- added FAST_SHARE_MODES code

- added some named pipe code from Jim
(This used to be commit c94866e9e44ea1eb72da06bc65ef1c032ae8e0c9)

4 files changed, 500 insertions, 12 deletions

diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 5b3939e98c..39b8f3f089 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -59,11 +59,21 @@ extern fstring local_machine;
 #define SNLEN 15		/* service name length */
 #define QNLEN 12		/* queue name maximum length */
 
-#define MAJOR_VERSION 2
+#define MAJOR_VERSION 4
 #define MINOR_VERSION 0
 
 extern int Client;
 
+static BOOL api_Unsupported(int cnum,int uid, char *param,char *data,
+			    int mdrcnt,int mprcnt,
+			    char **rdata,char **rparam,
+			    int *rdata_len,int *rparam_len);
+static BOOL api_TooSmall(int cnum,int uid, char *param,char *data,
+			 int mdrcnt,int mprcnt,
+			 char **rdata,char **rparam,
+			 int *rdata_len,int *rparam_len);
+
+
 static int CopyExpanded(int cnum, int snum, char** dst, char* src, int* n)
 {
   pstring buf;
@@ -1906,7 +1916,8 @@ static BOOL api_RNetUserGetInfo(int cnum,int uid, char *param,char *data,
       p2 = skip_string(p2,1);
     }
     if (uLevel == 11) {         /* modelled after NTAS 3.51 reply */
-      SSVAL(p,34,USER_PRIV_USER); /* user privilege */
+      SSVAL(p,34,
+	    Connections[cnum].admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); 
       SIVAL(p,36,0);		/* auth flags */
       SIVALS(p,40,-1);		/* password age */
       SIVAL(p,44,PTR_DIFF(p2,p)); /* home dir */
@@ -1941,7 +1952,8 @@ static BOOL api_RNetUserGetInfo(int cnum,int uid, char *param,char *data,
     if (uLevel == 1 || uLevel == 2) {
       memset(p+22,' ',16);	/* password */
       SIVALS(p,38,-1);		/* password age */
-      SSVAL(p,42,USER_PRIV_ADMIN); /* user privilege */
+      SSVAL(p,42,
+	    Connections[cnum].admin_user?USER_PRIV_ADMIN:USER_PRIV_USER);
       SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */
       strcpy(p2,"\\\\%L\\HOMES");
       standard_sub_basic(p2);
@@ -2577,6 +2589,92 @@ static BOOL api_WPrintPortEnum(int cnum,int uid, char *param,char *data,
   return(True);
 }
 
