summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2004-11-05 22:53:35 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:53:09 -0500
commit55fe875a44bd63de766d4fbdb91bcc26be146a21 (patch)
tree0b8eb62dd8490ee22cdc2d36dba7cc9295ad3cd6
parent9c61daf667ca0ac939f4bd724d1c0f708983f82a (diff)
downloadsamba-55fe875a44bd63de766d4fbdb91bcc26be146a21.tar.gz
samba-55fe875a44bd63de766d4fbdb91bcc26be146a21.tar.bz2
samba-55fe875a44bd63de766d4fbdb91bcc26be146a21.zip
r3563: During a typical logon a modern workstation makes a lot of anonymous session
setups on its way to open a pipe. This gets rid of many round-trips to the LDAP server during logon by setting up the server_info_guest once and not asking the LDAP server and nss every time. Make sure that the ldap connection is reopened in the child. (I did not look at the sql backends.) Volker (This used to be commit 3298f6105e6a88c9390cac02245c8f2eee1e5046)
-rw-r--r--source3/auth/auth_util.c45
-rw-r--r--source3/include/smbldap.h1
-rw-r--r--source3/lib/smbldap.c4
-rw-r--r--source3/passdb/passdb.c22
-rw-r--r--source3/smbd/server.c3
5 files changed, 74 insertions, 1 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 9be297818f..96a229f0dc 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -884,7 +884,7 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info,
Make (and fill) a user_info struct for a guest login.
***************************************************************************/
-NTSTATUS make_server_info_guest(auth_serversupplied_info **server_info)
+static NTSTATUS make_new_server_info_guest(auth_serversupplied_info **server_info)
{
NTSTATUS nt_status;
SAM_ACCOUNT *sampass = NULL;
@@ -919,6 +919,49 @@ NTSTATUS make_server_info_guest(auth_serversupplied_info **server_info)
return nt_status;
}
+static auth_serversupplied_info *copy_serverinfo(auth_serversupplied_info *src)
+{
+ auth_serversupplied_info *dst;
+
+ if (!NT_STATUS_IS_OK(make_server_info(&dst)))
+ return NULL;
+
+ dst->guest = src->guest;
+ dst->uid = src->uid;
+ dst->gid = src->gid;
+ dst->n_groups = src->n_groups;
+ if (src->n_groups != 0)
+ dst->groups = memdup(src->groups, sizeof(gid_t)*dst->n_groups);
+ else
+ dst->groups = NULL;
+ dst->ptok = dup_nt_token(src->ptok);
+ dst->user_session_key = data_blob(src->user_session_key.data,
+ src->user_session_key.length);
+ dst->lm_session_key = data_blob(src->lm_session_key.data,
+ src->lm_session_key.length);
+ pdb_copy_sam_account(src->sam_account, &dst->sam_account);
+ dst->pam_handle = NULL;
+ dst->unix_name = smb_xstrdup(src->unix_name);
+
+ return dst;
+}
+
+static auth_serversupplied_info *guest_info = NULL;
+
+BOOL init_guest_info(void)
+{
+ if (guest_info != NULL)
+ return True;
+
+ return NT_STATUS_IS_OK(make_new_server_info_guest(&guest_info));
+}
+
+NTSTATUS make_server_info_guest(auth_serversupplied_info **server_info)
+{
+ *server_info = copy_serverinfo(guest_info);
+ return (*server_info != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY;
+}
+
/***************************************************************************
Purely internal function for make_server_info_info3
Fill the sam account from getpwnam
diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h
index 58502ec34e..47f336cdb7 100644
--- a/source3/include/smbldap.h
+++ b/source3/include/smbldap.h
@@ -139,6 +139,7 @@ BOOL smbldap_get_single_pstring (LDAP * ldap_struct, LDAPMessage * entry,
struct smbldap_state {
LDAP *ldap_struct;
+ pid_t pid;
time_t last_ping;
/* retrive-once info */
const char *uri;
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 624ce22d22..a1f42d92ee 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -907,6 +907,7 @@ static int smbldap_open(struct smbldap_state *ldap_state)
ldap_state->last_ping = time(NULL);
+ ldap_state->pid = sys_getpid();
DEBUG(4,("The LDAP server is succesfully connected\n"));
return LDAP_SUCCESS;
@@ -965,6 +966,9 @@ static int another_ldap_try(struct smbldap_state *ldap_state, int *rc,
got_alarm = False;
old_handler = CatchSignal(SIGALRM, gotalarm_sig);
alarm(endtime - now);
+
+ if (ldap_state->pid != sys_getpid())
+ smbldap_close(ldap_state);
}
while (1) {
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 743978919b..74ac8fa865 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -2215,6 +2215,28 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, const SAM_ACCOUNT *sampass, BOOL si
return (buflen);
}
+BOOL pdb_copy_sam_account(const SAM_ACCOUNT *src, SAM_ACCOUNT **dst)
+{
+ BOOL result;
+ uint8 *buf;
+ int len;
+
+ if ((*dst == NULL) && (!NT_STATUS_IS_OK(pdb_init_sam(dst))))
+ return False;
+
+ len = init_buffer_from_sam_v2(&buf, src, False);
+
+ if (len == -1)
+ return False;
+
+ result = init_sam_from_buffer_v2(*dst, buf, len);
+ (*dst)->methods = src->methods;
+
+ free(buf);
+
+ return result;
+}
+
/**********************************************************************
**********************************************************************/
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index bf1da1a0c8..82da85767b 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -780,6 +780,9 @@ void build_options(BOOL screen);
init_structs();
+ if (!init_guest_info())
+ return -1;
+
#ifdef WITH_PROFILE
if (!profile_setup(False)) {
DEBUG(0,("ERROR: failed to setup profiling\n"));