Commit Graph

559 Commits

Author SHA1 Message Date
Michael Vetter
8eac31e5e1 fix: handle X11 connection loss gracefully
Use XSetIOErrorExitHandler on X11 to detect connection loss and
disable GTK features (tray, clipboard, notifications).

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Co-authored-by: Paul Fertser <fercerpav@gmail.com>
2026-04-01 23:14:46 +02:00
Michael Vetter
ed2fdf88ac feat: Add /spellcheck list command
To list all available dictionaries.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-26 23:34:13 +01:00
Michael Vetter
4922366366 feat: add spellcheck highlighting support
Introduce optional spellcheck highlighting in the input window using
the Enchant-2 library.

```
/spellcheck on
/spellcheck lang en_US
```

New theme color `input.misspelled`.

Fixes: https://github.com/profanity-im/profanity/issues/183
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-26 23:34:06 +01:00
Michael Vetter
a9ef000328 fix: Improve status reporting and filename handling for /url save
Use the original aesgcm:// URL when downloading OMEMO downloads.  Then
in the final message use the decrypted file destination instead of the
internal temporary path.

Use the unique download ID instead of the URL for message updates to
have proper progress reporting.

Unify the final transfer status to "done" across both downloads and
uploads.

Fixes: https://github.com/profanity-im/profanity/issues/1939
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-24 22:37:54 +01:00
Michael Vetter
4c731f5241 fix: allow adding own JID to roster
Enable adding oneself to the roster.

Self subscriptions are implicit according to XEP-0060 / XEP-0163.
So we adapt the /sub command to handle this gracefully by just printing
an informative message.

Profanitys logic didn't handle own presence/when adding to roster
correctly. This got fixed now.

Fixes: https://github.com/profanity-im/profanity/issues/2084

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-20 23:48:00 +01:00
Michael Vetter
b0a89530f2 fix(ui): Fix custom outgoing stamp and fix stamp command help
Replace the hardcoded "me" stamp for outgoing messages that are
sometimes used with the value from PREF_OUTGOING_STAMP.

It was never implemented in all code paths. Like with receipts for
example.

Additionally fix the confusing description and variable names.

Ref: 2c003dd2 (Add /stamp feature)
Ref: 3a4cd7da (Broke the variables)
Fixes: https://github.com/profanity-im/profanity/issues/2125
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-20 16:23:41 +01:00
Steffen Jaeckel
613df86450 Check connection state before accepting command.
Prevent `/register` and `/reconnect` if connection is not in correct state.

Fixes: https://github.com/profanity-im/profanity/issues/2083
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2026-03-20 09:23:41 +01:00
Michael Vetter
321ff57150 feat(omemo): suppress repetitive missing device ID warnings
When sending OMEMO messages, we print a warning message for every
participant without a device ID on every single send:

```
Can't find a OMEMO device id for my@jid.org
```

This clutters the UI due to the high volume of repetitive information.

This is solved by tracking suppressed warnings within the window
structure. A warning for a specific JID and type is only shown once
per window context.

Suppression state is stored in the base ProfWin structure and managed
via helper functions (win_warn_needed, win_warn_sent). The state is
lazily initialized to save resources and automatically cleaned up when
the window is closed.

Warnings are explicitly reset when an OMEMO session is started or
ended to ensure users see fresh alerts when toggling encryption.
2026-03-18 21:48:37 +01:00
Michael Vetter
798edce22a chore: Move to SPDX license header 2026-03-09 12:55:37 +01:00
Michael Vetter
b20e3f1a0c feat: Improve feedback during OMEMO session Initiation
After typing `/omemo start` a user was not informed of what exactly
happens.
Profanity is fetching the device list and the key bundle for each
device. This happens asynchronously. It could be that it takes some time
and the user already starts typing a message, believing OMEMO is
working.

Now we print:
* Initiating OMEMO session..
* Fetching device list and key bundles
* OMEMO session ready

So the user understands much better the current situation.
2026-03-09 07:49:03 +01:00
Michael Vetter
5a3083f273 feat: Show active and trust status in /omemo fingerprint
The /omemo fingerprint command provided a list of all keys ever
seen for a contact but did not indicate which keys were currently "active"
(present in the latest server device list). This made it difficult for users
to identify which fingerprints actually required verification to fix
encryption issues.

Users can now easily distinguish between devices currently in use and
historical keys that no longer matter.

When encryption fails users can immediately see which "active" key is
"untrusted," allowing them to verify the correct fingerprint fast.

Function `omemo_is_device_active` will check if a fingerprint belongs
to a device currently announced by the contacts server.
2026-03-09 07:49:03 +01:00
Michael Vetter
d6705362a2 fix: Only allow /msg with valid JIDs
Only allow to message someone who has a nick in roster or when we pass a
user JID.
Otherwise notify the user.
2026-03-06 12:36:53 +01:00
Michael Vetter
11bc6ea22b fix: Fix usage error in /time command
When targeting a specific preference (`/time console off`)
the loop would continue to iterate through the remaining
categories after finding and applying the setting.

