[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libvir] PATCH: 3/10: auth configuration support



On Thu, Nov 29, 2007 at 05:18:06PM +0000, Daniel P. Berrange wrote:
> This patch provides the ability to configure what authentication mechanism
> is used on each socket - UNIX RW, UNIX RO, TCP, and TLS sockets - all can
> have independant settings. By default the UNIX & TLS sockets have no auth,
> and the TCP socket has SASL auth enabled. The /etc/libvirt/libvirtd.conf
> file lets you override these options.
> 
> There is also a new  sasl_allowed_username_list = ["admin"]  config
> param to let you whitelist the users you want to allow.  This supports
> use of wildcards. The username is dependnat on the SASL auth mechanism.
> For DIGEST-MD5 it will be plain usernames, for Kerberos it will be a
> username + realm, eg  admin EXAMPLE COM
> 
> After discussion with Rich, I also remove the tls_allowed_ip_list for
> whitelisting source IP addresses. This was a) not protecting us because
> it was only checked after the TLS handshake - thus allowing trivial DOS
> attack b) much easier to handle via tcp wrappers, or IPtables. c) only
> ever checked for the TLS socket d) IP addresses are easily spoofed.
> 
> If summary, if you're using a real authentication mechanism, this is
> only useful for protecting against DOS attacks & that's better done by
> iptables.

Rebased to take account of Jim's changes, and incorporated fixes to the
config file


diff -r b68f6ec36358 qemud/Makefile.am
--- a/qemud/Makefile.am	Fri Nov 30 14:31:14 2007 -0500
+++ b/qemud/Makefile.am	Fri Nov 30 15:15:26 2007 -0500
@@ -101,14 +101,14 @@ remote.c: remote_dispatch_prototypes.h \
 	  remote_dispatch_localvars.h \
 	  remote_dispatch_proc_switch.h
 
-remote_dispatch_prototypes.h: remote_generate_stubs.pl remote_protocol.x
-	perl -w remote_generate_stubs.pl -i remote_protocol.x > $@
+remote_dispatch_prototypes.h: $(srcdir)/remote_generate_stubs.pl remote_protocol.x
+	perl -w $(srcdir)/remote_generate_stubs.pl -i $(srcdir)/remote_protocol.x > $@
 
-remote_dispatch_localvars.h: remote_generate_stubs.pl remote_protocol.x
-	perl -w remote_generate_stubs.pl -v remote_protocol.x > $@
+remote_dispatch_localvars.h: $(srcdir)/remote_generate_stubs.pl remote_protocol.x
+	perl -w $(srcdir)/remote_generate_stubs.pl -v $(srcdir)/remote_protocol.x > $@
 
-remote_dispatch_proc_switch.h: remote_generate_stubs.pl remote_protocol.x
-	perl -w remote_generate_stubs.pl -w remote_protocol.x > $@
+remote_dispatch_proc_switch.h: $(srcdir)/remote_generate_stubs.pl remote_protocol.x
+	perl -w $(srcdir)/remote_generate_stubs.pl -w $(srcdir)/remote_protocol.x > $@
 
 if LIBVIRT_INIT_SCRIPTS_RED_HAT
 install-init: libvirtd.init
diff -r b68f6ec36358 qemud/internal.h
--- a/qemud/internal.h	Fri Nov 30 14:31:14 2007 -0500
+++ b/qemud/internal.h	Fri Nov 30 15:15:26 2007 -0500
@@ -109,6 +109,7 @@ struct qemud_client {
     const char *saslEncoded;
     unsigned int saslEncodedLength;
     unsigned int saslEncodedOffset;
+    char *saslUsername;
 #endif
 
     unsigned int incomingSerial;
@@ -151,6 +152,9 @@ struct qemud_server {
 #ifdef HAVE_AVAHI
     struct libvirtd_mdns *mdns;
 #endif
+#if HAVE_SASL
+    char **saslUsernameWhitelist;
+#endif
 };
 
 void qemudLog(int priority, const char *fmt, ...)
diff -r b68f6ec36358 qemud/libvirtd.conf
--- a/qemud/libvirtd.conf	Fri Nov 30 14:31:14 2007 -0500
+++ b/qemud/libvirtd.conf	Fri Nov 30 15:15:26 2007 -0500
@@ -2,6 +2,11 @@
 #
 # For further information consult http://libvirt.org/format.html
 
+
+#################################################################
+#
+# Network connectivitiy controls
+#
 
 # Flag listening for secure TLS connections on the public TCP/IP port.
 # NB, must pass the --listen flag to the libvirtd process for this to
@@ -11,28 +16,30 @@
 # using this capability.
 #
 # This is enabled by default, uncomment this to disable it
-# listen_tls = 0
+#listen_tls = 0
 
 # Listen for unencrypted TCP connections on the public TCP/IP port.
 # NB, must pass the --listen flag to the libvirtd process for this to
 # have any effect.
 #
-# NB, this is insecure. Do not use except for development.
+# Using the TCP socket requires SASL authentication by default. Only
+# SASL mechanisms which support data encryption are allowed. This is
+# DIGEST_MD5 and GSSAPI (Kerberos5)
 #
 # This is disabled by default, uncomment this to enable it.
-# listen_tcp = 1
+#listen_tcp = 1
 
 
 
 # Override the port for accepting secure TLS connections
 # This can be a port number, or service name
 #
-# tls_port = "16514"
+#tls_port = "16514"
 
 # Override the port for accepting insecure TCP connections
 # This can be a port number, or service name
-# 
-# tcp_port = "16509"
+#
+#tcp_port = "16509"
 
 
 
@@ -42,39 +49,123 @@
 # stopping the Avahi daemon
 #
 # This is enabled by default, uncomment this to disable it
-# mdns_adv = 0
+#mdns_adv = 0
 
 # Override the default mDNS advertizement name. This must be
 # unique on the immediate broadcast network.
-# 
+#
 # The default is "Virtualization Host HOSTNAME", where HOSTNAME
 # is subsituted for the short hostname of the machine (without domain)
 #
-# mdns_name "Virtualization Host Joe Demo" 
-
-
+#mdns_name = "Virtualization Host Joe Demo"
+
+
+#################################################################
+#
+# UNIX socket access controls
+#
 
 # Set the UNIX domain socket group ownership. This can be used to
 # allow a 'trusted' set of users access to management capabilities
 # without becoming root.
-# 
-# This is restricted to 'root' by default. 
-# unix_sock_group "libvirt"
+#
+# This is restricted to 'root' by default.
+#unix_sock_group = "libvirt"
 
 # Set the UNIX socket permissions for the R/O socket. This is used
 # for monitoring VM status only
 #
 # Default allows any user. If setting group ownership may want to
 # restrict this to:
-# unix_sock_ro_perms "0777"
+#unix_sock_ro_perms = "0777"
 
 # Set the UNIX socket permissions for the R/W socket. This is used
 # for full management of VMs
 #
 # Default allows only root. If setting group ownership may want to
 # relax this to:
-# unix_sock_rw_perms "octal-perms" 	"0770"
-
+#unix_sock_rw_perms = "0770"
+
+
+
+#################################################################
+#
+# Authentication.
+#
+#  - none: do not perform auth checks. If you can connect to the
+#          socket you are allowed. This is suitable if there are
+#          restrictions on connecting to the socket (eg, UNIX
+#          socket permissions), or if there is a lower layer in
+#          the network providing auth (eg, TLS/x509 certificates)
+#
+#  - sasl: use SASL infrastructure. The actual auth scheme is then
+#          controlled from /etc/sasl2/libvirt.conf. For the TCP
+#          socket only GSSAPI & DIGEST-MD5 mechanisms will be used.
+#          For non-TCP or TLS sockets,  any scheme is allowed.
+#
+
+# Set an authentication scheme for UNIX read-only sockets
+# By default socket permissions allow anyone to connect
+#
+# To restrict monitoring of domains you may wish to enable
+# an authentication mechanism here
+#auth_unix_ro = "none"
+
+# Set an authentication scheme for UNIX read-write sockets
+# By default socket permissions only allow root.
+#
+# If the unix_sock_rw_perms are changed you may wish to enable
+# an authentication mechanism here
+#auth_unix_rw = "none"
+
+# Change the authentication scheme for TCP sockets.
+#
+# If you don't enable SASL, then all TCP traffic is cleartext.
+# Don't do this outside of a dev/test scenario. For real world
+# use, always enable SASL and use the GSSAPI or DIGEST-MD5
+# mechanism in /etc/sasl2/libvirt.conf
+#auth_tcp = "sasl"
+
+# Change the authentication scheme for TLS sockets.
+#
+# TLS sockets already have encryption provided by the TLS
+# layer, and limited authentication is done by certificates
+#
+# It is possible to make use of any SASL authentication
+# mechanism as well, by using 'sasl' for this option
+#auth_tls = "none"
+
+
+
+#################################################################
+#
+# TLS x509 certificate configuration
+#
+
+
+# Override the default server key file path
+#
+#key_file = "/etc/pki/libvirt/private/serverkey.pem"
+
+# Override the default server certificate file path
+#
+#cert_file = "/etc/pki/libvirt/servercert.pem"
+
+# Override the default CA certificate path
+#
+#ca_file = "/etc/pki/CA/cacert.pem"
+
+# Specify a certificate revocation list.
+#
+# Defaults to not using a CRL, uncomment to enable it
+#crl_file = "/etc/pki/CA/crl.pem"
+
+
+
+#################################################################
+#
+# Authorization controls
+#
 
 
 # Flag to disable verification of client certificates
@@ -85,36 +176,11 @@
 #
 # Default is to always verify. Uncommenting this will disable
 # verification - make sure an IP whitelist is set
-# tls_no_verify_certificate 1 
-
-# Flag to disable verification of client IP address
-#
-# Client IP address will be verified against the CommonName field
-# of the x509 certificate. This has minimal security benefit since
-# it is easy to spoof source IP.
-#
-# Uncommenting this will disable verification
-# tls_no_verify_address 1
-
-# Override the default server key file path
-#
-# key_file "/etc/pki/libvirt/private/serverkey.pem"
-
-# Override the default server certificate file path
-#
-# cert_file "/etc/pki/libvirt/servercert.pem"
-
-# Override the default CA certificate path
-#
-# ca_file "/etc/pki/CA/cacert.pem"
-
-# Specify a certificate revocation list.
-# 
-# Defaults to not using a CRL, uncomment to enable it
-# crl_file "/etc/pki/CA/crl.pem"
+#tls_no_verify_certificate = 1
+
 
