diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-01-20 02:40:05 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-01-20 02:40:05 +0000 |
| commit | bb6af711b8f9a525b74198abbe7f1c37014ca6f7 (patch) | |
| tree | bd27852105178310652be36d293282b0abd1de7d | |
| parent | 93a8358910d2b8788ffea33c04244ffd5ffecabf (diff) | |
| download | samba-bb6af711b8f9a525b74198abbe7f1c37014ca6f7.tar.gz samba-bb6af711b8f9a525b74198abbe7f1c37014ca6f7.tar.bz2 samba-bb6af711b8f9a525b74198abbe7f1c37014ca6f7.zip | |
This is the current patch from Luke Leighton <lckl@samba-tng.org> to add a
degree of seperation betwen reading/writing the raw NamedPipe SMB packets
and the matching operations inside smbd's RPC components.
This patch is designed for no change in behaviour, and my tests hold that to be
true. This patch does however allow for the future loadable modules interface
to specify function pointers in replacement of the fixed state.
The pipes_struct has been split into two peices, with smb_np_struct taking the
information that should be generic to where the data ends up.
Some other minor changes are made: we get another small helper function in
util_sock.c and some of the original code has better failure debugs and
variable use. (As per on-list comments).
Andrew Bartlett
(This used to be commit 8ef13cabdddf58b741886782297fb64b2fb7e489)
| -rw-r--r-- | source3/include/ntdomain.h | 93 | ||||
| -rw-r--r-- | source3/lib/util_sock.c | 39 | ||||
| -rw-r--r-- | source3/rpc_server/srv_lsa_hnd.c | 4 | ||||
| -rw-r--r-- | source3/rpc_server/srv_pipe_hnd.c | 264 | ||||
| -rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 2 | ||||
| -rw-r--r-- | source3/script/mkproto.awk | 2 | ||||
| -rw-r--r-- | source3/smbd/ipc.c | 14 | ||||
| -rw-r--r-- | source3/smbd/nttrans.c | 2 | ||||
| -rw-r--r-- | source3/smbd/pipes.c | 16 |
9 files changed, 341 insertions, 95 deletions
diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index 8718b9dc5f..9c9d7a4c7a 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -159,15 +159,19 @@ struct dcinfo fstring mach_acct; /* Machine name we've authenticated. */ }; +/* + * DCE/RPC-specific samba-internal-specific handling of data on + * NamedPipes. + * + */ + typedef struct pipes_struct { struct pipes_struct *next, *prev; - int pnum; + connection_struct *conn; uint16 vuid; /* points to the unauthenticated user that opened this pipe. */ - BOOL open; /* open connection */ - uint16 device_state; - uint16 priority; + fstring name; fstring pipe_srv_name; @@ -226,10 +230,6 @@ typedef struct pipes_struct output_data out_data; - /* When replying to an SMBtrans, this is the maximum amount of - data that can be sent in the initial reply. */ - int max_trans_reply; - /* talloc context to use when allocating memory on this pipe. */ TALLOC_CTX *mem_ctx; @@ -238,6 +238,83 @@ typedef struct pipes_struct } pipes_struct; +typedef struct smb_np_struct +{ + struct smb_np_struct *next, *prev; + int pnum; + connection_struct *conn; + uint16 vuid; /* points to the unauthenticated user that opened this pipe. */ + BOOL open; /* open connection */ + uint16 device_state; + uint16 priority; + fstring name; + + /* When replying to an SMBtrans, this is the maximum amount of + data that can be sent in the initial reply. */ + int max_trans_reply; + + /* + * NamedPipe state information. + * + * (e.g. typecast a np_struct, above). + */ + void *np_state; + + /* + * NamedPipe functions, to be called to perform + * Named Pipe transactions on request from an + * SMB client. + */ + + /* call to create a named pipe connection. + * returns: state information representing the connection. + * is stored in np_state, above. + */ + void * (*namedpipe_create)(char *pipe_name, + connection_struct *conn, uint16 vuid); + + /* call to perform a write / read namedpipe transaction. + * TransactNamedPipe is weird: it returns whether there + * is more data outstanding to be read, and the + * caller is expected to take note and follow up with + * read requests. + */ + ssize_t (*namedpipe_transact)(void *np_state, + char *data, int len, + char *rdata, int rlen, + BOOL *pipe_outstanding); + + /* call to perform a write namedpipe operation + */ + ssize_t (*namedpipe_write)(void * np_state, + char *data, size_t n); + + /* call to perform a read namedpipe operation. + * + * NOTE: the only reason that the pipe_outstanding + * argument is here is because samba does not use + * the namedpipe_transact function yet: instead, + * it performs the same as what namedpipe_transact + * does - a write, followed by a read. + * + * when samba is modified to use namedpipe_transact, + * the pipe_outstanding argument may be removed. + */ + ssize_t (*namedpipe_read)(void * np_state, + char *data, size_t max_len, + BOOL *pipe_outstanding); + + /* call to close a namedpipe. + * function is expected to perform all cleanups + * necessary, free all memory etc. + * + * returns True if cleanup was successful (not that + * we particularly care). + */ + BOOL (*namedpipe_close)(void * np_state); + +} smb_np_struct; + struct api_struct { char *name; diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index ba3c6f71b4..10ed2aaa0b 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -194,6 +194,30 @@ ssize_t read_udp_socket(int fd,char *buf,size_t len) return(ret); } +/******************************************************************* + checks if read data is outstanding. + ********************************************************************/ +int read_data_outstanding(int fd, unsigned int time_out) +{ + int selrtn; + fd_set fds; + struct timeval timeout; + + FD_ZERO(&fds); + FD_SET(fd, &fds); + + timeout.tv_sec = (time_t) (time_out / 1000); + timeout.tv_usec = (long)(1000 * (time_out % 1000)); + + selrtn = sys_select_intr(fd + 1, &fds, &timeout); + + if (selrtn <= 0) + { + return selrtn; + } + return FD_ISSET(fd, &fds) ? 1 : 0; +} + /**************************************************************************** Read data from a socket with a timout in msec. mincount = if timeout, minimum to read before returning @@ -315,13 +339,11 @@ static ssize_t read_socket_with_timeout(int fd,char *buf,size_t mincnt,size_t ma time_out = timeout in milliseconds ****************************************************************************/ -ssize_t read_with_timeout(int fd,char *buf,size_t mincnt,size_t maxcnt,unsigned int time_out) +ssize_t read_with_timeout(int fd, char *buf, size_t mincnt, size_t maxcnt, + unsigned int time_out) { - fd_set fds; - int selrtn; ssize_t readret; size_t nread = 0; - struct timeval timeout; /* just checking .... */ if (maxcnt <= 0) @@ -356,15 +378,8 @@ ssize_t read_with_timeout(int fd,char *buf,size_t mincnt,size_t maxcnt,unsigned system performance will suffer severely as select always returns true on disk files */ - /* Set initial timeout */ - timeout.tv_sec = (time_t)(time_out / 1000); - timeout.tv_usec = (long)(1000 * (time_out % 1000)); - for (nread=0; nread < mincnt; ) { - FD_ZERO(&fds); - FD_SET(fd,&fds); - - selrtn = sys_select_intr(fd+1,&fds,&timeout); + int selrtn = read_data_outstanding(fd, time_out); if(selrtn <= 0) return selrtn; diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c index d5f9a52e2f..e4a00443a1 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/srv_lsa_hnd.c @@ -35,10 +35,10 @@ BOOL init_pipe_handle_list(pipes_struct *p, char *pipe_name) { - pipes_struct *plist = get_first_pipe(); + pipes_struct *plist = get_first_internal_pipe(); struct handle_list *hl = NULL; - for (plist = get_first_pipe(); plist; plist = get_next_pipe(plist)) { + for (plist = get_first_internal_pipe(); plist; plist = get_next_internal_pipe(plist)) { if (strequal( plist->name, pipe_name)) { if (!plist->pipe_handles) { pstring msg; diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index cc6415cce7..a98bcdc6bb 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -26,26 +26,58 @@ #define PIPE "\\PIPE\\" #define PIPELEN strlen(PIPE) -static pipes_struct *chain_p; +static smb_np_struct *chain_p; static int pipes_open; #ifndef MAX_OPEN_PIPES #define MAX_OPEN_PIPES 2048 #endif -static pipes_struct *Pipes; +static smb_np_struct *Pipes; +static pipes_struct *InternalPipes; static struct bitmap *bmap; +/* TODO + * the following prototypes are declared here to avoid + * code being moved about too much for a patch to be + * disrupted / less obvious. + * + * these functions, and associated functions that they + * call, should be moved behind a .so module-loading + * system _anyway_. so that's the next step... + */ + +static ssize_t read_from_internal_pipe(void *np_conn, char *data, size_t n, + BOOL *is_data_outstanding); +static ssize_t write_to_internal_pipe(void *np_conn, char *data, size_t n); +static BOOL close_internal_rpc_pipe_hnd(void *np_conn); +static void *make_internal_rpc_pipe_p(char *pipe_name, + connection_struct *conn, uint16 vuid); + /**************************************************************************** Pipe iterator functions. ****************************************************************************/ -pipes_struct *get_first_pipe(void) +smb_np_struct *get_first_pipe(void) { return Pipes; } -pipes_struct *get_next_pipe(pipes_struct *p) +smb_np_struct *get_next_pipe(smb_np_struct *p) +{ + return p->next; +} + +/**************************************************************************** + Internal Pipe iterator functions. +****************************************************************************/ + +pipes_struct *get_first_internal_pipe(void) +{ + return InternalPipes; +} + +pipes_struct *get_next_internal_pipe(pipes_struct *p) { return p->next; } @@ -118,11 +150,11 @@ static BOOL pipe_init_outgoing_data(pipes_struct *p) Find first available pipe slot. ****************************************************************************/ -pipes_struct *open_rpc_pipe_p(char *pipe_name, +smb_np_struct *open_rpc_pipe_p(char *pipe_name, connection_struct *conn, uint16 vuid) { int i; - pipes_struct *p; + smb_np_struct *p, *p_it; static int next_pipe; DEBUG(4,("Open pipe requested %s (pipes_open=%d)\n", @@ -147,22 +179,28 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name, for (p = Pipes; p; p = p->next) DEBUG(5,("open_rpc_pipe_p: name %s pnum=%x\n", p->name, p->pnum)); - p = (pipes_struct *)malloc(sizeof(*p)); + p = (smb_np_struct *)malloc(sizeof(*p)); if (!p) + { + DEBUG(0,("ERROR! no memory for pipes_struct!\n")); return NULL; + } ZERO_STRUCTP(p); - if ((p->mem_ctx = talloc_init()) == NULL) { - DEBUG(0,("open_rpc_pipe_p: talloc_init failed.\n")); - SAFE_FREE(p); - return NULL; - } + /* add a dso mechanism instead of this, here */ - if (!init_pipe_handle_list(p, pipe_name)) { - DEBUG(0,("open_rpc_pipe_p: init_pipe_handles failed.\n")); - talloc_destroy(p->mem_ctx); + p->namedpipe_create = make_internal_rpc_pipe_p; + p->namedpipe_read = read_from_internal_pipe; + p->namedpipe_write = write_to_internal_pipe; + p->namedpipe_close = close_internal_rpc_pipe_hnd; + + p->np_state = p->namedpipe_create(pipe_name, conn, vuid); + + if (p->np_state == NULL) { + + DEBUG(0,("open_rpc_pipe_p: make_internal_rpc_pipe_p failed.\n")); SAFE_FREE(p); return NULL; } @@ -177,11 +215,6 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name, * change the type to UNMARSALLING before processing the stream. */ - if(!prs_init(&p->in_data.data, MAX_PDU_FRAG_LEN, p->mem_ctx, MARSHALL)) { - DEBUG(0,("open_rpc_pipe_p: malloc fail for in_data struct.