Commit Graph

97 Commits

Author SHA1 Message Date
72f4f186da merge: sync upstream profanity-im/profanity
All checks were successful
CI Code / Check spelling (push) Successful in 18s
CI Code / Check coding style (push) Successful in 34s
CI Code / Code Coverage (push) Successful in 2m36s
CI Code / Linux (debian) (push) Successful in 4m41s
CI Code / Linux (ubuntu) (push) Successful in 4m52s
CI Code / Linux (arch) (push) Successful in 5m40s
Sync with upstream profanity-im/profanity.

Major upstream changes incorporated:

Memory management
  - Replace malloc+memset with g_new0 throughout codebase
  - Adopt auto_gchar / auto_gcharv / auto_gerror / auto_jid cleanup macros
  - Replace free() with g_free() for GAlloc'd memory

Editor rewrite
  - Remove pthread-based async editor; use GChildWatch callback API
  - New launch_editor(initial_content, callback, user_data) interface
  - Proper signal handling (SIGINT, SIGTSTP, SIGPIPE reset in child)
  - ui_suspend()/ui_resume() integration for TTY management

OMEMO improvements
  - Dual backend support: libsignal-protocol-c and libomemo-c
  - Proper pre-key removal after use (XEP-0384 compliance)
  - Automatic pre-key regeneration when store drops below threshold
  - New functions: omemo_is_device_active(), omemo_is_jid_trusted()
  - omemo_get_jid_untrusted_fingerprints() for better error messages
  - Fingerprint notifications on new device identity discovery
  - Deterministic pre-key ID generation tracking max_pre_key_id
  - omemo_trust_changed() UI updates on trust state changes

JID validation
  - RFC 6122-compliant validation in jid_is_valid()
  - Character-level checks (RFC 6122 forbidden chars: & ' / : < > @)
  - Length limits: 1023 per component, 3071 total
  - New jid_is_valid_user_jid() for user vs. service JID distinction

Database
  - Schema migration v3: UNIQUE constraint on archive_id for deduplication
  - Triggers for corrected message tracking (replaces_db_id / replaced_by_db_id)
  - db_history_result_t return type, _truncate_datetime_suffix()

UI / console
  - win_warn_needed() / win_warn_sent() warning deduplication hash table
  - PAD_MIN_HEIGHT dynamic pad sizing with PAD_THRESHOLD auto-cleanup
  - Spellcheck integration in input field with Unicode word detection
  - cons_spellcheck_setting() for /settings ui output
  - /[command]? shortcut for command help

Account config
  - Account name sanitization for GKeyFile special chars ([ ] = # \n \r)
  - Replace popen() with g_spawn_sync() for eval_password
  - TLS policy: add "direct" option alongside legacy

Connection
  - Port validation with g_assert (0–65535)
  - SHA-256 certificate fingerprint support (XMPP_CERT_PUBKEY_FINGERPRINT_SHA256)
  - "direct" TLS policy alias for legacy SSL

Common utilities
  - str_xml_sanitize() for XML 1.0 illegal character removal
  - string_matches_one_of() with formatted error messages
  - valid_tls_policy_option() helper
  - prof_date_time_format_iso8601() utility
  - Improved strip_arg_quotes() with backslash unescaping
  - prof_occurrences() uses g_slist_prepend + reverse for performance

PGP / OX
  - Proper GPGME resource cleanup with goto-cleanup pattern
  - g_string_free(xmppuri) leak fix in _ox_key_lookup

CSV export
  - Use GString + g_file_set_contents instead of raw write() syscalls

Tests
  - Restructured into subdirectories: command/, config/, xmpp/, ui/, omemo/, otr/, pgp/
  - New test_cmd_ac.c for autocompleter unit tests
  - Updated stubs for new UI suspend/resume functions

License headers
  - Migrate to SPDX-3.0 identifiers (GPL-3.0-or-later WITH OpenSSL-exception)

────────────────────────────────────────────────────
cproof-specific preservations:

  - XEP-0308 LMC: replace_id ?: id logic in message/stanza/omemo
  - Force encryption: cmd_force_encryption, test_forced_encryption
  - CWE-134: format string protection (cons_show("%s", ...))
  - y_start_pos-based paging in window.c
  - db_history_result_t return type, _truncate_datetime_suffix()

Merge-time fixes:

