From ef2de912f2c0b095ea19986b3dce6b1b8a0ea8b5 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 27 Feb 2001 02:09:50 +0000
Subject: Separated dfs pipe into implementation and interface modules.
 rpc_parse/parse_dfs.c: Had to add buffer overrun checking ! HOW DID THIS GET
 IN HERE ! rpc_parse/parse_prs.c: Ensure prs_alloc_mem does a memset of zero
 before returning. Jeremy. (This used to be commit
 c9a6a17025f4a6850cd2b9a9ddb48bdeec8b3ffe)

---
 source3/Makefile.in           |   2 +-
 source3/include/proto.h       |  32 +-
 source3/include/rpc_dfs.h     |   9 +-
 source3/rpc_parse/parse_dfs.c | 668 ++++++++++++++++++++++++------------------
 source3/rpc_parse/parse_prs.c |   9 +-
 source3/rpc_server/srv_dfs.c  | 397 ++++---------------------
 6 files changed, 468 insertions(+), 649 deletions(-)

diff --git a/source3/Makefile.in b/source3/Makefile.in
index ccd1a421b4..7760b29522 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -133,7 +133,7 @@ RPC_SERVER_OBJ = rpc_server/srv_lsa.o rpc_server/srv_lsa_nt.o \
                  rpc_server/srv_pipe_hnd.o rpc_server/srv_reg.o rpc_server/srv_reg_nt.o \
                  rpc_server/srv_samr.o rpc_server/srv_srvsvc.o rpc_server/srv_srvsvc_nt.o \
                  rpc_server/srv_util.o rpc_server/srv_wkssvc.o rpc_server/srv_wkssvc_nt.o \
-                 rpc_server/srv_pipe.o rpc_server/srv_dfs.o \
+                 rpc_server/srv_pipe.o rpc_server/srv_dfs.o rpc_server/srv_dfs_nt.o \
 		 rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o
 
 # this includes only the low level parse code, not stuff
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 858796aa22..b525b039ff 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -2314,33 +2314,23 @@ BOOL create_user_creds( prs_struct *ps,
 
 /*The following definitions come from  rpc_parse/parse_dfs.c  */
 
-BOOL dfs_io_r_dfs_exist(char *desc, DFS_R_DFS_EXIST *q_d, prs_struct *ps,
-			int depth);
+BOOL dfs_io_q_dfs_exist(char *desc, DFS_Q_DFS_EXIST *q_d, prs_struct *ps, int depth);
+BOOL dfs_io_r_dfs_exist(char *desc, DFS_R_DFS_EXIST *q_d, prs_struct *ps, int depth);
 BOOL make_dfs_q_dfs_remove(DFS_Q_DFS_REMOVE *q_d, char *entrypath, 
 			   char *servername, char *sharename);
-BOOL dfs_io_q_dfs_remove(char *desc, DFS_Q_DFS_REMOVE *q_d, prs_struct *ps,
-			 int depth);
-BOOL dfs_io_r_dfs_remove(char *desc, DFS_R_DFS_REMOVE *r_d, prs_struct *ps,
-		      int depth);
+BOOL dfs_io_q_dfs_remove(char *desc, DFS_Q_DFS_REMOVE *q_d, prs_struct *ps, int depth);
+BOOL dfs_io_r_dfs_remove(char *desc, DFS_R_DFS_REMOVE *r_d, prs_struct *ps, int depth);
 BOOL make_dfs_q_dfs_add(DFS_Q_DFS_ADD *q_d, char *entrypath, char *servername,
 			char *sharename, char *comment, uint32 flags);
-BOOL dfs_io_q_dfs_add(char *desc, DFS_Q_DFS_ADD *q_d, prs_struct *ps,
-		      int depth);
-BOOL dfs_io_r_dfs_add(char *desc, DFS_R_DFS_ADD *r_d, prs_struct *ps,
-		      int depth);
-BOOL dfs_io_q_dfs_get_info(char* desc, DFS_Q_DFS_GET_INFO* q_i, 
-			   prs_struct* ps, int depth);
-BOOL dfs_io_r_dfs_get_info(char* desc, DFS_R_DFS_GET_INFO* r_i,
-			   prs_struct* ps, int depth);
+BOOL dfs_io_q_dfs_add(char *desc, DFS_Q_DFS_ADD *q_d, prs_struct *ps, int depth);
+BOOL dfs_io_r_dfs_add(char *desc, DFS_R_DFS_ADD *r_d, prs_struct *ps, int depth);
+BOOL dfs_io_q_dfs_get_info(char* desc, DFS_Q_DFS_GET_INFO* q_i, prs_struct* ps, int depth);
+BOOL dfs_io_r_dfs_get_info(char* desc, DFS_R_DFS_GET_INFO* r_i, prs_struct* ps, int depth);
 BOOL make_dfs_q_dfs_enum(DFS_Q_DFS_ENUM *q_d, uint32 level, DFS_INFO_CTR *ctr);
-BOOL dfs_io_q_dfs_enum(char *desc, DFS_Q_DFS_ENUM *q_d, prs_struct *ps,
-		      int depth);
-BOOL dfs_io_dfs_info_ctr(char* desc, DFS_INFO_CTR* ctr, uint32 num_entries,
-			 uint32 level,
-			 prs_struct* ps, int depth);
+BOOL dfs_io_q_dfs_enum(char *desc, DFS_Q_DFS_ENUM *q_d, prs_struct *ps, int depth);
+BOOL dfs_io_dfs_info_ctr(char* desc, DFS_INFO_CTR* ctr, uint32 num_entries, uint32 level, prs_struct* ps, int depth);
 BOOL dfs_io_r_dfs_enum(char *desc, DFS_R_DFS_ENUM *q_d, prs_struct *ps, int depth);
-BOOL dfs_io_dfs_storage_info(char *desc, DFS_INFO_3* info3,
-			     prs_struct *ps, int depth);
+BOOL dfs_io_dfs_storage_info(char *desc, DFS_INFO_3* info3, prs_struct *ps, int depth);
 
 /*The following definitions come from  rpc_parse/parse_lsa.c  */
 
diff --git a/source3/include/rpc_dfs.h b/source3/include/rpc_dfs.h
index e85a39eabb..40e73c5afb 100644
--- a/source3/include/rpc_dfs.h
+++ b/source3/include/rpc_dfs.h
@@ -46,9 +46,16 @@
 #define NERR_DfsInternalError           (NERR_BASE+590)
 #define NERR_DfsCantCreateJunctionPoint (NERR_BASE+569)
 
+typedef struct dfs_q_dfs_exist
+{
+  uint32 dummy;
+}
+DFS_Q_DFS_EXIST;
+
+/* status == 1 if dfs exists. */
 typedef struct dfs_r_dfs_exist
 {
-  uint32 dfs_exist_flag;
+  uint32 status;
 }
 DFS_R_DFS_EXIST;
 
diff --git a/source3/rpc_parse/parse_dfs.c b/source3/rpc_parse/parse_dfs.c
index 31ca53a850..e1d88ab509 100644
--- a/source3/rpc_parse/parse_dfs.c
+++ b/source3/rpc_parse/parse_dfs.c
@@ -5,6 +5,7 @@
  *  Copyright (C) Andrew Tridgell              1992-2000,
  *  Copyright (C) Luke Kenneth Casson Leighton 1996-2000,
  *  Copyright (C) Shirish Kalele               2000.
+ *  Copyright (C) Jeremy Allison				2001.
  *  
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -27,198 +28,259 @@
 
 extern int DEBUGLEVEL;
 
