s3: Replace calls to check_access by allow_access

We already have both the name and address of the client stored now

4 files changed, 17 insertions, 10 deletions

diff --git a/source3/lib/access.c b/source3/lib/access.c
index 9808218412..00cdd5cd13 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -328,6 +328,10 @@ bool allow_access(const char **deny_list,
 
 	ret = allow_access_internal(deny_list, allow_list, nc_cname, nc_caddr);
 
+	DEBUG(ret ? 3 : 0,
+	      ("%s connection from %s (%s)\n",
+	       ret ? "Allowed" : "Denied", nc_cname, nc_caddr));
+
 	SAFE_FREE(nc_cname);
 	SAFE_FREE(nc_caddr);
 	return ret;
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 46e47f595f..287c720c59 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -1642,8 +1642,8 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p,
 
 		/* check smb.conf parameters and the the sec_desc */
 
-		if ( !check_access(smbd_server_fd(), lp_hostsallow(snum),
-				   lp_hostsdeny(snum)) ) {
+		if (!allow_access(lp_hostsdeny(snum), lp_hostsallow(snum),
+				  p->client_id->name, p->client_id->addr)) {
 			DEBUG(3, ("access DENIED (hosts allow/deny) for printer open\n"));
 			ZERO_STRUCTP(r->out.handle);
 			return WERR_ACCESS_DENIED;
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index d6acc829cf..126b6b797e 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1554,8 +1554,9 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in
 	/* does this protocol need to be run as guest? */
 	if ((flags & AS_GUEST)
 	    && (!change_to_guest() ||
-		!check_access(sconn->sock, lp_hostsallow(-1),
-			      lp_hostsdeny(-1)))) {
+		!allow_access(lp_hostsdeny(-1), lp_hostsallow(-1),
+			      sconn->client_id.name,
+			      sconn->client_id.addr))) {
 		reply_nterror(req, NT_STATUS_ACCESS_DENIED);
 		return conn;
 	}
@@ -2982,8 +2983,9 @@ void smbd_process(struct smbd_server_connection *sconn)
 	 * the hosts allow list.
 	 */
 
-	if (!check_access(sconn->sock, lp_hostsallow(-1),
-			  lp_hostsdeny(-1))) {
+	if (!allow_access(lp_hostsdeny(-1), lp_hostsallow(-1),
+			  sconn->client_id.name,
+			  sconn->client_id.addr)) {
 		/*
 		 * send a negative session response "not listening on calling
 		 * name"
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index ef74b397c3..d395572856 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -424,11 +424,12 @@ int find_service(fstring service)
  This function modifies dev, ecode.
 ****************************************************************************/
 
-static NTSTATUS share_sanity_checks(int server_sock, int snum, fstring dev)
+static NTSTATUS share_sanity_checks(struct client_address *client_id, int snum,
+				    fstring dev)
 {
 	if (!lp_snum_ok(snum) || 
-	    !check_access(server_sock,
-			  lp_hostsallow(snum), lp_hostsdeny(snum))) {    
+	    !allow_access(lp_hostsdeny(snum), lp_hostsallow(snum),
+			  client_id->name, client_id->addr)) {
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
@@ -658,7 +659,7 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn,
 
 	fstrcpy(dev, pdev);
 
-	*pstatus = share_sanity_checks(sconn->sock, snum, dev);
+	*pstatus = share_sanity_checks(&sconn->client_id, snum, dev);
 	if (NT_STATUS_IS_ERR(*pstatus)) {
 		goto err_root_exit;
 	}