Rename the 'hidden' variable to 'administrative share'.

[ira/wip.git] / source / rpc_server / srv_srvsvc_nt.c

diff --git a/source/rpc_server/srv_srvsvc_nt.c b/source/rpc_server/srv_srvsvc_nt.c
index 1d574d82fb1cf3737527d8d63a50be2a8ddde149..8a25b6cfd5134555ec31d3fe1950e2695c0cdddc 100644 (file)
--- a/source/rpc_server/srv_srvsvc_nt.c
+++ b/source/rpc_server/srv_srvsvc_nt.c
@@ -1,13 +1,14 @@
- /* 
-  *  Unix SMB/CIFS implementation.
+/* 
+ *  Unix SMB/CIFS implementation.
  *  RPC Pipe client / server routines
  *  Copyright (C) Andrew Tridgell              1992-1997,
- *  Copyright (C) Jeremy Allison                                       2001.
- *  Copyright (C) Nigel Williams                                       2001.
+ *  Copyright (C) Jeremy Allison               2001.
+ *  Copyright (C) Nigel Williams               2001.
+ *  Copyright (C) Gerald (Jerry) Carter        2006.
  *  
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 2 of the License, or
+ *  the Free Software Foundation; either version 3 of the License, or
  *  (at your option) any later version.
  *  
  *  This program is distributed in the hope that it will be useful,
@@ -16,303 +17,318 @@
  *  GNU General Public License for more details.
  *  
  *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, write to the Free Software
- *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *  along with this program; if not, see <http://www.gnu.org/licenses/>.
  */
 
 /* This is the implementation of the srvsvc pipe. */
 
 #include "includes.h"
 
-extern struct generic_mapping file_generic_mapping;
+extern const struct generic_mapping file_generic_mapping;
 
 #undef DBGC_CLASS
 #define DBGC_CLASS DBGC_RPC_SRV
 
-#define INVALID_SHARENAME_CHARS "<>*?|"
+/* Use for enumerating connections, pipes, & files */
 
-/********************************************************************
- Check a string for any occurrences of a specified list of invalid 
- characters.
-********************************************************************/
+struct file_enum_count {
+       TALLOC_CTX *ctx;
+       const char *username;
+       int count;
+       FILE_INFO_3 *info;
+};
+
+struct sess_file_count {
+       struct server_id pid;
+       uid_t uid;
+       int count;
+};
+
+/****************************************************************************
+ Count the entries belonging to a service in the connection db.
+****************************************************************************/
 
-static BOOL validate_net_name( const char *name, const char *invalid_chars, int max_len )
+static int pipe_enum_fn( struct db_record *rec, void *p)
 {
-       int i;
+       struct pipe_open_rec prec;
+       struct file_enum_count *fenum = (struct file_enum_count *)p;
+       FILE_INFO_3 *f;
+       int i = fenum->count;
+       char *fullpath = NULL;
+       const char *username;
 
-       for ( i=0; i<max_len && name[i]; i++ ) {
-               /* fail if strchr_m() finds one of the invalid characters */
-               if ( name[i] && strchr_m( invalid_chars, name[i] ) )
-                       return False;
+       if (rec->value.dsize != sizeof(struct pipe_open_rec))
+               return 0;
+
+       memcpy(&prec, rec->value.dptr, sizeof(struct pipe_open_rec));
+
+       if ( !process_exists(prec.pid) ) {
+               return 0;
        }
 
-       return True;
-}
+       username = uidtoname(prec.uid);
 
-/*******************************************************************
- Utility function to get the 'type' of a share from an snum.
- ********************************************************************/
-static uint32 get_share_type(int snum) 
-{
-       char *net_name = lp_servicename(snum);
-       int len_net_name = strlen(net_name);
-       
-       /* work out the share type */
-       uint32 type = STYPE_DISKTREE;
+       if ((fenum->username != NULL)
+           && !strequal(username, fenum->username)) {
+               return 0;
+       }
 
-       if (lp_print_ok(snum))
-               type = STYPE_PRINTQ;
-       if (strequal(lp_fstype(snum), "IPC"))
-               type = STYPE_IPC;
-       if (net_name[len_net_name] == '$')
-               type |= STYPE_HIDDEN;
+       fullpath = talloc_asprintf(fenum->ctx, "\\PIPE\\%s", prec.name );
+       if (!fullpath) {
+               return 1;
+       }
 
-       return type;
-}
-       
-/*******************************************************************
- Fill in a share info level 0 structure.
- ********************************************************************/
+       f = TALLOC_REALLOC_ARRAY( fenum->ctx, fenum->info, FILE_INFO_3, i+1 );
+       if ( !f ) {
+               DEBUG(0,("conn_enum_fn: realloc failed for %d items\n", i+1));
+               return 1;
+       }
+       fenum->info = f;
 
-static void init_srv_share_info_0(pipes_struct *p, SRV_SHARE_INFO_0 *sh0, int snum)
-{
-       pstring net_name;
+       init_srv_file_info3(
+               &fenum->info[i],
+               (uint32)((procid_to_pid(&prec.pid)<<16) & prec.pnum),
+               (FILE_READ_DATA|FILE_WRITE_DATA),
+               0, username, fullpath);
 
-       pstrcpy(net_name, lp_servicename(snum));
+       TALLOC_FREE(fullpath);
+       fenum->count++;
 
-       init_srv_share_info0(&sh0->info_0, net_name);
-       init_srv_share_info0_str(&sh0->info_0_str, net_name);
+       return 0;
 }
 
 /*******************************************************************
- Fill in a share info level 1 structure.
- ********************************************************************/
+********************************************************************/
 
-static void init_srv_share_info_1(pipes_struct *p, SRV_SHARE_INFO_1 *sh1, int snum)
+static WERROR net_enum_pipes( TALLOC_CTX *ctx, const char *username,
+                             FILE_INFO_3 **info, 
+                              uint32 *count, uint32 resume )
 {
-       pstring remark;
+       struct file_enum_count fenum;
+       
+       fenum.ctx = ctx;
+       fenum.username = username;
+       fenum.count = *count;
+       fenum.info = *info;
+
+       if (connections_traverse(pipe_enum_fn, &fenum) == -1) {
+               DEBUG(0,("net_enum_pipes: traverse of connections.tdb "
+                        "failed\n"));
+               return WERR_NOMEM;
+       }
 
-       char *net_name = lp_servicename(snum);
-       pstrcpy(remark, lp_comment(snum));
-       standard_sub_conn(p->conn, remark,sizeof(remark));
+       *info  = fenum.info;
+       *count = fenum.count;
 
-       init_srv_share_info1(&sh1->info_1, net_name, get_share_type(snum), remark);
-       init_srv_share_info1_str(&sh1->info_1_str, net_name, remark);
+       return WERR_OK;
 }
 
 /*******************************************************************
- Fill in a share info level 2 structure.
- ********************************************************************/
+********************************************************************/
 
-static void init_srv_share_info_2(pipes_struct *p, SRV_SHARE_INFO_2 *sh2, int snum)
+static void enum_file_fn( const struct share_mode_entry *e,
+                          const char *sharepath, const char *fname,
+                         void *private_data )
 {
-       pstring remark;
-       pstring path;
-       pstring passwd;
-
-       char *net_name = lp_servicename(snum);
-       pstrcpy(remark, lp_comment(snum));
-       standard_sub_conn(p->conn, remark,sizeof(remark));
-       pstrcpy(path, "C:");
-       pstrcat(path, lp_pathname(snum));
+       struct file_enum_count *fenum =
+               (struct file_enum_count *)private_data;
 
-       /*
-        * Change / to \\ so that win2k will see it as a valid path.  This was added to
-        * enable use of browsing in win2k add share dialog.
-        */ 
+       FILE_INFO_3 *f;
+       int i = fenum->count;
+       files_struct fsp;
+       struct byte_range_lock *brl;
+       int num_locks = 0;
+       char *fullpath = NULL;
+       uint32 permissions;
+       const char *username;
 
-       string_replace(path, '/', '\\');
+       /* If the pid was not found delete the entry from connections.tdb */
 
-       pstrcpy(passwd, "");
+       if ( !process_exists(e->pid) ) {
+               return;
+       }
 
-       init_srv_share_info2(&sh2->info_2, net_name, get_share_type(snum), remark, 0, 0xffffffff, 1, path, passwd);
-       init_srv_share_info2_str(&sh2->info_2_str, net_name, remark, path, passwd);
-}
+       username = uidtoname(e->uid);
 
-/*******************************************************************
- What to do when smb.conf is updated.
- ********************************************************************/
+       if ((fenum->username != NULL)
+           && !strequal(username, fenum->username)) {
+               return;
+       }
 
-static void smb_conf_updated(int msg_type, struct process_id src,
-                            void *buf, size_t len)
-{
-       DEBUG(10,("smb_conf_updated: Got message saying smb.conf was updated. Reloading.\n"));
-       reload_services(False);
-}
+       f = TALLOC_REALLOC_ARRAY( fenum->ctx, fenum->info, FILE_INFO_3, i+1 );
+       if ( !f ) {
+               DEBUG(0,("conn_enum_fn: realloc failed for %d items\n", i+1));
+               return;
+       }
+       fenum->info = f;
 
-/*******************************************************************
- Create the share security tdb.
- ********************************************************************/
+       /* need to count the number of locks on a file */
 
-static TDB_CONTEXT *share_tdb; /* used for share security descriptors */
-#define SHARE_DATABASE_VERSION_V1 1
-#define SHARE_DATABASE_VERSION_V2 2 /* version id in little endian. */
+       ZERO_STRUCT( fsp );
+       fsp.file_id = e->id;
 
-BOOL share_info_db_init(void)
-{
-       static pid_t local_pid;
-       const char *vstring = "INFO/version";
-       int32 vers_id;
- 
-       if (share_tdb && local_pid == sys_getpid())
-               return True;
-       share_tdb = tdb_open_log(lock_path("share_info.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
-       if (!share_tdb) {
-               DEBUG(0,("Failed to open share info database %s (%s)\n",
-                       lock_path("share_info.tdb"), strerror(errno) ));
-               return False;
+       if ( (brl = brl_get_locks(talloc_tos(), &fsp)) != NULL ) {
+               num_locks = brl->num_locks;
+               TALLOC_FREE(brl);
        }
- 
-       local_pid = sys_getpid();
- 
-       /* handle a Samba upgrade */
-       tdb_lock_bystring(share_tdb, vstring, 0);
 