+/*************************************************************
+ Read/write a DFS_Q_DFS_EXIST structure - dummy...
+ ************************************************************/
+
+BOOL dfs_io_q_dfs_exist(char *desc, DFS_Q_DFS_EXIST *q_d, prs_struct *ps, int depth)
+{
+	if(q_d == NULL)
+		return False;
+  
+	prs_debug(ps, depth, desc, "dfs_io_q_dfs_exist");
+
+	return True;
+}
+  
 /*************************************************************
  Read/write a DFS_R_DFS_EXIST structure
  ************************************************************/
-BOOL dfs_io_r_dfs_exist(char *desc, DFS_R_DFS_EXIST *q_d, prs_struct *ps,
-			int depth)
+
+BOOL dfs_io_r_dfs_exist(char *desc, DFS_R_DFS_EXIST *q_d, prs_struct *ps, int depth)
 {
-  if(q_d == NULL) return False;
+	if(q_d == NULL)
+		return False;
   
-  prs_debug(ps, depth, desc, "dfs_io_r_dfs_exist");
-  depth++;
+	prs_debug(ps, depth, desc, "dfs_io_r_dfs_exist");
+	depth++;
+
+	if(!prs_align(ps))
+		return False;
 
-  prs_align(ps);
+	if(!prs_uint32("exist flag", ps, 0, &q_d->status))
+		return False;
 
-  prs_uint32("exist flag", ps, 0, &(q_d->dfs_exist_flag));
-  return True;
+	return True;
 }
   
 /******************************************************************* 
 Make a DFS_Q_DFS_REMOVE structure
 *******************************************************************/
+
 BOOL make_dfs_q_dfs_remove(DFS_Q_DFS_REMOVE *q_d, char *entrypath, 
 			   char *servername, char *sharename)
 {
-  DEBUG(5,("make_dfs_q_dfs_remove\n"));
-  init_unistr2(&(q_d->DfsEntryPath), entrypath,  strlen(entrypath)+1);
-  init_unistr2(&(q_d->ServerName),   servername, strlen(servername)+1);
-  init_unistr2(&(q_d->ShareName),    sharename,  strlen(sharename)+1);
-  q_d->ptr_ServerName = q_d->ptr_ShareName = 1;
-  return True;
+	DEBUG(5,("make_dfs_q_dfs_remove\n"));
+	init_unistr2(&q_d->DfsEntryPath, entrypath,  strlen(entrypath)+1);
+	init_unistr2(&q_d->ServerName,   servername, strlen(servername)+1);
+	init_unistr2(&q_d->ShareName,    sharename,  strlen(sharename)+1);
+	q_d->ptr_ServerName = q_d->ptr_ShareName = 1;
+	return True;
 }
 
 /******************************************************************* 
 Read/write a DFS_Q_DFS_REMOVE structure
 *******************************************************************/
-BOOL dfs_io_q_dfs_remove(char *desc, DFS_Q_DFS_REMOVE *q_d, prs_struct *ps,
-			 int depth)
+
+BOOL dfs_io_q_dfs_remove(char *desc, DFS_Q_DFS_REMOVE *q_d, prs_struct *ps, int depth)
 {
-  if(q_d == NULL) return False;
+	if(q_d == NULL)
+		return False;
 
-  prs_debug(ps, depth, desc, "dfs_io_q_dfs_remove");
-  depth++;
+	prs_debug(ps, depth, desc, "dfs_io_q_dfs_remove");
+	depth++;
   
-  prs_align(ps);
+	if(!prs_align(ps))
+		return False;
   
-  smb_io_unistr2("DfsEntryPath",&(q_d->DfsEntryPath), 1, ps, depth);
-  prs_align(ps);
-
-  prs_uint32("ptr_ServerName", ps, depth, &(q_d->ptr_ServerName));
-  if(q_d->ptr_ServerName)
-    smb_io_unistr2("ServerName",&(q_d->ServerName), q_d->ptr_ServerName,
-		   ps, depth);
-  prs_align(ps);
-
-  prs_uint32("ptr_ShareName", ps, depth, &(q_d->ptr_ShareName));
-  if(q_d->ptr_ShareName)
-    smb_io_unistr2("ShareName",&(q_d->ShareName),  q_d->ptr_ShareName, 
-		   ps, depth);
-  prs_align(ps);
-
-  return True;
+	if(!smb_io_unistr2("DfsEntryPath",&q_d->DfsEntryPath, 1, ps, depth))
+		return False;
+
+	if(!prs_align(ps))
+		return False;
+
+	if(!prs_uint32("ptr_ServerName", ps, depth, &q_d->ptr_ServerName))
+		return False;
+	if(q_d->ptr_ServerName)
+		if (!smb_io_unistr2("ServerName",&q_d->ServerName, q_d->ptr_ServerName, ps, depth))
+			return False;
+	if(!prs_align(ps))
+		return False;
+
+	if(!prs_uint32("ptr_ShareName", ps, depth, &q_d->ptr_ShareName))
+		return False;
+	if(q_d->ptr_ShareName)
+		if (!smb_io_unistr2("ShareName",&q_d->ShareName,  q_d->ptr_ShareName, ps, depth))
+			return False;
+	if(!prs_align(ps))
+		return False;
+
+	return True;
 }
 
 /******************************************************************* 
 Read/write a DFS_R_DFS_REMOVE structure
 *******************************************************************/
-BOOL dfs_io_r_dfs_remove(char *desc, DFS_R_DFS_REMOVE *r_d, prs_struct *ps,
-		      int depth)
+
+BOOL dfs_io_r_dfs_remove(char *desc, DFS_R_DFS_REMOVE *r_d, prs_struct *ps, int depth)
 {
-  if(r_d == NULL) return False;
+	if(r_d == NULL)	
+		return False;
 
-  prs_debug(ps, depth, desc, "dfs_io_r_dfs_remove");
-  depth++;
+	prs_debug(ps, depth, desc, "dfs_io_r_dfs_remove");
+	depth++;
 
-  prs_uint32("status", ps, depth, &(r_d->status));
+	if(!prs_uint32("status", ps, depth, &r_d->status))
+		return False;
 
-  return True;
+	return True;
 }
 
 /******************************************************************* 
 Make a DFS_Q_DFS_ADD structure
 *******************************************************************/
+
 BOOL make_dfs_q_dfs_add(DFS_Q_DFS_ADD *q_d, char *entrypath, char *servername,
 			char *sharename, char *comment, uint32 flags)
 {
-  DEBUG(5,("make_dfs_q_dfs_add\n"));
-  q_d->ptr_DfsEntryPath = q_d->ptr_ServerName = q_d->ptr_ShareName = 1;
-  init_unistr2(&(q_d->DfsEntryPath), entrypath,  strlen(entrypath)+1);
-  init_unistr2(&(q_d->ServerName),   servername, strlen(servername)+1);
-  init_unistr2(&(q_d->ShareName),    sharename,  strlen(sharename)+1);
-  if(comment != NULL)
-    {
-      init_unistr2(&(q_d->Comment),      comment,    strlen(comment)+1);
-      q_d->ptr_Comment = 1;
-    }
-  else
-    {
-      q_d->ptr_Comment = 0;
-    }
-
-  q_d->Flags = flags;
-  return True;
+	DEBUG(5,("make_dfs_q_dfs_add\n"));
+	q_d->ptr_DfsEntryPath = q_d->ptr_ServerName = q_d->ptr_ShareName = 1;
+	init_unistr2(&q_d->DfsEntryPath, entrypath,  strlen(entrypath)+1);
+	init_unistr2(&q_d->ServerName,   servername, strlen(servername)+1);
+	init_unistr2(&q_d->ShareName,    sharename,  strlen(sharename)+1);
+	if(comment != NULL) {
+		init_unistr2(&q_d->Comment,      comment,    strlen(comment)+1);
+		q_d->ptr_Comment = 1;
+	} else {
+		q_d->ptr_Comment = 0;
+	}
+
+	q_d->Flags = flags;
+	return True;
 }
 
