3 * Unix SMB/Netbios implementation.
5 * RPC Pipe client / server routines
6 * Copyright (C) Andrew Tridgell 1992-1998,
7 * Copyright (C) Luke Kenneth Casson Leighton 1996-1998,
8 * Copyright (C) Jeremy Allison 1999.
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #define PIPE "\\PIPE\\"
30 #define PIPELEN strlen(PIPE)
32 extern int DEBUGLEVEL;
33 static pipes_struct *chain_p;
34 static int pipes_open;
36 #ifndef MAX_OPEN_PIPES
37 #define MAX_OPEN_PIPES 64
40 static pipes_struct *Pipes;
41 static struct bitmap *bmap;
43 /* this must be larger than the sum of the open files and directories */
44 static int pipe_handle_offset;
46 /****************************************************************************
47 Set the pipe_handle_offset. Called from smbd/files.c
48 ****************************************************************************/
50 void set_pipe_handle_offset(int max_open_files)
52 if(max_open_files < 0x7000)
53 pipe_handle_offset = 0x7000;
55 pipe_handle_offset = max_open_files + 10; /* For safety. :-) */
58 /****************************************************************************
59 Reset pipe chain handle number.
60 ****************************************************************************/
61 void reset_chain_p(void)
66 /****************************************************************************
67 Initialise pipe handle states.
68 ****************************************************************************/
70 void init_rpc_pipe_hnd(void)
72 bmap = bitmap_allocate(MAX_OPEN_PIPES);
74 exit_server("out of memory in init_rpc_pipe_hnd\n");
77 /****************************************************************************
78 Initialise an outgoing packet.
79 ****************************************************************************/
81 static BOOL pipe_init_outgoing_data(output_data *o_data)
83 /* Reset the offset counters. */
84 o_data->data_sent_length = 0;
85 o_data->current_pdu_len = 0;
86 o_data->current_pdu_sent = 0;
88 memset(o_data->current_pdu, '\0', sizeof(o_data->current_pdu));
90 /* Free any memory in the current return data buffer. */
91 prs_mem_free(&o_data->rdata);
94 * Initialize the outgoing RPC data buffer.
95 * we will use this as the raw data area for replying to rpc requests.
97 if(!prs_init(&o_data->rdata, MAX_PDU_FRAG_LEN, 4, MARSHALL)) {
98 DEBUG(0,("pipe_init_outgoing_data: malloc fail.\n"));
105 /****************************************************************************
106 Attempt to find a remote process to communicate RPC's with.
107 ****************************************************************************/
109 static void attempt_remote_rpc_connect(pipes_struct *p)
111 struct user_creds usr;
112 user_struct *vuser = get_valid_user_struct(p->vuid);
117 DEBUG(4,("attempt_remote_rpc_connect: invalid vuid %d\n", (int)p->vuid));
123 /* set up unix credentials from the smb side, to feed over the pipe */
124 make_creds_unix(&usr.uxc, vuser->user.unix_name, vuser->user.smb_name,
125 vuser->user.full_name, vuser->guest);
127 make_creds_unix_sec(&usr.uxs, vuser->uid, vuser->gid,
128 vuser->n_groups, vuser->groups);
132 DEBUG(10,("user session key not available (yet).\n"));
133 DEBUG(10,("password-change operations may fail.\n"));
135 #if USER_SESSION_KEY_DEFINED_IN_VUSER_STRUCT
136 memcpy(usr.usr_sess_key, vuser->usr_sess_key, sizeof(usr.usr_sess_key));
138 memset(usr.usr_sess_key, 0, sizeof(usr.usr_sess_key));
141 /* set up nt credentials from the smb side, to feed over the pipe */
143 make_creds_nt(&usr.ntc);
144 make_creds_nt_sec(&usr.nts);
147 become_root(False); /* to connect to pipe */
148 p->m = msrpc_use_add(p->name, sys_getpid(), &usr, False);
149 unbecome_root(False);
152 DEBUG(10,("attempt_remote_rpc_connect: msrpc redirect failed - using local implementation.\n"));
155 /****************************************************************************