  - common.c: format-security (-Werror) — cons_show(errmsg) → cons_show("%s", errmsg)
  - database.c: null-deref guard — !msg->timestamp → msg && !msg->timestamp
  - console.c: implicit size_t → int cast — (int)(maxlen + 1)
  - tlscerts.c: %d for size_t — %zu

Build system:
  - Kept autotools (Makefile.am, configure.ac); upstream uses Meson
  - Restored deleted files: bootstrap.sh, autogen.sh, ax_valgrind_check.m4, configure-debug
  - Updated Makefile.am test paths for subdirectory structure
  - Added test_cmd_ac, test_forced_encryption to test sources

Functional tests:
  - Use cproof version; upstream requires stbbr_for_xmlns from updated stabber
  - Not yet available in devs/stabber fork

Closes #64

Merge author: jabber.developer2
Commits authors:
 Michael Vetter <jubalh@iodoru.org>
& Steffen Jaeckel <s@jaeckel.eu>
2026-05-26 17:48:14 +00:00
9e5dfb14f8 feat(ai): add AI client with multi-provider chat support
All checks were successful
CI Code / Check spelling (push) Successful in 18s
CI Code / Check coding style (push) Successful in 29s
CI Code / Code Coverage (push) Successful in 2m44s
CI Code / Linux (debian) (push) Successful in 4m46s
CI Code / Linux (ubuntu) (push) Successful in 4m59s
CI Code / Linux (arch) (push) Successful in 5m56s
Add an AI client module that integrates with OpenAI-compatible API
providers (OpenAI, Perplexity, and custom endpoints) to provide
AI-assisted chat within CProof. Users can start sessions with /ai start,
send prompts, receive responses in a dedicated AI window, switch between
providers and models, and manage API keys — all with tab-completion.

Providers are configured via /ai set commands with per-provider API keys,
endpoints, default models, and custom settings. Two default providers
(openai, perplexity) are seeded on first use. Provider state persists in
[ai/<name>] sections of the preferences keyfile with automatic migration
from the previous flat-key format.

The /ai command integrates into the existing command system with 8
subcommands covering provider management, session lifecycle, model
fetching, and conversation clearing. Autocomplete uses the standard
flat prefix-matching chain for reliable tab-completion at every nesting
level. A new ProfAiWin window type is added to the window system.

Architecture:

Async design: HTTP requests run on a background thread (pthread) to avoid blocking the ncurses UI loop; results are displayed on the main thread via direct function calls
Thread safety: AIProvider and AISession use atomic ref-counting and mutex-protected session state; the request thread snapshots all session data before making the HTTP call
Window validation: wins_ai_exists() prevents use-after-free when the user closes the AI window during an in-flight HTTP request (~60s)
Privacy: store:false is sent with every request to prevent providers from persisting conversations or using them for training
Response size limit: 10MB cap with immediate curl abort via CURL_WRITEFUNC_ERROR to prevent OOM
JSON parsing uses unified helpers for both chat responses and error
envelopes with consistent escape decoding. The response parser tries
Perplexity /v1/responses "text" field first, then falls back to OpenAI
"content". Error parsing extracts provider error.message from the
standard envelope format. Model parsing handles multiple API response
formats (OpenAI list, Perplexity, array) including edge cases.

Tests include 470+ lines of unit tests covering provider management,
session lifecycle, JSON parsing (multiple formats), autocomplete cycling,
and error handling, plus functional tests for /ai command dispatch.
A stub_ai.c module isolates unit tests from UI dependencies.
2026-05-15 02:21:54 +00:00
442bfb6ce1 feat: Add /force-encryption command and update message handling
All checks were successful
CI / Check spelling (pull_request) Successful in 18s
CI / Check coding style (pull_request) Successful in 34s
CI / Linux (ubuntu) (pull_request) Successful in 14m5s
CI / Linux (debian) (pull_request) Successful in 14m5s
CI / Linux (arch) (pull_request) Successful in 14m53s
Implement /force-encryption command to configure forced encryption
settings with on|off and policy resend-to-confirm|block options.

The changes enhance user experience by clarifying encryption requirements
and providing actionable commands. Users can now press Enter again to
confirm unencrypted messages in resend-to-confirm mode.
2025-08-25 21:11:27 +02:00
Michael Vetter
07dfeec816 Release 0.15.0 2025-03-27 20:06:38 +01:00
Michael Vetter
569e37f018 Update copyright to 2024 2024-01-22 16:03:48 +01:00
John Hernandez
a1ff88caae Introduce /redraw command
`/redraw` command allows resolve problem for usual users,
as well as developers.

