The branch, master has been updated via 0827e52... s3: Simplify the logic of check_access by an early return via 17150df... s3: Lift smbd_server_fd() from read_target_host from 1b022d1... s3-waf: Try to fix the idl build.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 0827e52b4e82bf52f723c76a286cf6746054294a Author: Volker Lendecke <v...@samba.org> Date: Sat Aug 14 14:30:07 2010 +0200 s3: Simplify the logic of check_access by an early return commit 17150dfa9ae97ef5ac2c2c55a0b31b1fd4a3501d Author: Volker Lendecke <v...@samba.org> Date: Sat Aug 14 12:11:07 2010 +0200 s3: Lift smbd_server_fd() from read_target_host ----------------------------------------------------------------------- Summary of changes: source3/lib/access.c | 66 +++++++++++++++++------------------ source3/modules/vfs_expand_msdfs.c | 13 ++++--- 2 files changed, 40 insertions(+), 39 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/lib/access.c b/source3/lib/access.c index a7d2262..9808218 100644 --- a/source3/lib/access.c +++ b/source3/lib/access.c @@ -375,42 +375,40 @@ bool check_access(int sock, const char **allow_list, const char **deny_list) { bool ret = false; bool only_ip = false; + char addr[INET6_ADDRSTRLEN]; - if ((!deny_list || *deny_list==0) && (!allow_list || *allow_list==0)) - ret = true; - - if (!ret) { - char addr[INET6_ADDRSTRLEN]; - - /* Bypass name resolution calls if the lists - * only contain IP addrs */ - if (only_ipaddrs_in_list(allow_list) && - only_ipaddrs_in_list(deny_list)) { - only_ip = true; - DEBUG (3, ("check_access: no hostnames " - "in host allow/deny list.\n")); - ret = allow_access(deny_list, - allow_list, - "", - get_peer_addr(sock,addr,sizeof(addr))); - } else { - DEBUG (3, ("check_access: hostnames in " - "host allow/deny list.\n")); - ret = allow_access(deny_list, - allow_list, - get_peer_name(sock,true), - get_peer_addr(sock,addr,sizeof(addr))); - } + if ((!deny_list || *deny_list==0) && (!allow_list || *allow_list==0)) { + return true; + } - if (ret) { - DEBUG(2,("Allowed connection from %s (%s)\n", - only_ip ? "" : get_peer_name(sock,true), - get_peer_addr(sock,addr,sizeof(addr)))); - } else { - DEBUG(0,("Denied connection from %s (%s)\n", - only_ip ? "" : get_peer_name(sock,true), - get_peer_addr(sock,addr,sizeof(addr)))); - } + /* Bypass name resolution calls if the lists + * only contain IP addrs */ + if (only_ipaddrs_in_list(allow_list) && + only_ipaddrs_in_list(deny_list)) { + only_ip = true; + DEBUG (3, ("check_access: no hostnames " + "in host allow/deny list.\n")); + ret = allow_access(deny_list, + allow_list, + "", + get_peer_addr(sock,addr,sizeof(addr))); + } else { + DEBUG (3, ("check_access: hostnames in " + "host allow/deny list.\n")); + ret = allow_access(deny_list, + allow_list, + get_peer_name(sock,true), + get_peer_addr(sock,addr,sizeof(addr))); + } + + if (ret) { + DEBUG(2,("Allowed connection from %s (%s)\n", + only_ip ? "" : get_peer_name(sock,true), + get_peer_addr(sock,addr,sizeof(addr)))); + } else { + DEBUG(0,("Denied connection from %s (%s)\n", + only_ip ? "" : get_peer_name(sock,true), + get_peer_addr(sock,addr,sizeof(addr)))); } return(ret); diff --git a/source3/modules/vfs_expand_msdfs.c b/source3/modules/vfs_expand_msdfs.c index 2d9bd4f..9fe9ef4 100644 --- a/source3/modules/vfs_expand_msdfs.c +++ b/source3/modules/vfs_expand_msdfs.c @@ -36,7 +36,8 @@ This is to redirect a DFS client to a host close to it. ***********************************************************/ -static char *read_target_host(TALLOC_CTX *ctx, const char *mapfile) +static char *read_target_host(TALLOC_CTX *ctx, const char *mapfile, + const char *clientaddr) { XFILE *f; char buf[1024]; @@ -54,7 +55,6 @@ static char *read_target_host(TALLOC_CTX *ctx, const char *mapfile) DEBUG(10, ("Scanning mapfile [%s]\n", mapfile)); while (x_fgets(buf, sizeof(buf), f) != NULL) { - char addr[INET6_ADDRSTRLEN]; if ((strlen(buf) > 0) && (buf[strlen(buf)-1] == '\n')) buf[strlen(buf)-1] = '\0'; @@ -70,8 +70,7 @@ static char *read_target_host(TALLOC_CTX *ctx, const char *mapfile) *space = '\0'; - if (strncmp(client_addr(smbd_server_fd(),addr,sizeof(addr)), - buf, strlen(buf)) == 0) { + if (strncmp(clientaddr, buf, strlen(buf)) == 0) { found = true; break; } @@ -114,6 +113,7 @@ static char *expand_msdfs_target(TALLOC_CTX *ctx, int filename_len = 0; char *targethost = NULL; char *new_target = NULL; + char addr[INET6_ADDRSTRLEN]; if (filename_start == NULL) { DEBUG(10, ("No filename start in %s\n", target)); @@ -136,7 +136,10 @@ static char *expand_msdfs_target(TALLOC_CTX *ctx, DEBUG(10, ("Expanding from table [%s]\n", mapfilename)); - if ((targethost = read_target_host(ctx, mapfilename)) == NULL) { + targethost = read_target_host( + ctx, client_addr(smbd_server_fd(), addr, sizeof(addr)), + mapfilename); + if (targethost == NULL) { DEBUG(1, ("Could not expand target host from file %s\n", mapfilename)); return NULL; -- Samba Shared Repository