diff options
Diffstat (limited to 'nsswitch/libwbclient')
-rw-r--r-- | nsswitch/libwbclient/wbc_pam.c | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/nsswitch/libwbclient/wbc_pam.c b/nsswitch/libwbclient/wbc_pam.c index d3bf6168ed..33044b2df7 100644 --- a/nsswitch/libwbclient/wbc_pam.c +++ b/nsswitch/libwbclient/wbc_pam.c @@ -426,15 +426,24 @@ wbcErr wbcAuthenticateUserEx(const struct wbcAuthUserParams *params, request.data.auth_crap.lm_resp_len = MIN(params->password.response.lm_length, sizeof(request.data.auth_crap.lm_resp)); - request.data.auth_crap.nt_resp_len = - MIN(params->password.response.nt_length, - sizeof(request.data.auth_crap.nt_resp)); if (params->password.response.lm_data) { memcpy(request.data.auth_crap.lm_resp, params->password.response.lm_data, request.data.auth_crap.lm_resp_len); } - if (params->password.response.nt_data) { + request.data.auth_crap.nt_resp_len = params->password.response.nt_length; + if (params->password.response.nt_length > sizeof(request.data.auth_crap.nt_resp)) { + request.flags |= WBFLAG_BIG_NTLMV2_BLOB; + request.extra_len = params->password.response.nt_length; + request.extra_data.data = talloc_zero_array(NULL, char, request.extra_len); + if (request.extra_data.data == NULL) { + wbc_status = WBC_ERR_NO_MEMORY; + BAIL_ON_WBC_ERROR(wbc_status); + } + memcpy(request.extra_data.data, + params->password.response.nt_data, + request.data.auth_crap.nt_resp_len); + } else if (params->password.response.nt_data) { memcpy(request.data.auth_crap.nt_resp, params->password.response.nt_data, request.data.auth_crap.nt_resp_len); @@ -480,6 +489,8 @@ done: if (response.extra_data.data) free(response.extra_data.data); + talloc_free(request.extra_data.data); + return wbc_status; } |