156 Find first available pipe slot.
157 ****************************************************************************/
159 pipes_struct *open_rpc_pipe_p(char *pipe_name,
160 connection_struct *conn, uint16 vuid)
164 static int next_pipe;
166 DEBUG(4,("Open pipe requested %s (pipes_open=%d)\n",
167 pipe_name, pipes_open));
170 /* not repeating pipe numbers makes it easier to track things in
171 log files and prevents client bugs where pipe numbers are reused
172 over connection restarts */
174 next_pipe = (sys_getpid() ^ time(NULL)) % MAX_OPEN_PIPES;
176 i = bitmap_find(bmap, next_pipe);
179 DEBUG(0,("ERROR! Out of pipe structures\n"));
183 next_pipe = (i+1) % MAX_OPEN_PIPES;
185 for (p = Pipes; p; p = p->next)
186 DEBUG(5,("open pipes: name %s pnum=%x\n", p->name, p->pnum));
188 p = (pipes_struct *)malloc(sizeof(*p));
198 * Initialize the incoming RPC data buffer with one PDU worth of memory.
199 * We cheat here and say we're marshalling, as we intend to add incoming
200 * data directly into the prs_struct and we want it to auto grow. We will
201 * change the type to UNMARSALLING before processing the stream.
204 if(!prs_init(&p->in_data.data, MAX_PDU_FRAG_LEN, 4, MARSHALL)) {
205 DEBUG(0,("open_rpc_pipe_p: malloc fail for in_data struct.\n"));
210 i += pipe_handle_offset;
222 p->max_trans_reply = 0;
224 p->ntlmssp_chal_flags = 0;
225 p->ntlmssp_auth_validated = False;
226 p->ntlmssp_auth_requested = False;
228 p->pipe_bound = False;
229 p->fault_state = False;
232 * Initialize the incoming RPC struct.
235 p->in_data.pdu_needed_len = 0;
236 p->in_data.pdu_received_len = 0;
239 * Initialize the outgoing RPC struct.
242 p->out_data.current_pdu_len = 0;
243 p->out_data.current_pdu_sent = 0;
244 p->out_data.data_sent_length = 0;
247 * Initialize the outgoing RPC data buffer with no memory.
249 prs_init(&p->out_data.rdata, 0, 4, MARSHALL);
254 fstrcpy(p->name, pipe_name);
258 Comment out until memory leak fixed. JRA.
261 * For Luke - attempt to connect to RPC redirect process.
264 attempt_remote_rpc_connect(p);
267 DEBUG(4,("Opened pipe %s with handle %x (pipes_open=%d)\n",
268 pipe_name, i, pipes_open));
272 /* OVERWRITE p as a temp variable, to display all open pipes */
273 for (p = Pipes; p; p = p->next)
274 DEBUG(5,("open pipes: name %s pnum=%x\n", p->name, p->pnum));
279 /****************************************************************************
280 Sets the fault state on incoming packets.
281 ****************************************************************************/
283 static void set_incoming_fault(pipes_struct *p)
285 prs_mem_free(&p->in_data.data);
286 p->in_data.pdu_needed_len = 0;
287 p->in_data.pdu_received_len = 0;
288 p->fault_state = True;
289 DEBUG(10,("set_incoming_fault: Setting fault state on pipe %s : pnum = 0x%x\n",
293 /****************************************************************************