\n")); - return NULL; - } - bitmap_set(bmap, i); i += pipe_handle_offset; @@ -197,6 +230,71 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name, p->max_trans_reply = 0; + fstrcpy(p->name, pipe_name); + + DEBUG(4,("Opened pipe %s with handle %x (pipes_open=%d)\n", + pipe_name, i, pipes_open)); + + chain_p = p; + + /* Iterate over p_it as a temp variable, to display all open pipes */ + for (p_it = Pipes; p_it; p_it = p_it->next) + DEBUG(5,("open pipes: name %s pnum=%x\n", p_it->name, p_it->pnum)); + + return chain_p; +} + +/**************************************************************************** + * make an internal namedpipes structure +****************************************************************************/ + +static void *make_internal_rpc_pipe_p(char *pipe_name, + connection_struct *conn, uint16 vuid) +{ + pipes_struct *p; + + DEBUG(4,("Create pipe requested %s\n", pipe_name)); + + p = (pipes_struct *)malloc(sizeof(*p)); + + if (!p) + { + DEBUG(0,("ERROR! no memory for pipes_struct!\n")); + return NULL; + } + + ZERO_STRUCTP(p); + + if ((p->mem_ctx = talloc_init()) == NULL) { + DEBUG(0,("open_rpc_pipe_p: talloc_init failed.\n")); + SAFE_FREE(p); + return NULL; + } + + if (!init_pipe_handle_list(p, pipe_name)) { + DEBUG(0,("open_rpc_pipe_p: init_pipe_handles failed.\n")); + talloc_destroy(p->mem_ctx); + SAFE_FREE(p); + return NULL; + } + + /* + * Initialize the incoming RPC data buffer with one PDU worth of memory. + * We cheat here and say we're marshalling, as we intend to add incoming + * data directly into the prs_struct and we want it to auto grow. We will + * change the type to UNMARSALLING before processing the stream. + */ + + if(!prs_init(&p->in_data.data, MAX_PDU_FRAG_LEN, p->mem_ctx, MARSHALL)) { + DEBUG(0,("open_rpc_pipe_p: malloc fail for in_data struct.\n")); + return NULL; + } + + DLIST_ADD(InternalPipes, p); + + p->conn = conn; + p->vuid = vuid; + p->ntlmssp_chal_flags = 0; p->ntlmssp_auth_validated = False; p->ntlmssp_auth_requested = False; @@ -205,6 +303,11 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name, p->fault_state = False; p->endian = RPC_LITTLE_ENDIAN; + ZERO_STRUCT(p->pipe_user); + + p->pipe_user.uid = (uid_t)-1; + p->pipe_user.gid = (gid_t)-1; + /* * Initialize the incoming RPC struct. */ @@ -225,23 +328,12 @@ pipes_struct *open_rpc_pipe_p(char *pipe_name, */ prs_init(&p->out_data.rdata, 0, p->mem_ctx, MARSHALL); - ZERO_STRUCT(p->pipe_user); - - p->pipe_user.uid = (uid_t)-1; - p->pipe_user.gid = (gid_t)-1; - fstrcpy(p->name, pipe_name); - DEBUG(4,("Opened pipe %s with handle %x (pipes_open=%d)\n", - pipe_name, i, pipes_open)); - - chain_p = p; - - /* OVERWRITE p as a temp variable, to display all open pipes */ - for (p = Pipes; p; p = p->next) - DEBUG(5,("open pipes: name %s pnum=%x\n", p->name, p->pnum)); + DEBUG(4,("Created internal pipe %s (pipes_open=%d)\n", + pipe_name, pipes_open)); - return chain_p; + return (void*)p; } /**************************************************************************** @@ -254,8 +346,8 @@ static void set_incoming_fault(pipes_struct *p) p->in_data.pdu_needed_len = 0; p->in_data.pdu_received_len = 0; p->fault_state = True; - DEBUG(10,("set_incoming_fault: Setting fault state on pipe %s : pnum = 0x%x\n", - p->name, p->pnum )); + DEBUG(10,("set_incoming_fault: Setting fault state on pipe %s : vuid = 0x%x\n", + p->name, p->vuid )); } /**************************************************************************** @@ -712,10 +804,8 @@ incoming data size = %u\n", (unsigned int)p->in_data.pdu_received_len, (unsigned Accepts incoming data on an rpc pipe. ****************************************************************************/ -ssize_t write_to_pipe(pipes_struct *p, char *data, size_t n) +ssize_t write_to_pipe(smb_np_struct *p, char *data, size_t n) { - size_t data_left = n; - DEBUG(6,("write_to_pipe: %x", p->pnum)); DEBUG(6,(" name: %s open: %s len: %d\n", @@ -723,6 +813,18 @@ ssize_t write_to_pipe(pipes_struct *p, char *data, size_t