Commit Graph

963 Commits

Author SHA1 Message Date
467222d0ca fix(ui,db): harden NULL handling, fix CWE-134, optimize iterations
security(CWE-134): fix format string injections + add CI check
fix(ui): subwindow lifecycle, newwin/newpad guards, fallback timestamps
fix(db): sqlite cleanup on failures, sqlite3_close_v2
fix(xmpp): queued_messages loop, barejid leak
perf(core): g_hash_table_iter_init instead of g_hash_table_get_keys
refactor(ui): CLAMP macro in _check_subwin_width
test: XEP-0012 and XEP-0045 functional tests

Author: jabber.developer2
Closes #58, #85
2026-02-06 19:27:40 +01:00
f8826b7c79 ci: improve CI stability with parallel builds and Valgrind
Major changes:
Run 4 build configurations in parallel with Valgrind on Linux
Add test failure detection verification (meta-test)
Port allocation per build to prevent conflicts in parallel runs
Add --coverage-only flag for dedicated coverage builds
Code quality:

Add TEST_GROUPS constant, CMOCKA patterns, helper functions
Organize ci-build.sh into sections
2026-02-02 17:47:05 +01:00
85c817ee8c ci: speed up builds 4x with parallel tests, coverage, and ccache
Split functional tests into 4 parallel groups and add check-functional-parallel target (~3x faster CI runs).
Add branch-aware LCOV coverage reporting with new --enable-coverage option and lcov summary in CI pipeline.
Enable ccache via -C configure flag for faster recompilations.
Install lcov in all Docker images and use --depth 1 git clones + parallel make -j$(nproc) for quicker container builds.
Update CONTRIBUTING.md with instructions for parallel test groups and adding new ones.

All changes are tightly related CI/performance improvements developed in sequence. No external service uploads (e.g. Codecov skipped due to Gitea incompatibility).
2026-01-21 16:35:17 +01:00
8f580f91a8 refactor(tests): migrate to content-based stubbing
- Replace stbbr_for_id() with stbbr_for_query()/stbbr_send()
- Content-based stubbing matches stanzas by namespace instead of ID
- Use regex assertions for flexible output matching
- Fix timing issues in chat_session and presence tests
2026-01-07 11:46:40 +01:00
2d7de2caf6 refactor(tests): replace libexpect with forkpty() for PTY handling
- Remove dependency on libexpect/tcl
- Implement native PTY handling with forkpty()
- Add prof_output_exact/regex for flexible output matching
- Improve timeout handling and synchronization
2026-01-07 11:46:40 +01:00
3738be4af1 fix: prevent autoping disable on false negative ping support check
Remove autodisable logic (prefs_set_autoping(0)) and early return in autoping
to treat intermittent false negatives from connection_supports(XMPP_FEATURE_PING).
Add one-time error display with debug features print for monitoring; warn on first failing
check without aborting to maintain functionality while investigating root cause.
2025-10-14 12:42:00 +02:00
4780fdd4a1 tests: update cmocka include in forced encryption tests
Includes were updated in 988d366, but the change did not propagate to forced_encryption.c due to the gap between the upstream Profanity and the CProof.
2025-09-10 15:50:26 +02:00
Steffen Jaeckel
988d3663d1 Introduce tests/prof_cmocka.h
As 9f2abc75 accidentally got the ordering of some of the includes wrong,
I decided to propose my initial solution again.

Additional to that, I've opened a MR against CMocka to solve this on
their side, since I believe that the current way this is done is not
sustainable [0].

[0] https://gitlab.com/cmocka/cmocka/-/merge_requests/91

Fixes: 9f2abc75 ("Fix tests with gcc15 (uintptr_t)")
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>

CProof note: our new tests need to also be updated.
2025-09-10 14:11:03 +02:00
Andreas Stieger
1ae78400a4 Fix tests with gcc15 (uintptr_t)
fixes: error: ‘uintptr_t’ undeclared, defined in header ‘<stdint.h>
(cherry picked from commit 9f2abc75ad)

Author:    Andreas Stieger <Andreas.Stieger@gmx.de>
2025-09-10 13:57:36 +02:00
ea8a758ecf Merge branch 'fix/correct-autocompletion' 2025-09-02 14:20:23 +02:00
2808def933 fix(chatwin): Fix LMC autocompletion to suggest corrected message content
- Modified chatwin_outgoing_msg to call _chatwin_set_last_message for corrected messages, using replace_id per XEP-0308.
- Updated _chatwin_set_last_message to skip redundant and invalid free/strdup for same pointers.
- Added null checks in _chatwin_set_last_message for safety.
- Fixes autocompletion suggesting original message content instead of corrected content.

