Merge minor library fixes from HEAD to 3.0.

 - setenv() replacement
 - mimir's ASN1/SPNEGO typo fixes
 - (size_t)-1 fixes for push_* returns
 - function argument signed/unsigned correction
 - ASN1 error handling (ensure we don't use initiailsed data)
 - extra net ads join error checking
 - allow 'set security discriptor' to fail
 - escape ldap strings in libads.
 - getgrouplist() correctness fixes (include primary gid)

Andrew Bartlett
(This used to be commit e9d6e2ea9a3dc01d3849b925c50702cda6ddf225)

12 files changed, 117 insertions, 45 deletions

diff --git a/source3/include/asn_1.h b/source3/include/asn_1.h
index 9cd873c18a..ab7fa5d398 100644
--- a/source3/include/asn_1.h
+++ b/source3/include/asn_1.h
@@ -55,8 +55,8 @@ typedef struct {
 #define OID_KERBEROS5_OLD "1 2 840 48018 1 2 2"
 #define OID_KERBEROS5 "1 2 840 113554 1 2 2"
 
-#define SPNGEO_NEG_RESULT_ACCEPT 0
-#define SPNGEO_NEG_RESULT_INCOMPLETE 1
-#define SPNGEO_NEG_RESULT_REJECT 2
+#define SPNEGO_NEG_RESULT_ACCEPT 0
+#define SPNEGO_NEG_RESULT_INCOMPLETE 1
+#define SPNEGO_NEG_RESULT_REJECT 2
 
 #endif /* _ASN_1_H */
diff --git a/source3/include/includes.h b/source3/include/includes.h
index d48103cbe3..5aaf009738 100644
--- a/source3/include/includes.h
+++ b/source3/include/includes.h
@@ -962,6 +962,10 @@ size_t strnlen(const char *s, size_t n);
 unsigned long strtoul(const char *nptr, char **endptr, int base);
 #endif
 
+#ifndef HAVE_SETENV
+int setenv(const char *name, const char *value, int overwrite); 
+#endif
+
 #if (defined(USE_SETRESUID) && !defined(HAVE_SETRESUID_DECL))
 /* stupid glibc */
 int setresuid(uid_t ruid, uid_t euid, uid_t suid);
diff --git a/source3/lib/replace.c b/source3/lib/replace.c
index cd48b8d160..0c62ec9bfa 100644
--- a/source3/lib/replace.c
+++ b/source3/lib/replace.c
@@ -447,3 +447,21 @@ char *rep_inet_ntoa(struct in_addr ip)
 	return t;
 }
 #endif
+
+#ifndef HAVE_SETENV
+ int setenv(const char *name, const char *value, int overwrite) 
+{
+	char *p = NULL;
+	int ret = -1;
+
+	asprintf(&p, "%s=%s", name, value);
+
+	if (overwrite || getenv(name)) {
+		if (p) ret = putenv(p);
+	} else {
+		ret = 0;
+	}
+
+	return ret;	
+}
+#endif
diff --git a/source3/lib/system_smbd.c b/source3/lib/system_smbd.c
index 0cd3086945..3ae0a6395e 100644
--- a/source3/lib/system_smbd.c
+++ b/source3/lib/system_smbd.c
@@ -39,7 +39,7 @@
 static int getgrouplist_internals(const char *user, gid_t gid, gid_t *groups, int *grpcnt)
 {
 	gid_t *gids_saved;
-	int ret, ngrp_saved;
+	int ret, ngrp_saved, num_gids;
 
 	if (non_root_mode()) {
 		*grpcnt = 0;
@@ -78,9 +78,16 @@ static int getgrouplist_internals(const char *user, gid_t gid, gid_t *groups, in
 	set_effective_gid(gid);
 	setgid(gid);
 