 # A whitelist of allowed x509  Distinguished Names
-# This list may contain wildcards such as 
+# This list may contain wildcards such as
 #
 #    "C=GB,ST=London,L=London,O=Red Hat,CN=*"
 #
@@ -124,18 +190,23 @@
 # entirely rather than using empty list to disable these checks
 #
 # By default, no DN's are checked
-# tls_allowed_dn_list ["DN1", "DN2"]
-
-
-# A whitelist of allowed client IP addresses
-#
-# This list may contain wildcards such as 192.168.* See the POSIX fnmatch 
-# function for the format of the wildcards.
+#tls_allowed_dn_list = ["DN1", "DN2"]
+
+
+# A whitelist of allowed SASL usernames. The format for usernames
+# depends on the SASL authentication mechanism. Kerberos usernames
+# look like username REALM
+#
+# This list may contain wildcards such as
+#
+#    "* EXAMPLE COM"
+#
+# See the POSIX fnmatch function for the format of the wildcards.
 #
 # NB If this is an empty list, no client can connect, so comment out
 # entirely rather than using empty list to disable these checks
 #
-# By default, no IP's are checked. This can be IPv4 or IPv6 addresses
-# tls_allowed_ip_list ["ip1", "ip2", "ip3"]
-
-
+# By default, no Username's are checked
+#sasl_allowed_username_list = ["joe EXAMPLE COM", "fred EXAMPLE COM" ]
+
+
diff -r b68f6ec36358 qemud/qemud.c
--- a/qemud/qemud.c	Fri Nov 30 14:31:14 2007 -0500
+++ b/qemud/qemud.c	Fri Nov 30 15:15:26 2007 -0500
@@ -77,14 +77,21 @@ static int unix_sock_rw_mask = 0700; /* 
 static int unix_sock_rw_mask = 0700; /* Allow user only */
 static int unix_sock_ro_mask = 0777; /* Allow world */
 
+static int auth_unix_rw = REMOTE_AUTH_NONE;
+static int auth_unix_ro = REMOTE_AUTH_NONE;
+#if HAVE_SASL
+static int auth_tcp = REMOTE_AUTH_SASL;
+#else
+static int auth_tcp = REMOTE_AUTH_NONE;
+#endif
+static int auth_tls = REMOTE_AUTH_NONE;
+
 #ifdef HAVE_AVAHI
 static int mdns_adv = 1;
 static char *mdns_name = NULL;
 #endif
 
 static int tls_no_verify_certificate = 0;
-static int tls_no_verify_address = 0;
-static char **tls_allowed_ip_list = NULL;
 static char **tls_allowed_dn_list = NULL;
 
 static char *key_file = (char *) LIBVIRT_SERVERKEY;
@@ -450,7 +457,7 @@ static int qemudWritePidFile(const char 
 }
 
 static int qemudListenUnix(struct qemud_server *server,
-                           const char *path, int readonly) {
+                           const char *path, int readonly, int auth) {
     struct qemud_socket *sock = calloc(1, sizeof(struct qemud_socket));
     struct sockaddr_un addr;
     mode_t oldmask;
@@ -464,6 +471,7 @@ static int qemudListenUnix(struct qemud_
     sock->readonly = readonly;
     sock->port = -1;
     sock->type = QEMUD_SOCK_TYPE_UNIX;
+    sock->auth = auth;
 
     if ((sock->fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
         qemudLog(QEMUD_ERR, "Failed to create socket: %s",
@@ -701,6 +709,27 @@ static int qemudInitPaths(struct qemud_s
 
 static struct qemud_server *qemudInitialize(int sigread) {
     struct qemud_server *server;
+
+    if (!(server = calloc(1, sizeof(struct qemud_server)))) {
+        qemudLog(QEMUD_ERR, "Failed to allocate struct qemud_server");
+        return NULL;
+    }
+
+    server->sigread = sigread;
+
+    __virEventRegisterImpl(virEventAddHandleImpl,
+                           virEventUpdateHandleImpl,
+                           virEventRemoveHandleImpl,
+                           virEventAddTimeoutImpl,
+                           virEventUpdateTimeoutImpl,
+                           virEventRemoveTimeoutImpl);
+
+    virStateInitialize();
+
+    return server;
+}
+
+static struct qemud_server *qemudNetworkInit(struct qemud_server *server) {
     struct qemud_socket *sock;
     char sockname[PATH_MAX];
     char roSockname[PATH_MAX];
@@ -708,56 +737,39 @@ static struct qemud_server *qemudInitial
     int err;
 #endif /* HAVE_SASL */
 
-    if (!(server = calloc(1, sizeof(struct qemud_server)))) {
-        qemudLog(QEMUD_ERR, "Failed to allocate struct qemud_server");
-        return NULL;
-    }
-
-    /* We don't have a dom-0, so start from 1 */
-    server->sigread = sigread;
-
     roSockname[0] = '\0';
 
     if (qemudInitPaths(server, sockname, roSockname, PATH_MAX) < 0)
         goto cleanup;
 
-    if (qemudListenUnix(server, sockname, 0) < 0)
+    if (qemudListenUnix(server, sockname, 0, auth_unix_rw) < 0)
         goto cleanup;
 
-    if (roSockname[0] != '\0' && qemudListenUnix(server, roSockname, 1) < 0)
+    if (roSockname[0] != '\0' && qemudListenUnix(server, roSockname, 1, auth_unix_ro) < 0)
         goto cleanup;
 
-    __virEventRegisterImpl(virEventAddHandleImpl,
-                           virEventUpdateHandleImpl,
-                           virEventRemoveHandleImpl,
-                           virEventAddTimeoutImpl,
-                           virEventUpdateTimeoutImpl,
-                           virEventRemoveTimeoutImpl);
-
-    virStateInitialize();
-
 #if HAVE_SASL
-    if ((err = sasl_server_init(NULL, "libvirt")) != SASL_OK) {
-        qemudLog(QEMUD_ERR, "Failed to initialize SASL authentication %s",
-                 sasl_errstring(err, NULL, NULL));
-        goto cleanup;
+    if (auth_unix_rw == REMOTE_AUTH_SASL ||
+        auth_unix_ro == REMOTE_AUTH_SASL ||
+        auth_tcp == REMOTE_AUTH_SASL ||
+        auth_tls == REMOTE_AUTH_SASL) {
+        if ((err = sasl_server_init(NULL, "libvirt")) != SASL_OK) {
+            qemudLog(QEMUD_ERR, "Failed to initialize SASL authentication %s",
+                     sasl_errstring(err, NULL, NULL));
+            goto cleanup;
+        }
     }
 #endif
 
     if (ipsock) {
-#if HAVE_SASL
-        if (listen_tcp && remoteListenTCP (server, tcp_port, QEMUD_SOCK_TYPE_TCP, REMOTE_AUTH_SASL) < 0)
+        if (listen_tcp && remoteListenTCP (server, tcp_port, QEMUD_SOCK_TYPE_TCP, auth_tcp) < 0)
             goto cleanup;
-#else
-        if (listen_tcp && remoteListenTCP (server, tcp_port, QEMUD_SOCK_TYPE_TCP, REMOTE_AUTH_NONE) < 0)
-            goto cleanup;
-#endif
 
         if (listen_tls) {
             if (remoteInitializeGnuTLS () < 0)
                 goto cleanup;
 
-            if (remoteListenTCP (server, tls_port, QEMUD_SOCK_TYPE_TLS, REMOTE_AUTH_NONE) < 0)
+            if (remoteListenTCP (server, tls_port, QEMUD_SOCK_TYPE_TLS, auth_tls) < 0)
                 goto cleanup;
         }
     }
@@ -977,53 +989,11 @@ static int
 static int
 remoteCheckAccess (struct qemud_client *client)
 {
-    char addr[NI_MAXHOST];
-    char **wildcards;
-    int found, err;
-
     /* Verify client certificate. */
     if (remoteCheckCertificate (client->tlssession) == -1) {
         qemudLog (QEMUD_ERR, "remoteCheckCertificate: failed to verify client's certificate");
         if (!tls_no_verify_certificate) return -1;
         else qemudLog (QEMUD_INFO, "remoteCheckCertificate: tls_no_verify_certificate is set so the bad certificate is ignored");
-    }
-
-    /*----- IP address check, similar to tcp wrappers -----*/
-
-    /* Convert IP address to printable string (eg. "127.0.0.1" or "::1"). */
-    err = getnameinfo ((struct sockaddr *) &client->addr, client->addrlen,
-                       addr, sizeof addr, NULL, 0,
-                       NI_NUMERICHOST);
-    if (err != 0) {
-        qemudLog (QEMUD_ERR, "getnameinfo: %s", gai_strerror (err));
-        return -1;
-    }
-
-    /* Verify the client is on the list of allowed clients.
-     *
-     * NB: No tls_allowed_ip_list in config file means anyone can access.
-     * If tls_allowed_ip_list is in the config file but empty, means no
-     * one can access (not particularly useful, but it's what the sysadmin
-     * would expect).
-     */
-    wildcards = tls_allowed_ip_list;
-    if (wildcards) {
-        found = 0;
-
-        while (*wildcards) {
-            if (fnmatch (*wildcards, addr, 0) == 0) {
-                found = 1;
-                break;
-            }
-            wildcards++;
-        }
-    } else
-        found = 1;
-
-    if (!found) {
-        qemudLog (QEMUD_ERR, "remoteCheckAccess: client's IP address (%s) is not on the list of allowed clients (tls_allowed_ip_list)", addr);
-        if (!tls_no_verify_address) return -1;
-        else qemudLog (QEMUD_INFO, "remoteCheckAccess: tls_no_verify_address is set so the client's IP address is ignored");
     }
 
     /* Checks have succeeded.  Write a '\1' byte back to the client to
@@ -1150,6 +1120,7 @@ static void qemudDispatchClientFailure(s
 
