| |
|
 |
|
 |
|
|
|
| |
|
|
xen-api
[Xen-API] [PATCH] CA-30393: block extauth-enable if there are duplicate
1 file changed, 14 insertions(+)
ocaml/xapi/xapi_pool.ml | 14 ++++++++++++++
# HG changeset patch
# User Marcus Granado <marcus.granado@xxxxxxxxxx>
# Date 1260197395 0
# Node ID 5c560617f65149216ce8666faf01669e0e514318
# Parent 8335acd2219af19c6345d349690679dac2f5953a
CA-30393: block extauth-enable if there are duplicate hostnames in the pool
Likewise keeps the AD machine account credentials indexed by hostname.
If the same hostname is used on two different hosts, Likewise will overwrite
the AD machine account credentials of the first host with the AD machine
account credentials of the second host, and external authentication will
fail for the first host.
Signed-off-by: Marcus Granado <marcus.granado@xxxxxxxxxxxxx>
diff -r 8335acd2219a -r 5c560617f651 ocaml/xapi/xapi_pool.ml
--- a/ocaml/xapi/xapi_pool.ml Thu Dec 03 15:33:34 2009 +0000
+++ b/ocaml/xapi/xapi_pool.ml Mon Dec 07 14:49:55 2009 +0000
@@ -1066,6 +1066,20 @@
end
with Not_found -> () (* that's expected, no host had external_auth
enabled*)
;
+ (* 1b. assert that there are no duplicate hostnames in the pool *)
+ if (List.length hosts)
+ <>
+ (List.length
+ (Listext.List.setify
+ (List.map (fun h->Db.Host.get_hostname
~__context ~self:h) hosts))
+ )
+ then begin
+ let errmsg = "At least two hosts in the pool have the same
hostname" in
+ debug "%s" errmsg;
+ raise
(Api_errors.Server_error(Api_errors.pool_auth_enable_failed,
+ [(Ref.string_of (List.hd hosts));errmsg]))
+ end
+ else
(* 2. tries to enable the external authentication in each host of the
pool *)
let host_error_msg = ref ("","","") in
let rollback_list =
xen-api.hg.patch
Description: Text Data
_______________________________________________
xen-api mailing list
xen-api@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/mailman/listinfo/xen-api
|
|
|
| |
|
Home