Because subsequent items would not match, it always resulted in
"invalid usage" printed as well after the success message.
2026-03-04 22:23:31 +01:00
Michael Vetter
f74501e97e cleanup: add a defensive check in cmd_process_input() 2026-02-27 19:36:47 +01:00
Michael Vetter
d8a7b234bb fix: segfault when using /command help
Usually we use `/help command`. Additionally there is a shortcut
`/comamnd?`. 54fea4afcf tried to introduce
to have `/command help`. Which doesn't really work since most commands
get this as parameters. So it never worked. Additionally it introduced
at segfault because it tried to set *question_mark to NULL even we can
also get there without the `?` but by having the `help` as parameter.
2026-02-27 19:33:28 +01:00
Michael Vetter
373ec4a7e3 refactor: replace malloc with g_new0 in many occasions 2026-02-27 19:26:42 +01:00
Michael Vetter
20154048e7 refactor: Move pgp module to gchar 2026-02-27 19:26:42 +01:00
Michael Vetter
55be1de29c cleanup: use g_new0 and g_strdup for alias allocation
And move whole preferences module to gchar.
2026-02-27 19:26:42 +01:00
Michael Vetter
156b78adfa cleanup: fix potential NULL dereference and leaks in cmd_sendfile
* Add NULL checks for malloc and strdup calls in cmd_sendfile
* Ensure file handles and descriptors are closed on all error paths
2026-02-27 00:02:59 +01:00
Michael Vetter
5711671c99 refactor: roster export uses GString and g_file_set_contents now
Modernize the /export command implementation by adopting GLib-based
patterns for string manipulation and file handling.

* Replace _writecsv with _append_csv_escaped to efficiently handle CSV
  quote doubling directly within a GString buffer
* Refactor cmd_export to build the CSV content in memory using GString,
  minimizing system calls
* Use g_file_set_contents for atomic writing
2026-02-27 00:02:59 +01:00
Michael Vetter
9f3d78a994 refactor: Make _writecsv safer and with better performance
* Cache strlen() result
* Check for malloc() failure to prevent null pointer dereference
* Ensure the output buffer is null-terminated for safe use with cons_show()
* Simplify the quote escaping logic for better readability.
2026-02-27 00:02:52 +01:00
Michael Vetter
3d2a82ad4a cleanup: Fix potential NULL dereference in cmd_omemo_(un)trust
Replace malloc() with g_malloc() to handle allocation failure and
ensure enough memory is allocated for the null terminator.
2026-02-26 19:47:13 +01:00
Michael Vetter
f98e33be81 refactor: make Jid use glib functions 2026-02-26 19:06:44 +01:00
Michael Vetter
e1fd2a1cf6 refactor: replace calloc with g_new0 for struct allocations
Migrate structure allocations from calloc to glibs g_new0 macro to
improve type safety and memory robustness.

* Type Safety: The macro takes the type name directly, ensuring the
  allocated size always matches the pointer type.
* Static Analysis: It guarantees a non-NULL return by aborting on
  failure, which silences -fanalyzer warnings regarding potential NULL
  pointer dereferences.
* Readability: Removes redundant sizeof() calls and is the glib way
2026-02-26 19:06:39 +01:00
Michael Vetter
657de5f22f Merge pull request #2089 from profanity-im/cleanup
Cleanup
2026-02-23 11:10:38 +01:00
Michael Vetter
1d0e6580d1 cleanup: Move loop var from int to size_t in cmd_funcs.c 2026-02-20 16:45:01 +01:00
Michael Vetter
f1acf702a9 chore: Update copyright year 2026-02-20 16:13:31 +01:00
Steffen Jaeckel
54fea4afcf Minor improvements.
* Add new TLS policy `direct` as a replacement for `legacy`.
* Document that `/[command]?` prints the help of a command.
* Add option to get help via `/command help`.
* Fix `my-prof.supp` generation and tests for out-of-source builds.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-23 12:47:39 +01:00
Steffen Jaeckel
62fd40c510 Use gboolean consistently.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-23 12:47:39 +01:00
Steffen Jaeckel
a07cff8a99 Use the stronger certificate fingerprint.
If a cert has a SHA256 use that one and only use SHA1 as fallback.

Closes: https://github.com/profanity-im/profanity/issues/2068
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-23 12:47:06 +01:00
Steffen Jaeckel
4dcaa839fa Prepare to use SHA256 fingerprints of certs.
First let's make clear we're currently using SHA1 & untangle the tlscerts
API from fingerprint specific details.

Related-to: https://github.com/profanity-im/profanity/issues/2068
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-23 12:46:29 +01:00
Steffen Jaeckel
24c3b5d531 Add new command /changes
With that command one can see the modifications of the runtime
configuration vs. the saved configuration.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-18 12:16:29 +01:00
Steffen Jaeckel
48ac88de08 Fix GError handling
Several users have reported segfaults when starting up profanity which
has OMEMO support, but OMEMO is not set up yet.

