72f4f186da
merge: sync upstream profanity-im/profanity
...
CI Code / Check spelling (push) Successful in 18s
CI Code / Check coding style (push) Successful in 34s
CI Code / Code Coverage (push) Successful in 2m36s
CI Code / Linux (debian) (push) Successful in 4m41s
CI Code / Linux (ubuntu) (push) Successful in 4m52s
CI Code / Linux (arch) (push) Successful in 5m40s
Sync with upstream profanity-im/profanity.
Major upstream changes incorporated:
Memory management
- Replace malloc+memset with g_new0 throughout codebase
- Adopt auto_gchar / auto_gcharv / auto_gerror / auto_jid cleanup macros
- Replace free() with g_free() for GAlloc'd memory
Editor rewrite
- Remove pthread-based async editor; use GChildWatch callback API
- New launch_editor(initial_content, callback, user_data) interface
- Proper signal handling (SIGINT, SIGTSTP, SIGPIPE reset in child)
- ui_suspend()/ui_resume() integration for TTY management
OMEMO improvements
- Dual backend support: libsignal-protocol-c and libomemo-c
- Proper pre-key removal after use (XEP-0384 compliance)
- Automatic pre-key regeneration when store drops below threshold
- New functions: omemo_is_device_active(), omemo_is_jid_trusted()
- omemo_get_jid_untrusted_fingerprints() for better error messages
- Fingerprint notifications on new device identity discovery
- Deterministic pre-key ID generation tracking max_pre_key_id
- omemo_trust_changed() UI updates on trust state changes
JID validation
- RFC 6122-compliant validation in jid_is_valid()
- Character-level checks (RFC 6122 forbidden chars: & ' / : < > @)
- Length limits: 1023 per component, 3071 total
- New jid_is_valid_user_jid() for user vs. service JID distinction
Database
- Schema migration v3: UNIQUE constraint on archive_id for deduplication
- Triggers for corrected message tracking (replaces_db_id / replaced_by_db_id)
- db_history_result_t return type, _truncate_datetime_suffix()
UI / console
- win_warn_needed() / win_warn_sent() warning deduplication hash table
- PAD_MIN_HEIGHT dynamic pad sizing with PAD_THRESHOLD auto-cleanup
- Spellcheck integration in input field with Unicode word detection
- cons_spellcheck_setting() for /settings ui output
- /[command]? shortcut for command help
Account config
- Account name sanitization for GKeyFile special chars ([ ] = # \n \r)
- Replace popen() with g_spawn_sync() for eval_password
- TLS policy: add "direct" option alongside legacy
Connection
- Port validation with g_assert (0–65535)
- SHA-256 certificate fingerprint support (XMPP_CERT_PUBKEY_FINGERPRINT_SHA256)
- "direct" TLS policy alias for legacy SSL
Common utilities
- str_xml_sanitize() for XML 1.0 illegal character removal
- string_matches_one_of() with formatted error messages
- valid_tls_policy_option() helper
- prof_date_time_format_iso8601() utility
- Improved strip_arg_quotes() with backslash unescaping
- prof_occurrences() uses g_slist_prepend + reverse for performance
PGP / OX
- Proper GPGME resource cleanup with goto-cleanup pattern
- g_string_free(xmppuri) leak fix in _ox_key_lookup
CSV export
- Use GString + g_file_set_contents instead of raw write() syscalls
Tests
- Restructured into subdirectories: command/, config/, xmpp/, ui/, omemo/, otr/, pgp/
- New test_cmd_ac.c for autocompleter unit tests
- Updated stubs for new UI suspend/resume functions
License headers
- Migrate to SPDX-3.0 identifiers (GPL-3.0-or-later WITH OpenSSL-exception)
────────────────────────────────────────────────────
cproof-specific preservations:
- XEP-0308 LMC: replace_id ?: id logic in message/stanza/omemo
- Force encryption: cmd_force_encryption, test_forced_encryption
- CWE-134: format string protection (cons_show("%s", ...))
