NFS access checks shouldn't fail if client address can't be resolved
Current logic in in_access_list (http://src.illumos.org/source/xref/illumos-gate/usr/src/cmd/fs.d/nfs/mountd/mountd.c#1720) is strange - we first check if we have an "
@" entry, and then return 0 (not found) if we can't resolve client address - problem is that "
@" entry (not requiring client hostname) may be not the first in access list.. There are two possible solutions:
- do the lookup before processing access list (which is described as "costly", but the current "workaround" isn't correct)
- instead of return'ing just skip to next entry (but in this case we'll do the lookups over and over again)
First one seems less "costly" and matches what we have in libsmb's smb_chk_hostaccess.