-       /* Cope with byte-reversed older versions of the db. */
-       vers_id = tdb_fetch_int32(share_tdb, vstring);
-       if ((vers_id == SHARE_DATABASE_VERSION_V1) || (IREV(vers_id) == SHARE_DATABASE_VERSION_V1)) {
-               /* Written on a bigendian machine with old fetch_int code. Save as le. */
-               tdb_store_int32(share_tdb, vstring, SHARE_DATABASE_VERSION_V2);
-               vers_id = SHARE_DATABASE_VERSION_V2;
+       if ( strcmp( fname, "." ) == 0 ) {
+               fullpath = talloc_asprintf(fenum->ctx, "C:%s", sharepath );
+       } else {
+               fullpath = talloc_asprintf(fenum->ctx, "C:%s/%s",
+                               sharepath, fname );
        }
-
-       if (vers_id != SHARE_DATABASE_VERSION_V2) {
-               tdb_traverse(share_tdb, tdb_traverse_delete_fn, NULL);
-               tdb_store_int32(share_tdb, vstring, SHARE_DATABASE_VERSION_V2);
+       if (!fullpath) {
+               return;
        }
-       tdb_unlock_bystring(share_tdb, vstring);
+       string_replace( fullpath, '/', '\\' );
 
-       message_register(MSG_SMB_CONF_UPDATED, smb_conf_updated);
- 
-       return True;
+       /* mask out create (what ever that is) */
+       permissions = e->share_access & (FILE_READ_DATA|FILE_WRITE_DATA);
+
+       /* now fill in the FILE_INFO_3 struct */
+       init_srv_file_info3( &fenum->info[i],
+                            e->share_file_id,
+                            permissions,
+                            num_locks,
+                            username,
+                            fullpath );
+
+       TALLOC_FREE(fullpath);
+       fenum->count++;
 }
 
 /*******************************************************************
- Fake up a Everyone, full access as a default.
- ********************************************************************/
+********************************************************************/
 
-static SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, int snum, size_t *psize)
+static WERROR net_enum_files( TALLOC_CTX *ctx, const char *username,
+                             FILE_INFO_3 **info, 
+                              uint32 *count, uint32 resume )
 {
-       SEC_ACCESS sa;
-       SEC_ACE ace;
-       SEC_ACL *psa = NULL;
-       SEC_DESC *psd = NULL;
-       uint32 def_access = GENERIC_ALL_ACCESS;
-
-       se_map_generic(&def_access, &file_generic_mapping);
+       struct file_enum_count f_enum_cnt;
 
-       init_sec_access(&sa, GENERIC_ALL_ACCESS | def_access );
-       init_sec_ace(&ace, &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0);
+       f_enum_cnt.ctx = ctx;
+       f_enum_cnt.username = username;
+       f_enum_cnt.count = *count;
+       f_enum_cnt.info = *info;
+       
+       share_mode_forall( enum_file_fn, (void *)&f_enum_cnt );
+       
+       *info  = f_enum_cnt.info;
+       *count = f_enum_cnt.count;
+       
+       return WERR_OK;
+}
 
-       if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &ace)) != NULL) {
-               psd = make_sec_desc(ctx, SEC_DESC_REVISION, SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL, psa, psize);
-       }
+/*******************************************************************
+ Utility function to get the 'type' of a share from an snum.
+ ********************************************************************/
+static uint32 get_share_type(int snum)
+{
+       /* work out the share type */
+       uint32 type = STYPE_DISKTREE;
 
-       if (!psd) {
-               DEBUG(0,("get_share_security: Failed to make SEC_DESC.\n"));
-               return NULL;
-       }
+       if (lp_print_ok(snum))
+               type = STYPE_PRINTQ;
+       if (strequal(lp_fstype(snum), "IPC"))
+               type = STYPE_IPC;
+       if (lp_administrative_share(snum))
+               type |= STYPE_HIDDEN;
 
-       return psd;
+       return type;
 }
 
 /*******************************************************************
- Pull a security descriptor from the share tdb.
+ Fill in a share info level 0 structure.
  ********************************************************************/
 
-static SEC_DESC *get_share_security( TALLOC_CTX *ctx, int snum, size_t *psize)
+static void init_srv_share_info_0(pipes_struct *p, SRV_SHARE_INFO_0 *sh0, int snum)
 {
-       prs_struct ps;
-       fstring key;
-       SEC_DESC *psd = NULL;
-
-       *psize = 0;
-
-       /* Fetch security descriptor from tdb */
- 
-       slprintf(key, sizeof(key)-1, "SECDESC/%s", lp_servicename(snum));
- 
-       if (tdb_prs_fetch(share_tdb, key, &ps, ctx)!=0 ||
-               !sec_io_desc("get_share_security", &psd, &ps, 1)) {
- 
-               DEBUG(4,("get_share_security: using default secdesc for %s\n", lp_servicename(snum) ));
- 
-               return get_share_security_default(ctx, snum, psize);
-       }
-
-       if (psd)
-               *psize = sec_desc_size(psd);
+       const char *net_name = lp_servicename(snum);
 
-       prs_mem_free(&ps);
-       return psd;
+       init_srv_share_info0(&sh0->info_0, net_name);
+       init_srv_share_info0_str(&sh0->info_0_str, net_name);
 }
 
 /*******************************************************************
- Store a security descriptor in the share db.
+ Fill in a share info level 1 structure.
  ********************************************************************/
 
-static BOOL set_share_security(TALLOC_CTX *ctx, const char *share_name, SEC_DESC *psd)
+static void init_srv_share_info_1(pipes_struct *p, SRV_SHARE_INFO_1 *sh1, int snum)
 {
-       prs_struct ps;
-       TALLOC_CTX *mem_ctx = NULL;
-       fstring key;
-       BOOL ret = False;
-
-       mem_ctx = talloc_init("set_share_security");
-       if (mem_ctx == NULL)
-               return False;
+       char *net_name = lp_servicename(snum);
+       char *remark = talloc_strdup(p->mem_ctx, lp_comment(snum));
 
-       prs_init(&ps, (uint32)sec_desc_size(psd), mem_ctx, MARSHALL);
- 
-       if (!sec_io_desc("share_security", &psd, &ps, 1))
-               goto out;
- 
-       slprintf(key, sizeof(key)-1, "SECDESC/%s", share_name);
- 
-       if (tdb_prs_store(share_tdb, key, &ps)==0) {
-               ret = True;
-               DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name ));
-       } else {
-               DEBUG(1,("set_share_security: Failed to store secdesc for %s\n", share_name ));
-       } 
+       if (remark) {
+               remark = standard_sub_conn(p->mem_ctx,
+                               p->conn,
+                               remark);
+       }
 
-       /* Free malloc'ed memory */
- 
-out:
- 
-       prs_mem_free(&ps);
-       if (mem_ctx)
-               talloc_destroy(mem_ctx);
-       return ret;
+       init_srv_share_info1(&sh1->info_1,
+                       net_name,
+                       get_share_type(snum),
+                       remark ? remark: "");
+       init_srv_share_info1_str(&sh1->info_1_str,
+                       net_name,
+                       remark ? remark: "");
 }
 
 /*******************************************************************
- Delete a security descriptor.
-********************************************************************/
+ Fill in a share info level 2 structure.
+ ********************************************************************/
 
-static BOOL delete_share_security(int snum)
+static void init_srv_share_info_2(pipes_struct *p, SRV_SHARE_INFO_2 *sh2, int snum)
 {
-       TDB_DATA kbuf;
-       fstring key;
-
-       slprintf(key, sizeof(key)-1, "SECDESC/%s", lp_servicename(snum));
-       kbuf.dptr = key;
-       kbuf.dsize = strlen(key)+1;
-
-       if (tdb_delete(share_tdb, kbuf) != 0) {
-               DEBUG(0,("delete_share_security: Failed to delete entry for share %s\n",
-                               lp_servicename(snum) ));
-               return False;
-       }
+       char *remark = NULL;
+       char *path = NULL;
+       int max_connections = lp_max_connections(snum);
+       uint32 max_uses = max_connections!=0 ? max_connections : 0xffffffff;
+       int count = 0;
+       char *net_name = lp_servicename(snum);
 
-       return True;
+       remark = talloc_strdup(p->mem_ctx, lp_comment(snum));
+       if (remark) {
+               remark = standard_sub_conn(p->mem_ctx,
+                               p->conn,
+                               remark);
+       }
+       path = talloc_asprintf(p->mem_ctx,
+                       "C:%s", lp_pathname(snum));
+
+       if (path) {
+               /*
+                * Change / to \\ so that win2k will see it as a valid path.
+                * This was added to enable use of browsing in win2k add
+                * share dialog.
+                */
+
+               string_replace(path, '/', '\\');
+       }
+
+       count = count_current_connections(net_name, false);
+       init_srv_share_info2(&sh2->info_2,
+                               net_name,
+                               get_share_type(snum),
+                               remark ? remark : "",
+                               0,
+                               max_uses,
+                               count,
+                               path ? path : "",
+                               "");
+
+       init_srv_share_info2_str(&sh2->info_2_str,
+                               net_name,
+                               remark ? remark : "",
+                               path ? path : "",
+                               "");
 }
 
 /*******************************************************************
  Map any generic bits to file specific bits.
 ********************************************************************/
 
-void map_generic_share_sd_bits(SEC_DESC *psd)
+static void map_generic_share_sd_bits(SEC_DESC *psd)
 {
        int i;
        SEC_ACL *ps_dacl = NULL;
@@ -325,49 +341,12 @@ void map_generic_share_sd_bits(SEC_DESC *psd)
                return;
 
        for (i = 0; i < ps_dacl->num_aces; i++) {
-               SEC_ACE *psa = &ps_dacl->ace[i];
-               uint32 orig_mask = psa->info.mask;
-
-               se_map_generic(&psa->info.mask, &file_generic_mapping);
-               psa->info.mask |= orig_mask;
-       }       
-}
-
-/*******************************************************************
- Can this user access with share with the required permissions ?
-********************************************************************/
-
-BOOL share_access_check(connection_struct *conn, int snum, user_struct *vuser, uint32 desired_access)
-{
-       uint32 granted;
-       NTSTATUS status;
-       TALLOC_CTX *mem_ctx = NULL;
-       SEC_DESC *psd = NULL;
-       size_t sd_size;
-       NT_USER_TOKEN *token = NULL;
-       BOOL ret = True;
-
-       mem_ctx = talloc_init("share_access_check");
-       if (mem_ctx == NULL)
-               return False;
-
-       psd = get_share_security(mem_ctx, snum, &sd_size);
-
-       if (!psd)
-               goto out;
+               SEC_ACE *psa = &ps_dacl->aces[i];
+               uint32 orig_mask = psa->access_mask;
 