- y_start_pos-based paging in window.c
- db_history_result_t return type, _truncate_datetime_suffix()
Merge-time fixes:
- common.c: format-security (-Werror) — cons_show(errmsg) → cons_show("%s", errmsg)
- database.c: null-deref guard — !msg->timestamp → msg && !msg->timestamp
- console.c: implicit size_t → int cast — (int)(maxlen + 1)
- tlscerts.c: %d for size_t — %zu
Build system:
- Kept autotools (Makefile.am, configure.ac); upstream uses Meson
- Restored deleted files: bootstrap.sh, autogen.sh, ax_valgrind_check.m4, configure-debug
- Updated Makefile.am test paths for subdirectory structure
- Added test_cmd_ac, test_forced_encryption to test sources
Functional tests:
- Use cproof version; upstream requires stbbr_for_xmlns from updated stabber
- Not yet available in devs/stabber fork
Closes #64
Merge author: jabber.developer2
Commits authors:
Michael Vetter <jubalh@iodoru.org >
& Steffen Jaeckel <s@jaeckel.eu >
2026-05-26 17:48:14 +00:00
467222d0ca
fix(ui,db): harden NULL handling, fix CWE-134, optimize iterations
...
CI Code / Code Coverage (push) Failing after 10m34s
CI Code / Check spelling (push) Failing after 10m47s
CI Code / Check coding style (push) Failing after 11m4s
CI Code / Linux (ubuntu) (push) Failing after 11m19s
CI Code / Linux (debian) (push) Failing after 11m28s
CI Code / Linux (arch) (push) Failing after 11m38s
security(CWE-134): fix format string injections + add CI check
fix(ui): subwindow lifecycle, newwin/newpad guards, fallback timestamps
fix(db): sqlite cleanup on failures, sqlite3_close_v2
fix(xmpp): queued_messages loop, barejid leak
perf(core): g_hash_table_iter_init instead of g_hash_table_get_keys
refactor(ui): CLAMP macro in _check_subwin_width
test: XEP-0012 and XEP-0045 functional tests
Author: jabber.developer2
Closes #58 , #85
2026-02-06 19:27:40 +01:00
d07ca9953d
fix: reduce logging
...
CI / Check spelling (push) Successful in 16s
CI / Check coding style (push) Successful in 31s
CI / Linux (ubuntu) (push) Successful in 10m12s
CI / Linux (arch) (push) Successful in 12m3s
CI / Linux (debian) (push) Successful in 12m12s
CI / Linux (fedora) (push) Successful in 17m6s
If we can't debug_log because we couldn't obtain some data, but otherwise the app is working, "warning" level is clearly excessive.
2025-07-05 20:54:06 +02:00
developer1
69238e7e66
Update deprecated email extraction in p_gpg_decrypt
...
CI / Linux (arch) (pull_request) Successful in 12m32s
CI / Linux (debian) (pull_request) Successful in 12m25s
CI / Check spelling (pull_request) Successful in 16s
CI / Linux (fedora) (pull_request) Successful in 15m17s
CI / Linux (ubuntu) (pull_request) Successful in 14m13s
CI / Check coding style (pull_request) Failing after 4m24s
Fixes arch build.
Since gpgme v2 release, https://github.com/gpg/gpgme/blob/master/NEWS , the gpgme_key_get_string_attr as well as GPGME_ATTR_EMAIL are REMOVED.
Fixes #2
Closes #2
2025-06-19 18:20:50 +02:00
Michael Vetter
07dfeec816
Release 0.15.0
2025-03-27 20:06:38 +01:00
Steffen Jaeckel
c5a131ee46
Introduce our own shutdown callback mechanism.
...
Instead of adding stuff to `_shutdown()`, we can now register a shutdown
routine from the respective `init()` function of our modules.
This also has the advantage, that we're sure they're called in reverse
order from how the initialization happened.
I didn't simply use `atexit()` because POSIX says that the number of
possible callbacks is limited (min 32) and I was not sure whether
we will maybe extend this number at one point.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu >
2025-03-07 21:09:16 +01:00
Michael Vetter
0995b1a180
Add NULL check to _gpgme_key_to_ProfPGPKey
...
Fix https://github.com/profanity-im/profanity/issues/1995
Tested-by: Martin Dosch <martin@mdosch.de >
2024-09-07 12:44:42 +02:00
Michael Vetter
569e37f018
Update copyright to 2024
2024-01-22 16:03:48 +01:00
Steffen Jaeckel
ca2df180d8
Introduce a shared implementation for keyfile loading
...
Instead of copy&pasting the same code over again, use a common
implementation.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2023-09-04 09:59:09 +02:00
John Hernandez
865a056315
Cleanup g_strfreev() to auto_gcharv
...
Include some additional minor cleanups
2023-07-13 17:05:07 +02:00
John Hernandez
8304ac86ff
g_free() to auto_gfree, introduce auto_guchar
...
