* autoload.cc (DsGetDcNameA): Define.

	(NetGetAnyDCName): Define.
	* security.cc: Include dsgetdc.h.
	(DsGetDcNameA): Declare.
	(DS_FORCE_REDISCOVERY): Define.
	(get_logon_server): Add bool parameter to control rediscovery of DC.
	Use DsGetDcNameA function if supported, NetGetDCName/NetGetAnyDCName
	otherwise.
	(get_server_groups): Rediscover DC if get_user_groups fails and
	try again.
	(get_reg_security): Use correct error code macro when testing
	RegGetKeySecurity return value.
	* security.h (get_logon_server): Remove default vaue from wserver
	parameter.  Add rediscovery parameter.
	* uinfo.cc (cygheap_user::env_logsrv): Accomodate rediscovery parameter
	in call to get_logon_server.

5 files changed, 69 insertions, 16 deletions

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 498d74e..9ab0c2c 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,22 @@
+2006-07-06  Corinna Vinschen  <corinna@vinschen.de>
+
+	* autoload.cc (DsGetDcNameA): Define.
+	(NetGetAnyDCName): Define.
+	* security.cc: Include dsgetdc.h.
+	(DsGetDcNameA): Declare.
+	(DS_FORCE_REDISCOVERY): Define.
+	(get_logon_server): Add bool parameter to control rediscovery of DC.
+	Use DsGetDcNameA function if supported, NetGetDCName/NetGetAnyDCName
+	otherwise.
+	(get_server_groups): Rediscover DC if get_user_groups fails and
+	try again.
+	(get_reg_security): Use correct error code macro when testing
+	RegGetKeySecurity return value.
+	* security.h (get_logon_server): Remove default vaue from wserver
+	parameter.  Add rediscovery parameter.
+	* uinfo.cc (cygheap_user::env_logsrv): Accomodate rediscovery parameter
+	in call to get_logon_server.
+
 2006-07-05  Christopher Faylor  <cgf@timesys.com>
 
 	* sortdin: Ignore all leading underscores when deriving a sort key.
diff --git a/winsup/cygwin/autoload.cc b/winsup/cygwin/autoload.cc
index 745de16..516757e 100644
--- a/winsup/cygwin/autoload.cc
+++ b/winsup/cygwin/autoload.cc
@@ -370,7 +370,10 @@ LoadDLLfunc (SetSecurityDescriptorOwner, 12, advapi32)
 LoadDLLfunc (SetTokenInformation, 16, advapi32)
 LoadDLLfunc (RegGetKeySecurity, 16, advapi32)
 
+/* 127 == ERROR_PROC_NOT_FOUND */
+LoadDLLfuncEx2 (DsGetDcNameA, 24, netapi32, 1, 127)
 LoadDLLfunc (NetApiBufferFree, 4, netapi32)
+LoadDLLfuncEx (NetGetAnyDCName, 12, netapi32, 1)
 LoadDLLfuncEx (NetGetDCName, 12, netapi32, 1)
 LoadDLLfunc (NetLocalGroupEnum, 28, netapi32)
 LoadDLLfunc (NetLocalGroupGetMembers, 32, netapi32)
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index 23f86e3..6dc9107 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -28,6 +28,7 @@ details. */
 #include <ntsecapi.h>
 #include <subauth.h>
 #include <aclapi.h>
+#include <dsgetdc.h>
 #include "cygerrno.h"
 #include "security.h"
 #include "path.h"
@@ -208,13 +209,21 @@ close_local_policy (LSA_HANDLE &lsa)
   lsa = INVALID_HANDLE_VALUE;
 }
 
+/* CV, 2006-07-06: Missing in w32api. */
+extern "C" DWORD WINAPI DsGetDcNameA (LPCSTR, LPCSTR, GUID *, LPCSTR, ULONG,
+				      PDOMAIN_CONTROLLER_INFOA *);
+#define DS_FORCE_REDISCOVERY	1
+
 bool
-get_logon_server (const char *domain, char *server, WCHAR *wserver)
+get_logon_server (const char *domain, char *server, WCHAR *wserver,
+		  bool rediscovery)
 {
-  WCHAR wdomain[INTERNET_MAX_HOST_NAME_LENGTH + 1];
-  NET_API_STATUS ret;
+  DWORD dret;
+  PDOMAIN_CONTROLLER_INFOA pci;
+  NET_API_STATUS nret;
   WCHAR *buf;
   DWORD size = INTERNET_MAX_HOST_NAME_LENGTH + 1;
+  WCHAR wdomain[size];
 
   /* Empty domain is interpreted as local system */
   if ((GetComputerName (server + 2, &size)) &&
@@ -226,18 +235,37 @@ get_logon_server (const char *domain, char *server, WCHAR *wserver)
       return true;
     }
 