-       if (conn->nt_user_token)
-               token = conn->nt_user_token;
-       else 
-               token = vuser->nt_user_token;
-
-       ret = se_access_check(psd, token, desired_access, &granted, &status);
-
-out:
-
-       talloc_destroy(mem_ctx);
-
-       return ret;
+               se_map_generic(&psa->access_mask, &file_generic_mapping);
+               psa->access_mask |= orig_mask;
+       }
 }
 
 /*******************************************************************
@@ -376,14 +355,17 @@ out:
 
 static void init_srv_share_info_501(pipes_struct *p, SRV_SHARE_INFO_501 *sh501, int snum)
 {
-       pstring remark;
-
        const char *net_name = lp_servicename(snum);
-       pstrcpy(remark, lp_comment(snum));
-       standard_sub_conn(p->conn, remark, sizeof(remark));
+       char *remark = talloc_strdup(p->mem_ctx, lp_comment(snum));
+
+       if (remark) {
+               remark = standard_sub_conn(p->mem_ctx, p->conn, remark);
+       }
 
-       init_srv_share_info501(&sh501->info_501, net_name, get_share_type(snum), remark, (lp_csc_policy(snum) << 4));
-       init_srv_share_info501_str(&sh501->info_501_str, net_name, remark);
+       init_srv_share_info501(&sh501->info_501, net_name, get_share_type(snum),
+                       remark ? remark : "", (lp_csc_policy(snum) << 4));
+       init_srv_share_info501_str(&sh501->info_501_str,
+                       net_name, remark ? remark : "");
 }
 
 /*******************************************************************
@@ -392,36 +374,47 @@ static void init_srv_share_info_501(pipes_struct *p, SRV_SHARE_INFO_501 *sh501,
 
 static void init_srv_share_info_502(pipes_struct *p, SRV_SHARE_INFO_502 *sh502, int snum)
 {
-       pstring net_name;
-       pstring remark;
-       pstring path;
-       pstring passwd;
-       SEC_DESC *sd;
-       size_t sd_size;
+       const char *net_name = lp_servicename(snum);
+       char *path = NULL;
+       SEC_DESC *sd = NULL;
+       size_t sd_size = 0;
        TALLOC_CTX *ctx = p->mem_ctx;
-
+       char *remark = talloc_strdup(ctx, lp_comment(snum));;
 
        ZERO_STRUCTP(sh502);
 
-       pstrcpy(net_name, lp_servicename(snum));
-       pstrcpy(remark, lp_comment(snum));
-       standard_sub_conn(p->conn, remark,sizeof(remark));
-       pstrcpy(path, "C:");
-       pstrcat(path, lp_pathname(snum));
-
-       /*
-        * Change / to \\ so that win2k will see it as a valid path.  This was added to
-        * enable use of browsing in win2k add share dialog.
-        */ 
-
-       string_replace(path, '/', '\\');
-
-       pstrcpy(passwd, "");
-
-       sd = get_share_security(ctx, snum, &sd_size);
-
-       init_srv_share_info502(&sh502->info_502, net_name, get_share_type(snum), remark, 0, 0xffffffff, 1, path, passwd, sd, sd_size);
-       init_srv_share_info502_str(&sh502->info_502_str, net_name, remark, path, passwd, sd, sd_size);
+       if (remark) {
+               remark = standard_sub_conn(ctx, p->conn, remark);
+       }
+       path = talloc_asprintf(ctx, "C:%s", lp_pathname(snum));
+       if (path) {
+               /*
+                * Change / to \\ so that win2k will see it as a valid path.  This was added to
+                * enable use of browsing in win2k add share dialog.
+                */
+               string_replace(path, '/', '\\');
+       }
+
+       sd = get_share_security(ctx, lp_servicename(snum), &sd_size);
+
+       init_srv_share_info502(&sh502->info_502,
+                       net_name,
+                       get_share_type(snum),
+                       remark ? remark : "",
+                       0,
+                       0xffffffff,
+                       1,
+                       path ? path : "",
+                       "",
+                       sd,
+                       sd_size);
+       init_srv_share_info502_str(&sh502->info_502_str,
+                       net_name,
+                       remark ? remark : "",
+                       path ? path : "",
+                       "",
+                       sd,
+                       sd_size);
 }
 
 /***************************************************************************
@@ -430,15 +423,17 @@ static void init_srv_share_info_502(pipes_struct *p, SRV_SHARE_INFO_502 *sh502,
 
 static void init_srv_share_info_1004(pipes_struct *p, SRV_SHARE_INFO_1004* sh1004, int snum)
 {
-        pstring remark;
+       char *remark = talloc_strdup(p->mem_ctx, lp_comment(snum));
 
-       pstrcpy(remark, lp_comment(snum));
-       standard_sub_conn(p->conn, remark, sizeof(remark));
+       if (remark) {
+               remark = standard_sub_conn(p->mem_ctx, p->conn, remark);
+       }
 
        ZERO_STRUCTP(sh1004);
-  
-       init_srv_share_info1004(&sh1004->info_1004, remark);
-       init_srv_share_info1004_str(&sh1004->info_1004_str, remark);
+
+       init_srv_share_info1004(&sh1004->info_1004, remark ? remark : "");
+       init_srv_share_info1004_str(&sh1004->info_1004_str,
+                       remark ? remark : "");
 }
 
 /***************************************************************************
@@ -450,9 +445,9 @@ static void init_srv_share_info_1005(pipes_struct *p, SRV_SHARE_INFO_1005* sh100
        sh1005->share_info_flags = 0;
 
        if(lp_host_msdfs() && lp_msdfs_root(snum))
-               sh1005->share_info_flags |= 
+               sh1005->share_info_flags |=
                        SHARE_1005_IN_DFS | SHARE_1005_DFS_ROOT;
-       sh1005->share_info_flags |= 
+       sh1005->share_info_flags |=
                lp_csc_policy(snum) << SHARE_1005_CSC_POLICY_SHIFT;
 }
 /***************************************************************************
@@ -470,13 +465,12 @@ static void init_srv_share_info_1006(pipes_struct *p, SRV_SHARE_INFO_1006* sh100
 
 static void init_srv_share_info_1007(pipes_struct *p, SRV_SHARE_INFO_1007* sh1007, int snum)
 {
-        pstring alternate_directory_name = "";
        uint32 flags = 0;
 
        ZERO_STRUCTP(sh1007);
-  
-       init_srv_share_info1007(&sh1007->info_1007, flags, alternate_directory_name);
-       init_srv_share_info1007_str(&sh1007->info_1007_str, alternate_directory_name);
+
+       init_srv_share_info1007(&sh1007->info_1007, flags, "");
+       init_srv_share_info1007_str(&sh1007->info_1007_str, "");
 }
 
 /*******************************************************************
@@ -491,7 +485,7 @@ static void init_srv_share_info_1501(pipes_struct *p, SRV_SHARE_INFO_1501 *sh150
 
        ZERO_STRUCTP(sh1501);
 
-       sd = get_share_security(ctx, snum, &sd_size);
+       sd = get_share_security(ctx, lp_servicename(snum), &sd_size);
 
        sh1501->sdb = make_sec_desc_buf(p->mem_ctx, sd_size, sd);
 }
@@ -500,7 +494,7 @@ static void init_srv_share_info_1501(pipes_struct *p, SRV_SHARE_INFO_1501 *sh150
  True if it ends in '$'.
  ********************************************************************/
 
-static BOOL is_hidden_share(int snum)
+static bool is_hidden_share(int snum)
 {
        const char *net_name = lp_servicename(snum);
 
@@ -511,11 +505,11 @@ static BOOL is_hidden_share(int snum)
  Fill in a share info structure.
  ********************************************************************/
 
-static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr,
-              uint32 info_level, uint32 *resume_hnd, uint32 *total_entries, BOOL all_shares)
+static bool init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr,
+              uint32 info_level, uint32 *resume_hnd, uint32 *total_entries, bool all_shares)
 {
        int num_entries = 0;
-       int num_services = lp_numservices();
+       int num_services = 0;
        int snum;
        TALLOC_CTX *ctx = p->mem_ctx;
 
@@ -526,6 +520,12 @@ static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr,
        ctr->info_level = ctr->switch_value = info_level;
        *resume_hnd = 0;
 
+       /* Ensure all the usershares are loaded. */
+       become_root();
+       num_services = load_usershare_shares();
+       load_registry_shares();
+       unbecome_root();
+
        /* Count the number of entries. */
        for (snum = 0; snum < num_services; snum++) {
                if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) )
@@ -745,7 +745,7 @@ static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr,
 ********************************************************************/
 
 static void init_srv_r_net_share_enum(pipes_struct *p, SRV_R_NET_SHARE_ENUM *r_n,
-                                     uint32 info_level, uint32 resume_hnd, BOOL all)  
+                                     uint32 info_level, uint32 resume_hnd, bool all)  
 {
        DEBUG(5,("init_srv_r_net_share_enum: %d\n", __LINE__));
 
@@ -824,29 +824,20 @@ static void init_srv_r_net_share_get_info(pipes_struct *p, SRV_R_NET_SHARE_GET_I
        r_n->status = status;
 }
 
-/*******************************************************************
- fill in a sess info level 1 structure.
- ********************************************************************/
-
-static void init_srv_sess_0_info(SESS_INFO_0 *se0, SESS_INFO_0_STR *str0, char *name)
-{
-       init_srv_sess_info0(se0, name);
-       init_srv_sess_info0_str(str0, name);
-}
-
 /*******************************************************************
  fill in a sess info level 0 structure.
  ********************************************************************/
 
-static void init_srv_sess_info_0(SRV_SESS_INFO_0 *ss0, uint32 *snum, uint32 *stot)
+static void init_srv_sess_info_0(pipes_struct *p, SRV_SESS_INFO_0 *ss0, uint32 *snum, uint32 *stot)
 {
        struct sessionid *session_list;
        uint32 num_entries = 0;
-       (*stot) = list_sessions(&session_list);
+       (*stot) = list_sessions(p->mem_ctx, &session_list);
 
        if (ss0 == NULL) {
-               (*snum) = 0;
-               SAFE_FREE(session_list);
+               if (snum) {
+                       (*snum) = 0;
+               }
                return;
        }
 
@@ -854,11 +845,7 @@ static void init_srv_sess_info_0(SRV_SESS_INFO_0 *ss0, uint32 *snum, uint32 *sto
 
        if (snum) {
                for (; (*snum) < (*stot) && num_entries < MAX_SESS_ENTRIES; (*snum)++) {
-                       init_srv_sess_0_info(&ss0->info_0[num_entries],
-                                                                &ss0->info_0_str[num_entries], session_list[(*snum)].remote_machine);
-
-                       /* move on to creating next session */
-                       /* move on to creating next sess */
+                       init_srv_sess_info0( &ss0->info_0[num_entries], session_list[(*snum)].remote_machine);
                        num_entries++;
                }
 
