Improve security of Console and Log files (#1461)

* Finally kill removePassword option * Cleanup * Cleanup * Cleanup * Cleanup * Final Cleanup * Fix compile warning * Revert "Cleanup"
2017-12-27 13:05:06 +01:00 · 2017-12-27 13:05:06 +01:00 · 0a7e57b6a7
parent c1f3fcd393
commit 0a7e57b6a7
5 changed files with 0 additions and 14 deletions
--- a/docs/config.md
+++ b/docs/config.md
@ -433,8 +433,6 @@ Security:
        # AuthMe will automatically disable and the server won't be protected!
        stopServer: true
    console:
-        # Remove passwords from console?
-        removePassword: true
        # Copy AuthMe log output in a separate file as well?
        logConsole: true
    captcha:
--- a/samples/NewConfig.yml
+++ b/samples/NewConfig.yml
@ -473,8 +473,6 @@ Security:
    console:
        # Remove spam console
        noConsoleSpam: false
-        # Replace passwords in the console when player type a command like /login
-        removePassword: true
    captcha:
        # Player need to put a captcha when he fails too lot the password
        useCaptcha: false
--- a/src/main/java/fr/xephi/authme/initialization/OnStartupTasks.java
+++ b/src/main/java/fr/xephi/authme/initialization/OnStartupTasks.java
@ -12,7 +12,6 @@ import fr.xephi.authme.settings.Settings;
 import fr.xephi.authme.settings.properties.DatabaseSettings;
 import fr.xephi.authme.settings.properties.EmailSettings;
 import fr.xephi.authme.settings.properties.PluginSettings;
-import fr.xephi.authme.settings.properties.SecuritySettings;
 import org.apache.logging.log4j.LogManager;
 import org.bstats.bukkit.Metrics;
 import org.bukkit.Bukkit;
@ -63,9 +62,6 @@ public class OnStartupTasks {
     * @param logger   the plugin logger
     */
    public static void setupConsoleFilter(Settings settings, Logger logger) {
-        if (!settings.getProperty(SecuritySettings.REMOVE_PASSWORD_FROM_CONSOLE)) {
-            return;
-        }
        // Try to set the log4j filter
        try {
            Class.forName("org.apache.logging.log4j.core.filter.AbstractFilter");
--- a/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java
+++ b/src/main/java/fr/xephi/authme/settings/properties/SecuritySettings.java
@ -20,10 +20,6 @@ public final class SecuritySettings implements SettingsHolder {
    public static final Property<Boolean> STOP_SERVER_ON_PROBLEM =
        newProperty("Security.SQLProblem.stopServer", true);

-    @Comment("Remove passwords from console?")
-    public static final Property<Boolean> REMOVE_PASSWORD_FROM_CONSOLE =
-        newProperty("Security.console.removePassword", true);
-
    @Comment("Copy AuthMe log output in a separate file as well?")
    public static final Property<Boolean> USE_LOGGING =
        newProperty("Security.console.logConsole", true);
--- a/src/test/resources/fr/xephi/authme/config.test.yml
+++ b/src/test/resources/fr/xephi/authme/config.test.yml
@ -275,8 +275,6 @@ Security:
    console:
        # Remove spam console
        noConsoleSpam: false
-        # Replace passwords in the console when player type a command like /login
-        removePassword: true
        # Copy AuthMe log output in a separate file as well?
        logConsole: true
    captcha: