3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1998,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
8 * Copyright (C) Jeremy Allison 1999.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #define PIPE "\\PIPE\\"
30 #define PIPELEN strlen(PIPE)
32 extern int DEBUGLEVEL;
33 static pipes_struct *chain_p;
34 static int pipes_open;
36 #ifndef MAX_OPEN_PIPES
37 #define MAX_OPEN_PIPES 64
40 static pipes_struct *Pipes;
41 static struct bitmap *bmap;
43 /* this must be larger than the sum of the open files and directories */
44 static int pipe_handle_offset;
46 /****************************************************************************
47 Set the pipe_handle_offset. Called from smbd/files.c
48 ****************************************************************************/
50 void set_pipe_handle_offset(int max_open_files)
52 if(max_open_files < 0x7000)
53 pipe_handle_offset = 0x7000;
55 pipe_handle_offset = max_open_files + 10; /* For safety. :-) */
58 /****************************************************************************
59 Reset pipe chain handle number.
60 ****************************************************************************/
61 void reset_chain_p(void)
66 /****************************************************************************
67 Initialise pipe handle states.
68 ****************************************************************************/
70 void init_rpc_pipe_hnd(void)
72 bmap = bitmap_allocate(MAX_OPEN_PIPES);
74 exit_server("out of memory in init_rpc_pipe_hnd\n");
77 /****************************************************************************
78 Initialise an outgoing packet.
79 ****************************************************************************/
81 static BOOL pipe_init_outgoing_data(output_data *o_data)
83 /* Reset the offset counters. */
84 o_data->data_sent_length = 0;
85 o_data->current_pdu_len = 0;
86 o_data->current_pdu_sent = 0;
88 memset(o_data->current_pdu, '\0', sizeof(o_data->current_pdu));
90 /* Free any memory in the current return data buffer. */
91 prs_mem_free(&o_data->rdata);
94 * Initialize the outgoing RPC data buffer.
95 * we will use this as the raw data area for replying to rpc requests.
97 if(!prs_init(&o_data->rdata, MAX_PDU_FRAG_LEN, 4, MARSHALL)) {
98 DEBUG(0,("pipe_init_outgoing_data: malloc fail.\n"));
105 /****************************************************************************
106 Attempt to find a remote process to communicate RPC's with.
107 ****************************************************************************/
109 static void attempt_remote_rpc_connect(pipes_struct *p)
111 struct user_creds usr;
112 user_struct *vuser = get_valid_user_struct(p->vuid);
117 DEBUG(4,("attempt_remote_rpc_connect: invalid vuid %d\n", (int)p->vuid));
123 /* set up unix credentials from the smb side, to feed over the pipe */
124 make_creds_unix(&usr.uxc, vuser->user.unix_name, vuser->user.smb_name,
125 vuser->user.full_name, vuser->guest);
127 make_creds_unix_sec(&usr.uxs, vuser->uid, vuser->gid,
128 vuser->n_groups, vuser->groups);
132 DEBUG(10,("user session key not available (yet).\n"));
133 DEBUG(10,("password-change operations may fail.\n"));
135 #if USER_SESSION_KEY_DEFINED_IN_VUSER_STRUCT
136 memcpy(usr.usr_sess_key, vuser->usr_sess_key, sizeof(usr.usr_sess_key));
138 memset(usr.usr_sess_key, 0, sizeof(usr.usr_sess_key));
141 /* set up nt credentials from the smb side, to feed over the pipe */
143 make_creds_nt(&usr.ntc);
144 make_creds_nt_sec(&usr.nts);
147 become_root(False); /* to connect to pipe */
148 p->m = msrpc_use_add(p->name, sys_getpid(), &usr, False);
149 unbecome_root(False);
152 DEBUG(10,("attempt_remote_rpc_connect: msrpc redirect failed - using local implementation.\n"));
155 /****************************************************************************