-	ret = getgroups(*grpcnt, groups);
-	if (ret >= 0) {
-		*grpcnt = ret;
+	num_gids = getgroups(0, NULL);
+	if (num_gids + 1 > *grpcnt) {
+		*grpcnt = num_gids + 1;
+		ret = -1;
+	} else {
+		ret = getgroups(*grpcnt - 1, &groups[1]);
+		if (ret >= 0) {
+			groups[0] = gid;
+			*grpcnt = ret + 1;
+		}
 	}
 
 	restore_re_gid();
diff --git a/source3/libads/ads_ldap.c b/source3/libads/ads_ldap.c
index 05b016539e..97f12de0f7 100644
--- a/source3/libads/ads_ldap.c
+++ b/source3/libads/ads_ldap.c
@@ -37,9 +37,16 @@ NTSTATUS ads_name_to_sid(ADS_STRUCT *ads,
 	char *exp;
 	uint32 t;
 	NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+	char *escaped_name = escape_ldap_string_alloc(name);
+	char *escaped_realm = escape_ldap_string_alloc(ads->config.realm);
+
+	if (!escaped_name || !escaped_realm) {
+		status = NT_STATUS_NO_MEMORY;
+		goto done;
+	}
 
 	if (asprintf(&exp, "(|(sAMAccountName=%s)(userPrincipalName=%s@%s))", 
-		     name, name, ads->config.realm) == -1) {
+		     escaped_name, escaped_name, escaped_realm) == -1) {
 		DEBUG(1,("ads_name_to_sid: asprintf failed!\n"));
 		status = NT_STATUS_NO_MEMORY;
 		goto done;
@@ -77,6 +84,9 @@ NTSTATUS ads_name_to_sid(ADS_STRUCT *ads,
 done:
 	if (res) ads_msgfree(ads, res);
 
+	SAFE_FREE(escaped_name);
+	SAFE_FREE(escaped_realm);
+
 	return status;
 }
 
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index 47a94f0a08..b7cfc8d84c 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -426,10 +426,10 @@ ADS_STATUS ads_do_paged_search(ADS_STRUCT *ads, const char *bind_path,
 		return ADS_ERROR(LDAP_NO_MEMORY);
 
 	/* 0 means the conversion worked but the result was empty 
-	   so we only fail if it's negative.  In any case, it always 
+	   so we only fail if it's -1.  In any case, it always 
 	   at least nulls out the dest */
-	if ((push_utf8_talloc(ctx, &utf8_exp, exp) < 0) ||
-	    (push_utf8_talloc(ctx, &utf8_path, bind_path) < 0)) {
+	if ((push_utf8_talloc(ctx, &utf8_exp, exp) == (size_t)-1) ||
+	    (push_utf8_talloc(ctx, &utf8_path, bind_path) == (size_t)-1)) {
 		rc = LDAP_NO_MEMORY;
 		goto done;
 	}
@@ -652,8 +652,8 @@ ADS_STATUS ads_do_search(ADS_STRUCT *ads, const char *bind_path, int scope,
 	/* 0 means the conversion worked but the result was empty 
 	   so we only fail if it's negative.  In any case, it always 
 	   at least nulls out the dest */
-	if ((push_utf8_talloc(ctx, &utf8_exp, exp) < 0) ||
-	    (push_utf8_talloc(ctx, &utf8_path, bind_path) < 0)) {
+	if ((push_utf8_talloc(ctx, &utf8_exp, exp) == (size_t)-1) ||
+	    (push_utf8_talloc(ctx, &utf8_path, bind_path) == (size_t)-1)) {
 		DEBUG(1,("ads_do_search: push_utf8_talloc() failed!"));
 		rc = LDAP_NO_MEMORY;
 		goto done;
@@ -1022,7 +1022,7 @@ char *ads_ou_string(const char *org_unit)
 static ADS_STATUS ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname, 
 				       const char *org_unit)
 {
-	ADS_STATUS ret;
+	ADS_STATUS ret, status;
 	char *host_spn, *host_upn, *new_dn, *samAccountName, *controlstr;
 	char *ou_str;
 	TALLOC_CTX *ctx;
@@ -1089,9 +1089,21 @@ static ADS_STATUS ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname,
 	ads_mod_str(ctx, &mods, "operatingSystem", "Samba");
 	ads_mod_str(ctx, &mods, "operatingSystemVersion", VERSION);
 
