Commit Graph

194 Commits

Author SHA1 Message Date
Michael Vetter
b7c8f8235c feat(omemo): suppress "new device" alerts for already known devices
Modify omemo_set_device_list to check against the persistent
known_devices.txt file before notifying the user. This prevents
false-positive security alerts on every restart for devices
that have already been registered and trusted.

Check against the persistent known_devices.txt file before notifying
the user. This ensures that "New OMEMO device" alerts are only shown
for devices that are truly new to this client.

Ref: ce9b5140d
2026-03-18 22:19:18 +01:00
Michael Vetter
4253da99c5 feat(omemo): suppress redundant session already exists messages
Removing the UI notification in omemo_start_device_session to reduce
noise during /omemo start.
The information is still available in the debug logs.

And I think for existing sessions its just too much without value.

Ref: b20e3f1a
2026-03-18 22:19:13 +01:00
Michael Vetter
321ff57150 feat(omemo): suppress repetitive missing device ID warnings
When sending OMEMO messages, we print a warning message for every
participant without a device ID on every single send:

```
Can't find a OMEMO device id for my@jid.org
```

This clutters the UI due to the high volume of repetitive information.

This is solved by tracking suppressed warnings within the window
structure. A warning for a specific JID and type is only shown once
per window context.

Suppression state is stored in the base ProfWin structure and managed
via helper functions (win_warn_needed, win_warn_sent). The state is
lazily initialized to save resources and automatically cleaned up when
the window is closed.

Warnings are explicitly reset when an OMEMO session is started or
ended to ensure users see fresh alerts when toggling encryption.
2026-03-18 21:48:37 +01:00
Steffen Jaeckel
d9a8c579b6 Optimize random data generation.
In the process of trying to bring down the time of sending an OMEMO
encrypted message I noticed that a lot of time was spent in generating the
random key and IV (~0.54s on my machine).
By changing this to a single call to `gcry_random_bytes_secure()` I have
been able to slash the time by 50% to ~0.27s.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2026-03-16 10:43:28 +01:00
Steffen Jaeckel
cbe6dac448 Flush OMEMO store only after encrypting for all recipients.
Instead of flushing the OMEMO store to disk after each operation, do it
only once after all recipients are processed.

A user reported a long delay between hitting enter on the keyboard and the
message being sent on the wire in an OMEMO-enabled group chat. This patch
hopefully improves this situation.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2026-03-16 10:43:28 +01:00
Michael Vetter
acba9d9da7 Merge pull request #2108 from profanity-im/omemo-ux-fix
fix: Dont OMEMO trust check so often
2026-03-09 13:22:19 +01:00
Michael Vetter
798edce22a chore: Move to SPDX license header 2026-03-09 12:55:37 +01:00
Michael Vetter
624585572e fix: Dont OMEMO trust check so often
a26cdf386b / #2104 added OMEMO trust status to the
title bar, but it was being re-calculated on UI refresh.

Update only on certain operations (like `/omemo trust`, new device
discoveries and even incoming OMEMO messages for example).
2026-03-09 11:38:51 +01:00
Michael Vetter
e39ffd981f refactor: Refactor OMEMO error handling and add non-null attributes
Add __attribute__((nonnull) hints to omemo_receive_message and
omemo_on_message_recv declarations to catch NULL arguments at
compiletime.
So we can set the error state unconditionally in the functions.
2026-03-09 08:48:41 +01:00
Michael Vetter
3e2673aad2 cleanup: Cleanup types 2026-03-09 07:52:21 +01:00
Michael Vetter
4d49c2b746 feat: Provide descriptive fallback messages for OMEMO decryption failures
If an incoming OMEMO message failed to decrypt (due to missing session
keys or untrusted identities), Profanity would fall back to displaying
the raw XMPP body. This usually contained a generic string like "This
message is encrypted with OMEMO,".

We wrote the detailed reason in the debug logs but the user only saw the
fallback message and probably wondered *why* the message wasn't
displayed properly.

I'm unsure if we should display the fallback message as well though.
2026-03-09 07:49:03 +01:00
Michael Vetter
b20e3f1a0c feat: Improve feedback during OMEMO session Initiation
After typing `/omemo start` a user was not informed of what exactly
happens.
Profanity is fetching the device list and the key bundle for each
device. This happens asynchronously. It could be that it takes some time
and the user already starts typing a message, believing OMEMO is
working.

