git.samba.org - samba.git/log

VERSION: Disable git snapshot for the 4.0.19 release.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10633
CVE-2014-0244: nmbd denial of service

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10654
CVE-2014-3493: Segmentation fault in smbd_marshall_dir_entry()'s
SMB_FIND_FILE_UNIX handler because push_ascii() has returned(uint32_t)-1
via srvstr_push(), incrementing p by 4GB

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.0.19.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10633
CVE-2014-0244: nmbd denial of service

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10654
CVE-2014-3493: Segmentation fault in smbd_marshall_dir_entry()'s
SMB_FIND_FILE_UNIX handler because push_ascii() has returned(uint32_t)-1
via srvstr_push(), incrementing p by 4GB

Signed-off-by: Karolin Seeger <kseeger@samba.org>

s3: smbd - fix processing of packets with invalid DOS charset conversions.

Bug 10654 - Segmentation fault in smbd_marshall_dir_entry()'s SMB_FIND_FILE_UNIX handler

https://bugzilla.samba.org/show_bug.cgi?id=10654

Signed-off-by: Jeremy Allison <jra@samba.org>
CVE-2014-3493

s3: nmbd: Fix bug 10633 - nmbd denial of service

The Linux kernel has a bug in that it can give spurious
wakeups on a non-blocking UDP socket for a non-deliverable packet.

When nmbd was changed to use non-blocking sockets it
became vulnerable to a spurious wakeup from poll/epoll.

Fix sys_recvfile() to return on EWOULDBLOCK/EAGAIN.

CVE-2014-0244

Signed-off-by: Jeremy Allison <jra@samba.org>

VERSION: Bump version up to 4.0.19...

and re-enable git snapshots.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

VERSION: Disable git snapshots for the 4.0.18 release.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10549
CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
CVE-2014-0239: DOS in DNS server packet handling

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.0.18.

CVE-2014-0239 Don't reply to replies
CVE-2014-0178: Malformed FSCTL_SRV_ENUMERATE_SNAPSHOTS response

Signed-off-by: Karolin Seeger <kseeger@samba.org>

bug #10609: CVE-2014-0239 Don't reply to replies

Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.

This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609

Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104

(cherry picked from commit 392ec4d241eb19c812cd49ff73bd32b2b09d8533)

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon May 26 14:54:32 CEST 2014 on sn-devel-104

pidl/lib/wscript_build: make use of PERL_LIB_INSTALL_DIR

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10472

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Sat May 10 01:37:33 CEST 2014 on sn-devel-104
(cherry picked from commit cf75ef9f73f2cdbf2a039bbc9468f5da6a14834e)

script/autobuild: make use of --with-perl-{arch,lib}-install-dir

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10472

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit d18ee9e4b6f4c9a24b555c111e08396012c1755a)

wafsamba: Fail with error message if perl doesn't provide valid dirs.

We try harder to get valid directories, we now fallback like this:

vendorarch => sitearch => archlib
and
vendorlib => sitelib => privlib

The new options are --with-perl-arch-install-dir and
--with-perl-lib-install-dir.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10472

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
(cherry picked from commit 2637890ef42a238093f0f3cbdda0d621d5f9b2e2)

wafsamba: If perl can't provide defaults, define them.

This should fix the installation on FreeBSD.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10472

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu May 8 13:55:50 CEST 2014 on sn-devel-104
(cherry picked from commit 0ba276ebad57d75a769e22414f94acbe8c177d97)

FSCTL_GET_SHADOW_COPY_DATA: Don't return 4 extra bytes at end

labels_data_count already accounts for the unicode null character at the
end of the array. There is no need in adding space for it again.

Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Aug 6 04:03:17 CEST 2013 on sn-devel-104

(cherry picked from commit eb50fb8f3bf670bd7d1cf8fd4368ef4a73083696)

The last 2 patches address bug #10549 - CVE-2014-0178: Malformed
FSCTL_SRV_ENUMERATE_SNAPSHOTS response.

