From 0ab40cdf6b354e8b760f604f2f94cf3c2292217e Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Oct 04 2013 08:25:31 +0000
Subject: ipasam: for subdomains pick up defaults for missing values


We don't store trust type, attributes, and direction for subdomains
of the existing trust. Since trust is always forest level, these parameters
can be added as defaults when they are missing.

---

diff --git a/daemons/ipa-sam/ipa_sam.c b/daemons/ipa-sam/ipa_sam.c
index a535c0f..59ddcef 100644
--- a/daemons/ipa-sam/ipa_sam.c
+++ b/daemons/ipa-sam/ipa_sam.c
@@ -2026,6 +2026,10 @@ static bool fill_pdb_trusted_domain(TALLOC_CTX *mem_ctx,
 	if (!res) {
 		return false;
 	}
+	if (td->trust_direction == 0) {
+		/* attribute wasn't present, set default value */
+		td->trust_direction = LSA_TRUST_DIRECTION_INBOUND | LSA_TRUST_DIRECTION_OUTBOUND;
+	}
 
 	res = get_uint32_t_from_ldap_msg(ldap_state, entry,
 					 LDAP_ATTRIBUTE_TRUST_ATTRIBUTES,
@@ -2033,6 +2037,10 @@ static bool fill_pdb_trusted_domain(TALLOC_CTX *mem_ctx,
 	if (!res) {
 		return false;
 	}
+	if (td->trust_attributes == 0) {
+		/* attribute wasn't present, set default value */
+		td->trust_attributes = LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE;
+	}
 
 	res = get_uint32_t_from_ldap_msg(ldap_state, entry,
 					 LDAP_ATTRIBUTE_TRUST_TYPE,
@@ -2040,6 +2048,10 @@ static bool fill_pdb_trusted_domain(TALLOC_CTX *mem_ctx,
 	if (!res) {
 		return false;
 	}
+	if (td->trust_type == 0) {
+		/* attribute wasn't present, set default value */
+		td->trust_type = LSA_TRUST_TYPE_UPLEVEL;
+	}
 
 	td->trust_posix_offset = talloc_zero(td, uint32_t);
 	if (td->trust_posix_offset == NULL) {