Commit Graph

590 Commits

Author SHA1 Message Date
e7c847f8dc fix(xmpp): obfuscate client identity in protocol exchanges
All checks were successful
CI Code / Check spelling (pull_request) Successful in 12s
CI Code / Check coding style (pull_request) Successful in 21s
CI Code / Code Coverage (pull_request) Successful in 3m33s
CI Code / Linux (debian) (pull_request) Successful in 5m12s
CI Code / Linux (ubuntu) (pull_request) Successful in 5m20s
CI Code / Linux (arch) (pull_request) Successful in 7m16s
Modify version responses to return a generic client name and omit
version strings. Drop the "profanity." prefix from dynamically
generated JID resources. Clear the XEP-0115 capabilities node URI to
prevent service discovery fingerprinting. These adjustments reduce the
client's attack surface by minimizing identifiable metadata.
2026-07-09 20:21:17 +00:00
756d4e18cf fix(accounts): complete client.name to client.account_name rename
All checks were successful
CI Code / Check spelling (pull_request) Successful in 12s
CI Code / Check coding style (pull_request) Successful in 22s
CI Code / Code Coverage (pull_request) Successful in 3m21s
CI Code / Linux (debian) (pull_request) Successful in 5m12s
CI Code / Linux (ubuntu) (pull_request) Successful in 5m18s
CI Code / Check spelling (push) Successful in 13s
CI Code / Check coding style (push) Successful in 23s
CI Code / Linux (ubuntu) (push) Successful in 4m43s
CI Code / Linux (debian) (push) Successful in 9m8s
CI Code / Linux (arch) (pull_request) Successful in 13m3s
CI Code / Code Coverage (push) Successful in 9m17s
CI Code / Linux (arch) (push) Successful in 13m4s
The previous rename of the account option key left "client.name" in
accounts_set_client() and accounts_clear_client(), preventing the
option from being set/cleared. Update both functions to use the
correct "client.account_name" key.

Note: existing configurations with the old key will not be migrated
automatically; a migration fix will follow.
2026-07-08 11:00:31 +00:00
02e679c277 feat(autoping): autoping availability warning
All checks were successful
CI Code / Check spelling (push) Successful in 16s
CI Code / Check coding style (push) Successful in 30s
CI Code / Linux (debian) (push) Successful in 5m25s
CI Code / Linux (ubuntu) (push) Successful in 5m33s
CI Code / Code Coverage (push) Successful in 7m54s
CI Code / Linux (arch) (push) Successful in 12m7s
## Introduced change

A new warning that notifies users when the connected XMPP server
advertises XEP-0199 (urn:xmpp:ping) support but the autoping feature
is disabled in settings. The warning can be toggled with
`/autoping warning on|off`.

The warning fires during the on-connect disco#info exchange, only for
responses from the server's own domain — responses from user JIDs or
subdomain services (e.g., conference servers) are excluded.

### Capabilities

- **On-connect detection**: Warning is emitted automatically when the
  server's disco#info response indicates `urn:xmpp:ping` support while
  autoping is disabled and the preference is enabled (default: on)
- **`/autoping warning on|off`**: Toggle the warning via the existing
  autoping command
- **Domain-scoped**: Only triggers for disco#info from the bound server
  domain; user JIDs and subdomain service JIDs are skipped
- **Case-insensitive domain matching**: Uses `g_ascii_strcasecmp` instead
  of `g_strcmp0` to handle case differences between the stanza `from`
  field and the bound domain
- **Display in settings**: Shown in both `/notify` and `/autoping`
  settings dumps, with consistent alignment and `(/autoping warning)`
  reference in each line
- **Autocomplete**: Dedicated `_autoping_autocomplete` function handles
  the `warning` subcommand with `on|off` completion

## Reasoning behind the change

Users connecting to servers that support XEP-0199 ping but have autoping
disabled may experience poorer connection stability. The warning draws
attention to this configuration mismatch without requiring users to read
documentation or dig into settings.

The warning is scoped to the server domain (not user JIDs or subdomain
services) because autoping is a connection-level feature — it only makes
sense in the context of the server's keepalive capabilities.

The warning preference defaults to `on` so users are informed by default,
but can be disabled with `/autoping warning off` if they prefer not to
see it.

## Implementation details

### Warning logic (`src/xmpp/iq.c`)

`_disco_autoping_warning_message()` is called from the on-connect
disco#info handler when the `from` field matches the bound domain. It
checks three conditions:

1. Server features contain `urn:xmpp:ping`
2. Autoping interval is 0 (disabled)
3. `PREF_AUTOPING_WARNING` is true

All three must be true for the warning to display.

### Domain matching

`g_ascii_strcasecmp(from, connection_get_domain())` is used instead of
`g_strcmp0` to handle case differences. This prevents the warning from
silently skipping if a server echoes the `from` field in a different
case than the bound domain.

### Command integration (`src/command/cmd_*.c`)

- `cmd_defs.c`: Added `/autoping warning on|off` syntax and argument
  description
- `cmd_funcs.c`: Added `warning` subcommand handler that calls
  `_cmd_set_boolean_preference` with `PREF_AUTOPING_WARNING`
- `cmd_ac.c`: Registered dedicated `_autoping_autocomplete` that handles
  the `warning` subcommand with `on|off` boolean completion

### Preference storage (`src/config/preferences.c`)

- Group: `PREF_GROUP_NOTIFICATIONS`
- Key: `autoping.warning`
- Default: `TRUE`

### Settings display (`src/ui/console.c`)

The autoping warning preference is shown in both `cons_notify_setting()`
and `cons_autoping_setting()` with consistent column alignment and a
`(/autoping warning)` reference in each line.

