# HG changeset patch # User Marcus Granado # Date 1260197395 0 # Node ID 5c560617f65149216ce8666faf01669e0e514318 # Parent 8335acd2219af19c6345d349690679dac2f5953a CA-30393: block extauth-enable if there are duplicate hostnames in the pool Likewise keeps the AD machine account credentials indexed by hostname. If the same hostname is used on two different hosts, Likewise will overwrite the AD machine account credentials of the first host with the AD machine account credentials of the second host, and external authentication will fail for the first host. Signed-off-by: Marcus Granado diff -r 8335acd2219a -r 5c560617f651 ocaml/xapi/xapi_pool.ml --- a/ocaml/xapi/xapi_pool.ml Thu Dec 03 15:33:34 2009 +0000 +++ b/ocaml/xapi/xapi_pool.ml Mon Dec 07 14:49:55 2009 +0000 @@ -1066,6 +1066,20 @@ end with Not_found -> () (* that's expected, no host had external_auth enabled*) ; + (* 1b. assert that there are no duplicate hostnames in the pool *) + if (List.length hosts) + <> + (List.length + (Listext.List.setify + (List.map (fun h->Db.Host.get_hostname ~__context ~self:h) hosts)) + ) + then begin + let errmsg = "At least two hosts in the pool have the same hostname" in + debug "%s" errmsg; + raise (Api_errors.Server_error(Api_errors.pool_auth_enable_failed, + [(Ref.string_of (List.hd hosts));errmsg])) + end + else (* 2. tries to enable the external authentication in each host of the pool *) let host_error_msg = ref ("","","") in let rollback_list =