1 files changed, 26 insertions, 18 deletions

diff --git a/source/smbd/ipc.c b/source/smbd/ipc.c
index 91b221968f2..e1c3e7fe4d3 100644
--- a/source/smbd/ipc.c
+++ b/source/smbd/ipc.c
@@ -1,5 +1,6 @@
 /* 
-   Unix SMB/CIFS implementation.
+   Unix SMB/Netbios implementation.
+   Version 1.9.
    Inter-process communication and named pipe handling
    Copyright (C) Andrew Tridgell 1992-1998
 
@@ -34,6 +35,7 @@ extern fstring local_machine;
 #define NERR_notsupported 50
 
 extern int smb_read_error;
+extern uint32 global_client_caps;
 
 /*******************************************************************
  copies parameters and data, as needed, into the smb buffer
@@ -95,12 +97,20 @@ void send_trans_reply(char *outbuf,
 
 	align = ((this_lparam)%4);
 
+	set_message(outbuf,10,1+align+this_ldata+this_lparam,True);
+
 	if (buffer_too_large) {
-		ERROR_NT(STATUS_BUFFER_OVERFLOW);
+		/* issue a buffer size warning.  on a DCE/RPC pipe, expect an SMBreadX... */
+		if (!(global_client_caps & CAP_STATUS32 )) { 
+			/* Win9x version. */
+			SSVAL(outbuf, smb_err, ERRmoredata);
+			SCVAL(outbuf, smb_rcls, ERRDOS);
+		} else {
+			SIVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
+			SIVAL(outbuf, smb_rcls, NT_STATUS_V(STATUS_BUFFER_OVERFLOW));
+		}
 	}
 
-	set_message(outbuf,10,1+align+this_ldata+this_lparam,True);
-
 	copy_trans_params_and_data(outbuf, align,
 								rparam, tot_param_sent, this_lparam,
 								rdata, tot_data_sent, this_ldata);
@@ -117,7 +127,7 @@ void send_trans_reply(char *outbuf,
 
 	show_msg(outbuf);
 	if (!send_smb(smbd_server_fd(),outbuf))
-		exit_server("send_trans_reply: send_smb failed.");
+		exit_server("send_trans_reply: send_smb failed.\n");
 
 	tot_data_sent = this_ldata;
 	tot_param_sent = this_lparam;
@@ -151,7 +161,7 @@ void send_trans_reply(char *outbuf,
 
 		show_msg(outbuf);
 		if (!send_smb(smbd_server_fd(),outbuf))
-			exit_server("send_trans_reply: send_smb failed.");
+			exit_server("send_trans_reply: send_smb failed.\n");
 
 		tot_data_sent  += this_ldata;
 		tot_param_sent += this_lparam;
@@ -162,9 +172,8 @@ void send_trans_reply(char *outbuf,
  Start the first part of an RPC reply which began with an SMBtrans request.
 ****************************************************************************/
 
-static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p)
+static BOOL api_rpc_trans_reply(char *outbuf, pipes_struct *p)
 {
-	BOOL is_data_outstanding;
 	char *rdata = malloc(p->max_trans_reply);
 	int data_len;
 
@@ -173,13 +182,12 @@ static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p)
 		return False;
 	}
 
-	if((data_len = read_from_pipe( p, rdata, p->max_trans_reply,
-					&is_data_outstanding)) < 0) {
+	if((data_len = read_from_pipe( p, rdata, p->max_trans_reply)) < 0) {
 		SAFE_FREE(rdata);
 		return False;
 	}
 
-	send_trans_reply(outbuf, NULL, 0, rdata, data_len, is_data_outstanding);
+	send_trans_reply(outbuf, NULL, 0, rdata, data_len, p->out_data.current_pdu_len > data_len);
 
 	SAFE_FREE(rdata);
 	return True;
@@ -189,7 +197,7 @@ static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p)
  WaitNamedPipeHandleState 
 ****************************************************************************/
 
-static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len)
+static BOOL api_WNPHS(char *outbuf, pipes_struct *p, char *param, int param_len)
 {
 	uint16 priority;
 
@@ -212,7 +220,7 @@ static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len
  SetNamedPipeHandleState 
 ****************************************************************************/
 
-static BOOL api_SNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len)
+static BOOL api_SNPHS(char *outbuf, pipes_struct *p, char *param, int param_len)
 {
 	uint16 id;
 
@@ -260,7 +268,7 @@ static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf,
 		 	int suwcnt,int tdscnt,int tpscnt,int mdrcnt,int mprcnt)
 {
 	BOOL reply = False;
-	smb_np_struct *p = NULL;
+	pipes_struct *p = NULL;
 	int pnum;
 	int subcommand;
 
@@ -375,10 +383,10 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int
 	START_PROFILE(SMBtrans);
 
 	memset(name, '\0',sizeof(name));
-	srvstr_pull_buf(inbuf, name, smb_buf(inbuf), sizeof(name), STR_TERMINATE);
+	fstrcpy(name,smb_buf(inbuf));
 
 	if (dscnt > tdscnt || pscnt > tpscnt) {
-		exit_server("invalid trans parameters");
+		exit_server("invalid trans parameters\n");
 	}
   
 	if (tdscnt)  {
@@ -417,7 +425,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int
 		outsize = set_message(outbuf,0,0,True);
 		show_msg(outbuf);
 		if (!send_smb(smbd_server_fd(),outbuf))
-			exit_server("reply_trans: send_smb failed.");
+			exit_server("reply_trans: send_smb failed.\n");
 	}
 
 	/* receive the rest of the trans packet */
@@ -458,7 +466,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int
 		dscnt += dcnt;
 		
 		if (dscnt > tdscnt || pscnt > tpscnt) {
-			exit_server("invalid trans parameters");
+			exit_server("invalid trans parameters\n");
 		}
 		
 		if (pcnt)