summaryrefslogtreecommitdiff
path: root/source3/rpc_server/srv_pipe_hnd.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server/srv_pipe_hnd.c')
-rw-r--r--source3/rpc_server/srv_pipe_hnd.c50
1 files changed, 42 insertions, 8 deletions
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index 44dd5fac65..cc6e4b95f9 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -22,6 +22,9 @@
#include "includes.h"
+#undef DBGC_CLASS
+#define DBGC_CLASS DBGC_RPC_SRV
+
#define PIPE "\\PIPE\\"
#define PIPELEN strlen(PIPE)
@@ -32,6 +35,23 @@ static int pipes_open;
#define MAX_OPEN_PIPES 2048
#endif
+/*
+ * Sometimes I can't decide if I hate Windows printer driver
+ * writers more than I hate the Windows spooler service driver
+ * writers. This gets around a combination of bugs in the spooler
+ * and the HP 8500 PCL driver that causes a spooler spin. JRA.
+ *
+ * bumped up from 20 -> 64 after viewing traffic from WordPerfect
+ * 2002 running on NT 4.- SP6
+ * bumped up from 64 -> 256 after viewing traffic from con2prt
+ * for lots of printers on a WinNT 4.x SP6 box.
+ */
+
+#ifndef MAX_OPEN_SPOOLSS_PIPES
+#define MAX_OPEN_SPOOLSS_PIPES 256
+#endif
+static int current_spoolss_pipes_open;
+
static smb_np_struct *Pipes;
static pipes_struct *InternalPipes;
static struct bitmap *bmap;
@@ -99,6 +119,7 @@ void set_pipe_handle_offset(int max_open_files)
/****************************************************************************
Reset pipe chain handle number.
****************************************************************************/
+
void reset_chain_p(void)
{
chain_p = NULL;
@@ -155,11 +176,20 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name,
int i;
smb_np_struct *p, *p_it;
static int next_pipe;
+ BOOL is_spoolss_pipe = False;
DEBUG(4,("Open pipe requested %s (pipes_open=%d)\n",
pipe_name, pipes_open));
-
+ if (strstr(pipe_name, "spoolss"))
+ is_spoolss_pipe = True;
+
+ if (is_spoolss_pipe && current_spoolss_pipes_open >= MAX_OPEN_SPOOLSS_PIPES) {
+ DEBUG(10,("open_rpc_pipe_p: spooler bug workaround. Denying open on pipe %s\n",
+ pipe_name ));
+ return NULL;
+ }
+
/* not repeating pipe numbers makes it easier to track things in
log files and prevents client bugs where pipe numbers are reused
over connection restarts */
@@ -180,8 +210,7 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name,
p = (smb_np_struct *)malloc(sizeof(*p));
- if (!p)
- {
+ if (!p) {
DEBUG(0,("ERROR! no memory for pipes_struct!\n"));
return NULL;
}
@@ -198,13 +227,11 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name,
p->np_state = p->namedpipe_create(pipe_name, conn, vuid);
if (p->np_state == NULL) {
-
DEBUG(0,("open_rpc_pipe_p: make_internal_rpc_pipe_p failed.\n"));
SAFE_FREE(p);
return NULL;
}
-
DLIST_ADD(Pipes, p);
/*
@@ -244,7 +271,7 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name,
}
/****************************************************************************
- * make an internal namedpipes structure
+ Make an internal namedpipes structure
****************************************************************************/
static void *make_internal_rpc_pipe_p(char *pipe_name,
@@ -298,6 +325,10 @@ static void *make_internal_rpc_pipe_p(char *pipe_name,
DLIST_ADD(InternalPipes, p);
p->conn = conn;
+
+ /* Ensure the connection isn't idled whilst this pipe is open. */
+ p->conn->num_files_open++;
+
p->vuid = vuid;
p->ntlmssp_chal_flags = 0;
@@ -313,9 +344,10 @@ static void *make_internal_rpc_pipe_p(char *pipe_name,
p->pipe_user.uid = (uid_t)-1;
p->pipe_user.gid = (gid_t)-1;
- /* Store the session key */
+ /* Store the session key and NT_TOKEN */
if (vuser) {
memcpy(p->session_key, vuser->session_key, sizeof(p->session_key));
+ p->pipe_user.nt_user_token = dup_nt_token(vuser->nt_user_token);
}
/*
@@ -1055,7 +1087,7 @@ BOOL close_rpc_pipe_hnd(smb_np_struct *p)
ZERO_STRUCTP(p);
SAFE_FREE(p);
-
+
return True;
}
@@ -1085,6 +1117,8 @@ static BOOL close_internal_rpc_pipe_hnd(void *np_conn)
DLIST_REMOVE(InternalPipes, p);
+ p->conn->num_files_open--;
+
ZERO_STRUCTP(p);
SAFE_FREE(p);