From: Volker Lendecke <vl@samba.org>
Date: Fri, 14 Jan 2011 12:14:22 +0000 (-0700)
Subject: s3: Make sure we call wbcAuthenticateUserEx correctly
X-Git-Url: http://git.samba.org/?p=obnox%2Fsamba-ctdb.git;a=commitdiff_plain;h=c8befe75669c827419397d874c7e0c06fbcf4f13

s3: Make sure we call wbcAuthenticateUserEx correctly

There are cases where we fill in params.password.response.lm_data with non-NULL
where params.password.response.lm_length is 0. wbcAuthenticateUserEx does not
like that.
---

diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c
index d1b00a3268..1e14ff022e 100644
--- a/source3/auth/auth_winbind.c
+++ b/source3/auth/auth_winbind.c
@@ -39,6 +39,8 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
 	struct wbcAuthUserInfo *info = NULL;
 	struct wbcAuthErrorInfo *err = NULL;
 
+	ZERO_STRUCT(params);
+
 	if (!user_info) {
 		return NT_STATUS_INVALID_PARAMETER;
 	}
@@ -70,10 +72,14 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
 	       auth_context->challenge.data,
 	       sizeof(params.password.response.challenge));
 
-	params.password.response.nt_length	= user_info->nt_resp.length;
-	params.password.response.nt_data	= user_info->nt_resp.data;
-	params.password.response.lm_length	= user_info->lm_resp.length;
-	params.password.response.lm_data	= user_info->lm_resp.data;
+	if (user_info->nt_resp.length != 0) {
+		params.password.response.nt_length = user_info->nt_resp.length;
+		params.password.response.nt_data = user_info->nt_resp.data;
+	}
+	if (user_info->lm_resp.length != 0) {
+		params.password.response.lm_length = user_info->lm_resp.length;
+		params.password.response.lm_data = user_info->lm_resp.data;
+	}
 
 	/* we are contacting the privileged pipe */
 	become_root();