156 Find first available pipe slot.
157 ****************************************************************************/
159 pipes_struct *open_rpc_pipe_p(char *pipe_name,
160 connection_struct *conn, uint16 vuid)
164 static int next_pipe;
166 DEBUG(4,("Open pipe requested %s (pipes_open=%d)\n",
167 pipe_name, pipes_open));
170 /* not repeating pipe numbers makes it easier to track things in
171 log files and prevents client bugs where pipe numbers are reused
172 over connection restarts */
174 next_pipe = (sys_getpid() ^ time(NULL)) % MAX_OPEN_PIPES;
176 i = bitmap_find(bmap, next_pipe);
179 DEBUG(0,("ERROR! Out of pipe structures\n"));
183 next_pipe = (i+1) % MAX_OPEN_PIPES;
185 for (p = Pipes; p; p = p->next)
186 DEBUG(5,("open pipes: name %s pnum=%x\n", p->name, p->pnum));
188 p = (pipes_struct *)malloc(sizeof(*p));
198 * Initialize the incoming RPC data buffer with one PDU worth of memory.
199 * We cheat here and say we're marshalling, as we intend to add incoming
200 * data directly into the prs_struct and we want it to auto grow. We will
201 * change the type to UNMARSALLING before processing the stream.
204 if(!prs_init(&p->in_data.data, MAX_PDU_FRAG_LEN, 4, MARSHALL)) {
205 DEBUG(0,("open_rpc_pipe_p: malloc fail for in_data struct.\n"));
210 i += pipe_handle_offset;
222 p->max_trans_reply = 0;
224 p->ntlmssp_chal_flags = 0;
225 p->ntlmssp_auth_validated = False;
226 p->ntlmssp_auth_requested = False;
228 p->pipe_bound = False;
229 p->fault_state = False;
232 * Initialize the incoming RPC struct.
235 p->in_data.pdu_needed_len = 0;
236 p->in_data.pdu_received_len = 0;
239 * Initialize the outgoing RPC struct.
242 p->out_data.current_pdu_len = 0;
243 p->out_data.current_pdu_sent = 0;
244 p->out_data.data_sent_length = 0;
247 * Initialize the outgoing RPC data buffer with no memory.
249 prs_init(&p->out_data.rdata, 0, 4, MARSHALL);
254 fstrcpy(p->name, pipe_name);
258 Comment out until memory leak fixed. JRA.
261 * For Luke - attempt to connect to RPC redirect process.
264 attempt_remote_rpc_connect(p);
267 DEBUG(4,("Opened pipe %s with handle %x (pipes_open=%d)\n",
268 pipe_name, i, pipes_open));
272 /* OVERWRITE p as a temp variable, to display all open pipes */
273 for (p = Pipes; p; p = p->next)
274 DEBUG(5,("open pipes: name %s pnum=%x\n", p->name, p->pnum));
279 /****************************************************************************
280 Sets the fault state on incoming packets.
281 ****************************************************************************/
283 static void set_incoming_fault(pipes_struct *p)
285 prs_mem_free(&p->in_data.data);
286 p->in_data.pdu_needed_len = 0;
287 p->in_data.pdu_received_len = 0;
288 p->fault_state = True;
289 DEBUG(10,("set_incoming_fault: Setting fault state on pipe %s : pnum = 0x%x\n",
293 /****************************************************************************
294 Ensures we have at least RPC_HEADER_LEN amount of data in the incoming buffer.
295 ****************************************************************************/
297 static ssize_t fill_rpc_header(pipes_struct *p, char *data, size_t data_to_copy)
299 size_t len_needed_to_complete_hdr = MIN(data_to_copy, RPC_HEADER_LEN - p->in_data.pdu_received_len);
301 DEBUG(10,("fill_rpc_header: data_to_copy = %u, len_needed_to_complete_hdr = %u, receive_len = %u\n",
302 (unsigned int)data_to_copy, (unsigned int)len_needed_to_complete_hdr,
303 (unsigned int)p->in_data.pdu_received_len ));
305 memcpy((char *)&p->in_data.current_in_pdu[p->in_data.pdu_received_len], data, len_needed_to_complete_hdr);
306 p->in_data.pdu_received_len += len_needed_to_complete_hdr;
308 return (ssize_t)len_needed_to_complete_hdr;
311 /****************************************************************************
312 Unmarshalls a new PDU header. Assumes the raw header data is in current_in_pdu.
313 ****************************************************************************/
315 static ssize_t unmarshall_rpc_header(pipes_struct *p)
318 * Unmarshall the header to determine the needed length.
