Gajim - 2015-09-28

  1. bot RSS: Feeds for Gajim • Ticket #8152 (The Benefits of Supplements Burnea vital plus Weight loss products) created Reaching the non-public perfect fat isn't only a problem from the exterior overall look. Somewhat, it's pronounced being overweight in the latest decades. At the same time make compliance a lot more difficult eating plan designs and extreme self-control related with the most chubby constitute insurmountable hurdles. So why don't you be a part of trade with pleasur[…][…]
  2. tmolitor Arune: of course I'm okay with that :)
  3. ThUnD3r|Gr33n© morning maybe I'm wrong here but mayne someone can help me. I have a python script running (xmpp bot) I can start it via sh script './' in the shell. Inside there's python and the path of the python script with a '&' at the end to make it running also when the shell via ssh is closed. Then I put this sh script in a crontab but it won't start at reboot ..what do i wrong?
  4. bot RSS: Feeds for Gajim • Ticket #8150 (Modify message stanzas) updated It does, thank you!
  5. tmolitor ThUnD3r|Gr33n©, the PATH environment variable in cron is set to other values as the "normal" PATH...see /etc/crontab and echo $PATH in the shell for the differences on your system...
  6. spicewiesel tmolitor, you did the http_upload plugin for gajim, not?
  7. Sebseb01 Hello
  8. Sebseb01 ==> you think this bug still invalid ?
  9. tmolitor Spicewiesel, yes that was me
  10. spicewiesel I have an isuee with it. While my httpupload is working fine with Conversations I am not able to use it with the Gajim plugin. I see a Traceback "URLError: <urlopen error [Errno 111] Connection refused>"
  11. arune spicewiesel: can you debug that more?
  12. spicewiesel how? :)
  13. spicewiesel the server only shows the line wich tells me that a http upload slot was created
  14. spicewiesel and the traceback is all I can see in the gajim log
  15. arune So the desktop cannot connect to your web server
  16. jodok I have a similar problem with my ejabbered server. Httpupload works fine with conversations, but gets stuck with gaijim and crashes. In the server log I see only that the slot was created.
  17. spicewiesel phone and desktop are in the same network right now, I can upload via Conversations and I can see the picture on my desktop using the sent link. So, in general my desktop is able to connect to my web server
  18. arune What does the gajim debug log say?
  19. spicewiesel I see "uploading file to http:// ..." > "Please download from http:// ..." and then the traceback
  20. spicewiesel that's interesting as I use https
  21. Holger Maybe you're missing some TLS Python thing?
  22. Holger Works for me with Gajim and ejabberd and HTTPS URLs ...
  23. spicewiesel and it uses the port 5444 in the url
  24. spicewiesel which is not configured
  25. Holger Oh HTTP port 5444 is the module's default, though. Doesn't really sound like coincidence :-)
  26. spicewiesel yes
  27. spicewiesel I have append_host_configs configured for all my domains, Conversations seems to find the right one, as it uploads to and not
  28. Holger I'd watch the stream with the XML console.
  29. Holger You should see the URLs offered by the module in the slot response.
  30. Holger Anyway; in ejabberd 15.07, the mechanism to configure ejabberd-contrib modules is complete foo-bar. Long story short, you want to delete $CONTRIB_MODULES_PATH/mod_http_upload/conf/mod_http_upload.yml and then configure the module in your ejabberd.yml as usual.
  31. Holger In 15.09, this will be fixed.
  32. spicewiesel the urls in the XML respond are correct: put: get: gajim then tries to use these: put: geT:
  33. Holger Huh.
  34. ThUnD3r|Gr33n© Holger: don't know if I really well understand ..what will I have to modify and what will I have to delete?
  35. Holger ThUnD3r|Gr33n©: Nothing :-)
  36. Holger ThUnD3r|Gr33n©: You're not even using the module, AFAIK.
  37. ThUnD3r|Gr33n© Where can I define in the Ejabberd.cfg where to watch for additional modules ?
  38. Holger You can specify CONTRIB_MODULES_PATH in your ejabberdctl.cfg. (But let's continue this in the ejabberd room if there's any additional questions.)
  39. ThUnD3r|Gr33n© Holger: thanks
  40. spicewiesel whyever, but the gajim plugin now uses the right URLs, but we have a new Traceback: ValueError: unsupported format character '(' (0x28) at index 23
  41. spicewiesel and the get_url contains the old filename, not the hashed one I get with Conversations.
