s3-winbindd: Always map the LDAP error code to an NTSTATUS

We do this so that we catch LDAP_TIMELIMIT_EXCEEDED as NT_STATUS_IO_TIMEOUT, which
has special handling in winbindd_cache.c

Andrew Bartlett
(cherry picked from commit 5daa8d2f7fa7d15ac6d6b0238e299f69c70be024)

diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index b0ca9b8176e54dd76f27a58d6fc59c307cb65333..4a9bd3577db4e9f7461f4a45b14f028fdd7b20b8 100644 (file)
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -180,8 +180,12 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
        }
 
        rc = ads_search_retry(ads, &res, "(objectCategory=user)", attrs);
-       if (!ADS_ERR_OK(rc) || !res) {
+       if (!ADS_ERR_OK(rc)) {
                DEBUG(1,("query_user_list ads_search: %s\n", ads_errstr(rc)));
+               status = ads_ntstatus(rc);
+       } else if (!res) {
+               DEBUG(1,("query_user_list ads_search returned NULL res\n"));
+
                goto done;
        }
 
@@ -325,9 +329,13 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
        }
 
        rc = ads_search_retry(ads, &res, filter, attrs);
-       if (!ADS_ERR_OK(rc) || !res) {
+       if (!ADS_ERR_OK(rc)) {
+               status = ads_ntstatus(rc);
                DEBUG(1,("enum_dom_groups ads_search: %s\n", ads_errstr(rc)));
                goto done;
+       } else if (!res) {
+               DEBUG(1,("enum_dom_groups ads_search returned NULL res\n"));
+               goto done;
        }
 
        count = ads_count_replies(ads, res);
@@ -532,12 +540,16 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
                goto done;
        }
        rc = ads_search_retry(ads, &msg, ldap_exp, attrs);
-       free(ldap_exp);
+       SAFE_FREE(ldap_exp);
        TALLOC_FREE(sidstr);
-       if (!ADS_ERR_OK(rc) || !msg) {
+       if (!ADS_ERR_OK(rc)) {
                DEBUG(1,("query_user(sid=%s) ads_search: %s\n",
                         sid_string_dbg(sid), ads_errstr(rc)));
-               goto done;
+               return ads_ntstatus(rc);
+       } else if (!msg) {
+               DEBUG(1,("query_user(sid=%s) ads_search returned NULL res\n",
+                        sid_string_dbg(sid)));
+               return NT_STATUS_INTERNAL_ERROR;
        }
 
        count = ads_count_replies(ads, msg);
@@ -632,11 +644,15 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain,
 
        rc = ads_search_retry(ads, &res, ldap_exp, group_attrs);
 
-       if (!ADS_ERR_OK(rc) || !res) {
+       if (!ADS_ERR_OK(rc)) {
                DEBUG(1,("lookup_usergroups ads_search member=%s: %s\n", user_dn, ads_errstr(rc)));
                return ads_ntstatus(rc);
+       } else if (!res) {
+               DEBUG(1,("lookup_usergroups ads_search returned NULL res\n"));
+               return NT_STATUS_INTERNAL_ERROR;
        }
 
+
        count = ads_count_replies(ads, res);
 
        *user_sids = NULL;