Commit Graph

818 Commits

Author SHA1 Message Date
Michael Vetter
68af0aad65 _handle_groupchat(): get correct origin-id stanza
The problem is that in _handle_groupchat() we look for
STANZA_NS_STABLE_ID which will result in origin-id or stanza-id.
It seems like prosody servers send origin-id first, so this worked in
all my tests. But actually we cannot be sure of the order.
So far we stopped after the first element was found.

I only found xmpp_stanza_get_child_by_ns() and
xmpp_stanza_get_child_by_name() in libstrophe. But we need a combination
of both.

So I created stanza_get_child_by_name_and_ns() for Profanity. I need to
remember to upstream this to libstrophe later (if they really don't have
such a function).

Fix https://github.com/profanity-im/profanity/issues/1223
2019-11-08 15:05:49 +01:00
Michael Vetter
f71de61b9d Don't override ProfMessage Id with origin-id
Profanity sends the same value for both. Other clients might not.
Safe both since we could need them later.

Once we implement Last Message Correction we will need the regular id.
If we override it with origin-id and another client chooses to not use
the same value for id and origin-id then we can't interpret the id sent
with the LMC request correctly.
2019-10-31 13:45:44 +01:00
aszlig
b1e960cfae omemo: Check stanza names when iterating nodes
Some clients (eg. PSI) are sending the stanzas delimited by whitespace
text nodes, which will fail while looping through the <prekeys/>
children and also print weird errors when iterating through the <list/>
of devices.

When debugging this, I was looking at the XML of Gajim and PSI and first
was somehow confused why Profanity printed "OMEMO: received device
without ID" while the XML looked identical (minus the actual IDs and the
JIDs of course).

However, Gajim was sending the XML without whitespace nodes in between
and PSI did not, so for example the following (with the relevant
whitespace nodes marked with X):

  <message type="headline" to="..." from="...">
    <event xmlns="http://jabber.org/protocol/pubsub#event">
      <items type="headline" node="eu.siacs.conversations.axolotl.devicelist">
        <item id="...">
          <list xmlns="eu.siacs.conversations.axolotl">
          X <device id="..."/>
          X <device id="..."/> X
          </list>
        </item>
      </items>
    </event>
    <delay xmlns="urn:xmpp:delay" stamp="..." from="..."/>
  </message>

... would result in three times the "OMEMO: received device without ID"
error, because we actually have three XML text nodes here that obviously
don't have an "id" attribute.

Now since the <list/> children above aren't really a problem and only
annoying, text nodes in the <prekeys/> stanza actually cause
omemo_start_device_session_handle_bundle to return failure.

I've fixed this by explicitly matching the stanza names we are
interested in, skipping everything else.

Signed-off-by: aszlig <aszlig@nix.build>
Reported-by: @devhell
2019-10-29 23:10:07 +01:00
Michael Vetter
7dd747b58d Set mucuser in carbon case
Also we initialize mucuser properly.

