[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-API] [PATCH] CA-30393: block extauth-enable if there are duplicate hostnames in the pool



1 file changed, 14 insertions(+)
ocaml/xapi/xapi_pool.ml |   14 ++++++++++++++


# HG changeset patch
# User Marcus Granado <marcus.granado@xxxxxxxxxx>
# Date 1260197395 0
# Node ID 5c560617f65149216ce8666faf01669e0e514318
# Parent  8335acd2219af19c6345d349690679dac2f5953a
CA-30393: block extauth-enable if there are duplicate hostnames in the pool

Likewise keeps the AD machine account credentials indexed by hostname.
If the same hostname is used on two different hosts, Likewise will overwrite
the AD machine account credentials of the first host with the AD machine
account credentials of the second host, and external authentication will
fail for the first host.

Signed-off-by: Marcus Granado <marcus.granado@xxxxxxxxxxxxx>

diff -r 8335acd2219a -r 5c560617f651 ocaml/xapi/xapi_pool.ml
--- a/ocaml/xapi/xapi_pool.ml   Thu Dec 03 15:33:34 2009 +0000
+++ b/ocaml/xapi/xapi_pool.ml   Mon Dec 07 14:49:55 2009 +0000
@@ -1066,6 +1066,20 @@
                end
        with Not_found -> () (* that's expected, no host had external_auth 
enabled*)
        ;
+       (* 1b. assert that there are no duplicate hostnames in the pool *)
+       if (List.length hosts)
+               <>
+               (List.length
+                        (Listext.List.setify 
+                                       (List.map (fun h->Db.Host.get_hostname 
~__context ~self:h) hosts))
+               )
+       then begin
+               let errmsg = "At least two hosts in the pool have the same 
hostname" in
+               debug "%s" errmsg;
+               raise 
(Api_errors.Server_error(Api_errors.pool_auth_enable_failed,
+                       [(Ref.string_of (List.hd hosts));errmsg]))
+       end
+       else
        (* 2. tries to enable the external authentication in each host of the 
pool *)
        let host_error_msg = ref ("","","") in
        let rollback_list = 

Attachment: xen-api.hg.patch
Description: Text Data

_______________________________________________
xen-api mailing list
xen-api@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/mailman/listinfo/xen-api

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.