r16438: sync up to r16433

11 files changed, 73 insertions, 46 deletions

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 82efca45e38..2f7e47e6c49 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -68,6 +68,7 @@ o   Bjoern Jacke <samba@j3e.de>.
 o   Volker Lendecke <vl@samba.org>
     * Fixes for various Klocwork defect reports.
     * Fixes for various Coverity defect reports.
+    * BUG 3848: Fix WinXP join error in a Samba domain using ldapsam.
 
 
 
diff --git a/source/lib/util_unistr.c b/source/lib/util_unistr.c
index eef484148db..a0015c265fb 100644
--- a/source/lib/util_unistr.c
+++ b/source/lib/util_unistr.c
@@ -98,8 +98,10 @@ void load_case_tables(void)
 	/* Get the name of the current locale.  */
 	old_locale = setlocale(LC_ALL, NULL);
 
-	/* Save it as it is in static storage. */
-	saved_locale = SMB_STRDUP(old_locale);
+	if (old_locale) {
+		/* Save it as it is in static storage. */
+		saved_locale = SMB_STRDUP(old_locale);
+	}
 
 	/* We set back the locale to C to get ASCII-compatible toupper/lower functions. */
 	setlocale(LC_ALL, "C");
@@ -139,8 +141,10 @@ void load_case_tables(void)
 
 #ifdef HAVE_SETLOCALE
 	/* Restore the old locale. */
-	setlocale (LC_ALL, saved_locale);
-	SAFE_FREE(saved_locale);
+	if (saved_locale) {
+		setlocale (LC_ALL, saved_locale);
+		SAFE_FREE(saved_locale);
+	}
 #endif
 }
 
diff --git a/source/nsswitch/winbindd_util.c b/source/nsswitch/winbindd_util.c
index 928e78a05fe..d974ad8c56d 100644
--- a/source/nsswitch/winbindd_util.c
+++ b/source/nsswitch/winbindd_util.c
@@ -976,14 +976,6 @@ void winbindd_remove_client(struct winbindd_cli_state *cli)
 	_num_clients--;
 }
 
-/* Demote a client to be the last in the list */
-
-void winbindd_demote_client(struct winbindd_cli_state *cli)
-{
-	struct winbindd_cli_state *tmp;
-	DLIST_DEMOTE(_client_list, cli, tmp);
-}
-
 /* Close all open clients */
 
 void winbindd_kill_all_clients(void)
diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index 2ef1c4df2fe..a3a41c7664d 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -3244,9 +3244,9 @@ static BOOL handle_debug_list( int snum, const char *pszParmValueIn, char **ptr
  Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
 ***************************************************************************/
 
-static char* append_ldap_suffix( const char *str )
+static const char *append_ldap_suffix( const char *str )
 {
-	char *suffix_string;
+	const char *suffix_string;
 
 
 	if (!lp_talloc)
@@ -3255,13 +3255,13 @@ static char* append_ldap_suffix( const char *str )
 	suffix_string = talloc_asprintf( lp_talloc, "%s,%s", str, Globals.szLdapSuffix );
 	if ( !suffix_string ) {
 		DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
-		return NULL;
+		return "";
 	}
 
 	return suffix_string;
 }
 
-char *lp_ldap_machine_suffix(void)
+const char *lp_ldap_machine_suffix(void)
 {
 	if (Globals.szLdapMachineSuffix[0])
 		return append_ldap_suffix(Globals.szLdapMachineSuffix);
@@ -3269,7 +3269,7 @@ char *lp_ldap_machine_suffix(void)
 	return lp_string(Globals.szLdapSuffix);
 }
 
-char *lp_ldap_user_suffix(void)
+const char *lp_ldap_user_suffix(void)
 {
 	if (Globals.szLdapUserSuffix[0])
 		return append_ldap_suffix(Globals.szLdapUserSuffix);
@@ -3277,7 +3277,7 @@ char *lp_ldap_user_suffix(void)
 	return lp_string(Globals.szLdapSuffix);
 }
 
-char *lp_ldap_group_suffix(void)
+const char *lp_ldap_group_suffix(void)
 {
 	if (Globals.szLdapGroupSuffix[0])
 		return append_ldap_suffix(Globals.szLdapGroupSuffix);
@@ -3285,7 +3285,7 @@ char *lp_ldap_group_suffix(void)
 	return lp_string(Globals.szLdapSuffix);
 }
 
