From: Amit Kumar Date: Fri, 31 May 2019 13:27:52 +0000 (+0530) Subject: s3:winbind: Don't abort when receiving a NULL SID X-Git-Tag: talloc-2.3.1~344 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=eb093c5d2ac77889215356ffabb915861cd4e9d5;p=thirdparty%2Fsamba.git s3:winbind: Don't abort when receiving a NULL SID Source code in winbind_rpc.c states that if the trusted domain has no SID, winbindd just aborts the session. This happens with MIT Kerberos realm added as trust to AD and winbindd just returns without processing further as there is no SID returned for the Linux system having kerberos support. This fix makes winbindd to skip the domain having NULL SID instead of aborting the request completely. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13913 Signed-off-by: Amit Kumar Reviewed-by: Andreas Schneider Reviewed-by: Guenther Deschner Reviewed-by: Ralph Boehme --- diff --git a/source3/winbindd/winbindd_rpc.c b/source3/winbindd/winbindd_rpc.c index ffbaabcfe49..793ebe0df56 100644 --- a/source3/winbindd/winbindd_rpc.c +++ b/source3/winbindd/winbindd_rpc.c @@ -952,26 +952,24 @@ NTSTATUS rpc_trusted_domains(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } + if (dom_list_ex.domains[i].sid == NULL) { + DBG_ERR("Trusted domain %s has no SID, " + "skipping!\n", + trust->dns_name); + continue; + } + if (has_ex) { trust->netbios_name = talloc_move(array, &dom_list_ex.domains[i].netbios_name.string); trust->dns_name = talloc_move(array, &dom_list_ex.domains[i].domain_name.string); - if (dom_list_ex.domains[i].sid == NULL) { - DEBUG(0, ("Trusted Domain %s has no SID, aborting!\n", trust->dns_name)); - return NT_STATUS_INVALID_NETWORK_RESPONSE; - } sid_copy(sid, dom_list_ex.domains[i].sid); } else { trust->netbios_name = talloc_move(array, &dom_list.domains[i].name.string); trust->dns_name = NULL; - if (dom_list.domains[i].sid == NULL) { - DEBUG(0, ("Trusted Domain %s has no SID, aborting!\n", trust->netbios_name)); - return NT_STATUS_INVALID_NETWORK_RESPONSE; - } - sid_copy(sid, dom_list.domains[i].sid); }