-  /* Try to get the primary domain controller for the domain */
-  sys_mbstowcs (wdomain, domain, INTERNET_MAX_HOST_NAME_LENGTH + 1);
-  if ((ret = NetGetDCName (NULL, wdomain, (LPBYTE *) &buf)) == STATUS_SUCCESS)
+  /* Try to get any available domain controller for this domain */
+  dret = DsGetDcNameA (NULL, domain, NULL, NULL,
+		       rediscovery ? DS_FORCE_REDISCOVERY : 0, &pci);
+  if (dret == ERROR_SUCCESS)
     {
-      sys_wcstombs (server, INTERNET_MAX_HOST_NAME_LENGTH + 1, buf);
-      if (wserver)
-	for (WCHAR *ptr1 = buf; (*wserver++ = *ptr1++);)
-	  ;
-      NetApiBufferFree (buf);
+      strcpy (server, pci->DomainControllerName);
+      sys_mbstowcs (wserver, server, INTERNET_MAX_HOST_NAME_LENGTH + 1);
+      NetApiBufferFree (pci);
+      debug_printf ("DC: rediscovery: %d, server: %s", rediscovery, server);
       return true;
     }
-  __seterrno_from_win_error (ret);
+  else if (dret == ERROR_PROC_NOT_FOUND)
+    {
+      /* NT4 w/o DSClient */
+      sys_mbstowcs (wdomain, domain, INTERNET_MAX_HOST_NAME_LENGTH + 1);
+      if (rediscovery)
+        nret = NetGetAnyDCName (NULL, wdomain, (LPBYTE *) &buf);
+      else
+	nret = NetGetDCName (NULL, wdomain, (LPBYTE *) &buf);
+      if (nret == NERR_Success)
+	{
+	  sys_wcstombs (server, INTERNET_MAX_HOST_NAME_LENGTH + 1, buf);
+	  if (wserver)
+	    for (WCHAR *ptr1 = buf; (*wserver++ = *ptr1++);)
+	      ;
+	  NetApiBufferFree (buf);
+	  debug_printf ("NT: rediscovery: %d, server: %s", rediscovery, server);
+	  return true;
+	}
+    }
+  __seterrno_from_win_error (nret);
   return false;
 }
 
@@ -511,7 +539,9 @@ get_server_groups (cygsidlist &grp_list, PSID usersid, struct passwd *pw)
   grp_list += well_known_world_sid;
   grp_list += well_known_authenticated_users_sid;
   extract_nt_dom_user (pw, domain, user);
-  if (get_logon_server (domain, server, wserver))
+  if (get_logon_server (domain, server, wserver, false)
+      && !get_user_groups (wserver, grp_list, user, domain)
+      && get_logon_server (domain, server, wserver, true))
     get_user_groups (wserver, grp_list, user, domain);
   get_unix_group_sidlist (pw, grp_list);
   return get_user_local_groups (grp_list, usersid);
@@ -1299,7 +1329,7 @@ get_reg_security (HANDLE handle, security_descriptor &sd_ret)
 				 | OWNER_SECURITY_INFORMATION,
 				 sd_ret, &len);
     }
-  if (ret != STATUS_SUCCESS)
+  if (ret != ERROR_SUCCESS)
     {
       __seterrno ();
       return -1;
diff --git a/winsup/cygwin/security.h b/winsup/cygwin/security.h
index a55cc03..3155ec6 100644
--- a/winsup/cygwin/security.h
+++ b/winsup/cygwin/security.h
@@ -331,7 +331,8 @@ bool get_server_groups (cygsidlist &grp_list, PSID usersid, struct passwd *pw);
 /* Extract U-domain\user field from passwd entry. */
 void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user);
 /* Get default logonserver for a domain. */
-bool get_logon_server (const char * domain, char * server, WCHAR *wserver = NULL);
+bool get_logon_server (const char * domain, char * server, WCHAR *wserver,
+		       bool rediscovery);
 
 /* sec_helper.cc: Security helper functions. */
 int set_privilege (HANDLE token, enum cygpriv_idx privilege, bool enable);
diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
index d649733..b8519cf 100644
--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@@ -377,7 +377,7 @@ cygheap_user::env_logsrv (const char *name, size_t namelen)
 
   char logsrv[INTERNET_MAX_HOST_NAME_LENGTH + 3];
   cfree_and_set (plogsrv, almost_null);
-  if (get_logon_server (mydomain, logsrv, NULL))
+  if (get_logon_server (mydomain, logsrv, NULL, false))
     plogsrv = cstrdup (logsrv);
   return plogsrv;
 }