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon May 19 14:29:18 CEST 2014 on sn-devel-104

FSCTL_GET_SHADOW_COPY_DATA: Initialize output array to zero

Otherwise num_volumes and the end marker can return uninitialized data
to the client.

Signed-off-by: Christof Schmitt <christof.schmitt@us.ibm.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Simo Sorce <idra@samba.org>
(cherry picked from commit 30e724cbff1ecd90e5a676831902d1e41ec1b347)

s3: smbd : Fix wildcard unlink to fail if we get an error rather than trying to continue.

This can break smbd if we end up leaving a SHARING_VIOLATION
retry record on the queue.

Signed-off-by: Jeremy Allison <jra@samba.org>
Fix bug #10577 - SMB1 wildcard unlink fail can leave a retry record on the open
retry queue.

s3: smbd: Remove open_file_fchmod().

No longer used (hurrah!).

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri May 2 23:47:38 CEST 2014 on sn-devel-104

s3: smbd: change file_set_dosmode() to use get_file_handle_for_metadata() instead of open_file_fchmod().

get_file_handle_for_metadata() is a new function that
finds an existing open handle (fsp->fh->fd != -1) for
a given dev/ino if there is one available, and uses
INTERNAL_OPEN_ONLY with WRITE_DATA access if not.

Allows open_file_fchmod() to be removed next.

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>

s3: smbd : Ensure file_new doesn't call into smbXsrv_open_create() for INTERNAL_OPEN_ONLY.

This causes deadlocks which cause smbd to crash if the locking
database has already been locked for a compound operation we
need to be atomic (as in the file rename case).

Ensure INTERNAL_OPEN_ONLY opens are synonymous with req==NULL.

INTERNAL_OPEN_ONLY opens leave a NO_OPLOCK record in
the share mode database, so they can be detected by other
processes for share mode violation purposes (because
they're doing an operation on the file that may include
reads or writes they need to have real state inside the
locking database) but have an fnum of FNUM_FIELD_INVALID
and a local share_file_id of zero, as they will never be
seen on the wire.

Ensure validate_my_share_entries() ignores
INTERNAL_OPEN_ONLY records (share_file_id == 0).

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>

s3 : smbd : Protect all possible code paths from fsp->op == NULL.

In changes to come this will be possible for an INTERNAL_OPEN_ONLY.
The protection was already in place for some code paths, this
makes the coverage compete.

Bug 10564 - Lock order violation and file lost

https://bugzilla.samba.org/show_bug.cgi?id=10564

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

byteorder: do not assume PowerPC is big-endian

byteorder.h currently uses reverse-indexing ASM instructions for little
endian multi-byte storage/retrieval on PowerPC. With Power8 this is an
incorrect assumption, as it can be big or little endian.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10590

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit 5bf6ed5ebd0dc5ecdc5bcfb1d4720e9251849adc)

Fix an empty if statement.

Primarily following the precedent set by other uses of composite_is_ok(), but
also making sure nothing tries to use c after this point if it is in fact not
ok.

Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Fix bug #10348 - Empty body in if-statement in continue_domain_open_lookup.

Minor typo fix in source3/wscript.

Signed-off-by: Jose A. Rivera <jarrpa@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon May 5 22:41:19 CEST 2014 on sn-devel-104

Fix bug #10151 - Extra ':' in msg for Waf Cross Compile Build System with
Cross-answers command.

s3: smbd - smb1 - fix read of deleted memory in reply_writeclose().

While running smbtorture test raw.write under valgrind an "Invalid read"
was reported in methid reply_writeclose, it seems after closing a file
sometime later we try to access it again.

Signed-off-by: Noel Power <noel.power@suse.com>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Mar 3 20:42:40 CET 2014 on sn-devel-104
(cherry picked from commit 04e434661fa6b5f13776f925b0a7cbadb6b6d006)

Fix bug #10554 - request backport for 'smb1 - fix read of deleted memory in
reply_writeclose()'.

