6919822 assert failed in ndr_outer_fixed during stress test

6923019 sharing '/' could lead to system panic
6919931 local users not displayed via MMC
6725406 [CLI] smbadm tool is not localized
6725433 [CLI] vscanadm tool is not localized for supported locales
6921957 DC lookup fails when the IP address is not in DNS SRV responses
6920753 smd preferred domain controller property should accept hostnames as well as IP addresses
6878463 Optionset properties for autohome shares are not shown when viewing with sharemgr show -vp
6914411 smbadm add-member does not give clear error when run as unauthorized user

13 files changed, 318 insertions, 79 deletions

diff --git a/usr/src/cmd/Makefile b/usr/src/cmd/Makefile
index 857c04be37..440a3856ce 100644
--- a/usr/src/cmd/Makefile
+++ b/usr/src/cmd/Makefile
@@ -19,7 +19,7 @@
 # CDDL HEADER END
 #
 #
-# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+# Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
 # Use is subject to license terms.
 #
 
@@ -683,6 +683,7 @@ MSGSUBDIRS=		\
 	sgs		\
 	sh		\
 	shcomp		\
+	smbsrv		\
 	sort		\
 	split		\
 	ssh		\
@@ -719,6 +720,7 @@ MSGSUBDIRS=		\
 	volcheck	\
 	volrmmount	\
 	vrrpadm		\
+	vscan		\
 	w		\
 	wbem		\
 	who		\
diff --git a/usr/src/cmd/smbsrv/smbadm/Makefile b/usr/src/cmd/smbsrv/smbadm/Makefile
index e972d0892a..ccf2a8436c 100644
--- a/usr/src/cmd/smbsrv/smbadm/Makefile
+++ b/usr/src/cmd/smbsrv/smbadm/Makefile
@@ -19,11 +19,9 @@
 # CDDL HEADER END
 #
 #
-# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+# Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
 # Use is subject to license terms.
 #
-# ident	"@(#)Makefile	1.5	08/07/16 SMI"
-#
 
 PROG=	smbadm
 SRCS=	smbadm.c
@@ -31,7 +29,7 @@ SRCS=	smbadm.c
 include ../../Makefile.cmd
 include ../Makefile.smbsrv.defs
 
-LDLIBS += -L$(ROOT)/usr/lib/smbsrv -lsmb -lumem
+LDLIBS += -L$(ROOT)/usr/lib/smbsrv -lsmb -lsecdb -lumem
 LDFLAGS += -R/usr/lib/smbsrv
 
 all:		$(PROG)
diff --git a/usr/src/cmd/smbsrv/smbadm/smbadm.c b/usr/src/cmd/smbsrv/smbadm/smbadm.c
index a588dc65eb..2533bf6cc4 100644
--- a/usr/src/cmd/smbsrv/smbadm/smbadm.c
+++ b/usr/src/cmd/smbsrv/smbadm/smbadm.c
@@ -19,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -31,6 +31,7 @@
 #include <err.h>
 #include <ctype.h>
 #include <stdlib.h>
+#include <unistd.h>
 #include <stdio.h>
 #include <syslog.h>
 #include <strings.h>
@@ -38,11 +39,18 @@
 #include <getopt.h>
 #include <libintl.h>
 #include <zone.h>
+#include <pwd.h>
 #include <grp.h>
 #include <libgen.h>
 #include <netinet/in.h>
+#include <auth_attr.h>
+#include <locale.h>
 #include <smbsrv/libsmb.h>
 
+#if !defined(TEXT_DOMAIN)
+#define	TEXT_DOMAIN "SYS_TEST"
+#endif
+
 typedef enum {
 	HELP_ADD_MEMBER,
 	HELP_CREATE,
@@ -58,6 +66,7 @@ typedef enum {
 	HELP_USER_ENABLE
 } smbadm_help_t;
 
+#define	SMBADM_CMDF_NONE	0x00
 #define	SMBADM_CMDF_USER	0x01
 #define	SMBADM_CMDF_GROUP	0x02
 #define	SMBADM_CMDF_TYPEMASK	0x0F
@@ -69,11 +78,18 @@ typedef struct smbadm_cmdinfo {
 	int (*func)(int, char **);
 	smbadm_help_t usage;
 	uint32_t flags;
+	char *auth;
 } smbadm_cmdinfo_t;
 
 smbadm_cmdinfo_t *curcmd;
 static char *progname;
 