### Tests (`tests/functionaltests/test_autoping.c`)

Six functional tests cover all condition combinations:

| Test | Server ping | Autoping | Warning pref | Expected |
|---|---|---|---|---|
| `autoping_warning_shown_when_disabled` | yes | off | on | warning shown |
| `autoping_warning_not_shown_when_server_unsupported` | no | off | on | no warning |
| `autoping_warning_not_shown_when_autoping_enabled` | yes | on | on | no warning |
| `autoping_warning_not_shown_when_user_disabled` | yes | off | off | no warning |
| `autoping_warning_not_shown_for_user_jid` | yes (from user JID) | off | on | no warning |
| `autoping_warning_not_shown_for_subdomain_service` | yes (from subdomain) | off | on | no warning |

Co-authored-by: Jabber Developer2 <jabber.developer2@jabber.space>
2026-06-23 11:11:25 +00:00
830479cf20 fix: OTR/presence/OMEMO correctness, stanza-id disco gate, build hardening
All checks were successful
CI Code / Check spelling (push) Successful in 17s
CI Code / Check coding style (push) Successful in 32s
CI Code / Code Coverage (push) Successful in 3m45s
CI Code / Linux (debian) (push) Successful in 4m42s
CI Code / Linux (ubuntu) (push) Successful in 4m49s
CI Code / Linux (arch) (push) Successful in 6m25s
- OTR: strip the whitespace tag by shifting the full message tail incl. the NUL, not tag_length bytes, so the body is no longer duplicated for messages longer than the tag.
- presence: snapshot the resource fields before connection_add_available_resource() takes ownership, removing a use-after-free in the own-presence path.
- OMEMO: propagate _omemo_finalize_identity_load() failure on connect (log + cons_show_error + stop) instead of leaving OMEMO silently unavailable.
- OMEMO: guard NULL fingerprint decode in _omemo_fingerprint_decode / omemo_is_trusted_identity / omemo_trust and log every decode failure instead of failing silently.
- stanza-id: gate XEP-0359 dedup on disco urn:xmpp:sid:0 (the `by` JID or its domain), falling back to no-dedup when caps are unknown; add functional tests for trusted vs untrusted server.
- accounts: narrow the group-name sanitizer to the characters GKeyFile forbids in headers ([ ] \n \r), keeping `=` and `#`, so read/write stays symmetric.
- build: re-introduce compiler/sanitizer flags in a Pikaur-safe form (opt-in sanitizers, -Wsign-compare) and fix the resulting -Wsign-compare warnings (incl. proftest _mkdir_recursive).fix: OTR/presence/OMEMO correctness, stanza-id disco gate, build hardening

Author: jabber.developer2 <jabber.developer2@jabber.space>
2026-06-20 10:30:23 +00:00
72f4f186da merge: sync upstream profanity-im/profanity
All checks were successful
CI Code / Check spelling (push) Successful in 18s
CI Code / Check coding style (push) Successful in 34s
CI Code / Code Coverage (push) Successful in 2m36s
CI Code / Linux (debian) (push) Successful in 4m41s
CI Code / Linux (ubuntu) (push) Successful in 4m52s
CI Code / Linux (arch) (push) Successful in 5m40s
Sync with upstream profanity-im/profanity.

Major upstream changes incorporated:

Memory management
  - Replace malloc+memset with g_new0 throughout codebase
  - Adopt auto_gchar / auto_gcharv / auto_gerror / auto_jid cleanup macros
  - Replace free() with g_free() for GAlloc'd memory

Editor rewrite
  - Remove pthread-based async editor; use GChildWatch callback API
  - New launch_editor(initial_content, callback, user_data) interface
  - Proper signal handling (SIGINT, SIGTSTP, SIGPIPE reset in child)
  - ui_suspend()/ui_resume() integration for TTY management

OMEMO improvements
  - Dual backend support: libsignal-protocol-c and libomemo-c
  - Proper pre-key removal after use (XEP-0384 compliance)
  - Automatic pre-key regeneration when store drops below threshold
  - New functions: omemo_is_device_active(), omemo_is_jid_trusted()
  - omemo_get_jid_untrusted_fingerprints() for better error messages
  - Fingerprint notifications on new device identity discovery
  - Deterministic pre-key ID generation tracking max_pre_key_id
  - omemo_trust_changed() UI updates on trust state changes

JID validation
  - RFC 6122-compliant validation in jid_is_valid()
  - Character-level checks (RFC 6122 forbidden chars: & ' / : < > @)
  - Length limits: 1023 per component, 3071 total
  - New jid_is_valid_user_jid() for user vs. service JID distinction

Database
  - Schema migration v3: UNIQUE constraint on archive_id for deduplication
  - Triggers for corrected message tracking (replaces_db_id / replaced_by_db_id)
  - db_history_result_t return type, _truncate_datetime_suffix()

UI / console
  - win_warn_needed() / win_warn_sent() warning deduplication hash table
  - PAD_MIN_HEIGHT dynamic pad sizing with PAD_THRESHOLD auto-cleanup
  - Spellcheck integration in input field with Unicode word detection
  - cons_spellcheck_setting() for /settings ui output
  - /[command]? shortcut for command help

Account config
  - Account name sanitization for GKeyFile special chars ([ ] = # \n \r)
  - Replace popen() with g_spawn_sync() for eval_password
  - TLS policy: add "direct" option alongside legacy

Connection
  - Port validation with g_assert (0–65535)
  - SHA-256 certificate fingerprint support (XMPP_CERT_PUBKEY_FINGERPRINT_SHA256)
  - "direct" TLS policy alias for legacy SSL

Common utilities
  - str_xml_sanitize() for XML 1.0 illegal character removal
  - string_matches_one_of() with formatted error messages
  - valid_tls_policy_option() helper
  - prof_date_time_format_iso8601() utility
  - Improved strip_arg_quotes() with backslash unescaping
  - prof_occurrences() uses g_slist_prepend + reverse for performance

PGP / OX
  - Proper GPGME resource cleanup with goto-cleanup pattern
  - g_string_free(xmppuri) leak fix in _ox_key_lookup

CSV export
  - Use GString + g_file_set_contents instead of raw write() syscalls

Tests
  - Restructured into subdirectories: command/, config/, xmpp/, ui/, omemo/, otr/, pgp/
  - New test_cmd_ac.c for autocompleter unit tests
  - Updated stubs for new UI suspend/resume functions

License headers
  - Migrate to SPDX-3.0 identifiers (GPL-3.0-or-later WITH OpenSSL-exception)

────────────────────────────────────────────────────
cproof-specific preservations:

  - XEP-0308 LMC: replace_id ?: id logic in message/stanza/omemo
  - Force encryption: cmd_force_encryption, test_forced_encryption
  - CWE-134: format string protection (cons_show("%s", ...))
  - y_start_pos-based paging in window.c
  - db_history_result_t return type, _truncate_datetime_suffix()

Merge-time fixes:

  - common.c: format-security (-Werror) — cons_show(errmsg) → cons_show("%s", errmsg)
  - database.c: null-deref guard — !msg->timestamp → msg && !msg->timestamp
  - console.c: implicit size_t → int cast — (int)(maxlen + 1)
  - tlscerts.c: %d for size_t — %zu

Build system:
  - Kept autotools (Makefile.am, configure.ac); upstream uses Meson
  - Restored deleted files: bootstrap.sh, autogen.sh, ax_valgrind_check.m4, configure-debug
  - Updated Makefile.am test paths for subdirectory structure
  - Added test_cmd_ac, test_forced_encryption to test sources

