The logic of dsdb_trust_routing_by_name() is broken If we are a dc of domain samba.example.com and have a trust to example.com, a routing request for dc.samba.example.com currently returns the tdo for example.com instead of our own samba.example.com. It is very unlikely in practice, but it happened...
This bug was referenced in samba master: 56947612452c32bd26f30ad6c9767830fe608d67
Created attachment 18522 [details] Patch for v4-21-test
Created attachment 18523 [details] Patch for v4-20-test
Pushed to autobuild-v4-{21,20}-test.
This bug was referenced in samba v4-20-test: 36f514f9079dca1765922415cce6fc623fe75466
This bug was referenced in samba v4-21-test: ff60445563c771afd0eb6572072773bafaa05fd4
Closing out bug report. Thanks!