+#define	SMBADM_ACTION_AUTH	"solaris.smf.manage.smb"
+#define	SMBADM_VALUE_AUTH	"solaris.smf.value.smb"
+#define	SMBADM_BASIC_AUTH	"solaris.network.hosts.read"
+
+static boolean_t smbadm_checkauth(const char *);
+
 static void smbadm_usage(boolean_t);
 static int smbadm_join_workgroup(const char *);
 static int smbadm_join_domain(const char *, const char *);
@@ -96,27 +112,29 @@ static int smbadm_user_enable(int, char **);
 static smbadm_cmdinfo_t smbadm_cmdtable[] =
 {
 	{ "add-member",		smbadm_group_addmember,	HELP_ADD_MEMBER,
-	SMBADM_CMDF_GROUP },
+		SMBADM_CMDF_GROUP,	SMBADM_ACTION_AUTH },
 	{ "create",		smbadm_group_create,	HELP_CREATE,
-	SMBADM_CMDF_GROUP },
+		SMBADM_CMDF_GROUP,	SMBADM_ACTION_AUTH },
 	{ "delete",		smbadm_group_delete,	HELP_DELETE,
-	SMBADM_CMDF_GROUP },
+		SMBADM_CMDF_GROUP,	SMBADM_ACTION_AUTH },
 	{ "disable-user",	smbadm_user_disable,	HELP_USER_DISABLE,
-	SMBADM_CMDF_USER },
+		SMBADM_CMDF_USER,	SMBADM_ACTION_AUTH },
 	{ "enable-user",	smbadm_user_enable,	HELP_USER_ENABLE,
-	SMBADM_CMDF_USER },
+		SMBADM_CMDF_USER,	SMBADM_ACTION_AUTH },
 	{ "get",		smbadm_group_getprop,	HELP_GET,
-	SMBADM_CMDF_GROUP },
-	{ "join",		smbadm_join,		HELP_JOIN,	0 },
-	{ "list",		smbadm_list,		HELP_LIST,	0 },
+		SMBADM_CMDF_GROUP,	SMBADM_ACTION_AUTH },
+	{ "join",		smbadm_join,		HELP_JOIN,
+		SMBADM_CMDF_NONE,	SMBADM_VALUE_AUTH },
+	{ "list",		smbadm_list,		HELP_LIST,
+		SMBADM_CMDF_NONE,	SMBADM_BASIC_AUTH },
 	{ "remove-member",	smbadm_group_delmember,	HELP_DEL_MEMBER,
-	SMBADM_CMDF_GROUP },
+		SMBADM_CMDF_GROUP,	SMBADM_ACTION_AUTH },
 	{ "rename",		smbadm_group_rename,	HELP_RENAME,
-	SMBADM_CMDF_GROUP },
+		SMBADM_CMDF_GROUP,	SMBADM_ACTION_AUTH },
 	{ "set",		smbadm_group_setprop,	HELP_SET,
-	SMBADM_CMDF_GROUP },
+		SMBADM_CMDF_GROUP,	SMBADM_ACTION_AUTH },
 	{ "show",		smbadm_group_show,	HELP_SHOW,
-	SMBADM_CMDF_GROUP },
+		SMBADM_CMDF_GROUP,	SMBADM_ACTION_AUTH },
 };
 
 #define	SMBADM_NCMD	(sizeof (smbadm_cmdtable) / sizeof (smbadm_cmdtable[0]))
@@ -741,11 +759,10 @@ smbadm_group_create(int argc, char **argv)
 	status = smb_lgrp_add(gname, desc);
 	if (status != SMB_LGRP_SUCCESS) {
 		(void) fprintf(stderr,
-		    gettext("failed to create the group (%s)\n"),
+		    gettext("failed to create %s (%s)\n"), gname,
 		    smb_lgrp_strerror(status));
 	} else {
-		(void) printf(gettext("'%s' created.\n"),
-		    gname);
+		(void) printf(gettext("%s created\n"), gname);
 	}
 
 	return (status);
@@ -945,7 +962,7 @@ smbadm_group_delete(int argc, char **argv)
 		    gettext("failed to delete %s (%s)\n"), gname,
 		    smb_lgrp_strerror(status));
 	} else {
-		(void) printf(gettext("%s deleted.\n"), gname);
+		(void) printf(gettext("%s deleted\n"), gname);
 	}
 
 	return (status);
@@ -1349,6 +1366,9 @@ main(int argc, char **argv)
 	int ret;
 	int i;
 
+	(void) setlocale(LC_ALL, "");
+	(void) textdomain(TEXT_DOMAIN);
+
 	(void) malloc(0);	/* satisfy libumem dependency */
 
 	progname = basename(argv[0]);
@@ -1389,6 +1409,13 @@ main(int argc, char **argv)
 					smbadm_usage(B_TRUE);
 			}
 
