Big update moving the multi-pdu support from 2.0.x into HEAD for JF

and the printer functions.
Also tidied up some header includes and got the order right so you
can now do a :

make proto
make clean
make

Jeremy.
(This used to be commit 833cd9fba92e4ad5297b235d108dd2be8c17079b)

2 files changed, 30 insertions, 48 deletions

diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 5ee70e7d94..d42c2727d4 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -3201,20 +3201,11 @@ static BOOL api_WPrintPortEnum(connection_struct *conn,uint16 vuid, char *param,
  Start the first part of an RPC reply which began with an SMBtrans request.
 ****************************************************************************/
 
-static BOOL api_rpc_trans_reply(char *outbuf, pipes_struct *p,
-				char *redir_data, int redir_len)
+static BOOL api_rpc_trans_reply(char *outbuf, pipes_struct *p)
 {
-	char *rdata;
+	char *rdata = malloc(p->max_trans_reply);
 	int data_len;
 
-	if (redir_data != NULL)
-	{
-		send_trans_reply(outbuf, NULL, 0, redir_data, redir_len,
-		                 redir_len > p->max_trans_reply);
-		return True;
-	}
-
-	rdata = malloc(p->max_trans_reply);
 	if(rdata == NULL) {
 		DEBUG(0,("api_rpc_trans_reply: malloc fail.\n"));
 		return False;
@@ -3340,23 +3331,11 @@ static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf,
 
 	switch (subcommand) {
 	case 0x26:
-	{
-		char *rdata = NULL;
-		int rlen = mdrcnt;
-
-		if (p->m)
-		{
-			reply = readwrite_pipe(p, data, tdscnt, &rdata, &rlen);
-		}
-		else
-		{
-			/* dce/rpc command */
-			reply = rpc_command(p, data, tdscnt);
-		}
+		/* dce/rpc command */
+		reply = write_to_pipe(p, data, tdscnt);
 		if (reply)
-			reply = api_rpc_trans_reply(outbuf, p, rdata, rlen);
+			reply = api_rpc_trans_reply(outbuf, p);
 		break;
-	}
 	case 0x53:
 		/* Wait Named Pipe Handle state */
 		reply = api_WNPHS(outbuf, p, params, tpscnt);
diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c
index 1a9ac1d7a4..65a71e1c00 100644
--- a/source3/smbd/pipes.c
+++ b/source3/smbd/pipes.c
@@ -129,16 +129,7 @@ int reply_pipe_write(char *inbuf,char *outbuf,int length,int dum_bufsize)
 	if (numtowrite == 0)
 		nwritten = 0;
 	else
-	{
-		if (p->m != NULL)
-		{
-			nwritten = write_pipe(p, data, numtowrite);
-		}
-		else
-		{
-			nwritten = write_to_pipe(p, data, numtowrite);
-		}
-	}
+		nwritten = write_to_pipe(p, data, numtowrite);
 
 	if ((nwritten == 0 && numtowrite != 0) || (nwritten < 0))
 		return (UNIXERROR(ERRDOS,ERRnoaccess));
@@ -154,17 +145,19 @@ int reply_pipe_write(char *inbuf,char *outbuf,int length,int dum_bufsize)
 }
 
 /****************************************************************************
-  reply to a write and X
+ Reply to a write and X.
 
-  This code is basically stolen from reply_write_and_X with some
-  wrinkles to handle pipes.
+ This code is basically stolen from reply_write_and_X with some
+ wrinkles to handle pipes.
 ****************************************************************************/
+
 int reply_pipe_write_and_X(char *inbuf,char *outbuf,int length,int bufsize)
 {
 	pipes_struct *p = get_rpc_pipe_p(inbuf,smb_vwv2);
 	size_t numtowrite = SVAL(inbuf,smb_vwv10);
 	int nwritten = -1;
 	int smb_doff = SVAL(inbuf, smb_vwv11);
+	BOOL pipe_start_message_raw = ((SVAL(inbuf, smb_vwv7) & (PIPE_START_MESSAGE|PIPE_RAW_MODE)) != 0);
 	char *data;
 
 	if (!p)
@@ -174,14 +167,31 @@ int reply_pipe_write_and_X(char *inbuf,char *outbuf,int length,int bufsize)
 
 	if (numtowrite == 0)
 		nwritten = 0;
-	else
+	else {
+		if(pipe_start_message_raw) {
+			/*
+			 * For the start of a message in named pipe byte mode,
+			 * the first two bytes are a length-of-pdu field. Ignore
+			 * them (we don't trust the client. JRA.
+			 */
+	        if(numtowrite < 2) {
+				DEBUG(0,("reply_pipe_write_and_X: start of message set and not enough data sent.(%u)\n",
+					(unsigned int)numtowrite ));
+				return (UNIXERROR(ERRDOS,ERRnoaccess));
+			}
+
+			data += 2;
+			numtowrite -= 2;
+    	}                        
 		nwritten = write_to_pipe(p, data, numtowrite);
+	}
 
 	if ((nwritten == 0 && numtowrite != 0) || (nwritten < 0))
 		return (UNIXERROR(ERRDOS,ERRnoaccess));
   
 	set_message(outbuf,6,0,True);
 
+	nwritten = (pipe_start_message_raw ? nwritten + 2 : nwritten);
 	SSVAL(outbuf,smb_vwv2,nwritten);
   
 	DEBUG(3,("writeX-IPC pnum=%04x nwritten=%d\n",
@@ -216,14 +226,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize)
 	set_message(outbuf,12,0,True);
 	data = smb_buf(outbuf);
 
-	if (p->m != NULL)
-	{
-		nread = read_pipe(p, data, smb_maxcnt);
-	}
-	else
-	{
-		nread = read_from_pipe(p, data, smb_maxcnt);
-	}
+	nread = read_from_pipe(p, data, smb_maxcnt);
 
 	if (nread < 0)
 		return(UNIXERROR(ERRDOS,ERRnoaccess));