@@ -875,76 +862,109 @@ static void init_srv_sess_info_0(SRV_SESS_INFO_0 *ss0, uint32 *snum, uint32 *sto
                ss0->ptr_sess_info = 0;
                ss0->num_entries_read2 = 0;
        }
-       SAFE_FREE(session_list);
 }
 
 /*******************************************************************
- fill in a sess info level 1 structure.
- ********************************************************************/
+********************************************************************/
+
+static void sess_file_fn( const struct share_mode_entry *e, 
+                          const char *sharepath, const char *fname,
+                         void *data )
+{
+       struct sess_file_count *sess = (struct sess_file_count *)data;
+ 
+       if ( procid_equal(&e->pid, &sess->pid) && (sess->uid == e->uid) ) {
+               sess->count++;
+       }
+       
+       return;
+}
 
-static void init_srv_sess_1_info(SESS_INFO_1 *se1, SESS_INFO_1_STR *str1,
-                               char *name, char *user,
-                               uint32 num_opens,
-                               uint32 open_time, uint32 idle_time,
-                               uint32 usr_flgs)
+/*******************************************************************
+********************************************************************/
+
+static int net_count_files( uid_t uid, struct server_id pid )
 {
-       init_srv_sess_info1(se1 , name, user, num_opens, open_time, idle_time, usr_flgs);
-       init_srv_sess_info1_str(str1, name, user);
+       struct sess_file_count s_file_cnt;
+
+       s_file_cnt.count = 0;
+       s_file_cnt.uid = uid;
+       s_file_cnt.pid = pid;
+       
+       share_mode_forall( sess_file_fn, &s_file_cnt );
+       
+       return s_file_cnt.count;
 }
 
 /*******************************************************************
  fill in a sess info level 1 structure.
  ********************************************************************/
 
-static void init_srv_sess_info_1(SRV_SESS_INFO_1 *ss1, uint32 *snum, uint32 *stot)
+static void init_srv_sess_info_1(pipes_struct *p, SRV_SESS_INFO_1 *ss1, uint32 *snum, uint32 *stot)
 {
        struct sessionid *session_list;
        uint32 num_entries = 0;
-       (*stot) = list_sessions(&session_list);
+       time_t now = time(NULL);
+
+       if ( !snum ) {
+               ss1->num_entries_read = 0;
+               ss1->ptr_sess_info = 0;
+               ss1->num_entries_read2 = 0;
+               
+               (*stot) = 0;
 
+               return;
+       }
+       
        if (ss1 == NULL) {
                (*snum) = 0;
-               SAFE_FREE(session_list);
                return;
        }
 
-       DEBUG(5,("init_srv_sess_1_ss1\n"));
-
-       if (snum) {
-               for (; (*snum) < (*stot) && num_entries < MAX_SESS_ENTRIES; (*snum)++) {
-                       init_srv_sess_1_info(&ss1->info_1[num_entries],
-                                            &ss1->info_1_str[num_entries],
-                                           session_list[*snum].remote_machine,
-                                            session_list[*snum].username,
-                                            1, 10, 5, 0);
-
-                       /* move on to creating next session */
-                       /* move on to creating next sess */
-                       num_entries++;
-               }
+       (*stot) = list_sessions(p->mem_ctx, &session_list);
+       
 
-               ss1->num_entries_read  = num_entries;
-               ss1->ptr_sess_info     = num_entries > 0 ? 1 : 0;
-               ss1->num_entries_read2 = num_entries;
-               
-               if ((*snum) >= (*stot)) {
-                       (*snum) = 0;
+       for (; (*snum) < (*stot) && num_entries < MAX_SESS_ENTRIES; (*snum)++) {
+               uint32 num_files;
+               uint32 connect_time;
+               struct passwd *pw = sys_getpwnam(session_list[*snum].username);
+               bool guest;
+                       
+               if ( !pw ) {
+                       DEBUG(10,("init_srv_sess_info_1: failed to find owner: %s\n",
+                               session_list[*snum].username));
+                       continue;
                }
-
-       } else {
-               ss1->num_entries_read = 0;
-               ss1->ptr_sess_info = 0;
-               ss1->num_entries_read2 = 0;
-               
-               (*stot) = 0;
+                               
+               connect_time = (uint32)(now - session_list[*snum].connect_start);
+               num_files = net_count_files(pw->pw_uid, session_list[*snum].pid);
+               guest = strequal( session_list[*snum].username, lp_guestaccount() );
+                                       
+               init_srv_sess_info1( &ss1->info_1[num_entries], 
+                                    session_list[*snum].remote_machine,
+                                    session_list[*snum].username, 
+                                    num_files,
+                                    connect_time,
+                                    0, 
+                                    guest);
+               num_entries++;
+       }
+
+       ss1->num_entries_read  = num_entries;
+       ss1->ptr_sess_info     = num_entries > 0 ? 1 : 0;
+       ss1->num_entries_read2 = num_entries;
+       
+       if ((*snum) >= (*stot)) {
+               (*snum) = 0;
        }
+
 }
 
 /*******************************************************************
  makes a SRV_R_NET_SESS_ENUM structure.
 ********************************************************************/
 
-static WERROR init_srv_sess_info_ctr(SRV_SESS_INFO_CTR *ctr,
+static WERROR init_srv_sess_info_ctr(pipes_struct *p, SRV_SESS_INFO_CTR *ctr,
                                int switch_value, uint32 *resume_hnd, uint32 *total_entries)
 {
        WERROR status = WERR_OK;
@@ -954,11 +974,11 @@ static WERROR init_srv_sess_info_ctr(SRV_SESS_INFO_CTR *ctr,
 
        switch (switch_value) {
        case 0:
-               init_srv_sess_info_0(&(ctr->sess.info0), resume_hnd, total_entries);
+               init_srv_sess_info_0(p, &(ctr->sess.info0), resume_hnd, total_entries);
                ctr->ptr_sess_ctr = 1;
                break;
        case 1:
-               init_srv_sess_info_1(&(ctr->sess.info1), resume_hnd, total_entries);
+               init_srv_sess_info_1(p, &(ctr->sess.info1), resume_hnd, total_entries);
                ctr->ptr_sess_ctr = 1;
                break;
        default:
@@ -977,7 +997,7 @@ static WERROR init_srv_sess_info_ctr(SRV_SESS_INFO_CTR *ctr,
  makes a SRV_R_NET_SESS_ENUM structure.
 ********************************************************************/
 
-static void init_srv_r_net_sess_enum(SRV_R_NET_SESS_ENUM *r_n,
+static void init_srv_r_net_sess_enum(pipes_struct *p, SRV_R_NET_SESS_ENUM *r_n,
                                uint32 resume_hnd, int sess_level, int switch_value)  
 {
        DEBUG(5,("init_srv_r_net_sess_enum: %d\n", __LINE__));
@@ -987,7 +1007,7 @@ static void init_srv_r_net_sess_enum(SRV_R_NET_SESS_ENUM *r_n,
        if (sess_level == -1)
                r_n->status = WERR_UNKNOWN_LEVEL;
        else
-               r_n->status = init_srv_sess_info_ctr(r_n->ctr, switch_value, &resume_hnd, &r_n->total_entries);
+               r_n->status = init_srv_sess_info_ctr(p, r_n->ctr, switch_value, &resume_hnd, &r_n->total_entries);
 
        if (!W_ERROR_IS_OK(r_n->status))
                resume_hnd = 0;
@@ -1154,66 +1174,67 @@ static void init_srv_r_net_conn_enum(SRV_R_NET_CONN_ENUM *r_n,
  makes a SRV_R_NET_FILE_ENUM structure.
 ********************************************************************/
 
-static WERROR init_srv_file_info_ctr(pipes_struct *p, SRV_FILE_INFO_CTR *ctr,
-                                    int switch_value, uint32 *resume_hnd, 
-                                    uint32 *total_entries)  
+static WERROR net_file_enum_3( const char *username, SRV_R_NET_FILE_ENUM *r,
+                              uint32 resume_hnd )
 {
-       WERROR status = WERR_OK;
-       TALLOC_CTX *ctx = p->mem_ctx;
-       DEBUG(5,("init_srv_file_info_ctr: %d\n", __LINE__));
-       *total_entries = 1; /* dummy entries only, for */
+       TALLOC_CTX *ctx = talloc_tos();
+       SRV_FILE_INFO_CTR *ctr = &r->ctr;
 
-       ctr->switch_value = switch_value;
-       ctr->num_entries = *total_entries - *resume_hnd;
+       /* TODO -- Windows enumerates 
+          (b) active pipes
+          (c) open directories and files */
+
+       r->status = net_enum_files( ctx, username, &ctr->file.info3,
+                                   &ctr->num_entries, resume_hnd );
+       if ( !W_ERROR_IS_OK(r->status))
+               goto done;
+               
+       r->status = net_enum_pipes( ctx, username, &ctr->file.info3,
+                                   &ctr->num_entries, resume_hnd );
+       if ( !W_ERROR_IS_OK(r->status))
+               goto done;
+       
+       r->level = ctr->level = 3;
+       r->total_entries = ctr->num_entries;
+       /* ctr->num_entries = r->total_entries - resume_hnd; */
        ctr->num_entries2 = ctr->num_entries;
+       ctr->ptr_file_info = 1;
 
-       switch (switch_value) {
-       case 3: {
-               int i;
-               if (*total_entries > 0) {
-                       ctr->ptr_entries = 1;
-                       ctr->file.info3 = TALLOC_ARRAY(ctx, SRV_FILE_INFO_3, ctr->num_entries);
-               }
-               for (i=0 ;i<ctr->num_entries;i++) {
-                       init_srv_file_info3(&ctr->file.info3[i].info_3, i+*resume_hnd, 0x35, 0, "\\PIPE\\samr", "dummy user");
-                       init_srv_file_info3_str(&ctr->file.info3[i].info_3_str,  "\\PIPE\\samr", "dummy user");
-                       
-               }
-               ctr->ptr_file_info = 1;
-               *resume_hnd = 0;
-               break;
-       }
-       default:
-               DEBUG(5,("init_srv_file_info_ctr: unsupported switch value %d\n", switch_value));
-               (*resume_hnd = 0);
-               (*total_entries) = 0;
-               ctr->ptr_entries = 0;
-               status = WERR_UNKNOWN_LEVEL;
-               break;
-       }
+       r->status = WERR_OK;
 
-       return status;
-}
+done:
+       if ( ctr->num_entries > 0 ) 
+               ctr->ptr_entries = 1;
 
