ipa: check for empty trusts in ipa_get_trust_type()

[sumit-bose]

Similar as ipa_get_ad_id_ctx() or ipa_get_ipa_id_ctx() ipa_get_trust_type() should be aware that the 'trusts' member of 'server_mode' might be NULL.

[gemini-code-assist]

Code Review

This pull request correctly fixes a potential NULL pointer dereference in ipa_get_trust_type. When the trust list is empty or no matching trust is found, the original code would attempt to dereference a NULL or uninitialized pointer, leading to a crash. The added check ensures the function safely returns IPA_TRUST_UNKNOWN in such cases, which is the correct behavior and consistent with similar functions in the codebase. This is an important fix for stability.

[alexey-tikhonov]

Note: no new issues reported by Covcan.

[sssd-bot]

The pull request was accepted by @alexey-tikhonov with the following PR CI status:

---

🟢 CodeFactor (success)
🟢 CodeQL (success)
🟢 osh-diff-scan:fedora-rawhide-x86_64:upstream (success)
🟢 rpm-build:centos-stream-10-x86_64:upstream (success)
🟢 rpm-build:fedora-41-x86_64:upstream (success)
🟢 rpm-build:fedora-42-x86_64:upstream (success)
🟢 rpm-build:fedora-43-x86_64:upstream (success)
🟢 rpm-build:fedora-rawhide-x86_64:upstream (success)
🟢 Analyze (target) / cppcheck (success)
🟢 Build / freebsd (success)
🟢 Build / make-distcheck (success)
🔴 ci / intgcheck (centos-10) (failure)
🟢 ci / intgcheck (fedora-41) (success)
🟢 ci / intgcheck (fedora-42) (success)
🟢 ci / intgcheck (fedora-43) (success)
🟢 ci / intgcheck (fedora-44) (success)
🟢 ci / prepare (success)
🟢 ci / system (centos-10) (success)
🟢 ci / system (fedora-41) (success)
🟢 ci / system (fedora-42) (success)
🟢 ci / system (fedora-43) (success)
🟢 ci / system (fedora-44) (success)
➖ Coverity scan / coverity (skipped)
🟢 Static code analysis / codeql (success)
🟢 Static code analysis / pre-commit (success)
🟢 Static code analysis / python-system-tests (success)

---

There are unsuccessful or unfinished checks. Make sure that the failures are not related to this pull request before merging.