  42. Holger I think that "unsupported format character" issue was fixed.
  43. Holger And the fact that Conversations changes the file name (and reduces the image size) is just a Conversation thing. The protocol doesn't tell the client to modify the file name.
  44. spicewiesel ah okay, so the filename get changed by conversatinons. Thought that would be done by the mod_http_upload
  45. Holger No, mod_http_upload will only replace odd characters with a '_' or something.
  46. kryptonite Hello. Is XEP-0313 (Message Archive Management / MAM) supported in Gajim? The following claims it is supported, yet it's not working on my machine. I am using V0.16 on debian jessie.
  47. Sebseb01 kryptonite‎, yes it works, i'm just testing it
  48. Sebseb01 (not for gpg message yet)
  49. kryptonite Out of the box? Do I need to configure something in order for it to
  50. kryptonite work?
  51. Link Mauve kryptonite, MAM has been added in 0.16.1, you should upgrade.
  52. Sebseb01 for me just out of the box ! But in account options, you find a "syncronize logs with server"
  53. Sebseb01 ok, i have updated to 0.16.4
  54. kryptonite Thanks, it's worth mentioning that the URL I sent above claims it's added in v0.3, I think that should be fixed.
  55. kryptonite Or, perhaps it's the XEP version?\
  56. Link Mauve Read the changelog:
  57. kryptonite Oh, my bad. Alright, thanks :)
  58. Link Mauve MAM has been added in 0.16.1, gpg with mam has been fixed in 0.16.3.
  59. kryptonite I think the table column should be titled "XEP Version" to avoid confusion at
  60. kryptonite is 16.4 stable?
  61. Link Mauve It has been released, yes.
  62. Sebseb01 "gpg with mam has been fixed in 0.16.3." => not really, or partially
  63. tristank Im using the gajim nightly with prosody trunk and mam doesnt work for me as well.
  64. Sebseb01 tristank‎, on prosody you need to enable a storage and mod_mam.
  65. tristank I did that. Still nothing. MAM is working for other clients for example conversations for android.
  66. Sebseb01 ok, strange, no problem for me (do you activate option in your account settings ?)
  67. Kryptonite I just installed Gajim 0.16.4 in order to try out MAM, but I'm getting the following error when attempting to run it:
  68. Kryptonite /usr/local/bin/gajim: 32: cd: can't cd to /usr/local/share/gajim/src /usr/bin/python: can't open file '': [Errno 2] No such file or directory
  69. Kryptonite I installed it this way: hg clone gajim cd gajim hg checkout gajim-0.16.4 ./ ./configure make sudo make install
  70. tristank
  71. tristank which one do you mean?
  72. tristank Sebseb01‎: do you mean "syncronize logs with server". That it is activated.
  73. Sebseb01 yes ... so I don't know
  74. Kryptonite Is it fine if I just run straight from the repo, without make && make install?
  75. Sebseb01 tristank‎, isn't GPG or OTR message ?
  76. Kryptonite MAM works, but the messages seem to arrive at the wrong order
  77. Kryptonite And sometimes not at all
  78. Kryptonite Still can't find a consistent pattern
  79. Kryptonite Pattern found, Gajim is fetching all MAM history, but in an incorrect order.
  80. tristank Sebseb01: no encrypted messages
  81. spicewiesel tmolitor, do you know when the plugin manager gets new versions?
  82. spicewiesel I have two PCs: 1. Gajim: plugin manager does not know HttpUpload at all 2. Gajim: plugin manager knows 0.2.10 but still got the
  83. spicewiesel bug fixed here: fdc7548539b7, "Fixed format string (%% instead of single % for literal percent char)".
  84. bot RSS: Feeds for Gajim • Ticket #8153 (Improper handling of HTML character codes in xmpp: URIs) created Hello, I've noticed that incoming (well, outgoing, too) xmpp: URIs in messages are handled incorrectly while parsed (it's a possibility that I'm getting an initially malformed URI from an XMPP bot, too). The xmpp uris I'm receiving are in the following format: xmpp:username%40jabber-server.tld?message;body=somedigits%20two%20words Expected reaction on click: Send a r[…][…]
  85. tmolitor spicewiesel‎, the pluginmanager gets new versions, when the are committed...
  86. tmolitor spicewiesel‎: maybe uninstall and reinstall the plugin?