Incredibly useful when debugging with something that
can trash out the output, like GDB.

Not to mention many asynchronous commands that can break the UI
at any point.
2023-11-14 13:32:37 +01:00
John Hernandez
1c102fec27 Add /privacy logging command
Add ability to completely turn logs off,
Needed since `/logging` and `/history` didn't stop history logging
in the DB, only in files.
Command might break something on usage,
hence it was primarily introduced for privacy geeks.
Privacy command discussion #1836
2023-07-03 16:06:24 +02:00
Steffen Jaeckel
a45f05a45e slightly improve command_defs[]
* make the struct `const`
* use designated initializers
* remove `CMD_NOxyz` macros
* fix function-pointer correctness of `sub_func[]`

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-01-18 20:02:46 +01:00
Steffen Jaeckel
b1b6c6f62d add /strophe command to modify libstrophe-specific settings
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-01-18 17:04:41 +01:00
Michael Vetter
3adc399da0 Update copyright year 2023-01-10 10:37:25 +01:00
Marouane L
f934c5b59f Add vCard support
Only nicknames, photos, birthdays, addresses, telephone numbers, emails,
JIDs, titles, roles, notes, and URLs are supported

Due to the synopsis array not having enough space, `/vcard photo
open-self` and `/vcard photo save-self` are not documented properly in
the synopsis section of the `/vcard` command, but they are documented in
the arguments section

Fixed memory leak in vcard autocomplete (thanks to debXwoody)
2022-10-18 23:24:30 +01:00
Michael Vetter
cf83976b51 Add basic qrcode functions 2022-05-30 18:04:36 +02:00
Michael Vetter
1330ad4e1e Update copyright year 2022-05-09 15:43:33 +02:00
Michael Vetter
d011d6707c ox: Add /ox log command 2022-05-05 23:41:45 +02:00
Artjom Vejsel
2c003dd2e1 add /stamp command
command allow override standard stamps of incoming and outgoing messages
2022-04-02 00:23:08 +03:00
DebXWoody
23e886ed5e Add xep-0107: User Mood support
Implementation of XEP 0107 - User Mood
2021-12-06 13:32:54 +01:00
Michael Vetter
59063aa3b4 Merge pull request #1601 from MarcoPolo-PasTonMolo/master
Add /correct-editor command
2021-10-22 12:38:39 +02:00
Michael Vetter
46c8245af9 Format new register code correctly 2021-10-13 21:32:44 +02:00
MarcoPolo-PasTonMolo
09f5cadf1a Add /correct-editor command 2021-10-07 15:53:12 +03:00
swirl
d9366a26d6 initial register command test 2021-08-17 14:09:48 -04:00
Michael Vetter
06482fdaef Add option to only allow messages from jids in roster
`/silence on` will throw away all messages (type: chat, normal) that
come from jids that are not in the roster.

Implement https://github.com/profanity-im/profanity/issues/955
2021-07-01 18:02:03 +02:00
DebXWoody
3520645366 Attention flag for chat windows
User is able to toggle a flag for chat windows. This flag should be used to mark
the window for "Attention".

Use Ctrl+f to mark the window.
2021-05-29 08:05:03 +02:00
Stefan
3ba38eafa8 OMEMO - trust mode (#1506)
Add OMEMO trust mode capabilities.

* ToFu / first usage
* blind trust
* manual
2021-04-17 13:28:54 +02:00
Michael Vetter
19c5925c37 editor: make editor configurable via /executable
`/executable set editor /full/path/to/edit`.

Regards https://github.com/profanity-im/profanity/issues/1521
2021-04-16 23:18:19 +02:00
Stefan
8be8f75b87 Add new editor command
Goal is to launch an external editor (eg vim) to edit the text there.
2021-04-16 18:03:58 +02:00
Thorben Günther
b0aea2bcff Add command to change password of logged in user 2021-03-11 17:42:53 +01:00
Michael Vetter
44fc3f0506 Add /mam command
Regards https://github.com/profanity-im/profanity/issues/660
2021-01-28 15:11:50 +01:00
William Wennerström
d7848e38bc Remove scheme and filetype matching for url (save|open) 2020-12-08 20:01:17 +01:00
William Wennerström
5c5b4d7025 Remove cmd_tiny, empty files and link nonce with IV 2020-12-07 16:30:03 +01:00
William Wennerström
4711fc62a3 Run make format on rebase 2020-11-16 21:58:09 +01:00
William Wennerström
9d58472c8c Remove /omemo sendfile 2020-11-16 21:58:08 +01:00
Michael Vetter
39315483a8 Remove /tiny command
boothj5 gave his okay too.