Now in case of a carbon of a MUC PM we sv_ev_incoming_carbon() which
calls _sv_ev_incoming_plain() and then we log it via chat_log_msg_in()
in there.
But we also get the sv_ev_incoming_private_message() and call
chat_log_msg_in() in there too. So the incoming message get's logged
twice.
2019-10-29 10:41:07 +01:00
Michael Vetter
22bf281399 Make prof_identifier const 2019-10-22 12:47:32 +02:00
Michael Vetter
6b75848f96 Display ownership of connection_get_profanity_identifier 2019-10-22 12:04:16 +02:00
Michael Vetter
ba18752405 Use UUID in origin-id and id
Let's use UUID to have a more random string then just 10 alphanumeric
values.
2019-10-22 11:10:37 +02:00
Michael Vetter
ef19b45e64 Remove old comment
It's not up to date.
Some time ago we changed from individual handlers to general ones.
2019-10-21 10:28:29 +02:00
Michael Vetter
963ab841b4 Set prof_ident to NULL after free
This caused the bug mentioned in the PR comment:

```
It seems with the changes done here we get a crash in: src/xmpp/message.c message_handlers_init() when looking up handlers: ProfMessageHandler *handler = g_hash_table_lookup(pubsub_event_handlers, curr->data);.

Steps to reproduce:

    open Profanity and connect
    /autoping set 10
    /autoping timeout 10
    stop WiFi/connection
    wait for Lost connection
    restart wifi
    /connect
```
2019-10-21 09:50:13 +02:00
Michael Vetter
8a5932b251 Rename _calculate_identifier to _compute_identifier 2019-10-20 00:01:19 +02:00
Michael Vetter
db4b55eee0 Rename random_bytes to profanity_instance_id 2019-10-19 23:27:19 +02:00
Michael Vetter
2a4d1b8410 Free hmac and msgid 2019-10-19 08:18:37 +02:00
Michael Vetter
f190d2c5f2 Free prof_identifier in case of reconnect
Bedore we assign it new.
2019-10-19 07:40:59 +02:00
Michael Vetter
c3912df05b Move ProfMessage and message_is_sent_by_us to xmpp
Not meant for internal usage only.
2019-10-19 06:36:47 +02:00
Michael Vetter
4d7a496ae2 Change origin-id/id algo
Hash twice.
Use HMAC SHA256 from glib.
2019-10-18 16:12:26 +02:00
Michael Vetter
06f300a42c Move message sent by us logic in own function 2019-10-18 14:50:25 +02:00
Michael Vetter
5c6f5ba0f7 Add connection_get_profanity_identifier stub
And move defintion to xmpp.h
2019-10-18 11:23:30 +02:00
Michael Vetter
33083662d1 Add XEP-0359 to capabilities
We implement </origin-id> from [XEP-0359](https://xmpp.org/extensions/xep-0359.html).
We already had this implemented for OMEMO. And now use it to check
whether MUC messages were sent from us
(https://github.com/profanity-im/profanity/issues/1201).

We don't implement </stanza-id> yet, but probably need to do so for MAM.

Anyways let's flag this as implementing the XEP.

Fix https://github.com/profanity-im/profanity/issues/1207
2019-10-18 10:46:06 +02:00
Michael Vetter
430b2eaa0d Log incoming MUC messages if origin-id sais they dont come from us
Regards https://github.com/profanity-im/profanity/issues/1201
2019-10-18 10:40:24 +02:00
Michael Vetter
53640f6e97 Remove prefix from stanza id
We sent `prof_prefix_uuid` as id. Where the prefix was also optional.
We don't need this at all.
2019-10-17 15:40:40 +02:00
Michael Vetter
827af999b7 Change algo for connection_create_stanza_id() 2019-10-17 15:32:46 +02:00
Michael Vetter
8f5d1751b2 Change connection_create_stanza_id()
To return identifier and uuid together.
We can remove the prefix later on.
2019-10-17 09:23:11 +02:00
Michael Vetter
708bc83870 Calculate identifier upon connect
This will be needed so that we can later detect if messages (origin-in)
was sent by us.

Regards https://github.com/profanity-im/profanity/issues/1207
2019-10-16 15:53:28 +02:00
Michael Vetter
ee0541a262 Rename identification file 2019-10-16 10:54:05 +02:00
Michael Vetter
46f0304f89 Use random string for random-bytes identifier
And rename `instance` to `identifier`.

Regards https://github.com/profanity-im/profanity/issues/1207
2019-10-16 10:45:41 +02:00
Michael Vetter
f9eb302a59 Move code from jid_random_resource() into own function
Move the code that creates a random string into it's own function
+get_random_string().
2019-10-16 10:39:35 +02:00
Michael Vetter
1e09a055ca Create random-bytes file
So far only with dummy value.
We will need an identifier that we can hash together with a message ID
and put in as the origin-id.
So when we receive message we can unsplit it and see if it was sent from
this client.