 #if HAVE_SASL
     if (client->saslconn) sasl_dispose(&client->saslconn);
+    if (client->saslUsername) free(client->saslUsername);
 #endif
     if (client->tlssession) gnutls_deinit (client->tlssession);
     close(client->fd);
@@ -1651,6 +1622,14 @@ static void qemudCleanup(struct qemud_se
         sock = next;
     }
 
+    if (server->saslUsernameWhitelist) {
+        char **list = server->saslUsernameWhitelist;
+        while (*list) {
+            if (*list)
+                free(*list);
+            list++;
+        }
+    }
 
     virStateCleanup();
 
@@ -1782,11 +1761,41 @@ checkType (virConfValuePtr p, const char
         }                                                               \
     } while (0)
 
+
+static int remoteConfigGetAuth(virConfPtr conf, const char *key, int *auth, const char *filename) {
+    virConfValuePtr p;
+
+    p = virConfGetValue (conf, key);
+    if (!p)
+        return 0;
+
+    if (p->type != VIR_CONF_STRING) {
+        qemudLog (QEMUD_ERR, "remoteReadConfigFile: %s: %s: should be a string\n", filename, key);
+        return -1;
+    }
+
+    if (!p->str)
+        return 0;
+
+    if (STREQ(p->str, "none")) {
+        *auth = REMOTE_AUTH_NONE;
+#if HAVE_SASL
+    } else if (STREQ(p->str, "sasl")) {
+        *auth = REMOTE_AUTH_SASL;
+#endif
+    } else {
+        qemudLog (QEMUD_ERR, "remoteReadConfigFile: %s: %s: unsupported auth %s\n", filename, key, p->str);
+        return -1;
+    }
+
+    return 0;
+}
+
 /* Read the config file if it exists.
  * Only used in the remote case, hence the name.
  */
 static int
-remoteReadConfigFile (const char *filename)
+remoteReadConfigFile (struct qemud_server *server, const char *filename)
 {
     virConfPtr conf;
 
@@ -1806,6 +1815,15 @@ remoteReadConfigFile (const char *filena
 
     GET_CONF_STR (conf, filename, tls_port);
     GET_CONF_STR (conf, filename, tcp_port);
+
+    if (remoteConfigGetAuth(conf, "auth_unix_rw", &auth_unix_rw, filename) < 0)
+        return -1;
+    if (remoteConfigGetAuth(conf, "auth_unix_ro", &auth_unix_ro, filename) < 0)
+        return -1;
+    if (remoteConfigGetAuth(conf, "auth_tcp", &auth_tcp, filename) < 0)
+        return -1;
+    if (remoteConfigGetAuth(conf, "auth_tls", &auth_tls, filename) < 0)
+        return -1;
 
     GET_CONF_STR (conf, filename, unix_sock_group);
     if (unix_sock_group) {
@@ -1852,7 +1870,6 @@ remoteReadConfigFile (const char *filena
 #endif
 
     GET_CONF_INT (conf, filename, tls_no_verify_certificate);
-    GET_CONF_INT (conf, filename, tls_no_verify_address);
 
     GET_CONF_STR (conf, filename, key_file);
     GET_CONF_STR (conf, filename, cert_file);
@@ -1863,8 +1880,8 @@ remoteReadConfigFile (const char *filena
                                    &tls_allowed_dn_list, filename) < 0)
         goto free_and_fail;
 
-    if (remoteConfigGetStringList (conf, "tls_allowed_ip_list",
-                                   &tls_allowed_ip_list, filename) < 0)
+    if (remoteConfigGetStringList (conf, "sasl_allowed_username_list",
+                                   &server->saslUsernameWhitelist, filename) < 0)
         goto free_and_fail;
 
     virConfFree (conf);
@@ -1890,14 +1907,6 @@ remoteReadConfigFile (const char *filena
             free (tls_allowed_dn_list[i]);
         free (tls_allowed_dn_list);
         tls_allowed_dn_list = NULL;
-    }
-
-    if (tls_allowed_ip_list) {
-        int i;
-        for (i = 0; tls_allowed_ip_list[i]; i++)
-            free (tls_allowed_ip_list[i]);
-        free (tls_allowed_ip_list);
-        tls_allowed_ip_list = NULL;
     }
 
     return -1;
@@ -2020,13 +2029,6 @@ int main(int argc, char **argv) {
         }
     }
 
-    /* Read the config file (if it exists). */
-    if (remoteReadConfigFile (remote_config_file) < 0)
-        goto error1;
-
-    if (godaemon)
-        openlog("libvirtd", 0, 0);
-
     if (pipe(sigpipe) < 0 ||
         qemudSetNonBlock(sigpipe[0]) < 0 ||
         qemudSetNonBlock(sigpipe[1]) < 0) {
@@ -2034,8 +2036,38 @@ int main(int argc, char **argv) {
                  strerror(errno));
         goto error1;
     }
-
     sigwrite = sigpipe[1];
+
+    if (!(server = qemudInitialize(sigpipe[0]))) {
+        ret = 2;
+        goto error1;
+    }
+
+    /* Read the config file (if it exists). */
+    if (remoteReadConfigFile (server, remote_config_file) < 0)
+        goto error1;
+
+    if (godaemon) {
+        int pid;
+        openlog("libvirtd", 0, 0);
+        pid = qemudGoDaemon();
+        if (pid < 0) {
+            qemudLog(QEMUD_ERR, "Failed to fork as daemon: %s",
+                     strerror(errno));
+            goto error1;
+        }
+        if (pid > 0)
+            goto out;
+
+        /* Choose the name of the PID file. */
+        if (!pid_file) {
+            if (REMOTE_PID_FILE[0] != '\0')
+                pid_file = REMOTE_PID_FILE;
+        }
+
+        if (pid_file && qemudWritePidFile (pid_file) < 0)
+            goto error1;
+    }
 
     sig_action.sa_handler = sig_handler;
     sig_action.sa_flags = 0;
@@ -2049,31 +2081,6 @@ int main(int argc, char **argv) {
 
     sig_action.sa_handler = SIG_IGN;
     sigaction(SIGPIPE, &sig_action, NULL);
-
-    if (godaemon) {
-        int pid = qemudGoDaemon();
-        if (pid < 0) {
-            qemudLog(QEMUD_ERR, "Failed to fork as daemon: %s",
-                     strerror(errno));
-            goto error1;
-        }
-        if (pid > 0)
-            goto out;
-
-        /* Choose the name of the PID file. */
-        if (!pid_file) {
-            if (REMOTE_PID_FILE[0] != '\0')
-                pid_file = REMOTE_PID_FILE;
-        }
-
-        if (pid_file && qemudWritePidFile (pid_file) < 0)
-            goto error1;
-    }
-
-    if (!(server = qemudInitialize(sigpipe[0]))) {
-        ret = 2;
-        goto error2;
-    }
 
     if (virEventAddHandleImpl(sigpipe[0],
                               POLLIN,
@@ -2081,6 +2088,11 @@ int main(int argc, char **argv) {
                               server) < 0) {
         qemudLog(QEMUD_ERR, "Failed to register callback for signal pipe");
         ret = 3;
+        goto error2;
+    }
+
+    if (!(server = qemudNetworkInit(server))) {
+        ret = 2;
         goto error2;
     }
 
diff -r b68f6ec36358 qemud/remote.c
--- a/qemud/remote.c	Fri Nov 30 14:31:14 2007 -0500
+++ b/qemud/remote.c	Fri Nov 30 15:15:26 2007 -0500
@@ -44,6 +44,7 @@
 #include <getopt.h>
 #include <ctype.h>
 #include <assert.h>
+#include <fnmatch.h>
 
 #include <libvirt/virterror.h>
 
@@ -65,14 +66,18 @@ static void make_nonnull_network (remote
 
 #include "remote_dispatch_prototypes.h"
 
-typedef int (*dispatch_fn) (struct qemud_client *client, remote_message_header *req, char *args, char *ret);
+typedef int (*dispatch_fn) (struct qemud_server *server,
+                            struct qemud_client *client,
+                            remote_message_header *req,
+                            char *args,
+                            char *ret);
 
 /* This function gets called from qemud when it detects an incoming
  * remote protocol message.  At this point, client->buffer contains
  * the full call message (including length word which we skip).
  */
 void
-remoteDispatchClientRequest (struct qemud_server *server ATTRIBUTE_UNUSED,
+remoteDispatchClientRequest (struct qemud_server *server,
                              struct qemud_client *client)
 {
     XDR xdr;
@@ -158,7 +163,7 @@ remoteDispatchClientRequest (struct qemu
     xdr_destroy (&xdr);
 
     /* Call function. */
-    rv = fn (client, &req, args, ret);
+    rv = fn (server, client, &req, args, ret);
     xdr_free (args_filter, args);
 
     /* Dispatch function must return -2, -1 or 0.  Anything else is
@@ -398,7 +403,8 @@ remoteDispatchError (struct qemud_client
 /*----- Functions. -----*/
 
 static int
-remoteDispatchOpen (struct qemud_client *client, remote_message_header *req,
+remoteDispatchOpen (struct qemud_server *server ATTRIBUTE_UNUSED,
+                    struct qemud_client *client, remote_message_header *req,
                     struct remote_open_args *args, void *ret ATTRIBUTE_UNUSED)
 {
     const char *name;
@@ -437,7 +443,8 @@ remoteDispatchOpen (struct qemud_client 
     }
 
 static int
-remoteDispatchClose (struct qemud_client *client, remote_message_header *req,
+remoteDispatchClose (struct qemud_server *server ATTRIBUTE_UNUSED,
+                     struct qemud_client *client, remote_message_header *req,
                      void *args ATTRIBUTE_UNUSED, void *ret ATTRIBUTE_UNUSED)
 {
     int rv;
@@ -450,7 +457,8 @@ remoteDispatchClose (struct qemud_client
 }
 
 static int
-remoteDispatchSupportsFeature (struct qemud_client *client, remote_message_header *req,
+remoteDispatchSupportsFeature (struct qemud_server *server ATTRIBUTE_UNUSED,
+                               struct qemud_client *client, remote_message_header *req,
                                remote_supports_feature_args *args, remote_supports_feature_ret *ret)
 {
     CHECK_CONN(client);
@@ -462,7 +470,8 @@ remoteDispatchSupportsFeature (struct qe
 }
 
