s3:winbind: Don't abort when receiving a NULL SID

Source code in winbind_rpc.c states that if the trusted domain
has no SID, winbindd just aborts the session. This happens with
MIT Kerberos realm added as trust to AD and winbindd just returns
without processing further as there is no SID returned for the
Linux system having kerberos support.

This fix makes winbindd to skip the domain having NULL SID instead
of aborting the request completely.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13913

Signed-off-by: Amit Kumar <amitkuma@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

source3/winbindd/winbindd_rpc.c

@@ -952,26 +952,24 @@ NTSTATUS rpc_trusted_domains(TALLOC_CTX *mem_ctx,
 				return NT_STATUS_NO_MEMORY;
 			}
 
+			if (dom_list_ex.domains[i].sid == NULL) {
+				DBG_ERR("Trusted domain %s has no SID, "
+					"skipping!\n",
+					trust->dns_name);
+				continue;
+			}
+
 			if (has_ex) {
 				trust->netbios_name = talloc_move(array,
 								  &dom_list_ex.domains[i].netbios_name.string);
 				trust->dns_name = talloc_move(array,
 							      &dom_list_ex.domains[i].domain_name.string);
-				if (dom_list_ex.domains[i].sid == NULL) {
-					DEBUG(0, ("Trusted Domain %s has no SID, aborting!\n", trust->dns_name));
-					return NT_STATUS_INVALID_NETWORK_RESPONSE;
-				}
 				sid_copy(sid, dom_list_ex.domains[i].sid);
 			} else {
 				trust->netbios_name = talloc_move(array,
 								  &dom_list.domains[i].name.string);
 				trust->dns_name = NULL;
 
-				if (dom_list.domains[i].sid == NULL) {
-					DEBUG(0, ("Trusted Domain %s has no SID, aborting!\n", trust->netbios_name));
-					return NT_STATUS_INVALID_NETWORK_RESPONSE;
-				}
-
 				sid_copy(sid, dom_list.domains[i].sid);
 			}