Change: move sensitive information to secrets.cfg and private information to private.cfg

We often ask people for their openttd.cfg, which now includes their passwords, usernames, etc. It is easy for people to overlook this, unwillingly sharing information they shouldn't. By splitting this information over either private.cfg or secrets.cfg, we make it more obvious they shouldn't be sharing those files, and hint to what is inside them.
2021-06-28 16:39:48 +02:00
parent 4f3bf84af4
commit 75b6051b7a
8 changed files with 361 additions and 123 deletions
--- a/src/table/settings/CMakeLists.txt
+++ b/src/table/settings/CMakeLists.txt
@@ -7,6 +7,8 @@ set(TABLE_INI_SOURCE_FILES
        ${CMAKE_CURRENT_SOURCE_DIR}/gameopt_settings.ini
        ${CMAKE_CURRENT_SOURCE_DIR}/misc_settings.ini
        ${CMAKE_CURRENT_SOURCE_DIR}/network_settings.ini
+        ${CMAKE_CURRENT_SOURCE_DIR}/network_private_settings.ini
+        ${CMAKE_CURRENT_SOURCE_DIR}/network_secrets_settings.ini
        ${CMAKE_CURRENT_SOURCE_DIR}/settings.ini
        ${CMAKE_CURRENT_SOURCE_DIR}/win32_settings.ini
        ${CMAKE_CURRENT_SOURCE_DIR}/window_settings.ini
--- a/src/table/settings/network_private_settings.ini
+++ b/src/table/settings/network_private_settings.ini
@@ -0,0 +1,68 @@
+; This file is part of OpenTTD.
+; OpenTTD is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2.
+; OpenTTD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+; See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with OpenTTD. If not, see <http://www.gnu.org/licenses/>.
+;
+
+; Network settings as stored in the private configuration file ("private.cfg").
+
+[pre-amble]
+static const SettingVariant _network_private_settings[] = {
+[post-amble]
+};
+[templates]
+SDTC_SSTR  =  SDTC_SSTR(              $var, $type, $flags, $def,             $length,                                  $pre_cb, $post_cb, $from, $to,        $cat, $extra, $startup),
+
+[validation]
+
+[defaults]
+flags    = SF_NONE
+interval = 0
+str      = STR_NULL
+strhelp  = STR_CONFIG_SETTING_NO_EXPLANATION_AVAILABLE_HELPTEXT
+strval   = STR_NULL
+pre_cb   = nullptr
+post_cb  = nullptr
+load     = nullptr
+from     = SL_MIN_VERSION
+to       = SL_MAX_VERSION
+cat      = SC_ADVANCED
+extra    = 0
+startup  = false
+
+
+
+[SDTC_SSTR]
+var      = network.client_name
+type     = SLE_STR
+length   = NETWORK_CLIENT_NAME_LENGTH
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC
+def      = nullptr
+pre_cb   = NetworkValidateClientName
+post_cb  = NetworkUpdateClientName
+cat      = SC_BASIC
+
+[SDTC_SSTR]
+var      = network.server_name
+type     = SLE_STR
+length   = NETWORK_NAME_LENGTH
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
+def      = nullptr
+pre_cb   = NetworkValidateServerName
+post_cb  = [](auto) { UpdateClientConfigValues(); }
+cat      = SC_BASIC
+
+[SDTC_SSTR]
+var      = network.connect_to_ip
+type     = SLE_STR
+length   = 0
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC
+def      = nullptr
+
+[SDTC_SSTR]
+var      = network.last_joined
+type     = SLE_STR
+length   = 0
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC
+def      = """"
+cat      = SC_EXPERT
--- a/src/table/settings/network_secrets_settings.ini
+++ b/src/table/settings/network_secrets_settings.ini
@@ -0,0 +1,76 @@
+; This file is part of OpenTTD.
+; OpenTTD is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2.
+; OpenTTD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+; See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with OpenTTD. If not, see <http://www.gnu.org/licenses/>.
+;
+
+; Network settings as stored in the secrets configuration file ("secrets.cfg").
+
+[pre-amble]
+static bool ReplaceAsteriskWithEmptyPassword(std::string &newval);
+
+static const SettingVariant _network_secrets_settings[] = {
+[post-amble]
+};
+[templates]
+SDTC_SSTR  =  SDTC_SSTR(              $var, $type, $flags, $def,             $length,                                  $pre_cb, $post_cb, $from, $to,        $cat, $extra, $startup),
+
+[validation]
+
+[defaults]
+flags    = SF_NONE
+interval = 0
+str      = STR_NULL
+strhelp  = STR_CONFIG_SETTING_NO_EXPLANATION_AVAILABLE_HELPTEXT
+strval   = STR_NULL
+pre_cb   = nullptr
+post_cb  = nullptr
+load     = nullptr
+from     = SL_MIN_VERSION
+to       = SL_MAX_VERSION
+cat      = SC_ADVANCED
+extra    = 0
+startup  = false
+
+
+
+[SDTC_SSTR]
+var      = network.server_password
+type     = SLE_STR
+length   = NETWORK_PASSWORD_LENGTH
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
+def      = nullptr
+pre_cb   = ReplaceAsteriskWithEmptyPassword
+post_cb  = [](auto) { NetworkServerUpdateGameInfo(); }
+cat      = SC_BASIC
+
+[SDTC_SSTR]
+var      = network.rcon_password
+type     = SLE_STR
+length   = NETWORK_PASSWORD_LENGTH
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
+def      = nullptr
+pre_cb   = ReplaceAsteriskWithEmptyPassword
+cat      = SC_BASIC
+
+[SDTC_SSTR]
+var      = network.admin_password
+type     = SLE_STR
+length   = NETWORK_PASSWORD_LENGTH
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
+def      = nullptr
+cat      = SC_BASIC
+
+[SDTC_SSTR]
+var      = network.default_company_pass
+type     = SLE_STR
+length   = NETWORK_PASSWORD_LENGTH
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC
+def      = nullptr
+
+[SDTC_SSTR]
+var      = network.network_id
+type     = SLE_STR
+length   = NETWORK_SERVER_ID_LENGTH
+flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
+def      = nullptr
--- a/src/table/settings/network_settings.ini
+++ b/src/table/settings/network_settings.ini
@@ -7,7 +7,6 @@
 ; Network settings as stored in the main configuration file ("openttd.cfg").