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Fri May 2 15:39:19 CEST 2014 on sn-devel-104

lib-util: rename memdup to smb_memdup and fix all callers (bug #10556)

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit fae7e5d771d1c69bded1189b23335647023fa0f7)

Conflicts:
ctdb/lib/util/util.h

Also renamed memdup() in source3/locking/brlock.c

build: fix ordering problems with lib-provided and internal RPATHs

When a library or system (like cups) provides an RPATH,
e.g. with -Wl,-R or -Wl,-rpath, this was added by waf
to the LINKFLAGS, wich was later prepended to our RPATH.
But if the path by chance contains an older version of
one of our internal libraries like talloc, this would lead
to linking the too old talloc into our binaries.

This has been observed on, e.g., FreeBSD, but it is a general
problem.

This patch fixes the problem by specially parsing the RPATH
linker options from the pkg-config(, cups-config, ....) output
and putting the paths into the RPATH_<lib> container, which
is then later correctly appended to our internal RPATH.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 64f5e24100a764ec198cab9a8d2c43fa86e7027c)

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10548

Revert "tevent: fix crash bug in tevent_queue_immediate_trigger()"

This reverts commit fc185a5f4cb34f4a2488eb336844c32812f930e7.

See https://bugzilla.samba.org/show_bug.cgi?id=10344 for details.

Stefan (metze) Metzmacher 2014-04-11 07:28:18 UTC

Karolin, please revert fc185a5f4cb34f4a2488eb336844c32812f930e7 in v4-0-test,
this somehow went in twice. 87a02403ee4fcc404dc3b887a851c421660cb4d8 is the
first commit.

It's not a real problem to have the same check twice, but it's a bit confusing
and may generate problems with future backports.

s3-lib/util: fix logic inside set_namearray loops.

Additional fix for bug #10544 - s3-lib/util: set_namearray reads across end of namelist string.

Not strictly needed as the initial fix addresses
the problem, but corrects the internal logic
inside the loops.

https://bugzilla.samba.org/show_bug.cgi?id=10544

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 4f59580331b934b183c3344da57f2002d88d4512)

s3-lib/util: fix read across end of namelist string

If the namelist is not terminated with a '/', we try to read
the next character after the string termination '\0'.

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 8 21:44:16 CEST 2014 on sn-devel-104
(cherry picked from commit 8f46b130c5c796d66d26982f5cd99c52f7c8ece1)

Fix bug #10544 - s3-lib/util: set_namearray reads across end of namelist
string.

s3-nmbd: reset debug settings after reading config file (bug #10239)

Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Mar 25 18:29:06 CET 2014 on sn-devel-104

(cherry picked from commit a7df00c82049547129f063a40a842b156c8aead4)

VERSION: Bump version number up to 4.0.18...

and re-enable git snapshots.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.0.17.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

s3: messages: Implement cleanup of dead records.

When a smbd process dies, pending messages.tdb records for this process
might not get cleaned up. Implement a cleanup for dead records that is
triggered after a smbd dies uncleanly; the records for that PID are
deleted.

Based on a patchset from Christof Schmitt <cs@samba.org>.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
(cherry picked from commit 837671f47670b16726aa96ba7a0902974a1037eb)

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10534
Cleanup messages.tdb record after unclean smbd shutdown

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Mon Apr 7 11:55:50 CEST 2014 on sn-devel-104

s3: smbd: Ensure we always go via getgroups_unix_user() when creating an NT token.

This has to be done in every code path that creates
an NT token, as remote users may have been added to
the local /etc/group database. Tokens created merely
from the info3 structs (via the DC or via the krb5 PAC)
won't have these local groups.

This code needs to special-case the guest user, as
this token can have the token_sid[0] set to the Guest
SID, not the mapping of UNIX uid -> SID.

Other users that may have a well-known SID
set in token_sid[0] (like SYSTEM) are usually
not mappable to UNIX users and can be ignored
when adding local groups from /etc/group.