+			if (!smbadm_checkauth(curcmd->auth)) {
+				(void) fprintf(stderr,
+				    gettext("%s: %s: authorization denied\n"),
+				    progname, curcmd->name);
+				return (1);
+			}
+
 			if ((ret = smbadm_init()) != 0)
 				return (ret);
 
@@ -1457,6 +1484,20 @@ smbadm_fini(void)
 }
 
 static boolean_t
+smbadm_checkauth(const char *auth)
+{
+	struct passwd *pw;
+
+	if ((pw = getpwuid(getuid())) == NULL)
+		return (B_FALSE);
+
+	if (chkauthattr(auth, pw->pw_name) == 0)
+		return (B_FALSE);
+
+	return (B_TRUE);
+}
+
+static boolean_t
 smbadm_prop_validate(smbadm_prop_t *prop, boolean_t chkval)
 {
 	smbadm_prop_handle_t *pinfo;
diff --git a/usr/src/cmd/vscan/vscanadm/vscanadm.c b/usr/src/cmd/vscan/vscanadm/vscanadm.c
index 066f915b07..246de24365 100644
--- a/usr/src/cmd/vscan/vscanadm/vscanadm.c
+++ b/usr/src/cmd/vscan/vscanadm/vscanadm.c
@@ -19,10 +19,9 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
 
 
 #include <stdio.h>
@@ -38,8 +37,13 @@
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <libintl.h>
+#include <locale.h>
 #include <libvscan.h>
 
+#if !defined(TEXT_DOMAIN)
+#define	TEXT_DOMAIN "SYS_TEST"
+#endif
+
 
 /* Property Names */
 #define	VS_ADM_MAXSIZE		"max-size"
@@ -239,6 +243,9 @@ main(int argc, char **argv)
 	const char *p;
 	int i, err;
 
+	(void) setlocale(LC_ALL, "");
+	(void) textdomain(TEXT_DOMAIN);
+
 	/* executable and subcommand names */
 	if ((p = strrchr(argv[0], '/')) == NULL)
 		vs_adm_cmd = argv[0];
diff --git a/usr/src/lib/libshare/smb/Makefile.com b/usr/src/lib/libshare/smb/Makefile.com
index eaa79123b5..6c72d120f5 100644
--- a/usr/src/lib/libshare/smb/Makefile.com
+++ b/usr/src/lib/libshare/smb/Makefile.com
@@ -19,9 +19,7 @@
 # CDDL HEADER END
 #
 #
-# ident	"@(#)Makefile.com	1.3	08/08/05 SMI"
-#
-# Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+# Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
 # Use is subject to license terms.
 #
 
@@ -45,7 +43,7 @@ LIBSRCS = $(LIBOBJS:%.o=$(SRCDIR)/%.c)
 lintcheck := SRCS = $(LIBSRCS)
 
 LIBS =		$(DYNLIB)
-LDLIBS +=	-lshare -ldlpi -lnsl -lscf -lumem -lc
+LDLIBS +=	-lshare -ldlpi -lnsl -lnvpair -lscf -lumem -lc
 all install := LDLIBS += -lxml2
 
 CFLAGS +=	$(CCVERBOSE)
@@ -80,8 +78,4 @@ pics/smb_scfutil.o:       $(SMBBASE_DIR)/smb_scfutil.c
 	$(COMPILE.c) -o $@ $(SMBBASE_DIR)/smb_scfutil.c
 	$(POST_PROCESS_O)
 
-pics/smb_share_util.o:       $(SMBMLSVC_DIR)/smb_share_util.c
-	$(COMPILE.c) -o $@ $(SMBMLSVC_DIR)/smb_share_util.c
-	$(POST_PROCESS_O)
-
 include ../../../Makefile.targ
diff --git a/usr/src/lib/libshare/smb/libshare_smb.c b/usr/src/lib/libshare/smb/libshare_smb.c
index 64df6d9f16..d32a72be40 100644
--- a/usr/src/lib/libshare/smb/libshare_smb.c
+++ b/usr/src/lib/libshare/smb/libshare_smb.c
@@ -78,7 +78,7 @@ static int range_check_validator_zero_ok(int, char *);
 static int string_length_check_validator(int, char *);
 static int true_false_validator(int, char *);
 static int ipv4_validator(int, char *);
-static int ip_validator(int, char *);
+static int hostname_validator(int, char *);
 static int path_validator(int, char *);
 static int cmd_validator(int, char *);
 static int disposition_validator(int, char *);
@@ -93,6 +93,7 @@ static void smb_csc_option(const char *, smb_share_t *);
 static char *smb_csc_name(const smb_share_t *);
 static sa_group_t smb_get_defaultgrp(sa_handle_t);
 static int interface_validator(int, char *);
+static int smb_update_optionset_props(sa_handle_t, sa_resource_t, nvlist_t *);
 