Fixes #24
2025-09-02 00:29:13 +02:00
65cf9ddb9c fix(cmd_sub): Prevent crash with malformed JID in /sub command
Added null check for jidp in cmd_sub to handle jid_create returning NULL.

Crash occurred when processing malformed JID inputs like @example.com.

Ensures robust handling of invalid JIDs.

Fixes #22
2025-09-01 23:29:26 +02:00
f4405d114a Add unit tests for forced encryption check function 2025-08-27 16:48:27 +02:00
442bfb6ce1 feat: Add /force-encryption command and update message handling
Implement /force-encryption command to configure forced encryption
settings with on|off and policy resend-to-confirm|block options.

The changes enhance user experience by clarifying encryption requirements
and providing actionable commands. Users can now press Enter again to
confirm unencrypted messages in resend-to-confirm mode.
2025-08-25 21:11:27 +02:00
5ed8ec30f0 Update name and license 2025-07-19 14:32:26 +02:00
Michael Vetter
091ff41c06 Merge pull request #2041 from profanity-im/some-improvements
Summary:
- Print the final storage location when successfully decrypting a file with `aesgcm://` source.
- Less GString
- Re-factor cmd_presence()
- Improve const correctness
- Use correct free function. Fixes: 75d7663 ("Free wins summary list")

Pull Request Source: https://github.com/profanity-im/profanity/pull/2041

Author: Steffen Jaeckel <s@jaeckel.eu>
2025-07-19 00:13:49 +02:00
b4d3563b96 Cleanup (#5)
- Update formatting for stub files
- Update docs

While original project, Profanity, provides valuable basis for this
fork, we are not affiliated with the upstream. This commit
is updating documentation to reflect accurate information.

The docs are going to be updated further once the website is created.

Reviewed-on: #5
Co-authored-by: Jabber Developer <jabber.developer@jabber.space>
Co-committed-by: Jabber Developer <jabber.developer@jabber.space>
2025-06-20 18:20:47 +00:00
Michael Vetter
07dfeec816 Release 0.15.0 2025-03-27 20:06:38 +01:00
Steffen Jaeckel
25184a53e0 Improve const correctness.
Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-13 15:07:39 +01:00
Steffen Jaeckel
9fc0326428 Add Valgrind to CI
* Also pass `$*` to `configure` when invoking `ci-build.sh`, so one can
  e.g. run `./ci-build.sh --without-xscreensaver`

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-11 12:15:09 +01:00
Steffen Jaeckel
c0da36c48d Rage-cleanup.
While trying to get the unit tests working again I stumbled over all those
things that I thought could be better^TM.

Now we also know "TODO: why does this make the test fail?" - because
the unit tests are brittle AF ... and we have to init the subsystems
we use in the test, otherwise the cleanup will fail...

BTW. you can now also only run a single test ... or a pattern or so ...
you'd have to read how `cmocka_set_test_filter()` works exactly.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-10 11:45:15 +01:00
Steffen Jaeckel
72b99ceb6d Some minor improvements
* destroy/free/shutdown/close in reverse order of allocation
* more static/auto_Xfree
* less variables/strlen/GString
* properly `\0`-terminate string of testcase

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-10 11:45:15 +01:00
Steffen Jaeckel
c5a131ee46 Introduce our own shutdown callback mechanism.
Instead of adding stuff to `_shutdown()`, we can now register a shutdown
routine from the respective `init()` function of our modules.

This also has the advantage, that we're sure they're called in reverse
order from how the initialization happened.

I didn't simply use `atexit()` because POSIX says that the number of
possible callbacks is limited (min 32) and I was not sure whether
we will maybe extend this number at one point.

