72f4f186da
merge: sync upstream profanity-im/profanity
...
CI Code / Check spelling (push) Successful in 18s
CI Code / Check coding style (push) Successful in 34s
CI Code / Code Coverage (push) Successful in 2m36s
CI Code / Linux (debian) (push) Successful in 4m41s
CI Code / Linux (ubuntu) (push) Successful in 4m52s
CI Code / Linux (arch) (push) Successful in 5m40s
Sync with upstream profanity-im/profanity.
Major upstream changes incorporated:
Memory management
- Replace malloc+memset with g_new0 throughout codebase
- Adopt auto_gchar / auto_gcharv / auto_gerror / auto_jid cleanup macros
- Replace free() with g_free() for GAlloc'd memory
Editor rewrite
- Remove pthread-based async editor; use GChildWatch callback API
- New launch_editor(initial_content, callback, user_data) interface
- Proper signal handling (SIGINT, SIGTSTP, SIGPIPE reset in child)
- ui_suspend()/ui_resume() integration for TTY management
OMEMO improvements
- Dual backend support: libsignal-protocol-c and libomemo-c
- Proper pre-key removal after use (XEP-0384 compliance)
- Automatic pre-key regeneration when store drops below threshold
- New functions: omemo_is_device_active(), omemo_is_jid_trusted()
- omemo_get_jid_untrusted_fingerprints() for better error messages
- Fingerprint notifications on new device identity discovery
- Deterministic pre-key ID generation tracking max_pre_key_id
- omemo_trust_changed() UI updates on trust state changes
JID validation
- RFC 6122-compliant validation in jid_is_valid()
- Character-level checks (RFC 6122 forbidden chars: & ' / : < > @)
- Length limits: 1023 per component, 3071 total
- New jid_is_valid_user_jid() for user vs. service JID distinction
Database
- Schema migration v3: UNIQUE constraint on archive_id for deduplication
- Triggers for corrected message tracking (replaces_db_id / replaced_by_db_id)
- db_history_result_t return type, _truncate_datetime_suffix()
UI / console
- win_warn_needed() / win_warn_sent() warning deduplication hash table
- PAD_MIN_HEIGHT dynamic pad sizing with PAD_THRESHOLD auto-cleanup
- Spellcheck integration in input field with Unicode word detection
- cons_spellcheck_setting() for /settings ui output
- /[command]? shortcut for command help
Account config
- Account name sanitization for GKeyFile special chars ([ ] = # \n \r)
- Replace popen() with g_spawn_sync() for eval_password
- TLS policy: add "direct" option alongside legacy
Connection
- Port validation with g_assert (0–65535)
- SHA-256 certificate fingerprint support (XMPP_CERT_PUBKEY_FINGERPRINT_SHA256)
- "direct" TLS policy alias for legacy SSL
Common utilities
- str_xml_sanitize() for XML 1.0 illegal character removal
- string_matches_one_of() with formatted error messages
- valid_tls_policy_option() helper
- prof_date_time_format_iso8601() utility
- Improved strip_arg_quotes() with backslash unescaping
- prof_occurrences() uses g_slist_prepend + reverse for performance
PGP / OX
- Proper GPGME resource cleanup with goto-cleanup pattern
- g_string_free(xmppuri) leak fix in _ox_key_lookup
CSV export
- Use GString + g_file_set_contents instead of raw write() syscalls
Tests
- Restructured into subdirectories: command/, config/, xmpp/, ui/, omemo/, otr/, pgp/
- New test_cmd_ac.c for autocompleter unit tests
- Updated stubs for new UI suspend/resume functions
License headers
- Migrate to SPDX-3.0 identifiers (GPL-3.0-or-later WITH OpenSSL-exception)
────────────────────────────────────────────────────
cproof-specific preservations:
- XEP-0308 LMC: replace_id ?: id logic in message/stanza/omemo
- Force encryption: cmd_force_encryption, test_forced_encryption
- CWE-134: format string protection (cons_show("%s", ...))
