ACL rules don't apply correctly when locator listens on multiple interfaces

[oteffahi]

Describe the bug

When the listener locator matches multiple interfaces, ACL rules can allow traffic which should be denied on a specific interface in certain edge-cases. This is because the current code logic loops on interfaces looking for at least one explicit allow without checking the message's destination interface.

To reproduce

1. Run z_sub example with listener on all interfaces: cargo run --example z_sub -- -c config.json5 -l tcp/0.0.0.0:7447 --no-multicast-scouting with following config file:

{
  access_control: {
    "enabled": true,
    "default_permission": "deny",
    "rules": [
      { // allow outgoing "declare_subscriber" on en0 and lo0
        "actions": [
          "declare_subscriber"
        ],
        "flows":["egress"],
        "permission": "allow",
        "key_exprs": [
          "demo/example/**"
        ],
        "interfaces": [
          "en0", "lo0"
        ]
      },
      { // allow incoming "put" on en0
        "actions": [
          "put"
        ],
        "flows":["ingress"],
        "permission": "allow",
        "key_exprs": [
          "demo/example/**"
        ],
        "interfaces": [
          "en0"
        ]
      },
    ]
  },   
}

2. Run z_pub example with localhost endpoint: cargo run --example z_pub -- -e tcp/127.0.0.1:7447 --no-multicast-scouting

• Expected behavior: Published messages are blocked on lo0 through the default_permission="deny"config
• Current behavior: Published messages reach the subscriber through the lo0 interface.

System info

• MacOS 14
• Apple Silicon M2
• Zenoh release 0.11.0

[oteffahi]

It looks like this issue is linked to #1093, and was fixed by #1123.
At the moment it still applies to UDP: #1126