 static int
-remoteDispatchGetType (struct qemud_client *client, remote_message_header *req,
+remoteDispatchGetType (struct qemud_server *server ATTRIBUTE_UNUSED,
+                       struct qemud_client *client, remote_message_header *req,
                        void *args ATTRIBUTE_UNUSED, remote_get_type_ret *ret)
 {
     const char *type;
@@ -484,7 +493,8 @@ remoteDispatchGetType (struct qemud_clie
 }
 
 static int
-remoteDispatchGetVersion (struct qemud_client *client,
+remoteDispatchGetVersion (struct qemud_server *server ATTRIBUTE_UNUSED,
+                          struct qemud_client *client,
                           remote_message_header *req,
                           void *args ATTRIBUTE_UNUSED,
                           remote_get_version_ret *ret)
@@ -500,7 +510,8 @@ remoteDispatchGetVersion (struct qemud_c
 }
 
 static int
-remoteDispatchGetHostname (struct qemud_client *client,
+remoteDispatchGetHostname (struct qemud_server *server ATTRIBUTE_UNUSED,
+                           struct qemud_client *client,
                            remote_message_header *req,
                            void *args ATTRIBUTE_UNUSED,
                            remote_get_hostname_ret *ret)
@@ -516,7 +527,8 @@ remoteDispatchGetHostname (struct qemud_
 }
 
 static int
-remoteDispatchGetMaxVcpus (struct qemud_client *client,
+remoteDispatchGetMaxVcpus (struct qemud_server *server ATTRIBUTE_UNUSED,
+                           struct qemud_client *client,
                            remote_message_header *req,
                            remote_get_max_vcpus_args *args,
                            remote_get_max_vcpus_ret *ret)
@@ -532,7 +544,8 @@ remoteDispatchGetMaxVcpus (struct qemud_
 }
 
 static int
-remoteDispatchNodeGetInfo (struct qemud_client *client,
+remoteDispatchNodeGetInfo (struct qemud_server *server ATTRIBUTE_UNUSED,
+                           struct qemud_client *client,
                            remote_message_header *req,
                            void *args ATTRIBUTE_UNUSED,
                            remote_node_get_info_ret *ret)
@@ -556,7 +569,8 @@ remoteDispatchNodeGetInfo (struct qemud_
 }
 
 static int
-remoteDispatchGetCapabilities (struct qemud_client *client,
+remoteDispatchGetCapabilities (struct qemud_server *server ATTRIBUTE_UNUSED,
+                               struct qemud_client *client,
                                remote_message_header *req,
                                void *args ATTRIBUTE_UNUSED,
                                remote_get_capabilities_ret *ret)
@@ -572,7 +586,8 @@ remoteDispatchGetCapabilities (struct qe
 }
 
 static int
-remoteDispatchDomainGetSchedulerType (struct qemud_client *client,
+remoteDispatchDomainGetSchedulerType (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                      struct qemud_client *client,
                                       remote_message_header *req,
                                       remote_domain_get_scheduler_type_args *args,
                                       remote_domain_get_scheduler_type_ret *ret)
@@ -601,7 +616,8 @@ remoteDispatchDomainGetSchedulerType (st
 }
 
 static int
-remoteDispatchDomainGetSchedulerParameters (struct qemud_client *client,
+remoteDispatchDomainGetSchedulerParameters (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                            struct qemud_client *client,
                                             remote_message_header *req,
                                             remote_domain_get_scheduler_parameters_args *args,
                                             remote_domain_get_scheduler_parameters_ret *ret)
@@ -687,7 +703,8 @@ remoteDispatchDomainGetSchedulerParamete
 }
 
 static int
-remoteDispatchDomainSetSchedulerParameters (struct qemud_client *client,
+remoteDispatchDomainSetSchedulerParameters (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                            struct qemud_client *client,
                                             remote_message_header *req,
                                             remote_domain_set_scheduler_parameters_args *args,
                                             void *ret ATTRIBUTE_UNUSED)
@@ -747,7 +764,8 @@ remoteDispatchDomainSetSchedulerParamete
 }
 
 static int
-remoteDispatchDomainBlockStats (struct qemud_client *client,
+remoteDispatchDomainBlockStats (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                struct qemud_client *client,
                                 remote_message_header *req,
                                 remote_domain_block_stats_args *args,
                                 remote_domain_block_stats_ret *ret)
@@ -777,7 +795,8 @@ remoteDispatchDomainBlockStats (struct q
 }
 
 static int
-remoteDispatchDomainInterfaceStats (struct qemud_client *client,
+remoteDispatchDomainInterfaceStats (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                    struct qemud_client *client,
                                     remote_message_header *req,
                                     remote_domain_interface_stats_args *args,
                                     remote_domain_interface_stats_ret *ret)
@@ -810,7 +829,8 @@ remoteDispatchDomainInterfaceStats (stru
 }
 
 static int
-remoteDispatchDomainAttachDevice (struct qemud_client *client,
+remoteDispatchDomainAttachDevice (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_domain_attach_device_args *args,
                                   void *ret ATTRIBUTE_UNUSED)
@@ -833,7 +853,8 @@ remoteDispatchDomainAttachDevice (struct
 }
 
 static int
-remoteDispatchDomainCreate (struct qemud_client *client,
+remoteDispatchDomainCreate (struct qemud_server *server ATTRIBUTE_UNUSED,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             remote_domain_create_args *args,
                             void *ret ATTRIBUTE_UNUSED)
@@ -856,7 +877,8 @@ remoteDispatchDomainCreate (struct qemud
 }
 
 static int
-remoteDispatchDomainCreateLinux (struct qemud_client *client,
+remoteDispatchDomainCreateLinux (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                 struct qemud_client *client,
                                  remote_message_header *req,
                                  remote_domain_create_linux_args *args,
                                  remote_domain_create_linux_ret *ret)
@@ -874,7 +896,8 @@ remoteDispatchDomainCreateLinux (struct 
 }
 
 static int
-remoteDispatchDomainDefineXml (struct qemud_client *client,
+remoteDispatchDomainDefineXml (struct qemud_server *server ATTRIBUTE_UNUSED,
+                               struct qemud_client *client,
                                remote_message_header *req,
                                remote_domain_define_xml_args *args,
                                remote_domain_define_xml_ret *ret)
@@ -892,7 +915,8 @@ remoteDispatchDomainDefineXml (struct qe
 }
 
 static int
-remoteDispatchDomainDestroy (struct qemud_client *client,
+remoteDispatchDomainDestroy (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_domain_destroy_args *args,
                              void *ret ATTRIBUTE_UNUSED)
@@ -913,7 +937,8 @@ remoteDispatchDomainDestroy (struct qemu
 }
 
 static int
-remoteDispatchDomainDetachDevice (struct qemud_client *client,
+remoteDispatchDomainDetachDevice (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_domain_detach_device_args *args,
                                   void *ret ATTRIBUTE_UNUSED)
@@ -937,7 +962,8 @@ remoteDispatchDomainDetachDevice (struct
 }
 
 static int
-remoteDispatchDomainDumpXml (struct qemud_client *client,
+remoteDispatchDomainDumpXml (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_domain_dump_xml_args *args,
                              remote_domain_dump_xml_ret *ret)
@@ -962,7 +988,8 @@ remoteDispatchDomainDumpXml (struct qemu
 }
 
 static int
-remoteDispatchDomainGetAutostart (struct qemud_client *client,
+remoteDispatchDomainGetAutostart (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_domain_get_autostart_args *args,
                                   remote_domain_get_autostart_ret *ret)
@@ -985,7 +1012,8 @@ remoteDispatchDomainGetAutostart (struct
 }
 
 static int
-remoteDispatchDomainGetInfo (struct qemud_client *client,
+remoteDispatchDomainGetInfo (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_domain_get_info_args *args,
                              remote_domain_get_info_ret *ret)
@@ -1017,7 +1045,8 @@ remoteDispatchDomainGetInfo (struct qemu
 }
 
 static int
-remoteDispatchDomainGetMaxMemory (struct qemud_client *client,
+remoteDispatchDomainGetMaxMemory (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_domain_get_max_memory_args *args,
                                   remote_domain_get_max_memory_ret *ret)
@@ -1041,7 +1070,8 @@ remoteDispatchDomainGetMaxMemory (struct
 }
 
 static int
-remoteDispatchDomainGetMaxVcpus (struct qemud_client *client,
+remoteDispatchDomainGetMaxVcpus (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                 struct qemud_client *client,
                                  remote_message_header *req,
                                  remote_domain_get_max_vcpus_args *args,
                                  remote_domain_get_max_vcpus_ret *ret)
@@ -1065,7 +1095,8 @@ remoteDispatchDomainGetMaxVcpus (struct 
 }
 
 static int
-remoteDispatchDomainGetOsType (struct qemud_client *client,
+remoteDispatchDomainGetOsType (struct qemud_server *server ATTRIBUTE_UNUSED,
+                               struct qemud_client *client,
                                remote_message_header *req,
                                remote_domain_get_os_type_args *args,
                                remote_domain_get_os_type_ret *ret)
@@ -1090,7 +1121,8 @@ remoteDispatchDomainGetOsType (struct qe
 }
 
 static int
-remoteDispatchDomainGetVcpus (struct qemud_client *client,
+remoteDispatchDomainGetVcpus (struct qemud_server *server ATTRIBUTE_UNUSED,
+                              struct qemud_client *client,
                               remote_message_header *req,
                               remote_domain_get_vcpus_args *args,
                               remote_domain_get_vcpus_ret *ret)
@@ -1154,7 +1186,8 @@ remoteDispatchDomainGetVcpus (struct qem
 }
 
 static int
-remoteDispatchDomainMigratePrepare (struct qemud_client *client,
+remoteDispatchDomainMigratePrepare (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                    struct qemud_client *client,
                                     remote_message_header *req,
                                     remote_domain_migrate_prepare_args *args,
                                     remote_domain_migrate_prepare_ret *ret)
@@ -1189,7 +1222,8 @@ remoteDispatchDomainMigratePrepare (stru
 }
 
 static int
-remoteDispatchDomainMigratePerform (struct qemud_client *client,
+remoteDispatchDomainMigratePerform (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                    struct qemud_client *client,
                                     remote_message_header *req,
                                     remote_domain_migrate_perform_args *args,
                                     void *ret ATTRIBUTE_UNUSED)
@@ -1218,7 +1252,8 @@ remoteDispatchDomainMigratePerform (stru
 }
 