- y_start_pos-based paging in window.c
- db_history_result_t return type, _truncate_datetime_suffix()
Merge-time fixes:
- common.c: format-security (-Werror) — cons_show(errmsg) → cons_show("%s", errmsg)
- database.c: null-deref guard — !msg->timestamp → msg && !msg->timestamp
- console.c: implicit size_t → int cast — (int)(maxlen + 1)
- tlscerts.c: %d for size_t — %zu
Build system:
- Kept autotools (Makefile.am, configure.ac); upstream uses Meson
- Restored deleted files: bootstrap.sh, autogen.sh, ax_valgrind_check.m4, configure-debug
- Updated Makefile.am test paths for subdirectory structure
- Added test_cmd_ac, test_forced_encryption to test sources
Functional tests:
- Use cproof version; upstream requires stbbr_for_xmlns from updated stabber
- Not yet available in devs/stabber fork
Closes #64
Merge author: jabber.developer2
Commits authors:
Michael Vetter <jubalh@iodoru.org >
& Steffen Jaeckel <s@jaeckel.eu >
2026-05-26 17:48:14 +00:00
9ec01fa8cc
fix: CWE-134 format string audit and compiler hardening
...
CI Code / Check spelling (push) Successful in 20s
CI Code / Check coding style (push) Successful in 36s
CI Code / Code Coverage (push) Successful in 5m38s
CI Code / Linux (ubuntu) (push) Successful in 7m1s
CI Code / Linux (debian) (push) Successful in 7m5s
CI Code / Linux (arch) (push) Successful in 7m19s
Security:
Fix CWE-134 in iq.c: user-controlled string passed as format argument
Add G_GNUC_PRINTF annotations to all variadic printf-like wrappers
in ui.h, log.h and http_common.h
Compiler flags (configure.ac):
Replace basic -Wformat/-Wformat-nonliteral with -Wformat=2
Add -Wextra, -Wnull-dereference, -Wpointer-arith,
-Wimplicit-function-declaration, -Wundef, -Wfloat-equal,
-Wredundant-decls, -Walloc-zero
Add -fstack-protector-strong, -fno-common, -D_FORTIFY_SOURCE=2
Add GCC-specific flags via AC_COMPILE_IFELSE: -Wlogical-op,
-Wduplicated-cond, -Wduplicated-branches, -Wstringop-overflow,
-Warray-bounds=2
Suppress noisy -Wextra sub-warnings: -Wno-unused-parameter,
-Wno-missing-field-initializers, -Wno-sign-compare,
-Wno-cast-function-type
Remove AM_CFLAGS/CFLAGS duplication
Bug fixes found by new warnings:
chatlog.c: non-MUCPM redact path passed resourcepart instead of NULL
rosterwin.c: merge duplicated if/else branches into single condition
omemo.c: redundant else-if in omemo_automatic_start; remove
unnecessary scope block and goto, use early return
console.c: pointer compared to integer 0 instead of NULL
stanza.c: increase pri_str/idle_str buffers from 10 to 12 bytes
(INT_MIN = -2147483648 needs 12 bytes including NUL)
vcard.c: NULL guard for filename before g_file_set_contents
api.c: broken log_warning() calls with extra format argument
Format mismatch fixes:
chatwin.c: Jid* → char* for %s
connection.c: %x → %lx for long flags
cmd_funcs.c: %d → %zu for size_t; cast gpointer to char* for %s
cmd_defs.c: %d → %u for g_list_length() return (guint)
iq.c: barejid → fulljid for from_jid
console.c, mucwin.c, privwin.c, account.c, omemo.c, presence.c:
gpointer → (char*) casts for %s
Const-correctness and cleanup:
database.c: const for type, query, sort variables
form.c/xmpp.h: const for form_set_value parameter
files.c: refactor to early return, eliminating NULL logfile path
muc.c/muc.h: remove meaningless top-level const on return type
common.c: const for URL string literal
Remove stale declarations: cons_show_desktop_prefs (ui.h),
connection_set_priority (connection.h),
omemo_devicelist_configure_and_request (omemo.h)
test_common.c: add currb NULL check to silence -Wnull-dereference
Tooling (check-cwe134.sh):
Reduce from 5 checks to 2 (checks 1-3 redundant with -Wformat=2)
Check 1: verify known wrappers have G_GNUC_PRINTF attribute
Check 2: auto-detect unannotated variadic printf-like functions
Match both const char* and const gchar* in variadic patterns
Author: jabber.developer2 <jabber.developer2@jabber.space >
2026-03-07 11:55:50 +01:00
ad95edb2b9
feat: make /log level work with non-default files
2025-10-13 20:47:34 +02:00
Steffen Jaeckel
edb41bef60
Re-factor notifier.