Now we print:
* Initiating OMEMO session..
* Fetching device list and key bundles
* OMEMO session ready

So the user understands much better the current situation.
2026-03-09 07:49:03 +01:00
Michael Vetter
5a3083f273 feat: Show active and trust status in /omemo fingerprint
The /omemo fingerprint command provided a list of all keys ever
seen for a contact but did not indicate which keys were currently "active"
(present in the latest server device list). This made it difficult for users
to identify which fingerprints actually required verification to fix
encryption issues.

Users can now easily distinguish between devices currently in use and
historical keys that no longer matter.

When encryption fails users can immediately see which "active" key is
"untrusted," allowing them to verify the correct fingerprint fast.

Function `omemo_is_device_active` will check if a fingerprint belongs
to a device currently announced by the contacts server.
2026-03-09 07:49:03 +01:00
Michael Vetter
99c03f8c3b feat: Provide detailed encryption failure messages for OMEMO
When OMEMO encryption failed due to untrusted devices, the
user was presented with a generic error message. This made it difficult
to identify which specific fingerprints were causing the issue, forcing
users to manually hunt for untrusted keys using /omemo fingerprint.

New function `omemo_get_jid_untrusted_fingerprints` to specifically
identify unverified identities for a contact.
`omemo_on_message_send` will now catch encryption failures and
explicitly list the untrusted fingerprints in the chat window.
2026-03-09 07:49:03 +01:00
Michael Vetter
ce9b5140d5 feat: Notify users when new OMEMO devices or fingerprints are discovered
Previously, Profanity silently updated OMEMO device lists and identity
caches in the background. This often led to confusion when a contact
added a new device, as encryption or decryption would eventually fail
due to untrusted keys without any prior warning to the user.

The `notifying` flag will distinguish between initial data loading and
realtime discovery.

We now print a message both when a contact publishes a new device ID or
when a new fingerprint is discovered.
2026-03-09 07:49:03 +01:00
Michael Vetter
ded2f6afc0 feat: Add OMEMO trust status indicators to the titlebar
Previously the titlebar only showed [OMEMO], regardless of whether the
active session contained untrusted devices. This forced users to manually
run /omemo fingerprint to check the security status of their conversation,
making it difficult to know at a glance if a session was truly secure.

New function `omemo_is_jid_trusted()` to check if all active devices for a JID are trusted.
Update chat and MUC titlebar to display [trusted] or [untrusted] tags when an OMEMO session is active.
Not sure if MUC makes sense here?
2026-03-09 07:49:03 +01:00
Michael Vetter
612cc0e59e Merge pull request #2099 from profanity-im/clean-unittests
Cleanup unittests and improve documentation for new contibutors
2026-02-28 15:15:13 +01:00
Michael Vetter
b0abb64950 refactor: Fix clang-format expansion of table
By removing the trailing comma from the array initialization we hint
clang-format to maintain the compact layout.
2026-02-28 14:52:36 +01:00
Michael Vetter
bc13a726b6 fix: Fix Floating Point Exception in OMEMO session building
When an OMEMO bundle is received with an empty <prekeys/> element,
`prekeys_list` remains empty. In omemo_start_device_session(),
performing a modulo operation on the length of an empty list
(0) triggered a SIGFPE (Floating point exception).

torsocks likely affected the network environment where such empty
or incomplete bundles could be intercepted.

Fix https://github.com/profanity-im/profanity/issues/1997
2026-02-28 10:28:26 +01:00
Michael Vetter
45dc50eccf fix: initialize OMEMO pointers and add NULL checks 2026-02-27 19:26:42 +01:00
Michael Vetter
65ca3c448b fix: handle potential NULL from malloc in OMEMO fingerprint decoding 2026-02-27 19:26:42 +01:00
Michael Vetter
657de5f22f Merge pull request #2089 from profanity-im/cleanup
Cleanup
2026-02-23 11:10:38 +01:00
Michael Vetter
6221d1046a cleanup: Cast device ids in omemo.c
Seems like in signal address.device_id is int32 for some reason.
2026-02-20 16:50:03 +01:00
Michael Vetter
10a68437ad cleanup: Move loop var from int to size_t in omemo.c 2026-02-20 16:50:03 +01:00
Michael Vetter
f1acf702a9 chore: Update copyright year 2026-02-20 16:13:31 +01:00
Steffen Jaeckel
01c781fcf6 Don't publish keys if the server doesn't support pubsub.
Related-to: https://github.com/profanity-im/profanity/issues/2078
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-23 12:47:39 +01:00
Steffen Jaeckel
1d508d592c Fix memory leaks when OMEMO keys have not been generated yet.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-23 12:47:39 +01:00
Steffen Jaeckel
fa1c4dddc9 Fix invalid free after /omemo gen
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-23 12:47:39 +01:00
Steffen Jaeckel
62fd40c510 Use gboolean consistently.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-23 12:47:39 +01:00
Steffen Jaeckel
79ff9bad7d Fix OMEMO startup
When setting up OMEMO for the first time via `/omemo gen` one had
to reconnect in order to make OMEMO work. This is fixed now.

