+			memcpy(request.extra_data.data,
+			       params->password.response.nt_data,
+			       request.data.auth_crap.nt_resp_len);
+		} else if (params->password.response.nt_data) {
 			memcpy(request.data.auth_crap.nt_resp,
 			       params->password.response.nt_data,
 			       request.data.auth_crap.nt_resp_len);
@@ -493,6 +502,8 @@ done:
 	if (response.extra_data.data)
 		free(response.extra_data.data);
 
+	talloc_free(request.extra_data.data);
+
 	return wbc_status;
 }
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list