-char *lp_ldap_idmap_suffix(void)
+const char *lp_ldap_idmap_suffix(void)
 {
 	if (Globals.szLdapIdmapSuffix[0])
 		return append_ldap_suffix(Globals.szLdapIdmapSuffix);
diff --git a/source/passdb/pdb_ldap.c b/source/passdb/pdb_ldap.c
index 2a824c137f9..4a9794e1861 100644
--- a/source/passdb/pdb_ldap.c
+++ b/source/passdb/pdb_ldap.c
@@ -1796,6 +1796,19 @@ static NTSTATUS ldapsam_update_sam_account(struct pdb_methods *my_methods, struc
 	ldap_mods_free(mods,True);
 	SAFE_FREE(dn);
 
+	/*
+	 * We need to set the backend private data to NULL here. For example
+	 * setuserinfo level 25 does a pdb_update_sam_account twice on the
+	 * same one, and with the explicit delete / add logic for attribute
+	 * values the second time we would use the wrong "old" value which
+	 * does not exist in LDAP anymore. Thus the LDAP server would refuse
+	 * the update.
+	 * The existing LDAPMessage is still being auto-freed by the
+	 * destructor.
+	 */
+	pdb_set_backend_private_data(newpwd, NULL, NULL, my_methods,
+				     PDB_CHANGED);
+
 	if (!NT_STATUS_IS_OK(ret)) {
 		return ret;
 	}
diff --git a/source/printing/nt_printing.c b/source/printing/nt_printing.c
index 6a7fd4d3986..5c4039722e1 100644
--- a/source/printing/nt_printing.c
+++ b/source/printing/nt_printing.c
@@ -2767,6 +2767,8 @@ int get_printer_subkeys( NT_PRINTER_DATA *data, const char* key, fstring **subke
 	fstring	*subkeys_ptr = NULL;
 	fstring subkeyname;
 	
+	*subkeys = NULL;
+
 	if ( !data )
 		return 0;
 
diff --git a/source/registry/reg_printing.c b/source/registry/reg_printing.c
index f001fdad244..a712a7c9706 100644
--- a/source/registry/reg_printing.c
+++ b/source/registry/reg_printing.c
@@ -346,8 +346,10 @@ static BOOL key_printers_store_keys( const char *key, REGSUBKEY_CTR *subkeys )
 		if ( lookup_printerkey(printer->info_2->data, subkeyname) == -1 ) {
 			DEBUG(5,("key_printers_store_keys: adding key %s\n", 
 				existing_subkeys[i]));
-			if ( add_new_printer_key( printer->info_2->data, subkeyname ) == -1 ) 
+			if ( add_new_printer_key( printer->info_2->data, subkeyname ) == -1 ) {
+				SAFE_FREE( existing_subkeys );
 				return False;
+			}
 		}
 	}
 	
@@ -360,6 +362,8 @@ static BOOL key_printers_store_keys( const char *key, REGSUBKEY_CTR *subkeys )
 	if ( printer )
 		free_a_printer( &printer, 2 );
 
+	SAFE_FREE( existing_subkeys );
+
 	return True;
 }
 
diff --git a/source/rpc_server/srv_lsa_nt.c b/source/rpc_server/srv_lsa_nt.c
index ae9795952cf..efa7156eea6 100644
--- a/source/rpc_server/srv_lsa_nt.c
+++ b/source/rpc_server/srv_lsa_nt.c
@@ -1135,7 +1135,7 @@ NTSTATUS _lsa_lookup_names2(pipes_struct *p, LSA_Q_LOOKUP_NAMES2 *q_u, LSA_R_LOO
 
 	if ((ref == NULL) || (rids == NULL) || (rids2 == NULL)) {
 		r_u->status = NT_STATUS_NO_MEMORY;
-		goto done;
+		return NT_STATUS_NO_MEMORY;
 	}
 
 	if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle)) {
@@ -1149,10 +1149,6 @@ NTSTATUS _lsa_lookup_names2(pipes_struct *p, LSA_Q_LOOKUP_NAMES2 *q_u, LSA_R_LOO
 		goto done;
 	}
 