-	ads_gen_add(ads, new_dn, mods);
-	ret = ads_set_machine_sd(ads, hostname, new_dn);
+	ret = ads_gen_add(ads, new_dn, mods);
+
+	if (!ADS_ERR_OK(ret))
+		goto done;
+
+	/* Do not fail if we can't set security descriptor
+	 * it shouldn't be mandatory and probably we just 
+	 * don't have enough rights to do it.
+	 */
+	status = ads_set_machine_sd(ads, hostname, new_dn);
 
+	if (!ADS_ERR_OK(status)) {
+		DEBUG(0, ("Warning: ads_set_machine_sd: %s\n",
+				ads_errstr(status)));
+	}
 done:
 	talloc_destroy(ctx);
 	return ret;
@@ -1406,7 +1418,7 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
  **/
 ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
 {
-	const char     *attrs[] = {"ntSecurityDescriptor", "objectSid", 0};
+	const char     *attrs[] = {"nTSecurityDescriptor", "objectSid", 0};
 	char           *exp     = 0;
 	size_t          sd_size = 0;
 	struct berval   bval = {0, NULL};
@@ -1420,8 +1432,12 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
 	NTSTATUS    status;
 	ADS_STATUS  ret;
 	DOM_SID     sid;
-	SEC_DESC   *psd = 0;
-	TALLOC_CTX *ctx = 0;	
+	SEC_DESC   *psd = NULL;
+	TALLOC_CTX *ctx = NULL;	
+
+	/* Avoid segmentation fault in prs_mem_free if
+	 * we have to bail out before prs_init */
+	ps_wire.is_dynamic = False;
 
 	if (!ads) return ADS_ERROR(LDAP_SERVER_DOWN);
 
@@ -1448,7 +1464,11 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
 		goto ads_set_sd_error;
 	}
 
-	ads_pull_sid(ads, msg, attrs[1], &sid);	
+	if (!ads_pull_sid(ads, msg, attrs[1], &sid)) {
+		ret = ADS_ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+		goto ads_set_sd_error;
+	}
+
 	if (!(ctx = talloc_init("sec_io_desc"))) {
 		ret =  ADS_ERROR(LDAP_NO_MEMORY);
 		goto ads_set_sd_error;
@@ -1466,7 +1486,10 @@ ADS_STATUS ads_set_machine_sd(ADS_STRUCT *ads, const char *hostname, char *dn)
 		goto ads_set_sd_error;
 	}
 
-	prs_init(&ps_wire, sd_size, ctx, MARSHALL);
+	if (!prs_init(&ps_wire, sd_size, ctx, MARSHALL)) {
+		ret = ADS_ERROR_NT(NT_STATUS_NO_MEMORY);
+	}
+
 	if (!sec_io_desc("sd_wire", &psd, &ps_wire, 1)) {
 		ret = ADS_ERROR(LDAP_NO_MEMORY);
 		goto ads_set_sd_error;
diff --git a/source3/libads/ldap_printer.c b/source3/libads/ldap_printer.c
index 87ea058896..f5cd4f2885 100644
--- a/source3/libads/ldap_printer.c
+++ b/source3/libads/ldap_printer.c
@@ -85,8 +85,7 @@ static BOOL map_sz(TALLOC_CTX *ctx, ADS_MODLIST *mods,
 		return False;
 
 	if (value->size && *((smb_ucs2_t *) value->data_p)) {
-		pull_ucs2_talloc(ctx, (void **) &str_value, 
-				 (const smb_ucs2_t *) value->data_p);
+		pull_ucs2_talloc(ctx, &str_value, (const smb_ucs2_t *) value->data_p);
 		status = ads_mod_str(ctx, mods, value->valuename, str_value);
 		return ADS_ERR_OK(status);
 	}
@@ -155,9 +154,8 @@ static BOOL map_multi_sz(TALLOC_CTX *ctx, ADS_MODLIST *mods,
 
