Compare commits

..

1 Commits

Author SHA1 Message Date
4daaa38363 fix(xmpp): obfuscate client identity in protocol exchanges
All checks were successful
CI Code / Check spelling (pull_request) Successful in 13s
CI Code / Check coding style (pull_request) Successful in 24s
CI Code / Code Coverage (pull_request) Successful in 3m13s
CI Code / Linux (debian) (pull_request) Successful in 5m13s
CI Code / Linux (arch) (pull_request) Successful in 7m33s
CI Code / Linux (ubuntu) (pull_request) Successful in 8m38s
Modify version responses to return a generic client name and omit
version strings. Drop the "profanity." prefix from dynamically
generated JID resources. Clear the XEP-0115 capabilities node URI to
prevent service discovery fingerprinting. These adjustments reduce the
client's attack surface by minimizing identifiable metadata.
2026-07-09 20:47:22 +00:00

View File

@@ -280,9 +280,13 @@ jid_fulljid_or_barejid(Jid* jid)
gchar* gchar*
jid_random_resource(void) jid_random_resource(void)
{ {
auto_gchar gchar* rand = get_random_string(5); gchar* rand = g_malloc0(29);
const gchar* digits = "0123456789";
gchar* result = g_strdup_printf("%s", rand); for (int i = 0; i < 28; i++) {
rand[i] = digits[g_random_int_range(0, 10)];
}
rand[28] = '\0';
return result; return rand;
} }