[PATCH 1/2] nsswitch: extend require_membership_of buffer
Andrew Bartlett
abartlet at samba.org
Tue Apr 30 18:01:52 MDT 2013
On Wed, 2013-05-01 at 01:07 +0200, David Disseldorp wrote:
> The pam_winbind require_membership_of option allows for a list of SID,
> but currently only provides buffer space for ~20.
> This patch is from Paul Zirnik <paul.zirnik at suse.com>.
>
> Signed-off-by: David Disseldorp <ddiss at samba.org>
> ---
> nsswitch/pam_winbind.c | 2 +-
> nsswitch/winbind_struct_protocol.h | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
> index 9f85556..ae986b1 100644
> --- a/nsswitch/pam_winbind.c
> +++ b/nsswitch/pam_winbind.c
> @@ -1645,7 +1645,7 @@ static int winbind_auth_request(struct pwb_context *ctx,
> wbcErr wbc_status;
>
> struct wbcLogonUserParams logon;
> - char membership_of[1024];
> + char membership_of[2048];
> uid_t user_uid = -1;
> uint32_t flags = WBFLAG_PAM_INFO3_TEXT |
> WBFLAG_PAM_GET_PWD_POLICY;
> diff --git a/nsswitch/winbind_struct_protocol.h b/nsswitch/winbind_struct_protocol.h
> index 4a41ba3..f137d56 100644
> --- a/nsswitch/winbind_struct_protocol.h
> +++ b/nsswitch/winbind_struct_protocol.h
> @@ -263,7 +263,7 @@ struct winbindd_request {
> character is. */
> fstring user;
> fstring pass;
> - char require_membership_of_sid[1024];
> + char require_membership_of_sid[2048];
> fstring krb5_cc_type;
> uid_t uid;
> } auth; /* pam_winbind auth module */
Shouldn't we use an extra_data buffer on the request like we do with the
response for the logon data?
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list