Fix https://github.com/profanity-im/profanity/issues/1370
2020-07-10 17:48:34 +02:00
Michael Vetter
a2726b6a7d Apply coding style 2020-07-07 14:18:57 +02:00
Michael Vetter
a4cadf78fa Revert "Apply coding style"
This reverts commit 9b55f2dec0.

Sorting the includes creates some problems.
2020-07-07 13:53:30 +02:00
Michael Vetter
9b55f2dec0 Apply coding style
Regards https://github.com/profanity-im/profanity/issues/1396
2020-07-07 09:43:28 +02:00
Michael Vetter
9774b0c550 Merge pull request #1374 from profanity-im/revampUrlopen
Rework /url and /executable for filetypes
2020-07-02 11:26:18 +02:00
DebXWoody
2c94ee5a88 Feature request - XEP-0373: OpenPGP for XMPP (OX)
Basic implementation of XEP-0373: OpenPGP for XMPP.
https://xmpp.org/extensions/xep-0373.html

Command /ox

Issue: #1331
2020-06-29 19:05:41 +02:00
Pierre Mazière
c56d530b67 Replace /urlopen with /url and adapt /executable
/urlopen is replaced by /url with the following sub commands:
/url open <url>
/url save <url> [<path>]

Signed-off-by: Pierre Mazière <pierre.maziere@gmx.com>
2020-06-25 15:03:04 +02:00
Michael Vetter
f121554088 List ignored bookmarks
`/bookmarl ignore` lists the ignored bookmarks.

Regards https://github.com/profanity-im/profanity/issues/1115
2020-05-24 17:55:08 +02:00
Michael Vetter
7b541d0a6d Add /executable command
This is used to set the openers for various commands.
So far for /avatar and /urlopen.
2020-05-20 14:14:49 +02:00
Michael Vetter
03334664fb Actually open the URL 2020-05-20 10:47:46 +02:00
Michael Vetter
9c853d9f46 xep-0092: make it possible to ask servers or components for software
This adds the new `/serversoftware` command.

```
/software user@domain.org/resource
/serversoftware domain.org
```

Fix https://github.com/profanity-im/profanity/issues/1338
2020-05-14 19:13:27 +02:00
Michael Vetter
f131680055 titlebar: allow displaying MUC name and MUC jid
`/titlebar use name|jid` -> `/titlebar show|hide name|jid`

Fix https://github.com/profanity-im/profanity/issues/1284
2020-03-24 22:22:16 +01:00
Michael Vetter
3c56b289ed Add slashguard feature
New command `/slashguard` tries to protect against typing ` /quit` by
not allowing a slash in the first 4 characters.
2020-03-18 18:20:05 +01:00
Michael Vetter
86bcadcbe3 Make /sendfile in OTR session configurable
`/otr sendfile on` allows unencrypted file transfer in an OMEMO session.

Regards https://github.com/profanity-im/profanity/pull/1270
2020-02-17 08:51:43 +01:00
Michael Vetter
36713a2ed7 Make /sendfile in OMEMO session configurable
`/omemo sendfile on` allows unencrypted file transfer in an OMEMO
session.

Regards https://github.com/profanity-im/profanity/pull/1270
2020-02-17 08:31:46 +01:00
Michael Vetter
1072cdab0a xep-0308: Fix sending corrections for multiple words 2020-02-14 10:17:07 +01:00
Michael Vetter
1118110071 xep-0308: Implement /correct to correct the last send message
So far the correction is sent. But the UI in Profanity itself is not
updated.

Also autocompletion for `/correct` with the last sent message is
missing.
2020-02-10 16:17:01 +01:00
Michael Vetter
c2d70a071f xep-0308: set correction char in config 2020-02-10 13:48:31 +01:00
Michael Vetter
4bc82a5318 XEP-0092: Add configuration option to choose whether to send OS name
`/os on|off` now let's one choose whether to include the OS name once
`/software` (XEP-0092) is ran on us.
2020-01-24 19:27:42 +01:00