Bug 15778 - Kerberos referral tickets are generated for principals in our domain if we have a trust to a top level domain
Summary: Kerberos referral tickets are generated for principals in our domain if we ha...
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.21.3
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
URL: https://gitlab.com/samba-team/samba/-...
Keywords:
Depends on:
Blocks:
 
Reported: 2025-01-07 13:22 UTC by Stefan Metzmacher
Modified: 2025-01-17 12:53 UTC (History)
3 users (show)

See Also:


Attachments
Patch for v4-21-test (4.22 KB, text/plain)
2025-01-08 09:07 UTC, Stefan Metzmacher
dbagnall: review+
Details
Patch for v4-20-test (4.22 KB, patch)
2025-01-08 09:07 UTC, Stefan Metzmacher
dbagnall: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Metzmacher 2025-01-07 13:22:00 UTC
The logic of dsdb_trust_routing_by_name() is broken

If we are a dc of domain samba.example.com and have a trust
to example.com, a routing request for dc.samba.example.com
currently returns the tdo for example.com instead
of our own samba.example.com.

It is very unlikely in practice, but it happened...
Comment 1 Samba QA Contact 2025-01-08 04:15:04 UTC
This bug was referenced in samba master:

56947612452c32bd26f30ad6c9767830fe608d67
Comment 2 Stefan Metzmacher 2025-01-08 09:07:01 UTC
Created attachment 18522 [details]
Patch for v4-21-test
Comment 3 Stefan Metzmacher 2025-01-08 09:07:26 UTC
Created attachment 18523 [details]
Patch for v4-20-test
Comment 4 Jule Anger 2025-01-09 08:39:01 UTC
Pushed to autobuild-v4-{21,20}-test.
Comment 5 Samba QA Contact 2025-01-09 09:57:03 UTC
This bug was referenced in samba v4-20-test:

36f514f9079dca1765922415cce6fc623fe75466
Comment 6 Samba QA Contact 2025-01-09 11:17:04 UTC
This bug was referenced in samba v4-21-test:

ff60445563c771afd0eb6572072773bafaa05fd4
Comment 7 Jule Anger 2025-01-17 12:53:37 UTC
Closing out bug report.

Thanks!