Updated code to fix a couple minor issues and add readme

README

@@ -1,7 +1,18 @@
 MiniDLNA project
 (c) 2009 Justin Maggard
 Portions (c) 2006-2007 Thomas Bernard
-webpage: http://sourceforge.net/projects/minidlna/
+Portions (c) 2015 Nathanael Anderson
+Main webpage: http://sourceforge.net/projects/minidlna/
+Password version webpage: http://github.com/nathanaela/minidlna
+
+===================
+
+The password ability of this version of minidlna was developed by Nathanael Anderson
+and discussed about on http://fluentreports.com/blog/?p=58
+
+Read the README.PASSWORD for how to use.
+
+===================
 
 This directory contains the MiniDLNA daemon software.
 This software is subject to the conditions detailed in

README.PASSWORD

@@ -0,0 +1,49 @@
+MiniDLNA project
+(c) 2009 Justin Maggard
+Portions (c) 2006-2007 Thomas Bernard
+Portions (c) 2015 Nathanael Anderson
+Main webpage: http://sourceforge.net/projects/minidlna/
+Password version webpage: http://github.com/nathanaela/minidlna
+
+===================
+
+The password ability of this version of minidlna was developed by Nathanael Anderson
+and discussed on http://fluentreports.com/blog/?p=58
+
+Create a .password file containing just the password you want to protect that content folder (and any sub-folders).
+i.e. Media/Movies/Kids [no .password file - means this folder is always available]
+     Media/Movies/ScaryMovies/.password  [if it contains 1234 - you have to enter 1234 to see this folder].
+
+If you have any bugs/feature requests in the password feature please report them to 
+     http://github.com/nathanaela/minidlna
+
+
+A couple cool things:
+1. You can set your password length to up to 10 digits by changing the password_length in the minidlna.conf file.
+(Defaults to 4)
+
+2. You can put in as many passwords as you want.   Each time you put a password in; it remembers it, and uses
+all of them to compare to see if you have access to the content.
+
+3. Putting all 0 (Zeros) in, will make the server forget any passwords you put in on this client.
+
+4. All sub-folders are protected by any .password file above it.
+  (i.e. Media/Movies/ScaryMovies/.password will protect /Media/Movies/ScaryMovies/A/Aliens)
+
+5. You can have a different password in any sub-directory of another directory protected by a .password file.
+  (i.e. Media/Movies/ScaryMovies/.password (1234)    Media/Movies/ScaryMovies/A/Aliens/.password (2345)
+  Would requre you to have entered 1234 and 2345 as passwords to be able to navigate to it.
+
+
+
+A couple gotchas:
+1. During scanning for speed the .password is stored in a database when the media is scanned.  
+If you want to change a .password you will need to change the .password file and then do a    
+    minidlnad -R
+to reset the database and do a forced rescan.
+
+2. If you set your .password to 123 or 12345 and have your password_length set to 4; you will not be able
+to enter either of those passwords as the password length is was set to 4.  (Warning will show in Logs)
+
+3. Don't set any of your passwords to all Zeros.   This is a magic password to forget all passwords.  :-)
+  (Warning will appear in logs if "scanner" is set in log_level)

minidlna.c

@@ -561,6 +561,7 @@ init(int argc, char **argv)
 		case PASSWORD_LENGTH:
 			runtime_vars.password_length = atoi(ary_options[i].value);
 			if (runtime_vars.password_length > 10) runtime_vars.password_length = 10;
+			if (runtime_vars.password_length < 1) runtime_vars.password_length = 1;
 			break;
 		case UPNPPORT:
 			runtime_vars.port = atoi(ary_options[i].value);

minidlna.conf

@@ -17,6 +17,10 @@ port=8200
 #   + "PV" for pictures and video (eg. media_dir=PV,/home/jmaggard/digital_camera)
 media_dir=/opt
 
+# Password Length for the length of a password  
+# node: the default is 4 digits
+#password_length=4
+
 # set this to merge all media_dir base contents into the root container
 # note: the default is no
 #merge_media_dirs=no

minidlna.conf.5

@@ -57,6 +57,15 @@ Model number the daemon will report to clients in its XML description.
 Defaults to 1
 .fi
 
+.IP "\fBpassword_length\fP"
+.nf
+The length of a password, please note if the .password files have a password of a different size
+You will not be able to put in that password as the system will only allow you to put in passwords
+of this size.
+Defaults to 4
+.fi
+
+
 .IP "\fBmedia_dir\fP" 
 .nf
 Path to the directory containing the media files minidlna should share. 