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>
2025-03-07 21:09:16 +01:00
Michael Vetter
3441aa3279 Fix outdated types in tests
Fix https://github.com/profanity-im/profanity/issues/1992
2024-08-05 12:14:09 +02:00
Steffen Jaeckel
848acdd1fa Improve const correctness
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2024-06-19 16:01:46 +02:00
Michael Vetter
6b9d0e8647 Update accounts_find_all header in test stub
Fix https://bugs.gentoo.org/927179
2024-03-17 16:44:00 +01:00
Michael Vetter
88b26cfdb9 Undo gmainloop related changes
Revert "Merge pull request #1943 from H3rnand3zzz/gmainloop

This reverts commit 609fde0998, reversing
changes made to 2ec94064ed.

Revert "Merge pull request #1948 from H3rnand3zzz/fix/rl-less-refreshes"

This reverts commit 11762fd2b0, reversing
changes made to 609fde0998.

We have got several issues, that we don't quite see how to solve, with
the merge of the gmainloop PR.

* Slashguard is broken (#1955) (though #1956 could fix that)
* One person reported problems with copy paste selection via mouse
* Some input buffer seems not to be cleared correctly
  It happened that I was debugging profanity used `/connect` and typed
  the password. I then debugged so long that a time out occurred, so
  profanity disconnected. Then it printed "unknown command: $password".

There was something else that I forgot now.

Bottomline is: so far we didn't get it right so we will undo these
changes until someone proposes a working solution.

We got a slight performance increase (apparently noticable when
alt+mouse scrolling) but got too many issues with this change.
2024-02-19 17:41:06 +01:00
Michael Vetter
609fde0998 Merge pull request #1943 from H3rnand3zzz/gmainloop
Use Gmainloop as a main loop to increase performance
2024-01-16 12:18:34 +01:00
Steffen Jaeckel
f458d6ebdf Fix when feature discovery is finished
Feature discovery was marked as finished once we received a reply to the
initial request. The discovery mechanism allows to delegate the real
feature discovery to another service running on different domain and those
requests are created dynamically.

This was another instance causing the warning message described in #1940

Fixes #1940 (once more)

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-28 19:21:27 +01:00
John Hernandez
080b0f825a Add stubs for inputwin to fix autotests 2023-12-28 18:18:40 +01:00
Steffen Jaeckel
b4c088232e Improve const correctness
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-12 18:27:09 +01:00
Steffen Jaeckel
bac24601da Introduce equals_our_barejid()
Instead of always repeating the same pattern, introduce a helper function.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-12 18:27:02 +01:00
Steffen Jaeckel
847a86de50 add connection_get_jid()
Use a singleton `Jid` inside the connection instead of always re-creating
a `Jid` from the same string.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-12-12 18:26:21 +01:00
John Hernandez
53db7562b5 Format test_cmd_otr.c 2023-11-11 10:04:38 +01:00
ike08
d35a7a7f7e Refactor tests to use the new cmocka test runner
## Summary

Fixes https://github.com/profanity-im/profanity/issues/1907  

Update functional and unit test code to comply with the current cmocka test runner.  

## Changes

- `UnitTest` struct to `CMUnitTest` struct
- `unit_test()` macro to `cmocka_unit_test(f)` macro
- `unit_test_setup_teardown()` macro to `cmocka_unit_test_setup_teardown` macro
- `run_tests()` macro to `cmocka_run_group_tests()` function
- Setup and teardown functions return `int` instead of `void`

## Testing

### Unit Tests

`make check`

### Functional Tests

I did not compile or run functional tests because they are *shelved* for now.

### Valgrind

I'm not entirely sure how to fun Valgrind in this case. I did not do fancy memory management, so it should be fine.
2023-11-01 18:30:08 -06:00
Michael Vetter
f7cce4c5c1 Move /os into /privacy os
Related to https://github.com/profanity-im/profanity/issues/1836
2023-07-25 16:35:14 +02:00
Michael Vetter
feba4b8263 Add cons_privacy_setting() to print privacy setting infos 2023-07-24 18:25:34 +02:00
John Hernandez
8304ac86ff g_free() to auto_gfree, introduce auto_guchar
Fix 11 potential mem leaks in theme.c
2023-07-13 17:04:59 +02:00
John Hernandez
e1d137f4e6 Change char->free to auto_char char for autocleanup
Replace `gchar` and `g_free` to `auto_gchar`
Correct certain  `char` functions/variables to `gchar`

Related to #1819.