Combined back-port of fixes
6034ab521c47fc5f4732398652c9c6847ff92035 and
a9fa09723bee3588db2168ac13f7ad0334452c11 from
master.

https://bugzilla.samba.org/show_bug.cgi?id=10508

Signed-off-by: Jeremy Allison <jra@samba.org>

tevent: fix crash bug in tevent_queue_immediate_trigger()

Assume we we have a queue with 2 entries (A and B with triggerA() and triggerB()).
If triggerA() removes itself tevent_queue_entry_destructor() will be called
for A, this schedules the immediate event to call triggerB().
If triggerA() then also removes B by an explicit of implizit talloc_free(),
q->list is NULL, but the immediate event is still scheduled and can't be unscheduled.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 7fe5584e2a59584431cb2ddf8a4da22bfb924454)

Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Apr 1 11:33:36 CEST 2014 on sn-devel-104

lsa.idl: define lsa.ForestTrustCollisionInfo and ForestTrustCollisionRecord as public structs

For Python bindings PIDL wants the struct to be defined as public if we
want to use __ndr_print/pack/unpack.

Define the [public] attribute to ForestTrustCollisionInfo/Record to
allow easier debugging when there is collision in establishing a trust.

This change does not affect C code as NDR functions are always
generated, only not exposed in Python bindings.

https://bugzilla.samba.org/show_bug.cgi?id=10504

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Jelmer Vernooij <jelmer@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Mon Mar 24 12:44:50 CET 2014 on sn-devel-104

(cherry picked from commit 59767911bded48388c27d5f9cd2ff1346a1c01a6)

s3-rpc_server: Fix handling of fragmented rpc requests.

We need to call pipe_init_outgoing_data() as the first thing in
process_complete_pdu(). Otherwise the caller may use uninitialized
memory and tries to write a response into the socket.

The problem happens only if a real socket is used, which means
in all cases for master and only with external rpc daemons in v4-0
and v4-1.

The problem looks like this in the logs.

    [2014/03/20 14:49:35.531663, 10, pid=7309, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1627(process_complete_pdu)
      Processing packet type 0
    [2014/03/20 14:49:35.531695, 10, pid=7309, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/srv_pipe.c:1472(dcesrv_auth_request)
      Checking request auth.
    [2014/03/20 14:49:35.531738, 10, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:521(named_pipe_packet_process)
      Sending 1 fragments in a total of 0 bytes
    [2014/03/20 14:49:35.531769, 10, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:526(named_pipe_packet_process)
      Sending PDU number: 0, PDU Length: 4294967228
    [2014/03/20 14:49:35.531801,  2, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:565(named_pipe_packet_done)
      Writev failed!
    [2014/03/20 14:49:35.531845,  2, pid=7309, effective(0, 0), real(0, 0)] ../source3/rpc_server/rpc_server.c:595(named_pipe_packet_done)
      Fatal error(Message too long). Terminating client(127.0.0.1) connection!

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10481

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Guenther Deschner <gd@samba.org
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Thu Mar 20 18:30:17 CET 2014 on sn-devel-104

(cherry picked from commit 5277fc4d0393ffe2e415ad26610b36d2986c62d7)

s3:rpc_server: minor refactoring of process_request_pdu()

Signed-off-by: Gregor Beck <gbeck@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
(cherry picked from commit b5f30205931a4b9d0b3b257d5855869e606f8b63)

pidl-waf: Only install Yapp::Driver if it is not available.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu Mar 6 23:30:47 CET 2014 on sn-devel-104

The last 9 patches address bug #10472 - pidl: waf should have an option
for the dir to install perl files and do not glob.

pidl-waf: Check for system perl(Parse::Yapp::Driver).

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

pidl-waf: Add a function to check for a system perl module.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

pidl-waf: Do not glob to install pidl modules.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

pidl-waf: Install pidl modules to the perl vendorlib directory.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

pidl-waf: Remove unused variable pidl_src.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

autobuild: Set perl vendorlib direcotry.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

buildtools: Add perl vendorlib configure option.