294 Ensures we have at least RPC_HEADER_LEN amount of data in the incoming buffer.
295 ****************************************************************************/
297 static ssize_t fill_rpc_header(pipes_struct *p, char *data, size_t data_to_copy)
299 size_t len_needed_to_complete_hdr = MIN(data_to_copy, RPC_HEADER_LEN - p->in_data.pdu_received_len);
301 DEBUG(10,("fill_rpc_header: data_to_copy = %u, len_needed_to_complete_hdr = %u, receive_len = %u\n",
302 (unsigned int)data_to_copy, (unsigned int)len_needed_to_complete_hdr,
303 (unsigned int)p->in_data.pdu_received_len ));
305 memcpy((char *)&p->in_data.current_in_pdu[p->in_data.pdu_received_len], data, len_needed_to_complete_hdr);
306 p->in_data.pdu_received_len += len_needed_to_complete_hdr;
308 return (ssize_t)len_needed_to_complete_hdr;
311 /****************************************************************************
312 Unmarshalls a new PDU header. Assumes the raw header data is in current_in_pdu.
313 ****************************************************************************/
315 static ssize_t unmarshall_rpc_header(pipes_struct *p)
318 * Unmarshall the header to determine the needed length.
323 if(p->in_data.pdu_received_len != RPC_HEADER_LEN) {
324 DEBUG(0,("unmarshall_rpc_header: assert on rpc header length failed.\n"));
325 set_incoming_fault(p);
329 prs_init( &rpc_in, 0, 4, UNMARSHALL);
330 prs_give_memory( &rpc_in, (char *)&p->in_data.current_in_pdu[0],
331 p->in_data.pdu_received_len, False);
334 * Unmarshall the header as this will tell us how much
335 * data we need to read to get the complete pdu.
338 if(!smb_io_rpc_hdr("", &p->hdr, &rpc_in, 0)) {
339 DEBUG(0,("unmarshall_rpc_header: failed to unmarshall RPC_HDR.\n"));
340 set_incoming_fault(p);
345 * Validate the RPC header.
348 if(p->hdr.major != 5 && p->hdr.minor != 0) {
349 DEBUG(0,("unmarshall_rpc_header: invalid major/minor numbers in RPC_HDR.\n"));
350 set_incoming_fault(p);
355 * If there is no data in the incoming buffer and it's a requst pdu then
356 * ensure that the FIRST flag is set. If not then we have
357 * a stream missmatch.
360 if((p->hdr.pkt_type == RPC_REQUEST) && (prs_offset(&p->in_data.data) == 0) && !(p->hdr.flags & RPC_FLG_FIRST)) {
361 DEBUG(0,("unmarshall_rpc_header: FIRST flag not set in first PDU !\n"));
362 set_incoming_fault(p);
367 * Ensure that the pdu length is sane.
370 if((p->hdr.frag_len < RPC_HEADER_LEN) || (p->hdr.frag_len > MAX_PDU_FRAG_LEN)) {
371 DEBUG(0,("unmarshall_rpc_header: assert on frag length failed.\n"));
372 set_incoming_fault(p);
376 DEBUG(10,("unmarshall_rpc_header: type = %u, flags = %u\n", (unsigned int)p->hdr.pkt_type,
377 (unsigned int)p->hdr.flags ));
380 * Adjust for the header we just ate.
382 p->in_data.pdu_received_len = 0;
383 p->in_data.pdu_needed_len = (uint32)p->hdr.frag_len - RPC_HEADER_LEN;
386 * Null the data we just ate.
389 memset((char *)&p->in_data.current_in_pdu[0], '\0', RPC_HEADER_LEN);
391 return 0; /* No extra data processed. */
394 /****************************************************************************
395 Processes a request pdu. This will do auth processing if needed, and
396 appends the data into the complete stream if the LAST flag is not set.
397 ****************************************************************************/
399 static BOOL process_request_pdu(pipes_struct *p, prs_struct *rpc_in_p)
401 BOOL auth_verify = IS_BITS_SET_ALL(p->ntlmssp_chal_flags, NTLMSSP_NEGOTIATE_SIGN);
402 size_t data_len = p->hdr.frag_len - RPC_HEADER_LEN - RPC_HDR_REQ_LEN -
403 (auth_verify ? RPC_HDR_AUTH_LEN : 0) - p->hdr.auth_len;
406 DEBUG(0,("process_request_pdu: rpc request with no bind.\n"));
407 set_incoming_fault(p);
412 * Check if we need to do authentication processing.