Functional tests:
  - Use cproof version; upstream requires stbbr_for_xmlns from updated stabber
  - Not yet available in devs/stabber fork

Closes #64

Merge author: jabber.developer2
Commits authors:
 Michael Vetter <jubalh@iodoru.org>
& Steffen Jaeckel <s@jaeckel.eu>
2026-05-26 17:48:14 +00:00
2952466abd feat(history): consolidate logging controls and add dbbackend statusbar indicator
All checks were successful
CI Code / Check spelling (push) Successful in 18s
CI Code / Check coding style (push) Successful in 33s
CI Code / Code Coverage (push) Successful in 2m42s
CI Code / Linux (debian) (push) Successful in 4m40s
CI Code / Linux (ubuntu) (push) Successful in 4m53s
CI Code / Linux (arch) (push) Successful in 5m38s
Deprecate /logging command in favor of /history for chat logging control.
/history off now stops persistence (sets PREF_DBLOG=off + PREF_CHLOG=false)
in addition to hiding history on open. /history on restores persistence
(re-enabling PREF_DBLOG=on if it was off) and PREF_CHLOG.

statusbar
- PREF_STATUSBAR_SHOW_DBBACKEND (default ON) gates the [sqlite] /
  [flatfile] indicator; toggle via "/statusbar show|hide dbbackend"

/history off|on
- "/history off" now stops persistence as well as hiding history on
  open: sets PREF_DBLOG=off + PREF_CHLOG=false in addition to
  PREF_HISTORY=false
- "/history on" restores persistence (re-enabling PREF_DBLOG=on if
  it was off) and PREF_CHLOG, in addition to PREF_HISTORY=true

/logging
- Deprecated /logging command. It now prints a single notice
  pointing to /history; CMD_PREAMBLE trimmed (min_args=0, no
  setting_func, syntax/args/examples dropped); subcommand 'group'
  removed from autocomplete
- All "use '/logging chat on' to enable" hints replaced with
  "/history on" across /omemo-log, /pgp-log, /otr-log, and /ox-log

/privacy logging
- Single-pass validation across {on, off, redact, flatfile}
- Backend-switching values (on, flatfile) now take effect
  immediately when connected (via log_database_switch_backend),
  matching "/history switch" behaviour; off/redact only flip
  pref bits and keep the live backend open

/correction off
- win_print_outgoing and win_print_outgoing_with_receipt now gate
  _win_correct on PREF_CORRECTION_ALLOW, matching incoming-msg
  paths. Previously a peer's correction reflected via XEP-0280
  carbons (or the user's own /correct invocation) was applied
  in-buffer regardless of the pref

console
- Drop orphaned /logging chat reference from cons_privacy_setting()
- Delete cons_logging_setting() and remove its call from
  cons_show_log_prefs()

autocomplete
- Add dbbackend to statusbar_show_ac
- Remove logging_ac entries for chat/group subcommands
- Remove _logging_autocomplete() param handler for chat subcommand

database_flatfile
- Two local g_strndup allocations switched from char* with manual
  g_free to auto_gchar gchar* for automatic cleanup

tests
- Update test_cmd_otr.c to expect new /history-on warning messages

@author: jabber.developer2 <jabber.developer2@jabber.space>
2026-05-16 15:33:42 +00:00
9e5dfb14f8 feat(ai): add AI client with multi-provider chat support
All checks were successful
CI Code / Check spelling (push) Successful in 18s
CI Code / Check coding style (push) Successful in 29s
CI Code / Code Coverage (push) Successful in 2m44s
CI Code / Linux (debian) (push) Successful in 4m46s
CI Code / Linux (ubuntu) (push) Successful in 4m59s
CI Code / Linux (arch) (push) Successful in 5m56s
Add an AI client module that integrates with OpenAI-compatible API
providers (OpenAI, Perplexity, and custom endpoints) to provide
AI-assisted chat within CProof. Users can start sessions with /ai start,
send prompts, receive responses in a dedicated AI window, switch between
providers and models, and manage API keys — all with tab-completion.

Providers are configured via /ai set commands with per-provider API keys,
endpoints, default models, and custom settings. Two default providers
(openai, perplexity) are seeded on first use. Provider state persists in
[ai/<name>] sections of the preferences keyfile with automatic migration
from the previous flat-key format.

The /ai command integrates into the existing command system with 8
subcommands covering provider management, session lifecycle, model
fetching, and conversation clearing. Autocomplete uses the standard
flat prefix-matching chain for reliable tab-completion at every nesting
level. A new ProfAiWin window type is added to the window system.

Architecture:

Async design: HTTP requests run on a background thread (pthread) to avoid blocking the ncurses UI loop; results are displayed on the main thread via direct function calls
Thread safety: AIProvider and AISession use atomic ref-counting and mutex-protected session state; the request thread snapshots all session data before making the HTTP call
Window validation: wins_ai_exists() prevents use-after-free when the user closes the AI window during an in-flight HTTP request (~60s)
Privacy: store:false is sent with every request to prevent providers from persisting conversations or using them for training
Response size limit: 10MB cap with immediate curl abort via CURL_WRITEFUNC_ERROR to prevent OOM
JSON parsing uses unified helpers for both chat responses and error
envelopes with consistent escape decoding. The response parser tries
Perplexity /v1/responses "text" field first, then falls back to OpenAI
"content". Error parsing extracts provider error.message from the
standard envelope format. Model parsing handles multiple API response
formats (OpenAI list, Perplexity, array) including edge cases.

Tests include 470+ lines of unit tests covering provider management,
session lifecycle, JSON parsing (multiple formats), autocomplete cycling,
and error handling, plus functional tests for /ai command dispatch.
A stub_ai.c module isolates unit tests from UI dependencies.
2026-05-15 02:21:54 +00:00
3f36c303c2 feat(history): flat-file backend with bidirectional SQLite migration
All checks were successful
CI Code / Check spelling (push) Successful in 21s
CI Code / Check coding style (push) Successful in 31s
CI Code / Code Coverage (push) Successful in 2m21s
CI Code / Linux (ubuntu) (push) Successful in 4m30s
CI Code / Linux (debian) (push) Successful in 6m43s
CI Code / Linux (arch) (push) Successful in 10m8s
A flat-file alternative to the SQLite chatlog backend with runtime
switching, full migration tooling, integrity verification, and a
synthetic load harness. SQLite remains the default; both backends share
one dispatch layer (db_backend_t vtable) so callers don't change.