Fixes: 5b6b5130 ("Fix OMEMO keyfile loading")
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-18 12:16:29 +01:00
Steffen Jaeckel
48ac88de08 Fix GError handling
Several users have reported segfaults when starting up profanity which
has OMEMO support, but OMEMO is not set up yet.

@StefanKropp has been able to reproduce this and tracked it down to
`_load_identity()` calling `omemo_known_devices_keyfile_save()`.
The latter then calls `save_keyfile()` which calls
`g_key_file_save_to_file()`. This can then fail if one of the first two
strings is NULL and won't set the `error` on return. In its error handling
`save_keyfile()` unconditionally dereferences `error` which leads to the
segfault.

Fix this and also go through the entire codebase and verify that the usage
of `GError` is done correctly.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-11-18 12:16:29 +01:00
Michael Vetter
07dfeec816 Release 0.15.0 2025-03-27 20:06:38 +01:00
Steffen Jaeckel
59aa9d64df Check return values of libgcrypt initialisation.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-17 17:00:17 +01:00
Steffen Jaeckel
c5a131ee46 Introduce our own shutdown callback mechanism.
Instead of adding stuff to `_shutdown()`, we can now register a shutdown
routine from the respective `init()` function of our modules.

This also has the advantage, that we're sure they're called in reverse
order from how the initialization happened.

I didn't simply use `atexit()` because POSIX says that the number of
possible callbacks is limited (min 32) and I was not sure whether
we will maybe extend this number at one point.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-07 21:09:16 +01:00
Michael Vetter
07900e9617 Revert "Fix potential double free of ratchet identity key"
This reverts commit 3b099e9403.

This resulted in:
```
==5285== Invalid read of size 16
==5285==    at 0x4FA80FC: ec_public_key_serialize (in /usr/lib64/libsignal-protocol-c.so.2.3.3)
==5285==    by 0x4E5E76: omemo_identity_key (omemo.c:419)
==5285==    by 0x4EBB7E: omemo_bundle_publish (omemo.c:129)
==5285==    by 0x4E5BD9: omemo_publish_crypto_materials (omemo.c:335)
==5285==    by 0x460407: sv_ev_connection_features_received (server_events.c:202)
==5285==    by 0x43AA87: connection_features_received (connection.c:779)
==5285==    by 0x4418C9: _disco_info_response_id_handler_onconnect (iq.c:2423)
==5285==    by 0x43B9F1: _iq_handler (iq.c:241)
==5285==    by 0x5163848: ??? (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x516A224: ??? (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x5E4FE43: ??? (in /usr/lib64/libxml2.so.2.12.8)
==5285==    by 0x5E54927: xmlParseChunk (in /usr/lib64/libxml2.so.2.12.8)
==5285==    by 0x5163450: xmpp_run_once (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x439797: connection_check_events (connection.c:162)
==5285==    by 0x43894E: session_process_events (session.c:256)
==5285==    by 0x4319FF: prof_run (profanity.c:128)
==5285==    by 0x4EDAE6: main (main.c:174)
==5285==  Address 0xa1cb1e0 is 16 bytes inside a block of size 72 free'd
==5285==    at 0x484875B: free (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==5285==    by 0x4395D0: _xfree (connection.c:110)
==5285==    by 0x516A1A7: xmpp_stanza_release (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x516A16C: xmpp_stanza_release (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x516A16C: xmpp_stanza_release (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x516A230: ??? (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x5E4FE43: ??? (in /usr/lib64/libxml2.so.2.12.8)
==5285==    by 0x5E54927: xmlParseChunk (in /usr/lib64/libxml2.so.2.12.8)
==5285==    by 0x5163450: xmpp_run_once (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x439797: connection_check_events (connection.c:162)
==5285==    by 0x43894E: session_process_events (session.c:256)
==5285==    by 0x4319FF: prof_run (profanity.c:128)
==5285==    by 0x4EDAE6: main (main.c:174)
==5285==  Block was alloc'd at
==5285==    at 0x4845794: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==5285==    by 0x43958A: _xmalloc (connection.c:102)
==5285==    by 0x516A0D1: xmpp_stanza_new (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x516BF34: ??? (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x5F10A17: ??? (in /usr/lib64/libxml2.so.2.12.8)
==5285==    by 0x5E5481F: xmlParseChunk (in /usr/lib64/libxml2.so.2.12.8)
==5285==    by 0x5163450: xmpp_run_once (in /usr/lib64/libstrophe.so.0.13.1)
==5285==    by 0x439797: connection_check_events (connection.c:162)
==5285==    by 0x43894E: session_process_events (session.c:256)
==5285==    by 0x4319FF: prof_run (profanity.c:128)
==5285==    by 0x4EDAE6: main (main.c:174)
```