n) dump_data(50, data, n); + return p->namedpipe_write(p->np_state, data, n); +} + +/**************************************************************************** + Accepts incoming data on an internal rpc pipe. +****************************************************************************/ + +static ssize_t write_to_internal_pipe(void *np_conn, char *data, size_t n) +{ + pipes_struct *p = (pipes_struct*)np_conn; + size_t data_left = n; + while(data_left) { ssize_t data_used; @@ -753,11 +855,9 @@ ssize_t write_to_pipe(pipes_struct *p, char *data, size_t n) have been prepared into arrays of headers + data stream sections. ****************************************************************************/ -ssize_t read_from_pipe(pipes_struct *p, char *data, size_t n) +ssize_t read_from_pipe(smb_np_struct *p, char *data, size_t n, + BOOL *is_data_outstanding) { - uint32 pdu_remaining = 0; - ssize_t data_returned = 0; - if (!p || !p->open) { DEBUG(0,("read_from_pipe: pipe not open\n")); return -1; @@ -765,6 +865,32 @@ ssize_t read_from_pipe(pipes_struct *p, char *data, size_t n) DEBUG(6,("read_from_pipe: %x", p->pnum)); + return p->namedpipe_read(p->np_state, data, n, is_data_outstanding); +} + +/**************************************************************************** + Replies to a request to read data from a pipe. + + Headers are interspersed with the data at PDU intervals. By the time + this function is called, the start of the data could possibly have been + read by an SMBtrans (file_offset != 0). + + Calling create_rpc_reply() here is a hack. The data should already + have been prepared into arrays of headers + data stream sections. +****************************************************************************/ + +static ssize_t read_from_internal_pipe(void *np_conn, char *data, size_t n, + BOOL *is_data_outstanding) +{ + pipes_struct *p = (pipes_struct*)np_conn; + uint32 pdu_remaining = 0; + ssize_t data_returned = 0; + + if (!p) { + DEBUG(0,("read_from_pipe: pipe not open\n")); + return -1; + } + DEBUG(6,(" name: %s len: %u\n", p->name, (unsigned int)n)); /* @@ -839,6 +965,7 @@ returning %d bytes.\n", p->name, (unsigned int)p->out_data.current_pdu_len, out: + (*is_data_outstanding) = p->out_data.current_pdu_len > n; return data_returned; } @@ -846,7 +973,7 @@ returning %d bytes.\n", p->name, (unsigned int)p->out_data.current_pdu_len, Wait device state on a pipe. Exactly what this is for is unknown... ****************************************************************************/ -BOOL wait_rpc_pipe_hnd_state(pipes_struct *p, uint16 priority) +BOOL wait_rpc_pipe_hnd_state(smb_np_struct *p, uint16 priority) { if (p == NULL) return False; @@ -870,7 +997,7 @@ BOOL wait_rpc_pipe_hnd_state(pipes_struct *p, uint16 priority) Set device state on a pipe. Exactly what this is for is unknown... ****************************************************************************/ -BOOL set_rpc_pipe_hnd_state(pipes_struct *p, uint16 device_state) +BOOL set_rpc_pipe_hnd_state(smb_np_struct *p, uint16 device_state) { if (p == NULL) return False; @@ -894,21 +1021,14 @@ BOOL set_rpc_pipe_hnd_state(pipes_struct *p, uint16 device_state) Close an rpc pipe. ****************************************************************************/ -BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn) +BOOL close_rpc_pipe_hnd(smb_np_struct *p) { if (!p) { DEBUG(0,("Invalid pipe in close_rpc_pipe_hnd\n")); return False; } - prs_mem_free(&p->out_data.rdata); - prs_mem_free(&p->in_data.data); - - if (p->mem_ctx) - talloc_destroy(p->mem_ctx); - - /* Free the handles database. */ - close_policy_by_pipe(p); + p->namedpipe_close(p->np_state); bitmap_clear(bmap, p->pnum - pipe_handle_offset); @@ -919,9 +1039,39 @@ BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn) DLIST_REMOVE(Pipes, p); + ZERO_STRUCTP(p); + + SAFE_FREE(p); + + return