Fix 11 potential mem leaks in theme.c
2023-07-13 17:04:59 +02:00
John Hernandez
e1d137f4e6
Change char->free to auto_char char for autocleanup
...
Replace `gchar` and `g_free` to `auto_gchar`
Correct certain `char` functions/variables to `gchar`
Related to #1819 .
Edited by @jubalh.
2023-07-11 13:26:37 +02:00
John Hernandez
36784738fc
Add optional pgp public key autoimport
...
Refactor `p_gpg_list_keys`
Add `/pgp autoimport` command,
it's not described in XEP-0027, but used in some clients,
such as PSI, Pidgin. It will autoimport keys received with
`/pgp sendpub`, in plain text as a message, or using features,
provided in other clients. It doesn't autoassign them, but shows
command to assign, letting user to decide.
Improve documentation for some preexisting functions
Add contact argument to `/pgp sendpub`
2023-07-02 14:25:55 +02:00
John Hernandez
a59623a007
Add /pgp sendpub command
...
Command allows to share your PGP pub key with ease,
it's not described in XEP-0027, but used in some clients,
such as PSI, Pidgin.
Fix typos
Minor improvements
2023-07-02 14:25:55 +02:00
John Hernandez
5e8f1f9c85
Fix memory corruption crash
...
Under certain circumstances setting plain_str[len] to 0 might lead to crash
and it does not follow the best practices as well.
This change allows better handling of buffer copying and prevents crash.
2023-04-13 17:16:55 +02:00
Michael Vetter
e59c401c84
Adapt to g_string_free glib 2.75.3 change
...
glib 2.75.3 changes warning behaviour of `g_string_free()`.
See:
* https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3219
* https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3226
Use this opportunity to replace the use of GString with
`g_strdup_printf()` where possible.
Otherwise correctly take the return value of `g_string_free()`
which is nicer anyways.
2023-03-21 10:53:10 +01:00
Michael Vetter
3adc399da0
Update copyright year
2023-01-10 10:37:25 +01:00
Michael Vetter
a40a0f5189
Split ox functions from gpg.c to ox.c
2022-06-29 09:17:15 +02:00
Michael Vetter
e5e661e92d
ox: fix mistakes in p_ox_gpg_decrypt()
...
strcpy() can't work here because the data doesn't have to be
NULL-terminated. So let's use memcpy.
Fix memleak of plain_str.
2022-05-04 11:35:15 +02:00
Michael Vetter
58911926de
ox: print more error messages to UI
2022-05-03 23:39:10 +02:00
Michael Vetter
c3deb5d325
ox: dont require marginal trust level
...
Maybe we can make this configurable later.
So users have the freedom to be more strict.
This commit partly reverts 62018f48c5 .
Example to edit trust level:
```
gpg --edit-key somekeyid
gpg (GnuPG) 2.3.4; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub rsa4096/keyid
created: 2020-06-26 expires: 2022-06-26 usage: SC
trust: unknown validity: full
sub rsa4096/keyid
created: 2020-06-26 expires: 2022-06-26 usage: E
[ full ] (1). xmpp:user@domain.de
gpg> trust
pub rsa4096/keyid
created: 2020-06-26 expires: 2022-06-26 usage: SC
trust: unknown validity: full
sub rsa4096/keyid
created: 2020-06-26 expires: 2022-06-26 usage: E
[ full ] (1). xmpp:user@domain.de
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 3
pub rsa4096/keyid
created: 2020-06-26 expires: 2022-06-26 usage: SC
trust: marginal validity: full
sub rsa4096/keyid
created: 2020-06-26 expires: 2022-06-26 usage: E
[ full ] (1). xmpp:user@domain.de
Please note that the shown key validity is not necessarily correct
unless you restart the program.
gpg> quit
```
2022-05-03 23:11:25 +02:00
Stefan Kropp
62018f48c5
ox_key_is_usable - Logging and owner trust check
...
* Added logging messages (INFO if key can not be used)
* Check owner_trust < GPGME_VALIDITY_MARGINAL
The key can not be used if the owner_trust is less than MARGINAL.
2022-05-03 23:00:11 +02:00
Michael Vetter
024694215d
Merge pull request #1644 from profanity-im/ox-polish
...
Improve OX user experience
2022-03-21 10:08:13 +01:00
Steffen Jaeckel
b8e46552bf
add files_file_in_account_data_path()
...
As all parts of the code invoking the `files_get_account_data_path()`
function did the same afterwards, a function has been added with the same
behavior.
