Added listen_addr config param for daemon (Stefan de Konink)

AUTHORS

@@ -43,6 +43,7 @@ Patches have also been contributed by:
   Mads Chr. Olesen     <shiyee@shiyee.dk>
   Cole Robinson        <crobinso@redhat.com>
   Anton Protopopov     <aspsk2@gmail.com>
+  Stefan de Konink     <skinkie@xs4all.nl>
 
   [....send patches to get your name here....]
 

ChangeLog

+Wed May 14 15:34:43 EST 2008 Daniel P. Berrange <berrange@redhat.com>
+
+	* qemud/qemud.c: Add 'listen_addr' config param to control
+	the IP address the daemon listens on (Stefan de Konink)
+	* qemud/libvirtd.conf: Added example listen_addr config param
+	* src/remote_internal.h: #define constant for default IP addr
+
 Wed May 14 15:34:43 EST 2008 Daniel P. Berrange <berrange@redhat.com>
 
 	* proxy/libvirt_proxy.c, src/conf.c, src/hash.c,

qemud/libvirtd.conf

@@ -42,6 +42,11 @@
 #tcp_port = "16509"
 
 
+# Override the default configuration which binds to all network
+# interfaces. This can be a numeric IPv4/6 address, or hostname
+#
+# ip_addr = "192.168.0.1"
+
 
 # Flag toggling mDNS advertizement of the libvirt service.
 #

qemud/qemud.c

@@ -69,6 +69,7 @@ static int ipsock = 0;          /* -l  Listen for TCP/IP */
 /* Defaults for configuration file elements */
 static int listen_tls = 1;
 static int listen_tcp = 0;
+static char *listen_addr  = (char *) LIBVIRTD_LISTEN_ADDR;
 static char *tls_port = (char *) LIBVIRTD_TLS_PORT;
 static char *tcp_port = (char *) LIBVIRTD_TCP_PORT;
 
@@ -541,7 +542,7 @@ static int qemudListenUnix(struct qemud_server *server,
 
 // See: http://people.redhat.com/drepper/userapi-ipv6.html
 static int
-remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *service)
+remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *node, const char *service)
 {
     struct addrinfo *ai;
     struct addrinfo hints;
@@ -549,7 +550,7 @@ remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *service)
     hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
     hints.ai_socktype = SOCK_STREAM;
 
-    int e = getaddrinfo (NULL, service, &hints, &ai);
+    int e = getaddrinfo (node, service, &hints, &ai);
     if (e != 0) {
         qemudLog (QEMUD_ERR, _("getaddrinfo: %s\n"), gai_strerror (e));
         return -1;
@@ -593,6 +594,7 @@ remoteMakeSockets (int *fds, int max_fds, int *nfds_r, const char *service)
  */
 static int
 remoteListenTCP (struct qemud_server *server,
+		 const char *addr,
                  const char *port,
                  int type,
                  int auth)
@@ -602,7 +604,7 @@ remoteListenTCP (struct qemud_server *server,
     int i;
     struct qemud_socket *sock;
 
-    if (remoteMakeSockets (fds, 2, &nfds, port) == -1)
+    if (remoteMakeSockets (fds, 2, &nfds, addr, port) == -1)
         return -1;
 
     for (i = 0; i < nfds; ++i) {
@@ -779,14 +781,14 @@ static struct qemud_server *qemudNetworkInit(struct qemud_server *server) {
 #endif
 
     if (ipsock) {
-        if (listen_tcp && remoteListenTCP (server, tcp_port, QEMUD_SOCK_TYPE_TCP, auth_tcp) < 0)
+        if (listen_tcp && remoteListenTCP (server, listen_addr, tcp_port, QEMUD_SOCK_TYPE_TCP, auth_tcp) < 0)
             goto cleanup;
 
         if (listen_tls) {
             if (remoteInitializeGnuTLS () < 0)
                 goto cleanup;
 
-            if (remoteListenTCP (server, tls_port, QEMUD_SOCK_TYPE_TLS, auth_tls) < 0)
+            if (remoteListenTCP (server, listen_addr, tls_port, QEMUD_SOCK_TYPE_TLS, auth_tls) < 0)
                 goto cleanup;
         }
     }
@@ -1921,7 +1923,8 @@ remoteReadConfigFile (struct qemud_server *server, const char *filename)
     GET_CONF_INT (conf, filename, listen_tls);
     GET_CONF_STR (conf, filename, tls_port);
     GET_CONF_STR (conf, filename, tcp_port);
-
+    GET_CONF_STR (conf, filename, listen_addr);
+    
     if (remoteConfigGetAuth(conf, "auth_unix_rw", &auth_unix_rw, filename) < 0)
         goto free_and_fail;
 #if HAVE_POLKIT
@@ -2006,10 +2009,10 @@ remoteReadConfigFile (struct qemud_server *server, const char *filename)
     free (unix_sock_rw_perms);
     free (unix_sock_group);
 
-    /* Don't bother trying to free tcp_port, tls_port, key_file, cert_file,
-       ca_file, or crl_file, since they are initialized to non-malloc'd
-       strings.  Besides, these are static variables, and callers are
-       unlikely to call this function more than once, so there wouldn't
+    /* Don't bother trying to free listen_addr, tcp_port, tls_port, key_file,
+       cert_file, ca_file, or crl_file, since they are initialized to
+       non-malloc'd strings.  Besides, these are static variables, and callers
+       are unlikely to call this function more than once, so there wouldn't
        even be a real leak.  */
 
     if (tls_allowed_dn_list) {

src/remote_internal.h

@@ -32,6 +32,7 @@ extern "C" {
 
 int remoteRegister (void);
 
+#define LIBVIRTD_LISTEN_ADDR NULL
 #define LIBVIRTD_TLS_PORT "16514"
 #define LIBVIRTD_TCP_PORT "16509"
 #define LIBVIRTD_PRIV_UNIX_SOCKET LOCAL_STATE_DIR "/run/libvirt/libvirt-sock"