 /************************************************************
  Read/write a DFS_Q_DFS_ADD structure
  ************************************************************/
-BOOL dfs_io_q_dfs_add(char *desc, DFS_Q_DFS_ADD *q_d, prs_struct *ps,
-		      int depth)
+
+BOOL dfs_io_q_dfs_add(char *desc, DFS_Q_DFS_ADD *q_d, prs_struct *ps, int depth)
 {
-  if(q_d == NULL) return False;
+	if(q_d == NULL)
+		return False;
 
-  prs_debug(ps, depth, desc, "dfs_io_q_dfs_add");
-  depth++;
+	prs_debug(ps, depth, desc, "dfs_io_q_dfs_add");
+	depth++;
   
-  prs_align(ps);
+	if(!prs_align(ps))
+		return False;
   
-  smb_io_unistr2("DfsEntryPath",&(q_d->DfsEntryPath), 1, ps, depth);
-  prs_align(ps);
-
-  smb_io_unistr2("ServerName",&(q_d->ServerName), 1, ps, depth);
-  prs_align(ps);
-
-  prs_uint32("ptr_ShareName", ps, depth, &(q_d->ptr_ShareName));
-  smb_io_unistr2("ShareName",&(q_d->ShareName),  1, ps, depth);
-  prs_align(ps);
-
-  prs_uint32("ptr_Comment", ps, depth, &(q_d->ptr_Comment));
-  smb_io_unistr2("",&(q_d->Comment), q_d->ptr_Comment , ps, depth);
-  prs_align(ps);
-
-  prs_uint32("Flags", ps, depth, &(q_d->Flags));
-  return True;
+	if(!smb_io_unistr2("DfsEntryPath",&q_d->DfsEntryPath, 1, ps, depth))
+		return False;
+	if(!prs_align(ps))
+		return False;
+
+	if(!smb_io_unistr2("ServerName",&q_d->ServerName, 1, ps, depth))
+		return False;
+	if(!prs_align(ps))
+		return False;
+
+	if(!prs_uint32("ptr_ShareName", ps, depth, &q_d->ptr_ShareName))
+		return False;
+	if(!smb_io_unistr2("ShareName",&q_d->ShareName,  1, ps, depth))
+		return False;
+	if(!prs_align(ps))
+		return False;
+
+	if(!prs_uint32("ptr_Comment", ps, depth, &q_d->ptr_Comment))
+		return False;
+	if(!smb_io_unistr2("",&q_d->Comment, q_d->ptr_Comment , ps, depth))
+		return False;
+	if(!prs_align(ps))
+		return False;
+
+	if(!prs_uint32("Flags", ps, depth, &q_d->Flags))
+		return True;
+
+	return True;
 }
 
 /************************************************************
  Read/write a DFS_R_DFS_ADD structure 
  ************************************************************/
-BOOL dfs_io_r_dfs_add(char *desc, DFS_R_DFS_ADD *r_d, prs_struct *ps,
-		      int depth)
+
+BOOL dfs_io_r_dfs_add(char *desc, DFS_R_DFS_ADD *r_d, prs_struct *ps, int depth)
 {
-  if(r_d == NULL) return False;
+	if(r_d == NULL)
+		return False;
 
-  prs_debug(ps, depth, desc, "dfs_io_r_dfs_add");
-  depth++;
+	prs_debug(ps, depth, desc, "dfs_io_r_dfs_add");
+	depth++;
 
-  prs_uint32("status", ps, depth, &(r_d->status));
+	if(!prs_uint32("status", ps, depth, &r_d->status))
+		return False;
 
-  return True;
+	return True;
 }
 
 /************************************************************
  Read/write a DFS_Q_GET_INFO structure
  ************************************************************/
-BOOL dfs_io_q_dfs_get_info(char* desc, DFS_Q_DFS_GET_INFO* q_i, 
-			   prs_struct* ps, int depth)
+
+BOOL dfs_io_q_dfs_get_info(char* desc, DFS_Q_DFS_GET_INFO* q_i, prs_struct* ps, int depth)
 {
-  if(q_i == NULL) return False;
+	if(q_i == NULL)
+		return False;
+
+	prs_debug(ps, depth, desc, "dfs_io_q_dfs_get_info");
+	depth++;
+
+	if(!smb_io_unistr2("",&q_i->uni_path, 1, ps, depth))
+		return False;
 
-  prs_debug(ps, depth, desc, "dfs_io_q_dfs_get_info");
-  depth++;
+	if(!prs_align(ps))
+		return False;
 
-  smb_io_unistr2("",&(q_i->uni_path), 1, ps, depth);
-  prs_align(ps);
+	if(!prs_uint32("ptr_server", ps, depth, &q_i->ptr_server))
+		return False;
 
-  prs_uint32("ptr_server", ps, depth, &(q_i->ptr_server));
-  if(q_i->ptr_server)
-    smb_io_unistr2("",&(q_i->uni_server), q_i->ptr_server, ps, depth);
-  prs_align(ps);
+	if(q_i->ptr_server)
+		if (!smb_io_unistr2("",&q_i->uni_server, q_i->ptr_server, ps, depth))
+			return False;
+	if(!prs_align(ps))
+		return False;
 
-  prs_uint32("ptr_share", ps, depth, &(q_i->ptr_share));
-  if(q_i->ptr_share)
-    smb_io_unistr2("", &(q_i->uni_share), q_i->ptr_share, ps, depth);
-  prs_align(ps);
+	if(!prs_uint32("ptr_share", ps, depth, &q_i->ptr_share))
+		return False;
+	if(q_i->ptr_share)
+		if(!smb_io_unistr2("", &q_i->uni_share, q_i->ptr_share, ps, depth))
+			return False;
+	if(!prs_align(ps))
+		return False;
 
-  prs_uint32("level", ps, depth, &(q_i->level));
-  return True;
+	if(!prs_uint32("level", ps, depth, &q_i->level))
+		return False;
+	return True;
 }
 
 /************************************************************
  Read/write a DFS_R_GET_INFO structure
  ************************************************************/
-BOOL dfs_io_r_dfs_get_info(char* desc, DFS_R_DFS_GET_INFO* r_i,
-			   prs_struct* ps, int depth)
+
+BOOL dfs_io_r_dfs_get_info(char* desc, DFS_R_DFS_GET_INFO* r_i, prs_struct* ps, int depth)
 {
-  if(r_i == NULL) return False;
+	if(r_i == NULL)
+		return False;
   
-  prs_uint32("level", ps, depth, &(r_i->level));
-  prs_uint32("ptr_ctr", ps, depth, &(r_i->ptr_ctr));
-
-  dfs_io_dfs_info_ctr("", &(r_i->ctr), 1, r_i->level, ps, depth);
-  prs_uint32("status", ps, depth, &(r_i->status));
-  return True;
+	if(!prs_uint32("level", ps, depth, &r_i->level))
+		return False;
+	if(!prs_uint32("ptr_ctr", ps, depth, &r_i->ptr_ctr))
+		return False;
+
+	if(!dfs_io_dfs_info_ctr("", &r_i->ctr, 1, r_i->level, ps, depth))
+		return False;
+	if(!prs_uint32("status", ps, depth, &r_i->status))
+		return False;
+	return True;
 }
 			   