1. create path
2. `mkdir` of that path
3. return final path
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2022-03-13 14:15:02 +01:00
Michael Vetter
423105085a
ox: adjust formatting
2022-02-24 11:11:49 +01:00
Michael Vetter
9705e11527
ox: standardize log output
2022-02-24 11:10:23 +01:00
Steffen Jaeckel
9cf78e59d5
auto-format
...
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de >
2022-02-01 15:01:28 +01:00
Michael Vetter
f21595597f
Format code correctly
2021-10-05 10:01:27 +02:00
DebXWoody
6173e015f5
OX bug fixing
...
* Don't decryption if there is no private key
* Decryption error messages
2021-06-29 20:25:50 +02:00
Michael Vetter
a94378f206
Fix various typos
2020-12-10 09:24:32 +01:00
Michael Vetter
35aecd425f
Declare counter var inside loop
...
We require c99/gnu99 anyways.
2020-11-09 11:33:33 +01:00
Philipp Klaus Krause
6a276e74e3
Since the string from strerror should never be modified, use const.
2020-10-14 09:52:26 +02:00
DebXWoody
0552e50c78
OX: XEP-0373: OpenPGP for XMPP - Version 0.5.0 (2020-06-19)
...
Discovering Public Keys via PEP
* 4.3 Discovering Public Keys of a User
* 4.4 Requesting Public Keys
* Import Public Keys into GnuPG's local keyring.
Issue: #1331
2020-07-10 13:40:00 +02:00
Michael Vetter
a2726b6a7d
Apply coding style
2020-07-07 14:18:57 +02:00
Michael Vetter
a4cadf78fa
Revert "Apply coding style"
...
This reverts commit 9b55f2dec0 .
Sorting the includes creates some problems.
2020-07-07 13:53:30 +02:00
Michael Vetter
9b55f2dec0
Apply coding style
...
Regards https://github.com/profanity-im/profanity/issues/1396
2020-07-07 09:43:28 +02:00
DebXWoody
5a17957253
OX: Announce public key on PEP
...
src/pgp/gpg.c:p_ox_gpg_readkey
Used to read a public key from a file. The function will return the fingerprint
of the file and the base64 encoded key.
src/xmpp/ox.[hc]
ox_announce_public_key(const char* const filename) can be called from the /ox
announce <filename> command. The key within the file will be pushed on PEP and
the Metadata node will be set.
Issue: #1331
2020-07-06 13:19:18 +02:00
Michael Vetter
26d4b00d6d
gpg.c: _ox_key_is_usable() simplify if condition
2020-07-02 15:11:06 +02:00
Michael Vetter
27f5706e77
gpg.c: Format new ox function heads
2020-07-02 15:09:34 +02:00
Michael Vetter
1224aa414e
Use files_get_account_data_path instead of duplicate code
...
We often had a use case where we want the account specific data dir.
Let's create a function for this instead of doing it by hand each time.
2020-07-01 10:05:45 +02:00
DebXWoody
2c94ee5a88
Feature request - XEP-0373: OpenPGP for XMPP (OX)
...
Basic implementation of XEP-0373: OpenPGP for XMPP.
https://xmpp.org/extensions/xep-0373.html
Command /ox
Issue: #1331
2020-06-29 19:05:41 +02:00
Paul Fariello
a52e3ea1d8
Add context to autocomplete_with_func and use it for omemo trust command
...
Fix #1068
2020-01-31 10:07:08 +01:00
Michael Vetter
46fd7150e5
Add vim modeline
2019-11-13 12:11:05 +01:00
Viachaslau Khalikin
289b05ea50
Restoration of correct GPG encryption
...
Fixes https://github.com/boothj5/profanity/issues/997
Proposed as https://github.com/boothj5/profanity/pull/1008
Related to XEP-0027.
Message edited and commit cherry picked by jubalh.
2019-02-20 11:53:40 +01:00
Michael Vetter
706af9a900
Update copyright to include 2019
2019-01-22 11:31:45 +01:00
James Booth
250e972b7a
Update copyright
2018-01-21 15:00:02 +00:00
James Booth
ca1dcdda6c
Show libotr and libgpgme versions on --version
...
issue #956
2017-08-10 22:47:17 +01:00
James Booth
6b830277a6
Allow previous autocompletion with shift tab
2017-04-01 00:27:11 +01:00
James Booth
68a3daedb9
Update Copyright
2017-01-28 17:24:22 +00:00
James Booth
33172cb917
Free pgpdir
2016-07-25 01:03:44 +01:00