/* return true if access should be allowed to a service for a socket */ BOOL check_access(int sock, char *allow_list, char *deny_list) { BOOL ret = False; BOOL only_ip = False; char *deny = NULL; char *allow = NULL; DEBUG(10,("check_access: allow = %s, deny = %s\n", allow_list ? allow_list : "NULL", deny_list ? deny_list : "NULL")); if (deny_list) deny = strdup(deny_list); if (allow_list) allow = strdup(allow_list); if ((!deny || *deny==0) && (!allow || *allow==0)) ret = True; if (!ret) { /* bypass gethostbyaddr() calls if the lists only contain IP addrs */ if (only_ipaddrs_in_list(allow) && only_ipaddrs_in_list(deny)) { only_ip = True; DEBUG (3, ("check_access: no hostnames in host allow/deny list.\n")); ret = allow_access(deny,allow, "", get_socket_addr(sock)); } else { DEBUG (3, ("check_access: hostnames in host allow/deny list.\n")); ret = allow_access(deny,allow, get_socket_name(sock), get_socket_addr(sock)); } if (ret) { DEBUG(2,("Allowed connection from %s (%s)\n", only_ip ? "" : get_socket_name(sock), get_socket_addr(sock))); } else { DEBUG(0,("Denied connection from %s (%s)\n", only_ip ? "" : get_socket_name(sock), get_socket_addr(sock))); } } SAFE_FREE(deny); SAFE_FREE(allow); return(ret); }
/* return true if access should be allowed to a service for a socket */ bool check_access(int sock, const char **allow_list, const char **deny_list) { bool ret = false; bool only_ip = false; if ((!deny_list || *deny_list==0) && (!allow_list || *allow_list==0)) ret = true; if (!ret) { char addr[INET6_ADDRSTRLEN]; /* Bypass name resolution calls if the lists * only contain IP addrs */ if (only_ipaddrs_in_list(allow_list) && only_ipaddrs_in_list(deny_list)) { only_ip = true; DEBUG (3, ("check_access: no hostnames " "in host allow/deny list.\n")); ret = allow_access(deny_list, allow_list, "", get_peer_addr(sock,addr,sizeof(addr))); } else { DEBUG (3, ("check_access: hostnames in " "host allow/deny list.\n")); ret = allow_access(deny_list, allow_list, get_peer_name(sock,true), get_peer_addr(sock,addr,sizeof(addr))); } if (ret) { DEBUG(2,("Allowed connection from %s (%s)\n", only_ip ? "" : get_peer_name(sock,true), get_peer_addr(sock,addr,sizeof(addr)))); } else { DEBUG(0,("Denied connection from %s (%s)\n", only_ip ? "" : get_peer_name(sock,true), get_peer_addr(sock,addr,sizeof(addr)))); } } return(ret); }