[PATCH CIFS] use CryptoAPI MD4/MD5

Matt Mackall mpm at selenic.com
Wed Oct 1 23:42:19 GMT 2003

On Thu, Oct 02, 2003 at 01:26:50AM +0200, Erlend Aasland wrote:
> On 10/01/03 14:55, Matt Mackall wrote:
> > On Wed, Oct 01, 2003 at 03:30:39PM +0200, Erlend Aasland wrote:
> > >  static int cifs_calculate_signature(const struct smb_hdr * cifs_pdu, const char * key, char * signature)
> > [...]
> > Eek. How often does this get called?
> It is (normally) called twice in SendReceive(). SendReceive() is called
> very often in cifs. After a quick look at cifs, it seems that most of
> these calls are protected with a per connection-lock (correct me if I'm
> wrong). But since two connections can call SendReceive() at the same
> time, we have to protect the tfm with locks. Correct?

Correct. But this lock is going to be a huge bottleneck.

> Would a better solution be to allocate one tfm per connection, thus
> no need to protect the tfm with a dedicated lock, right?

Per connection sounds like a much better answer, assuming you can
guarantee that SendReceive() never gets called simultaneously on the
same connection.

> [Or is converting cifs to the cryptoapi is waste of time? (I hope not :-) ]

No, it's generally a good idea, but the allocation of tfms means that
conversion isn't necessarily straightforward.

Matt Mackall : http://www.selenic.com : of or relating to the moon

More information about the samba-technical mailing list