From 937f7a2873573c1547b1e610c86b467b5f842e1d Mon Sep 17 00:00:00 2001
From: Holger Hetterich <hhetter@novell.com>
Date: Fri, 11 Apr 2008 14:02:19 +0200
Subject: [PATCH] winbindd_cache: recognize and allow longer UA keys

UA keys consist of a potientally large number of concatenated SID strings which
can grow much larger than 1024 bytes in complex environments. We catch those keys
and allow them exclusivly to be larger.
(cherry picked from commit fcd35232e111f9b046ae35d939d08c29d0d43438)
---
 source/winbindd/winbindd_cache.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/source/winbindd/winbindd_cache.c b/source/winbindd/winbindd_cache.c
index ddb0ab317e6..5abd207e793 100644
--- a/source/winbindd/winbindd_cache.c
+++ b/source/winbindd/winbindd_cache.c
@@ -3352,9 +3352,19 @@ static int cache_traverse_validate_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, TDB_D
 
 	/* Paranoia check. */
 	if (kbuf.dsize > 1024) {
-		DEBUG(0,("cache_traverse_validate_fn: key length too large (%u) > 1024\n\n",
-				(unsigned int)kbuf.dsize ));
-		return 1;
+		if (strncmp("UA/", (const char *)kbuf.dptr, 3) == 0) {
+			unsigned int max_key_len = 1024*1024;
+			if (kbuf.dsize > max_key_len) {
+				DEBUG(0,("cache_traverse_validate_fn: UA key to large (%u) > (%u)\n\n",
+					 (unsigned int)kbuf.dsize, (unsigned int)max_key_len ));
+				return 1;
+			} 
+		} else 	{
+
+				DEBUG(0,("cache_traverse_validate_fn: key length too large (%u) > 1024\n\n",
+					 (unsigned int)kbuf.dsize ));
+				return 1;
+			}
 	}
 
 	for (i = 0; key_val[i].keyname; i++) {
-- 
2.11.4.GIT