After this patch has been pushed, we need to change autobuild to compile
with this option or we will not be able to install pidl.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

buildtools: Rename perl vendorarch configure option.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

dns: Extend tests for records with another type

Add another check to the one added for bug #10471, for added paranoia

Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue Mar 4 15:47:10 CET 2014 on sn-devel-104

(cherry picked from commit 5bd47bb563c3736b9de1a3a93bdf46a498928643)

bug #10471: Don't respond with NXDOMAIN to records that exist with another type

DNS queries for records with the wrong type need to trigger an empty
response with RCODE_OK instead of returning NXDOMAIN.

This adds a test and fixes bug #10471

Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit d9829df13317b38677d92a499134727ab31fbb0e)

s3: smbd: Fileserving share access checks.

Git commit 86d1e1db8e2747e30c89627cda123fde1e84f579
fixed share_access not being reset between users,
by changing make_connection_snum() to call a common
function check_user_share_access() in the same way
that change_to_user() (which can be called on any
incoming packet) does.

Unfortunately that bugfix was incorrect and
broke "force user" and "force group" as it
called check_user_share_access() inside
make_connection_snum() using the conn->session_info
pointer instead of the vuser->session_info pointer.

conn->session_info represents the token to use
when actually accessing the file system, and so
is modified by force user and force group.

vuser->session_info represents the "pristine"
token of the user logging in, and is never modified
by force user and force group.

Samba 3.6.x checked the share access based on
the "pristine" token of the user logging in,
not the token modified by force user and force group.
This change restores the expected behavior.

Fixes bug #9878 - force user does not work as expected

https://bugzilla.samba.org/show_bug.cgi?id=9878

Signed-off-by: Jeremy Allison <jra@samba.org>

smbreadline: switch to new-style readline typedef

Function, CPFunction, CPPFunction and VFunction typedefs are considered
old-style (deprecated) starting from readline 4.2 (circa 2001).
Compatibility typedefs have been in place up to readline 6.2 but were
removed with the 6.3 release thus causing builds to break.
Switch to the new-style specific prototyped typedef.

Return value is unused so the callback should still be void (see
readline/input.c around line 456 in version 6.3).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Mar 13 00:21:47 CET 2014 on sn-devel-104

(cherry picked from commit 29d779c7029f89e530994c45ae065707ffd62c43)

Fix bug #10506 - smbreadline doesn't build with readline 6.3.

s4:lib/socket: simplify iface_list_wildcard() and its callers

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10464
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Change-Id: Ib317d71dea01fc8ef6b6a26455f15a8a175d59f6
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar 7 02:18:17 CET 2014 on sn-devel-104
(cherry picked from commit f7883ae02a4e8935a44396f776712cebfd411e52)

s4:lib/socket: use the same logic in iface_list_wildcard() as in smbd

If we have ipv6 support we should listen on "::" too.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10464
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Change-Id: I8ce185d5070280149bee9fd33010443be9031089
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit a571fe520d09a00273a58b1fb0fa9aab8e0aefce)

s3:smbd: s/BUFFER_SIZE/LARGE_WRITEX_BUFFER_SIZE

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 5 22:53:34 CET 2014 on sn-devel-104
(cherry picked from commit 032621d5bf842e60dc9cd1cd0d3acc90482462a6)

s3:smbd: fix the maxentries calculation depending on the max_send.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit c899d4fd9c5a337ab82acdf11866df50fb0629e0)

s3:smbd: simplify maxentries calculation in reply_search()