-/*******************************************************************
- makes a SRV_R_NET_FILE_ENUM structure.
-********************************************************************/
+       init_enum_hnd(&r->enum_hnd, 0);
 
-static void init_srv_r_net_file_enum(pipes_struct *p, SRV_R_NET_FILE_ENUM *r_n,
-                               uint32 resume_hnd, int file_level, int switch_value)  
-{
-       DEBUG(5,("init_srv_r_net_file_enum: %d\n", __LINE__));
+       return r->status;
+}
 
-       r_n->file_level  = file_level;
-       if (file_level == 0)
-               r_n->status = WERR_UNKNOWN_LEVEL;
-       else
-               r_n->status = init_srv_file_info_ctr(p, &r_n->ctr, switch_value, &resume_hnd, &(r_n->total_entries));
+/*******************************************************************
+*******************************************************************/
 
-       if (!W_ERROR_IS_OK(r_n->status))
-               resume_hnd = 0;
+WERROR _srv_net_file_enum(pipes_struct *p, SRV_Q_NET_FILE_ENUM *q_u, SRV_R_NET_FILE_ENUM *r_u)
+{
+       const char *username = NULL;
+
+       switch ( q_u->level ) {
+       case 3:
+               if (q_u->username) {
+                       username = rpcstr_pull_unistr2_talloc(
+                               p->mem_ctx, q_u->username);
+                       if (!username) {
+                               return WERR_NOMEM;
+                       }
+               }
 
-       init_enum_hnd(&r_n->enum_hnd, resume_hnd);
+               return net_file_enum_3(username, r_u,
+                                      get_enum_hnd(&q_u->enum_hnd));
+       default:
+               return WERR_UNKNOWN_LEVEL;
+       }
+       
+       return WERR_OK;
 }
 
 /*******************************************************************
@@ -1299,25 +1320,6 @@ WERROR _srv_net_srv_set_info(pipes_struct *p, SRV_Q_NET_SRV_SET_INFO *q_u, SRV_R
        return r_u->status;
 }
 
-/*******************************************************************
-net file enum
-********************************************************************/
-
-WERROR _srv_net_file_enum(pipes_struct *p, SRV_Q_NET_FILE_ENUM *q_u, SRV_R_NET_FILE_ENUM *r_u)
-{
-       DEBUG(5,("srv_net_file_enum: %d\n", __LINE__));
-
-       /* set up the */
-       init_srv_r_net_file_enum(p, r_u,
-                               get_enum_hnd(&q_u->enum_hnd),
-                               q_u->file_level,
-                               q_u->ctr.switch_value);
-
-       DEBUG(5,("srv_net_file_enum: %d\n", __LINE__));
-
-       return r_u->status;
-}
-
 /*******************************************************************
 net conn enum
 ********************************************************************/
@@ -1358,7 +1360,7 @@ WERROR _srv_net_sess_enum(pipes_struct *p, SRV_Q_NET_SESS_ENUM *q_u, SRV_R_NET_S
        ZERO_STRUCTP(r_u->ctr);
 
        /* set up the */
-       init_srv_r_net_sess_enum(r_u,
+       init_srv_r_net_sess_enum(p, r_u,
                                get_enum_hnd(&q_u->enum_hnd),
                                q_u->sess_level,
                                q_u->ctr->switch_value);
@@ -1379,7 +1381,7 @@ WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SES
        int num_sessions, snum;
        fstring username;
        fstring machine;
-       BOOL not_root = False;
+       bool not_root = False;
 
        rpcstr_pull_unistr2_fstring(username, &q_u->uni_user_name);
        rpcstr_pull_unistr2_fstring(machine, &q_u->uni_cli_name);
@@ -1389,7 +1391,7 @@ WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SES
                memmove(machine, &machine[1], strlen(machine));
        }
 
-       num_sessions = list_sessions(&session_list);
+       num_sessions = list_sessions(p->mem_ctx, &session_list);
 
        DEBUG(5,("_srv_net_sess_del: %d\n", __LINE__));
 
@@ -1399,7 +1401,7 @@ WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SES
 
        /* fail out now if you are not root or not a domain admin */
 
-       if ((user.uid != sec_initial_uid()) && 
+       if ((user.ut.uid != sec_initial_uid()) && 
                ( ! nt_token_check_domain_rid(p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS))) {
 
                goto done;
@@ -1409,13 +1411,19 @@ WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SES
 
                if ((strequal(session_list[snum].username, username) || username[0] == '\0' ) &&
                    strequal(session_list[snum].remote_machine, machine)) {
+
+                       NTSTATUS ntstat;
                
-                       if (user.uid != sec_initial_uid()) {
+                       if (user.ut.uid != sec_initial_uid()) {
                                not_root = True;
                                become_root();
                        }
 
-                       if (message_send_pid(pid_to_procid(session_list[snum].pid), MSG_SHUTDOWN, NULL, 0, False))
+                       ntstat = messaging_send(smbd_messaging_context(),
+                                               session_list[snum].pid,
+                                               MSG_SHUTDOWN, &data_blob_null);
+                       
+                       if (NT_STATUS_IS_OK(ntstat))
                                r_u->status = WERR_OK;
 
                        if (not_root) 
@@ -1427,7 +1435,6 @@ WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SES
 
 
 done:
-       SAFE_FREE(session_list);
 
        return r_u->status;
 }
@@ -1501,17 +1508,27 @@ WERROR _srv_net_share_get_info(pipes_struct *p, SRV_Q_NET_SHARE_GET_INFO *q_u, S
  Check a given DOS pathname is valid for a share.
 ********************************************************************/
 
-char *valid_share_pathname(char *dos_pathname)
+char *valid_share_pathname(TALLOC_CTX *ctx, const char *dos_pathname)
 {
-       char *ptr;
+       char *ptr = NULL;
 
+       if (!dos_pathname) {
+               return NULL;
+       }
+
+       ptr = talloc_strdup(ctx, dos_pathname);
+       if (!ptr) {
+               return NULL;
+       }
        /* Convert any '\' paths to '/' */
-       unix_format(dos_pathname);
-       unix_clean_name(dos_pathname);
+       unix_format(ptr);
+       ptr = unix_clean_name(ctx, ptr);
+       if (!ptr) {
+               return NULL;
+       }
 
        /* NT is braindead - it wants a C: prefix to a pathname ! So strip it. */
-       ptr = dos_pathname;
-       if (strlen(dos_pathname) > 2 && ptr[1] == ':' && ptr[0] != '/')
+       if (strlen(ptr) > 2 && ptr[1] == ':' && ptr[0] != '/')
                ptr += 2;
 
        /* Only absolute paths allowed. */
@@ -1528,25 +1545,30 @@ char *valid_share_pathname(char *dos_pathname)
 WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, SRV_R_NET_SHARE_SET_INFO *r_u)
 {
        struct current_user user;
-       pstring command;
-       fstring share_name;
-       fstring comment;
-       pstring pathname;
+       char *command = NULL;
+       char *share_name = NULL;
+       char *comment = NULL;
+       char *pathname = NULL;
        int type;
        int snum;
        int ret;
-       char *path;
+       char *path = NULL;
        SEC_DESC *psd = NULL;
        SE_PRIV se_diskop = SE_DISK_OPERATOR;
-       BOOL is_disk_op = False;
+       bool is_disk_op = False;
+       int max_connections = 0;
+       TALLOC_CTX *ctx = p->mem_ctx;
 
        DEBUG(5,("_srv_net_share_set_info: %d\n", __LINE__));
 
-       unistr2_to_ascii(share_name, &q_u->uni_share_name, sizeof(share_name));
+       share_name = unistr2_to_ascii_talloc(ctx, &q_u->uni_share_name);
+       if (!share_name) {
+               return WERR_NET_NAME_NOT_FOUND;
+       }
 
        r_u->parm_error = 0;
 
-       if ( strequal(share_name,"IPC$") 
+       if ( strequal(share_name,"IPC$")
                || ( lp_enable_asu_support() && strequal(share_name,"ADMIN$") )
                || strequal(share_name,"global") )
        {
@@ -1566,23 +1588,27 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S
        get_current_user(&user,p);
 
        is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
-       
+
        /* fail out now if you are not root and not a disk op */
-       
-       if ( user.uid != sec_initial_uid() && !is_disk_op )
+
+       if ( user.ut.uid != sec_initial_uid() && !is_disk_op )
                return WERR_ACCESS_DENIED;
 
        switch (q_u->info_level) {
        case 1:
-               pstrcpy(pathname, lp_pathname(snum));
-               unistr2_to_ascii(comment, &q_u->info.share.info2.info_2_str.uni_remark, sizeof(comment));
+               pathname = talloc_strdup(ctx, lp_pathname(snum));
+               comment = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info2.info_2_str.uni_remark);
                type = q_u->info.share.info2.info_2.type;
                psd = NULL;
                break;
        case 2:
-               unistr2_to_ascii(comment, &q_u->info.share.info2.info_2_str.uni_remark, sizeof(comment));
-               unistr2_to_ascii(pathname, &q_u->info.share.info2.info_2_str.uni_path, sizeof(pathname));
+               comment = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info2.info_2_str.uni_remark);
+               pathname = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info2.info_2_str.uni_path);
                type = q_u->info.share.info2.info_2.type;
+               max_connections = (q_u->info.share.info2.info_2.max_uses == 0xffffffff) ? 0 : q_u->info.share.info2.info_2.max_uses;
                psd = NULL;
                break;
 #if 0
@@ -1594,15 +1620,18 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S
                break;
 #endif
        case 502:
-               unistr2_to_ascii(comment, &q_u->info.share.info502.info_502_str.uni_remark, sizeof(comment));
-               unistr2_to_ascii(pathname, &q_u->info.share.info502.info_502_str.uni_path, sizeof(pathname));
+               comment = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info502.info_502_str.uni_remark);
+               pathname = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info502.info_502_str.uni_path);
                type = q_u->info.share.info502.info_502.type;
                psd = q_u->info.share.info502.info_502_str.sd;
                map_generic_share_sd_bits(psd);
                break;
        case 1004:
-               pstrcpy(pathname, lp_pathname(snum));
-               unistr2_to_ascii(comment, &q_u->info.share.info1004.info_1004_str.uni_remark, sizeof(comment));
+               pathname = talloc_strdup(ctx, lp_pathname(snum));
+               comment = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info1004.info_1004_str.uni_remark);
                type = STYPE_DISKTREE;
                break;
        case 1005:
@@ -1622,9 +1651,9 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S
        case 1007:
                return WERR_ACCESS_DENIED;
        case 1501:
-               pstrcpy(pathname, lp_pathname(snum));
-               fstrcpy(comment, lp_comment(snum));
-               psd = q_u->info.share.info1501.sdb->sec;
+               pathname = talloc_strdup(ctx, lp_pathname(snum));
+               comment = talloc_strdup(ctx, lp_comment(snum));
+               psd = q_u->info.share.info1501.sdb->sd;
                map_generic_share_sd_bits(psd);
                type = STYPE_DISKTREE;
                break;
@@ -1636,50 +1665,65 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S
        /* We can only modify disk shares. */
        if (type != STYPE_DISKTREE)
                return WERR_ACCESS_DENIED;
-               
+
        /* Check if the pathname is valid. */
-       if (!(path = valid_share_pathname( pathname )))
+       if (!(path = valid_share_pathname(p->mem_ctx, pathname )))
                return WERR_OBJECT_PATH_INVALID;
 