413 * This is only done on requests, not binds.
417 * Read the RPC request header.
420 if(!smb_io_rpc_hdr_req("req", &p->hdr_req, rpc_in_p, 0)) {
421 DEBUG(0,("process_request_pdu: failed to unmarshall RPC_HDR_REQ.\n"));
422 set_incoming_fault(p);
426 if(p->ntlmssp_auth_validated && !api_pipe_auth_process(p, rpc_in_p)) {
427 DEBUG(0,("process_request_pdu: failed to do auth processing.\n"));
428 set_incoming_fault(p);
432 if (p->ntlmssp_auth_requested && !p->ntlmssp_auth_validated) {
435 * Authentication _was_ requested and it already failed.
438 DEBUG(0,("process_request_pdu: RPC request received on pipe %s where \
439 authentication failed. Denying the request.\n", p->name));
440 set_incoming_fault(p);
445 * Check the data length doesn't go over the 1Mb limit.
448 if(prs_data_size(&p->in_data.data) + data_len > 1024*1024) {
449 DEBUG(0,("process_request_pdu: rpc data buffer too large (%u) + (%u)\n",
450 (unsigned int)prs_data_size(&p->in_data.data), (unsigned int)data_len ));
451 set_incoming_fault(p);
456 * Append the data portion into the buffer and return.
460 char *data_from = prs_data_p(rpc_in_p) + prs_offset(rpc_in_p);
462 if(!prs_append_data(&p->in_data.data, data_from, data_len)) {
463 DEBUG(0,("process_request_pdu: Unable to append data size %u to parse buffer of size %u.\n",
464 (unsigned int)data_len, (unsigned int)prs_data_size(&p->in_data.data) ));
465 set_incoming_fault(p);
471 if(p->hdr.flags & RPC_FLG_LAST) {
474 * Ok - we finally have a complete RPC stream.
475 * Call the rpc command to process it.
479 * Set the parse offset to the start of the data and set the
480 * prs_struct to UNMARSHALL.
483 prs_set_offset(&p->in_data.data, 0);
484 prs_switch_type(&p->in_data.data, UNMARSHALL);
487 * Process the complete data stream here.
490 if(pipe_init_outgoing_data(&p->out_data))
491 ret = api_pipe_request(p);
494 * We have consumed the whole data stream. Set back to
495 * marshalling and set the offset back to the start of
496 * the buffer to re-use it (we could also do a prs_mem_free()
497 * and then re_init on the next start of PDU. Not sure which
498 * is best here.... JRA.
501 prs_switch_type(&p->in_data.data, MARSHALL);
502 prs_set_offset(&p->in_data.data, 0);
509 /****************************************************************************
510 Processes a finished PDU stored in current_in_pdu. The RPC_HEADER has
511 already been parsed and stored in p->hdr.
512 ****************************************************************************/
514 static ssize_t process_complete_pdu(pipes_struct *p)
517 size_t data_len = p->in_data.pdu_received_len;
518 char *data_p = (char *)&p->in_data.current_in_pdu[0];
522 DEBUG(10,("process_complete_pdu: pipe %s in fault state.\n",
524 set_incoming_fault(p);
526 return (ssize_t)data_len;
529 prs_init( &rpc_in, 0, 4, UNMARSHALL);
530 prs_give_memory( &rpc_in, data_p, (uint32)data_len, False);
532 DEBUG(10,("process_complete_pdu: processing packet type %u\n",
533 (unsigned int)p->hdr.pkt_type ));
535 switch (p->hdr.pkt_type) {
539 * We assume that a pipe bind is only in one pdu.
541 if(pipe_init_outgoing_data(&p->out_data))
542 reply = api_pipe_bind_req(p, &rpc_in);
546 * We assume that a pipe bind_resp is only in one pdu.