 static struct {
 	char *value;
@@ -899,7 +900,7 @@ struct smb_proto_option_defs {
 	{ SMB_CI_RESTRICT_ANON, 0, 0, true_false_validator,
 	    SMB_REFRESH_REFRESH },
 	{ SMB_CI_DOMAIN_SRV, 0, MAX_VALUE_BUFLEN,
-	    ip_validator, SMB_REFRESH_REFRESH },
+	    hostname_validator, SMB_REFRESH_REFRESH },
 	{ SMB_CI_ADS_SITE, 0, MAX_VALUE_BUFLEN,
 	    string_length_check_validator, SMB_REFRESH_REFRESH },
 	{ SMB_CI_DYNDNS_ENABLE, 0, 0, true_false_validator, 0 },
@@ -1012,22 +1013,70 @@ ipv4_validator(int index, char *value)
 }
 
 /*
- * Check IP v4/v6 address.
+ * Check that the specified name is an IP address (v4 or v6) or a hostname.
+ * Per RFC 1035 and 1123, names may contain alphanumeric characters, hyphens
+ * and dots.  The first and last character of a label must be alphanumeric.
+ * Interior characters may be alphanumeric or hypens.
+ *
+ * Domain names should not contain underscores but we allow them because
+ * Windows names are often in non-compliance with this rule.
  */
 /*ARGSUSED*/
 static int
-ip_validator(int index, char *value)
+hostname_validator(int index, char *value)
 {
-	char sbytes[INET6_ADDRSTRLEN];
+	char		sbytes[INET6_ADDRSTRLEN];
+	boolean_t	new_label = B_TRUE;
+	char		*p;
+	char		label_terminator;
+	int		len;
 
 	if (value == NULL)
 		return (SA_OK);
 
-	if (strlen(value) == 0)
+	if ((len = strlen(value)) == 0)
+		return (SA_OK);
+
+	if (inet_pton(AF_INET, value, (void *)sbytes) == 1)
 		return (SA_OK);
 
-	if (inet_pton(AF_INET, value, (void *)sbytes) != 1 &&
-	    inet_pton(AF_INET6, value, (void *)sbytes) != 1)
+	if (inet_pton(AF_INET6, value, (void *)sbytes) == 1)
+		return (SA_OK);
+
+	if (len >= MAXHOSTNAMELEN)
+		return (SA_BAD_VALUE);
+
+	if (strspn(value, "0123456789.") == len)
+		return (SA_BAD_VALUE);
+
+	label_terminator = *value;
+
+	for (p = value; *p != '\0'; ++p) {
+		if (new_label) {
+			if (!isalnum(*p))
+				return (SA_BAD_VALUE);
+			new_label = B_FALSE;
+			label_terminator = *p;
+			continue;
+		}
+
+		if (*p == '.') {
+			if (!isalnum(label_terminator))
+				return (SA_BAD_VALUE);
+			new_label = B_TRUE;
+			label_terminator = *p;
+			continue;
+		}
+
+		label_terminator = *p;
+
+		if (isalnum(*p) || *p == '-' || *p == '_')
+			continue;
+
+		return (SA_BAD_VALUE);
+	}
+
+	if (!isalnum(label_terminator))
 		return (SA_BAD_VALUE);
 
 	return (SA_OK);
@@ -1525,6 +1574,7 @@ smb_add_transient(sa_handle_t handle, smb_share_t *si)
 	sa_share_t share;
 	sa_group_t group;
 	sa_resource_t resource;
+	nvlist_t *nvl;
 	char *opt;
 
 	if (si == NULL)
@@ -1562,16 +1612,26 @@ smb_add_transient(sa_handle_t handle, smb_share_t *si)
 		(void) sa_set_resource_attr(resource, SHOPT_AD_CONTAINER,
 		    si->shr_container);
 
+	if (nvlist_alloc(&nvl, NV_UNIQUE_NAME, 0) != 0)
+		return (SA_NO_MEMORY);
+
 	if ((opt = smb_csc_name(si)) != NULL)
-		(void) sa_set_resource_attr(resource, SHOPT_CSC, opt);
+		err |= nvlist_add_string(nvl, SHOPT_CSC, opt);
 
 	opt = (si->shr_flags & SMB_SHRF_ABE) ? "true" : "false";
-	(void) sa_set_resource_attr(resource, SHOPT_ABE, opt);
+	err |= nvlist_add_string(nvl, SHOPT_ABE, opt);
 
 	opt = (si->shr_flags & SMB_SHRF_GUEST_OK) ? "true" : "false";
-	(void) sa_set_resource_attr(resource, SHOPT_GUEST, opt);
+	err |= nvlist_add_string(nvl, SHOPT_GUEST, opt);
+	if (err) {
+		nvlist_free(nvl);
+		return (SA_CONFIG_ERR);
+	}
 