Using helper variables make it much easier to understand.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 734e1b65044a33eba01b41695502c2257c1a4d9e)

s3:smbd: fix the read numtoread calculation depending on the max_send.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 8b746f5a2137b74e28bce5370f5aa9d4bcdac6c2)

s3:smbd: fix the lockread numtoread calculation depending on the max_send.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f69be2c28e097c66907df264794706006fe0ae7f)

s3:smbd: pass the final numtoread reply_outbuf() for the lockread reply.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b86f90611820bcf7826bd1de3c7b05488a8f1b0e)

s3:smbd: fix lockread numtoread calculation to match reply_outbuf() arguments.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 3dac00b568613f5a1322883237e40b98ddd1d71d)

s3:smbd: take less than SMB_BUFFER_SIZE_MIN ('500') as header overhead in ipc.c

We're now sure that sconn->smb1.sessions.max_send is >= SMB_BUFFER_SIZE_MIN.
in order to garantee some progress we need to make sure our assumed
header overhead is less than SMB_BUFFER_SIZE_MIN.

Assuming 372 bytes for the SMBtrans headers should still be more than
enough.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 2ec49cf57c88735be962b0681b487df5efe7ed6b)

s3:smbd: reject a MaxBufferSize < SMB_BUFFER_SIZE_MIN (500) in a session setup request

This makes sure sconn->smb1.sessions.max_send is always >= SMB_BUFFER_SIZE_MIN.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit cce1eaea91088efd742891befdaafade0c1fdce6)

s3:smbd: use sconn->smb1.sessions.max_send = SMB_BUFFER_SIZE_MAX

SMB_BUFFER_SIZE_MAX is UINT16_MAX and the largest value a client
can possibly specify in the session setup request.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 5cd5c1613996ecebdcd632e932957947f4c27308)

s3:smbd: use SMB_BUFFER_SIZE_MIN/MAX to limit lp_max_xmit()

The current limit of 128*1024 causes problems as the value has to be
<= UINT16_MAX otherwise some clients get confused, as they want to
use the MaxBufferSize value from the negprot response (uint32_t)
for the MaxBufferSize value in thet session setup request (uint16_t).
E.g. Windows 7 (as client) sends MaxBufferSize = 0 if the server value
is > UINT16_MAX.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit a349b0bef9085fd139640ec92399bc63d8029cb9)

s3:include: let CLI_BUFFER_SIZE be an alias of SMB_BUFFER_SIZE_MAX

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 7f3faa1f1837870195352253fe220e0677565d9e)

libcli/smb: add SMB_BUFFER_SIZE_MIN/MAX defines

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10422
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 900839e2216048a614f2f0aeb1f79092fc93334f)

s3:param: avoid using BUFFER_SIZE to limit the lp_min_receive_file_size()

There's really no reason to add such limit.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 74f8c3568a5dcdee108a0526cefac9d282361044)

s3:client: only limit the buffer by the given length 'n'

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit f0f245f4c8b1a506e8d06c72d3d6680b95738714)

s3:torture: use CLI_BUFFER_SIZE instead of BUFFER_SIZE

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 05e821b220328b88dd9eece919b8adee3e4281ac)

s3:utils/smbfilter: use a local variable for the packet buffer

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 3667a2eee388915fca2b894ae37375eeed46e941)

s3:smbd: avoid invalid lock_order panic triggered by "CTDB_SRVID_RELEASE_IP"

If smbd_server_connection_terminate("CTDB_SRVID_RELEASE_IP") is triggered from
within ctdbd_migrate(), we got a smb_panic complaining about invalid
lock_order, as ctdbd_migrate is called from dbwrap_fetch_locked().

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10444
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Feb 21 14:51:51 CET 2014 on sn-devel-104
(cherry picked from commit 33f10d06baf44e31d558bc5bd926c886915322cc)

s3:lib/ctdbd_conn: let release_ip_handler return bool

If it returns true the passed ip address matched and we
let a nested ctdb operation fail with NT_STATUS_ADDRESS_CLOSED.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 9677fae6aab26d2bf0884dc31516d2dcd8840c03)

s3:smbd: maintain smbd_server_connection->status

If this isn't NT_STATUS_OK, we skip any io on the socket.

