s4:dsdb/common: let dsdb_trust_normalize_forest_info_step2() handle SCANNER and BINAR...

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

diff --git a/source4/dsdb/common/util_trusts.c b/source4/dsdb/common/util_trusts.c
index d6ce2fe198a734e12be2748478e445a4edd4366b..9ed1ebe21256349a2b3dd7e91a29899f439791ba 100644 (file)
--- a/source4/dsdb/common/util_trusts.c
+++ b/source4/dsdb/common/util_trusts.c
@@ -1278,6 +1278,9 @@ NTSTATUS dsdb_trust_normalize_forest_info_step2(TALLOC_CTX *mem_ctx,
         * Now we add TOP_LEVEL_NAME[_EX] in reverse order
         * followed by LSA_FOREST_TRUST_DOMAIN_INFO in reverse order.
         *
+        * LSA_FOREST_TRUST_SCANNER_INFO and LSA_FOREST_TRUST_BINARY_DATA
+        * are added last.
+        *
         * This also removes the possible NULL entries generated in step1.
         */
 
@@ -1297,6 +1300,8 @@ NTSTATUS dsdb_trust_normalize_forest_info_step2(TALLOC_CTX *mem_ctx,
                        break;
 
                case LSA_FOREST_TRUST_DOMAIN_INFO:
+               case LSA_FOREST_TRUST_BINARY_DATA:
+               case LSA_FOREST_TRUST_SCANNER_INFO:
                        skip = true;
                        break;
 
@@ -1335,6 +1340,8 @@ NTSTATUS dsdb_trust_normalize_forest_info_step2(TALLOC_CTX *mem_ctx,
                switch (gftr->type) {
                case LSA_FOREST_TRUST_TOP_LEVEL_NAME:
                case LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX:
+               case LSA_FOREST_TRUST_BINARY_DATA:
+               case LSA_FOREST_TRUST_SCANNER_INFO:
                        skip = true;
                        break;
 
@@ -1363,6 +1370,92 @@ NTSTATUS dsdb_trust_normalize_forest_info_step2(TALLOC_CTX *mem_ctx,
                }
        }
 
+       for (g = 0; g < gfti->count; g++) {
+               const struct lsa_ForestTrustRecord2 *gftr = gfti->entries[gfti->count - (g+1)];
+               struct lsa_ForestTrustRecord2 tftr;
+               bool skip = false;
+               NTSTATUS status;
+
+               if (gftr == NULL) {
+                       continue;
+               }
+
+               switch (gftr->type) {
+               case LSA_FOREST_TRUST_TOP_LEVEL_NAME:
+               case LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX:
+               case LSA_FOREST_TRUST_DOMAIN_INFO:
+               case LSA_FOREST_TRUST_BINARY_DATA:
+                       skip = true;
+                       break;
+
+               case LSA_FOREST_TRUST_SCANNER_INFO:
+                       break;
+
+               default:
+                       TALLOC_FREE(frame);
+                       return NT_STATUS_INVALID_PARAMETER;
+               }
+
+               if (skip) {
+                       continue;
+               }
+
+               /* make a copy in order to update the time. */
+               tftr = *gftr;
+               if (tftr.time == 0) {
+                       tftr.time = now;
+               }
+
+               status = dsdb_trust_forest_info_add_record(nfti, &tftr);
+               if (!NT_STATUS_IS_OK(status)) {
+                       TALLOC_FREE(frame);
+                       return status;
+               }
+       }
+
+       for (g = 0; g < gfti->count; g++) {
+               const struct lsa_ForestTrustRecord2 *gftr = gfti->entries[gfti->count - (g+1)];
+               struct lsa_ForestTrustRecord2 tftr;
+               bool skip = false;
+               NTSTATUS status;
+
+               if (gftr == NULL) {
+                       continue;
+               }
+
+               switch (gftr->type) {
+               case LSA_FOREST_TRUST_TOP_LEVEL_NAME:
+               case LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX:
+               case LSA_FOREST_TRUST_DOMAIN_INFO:
+               case LSA_FOREST_TRUST_SCANNER_INFO:
+                       skip = true;
+                       break;
+
+               case LSA_FOREST_TRUST_BINARY_DATA:
+                       break;
+
+               default:
+                       TALLOC_FREE(frame);
+                       return NT_STATUS_INVALID_PARAMETER;
+               }
+
+               if (skip) {
+                       continue;
+               }
+
+               /* make a copy in order to update the time. */
+               tftr = *gftr;
+               if (tftr.time == 0) {
+                       tftr.time = now;
+               }
+
+               status = dsdb_trust_forest_info_add_record(nfti, &tftr);
+               if (!NT_STATUS_IS_OK(status)) {
+                       TALLOC_FREE(frame);
+                       return status;
+               }
+       }
+
        *_nfti = talloc_move(mem_ctx, &nfti);
        TALLOC_FREE(frame);
        return NT_STATUS_OK;