WIP: feat/upstream-sync #104

Closed
jabber.developer2 wants to merge 54 commits from feat/upstream-sync into master
Collaborator

Merge Profanity's latest upstream updates into CProof

Closes #64

Summary

Cherry-picked 52 upstream commits from profanity-im/profanity into cproof, covering bug fixes, security improvements, performance optimizations, and new features. The fork point is commit 5385cc28 (April 22, 2025). One additional integration commit was added to resolve compilation issues caused by dependencies between cherry-picked patches.

Stats: 60 files changed, +1345 / -643 lines
Tests: 438 unit tests PASSED, functional tests PASSED (verified in Docker)


What was merged (52 upstream commits)

Memory safety fixes (13 commits)

  • ff65db0b fix: potential segfault in log_database_get_limits_info
  • 0218ba26 fix: memory leak and crash when id is NULL in iq_id_handler_add
  • 1d508d59 fix: memory leaks when OMEMO keys not generated yet
  • fa1c4ddd fix: invalid free after /omemo gen
  • 7f5ae430 fix: memleaks in tlscerts and console
  • 2406413e fix: NULL deref and memleaks in OX logic
  • 16080ab9 fix: potential null pointer deref in cmd_ac_complete
  • 156b78ad fix: file handle leak in cmd_sendfile on OMEMO error
  • 3d2a82ad fix: NULL deref in cmd_omemo_trust/untrust
  • 2d7426fb fix: rare memleak in roster_list
  • 1ec536d3 fix: api_get_current_occupants() memory problems
  • 286e563f fix: redundant error reporting in http download
  • f74501e9 cleanup: add a defensive check in cmd_process_input()

OMEMO improvements (7 commits)

  • 79ff9bad fix: OMEMO startup initialization
  • bc13a726 fix: Floating Point Exception in OMEMO session building
  • 01c781fc fix: don't publish OMEMO keys if server doesn't support pubsub
  • 62458557 fix: reduce OMEMO trust check frequency + trust indicators in titlebar
  • 25d2cb01 fix: check for necessary pointers in omemo_receive_message
  • cbe6dac4 perf: flush OMEMO store only after encrypting for all recipients
  • d9a8c579 perf: optimize random data generation

Security & certificates (3 commits)

  • 4dcaa839 Prepare to use SHA256 fingerprints of certs
  • 0acea8d0 Retrieve and save new fingerprints from libstrophe
  • a07cff8a Use the stronger certificate fingerprint

Protocol & XMPP (6 commits)

  • 189050f3 feat: sanitize illegal XML characters from outgoing messages
  • 421bb2e2 feat: only request receipts when supported
  • 4c731f52 fix: allow adding own JID to roster
  • 9fb45b54 fix: ignore self-presence for untracked MUC rooms
  • 93918a20 feat: display incoming reports (XEP-0377)
  • 446f28ac fix: use <body> tag for spam reporting (XEP-0377)

Signal handling & stability (3 commits)

  • 7c83c260 fix: exit gracefully on SIGTERM and SIGHUP
  • 613df864 fix: check connection state before accepting command
  • cff26a97 fix: OTR whitespace tag detection to prevent false positives

UI improvements (4 commits)

  • 3e16ae1d feat: implement dynamic pad resizing
  • b0a89530 fix: custom outgoing stamp and stamp command help
  • 9035af95 feat: add command autocompletion for /stamp
  • 038f345a minor theme improvements

Config & accounts (5 commits)

  • f19acc21 fix: reconnect when no account has been set up yet
  • c61c72f2 when renaming an account, copy all existing keys
  • 7c04b17a simplify accounts_get_account()
  • 81f92f1f fix: overwriting new accounts when running multiple instances
  • a9ef0003 fix: improve status reporting and filename handling for /url save

New features (4 commits)

  • 24c3b5d5 feat: add new command /changes
  • 309c0a64 fix: define prefs_changes_print outside of prefs_changes
  • 030c0b79 docs: improve help for /blocked
  • 29129bf8 return error on /time <invalid-section>

Code quality (7 commits)

  • 1aeb19ac print PID in debug logs
  • 4b610579 fix Git version strings for out-of-tree builds
  • b6a70aa4 cleanup: fix cast function type warnings in pgp.c
  • 12a181b5 cleanup: wrap release handler in iq.c
  • a704887f add types to function prototypes
  • 62fd40c5 use gboolean consistently
  • b0221f61 simplify conf_string_list_{add,remove}() implementations

What was NOT merged (239 remaining upstream commits)

1. CI / Build infrastructure / Docs / Tests / Refactoring (168 commits)

Not applicable — cproof uses autotools while upstream has migrated to meson. These commits modify CI pipelines, meson build files, GitHub templates, documentation, test refactoring (mass renames), and general code style changes that don't affect functionality.

