Commit Graph

35 Commits

Author SHA1 Message Date
72f4f186da merge: sync upstream profanity-im/profanity
All checks were successful
CI Code / Check spelling (push) Successful in 18s
CI Code / Check coding style (push) Successful in 34s
CI Code / Code Coverage (push) Successful in 2m36s
CI Code / Linux (debian) (push) Successful in 4m41s
CI Code / Linux (ubuntu) (push) Successful in 4m52s
CI Code / Linux (arch) (push) Successful in 5m40s
Sync with upstream profanity-im/profanity.

Major upstream changes incorporated:

Memory management
  - Replace malloc+memset with g_new0 throughout codebase
  - Adopt auto_gchar / auto_gcharv / auto_gerror / auto_jid cleanup macros
  - Replace free() with g_free() for GAlloc'd memory

Editor rewrite
  - Remove pthread-based async editor; use GChildWatch callback API
  - New launch_editor(initial_content, callback, user_data) interface
  - Proper signal handling (SIGINT, SIGTSTP, SIGPIPE reset in child)
  - ui_suspend()/ui_resume() integration for TTY management

OMEMO improvements
  - Dual backend support: libsignal-protocol-c and libomemo-c
  - Proper pre-key removal after use (XEP-0384 compliance)
  - Automatic pre-key regeneration when store drops below threshold
  - New functions: omemo_is_device_active(), omemo_is_jid_trusted()
  - omemo_get_jid_untrusted_fingerprints() for better error messages
  - Fingerprint notifications on new device identity discovery
  - Deterministic pre-key ID generation tracking max_pre_key_id
  - omemo_trust_changed() UI updates on trust state changes

JID validation
  - RFC 6122-compliant validation in jid_is_valid()
  - Character-level checks (RFC 6122 forbidden chars: & ' / : < > @)
  - Length limits: 1023 per component, 3071 total
  - New jid_is_valid_user_jid() for user vs. service JID distinction

Database
  - Schema migration v3: UNIQUE constraint on archive_id for deduplication
  - Triggers for corrected message tracking (replaces_db_id / replaced_by_db_id)
  - db_history_result_t return type, _truncate_datetime_suffix()

UI / console
  - win_warn_needed() / win_warn_sent() warning deduplication hash table
  - PAD_MIN_HEIGHT dynamic pad sizing with PAD_THRESHOLD auto-cleanup
  - Spellcheck integration in input field with Unicode word detection
  - cons_spellcheck_setting() for /settings ui output
  - /[command]? shortcut for command help

Account config
  - Account name sanitization for GKeyFile special chars ([ ] = # \n \r)
  - Replace popen() with g_spawn_sync() for eval_password
  - TLS policy: add "direct" option alongside legacy

Connection
  - Port validation with g_assert (0–65535)
  - SHA-256 certificate fingerprint support (XMPP_CERT_PUBKEY_FINGERPRINT_SHA256)
  - "direct" TLS policy alias for legacy SSL

Common utilities
  - str_xml_sanitize() for XML 1.0 illegal character removal
  - string_matches_one_of() with formatted error messages
  - valid_tls_policy_option() helper
  - prof_date_time_format_iso8601() utility
  - Improved strip_arg_quotes() with backslash unescaping
  - prof_occurrences() uses g_slist_prepend + reverse for performance

PGP / OX
  - Proper GPGME resource cleanup with goto-cleanup pattern
  - g_string_free(xmppuri) leak fix in _ox_key_lookup

CSV export
  - Use GString + g_file_set_contents instead of raw write() syscalls

Tests
  - Restructured into subdirectories: command/, config/, xmpp/, ui/, omemo/, otr/, pgp/
  - New test_cmd_ac.c for autocompleter unit tests
  - Updated stubs for new UI suspend/resume functions

License headers
  - Migrate to SPDX-3.0 identifiers (GPL-3.0-or-later WITH OpenSSL-exception)

────────────────────────────────────────────────────
cproof-specific preservations:

  - XEP-0308 LMC: replace_id ?: id logic in message/stanza/omemo
  - Force encryption: cmd_force_encryption, test_forced_encryption
  - CWE-134: format string protection (cons_show("%s", ...))
  - y_start_pos-based paging in window.c
  - db_history_result_t return type, _truncate_datetime_suffix()

Merge-time fixes:

  - common.c: format-security (-Werror) — cons_show(errmsg) → cons_show("%s", errmsg)
  - database.c: null-deref guard — !msg->timestamp → msg && !msg->timestamp
  - console.c: implicit size_t → int cast — (int)(maxlen + 1)
  - tlscerts.c: %d for size_t — %zu

Build system:
  - Kept autotools (Makefile.am, configure.ac); upstream uses Meson
  - Restored deleted files: bootstrap.sh, autogen.sh, ax_valgrind_check.m4, configure-debug
  - Updated Makefile.am test paths for subdirectory structure
  - Added test_cmd_ac, test_forced_encryption to test sources

Functional tests:
  - Use cproof version; upstream requires stbbr_for_xmlns from updated stabber
  - Not yet available in devs/stabber fork

Closes #64

Merge author: jabber.developer2
Commits authors:
 Michael Vetter <jubalh@iodoru.org>
& Steffen Jaeckel <s@jaeckel.eu>
2026-05-26 17:48:14 +00:00
442bfb6ce1 feat: Add /force-encryption command and update message handling
All checks were successful
CI / Check spelling (pull_request) Successful in 18s
CI / Check coding style (pull_request) Successful in 34s
CI / Linux (ubuntu) (pull_request) Successful in 14m5s
CI / Linux (debian) (pull_request) Successful in 14m5s
CI / Linux (arch) (pull_request) Successful in 14m53s
Implement /force-encryption command to configure forced encryption
settings with on|off and policy resend-to-confirm|block options.