Edited by @jubalh.
2023-07-11 13:26:37 +02:00
John Hernandez
4a70f5f513 Cleanup char* to auto_gchar gchar* for prefs_get_string
Necessity explained in #1819
2023-07-03 16:06:27 +02:00
Michael Vetter
f67d548ebf Merge pull request #1850 from H3rnand3zzz/feature/pgp-improved
Extend `/pgp` command to make key exchange procedure easier
2023-07-03 14:18:35 +02:00
John Hernandez
36784738fc Add optional pgp public key autoimport
Refactor `p_gpg_list_keys`
Add `/pgp autoimport` command,
it's not described in XEP-0027, but used in some clients,
such as PSI, Pidgin. It will autoimport keys received with
`/pgp sendpub`, in plain text as a message, or using features,
provided in other clients. It doesn't autoassign them, but shows
command to assign, letting user to decide.
Improve documentation for some preexisting functions
Add contact argument to `/pgp sendpub`
2023-07-02 14:25:55 +02:00
John Hernandez
a59623a007 Add /pgp sendpub command
Command allows to share your PGP pub key with ease,
it's not described in XEP-0027, but used in some clients,
such as PSI, Pidgin.
Fix typos
Minor improvements
2023-07-02 14:25:55 +02:00
Michael Vetter
6247c28e31 Merge pull request #1842 from H3rnand3zzz/feature/plugins-download
New Feature: Plugins Download
2023-06-06 18:35:18 +02:00
John Hernandez
95e06ad169 Add url support (downloading) to /plugins install
Additional changes include code refactoring.
2023-05-16 15:57:07 +02:00
Michael Vetter
ea35a4ceb0 Merge branch 'master' into cleanup/gchar-char 2023-05-11 08:45:46 +02:00
Steffen Jaeckel
8cd53acfd7 fix /reconnect now
This fixes #1846
Issue introduced by a0aa26b6fa

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
2023-05-10 18:12:11 +02:00
John Hernandez
7f3fca2bd0 Cleanup: gchar as gchar instead of char
Use gchar instead of char in most of the cases where gchar is intended.

Reason: improve compatibility and stability. Issue #1819

Minor refactoring.
2023-05-04 16:15:09 +02:00
IsaacM88
ecdeb750f3 Add ability to disable avatar publishing
Add "/avatar disable" to comply with point "3.5 Publisher Disables
Avatar Publishing" in XEP-0084.

src/command/cmd_defs.c:2416
Add "disable" argument. Reword the "/avatar" command description
so it flows better.

src/command/cmd_ac.c:1101
Add "disable" to the "/avatar" autocomplete dictionary.

src/command/cmd_funcs.c:9277
Split "/avatar" commands into two groups with an if statement; those
with a parameter and those without. "cons_bad_cmd_usage()" is in both
groups, which is messy. "disable" has similar logic to "set", but it
includes a failure message.

src/xmpp/avatar.c:152
"avatar_publishing_disable()" uses the same logic to publish metadata
as in "avatar_set()".

src/xmpp/avatar.c:238
Add a message to inform users when they do not receive an avatar after
using "/avatar get" and "/avatar open". In case of a failure, the user
will be subscribed to future avatar updates as long as they continue
to use their current instance of profanity. Adding
"caps_remove_feature()" after "cons_show()" will unsubscribe the user
from avatar updates and prevent the user from downloading an avatar
unexpectedly hours later without issuing an "/avatar" command.

src/xmpp/stanza.c:2698
The new "disable" function follows the same logic as
"stanza_create_avatar_metadata_publish_iq()".
2023-05-02 14:45:54 -06:00
John Hernandez
07cc19ce10 Add sessions_alarm
Introduce new feature: sessions_alarm.

Added new account setting: max_connections. On exceeding this number,
user will get an alert. If number is less than 1, no alert will happen.

Tests altered to fit new feature.
2023-04-18 14:28:20 +02:00