Don't store the user's password in plaintext in the prefs file

The game now supports @ or = in usernames for the purpose of saving them to a file.

Though I don't think these are allowed currently, it's probably better to
support it from the start rather than having things break if they later
become allowed.

projectfiles/VC12/wesnoth.vcxproj

@@ -739,6 +739,7 @@
     <ClCompile Include="..\..\src\construct_dialog.cpp" />
     <ClCompile Include="..\..\src\controller_base.cpp" />
     <ClCompile Include="..\..\src\countdown_clock.cpp" />
+    <ClCompile Include="..\..\src\preferences\credentials.cpp" />
     <ClCompile Include="..\..\src\cursor.cpp" />
     <ClCompile Include="..\..\src\desktop\clipboard.cpp">
       <ObjectFileName Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">$(IntDir)Desktop\</ObjectFileName>
@@ -3447,6 +3448,7 @@
     </ClCompile>
   </ItemGroup>
   <ItemGroup>
+    <ClInclude Include="..\..\src\preferences\credentials.hpp" />
     <ClInclude Include="..\..\src\about.hpp" />
     <ClInclude Include="..\..\src\actions\advancement.hpp" />
     <ClInclude Include="..\..\src\actions\attack.hpp" />

projectfiles/VC12/wesnoth.vcxproj.filters

@@ -1540,6 +1540,9 @@
     <ClCompile Include="..\..\src\preferences\lobby.cpp">
       <Filter>Preferences</Filter>
     </ClCompile>
+    <ClCompile Include="..\..\src\preferences\credentials.cpp">
+      <Filter>Preferences</Filter>
+    </ClCompile>
   </ItemGroup>
   <ItemGroup>
     <ClInclude Include="..\..\src\addon\client.hpp">
@@ -2991,6 +2994,9 @@
     <ClInclude Include="..\..\src\preferences\lobby.hpp">
       <Filter>Preferences</Filter>
     </ClInclude>
+    <ClInclude Include="..\..\src\preferences\credentials.hpp">
+      <Filter>Preferences</Filter>
+    </ClInclude>
   </ItemGroup>
   <ItemGroup>
     <CustomBuild Include="..\..\src\tests\test_sdl_utils.hpp">

source_lists/libwesnoth

@@ -29,6 +29,7 @@ hotkey/hotkey_item.cpp
 hotkey/hotkey_manager.cpp
 image.cpp
 image_modifications.cpp
+preferences/credentials.cpp
 preferences/general.cpp
 joystick.cpp
 key.cpp

src/chat_events.cpp

@@ -20,6 +20,7 @@
 #include "log.hpp"
 #include "map_command_handler.hpp"
 #include "chat_command_handler.hpp"
+#include "preferences/credentials.hpp"
 #include "preferences/general.hpp"
 #include "preferences/game.hpp"
 

src/display_chat_manager.cpp

@@ -24,6 +24,7 @@
 #include "mp_ui_alerts.hpp"
 #include "serialization/string_utils.hpp"
 #include "color.hpp"
+#include "preferences/credentials.hpp"
 
 #include <SDL_timer.h>
 

src/filesystem.hpp

@@ -74,6 +74,7 @@ std::string get_dir(const std::string &dir);
 
 // The location of various important files:
 std::string get_prefs_file();
+std::string get_credentials_file();
 std::string get_default_prefs_file();
 std::string get_save_index_file();
 std::string get_saves_dir();

src/filesystem_common.cpp

@@ -34,6 +34,11 @@ std::string get_prefs_file()
 	return get_user_config_dir() + "/preferences";
 }
 
+std::string get_credentials_file()
+{
+	return get_user_config_dir() + "/credentials";
+}
+
 std::string get_default_prefs_file()
 {
 #ifdef HAS_RELATIVE_DEFPREF

src/game_initialization/configure_engine.cpp

@@ -17,6 +17,7 @@
 #include "mp_game_settings.hpp"
 #include "settings.hpp"
 #include "tod_manager.hpp"
+#include "preferences/credentials.hpp"
 
 #include <cassert>
 #include <sstream>

src/game_initialization/connect_engine.cpp

@@ -15,6 +15,7 @@
 
 #include "ai/configuration.hpp"
 #include "config_assign.hpp"
+#include "preferences/credentials.hpp"
 #include "formula/string_utils.hpp"
 #include "game_initialization/mp_game_utils.hpp"
 #include "game_initialization/playcampaign.hpp"

src/game_initialization/create_engine.cpp

@@ -15,6 +15,7 @@
 #include "game_initialization/create_engine.hpp"
 
