2 * Unix SMB/Netbios implementation.
4 * RPC Pipe client / server routines
5 * Copyright (C) Andrew Tridgell 1992-1998,
6 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
7 * Copyright (C) Jeremy Allison 1999.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
28 #define PIPE "\\PIPE\\"
29 #define PIPELEN strlen(PIPE)
31 extern int DEBUGLEVEL;
32 static pipes_struct *chain_p;
33 static int pipes_open;
35 #ifndef MAX_OPEN_PIPES
36 #define MAX_OPEN_PIPES 64
39 static pipes_struct *Pipes;
40 static struct bitmap *bmap;
42 /****************************************************************************
43 Pipe iterator functions.
44 ****************************************************************************/
46 pipes_struct *get_first_pipe(void)
51 pipes_struct *get_next_pipe(pipes_struct *p)
56 /* this must be larger than the sum of the open files and directories */
57 static int pipe_handle_offset;
59 /****************************************************************************
60 Set the pipe_handle_offset. Called from smbd/files.c
61 ****************************************************************************/
63 void set_pipe_handle_offset(int max_open_files)
65 if(max_open_files < 0x7000)
66 pipe_handle_offset = 0x7000;
68 pipe_handle_offset = max_open_files + 10; /* For safety. :-) */
71 /****************************************************************************
72 Reset pipe chain handle number.
73 ****************************************************************************/
74 void reset_chain_p(void)
79 /****************************************************************************
80 Initialise pipe handle states.
81 ****************************************************************************/
83 void init_rpc_pipe_hnd(void)
85 bmap = bitmap_allocate(MAX_OPEN_PIPES);
87 exit_server("out of memory in init_rpc_pipe_hnd\n");
90 /****************************************************************************
91 Initialise an outgoing packet.
92 ****************************************************************************/
94 static BOOL pipe_init_outgoing_data(pipes_struct *p)
96 output_data *o_data = &p->out_data;
98 /* Reset the offset counters. */
99 o_data->data_sent_length = 0;
100 o_data->current_pdu_len = 0;
101 o_data->current_pdu_sent = 0;
103 memset(o_data->current_pdu, '\0', sizeof(o_data->current_pdu));
105 /* Free any memory in the current return data buffer. */
106 prs_mem_free(&o_data->rdata);
109 * Initialize the outgoing RPC data buffer.
110 * we will use this as the raw data area for replying to rpc requests.
112 if(!prs_init(&o_data->rdata, MAX_PDU_FRAG_LEN, p->mem_ctx, MARSHALL)) {
113 DEBUG(0,("pipe_init_outgoing_data: malloc fail.\n"));
120 /****************************************************************************
121 Find first available pipe slot.
122 ****************************************************************************/
124 pipes_struct *open_rpc_pipe_p(char *pipe_name,
125 connection_struct *conn, uint16 vuid)
129 static int next_pipe;
131 DEBUG(4,("Open pipe requested %s (pipes_open=%d)\n",
132 pipe_name, pipes_open));
135 /* not repeating pipe numbers makes it easier to track things in
136 log files and prevents client bugs where pipe numbers are reused
137 over connection restarts */
139 next_pipe = (sys_getpid() ^ time(NULL)) % MAX_OPEN_PIPES;
141 i = bitmap_find(bmap, next_pipe);
144 DEBUG(0,("ERROR! Out of pipe structures\n"));
148 next_pipe = (i+1) % MAX_OPEN_PIPES;
150 for (p = Pipes; p; p = p->next)
151 DEBUG(5,("open_rpc_pipe_p: name %s pnum=%x\n", p->name, p->pnum));
153 p = (pipes_struct *)malloc(sizeof(*p));
160 if ((p->mem_ctx = talloc_init()) == NULL) {
161 DEBUG(0,("open_rpc_pipe_p: talloc_init failed.\n"));
166 if (!init_pipe_handle_list(p, pipe_name)) {
167 DEBUG(0,("open_rpc_pipe_p: init_pipe_handles failed.\n"));
168 talloc_destroy(p->mem_ctx);
177 * Initialize the incoming RPC data buffer with one PDU worth of memory.
