From ca23572f700a059970e0d0e08ee4feef972f326f Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 12 Oct 2004 05:59:56 +0000 Subject: r2930: added a security context cache to the unixuid module. The module doesn't actually leave us in the requested sec context between requests yet, but it does prevent us from doing the samdb lookup on every packet. This change speeds up the BASE-MANGLE test against Samba4 with 5000 operations from 61 seconds to 16 seconds. For reference, Samba3 takes 27 seconds for the same test (the string and filename handling in Samba4 is much more efficient than Samba3) (This used to be commit da0481ac75a01270897da5aa24dbb2b431928b30) --- source4/ntvfs/unixuid/vfs_unixuid.c | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) (limited to 'source4/ntvfs') diff --git a/source4/ntvfs/unixuid/vfs_unixuid.c b/source4/ntvfs/unixuid/vfs_unixuid.c index ae29fd7bea..846bd66179 100644 --- a/source4/ntvfs/unixuid/vfs_unixuid.c +++ b/source4/ntvfs/unixuid/vfs_unixuid.c @@ -25,6 +25,8 @@ struct unixuid_private { void *samctx; + struct unix_sec_ctx *last_sec_ctx; + struct auth_session_info *last_session_info; }; @@ -279,6 +281,7 @@ static NTSTATUS authinfo_to_unix_security(struct ntvfs_module_context *ntvfs, static NTSTATUS unixuid_setup_security(struct ntvfs_module_context *ntvfs, struct smbsrv_request *req, struct unix_sec_ctx **sec) { + struct unixuid_private *private = ntvfs->private_data; struct auth_serversupplied_info *info = req->session->session_info->server_info; void *ctx = talloc(req, 0); struct unix_sec_ctx *newsec; @@ -289,10 +292,20 @@ static NTSTATUS unixuid_setup_security(struct ntvfs_module_context *ntvfs, return NT_STATUS_NO_MEMORY; } - status = authinfo_to_unix_security(ntvfs, req, info, &newsec); - if (!NT_STATUS_IS_OK(status)) { - talloc_free(ctx); - return status; + if (req->session->session_info == private->last_session_info) { + newsec = private->last_sec_ctx; + } else { + status = authinfo_to_unix_security(ntvfs, req, info, &newsec); + if (!NT_STATUS_IS_OK(status)) { + talloc_free(ctx); + return status; + } + if (private->last_sec_ctx) { + talloc_free(private->last_sec_ctx); + } + private->last_sec_ctx = newsec; + private->last_session_info = req->session->session_info; + talloc_steal(private, newsec); } status = set_unix_security(newsec); @@ -340,6 +353,8 @@ static NTSTATUS unixuid_connect(struct ntvfs_module_context *ntvfs, } ntvfs->private_data = private; + private->last_sec_ctx = NULL; + private->last_session_info = NULL; PASS_THRU_REQ(ntvfs, req, connect, (ntvfs, req, sharename)); @@ -591,10 +606,13 @@ static NTSTATUS unixuid_exit(struct ntvfs_module_context *ntvfs, static NTSTATUS unixuid_logoff(struct ntvfs_module_context *ntvfs, struct smbsrv_request *req) { + struct unixuid_private *private = ntvfs->private_data; NTSTATUS status; PASS_THRU_REQ(ntvfs, req, logoff, (ntvfs, req)); + private->last_session_info = NULL; + return status; } -- cgit