r3563: During a typical logon a modern workstation makes a lot of anonymous session

setups on its way to open a pipe. This gets rid of many round-trips to the
LDAP server during logon by setting up the server_info_guest once and not
asking the LDAP server and nss every time. Make sure that the ldap connection
is reopened in the child. (I did not look at the sql backends.)

Volker
(This used to be commit 3298f6105e6a88c9390cac02245c8f2eee1e5046)

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 9be297818f5121e857755adf0bcebbead355575c..96a229f0dce6702fb2c5302ea6590cae3a41d054 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -884,7 +884,7 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info,
  Make (and fill) a user_info struct for a guest login.
 ***************************************************************************/
 
-NTSTATUS make_server_info_guest(auth_serversupplied_info **server_info)
+static NTSTATUS make_new_server_info_guest(auth_serversupplied_info **server_info)
 {
        NTSTATUS nt_status;
        SAM_ACCOUNT *sampass = NULL;
@@ -919,6 +919,49 @@ NTSTATUS make_server_info_guest(auth_serversupplied_info **server_info)
        return nt_status;
 }
 
+static auth_serversupplied_info *copy_serverinfo(auth_serversupplied_info *src)
+{
+       auth_serversupplied_info *dst;
+
+       if (!NT_STATUS_IS_OK(make_server_info(&dst)))
+               return NULL;
+
+       dst->guest = src->guest;
+       dst->uid = src->uid;
+       dst->gid = src->gid;
+       dst->n_groups = src->n_groups;
+       if (src->n_groups != 0)
+               dst->groups = memdup(src->groups, sizeof(gid_t)*dst->n_groups);
+       else
+               dst->groups = NULL;
+       dst->ptok = dup_nt_token(src->ptok);
+       dst->user_session_key = data_blob(src->user_session_key.data,
+                                         src->user_session_key.length);
+       dst->lm_session_key = data_blob(src->lm_session_key.data,
+                                         src->lm_session_key.length);
+       pdb_copy_sam_account(src->sam_account, &dst->sam_account);
+       dst->pam_handle = NULL;
+       dst->unix_name = smb_xstrdup(src->unix_name);
+
+       return dst;
+}
+
+static auth_serversupplied_info *guest_info = NULL;
+
+BOOL init_guest_info(void)
+{
+       if (guest_info != NULL)
+               return True;
+
+       return NT_STATUS_IS_OK(make_new_server_info_guest(&guest_info));
+}
+
+NTSTATUS make_server_info_guest(auth_serversupplied_info **server_info)
+{
+       *server_info = copy_serverinfo(guest_info);
+       return (*server_info != NULL) ? NT_STATUS_OK : NT_STATUS_NO_MEMORY;
+}
+
 /***************************************************************************
  Purely internal function for make_server_info_info3
  Fill the sam account from getpwnam

diff --git a/source3/include/smbldap.h b/source3/include/smbldap.h
index 58502ec34e759632682dbbed3c4411ba6b668bee..47f336cdb7a7fa42ef8bd47104be29e6de5dd93b 100644 (file)
--- a/source3/include/smbldap.h
+++ b/source3/include/smbldap.h
@@ -139,6 +139,7 @@ BOOL smbldap_get_single_pstring (LDAP * ldap_struct, LDAPMessage * entry,
 
 struct smbldap_state {
        LDAP *ldap_struct;
+       pid_t pid;
        time_t last_ping;
        /* retrive-once info */
        const char *uri;

diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 624ce22d22b84287bc3469491eb1dc29a424ba91..a1f42d92ee01e09ae1d35046dd4516f21fb89975 100644 (file)
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -907,6 +907,7 @@ static int smbldap_open(struct smbldap_state *ldap_state)
 
 
        ldap_state->last_ping = time(NULL);
+       ldap_state->pid = sys_getpid();
        DEBUG(4,("The LDAP server is succesfully connected\n"));
 
        return LDAP_SUCCESS;
@@ -965,6 +966,9 @@ static int another_ldap_try(struct smbldap_state *ldap_state, int *rc,
                got_alarm = False;
                old_handler = CatchSignal(SIGALRM, gotalarm_sig);
                alarm(endtime - now);
+
+               if (ldap_state->pid != sys_getpid())
+                       smbldap_close(ldap_state);
        }
 
        while (1) {

diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 743978919b6d072c010a57e66c44e4c08514a9d7..74ac8fa865fe8194a8f03e67bd0a623b47a3109a 100644 (file)
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -2215,6 +2215,28 @@ uint32 init_buffer_from_sam_v2 (uint8 **buf, const SAM_ACCOUNT *sampass, BOOL si
        return (buflen);
 }
 
+BOOL pdb_copy_sam_account(const SAM_ACCOUNT *src, SAM_ACCOUNT **dst)
+{
+       BOOL result;
+       uint8 *buf;
+       int len;
+
+       if ((*dst == NULL) && (!NT_STATUS_IS_OK(pdb_init_sam(dst))))
+               return False;
+
+       len = init_buffer_from_sam_v2(&buf, src, False);
+
+       if (len == -1)
+               return False;
+
+       result = init_sam_from_buffer_v2(*dst, buf, len);
+       (*dst)->methods = src->methods;
+
+       free(buf);
+
+       return result;
+}
+
 /**********************************************************************
 **********************************************************************/
 

diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index bf1da1a0c87fd7e1102c68c7a67c92660983299c..82da85767bda0e2b8780ebd814f68498bd5d0bf4 100644 (file)
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -780,6 +780,9 @@ void build_options(BOOL screen);
 
        init_structs();
 
+       if (!init_guest_info())
+               return -1;
+
 #ifdef WITH_PROFILE
        if (!profile_setup(False)) {
                DEBUG(0,("ERROR: failed to setup profiling\n"));