Storage layout
- Per-contact append-only `flatlog/<account>/<contact>/history.log`
  under XDG_DATA_HOME, one line per message
- Single-line file header with embedded format-version marker
  (FLATFILE_FORMAT_VERSION); reader warns on missing or mismatched
  marker, writer and checker stay in sync via preprocessor
  stringification
- Deterministic key=value metadata (`id`, `aid`, `corrects`, `to`,
  `to_res`, `read`) plus escaped body \u2014 `\|`, `\]`, `\\`, `\n`, `\r`
  literals prevent log injection
- Sparse byte-offset index (FF_INDEX_STEP=500) per contact for
  O(log n) time-range lookups; rebuilt on inode / size / mtime
  change, extended in-place when the file just grew
- Per-contact GHashTable caches for archive_id presence and
  stanza_id \u2192 from_jid mapping (O(1) MAM dedup, O(1) LMC sender
  validation)

Hardening
- Path-traversal protection: JID directory name normalisation
  (`@` \u2192 `_at_`, slashes and `..` rejected at construction); every
  per-contact path is anchored under the account's flatlog/
  directory and validated before open
- Symlink-attack protection: every fopen / open uses O_NOFOLLOW; on
  ELOOP the operation aborts with an error rather than following
- Filesystem permissions: log files created with mode 0600,
  directories with mode 0700; both enforced at creation, verified
  on each open and reported on drift by `/history verify`
- Atomic crash-safe export: write to a temp file via mkstemp (mode
  0600, random suffix, no name collisions between concurrent
  exports), fsync, then rename \u2014 partial state never replaces the
  live file
- Concurrency: advisory flock(LOCK_EX) held for the duration of
  every write, including append from live messages and full rewrite
  from export, so two profanity processes can't interleave bytes
  on the same log
- DoS / abuse guards:
    * FF_MAX_LINE_LEN = 10 MB \u2014 lines longer than this are rejected
      at read with a warning; the parser will not allocate
      unbounded memory for a single record
    * FF_MAX_LMC_DEPTH = 100 \u2014 `corrects:` chain walk stops at this
      depth and emits a warning, preventing a malicious correction
      cycle from spinning the apply pass
    * FF_VERSION_SCAN_MAX = 16 \u2014 header version probe never reads
      past 16 leading comment lines, even on garbage input
    * Empty / inverted byte-range early-return in page-up read path
      so a malformed time filter cannot cause an unbounded scan
    * Zero-entry index guard so a file whose every line failed to
      parse cannot cause a NULL deref on later page-up
- LMC sender validation: an incoming correction whose sender does
  not match the original message's sender is rejected at write
  time and surfaced via cons_show_error; a cycle in the apply pass
  is broken via a visited-set
- jid_create_from_bare_and_resource treats NULL, empty string, and
  the literal "(null)" as no resource and returns a bare jid;
  similar normalisation for barejid eliminates the legacy
  "user@host/(null)" artefact that leaked into stored fulljids
  whenever g_strdup_printf("%s", NULL) ran inside create_fulljid

Commands
- `/history switch sqlite|flatfile` \u2014 runtime backend swap, closes
  the old backend and opens the new one without reconnecting
- `/history export [<jid>]` \u2014 SQLite -> flat-file, merging with any
  existing flatlog (dedup keyed on a SHA-256 hash mixing stanza_id,
  timestamp, from_jid, body \u2014 robust against id reuse by older
  clients)
- `/history import [<jid>]` \u2014 flat-file -> SQLite, same merge
  semantics, runs inside a single SQLite transaction with rollback
  on per-contact failure
- `/history verify [<jid>]` \u2014 integrity check; emits a structured
  list of issues (ERROR / WARNING / INFO) per file:
    * file-level: missing log, wrong permissions (\u2260 0600), UTF-8
      BOM present, CRLF line endings, empty file
    * line-level: invalid UTF-8 (with byte offset), embedded
      control characters, unparsable lines, timestamps out of
      order, duplicate `id:` and `aid:` (tracked separately so a
      stanza/archive id collision isn't double-reported)
    * cross-line: broken `corrects:` references whose target id is
      not present in the file
- `/history backend` \u2014 show currently active backend
- Active backend indicator `[sqlite]` / `[flatfile]` in the status
  bar next to the JID
- Roster-JID autocomplete for verify / export / import
- export and import open a SQLite handle on demand when the
  flatfile backend is currently active, so migration works
  regardless of which backend is live

Tests
- Unit: database_export (parser round-trip, escape/unescape, dedup
  key stability, JID normalisation), database_stress (14 cases
  exercising rapid writes, large messages, deep LMC chains, MAM
  dedup, concurrent contacts)
- Functional: history persistence across reconnects, export /
  import round-trip with content equality, MUC migration,
  timestamp normalisation across timezones
- Bench harness P1\u2013P5 (synthetic load: bulk insert, time-range
  read, page-up scroll, MAM ingest, mixed workload) and failure
  modes F1\u2013F17 (page-up cursor and forward-iteration symmetry,
  oversized lines, MAM dedup, LMC depth and cycles, BOM/CRLF,
  missing log, empty file, mtime+inode flip, broken corrects, etc.)
- All bench tests integrate with the existing make targets and
  emit CSV rows for baseline comparison

Author: jabber.developer2 <jabber.developer2@jabber.space>
Reviewed-by: jabber.developer <jabber.developer@jabber.space>
2026-05-05 19:26:07 +00:00
9ec01fa8cc fix: CWE-134 format string audit and compiler hardening
All checks were successful
CI Code / Check spelling (push) Successful in 20s
CI Code / Check coding style (push) Successful in 36s
CI Code / Code Coverage (push) Successful in 5m38s
CI Code / Linux (ubuntu) (push) Successful in 7m1s
CI Code / Linux (debian) (push) Successful in 7m5s
CI Code / Linux (arch) (push) Successful in 7m19s
Security:
Fix CWE-134 in iq.c: user-controlled string passed as format argument
Add G_GNUC_PRINTF annotations to all variadic printf-like wrappers
in ui.h, log.h and http_common.h
Compiler flags (configure.ac):