2. Meson build system (9 commits)

Upstream has migrated from autotools to meson. cproof retains autotools as its build system, so these are not applicable:

  • fbfa1f13 Add meson build system
  • bc777c56 feat: Remove autotools and adapt docu and scripts
  • 27b5f0fb build(meson): add support for libomemo-c as OMEMO backend
  • and 6 related meson CI/build commits

3. OMEMO refactoring series (14 commits)

A large series of OMEMO improvements that depend on each other and conflict heavily with cproof's OMEMO code. These introduce new UX features (device/fingerprint notifications, detailed error messages, session feedback) but require significant adaptation:

  • ded2f6af feat: Add OMEMO trust status indicators to the titlebar
  • ce9b5140 feat: Notify users when new OMEMO devices or fingerprints are discovered
  • 99c03f8c feat: Provide detailed encryption failure messages for OMEMO
  • 5a3083f2 feat: Show active and trust status in /omemo fingerprint
  • b20e3f1a feat: Improve feedback during OMEMO session initiation
  • 4d49c2b7 feat: Provide descriptive fallback messages for OMEMO decryption failures
  • 321ff571 feat: Suppress repetitive missing device ID warnings
  • 4253da99 feat: Suppress redundant "session already exists" messages
  • b7c8f823 feat: Suppress "new device" alerts for already known devices
  • e4bfda2f fix: Incorrect OMEMO decryption error for Key Transport Messages
  • 9a501e6e fix(omemo): add missing includes for libomemo-c builds
  • 68085f01 fix(omemo): standardize PreKey management to prevent decryption failures
  • 45dc50ec fix: initialize OMEMO pointers and add NULL checks
  • 65ca3c44 fix: handle potential NULL from malloc in OMEMO fingerprint decoding

4. JID validation series (5 commits)

A connected series of JID validation improvements that cascade through multiple files. Conflicts with existing cproof JID handling:

  • 09757da5 feat: Improve validation of JIDs
  • 5bcf859e feat: Add jid_is_valid_user_jid() to check for valid user JIDs
  • d6705362 fix: Only allow /msg with valid JIDs
  • 35a2f299 fix: Correct handling of create_fulljid without resource
  • f251cc8b feat: Handle and allow JIDs with trailing slashes

5. Spellcheck feature (2 commits)

Depends on meson build system changes for aspell/hunspell integration:

  • 492236636 feat: add spellcheck highlighting support
  • ed2fdf88 feat: Add /spellcheck list command

6. GError / GString / API type refactoring (5 commits)

Mass refactoring across many files. Conflicts with divergent cproof code:

  • 48ac88de Fix GError handling
  • 2fb56b85 Fix some more untyped APIs
  • f7cddd11 Improve const correctness
  • 4194298d Less GString
  • 4eaa291f Re-factor cmd_presence()

7. Account & misc fixes (8 commits)

Individual fixes with conflicts in divergent files:

  • 5c484c26 fix: Fix not saving first created account
  • bfc9eb25 fix: Sanitize account names
  • 0830d829 Minor fixes of accounts
  • 40963c70 fix: database return NULL if no history limits are found
  • 224087995 Fix potential double free
  • 349de02b Introduce prof_date_time_format_iso8601()
  • f55f7611 The buffer API should use unsigned types
  • 1d943169 fix: missing plugins_post_chat_message_display calls

8. Other individual fixes & improvements (28 commits)

Remaining commits that conflicted individually or have low priority. Notable ones:

