4 files changed, 9 insertions, 17 deletions

diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c
index 89db0773ae..81f5227410 100644
--- a/source3/nsswitch/pam_winbind.c
+++ b/source3/nsswitch/pam_winbind.c
@@ -1341,9 +1341,10 @@ static int winbind_auth_request(pam_handle_t * pamh,
 
 		/* If winbindd returned a username, return the pointer to it
 		 * here. */
-		if (user_ret && response.extra_data.data) {
+		if (user_ret && response.data.auth.unix_username[0]) {
 			/* We have to trust it's a null terminated string. */
-			*user_ret = (char *)response.extra_data.data;
+			*user_ret = strndup(response.data.auth.unix_username,
+				    sizeof(response.data.auth.unix_username) - 1);
 		}
 	}
 
diff --git a/source3/nsswitch/winbind_struct_protocol.h b/source3/nsswitch/winbind_struct_protocol.h
index 12ca1e55c8..e81813c77b 100644
--- a/source3/nsswitch/winbind_struct_protocol.h
+++ b/source3/nsswitch/winbind_struct_protocol.h
@@ -431,6 +431,7 @@ struct winbindd_response {
 				fstring logon_srv;
 				fstring logon_dom;
 			} info3;
+			fstring unix_username;
 		} auth;
 		struct {
 			fstring name;
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index 9e9da2a66f..df2bf9753b 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -418,7 +418,7 @@ NTSTATUS contact_winbind_auth_crap(const char *username,
 	}
 
 	if (flags & WBFLAG_PAM_UNIX_NAME) {
-		*unix_name = SMB_STRDUP((char *)response.extra_data.data);
+		*unix_name = SMB_STRDUP(response.data.auth.unix_username);
 		if (!*unix_name) {
 			winbindd_free_response(&response);
 			return NT_STATUS_NO_MEMORY;
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 79b4c764c3..ef5a312eea 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -157,7 +157,6 @@ static NTSTATUS append_unix_username(TALLOC_CTX *mem_ctx,
 	/* We've been asked to return the unix username, per
 	   'winbind use default domain' settings and the like */
 
-	fstring username_out;
 	const char *nt_username, *nt_domain;
 
 	nt_domain = talloc_strdup(mem_ctx, info3->base.domain.string);
@@ -174,18 +173,11 @@ static NTSTATUS append_unix_username(TALLOC_CTX *mem_ctx,
 		nt_username = name_user;
 	}
 
-	fill_domain_username(username_out, nt_domain, nt_username,
-			     True);
+	fill_domain_username(state->response.data.auth.unix_username,
+			     nt_domain, nt_username, True);
 
-	DEBUG(5,("Setting unix username to [%s]\n", username_out));
-
-	SAFE_FREE(state->response.extra_data.data);
-	state->response.extra_data.data = SMB_STRDUP(username_out);
-	if (!state->response.extra_data.data) {
-		return NT_STATUS_NO_MEMORY;
-	}
-	state->response.length +=
-		strlen((const char *)state->response.extra_data.data)+1;
+	DEBUG(5,("Setting unix username to [%s]\n",
+		state->response.data.auth.unix_username));
 
 	return NT_STATUS_OK;
 }
@@ -736,14 +728,12 @@ failed:
 static bool check_request_flags(uint32_t flags)
 {
 	uint32_t flags_edata = WBFLAG_PAM_AFS_TOKEN |
-			       WBFLAG_PAM_UNIX_NAME |
 			       WBFLAG_PAM_INFO3_TEXT |
 			       WBFLAG_PAM_INFO3_NDR;
 
 	if ( ( (flags & flags_edata) == WBFLAG_PAM_AFS_TOKEN) ||
 	     ( (flags & flags_edata) == WBFLAG_PAM_INFO3_NDR) ||
 	     ( (flags & flags_edata) == WBFLAG_PAM_INFO3_TEXT)||
-	     ( (flags & flags_edata) == WBFLAG_PAM_UNIX_NAME) ||
 	      !(flags & flags_edata) ) {
 		return True;
 	}