Replace basic -Wformat/-Wformat-nonliteral with -Wformat=2
Add -Wextra, -Wnull-dereference, -Wpointer-arith,
-Wimplicit-function-declaration, -Wundef, -Wfloat-equal,
-Wredundant-decls, -Walloc-zero
Add -fstack-protector-strong, -fno-common, -D_FORTIFY_SOURCE=2
Add GCC-specific flags via AC_COMPILE_IFELSE: -Wlogical-op,
-Wduplicated-cond, -Wduplicated-branches, -Wstringop-overflow,
-Warray-bounds=2
Suppress noisy -Wextra sub-warnings: -Wno-unused-parameter,
-Wno-missing-field-initializers, -Wno-sign-compare,
-Wno-cast-function-type
Remove AM_CFLAGS/CFLAGS duplication
Bug fixes found by new warnings:

chatlog.c: non-MUCPM redact path passed resourcepart instead of NULL
rosterwin.c: merge duplicated if/else branches into single condition
omemo.c: redundant else-if in omemo_automatic_start; remove
unnecessary scope block and goto, use early return
console.c: pointer compared to integer 0 instead of NULL
stanza.c: increase pri_str/idle_str buffers from 10 to 12 bytes
(INT_MIN = -2147483648 needs 12 bytes including NUL)
vcard.c: NULL guard for filename before g_file_set_contents
api.c: broken log_warning() calls with extra format argument
Format mismatch fixes:

chatwin.c: Jid* → char* for %s
connection.c: %x → %lx for long flags
cmd_funcs.c: %d → %zu for size_t; cast gpointer to char* for %s
cmd_defs.c: %d → %u for g_list_length() return (guint)
iq.c: barejid → fulljid for from_jid
console.c, mucwin.c, privwin.c, account.c, omemo.c, presence.c:
gpointer → (char*) casts for %s
Const-correctness and cleanup:

database.c: const for type, query, sort variables
form.c/xmpp.h: const for form_set_value parameter
files.c: refactor to early return, eliminating NULL logfile path
muc.c/muc.h: remove meaningless top-level const on return type
common.c: const for URL string literal
Remove stale declarations: cons_show_desktop_prefs (ui.h),
connection_set_priority (connection.h),
omemo_devicelist_configure_and_request (omemo.h)
test_common.c: add currb NULL check to silence -Wnull-dereference
Tooling (check-cwe134.sh):

Reduce from 5 checks to 2 (checks 1-3 redundant with -Wformat=2)
Check 1: verify known wrappers have G_GNUC_PRINTF attribute
Check 2: auto-detect unannotated variadic printf-like functions
Match both const char* and const gchar* in variadic patterns

Author: jabber.developer2 <jabber.developer2@jabber.space>
2026-03-07 11:55:50 +01:00
442bfb6ce1 feat: Add /force-encryption command and update message handling
All checks were successful
CI / Check spelling (pull_request) Successful in 18s
CI / Check coding style (pull_request) Successful in 34s
CI / Linux (ubuntu) (pull_request) Successful in 14m5s
CI / Linux (debian) (pull_request) Successful in 14m5s
CI / Linux (arch) (pull_request) Successful in 14m53s
Implement /force-encryption command to configure forced encryption
settings with on|off and policy resend-to-confirm|block options.

The changes enhance user experience by clarifying encryption requirements
and providing actionable commands. Users can now press Enter again to
confirm unencrypted messages in resend-to-confirm mode.
2025-08-25 21:11:27 +02:00
d5d5dc5180 ref(theme): ensure clean reinitialization and explicitly initialize static vars
All checks were successful
CI / Check spelling (pull_request) Successful in 17s
CI / Check coding style (pull_request) Successful in 32s
CI / Linux (debian) (pull_request) Successful in 9m44s
CI / Linux (fedora) (pull_request) Successful in 10m40s
CI / Linux (ubuntu) (pull_request) Successful in 12m19s
CI / Linux (arch) (pull_request) Successful in 15m41s
Improves code robustness by calling _theme_close() in theme_init() when the
theme was already initialized, preventing potential memory leaks or
inconsistent state.

Closes #4
2025-06-24 16:22:48 +02:00
83c569de37 ref: Remove unnecessary variable bold_items
The variable was introduced in 976e5aa. First used to detect bold characters, it was later replaced by another solution in 850ac3c.
2025-06-24 15:24:09 +02:00
Steffen Jaeckel
1e764ab76d More const correctness
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-04-02 13:07:35 +02:00
Michael Vetter
07dfeec816 Release 0.15.0 2025-03-27 20:06:38 +01:00
Steffen Jaeckel
c5a131ee46 Introduce our own shutdown callback mechanism.
Instead of adding stuff to `_shutdown()`, we can now register a shutdown
routine from the respective `init()` function of our modules.

This also has the advantage, that we're sure they're called in reverse
order from how the initialization happened.

I didn't simply use `atexit()` because POSIX says that the number of
possible callbacks is limited (min 32) and I was not sure whether
we will maybe extend this number at one point.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-07 21:09:16 +01:00
Steffen Jaeckel
2696989ce5 Fix a bunch of obvious memory leaks at termination
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-01-28 16:43:13 +01:00
Michael Vetter
f147a5ca27 Change default download location
`/url save $someurl` will now download to
`~/.local/share/profanity/downloads/from_jid/date/filename` instead of
`~/.local/share/profanity/downloads`.

Like this the downloaded files should be better ordered.

This will only happen for MUC and 1:1 chat windows.
Private windows might have only a nick or jid. Lets not distinguish
between those two ways. And since the nick option is unreliable to be
the same person lets just put them in the general downloads folder.
As is done with downloads from all other windows as well.

I also had the idea to make this configurable but this suits my needs
and time limits right now.
2024-06-20 13:35:14 +02:00
Michael Vetter
569e37f018 Update copyright to 2024 2024-01-22 16:03:48 +01:00
Steffen Jaeckel
b4c088232e Improve const correctness
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-12 18:27:09 +01:00
John Hernandez
bd2821fafa Fix mem leak in conf_string_list_add
Introduced in 1cf7973245
Issue reported and fix proposed by @sjaeckel
2023-11-17 21:13:32 +01:00
John Hernandez
1cf7973245 Minor config/conflists.c refactoring
Refactor functions `conf_string_list_add`, `conf_string_list_remove`:
simplify the logic, improve readability and avoid unnecessary allocations.
2023-11-11 08:41:00 +01:00
John Hernandez
76aee1625c Fix double free crash
Double free was introduced earlier in a cleanup commit
865a056315

It was reported earlier by me and then by @jubalh https://github.com/profanity-im/profanity/issues/1901
2023-11-10 12:39:26 +01:00
John Hernandez
8e40ca1470 Add unicode support for correction char
Commit to allow unicode support in omemo/pgp/otr chars misses
adding support to set correction character.
1f8b1eb740

Further fixing commit also misses adding support to set the unicode character,
it only adds ability to display unicode correction character in the settings.
5cf6ee15cf6ee1bc6d0b99b01891bc455a657bf022a72b0
2023-11-03 09:21:00 +01:00
Michael Vetter
634cb586d9 Merge pull request #1892 from ike08/improvement/muc-title-behaviour
Improve MUC title behaviour for roster, statusbar, and titlebar
2023-10-09 09:47:03 +02:00
IsaacM88
23c6936398 Improve MUC title behaviour for roster, statusbar, and titlebar
## Abstract

Continuation of https://github.com/profanity-im/profanity/pull/1881

Give all MUC title commands a consistent command structure and appearance.

