Attached is the latest rev of this patch to support remote drivers. It is still not in a state where it can or should be applied. In particular it still "does nothing" except supporting the version and type calls. Changes: * The URL syntax has changed. Please see the first attachment for complete details of the new syntax. * Attempts to verify client IP address using TLS certificate, but this code is probably not correct. * libvirtd has a comprehensive configuration file. * libvirtd forks into the background, and has many other improvements. * All previous comments that I received should have been taken into account and where possible fixed. Please let me know if there's anything I've missed. Some things to discuss ---------------------- Should libvirt clients automatically reconnect when the server (libvirtd) restarts? SunRPC supports this, reasonably seamlessly. The problem is that we will be issuing a "cookie" to the client to represent various structures held on the server (mainly virConnectPtr, but also virDomainPtr and a few others). The mapping of cookie -> structure is lost when libvirtd restarts unless we keep it somewhere persistent. Now if we keep track of cookie -> URLs in a persistent place, then when a client represents a cookie that we don't know about because it was created in a previous libvirtd session, we can look it up and reopen the connection to the backend (using the URL). In the current implementation of libvirt this looks safe. Should libvirtd run as a preforked server? SunRPC is basically single threaded. The server handles one RPC at a time and processes it to completion before handling the next. The simple way around this is to use a preforked server. This has implications with cookies -- either they need to be stored in shared memory (similar to Apache's scoreboard stuff) or else in persistent storage. - - - The second attachment is the patch. You can also download the patch from http://www.annexia.org/tmp/libvirt-tls-20070213.patch