+
+struct
+{
+  char * name;
+  char * pipename;
+  int subcommand;
+  BOOL (*fn) ();
+} api_fd_commands [] =
+  {
+    { "SetNmdPpHndState",	"lsarpc",	1,	api_LsarpcSNPHS },
+    { "TransactNmPipe",	"lsarpc",	0x26,	api_LsarpcTNP },
+    { NULL,		NULL,		-1,	api_Unsupported }
+  };
+
+/****************************************************************************
+  handle remote api calls delivered to a named pipe already opened.
+  ****************************************************************************/
+static int api_fd_reply(int cnum,int uid,char *outbuf,
+		 	uint16 *setup,char *data,char *params,
+		 	int suwcnt,int tdscnt,int tpscnt,int mdrcnt,int mprcnt)
+{
+  char *rdata = NULL;
+  char *rparam = NULL;
+  int rdata_len = 0;
+  int rparam_len = 0;
+  BOOL reply=False;
+  int i;
+  int fd;
+  int subcommand;
+  
+  /* First find out the name of this file. */
+  if (suwcnt != 2)
+    {
+      DEBUG(0,("Unexpected named pipe transaction.\n"));
+      return(-1);
+    }
+  
+  /* Get the file handle and hence the file name. */
+  fd = setup[1];
+  subcommand = setup[0];
+  
+  DEBUG(3,("Got API command %d on pipe %s ",subcommand,Files[fd].name));
+  DEBUG(3,("(tdscnt=%d,tpscnt=%d,mdrcnt=%d,mprcnt=%d)\n",
+	   tdscnt,tpscnt,mdrcnt,mprcnt));
+  
+  for (i=0;api_fd_commands[i].name;i++)
+    if (strequal(api_fd_commands[i].pipename, Files[fd].name) &&
+	api_fd_commands[i].subcommand == subcommand &&
+	api_fd_commands[i].fn)
+      {
+	DEBUG(3,("Doing %s\n",api_fd_commands[i].name));
+	break;
+      }
+  
+  rdata = (char *)malloc(1024); if (rdata) bzero(rdata,1024);
+  rparam = (char *)malloc(1024); if (rparam) bzero(rparam,1024);
+  
+  reply = api_fd_commands[i].fn(cnum,uid,params,data,mdrcnt,mprcnt,
+			        &rdata,&rparam,&rdata_len,&rparam_len);
+  
+  if (rdata_len > mdrcnt ||
+      rparam_len > mprcnt)
+    {
+      reply = api_TooSmall(cnum,uid,params,data,mdrcnt,mprcnt,
+			   &rdata,&rparam,&rdata_len,&rparam_len);
+    }
+  
+  
+  /* if we get False back then it's actually unsupported */
+  if (!reply)
+    api_Unsupported(cnum,uid,params,data,mdrcnt,mprcnt,
+		    &rdata,&rparam,&rdata_len,&rparam_len);
+  
+  /* now send the reply */
+  send_trans_reply(outbuf,rdata,rparam,NULL,rdata_len,rparam_len,0);
+  
+  if (rdata)
+    free(rdata);
+  if (rparam)
+    free(rparam);
+  
+  return(-1);
+}
+
+
+
 /****************************************************************************
   the buffer was too small
   ****************************************************************************/
@@ -2727,6 +2825,10 @@ static int named_pipe(int cnum,int uid, char *outbuf,char *name,
   if (strequal(name,"LANMAN"))
     return(api_reply(cnum,uid,outbuf,data,params,tdscnt,tpscnt,mdrcnt,mprcnt));
 
+if (strlen(name) < 1)
+  return(api_fd_reply(cnum,uid,outbuf,setup,data,params,suwcnt,tdscnt,tpscnt,mdrcnt,mprcnt));
+
+
   DEBUG(3,("named pipe command on <%s> 0x%X setup1=%d\n",
 	   name,(int)setup[0],(int)setup[1]));
   
diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c
new file mode 100644
index 0000000000..724f58e1e2
--- /dev/null
+++ b/source3/smbd/pipes.c
@@ -0,0 +1,363 @@
+/* 
+   Unix SMB/Netbios implementation.
+   Version 1.9.
+   Pipe SMB reply routines
+   Copyright (C) Andrew Tridgell 1992-1995
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+/*
+   This file handles reply_ calls on named pipes that the server
+   makes to handle specific protocols
+*/
+
+
+#include "includes.h"
+#include "trans2.h"
+
+#define	PIPE		"\\PIPE\\"
+#define	PIPELEN		strlen(PIPE)
+
+#define REALLOC(ptr,size) Realloc(ptr,MAX((size),4*1024))
+
+/* look in server.c for some explanation of these variables */
+extern int Protocol;
+extern int DEBUGLEVEL;
+extern int chain_size;
+extern int maxxmit;
+extern int chain_fnum;
+extern char magic_char;
+extern connection_struct Connections[];
+extern files_struct Files[];
+extern BOOL case_sensitive;
+extern pstring sesssetup_user;
+extern int Client;
+
+/* this macro should always be used to extract an fnum (smb_fid) from
+a packet to ensure chaining works correctly */
+#define GETFNUM(buf,where) (chain_fnum!= -1?chain_fnum:SVAL(buf,where))
+
+char * known_pipes [] =
+{
+  "lsarpc",
+  NULL
+};
+
+/****************************************************************************
+  reply to an open and X on a named pipe
+
+  In fact what we do is to open a regular file with the same name in
+  /tmp. This can then be closed as normal. Reading and writing won't
+  make much sense, but will do *something*. The real reason for this
+  support is to be able to do transactions on them (well, on lsarpc
+  for domain login purposes...).
+
+  This code is basically stolen from reply_open_and_X with some
+  wrinkles to handle pipes.
+****************************************************************************/
+int reply_open_pipe_and_X(char *inbuf,char *outbuf,int length,int bufsize)
+{
+  pstring fname;
+  int cnum = SVAL(inbuf,smb_tid);
+  int fnum = -1;
+  int outsize = 0;
+  int smb_com2 = CVAL(inbuf,smb_vwv0);
+  int smb_off2 = SVAL(inbuf,smb_vwv1);
+  int smb_mode = SVAL(inbuf,smb_vwv3);
+  int smb_attr = SVAL(inbuf,smb_vwv5);
+#if 0
+  int open_flags = SVAL(inbuf,smb_vwv2);
+  int smb_sattr = SVAL(inbuf,smb_vwv4); 
+  uint32 smb_time = make_unix_date3(inbuf+smb_vwv6);
+#endif
+  int smb_ofun = SVAL(inbuf,smb_vwv8);
+  int unixmode;
+  int size=0,fmode=0,mtime=0,rmode=0;
+  struct stat sbuf;
+  int smb_action = 0;
+  int i;
+
+  /* XXXX we need to handle passed times, sattr and flags */
+  strcpy(fname,smb_buf(inbuf));
+
+  /* If the name doesn't start \PIPE\ then this is directed */
+  /* at a mailslot or something we really, really don't understand, */
+  /* not just something we really don't understand. */
+  if ( strncmp(fname,PIPE,PIPELEN) != 0 )
+    return(ERROR(ERRSRV,ERRaccess));
+
+  DEBUG(4,("Opening pipe %s.\n", fname));
+
+  /* Strip \PIPE\ off the name. */
+  strcpy(fname,smb_buf(inbuf) + PIPELEN);
+
+  /* See if it is one we want to handle. */
+  for( i = 0; known_pipes[i] ; i++ )
+    if( strcmp(fname,known_pipes[i]) == 0 )
+      break;
+
+  if ( known_pipes[i] == NULL )
+    return(ERROR(ERRSRV,ERRaccess));
+
+  /* Known pipes arrive with DIR attribs. Remove it so a regular file */
+  /* can be opened and add it in after the open. */
