r2930: added a security context cache to the unixuid module. The module

doesn't actually leave us in the requested sec context between
requests yet, but it does prevent us from doing the samdb lookup on
every packet.

This change speeds up the BASE-MANGLE test against Samba4 with 5000
operations from 61 seconds to 16 seconds. For reference, Samba3 takes
27 seconds for the same test (the string and filename handling in
Samba4 is much more efficient than Samba3)
(This used to be commit da0481ac75a01270897da5aa24dbb2b431928b30)

diff --git a/source4/ntvfs/unixuid/vfs_unixuid.c b/source4/ntvfs/unixuid/vfs_unixuid.c
index ae29fd7bea7c30ac99603d8c8deff78c55e930f9..846bd6617913f9085d7371945370871df9f58ee0 100644 (file)
--- a/source4/ntvfs/unixuid/vfs_unixuid.c
+++ b/source4/ntvfs/unixuid/vfs_unixuid.c
@@ -25,6 +25,8 @@
 
 struct unixuid_private {
        void *samctx;
+       struct unix_sec_ctx *last_sec_ctx;
+       struct auth_session_info *last_session_info;
 };
 
 
@@ -279,6 +281,7 @@ static NTSTATUS authinfo_to_unix_security(struct ntvfs_module_context *ntvfs,
 static NTSTATUS unixuid_setup_security(struct ntvfs_module_context *ntvfs,
                                       struct smbsrv_request *req, struct unix_sec_ctx **sec)
 {
+       struct unixuid_private *private = ntvfs->private_data;
        struct auth_serversupplied_info *info = req->session->session_info->server_info;
        void *ctx = talloc(req, 0);
        struct unix_sec_ctx *newsec;
@@ -289,10 +292,20 @@ static NTSTATUS unixuid_setup_security(struct ntvfs_module_context *ntvfs,
                return NT_STATUS_NO_MEMORY;
        }
 
-       status = authinfo_to_unix_security(ntvfs, req, info, &newsec);
-       if (!NT_STATUS_IS_OK(status)) {
-               talloc_free(ctx);
-               return status;
+       if (req->session->session_info == private->last_session_info) {
+               newsec = private->last_sec_ctx;
+       } else {
+               status = authinfo_to_unix_security(ntvfs, req, info, &newsec);
+               if (!NT_STATUS_IS_OK(status)) {
+                       talloc_free(ctx);
+                       return status;
+               }
+               if (private->last_sec_ctx) {
+                       talloc_free(private->last_sec_ctx);
+               }
+               private->last_sec_ctx = newsec;
+               private->last_session_info = req->session->session_info;
+               talloc_steal(private, newsec);
        }
 
        status = set_unix_security(newsec);
@@ -340,6 +353,8 @@ static NTSTATUS unixuid_connect(struct ntvfs_module_context *ntvfs,
        }
 
        ntvfs->private_data = private;
+       private->last_sec_ctx = NULL;
+       private->last_session_info = NULL;
 
        PASS_THRU_REQ(ntvfs, req, connect, (ntvfs, req, sharename));
 
@@ -591,10 +606,13 @@ static NTSTATUS unixuid_exit(struct ntvfs_module_context *ntvfs,
 static NTSTATUS unixuid_logoff(struct ntvfs_module_context *ntvfs,
                              struct smbsrv_request *req)
 {
+       struct unixuid_private *private = ntvfs->private_data;
        NTSTATUS status;
 
        PASS_THRU_REQ(ntvfs, req, logoff, (ntvfs, req));
 
+       private->last_session_info = NULL;
+
        return status;
 }