-	return (SA_OK);
+	err = smb_update_optionset_props(handle, resource, nvl);
+
+	nvlist_free(nvl);
+	return (err);
 }
 
 /*
@@ -2297,3 +2357,63 @@ disposition_validator(int index, char *value)
 
 	return (SA_BAD_VALUE);
 }
+
+/*
+ * Updates the optionset properties of the share resource.
+ * The properties are given as a list of name-value pair.
+ * The name argument should be the optionset property name and the value
+ * should be a valid value for the specified property.
+ */
+static int
+smb_update_optionset_props(sa_handle_t handle, sa_resource_t resource,
+    nvlist_t *nvl)
+{
+	sa_property_t prop;
+	sa_optionset_t opts;
+	int err = SA_OK;
+	nvpair_t *cur;
+	char *name, *val;
+
+	if ((opts = sa_get_optionset(resource, SMB_PROTOCOL_NAME)) == NULL) {
+		opts = sa_create_optionset(resource, SMB_PROTOCOL_NAME);
+		if (opts == NULL)
+			return (SA_CONFIG_ERR);
+	}
+
+	cur = nvlist_next_nvpair(nvl, NULL);
+	while (cur != NULL) {
+		name = nvpair_name(cur);
+		err = nvpair_value_string(cur, &val);
+		if ((err != 0) || (name == NULL) || (val == NULL)) {
+			err = SA_CONFIG_ERR;
+			break;
+		}
+
+		prop = NULL;
+		if ((prop = sa_get_property(opts, name)) == NULL) {
+			prop = sa_create_property(name, val);
+			if (prop != NULL) {
+				err = sa_valid_property(handle, opts,
+				    SMB_PROTOCOL_NAME, prop);
+				if (err != SA_OK) {
+					(void) sa_remove_property(prop);
+					break;
+				}
+			}
+			err = sa_add_property(opts, prop);
+			if (err != SA_OK)
+				break;
+		} else {
+			err = sa_update_property(prop, val);
+			if (err != SA_OK)
+				break;
+		}
+
+		cur = nvlist_next_nvpair(nvl, cur);
+	}
+
+	if (err == SA_OK)
+		err = sa_commit_properties(opts, 0);
+
+	return (err);
+}
diff --git a/usr/src/lib/smbsrv/libmlrpc/common/ndr_process.c b/usr/src/lib/smbsrv/libmlrpc/common/ndr_process.c
index dc6c8a2c51..f7046700f3 100644
--- a/usr/src/lib/smbsrv/libmlrpc/common/ndr_process.c
+++ b/usr/src/lib/smbsrv/libmlrpc/common/ndr_process.c
@@ -695,7 +695,10 @@ ndr_outer_fixed(ndr_ref_t *outer_ref)
 	switch (nds->m_op) {
 	case NDR_M_OP_MARSHALL:
 		valp = outer_ref->datum;
-		assert(valp);
+		if (!valp) {
+			NDR_SET_ERROR(outer_ref, NDR_ERR_OUTER_PARAMS_BAD);
+			return (0);
+		}
 		if (outer_ref->backptr)
 			assert(valp == *outer_ref->backptr);
 		break;
@@ -782,7 +785,10 @@ ndr_outer_fixed_array(ndr_ref_t *outer_ref)
 	switch (nds->m_op) {
 	case NDR_M_OP_MARSHALL:
 		valp = outer_ref->datum;
-		assert(valp);
+		if (!valp) {
+			NDR_SET_ERROR(outer_ref, NDR_ERR_OUTER_PARAMS_BAD);
+			return (0);
+		}
 		if (outer_ref->backptr)
 			assert(valp == *outer_ref->backptr);
 		break;
@@ -877,7 +883,10 @@ ndr_outer_conformant_array(ndr_ref_t *outer_ref)
 			return (0);	/* error already set */
 
 		valp = outer_ref->datum;
-		assert(valp);
+		if (!valp) {
+			NDR_SET_ERROR(outer_ref, NDR_ERR_OUTER_PARAMS_BAD);
+			return (0);
+		}
 		if (outer_ref->backptr)
 			assert(valp == *outer_ref->backptr);
 		n_ptr_offset = 4;
@@ -1006,7 +1015,10 @@ ndr_outer_conformant_construct(ndr_ref_t *outer_ref)
 			return (0);	/* error already set */
 