178 * We cheat here and say we're marshalling, as we intend to add incoming
179 * data directly into the prs_struct and we want it to auto grow. We will
180 * change the type to UNMARSALLING before processing the stream.
183 if(!prs_init(&p->in_data.data, MAX_PDU_FRAG_LEN, p->mem_ctx, MARSHALL)) {
184 DEBUG(0,("open_rpc_pipe_p: malloc fail for in_data struct.\n"));
189 i += pipe_handle_offset;
201 p->max_trans_reply = 0;
203 p->ntlmssp_chal_flags = 0;
204 p->ntlmssp_auth_validated = False;
205 p->ntlmssp_auth_requested = False;
207 p->pipe_bound = False;
208 p->fault_state = False;
209 p->endian = RPC_LITTLE_ENDIAN;
212 * Initialize the incoming RPC struct.
215 p->in_data.pdu_needed_len = 0;
216 p->in_data.pdu_received_len = 0;
219 * Initialize the outgoing RPC struct.
222 p->out_data.current_pdu_len = 0;
223 p->out_data.current_pdu_sent = 0;
224 p->out_data.data_sent_length = 0;
227 * Initialize the outgoing RPC data buffer with no memory.
229 prs_init(&p->out_data.rdata, 0, p->mem_ctx, MARSHALL);
231 ZERO_STRUCT(p->pipe_user);
233 p->pipe_user.uid = (uid_t)-1;
234 p->pipe_user.gid = (gid_t)-1;
236 fstrcpy(p->name, pipe_name);
238 DEBUG(4,("Opened pipe %s with handle %x (pipes_open=%d)\n",
239 pipe_name, i, pipes_open));
243 /* OVERWRITE p as a temp variable, to display all open pipes */
244 for (p = Pipes; p; p = p->next)
245 DEBUG(5,("open pipes: name %s pnum=%x\n", p->name, p->pnum));
250 /****************************************************************************
251 Sets the fault state on incoming packets.
252 ****************************************************************************/
254 static void set_incoming_fault(pipes_struct *p)
256 prs_mem_free(&p->in_data.data);
257 p->in_data.pdu_needed_len = 0;
258 p->in_data.pdu_received_len = 0;
259 p->fault_state = True;
260 DEBUG(10,("set_incoming_fault: Setting fault state on pipe %s : pnum = 0x%x\n",
264 /****************************************************************************
265 Ensures we have at least RPC_HEADER_LEN amount of data in the incoming buffer.
266 ****************************************************************************/
268 static ssize_t fill_rpc_header(pipes_struct *p, char *data, size_t data_to_copy)
270 size_t len_needed_to_complete_hdr = MIN(data_to_copy, RPC_HEADER_LEN - p->in_data.pdu_received_len);
272 DEBUG(10,("fill_rpc_header: data_to_copy = %u, len_needed_to_complete_hdr = %u, receive_len = %u\n",
273 (unsigned int)data_to_copy, (unsigned int)len_needed_to_complete_hdr,
274 (unsigned int)p->in_data.pdu_received_len ));
276 memcpy((char *)&p->in_data.current_in_pdu[p->in_data.pdu_received_len], data, len_needed_to_complete_hdr);
277 p->in_data.pdu_received_len += len_needed_to_complete_hdr;
279 return (ssize_t)len_needed_to_complete_hdr;
282 /****************************************************************************
283 Unmarshalls a new PDU header. Assumes the raw header data is in current_in_pdu.
284 ****************************************************************************/
286 static ssize_t unmarshall_rpc_header(pipes_struct *p)
289 * Unmarshall the header to determine the needed length.
