From e281c2403cfdc9a012bc93405b2edc86b36c43ef Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 17 Aug 2015 08:56:43 +0200 Subject: [PATCH 1/2] libcli/smb: prefer AES128_CCM Callgrind showed that we use 28,165,720,719 cpu cycles to send a 100MB file to a client using aes-ccm. With aes-gcm this is raises up to 723,094,413,831 cpu cycles. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme (cherry picked from commit 05dbd3b47a728acada971b545df458ae0e082ec5) --- libcli/smb/smbXcli_base.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c index 6c35430..c1e9e58 100644 --- a/libcli/smb/smbXcli_base.c +++ b/libcli/smb/smbXcli_base.c @@ -4598,8 +4598,12 @@ static struct tevent_req *smbXcli_negprot_smb2_subreq(struct smbXcli_negprot_sta } SSVAL(p, 0, 2); /* ChiperCount */ - SSVAL(p, 2, SMB2_ENCRYPTION_AES128_GCM); - SSVAL(p, 4, SMB2_ENCRYPTION_AES128_CCM); + /* + * For now we preferr CCM because our implementation + * is faster than GCM, see bug #11451. + */ + SSVAL(p, 2, SMB2_ENCRYPTION_AES128_CCM); + SSVAL(p, 4, SMB2_ENCRYPTION_AES128_GCM); b = data_blob_const(p, 6); status = smb2_negotiate_context_add(state, &c, -- 1.9.1 From 862e38caad7fbb5362868aa3f1d970f7ad9ebbdf Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 17 Aug 2015 08:56:43 +0200 Subject: [PATCH 2/2] s3:smb2_negprot: prefer AES128_CCM if the client supports it Callgrind showed that we use 28,165,720,719 cpu cycles to send a 100MB file to a client using aes-ccm. With aes-gcm this is raises up to 723,094,413,831 cpu cycles. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11451 Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme (cherry picked from commit bd0ec51cfca2b3baed60d304125079c74815073a) --- source3/smbd/smb2_negprot.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c index 3106ef3..18382a9 100644 --- a/source3/smbd/smb2_negprot.c +++ b/source3/smbd/smb2_negprot.c @@ -421,6 +421,8 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) uint8_t buf[4]; DATA_BLOB b; size_t i; + bool aes_128_ccm_supported = false; + bool aes_128_gcm_supported = false; capabilities &= ~SMB2_CAP_ENCRYPTION; @@ -451,15 +453,23 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) p += 2; if (v == SMB2_ENCRYPTION_AES128_GCM) { - xconn->smb2.server.cipher = v; - break; + aes_128_gcm_supported = true; } if (v == SMB2_ENCRYPTION_AES128_CCM) { - xconn->smb2.server.cipher = v; - break; + aes_128_ccm_supported = true; } } + /* + * For now we preferr CCM because our implementation + * is faster than GCM, see bug #11451. + */ + if (aes_128_ccm_supported) { + xconn->smb2.server.cipher = SMB2_ENCRYPTION_AES128_CCM; + } else if (aes_128_gcm_supported) { + xconn->smb2.server.cipher = SMB2_ENCRYPTION_AES128_GCM; + } + SSVAL(buf, 0, 1); /* ChiperCount */ SSVAL(buf, 2, xconn->smb2.server.cipher); -- 1.9.1