 		valp = outer_ref->datum;
-		assert(valp);
+		if (!valp) {
+			NDR_SET_ERROR(outer_ref, NDR_ERR_OUTER_PARAMS_BAD);
+			return (0);
+		}
 		if (outer_ref->backptr)
 			assert(valp == *outer_ref->backptr);
 		break;
@@ -1187,7 +1199,10 @@ ndr_outer_string(ndr_ref_t *outer_ref)
 	switch (nds->m_op) {
 	case NDR_M_OP_MARSHALL:
 		valp = outer_ref->datum;
-		assert(valp);
+		if (!valp) {
+			NDR_SET_ERROR(outer_ref, NDR_ERR_OUTER_PARAMS_BAD);
+			return (0);
+		}
 
 		if (outer_ref->backptr)
 			assert(valp == *outer_ref->backptr);
diff --git a/usr/src/lib/smbsrv/libmlsvc/common/winreg_svc.c b/usr/src/lib/smbsrv/libmlsvc/common/winreg_svc.c
index c2f0814025..bdd613cfc4 100644
--- a/usr/src/lib/smbsrv/libmlsvc/common/winreg_svc.c
+++ b/usr/src/lib/smbsrv/libmlsvc/common/winreg_svc.c
@@ -638,11 +638,12 @@ winreg_s_FlushKey(void *arg, ndr_xa_t *mxa)
 static int
 winreg_s_GetKeySec(void *arg, ndr_xa_t *mxa)
 {
-	struct winreg_GetKeySec *param = arg;
-	struct winreg_value	*sd_buf;
-	smb_sd_t		sd;
-	uint32_t		sd_len;
-	uint32_t		status;
+	static struct winreg_secdesc	error_sd;
+	struct winreg_GetKeySec		*param = arg;
+	struct winreg_value		*sd_buf;
+	smb_sd_t			sd;
+	uint32_t			sd_len;
+	uint32_t			status;
 
 	bzero(&sd, sizeof (smb_sd_t));
 
@@ -650,17 +651,16 @@ winreg_s_GetKeySec(void *arg, ndr_xa_t *mxa)
 		goto winreg_getkeysec_error;
 
 	sd_len = smb_sd_len(&sd, SMB_ALL_SECINFO);
+	sd_buf = NDR_MALLOC(mxa, sd_len + sizeof (struct winreg_value));
 
 	param->sd = NDR_MALLOC(mxa, sizeof (struct winreg_secdesc));
-	if (param->sd == NULL) {
+	if ((param->sd == NULL) || (sd_buf == NULL)) {
 		status = ERROR_NOT_ENOUGH_MEMORY;
 		goto winreg_getkeysec_error;
 	}
 
 	param->sd->sd_len = sd_len;
 	param->sd->sd_size = sd_len;
-
-	sd_buf = NDR_MALLOC(mxa, sd_len + sizeof (struct winreg_value));
 	param->sd->sd_buf = sd_buf;
 
 	sd_buf->vc_first_is = 0;
@@ -673,6 +673,7 @@ winreg_s_GetKeySec(void *arg, ndr_xa_t *mxa)
 winreg_getkeysec_error:
 	smb_sd_term(&sd);
 	bzero(param, sizeof (struct winreg_GetKeySec));
+	param->sd = &error_sd;
 	param->status = status;
 	return (NDR_DRC_OK);
 }
diff --git a/usr/src/lib/smbsrv/libsmb/common/smb_cfg.c b/usr/src/lib/smbsrv/libsmb/common/smb_cfg.c
index 42d8536bf2..5d44546df0 100644
--- a/usr/src/lib/smbsrv/libsmb/common/smb_cfg.c
+++ b/usr/src/lib/smbsrv/libsmb/common/smb_cfg.c
@@ -19,12 +19,10 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
-#pragma ident	"@(#)smb_cfg.c	1.5	08/07/08 SMI"
-
 /*
  * CIFS configuration management library
  */
@@ -355,6 +353,8 @@ smb_config_getstr(smb_cfg_id_t id, char *cbuf, int bufsz)
 	smb_cfg_param_t *cfg;
 	int rc = SMBD_SMF_OK;
 	char *pg;
+	char protbuf[SMB_ENC_LEN];
+	char *tmp;
 