This avoids possible problems during shutdown.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 52ccb40d595fc80bfa53b0b9cd75ffb902369681)

s3:smbd: simplify exit_server_common()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 58c71bee40bb91868fc69d8f7fa640db0e33efae)

s3:smbd: s/EVENT_FD/TEVENT_FD

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
(cherry picked from commit 2672c37a8fbc9ff4e5b74e9a5ae55a3e08beed43)

doc: add "spoolss: architecture" parameter usage

Windows spoolss print clients only allow association of server-side
drivers with printers when the driver architecture matches the
advertised print server architecture. Samba's spoolss print server
architecture can be changed using this parameter.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Wed Oct 16 17:12:34 CEST 2013 on sn-devel-104

(cherry picked from commit b92937e64ed7ce3c7cdd4da0e263c7a53da45c49)

Fix bug #10188 - spoolss: architecture is undocumented.

s4: smbtorture: Add a proper change_notify going async followed by tdis test.

[Bug 10344] SessionLogoff on a signed connection with an outstanding notify request crashes smbd.

https://bugzilla.samba.org/show_bug.cgi?id=10344

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Mar 12 20:12:58 CET 2014 on sn-devel-104

(cherry picked from commit 9c677fff0bb0abc8d19dd67c33b3e044b1a9862e)

s4: smbtorture: Update the torture_smb2_notify_ulogoff test to demonstrate the problem.

[Bug 10344] SessionLogoff on a signed connection with an outstanding notify request crashes smbd.

https://bugzilla.samba.org/show_bug.cgi?id=10344

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 3a727d5d39bab05fa7237e32ffe244ddfebb0ee0)

s3:smb2_tcon: cancel and wait for pending requests on tdis

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 95f96a81083be578ee638c0cebd590228d9a4424)

s3:smb2_sesssetup: cancel and wait for pending requests on logoff

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 7c26475d58a003888b7ba6f17f649cca6d93f6f3)

s3:smb2_tcon: split smbd_smb2_tdis into an async *_send/recv pair.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 195c2d84807a7580e90e288cc813a6c6ca596055)
Signed-off-by: Jeremy Allison <jra@samba.org>

s3:smb2_sesssetup: split smbd_smb2_logoff into an async *_send/recv pair.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10344

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 506817dfc9d18c2c5c35d60a6e61a82917665e2d)
Signed-off-by: Jeremy Allison <jra@samba.org>

s3:smb2_lock: return RANGE_NOT_LOCKED instead of CANCELLED for logoff and tdis

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 4d1d288b89d259f1b69eb3ed643b86d39e03f6bf)

s3:smb2_lock: fix whitespaces/tabs in smbd_smb2_lock_cancel()

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit b49893776167460d921822362e1b55abdd5cc751)

s4:torture/smb2: accept NT_STATUS_RANGE_NOT_LOCKED after smb2_logoff/tdis

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
(cherry picked from commit 0e4f23991f33bed708e99210e5940abc050e5933)

s3: lib: Back-port tevent_queue_wait_send/recv -> smbd_tevent_queue_wait_send/recv

Required for bugfix:

[Bug 10344] SessionLogoff on a signed connection with an outstanding notify request crashes smbd.

https://bugzilla.samba.org/show_bug.cgi?id=10344

Signed-off-by: Jeremy Allison <jra@samba.org>

tevent: fix crash bug in tevent_queue_immediate_trigger()

Assume we we have a queue with 2 entries (A and B with triggerA() and triggerB()).
If triggerA() removes itself tevent_queue_entry_destructor() will be called
for A, this schedules the immediate event to call triggerB().
If triggerA() then also removes B by an explicit of implizit talloc_free(),
q->list is NULL, but the immediate event is still scheduled and can't be unscheduled.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 7fe5584e2a59584431cb2ddf8a4da22bfb924454)

Merge tag 'samba-4.0.16' into v4-0-test

Signed-off-by: Stefan Metzmacher <metze@samba.org>

VERSION: Bump version number up to 4.0.17.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

