At some point after my last experiment with iLeech/OpenDAAP/dapple, libopendaap cropped up. It claims to support the MD5-based authentication scheme that iTunes 4.1+ implements via the
Client-DAAP-Validation header. This seems very promising, assuming the author can keep up the pace with Apple's engineers (though apparently they're not trying too hard, with the main change in iTunes 4.5 being a single byte) and more importantly, stay ahead of their lawyers.
Now, the decision that must be made is whether to use
libopendaap in my would-be iTunes crawler directly, or to try and integrate its authentication scheme into the iLeech source base first, and then work from there.