- `/roster room use name|jid` and `/roster room show|hide server` are now `/roster room title bookmark|jid|localpart|name`
- `/statusbar room room|jid` is now `/statusbar room title bookmark|jid|localpart|name`
- `/statusbar show|hide jid` and `/statusbar show|hide name` are now `/titlebar room title bookmark|jid|localpart|name`

Fix both bugs mentioned in https://github.com/profanity-im/profanity/pull/1881

### src/ui/mucwin.c:mucwin_generate_title

Called by each command to generate a properly formatted title. It checks for "name" first because "name" is the default preference for each command. The last if-statement sets the title to "localpart" for special cases when the title should be "localpart" instead of the user-defined preference.

## Testing

### Preparation

Remove preferences that will interfere with testing.

```
sed -i "/roster.rooms.title=/d" profrc
sed -i "/statusbar.room.title=/d" profrc
sed -i "/titlebar.muc.title=/d" profrc
sed -i "/roster.rooms.use.name=/d" profrc
sed -i "/roster.rooms.server=/d" profrc
sed -i "/statusbar.room=/d" profrc
sed -i "/titlebar.muc.title.jid=/d" profrc
sed -i "/titlebar.muc.title.name=/d" profrc
sed -i "/roster.rooms.by=/d" profrc
```

### Command Definitions

| Test | Window |
| :--- | :--- |
| `/help roster` | - /roster room title bookmark\|jid\|localpart\|name<br>- room title bookmark\|jid\|localpart\|name : Display the bookmark name, JID, JID localpart, or room name as the roster title for MUCs.<br>- *No /roster show\|hide server*<br>- *No /roster room use jid\|name* |
| `/help statusbar` | - /statusbar room title bookmark\|jid\|localpart\|name<br>- room title bookmark\|jid\|localpart\|name : Display the bookmark name, JID, JID localpart, or room name as the title for MUC tabs.<br>- *No /statusbar room jid\|room* |
| `/help titlebar` | - /titlebar room title bookmark\|jid\|localpart\|name<br>- room title bookmark\|jid\|localpart\|name : Display the bookmark name, JID, JID localpart, or room name as the MUC window title.<br>- *No /titlebar show\|hide jid\|name* |

### Autocomplete

| Test | Command line |
| :--- | :--- |
| `/roster room <TAB>` | Autocompletes `title` |
| `/roster room title <TAB>` | Autocompletes `bookmark\|jid\|localpart\|name` |
| `/statusbar room <TAB>` | Autocompletes `title` |
| `/statusbar room title <TAB>` | Autocompletes `bookmark\|jid\|localpart\|name` |
| `/titlebar room <TAB>` | Autocompletes `title` |
| `/titlebar room title <TAB>` | Autocompletes `bookmark\|jid\|localpart\|name` |
| `/roster room <TAB>` | Does not autocomplete `use`, `show`, or `hide` |
| `/roster room use <TAB>` | Does not autocomplete `name` |
| `/roster room show <TAB>` | Does not autocomplete `server` |
| `/roster room hide <TAB>` | Does not autocomplete `server` |
| `/statusbar room <TAB>` | Does not autocomplete `jid` or `room` |
| `/titlebar show <TAB>` | Does not autocomplete `jid` or `name` |
| `/titlebar hide <TAB>` | Does not autocomplete `jid` or `name` |

### Set Preferences

| Test | Window | profrc |
| :--- | :--- | :--- |
| `/roster room title bookmark` | Roster MUCs will display 'bookmark' as their title. | roster.rooms.title=bookmark |
| `/roster room title jid` | Roster MUCs will display 'jid' as their title. | roster.rooms.title=jid |
| `/roster room title localpart` | Roster MUCs will display 'localpart' as their title. | roster.rooms.title=localpart |
| `/roster room title name` | Roster MUCs will display 'name' as their title. | roster.rooms.title=name |
| `/roster room title invalid` | Invalid usage, see '/help roster' for details. | |
| `/statusbar room title bookmark` | Displaying 'bookmark' as the title for MUC tabs. | statusbar.room.title=bookmark |
| `/statusbar room title jid` | Displaying 'jid' as the title for MUC tabs. | statusbar.room.title=jid |
| `/statusbar room title localpart` | Displaying 'localpart' as the title for MUC tabs. | statusbar.room.title=localpart |
| `/statusbar room title name` | Displaying 'name' as the title for MUC tabs. | statusbar.room.title=name |
| `/statusbar room title invalid` | Invalid usage, see '/help statusbar' for details. |  |
| `/titlebar room title bookmark` | MUC windows will display 'bookmark' as the window title. | titlebar.muc.title=bookmark |
| `/titlebar room title jid` | MUC windows will display 'jid' as the window title. | titlebar.muc.title=jid |
| `/titlebar room title localpart` | MUC windows will display 'localpart' as the window title. | titlebar.muc.title=localpart |
| `/titlebar room title name` | MUC windows will display 'name' as the window title. | titlebar.muc.title=name |
| `/titlebar room title invalid` | Invalid usage, see '/help titlebar' for details. |  |
| `/roster room use jid` | Invalid usage, see '/help roster' for details. |  |
| `/roster room use name` | Invalid usage, see '/help roster' for details. |  |
| `/roster room show server` | Invalid usage, see '/help roster' for details. |  |
| `/roster room hide server` | Invalid usage, see '/help roster' for details. |  |
| `/statusbar room jid` | Invalid usage, see '/help statusbar' for details. |  |
| `/statusbar room room` | Invalid usage, see '/help statusbar' for details. |  |
| `/titlebar show jid` | Invalid usage, see '/help titlebar' for details. |  |
| `/titlebar hide jid` | Invalid usage, see '/help titlebar' for details. |  |
| `/titlebar show name` | Invalid usage, see '/help titlebar' for details. |  |
| `/titlebar hide name` | Invalid usage, see '/help titlebar' for details. |  |

### Display Set Preferences

| Test | Window |
| :--- | :--- |
| /prefs ui | - Roster rooms title (/roster) : name<br>- Room tab display (/statusbar) : name<br>- MUC window title (/titlebar) : name |

