xapi: open firewall for XHAd only if xHAd is actually selected

Previously it was opened if the default stack was selected, but this
could actually be different from XHAd

Signed-off-by: Pau Ruiz Safont <pau.safont@vates.tech>

Author: psafont

ocaml/xapi/xapi_ha.ml

@@ -969,7 +969,9 @@ let redo_log_ha_enabled_at_startup () =
 let update_ha_firewalld_service status =
   (* Only xha needs to enable firewalld service. Other HA cluster stacks don't
      need. *)
-  if Localdb.get Constants.ha_cluster_stack = !Xapi_globs.cluster_stack_default
+  if
+    Localdb.get Constants.ha_cluster_stack
+    = Constants.Ha_cluster_stack.(to_string Xhad)
   then
     let module Fw =
       ( val Firewall.firewall_provider !Xapi_globs.firewall_backend

ocaml/xapi/xapi_host.ml

@@ -3417,9 +3417,12 @@ let update_firewalld_service_status ~__context =
         | Xenha ->
             (* Only xha needs to enable firewalld service. Other HA cluster
                stacks don't need. *)
-            bool_of_string (Localdb.get Constants.ha_armed)
-            && Localdb.get Constants.ha_cluster_stack
-               = !Xapi_globs.cluster_stack_default
+            let is_armed () = bool_of_string (Localdb.get Constants.ha_armed) in
+            let uses_xhad () =
+              Localdb.get Constants.ha_cluster_stack
+              = Constants.Ha_cluster_stack.(to_string Xhad)
+            in
+            is_armed () && uses_xhad ()
       in
       List.iter
         (fun s -> if is_enabled s then enable_firewalld_service s)