[PATCH 1/2] nsswitch: extend require_membership_of buffer

Andrew Bartlett abartlet at samba.org
Tue Apr 30 18:01:52 MDT 2013


On Wed, 2013-05-01 at 01:07 +0200, David Disseldorp wrote:
> The pam_winbind require_membership_of option allows for a list of SID,
> but currently only provides buffer space for ~20.
> This patch is from Paul Zirnik <paul.zirnik at suse.com>.
> 
> Signed-off-by: David Disseldorp <ddiss at samba.org>
> ---
>  nsswitch/pam_winbind.c             | 2 +-
>  nsswitch/winbind_struct_protocol.h | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
> index 9f85556..ae986b1 100644
> --- a/nsswitch/pam_winbind.c
> +++ b/nsswitch/pam_winbind.c
> @@ -1645,7 +1645,7 @@ static int winbind_auth_request(struct pwb_context *ctx,
>  	wbcErr wbc_status;
>  
>  	struct wbcLogonUserParams logon;
> -	char membership_of[1024];
> +	char membership_of[2048];
>  	uid_t user_uid = -1;
>  	uint32_t flags = WBFLAG_PAM_INFO3_TEXT |
>  			 WBFLAG_PAM_GET_PWD_POLICY;
> diff --git a/nsswitch/winbind_struct_protocol.h b/nsswitch/winbind_struct_protocol.h
> index 4a41ba3..f137d56 100644
> --- a/nsswitch/winbind_struct_protocol.h
> +++ b/nsswitch/winbind_struct_protocol.h
> @@ -263,7 +263,7 @@ struct winbindd_request {
>                             character is. */
>  			fstring user;
>  			fstring pass;
> -			char require_membership_of_sid[1024];
> +			char require_membership_of_sid[2048];
>  			fstring krb5_cc_type;
>  			uid_t uid;
>  		} auth;              /* pam_winbind auth module */

Shouldn't we use an extra_data buffer on the request like we do with the
response for the logon data?

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org




More information about the samba-technical mailing list