...
* Add an internal `_notifier_uninit()` function.
* Instead of `#ifdef` inside `notify()`, provide different target-specific
static implementations.
This also introduces `log_error_once()`.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu >
2025-03-12 10:15:39 +01:00
Steffen Jaeckel
c5a131ee46
Introduce our own shutdown callback mechanism.
...
Instead of adding stuff to `_shutdown()`, we can now register a shutdown
routine from the respective `init()` function of our modules.
This also has the advantage, that we're sure they're called in reverse
order from how the initialization happened.
I didn't simply use `atexit()` because POSIX says that the number of
possible callbacks is limited (min 32) and I was not sure whether
we will maybe extend this number at one point.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu >
2025-03-07 21:09:16 +01:00
Steffen Jaeckel
5657aac33d
Fix some more char* -> gchar*.
...
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-08-31 23:14:02 +02:00
Steffen Jaeckel
e9aaba938b
minor changes
...
* fix typo
* less code duplication
* less `GString` usage
* more `auto_gchar` usage
* document connecting to servers supporting SASL ANONYMOUS
* ignore valgrind output
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-01-18 20:02:46 +01:00
Michael Vetter
585f68f4f7
Split log.c into log.c and chatlog.c
2022-06-28 20:08:38 +02:00
Michael Vetter
b302c604ab
Display log level information in preferences
2022-06-22 13:05:11 +02:00
Michael Vetter
57666bcb77
Remove log_reinit()
...
Not needed anymore.
2020-12-11 11:18:24 +01:00
Michael Vetter
a2726b6a7d
Apply coding style
2020-07-07 14:18:57 +02:00
Michael Vetter
a4cadf78fa
Revert "Apply coding style"
...
This reverts commit 9b55f2dec0 .
Sorting the includes creates some problems.
2020-07-07 13:53:30 +02:00
Michael Vetter
9b55f2dec0
Apply coding style
...
Regards https://github.com/profanity-im/profanity/issues/1396
2020-07-07 09:43:28 +02:00
Michael Vetter
0942d98c61
Remove chat_log_get_previous()
...
We now dont get the log files from the text files via chat_log_get_previous() anymore.
We use the sql backend via log_database_get_previous_chat().
So far it just has the same behaviour like chat_log_get_previous(),
except that in _chatwin_history() we don't pass the sender to
win_print_history() which should be fixed in a commit soon.
And log_database_get_previous_chat() can later easily be expanded to fix
https://github.com/profanity-im/profanity/issues/205 .
2020-04-06 14:42:52 +02:00
Michael Vetter
55f49f1259
get_log_file_location () should return const char*
...
Make clear that result should never be freed.
2020-02-21 21:19:54 +01:00
Michael Vetter
75cfe38808
Allow setting custom log file via -f FILENAME
...
`profanity -f TEST` will use `~/.local/share/profanity/logs/TEST.log` as
the log file.
2020-02-21 21:10:00 +01:00
Michael Vetter
46fd7150e5
Add vim modeline
2019-11-13 12:11:05 +01:00
Michael Vetter
8c8c18c6fd
Actually log MUC PM messages
...
If I'm not mistaken MUC PMs have not been logged at all if there was no
other client sending carbons.
This should add MUC PM logging functionality.
We still need to make sure carbons log to the same file.
