winbindd_cache: recognize and allow longer UA keys

UA keys consist of a potientally large number of concatenated SID strings which
can grow much larger than 1024 bytes in complex environments. We catch those keys
and allow them exclusivly to be larger.
(This used to be commit fcd35232e111f9b046ae35d939d08c29d0d43438)

1 files changed, 13 insertions, 3 deletions

diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index ddb0ab317e..5abd207e79 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -3352,9 +3352,19 @@ static int cache_traverse_validate_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, TDB_D
 
 	/* Paranoia check. */
 	if (kbuf.dsize > 1024) {
-		DEBUG(0,("cache_traverse_validate_fn: key length too large (%u) > 1024\n\n",
-				(unsigned int)kbuf.dsize ));
-		return 1;
+		if (strncmp("UA/", (const char *)kbuf.dptr, 3) == 0) {
+			unsigned int max_key_len = 1024*1024;
+			if (kbuf.dsize > max_key_len) {
+				DEBUG(0,("cache_traverse_validate_fn: UA key to large (%u) > (%u)\n\n",
+					 (unsigned int)kbuf.dsize, (unsigned int)max_key_len ));
+				return 1;
+			} 
+		} else 	{
+
+				DEBUG(0,("cache_traverse_validate_fn: key length too large (%u) > 1024\n\n",
+					 (unsigned int)kbuf.dsize ));
+				return 1;
+			}
 	}
 
 	for (i = 0; key_val[i].keyname; i++) {