 static int
-remoteDispatchDomainMigrateFinish (struct qemud_client *client,
+remoteDispatchDomainMigrateFinish (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                   struct qemud_client *client,
                                    remote_message_header *req,
                                    remote_domain_migrate_finish_args *args,
                                    remote_domain_migrate_finish_ret *ret)
@@ -1239,7 +1274,8 @@ remoteDispatchDomainMigrateFinish (struc
 }
 
 static int
-remoteDispatchListDefinedDomains (struct qemud_client *client,
+remoteDispatchListDefinedDomains (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_list_defined_domains_args *args,
                                   remote_list_defined_domains_ret *ret)
@@ -1264,7 +1300,8 @@ remoteDispatchListDefinedDomains (struct
 }
 
 static int
-remoteDispatchDomainLookupById (struct qemud_client *client,
+remoteDispatchDomainLookupById (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                struct qemud_client *client,
                                 remote_message_header *req,
                                 remote_domain_lookup_by_id_args *args,
                                 remote_domain_lookup_by_id_ret *ret)
@@ -1281,7 +1318,8 @@ remoteDispatchDomainLookupById (struct q
 }
 
 static int
-remoteDispatchDomainLookupByName (struct qemud_client *client,
+remoteDispatchDomainLookupByName (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_domain_lookup_by_name_args *args,
                                   remote_domain_lookup_by_name_ret *ret)
@@ -1298,7 +1336,8 @@ remoteDispatchDomainLookupByName (struct
 }
 
 static int
-remoteDispatchDomainLookupByUuid (struct qemud_client *client,
+remoteDispatchDomainLookupByUuid (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_domain_lookup_by_uuid_args *args,
                                   remote_domain_lookup_by_uuid_ret *ret)
@@ -1315,7 +1354,8 @@ remoteDispatchDomainLookupByUuid (struct
 }
 
 static int
-remoteDispatchNumOfDefinedDomains (struct qemud_client *client,
+remoteDispatchNumOfDefinedDomains (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                   struct qemud_client *client,
                                    remote_message_header *req,
                                    void *args ATTRIBUTE_UNUSED,
                                    remote_num_of_defined_domains_ret *ret)
@@ -1329,7 +1369,8 @@ remoteDispatchNumOfDefinedDomains (struc
 }
 
 static int
-remoteDispatchDomainPinVcpu (struct qemud_client *client,
+remoteDispatchDomainPinVcpu (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_domain_pin_vcpu_args *args,
                              void *ret ATTRIBUTE_UNUSED)
@@ -1362,7 +1403,8 @@ remoteDispatchDomainPinVcpu (struct qemu
 }
 
 static int
-remoteDispatchDomainReboot (struct qemud_client *client,
+remoteDispatchDomainReboot (struct qemud_server *server ATTRIBUTE_UNUSED,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             remote_domain_reboot_args *args,
                             void *ret ATTRIBUTE_UNUSED)
@@ -1385,7 +1427,8 @@ remoteDispatchDomainReboot (struct qemud
 }
 
 static int
-remoteDispatchDomainRestore (struct qemud_client *client,
+remoteDispatchDomainRestore (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_domain_restore_args *args,
                              void *ret ATTRIBUTE_UNUSED)
@@ -1399,7 +1442,8 @@ remoteDispatchDomainRestore (struct qemu
 }
 
 static int
-remoteDispatchDomainResume (struct qemud_client *client,
+remoteDispatchDomainResume (struct qemud_server *server ATTRIBUTE_UNUSED,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             remote_domain_resume_args *args,
                             void *ret ATTRIBUTE_UNUSED)
@@ -1422,7 +1466,8 @@ remoteDispatchDomainResume (struct qemud
 }
 
 static int
-remoteDispatchDomainSave (struct qemud_client *client,
+remoteDispatchDomainSave (struct qemud_server *server ATTRIBUTE_UNUSED,
+                          struct qemud_client *client,
                           remote_message_header *req,
                           remote_domain_save_args *args,
                           void *ret ATTRIBUTE_UNUSED)
@@ -1445,7 +1490,8 @@ remoteDispatchDomainSave (struct qemud_c
 }
 
 static int
-remoteDispatchDomainCoreDump (struct qemud_client *client,
+remoteDispatchDomainCoreDump (struct qemud_server *server ATTRIBUTE_UNUSED,
+                              struct qemud_client *client,
                               remote_message_header *req,
                               remote_domain_core_dump_args *args,
                               void *ret ATTRIBUTE_UNUSED)
@@ -1468,7 +1514,8 @@ remoteDispatchDomainCoreDump (struct qem
 }
 
 static int
-remoteDispatchDomainSetAutostart (struct qemud_client *client,
+remoteDispatchDomainSetAutostart (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_domain_set_autostart_args *args,
                                   void *ret ATTRIBUTE_UNUSED)
@@ -1491,7 +1538,8 @@ remoteDispatchDomainSetAutostart (struct
 }
 
 static int
-remoteDispatchDomainSetMaxMemory (struct qemud_client *client,
+remoteDispatchDomainSetMaxMemory (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                  struct qemud_client *client,
                                   remote_message_header *req,
                                   remote_domain_set_max_memory_args *args,
                                   void *ret ATTRIBUTE_UNUSED)
@@ -1514,7 +1562,8 @@ remoteDispatchDomainSetMaxMemory (struct
 }
 
 static int
-remoteDispatchDomainSetMemory (struct qemud_client *client,
+remoteDispatchDomainSetMemory (struct qemud_server *server ATTRIBUTE_UNUSED,
+                               struct qemud_client *client,
                                remote_message_header *req,
                                remote_domain_set_memory_args *args,
                                void *ret ATTRIBUTE_UNUSED)
@@ -1537,7 +1586,8 @@ remoteDispatchDomainSetMemory (struct qe
 }
 
 static int
-remoteDispatchDomainSetVcpus (struct qemud_client *client,
+remoteDispatchDomainSetVcpus (struct qemud_server *server ATTRIBUTE_UNUSED,
+                              struct qemud_client *client,
                               remote_message_header *req,
                               remote_domain_set_vcpus_args *args,
                               void *ret ATTRIBUTE_UNUSED)
@@ -1560,7 +1610,8 @@ remoteDispatchDomainSetVcpus (struct qem
 }
 
 static int
-remoteDispatchDomainShutdown (struct qemud_client *client,
+remoteDispatchDomainShutdown (struct qemud_server *server ATTRIBUTE_UNUSED,
+                              struct qemud_client *client,
                               remote_message_header *req,
                               remote_domain_shutdown_args *args,
                               void *ret ATTRIBUTE_UNUSED)
@@ -1583,7 +1634,8 @@ remoteDispatchDomainShutdown (struct qem
 }
 
 static int
-remoteDispatchDomainSuspend (struct qemud_client *client,
+remoteDispatchDomainSuspend (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_domain_suspend_args *args,
                              void *ret ATTRIBUTE_UNUSED)
@@ -1606,7 +1658,8 @@ remoteDispatchDomainSuspend (struct qemu
 }
 
 static int
-remoteDispatchDomainUndefine (struct qemud_client *client,
+remoteDispatchDomainUndefine (struct qemud_server *server ATTRIBUTE_UNUSED,
+                              struct qemud_client *client,
                               remote_message_header *req,
                               remote_domain_undefine_args *args,
                               void *ret ATTRIBUTE_UNUSED)
@@ -1629,7 +1682,8 @@ remoteDispatchDomainUndefine (struct qem
 }
 
 static int
-remoteDispatchListDefinedNetworks (struct qemud_client *client,
+remoteDispatchListDefinedNetworks (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                   struct qemud_client *client,
                                    remote_message_header *req,
                                    remote_list_defined_networks_args *args,
                                    remote_list_defined_networks_ret *ret)
@@ -1654,7 +1708,8 @@ remoteDispatchListDefinedNetworks (struc
 }
 
 static int
-remoteDispatchListDomains (struct qemud_client *client,
+remoteDispatchListDomains (struct qemud_server *server ATTRIBUTE_UNUSED,
+                           struct qemud_client *client,
                            remote_message_header *req,
                            remote_list_domains_args *args,
                            remote_list_domains_ret *ret)
@@ -1678,7 +1733,8 @@ remoteDispatchListDomains (struct qemud_
 }
 
 static int
-remoteDispatchListNetworks (struct qemud_client *client,
+remoteDispatchListNetworks (struct qemud_server *server ATTRIBUTE_UNUSED,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             remote_list_networks_args *args,
                             remote_list_networks_ret *ret)
@@ -1703,7 +1759,8 @@ remoteDispatchListNetworks (struct qemud
 }
 
 static int
-remoteDispatchNetworkCreate (struct qemud_client *client,
+remoteDispatchNetworkCreate (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_network_create_args *args,
                              void *ret ATTRIBUTE_UNUSED)
@@ -1726,7 +1783,8 @@ remoteDispatchNetworkCreate (struct qemu
 }
 
 static int
-remoteDispatchNetworkCreateXml (struct qemud_client *client,
+remoteDispatchNetworkCreateXml (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                struct qemud_client *client,
                                 remote_message_header *req,
                                 remote_network_create_xml_args *args,
                                 remote_network_create_xml_ret *ret)
@@ -1743,7 +1801,8 @@ remoteDispatchNetworkCreateXml (struct q
 }
 
 static int
-remoteDispatchNetworkDefineXml (struct qemud_client *client,
+remoteDispatchNetworkDefineXml (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                struct qemud_client *client,
                                 remote_message_header *req,
                                 remote_network_define_xml_args *args,
                                 remote_network_define_xml_ret *ret)
@@ -1760,7 +1819,8 @@ remoteDispatchNetworkDefineXml (struct q
 }
 
 static int
-remoteDispatchNetworkDestroy (struct qemud_client *client,
+remoteDispatchNetworkDestroy (struct qemud_server *server ATTRIBUTE_UNUSED,
+                              struct qemud_client *client,
                               remote_message_header *req,
                               remote_network_destroy_args *args,
                               void *ret ATTRIBUTE_UNUSED)
@@ -1783,7 +1843,8 @@ remoteDispatchNetworkDestroy (struct qem
 }
 