-	if (!ref || !rids || !rids2) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
 	/* set up the LSA Lookup RIDs response */
 	become_root(); /* lookup_name can require root privs */
 	r_u->status = lookup_lsa_rids(p->mem_ctx, ref, rids, num_entries,
diff --git a/source/utils/net_rpc_samsync.c b/source/utils/net_rpc_samsync.c
index 85b086a02ff..4f99c3035c8 100644
--- a/source/utils/net_rpc_samsync.c
+++ b/source/utils/net_rpc_samsync.c
@@ -1025,7 +1025,7 @@ static NTSTATUS fetch_database(struct rpc_pipe_client *pipe_hnd, uint32 db_type,
 static NTSTATUS populate_ldap_for_ldif(fstring sid, const char *suffix, const char 
 		       *builtin_sid, FILE *add_fd)
 {
-	char *user_suffix, *group_suffix, *machine_suffix, *idmap_suffix;
+	const char *user_suffix, *group_suffix, *machine_suffix, *idmap_suffix;
 	char *user_attr=NULL, *group_attr=NULL;
 	char *suffix_attr;
 	int len;
diff --git a/source/web/cgi.c b/source/web/cgi.c
index b764b6d6283..d289613b4ba 100644
--- a/source/web/cgi.c
+++ b/source/web/cgi.c
@@ -223,6 +223,7 @@ void cgi_load_variables(void)
   browser. Also doesn't allow for variables[] containing multiple variables
   with the same name and the same or different values.
   ***************************************************************************/
+
 const char *cgi_variable(const char *name)
 {
 	int i;
@@ -234,6 +235,20 @@ const char *cgi_variable(const char *name)
 }
 
 /***************************************************************************
+ Version of the above that can't return a NULL pointer.
+***************************************************************************/
+
+const char *cgi_variable_nonull(const char *name)
+{
+	const char *var = cgi_variable(name);
+	if (var) {
+		return var;
+	} else {
+		return "";
+	}
+}
+
+/***************************************************************************
 tell a browser about a fatal error in the http processing
   ***************************************************************************/
 static void cgi_setup_error(const char *err, const char *header, const char *info)
diff --git a/source/web/swat.c b/source/web/swat.c
index a0dc0f4d313..d1fd0b4f9bc 100644
--- a/source/web/swat.c
+++ b/source/web/swat.c
@@ -515,7 +515,7 @@ static void commit_parameters(int snum)
 
 	while ((parm = lp_next_parameter(snum, &i, 1))) {
 		slprintf(label, sizeof(label)-1, "parm_%s", make_parm_name(parm->label));
-		if ((v = cgi_variable(label))) {
+		if ((v = cgi_variable(label)) != NULL) {
 			if (parm->flags & FLAG_HIDE) continue;
 			commit_parameter(snum, parm, v); 
 		}
@@ -678,10 +678,10 @@ static void wizard_page(void)
 	}
 
 	if (cgi_variable("Commit")){
-		SerType = atoi(cgi_variable("ServerType"));
-		winstype = atoi(cgi_variable("WINSType"));
+		SerType = atoi(cgi_variable_nonull("ServerType"));
+		winstype = atoi(cgi_variable_nonull("WINSType"));
 		have_home = lp_servicenumber(HOMES_NAME);
-		HomeExpo = atoi(cgi_variable("HomeExpo"));
+		HomeExpo = atoi(cgi_variable_nonull("HomeExpo"));
 
 		/* Plain text passwords are too badly broken - use encrypted passwords only */
 		lp_do_parameter( GLOBAL_SECTION_SNUM, "encrypt passwords", "Yes");
@@ -714,7 +714,7 @@ static void wizard_page(void)
 				break;
 			case 2:
 				lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "No" );
-				lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", cgi_variable("WINSAddr"));
+				lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", cgi_variable_nonull("WINSAddr"));
 				break;
 		}
 
@@ -839,7 +839,7 @@ static void globals_page(void)
 	}
 
 	if ( cgi_variable("ViewMode") )
-		mode = atoi(cgi_variable("ViewMode"));
+		mode = atoi(cgi_variable_nonull("ViewMode"));
 	if ( cgi_variable("BasicMode"))
 		mode = 0;
 	if ( cgi_variable("AdvMode"))
@@ -915,7 +915,7 @@ static void shares_page(void)
 	printf("<table>\n");
 
 	if ( cgi_variable("ViewMode") )
-		mode = atoi(cgi_variable("ViewMode"));
+		mode = atoi(cgi_variable_nonull("ViewMode"));
 	if ( cgi_variable("BasicMode"))
 		mode = 0;
 	if ( cgi_variable("AdvMode"))
@@ -1029,7 +1029,7 @@ static void chg_passwd(void)
 	int local_flags = 0;
 