+  DEBUG(3,("Known pipe %s opening.\n",fname));
+  smb_attr &= ~aDIR;
+  Connections[cnum].read_only = 0;
+  smb_ofun |= 0x10;		/* Add Create it not exists flag */
+
+  unix_convert(fname,cnum);
+    
+  fnum = find_free_file();
+  if (fnum < 0)
+    return(ERROR(ERRSRV,ERRnofids));
+
+  if (!check_name(fname,cnum))
+    return(UNIXERROR(ERRDOS,ERRnoaccess));
+
+  unixmode = unix_mode(cnum,smb_attr);
+      
+  open_file_shared(fnum,cnum,fname,smb_mode,smb_ofun,unixmode,
+		   &rmode,&smb_action);
+      
+  if (!Files[fnum].open)
+    return(UNIXERROR(ERRDOS,ERRnoaccess));
+
+  if (fstat(Files[fnum].fd,&sbuf) != 0) {
+    close_file(fnum);
+    return(ERROR(ERRDOS,ERRnoaccess));
+  }
+
+  size = sbuf.st_size;
+  fmode = dos_mode(cnum,fname,&sbuf);
+  mtime = sbuf.st_mtime;
+  if (fmode & aDIR) {
+    close_file(fnum);
+    return(ERROR(ERRDOS,ERRnoaccess));
+  }
+
+  /* Prepare the reply */
+  outsize = set_message(outbuf,15,0,True);
+  CVAL(outbuf,smb_vwv0) = smb_com2;
+
+  /* Put things back the way they were. */
+  Connections[cnum].read_only = 1;
+
+  /* Mark the opened file as an existing named pipe in message mode. */
+  SSVAL(outbuf,smb_vwv9,2);
+  SSVAL(outbuf,smb_vwv10,0xc700);
+  if (rmode == 2)
+  {
+    DEBUG(4,("Resetting open result to open from create.\n"));
+    rmode = 1;
+  }
+
+  SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4);
+  SSVAL(outbuf,smb_vwv2,fnum);
+  SSVAL(outbuf,smb_vwv3,fmode);
+  put_dos_date3(outbuf,smb_vwv4,mtime);
+  SIVAL(outbuf,smb_vwv6,size);
+  SSVAL(outbuf,smb_vwv8,rmode);
+  SSVAL(outbuf,smb_vwv11,smb_action);
+
+  chain_fnum = fnum;
+
+  if (smb_com2 != 0xFF)
+    outsize += chain_reply(smb_com2,inbuf,inbuf+smb_off2+4,
+			   outbuf,outbuf+outsize,
+			   length,bufsize);
+
+  chain_fnum = -1;
+
+  DEBUG(4,("Opened pipe %s with handle %d, saved name %s.\n",
+	   fname, fnum, Files[fnum].name));
+  
+  return(outsize);
+}
+
+
+/****************************************************************************
+ api_LsarpcSNPHS
+
+ SetNamedPipeHandleState on \PIPE\lsarpc. We can't really do much here,
+ so just blithely return True. This is really only for NT domain stuff,
+ we we're only handling that - don't assume Samba now does complete
+ named pipe handling.
+****************************************************************************/
+BOOL api_LsarpcSNPHS(int cnum,int uid, char *param,char *data,
+		     int mdrcnt,int mprcnt,
+		     char **rdata,char **rparam,
+		     int *rdata_len,int *rparam_len)
+{
+  uint16 id;
+
+  id = param[0] + (param[1] << 8);
+  DEBUG(4,("lsarpc SetNamedPipeHandleState to code %x\n",id));
+  return(True);
+}
+
+
+/****************************************************************************
+ api_LsarpcTNP
+
+ TransactNamedPipe on \PIPE\lsarpc.
+****************************************************************************/
+static void LsarpcTNP1(char *data,char **rdata, int *rdata_len)
+{
+  uint32 dword1, dword2;
+  char pname[] = "\\PIPE\\lsass";
+
+  /* All kinds of mysterious numbers here */
+  *rdata_len = 68;
+  *rdata = REALLOC(*rdata,*rdata_len);
+
+  dword1 = IVAL(data,0xC);
+  dword2 = IVAL(data,0x10);
+
+  SIVAL(*rdata,0,0xc0005);
+  SIVAL(*rdata,4,0x10);
+  SIVAL(*rdata,8,0x44);
+  SIVAL(*rdata,0xC,dword1);
+  
+  SIVAL(*rdata,0x10,dword2);
+  SIVAL(*rdata,0x14,0x15);
+  SSVAL(*rdata,0x18,sizeof(pname));