294 if(p->in_data.pdu_received_len != RPC_HEADER_LEN) {
295 DEBUG(0,("unmarshall_rpc_header: assert on rpc header length failed.\n"));
296 set_incoming_fault(p);
300 prs_init( &rpc_in, 0, p->mem_ctx, UNMARSHALL);
301 prs_set_endian_data( &rpc_in, p->endian);
303 prs_give_memory( &rpc_in, (char *)&p->in_data.current_in_pdu[0],
304 p->in_data.pdu_received_len, False);
307 * Unmarshall the header as this will tell us how much
308 * data we need to read to get the complete pdu.
309 * This also sets the endian flag in rpc_in.
312 if(!smb_io_rpc_hdr("", &p->hdr, &rpc_in, 0)) {
313 DEBUG(0,("unmarshall_rpc_header: failed to unmarshall RPC_HDR.\n"));
314 set_incoming_fault(p);
315 prs_mem_free(&rpc_in);
320 * Validate the RPC header.
323 if(p->hdr.major != 5 && p->hdr.minor != 0) {
324 DEBUG(0,("unmarshall_rpc_header: invalid major/minor numbers in RPC_HDR.\n"));
325 set_incoming_fault(p);
326 prs_mem_free(&rpc_in);
331 * If there's not data in the incoming buffer this should be the start of a new RPC.
334 if(prs_offset(&p->in_data.data) == 0) {
337 * AS/U doesn't set FIRST flag in a BIND packet it seems.
340 if ((p->hdr.pkt_type == RPC_REQUEST) && !(p->hdr.flags & RPC_FLG_FIRST)) {
342 * Ensure that the FIRST flag is set. If not then we have
343 * a stream missmatch.
346 DEBUG(0,("unmarshall_rpc_header: FIRST flag not set in first PDU !\n"));
347 set_incoming_fault(p);
348 prs_mem_free(&rpc_in);
353 * If this is the first PDU then set the endianness
354 * flag in the pipe. We will need this when parsing all
358 p->endian = rpc_in.bigendian_data;
360 DEBUG(5,("unmarshall_rpc_header: using %sendian RPC\n",
361 p->endian == RPC_LITTLE_ENDIAN ? "little-" : "big-" ));
366 * If this is *NOT* the first PDU then check the endianness
367 * flag in the pipe is the same as that in the PDU.
370 if (p->endian != rpc_in.bigendian_data) {
371 DEBUG(0,("unmarshall_rpc_header: FIRST endianness flag (%d) different in next PDU !\n", (int)p->endian));
372 set_incoming_fault(p);
373 prs_mem_free(&rpc_in);
379 * Ensure that the pdu length is sane.
382 if((p->hdr.frag_len < RPC_HEADER_LEN) || (p->hdr.frag_len > MAX_PDU_FRAG_LEN)) {
383 DEBUG(0,("unmarshall_rpc_header: assert on frag length failed.\n"));
384 set_incoming_fault(p);
385 prs_mem_free(&rpc_in);
389 DEBUG(10,("unmarshall_rpc_header: type = %u, flags = %u\n", (unsigned int)p->hdr.pkt_type,
390 (unsigned int)p->hdr.flags ));
393 * Adjust for the header we just ate.
395 p->in_data.pdu_received_len = 0;
396 p->in_data.pdu_needed_len = (uint32)p->hdr.frag_len - RPC_HEADER_LEN;
399 * Null the data we just ate.
402 memset((char *)&p->in_data.current_in_pdu[0], '\0', RPC_HEADER_LEN);
404 prs_mem_free(&rpc_in);
406 return 0; /* No extra data processed. */
409 /****************************************************************************
410 Call this to free any talloc'ed memory. Do this before and after processing
412 ****************************************************************************/
414 void free_pipe_context(pipes_struct *p)
417 DEBUG(3,("free_pipe_context: destroying talloc pool of size %u\n", talloc_pool_size(p->mem_ctx) ));
418 talloc_destroy_pool(p->mem_ctx);
420 p->mem_ctx = talloc_init();
421 if (p->mem_ctx == NULL)
422 p->fault_state = True;
426 /****************************************************************************
427 Processes a request pdu. This will do auth processing if needed, and
428 appends the data into the complete stream if the LAST flag is not set.