 		cur_str = (smb_ucs2_t *) value->data_p;
 		for (i=0; i < num_vals; i++)
-			cur_str += pull_ucs2_talloc(ctx, 
-						    (void **) &str_values[i], 
-						    cur_str);
+			cur_str += pull_ucs2_talloc(ctx, &str_values[i],
+			                            cur_str);
 
 		status = ads_mod_strlist(ctx, mods, value->valuename, 
 					 (const char **) str_values);
diff --git a/source3/libsmb/asn1.c b/source3/libsmb/asn1.c
index 333d157905..09d4fbb6c9 100644
--- a/source3/libsmb/asn1.c
+++ b/source3/libsmb/asn1.c
@@ -240,7 +240,9 @@ BOOL asn1_start_tag(ASN1_DATA *data, uint8 tag)
 	uint8 b;
 	struct nesting *nesting;
 	
-	asn1_read_uint8(data, &b);
+	if (!asn1_read_uint8(data, &b))
+		return False;
+
 	if (b != tag) {
 		data->has_error = True;
 		return False;
@@ -251,13 +253,18 @@ BOOL asn1_start_tag(ASN1_DATA *data, uint8 tag)
 		return False;
 	}
 
-	asn1_read_uint8(data, &b);
+	if (!asn1_read_uint8(data, &b)) {
+		return False;
+	}
+
 	if (b & 0x80) {
 		int n = b & 0x7f;
-		asn1_read_uint8(data, &b);
+		if (!asn1_read_uint8(data, &b))
+			return False;
 		nesting->taglen = b;
 		while (n > 1) {
-			asn1_read_uint8(data, &b);
+			if (!asn1_read_uint8(data, &b)) 
+				return False;
 			nesting->taglen = (nesting->taglen << 8) | b;
 			n--;
 		}
@@ -404,7 +411,11 @@ BOOL asn1_check_enumerated(ASN1_DATA *data, int v)
 	if (!asn1_start_tag(data, ASN1_ENUMERATED)) return False;
 	asn1_read_uint8(data, &b);
 	asn1_end_tag(data);
-	return !data->has_error && (v == b);
+
+	if (v != b)
+		data->has_error = False;
+
+	return !data->has_error;
 }
 
 /* write an enumarted value to the stream */
diff --git a/source3/libsmb/clispnego.c b/source3/libsmb/clispnego.c
index 3e28baa417..41b5c3f990 100644
--- a/source3/libsmb/clispnego.c
+++ b/source3/libsmb/clispnego.c
@@ -345,7 +345,7 @@ DATA_BLOB spnego_gen_negTokenTarg(const char *principal, int time_offset)
 /*
   parse a spnego NTLMSSP challenge packet giving two security blobs
 */
-BOOL spnego_parse_challenge(DATA_BLOB blob,
+BOOL spnego_parse_challenge(const DATA_BLOB blob,
 			    DATA_BLOB *chal1, DATA_BLOB *chal2)
 {
 	BOOL ret;
@@ -387,7 +387,7 @@ BOOL spnego_parse_challenge(DATA_BLOB blob,
 
 
 /*
- generate a SPNEGO NTLMSSP auth packet. This will contain the encrypted passwords
+ generate a SPNEGO auth packet. This will contain the encrypted passwords
 */
 DATA_BLOB spnego_gen_auth(DATA_BLOB blob)
 {
@@ -412,7 +412,7 @@ DATA_BLOB spnego_gen_auth(DATA_BLOB blob)
 }
 
 /*
- parse a SPNEGO NTLMSSP auth packet. This contains the encrypted passwords
+ parse a SPNEGO auth packet. This contains the encrypted passwords
 */
 BOOL spnego_parse_auth(DATA_BLOB blob, DATA_BLOB *auth)
 {
@@ -447,11 +447,11 @@ DATA_BLOB spnego_gen_auth_response(DATA_BLOB *ntlmssp_reply, NTSTATUS nt_status)
 	uint8 negResult;
 
 	if (NT_STATUS_IS_OK(nt_status)) {
-		negResult = SPNGEO_NEG_RESULT_ACCEPT;
+		negResult = SPNEGO_NEG_RESULT_ACCEPT;
 	} else if (NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
-		negResult = SPNGEO_NEG_RESULT_INCOMPLETE; 
+		negResult = SPNEGO_NEG_RESULT_INCOMPLETE; 
 	} else {
-		negResult = SPNGEO_NEG_RESULT_REJECT; 
+		negResult = SPNEGO_NEG_RESULT_REJECT; 
 	}
 