323 if(p->in_data.pdu_received_len != RPC_HEADER_LEN) {
324 DEBUG(0,("unmarshall_rpc_header: assert on rpc header length failed.\n"));
325 set_incoming_fault(p);
329 prs_init( &rpc_in, 0, 4, UNMARSHALL);
330 prs_give_memory( &rpc_in, (char *)&p->in_data.current_in_pdu[0],
331 p->in_data.pdu_received_len, False);
334 * Unmarshall the header as this will tell us how much
335 * data we need to read to get the complete pdu.
338 if(!smb_io_rpc_hdr("", &p->hdr, &rpc_in, 0)) {
339 DEBUG(0,("unmarshall_rpc_header: failed to unmarshall RPC_HDR.\n"));
340 set_incoming_fault(p);
345 * Validate the RPC header.
348 if(p->hdr.major != 5 && p->hdr.minor != 0) {
349 DEBUG(0,("unmarshall_rpc_header: invalid major/minor numbers in RPC_HDR.\n"));
350 set_incoming_fault(p);
355 * If there is no data in the incoming buffer and it's a requst pdu then
356 * ensure that the FIRST flag is set. If not then we have
357 * a stream missmatch.
360 if((p->hdr.pkt_type == RPC_REQUEST) && (prs_offset(&p->in_data.data) == 0) && !(p->hdr.flags & RPC_FLG_FIRST)) {
361 DEBUG(0,("unmarshall_rpc_header: FIRST flag not set in first PDU !\n"));
362 set_incoming_fault(p);
367 * Ensure that the pdu length is sane.
370 if((p->hdr.frag_len < RPC_HEADER_LEN) || (p->hdr.frag_len > MAX_PDU_FRAG_LEN)) {
371 DEBUG(0,("unmarshall_rpc_header: assert on frag length failed.\n"));
372 set_incoming_fault(p);
376 DEBUG(10,("unmarshall_rpc_header: type = %u, flags = %u\n", (unsigned int)p->hdr.pkt_type,
377 (unsigned int)p->hdr.flags ));
380 * Adjust for the header we just ate.
382 p->in_data.pdu_received_len = 0;
383 p->in_data.pdu_needed_len = (uint32)p->hdr.frag_len - RPC_HEADER_LEN;
386 * Null the data we just ate.
389 memset((char *)&p->in_data.current_in_pdu[0], '\0', RPC_HEADER_LEN);
391 return 0; /* No extra data processed. */
394 /****************************************************************************
395 Processes a request pdu. This will do auth processing if needed, and
396 appends the data into the complete stream if the LAST flag is not set.
397 ****************************************************************************/
399 static BOOL process_request_pdu(pipes_struct *p, prs_struct *rpc_in_p)
401 BOOL auth_verify = IS_BITS_SET_ALL(p->ntlmssp_chal_flags, NTLMSSP_NEGOTIATE_SIGN);
402 size_t data_len = p->hdr.frag_len - RPC_HEADER_LEN - RPC_HDR_REQ_LEN -
403 (auth_verify ? RPC_HDR_AUTH_LEN : 0) - p->hdr.auth_len;
406 DEBUG(0,("process_request_pdu: rpc request with no bind.\n"));
407 set_incoming_fault(p);
412 * Check if we need to do authentication processing.
413 * This is only done on requests, not binds.
417 * Read the RPC request header.