+  strcpy(*rdata + 0x1a,pname);
+  SIVAL(*rdata,0x28,1);
+  memcpy(*rdata + 0x30, data + 0x34, 0x14);
+}
+
+static void LsarpcTNP2(char *data,char **rdata, int *rdata_len)
+{
+  uint32 dword1;
+
+  /* All kinds of mysterious numbers here */
+  *rdata_len = 48;
+  *rdata = REALLOC(*rdata,*rdata_len);
+
+  dword1 = IVAL(data,0xC);
+
+  SIVAL(*rdata,0,0x03020005);
+  SIVAL(*rdata,4,0x10);
+  SIVAL(*rdata,8,0x30);
+  SIVAL(*rdata,0xC,dword1);
+  SIVAL(*rdata,0x10,0x18);
+  SIVAL(*rdata,0x1c,0x44332211);
+  SIVAL(*rdata,0x20,0x88776655);
+  SIVAL(*rdata,0x24,0xCCBBAA99);
+  SIVAL(*rdata,0x28,0x11FFEEDD);
+}
+
+static void LsarpcTNP3(char *data,char **rdata, int *rdata_len)
+{
+  uint32 dword1;
+  uint16 word1;
+  char * workgroup = lp_workgroup();
+  int wglen = strlen(workgroup);
+  int i;
+
+  /* All kinds of mysterious numbers here */
+  *rdata_len = 90 + 2 * wglen;
+  *rdata = REALLOC(*rdata,*rdata_len);
+
+  dword1 = IVAL(data,0xC);
+  word1 = SVAL(data,0x2C);
+
+  SIVAL(*rdata,0,0x03020005);
+  SIVAL(*rdata,4,0x10);
+  SIVAL(*rdata,8,0x60);
+  SIVAL(*rdata,0xC,dword1);
+  SIVAL(*rdata,0x10,0x48);
+  SSVAL(*rdata,0x18,0x5988);	/* This changes */
+  SSVAL(*rdata,0x1A,0x15);
+  SSVAL(*rdata,0x1C,word1);
+  SSVAL(*rdata,0x20,6);
+  SSVAL(*rdata,0x22,8);
+  SSVAL(*rdata,0x24,0x8E8);	/* So does this */
+  SSVAL(*rdata,0x26,0x15);
+  SSVAL(*rdata,0x28,0x4D48);	/* And this */
+  SSVAL(*rdata,0x2A,0x15);
+  SIVAL(*rdata,0x2C,4);
+  SIVAL(*rdata,0x34,wglen);
+  for ( i = 0 ; i < wglen ; i++ )
+    (*rdata)[0x38 + i * 2] = workgroup[i];
+   
+  /* Now fill in the rest */
+  i = 0x38 + wglen * 2;
+  SSVAL(*rdata,i,0x648);
+  SIVAL(*rdata,i+2,4);
+  SIVAL(*rdata,i+6,0x401);
+  SSVAL(*rdata,i+0xC,0x500);
+  SIVAL(*rdata,i+0xE,0x15);
+  SIVAL(*rdata,i+0x12,0x2372FE1);
+  SIVAL(*rdata,i+0x16,0x7E831BEF);
+  SIVAL(*rdata,i+0x1A,0x4B454B2);
+}
+
+static void LsarpcTNP4(char *data,char **rdata, int *rdata_len)
+{
+  uint32 dword1;
+
+  /* All kinds of mysterious numbers here */
+  *rdata_len = 48;
+  *rdata = REALLOC(*rdata,*rdata_len);
+
+  dword1 = IVAL(data,0xC);
+
+  SIVAL(*rdata,0,0x03020005);
+  SIVAL(*rdata,4,0x10);
+  SIVAL(*rdata,8,0x30);
+  SIVAL(*rdata,0xC,dword1);
+  SIVAL(*rdata,0x10,0x18);
+}
+
+
+BOOL api_LsarpcTNP(int cnum,int uid, char *param,char *data,
+		     int mdrcnt,int mprcnt,
+		     char **rdata,char **rparam,
+		     int *rdata_len,int *rparam_len)
+{
+  uint32 id,id2;
+
+  id = IVAL(data,0);
+
+  DEBUG(4,("lsarpc TransactNamedPipe id %lx\n",id));
+  switch (id)
+  {
+    case 0xb0005:
+      LsarpcTNP1(data,rdata,rdata_len);
+      break;
+
+    case 0x03000005:
+      id2 = IVAL(data,8);
+      DEBUG(4,("\t- Suboperation %lx\n",id2));
+      switch (id2 & 0xF)
+      {
+        case 8:
+          LsarpcTNP2(data,rdata,rdata_len);
+          break;
+
+        case 0xC:
+          LsarpcTNP4(data,rdata,rdata_len);
+          break;
+
+        case 0xE:
+          LsarpcTNP3(data,rdata,rdata_len);
+          break;
+      }
+      break;
+  }
+  return(True);
+}
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index d463b305c9..a97c8c9c9c 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -294,6 +294,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
   BOOL valid_nt_password = False;
   pstring user;
   BOOL guest=False;
+  BOOL computer_id=False;
 