 	*cbuf = '\0';
 	cfg = smb_config_getent(id);
@@ -365,9 +365,6 @@ smb_config_getstr(smb_cfg_id_t id, char *cbuf, int bufsz)
 		return (SMBD_SMF_SYSTEM_ERR);
 
 	if (cfg->sc_flags & SMB_CF_PROTECTED) {
-		char protbuf[SMB_ENC_LEN];
-		char *tmp;
-
 		if ((rc = smb_smf_create_service_pgroup(handle,
 		    SMBD_PROTECTED_PG_NAME)) != SMBD_SMF_OK)
 			goto error;
@@ -395,11 +392,20 @@ error:
 	return (rc);
 }
 
+/*
+ * Translate the value of an astring SMF property into a binary
+ * IP address. If the value is neither a valid IPv4 nor IPv6
+ * address, attempt to look it up as a hostname using the
+ * configured address type.
+ */
 int
 smb_config_getip(smb_cfg_id_t sc_id, smb_inaddr_t *ipaddr)
 {
-	int rc;
-	char ipstr[INET6_ADDRSTRLEN];
+	int rc, error;
+	int a_family;
+	char ipstr[MAXHOSTNAMELEN];
+	struct hostent *h;
+	smb_cfg_param_t *cfg;
 
 	if (ipaddr == NULL)
 		return (SMBD_SMF_INVALID_ARG);
@@ -407,6 +413,9 @@ smb_config_getip(smb_cfg_id_t sc_id, smb_inaddr_t *ipaddr)
 	bzero(ipaddr, sizeof (smb_inaddr_t));
 	rc = smb_config_getstr(sc_id, ipstr, sizeof (ipstr));
 	if (rc == SMBD_SMF_OK) {
+		if (*ipstr == '\0')
+			return (SMBD_SMF_INVALID_ARG);
+
 		if (inet_pton(AF_INET, ipstr, &ipaddr->a_ipv4) == 1) {
 			ipaddr->a_family = AF_INET;
 			return (SMBD_SMF_OK);
@@ -414,8 +423,28 @@ smb_config_getip(smb_cfg_id_t sc_id, smb_inaddr_t *ipaddr)
 
 		if (inet_pton(AF_INET6, ipstr, &ipaddr->a_ipv6) == 1) {
 			ipaddr->a_family = AF_INET6;
+			return (SMBD_SMF_OK);
+		}
+
+		/*
+		 * The value is neither an IPv4 nor IPv6 address;
+		 * so check if it's a hostname.
+		 */
+		a_family = smb_config_getbool(SMB_CI_IPV6_ENABLE) ?
+		    AF_INET6 : AF_INET;
+		h = getipnodebyname(ipstr, a_family, AI_DEFAULT,
+		    &error);
+		if (h != NULL) {
+			bcopy(*(h->h_addr_list), &ipaddr->a_ip,
+			    h->h_length);
+			ipaddr->a_family = a_family;
+			freehostent(h);
 			rc = SMBD_SMF_OK;
 		} else {
+			cfg = smb_config_getent(sc_id);
+			syslog(LOG_ERR, "smbd/%s: %s unable to get %s "
+			    "address: %d", cfg->sc_name, ipstr,
+			    a_family == AF_INET ?  "IPv4" : "IPv6", error);
 			rc = SMBD_SMF_INVALID_ARG;
 		}
 	}
diff --git a/usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c b/usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c
index f5c82001bc..c5daa8989e 100644
--- a/usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c
+++ b/usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c
@@ -19,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -251,6 +251,8 @@ smb_lgrp_add(char *gname, char *cmnt)
 		smb_lgrp_set_default_privs(&grp);
 	}
 
+	if (smb_lgrp_exists(grp.sg_name))
+		return (SMB_LGRP_EXISTS);
 
 	grp.sg_attr = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT |
 	    SE_GROUP_ENABLED;
@@ -319,6 +321,10 @@ smb_lgrp_delete(char *gname)
 	if (smb_wka_lookup_name(gname) != NULL)
 		return (SMB_LGRP_WKSID);
 
+
+	if (!smb_lgrp_exists(gname))
+		return (SMB_LGRP_NOT_FOUND);
+
 	db = smb_lgrp_db_open(SMB_LGRP_DB_ORW);
 	rc = smb_lgrp_gtbl_delete(db, gname);
 	smb_lgrp_db_close(db);
diff --git a/usr/src/lib/smbsrv/libsmb/common/smb_pwdutil.c b/usr/src/lib/smbsrv/libsmb/common/smb_pwdutil.c
index d8a2d5333e..69a29253b6 100644
--- a/usr/src/lib/smbsrv/libsmb/common/smb_pwdutil.c
+++ b/usr/src/lib/smbsrv/libsmb/common/smb_pwdutil.c
@@ -19,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -382,6 +382,8 @@ smb_pwd_num(void)
 	if (smb_pwd_ops.pwop_num != NULL)
 		return (smb_pwd_ops.pwop_num());
 