True; +} + +/**************************************************************************** + Close an rpc pipe. +****************************************************************************/ + +static BOOL close_internal_rpc_pipe_hnd(void *np_conn) +{ + pipes_struct *p = (pipes_struct *)np_conn; + if (!p) { + DEBUG(0,("Invalid pipe in close_internal_rpc_pipe_hnd\n")); + return False; + } + + prs_mem_free(&p->out_data.rdata); + prs_mem_free(&p->in_data.data); + + if (p->mem_ctx) + talloc_destroy(p->mem_ctx); + + /* Free the handles database. */ + close_policy_by_pipe(p); + delete_nt_token(&p->pipe_user.nt_user_token); SAFE_FREE(p->pipe_user.groups); + DLIST_REMOVE(InternalPipes, p); + ZERO_STRUCTP(p); SAFE_FREE(p); @@ -933,7 +1083,7 @@ BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn) Find an rpc pipe given a pipe handle in a buffer and an offset. ****************************************************************************/ -pipes_struct *get_rpc_pipe_p(char *buf, int where) +smb_np_struct *get_rpc_pipe_p(char *buf, int where) { int pnum = SVAL(buf,where); @@ -947,9 +1097,9 @@ pipes_struct *get_rpc_pipe_p(char *buf, int where) Find an rpc pipe given a pipe handle. ****************************************************************************/ -pipes_struct *get_rpc_pipe(int pnum) +smb_np_struct *get_rpc_pipe(int pnum) { - pipes_struct *p; + smb_np_struct *p; DEBUG(4,("search for pipe pnum=%x\n", pnum)); diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 2b41efcbf6..bdd2bbf31b 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -633,7 +633,7 @@ static void srv_spoolss_receive_message(int msg_type, pid_t src, void *buf, size */ hl = NULL; - for ( p = get_first_pipe(); p; p = get_next_pipe(p)) { + for ( p = get_first_internal_pipe(); p; get_next_internal_pipe(p)) { if (strequal(p->name, "spoolss")) { hl = p->pipe_handles; break; diff --git a/source3/script/mkproto.awk b/source3/script/mkproto.awk index 36f5b0afd1..1d15255a29 100644 --- a/source3/script/mkproto.awk +++ b/source3/script/mkproto.awk @@ -114,7 +114,7 @@ END { { gotstart = 0; - if( $0 ~ /^const|^connection_struct|^pipes_struct|^file_fd_struct|^files_struct|^connection_struct|^uid_t|^gid_t|^unsigned|^mode_t|^DIR|^user|^int|^pid_t|^ino_t|^off_t/ ) { + if( $0 ~ /^const|^connection_struct|^pipes_struct|^smb_np_struct|^file_fd_struct|^files_struct|^connection_struct|^uid_t|^gid_t|^unsigned|^mode_t|^DIR|^user|^int|^pid_t|^ino_t|^off_t/ ) { gotstart = 1; } diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 4047ffa8d7..f84f3048e9 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -163,8 +163,9 @@ void send_trans_reply(char *outbuf, Start the first part of an RPC reply which began with an SMBtrans request. ****************************************************************************/ -static BOOL api_rpc_trans_reply(char *outbuf, pipes_struct *p) +static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p) { + BOOL is_data_outstanding; char *rdata = malloc(p->max_trans_reply); int data_len; @@ -173,12 +174,13 @@ static BOOL api_rpc_trans_reply(char *outbuf, pipes_struct *p) return False; } - if((data_len = read_from_pipe( p, rdata, p->max_trans_reply)) < 0) { + if((data_len = read_from_pipe( p, rdata, p->max_trans_reply, + &is_data_outstanding)) < 0) { SAFE_FREE(rdata); return False; } - send_trans_reply(outbuf, NULL, 0, rdata, data_len, p->out_data.current_pdu_len > data_len); + send_trans_reply(outbuf, NULL, 0, rdata, data_len, is_data_outstanding); SAFE_FREE(rdata); return True; @@ -188,7 +190,7 @@ static BOOL api_rpc_trans_reply(char *outbuf, pipes_struct *p) WaitNamedPipeHandleState ****************************************************************************/ -static BOOL api_WNPHS(char *outbuf, pipes_struct *p, char *param, int param_len) +static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len) { uint16 