From e5d607fb73569baf3a15b4a8dcb56b049652ea5a Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 18 May 2012 17:40:59 +1000
Subject: [PATCH 2/4] s3-winbindd: Always map the LDAP error code to an
 NTSTATUS

We do this so that we catch LDAP_TIMELIMIT_EXCEEDED as NT_STATUS_IO_TIMEOUT, which
has special handling in winbindd_cache.c

Andrew Bartlett
---
 source3/winbindd/winbindd_ads.c |   24 ++++++++++++++++++++----
 1 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 610db7a..941c7c5 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -188,8 +188,12 @@ static NTSTATUS query_user_list(struct winbindd_domain *domain,
 	}
 
 	rc = ads_search_retry(ads, &res, "(objectCategory=user)", attrs);
-	if (!ADS_ERR_OK(rc) || !res) {
+	if (!ADS_ERR_OK(rc)) {
 		DEBUG(1,("query_user_list ads_search: %s\n", ads_errstr(rc)));
+		status = ads_ntstatus(rc);
+	} else if (!res) {
+		DEBUG(1,("query_user_list ads_search returned NULL res\n"));
+		
 		goto done;
 	}
 
@@ -340,9 +344,13 @@ static NTSTATUS enum_dom_groups(struct winbindd_domain *domain,
 	}
 
 	rc = ads_search_retry(ads, &res, filter, attrs);
-	if (!ADS_ERR_OK(rc) || !res) {
+	if (!ADS_ERR_OK(rc)) {
+		status = ads_ntstatus(rc);
 		DEBUG(1,("enum_dom_groups ads_search: %s\n", ads_errstr(rc)));
 		goto done;
+	} else if (!res) {
+		DEBUG(1,("enum_dom_groups ads_search returned NULL res\n"));
+		goto done;
 	}
 
 	count = ads_count_replies(ads, res);
@@ -550,10 +558,14 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
 	}
 	rc = ads_search_retry(ads, &msg, ldap_exp, attrs);
 	SAFE_FREE(ldap_exp);
-	if (!ADS_ERR_OK(rc) || !msg) {
+	if (!ADS_ERR_OK(rc)) {
 		DEBUG(1,("query_user(sid=%s) ads_search: %s\n",
 			 sid_string_dbg(sid), ads_errstr(rc)));
 		return ads_ntstatus(rc);
+	} else if (!msg) {
+		DEBUG(1,("query_user(sid=%s) ads_search returned NULL res\n", 
+			 sid_string_dbg(sid)));
+		return NT_STATUS_INTERNAL_ERROR;
 	}
 
 	count = ads_count_replies(ads, msg);
@@ -662,11 +674,15 @@ static NTSTATUS lookup_usergroups_member(struct winbindd_domain *domain,
 
 	rc = ads_search_retry(ads, &res, ldap_exp, group_attrs);
 
-	if (!ADS_ERR_OK(rc) || !res) {
+	if (!ADS_ERR_OK(rc)) {
 		DEBUG(1,("lookup_usergroups ads_search member=%s: %s\n", user_dn, ads_errstr(rc)));
 		return ads_ntstatus(rc);
+	} else if (!res) {
+		DEBUG(1,("lookup_usergroups ads_search returned NULL res\n"));
+		return NT_STATUS_INTERNAL_ERROR;
 	}
 
+
 	count = ads_count_replies(ads, res);
 
 	*user_sids = NULL;
-- 
1.7.7.6