From: Stefan Metzmacher Date: Wed, 12 Feb 2025 15:48:05 +0000 (+0100) Subject: s4:dsdb/common: let dsdb_trust_normalize_forest_info_step2() handle SCANNER and BINAR... X-Git-Tag: tevent-0.17.0~689 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=02b4fdd41dc1d82fc8b92949fabf128bb4c5da73;p=thirdparty%2Fsamba.git s4:dsdb/common: let dsdb_trust_normalize_forest_info_step2() handle SCANNER and BINARY records Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme --- diff --git a/source4/dsdb/common/util_trusts.c b/source4/dsdb/common/util_trusts.c index d6ce2fe198a..9ed1ebe2125 100644 --- a/source4/dsdb/common/util_trusts.c +++ b/source4/dsdb/common/util_trusts.c @@ -1278,6 +1278,9 @@ NTSTATUS dsdb_trust_normalize_forest_info_step2(TALLOC_CTX *mem_ctx, * Now we add TOP_LEVEL_NAME[_EX] in reverse order * followed by LSA_FOREST_TRUST_DOMAIN_INFO in reverse order. * + * LSA_FOREST_TRUST_SCANNER_INFO and LSA_FOREST_TRUST_BINARY_DATA + * are added last. + * * This also removes the possible NULL entries generated in step1. */ @@ -1297,6 +1300,8 @@ NTSTATUS dsdb_trust_normalize_forest_info_step2(TALLOC_CTX *mem_ctx, break; case LSA_FOREST_TRUST_DOMAIN_INFO: + case LSA_FOREST_TRUST_BINARY_DATA: + case LSA_FOREST_TRUST_SCANNER_INFO: skip = true; break; @@ -1335,6 +1340,8 @@ NTSTATUS dsdb_trust_normalize_forest_info_step2(TALLOC_CTX *mem_ctx, switch (gftr->type) { case LSA_FOREST_TRUST_TOP_LEVEL_NAME: case LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX: + case LSA_FOREST_TRUST_BINARY_DATA: + case LSA_FOREST_TRUST_SCANNER_INFO: skip = true; break; @@ -1363,6 +1370,92 @@ NTSTATUS dsdb_trust_normalize_forest_info_step2(TALLOC_CTX *mem_ctx, } } + for (g = 0; g < gfti->count; g++) { + const struct lsa_ForestTrustRecord2 *gftr = gfti->entries[gfti->count - (g+1)]; + struct lsa_ForestTrustRecord2 tftr; + bool skip = false; + NTSTATUS status; + + if (gftr == NULL) { + continue; + } + + switch (gftr->type) { + case LSA_FOREST_TRUST_TOP_LEVEL_NAME: + case LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX: + case LSA_FOREST_TRUST_DOMAIN_INFO: + case LSA_FOREST_TRUST_BINARY_DATA: + skip = true; + break; + + case LSA_FOREST_TRUST_SCANNER_INFO: + break; + + default: + TALLOC_FREE(frame); + return NT_STATUS_INVALID_PARAMETER; + } + + if (skip) { + continue; + } + + /* make a copy in order to update the time. */ + tftr = *gftr; + if (tftr.time == 0) { + tftr.time = now; + } + + status = dsdb_trust_forest_info_add_record(nfti, &tftr); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); + return status; + } + } + + for (g = 0; g < gfti->count; g++) { + const struct lsa_ForestTrustRecord2 *gftr = gfti->entries[gfti->count - (g+1)]; + struct lsa_ForestTrustRecord2 tftr; + bool skip = false; + NTSTATUS status; + + if (gftr == NULL) { + continue; + } + + switch (gftr->type) { + case LSA_FOREST_TRUST_TOP_LEVEL_NAME: + case LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX: + case LSA_FOREST_TRUST_DOMAIN_INFO: + case LSA_FOREST_TRUST_SCANNER_INFO: + skip = true; + break; + + case LSA_FOREST_TRUST_BINARY_DATA: + break; + + default: + TALLOC_FREE(frame); + return NT_STATUS_INVALID_PARAMETER; + } + + if (skip) { + continue; + } + + /* make a copy in order to update the time. */ + tftr = *gftr; + if (tftr.time == 0) { + tftr.time = now; + } + + status = dsdb_trust_forest_info_add_record(nfti, &tftr); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(frame); + return status; + } + } + *_nfti = talloc_move(mem_ctx, &nfti); TALLOC_FREE(frame); return NT_STATUS_OK;