        /* Ensure share name, pathname and comment don't contain '"' characters. */
        string_replace(share_name, '"', ' ');
        string_replace(path, '"', ' ');
-       string_replace(comment, '"', ' ');
+       if (comment) {
+               string_replace(comment, '"', ' ');
+       }
 
        DEBUG(10,("_srv_net_share_set_info: change share command = %s\n",
                lp_change_share_cmd() ? lp_change_share_cmd() : "NULL" ));
 
        /* Only call modify function if something changed. */
-       
-       if (strcmp(path, lp_pathname(snum)) || strcmp(comment, lp_comment(snum)) ) 
-       {
+
+       if (strcmp(path, lp_pathname(snum)) || strcmp(comment, lp_comment(snum))
+                       || (lp_max_connections(snum) != max_connections)) {
                if (!lp_change_share_cmd() || !*lp_change_share_cmd()) {
                        DEBUG(10,("_srv_net_share_set_info: No change share command\n"));
                        return WERR_ACCESS_DENIED;
                }
 
-               slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\"",
-                               lp_change_share_cmd(), dyn_CONFIGFILE, share_name, path, comment);
+               command = talloc_asprintf(p->mem_ctx,
+                               "%s \"%s\" \"%s\" \"%s\" \"%s\" %d",
+                               lp_change_share_cmd(),
+                               get_dyn_CONFIGFILE(),
+                               share_name,
+                               path,
+                               comment ? comment : "",
+                               max_connections);
+               if (!command) {
+                       return WERR_NOMEM;
+               }
 
                DEBUG(10,("_srv_net_share_set_info: Running [%s]\n", command ));
-                               
+
                /********* BEGIN SeDiskOperatorPrivilege BLOCK *********/
-       
-               if ( is_disk_op )
+
+               if (is_disk_op)
                        become_root();
-                       
+
                if ( (ret = smbrun(command, NULL)) == 0 ) {
                        /* Tell everyone we updated smb.conf. */
-                       message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL);
+                       message_send_all(smbd_messaging_context(),
+                                        MSG_SMB_CONF_UPDATED, NULL, 0,
+                                        NULL);
                }
-               
+
                if ( is_disk_op )
                        unbecome_root();
-                       
+
                /********* END SeDiskOperatorPrivilege BLOCK *********/
 
                DEBUG(3,("_srv_net_share_set_info: Running [%s] returned (%d)\n", command, ret ));              
-       
+
+               TALLOC_FREE(command);
+
                if ( ret != 0 )
                        return WERR_ACCESS_DENIED;
        } else {
@@ -1691,38 +1735,41 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S
                SEC_DESC *old_sd;
                size_t sd_size;
 
-               old_sd = get_share_security(p->mem_ctx, snum, &sd_size);
+               old_sd = get_share_security(p->mem_ctx, lp_servicename(snum), &sd_size);
 
                if (old_sd && !sec_desc_equal(old_sd, psd)) {
-                       if (!set_share_security(p->mem_ctx, share_name, psd))
+                       if (!set_share_security(share_name, psd))
                                DEBUG(0,("_srv_net_share_set_info: Failed to change security info in share %s.\n",
                                        share_name ));
                }
        }
-                       
+
        DEBUG(5,("_srv_net_share_set_info: %d\n", __LINE__));
 
        return WERR_OK;
 }
 
 /*******************************************************************
- Net share add. Call 'add_share_command "sharename" "pathname" "comment" "read only = xxx"'
+ Net share add. Call 'add_share_command "sharename" "pathname"
+ "comment" "max connections = "
 ********************************************************************/
 
 WERROR _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_SHARE_ADD *r_u)
 {
        struct current_user user;
-       pstring command;
-       fstring share_name;
-       fstring comment;
-       pstring pathname;
+       char *command = NULL;
+       char *share_name = NULL;
+       char *comment = NULL;
+       char *pathname = NULL;
        int type;
        int snum;
        int ret;
        char *path;
        SEC_DESC *psd = NULL;
        SE_PRIV se_diskop = SE_DISK_OPERATOR;
-       BOOL is_disk_op;
+       bool is_disk_op;
+       int max_connections = 0;
+       TALLOC_CTX *ctx = p->mem_ctx;
 
        DEBUG(5,("_srv_net_share_add: %d\n", __LINE__));
 
@@ -1732,14 +1779,14 @@ WERROR _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_S
 
        is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
 
-       if (user.uid != sec_initial_uid()  && !is_disk_op ) 
+       if (user.ut.uid != sec_initial_uid()  && !is_disk_op )
                return WERR_ACCESS_DENIED;
 
        if (!lp_add_share_cmd() || !*lp_add_share_cmd()) {
                DEBUG(10,("_srv_net_share_add: No add share command\n"));
                return WERR_ACCESS_DENIED;
        }
-       
+
        switch (q_u->info_level) {
        case 0:
                /* No path. Not enough info in a level 0 to do anything. */
@@ -1748,18 +1795,25 @@ WERROR _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_S
                /* Not enough info in a level 1 to do anything. */
                return WERR_ACCESS_DENIED;
        case 2:
-               unistr2_to_ascii(share_name, &q_u->info.share.info2.info_2_str.uni_netname, sizeof(share_name));
-               unistr2_to_ascii(comment, &q_u->info.share.info2.info_2_str.uni_remark, sizeof(share_name));
-               unistr2_to_ascii(pathname, &q_u->info.share.info2.info_2_str.uni_path, sizeof(share_name));
+               share_name = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info2.info_2_str.uni_netname);
+               comment = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info2.info_2_str.uni_remark);
+               pathname = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info2.info_2_str.uni_path);
+               max_connections = (q_u->info.share.info2.info_2.max_uses == 0xffffffff) ? 0 : q_u->info.share.info2.info_2.max_uses;
                type = q_u->info.share.info2.info_2.type;
                break;
        case 501:
                /* No path. Not enough info in a level 501 to do anything. */
                return WERR_ACCESS_DENIED;
        case 502:
-               unistr2_to_ascii(share_name, &q_u->info.share.info502.info_502_str.uni_netname, sizeof(share_name));
-               unistr2_to_ascii(comment, &q_u->info.share.info502.info_502_str.uni_remark, sizeof(share_name));
-               unistr2_to_ascii(pathname, &q_u->info.share.info502.info_502_str.uni_path, sizeof(share_name));
+               share_name = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info502.info_502_str.uni_netname);
+               comment = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info502.info_502_str.uni_remark);
+               pathname = unistr2_to_ascii_talloc(ctx,
+                               &q_u->info.share.info502.info_502_str.uni_path);
                type = q_u->info.share.info502.info_502.type;
                psd = q_u->info.share.info502.info_502_str.sd;
                map_generic_share_sd_bits(psd);
@@ -1782,64 +1836,83 @@ WERROR _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_S
 
        /* check for invalid share names */
 
-       if ( !validate_net_name( share_name, INVALID_SHARENAME_CHARS, sizeof(share_name) ) ) {
-               DEBUG(5,("_srv_net_name_validate: Bad sharename \"%s\"\n", share_name));
+       if (!share_name || !validate_net_name(share_name,
+                               INVALID_SHARENAME_CHARS,
+                               strlen(share_name))) {
+               DEBUG(5,("_srv_net_name_validate: Bad sharename \"%s\"\n",
+                                       share_name ? share_name : ""));
                return WERR_INVALID_NAME;
        }
 
-       if ( strequal(share_name,"IPC$") 
-               || ( lp_enable_asu_support() && strequal(share_name,"ADMIN$") )
-               || strequal(share_name,"global") )
-       {
+       if (strequal(share_name,"IPC$") || strequal(share_name,"global")
+                       || (lp_enable_asu_support() &&
+                                       strequal(share_name,"ADMIN$"))) {
                return WERR_ACCESS_DENIED;
        }
 
        snum = find_service(share_name);
 
        /* Share already exists. */
-       if (snum >= 0)
+       if (snum >= 0) {
                return WERR_ALREADY_EXISTS;
+       }
 
        /* We can only add disk shares. */
-       if (type != STYPE_DISKTREE)
+       if (type != STYPE_DISKTREE) {
                return WERR_ACCESS_DENIED;
-               
+       }
+
        /* Check if the pathname is valid. */
-       if (!(path = valid_share_pathname( pathname )))
+       if (!(path = valid_share_pathname(p->mem_ctx, pathname))) {
                return WERR_OBJECT_PATH_INVALID;
+       }
 
        /* Ensure share name, pathname and comment don't contain '"' characters. */
        string_replace(share_name, '"', ' ');
        string_replace(path, '"', ' ');
-       string_replace(comment, '"', ' ');
+       if (comment) {
+               string_replace(comment, '"', ' ');
+       }
+
+       command = talloc_asprintf(ctx,
+                       "%s \"%s\" \"%s\" \"%s\" \"%s\" %d",
+                       lp_add_share_cmd(),
+                       get_dyn_CONFIGFILE(),
+                       share_name,
+                       path,
+                       comment ? comment : "",
+                       max_connections);
+       if (!command) {
+               return WERR_NOMEM;
+       }
 
-       slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\"",
-                       lp_add_share_cmd(), dyn_CONFIGFILE, share_name, path, comment);
-                       
        DEBUG(10,("_srv_net_share_add: Running [%s]\n", command ));
-       
+
        /********* BEGIN SeDiskOperatorPrivilege BLOCK *********/
-       
+
        if ( is_disk_op )
                become_root();
 
        if ( (ret = smbrun(command, NULL)) == 0 ) {
                /* Tell everyone we updated smb.conf. */
-               message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL);
+               message_send_all(smbd_messaging_context(),
+                                MSG_SMB_CONF_UPDATED, NULL, 0, NULL);
        }
 
        if ( is_disk_op )
                unbecome_root();
-               
+
        /********* END SeDiskOperatorPrivilege BLOCK *********/
 
        DEBUG(3,("_srv_net_share_add: Running [%s] returned (%d)\n", command, ret ));
 
