[httpd] Add promiscuous mode option, i.e. no auth requirements

For people who want to avoid the web login, or want to get around pairing
problems. This is also added because commit #e59a1a1 means that all
Remotes are now subject to auth, not just those with a user-agent name that
starts with "Remote".

forked-daapd.conf.in

@@ -22,11 +22,17 @@ general {
 	loglevel = log
 
 	# Admin password for the web interface
-	# If not set (default), access to the web interface is only permitted from localhost
+	# If not set (default), access to the web interface is only permitted
+	# from localhost (except in promiscuous mode)
 #	admin_password = ""
+
 	# Websocket port for the web interface. 
 #	websocket_port = 3688
 
+	# Let clients connect without checking their credentials. This applies
+	# both to Remotes, DAAP clients and the web interface.
+#	promiscuous_mode = no
+
 	# Enable/disable IPv6
 	ipv6 = yes
 

src/conffile.c

@@ -45,14 +45,12 @@ static int cb_loglevel(cfg_t *cfg, cfg_opt_t *opt, const char *value, void *resu
 static cfg_opt_t sec_general[] =
   {
     CFG_STR("uid", "nobody", CFGF_NONE),
+    CFG_STR("db_path", STATEDIR "/cache/" PACKAGE "/songs3.db", CFGF_NONE),
+    CFG_STR("logfile", STATEDIR "/log/" PACKAGE ".log", CFGF_NONE),
+    CFG_INT_CB("loglevel", E_LOG, CFGF_NONE, &cb_loglevel),
     CFG_STR("admin_password", NULL, CFGF_NONE),
     CFG_INT("websocket_port", 3688, CFGF_NONE),
-    CFG_STR("logfile", STATEDIR "/log/" PACKAGE ".log", CFGF_NONE),
+    CFG_BOOL("promiscuous_mode", cfg_false, CFGF_NONE),
-    CFG_STR("db_path", STATEDIR "/cache/" PACKAGE "/songs3.db", CFGF_NONE),
-    CFG_INT("db_pragma_cache_size", -1, CFGF_NONE),
-    CFG_STR("db_pragma_journal_mode", NULL, CFGF_NONE),
-    CFG_INT("db_pragma_synchronous", -1, CFGF_NONE),
-    CFG_INT_CB("loglevel", E_LOG, CFGF_NONE, &cb_loglevel),
     CFG_BOOL("ipv6", cfg_true, CFGF_NONE),
     CFG_STR("cache_path", STATEDIR "/cache/" PACKAGE "/cache.db", CFGF_NONE),
     CFG_INT("cache_daap_threshold", 1000, CFGF_NONE),
@@ -62,6 +60,10 @@ static cfg_opt_t sec_general[] =
 #else
     CFG_BOOL("high_resolution_clock", cfg_true, CFGF_NONE),
 #endif
+    // Hidden options
+    CFG_INT("db_pragma_cache_size", -1, CFGF_NONE),
+    CFG_STR("db_pragma_journal_mode", NULL, CFGF_NONE),
+    CFG_INT("db_pragma_synchronous", -1, CFGF_NONE),
     CFG_STR("allow_origin", "*", CFGF_NONE),
     CFG_END()
   };

src/httpd.c

@@ -954,6 +954,9 @@ httpd_admin_check_auth(struct evhttp_request *req)
   const char *passwd;
   int ret;
 
+  if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
+    return true;
+
   passwd = cfg_getstr(cfg_getsec(cfg, "general"), "admin_password");
   if (passwd)
     {

src/httpd_daap.c

@@ -954,6 +954,9 @@ daap_request_authorize(struct daap_request *dreq)
   char *passwd;
   int ret;
 
+  if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
+    return 0;
+
   param = evhttp_find_header(&dreq->query, "session-id");
   if (param)
     {
@@ -1148,7 +1151,7 @@ daap_reply_login(struct evbuffer *reply, struct daap_request *dreq)
   CHECK_ERR(L_DAAP, evbuffer_expand(reply, 32));
 
   is_remote = (param = evhttp_find_header(&dreq->query, "pairing-guid"));
-  if (param)
+  if (param && !cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
     {
       if (strlen(param) < 3)
 	{

src/httpd_dacp.c

@@ -235,6 +235,9 @@ dacp_request_authorize(struct evhttp_request *req, struct evkeyvalq *query)
   int32_t id;
   int ret;
 
+  if (cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
+    return 0;
+
   param = evhttp_find_header(query, "session-id");
   if (!param)
     {

src/httpd_rsp.c

@@ -853,7 +853,7 @@ rsp_request(struct evhttp_request *req)
   /* Check authentication */
   lib = cfg_getsec(cfg, "library");
   passwd = cfg_getstr(lib, "password");
-  if (passwd)
+  if (passwd && !cfg_getbool(cfg_getsec(cfg, "general"), "promiscuous_mode"))
     {
       libname = cfg_getstr(lib, "name");