429 ****************************************************************************/
431 static BOOL process_request_pdu(pipes_struct *p, prs_struct *rpc_in_p)
433 BOOL auth_verify = ((p->ntlmssp_chal_flags & NTLMSSP_NEGOTIATE_SIGN) != 0);
434 size_t data_len = p->hdr.frag_len - RPC_HEADER_LEN - RPC_HDR_REQ_LEN -
435 (auth_verify ? RPC_HDR_AUTH_LEN : 0) - p->hdr.auth_len;
438 DEBUG(0,("process_request_pdu: rpc request with no bind.\n"));
439 set_incoming_fault(p);
444 * Check if we need to do authentication processing.
445 * This is only done on requests, not binds.
449 * Read the RPC request header.
452 if(!smb_io_rpc_hdr_req("req", &p->hdr_req, rpc_in_p, 0)) {
453 DEBUG(0,("process_request_pdu: failed to unmarshall RPC_HDR_REQ.\n"));
454 set_incoming_fault(p);
458 if(p->ntlmssp_auth_validated && !api_pipe_auth_process(p, rpc_in_p)) {
459 DEBUG(0,("process_request_pdu: failed to do auth processing.\n"));
460 set_incoming_fault(p);
464 if (p->ntlmssp_auth_requested && !p->ntlmssp_auth_validated) {
467 * Authentication _was_ requested and it already failed.
470 DEBUG(0,("process_request_pdu: RPC request received on pipe %s where \
471 authentication failed. Denying the request.\n", p->name));
472 set_incoming_fault(p);
477 * Check the data length doesn't go over the 10Mb limit.
480 if(prs_data_size(&p->in_data.data) + data_len > 10*1024*1024) {
481 DEBUG(0,("process_request_pdu: rpc data buffer too large (%u) + (%u)\n",
482 (unsigned int)prs_data_size(&p->in_data.data), (unsigned int)data_len ));
483 set_incoming_fault(p);
488 * Append the data portion into the buffer and return.
492 char *data_from = prs_data_p(rpc_in_p) + prs_offset(rpc_in_p);
494 if(!prs_append_data(&p->in_data.data, data_from, data_len)) {
495 DEBUG(0,("process_request_pdu: Unable to append data size %u to parse buffer of size %u.\n",
496 (unsigned int)data_len, (unsigned int)prs_data_size(&p->in_data.data) ));
497 set_incoming_fault(p);
503 if(p->hdr.flags & RPC_FLG_LAST) {
506 * Ok - we finally have a complete RPC stream.
507 * Call the rpc command to process it.
511 * Ensure the internal prs buffer size is *exactly* the same
512 * size as the current offset.
515 if(!prs_set_buffer_size(&p->in_data.data, prs_offset(&p->in_data.data)))
517 DEBUG(0,("process_request_pdu: Call to prs_set_buffer_size failed!\n"));
518 set_incoming_fault(p);
523 * Set the parse offset to the start of the data and set the
524 * prs_struct to UNMARSHALL.
527 prs_set_offset(&p->in_data.data, 0);
528 prs_switch_type(&p->in_data.data, UNMARSHALL);
531 * Process the complete data stream here.
534 free_pipe_context(p);
536 if(pipe_init_outgoing_data(p))
537 ret = api_pipe_request(p);
539 free_pipe_context(p);
542 * We have consumed the whole data stream. Set back to
543 * marshalling and set the offset back to the start of
544 * the buffer to re-use it (we could also do a prs_mem_free()
545 * and then re_init on the next start of PDU. Not sure which
546 * is best here.... JRA.
549 prs_switch_type(&p->in_data.data, MARSHALL);
550 prs_set_offset(&p->in_data.data, 0);
557 /****************************************************************************
558 Processes a finished PDU stored in current_in_pdu. The RPC_HEADER has
559 already been parsed and stored in p->hdr.