 /************************************************************
@@ -226,204 +288,236 @@ BOOL dfs_io_r_dfs_get_info(char* desc, DFS_R_DFS_GET_INFO* r_i,
  ************************************************************/
 BOOL make_dfs_q_dfs_enum(DFS_Q_DFS_ENUM *q_d, uint32 level, DFS_INFO_CTR *ctr)
 {
-  q_d->level = level;
-  q_d->maxpreflen = -1;
-  q_d->ptr_buffer = 1;
-  q_d->level2 = level;
+	q_d->level = level;
+	q_d->maxpreflen = -1;
+	q_d->ptr_buffer = 1;
+	q_d->level2 = level;
   
-  q_d->ptr_num_entries = 1;
-  q_d->num_entries = 0;
-  q_d->num_entries2 = 0;
-  q_d->reshnd.ptr_hnd = 1;
-  q_d->reshnd.handle = 0;
-  return True;
+	q_d->ptr_num_entries = 1;
+	q_d->num_entries = 0;
+	q_d->num_entries2 = 0;
+	q_d->reshnd.ptr_hnd = 1;
+	q_d->reshnd.handle = 0;
+	return True;
 }
   
 /************************************************************
  Read or write the DFS_Q_DFS_ENUM structure 
  ************************************************************/
-BOOL dfs_io_q_dfs_enum(char *desc, DFS_Q_DFS_ENUM *q_d, prs_struct *ps,
-		      int depth)
+
+BOOL dfs_io_q_dfs_enum(char *desc, DFS_Q_DFS_ENUM *q_d, prs_struct *ps, int depth)
 {
-  if(q_d == NULL) return False;
+	if(q_d == NULL)
+		return False;
 
-  prs_debug(ps, depth, desc, "dfs_io_q_dfs_enum");
-  depth++;
+	prs_debug(ps, depth, desc, "dfs_io_q_dfs_enum");
+	depth++;
   
-  prs_align(ps);
+	if(!prs_align(ps))
+		return False;
   
-  prs_uint32("level", ps, depth, &(q_d->level));
-  prs_uint32("maxpreflen", ps, depth, &(q_d->maxpreflen));
-  prs_uint32("ptr_buffer", ps, depth, &(q_d->ptr_buffer));
-  prs_uint32("level2", ps, depth, &(q_d->level2));
-  prs_uint32("level3", ps, depth, &(q_d->level2));
+	if(!prs_uint32("level", ps, depth, &q_d->level))
+		return False;
+	if(!prs_uint32("maxpreflen", ps, depth, &q_d->maxpreflen))
+		return False;
+	if(!prs_uint32("ptr_buffer", ps, depth, &q_d->ptr_buffer))
+		return False;
+	if(!prs_uint32("level2", ps, depth, &q_d->level2))
+		return False;
+	if(!prs_uint32("level3", ps, depth, &q_d->level2))
+		return False;
   
-  prs_uint32("ptr_num_entries", ps, depth, &(q_d->ptr_num_entries));
-  prs_uint32("num_entries", ps, depth, &(q_d->num_entries));
-  prs_uint32("num_entries2", ps, depth, &(q_d->num_entries2));
-  smb_io_enum_hnd("resume_hnd",&(q_d->reshnd), ps, depth);
-  return True;
+	if(!prs_uint32("ptr_num_entries", ps, depth, &q_d->ptr_num_entries))
+		return False;
+	if(!prs_uint32("num_entries", ps, depth, &q_d->num_entries))
+		return False;
+	if(!prs_uint32("num_entries2", ps, depth, &q_d->num_entries2))
+		return False;
+	if(!smb_io_enum_hnd("resume_hnd",&q_d->reshnd, ps, depth))
+		return False;
+	return True;
 }
 