### Test MUC Window

#### Test: without *name* preference, without *room name* field

```
/join muc@dmn.im
/room config
/field1 ""
/form submit
/quit
```

| Test | Roster | Statusbar | Titlebar |
| :--- | :--- | :--- | :--- |
| `/join muc@dmn.im` | muc<span/>@dmn.im | muc<span/>@dmn.im | muc<span/>@dmn.im |
| `/room config` |  | muc<span/>@dmn.im conf | muc<span/>@dmn.im config |
| `/field2 edit` |  |  | muc<span/>@dmn.im config * |
| `/msg tst` | tst | muc<span/>@dmn.im/tst | muc<span/>@dmn.im/tst |
| `/roster room by service` | muc |  |  |

#### Test: with *name* preference, without *room name* field

```
/roster room title name
/statusbar room title name
/titlebar room title name
/save
/quit
```

| Test | Roster | Statusbar | Titlebar |
| :--- | :--- | :--- | :--- |
| `/join muc@dmn.im` | muc<span/>@dmn.im | muc<span/>@dmn.im | muc<span/>@dmn.im |
| `/room config` |  | muc<span/>@dmn.im conf | muc<span/>@dmn.im config |
| `/field2 edit` |  |  | muc<span/>@dmn.im config * |
| `/msg tst` | tst | muc<span/>@dmn.im/tst | muc<span/>@dmn.im/tst |
| `/roster room by service` | muc |  |  |

#### Test: without *name* preference, with *room name* field

```
sed -i "/roster.rooms.title=/d" profrc
sed -i "/statusbar.room.title=/d" profrc
sed -i "/titlebar.muc.title=/d" profrc
/join muc@dmn.im
/room config
/field1 "my_room"
/form submit
/quit
```

| Test | Roster | Statusbar | Titlebar |
| :--- | :--- | :--- | :--- |
| `/join muc@dmn.im` | my_room | my_room | my_room |
| `/room config` |  | my_room conf | my_room config |
| `/field2 edit` |  |  | my_room config * |
| `/msg tst` | tst | my_room/tst | my_room/tst |
| `/roster room by service` | my_room |  |  |

#### Test: with *name* preference, with *room name* field

```
/quit
/roster room title name
/statusbar room title name
/titlebar room title name
/save
/quit
```

| Test | Roster | Statusbar | Titlebar |
| :--- | :--- | :--- | :--- |
| `/join muc@dmn.im` | my_room | my_room | my_room |
| `/room config` |  | my_room conf | my_room config |
| `/field2 edit` |  |  | my_room config * |
| `/msg tst` | tst | my_room/tst | my_room/tst |
| `/roster room by service` | my_room |  |  |

#### Test: with *localpart* preference

```
/quit
/roster room title localpart
/statusbar room title localpart
/titlebar room title localpart
/save
/quit
```

| Test | Roster | Statusbar | Titlebar |
| :--- | :--- | :--- | :--- |
| `/join muc@dmn.im` | muc | muc | muc |
| `/room config` |  | muc conf | muc config |
| `/field2 edit` |  |  | muc config * |
| `/msg tst` | tst | muc/tst | muc/tst |
| `/roster room by service` | muc |  |  |

#### Test: with *bookmark* preference, without *bookmark name*

```
/quit
/roster room title bookmark
/statusbar room title bookmark
/titlebar room title bookmark
/save
/quit
/bookmark add muc@dmn.im
```

| Test | Roster | Statusbar | Titlebar |
| :--- | :--- | :--- | :--- |
| `/bookmark join muc@dmn.im` | muc<span/>@dmn.im | muc<span/>@dmn.im | muc<span/>@dmn.im |
| `/room config` |  | muc<span/>@dmn.im conf | muc<span/>@dmn.im config |
| `/field2 edit` |  |  | muc<span/>@dmn.im config * |
| `/msg tst` | tst | muc<span/>@dmn.im/tst | muc<span/>@dmn.im/tst |
| `/roster room by service` | muc |  |  |

#### Test: with *bookmark* preference, with *bookmark name*

```
/quit
/bookmark remove muc@dmn.im
/bookmark add muc@dmn.im name "my_bookmark"
```

| Test | Roster | Statusbar | Titlebar |
| :--- | :--- | :--- | :--- |
| `/bookmark join muc@dmn.im` | my_bookmark | my_bookmark | my_bookmark |
| `/room config` |  | my_bookmark conf | my_bookmark config |
| `/field2 edit` |  |  | my_bookmark config * |
| `/msg tst` | tst | my_bookmark/tst | my_bookmark/tst |
| `/roster room by service` | my_bookmark |  |  |

#### Test: with *jid* preference

```
/quit
/roster room title jid
/statusbar room title jid
/titlebar room title jid
/save
/quit
```

| Test | Roster | Statusbar | Titlebar |
| :--- | :--- | :--- | :--- |
| `/join muc@dmn.im` | muc<span/>@dmn.im | muc<span/>@dmn.im | muc<span/>@dmn.im |
| `/room config` |  | muc<span/>@dmn.im conf | muc<span/>@dmn.im config |
| `/field2 edit` |  |  | muc<span/>@dmn.im config * |
| `/msg tst` | tst | muc<span/>@dmn.im/tst | muc<span/>@dmn.im/tst |
| `/roster room by service` | muc |  |  |

### Test Contact Chat Window Title

#### Test: without contact nick

```
/roster add tst@dmn.im
```

| Test | Titlebar |
| :--- | :--- |
| `/msg tst@dmn.im` | tst<span/>@dmn.im |

#### Test: with contact nick

```
/roster add tst@dmn.im my_tst
```

| Test | Titlebar |
| :--- | :--- |
| `/msg my_tst` | my_tst <tst<span/>@ike.snikket.chat> |

