From de951249356a3705fc2a3c51575134415ac0ea05 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Wed, 18 Aug 2010 16:50:26 +0200
Subject: s3: Move check_access to cgi.c, its only user

---
 source3/lib/access.c | 81 ----------------------------------------------------
 1 file changed, 81 deletions(-)

(limited to 'source3/lib')

diff --git a/source3/lib/access.c b/source3/lib/access.c
index 00cdd5cd13..1293dc024e 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -336,84 +336,3 @@ bool allow_access(const char **deny_list,
 	SAFE_FREE(nc_caddr);
 	return ret;
 }
-
-/* return true if the char* contains ip addrs only.  Used to avoid
-name lookup calls */
-
-static bool only_ipaddrs_in_list(const char **list)
-{
-	bool only_ip = true;
-
-	if (!list) {
-		return true;
-	}
-
-	for (; *list ; list++) {
-		/* factor out the special strings */
-		if (strequal(*list, "ALL") || strequal(*list, "FAIL") ||
-		    strequal(*list, "EXCEPT")) {
-			continue;
-		}
-
-		if (!is_ipaddress(*list)) {
-			/*
-			 * If we failed, make sure that it was not because
-			 * the token was a network/netmask pair. Only
-			 * network/netmask pairs have a '/' in them.
-			 */
-			if ((strchr_m(*list, '/')) == NULL) {
-				only_ip = false;
-				DEBUG(3,("only_ipaddrs_in_list: list has "
-					"non-ip address (%s)\n",
-					*list));
-				break;
-			}
-		}
-	}
-
-	return only_ip;
-}
-
-/* return true if access should be allowed to a service for a socket */
-bool check_access(int sock, const char **allow_list, const char **deny_list)
-{
-	bool ret = false;
-	bool only_ip = false;
-	char addr[INET6_ADDRSTRLEN];
-
-	if ((!deny_list || *deny_list==0) && (!allow_list || *allow_list==0)) {
-		return true;
-	}
-
-	/* Bypass name resolution calls if the lists
-	 * only contain IP addrs */
-	if (only_ipaddrs_in_list(allow_list) &&
-	    only_ipaddrs_in_list(deny_list)) {
-		only_ip = true;
-		DEBUG (3, ("check_access: no hostnames "
-			   "in host allow/deny list.\n"));
-		ret = allow_access(deny_list,
-				   allow_list,
-				   "",
-				   get_peer_addr(sock,addr,sizeof(addr)));
-	} else {
-		DEBUG (3, ("check_access: hostnames in "
-			   "host allow/deny list.\n"));
-		ret = allow_access(deny_list,
-				   allow_list,
-				   get_peer_name(sock,true),
-				   get_peer_addr(sock,addr,sizeof(addr)));
-	}
-
-	if (ret) {
-		DEBUG(2,("Allowed connection from %s (%s)\n",
-			 only_ip ? "" : get_peer_name(sock,true),
-			 get_peer_addr(sock,addr,sizeof(addr))));
-	} else {
-		DEBUG(0,("Denied connection from %s (%s)\n",
-			 only_ip ? "" : get_peer_name(sock,true),
-			 get_peer_addr(sock,addr,sizeof(addr))));
-	}
-
-	return(ret);
-}
-- 
cgit