The changes enhance user experience by clarifying encryption requirements
and providing actionable commands. Users can now press Enter again to
confirm unencrypted messages in resend-to-confirm mode.
2025-08-25 21:11:27 +02:00
Michael Vetter
88b26cfdb9 Undo gmainloop related changes
Revert "Merge pull request #1943 from H3rnand3zzz/gmainloop

This reverts commit 609fde0998, reversing
changes made to 2ec94064ed.

Revert "Merge pull request #1948 from H3rnand3zzz/fix/rl-less-refreshes"

This reverts commit 11762fd2b0, reversing
changes made to 609fde0998.

We have got several issues, that we don't quite see how to solve, with
the merge of the gmainloop PR.

* Slashguard is broken (#1955) (though #1956 could fix that)
* One person reported problems with copy paste selection via mouse
* Some input buffer seems not to be cleared correctly
  It happened that I was debugging profanity used `/connect` and typed
  the password. I then debugged so long that a time out occurred, so
  profanity disconnected. Then it printed "unknown command: $password".

There was something else that I forgot now.

Bottomline is: so far we didn't get it right so we will undo these
changes until someone proposes a working solution.

We got a slight performance increase (apparently noticable when
alt+mouse scrolling) but got too many issues with this change.
2024-02-19 17:41:06 +01:00
Rodrigo Arias
7eac636fc8 Implement keyboard input using GIOChannel 2023-12-28 18:09:50 +01:00
Michael Vetter
46fd7150e5 Add vim modeline 2019-11-13 12:11:05 +01:00
Michael Vetter
706af9a900 Update copyright to include 2019 2019-01-22 11:31:45 +01:00
James Booth
250e972b7a Update copyright 2018-01-21 15:00:02 +00:00
James Booth
68a3daedb9 Update Copyright 2017-01-28 17:24:22 +00:00
James Booth
e8fc80f5c1 Update GPL link in headers 2016-07-24 01:14:49 +01:00
James Booth
e53e94f1e2 Updated copyright 2016-02-14 22:54:46 +00:00
James Booth
d6e4b74802 Removed ui_input_nonblocking() 2015-11-01 18:56:34 +00:00
James Booth
4fa2efc7ca Removed inp_win_clear() 2015-11-01 18:45:57 +00:00
James Booth
4c42ce9701 Removed ui_readline() 2015-11-01 18:38:21 +00:00
James Booth
2ce43b633f Applied coding style to src/ui/ 2015-10-25 23:31:11 +00:00
James Booth
9414ad268d Prompt user to allow or deny untrusted TLS certificates 2015-09-22 21:42:05 +01:00
James Booth
b24510c776 Merge branch 'master' into readline
Conflicts:
	src/tools/history.c
	src/tools/history.h
2015-02-11 00:09:58 +00:00
James Booth
b3be26a214 Updated copyright 2015-02-10 23:16:09 +00:00
James Booth
2e83d23873 Removed unused function 2015-02-06 00:20:06 +00:00
James Booth
a70aa0255f Moved command processing to main loop, allow resize during password prompt 2015-02-05 00:58:23 +00:00
James Booth
d64c4a69d7 Removed unused functions from inputwin.c 2015-02-04 22:22:18 +00:00
James Booth
b3448eb265 Moved input blocking code to inputwin.c 2015-01-31 01:11:41 +00:00
James Booth
83bd207316 Moved readline code to inputwin.c 2015-01-30 23:28:02 +00:00
James Booth
2cdbfc7eb7 Added gnu readline 2015-01-27 22:13:09 +00:00
James Booth
2ed78fe5af Extracted keyhandler for printable characters 2015-01-20 00:09:47 +00:00
James Booth
0e8092afef Inlined static functions in inputwin 2015-01-19 20:51:41 +00:00
James Booth
4c6cfcdca0 Simplified autocompleters and command history 2015-01-16 22:50:40 +00:00
James Booth
f0ffc31cd6 Renamed inp_get_char->inp_read 2015-01-15 23:46:54 +00:00
James Booth
51105720ab Moved input line to inputwin 2015-01-15 23:43:22 +00:00
James Booth
65fc4bcd9f Pass pointers to inp_get_char 2015-01-15 23:29:48 +00:00
James Booth
ad896ef201 Moved input size to inputwin 2015-01-15 22:51:05 +00:00
Simon Effenberg
c7ff3255b8 trying to block (and save cpu power) more dynamically
instead of blocking too long if inpblock is set to something like
500ms the input timeout is not set directly to inpblock but is
increasing dynamically from 0 to inpblock by a little algorithm

FIXME: the call from the win_* method to the ui_input_* method looks
wrong.. this causes a cross reference which shouldn't be
2015-01-12 08:08:07 +01:00
James Booth
076576178c Update input window on /theme set 2014-11-19 16:32:26 +00:00
James Booth
b8ba9b038c Added scroll support to occupant list 2014-10-07 21:12:19 +01:00
James Booth
f9737251a6 Added license exemption for OpenSSL to source headers 2014-08-24 20:57:39 +01:00
James Booth
9aa282f6de Removed inputwin functions from ui.h 2014-04-07 21:50:28 +01:00