Signed-off-by: Sergey Yanovich
---
source/nmbd/nmbd_processlogon.c | 46 ++++++++++++++++++++++-----------------
1 files changed, 26 insertions(+), 20 deletions(-)

diff --git a/source/nmbd/nmbd_processlogon.c b/source/nmbd/nmbd_processlogon.c
index 6e110dd..29d6fc2 100644
--- a/source/nmbd/nmbd_processlogon.c
+++ b/source/nmbd/nmbd_processlogon.c
@@ -425,7 +425,8 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
q += 4;

SIVAL(q, 0, NBT_SERVER_PDC|NBT_SERVER_GC|NBT_SERVER_LDAP|NBT_S ERVER_DS|
- NBT_SERVER_KDC|NBT_SERVER_TIMESERV|NBT_SERVER_CLOS EST|NBT_SERVER_WRITABLE);
+ NBT_SERVER_KDC|NBT_SERVER_TIMESERV|NBT_SERVER_CLOS EST|
+ NBT_SERVER_WRITABLE|NBT_SERVER_GOOD_TIMESERV);
q += 4;

/* Push Domain GUID */
@@ -442,7 +443,6 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
q += UUID_FLAT_SIZE;

/* Forest */
- str_offset = q - q_orig;
dc = domain;
q1 = q;
while ((component = strtok_r(dc, ".", &saveptr)) != NULL) {
@@ -460,16 +460,16 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
q += (size + 1);
}

- /* Unk0 */
+ /* Terminate forest by zero */
if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 4) {
return;
}
SCVAL(q, 0, 0);
q++;

- /* Domain */
- SCVAL(q, 0, 0xc0 | ((str_offset >> 8) & 0x3F));
- SCVAL(q, 1, str_offset & 0xFF);
+ /* Domain (point to forest) */
+ SCVAL(q, 0, 0xc0);
+ SCVAL(q, 1, 0x18);
q += 2;

/* Hostname */
@@ -486,8 +486,8 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
return;
}

- SCVAL(q, 0, 0xc0 | ((str_offset >> 8) & 0x3F));
- SCVAL(q, 1, str_offset & 0xFF);
+ SCVAL(q, 0, 0xc0);
+ SCVAL(q, 1, 0x18);
q += 2;

/* NETBIOS of domain */
@@ -534,17 +534,19 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
if (size == (size_t)-1 || size > 0xff) {
return;
}
- SCVAL(q, 0, size);
- q += (size + 1);
+ } else {
+ size = 0;
}
+ SCVAL(q, 0, size);
+ q += (size + 1);

- q_orig = q;
- /* Site name */
- if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 1) {
+ str_offset = q - q_orig;
+ /* Server site name */
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 3) {
return;
}
size = push_ascii(&q[1], "Default-First-Site-Name",
- sizeof(outbuf) - PTR_DIFF(q+1, outbuf),
+ sizeof(outbuf) - PTR_DIFF(q+3, outbuf),
0);
if (size == (size_t)-1 || size > 0xff) {
return;
@@ -552,22 +554,26 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n",
SCVAL(q, 0, size);
q += (size + 1);

- if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 18) {
+ SCVAL(q, 0, 0xc0);
+ SCVAL(q, 1, 0x18);
+ q += 2;
+
+ if (sizeof(outbuf) - PTR_DIFF(q, outbuf) < 19) {
return;
}

- /* Site name (2) */
- str_offset = q - q_orig;
+ /* Client site name (point to server) */
SCVAL(q, 0, 0xc0 | ((str_offset >> 8) & 0x3F));
SCVAL(q, 1, str_offset & 0xFF);
q += 2;

- SCVAL(q, 0, PTR_DIFF(q,q1));
- SCVAL(q, 1, 0x10); /* unknown */
+ /* 0x10 bytes remains till the end of packet */
+ SCVAL(q, 0, 0x10);
+ q += 1;

SIVAL(q, 0, 0x00000002);
q += 4; /* unknown */
- SIVAL(q, 0, ntohl(ip.s_addr));
+ SIVAL(q, 0, ip.s_addr);
q += 4;
SIVAL(q, 0, 0x00000000);
q += 4; /* unknown */
--
1.5.5.1