[httpd] Add promiscuous mode option, i.e. no auth requirements

For people who want to avoid the web login, or want to get around pairing
problems. This is also added because commit #e59a1a1 means that all
Remotes are now subject to auth, not just those with a user-agent name that
starts with "Remote".
This commit is contained in:
ejurgensen 2017-10-29 00:05:20 +02:00
parent 8e7c47cce9
commit eff9e6ebeb
6 changed files with 26 additions and 9 deletions

View File

@ -22,11 +22,17 @@ general {
loglevel = log loglevel = log
# Admin password for the web interface # Admin password for the web interface
# If not set (default), access to the web interface is only permitted from localhost # If not set (default), access to the web interface is only permitted
# from localhost (except in promiscuous mode)
# admin_password = "" # admin_password = ""
# Websocket port for the web interface. # Websocket port for the web interface.
# websocket_port = 3688 # websocket_port = 3688
# Let clients connect without checking their credentials. This applies
# both to Remotes, DAAP clients and the web interface.
# promiscuous_mode = no
# Enable/disable IPv6 # Enable/disable IPv6
ipv6 = yes ipv6 = yes

View File

@ -45,14 +45,12 @@ static int cb_loglevel(cfg_t *cfg, cfg_opt_t *opt, const char *value, void *resu
static cfg_opt_t sec_general[] = static cfg_opt_t sec_general[] =
{ {
CFG_STR("uid", "nobody", CFGF_NONE), CFG_STR("uid", "nobody", CFGF_NONE),
CFG_STR("db_path", STATEDIR "/cache/" PACKAGE "/songs3.db", CFGF_NONE),
CFG_STR("logfile", STATEDIR "/log/" PACKAGE ".log", CFGF_NONE),
CFG_INT_CB("loglevel", E_LOG, CFGF_NONE, &cb_loglevel),
CFG_STR("admin_password", NULL, CFGF_NONE), CFG_STR("admin_password", NULL, CFGF_NONE),
CFG_INT("websocket_port", 3688, CFGF_NONE), CFG_INT("websocket_port", 3688, CFGF_NONE),
CFG_STR("logfile", STATEDIR "/log/" PACKAGE ".log", CFGF_NONE), CFG_BOOL("promiscuous_mode", cfg_false, CFGF_NONE),
CFG_STR("db_path", STATEDIR "/cache/" PACKAGE "/songs3.db", CFGF_NONE),
CFG_INT("db_pragma_cache_size", -1, CFGF_NONE),
CFG_STR("db_pragma_journal_mode", NULL, CFGF_NONE),
CFG_INT("db_pragma_synchronous", -1, CFGF_NONE),
CFG_INT_CB("loglevel", E_LOG, CFGF_NONE, &cb_loglevel),
CFG_BOOL("ipv6", cfg_true, CFGF_NONE), CFG_BOOL("ipv6", cfg_true, CFGF_NONE),
CFG_STR("cache_path", STATEDIR "/cache/" PACKAGE "/cache.db", CFGF_NONE), CFG_STR("cache_path", STATEDIR "/cache/" PACKAGE "/cache.db", CFGF_NONE),
CFG_INT("cache_daap_threshold", 1000, CFGF_NONE), CFG_INT("cache_daap_threshold", 1000, CFGF_NONE),
@ -62,6 +60,10 @@ static cfg_opt_t sec_general[] =
#else #else
CFG_BOOL("high_resolution_clock", cfg_true, CFGF_NONE), CFG_BOOL("high_resolution_clock", cfg_true, CFGF_NONE),
#endif #endif
// Hidden options
CFG_INT("db_pragma_cache_size", -1, CFGF_NONE),
CFG_STR("db_pragma_journal_mode", NULL, CFGF_NONE),
CFG_INT("db_pragma_synchronous", -1, CFGF_NONE),
CFG_STR("allow_origin", "*", CFGF_NONE), CFG_STR("allow_origin", "*", CFGF_NONE),
CFG_END() CFG_END()
}; };

View File

@ -954,6 +954,9 @@ httpd_admin_check_auth(struct evhttp_request *req)
const char *passwd; const char *passwd;
int ret; int ret;
if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
return true;
passwd = cfg_getstr(cfg_getsec(cfg, "general"), "admin_password"); passwd = cfg_getstr(cfg_getsec(cfg, "general"), "admin_password");
if (passwd) if (passwd)
{ {

View File

@ -954,6 +954,9 @@ daap_request_authorize(struct daap_request *dreq)
char *passwd; char *passwd;
int ret; int ret;
if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
return 0;
param = evhttp_find_header(&dreq->query, "session-id"); param = evhttp_find_header(&dreq->query, "session-id");
if (param) if (param)
{ {
@ -1148,7 +1151,7 @@ daap_reply_login(struct evbuffer *reply, struct daap_request *dreq)
CHECK_ERR(L_DAAP, evbuffer_expand(reply, 32)); CHECK_ERR(L_DAAP, evbuffer_expand(reply, 32));
is_remote = (param = evhttp_find_header(&dreq->query, "pairing-guid")); is_remote = (param = evhttp_find_header(&dreq->query, "pairing-guid"));
if (param) if (param && !cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
{ {
if (strlen(param) < 3) if (strlen(param) < 3)
{ {

View File

@ -235,6 +235,9 @@ dacp_request_authorize(struct evhttp_request *req, struct evkeyvalq *query)
int32_t id; int32_t id;
int ret; int ret;
if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
return 0;
param = evhttp_find_header(query, "session-id"); param = evhttp_find_header(query, "session-id");
if (!param) if (!param)
{ {

View File

@ -853,7 +853,7 @@ rsp_request(struct evhttp_request *req)
/* Check authentication */ /* Check authentication */
lib = cfg_getsec(cfg, "library"); lib = cfg_getsec(cfg, "library");
passwd = cfg_getstr(lib, "password"); passwd = cfg_getstr(lib, "password");
if (passwd) if (passwd && !cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
{ {
libname = cfg_getstr(lib, "name"); libname = cfg_getstr(lib, "name");