Regards https://github.com/profanity-im/profanity/issues/1214
2019-10-28 23:36:42 +01:00
Paul Fariello
f831f65737
Rename prof_message_t into ProfMessage
2019-06-20 14:30:45 +02:00
Paul Fariello
44d16e9141
Add prof_message_t to wrap all message attributes
...
Probably missing copy of body to plain in carbon and privmessage.
Only covers the incoming message path because goal is OMEMO decryption
of untrusted message.
Cover some of the log functions but not all.
2019-06-20 14:30:42 +02:00
Paul Fariello
4e1ffa6bdb
Log and print outgoing encrypted message
2019-04-10 17:12:31 +02:00
Paul Fariello
0fb27dc496
Add OMEMO message encryption and decryption
2019-04-10 16:03:50 +02:00
Michael Vetter
706af9a900
Update copyright to include 2019
2019-01-22 11:31:45 +01:00
James Booth
250e972b7a
Update copyright
2018-01-21 15:00:02 +00:00
James Booth
68a3daedb9
Update Copyright
2017-01-28 17:24:22 +00:00
James Booth
0a57c4de78
Tidy headers
2016-07-24 15:43:51 +01:00
James Booth
e8fc80f5c1
Update GPL link in headers
2016-07-24 01:14:49 +01:00
James Booth
e53e94f1e2
Updated copyright
2016-02-14 22:54:46 +00:00
James Booth
dd11334b06
Applied coding style to src/
2015-10-26 00:52:33 +00:00
Michael Vetter
3b0f7e109c
Use consistent style for pointers
2015-10-21 15:07:49 +02:00
James Booth
b266e4d035
Pass delay timestamp to all incoming chat events
2015-09-08 20:18:31 +01:00
James Booth
dd206ef637
WIP fix for #516 , needs memory cleanup
2015-06-29 23:48:41 +01:00
Dmitry Podgorny
e831410669
log: Introduced stderr log handler
...
This handler redirects stderr output to a pipe and gathers logs from the
read end.
The handler is called from main loop, therefore, if a function prints logs
to stderr they will be put to log file only after function returns.
2015-06-23 20:52:04 +00:00
James Booth
3d2f999efb
Added PGP logging preferences
2015-06-21 21:42:58 +01:00
James Booth
8944a3b5bb
Move common chat logging code to log.c
2015-03-15 23:19:00 +00:00
James Booth
b3be26a214
Updated copyright
2015-02-10 23:16:09 +00:00
James Booth
f9737251a6
Added license exemption for OpenSSL to source headers
2014-08-24 20:57:39 +01:00
James Booth
186cac34de
Fixed memleak in chat log history
2014-06-27 00:38:53 +01:00
James Booth
67a109927c
Added /log where command
2014-04-13 22:20:15 +01:00
James Booth
c3418a2909
Added /log shared setting
...
Issue #170
2014-04-13 21:56:51 +01:00
James Booth
26726b207a
Updated copyright
2014-03-09 01:18:19 +00:00
James Booth
da03617e8b
Moved handle_login_account_success to server_events
2014-01-05 20:58:19 +00:00
James Booth
8c5866ff52
Added groupchat logs
...
closes #168
2013-05-05 00:16:10 +01:00
James Booth
c90c83f7e1
Removed log function to log.c
2013-02-03 00:27:43 +00:00
James Booth
bf1cf04447
Joined log and chat_log modules
2013-01-28 20:16:18 +00:00
James Booth
d29c7fd878
Updated copyright
2013-01-11 02:05:29 +00:00
James Booth
6bad38c2d5
Removed trailing whitespace from src and tests
2012-10-21 20:02:20 +01:00
James Booth
0f3c1e56d2
Fixed vargs strings in log
2012-09-09 16:23:33 +01:00
James Booth
fe519410b1
Tidied all includes
2012-08-26 01:50:50 +01:00
James Booth
2bbac1c811
Refactored log
...
Added shortcut functions for prof logging levels
2012-08-26 00:54:18 +01:00