 static int
-remoteDispatchNetworkDumpXml (struct qemud_client *client,
+remoteDispatchNetworkDumpXml (struct qemud_server *server ATTRIBUTE_UNUSED,
+                              struct qemud_client *client,
                               remote_message_header *req,
                               remote_network_dump_xml_args *args,
                               remote_network_dump_xml_ret *ret)
@@ -1808,7 +1869,8 @@ remoteDispatchNetworkDumpXml (struct qem
 }
 
 static int
-remoteDispatchNetworkGetAutostart (struct qemud_client *client,
+remoteDispatchNetworkGetAutostart (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                   struct qemud_client *client,
                                    remote_message_header *req,
                                    remote_network_get_autostart_args *args,
                                    remote_network_get_autostart_ret *ret)
@@ -1831,7 +1893,8 @@ remoteDispatchNetworkGetAutostart (struc
 }
 
 static int
-remoteDispatchNetworkGetBridgeName (struct qemud_client *client,
+remoteDispatchNetworkGetBridgeName (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                    struct qemud_client *client,
                                     remote_message_header *req,
                                     remote_network_get_bridge_name_args *args,
                                     remote_network_get_bridge_name_ret *ret)
@@ -1856,7 +1919,8 @@ remoteDispatchNetworkGetBridgeName (stru
 }
 
 static int
-remoteDispatchNetworkLookupByName (struct qemud_client *client,
+remoteDispatchNetworkLookupByName (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                   struct qemud_client *client,
                                    remote_message_header *req,
                                    remote_network_lookup_by_name_args *args,
                                    remote_network_lookup_by_name_ret *ret)
@@ -1873,7 +1937,8 @@ remoteDispatchNetworkLookupByName (struc
 }
 
 static int
-remoteDispatchNetworkLookupByUuid (struct qemud_client *client,
+remoteDispatchNetworkLookupByUuid (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                   struct qemud_client *client,
                                    remote_message_header *req,
                                    remote_network_lookup_by_uuid_args *args,
                                    remote_network_lookup_by_uuid_ret *ret)
@@ -1890,7 +1955,8 @@ remoteDispatchNetworkLookupByUuid (struc
 }
 
 static int
-remoteDispatchNetworkSetAutostart (struct qemud_client *client,
+remoteDispatchNetworkSetAutostart (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                   struct qemud_client *client,
                                    remote_message_header *req,
                                    remote_network_set_autostart_args *args,
                                    void *ret ATTRIBUTE_UNUSED)
@@ -1913,7 +1979,8 @@ remoteDispatchNetworkSetAutostart (struc
 }
 
 static int
-remoteDispatchNetworkUndefine (struct qemud_client *client,
+remoteDispatchNetworkUndefine (struct qemud_server *server ATTRIBUTE_UNUSED,
+                               struct qemud_client *client,
                                remote_message_header *req,
                                remote_network_undefine_args *args,
                                void *ret ATTRIBUTE_UNUSED)
@@ -1936,7 +2003,8 @@ remoteDispatchNetworkUndefine (struct qe
 }
 
 static int
-remoteDispatchNumOfDefinedNetworks (struct qemud_client *client,
+remoteDispatchNumOfDefinedNetworks (struct qemud_server *server ATTRIBUTE_UNUSED,
+                                    struct qemud_client *client,
                                     remote_message_header *req,
                                     void *args ATTRIBUTE_UNUSED,
                                     remote_num_of_defined_networks_ret *ret)
@@ -1950,7 +2018,8 @@ remoteDispatchNumOfDefinedNetworks (stru
 }
 
 static int
-remoteDispatchNumOfDomains (struct qemud_client *client,
+remoteDispatchNumOfDomains (struct qemud_server *server ATTRIBUTE_UNUSED,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             void *args ATTRIBUTE_UNUSED,
                             remote_num_of_domains_ret *ret)
@@ -1964,7 +2033,8 @@ remoteDispatchNumOfDomains (struct qemud
 }
 
 static int
-remoteDispatchNumOfNetworks (struct qemud_client *client,
+remoteDispatchNumOfNetworks (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              void *args ATTRIBUTE_UNUSED,
                              remote_num_of_networks_ret *ret)
@@ -1979,7 +2049,8 @@ remoteDispatchNumOfNetworks (struct qemu
 
 
 static int
-remoteDispatchAuthList (struct qemud_client *client,
+remoteDispatchAuthList (struct qemud_server *server ATTRIBUTE_UNUSED,
+                        struct qemud_client *client,
                         remote_message_header *req ATTRIBUTE_UNUSED,
                         void *args ATTRIBUTE_UNUSED,
                         remote_auth_list_ret *ret)
@@ -2034,7 +2105,8 @@ static char *addrToString(struct qemud_c
  * XXX callbacks for stuff like password verification ?
  */
 static int
-remoteDispatchAuthSaslInit (struct qemud_client *client,
+remoteDispatchAuthSaslInit (struct qemud_server *server ATTRIBUTE_UNUSED,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             void *args ATTRIBUTE_UNUSED,
                             remote_auth_sasl_init_ret *ret)
@@ -2223,11 +2295,67 @@ remoteSASLCheckSSF (struct qemud_client 
     return 0;
 }
 
+static int
+remoteSASLCheckAccess (struct qemud_server *server,
+                       struct qemud_client *client,
+                       remote_message_header *req) {
+    const void *val;
+    int err;
+    char **wildcards;
+
+    err = sasl_getprop(client->saslconn, SASL_USERNAME, &val);
+    if (err != SASL_OK) {
+        qemudLog(QEMUD_ERR, "cannot query SASL username on connection %d (%s)",
+                 err, sasl_errstring(err, NULL, NULL));
+        remoteDispatchFailAuth(client, req);
+        sasl_dispose(&client->saslconn);
+        client->saslconn = NULL;
+        return -1;
+    }
+    if (val == NULL) {
+        qemudLog(QEMUD_ERR, "no client username was found");
+        remoteDispatchFailAuth(client, req);
+        sasl_dispose(&client->saslconn);
+        client->saslconn = NULL;
+        return -1;
+    }
+    REMOTE_DEBUG("SASL client username %s", (const char *)val);
+
+    client->saslUsername = strdup((const char*)val);
+    if (client->saslUsername == NULL) {
+        qemudLog(QEMUD_ERR, "out of memory copying username");
+        remoteDispatchFailAuth(client, req);
+        sasl_dispose(&client->saslconn);
+        client->saslconn = NULL;
+        return -1;
+    }
+
+    /* If the list is not set, allow any DN. */
+    wildcards = server->saslUsernameWhitelist;
+    if (!wildcards)
+        return 0; /* No ACL, allow all */
+
+    while (*wildcards) {
+        if (fnmatch (*wildcards, client->saslUsername, 0) == 0)
+            return 0; /* Allowed */
+        wildcards++;
+    }
+
+    /* Denied */
+    qemudLog(QEMUD_ERR, "SASL client %s not allowed in whitelist", client->saslUsername);
+    remoteDispatchFailAuth(client, req);
+    sasl_dispose(&client->saslconn);
+    client->saslconn = NULL;
+    return -1;
+}
+
+
 /*
  * This starts the SASL authentication negotiation.
  */
 static int
-remoteDispatchAuthSaslStart (struct qemud_client *client,
+remoteDispatchAuthSaslStart (struct qemud_server *server,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_auth_sasl_start_args *args,
                              remote_auth_sasl_start_ret *ret)
@@ -2291,6 +2419,10 @@ remoteDispatchAuthSaslStart (struct qemu
         if (remoteSASLCheckSSF(client, req) < 0)
             return -2;
 
+        /* Check username whitelist ACL */
+        if (remoteSASLCheckAccess(server, client, req) < 0)
+            return -2;
+
         REMOTE_DEBUG("Authentication successful %d", client->fd);
         ret->complete = 1;
         client->auth = REMOTE_AUTH_NONE;
@@ -2301,7 +2433,8 @@ remoteDispatchAuthSaslStart (struct qemu
 
 
 static int
-remoteDispatchAuthSaslStep (struct qemud_client *client,
+remoteDispatchAuthSaslStep (struct qemud_server *server,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             remote_auth_sasl_step_args *args,
                             remote_auth_sasl_step_ret *ret)
@@ -2365,6 +2498,10 @@ remoteDispatchAuthSaslStep (struct qemud
         if (remoteSASLCheckSSF(client, req) < 0)
             return -2;
 
+        /* Check username whitelist ACL */
+        if (remoteSASLCheckAccess(server, client, req) < 0)
+            return -2;
+
         REMOTE_DEBUG("Authentication successful %d", client->fd);
         ret->complete = 1;
         client->auth = REMOTE_AUTH_NONE;
@@ -2376,7 +2513,8 @@ remoteDispatchAuthSaslStep (struct qemud
 
 #else /* HAVE_SASL */
 static int
-remoteDispatchAuthSaslInit (struct qemud_client *client,
+remoteDispatchAuthSaslInit (struct qemud_server *server ATTRIBUTE_UNUSED,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             void *args ATTRIBUTE_UNUSED,
                             remote_auth_sasl_init_ret *ret ATTRIBUTE_UNUSED)
@@ -2387,7 +2525,8 @@ remoteDispatchAuthSaslInit (struct qemud
 }
 
 static int
-remoteDispatchAuthSaslStart (struct qemud_client *client,
+remoteDispatchAuthSaslStart (struct qemud_server *server ATTRIBUTE_UNUSED,
+                             struct qemud_client *client,
                              remote_message_header *req,
                              remote_auth_sasl_start_args *args ATTRIBUTE_UNUSED,
                              remote_auth_sasl_start_ret *ret ATTRIBUTE_UNUSED)
@@ -2398,7 +2537,8 @@ remoteDispatchAuthSaslStart (struct qemu
 }
 
 static int
-remoteDispatchAuthSaslStep (struct qemud_client *client,
+remoteDispatchAuthSaslStep (struct qemud_server *server ATTRIBUTE_UNUSED,
+                            struct qemud_client *client,
                             remote_message_header *req,
                             remote_auth_sasl_step_args *args ATTRIBUTE_UNUSED,
                             remote_auth_sasl_step_ret *ret ATTRIBUTE_UNUSED)
diff -r b68f6ec36358 qemud/remote_dispatch_prototypes.h
--- a/qemud/remote_dispatch_prototypes.h	Fri Nov 30 14:31:14 2007 -0500
+++ b/qemud/remote_dispatch_prototypes.h	Fri Nov 30 15:15:26 2007 -0500
@@ -2,72 +2,72 @@
  * Do not edit this file.  Any changes you make will be lost.
  */
 