420 if(!smb_io_rpc_hdr_req("req", &p->hdr_req, rpc_in_p, 0)) {
421 DEBUG(0,("process_request_pdu: failed to unmarshall RPC_HDR_REQ.\n"));
422 set_incoming_fault(p);
426 if(p->ntlmssp_auth_validated && !api_pipe_auth_process(p, rpc_in_p)) {
427 DEBUG(0,("process_request_pdu: failed to do auth processing.\n"));
428 set_incoming_fault(p);
432 if (p->ntlmssp_auth_requested && !p->ntlmssp_auth_validated) {
435 * Authentication _was_ requested and it already failed.
438 DEBUG(0,("process_request_pdu: RPC request received on pipe %s where \
439 authentication failed. Denying the request.\n", p->name));
440 set_incoming_fault(p);
445 * Check the data length doesn't go over the 1Mb limit.
448 if(prs_data_size(&p->in_data.data) + data_len > 1024*1024) {
449 DEBUG(0,("process_request_pdu: rpc data buffer too large (%u) + (%u)\n",
450 (unsigned int)prs_data_size(&p->in_data.data), (unsigned int)data_len ));
451 set_incoming_fault(p);
456 * Append the data portion into the buffer and return.
460 char *data_from = prs_data_p(rpc_in_p) + prs_offset(rpc_in_p);
462 if(!prs_append_data(&p->in_data.data, data_from, data_len)) {
463 DEBUG(0,("process_request_pdu: Unable to append data size %u to parse buffer of size %u.\n",
464 (unsigned int)data_len, (unsigned int)prs_data_size(&p->in_data.data) ));
465 set_incoming_fault(p);
471 if(p->hdr.flags & RPC_FLG_LAST) {
474 * Ok - we finally have a complete RPC stream.
475 * Call the rpc command to process it.
479 * Ensure the internal prs buffer size is *exactly* the same
480 * size as the current offset.
483 prs_set_buffer_size(&p->in_data.data, prs_offset(&p->in_data.data));
486 * Set the parse offset to the start of the data and set the
487 * prs_struct to UNMARSHALL.
490 prs_set_offset(&p->in_data.data, 0);
491 prs_switch_type(&p->in_data.data, UNMARSHALL);
494 * Process the complete data stream here.
497 if(pipe_init_outgoing_data(&p->out_data))
498 ret = api_pipe_request(p);
501 * We have consumed the whole data stream. Set back to
502 * marshalling and set the offset back to the start of
503 * the buffer to re-use it (we could also do a prs_mem_free()
504 * and then re_init on the next start of PDU. Not sure which
505 * is best here.... JRA.
508 prs_switch_type(&p->in_data.data, MARSHALL);
509 prs_set_offset(&p->in_data.data, 0);
516 /****************************************************************************
517 Processes a finished PDU stored in current_in_pdu. The RPC_HEADER has
518 already been parsed and stored in p->hdr.
519 ****************************************************************************/
521 static ssize_t process_complete_pdu(pipes_struct *p)
524 size_t data_len = p->in_data.pdu_received_len;
525 char *data_p = (char *)&p->in_data.current_in_pdu[0];
529 DEBUG(10,("process_complete_pdu: pipe %s in fault state.\n",
531 set_incoming_fault(p);
533 return (ssize_t)data_len;
536 prs_init( &rpc_in, 0, 4, UNMARSHALL);
537 prs_give_memory( &rpc_in, data_p, (uint32)data_len, False);
539 DEBUG(10,("process_complete_pdu: processing packet type %u\n",
540 (unsigned int)p->hdr.pkt_type ));
542 switch (p->hdr.pkt_type) {
546 * We assume that a pipe bind is only in one pdu.
548 if(pipe_init_outgoing_data(&p->out_data))
549 reply = api_pipe_bind_req(p, &rpc_in);
553 * We assume that a pipe bind_resp is only in one pdu.
