From ce3635832d8bbd76c5cfe6867432bc8815042f28 Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 12 Feb 2025 16:41:02 +0100
Subject: [PATCH] s4:dsdb/common: let dsdb_trust_normalize_forest_info_step1()
 handle BINARY and SCANNER records

Note for scanner records we need to filter out duplicates,
but binary records may exist multiple times.

Review with: git show -w

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
---
 source4/dsdb/common/util_trusts.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/source4/dsdb/common/util_trusts.c b/source4/dsdb/common/util_trusts.c
index cdd7f8ac830..d6ce2fe198a 100644
--- a/source4/dsdb/common/util_trusts.c
+++ b/source4/dsdb/common/util_trusts.c
@@ -958,6 +958,19 @@ NTSTATUS dsdb_trust_normalize_forest_info_step1(TALLOC_CTX *mem_ctx,
 			nsid = ninfo->domain_sid;
 			break;
 
+		case LSA_FOREST_TRUST_BINARY_DATA:
+			continue;
+
+		case LSA_FOREST_TRUST_SCANNER_INFO:
+			if (nftr->flags & ~LSA_TLN_DISABLED_NEW) {
+				return NT_STATUS_INVALID_PARAMETER;
+			}
+			ninfo = &nftr->forest_trust_data.scanner_info;
+			ntln = &ninfo->dns_domain_name;
+			nnb = &ninfo->netbios_domain_name;
+			nsid = ninfo->domain_sid;
+			break;
+
 		default:
 			TALLOC_FREE(frame);
 			return NT_STATUS_INVALID_PARAMETER;
@@ -1032,6 +1045,13 @@ NTSTATUS dsdb_trust_normalize_forest_info_step1(TALLOC_CTX *mem_ctx,
 				csid = cinfo->domain_sid;
 				break;
 
+			case LSA_FOREST_TRUST_SCANNER_INFO:
+				cinfo = &cftr->forest_trust_data.scanner_info;
+				ctln = &cinfo->dns_domain_name;
+				cnb = &cinfo->netbios_domain_name;
+				csid = cinfo->domain_sid;
+				break;
+
 			default:
 				TALLOC_FREE(frame);
 				return NT_STATUS_INVALID_PARAMETER;
@@ -1055,6 +1075,13 @@ NTSTATUS dsdb_trust_normalize_forest_info_step1(TALLOC_CTX *mem_ctx,
 				break;
 			}
 
+			if (cftr->type == LSA_FOREST_TRUST_SCANNER_INFO) {
+				/*
+				 * ignore the sid
+				 */
+				continue;
+			}
+
 			cmp = dom_sid_compare(nsid, csid);
 			if (cmp == 0) {
 				nftr = NULL;
-- 
2.47.2