 #include "config_assign.hpp"
+#include "preferences/credentials.hpp"
 #include "filesystem.hpp"
 #include "formula/string_utils.hpp"
 #include "game_config_manager.hpp"

src/game_initialization/lobby_data.cpp

@@ -15,6 +15,7 @@
 #include "game_initialization/lobby_data.hpp"
 
 #include "config.hpp"
+#include "preferences/credentials.hpp"
 #include "preferences/game.hpp"
 #include "gui/dialogs/campaign_difficulty.hpp"
 #include "filesystem.hpp"

src/game_initialization/multiplayer.cpp

@@ -16,6 +16,7 @@
 
 #include "addon/manager.hpp" // for installed_addons
 #include "config_assign.hpp"
+#include "preferences/credentials.hpp"
 #include "formula/string_utils.hpp"
 #include "game_config_manager.hpp"
 #include "game_initialization/mp_game_utils.hpp"
@@ -191,7 +192,7 @@ static std::unique_ptr<wesnothd_connection> open_connection(CVideo& video, const
 			if(!*error) break;
 
 			do {
-				std::string password = preferences::password();
+				std::string password = preferences::password(host, login);
 
 				bool fall_through = (*error)["force_confirmation"].to_bool() ?
 					(gui2::show_message(video, _("Confirm"), (*error)["message"], gui2::dialogs::message::ok_cancel_buttons) == gui2::window::CANCEL) :
@@ -289,7 +290,7 @@ static std::unique_ptr<wesnothd_connection> open_connection(CVideo& video, const
 					error_message = (*error)["message"].str();
 				}
 
-				gui2::dialogs::mp_login dlg(error_message, !((*error)["password_request"].empty()));
+				gui2::dialogs::mp_login dlg(host, error_message, !((*error)["password_request"].empty()));
 				dlg.show(video);
 
 				switch(dlg.get_retval()) {

src/game_launcher.cpp

@@ -15,6 +15,7 @@
 #include "game_launcher.hpp"
 #include "game_errors.hpp"
 
+#include "preferences/credentials.hpp"
 #include "commandline_options.hpp"      // for commandline_options
 #include "config.hpp"                   // for config, etc
 #include "config_assign.hpp"
@@ -240,14 +241,14 @@ game_launcher::game_launcher(const commandline_options& cmdline_opts, const char
 			else
 				multiplayer_server_ = "";
 		}
-	}
-	if (cmdline_opts_.username) {
-		preferences::disable_preferences_save();
-		preferences::set_login(*cmdline_opts_.username);
-	}
-	if (cmdline_opts_.password) {
-		preferences::disable_preferences_save();
-		preferences::set_password(*cmdline_opts_.password);
+		if (cmdline_opts_.username) {
+			preferences::disable_preferences_save();
+			preferences::set_login(*cmdline_opts_.username);
+			if (cmdline_opts_.password) {
+				preferences::disable_preferences_save();
+				preferences::set_password(*cmdline_opts.server, *cmdline_opts.username, *cmdline_opts_.password);
+			}
+		}
 	}
 	if (cmdline_opts_.test)
 	{

src/gui/dialogs/multiplayer/mp_change_control.cpp

@@ -22,7 +22,7 @@
 #include "formula/string_utils.hpp"
 #include "game_board.hpp"
 #include "game_display.hpp"
-#include "preferences/game.hpp"
+#include "preferences/credentials.hpp"
 #include "gui/auxiliary/find_widget.hpp"
 #include "gui/dialogs/helper.hpp"
 #include "gui/widgets/label.hpp"

src/gui/dialogs/multiplayer/mp_join_game.cpp

@@ -21,7 +21,7 @@
 #include "game_config.hpp"
 #include "game_config_manager.hpp"
 #include "game_initialization/mp_game_utils.hpp"
-#include "preferences/game.hpp"
+#include "preferences/credentials.hpp"
 #include "gettext.hpp"
 #include "gui/auxiliary/find_widget.hpp"
 #include "gui/dialogs/helper.hpp"

src/gui/dialogs/multiplayer/mp_login.cpp

@@ -16,8 +16,9 @@
 
 #include "gui/dialogs/multiplayer/mp_login.hpp"
 
-#include "preferences/game.hpp"
+#include "preferences/credentials.hpp"
 #include "gui/auxiliary/find_widget.hpp"
+#include "gui/auxiliary/field.hpp"
 #include "gui/widgets/button.hpp"
 #include "gui/widgets/password_box.hpp"
 #include "gui/widgets/settings.hpp"
@@ -64,24 +65,32 @@ namespace dialogs
 
 REGISTER_DIALOG(mp_login)
 