scanner.c

@@ -717,17 +717,42 @@ static void
 readPassword(const char *dir, char *password, int size)
 {
     FILE *pFile = NULL;
+    char *p;
     int i;
     pFile = fopen(dir, "r");
-    memset((void *)password, 0, size+1);
-    fgets(password, size, pFile);
+    memset((void *)password, 0, size);
+    p = fgets(password, size, pFile);
+    if (!p) {
+	password[0] = 0;
+    }
     // Turn it into a Digit if it isn't a digit...
     for (i=0;i<strlen(password);i++) {
 	if (password[i] < '0' || password[i] > '9') {
+	    DPRINTF(E_WARN, L_SCANNER, "Password has a non-digit character, replacing with a 0\n");
 	    password[i] = '0';
 	}
     }
     fclose(pFile);
+
+    // I thought about adjusting the size of the password to match the password_length; however
+    // the problem with doing this is that if they went and added all the .password file then started minidlna
+    // realized they forgot to change the password_length to the correct value then they will end up with
+    // truncated passwords or zero padded passwords.     So for simplicity I decided to just leave the passwords
+    // alone and log a warning if they don't match the proper size
+
+    if (strlen(password) != runtime_vars.password_length) {
+		DPRINTF(E_WARN, L_SCANNER, "Password size %d does not match configuration password_length of %d\n", (int)strlen(password), runtime_vars.password_length);
+    }
+
+    // Check for Magic 0 password
+    for (i=0;i<strlen(password);i++) {
+	if (password[i] != '0') break;
+    }
+    if (i == strlen(password)) {
+	DPRINTF(E_WARN, L_SCANNER, "Password is all ZERO's -- disabling.\n");
+	password[0] = 0;
+    }
+
 }
 
 static void
@@ -790,7 +815,7 @@ ScanDirectory(const char *dir, const char *parent, media_types dir_types, const
 
 	snprintf(full_path, PATH_MAX, "%s/.password", dir);
 	if (access(full_path, 0) == 0) {
-	    readPassword(full_path, password, 10);
+	    readPassword(full_path, password, 11);
 	} else {
 	    strcpy(password, currentPassword);
 	}

upnpsoap.c

@@ -1214,7 +1214,6 @@ static void createPasswordContainer(struct Response *passed_args, const char *id
 		    strcpy(mainroot, "0");
 	}
 
-
 	strcpy(parent, id);
 
 	for (i=0;i<strlen(id);i++) {
@@ -1238,17 +1237,16 @@ static void createPasswordContainer(struct Response *passed_args, const char *id
 
 	if (depth == runtime_vars.password_length-1) cnt = 0;
 
-	DPRINTF(E_DEBUG, L_HTTP, "Generating Password Set:\n"
+	/* DPRINTF(E_DEBUG, L_HTTP, "Generating Password Set:\n"
 	                         " * ObjectID: %s\n"
 				 " * Parent: %s\n"
 	                         " * Start: %d/%d\n"
 	                         " * Depth: %d\n"
 	                         " * isMeta: %d\n",
-				 id, parent, start, end, depth, isMeta); 
+				 id, parent, start, end, depth, isMeta);  */
 
 
 	if (depth == runtime_vars.password_length) {
-//		passed_args->returned++;
 		if (!isMeta) {
 			// Find the First Parent after the Primary Parent
 			for (i=0; id[i] != '$' && i < strlen(id);i++);
@@ -1258,7 +1256,7 @@ static void createPasswordContainer(struct Response *passed_args, const char *id
 				pin[j] = id[i];
 			}
 			pin[j] = 0;
-			DPRINTF(E_DEBUG, L_HTTP, "Generating Password Pin: %s\n", pin);
+			//DPRINTF(E_DEBUG, L_HTTP, "Generating Password Pin: %s\n", pin);
 
 			if (passed_args->password == NULL) {
 				cnt = runtime_vars.password_length+3;
@@ -1273,7 +1271,17 @@ static void createPasswordContainer(struct Response *passed_args, const char *id
 				strcat(passed_args->password, pin);
 				strcat(passed_args->password, "'");
 			}
-			DPRINTF(E_DEBUG, L_HTTP, "Generating Password Stored: %s\n", passed_args->password);
+
+			// Check for all Zero's (0) to clear the password
+			for (i=0;i<strlen(pin);i++) {
+			    if (pin[i] != '0') break;
+			}
+			if (i == strlen(pin)) {
+			    free(passed_args->password);
+			    passed_args->password = NULL;
+			}
+
+			//DPRINTF(E_DEBUG, L_HTTP, "Generating Password Stored: %s\n", passed_args->password);
 
 		}
 		cnt = 0;