 [pre-amble]
-static bool ReplaceAsteriskWithEmptyPassword(std::string &newval);
 static void UpdateClientConfigValues();

 static const SettingVariant _network_settings[] = {
@@ -15,7 +14,6 @@ static const SettingVariant _network_settings[] = {
 };
 [templates]
 SDTC_BOOL  =  SDTC_BOOL(              $var,        $flags, $def,                              $str, $strhelp, $strval, $pre_cb, $post_cb, $from, $to,        $cat, $extra, $startup),
-SDTC_SSTR  =  SDTC_SSTR(              $var, $type, $flags, $def,             $length,                                  $pre_cb, $post_cb, $from, $to,        $cat, $extra, $startup),
 SDTC_VAR   =   SDTC_VAR(              $var, $type, $flags, $def,       $min, $max, $interval, $str, $strhelp, $strval, $pre_cb, $post_cb, $from, $to,        $cat, $extra, $startup),

 [validation]
@@ -166,74 +164,6 @@ var      = network.server_advertise
 flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
 def      = false

-[SDTC_SSTR]
-var      = network.client_name
-type     = SLE_STR
-length   = NETWORK_CLIENT_NAME_LENGTH
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC
-def      = nullptr
-pre_cb   = NetworkValidateClientName
-post_cb  = NetworkUpdateClientName
-cat      = SC_BASIC
-
-[SDTC_SSTR]
-var      = network.server_password
-type     = SLE_STR
-length   = NETWORK_PASSWORD_LENGTH
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
-def      = nullptr
-pre_cb   = ReplaceAsteriskWithEmptyPassword
-post_cb  = [](auto) { NetworkServerUpdateGameInfo(); }
-cat      = SC_BASIC
-
-[SDTC_SSTR]
-var      = network.rcon_password
-type     = SLE_STR
-length   = NETWORK_PASSWORD_LENGTH
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
-def      = nullptr
-pre_cb   = ReplaceAsteriskWithEmptyPassword
-cat      = SC_BASIC
-
-[SDTC_SSTR]
-var      = network.admin_password
-type     = SLE_STR
-length   = NETWORK_PASSWORD_LENGTH
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
-def      = nullptr
-cat      = SC_BASIC
-
-[SDTC_SSTR]
-var      = network.default_company_pass
-type     = SLE_STR
-length   = NETWORK_PASSWORD_LENGTH
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC
-def      = nullptr
-
-[SDTC_SSTR]
-var      = network.server_name
-type     = SLE_STR
-length   = NETWORK_NAME_LENGTH
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
-def      = nullptr
-pre_cb   = NetworkValidateServerName
-post_cb  = [](auto) { UpdateClientConfigValues(); }
-cat      = SC_BASIC
-
-[SDTC_SSTR]
-var      = network.connect_to_ip
-type     = SLE_STR
-length   = 0
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC
-def      = nullptr
-
-[SDTC_SSTR]
-var      = network.network_id
-type     = SLE_STR
-length   = NETWORK_SERVER_ID_LENGTH
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
-def      = nullptr
-
 [SDTC_BOOL]
 var      = network.autoclean_companies
 flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
@@ -316,14 +246,6 @@ flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC | SF_NETWORK_ONLY
 def      = false
 cat      = SC_EXPERT

-[SDTC_SSTR]
-var      = network.last_joined
-type     = SLE_STR
-length   = 0
-flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC
-def      = """"
-cat      = SC_EXPERT
-
 [SDTC_BOOL]
 var      = network.no_http_content_downloads
 flags    = SF_NOT_IN_SAVE | SF_NO_NETWORK_SYNC