Regards https://github.com/profanity-im/profanity/issues/1207
2019-10-16 10:17:34 +02:00
Michael Vetter
b3ed213668 Improve MUC 1:1 logging
If we get a private message from a user in a MUC profanity shows this
like:
`profanity@roomsASDF.dismail.de/Martin: Hi`

This was so far logged at:
`~/.local/share/profanity/chatlogs/my-account-at-server/profanity_at_rooms.dismail.de/2019_09_04.log` as:

```
10:48:13 - profanity@rooms.dismail.de: Hi
```

So the nickname was not saved anywhere. This is due to us not knowing
whether we got a regular message from user@server.org/resource or a MUC
PM from room@server.org/user.

We now check for `<x xmlns='http://jabber.org/protocol/muc#user' />` and
add the resourcepart to the logging if we get it.

The file will be created at
`~/.local/share/profanity/chatlogs/my-account-at-server/profanity_at_rooms.dismail.de_nick` and look like:

```
23:59:43 - nick: Hi
```

Fix https://github.com/profanity-im/profanity/issues/1184
2019-10-07 00:05:37 +02:00
Michael Vetter
f1d31e024c Fix typo handel -> handle 2019-10-06 23:00:08 +02:00
Michael Vetter
94b401ab96 Fix invalid read in muc code
We didn't set the variables to NULL, but the rest of the code depends on
this check.
```
==22201== Invalid read of size 8
==22201==    at 0x44E560: autocomplete_clear (autocomplete.c:69)
==22201==    by 0x427B2C: muc_invites_clear (muc.c:190)
==22201==    by 0x461328: ev_disconnect_cleanup (common.c:59)
==22201==    by 0x463FB5: cl_ev_disconnect (client_events.c:91)
==22201==    by 0x431252: cmd_disconnect (cmd_funcs.c:1234)
==22201==    by 0x47E883: clears_chat_sessions
(test_cmd_disconnect.c:28)
==22201==    by 0x487E9E1: _run_test (in /usr/lib64/libcmocka.so.0.7.0)
==22201==    by 0x487ECCC: _run_tests (in /usr/lib64/libcmocka.so.0.7.0)
==22201==    by 0x47F1BE: main (unittests.c:629)
==22201==  Address 0x814b690 is 0 bytes inside a block of size 24 free'd
==22201==    at 0x48379AB: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22201==    by 0x44E5F7: autocomplete_free (autocomplete.c:90)
==22201==    by 0x4278A0: muc_close (muc.c:97)
==22201==    by 0x47DBAA: cmd_join_uses_password_when_supplied
(test_cmd_join.c:169)
==22201==    by 0x487E9E1: _run_test (in /usr/lib64/libcmocka.so.0.7.0)
==22201==    by 0x487ECCC: _run_tests (in /usr/lib64/libcmocka.so.0.7.0)
==22201==    by 0x47F1BE: main (unittests.c:629)
==22201==  Block was alloc'd at
==22201==    at 0x483677F: malloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==22201==    by 0x44E51B: autocomplete_new (autocomplete.c:57)
==22201==    by 0x427837: muc_init (muc.c:88)
==22201==    by 0x47DA77: cmd_join_uses_password_when_supplied
(test_cmd_join.c:154)
==22201==    by 0x487E9E1: _run_test (in /usr/lib64/libcmocka.so.0.7.0)
==22201==    by 0x487ECCC: _run_tests (in /usr/lib64/libcmocka.so.0.7.0)
==22201==    by 0x47F1BE: main (unittests.c:629)
```
2019-10-06 19:00:46 +02:00
Michael Vetter
6ab6fe8649 Detect MUC history correctly with some Prosody versions
Some versions of prosody send the domainpart.
See https://issues.prosody.im/1416

Workaround to handle those cases.
Thanks to Holger Weiss for helping with this!