 	/* Make sure users name has been specified */
-	if (strlen(cgi_variable(SWAT_USER)) == 0) {
+	if (strlen(cgi_variable_nonull(SWAT_USER)) == 0) {
 		printf("<p>%s\n", _(" Must specify \"User Name\" "));
 		return;
 	}
@@ -1044,27 +1044,27 @@ static void chg_passwd(void)
 		 * If current user is not root, make sure old password has been specified 
 		 * If REMOTE change, even root must provide old password 
 		 */
-		if (((!am_root()) && (strlen( cgi_variable(OLD_PSWD)) <= 0)) ||
-		    ((cgi_variable(CHG_R_PASSWD_FLAG)) &&  (strlen( cgi_variable(OLD_PSWD)) <= 0))) {
+		if (((!am_root()) && (strlen( cgi_variable_nonull(OLD_PSWD)) <= 0)) ||
+		    ((cgi_variable(CHG_R_PASSWD_FLAG)) &&  (strlen( cgi_variable_nonull(OLD_PSWD)) <= 0))) {
 			printf("<p>%s\n", _(" Must specify \"Old Password\" "));
 			return;
 		}
 
 		/* If changing a users password on a remote hosts we have to know what host */
-		if ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable(RHOST)) <= 0)) {
+		if ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable_nonull(RHOST)) <= 0)) {
 			printf("<p>%s\n", _(" Must specify \"Remote Machine\" "));
 			return;
 		}
 
 		/* Make sure new passwords have been specified */
-		if ((strlen( cgi_variable(NEW_PSWD)) <= 0) ||
-		    (strlen( cgi_variable(NEW2_PSWD)) <= 0)) {
+		if ((strlen( cgi_variable_nonull(NEW_PSWD)) <= 0) ||
+		    (strlen( cgi_variable_nonull(NEW2_PSWD)) <= 0)) {
 			printf("<p>%s\n", _(" Must specify \"New, and Re-typed Passwords\" "));
 			return;
 		}
 
 		/* Make sure new passwords was typed correctly twice */
-		if (strcmp(cgi_variable(NEW_PSWD), cgi_variable(NEW2_PSWD)) != 0) {
+		if (strcmp(cgi_variable_nonull(NEW_PSWD), cgi_variable_nonull(NEW2_PSWD)) != 0) {
 			printf("<p>%s\n", _(" Re-typed password didn't match new password "));
 			return;
 		}
@@ -1091,17 +1091,17 @@ static void chg_passwd(void)
 	
 
 	rslt = change_password(host,
-			       cgi_variable(SWAT_USER),
-			       cgi_variable(OLD_PSWD), cgi_variable(NEW_PSWD),
+			       cgi_variable_nonull(SWAT_USER),
+			       cgi_variable_nonull(OLD_PSWD), cgi_variable_nonull(NEW_PSWD),
 				   local_flags);
 
 	if(cgi_variable(CHG_S_PASSWD_FLAG)) {
 		printf("<p>");
 		if (rslt == True) {
-			printf(_(" The passwd for '%s' has been changed."), cgi_variable(SWAT_USER));
+			printf(_(" The passwd for '%s' has been changed."), cgi_variable_nonull(SWAT_USER));
 			printf("\n");
 		} else {
-			printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable(SWAT_USER));
+			printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable_nonull(SWAT_USER));
 			printf("\n");
 		}
 	}
@@ -1121,7 +1121,7 @@ static void passwd_page(void)
 	 * changed the User box text to another users name, remember it.
 	 */
 	if (cgi_variable(SWAT_USER)) {
-		new_name = cgi_variable(SWAT_USER);
+		new_name = cgi_variable_nonull(SWAT_USER);
 	} 
 
 	if (!new_name) new_name = "";
@@ -1265,7 +1265,7 @@ static void printers_page(void)
 	printf("<FORM name=\"swatform\" method=post>\n");
 
 	if ( cgi_variable("ViewMode") )
-		mode = atoi(cgi_variable("ViewMode"));
+		mode = atoi(cgi_variable_nonull("ViewMode"));
         if ( cgi_variable("BasicMode"))
                 mode = 0;
         if ( cgi_variable("AdvMode"))