[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Mon Aug 16 13:34:15 MDT 2010 

The branch, master has been updated
       via  0827e52... s3: Simplify the logic of check_access by an early return
       via  17150df... s3: Lift smbd_server_fd() from read_target_host
      from  1b022d1... s3-waf: Try to fix the idl build.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 0827e52b4e82bf52f723c76a286cf6746054294a
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 14 14:30:07 2010 +0200

    s3: Simplify the logic of check_access by an early return

commit 17150dfa9ae97ef5ac2c2c55a0b31b1fd4a3501d
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Aug 14 12:11:07 2010 +0200

    s3: Lift smbd_server_fd() from read_target_host

-----------------------------------------------------------------------

Summary of changes:
 source3/lib/access.c               |   66 +++++++++++++++++------------------
 source3/modules/vfs_expand_msdfs.c |   13 ++++---
 2 files changed, 40 insertions(+), 39 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/access.c b/source3/lib/access.c
index a7d2262..9808218 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -375,42 +375,40 @@ bool check_access(int sock, const char **allow_list, const char **deny_list)
 {
 	bool ret = false;
 	bool only_ip = false;
+	char addr[INET6_ADDRSTRLEN];
 
-	if ((!deny_list || *deny_list==0) && (!allow_list || *allow_list==0))
-		ret = true;
-
-	if (!ret) {
-		char addr[INET6_ADDRSTRLEN];
-
-		/* Bypass name resolution calls if the lists
-		 * only contain IP addrs */
-		if (only_ipaddrs_in_list(allow_list) &&
-				only_ipaddrs_in_list(deny_list)) {
-			only_ip = true;
-			DEBUG (3, ("check_access: no hostnames "
-				"in host allow/deny list.\n"));
-			ret = allow_access(deny_list,
-					allow_list,
-					"",
-					get_peer_addr(sock,addr,sizeof(addr)));
-		} else {
-			DEBUG (3, ("check_access: hostnames in "
-				"host allow/deny list.\n"));
-			ret = allow_access(deny_list,
-					allow_list,
-					get_peer_name(sock,true),
-					get_peer_addr(sock,addr,sizeof(addr)));
-		}
+	if ((!deny_list || *deny_list==0) && (!allow_list || *allow_list==0)) {
+		return true;
+	}
 
-		if (ret) {
-			DEBUG(2,("Allowed connection from %s (%s)\n",
-				 only_ip ? "" : get_peer_name(sock,true),
-				 get_peer_addr(sock,addr,sizeof(addr))));
-		} else {
-			DEBUG(0,("Denied connection from %s (%s)\n",
-				 only_ip ? "" : get_peer_name(sock,true),
-				 get_peer_addr(sock,addr,sizeof(addr))));
-		}
+	/* Bypass name resolution calls if the lists
+	 * only contain IP addrs */
+	if (only_ipaddrs_in_list(allow_list) &&
+	    only_ipaddrs_in_list(deny_list)) {
+		only_ip = true;
+		DEBUG (3, ("check_access: no hostnames "
+			   "in host allow/deny list.\n"));
+		ret = allow_access(deny_list,
+				   allow_list,
+				   "",
+				   get_peer_addr(sock,addr,sizeof(addr)));
+	} else {
+		DEBUG (3, ("check_access: hostnames in "
+			   "host allow/deny list.\n"));
+		ret = allow_access(deny_list,
+				   allow_list,
+				   get_peer_name(sock,true),
+				   get_peer_addr(sock,addr,sizeof(addr)));
+	}
+
+	if (ret) {
+		DEBUG(2,("Allowed connection from %s (%s)\n",
+			 only_ip ? "" : get_peer_name(sock,true),
+			 get_peer_addr(sock,addr,sizeof(addr))));
+	} else {
+		DEBUG(0,("Denied connection from %s (%s)\n",
+			 only_ip ? "" : get_peer_name(sock,true),
+			 get_peer_addr(sock,addr,sizeof(addr))));
 	}
 
 	return(ret);
diff --git a/source3/modules/vfs_expand_msdfs.c b/source3/modules/vfs_expand_msdfs.c
index 2d9bd4f..9fe9ef4 100644
--- a/source3/modules/vfs_expand_msdfs.c
+++ b/source3/modules/vfs_expand_msdfs.c
@@ -36,7 +36,8 @@
   This is to redirect a DFS client to a host close to it.
 ***********************************************************/
 
-static char *read_target_host(TALLOC_CTX *ctx, const char *mapfile)
+static char *read_target_host(TALLOC_CTX *ctx, const char *mapfile,
+			      const char *clientaddr)
 {
 	XFILE *f;
 	char buf[1024];
@@ -54,7 +55,6 @@ static char *read_target_host(TALLOC_CTX *ctx, const char *mapfile)
 	DEBUG(10, ("Scanning mapfile [%s]\n", mapfile));
 
 	while (x_fgets(buf, sizeof(buf), f) != NULL) {
-		char addr[INET6_ADDRSTRLEN];
 
 		if ((strlen(buf) > 0) && (buf[strlen(buf)-1] == '\n'))
 			buf[strlen(buf)-1] = '\0';
@@ -70,8 +70,7 @@ static char *read_target_host(TALLOC_CTX *ctx, const char *mapfile)
 
 		*space = '\0';
 
-		if (strncmp(client_addr(smbd_server_fd(),addr,sizeof(addr)),
-				buf, strlen(buf)) == 0) {
+		if (strncmp(clientaddr, buf, strlen(buf)) == 0) {
 			found = true;
 			break;
 		}
@@ -114,6 +113,7 @@ static char *expand_msdfs_target(TALLOC_CTX *ctx,
 	int filename_len = 0;
 	char *targethost = NULL;
 	char *new_target = NULL;
+	char addr[INET6_ADDRSTRLEN];
 
 	if (filename_start == NULL) {
 		DEBUG(10, ("No filename start in %s\n", target));
@@ -136,7 +136,10 @@ static char *expand_msdfs_target(TALLOC_CTX *ctx,
 
 	DEBUG(10, ("Expanding from table [%s]\n", mapfilename));
 
-	if ((targethost = read_target_host(ctx, mapfilename)) == NULL) {
+	targethost = read_target_host(
+		ctx, client_addr(smbd_server_fd(), addr, sizeof(addr)),
+		mapfilename);
+	if (targethost == NULL) {
 		DEBUG(1, ("Could not expand target host from file %s\n",
 			  mapfilename));
 		return NULL;


-- 
Samba Shared Repository

More information about the samba-cvs mailing list