+       TALLOC_FREE(command);
+
        if ( ret != 0 )
                return WERR_ACCESS_DENIED;
 
        if (psd) {
-               if (!set_share_security(p->mem_ctx, share_name, psd)) {
+               if (!set_share_security(share_name, psd)) {
                        DEBUG(0,("_srv_net_share_add: Failed to add security info to share %s.\n", share_name ));
                }
        }
@@ -1863,28 +1936,34 @@ WERROR _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_S
 WERROR _srv_net_share_del(pipes_struct *p, SRV_Q_NET_SHARE_DEL *q_u, SRV_R_NET_SHARE_DEL *r_u)
 {
        struct current_user user;
-       pstring command;
-       fstring share_name;
+       char *command = NULL;
+       char *share_name = NULL;
        int ret;
        int snum;
        SE_PRIV se_diskop = SE_DISK_OPERATOR;
-       BOOL is_disk_op;
+       bool is_disk_op;
+       struct share_params *params;
+       TALLOC_CTX *ctx = p->mem_ctx;
 
        DEBUG(5,("_srv_net_share_del: %d\n", __LINE__));
 
-       unistr2_to_ascii(share_name, &q_u->uni_share_name, sizeof(share_name));
+       share_name = unistr2_to_ascii_talloc(ctx, &q_u->uni_share_name);
 
-       if ( strequal(share_name,"IPC$") 
+       if (!share_name) {
+               return WERR_NET_NAME_NOT_FOUND;
+       }
+       if ( strequal(share_name,"IPC$")
                || ( lp_enable_asu_support() && strequal(share_name,"ADMIN$") )
                || strequal(share_name,"global") )
        {
                return WERR_ACCESS_DENIED;
        }
 
-       snum = find_service(share_name);
-
-       if (snum < 0)
+       if (!(params = get_share_params(p->mem_ctx, share_name))) {
                return WERR_NO_SUCH_SHARE;
+       }
+
+       snum = find_service(share_name);
 
        /* No change to printer shares. */
        if (lp_print_ok(snum))
@@ -1894,32 +1973,39 @@ WERROR _srv_net_share_del(pipes_struct *p, SRV_Q_NET_SHARE_DEL *q_u, SRV_R_NET_S
 
        is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
 
-       if (user.uid != sec_initial_uid()  && !is_disk_op ) 
+       if (user.ut.uid != sec_initial_uid()  && !is_disk_op )
                return WERR_ACCESS_DENIED;
 
        if (!lp_delete_share_cmd() || !*lp_delete_share_cmd()) {
                DEBUG(10,("_srv_net_share_del: No delete share command\n"));
                return WERR_ACCESS_DENIED;
        }
-               
-       slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\"",
-                       lp_delete_share_cmd(), dyn_CONFIGFILE, lp_servicename(snum));
+
+       command = talloc_asprintf(ctx,
+                       "%s \"%s\" \"%s\"",
+                       lp_delete_share_cmd(),
+                       get_dyn_CONFIGFILE(),
+                       lp_servicename(snum));
+       if (!command) {
+               return WERR_NOMEM;
+       }
 
        DEBUG(10,("_srv_net_share_del: Running [%s]\n", command ));
 
        /********* BEGIN SeDiskOperatorPrivilege BLOCK *********/
-       
+
        if ( is_disk_op )
                become_root();
 
        if ( (ret = smbrun(command, NULL)) == 0 ) {
                /* Tell everyone we updated smb.conf. */
-               message_send_all(conn_tdb_ctx(), MSG_SMB_CONF_UPDATED, NULL, 0, False, NULL);
+               message_send_all(smbd_messaging_context(),
+                                MSG_SMB_CONF_UPDATED, NULL, 0, NULL);
        }
 
        if ( is_disk_op )
                unbecome_root();
-               
+
        /********* END SeDiskOperatorPrivilege BLOCK *********/
 
        DEBUG(3,("_srv_net_share_del: Running [%s] returned (%d)\n", command, ret ));
@@ -1928,9 +2014,9 @@ WERROR _srv_net_share_del(pipes_struct *p, SRV_Q_NET_SHARE_DEL *q_u, SRV_R_NET_S
                return WERR_ACCESS_DENIED;
 
        /* Delete the SD in the database. */
-       delete_share_security(snum);
+       delete_share_security(lp_servicename(params->service));
 
-       lp_killservice(snum);
+       lp_killservice(params->service);
 
        return WERR_OK;
 }
@@ -1951,16 +2037,17 @@ WERROR _srv_net_remote_tod(pipes_struct *p, SRV_Q_NET_REMOTE_TOD *q_u, SRV_R_NET
        TIME_OF_DAY_INFO *tod;
        struct tm *t;
        time_t unixdate = time(NULL);
+
        /* We do this call first as if we do it *after* the gmtime call
           it overwrites the pointed-to values. JRA */
+
        uint32 zone = get_time_zone(unixdate)/60;
 
-       tod = TALLOC_P(p->mem_ctx, TIME_OF_DAY_INFO);
-       if (!tod)
+       DEBUG(5,("_srv_net_remote_tod: %d\n", __LINE__));
+
+       if ( !(tod = TALLOC_ZERO_P(p->mem_ctx, TIME_OF_DAY_INFO)) )
                return WERR_NOMEM;
 
-       ZERO_STRUCTP(tod);
- 
        r_u->tod = tod;
        r_u->ptr_srv_tod = 0x1;
        r_u->status = WERR_OK;
@@ -1999,24 +2086,28 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
        SEC_DESC *psd = NULL;
        size_t sd_size;
        DATA_BLOB null_pw;
-       pstring filename;
-       pstring qualname;
-       files_struct *fsp = NULL;
+       char *filename_in = NULL;
+       char *filename = NULL;
+       char *qualname = NULL;
        SMB_STRUCT_STAT st;
-       BOOL bad_path;
        NTSTATUS nt_status;
        struct current_user user;
        connection_struct *conn = NULL;
-       BOOL became_user = False; 
+       bool became_user = False;
+       TALLOC_CTX *ctx = p->mem_ctx;
 
        ZERO_STRUCT(st);
 
        r_u->status = WERR_OK;
 
-       unistr2_to_ascii(qualname, &q_u->uni_qual_name, sizeof(qualname));
+       qualname = unistr2_to_ascii_talloc(ctx, &q_u->uni_qual_name);
+       if (!qualname) {
+               r_u->status = WERR_ACCESS_DENIED;
+               goto error_exit;
+       }
 
        /* Null password is ok - we are already an authenticated user... */
-       null_pw = data_blob(NULL, 0);
+       null_pw = data_blob_null;
 
        get_current_user(&user, p);
 
@@ -2037,69 +2128,57 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
        }
        became_user = True;
 
-       unistr2_to_ascii(filename, &q_u->uni_file_name, sizeof(filename));
-       unix_convert(filename, conn, NULL, &bad_path, &st);
-       if (bad_path) {
-               DEBUG(3,("_srv_net_file_query_secdesc: bad pathname %s\n", filename));
+       filename_in = unistr2_to_ascii_talloc(ctx, &q_u->uni_file_name);
+       if (!filename_in) {
                r_u->status = WERR_ACCESS_DENIED;
                goto error_exit;
        }
 
-       if (!check_name(filename,conn)) {
-               DEBUG(3,("_srv_net_file_query_secdesc: can't access %s\n", filename));
+       nt_status = unix_convert(ctx, conn, filename_in, False, &filename, NULL, &st);
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               DEBUG(3,("_srv_net_file_query_secdesc: bad pathname %s\n", filename));
                r_u->status = WERR_ACCESS_DENIED;
                goto error_exit;
        }
 
-       fsp = open_file_stat(conn, filename, &st);
-       if (!fsp) {
-               /* Perhaps it is a directory */
-               if (errno == EISDIR)
-                       fsp = open_directory(conn, filename, &st,
-                                       READ_CONTROL_ACCESS,
-                                       FILE_SHARE_READ|FILE_SHARE_WRITE,
-                                       FILE_OPEN,
-                                       0,
-                                       NULL);
-
-               if (!fsp) {
-                       DEBUG(3,("_srv_net_file_query_secdesc: Unable to open file %s\n", filename));
-                       r_u->status = WERR_ACCESS_DENIED;
-                       goto error_exit;
-               }
+       nt_status = check_name(conn, filename);
+       if (!NT_STATUS_IS_OK(nt_status)) {
+               DEBUG(3,("_srv_net_file_query_secdesc: can't access %s\n", filename));
+               r_u->status = WERR_ACCESS_DENIED;
+               goto error_exit;
        }
 
-       sd_size = SMB_VFS_GET_NT_ACL(fsp, fsp->fsp_name, (OWNER_SECURITY_INFORMATION|GROUP_SECURITY_INFORMATION|DACL_SECURITY_INFORMATION), &psd);
+       nt_status = SMB_VFS_GET_NT_ACL(conn, filename,
+                                      (OWNER_SECURITY_INFORMATION
+                                       |GROUP_SECURITY_INFORMATION
+                                       |DACL_SECURITY_INFORMATION), &psd);
 
-       if (sd_size == 0) {
+       if (!NT_STATUS_IS_OK(nt_status)) {
                DEBUG(3,("_srv_net_file_query_secdesc: Unable to get NT ACL for file %s\n", filename));
-               r_u->status = WERR_ACCESS_DENIED;
+               r_u->status = ntstatus_to_werror(nt_status);
                goto error_exit;
        }
 
+       sd_size = ndr_size_security_descriptor(psd, 0);
+
        r_u->ptr_response = 1;
        r_u->size_response = sd_size;
        r_u->ptr_secdesc = 1;
        r_u->size_secdesc = sd_size;
        r_u->sec_desc = psd;
 
-       psd->dacl->revision = (uint16) NT4_ACL_REVISION;
+       psd->dacl->revision = NT4_ACL_REVISION;
 
-       close_file(fsp, True);
        unbecome_user();
        close_cnum(conn, user.vuid);
        return r_u->status;
 
 error_exit:
 
-       if(fsp) {
-               close_file(fsp, True);
-       }
-
        if (became_user)
                unbecome_user();
 
-       if (conn) 
+       if (conn)
                close_cnum(conn, user.vuid);
 
        return r_u->status;
@@ -2112,26 +2191,30 @@ error_exit:
 WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_u,
                                                                        SRV_R_NET_FILE_SET_SECDESC *r_u)
 {
-       BOOL ret;
-       pstring filename;
-       pstring qualname;
+       char *filename_in = NULL;
+       char *filename = NULL;
+       char *qualname = NULL;
        DATA_BLOB null_pw;
        files_struct *fsp = NULL;
        SMB_STRUCT_STAT st;
-       BOOL bad_path;
        NTSTATUS nt_status;
        struct current_user user;
        connection_struct *conn = NULL;
-       BOOL became_user = False;
+       bool became_user = False;
+       TALLOC_CTX *ctx = p->mem_ctx;
 