555 if(pipe_init_outgoing_data(&p->out_data))
556 reply = api_pipe_bind_auth_resp(p, &rpc_in);
559 reply = process_request_pdu(p, &rpc_in);
562 DEBUG(0,("process_complete_pdu: Unknown rpc type = %u received.\n", (unsigned int)p->hdr.pkt_type ));
567 DEBUG(3,("process_complete_pdu: DCE/RPC fault sent on pipe %s\n", p->pipe_srv_name));
568 set_incoming_fault(p);
572 * Reset the lengths. We're ready for a new pdu.
574 p->in_data.pdu_needed_len = 0;
575 p->in_data.pdu_received_len = 0;
578 return (ssize_t)data_len;
581 /****************************************************************************
582 Accepts incoming data on an rpc pipe. Processes the data in pdu sized units.
583 ****************************************************************************/
585 static ssize_t process_incoming_data(pipes_struct *p, char *data, size_t n)
587 size_t data_to_copy = MIN(n, MAX_PDU_FRAG_LEN - p->in_data.pdu_received_len);
589 DEBUG(10,("process_incoming_data: Start: pdu_received_len = %u, pdu_needed_len = %u, incoming data = %u\n",
590 (unsigned int)p->in_data.pdu_received_len, (unsigned int)p->in_data.pdu_needed_len,
593 if(data_to_copy == 0) {
595 * This is an error - data is being received and there is no
596 * space in the PDU. Free the received data and go into the fault state.
598 DEBUG(0,("process_incoming_data: No space in incoming pdu buffer. Current size = %u \
599 incoming data size = %u\n", (unsigned int)p->in_data.pdu_received_len, (unsigned int)n ));
600 set_incoming_fault(p);
605 * If we have no data already, wait until we get at least a RPC_HEADER_LEN
606 * number of bytes before we can do anything.
609 if((p->in_data.pdu_needed_len == 0) && (p->in_data.pdu_received_len < RPC_HEADER_LEN)) {
611 * Always return here. If we have more data then the RPC_HEADER
612 * will be processed the next time around the loop.
614 return fill_rpc_header(p, data, data_to_copy);
618 * At this point we know we have at least an RPC_HEADER_LEN amount of data
619 * stored in current_in_pdu.
623 * If pdu_needed_len is zero this is a new pdu.
624 * Unmarshall the header so we know how much more
625 * data we need, then loop again.
628 if(p->in_data.pdu_needed_len == 0)
629 return unmarshall_rpc_header(p);
632 * Ok - at this point we have a valid RPC_HEADER in p->hdr.
633 * Keep reading until we have a full pdu.
636 data_to_copy = MIN(data_to_copy, p->in_data.pdu_needed_len);
639 * Copy as much of the data as we need into the current_in_pdu buffer.
642 memcpy( (char *)&p->in_data.current_in_pdu[p->in_data.pdu_received_len], data, data_to_copy);
643 p->in_data.pdu_received_len += data_to_copy;
646 * Do we have a complete PDU ?
649 if(p->in_data.pdu_received_len == p->in_data.pdu_needed_len)
650 return process_complete_pdu(p);
652 DEBUG(10,("process_incoming_data: not a complete PDU yet. pdu_received_len = %u, pdu_needed_len = %u\n",
653 (unsigned int)p->in_data.pdu_received_len, (unsigned int)p->in_data.pdu_needed_len ));
655 return (ssize_t)data_to_copy;
659 /****************************************************************************
660 Accepts incoming data on an rpc pipe.
661 ****************************************************************************/
663 ssize_t write_to_pipe(pipes_struct *p, char *data, size_t n)
665 size_t data_left = n;
667 DEBUG(6,("write_to_pipe: %x", p->pnum));
669 DEBUG(6,(" name: %s open: %s len: %d\n",
670 p->name, BOOLSTR(p->open), (int)n));
672 dump_data(50, data, n);
677 DEBUG(10,("write_to_pipe: data_left = %u\n", (unsigned int)data_left ));
680 * Deal with the redirect to the remote RPC daemon.
