diff options
author | Andrew Tridgell <tridge@samba.org> | 1999-12-13 13:27:58 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1999-12-13 13:27:58 +0000 |
commit | 3db52feb1f3b2c07ce0b06ad4a7099fa6efe3fc7 (patch) | |
tree | 866dd15416c3d8554bb207709f433a87ad0c012d /source3/lib/access.c | |
parent | f6276724bafdb6145c0c7b565172d80cb04516ea (diff) | |
download | samba-3db52feb1f3b2c07ce0b06ad4a7099fa6efe3fc7.tar.gz samba-3db52feb1f3b2c07ce0b06ad4a7099fa6efe3fc7.tar.bz2 samba-3db52feb1f3b2c07ce0b06ad4a7099fa6efe3fc7.zip |
first pass at updating head branch to be to be the same as the SAMBA_2_0 branch
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
Diffstat (limited to 'source3/lib/access.c')
-rw-r--r-- | source3/lib/access.c | 38 |
1 files changed, 32 insertions, 6 deletions
diff --git a/source3/lib/access.c b/source3/lib/access.c index 0fa383d84a..01f559750f 100644 --- a/source3/lib/access.c +++ b/source3/lib/access.c @@ -38,12 +38,14 @@ static int masked_match(char *tok, char *slash, char *s) } /* string_match - match string against token */ -static int string_match(char *tok,char *s) +static int string_match(char *tok,char *s, char *invalid_char) { - int tok_len; - int str_len; + size_t tok_len; + size_t str_len; char *cut; + *invalid_char = '\0'; + /* Return True if a token has the magic value "ALL". Return * FAIL if the token is "FAIL". If the token starts with a "." * (domain name), return True if it matches the last fields of @@ -108,6 +110,10 @@ static int string_match(char *tok,char *s) } else if ((cut = strchr(tok, '/')) != 0) { /* netnumber/netmask */ if (isdigit((int)s[0]) && masked_match(tok, cut, s)) return (True); + } else if (strchr(tok, '*') != 0) { + *invalid_char = '*'; + } else if (strchr(tok, '?') != 0) { + *invalid_char = '?'; } return (False); } @@ -118,15 +124,26 @@ static int client_match(char *tok,char *item) { char **client = (char **)item; int match; + char invalid_char = '\0'; /* * Try to match the address first. If that fails, try to match the host * name if available. */ - if ((match = string_match(tok, client[1])) == 0) - if (client[0][0] != 0) - match = string_match(tok, client[0]); + if ((match = string_match(tok, client[1], &invalid_char)) == 0) { + if(invalid_char) + DEBUG(0,("client_match: address match failing due to invalid character '%c' found in \ +token '%s' in an allow/deny hosts line.\n", invalid_char, tok )); + + if (client[0][0] != 0) + match = string_match(tok, client[0], &invalid_char); + + if(invalid_char) + DEBUG(0,("client_match: address match failing due to invalid character '%c' found in \ +token '%s' in an allow/deny hosts line.\n", invalid_char, tok )); + } + return (match); } @@ -184,6 +201,15 @@ BOOL allow_access(char *deny_list,char *allow_list, client[0] = cname; client[1] = caddr; + /* if it is loopback then always allow unless specifically denied */ + if (strcmp(caddr, "127.0.0.1") == 0) { + if (deny_list && + list_match(deny_list,(char *)client,client_match)) { + return False; + } + return True; + } + /* if theres no deny list and no allow list then allow access */ if ((!deny_list || *deny_list == 0) && (!allow_list || *allow_list == 0)) { |