commit 6b1091dcd9a32977542692e78cfa2c930a691404
Author:     Jeremy Allison <jra@samba.org>
AuthorDate: Wed Jul 16 12:41:55 2014 -0700
Commit:     Karolin Seeger <kseeger@samba.org>
CommitDate: Sat Sep 27 20:58:13 2014 +0200

    s3: winbindd: Old NT Domain code sets struct winbind_domain->alt_name to be NULL. Ensure this is safe with modern AD-DCs.
    
    There are places in the code where we're not checking that alt_name is NULL
    and then calling into the DC lookup code with a NULL name request. This can
    happen in offline mode.
    
    Fixes bug #10717 - Winbind crash on losing VPN connection
    
    https://bugzilla.samba.org/show_bug.cgi?id=10717
    
    Signed-off-by: Jeremy Allison <jra@samba.org>
    Reviewed-by: Michael Adam <obnox@samba.org>
    
    Autobuild-User(master): Michael Adam <obnox@samba.org>
    Autobuild-Date(master): Mon Sep 15 23:29:00 CEST 2014 on sn-devel-104
    
    (cherry picked from commit 92da0b243c18546275c4736507188eba425a0732)
---
 source3/winbindd/winbindd_ads.c | 3 ++-
 source3/winbindd/winbindd_cm.c  | 8 ++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index e47613e..fb0bc26 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -169,6 +169,7 @@ ADS_STATUS ads_idmap_cached_connection(ADS_STRUCT **adsp, const char *dom_name)
 	}
 
 	if (IS_DC) {
+		SMB_ASSERT(wb_dom->alt_name != NULL);
 		realm = SMB_STRDUP(wb_dom->alt_name);
 	} else {
 		struct winbindd_domain *our_domain = wb_dom;
@@ -224,7 +225,7 @@ static ADS_STRUCT *ads_cached_connection(struct winbindd_domain *domain)
 	}
 
 	if ( IS_DC ) {
-
+		SMB_ASSERT(domain->alt_name != NULL);
 		realm = SMB_STRDUP(domain->alt_name);
 	}
 	else {
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 61917db..8bbc886 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -833,6 +833,10 @@ static NTSTATUS get_trust_creds(const struct winbindd_domain *domain,
 			return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;			
 		}
 
+		if (our_domain->alt_name == NULL) {
+			return NT_STATUS_INVALID_PARAMETER;
+		}
+
 		if (asprintf(machine_krb5_principal, "%s$@%s",
 			     account_name, our_domain->alt_name) == -1)
 		{
@@ -1199,7 +1203,7 @@ static bool dcip_to_name(TALLOC_CTX *mem_ctx,
 	/* For active directory servers, try to get the ldap server name.
 	   None of these failures should be considered critical for now */
 
-	if (lp_security() == SEC_ADS) {
+	if ((lp_security() == SEC_ADS) && (domain->alt_name != NULL)) {
 		ADS_STRUCT *ads;
 		ADS_STATUS ads_status;
 		char addr[INET6_ADDRSTRLEN];
@@ -1327,7 +1331,7 @@ static bool get_dcs(TALLOC_CTX *mem_ctx, struct winbindd_domain *domain,
 		return True;
 	}
 
-	if (sec == SEC_ADS) {
+	if ((sec == SEC_ADS) && (domain->alt_name != NULL)) {
 		char *sitename = NULL;
 
 		/* We need to make sure we know the local site before