684 data_used = write(p->m->fd, data, data_left);
686 data_used = process_incoming_data(p, data, data_left);
688 DEBUG(10,("write_to_pipe: data_used = %d\n", (int)data_used ));
693 data_left -= data_used;
700 /****************************************************************************
701 Gets data from a remote TNG daemon. Gets data from the remote daemon into
702 the outgoing prs_struct.
704 NB. Note to Luke : This code will be broken until Luke implements a length
705 field before reply data...
707 ****************************************************************************/
709 static BOOL read_from_remote(pipes_struct *p)
712 uint32 data_len_left;
714 if(prs_offset(&p->out_data.rdata) == 0) {
719 * Read all the reply data as a stream of pre-created
720 * PDU's from the remote deamon into the rdata struct.
724 * Create the response data buffer.
727 if(!pipe_init_outgoing_data(&p->out_data)) {
728 DEBUG(0,("read_from_remote: failed to create outgoing buffer.\n"));
732 /* Read from remote here. */
733 if((len = read_with_timeout(p->m->fd, prs_data_p(&p->out_data.rdata), 1, 65536, 10000)) < 0) {
734 DEBUG(0,("read_from_remote: failed to read from external daemon.\n"));
735 prs_mem_free(&p->out_data.rdata);
739 /* Set the length we got. */
740 prs_set_offset(&p->out_data.rdata, (uint32)len);
744 * The amount we send is the minimum of the available
745 * space and the amount left to send.
748 data_len_left = prs_offset(&p->out_data.rdata) - p->out_data.data_sent_length;
751 * Ensure there really is data left to send.
755 DEBUG(0,("read_from_remote: no data left to send !\n"));
759 data_len = MIN(data_len_left, MAX_PDU_FRAG_LEN);
761 return False; /* Notfinished... */
764 /****************************************************************************
765 Replies to a request to read data from a pipe.
767 Headers are interspersed with the data at PDU intervals. By the time
768 this function is called, the start of the data could possibly have been
769 read by an SMBtrans (file_offset != 0).
771 Calling create_rpc_reply() here is a hack. The data should already
772 have been prepared into arrays of headers + data stream sections.
773 ****************************************************************************/
775 ssize_t read_from_pipe(pipes_struct *p, char *data, size_t n)
777 uint32 pdu_remaining = 0;
778 ssize_t data_returned = 0;
780 if (!p || !p->open) {
781 DEBUG(0,("read_from_pipe: pipe not open\n"));
785 DEBUG(6,("read_from_pipe: %x", p->pnum));
787 DEBUG(6,(" name: %s len: %u\n", p->name, (unsigned int)n));
790 * We cannot return more than one PDU length per
794 if(n > MAX_PDU_FRAG_LEN) {
795 DEBUG(0,("read_from_pipe: loo large read (%u) requested on pipe %s. We can \
796 only service %d sized reads.\n", (unsigned int)n, p->name, MAX_PDU_FRAG_LEN ));
801 * Determine if there is still data to send in the
802 * pipe PDU buffer. Always send this first. Never
803 * send more than is left in the current PDU. The
804 * client should send a new read request for a new
808 if((pdu_remaining = p->out_data.current_pdu_len - p->out_data.current_pdu_sent) > 0) {
809 data_returned = (ssize_t)MIN(n, pdu_remaining);
811 DEBUG(10,("read_from_pipe: %s: current_pdu_len = %u, current_pdu_sent = %u \
812 returning %d bytes.\n", p->name, (unsigned int)p->out_data.current_pdu_len,
813 (unsigned int)p->out_data.current_pdu_sent, (int)data_returned));
815 memcpy( data, &p->out_data.current_pdu[p->out_data.current_pdu_sent], (size_t)data_returned);
816 p->out_data.current_pdu_sent += (uint32)data_returned;
817 return data_returned;
821 * At this point p->current_pdu_len == p->current_pdu_sent (which
822 * may of course be zero if this is the first return fragment.