Fix https://github.com/profanity-im/profanity/issues/1190
2019-09-30 10:01:19 +02:00
Michael Vetter
6cf06dc516 Log alleged roster push to file
https://gultsch.de/dino_multiple.html mentions CVE-2019-16235, CVE-2019-16236 and CVE-2019-16237.

CVE-2019-16235: Is checking the from in carbon messages. We do that.
CVE-2019-16236: Is checking the from in roster pushes. We do that but
didn't log it yet.
CVE-2019-16237: Is checking the form in MAM messages. We don't support
them yet.
2019-09-12 20:55:16 +02:00
Michael Vetter
09c5f38f11 Set message->plain in carbon case
message->plain should always contain something. In the case of the
carbons we forgot to set if rom the body in case it's empy.
2019-09-04 10:27:03 +02:00
Michael Vetter
dacbe25d93 Remove duplicate code in roster_update
Part of what `roster_update()` does manually is actually done in
`roster_change_name()`.
2019-08-23 09:50:53 +02:00
Holger Weiß
3228ab47d3 Don't render (all) delayed messages as MUC history
Double-check that a <delay/> tag on a groupchat message was actually
added by the MUC service (rather than the sending client) before
assuming it was received from the MUC history.

Fixes #1173.
2019-08-20 17:51:26 +02:00
Paul Fariello
b3e59e1fb6 Fix memleak in /cmd exec 2019-07-30 13:35:08 +02:00
Paul Fariello
5e61bc08dd Fix command form submit
Command form userdata were freed by iq_id_handler.
We should now free the command ourself.
2019-07-30 10:22:57 +02:00
Michael Vetter
41bf7f4b22 Merge pull request #1160 from profanity-im/fix/1159-groupaddsegfault
Fix segfault in group add/remove command
2019-07-22 20:16:27 +02:00
Michael Vetter
9f0a40819f Fix memleak in roster_change_name() 2019-07-22 15:37:41 +02:00
Michael Vetter
46ddf2c2f4 Fix memleak in roster_remove
strdup() is not needed here but will actually lead to a memleak.
2019-07-22 14:47:45 +02:00
Michael Vetter
41267ae1c5 Fix memory leak in roster_update()
current_name should not be const and should be freed.
2019-07-22 14:42:43 +02:00
Michael Vetter
fa27ab9561 Fix segfault in group add/remove command
Also regarding destructor.
Fix https://github.com/profanity-im/profanity/issues/1159
2019-07-22 11:54:05 +02:00
Michael Vetter
d3828cf24e Fix segfault in block command
Another case of double free() due to new destructor.

Fixes https://github.com/profanity-im/profanity/issues/1156
2019-07-19 12:38:33 +02:00
Michael Vetter
c07d533ec1 Fixup for last commit 2019-07-12 11:11:45 +02:00
Michael Vetter
68b6deefbf Fix segfault in iq_{submit,cancel}_command_config
Taken care of by the destructor.
2019-07-12 10:57:07 +02:00
Michael Vetter
ad41959cc6 Merge pull request #1150 from paulfariello/hotfix/omemo-memleaks
Hotfix/omemo memleaks

Regards https://github.com/profanity-im/profanity/issues/1131
2019-07-11 16:19:31 +02:00
Michael Vetter
f32827d70d Fix some more potential double frees
Regards https://github.com/profanity-im/profanity/issues/1148
2019-07-11 16:15:57 +02:00
Paul Fariello
b110da9a92 Fix various OMEMO memleaks 2019-07-10 17:32:23 +02:00
Michael Vetter
6c8e567328 Reduce codelines in form.c
Let's use calloc instead of malloc and then setting almost all fields to
NULL.
2019-07-10 12:53:45 +02:00
Michael Vetter
a8b3de7016 Fix double free in roster_process_pending_presence
This is taken care of now in the destructor _pendingPresence_free().
2019-07-10 12:08:09 +02:00