 /************************************************************
  Read/write a DFS_INFO_CTR structure
  ************************************************************/
-BOOL dfs_io_dfs_info_ctr(char* desc, DFS_INFO_CTR* ctr, uint32 num_entries,
-			 uint32 level,
-			 prs_struct* ps, int depth)
+
+BOOL dfs_io_dfs_info_ctr(char* desc, DFS_INFO_CTR* ctr, uint32 num_entries, uint32 level, prs_struct* ps, int depth)
 {
-  switch(level)
-    {
-    case 1:
-      {
-	int i=0;
-	
-	depth++;
-	/* should depend on whether marshalling or unmarshalling! */
-	if(UNMARSHALLING(ps))
-	  ctr->dfs.info1 = (DFS_INFO_1 *)malloc(sizeof(DFS_INFO_1)*num_entries);
-
-	for(i=0;i<num_entries;i++)
-	  {
-	    prs_uint32("ptr_entrypath",ps, depth, &(ctr->dfs.info1[i].ptr_entrypath));
-	  }
-	for(i=0;i<num_entries;i++)
-	  {
-	    smb_io_unistr2("", &(ctr->dfs.info1[i].entrypath), 
-			   ctr->dfs.info1[i].ptr_entrypath,
-			   ps, depth);
-	    prs_align(ps);
-	  }
-	depth--;
-	break;
-      }
-    case 2:
-      {
 	int i=0;
-	depth++;
-	if(UNMARSHALLING(ps))
-	  ctr->dfs.info2 = (DFS_INFO_2 *)calloc(num_entries, sizeof(DFS_INFO_2));
-
-	for(i=0;i<num_entries;i++)
-	  {
-	    prs_uint32("ptr_entrypath", ps, depth, 
-		       &(ctr->dfs.info2[i].ptr_entrypath));
-	    prs_uint32("ptr_comment", ps, depth, 
-		       &(ctr->dfs.info2[i].ptr_comment));
-	    prs_uint32("state", ps, depth, &(ctr->dfs.info2[i].state));
-	    prs_uint32("num_storages", ps, depth, 
-		       &(ctr->dfs.info2[i].num_storages));
-	  }
-	for(i=0;i<num_entries;i++)
-	  {
-	    smb_io_unistr2("", &(ctr->dfs.info2[i].entrypath),
-			   ctr->dfs.info2[i].ptr_entrypath, ps, depth);
-	    prs_align(ps);
-	    smb_io_unistr2("",&(ctr->dfs.info2[i].comment),
-			   ctr->dfs.info2[i].ptr_comment, ps, depth);
-	    prs_align(ps);
-	  }
-	depth--;
-	break;
-      }
-    case 3:
-      {
-	int i=0;
-	depth++;
-	if(UNMARSHALLING(ps))
-	  ctr->dfs.info3 = (DFS_INFO_3 *)calloc(num_entries, sizeof(DFS_INFO_3));
-
-	for(i=0;i<num_entries;i++)
-	  {
-	    prs_uint32("ptr_entrypath", ps, depth, 
-		       &(ctr->dfs.info3[i].ptr_entrypath));
-	    prs_uint32("ptr_comment", ps, depth,
-		       &(ctr->dfs.info3[i].ptr_comment));
-	    prs_uint32("state", ps, depth, &(ctr->dfs.info3[i].state));
-	    prs_uint32("num_storages", ps, depth,
-		       &(ctr->dfs.info3[i].num_storages));
-	    prs_uint32("ptr_storages", ps, depth,
-		       &(ctr->dfs.info3[i].ptr_storages));
-	  }
-	for(i=0;i<num_entries;i++)
-	  {
-	    smb_io_unistr2("", &(ctr->dfs.info3[i].entrypath),
-			   ctr->dfs.info3[i].ptr_entrypath, ps, depth);
-	    prs_align(ps);
-	    smb_io_unistr2("", &(ctr->dfs.info3[i].comment),
-			   ctr->dfs.info3[i].ptr_comment, ps, depth);
-	    prs_align(ps);
-	    prs_uint32("num_storage_infos", ps, depth, 
-		       &(ctr->dfs.info3[i].num_storage_infos));
-	    if(!dfs_io_dfs_storage_info("storage_info",
-					&(ctr->dfs.info3[i]), 
-					ps, depth))
-	      return False;
-	  }
-      }
-    }
-  return True;
+
+	switch(level) {
+	case 1:
+		depth++;
+		/* should depend on whether marshalling or unmarshalling! */
+		if(UNMARSHALLING(ps)) {
+			ctr->dfs.info1 = (DFS_INFO_1 *)prs_alloc_mem(ps, sizeof(DFS_INFO_1)*num_entries);
+			if (!ctr->dfs.info1)
+				return False;
+		}
+
+		for(i=0;i<num_entries;i++) {
+			if(!prs_uint32("ptr_entrypath",ps, depth, &ctr->dfs.info1[i].ptr_entrypath))
+				return False;
+		}
+		for(i=0;i<num_entries;i++) {
+			if(!smb_io_unistr2("", &ctr->dfs.info1[i].entrypath, ctr->dfs.info1[i].ptr_entrypath, ps, depth))
+				return False;
+			if(!prs_align(ps))
+				return False;
+		}
+		depth--;
+		break;
+	case 2:
+		depth++;
+		if(UNMARSHALLING(ps)) {
+			ctr->dfs.info2 = (DFS_INFO_2 *)prs_alloc_mem(ps, num_entries*sizeof(DFS_INFO_2));
+			if (!ctr->dfs.info2)
+				return False;
+		}
+
+		for(i=0;i<num_entries;i++) {
+			if(!prs_uint32("ptr_entrypath", ps, depth, &ctr->dfs.info2[i].ptr_entrypath))
+				return False;
+			if(!prs_uint32("ptr_comment", ps, depth, &ctr->dfs.info2[i].ptr_comment))
+				return False;
+			if(!prs_uint32("state", ps, depth, &ctr->dfs.info2[i].state))
+				return False;
+			if(!prs_uint32("num_storages", ps, depth, &ctr->dfs.info2[i].num_storages))
+				return False;
+		}
+		for(i=0;i<num_entries;i++) {
+			if(!smb_io_unistr2("", &ctr->dfs.info2[i].entrypath, ctr->dfs.info2[i].ptr_entrypath, ps, depth))
+				return False;
+			if(!prs_align(ps))
+				return False;
+			if(!smb_io_unistr2("",&ctr->dfs.info2[i].comment, ctr->dfs.info2[i].ptr_comment, ps, depth))
+				return False;
+			if(!prs_align(ps))
+				return False;
+		}
+		depth--;
+		break;
+	case 3:
+		depth++;
+		if(UNMARSHALLING(ps)) {
+			ctr->dfs.info3 = (DFS_INFO_3 *)prs_alloc_mem(ps, num_entries*sizeof(DFS_INFO_3));
+			if (!ctr->dfs.info3)
+				return False;
+		}
+
+		for(i=0;i<num_entries;i++) {
+			if(!prs_uint32("ptr_entrypath", ps, depth, &ctr->dfs.info3[i].ptr_entrypath))
+				return False;
+			if(!prs_uint32("ptr_comment", ps, depth, &ctr->dfs.info3[i].ptr_comment))
+				return False;
+			if(!prs_uint32("state", ps, depth, &ctr->dfs.info3[i].state));
+				return False;
+			if(!prs_uint32("num_storages", ps, depth, &ctr->dfs.info3[i].num_storages))
+				return False;
+			if(!prs_uint32("ptr_storages", ps, depth, &ctr->dfs.info3[i].ptr_storages))
+				return False;
+		}
+		for(i=0;i<num_entries;i++) {
+			if(!smb_io_unistr2("", &ctr->dfs.info3[i].entrypath, ctr->dfs.info3[i].ptr_entrypath, ps, depth))
+				return False;
+			if(!prs_align(ps))
+				return False;
+			if(!smb_io_unistr2("", &ctr->dfs.info3[i].comment, ctr->dfs.info3[i].ptr_comment, ps, depth))
+				return False;
+			if(!prs_align(ps))
+				return False;
+			if(!prs_uint32("num_storage_infos", ps, depth, &ctr->dfs.info3[i].num_storage_infos))
+				return False;
+
+			if(!dfs_io_dfs_storage_info("storage_info", &ctr->dfs.info3[i], ps, depth))
+				return False;
+		}
+	}
+
+	return True;
 }
+
 /************************************************************
  Read/write a DFS_R_DFS_ENUM structure
  ************************************************************/
+
 BOOL dfs_io_r_dfs_enum(char *desc, DFS_R_DFS_ENUM *q_d, prs_struct *ps, int depth)
 {
-  DFS_INFO_CTR *ctr;
-  if(q_d == NULL) return False;
-  ctr = q_d->ctr;
-  if(ctr == NULL) return False;
-
-  prs_debug(ps, depth, desc, "dfs_io_r_dfs_enum");
-  depth++;
-
-  prs_align(ps);
-
-  prs_uint32("ptr_buffer", ps, depth, &(q_d->ptr_buffer));
-  prs_uint32("level", ps, depth, &(q_d->level));
-  prs_uint32("level2", ps, depth, &(ctr->switch_value));
-  prs_uint32("ptr_num_entries", ps, depth, &(q_d->ptr_num_entries));
-  if(q_d->ptr_num_entries)
-    prs_uint32("num_entries", ps, depth, &(q_d->num_entries));
-  prs_uint32("ptr_num_entries2", ps, depth, &(q_d->ptr_num_entries2));
-  if(q_d->ptr_num_entries2)
-    prs_uint32("num_entries2", ps, depth, &(ctr->num_entries));
-
-  dfs_io_dfs_info_ctr("", ctr, q_d->num_entries, q_d->level, ps, depth);
-
-  smb_io_enum_hnd("resume_hnd", &(q_d->reshnd), ps, depth);
-  prs_uint32("status", ps, depth, &(q_d->status));
-  return True;
+	DFS_INFO_CTR *ctr;
+	if(q_d == NULL)
+		return False;
+	ctr = q_d->ctr;
+	if(ctr == NULL)
+		return False;
+
+	prs_debug(ps, depth, desc, "dfs_io_r_dfs_enum");
+	depth++;
+
+	if(!prs_align(ps))
+		return False;
+
+	if(!prs_uint32("ptr_buffer", ps, depth, &q_d->ptr_buffer))
+		return False;
+	if(!prs_uint32("level", ps, depth, &q_d->level))
+		return False;
+	if(!prs_uint32("level2", ps, depth, &ctr->switch_value))
+		return False;
+	if(!prs_uint32("ptr_num_entries", ps, depth, &q_d->ptr_num_entries))
+		return False;
+	if(q_d->ptr_num_entries)
+		if(!prs_uint32("num_entries", ps, depth, &q_d->num_entries))
+			return False;
+	if(!prs_uint32("ptr_num_entries2", ps, depth, &q_d->ptr_num_entries2))
+		return False;
+	if(q_d->ptr_num_entries2)
+		if(!prs_uint32("num_entries2", ps, depth, &ctr->num_entries))
+			return False;
+
+	if(!dfs_io_dfs_info_ctr("", ctr, q_d->num_entries, q_d->level, ps, depth))
+		return False;
+
+	if(!smb_io_enum_hnd("resume_hnd", &q_d->reshnd, ps, depth))
+		return False;
+	if(!prs_uint32("status", ps, depth, &q_d->status))
+		return False;
+	return True;
 }
 