548 if(pipe_init_outgoing_data(&p->out_data))
549 reply = api_pipe_bind_auth_resp(p, &rpc_in);
552 reply = process_request_pdu(p, &rpc_in);
555 DEBUG(0,("process_complete_pdu: Unknown rpc type = %u received.\n", (unsigned int)p->hdr.pkt_type ));
560 DEBUG(3,("process_complete_pdu: DCE/RPC fault sent on pipe %s\n", p->pipe_srv_name));
561 set_incoming_fault(p);
565 * Reset the lengths. We're ready for a new pdu.
567 p->in_data.pdu_needed_len = 0;
568 p->in_data.pdu_received_len = 0;
571 return (ssize_t)data_len;
574 /****************************************************************************
575 Accepts incoming data on an rpc pipe. Processes the data in pdu sized units.
576 ****************************************************************************/
578 static ssize_t process_incoming_data(pipes_struct *p, char *data, size_t n)
580 size_t data_to_copy = MIN(n, MAX_PDU_FRAG_LEN - p->in_data.pdu_received_len);
582 DEBUG(10,("process_incoming_data: Start: pdu_received_len = %u, pdu_needed_len = %u, incoming data = %u\n",
583 (unsigned int)p->in_data.pdu_received_len, (unsigned int)p->in_data.pdu_needed_len,
586 if(data_to_copy == 0) {
588 * This is an error - data is being received and there is no
589 * space in the PDU. Free the received data and go into the fault state.
591 DEBUG(0,("process_incoming_data: No space in incoming pdu buffer. Current size = %u \
592 incoming data size = %u\n", (unsigned int)p->in_data.pdu_received_len, (unsigned int)n ));
593 set_incoming_fault(p);
598 * If we have no data already, wait until we get at least a RPC_HEADER_LEN
599 * number of bytes before we can do anything.
602 if((p->in_data.pdu_needed_len == 0) && (p->in_data.pdu_received_len < RPC_HEADER_LEN)) {
604 * Always return here. If we have more data then the RPC_HEADER
605 * will be processed the next time around the loop.
607 return fill_rpc_header(p, data, data_to_copy);
611 * At this point we know we have at least an RPC_HEADER_LEN amount of data
612 * stored in current_in_pdu.
616 * If pdu_needed_len is zero this is a new pdu.
617 * Unmarshall the header so we know how much more
618 * data we need, then loop again.
621 if(p->in_data.pdu_needed_len == 0)
622 return unmarshall_rpc_header(p);
625 * Ok - at this point we have a valid RPC_HEADER in p->hdr.
626 * Keep reading until we have a full pdu.
629 data_to_copy = MIN(data_to_copy, p->in_data.pdu_needed_len);
632 * Copy as much of the data as we need into the current_in_pdu buffer.
635 memcpy( (char *)&p->in_data.current_in_pdu[p->in_data.pdu_received_len], data, data_to_copy);
636 p->in_data.pdu_received_len += data_to_copy;
639 * Do we have a complete PDU ?
642 if(p->in_data.pdu_received_len == p->in_data.pdu_needed_len)
643 return process_complete_pdu(p);
645 DEBUG(10,("process_incoming_data: not a complete PDU yet. pdu_received_len = %u, pdu_needed_len = %u\n",
646 (unsigned int)p->in_data.pdu_received_len, (unsigned int)p->in_data.pdu_needed_len ));
648 return (ssize_t)data_to_copy;
652 /****************************************************************************
653 Accepts incoming data on an rpc pipe.
654 ****************************************************************************/
656 ssize_t write_to_pipe(pipes_struct *p, char *data, size_t n)
658 size_t data_left = n;
660 DEBUG(6,("write_to_pipe: %x", p->pnum));
662 DEBUG(6,(" name: %s open: %s len: %d\n",
663 p->name, BOOLSTR(p->open), (int)n));
665 dump_data(50, data, n);
670 DEBUG(10,("write_to_pipe: data_left = %u\n", (unsigned int)data_left ));
673 * Deal with the redirect to the remote RPC daemon.