VERSION: Disable git snapshots for the 4.0.16 release.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245
CVE-2013-4496: Enforce password lockout for SAMR password
changes.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10327
CVE-2013-6442: ensure we don't lose an existing ACL when
setting owner or group owner.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.0.16.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245
CVE-2013-4496: Password lockout not enforced for SAMR password
changes.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10327
CVE-2013-6442: smbcacls --chown | --chgrp dacl regression

Signed-off-by: Karolin Seeger <kseeger@samba.org>

CVE-2013-6442: s3:smbcacls - ensure we don't lose an existing ACL when setting owner or group owner.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10327
Bug 10327 - CVE-2013-6442: smbcacls --chown | --chgrp dacl regression

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

CVE-2013-4496:Revert remainder of ce895609b04380bfc41e4f8fddc84bd2f9324340

Part of this was removed when ChangePasswordUser was unimplemented,
but remove the remainder of this flawed commit. Fully check the
password first, as extract_pw_from_buffer() already does a partial
check of the password because it needs a correct old password to
correctly decrypt the length.

Andrew Bartlett

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

CVE-2013-4496:samr: Remove ChangePasswordUser

This old password change mechanism does not provide the plaintext to
validate against password complexity, and it is not used by modern
clients.

The missing features in both implementations (by design) were:

- the password complexity checks (no plaintext)
- the minimum password length (no plaintext)

Additionally, the source3 version did not check:

- the minimum password age
- pdb_get_pass_can_change() which checks the security
descriptor for the 'user cannot change password' setting.
- the password history
- the output of the 'passwd program' if 'unix passwd sync = yes'.

Finally, the mechanism was almost useless, as it was incorrectly
only made available to administrative users with permission
to reset the password. It is removed here so that it is not
mistakenly reinstated in the future.

Andrew Bartlett

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

CVE-2013-4496:s3:auth: fix memory leak in the ACCOUNT_LOCKED_OUT case.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

CVE-2013-4496:s3-samr: Block attempts to crack passwords via repeated password changes

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

VERSION: Disable git snapshots for the 4.0.16 release.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245
CVE-2013-4496: Enforce password lockout for SAMR password
changes.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10327
CVE-2013-6442: ensure we don't lose an existing ACL when
setting owner or group owner.

Signed-off-by: Karolin Seeger <kseeger@samba.org>

WHATSNEW: Add release notes for Samba 4.0.16.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245
CVE-2013-4496: Password lockout not enforced for SAMR password
changes.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10327
CVE-2013-6442: smbcacls --chown | --chgrp dacl regression

Signed-off-by: Karolin Seeger <kseeger@samba.org>

CVE-2013-6442: s3:smbcacls - ensure we don't lose an existing ACL when setting owner or group owner.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10327
Bug 10327 - CVE-2013-6442: smbcacls --chown | --chgrp dacl regression

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

CVE-2013-4496:Revert remainder of ce895609b04380bfc41e4f8fddc84bd2f9324340

Part of this was removed when ChangePasswordUser was unimplemented,
but remove the remainder of this flawed commit. Fully check the
password first, as extract_pw_from_buffer() already does a partial
check of the password because it needs a correct old password to
correctly decrypt the length.

Andrew Bartlett

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

CVE-2013-4496:samr: Remove ChangePasswordUser

This old password change mechanism does not provide the plaintext to
validate against password complexity, and it is not used by modern
clients.

The missing features in both implementations (by design) were:

- the password complexity checks (no plaintext)
- the minimum password length (no plaintext)

Additionally, the source3 version did not check:

- the minimum password age
- pdb_get_pass_can_change() which checks the security
descriptor for the 'user cannot change password' setting.
- the password history
- the output of the 'passwd program' if 'unix passwd sync = yes'.

Finally, the mechanism was almost useless, as it was incorrectly
only made available to administrative users with permission
to reset the password. It is removed here so that it is not
mistakenly reinstated in the future.

Andrew Bartlett

Bug: https://bugzilla.samba.org/show_bug.cgi?id=10245

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>