-BOOL dfs_io_dfs_storage_info(char *desc, DFS_INFO_3* info3,
-			     prs_struct *ps, int depth)
+BOOL dfs_io_dfs_storage_info(char *desc, DFS_INFO_3* info3, prs_struct *ps, int depth)
 {
-  int i=0;
-  if(info3 == NULL) return False;
+	int i=0;
+	if(info3 == NULL)
+		return False;
   
-  prs_debug(ps, depth, desc, "smb_io_dfs_storage_info");
-  depth++;
-
-  if(UNMARSHALLING(ps))
-    info3->storages = (DFS_STORAGE_INFO *)calloc(info3->num_storage_infos, sizeof(DFS_STORAGE_INFO));
-
-  for(i=0;i<info3->num_storage_infos;i++)
-    {
-      prs_uint32("storage_state", ps, depth, &(info3->storages[i].state));
-      prs_uint32("ptr_servername", ps, depth, 
-		 &(info3->storages[i].ptr_servername));
-      prs_uint32("ptr_sharename", ps, depth,
-		 &(info3->storages[i].ptr_sharename));
-    }
-  for(i=0;i<info3->num_storage_infos;i++)
-    {
-      smb_io_unistr2("servername", &(info3->storages[i].servername),
-		     info3->storages[i].ptr_servername, ps, depth);
-      prs_align(ps);
-      smb_io_unistr2("sharename", &(info3->storages[i].sharename),
-		     info3->storages[i].ptr_sharename, ps, depth);
-      prs_align(ps);
-    }
-  return True;
+	prs_debug(ps, depth, desc, "smb_io_dfs_storage_info");
+	depth++;
+
+	if(UNMARSHALLING(ps)) {
+		info3->storages = (DFS_STORAGE_INFO *)prs_alloc_mem(ps, info3->num_storage_infos*sizeof(DFS_STORAGE_INFO));
+		if (!info3->storages)
+			return False;
+	}
+
+	for(i=0;i<info3->num_storage_infos;i++) {
+		if(!prs_uint32("storage_state", ps, depth, &info3->storages[i].state))
+			return False;
+		if(!prs_uint32("ptr_servername", ps, depth, &info3->storages[i].ptr_servername))
+			return False;
+		if(!prs_uint32("ptr_sharename", ps, depth, &info3->storages[i].ptr_sharename))
+			return False;
+	}
+
+	for(i=0;i<info3->num_storage_infos;i++) {
+		if(!smb_io_unistr2("servername", &info3->storages[i].servername, info3->storages[i].ptr_servername, ps, depth))
+			return False;
+		if(!prs_align(ps))
+			return False;
+		if(!smb_io_unistr2("sharename", &info3->storages[i].sharename, info3->storages[i].ptr_sharename, ps, depth))
+			return False;
+		if(!prs_align(ps))
+			return False;
+	}
+
+	return True;
 }
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index 5621a2c210..6f23058c1d 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -125,12 +125,17 @@ void prs_mem_free(prs_struct *ps)
 }
 
 /*******************************************************************
- Allocate memory when unmarshalling...
+ Allocate memory when unmarshalling... Always zero clears.
  ********************************************************************/
 
 char *prs_alloc_mem(prs_struct *ps, size_t size)
 {
-	return talloc(ps->mem_ctx, size);
+	char *ret = talloc(ps->mem_ctx, size);
+
+	if (ret)
+		memset(ret, '\0', size);
+
+	return ret;
 }
 
 /*******************************************************************
diff --git a/source3/rpc_server/srv_dfs.c b/source3/rpc_server/srv_dfs.c
index 7aadd0719c..fe797e84f6 100644
--- a/source3/rpc_server/srv_dfs.c
+++ b/source3/rpc_server/srv_dfs.c
@@ -5,6 +5,7 @@
  *  Copyright (C) Andrew Tridgell              1992-1997,
  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
  *  Copyright (C) Shirish Kalele               2000.
+ *  Copyright (C) Jeremy Allison				2001.
  *  
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -21,6 +22,8 @@
  *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  */
 
+/* This is the interface to the dfs pipe. */
+
 #include "includes.h"
 #include "nterr.h"
 
@@ -34,414 +37,129 @@ extern pstring global_myname;
 /**********************************************************************
  api_dfs_exist
  **********************************************************************/
+
 static BOOL api_dfs_exist(pipes_struct *p)
 {
-	DFS_R_DFS_EXIST r_d;
+	DFS_Q_DFS_EXIST q_u;
+	DFS_R_DFS_EXIST r_u;
+	prs_struct *data = &p->in_data.data;
 	prs_struct *rdata = &p->out_data.rdata;
 
-	if(lp_host_msdfs()) 
-		r_d.dfs_exist_flag = 1;
-	else
-		r_d.dfs_exist_flag = 0; 
+	if(!dfs_io_q_dfs_exist("", &q_u, data, 0))
+		return False;
 	
-	return dfs_io_r_dfs_exist("", &r_d, rdata, 0);
-}
-
-static uint32 init_reply_dfs_add(DFS_Q_DFS_ADD* q_a)
-{
-  struct junction_map jn;
-  struct referral* old_referral_list = NULL;
-  BOOL exists = False;
-
-  pstring dfspath, servername, sharename;
-  pstring altpath;
-
-  unistr2_to_ascii(dfspath, &(q_a->DfsEntryPath), sizeof(dfspath)-1);
-  unistr2_to_ascii(servername, &(q_a->ServerName), sizeof(servername)-1);
-  unistr2_to_ascii(sharename, &(q_a->ShareName), sizeof(sharename)-1);
-
-  DEBUG(5,("init_reply_dfs_add: Request to add %s -> %s\\%s.\n",
-	   dfspath, servername, sharename));
-
-  pstrcpy(altpath, servername);
-  pstrcat(altpath, "\\");
-  pstrcat(altpath, sharename);
-
-  if(!create_junction(dfspath, &jn))
-    return NERR_DfsNoSuchServer;
-
-  if(get_referred_path(&jn))
-    {
-      exists = True;
-      jn.referral_count += 1;
-      old_referral_list = jn.referral_list;
-    }
-  else
-    jn.referral_count = 1;
-
-  jn.referral_list = (struct referral*) malloc(jn.referral_count 
-					       * sizeof(struct referral));
-
-  if(jn.referral_list == NULL)
-    {
-      DEBUG(0,("init_reply_dfs_add: malloc failed for referral list!\n"));
-      return NERR_DfsInternalError;
-    }
-
-  if(old_referral_list)
-    {
-      memcpy(jn.referral_list, old_referral_list, 
-	     sizeof(struct referral)*jn.referral_count-1);
-      free(old_referral_list);
-    }
-  
-  jn.referral_list[jn.referral_count-1].proximity = 0;
-  jn.referral_list[jn.referral_count-1].ttl = REFERRAL_TTL;
-
-  pstrcpy(jn.referral_list[jn.referral_count-1].alternate_path, altpath);
-  
-  if(!create_msdfs_link(&jn, exists))
-    return NERR_DfsCantCreateJunctionPoint;
+	r_u.status = _dfs_exist(p, &q_u, &r_u);
+	
+	if (!dfs_io_r_dfs_exist("", &r_u, rdata, 0))
+		return False;
 
