diff --git a/perl-xCAT-2.0/xCAT/Client.pm b/perl-xCAT-2.0/xCAT/Client.pm index 4ec604fd0..db241ed1e 100644 --- a/perl-xCAT-2.0/xCAT/Client.pm +++ b/perl-xCAT-2.0/xCAT/Client.pm @@ -123,14 +123,27 @@ sub submit_request { if ($ENV{XCATHOST}) { $xcathost=$ENV{XCATHOST}; } - my $client = IO::Socket::SSL->new( + my $client; + if (-r $keyfile and -r $certfile and -r $cafile) { + $client = IO::Socket::SSL->new( PeerAddr => $xcathost, SSL_key_file => $keyfile, SSL_cert_file => $certfile, SSL_ca_file => $cafile, SSL_use_cert => 1, ); - die "Connection failure: $@ (SSL Timeout may mean the credentials in ~/.xcat are incorrect)\n" unless ($client); + } else { + $client = IO::Socket::SSL->new( + PeerAddr => $xcathost + ); + } + unless ($client) { + if ($@ =~ /SSL Timeout/) { + die "Connection failure: SSL Timeout or incorrect certificates in ~/.xcat"; + } else { + die "Connection failure: $@" + } + } my $msg=XMLout($request,RootName=>xcatrequest,NoAttr=>1,KeyAttr=>[]); print $client $msg; my $response; diff --git a/xCAT-server-2.0/sbin/xcatd b/xCAT-server-2.0/sbin/xcatd index 2b7a4fa05..c55fc7875 100755 --- a/xCAT-server-2.0/sbin/xcatd +++ b/xCAT-server-2.0/sbin/xcatd @@ -978,10 +978,19 @@ sub validate { next unless ($request->{command}->[0] eq $rule->{commands}); } if ($rule->{parameters} and $rule->{parameters} ne '*') { - next; #TODO: not ignore this field + my $parms; + if ($request->{arg}) { + $parms = join(' ',@{$request->{arg}}); + } else { + $parms = ""; + } + my $patt = $rule->{parameters}; + unless ($parms =~ /$patt/) { + next; + } } if ($rule->{noderange} and $rule->{noderange} ne '*') { - next; #TODO: not ignore this field + #TODO: not ignore this field } # If we are still in, that means this rule is the first match and dictates behavior. if ($rule->{rule}) {