677 data_used = write(p->m->fd, data, data_left);
679 data_used = process_incoming_data(p, data, data_left);
681 DEBUG(10,("write_to_pipe: data_used = %d\n", (int)data_used ));
686 data_left -= data_used;
693 /****************************************************************************
694 Gets data from a remote TNG daemon. Gets data from the remote daemon into
695 the outgoing prs_struct.
697 NB. Note to Luke : This code will be broken until Luke implements a length
698 field before reply data...
700 ****************************************************************************/
702 static BOOL read_from_remote(pipes_struct *p)
705 uint32 data_len_left;
707 if(prs_offset(&p->out_data.rdata) == 0) {
712 * Read all the reply data as a stream of pre-created
713 * PDU's from the remote deamon into the rdata struct.
717 * Create the response data buffer.
720 if(!pipe_init_outgoing_data(&p->out_data)) {
721 DEBUG(0,("read_from_remote: failed to create outgoing buffer.\n"));
725 /* Read from remote here. */
726 if((len = read_with_timeout(p->m->fd, prs_data_p(&p->out_data.rdata), 1, 65536, 10000)) < 0) {
727 DEBUG(0,("read_from_remote: failed to read from external daemon.\n"));
728 prs_mem_free(&p->out_data.rdata);
732 /* Set the length we got. */
733 prs_set_offset(&p->out_data.rdata, (uint32)len);
737 * The amount we send is the minimum of the available
738 * space and the amount left to send.
741 data_len_left = prs_offset(&p->out_data.rdata) - p->out_data.data_sent_length;
744 * Ensure there really is data left to send.
748 DEBUG(0,("read_from_remote: no data left to send !\n"));
752 data_len = MIN(data_len_left, MAX_PDU_FRAG_LEN);
754 return False; /* Notfinished... */
757 /****************************************************************************
758 Replies to a request to read data from a pipe.
760 Headers are interspersed with the data at PDU intervals. By the time
761 this function is called, the start of the data could possibly have been
762 read by an SMBtrans (file_offset != 0).
764 Calling create_rpc_reply() here is a hack. The data should already
765 have been prepared into arrays of headers + data stream sections.
766 ****************************************************************************/
768 ssize_t read_from_pipe(pipes_struct *p, char *data, size_t n)
770 uint32 pdu_remaining = 0;
771 ssize_t data_returned = 0;
773 if (!p || !p->open) {
774 DEBUG(0,("read_from_pipe: pipe not open\n"));
778 DEBUG(6,("read_from_pipe: %x", p->pnum));
780 DEBUG(6,(" name: %s len: %u\n", p->name, (unsigned int)n));
783 * We cannot return more than one PDU length per
787 if(n > MAX_PDU_FRAG_LEN) {
788 DEBUG(0,("read_from_pipe: loo large read (%u) requested on pipe %s. We can \
789 only service %d sized reads.\n", (unsigned int)n, p->name, MAX_PDU_FRAG_LEN ));
794 * Determine if there is still data to send in the
795 * pipe PDU buffer. Always send this first. Never
796 * send more than is left in the current PDU. The
797 * client should send a new read request for a new
801 if((pdu_remaining = p->out_data.current_pdu_len - p->out_data.current_pdu_sent) > 0) {
802 data_returned = (ssize_t)MIN(n, pdu_remaining);
804 DEBUG(10,("read_from_pipe: %s: current_pdu_len = %u, current_pdu_sent = %u \
805 returning %d bytes.\n", p->name, (unsigned int)p->out_data.current_pdu_len,
806 (unsigned int)p->out_data.current_pdu_sent, (int)data_returned));
808 memcpy( data, &p->out_data.current_pdu[p->out_data.current_pdu_sent], (size_t)data_returned);
809 p->out_data.current_pdu_sent += (uint32)data_returned;
810 return data_returned;
814 * At this point p->current_pdu_len == p->current_pdu_sent (which
815 * may of course be zero if this is the first return fragment.