-  return 0;
+	return True;
 }
+
 /*****************************************************************
  api_dfs_add
  *****************************************************************/
+
 static BOOL api_dfs_add(pipes_struct *p)
 {
-	DFS_Q_DFS_ADD q_a;
-	DFS_R_DFS_ADD r_a;
+	DFS_Q_DFS_ADD q_u;
+	DFS_R_DFS_ADD r_u;
 	prs_struct *data = &p->in_data.data;
 	prs_struct *rdata = &p->out_data.rdata;
 
-	if(!dfs_io_q_dfs_add("", &q_a, data, 0))
+	ZERO_STRUCT(q_u);
+	ZERO_STRUCT(r_u);
+	
+	if(!dfs_io_q_dfs_add("", &q_u, data, 0))
 		return False;
 	
-	r_a.status = init_reply_dfs_add(&q_a);
+	r_u.status = _dfs_add(p, &q_u, &r_u);
 	
-	dfs_io_r_dfs_add("", &r_a, rdata, 0);
+	if (!dfs_io_r_dfs_add("", &r_u, rdata, 0))
+		return False;
 	
 	return True;
 }
 
-static uint32 init_reply_dfs_remove(DFS_Q_DFS_REMOVE* q_r)
-{
-  struct junction_map jn;
-  BOOL found = False;
-
-  pstring dfspath, servername, sharename;
-  pstring altpath;
-
-  unistr2_to_ascii(dfspath, &(q_r->DfsEntryPath), sizeof(dfspath)-1);
-  if(q_r->ptr_ServerName)
-    unistr2_to_ascii(servername, &(q_r->ServerName), sizeof(servername)-1);
-
-  if(q_r->ptr_ShareName)
-    unistr2_to_ascii(sharename, &(q_r->ShareName), sizeof(sharename)-1);
-
-  if(q_r->ptr_ServerName && q_r->ptr_ShareName)
-    {
-      pstrcpy(altpath, servername);
-      pstrcat(altpath, "\\");
-      pstrcat(altpath, sharename);
-    }
-
-  DEBUG(5,("init_reply_dfs_remove: Request to remove %s -> %s\\%s.\n",
-	   dfspath, servername, sharename));
-
-  if(!create_junction(dfspath, &jn))
-    return NERR_DfsNoSuchServer;
-
-  if(!get_referred_path(&jn))
-    return NERR_DfsNoSuchVolume;
-
-  /* if no server-share pair given, remove the msdfs link completely */
-  if(!q_r->ptr_ServerName && !q_r->ptr_ShareName)
-    {
-      if(!remove_msdfs_link(&jn))
-	return NERR_DfsNoSuchVolume;
-    }
-  else
-    {
-      int i=0;
-      /* compare each referral in the list with the one to remove */
-      for(i=0;i<jn.referral_count;i++)
-	{
-	  pstring refpath;
-	  pstrcpy(refpath,jn.referral_list[i].alternate_path);
-	  trim_string(refpath, "\\", "\\");
-	  if(strequal(refpath, altpath))
-	    {
-	      *(jn.referral_list[i].alternate_path)='\0';
-	      found = True;
-	    }
-	}
-      if(!found)
-	return NERR_DfsNoSuchShare;
-      
-      /* Only one referral, remove it */
-      if(jn.referral_count == 1)
-	{
-	  if(!remove_msdfs_link(&jn))
-	    return NERR_DfsNoSuchVolume;
-	}
-      else
-	{
-	  if(!create_msdfs_link(&jn, True))
-	    return NERR_DfsCantCreateJunctionPoint;
-	}
-    }
-
-  return 0;
-}
-
 /*****************************************************************
  api_dfs_remove
  *****************************************************************/
+
 static BOOL api_dfs_remove(pipes_struct *p)
 {
-	DFS_Q_DFS_REMOVE q_r;
-	DFS_R_DFS_REMOVE r_r;
+	DFS_Q_DFS_REMOVE q_u;
+	DFS_R_DFS_REMOVE r_u;
 	prs_struct *data = &p->in_data.data;
 	prs_struct *rdata = &p->out_data.rdata;
 	
-	if(!dfs_io_q_dfs_remove("", &q_r, data, 0))
+	ZERO_STRUCT(q_u);
+	ZERO_STRUCT(r_u);
+	
+	if(!dfs_io_q_dfs_remove("", &q_u, data, 0))
 		return False;
 	
-	r_r.status = init_reply_dfs_remove(&q_r);
+	r_u.status = _dfs_remove(p, &q_u, &r_u);
 	
-	dfs_io_r_dfs_remove("", &r_r, rdata, 0);
+	if (!dfs_io_r_dfs_remove("", &r_u, rdata, 0))
+		return False;
 	