-static int remoteDispatchAuthList (struct qemud_client *client, remote_message_header *req, void *args, remote_auth_list_ret *ret);
-static int remoteDispatchAuthSaslInit (struct qemud_client *client, remote_message_header *req, void *args, remote_auth_sasl_init_ret *ret);
-static int remoteDispatchAuthSaslStart (struct qemud_client *client, remote_message_header *req, remote_auth_sasl_start_args *args, remote_auth_sasl_start_ret *ret);
-static int remoteDispatchAuthSaslStep (struct qemud_client *client, remote_message_header *req, remote_auth_sasl_step_args *args, remote_auth_sasl_step_ret *ret);
-static int remoteDispatchClose (struct qemud_client *client, remote_message_header *req, void *args, void *ret);
-static int remoteDispatchDomainAttachDevice (struct qemud_client *client, remote_message_header *req, remote_domain_attach_device_args *args, void *ret);
-static int remoteDispatchDomainBlockStats (struct qemud_client *client, remote_message_header *req, remote_domain_block_stats_args *args, remote_domain_block_stats_ret *ret);
-static int remoteDispatchDomainCoreDump (struct qemud_client *client, remote_message_header *req, remote_domain_core_dump_args *args, void *ret);
-static int remoteDispatchDomainCreate (struct qemud_client *client, remote_message_header *req, remote_domain_create_args *args, void *ret);
-static int remoteDispatchDomainCreateLinux (struct qemud_client *client, remote_message_header *req, remote_domain_create_linux_args *args, remote_domain_create_linux_ret *ret);
-static int remoteDispatchDomainDefineXml (struct qemud_client *client, remote_message_header *req, remote_domain_define_xml_args *args, remote_domain_define_xml_ret *ret);
-static int remoteDispatchDomainDestroy (struct qemud_client *client, remote_message_header *req, remote_domain_destroy_args *args, void *ret);
-static int remoteDispatchDomainDetachDevice (struct qemud_client *client, remote_message_header *req, remote_domain_detach_device_args *args, void *ret);
-static int remoteDispatchDomainDumpXml (struct qemud_client *client, remote_message_header *req, remote_domain_dump_xml_args *args, remote_domain_dump_xml_ret *ret);
-static int remoteDispatchDomainGetAutostart (struct qemud_client *client, remote_message_header *req, remote_domain_get_autostart_args *args, remote_domain_get_autostart_ret *ret);
-static int remoteDispatchDomainGetInfo (struct qemud_client *client, remote_message_header *req, remote_domain_get_info_args *args, remote_domain_get_info_ret *ret);
-static int remoteDispatchDomainGetMaxMemory (struct qemud_client *client, remote_message_header *req, remote_domain_get_max_memory_args *args, remote_domain_get_max_memory_ret *ret);
-static int remoteDispatchDomainGetMaxVcpus (struct qemud_client *client, remote_message_header *req, remote_domain_get_max_vcpus_args *args, remote_domain_get_max_vcpus_ret *ret);
-static int remoteDispatchDomainGetOsType (struct qemud_client *client, remote_message_header *req, remote_domain_get_os_type_args *args, remote_domain_get_os_type_ret *ret);
-static int remoteDispatchDomainGetSchedulerParameters (struct qemud_client *client, remote_message_header *req, remote_domain_get_scheduler_parameters_args *args, remote_domain_get_scheduler_parameters_ret *ret);
-static int remoteDispatchDomainGetSchedulerType (struct qemud_client *client, remote_message_header *req, remote_domain_get_scheduler_type_args *args, remote_domain_get_scheduler_type_ret *ret);
-static int remoteDispatchDomainGetVcpus (struct qemud_client *client, remote_message_header *req, remote_domain_get_vcpus_args *args, remote_domain_get_vcpus_ret *ret);
-static int remoteDispatchDomainInterfaceStats (struct qemud_client *client, remote_message_header *req, remote_domain_interface_stats_args *args, remote_domain_interface_stats_ret *ret);
-static int remoteDispatchDomainLookupById (struct qemud_client *client, remote_message_header *req, remote_domain_lookup_by_id_args *args, remote_domain_lookup_by_id_ret *ret);
-static int remoteDispatchDomainLookupByName (struct qemud_client *client, remote_message_header *req, remote_domain_lookup_by_name_args *args, remote_domain_lookup_by_name_ret *ret);
-static int remoteDispatchDomainLookupByUuid (struct qemud_client *client, remote_message_header *req, remote_domain_lookup_by_uuid_args *args, remote_domain_lookup_by_uuid_ret *ret);
-static int remoteDispatchDomainMigrateFinish (struct qemud_client *client, remote_message_header *req, remote_domain_migrate_finish_args *args, remote_domain_migrate_finish_ret *ret);
-static int remoteDispatchDomainMigratePerform (struct qemud_client *client, remote_message_header *req, remote_domain_migrate_perform_args *args, void *ret);
-static int remoteDispatchDomainMigratePrepare (struct qemud_client *client, remote_message_header *req, remote_domain_migrate_prepare_args *args, remote_domain_migrate_prepare_ret *ret);
-static int remoteDispatchDomainPinVcpu (struct qemud_client *client, remote_message_header *req, remote_domain_pin_vcpu_args *args, void *ret);
-static int remoteDispatchDomainReboot (struct qemud_client *client, remote_message_header *req, remote_domain_reboot_args *args, void *ret);
-static int remoteDispatchDomainRestore (struct qemud_client *client, remote_message_header *req, remote_domain_restore_args *args, void *ret);
-static int remoteDispatchDomainResume (struct qemud_client *client, remote_message_header *req, remote_domain_resume_args *args, void *ret);
-static int remoteDispatchDomainSave (struct qemud_client *client, remote_message_header *req, remote_domain_save_args *args, void *ret);
-static int remoteDispatchDomainSetAutostart (struct qemud_client *client, remote_message_header *req, remote_domain_set_autostart_args *args, void *ret);
-static int remoteDispatchDomainSetMaxMemory (struct qemud_client *client, remote_message_header *req, remote_domain_set_max_memory_args *args, void *ret);
-static int remoteDispatchDomainSetMemory (struct qemud_client *client, remote_message_header *req, remote_domain_set_memory_args *args, void *ret);
-static int remoteDispatchDomainSetSchedulerParameters (struct qemud_client *client, remote_message_header *req, remote_domain_set_scheduler_parameters_args *args, void *ret);
-static int remoteDispatchDomainSetVcpus (struct qemud_client *client, remote_message_header *req, remote_domain_set_vcpus_args *args, void *ret);
-static int remoteDispatchDomainShutdown (struct qemud_client *client, remote_message_header *req, remote_domain_shutdown_args *args, void *ret);
-static int remoteDispatchDomainSuspend (struct qemud_client *client, remote_message_header *req, remote_domain_suspend_args *args, void *ret);
-static int remoteDispatchDomainUndefine (struct qemud_client *client, remote_message_header *req, remote_domain_undefine_args *args, void *ret);
-static int remoteDispatchGetCapabilities (struct qemud_client *client, remote_message_header *req, void *args, remote_get_capabilities_ret *ret);
-static int remoteDispatchGetHostname (struct qemud_client *client, remote_message_header *req, void *args, remote_get_hostname_ret *ret);
-static int remoteDispatchGetMaxVcpus (struct qemud_client *client, remote_message_header *req, remote_get_max_vcpus_args *args, remote_get_max_vcpus_ret *ret);
-static int remoteDispatchGetType (struct qemud_client *client, remote_message_header *req, void *args, remote_get_type_ret *ret);
-static int remoteDispatchGetVersion (struct qemud_client *client, remote_message_header *req, void *args, remote_get_version_ret *ret);
-static int remoteDispatchListDefinedDomains (struct qemud_client *client, remote_message_header *req, remote_list_defined_domains_args *args, remote_list_defined_domains_ret *ret);
-static int remoteDispatchListDefinedNetworks (struct qemud_client *client, remote_message_header *req, remote_list_defined_networks_args *args, remote_list_defined_networks_ret *ret);
-static int remoteDispatchListDomains (struct qemud_client *client, remote_message_header *req, remote_list_domains_args *args, remote_list_domains_ret *ret);
-static int remoteDispatchListNetworks (struct qemud_client *client, remote_message_header *req, remote_list_networks_args *args, remote_list_networks_ret *ret);
-static int remoteDispatchNetworkCreate (struct qemud_client *client, remote_message_header *req, remote_network_create_args *args, void *ret);
-static int remoteDispatchNetworkCreateXml (struct qemud_client *client, remote_message_header *req, remote_network_create_xml_args *args, remote_network_create_xml_ret *ret);
-static int remoteDispatchNetworkDefineXml (struct qemud_client *client, remote_message_header *req, remote_network_define_xml_args *args, remote_network_define_xml_ret *ret);
-static int remoteDispatchNetworkDestroy (struct qemud_client *client, remote_message_header *req, remote_network_destroy_args *args, void *ret);
-static int remoteDispatchNetworkDumpXml (struct qemud_client *client, remote_message_header *req, remote_network_dump_xml_args *args, remote_network_dump_xml_ret *ret);
-static int remoteDispatchNetworkGetAutostart (struct qemud_client *client, remote_message_header *req, remote_network_get_autostart_args *args, remote_network_get_autostart_ret *ret);
-static int remoteDispatchNetworkGetBridgeName (struct qemud_client *client, remote_message_header *req, remote_network_get_bridge_name_args *args, remote_network_get_bridge_name_ret *ret);
-static int remoteDispatchNetworkLookupByName (struct qemud_client *client, remote_message_header *req, remote_network_lookup_by_name_args *args, remote_network_lookup_by_name_ret *ret);
-static int remoteDispatchNetworkLookupByUuid (struct qemud_client *client, remote_message_header *req, remote_network_lookup_by_uuid_args *args, remote_network_lookup_by_uuid_ret *ret);
-static int remoteDispatchNetworkSetAutostart (struct qemud_client *client, remote_message_header *req, remote_network_set_autostart_args *args, void *ret);
-static int remoteDispatchNetworkUndefine (struct qemud_client *client, remote_message_header *req, remote_network_undefine_args *args, void *ret);
-static int remoteDispatchNodeGetInfo (struct qemud_client *client, remote_message_header *req, void *args, remote_node_get_info_ret *ret);
-static int remoteDispatchNumOfDefinedDomains (struct qemud_client *client, remote_message_header *req, void *args, remote_num_of_defined_domains_ret *ret);
-static int remoteDispatchNumOfDefinedNetworks (struct qemud_client *client, remote_message_header *req, void *args, remote_num_of_defined_networks_ret *ret);
-static int remoteDispatchNumOfDomains (struct qemud_client *client, remote_message_header *req, void *args, remote_num_of_domains_ret *ret);
-static int remoteDispatchNumOfNetworks (struct qemud_client *client, remote_message_header *req, void *args, remote_num_of_networks_ret *ret);
-static int remoteDispatchOpen (struct qemud_client *client, remote_message_header *req, remote_open_args *args, void *ret);
-static int remoteDispatchSupportsFeature (struct qemud_client *client, remote_message_header *req, remote_supports_feature_args *args, remote_supports_feature_ret *ret);