  • 63af7277 feat: Implement color coded status messages for file transfers
  • 82db360f feat: Improve XEP-0377 support with report-origin and third-party elements
  • e9c6b3b3 feat: support UTF-8 characters in autocompletion
  • e15f6592 fix: Fix NULL dereference and memory leak in _mam_rsm_id_handler
  • d8a7b234 fix: segfault when using /command help
  • 8dbd1e32 fix: Fix file autocompletion bugs and restore cycling
  • 11bc6ea2 fix: Fix usage error in /time command
  • 99e7057a fix: Increase max arguments for /connect to 9
  • c24cdcd6 fix: Fix -Wanalyzer-deref-before-check warning in cmd_ac_complete
  • 434a8878 Fix -Wanalyzer-deref-before-check warning in get_message_from_editor
  • 606eaac3 Fix GPGME >= 2.0.0 compatibility issue #2048
  • 9f2abc75 Fix tests with gcc15 (uintptr_t)
  • 7f48452d Don't use memchr() on strings potentially shorter than 4 bytes
  • 5810f49c url save: fix location printed
  • 5696bf77 Fix typo in examples
  • and others

The OMEMO refactoring series (14 commits) and JID validation series (5 commits) are the most valuable unmerged changes. They should be ported in dedicated PRs with manual adaptation rather than cherry-picking, as they require coordinated changes across multiple files that have diverged from upstream.