825 DEBUG(10,("read_from_pipe: %s: fault_state = %d : data_sent_length \
826 = %u, prs_offset(&p->out_data.rdata) = %u.\n",
827 p->name, (int)p->fault_state, (unsigned int)p->out_data.data_sent_length, (unsigned int)prs_offset(&p->out_data.rdata) ));
829 if(p->out_data.data_sent_length >= prs_offset(&p->out_data.rdata)) {
831 * We have sent all possible data. Return 0.
838 * Remote to the RPC daemon.
840 if(!read_from_remote(p)) {
841 DEBUG(0,("read_from_pipe: %s: read_from_remote failed.\n", p->name ));
848 * We need to create a new PDU from the data left in p->rdata.
849 * Create the header/data/footers. This also sets up the fields
850 * p->current_pdu_len, p->current_pdu_sent, p->data_sent_length
851 * and stores the outgoing PDU in p->current_pdu.
854 if(!create_next_pdu(p)) {
855 DEBUG(0,("read_from_pipe: %s: create_next_pdu failed.\n", p->name));
860 data_returned = MIN(n, p->out_data.current_pdu_len);
862 memcpy( data, p->out_data.current_pdu, (size_t)data_returned);
863 p->out_data.current_pdu_sent += (uint32)data_returned;
864 return data_returned;
867 /****************************************************************************
868 Wait device state on a pipe. Exactly what this is for is unknown...
869 ****************************************************************************/
871 BOOL wait_rpc_pipe_hnd_state(pipes_struct *p, uint16 priority)
877 DEBUG(3,("wait_rpc_pipe_hnd_state: Setting pipe wait state priority=%x on pipe (name=%s)\n",
880 p->priority = priority;
885 DEBUG(3,("wait_rpc_pipe_hnd_state: Error setting pipe wait state priority=%x (name=%s)\n",
891 /****************************************************************************
892 Set device state on a pipe. Exactly what this is for is unknown...
893 ****************************************************************************/
895 BOOL set_rpc_pipe_hnd_state(pipes_struct *p, uint16 device_state)
901 DEBUG(3,("set_rpc_pipe_hnd_state: Setting pipe device state=%x on pipe (name=%s)\n",
902 device_state, p->name));
904 p->device_state = device_state;
909 DEBUG(3,("set_rpc_pipe_hnd_state: Error setting pipe device state=%x (name=%s)\n",
910 device_state, p->name));
915 /****************************************************************************
917 ****************************************************************************/
919 BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn)
922 DEBUG(0,("Invalid pipe in close_rpc_pipe_hnd\n"));
926 prs_mem_free(&p->out_data.rdata);
927 prs_mem_free(&p->in_data.data);
929 bitmap_clear(bmap, p->pnum - pipe_handle_offset);
934 DEBUG(4,("close_rpc_pipe_hnd: closing msrpc redirect: "));
935 if (msrpc_use_del(p->m->pipe_name, &p->m->usr, False, NULL))
938 DEBUG(4,("FAILED\n"));
941 DEBUG(4,("closed pipe name %s pnum=%x (pipes_open=%d)\n",
942 p->name, p->pnum, pipes_open));
944 DLIST_REMOVE(Pipes, p);
953 /****************************************************************************
954 Find an rpc pipe given a pipe handle in a buffer and an offset.
955 ****************************************************************************/
957 pipes_struct *get_rpc_pipe_p(char *buf, int where)
959 int pnum = SVAL(buf,where);
964 return get_rpc_pipe(pnum);
967 /****************************************************************************
968 Find an rpc pipe given a pipe handle.
969 ****************************************************************************/
971 pipes_struct *get_rpc_pipe(int pnum)
975 DEBUG(4,("search for pipe pnum=%x\n", pnum));
977 for (p=Pipes;p;p=p->next)
978 DEBUG(5,("pipe name %s pnum=%x (pipes_open=%d)\n",
979 p->name, p->pnum, pipes_open));
981 for (p=Pipes;p;p=p->next) {
982 if (p->pnum == pnum) {