 	return True;
 }
 
-static BOOL init_reply_dfs_info_1(struct junction_map* j, DFS_INFO_1* dfs1, int num_j)
-{
-  int i=0;
-  for(i=0;i<num_j;i++) 
-    {
-      pstring str;
-      dfs1[i].ptr_entrypath = 1;
-      slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname, 
-	       j[i].service_name, j[i].volume_name);
-      DEBUG(5,("init_reply_dfs_info_1: %d) initing entrypath: %s\n",i,str));
-      init_unistr2(&dfs1[i].entrypath,str,strlen(str)+1);
-    }
-  return True;
-}
-
-static BOOL init_reply_dfs_info_2(struct junction_map* j, DFS_INFO_2* dfs2, int num_j)
-{
-  int i=0;
-  for(i=0;i<num_j;i++)
-    {
-      pstring str;
-      dfs2[i].ptr_entrypath = 1;
-      slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname,
-	       j[i].service_name, j[i].volume_name);
-      init_unistr2(&dfs2[i].entrypath, str, strlen(str)+1);
-      dfs2[i].ptr_comment = 0;
-      dfs2[i].state = 1; /* set up state of dfs junction as OK */
-      dfs2[i].num_storages = j[i].referral_count;
-    }
-  return True;
-}
-
-static BOOL init_reply_dfs_info_3(struct junction_map* j, DFS_INFO_3* dfs3, int num_j)
-{
-  int i=0,ii=0;
-  for(i=0;i<num_j;i++)
-    {
-      pstring str;
-      dfs3[i].ptr_entrypath = 1;
-      slprintf(str, sizeof(pstring)-1, "\\\\%s\\%s\\%s", global_myname,
-	       j[i].service_name, j[i].volume_name);
-      init_unistr2(&dfs3[i].entrypath, str, strlen(str)+1);
-      dfs3[i].ptr_comment = 1;
-      init_unistr2(&dfs3[i].comment, "", 1); 
-      dfs3[i].state = 1;
-      dfs3[i].num_storages = dfs3[i].num_storage_infos = j[i].referral_count;
-      dfs3[i].ptr_storages = 1;
-     
-      /* also enumerate the storages */
-      dfs3[i].storages = (DFS_STORAGE_INFO*) malloc(j[i].referral_count * 
-						    sizeof(DFS_STORAGE_INFO));
-      for(ii=0;ii<j[i].referral_count;ii++)
-	{
-	  char* p; 
-	  pstring path;
-	  DFS_STORAGE_INFO* stor = &(dfs3[i].storages[ii]);
-	  struct referral* ref = &(j[i].referral_list[ii]);
-	  
-	  pstrcpy(path, ref->alternate_path);
-	  trim_string(path,"\\","");
-	  p = strrchr(path,'\\');
-	  if(p==NULL)
-	    {
-	      DEBUG(4,("init_reply_dfs_info_3: invalid path: no \\ found in %s\n",path));
-	      continue;
-	    }
-	  *p = '\0';
-	  DEBUG(5,("storage %d: %s.%s\n",ii,path,p+1));
-	  stor->state = 2; /* set all storages as ONLINE */
-	  init_unistr2(&stor->servername, path, strlen(path)+1);
-	  init_unistr2(&stor->sharename,  p+1, strlen(p+1)+1);
-	  stor->ptr_servername = stor->ptr_sharename = 1;
-	}
-    }
-  return True;
-}
-
-static uint32 init_reply_dfs_ctr(uint32 level, DFS_INFO_CTR* ctr, 
-			       struct junction_map* jn, int num_jn)
-{
-  /* do the levels */
-  switch(level)
-    {
-    case 1:
-      {
-	DFS_INFO_1* dfs1;
-	dfs1 = (DFS_INFO_1*) malloc(num_jn * sizeof(DFS_INFO_1));
-	init_reply_dfs_info_1(jn, dfs1, num_jn);
-	ctr->dfs.info1 = dfs1;
-	break;
-      }
-    case 2:
-      {
-	DFS_INFO_2* dfs2;
-	dfs2 = (DFS_INFO_2*) malloc(num_jn * sizeof(DFS_INFO_2));
-	init_reply_dfs_info_2(jn, dfs2, num_jn);
-	ctr->dfs.info2 = dfs2;
-	break;
-      }
-    case 3:
-      {
-	DFS_INFO_3* dfs3;
-	dfs3 = (DFS_INFO_3*) malloc(num_jn * sizeof(DFS_INFO_3));
-	init_reply_dfs_info_3(jn, dfs3, num_jn);
-	ctr->dfs.info3 = dfs3;
-      }
-    }
-  return 0;
-}
-      
-static uint32 init_reply_dfs_enum(uint32 level, DFS_R_DFS_ENUM *q_r)
-{
-  struct junction_map jn[MAX_MSDFS_JUNCTIONS];
-  int num_jn = 0;
-  int i=0;
-
-  num_jn = enum_msdfs_links(jn);
-  
-  DEBUG(5,("make_reply_dfs_enum: %d junctions found in Dfs, doing level %d\n",
-	   num_jn, level));
-
-  q_r->ptr_buffer = level;
-  q_r->level = q_r->level2 = level;
-  q_r->ptr_num_entries = q_r->ptr_num_entries2 = 1;
-  q_r->num_entries = q_r->num_entries2 = num_jn;
-  q_r->reshnd.ptr_hnd = 1;
-  q_r->reshnd.handle = num_jn;
-  
-  q_r->ctr = (DFS_INFO_CTR*) malloc(sizeof(DFS_INFO_CTR));
-  q_r->ctr->switch_value = level;
-  q_r->ctr->num_entries = num_jn;
-  q_r->ctr->ptr_dfs_ctr = 1;
-  
-  init_reply_dfs_ctr(level, q_r->ctr, jn, num_jn);
-
-  for(i=0;i<num_jn;i++)
-    free(jn[i].referral_list);
-
-  return 0;
-}
-      
-static uint32 init_reply_dfs_get_info(UNISTR2* uni_path, uint32 level,  
-				      DFS_R_DFS_GET_INFO* r_i)
-{
-  pstring path;
-  struct junction_map jn;
-
-  unistr2_to_ascii(path, uni_path, sizeof(path)-1);
-  if(!create_junction(path, &jn))
-     return NERR_DfsNoSuchServer;
-  
-  if(!get_referred_path(&jn))
-    return NERR_DfsNoSuchVolume;
-
-  r_i->level = level;
-  r_i->ptr_ctr = 1;
-  r_i->status = init_reply_dfs_ctr(level, &(r_i->ctr), &jn, 1);
-  
-  free(jn.referral_list);
-  return 0;
-}
 /*******************************************************************
  api_dfs_get_info
  *******************************************************************/
+
 static BOOL api_dfs_get_info(pipes_struct *p)
 {
-	DFS_Q_DFS_GET_INFO q_i;
-	DFS_R_DFS_GET_INFO r_i;
+	DFS_Q_DFS_GET_INFO q_u;
+	DFS_R_DFS_GET_INFO r_u;
 	prs_struct *data = &p->in_data.data;
 	prs_struct *rdata = &p->out_data.rdata;
 
-	ZERO_STRUCT(r_i);
+	ZERO_STRUCT(q_u);
+	ZERO_STRUCT(r_u);
 	
-	if(!dfs_io_q_dfs_get_info("", &q_i, data, 0))
+	if(!dfs_io_q_dfs_get_info("", &q_u, data, 0))
 		return False;
 	
-	r_i.status = init_reply_dfs_get_info(&q_i.uni_path, q_i.level, &r_i);
+	r_u.status = _dfs_get_info(p, &q_u, &r_u);
 	
-	if(!dfs_io_r_dfs_get_info("", &r_i, rdata, 0))
+	if(!dfs_io_r_dfs_get_info("", &r_u, rdata, 0))
 		return False;
-	
-	switch(r_i.level) {
-	case 1: free(r_i.ctr.dfs.info1); break;
-	case 2: free(r_i.ctr.dfs.info2); break;
-	case 3: {
-		free(r_i.ctr.dfs.info3->storages);
-		free(r_i.ctr.dfs.info3);
-		break;
-	}
-	}
+
 	return True;
 }
 
 /*******************************************************************
  api_dfs_enum
  *******************************************************************/
+
 static BOOL api_dfs_enum(pipes_struct *p)
 {
-	DFS_Q_DFS_ENUM q_e;
-	DFS_R_DFS_ENUM q_r;
+	DFS_Q_DFS_ENUM q_u;
+	DFS_R_DFS_ENUM r_u;
 	prs_struct *data = &p->in_data.data;
 	prs_struct *rdata = &p->out_data.rdata;
 
-	if(!dfs_io_q_dfs_enum("", &q_e, data, 0))
+	ZERO_STRUCT(q_u);
+	ZERO_STRUCT(r_u);
+
+	if(!dfs_io_q_dfs_enum("", &q_u, data, 0))
 		return False;
 	
-	q_r.status = init_reply_dfs_enum(q_e.level, &q_r);
+	r_u.status = _dfs_enum(p, &q_u, &r_u);
 	
-	if(!dfs_io_r_dfs_enum("", &q_r, rdata, 0))
+	if(!dfs_io_r_dfs_enum("", &r_u, rdata, 0))
 		return False;
-	switch(q_e.level) {
-	case 1: 
-		free(q_r.ctr->dfs.info1); break;
-	case 2:
-		free(q_r.ctr->dfs.info2); break;
-	case 3:
-		free(q_r.ctr->dfs.info3->storages); 
-		free(q_r.ctr->dfs.info3); break;
-	}
-	free(q_r.ctr);
+
 	return True;
 }
 
 /*******************************************************************
 \pipe\netdfs commands
 ********************************************************************/
+
 struct api_struct api_netdfs_cmds[] =
 {
 	{"DFS_EXIST",        DFS_EXIST,               api_dfs_exist    },
@@ -455,9 +173,14 @@ struct api_struct api_netdfs_cmds[] =
 /*******************************************************************
 receives a netdfs pipe and responds.
 ********************************************************************/
+
 BOOL api_netdfs_rpc(pipes_struct *p)
 {
 	return api_rpcTNP(p, "api_netdfs_rpc", api_netdfs_cmds);
 }
 
+#else
+
+ void dfs_dummy(void) {;} /* So some compilers don't complain. */
+
 #endif
-- 
cgit