+	smb_lucache_update();
+
 	return (smb_lucache_num());
 }
 
@@ -777,7 +779,7 @@ smb_pwd_lock(void)
 }
 
 /*
- * smb_pwd_lock
+ * smb_pwd_unlock
  *
  * A wrapper around smb_pwd_fulck() which unlocks
  * smb password file.
diff --git a/usr/src/lib/smbsrv/libsmbns/common/smbns_ads.c b/usr/src/lib/smbsrv/libsmbns/common/smbns_ads.c
index 3c11363d44..06cdfe0c4c 100644
--- a/usr/src/lib/smbsrv/libsmbns/common/smbns_ads.c
+++ b/usr/src/lib/smbsrv/libsmbns/common/smbns_ads.c
@@ -52,6 +52,9 @@
 #include <smbns_dyndns.h>
 #include <smbns_krb.h>
 
+#define	SMB_ADS_AF_UNKNOWN(x)	(((x)->ipaddr.a_family != AF_INET) && \
+	((x)->ipaddr.a_family != AF_INET6))
+
 #define	SMB_ADS_MAXBUFLEN 100
 #define	SMB_ADS_DN_MAX	300
 #define	SMB_ADS_MAXMSGLEN 512
@@ -811,6 +814,32 @@ smb_ads_getipnodebyname(smb_ads_host_info_t *hentry)
 }
 
 /*
+ *  Checks the IP address to see if it is zero.  If so, then do a host
+ *  lookup by hostname to get the IP address based on the IP family.
+ *
+ *  If the family is unknown then do a lookup by hostame based on the
+ *  setting of the SMB_CI_IPV6_ENABLE property.
+ */
+static int
+smb_ads_set_ipaddr(smb_ads_host_info_t *hentry)
+{
+	if (smb_inet_iszero(&hentry->ipaddr)) {
+		if (smb_ads_getipnodebyname(hentry) < 0)
+			return (-1);
+	} else if (SMB_ADS_AF_UNKNOWN(hentry)) {
+		hentry->ipaddr.a_family =
+		    smb_config_getbool(SMB_CI_IPV6_ENABLE) ? AF_INET6 : AF_INET;
+
+		if (smb_ads_getipnodebyname(hentry) < 0) {
+			hentry->ipaddr.a_family = 0;
+			return (-1);
+		}
+	}
+
+	return (0);
+}
+
+/*
  * smb_ads_find_host
  *
  * Finds an ADS host in a given domain.
@@ -886,11 +915,8 @@ smb_ads_find_host(char *domain, char *kpasswd_srv)
 		return (NULL);
 
 	for (i = 0, hlistp = hlist->ah_list; i < hlist->ah_cnt; i++) {
-		/* Do a host lookup by hostname to get the IP address */
-		if (smb_inet_iszero(&hlistp[i].ipaddr)) {
-			if (smb_ads_getipnodebyname(&hlistp[i]) < 0)
-				continue;
-		}
+		if (smb_ads_set_ipaddr(&hlistp[i]) < 0)
+			continue;
 
 		if (smb_ads_is_sought_host(&hlistp[i], kpasswd_srv))
 			found_kpasswd_srv = &hlistp[i];
@@ -921,11 +947,8 @@ smb_ads_find_host(char *domain, char *kpasswd_srv)
 			hlist = hlist2;
 			hlistp = hlist->ah_list;
 
-			for (i = 0; i < hlist->ah_cnt; i++) {
-				if (smb_inet_iszero(&hlistp[i].ipaddr) &&
-				    smb_ads_getipnodebyname(&hlistp[i]) < 0)
-						continue;
-			}
+			for (i = 0; i < hlist->ah_cnt; i++)
+				(void) smb_ads_set_ipaddr(&hlistp[i]);
 		}
 	}
 
diff --git a/usr/src/uts/common/fs/smbsrv/smb_node.c b/usr/src/uts/common/fs/smbsrv/smb_node.c
index 009f74baee..0900459219 100644
--- a/usr/src/uts/common/fs/smbsrv/smb_node.c
+++ b/usr/src/uts/common/fs/smbsrv/smb_node.c
@@ -19,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 /*
@@ -338,6 +338,7 @@ smb_node_lookup(
 					node->n_refcnt++;
 					if ((node->n_dnode == NULL) &&
 					    (dnode != NULL) &&
+					    (node != dnode) &&
 					    (strcmp(od_name, "..") != 0) &&
 					    (strcmp(od_name, ".") != 0)) {
 						VALIDATE_DIR_NODE(dnode, node);