@StefanKropp has been able to reproduce this and tracked it down to
`_load_identity()` calling `omemo_known_devices_keyfile_save()`.
The latter then calls `save_keyfile()` which calls
`g_key_file_save_to_file()`. This can then fail if one of the first two
strings is NULL and won't set the `error` on return. In its error handling
`save_keyfile()` unconditionally dereferences `error` which leads to the
segfault.

Fix this and also go through the entire codebase and verify that the usage
of `GError` is done correctly.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-18 12:16:29 +01:00
Steffen Jaeckel
e0f107f75e Fix memory leak.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-08-06 12:45:13 +02:00
Steffen Jaeckel
4eaa291f70 Re-factor cmd_presence()
Similar to 9c2b3f6579, but no bugs were fixed. Maybe some were introduced
but only time will tell.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-04-28 16:40:05 +02:00
Steffen Jaeckel
29129bf888 Return error on /time <invalid-section>
Fixes: 9c2b3f6579 ("Re-factor `cmd_time()`")

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-04-28 16:40:05 +02:00
Steffen Jaeckel
3bf72210e1 Add iso8601 when setting a time format
Instead of manually typing the format-string, one can now simply use
`iso8601`.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-04-02 13:07:47 +02:00
Steffen Jaeckel
9c2b3f6579 Re-factor cmd_time()
Instead of c&p'ing the same code again and again, put everything in a
struct and loop over it.

This also fixes `vcard` not being in included in `all`.

Fixes: f934c5b59f ("Add vCard support")

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-04-02 13:07:47 +02:00
Michael Vetter
07dfeec816 Release 0.15.0 2025-03-27 20:06:38 +01:00
Steffen Jaeckel
422f5fa6f9 Slightly improve http_download related allocations.
* use `calloc()` to allocate zero-initialized structs.
* order the allocation of members by their declaration.
* order the freeing of members in reverse order.
* move init of `silent` flag in plugin case.
* fix double free of `tmpname` in `aesgcm_file_get()`.
* make some functions static.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-18 17:00:58 +01:00
Michael Vetter
55a8a26a24 Attempt to open file later to prevent potential resource leak 2025-03-06 11:19:00 +01:00
Steffen Jaeckel
8151dfa3b4 /quit now exits from the event loop
Before this change issuing `/quit` directly called `exit(0)` and did not
invoke all the graceful shutdown routines. Now we first try to exit from
the event loop, which includes cleaning up everything.
In case the event loop is stuck for some reason, you could try to issue a
second `/quit`, which will then directly call `exit(0)`.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-01-28 16:43:13 +01:00
Hanspeter Portner
cb395b7c09 Make muc_nick return a const char* const
In the documentation of the `muc_nick` function we can read:

> The nickname is owned by the chat room and should not be modified or freed

We should reflect that in the return type and `strdup` the value for the
plugin API.

Fixes: https://github.com/profanity-im/profanity/issues/2013
2025-01-26 18:16:14 +01:00
Michael Vetter
996a1fdf35 Fix build on some compilers regardind switch statement
Fix the famous `error: a label can only be part of a statement and a
declaration is not a statement`.
2024-06-20 18:04:12 +02:00
Michael Vetter
f147a5ca27 Change default download location
`/url save $someurl` will now download to
`~/.local/share/profanity/downloads/from_jid/date/filename` instead of
`~/.local/share/profanity/downloads`.

Like this the downloaded files should be better ordered.

This will only happen for MUC and 1:1 chat windows.
Private windows might have only a nick or jid. Lets not distinguish
between those two ways. And since the nick option is unreliable to be
the same person lets just put them in the general downloads folder.
As is done with downloads from all other windows as well.

I also had the idea to make this configurable but this suits my needs
and time limits right now.
2024-06-20 13:35:14 +02:00
Michael Vetter
5765edbe1b Reset autoconnect account when the account gets removed
When a user added an account, set it as autoconnect and then removed
that account. It still was set as the autoconnect account.

```
    /account add test
    /autoconnect set test
    /account remove test
    /save
    /quit
    Start profanity
```

Fix https://github.com/profanity-im/profanity/issues/1976
2024-06-20 11:04:20 +02:00
Michael Vetter
87935b744d Merge pull request #1979 from profanity-im/fix/leaks
Fix memleaks
2024-06-20 10:51:12 +02:00
Steffen Jaeckel
848acdd1fa Improve const correctness
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2024-06-19 16:01:46 +02:00
Michael Vetter
b04650fb1c Fix memleak in cmd_omemo_gen() 2024-06-19 11:40:23 +02:00
Michael Vetter
8a62d8e88b Fix typo in OMEMO message 2024-06-19 11:37:34 +02:00