[Samba] smbsrv_reply_printwrite not returning a response causing the print job to be truncated to 124 bytes

[Mateusz Mikołajczyk]

Hello. I am investigating a weird issue with an old MS Net client for DOS
(v 3.0). I have used wireshark in order to inspect the packets and see the
difference between samba and windows xp server responses. this question is
only about printing capabilities as file sharing works flawlessly.

when the client negotiates protocol it is settled as 2 / Greater than CORE
PROTOCOL and up to LANMAN2.1

the start of print request seems to be OK, the server (in both
implementations) returns a file ID in the response that's labeled as 'Open
Print File Response / 0xC0'. Then the client sends print job (packet id:
0xc1) (124 bytes of it in fact - I suppose that's either due to some buffer
size or a maximum packet length) and that's when the servers differ in
terms of response.

windows xp responds with 0xc1 and the data section contains 3 zero bytes
(0x00, 0x00, 0x00). Wireshark describes this as 'Write Print File
Response'. Samba does not respond at all which makes the client simply
hang. Then, after couple of seconds samba simply puts the print job to cups
which makes the output truncated. By inspecting samba source code for 0xc1
I saw a reference to smbsrv_reply_printwrite. I've read the source code for
that function and I can't understand why it would not return a response at
all. I would understand if it would return an error packet or something but
there's simply no response at all.

here's what I tried so far:

   ntvfs handler = print
   aio read size = 0
   aio write size = 0

   strict sync = yes
   sync always = yes

but somethinig tells me that because at the very beginning of the function
there's a hardcoded NTVFS_ASYNC_STATE_MAY_ASYNC then I am simply out of
luck?


-- 
pozdrawiam serdecznie,
Mateusz Mikołajczyk, a.k.a. toudi