priority; @@ -211,7 +213,7 @@ static BOOL api_WNPHS(char *outbuf, pipes_struct *p, char *param, int param_len) SetNamedPipeHandleState ****************************************************************************/ -static BOOL api_SNPHS(char *outbuf, pipes_struct *p, char *param, int param_len) +static BOOL api_SNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len) { uint16 id; @@ -259,7 +261,7 @@ static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf, int suwcnt,int tdscnt,int tpscnt,int mdrcnt,int mprcnt) { BOOL reply = False; - pipes_struct *p = NULL; + smb_np_struct *p = NULL; int pnum; int subcommand; diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 464790d158..6e03d485d2 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -466,7 +466,7 @@ to open_mode 0x%x\n", (unsigned long)desired_access, (unsigned long)share_access static int nt_open_pipe(char *fname, connection_struct *conn, char *inbuf, char *outbuf, int *ppnum) { - pipes_struct *p = NULL; + smb_np_struct *p = NULL; uint16 vuid = SVAL(inbuf, smb_uid); int i; diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c index cd8a56a5d2..8f6f6f39c4 100644 --- a/source3/smbd/pipes.c +++ b/source3/smbd/pipes.c @@ -45,7 +45,7 @@ int reply_open_pipe_and_X(connection_struct *conn, pstring fname; pstring pipe_name; uint16 vuid = SVAL(inbuf, smb_uid); - pipes_struct *p; + smb_np_struct *p; int smb_ofun = SVAL(inbuf,smb_vwv8); int size=0,fmode=0,mtime=0,rmode=0; int i; @@ -116,7 +116,7 @@ int reply_open_pipe_and_X(connection_struct *conn, ****************************************************************************/ int reply_pipe_write(char *inbuf,char *outbuf,int length,int dum_bufsize) { - pipes_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0); + smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0); size_t numtowrite = SVAL(inbuf,smb_vwv1); int nwritten; int outsize; @@ -154,7 +154,7 @@ int reply_pipe_write(char *inbuf,char *outbuf,int length,int dum_bufsize) int reply_pipe_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) { - pipes_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2); + smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2); size_t numtowrite = SVAL(inbuf,smb_vwv10); int nwritten = -1; int smb_doff = SVAL(inbuf, smb_vwv11); @@ -210,11 +210,13 @@ int reply_pipe_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) ****************************************************************************/ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) { - pipes_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2); + smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2); int smb_maxcnt = SVAL(inbuf,smb_vwv5); int smb_mincnt = SVAL(inbuf,smb_vwv6); int nread = -1; char *data; + BOOL unused; + /* we don't use the offset given to use for pipe reads. This is deliberate, instead we always return the next lump of data on the pipe */ @@ -228,7 +230,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) set_message(outbuf,12,0,True); data = smb_buf(outbuf); - nread = read_from_pipe(p, data, smb_maxcnt); + nread = read_from_pipe(p, data, smb_maxcnt, &unused); if (nread < 0) return(UNIXERROR(ERRDOS,ERRnoaccess)); @@ -248,7 +250,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) ****************************************************************************/ int reply_pipe_close(connection_struct *conn, char *inbuf,char *outbuf) { - pipes_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0); + smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0); int outsize = set_message(outbuf,0,0,True); if (!p) @@ -256,7 +258,7 @@ int reply_pipe_close(connection_struct *conn, char *inbuf,char *outbuf) DEBUG(5,("reply_pipe_close: pnum:%x\n", p->pnum)); - if (!close_rpc_pipe_hnd(p, conn)) + if (!close_rpc_pipe_hnd(p)) return ERROR_DOS(ERRDOS,ERRbadfid); return(outsize); |