## Merge Profanity's latest upstream updates into CProof Closes #64 ### Summary Cherry-picked **52 upstream commits** from [profanity-im/profanity](https://github.com/profanity-im/profanity) into cproof, covering bug fixes, security improvements, performance optimizations, and new features. The fork point is commit `5385cc28` (April 22, 2025). One additional integration commit was added to resolve compilation issues caused by dependencies between cherry-picked patches. **Stats:** 60 files changed, +1345 / -643 lines **Tests:** 438 unit tests PASSED, functional tests PASSED (verified in Docker) --- ### What was merged (52 upstream commits) #### Memory safety fixes (13 commits) - `ff65db0b` fix: potential segfault in `log_database_get_limits_info` - `0218ba26` fix: memory leak and crash when id is NULL in `iq_id_handler_add` - `1d508d59` fix: memory leaks when OMEMO keys not generated yet - `fa1c4ddd` fix: invalid free after `/omemo gen` - `7f5ae430` fix: memleaks in tlscerts and console - `2406413e` fix: NULL deref and memleaks in OX logic - `16080ab9` fix: potential null pointer deref in `cmd_ac_complete` - `156b78ad` fix: file handle leak in `cmd_sendfile` on OMEMO error - `3d2a82ad` fix: NULL deref in `cmd_omemo_trust`/`untrust` - `2d7426fb` fix: rare memleak in `roster_list` - `1ec536d3` fix: `api_get_current_occupants()` memory problems - `286e563f` fix: redundant error reporting in http download - `f74501e9` cleanup: add a defensive check in `cmd_process_input()` #### OMEMO improvements (7 commits) - `79ff9bad` fix: OMEMO startup initialization - `bc13a726` fix: Floating Point Exception in OMEMO session building - `01c781fc` fix: don't publish OMEMO keys if server doesn't support pubsub - `62458557` fix: reduce OMEMO trust check frequency + trust indicators in titlebar - `25d2cb01` fix: check for necessary pointers in `omemo_receive_message` - `cbe6dac4` perf: flush OMEMO store only after encrypting for all recipients - `d9a8c579` perf: optimize random data generation #### Security & certificates (3 commits) - `4dcaa839` Prepare to use SHA256 fingerprints of certs - `0acea8d0` Retrieve and save new fingerprints from libstrophe - `a07cff8a` Use the stronger certificate fingerprint #### Protocol & XMPP (6 commits) - `189050f3` feat: sanitize illegal XML characters from outgoing messages - `421bb2e2` feat: only request receipts when supported - `4c731f52` fix: allow adding own JID to roster - `9fb45b54` fix: ignore self-presence for untracked MUC rooms - `93918a20` feat: display incoming reports (XEP-0377) - `446f28ac` fix: use `<body>` tag for spam reporting (XEP-0377) #### Signal handling & stability (3 commits) - `7c83c260` fix: exit gracefully on SIGTERM and SIGHUP - `613df864` fix: check connection state before accepting command - `cff26a97` fix: OTR whitespace tag detection to prevent false positives #### UI improvements (4 commits) - `3e16ae1d` feat: implement dynamic pad resizing - `b0a89530` fix: custom outgoing stamp and stamp command help - `9035af95` feat: add command autocompletion for `/stamp` - `038f345a` minor theme improvements #### Config & accounts (5 commits) - `f19acc21` fix: reconnect when no account has been set up yet - `c61c72f2` when renaming an account, copy all existing keys - `7c04b17a` simplify `accounts_get_account()` - `81f92f1f` fix: overwriting new accounts when running multiple instances - `a9ef0003` fix: improve status reporting and filename handling for `/url save` #### New features (4 commits) - `24c3b5d5` feat: add new command `/changes` - `309c0a64` fix: define `prefs_changes_print` outside of `prefs_changes` - `030c0b79` docs: improve help for `/blocked` - `29129bf8` return error on `/time <invalid-section>` #### Code quality (7 commits) - `1aeb19ac` print PID in debug logs - `4b610579` fix Git version strings for out-of-tree builds - `b6a70aa4` cleanup: fix cast function type warnings in `pgp.c` - `12a181b5` cleanup: wrap release handler in `iq.c` - `a704887f` add types to function prototypes - `62fd40c5` use `gboolean` consistently - `b0221f61` simplify `conf_string_list_{add,remove}()` implementations --- ### What was NOT merged (239 remaining upstream commits) #### 1. CI / Build infrastructure / Docs / Tests / Refactoring (168 commits) Not applicable — cproof uses autotools while upstream has migrated to meson. These commits modify CI pipelines, meson build files, GitHub templates, documentation, test refactoring (mass renames), and general code style changes that don't affect functionality. #### 2. Meson build system (9 commits) Upstream has migrated from autotools to meson. cproof retains autotools as its build system, so these are not applicable: - `fbfa1f13` Add meson build system - `bc777c56` feat: Remove autotools and adapt docu and scripts - `27b5f0fb` build(meson): add support for libomemo-c as OMEMO backend - and 6 related meson CI/build commits #### 3. OMEMO refactoring series (14 commits) A large series of OMEMO improvements that depend on each other and conflict heavily with cproof's OMEMO code. These introduce new UX features (device/fingerprint notifications, detailed error messages, session feedback) but require significant adaptation: - `ded2f6af` feat: Add OMEMO trust status indicators to the titlebar - `ce9b5140` feat: Notify users when new OMEMO devices or fingerprints are discovered - `99c03f8c` feat: Provide detailed encryption failure messages for OMEMO - `5a3083f2` feat: Show active and trust status in `/omemo fingerprint` - `b20e3f1a` feat: Improve feedback during OMEMO session initiation - `4d49c2b7` feat: Provide descriptive fallback messages for OMEMO decryption failures - `321ff571` feat: Suppress repetitive missing device ID warnings - `4253da99` feat: Suppress redundant "session already exists" messages - `b7c8f823` feat: Suppress "new device" alerts for already known devices - `e4bfda2f` fix: Incorrect OMEMO decryption error for Key Transport Messages - `9a501e6e` fix(omemo): add missing includes for libomemo-c builds - `68085f01` fix(omemo): standardize PreKey management to prevent decryption failures - `45dc50ec` fix: initialize OMEMO pointers and add NULL checks - `65ca3c44` fix: handle potential NULL from malloc in OMEMO fingerprint decoding #### 4. JID validation series (5 commits) A connected series of JID validation improvements that cascade through multiple files. Conflicts with existing cproof JID handling: - `09757da5` feat: Improve validation of JIDs - `5bcf859e` feat: Add `jid_is_valid_user_jid()` to check for valid user JIDs - `d6705362` fix: Only allow `/msg` with valid JIDs - `35a2f299` fix: Correct handling of `create_fulljid` without resource - `f251cc8b` feat: Handle and allow JIDs with trailing slashes #### 5. Spellcheck feature (2 commits) Depends on meson build system changes for aspell/hunspell integration: - `492236636` feat: add spellcheck highlighting support - `ed2fdf88` feat: Add `/spellcheck list` command #### 6. GError / GString / API type refactoring (5 commits) Mass refactoring across many files. Conflicts with divergent cproof code: - `48ac88de` Fix GError handling - `2fb56b85` Fix some more untyped APIs - `f7cddd11` Improve const correctness - `4194298d` Less GString - `4eaa291f` Re-factor `cmd_presence()` #### 7. Account & misc fixes (8 commits) Individual fixes with conflicts in divergent files: - `5c484c26` fix: Fix not saving first created account - `bfc9eb25` fix: Sanitize account names - `0830d829` Minor fixes of accounts - `40963c70` fix: database return NULL if no history limits are found - `224087995` Fix potential double free - `349de02b` Introduce `prof_date_time_format_iso8601()` - `f55f7611` The buffer API should use unsigned types - `1d943169` fix: missing `plugins_post_chat_message_display` calls #### 8. Other individual fixes & improvements (28 commits) Remaining commits that conflicted individually or have low priority. Notable ones: - `63af7277` feat: Implement color coded status messages for file transfers - `82db360f` feat: Improve XEP-0377 support with report-origin and third-party elements - `e9c6b3b3` feat: support UTF-8 characters in autocompletion - `e15f6592` fix: Fix NULL dereference and memory leak in `_mam_rsm_id_handler` - `d8a7b234` fix: segfault when using `/command help` - `8dbd1e32` fix: Fix file autocompletion bugs and restore cycling - `11bc6ea2` fix: Fix usage error in `/time` command - `99e7057a` fix: Increase max arguments for `/connect` to 9 - `c24cdcd6` fix: Fix `-Wanalyzer-deref-before-check` warning in `cmd_ac_complete` - `434a8878` Fix `-Wanalyzer-deref-before-check` warning in `get_message_from_editor` - `606eaac3` Fix GPGME >= 2.0.0 compatibility issue #2048 - `9f2abc75` Fix tests with gcc15 (`uintptr_t`) - `7f48452d` Don't use `memchr()` on strings potentially shorter than 4 bytes - `5810f49c` url save: fix location printed - `5696bf77` Fix typo in examples - and others --- ### Recommended follow-up The OMEMO refactoring series (14 commits) and JID validation series (5 commits) are the most valuable unmerged changes. They should be ported in dedicated PRs with manual adaptation rather than cherry-picking, as they require coordinated changes across multiple files that have diverged from upstream.
jabber.developer2 added 53 commits 2026-04-01 23:43:07 +00:00
fix: add missing omemo_is_jid_trusted(), auto_gerror macro, and titlebar variable declarations
Some checks failed
CI Code / Check coding style (pull_request) Failing after 12s
CI Code / Check spelling (pull_request) Successful in 23s
CI Code / Linux (debian) (pull_request) Failing after 5m42s
CI Code / Linux (ubuntu) (pull_request) Failing after 6m3s
CI Code / Code Coverage (pull_request) Successful in 7m2s
CI Code / Linux (arch) (pull_request) Failing after 8m20s
48b36a0269
Fixes build errors from cherry-picked upstream patches:
- Add omemo_is_jid_trusted() function (from upstream trust indicator feature)
- Add auto_gerror/PROF_GERROR_MESSAGE macros (needed by /changes command)
- Add trusted_attrs/untrusted_attrs declarations in _show_muc_privacy()
- Remove stale 'error' reference in omemo_receive_message()
jabber.developer2 changed title from feat/upstream-sync to WIP: feat/upstream-sync 2026-04-01 23:43:20 +00:00
jabber.developer2 changed title from feat/upstream-sync to WIP: feat/upstream-sync 2026-04-01 23:43:21 +00:00
jabber.developer2 added 1 commit 2026-04-03 10:16:27 +00:00
fix: move trusted_attrs declarations inside #ifdef HAVE_OMEMO in _show_muc_privacy
Some checks failed
CI Code / Check coding style (pull_request) Failing after 8s
CI Code / Check spelling (pull_request) Successful in 20s
CI Code / Linux (debian) (pull_request) Successful in 4m38s
CI Code / Linux (arch) (pull_request) Successful in 5m10s
CI Code / Code Coverage (pull_request) Successful in 6m59s
CI Code / Linux (ubuntu) (pull_request) Successful in 14m1s
6d8942972f
Variables trusted_attrs and untrusted_attrs were declared unconditionally
but only used inside #ifdef HAVE_OMEMO block, causing -Werror=unused-variable
failure in builds without OMEMO (CI builds 2 and 3).

Merged in #105

Merged in #105
jabber.developer closed this pull request 2026-05-30 13:01:58 +00:00
Some checks failed
CI Code / Check coding style (pull_request) Failing after 8s
Required
Details
CI Code / Check spelling (pull_request) Successful in 20s
Required
Details
CI Code / Linux (debian) (pull_request) Successful in 4m38s
Required
Details
CI Code / Linux (arch) (pull_request) Successful in 5m10s
Required
Details
CI Code / Code Coverage (pull_request) Successful in 6m59s
Required
Details
CI Code / Linux (ubuntu) (pull_request) Successful in 14m1s
Required
Details

Pull request closed

Sign in to join this conversation.
No description provided.