        ZERO_STRUCT(st);
 
        r_u->status = WERR_OK;
 
-       unistr2_to_ascii(qualname, &q_u->uni_qual_name, sizeof(qualname));
+       qualname = unistr2_to_ascii_talloc(ctx, &q_u->uni_qual_name);
+       if (!qualname) {
+               r_u->status = WERR_ACCESS_DENIED;
+               goto error_exit;
+       }
 
        /* Null password is ok - we are already an authenticated user... */
-       null_pw = data_blob(NULL, 0);
+       null_pw = data_blob_null;
 
        get_current_user(&user, p);
 
@@ -2152,49 +2235,55 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
        }
        became_user = True;
 
-       unistr2_to_ascii(filename, &q_u->uni_file_name, sizeof(filename));
-       unix_convert(filename, conn, NULL, &bad_path, &st);
-       if (bad_path) {
+       filename_in= unistr2_to_ascii_talloc(ctx, &q_u->uni_file_name);
+       if (!filename_in) {
+               r_u->status = WERR_ACCESS_DENIED;
+               goto error_exit;
+       }
+
+       nt_status = unix_convert(ctx, conn, filename, False, &filename, NULL, &st);
+       if (!NT_STATUS_IS_OK(nt_status)) {
                DEBUG(3,("_srv_net_file_set_secdesc: bad pathname %s\n", filename));
                r_u->status = WERR_ACCESS_DENIED;
                goto error_exit;
        }
 
-       if (!check_name(filename,conn)) {
+       nt_status = check_name(conn, filename);
+       if (!NT_STATUS_IS_OK(nt_status)) {
                DEBUG(3,("_srv_net_file_set_secdesc: can't access %s\n", filename));
                r_u->status = WERR_ACCESS_DENIED;
                goto error_exit;
        }
 
+       nt_status = open_file_stat(conn, NULL, filename, &st, &fsp);
 
-       fsp = open_file_stat(conn, filename, &st);
-
-       if (!fsp) {
+       if ( !NT_STATUS_IS_OK(nt_status) ) {
                /* Perhaps it is a directory */
-               if (errno == EISDIR)
-                       fsp = open_directory(conn, filename, &st,
+               if (NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_IS_A_DIRECTORY))
+                       nt_status = open_directory(conn, NULL, filename, &st,
                                                FILE_READ_ATTRIBUTES,
                                                FILE_SHARE_READ|FILE_SHARE_WRITE,
                                                FILE_OPEN,
                                                0,
-                                               NULL);
+                                               FILE_ATTRIBUTE_DIRECTORY,
+                                               NULL, &fsp);
 
-               if (!fsp) {
+               if ( !NT_STATUS_IS_OK(nt_status) ) {
                        DEBUG(3,("_srv_net_file_set_secdesc: Unable to open file %s\n", filename));
-                       r_u->status = WERR_ACCESS_DENIED;
+                       r_u->status = ntstatus_to_werror(nt_status);
                        goto error_exit;
                }
        }
 
-       ret = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, q_u->sec_info, q_u->sec_desc);
+       nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, q_u->sec_info, q_u->sec_desc);
 
-       if (ret == False) {
+       if (!NT_STATUS_IS_OK(nt_status) ) {
                DEBUG(3,("_srv_net_file_set_secdesc: Unable to set NT ACL on file %s\n", filename));
                r_u->status = WERR_ACCESS_DENIED;
                goto error_exit;
        }
 
-       close_file(fsp, True);
+       close_file(fsp, NORMAL_CLOSE);
        unbecome_user();
        close_cnum(conn, user.vuid);
        return r_u->status;
@@ -2202,7 +2291,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
 error_exit:
 
        if(fsp) {
-               close_file(fsp, True);
+               close_file(fsp, NORMAL_CLOSE);
        }
 
        if (became_user) {
@@ -2312,11 +2401,7 @@ WERROR _srv_net_name_validate(pipes_struct *p, SRV_Q_NET_NAME_VALIDATE *q_u, SRV
 
        switch ( q_u->type ) {
        case 0x9:
-               /* Run the name through alpha_strcpy() to remove any unsafe 
-                  shell characters.  Compare the copied string with the original
-                  and fail if the strings don't match */
-
-               unistr2_to_ascii(sharename, &q_u->uni_name, sizeof(sharename));
+               rpcstr_pull(sharename, q_u->sharename.buffer, sizeof(sharename), q_u->sharename.uni_str_len*2, 0);
                if ( !validate_net_name( sharename, INVALID_SHARENAME_CHARS, sizeof(sharename) ) ) {
                        DEBUG(5,("_srv_net_name_validate: Bad sharename \"%s\"\n", sharename));
                        return WERR_INVALID_NAME;
@@ -2329,3 +2414,335 @@ WERROR _srv_net_name_validate(pipes_struct *p, SRV_Q_NET_NAME_VALIDATE *q_u, SRV
 
        return WERR_OK;
 }
+
+
+/********************************************************************
+********************************************************************/
+
+WERROR _srvsvc_NetFileClose(pipes_struct *p, struct srvsvc_NetFileClose *r)
+{
+       return WERR_ACCESS_DENIED;
+}
+
+
+/********************************************************************
+********************************************************************/
+
+WERROR _srvsvc_NetCharDevEnum(pipes_struct *p, struct srvsvc_NetCharDevEnum *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetCharDevGetInfo(pipes_struct *p, struct srvsvc_NetCharDevGetInfo *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetCharDevControl(pipes_struct *p, struct srvsvc_NetCharDevControl *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetCharDevQEnum(pipes_struct *p, struct srvsvc_NetCharDevQEnum *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetCharDevQGetInfo(pipes_struct *p, struct srvsvc_NetCharDevQGetInfo *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetCharDevQSetInfo(pipes_struct *p, struct srvsvc_NetCharDevQSetInfo *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetCharDevQPurge(pipes_struct *p, struct srvsvc_NetCharDevQPurge *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetCharDevQPurgeSelf(pipes_struct *p, struct srvsvc_NetCharDevQPurgeSelf *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetConnEnum(pipes_struct *p, struct srvsvc_NetConnEnum *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetFileEnum(pipes_struct *p, struct srvsvc_NetFileEnum *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetFileGetInfo(pipes_struct *p, struct srvsvc_NetFileGetInfo *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetSessEnum(pipes_struct *p, struct srvsvc_NetSessEnum *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetSessDel(pipes_struct *p, struct srvsvc_NetSessDel *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareAdd(pipes_struct *p, struct srvsvc_NetShareAdd *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareEnumAll(pipes_struct *p, struct srvsvc_NetShareEnumAll *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareGetInfo(pipes_struct *p, struct srvsvc_NetShareGetInfo *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareSetInfo(pipes_struct *p, struct srvsvc_NetShareSetInfo *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareDel(pipes_struct *p, struct srvsvc_NetShareDel *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareDelSticky(pipes_struct *p, struct srvsvc_NetShareDelSticky *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareCheck(pipes_struct *p, struct srvsvc_NetShareCheck *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetSrvGetInfo(pipes_struct *p, struct srvsvc_NetSrvGetInfo *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetSrvSetInfo(pipes_struct *p, struct srvsvc_NetSrvSetInfo *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetDiskEnum(pipes_struct *p, struct srvsvc_NetDiskEnum *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetServerStatisticsGet(pipes_struct *p, struct srvsvc_NetServerStatisticsGet *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetTransportAdd(pipes_struct *p, struct srvsvc_NetTransportAdd *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetTransportEnum(pipes_struct *p, struct srvsvc_NetTransportEnum *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetTransportDel(pipes_struct *p, struct srvsvc_NetTransportDel *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetRemoteTOD(pipes_struct *p, struct srvsvc_NetRemoteTOD *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetSetServiceBits(pipes_struct *p, struct srvsvc_NetSetServiceBits *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetPathType(pipes_struct *p, struct srvsvc_NetPathType *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetPathCanonicalize(pipes_struct *p, struct srvsvc_NetPathCanonicalize *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetPathCompare(pipes_struct *p, struct srvsvc_NetPathCompare *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetNameValidate(pipes_struct *p, struct srvsvc_NetNameValidate *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRPRNAMECANONICALIZE(pipes_struct *p, struct srvsvc_NETRPRNAMECANONICALIZE *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetPRNameCompare(pipes_struct *p, struct srvsvc_NetPRNameCompare *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareEnum(pipes_struct *p, struct srvsvc_NetShareEnum *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareDelStart(pipes_struct *p, struct srvsvc_NetShareDelStart *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetShareDelCommit(pipes_struct *p, struct srvsvc_NetShareDelCommit *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, struct srvsvc_NetGetFileSecurity *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, struct srvsvc_NetSetFileSecurity *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetServerTransportAddEx(pipes_struct *p, struct srvsvc_NetServerTransportAddEx *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NetServerSetServiceBitsEx(pipes_struct *p, struct srvsvc_NetServerSetServiceBitsEx *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSGETVERSION(pipes_struct *p, struct srvsvc_NETRDFSGETVERSION *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSCREATELOCALPARTITION(pipes_struct *p, struct srvsvc_NETRDFSCREATELOCALPARTITION *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSDELETELOCALPARTITION(pipes_struct *p, struct srvsvc_NETRDFSDELETELOCALPARTITION *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSSETLOCALVOLUMESTATE(pipes_struct *p, struct srvsvc_NETRDFSSETLOCALVOLUMESTATE *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSSETSERVERINFO(pipes_struct *p, struct srvsvc_NETRDFSSETSERVERINFO *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSCREATEEXITPOINT(pipes_struct *p, struct srvsvc_NETRDFSCREATEEXITPOINT *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSDELETEEXITPOINT(pipes_struct *p, struct srvsvc_NETRDFSDELETEEXITPOINT *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSMODIFYPREFIX(pipes_struct *p, struct srvsvc_NETRDFSMODIFYPREFIX *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSFIXLOCALVOLUME(pipes_struct *p, struct srvsvc_NETRDFSFIXLOCALVOLUME *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRDFSMANAGERREPORTSITEINFO(pipes_struct *p, struct srvsvc_NETRDFSMANAGERREPORTSITEINFO *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+
+WERROR _srvsvc_NETRSERVERTRANSPORTDELEX(pipes_struct *p, struct srvsvc_NETRSERVERTRANSPORTDELEX *r)
+{
+       p->rng_fault_state = True;
+       return WERR_NOT_SUPPORTED;
+}
+