the final part of the nmbd merge between head and tng - this gets the

GETDC stuff sorted out

2 files changed, 38 insertions, 30 deletions

diff --git a/source/nmbd/nmbd_packets.c b/source/nmbd/nmbd_packets.c
index 627bbea019d..a7c94f15446 100644
--- a/source/nmbd/nmbd_packets.c
+++ b/source/nmbd/nmbd_packets.c
@@ -592,7 +592,7 @@ struct response_record *queue_release_name( struct subnet_record *subrec,
   if(assert_check_subnet(subrec))
     return NULL;
 
-  if(( p = create_and_init_netbios_packet(nmbname, (subrec != unicast_subnet), False,
+  if ((p = create_and_init_netbios_packet(nmbname, (subrec != unicast_subnet), False,
                      subrec->bcast_ip)) == NULL)
     return NULL;
 
@@ -621,10 +621,9 @@ struct response_record *queue_release_name( struct subnet_record *subrec,
    * This will cause us to remove the name asap. JRA.
    */
 
-  if(bcast)
-  {
-    rrec->repeat_count = 0;
-    rrec->repeat_time = 0;
+  if (subrec != unicast_subnet) {
+	  rrec->repeat_count = 0;
+	  rrec->repeat_time = 0;
   }
 
   return rrec;
diff --git a/source/nmbd/nmbd_processlogon.c b/source/nmbd/nmbd_processlogon.c
index d3b7f92fc78..bc4c6ea1271 100644
--- a/source/nmbd/nmbd_processlogon.c
+++ b/source/nmbd/nmbd_processlogon.c
@@ -117,28 +117,35 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
       getdc = skip_string(machine,1);
       unicomp = skip_string(getdc,1);
 
-      q = align2(unicomp, buf);
-
-      q = skip_unicode_string(q, 1);
-
-      if ((buf - q) >= len) {    /* Check for a short request */
-
-        short_request = True;
-
-      }
-      else { /* A full length request */
-
-        ntversion = IVAL(q, 0);
-        q += 4;
-        lmnttoken = SVAL(q, 0);
-        q += 2;
-        lm20token = SVAL(q, 0);
-        q += 2;
-
+      /* at this point we can work out if this is a W9X or NT style
+         request. Experiments show that the difference is wether the
+         packet ends here. For a W9X request we now end with a pair of
+         bytes (usually 0xFE 0xFF) whereas with NT we have two further
+         strings - the following is a simple way of detecting this */
+      if (len - PTR_DIFF(unicomp, buf) > 3) {
+	      short_request = True;
+      } else {
+	      /* A full length (NT style) request */
+	      q = skip_unicode_string(unicomp, 1);
+
+	      if (len - PTR_DIFF(q, buf) > 8) {
+					/* with NT5 clients we can sometimes
+					   get additional data - a length specificed string
+					   containing the domain name, then 16 bytes of
+					   data (no idea what it is) */
+					int dom_len = CVAL(q, 0);
+					q++;
+					if (dom_len != 0) {
+						q += dom_len + 1;
+					}
+					q += 16;
+	      }
+	      ntversion = IVAL(q, 0);
+	      lmnttoken = SVAL(q, 4);
+	      lm20token = SVAL(q, 6);
       }
 
       /* Construct reply. */
-
       q = outbuf;
       SSVAL(q, 0, QUERYFORPDC_R);
       q += 2;
@@ -159,11 +166,9 @@ logons are not enabled.\n", inet_ntoa(p->ip) ));
         q = skip_unicode_string(q, 1); 
 
         SIVAL(q, 0, ntversion);
-        q += 4;
-        SSVAL(q, 0, lmnttoken);
-        q += 2;
-        SSVAL(q, 0, lm20token);
-        q += 2;
+        SSVAL(q, 4, lmnttoken);
+        SSVAL(q, 6, lm20token);
+        q += 8;
       }
 
       /* RJS, 21-Feb-2000, we send a short reply if the request was short */
@@ -227,7 +232,11 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
       /* Construct reply. */
 
       q = outbuf;
-      SSVAL(q, 0, SAMLOGON_R);
+      if (SVAL(uniuser, 0) == 0) {
+	      SSVAL(q, 0, SAMLOGON_UNK_R);	/* user unknown */
+      }	else {
+	      SSVAL(q, 0, SAMLOGON_R);
+      }
       q += 2;
 
       dos_PutUniCode(q, reply_name,sizeof(pstring));