Tested via sending OMEMO messages via 1:1 and in MUC.
2024-06-20 12:41:20 +02:00
Steffen Jaeckel
3b099e9403 Fix potential double free of ratchet identity key
libsignal does this properly, so there wouldn't be a real double free, but
it will `abort()`.

Instead of destroying the identity key on disconnect, already destroy it
after it has been put into the libsignal 'ratchet identity key pair'.

In the case where the key pair is initially generated, the public
and private parts are only `ref()`'ed once in [0].
In the case where the key pair is read from the disk, the public
and private parts are `ref()`'ed twice, first when decoded in [1] resp.
[2] and a second time in [3].

When `omemo_on_disconnect()` is called we were `unref()`'ing the parts
twice, before this patch. First in [4], a second time in [5] resp. [6].

Now we do the second `unref()` already when loading.

[0] `signal_protocol_key_helper_generate_identity_key_pair()`
[1] `curve_decode_point()`
[2] `curve_decode_private_point()`
[3] `ratchet_identity_key_pair_create()`
[4] `ratchet_identity_key_pair_destroy()`
[5] `ec_private_key_destroy()`
[6] `ec_public_key_destroy()`

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2024-06-19 16:01:46 +02:00
Steffen Jaeckel
848acdd1fa Improve const correctness
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2024-06-19 16:01:46 +02:00
Michael Vetter
569e37f018 Update copyright to 2024 2024-01-22 16:03:48 +01:00
Steffen Jaeckel
bac24601da Introduce equals_our_barejid()
Instead of always repeating the same pattern, introduce a helper function.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-12 18:27:02 +01:00
Steffen Jaeckel
fdfe3e2ad9 Rework OMEMO handling on disconnect
* Fix missing destruction of `session_store` and mutex
* Replace `glib_hash_table_free()`
  The glib API `g_hash_table_destroy()` does exactly the same.
* Use the default libsignal `destroy_func` instead of doing that manually
* Set internal state to `0` after everything is cleaned up

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-12 18:26:21 +01:00
Steffen Jaeckel
847a86de50 add connection_get_jid()
Use a singleton `Jid` inside the connection instead of always re-creating
a `Jid` from the same string.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-12 18:26:21 +01:00
Steffen Jaeckel
4c26462827 Ensure instances of auto types are initialized
Follow-up of #1913

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-11-06 22:22:35 +01:00
Steffen Jaeckel
5b6b5130ae Fix OMEMO keyfile loading
We have to lazy load the keyfiles as they will maybe be written at one
point and should be initialized by that time.

Fixup of ca2df180d8

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-09-08 14:51:13 +02:00
Steffen Jaeckel
ca2df180d8 Introduce a shared implementation for keyfile loading
Instead of copy&pasting the same code over again, use a common
implementation.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-09-04 09:59:09 +02:00
John Hernandez
865a056315 Cleanup g_strfreev() to auto_gcharv
Include some additional minor cleanups
2023-07-13 17:05:07 +02:00
John Hernandez
029f1caa52 Cleanup jid_destroy to auto_jid
Remove unused variables
Apply minor cleanups
2023-07-13 17:05:07 +02:00
John Hernandez
8304ac86ff g_free() to auto_gfree, introduce auto_guchar
Fix 11 potential mem leaks in theme.c
2023-07-13 17:04:59 +02:00
John Hernandez
e1d137f4e6 Change char->free to auto_char char for autocleanup
Replace `gchar` and `g_free` to `auto_gchar`
Correct certain  `char` functions/variables to `gchar`

Related to #1819.

Edited by @jubalh.
2023-07-11 13:26:37 +02:00
John Hernandez
4a70f5f513 Cleanup char* to auto_gchar gchar* for prefs_get_string
Necessity explained in #1819
2023-07-03 16:06:27 +02:00
John Hernandez
7f3fca2bd0 Cleanup: gchar as gchar instead of char
Use gchar instead of char in most of the cases where gchar is intended.

Reason: improve compatibility and stability. Issue #1819

Minor refactoring.
2023-05-04 16:15:09 +02:00