   *smb_apasswd = 0;
   
@@ -349,6 +350,15 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
 
   DEBUG(3,("sesssetupX:name=[%s]\n",user));
 
+  /* If name ends in $ then I think it's asking about whether a */
+  /* computer with that name (minus the $) has access. For now */
+  /* say yes to everything ending in $. */
+  if (user[strlen(user) - 1] == '$') {
+    computer_id = True;
+    user[strlen(user) - 1] = '\0';
+  }
+
+
   if (!*user)
     strcpy(user,lp_guestaccount(-1));
 
@@ -380,7 +390,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
 	} 
       if (!valid_nt_password && !guest && !password_ok(user,smb_apasswd,smb_apasslen,NULL,False))
 	{
-	  if (lp_security() >= SEC_USER) {
+	  if (!computer_id && lp_security() >= SEC_USER) {
 #if (GUEST_SESSSETUP == 0)
 	    return(ERROR(ERRSRV,ERRbadpw));
 #endif
@@ -444,7 +454,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
   CVAL(outbuf,smb_vwv0) = smb_com2;
   SSVAL(outbuf,smb_vwv1,(chain_size+outsize)-4);
 
-  if (guest)
+  if (guest && !computer_id)
     SSVAL(outbuf,smb_vwv2,1);
 
   /* register the name and uid as being validated, so further connections
@@ -980,6 +990,10 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize)
   struct stat sbuf;
   int smb_action = 0;
 
+  /* If it's an IPC, pass off the pipe handler. */
+  if (IS_IPC(cnum))
+    return reply_open_pipe_and_X(inbuf,outbuf,length,bufsize);
+
   /* XXXX we need to handle passed times, sattr and flags */
 
   strcpy(fname,smb_buf(inbuf));
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 334edf77d0..170062a531 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1584,7 +1584,7 @@ static int sig_cld()
     }
   depth++;
 
-  BlockSignals(True);
+  BlockSignals(True,SIGCLD);
   DEBUG(5,("got SIGCLD\n"));
 
 #ifdef USE_WAITPID
@@ -1610,7 +1610,7 @@ static int sig_cld()
   while (wait3(WAIT3_CAST1 NULL, WNOHANG, WAIT3_CAST2 NULL) > 0);
 #endif
   depth--;
-  BlockSignals(False);
+  BlockSignals(False,SIGCLD);
   return 0;
 }
 #endif
@@ -1791,13 +1791,13 @@ this prevents zombie child processes
 ****************************************************************************/
 static int sig_hup()
 {
-  BlockSignals(True);
+  BlockSignals(True,SIGHUP);
   DEBUG(0,("Got SIGHUP\n"));
   reload_services(False);
 #ifndef DONT_REINSTALL_SIG
   signal(SIGHUP,SIGNAL_CAST sig_hup);
 #endif
-  BlockSignals(False);
+  BlockSignals(False,SIGHUP);
   return(0);
 }
 
@@ -3011,7 +3011,7 @@ struct smb_message_struct
    {SMBunlink,"SMBunlink",reply_unlink,AS_USER | NEED_WRITE},
    {SMBread,"SMBread",reply_read,AS_USER},
    {SMBwrite,"SMBwrite",reply_write,AS_USER},
-   {SMBclose,"SMBclose",reply_close,AS_USER},
+   {SMBclose,"SMBclose",reply_close,AS_USER | CAN_IPC},
    {SMBmkdir,"SMBmkdir",reply_mkdir,AS_USER | NEED_WRITE},
    {SMBrmdir,"SMBrmdir",reply_rmdir,AS_USER | NEED_WRITE},
    {SMBdskattr,"SMBdskattr",reply_dskattr,AS_USER},
@@ -3054,7 +3054,7 @@ struct smb_message_struct
    {SMBcopy,"SMBcopy",reply_copy,AS_USER | NEED_WRITE},
    {SMBmove,"SMBmove",NULL,AS_USER | NEED_WRITE},
    
-   {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER},
+   {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER | CAN_IPC},
    {SMBreadX,"SMBreadX",reply_read_and_X,AS_USER},
    {SMBwriteX,"SMBwriteX",reply_write_and_X,AS_USER},
    {SMBlockingX,"SMBlockingX",reply_lockingX,AS_USER},
@@ -3456,7 +3456,7 @@ static void process(void)
 
 	  /* clean the share modes every 5 minutes */
 	  if (!(counter%SHARE_MODES_CLEAN))
-	    clean_share_files();
+	    clean_share_modes();
 
 	  /* automatic timeout if all connections are closed */      
 	  if (num_connections_open==0 && counter >= IDLE_CLOSED_TIMEOUT) {
@@ -3744,6 +3744,11 @@ static void usage(char *pname)
   if (!open_sockets(is_daemon,port))
     exit(1);
 
+#ifdef FAST_SHARE_MODES
+  if (!start_share_mode_mgmt())
+    exit(1);
+#endif
+
   /* possibly reload the services file. */
   reload_services(True);
 
@@ -3758,6 +3763,10 @@ static void usage(char *pname)
   process();
   close_sockets();
 
+#ifdef FAST_SHARE_MODES
+  stop_share_mode_mgmt();
+#endif
+
   exit_server("normal exit");
   return(0);
 }