-mp_login::mp_login(const std::string& label, const bool focus_password)
+mp_login::mp_login(const std::string& host, const std::string& label, const bool focus_password)
+	: host_(host), focus_password_(focus_password)
 {
 	register_label("login_label", false, label);
-	register_text("user_name", true,
+	username_ = register_text("user_name", true,
 		&preferences::login,
 		&preferences::set_login,
 		!focus_password);
 
-	register_text("password",  true,
-		&preferences::password,
-		nullptr /* The password box returns '*' as value. */,
-		focus_password);
-
 	register_bool("remember_password", false,
 		&preferences::remember_password,
 		&preferences::set_remember_password);
 }
 
+void mp_login::load_password(window& win) const
+{
+	text_box& pwd = find_widget<text_box>(&win, "password", false);
+	pwd.set_value(preferences::password(host_, username_->get_widget_value(win)));
+}
+
+void mp_login::save_password(window& win) const
+{
+	password_box& pwd = find_widget<password_box>(&win, "password", false);
+	preferences::set_password(host_, username_->get_widget_value(win), pwd.get_real_value());
+}
+
 void mp_login::pre_show(window& win)
 {
 	if(button* btn = find_widget<button>(&win, "password_reminder", false, false)) {
@@ -93,12 +102,20 @@ void mp_login::pre_show(window& win)
 
 		btn->set_retval(2);
 	}
+
+	text_box& login = find_widget<text_box>(&win, "user_name", false);
+	login.connect_signal<event::RECEIVE_KEYBOARD_FOCUS>(std::bind(&mp_login::load_password, this, std::ref(win)));
+
+	load_password(win);
+
+	if(focus_password_) {
+		win.keyboard_capture(find_widget<text_box>(&win, "password", false, true));
+	}
 }
 
-void mp_login::post_show(window& win)
-{
+void mp_login::post_show(window& win) {
 	if(get_retval() == window::OK) {
-		preferences::set_password(find_widget<password_box>(&win, "password", false).get_real_value());
+		save_password(win);
 	}
 }
 

src/gui/dialogs/multiplayer/mp_login.hpp

@@ -19,13 +19,15 @@
 
 namespace gui2
 {
+class field_text;
+
 namespace dialogs
 {
 
 class mp_login : public modal_dialog
 {
 public:
-	mp_login(const std::string& label, const bool focus_password);
+	mp_login(const std::string& host, const std::string& label, const bool focus_password);
 
 private:
 	/** Inherited from modal_dialog, implemented by REGISTER_DIALOG. */
@@ -36,6 +38,13 @@ class mp_login : public modal_dialog
 
 	/** Inherited from modal_dialog. */
 	virtual void post_show(window& window) override;
+
+	void load_password(window& win) const;
+	void save_password(window& win) const;
+
+	const std::string host_;
+	field_text* username_;
+	bool focus_password_;
 };
 
 } // namespace dialogs

src/gui/dialogs/multiplayer/mp_method_selection.cpp

@@ -16,7 +16,7 @@
 
 #include "gui/dialogs/multiplayer/mp_method_selection.hpp"
 
-#include "preferences/game.hpp"
+#include "preferences/credentials.hpp"
 #include "gui/auxiliary/find_widget.hpp"
 #ifdef GUI2_EXPERIMENTAL_LISTBOX
 #include "gui/widgets/list.hpp"

src/gui/dialogs/preferences_dialog.cpp

@@ -18,6 +18,7 @@
 #include "gui/dialogs/preferences_dialog.hpp"
 
 #include "config_assign.hpp"
+#include "preferences/credentials.hpp"
 #include "gettext.hpp"
 #include "filesystem.hpp"
 #include "formatter.hpp"

src/gui/widgets/chatbox.cpp

@@ -34,6 +34,7 @@
 #include "gettext.hpp"
 #include "wesnothd_connection.hpp"
 #include "config_assign.hpp"
+#include "preferences/credentials.hpp"
 #include "preferences/game.hpp"
 #include "preferences/lobby.hpp"
 #include "log.hpp"

src/menu_events.cpp

@@ -31,6 +31,7 @@
 #include "color.hpp"
 #include "config_assign.hpp"
 #include "construct_dialog.hpp"
+#include "preferences/credentials.hpp"
 #include "display_chat_manager.hpp"
 #include "font/standard_colors.hpp"
 #include "formatter.hpp"

src/play_controller.cpp

@@ -26,6 +26,7 @@
 #include "actions/vision.hpp"
 #include "ai/manager.hpp"
 #include "ai/testing.hpp"
+#include "preferences/credentials.hpp"
 #include "display_chat_manager.hpp"
 #include "formula/string_utils.hpp"
 #include "game_events/manager.hpp"