 	ZERO_STRUCT(data);
@@ -461,7 +461,8 @@ DATA_BLOB spnego_gen_auth_response(DATA_BLOB *ntlmssp_reply, NTSTATUS nt_status)
 	asn1_push_tag(&data, ASN1_CONTEXT(0));
 	asn1_write_enumerated(&data, negResult);
 	asn1_pop_tag(&data);
-	if (negResult == SPNGEO_NEG_RESULT_INCOMPLETE) {
+
+	if (negResult == SPNEGO_NEG_RESULT_INCOMPLETE) {
 		asn1_push_tag(&data,ASN1_CONTEXT(1));
 		asn1_write_OID(&data, OID_NTLMSSP);
 		asn1_pop_tag(&data);
diff --git a/source3/libsmb/errormap.c b/source3/libsmb/errormap.c
index 09340caccd..8ee5ee3d31 100644
--- a/source3/libsmb/errormap.c
+++ b/source3/libsmb/errormap.c
@@ -1410,7 +1410,7 @@ static const struct {
 /*****************************************************************************
 convert a dos eclas/ecode to a NT status32 code
  *****************************************************************************/
-NTSTATUS dos_to_ntstatus(int eclass, int ecode)
+NTSTATUS dos_to_ntstatus(uint8 eclass, uint32 ecode)
 {
 	int i;
 	if (eclass == 0 && ecode == 0) return NT_STATUS_OK;
diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c
index b0b3acff8f..8338b34822 100644
--- a/source3/nsswitch/winbindd.c
+++ b/source3/nsswitch/winbindd.c
@@ -790,7 +790,7 @@ static void usage(void)
 	/* Set environment variable so we don't recursively call ourselves.
 	   This may also be useful interactively. */
 
-	SETENV(WINBINDD_DONT_ENV, "1", 1);
+	setenv(WINBINDD_DONT_ENV, "1", 1);
 
 	/* Initialise samba/rpc client stuff */
 
diff --git a/source3/smbwrapper/smbsh.c b/source3/smbwrapper/smbsh.c
index f9697223c4..d853aa1afc 100644
--- a/source3/smbwrapper/smbsh.c
+++ b/source3/smbwrapper/smbsh.c
@@ -92,7 +92,7 @@ int main(int argc, char *argv[])
 		smbw_setshared("PASSWORD", p);
 	}
 
-	smbw_setenv("PS1", "smbsh$ ");
+	setenv("PS1", "smbsh$ ");
 
 	sys_getwd(wd);
 
@@ -101,18 +101,18 @@ int main(int argc, char *argv[])
 	smbw_setshared(line, wd);
 
 	slprintf(line,sizeof(line)-1,"%s/smbwrapper.so", libd);
-	smbw_setenv("LD_PRELOAD", line);
+	etenv("LD_PRELOAD", line);
 
 	slprintf(line,sizeof(line)-1,"%s/smbwrapper.32.so", libd);
 
 	if (file_exist(line, NULL)) {
 		slprintf(line,sizeof(line)-1,"%s/smbwrapper.32.so:DEFAULT", libd);
-		smbw_setenv("_RLD_LIST", line);
+		setenv("_RLD_LIST", line);
 		slprintf(line,sizeof(line)-1,"%s/smbwrapper.so:DEFAULT", libd);
-		smbw_setenv("_RLDN32_LIST", line);
+		setenv("_RLDN32_LIST", line);
 	} else {
 		slprintf(line,sizeof(line)-1,"%s/smbwrapper.so:DEFAULT", libd);
-		smbw_setenv("_RLD_LIST", line);
+		setenv("_RLD_LIST", line);
 	}
 
 	{