560 ****************************************************************************/
562 static ssize_t process_complete_pdu(pipes_struct *p)
565 size_t data_len = p->in_data.pdu_received_len;
566 char *data_p = (char *)&p->in_data.current_in_pdu[0];
570 DEBUG(10,("process_complete_pdu: pipe %s in fault state.\n",
572 set_incoming_fault(p);
573 setup_fault_pdu(p, NT_STATUS(0x1c010002));
574 return (ssize_t)data_len;
577 prs_init( &rpc_in, 0, p->mem_ctx, UNMARSHALL);
580 * Ensure we're using the corrent endianness for both the
581 * RPC header flags and the raw data we will be reading from.
584 prs_set_endian_data( &rpc_in, p->endian);
585 prs_set_endian_data( &p->in_data.data, p->endian);
587 prs_give_memory( &rpc_in, data_p, (uint32)data_len, False);
589 DEBUG(10,("process_complete_pdu: processing packet type %u\n",
590 (unsigned int)p->hdr.pkt_type ));
592 switch (p->hdr.pkt_type) {
596 * We assume that a pipe bind is only in one pdu.
598 if(pipe_init_outgoing_data(p))
599 reply = api_pipe_bind_req(p, &rpc_in);
603 * We assume that a pipe bind_resp is only in one pdu.
605 if(pipe_init_outgoing_data(p))
606 reply = api_pipe_bind_auth_resp(p, &rpc_in);
609 reply = process_request_pdu(p, &rpc_in);
612 DEBUG(0,("process_complete_pdu: Unknown rpc type = %u received.\n", (unsigned int)p->hdr.pkt_type ));
616 /* Reset to little endian. Probably don't need this but it won't hurt. */
617 prs_set_endian_data( &p->in_data.data, RPC_LITTLE_ENDIAN);
620 DEBUG(3,("process_complete_pdu: DCE/RPC fault sent on pipe %s\n", p->pipe_srv_name));
621 set_incoming_fault(p);
622 setup_fault_pdu(p, NT_STATUS(0x1c010002));
623 prs_mem_free(&rpc_in);
626 * Reset the lengths. We're ready for a new pdu.
628 p->in_data.pdu_needed_len = 0;
629 p->in_data.pdu_received_len = 0;
632 prs_mem_free(&rpc_in);
633 return (ssize_t)data_len;
636 /****************************************************************************
637 Accepts incoming data on an rpc pipe. Processes the data in pdu sized units.
638 ****************************************************************************/
640 static ssize_t process_incoming_data(pipes_struct *p, char *data, size_t n)
642 size_t data_to_copy = MIN(n, MAX_PDU_FRAG_LEN - p->in_data.pdu_received_len);
644 DEBUG(10,("process_incoming_data: Start: pdu_received_len = %u, pdu_needed_len = %u, incoming data = %u\n",
645 (unsigned int)p->in_data.pdu_received_len, (unsigned int)p->in_data.pdu_needed_len,
648 if(data_to_copy == 0) {
650 * This is an error - data is being received and there is no
651 * space in the PDU. Free the received data and go into the fault state.
653 DEBUG(0,("process_incoming_data: No space in incoming pdu buffer. Current size = %u \
654 incoming data size = %u\n", (unsigned int)p->in_data.pdu_received_len, (unsigned int)n ));
655 set_incoming_fault(p);
660 * If we have no data already, wait until we get at least a RPC_HEADER_LEN
661 * number of bytes before we can do anything.
664 if((p->in_data.pdu_needed_len == 0) && (p->in_data.pdu_received_len < RPC_HEADER_LEN)) {
666 * Always return here. If we have more data then the RPC_HEADER
667 * will be processed the next time around the loop.
669 return fill_rpc_header(p, data, data_to_copy);
673 * At this point we know we have at least an RPC_HEADER_LEN amount of data
674 * stored in current_in_pdu.
678 * If pdu_needed_len is zero this is a new pdu.
679 * Unmarshall the header so we know how much more
680 * data we need, then loop again.