+static int remoteDispatchAuthList (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_auth_list_ret *ret);
+static int remoteDispatchAuthSaslInit (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_auth_sasl_init_ret *ret);
+static int remoteDispatchAuthSaslStart (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_auth_sasl_start_args *args, remote_auth_sasl_start_ret *ret);
+static int remoteDispatchAuthSaslStep (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_auth_sasl_step_args *args, remote_auth_sasl_step_ret *ret);
+static int remoteDispatchClose (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, void *ret);
+static int remoteDispatchDomainAttachDevice (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_attach_device_args *args, void *ret);
+static int remoteDispatchDomainBlockStats (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_block_stats_args *args, remote_domain_block_stats_ret *ret);
+static int remoteDispatchDomainCoreDump (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_core_dump_args *args, void *ret);
+static int remoteDispatchDomainCreate (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_create_args *args, void *ret);
+static int remoteDispatchDomainCreateLinux (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_create_linux_args *args, remote_domain_create_linux_ret *ret);
+static int remoteDispatchDomainDefineXml (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_define_xml_args *args, remote_domain_define_xml_ret *ret);
+static int remoteDispatchDomainDestroy (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_destroy_args *args, void *ret);
+static int remoteDispatchDomainDetachDevice (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_detach_device_args *args, void *ret);
+static int remoteDispatchDomainDumpXml (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_dump_xml_args *args, remote_domain_dump_xml_ret *ret);
+static int remoteDispatchDomainGetAutostart (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_get_autostart_args *args, remote_domain_get_autostart_ret *ret);
+static int remoteDispatchDomainGetInfo (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_get_info_args *args, remote_domain_get_info_ret *ret);
+static int remoteDispatchDomainGetMaxMemory (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_get_max_memory_args *args, remote_domain_get_max_memory_ret *ret);
+static int remoteDispatchDomainGetMaxVcpus (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_get_max_vcpus_args *args, remote_domain_get_max_vcpus_ret *ret);
+static int remoteDispatchDomainGetOsType (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_get_os_type_args *args, remote_domain_get_os_type_ret *ret);
+static int remoteDispatchDomainGetSchedulerParameters (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_get_scheduler_parameters_args *args, remote_domain_get_scheduler_parameters_ret *ret);
+static int remoteDispatchDomainGetSchedulerType (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_get_scheduler_type_args *args, remote_domain_get_scheduler_type_ret *ret);
+static int remoteDispatchDomainGetVcpus (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_get_vcpus_args *args, remote_domain_get_vcpus_ret *ret);
+static int remoteDispatchDomainInterfaceStats (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_interface_stats_args *args, remote_domain_interface_stats_ret *ret);
+static int remoteDispatchDomainLookupById (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_lookup_by_id_args *args, remote_domain_lookup_by_id_ret *ret);
+static int remoteDispatchDomainLookupByName (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_lookup_by_name_args *args, remote_domain_lookup_by_name_ret *ret);
+static int remoteDispatchDomainLookupByUuid (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_lookup_by_uuid_args *args, remote_domain_lookup_by_uuid_ret *ret);
+static int remoteDispatchDomainMigrateFinish (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_migrate_finish_args *args, remote_domain_migrate_finish_ret *ret);
+static int remoteDispatchDomainMigratePerform (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_migrate_perform_args *args, void *ret);
+static int remoteDispatchDomainMigratePrepare (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_migrate_prepare_args *args, remote_domain_migrate_prepare_ret *ret);
+static int remoteDispatchDomainPinVcpu (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_pin_vcpu_args *args, void *ret);
+static int remoteDispatchDomainReboot (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_reboot_args *args, void *ret);
+static int remoteDispatchDomainRestore (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_restore_args *args, void *ret);
+static int remoteDispatchDomainResume (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_resume_args *args, void *ret);
+static int remoteDispatchDomainSave (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_save_args *args, void *ret);
+static int remoteDispatchDomainSetAutostart (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_set_autostart_args *args, void *ret);
+static int remoteDispatchDomainSetMaxMemory (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_set_max_memory_args *args, void *ret);
+static int remoteDispatchDomainSetMemory (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_set_memory_args *args, void *ret);
+static int remoteDispatchDomainSetSchedulerParameters (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_set_scheduler_parameters_args *args, void *ret);
+static int remoteDispatchDomainSetVcpus (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_set_vcpus_args *args, void *ret);
+static int remoteDispatchDomainShutdown (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_shutdown_args *args, void *ret);
+static int remoteDispatchDomainSuspend (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_suspend_args *args, void *ret);
+static int remoteDispatchDomainUndefine (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_domain_undefine_args *args, void *ret);
+static int remoteDispatchGetCapabilities (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_get_capabilities_ret *ret);
+static int remoteDispatchGetHostname (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_get_hostname_ret *ret);
+static int remoteDispatchGetMaxVcpus (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_get_max_vcpus_args *args, remote_get_max_vcpus_ret *ret);
+static int remoteDispatchGetType (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_get_type_ret *ret);
+static int remoteDispatchGetVersion (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_get_version_ret *ret);
+static int remoteDispatchListDefinedDomains (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_list_defined_domains_args *args, remote_list_defined_domains_ret *ret);
+static int remoteDispatchListDefinedNetworks (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_list_defined_networks_args *args, remote_list_defined_networks_ret *ret);
+static int remoteDispatchListDomains (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_list_domains_args *args, remote_list_domains_ret *ret);
+static int remoteDispatchListNetworks (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_list_networks_args *args, remote_list_networks_ret *ret);
+static int remoteDispatchNetworkCreate (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_create_args *args, void *ret);
+static int remoteDispatchNetworkCreateXml (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_create_xml_args *args, remote_network_create_xml_ret *ret);
+static int remoteDispatchNetworkDefineXml (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_define_xml_args *args, remote_network_define_xml_ret *ret);
+static int remoteDispatchNetworkDestroy (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_destroy_args *args, void *ret);
+static int remoteDispatchNetworkDumpXml (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_dump_xml_args *args, remote_network_dump_xml_ret *ret);
+static int remoteDispatchNetworkGetAutostart (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_get_autostart_args *args, remote_network_get_autostart_ret *ret);
+static int remoteDispatchNetworkGetBridgeName (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_get_bridge_name_args *args, remote_network_get_bridge_name_ret *ret);
+static int remoteDispatchNetworkLookupByName (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_lookup_by_name_args *args, remote_network_lookup_by_name_ret *ret);
+static int remoteDispatchNetworkLookupByUuid (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_lookup_by_uuid_args *args, remote_network_lookup_by_uuid_ret *ret);
+static int remoteDispatchNetworkSetAutostart (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_set_autostart_args *args, void *ret);
+static int remoteDispatchNetworkUndefine (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_network_undefine_args *args, void *ret);
+static int remoteDispatchNodeGetInfo (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_node_get_info_ret *ret);
+static int remoteDispatchNumOfDefinedDomains (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_num_of_defined_domains_ret *ret);
+static int remoteDispatchNumOfDefinedNetworks (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_num_of_defined_networks_ret *ret);
+static int remoteDispatchNumOfDomains (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_num_of_domains_ret *ret);
+static int remoteDispatchNumOfNetworks (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, void *args, remote_num_of_networks_ret *ret);
+static int remoteDispatchOpen (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_open_args *args, void *ret);
+static int remoteDispatchSupportsFeature (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, remote_supports_feature_args *args, remote_supports_feature_ret *ret);
diff -r b68f6ec36358 qemud/remote_generate_stubs.pl
--- a/qemud/remote_generate_stubs.pl	Fri Nov 30 14:31:14 2007 -0500
+++ b/qemud/remote_generate_stubs.pl	Fri Nov 30 15:15:26 2007 -0500
@@ -93,7 +93,7 @@ elsif ($opt_i) {
 elsif ($opt_i) {
     my @keys = sort (keys %calls);
     foreach (@keys) {
-	print "static int remoteDispatch$calls{$_}->{ProcName} (struct qemud_client *client, remote_message_header *req, $calls{$_}->{args} *args, $calls{$_}->{ret} *ret);\n";
+	print "static int remoteDispatch$calls{$_}->{ProcName} (struct qemud_server *server, struct qemud_client *client, remote_message_header *req, $calls{$_}->{args} *args, $calls{$_}->{ret} *ret);\n";
     }
 }
 
@@ -196,7 +196,8 @@ elsif ($opt_s) {
 	my $retvoid = $ret eq "void";
 
 	print "static int\n";
-	print "remoteDispatch$calls{$_}->{ProcName} (struct qemud_client *client,\n";
+	print "remoteDispatch$calls{$_}->{ProcName} (struct qemud_server *server,\n";
+	print "            struct qemud_client *client,\n";
 	print "            remote_message_header *req,\n";
 	print "            remote_get_max_vcpus_args *args,\n";
 	print "            remote_get_max_vcpus_ret *ret)\n";


-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]