URL:
https://github.com/SSSD/sssd/pull/475
Title: #475: AD: Use the right sdap_domain for the forest root
lslebodn commented:
"""
I ran ad test suite and it cause crashes with direct AD domain. Nobody was able to
authenticate.
```
sh# gdb /usr/libexec/sssd/sssd_be coredump
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-110.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <
http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<
http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/libexec/sssd/sssd_be...Reading symbols from
/usr/lib/debug/usr/libexec/sssd/sssd_be.debug...done.
done.
[New LWP 16171]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/libexec/sssd/sssd_be --domain ADTEST --uid 0 --gid 0
--logger=files'.
Program terminated with signal 11, Segmentation fault.
#0 sysdb_attrs_get_el_ext (attrs=attrs@entry=0x0, name=name@entry=0x7f51214c457a
"trustPartner", alloc=alloc@entry=false, el=el@entry=0x7ffc9ce95ad0) at
src/db/sysdb.c:289
289 for (i = 0; i < attrs->num; i++) {
(gdb) p attrs
$1 = (struct sysdb_attrs *) 0x0
(gdb)
```
```
(gdb) bt full
#0 sysdb_attrs_get_el_ext (attrs=attrs@entry=0x0, name=name@entry=0x7f51214c457a
"trustPartner", alloc=alloc@entry=false, el=el@entry=0x7ffc9ce95ad0) at
src/db/sysdb.c:289
e = 0x0
i = 0
#1 0x00007f5131770c42 in sysdb_attrs_get_string (attrs=attrs@entry=0x0,
name=name@entry=0x7f51214c457a "trustPartner",
string=string@entry=0x7ffc9ce95af0) at src/db/sysdb.c:332
el = 0x55ce69e12750
ret = <optimized out>
#2 0x00007f51214b58ea in ads_get_root_domain (attrs=attrs@entry=0x0, be_ctx=<optimized
out>) at src/providers/ad/ad_subdomains.c:67
dom = <optimized out>
name = 0x55ce69e12530 " \002zi\316U"
ret = <optimized out>
#3 0x00007f51214b5b6f in ads_get_root_sdap_domain (attrs=0x0, opts=0x55ce69dfcc70,
be_ctx=<optimized out>) at src/providers/ad/ad_subdomains.c:100
root_sdom = <optimized out>
root_dom = <optimized out>
#4 ad_get_slave_domain_send (root_id_ctx=0x55ce69dfe300, root_id_ctx=0x55ce69dfe300,
root_attrs=0x0, sd_ctx=<optimized out>, ev=0x55ce69db5c50, mem_ctx=<optimized
out>)
at src/providers/ad/ad_subdomains.c:847
state = 0x55ce69e32ea0
ret = <optimized out>
req = 0x55ce69e32d10
#5 ad_subdomains_refresh_root_done (subreq=0x0) at
src/providers/ad/ad_subdomains.c:1480
state = <optimized out>
req = 0x55ce69e12530
root_id_ctx = 0x55ce69dfe300
root_attrs = 0x0
dp_error = 0
ret = <optimized out>
__FUNCTION__ = "ad_subdomains_refresh_root_done"
#6 0x00007f512da18a6a in tevent_common_loop_immediate (ev=ev@entry=0x55ce69db5c50) at
../tevent_immediate.c:135
im = 0x55ce69e32df0
handler = 0x7f512da192b0 <tevent_req_trigger>
private_data = 0x55ce69e32d10
#7 0x00007f512da1dc9d in epoll_event_loop_once (ev=0x55ce69db5c50, location=<optimized
out>) at ../tevent_epoll.c:911
epoll_ev = 0x55ce69db5ed0
tval = {tv_sec = 0, tv_usec = 0}
panic_triggered = false
#8 0x00007f512da1c2a7 in std_event_loop_once (ev=0x55ce69db5c50, location=0x7f51317c9887
"src/util/server.c:721") at ../tevent_standard.c:114
glue_ptr = <optimized out>
glue = 0x55ce69db5d80
ret = <optimized out>
#9 0x00007f512da1807d in _tevent_loop_once (ev=ev@entry=0x55ce69db5c50,
location=location@entry=0x7f51317c9887 "src/util/server.c:721") at
../tevent.c:726
ret = <optimized out>
nesting_stack_ptr = 0x0
#10 0x00007f512da182ab in tevent_common_loop_wait (ev=0x55ce69db5c50,
location=0x7f51317c9887 "src/util/server.c:721") at ../tevent.c:849
ret = <optimized out>
#11 0x00007f512da1c247 in std_event_loop_wait (ev=0x55ce69db5c50, location=0x7f51317c9887
"src/util/server.c:721") at ../tevent_standard.c:145
glue_ptr = <optimized out>
glue = 0x55ce69db5d80
ret = <optimized out>
#12 0x00007f51317a6843 in server_loop (main_ctx=0x55ce69db70e0) at src/util/server.c:721
```
Sorry for late testing.
"""
See the full comment at
https://github.com/SSSD/sssd/pull/475#issuecomment-363499596