683 if(p->in_data.pdu_needed_len == 0)
684 return unmarshall_rpc_header(p);
687 * Ok - at this point we have a valid RPC_HEADER in p->hdr.
688 * Keep reading until we have a full pdu.
691 data_to_copy = MIN(data_to_copy, p->in_data.pdu_needed_len);
694 * Copy as much of the data as we need into the current_in_pdu buffer.
697 memcpy( (char *)&p->in_data.current_in_pdu[p->in_data.pdu_received_len], data, data_to_copy);
698 p->in_data.pdu_received_len += data_to_copy;
701 * Do we have a complete PDU ?
704 if(p->in_data.pdu_received_len == p->in_data.pdu_needed_len)
705 return process_complete_pdu(p);
707 DEBUG(10,("process_incoming_data: not a complete PDU yet. pdu_received_len = %u, pdu_needed_len = %u\n",
708 (unsigned int)p->in_data.pdu_received_len, (unsigned int)p->in_data.pdu_needed_len ));
710 return (ssize_t)data_to_copy;
714 /****************************************************************************
715 Accepts incoming data on an rpc pipe.
716 ****************************************************************************/
718 ssize_t write_to_pipe(pipes_struct *p, char *data, size_t n)
720 size_t data_left = n;
722 DEBUG(6,("write_to_pipe: %x", p->pnum));
724 DEBUG(6,(" name: %s open: %s len: %d\n",
725 p->name, BOOLSTR(p->open), (int)n));
727 dump_data(50, data, n);
732 DEBUG(10,("write_to_pipe: data_left = %u\n", (unsigned int)data_left ));
734 data_used = process_incoming_data(p, data, data_left);
736 DEBUG(10,("write_to_pipe: data_used = %d\n", (int)data_used ));
741 data_left -= data_used;
748 /****************************************************************************
749 Replies to a request to read data from a pipe.
751 Headers are interspersed with the data at PDU intervals. By the time
752 this function is called, the start of the data could possibly have been
753 read by an SMBtrans (file_offset != 0).
755 Calling create_rpc_reply() here is a hack. The data should already
756 have been prepared into arrays of headers + data stream sections.
757 ****************************************************************************/
759 ssize_t read_from_pipe(pipes_struct *p, char *data, size_t n)
761 uint32 pdu_remaining = 0;
762 ssize_t data_returned = 0;
764 if (!p || !p->open) {
765 DEBUG(0,("read_from_pipe: pipe not open\n"));
769 DEBUG(6,("read_from_pipe: %x", p->pnum));
771 DEBUG(6,(" name: %s len: %u\n", p->name, (unsigned int)n));
774 * We cannot return more than one PDU length per
779 * This condition should result in the connection being closed.
780 * Netapp filers seem to set it to 0xffff which results in domain
781 * authentications failing. Just ignore it so things work.
784 if(n > MAX_PDU_FRAG_LEN) {
785 DEBUG(5,("read_from_pipe: too large read (%u) requested on \
786 pipe %s. We can only service %d sized reads.\n", (unsigned int)n, p->name, MAX_PDU_FRAG_LEN ));
790 * Determine if there is still data to send in the
791 * pipe PDU buffer. Always send this first. Never
792 * send more than is left in the current PDU. The
793 * client should send a new read request for a new
797 if((pdu_remaining = p->out_data.current_pdu_len - p->out_data.current_pdu_sent) > 0) {
798 data_returned = (ssize_t)MIN(n, pdu_remaining);
800 DEBUG(10,("read_from_pipe: %s: current_pdu_len = %u, current_pdu_sent = %u \
801 returning %d bytes.\n", p->name, (unsigned int)p->out_data.current_pdu_len,
802 (unsigned int)p->out_data.current_pdu_sent, (int)data_returned));
804 memcpy( data, &p->out_data.current_pdu[p->out_data.current_pdu_sent], (size_t)data_returned);
805 p->out_data.current_pdu_sent += (uint32)data_returned;
810 * At this point p->current_pdu_len == p->current_pdu_sent (which
811 * may of course be zero if this is the first return fragment.
