diff --git a/forked-daapd.conf.in b/forked-daapd.conf.in index 62efd456..a8993898 100644 --- a/forked-daapd.conf.in +++ b/forked-daapd.conf.in @@ -22,11 +22,17 @@ general { loglevel = log # Admin password for the web interface - # If not set (default), access to the web interface is only permitted from localhost + # If not set (default), access to the web interface is only permitted + # from localhost (except in promiscuous mode) # admin_password = "" + # Websocket port for the web interface. # websocket_port = 3688 + # Let clients connect without checking their credentials. This applies + # both to Remotes, DAAP clients and the web interface. +# promiscuous_mode = no + # Enable/disable IPv6 ipv6 = yes diff --git a/src/conffile.c b/src/conffile.c index dc463dd8..f483b602 100644 --- a/src/conffile.c +++ b/src/conffile.c @@ -45,14 +45,12 @@ static int cb_loglevel(cfg_t *cfg, cfg_opt_t *opt, const char *value, void *resu static cfg_opt_t sec_general[] = { CFG_STR("uid", "nobody", CFGF_NONE), + CFG_STR("db_path", STATEDIR "/cache/" PACKAGE "/songs3.db", CFGF_NONE), + CFG_STR("logfile", STATEDIR "/log/" PACKAGE ".log", CFGF_NONE), + CFG_INT_CB("loglevel", E_LOG, CFGF_NONE, &cb_loglevel), CFG_STR("admin_password", NULL, CFGF_NONE), CFG_INT("websocket_port", 3688, CFGF_NONE), - CFG_STR("logfile", STATEDIR "/log/" PACKAGE ".log", CFGF_NONE), - CFG_STR("db_path", STATEDIR "/cache/" PACKAGE "/songs3.db", CFGF_NONE), - CFG_INT("db_pragma_cache_size", -1, CFGF_NONE), - CFG_STR("db_pragma_journal_mode", NULL, CFGF_NONE), - CFG_INT("db_pragma_synchronous", -1, CFGF_NONE), - CFG_INT_CB("loglevel", E_LOG, CFGF_NONE, &cb_loglevel), + CFG_BOOL("promiscuous_mode", cfg_false, CFGF_NONE), CFG_BOOL("ipv6", cfg_true, CFGF_NONE), CFG_STR("cache_path", STATEDIR "/cache/" PACKAGE "/cache.db", CFGF_NONE), CFG_INT("cache_daap_threshold", 1000, CFGF_NONE), @@ -62,6 +60,10 @@ static cfg_opt_t sec_general[] = #else CFG_BOOL("high_resolution_clock", cfg_true, CFGF_NONE), #endif + // Hidden options + CFG_INT("db_pragma_cache_size", -1, CFGF_NONE), + CFG_STR("db_pragma_journal_mode", NULL, CFGF_NONE), + CFG_INT("db_pragma_synchronous", -1, CFGF_NONE), CFG_STR("allow_origin", "*", CFGF_NONE), CFG_END() }; diff --git a/src/httpd.c b/src/httpd.c index 4cbbf540..a740332e 100644 --- a/src/httpd.c +++ b/src/httpd.c @@ -954,6 +954,9 @@ httpd_admin_check_auth(struct evhttp_request *req) const char *passwd; int ret; + if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode")) + return true; + passwd = cfg_getstr(cfg_getsec(cfg, "general"), "admin_password"); if (passwd) { diff --git a/src/httpd_daap.c b/src/httpd_daap.c index 4ec6ca9e..13f9deb6 100644 --- a/src/httpd_daap.c +++ b/src/httpd_daap.c @@ -954,6 +954,9 @@ daap_request_authorize(struct daap_request *dreq) char *passwd; int ret; + if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode")) + return 0; + param = evhttp_find_header(&dreq->query, "session-id"); if (param) { @@ -1148,7 +1151,7 @@ daap_reply_login(struct evbuffer *reply, struct daap_request *dreq) CHECK_ERR(L_DAAP, evbuffer_expand(reply, 32)); is_remote = (param = evhttp_find_header(&dreq->query, "pairing-guid")); - if (param) + if (param && !cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode")) { if (strlen(param) < 3) { diff --git a/src/httpd_dacp.c b/src/httpd_dacp.c index dec84edb..8034b147 100644 --- a/src/httpd_dacp.c +++ b/src/httpd_dacp.c @@ -235,6 +235,9 @@ dacp_request_authorize(struct evhttp_request *req, struct evkeyvalq *query) int32_t id; int ret; + if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode")) + return 0; + param = evhttp_find_header(query, "session-id"); if (!param) { diff --git a/src/httpd_rsp.c b/src/httpd_rsp.c index 77b9b5ce..db2eebb2 100644 --- a/src/httpd_rsp.c +++ b/src/httpd_rsp.c @@ -853,7 +853,7 @@ rsp_request(struct evhttp_request *req) /* Check authentication */ lib = cfg_getsec(cfg, "library"); passwd = cfg_getstr(lib, "password"); - if (passwd) + if (passwd && !cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode")) { libname = cfg_getstr(lib, "name");