r16863: Pull in a few changes from Guenther, Simo, & Volker

Update the release notes

7 files changed, 24 insertions, 18 deletions

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 3fbbedd5374..453a563fd9a 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -184,24 +184,33 @@ o   Gerald (Jerry) Carter <jerry@samba.org>
       create an NT token for the guest account.
     * BUG 3908: Fix RPC bind authentication failure which broke
       user password changes.
+    * Ensure that "net ads join" reports failure correctly if
+      it cannot set the machine account password.
 
 
 o   Guenther Deschner <gd@samba.org>
     * Fix different extended_dn handling in adssearch.pl
       (Thanks to Frederic Brin at Novell).
     * Fix a memleak in winbindd's credentials cache.
+    * Protect against crashes in CLDAP request processing.
+    * Remove incomplete DfsEnum() info level to avoid an smbd crash.
 
 
 o   Volker Lendecke <vl@samba.org>
     * Fix a memleak in the server registry code for enumeration 
       shares.
     * Fix an invalid munlock() call in winbindd's credentials cache.
+    * Fix compile warnings when passing NULL to snprintf().
 
 
 o   Jason Mader <jason@ncac.gwu.edu>
     * Compiler warning fixes.
 
 
+o   Simo Sorce <idra@samba.org>
+    * Set the correct sid type when looking up a gid.
+
+
 Changes since 3.0.22
 --------------------
 o   Jeremy Allison <jra@samba.org>
diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index df4a4e1b388..c5ce55bc8c1 100644
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -778,7 +778,7 @@ static NTSTATUS create_builtin_administrators( void )
 	}
 			
 	/* add root */
-	if ( (ctx = talloc_init(NULL)) == NULL ) {
+	if ( (ctx = talloc_init("create_builtin_administrators")) == NULL ) {
 		return NT_STATUS_NO_MEMORY;
 	}
 	fstr_sprintf( root_name, "%s\\root", get_global_sam_name() );
diff --git a/source/libads/cldap.c b/source/libads/cldap.c
index 11c083a56a7..f67372805f3 100644
--- a/source/libads/cldap.c
+++ b/source/libads/cldap.c
@@ -115,10 +115,12 @@ static int send_cldap_netlogon(int sock, const char *domain,
 	asn1_write_BOOLEAN2(&data, False);
 	asn1_push_tag(&data, ASN1_CONTEXT(0));
 
-	asn1_push_tag(&data, ASN1_CONTEXT(3));
-	asn1_write_OctetString(&data, "DnsDomain", 9);
-	asn1_write_OctetString(&data, domain, strlen(domain));
-	asn1_pop_tag(&data);
+	if (domain) {
+		asn1_push_tag(&data, ASN1_CONTEXT(3));
+		asn1_write_OctetString(&data, "DnsDomain", 9);
+		asn1_write_OctetString(&data, domain, strlen(domain));
+		asn1_pop_tag(&data);
+	}
 
 	asn1_push_tag(&data, ASN1_CONTEXT(3));
 	asn1_write_OctetString(&data, "Host", 4);
diff --git a/source/libads/ldap.c b/source/libads/ldap.c
index 397d8c02f07..719805f86d0 100644
--- a/source/libads/ldap.c
+++ b/source/libads/ldap.c
@@ -122,14 +122,15 @@ BOOL ads_try_connect(ADS_STRUCT *ads, const char *server )
 		return False;
 	}
 	
-	DEBUG(5,("ads_try_connect: sending CLDAP request to %s\n", server));
+	DEBUG(5,("ads_try_connect: sending CLDAP request to %s (realm: %s)\n", 
+		server, ads->server.realm));
 
 	/* this copes with inet_ntoa brokenness */
 	
 	srv = SMB_STRDUP(server);
 
 	ZERO_STRUCT( cldap_reply );
-	
+
 	if ( !ads_cldap_netlogon( srv, ads->server.realm, &cldap_reply ) ) {
 		DEBUG(3,("ads_try_connect: CLDAP request %s failed.\n", srv));
 		return False;
@@ -149,18 +150,20 @@ BOOL ads_try_connect(ADS_STRUCT *ads, const char *server )
 	SAFE_FREE(ads->config.realm);
 	SAFE_FREE(ads->config.bind_path);
 	SAFE_FREE(ads->config.ldap_server_name);
+	SAFE_FREE(ads->server.workgroup);
 
 	ads->config.ldap_server_name   = SMB_STRDUP(cldap_reply.hostname);
 	strupper_m(cldap_reply.domain);
 	ads->config.realm              = SMB_STRDUP(cldap_reply.domain);
 	ads->config.bind_path          = ads_build_dn(ads->config.realm);
+	ads->server.workgroup          = SMB_STRDUP(cldap_reply.netbios_domain);
 
 	ads->ldap_port = LDAP_PORT;
 	ads->ldap_ip = *interpret_addr2(srv);
 	SAFE_FREE(srv);
 	
 	/* cache the successful connection */
-	
+
 	saf_store( ads->server.workgroup, server );
 
 	return True;
diff --git a/source/nsswitch/winbindd_sid.c b/source/nsswitch/winbindd_sid.c
index a4cd8f76042..d489e267cb2 100644
--- a/source/nsswitch/winbindd_sid.c
+++ b/source/nsswitch/winbindd_sid.c
@@ -416,7 +416,7 @@ void winbindd_gid_to_sid(struct winbindd_cli_state *state)
 
 	if (NT_STATUS_IS_OK(status)) {
 		sid_to_string(state->response.data.sid.sid, &sid);
-		state->response.data.sid.type = SID_NAME_USER;
+		state->response.data.sid.type = SID_NAME_DOM_GRP;
 		request_ok(state);
 		return;
 	}
diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index a3a41c7664d..b6c027f8714 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -1670,7 +1670,7 @@ void lp_TALLOC_FREE(void)
 TALLOC_CTX *tmp_talloc_ctx(void)
 {
 	if (lp_talloc == NULL) {
-		lp_talloc = talloc_init(NULL);
+		lp_talloc = talloc_init("tmp_talloc_ctx");
 	}
 
 	if (lp_talloc == NULL) {
diff --git a/source/rpc_server/srv_dfs_nt.c b/source/rpc_server/srv_dfs_nt.c
index f04d8c37c3d..8239584522a 100644
--- a/source/rpc_server/srv_dfs_nt.c
+++ b/source/rpc_server/srv_dfs_nt.c
@@ -304,14 +304,6 @@ WERROR _dfs_Enum(pipes_struct *p, NETDFS_Q_DFS_ENUM *q_u, NETDFS_R_DFS_ENUM *r_u
 		r_u->info.e.u.info3.ptr0_s = 1;
 		r_u->info.e.u.info3.size_s = num_jn;
 		break;
-	case 4:
-		if ((r_u->info.e.u.info4.s = TALLOC_ARRAY(p->mem_ctx, NETDFS_DFS_INFO4, num_jn)) == NULL) {
-			return WERR_NOMEM;
-		}
-		r_u->info.e.u.info4.count = num_jn;
-		r_u->info.e.u.info4.ptr0_s = 1;
-		r_u->info.e.u.info4.size_s = num_jn;
-		break;
 	default:
 		return WERR_INVALID_PARAM;
 	}