814 DEBUG(10,("read_from_pipe: %s: fault_state = %d : data_sent_length \
815 = %u, prs_offset(&p->out_data.rdata) = %u.\n",
816 p->name, (int)p->fault_state, (unsigned int)p->out_data.data_sent_length, (unsigned int)prs_offset(&p->out_data.rdata) ));
818 if(p->out_data.data_sent_length >= prs_offset(&p->out_data.rdata)) {
820 * We have sent all possible data, return 0.
827 * We need to create a new PDU from the data left in p->rdata.
828 * Create the header/data/footers. This also sets up the fields
829 * p->current_pdu_len, p->current_pdu_sent, p->data_sent_length
830 * and stores the outgoing PDU in p->current_pdu.
833 if(!create_next_pdu(p)) {
834 DEBUG(0,("read_from_pipe: %s: create_next_pdu failed.\n", p->name));
838 data_returned = MIN(n, p->out_data.current_pdu_len);
840 memcpy( data, p->out_data.current_pdu, (size_t)data_returned);
841 p->out_data.current_pdu_sent += (uint32)data_returned;
845 return data_returned;
848 /****************************************************************************
849 Wait device state on a pipe. Exactly what this is for is unknown...
850 ****************************************************************************/
852 BOOL wait_rpc_pipe_hnd_state(pipes_struct *p, uint16 priority)
858 DEBUG(3,("wait_rpc_pipe_hnd_state: Setting pipe wait state priority=%x on pipe (name=%s)\n",
861 p->priority = priority;
866 DEBUG(3,("wait_rpc_pipe_hnd_state: Error setting pipe wait state priority=%x (name=%s)\n",
872 /****************************************************************************
873 Set device state on a pipe. Exactly what this is for is unknown...
874 ****************************************************************************/
876 BOOL set_rpc_pipe_hnd_state(pipes_struct *p, uint16 device_state)
882 DEBUG(3,("set_rpc_pipe_hnd_state: Setting pipe device state=%x on pipe (name=%s)\n",
883 device_state, p->name));
885 p->device_state = device_state;
890 DEBUG(3,("set_rpc_pipe_hnd_state: Error setting pipe device state=%x (name=%s)\n",
891 device_state, p->name));
896 /****************************************************************************
898 ****************************************************************************/
900 BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn)
903 DEBUG(0,("Invalid pipe in close_rpc_pipe_hnd\n"));
907 prs_mem_free(&p->out_data.rdata);
908 prs_mem_free(&p->in_data.data);
911 talloc_destroy(p->mem_ctx);
913 /* Free the handles database. */
914 close_policy_by_pipe(p);
916 bitmap_clear(bmap, p->pnum - pipe_handle_offset);
920 DEBUG(4,("closed pipe name %s pnum=%x (pipes_open=%d)\n",
921 p->name, p->pnum, pipes_open));
923 DLIST_REMOVE(Pipes, p);
925 delete_nt_token(&p->pipe_user.nt_user_token);
926 SAFE_FREE(p->pipe_user.groups);
935 /****************************************************************************
936 Find an rpc pipe given a pipe handle in a buffer and an offset.
937 ****************************************************************************/
939 pipes_struct *get_rpc_pipe_p(char *buf, int where)
941 int pnum = SVAL(buf,where);
946 return get_rpc_pipe(pnum);
949 /****************************************************************************
950 Find an rpc pipe given a pipe handle.
951 ****************************************************************************/
953 pipes_struct *get_rpc_pipe(int pnum)
957 DEBUG(4,("search for pipe pnum=%x\n", pnum));
959 for (p=Pipes;p;p=p->next)
960 DEBUG(5,("pipe name %s pnum=%x (pipes_open=%d)\n",
961 p->name, p->pnum, pipes_open));
963 for (p=Pipes;p;p=p->next) {
964 if (p->pnum == pnum) {