818 DEBUG(10,("read_from_pipe: %s: fault_state = %d : data_sent_length \
819 = %u, prs_offset(&p->out_data.rdata) = %u.\n",
820 p->name, (int)p->fault_state, (unsigned int)p->out_data.data_sent_length, (unsigned int)prs_offset(&p->out_data.rdata) ));
822 if(p->out_data.data_sent_length >= prs_offset(&p->out_data.rdata)) {
824 * We have sent all possible data. Return 0.
831 * Remote to the RPC daemon.
833 if(!read_from_remote(p)) {
834 DEBUG(0,("read_from_pipe: %s: read_from_remote failed.\n", p->name ));
841 * We need to create a new PDU from the data left in p->rdata.
842 * Create the header/data/footers. This also sets up the fields
843 * p->current_pdu_len, p->current_pdu_sent, p->data_sent_length
844 * and stores the outgoing PDU in p->current_pdu.
847 if(!create_next_pdu(p)) {
848 DEBUG(0,("read_from_pipe: %s: create_next_pdu failed.\n", p->name));
853 data_returned = MIN(n, p->out_data.current_pdu_len);
855 memcpy( data, p->out_data.current_pdu, (size_t)data_returned);
856 p->out_data.current_pdu_sent += (uint32)data_returned;
857 return data_returned;
860 /****************************************************************************
861 Wait device state on a pipe. Exactly what this is for is unknown...
862 ****************************************************************************/
864 BOOL wait_rpc_pipe_hnd_state(pipes_struct *p, uint16 priority)
870 DEBUG(3,("wait_rpc_pipe_hnd_state: Setting pipe wait state priority=%x on pipe (name=%s)\n",
873 p->priority = priority;
878 DEBUG(3,("wait_rpc_pipe_hnd_state: Error setting pipe wait state priority=%x (name=%s)\n",
884 /****************************************************************************
885 Set device state on a pipe. Exactly what this is for is unknown...
886 ****************************************************************************/
888 BOOL set_rpc_pipe_hnd_state(pipes_struct *p, uint16 device_state)
894 DEBUG(3,("set_rpc_pipe_hnd_state: Setting pipe device state=%x on pipe (name=%s)\n",
895 device_state, p->name));
897 p->device_state = device_state;
902 DEBUG(3,("set_rpc_pipe_hnd_state: Error setting pipe device state=%x (name=%s)\n",
903 device_state, p->name));
908 /****************************************************************************
910 ****************************************************************************/
912 BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn)
915 DEBUG(0,("Invalid pipe in close_rpc_pipe_hnd\n"));
919 prs_mem_free(&p->out_data.rdata);
920 prs_mem_free(&p->in_data.data);
922 bitmap_clear(bmap, p->pnum - pipe_handle_offset);
927 DEBUG(4,("close_rpc_pipe_hnd: closing msrpc redirect: "));
928 if (msrpc_use_del(p->m->pipe_name, &p->m->usr, False, NULL))
931 DEBUG(4,("FAILED\n"));
934 DEBUG(4,("closed pipe name %s pnum=%x (pipes_open=%d)\n",
935 p->name, p->pnum, pipes_open));
937 DLIST_REMOVE(Pipes, p);
946 /****************************************************************************
947 Find an rpc pipe given a pipe handle in a buffer and an offset.
948 ****************************************************************************/
950 pipes_struct *get_rpc_pipe_p(char *buf, int where)
952 int pnum = SVAL(buf,where);
957 return get_rpc_pipe(pnum);
960 /****************************************************************************
961 Find an rpc pipe given a pipe handle.
962 ****************************************************************************/
964 pipes_struct *get_rpc_pipe(int pnum)
968 DEBUG(4,("search for pipe pnum=%x\n", pnum));
970 for (p=Pipes;p;p=p->next)
971 DEBUG(5,("pipe name %s pnum=%x (pipes_open=%d)\n",
972 p->name, p->pnum, pipes_open));
974 for (p=Pipes;p;p=p->next) {
975 if (p->pnum == pnum) {