### Test Preference Upgrade

#### Test /roster

| Test | profrc |
| :--- | :--- |
| `sed -i '/\[ui\]/a\roster.rooms.use.name=name' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\roster.rooms.use.name=' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\roster.rooms.server=' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\roster.rooms.use.name=jid' profrc` | Original key removed.<br>roster.rooms.title=jid |
| `sed -i '/\[ui\]/a\roster.rooms.use.name=jid' profrc`<br>`sed -i '/\[ui\]/a\roster.rooms.server=false' profrc` | Original keys removed.<br>roster.rooms.title=localpart |
| `sed -i '/\[ui\]/a\roster.rooms.use.name=jid' profrc`<br>`sed -i '/\[ui\]/a\roster.rooms.server=true' profrc` | Original keys removed.<br>roster.rooms.title=jid |
| `sed -i '/\[ui\]/a\roster.rooms.use.name=jid' profrc`<br>`sed -i '/\[ui\]/a\roster.rooms.server=' profrc` | Original keys removed.<br>roster.rooms.title=jid |
| `sed -i '/\[ui\]/a\statusbar.room=' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\statusbar.room=room' profrc` | Original key removed.<br>statusbar.room.title=localpart |
| `sed -i '/\[ui\]/a\statusbar.room=jid' profrc` | Original key removed.<br>statusbar.room.title=jid |
| `sed -i '/\[ui\]/a\titlebar.muc.title.jid=' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\titlebar.muc.title.name=' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\titlebar.muc.title.jid=true' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\titlebar.muc.title.name=true' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\titlebar.muc.title.jid=false' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\titlebar.muc.title.name=false' profrc` | Original key removed. |
| `sed -i '/\[ui\]/a\titlebar.muc.title.jid=true' profrc`<br>`sed -i '/\[ui\]/a\titlebar.muc.title.name=false' profrc` | Original key removed.<br>titlebar.muc.title=jid |
| `sed -i '/\[ui\]/a\titlebar.muc.title.jid=false' profrc`<br>`sed -i '/\[ui\]/a\titlebar.muc.title.name=true' profrc` | Original keys removed. |
| `sed -i '/\[ui\]/a\titlebar.muc.title.jid=true' profrc`<br>`sed -i '/\[ui\]/a\titlebar.muc.title.name=true' profrc` | Original keys removed. |

### Test Valgrind

No memory leaks detected relating to these changes.
2023-10-05 18:16:04 -06:00
Steffen Jaeckel
2b29d1baf3 Fix some glib nullptr-check warning messages
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-10-04 17:02:10 +02:00
Steffen Jaeckel
ca2df180d8 Introduce a shared implementation for keyfile loading
Instead of copy&pasting the same code over again, use a common
implementation.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-09-04 09:59:09 +02:00
Steffen Jaeckel
e8348b8d17 Update preferences.h
* fix const correctness of `prefs_load()`
* remove some API's that don't exist anymore

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-08-31 23:14:02 +02:00
Steffen Jaeckel
5657aac33d Fix some more char* -> gchar*.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-08-31 23:14:02 +02:00
Michael Vetter
e853c121d9 Fix my email address
in all files
2023-07-31 16:51:58 +02:00
John Hernandez
09f217d667 Improve documentation 2023-07-13 21:22:42 +02:00
John Hernandez
865a056315 Cleanup g_strfreev() to auto_gcharv
Include some additional minor cleanups
2023-07-13 17:05:07 +02:00
John Hernandez
029f1caa52 Cleanup jid_destroy to auto_jid
Remove unused variables
Apply minor cleanups
2023-07-13 17:05:07 +02:00
John Hernandez
8304ac86ff g_free() to auto_gfree, introduce auto_guchar
Fix 11 potential mem leaks in theme.c
2023-07-13 17:04:59 +02:00
John Hernandez
3a4cd7da48 Cleanup and mem leak fix
Improve usage of `gchar` and `char` by setting them correctly
Increase usage of `auto_gchar` and `auto_char`
Fix 2 mem leaks (rosterwin.c, avatar.c)
2023-07-12 17:43:33 +02:00
John Hernandez
00bea804e2 Improve documentation two functions
Namely `cmd_process_input()` and `files_get_data_path()`.

Edited by @jubalh.
2023-07-11 13:26:37 +02:00
John Hernandez
e1d137f4e6 Change char->free to auto_char char for autocleanup
Replace `gchar` and `g_free` to `auto_gchar`
Correct certain  `char` functions/variables to `gchar`

Related to #1819.

Edited by @jubalh.
2023-07-11 13:26:37 +02:00
John Hernandez
4a70f5f513 Cleanup char* to auto_gchar gchar* for prefs_get_string
Necessity explained in #1819
2023-07-03 16:06:27 +02:00
John Hernandez
1c102fec27 Add /privacy logging command
Add ability to completely turn logs off,
Needed since `/logging` and `/history` didn't stop history logging
in the DB, only in files.
Command might break something on usage,
hence it was primarily introduced for privacy geeks.
Privacy command discussion #1836
2023-07-03 16:06:24 +02:00
John Hernandez
36784738fc Add optional pgp public key autoimport
Refactor `p_gpg_list_keys`
Add `/pgp autoimport` command,
it's not described in XEP-0027, but used in some clients,
such as PSI, Pidgin. It will autoimport keys received with
`/pgp sendpub`, in plain text as a message, or using features,
provided in other clients. It doesn't autoassign them, but shows
command to assign, letting user to decide.
Improve documentation for some preexisting functions
Add contact argument to `/pgp sendpub`
2023-07-02 14:25:55 +02:00
Michael Vetter
ea35a4ceb0 Merge branch 'master' into cleanup/gchar-char 2023-05-11 08:45:46 +02:00
Michael Vetter
8075b32ebc Align avatar behaviour with urlopen
`/executable avatar` now also uses cmdtemplate and parse %p.
It seems to me that the `/avatar` command was actually completely broken
on master.
2023-05-10 09:34:48 +02:00
John Hernandez
7f3fca2bd0 Cleanup: gchar as gchar instead of char
Use gchar instead of char in most of the cases where gchar is intended.

Reason: improve compatibility and stability. Issue #1819

Minor refactoring.
2023-05-04 16:15:09 +02:00
Michael Vetter
4933d4e4f3 Merge pull request #1827 from H3rnand3zzz/feature/sessions-alarm
New Feature: Session Alarm
2023-04-18 14:43:01 +02:00
John Hernandez
07cc19ce10 Add sessions_alarm
Introduce new feature: sessions_alarm.

Added new account setting: max_connections. On exceeding this number,
user will get an alert. If number is less than 1, no alert will happen.

Tests altered to fit new feature.
2023-04-18 14:28:20 +02:00
Michael Vetter
d17bcf619c Format code with clang-format 16 2023-04-14 21:45:21 +02:00
Michael Vetter
e52ca2fbaa Merge pull request #1815 from H3rnand3zzz/feature/the-client-switcher
Feature: Allow setting client identification name/version manually
2023-04-09 18:24:23 +02:00
John Hernandez
5d3c8ce7c1 Allow setting client identification name/version manually
Add changes allowing user to switch client name and version.

Useful for enhancing user privacy.

Minor cleanup.
2023-04-09 14:17:01 +02:00
Steffen Jaeckel
0cf79848e9 add /statusbar tabmode actlist
The existing way how active tabs are displayed didn't allow showing more
than 10 tabs. This patch adds a mode where the statusbar shows a
comma-separated list of tabs which were active since the last time viewed.
This view is inspired by how `irssi` shows the active tabs, therefore
it is also called `actlist`.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-04-08 18:38:36 +02:00
Steffen Jaeckel
302d0dd576 let account_new() take ownership of passed values
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-01-18 20:02:46 +01:00