  87. tmolitor *they are committed
  88. Kryptonite Is there an open issue for implementing OMEMO?
  89. Asterix Kryptonite: what's that?
  90. Kryptonite @Asterix: OMEMO is XMPP's version of axolotl, recently invented by the Conversations guys. Basically, it's the holy grail of e2e encryption. It's like OTR, but it works with multiple devices, and it works with offline peers. Here is the website:
  91. Kryptonite Here is the XEP-XXXX:
  92. Kryptonite Here is the file transfer XEP-XXXX:
  93. mathieui and still doesn’t anything but the body of the message :|
  94. Kryptonite The only problem we have is that the only implementing client is Conversations (an Andorid client), this means it can't work with desktops
  95. Kryptonite If Gajim implements it, XMPP e2e would be a solved problem.
  96. mathieui no
  97. mathieui it would be a great improvement, no doubt
  98. bot RSS: Feeds for Gajim • Ticket #8153 (Improper handling of HTML character codes in xmpp: URIs) updated 0.15.4 is nearly 2.5 years old. You should really update. I have no idea if Gajim is supposed to handle %40 as @ or not
  99. Asterix Kryptonite: Gajim already do E2E (we are the only client), GPG, OTR
  100. mathieui Asterix, they are talking about E2E in general
  101. mathieui not the crappy E2E draft from 10 years ago :p
  102. mathieui GPG doesn’t have PFS, OTR doesn’t do multi-device
  103. Kryptonite Also, OTR doesn't work offline and doesn't support MAM
  104. Asterix yes I understand. But I mean we are already supporting 3 protocols. Adding a not-yet published XEP is not planned no. But patches are welcome (It can be done via a plugin, as ATR)
  105. Asterix yes I understand. But I mean we are already supporting 3 protocols. Adding a not-yet published XEP is not planned no. But patches are welcome (It can be done via a plugin, as OTR)
  106. Kryptonite What's the third one?
  107. mathieui Kryptonite,
  108. Kryptonite Thanks. You mentioned that while OMEMO is a great improvement, it's not perfect yet. What's missing?
  109. Asterix Kryptonite:
  110. mathieui Kryptonite, encrypting everything in the message? chat states, corrections, xhtml-im, bob, etc…
  111. mathieui I mean, you have encrypted text and file transfer, but feature-wise it’s pretty much a reduced IRC
  112. Kryptonite Am I write to assume that they don't do that because the current server implementations simply won't allow it?
  113. Kryptonite right*
  114. linus not really
  115. mathieui why wouldn’t the server allow it?
  116. Kryptonite How would an xmpp server parse a fully garbled message?
  117. mathieui you can keep the <message/> envelope
  118. mathieui but everything else could be encrypted in a substanza
  119. mathieui as long as it’s standardized, I don’t see issues with that
  120. Kryptonite That's my point, it's *not* standarized. So, things like OMEMO already work today. But that idealistic protocol only works in a future utopia wher e it's standarized. Is that correct?
  121. mathieui OMEMO doesn’t work today because only conversations implement it, that’s the point
  122. Kryptonite To put it simply, my question is this: If we implement a theoritical protocol which encrypts stuff outside the body. Would it work today without any modifications to the server?
  123. mathieui obviously
  124. Kryptonite Oh
  125. mathieui you only have to define how to decrypt it
  126. Kryptonite Thanks :)
  127. mathieui e.g. encrypt a <forwarded/> element or something
  128. mathieui (also I find "axolotl" cuter than "omemo" but that’s just me :p)
  129. Holger Though the server could then no longer do stuff like throwing chat states away when CSI is activated.
  130. mathieui Holger, yes, but most servers don’t do that anyway
  131. mathieui (it’s really a client’s job)
  132. Holger Well hopefully the number will grow. At least ejabberd will do that by default now.
  133. Holger No the client can't do that.
  134. mathieui (I misread CSI, sorry)
  135. Kryptonite So, no OMEMO anytime soon? :(
  136. mathieui Kryptonite, someone has to do it
  137. Holger And I would guess there may be other use-cases for having the server parse message contents.
  138. mathieui Holger, some, yes
  139. tmolitor mathieui, no, chat states are a servers don't want to send too much unneeded or later needed stuff to a sleeping mobile phone --> better battery life, because every xmpp message sent to the phone will wake up the phone...
  140. mathieui tmolitor, but XEP-compliant clients stop sending chat states when the other party indicates they don’t want them
  141. Kryptonite Is there any critical data outside the <body> anyways?
  142. mathieui Kryptonite, html body?
  143. Kryptonite I mean, outside the message body
  144. mathieui <html/> is outside <body/>
  145. Kryptonite /s/<//
  146. mathieui but otherwise, the correction element can indicate a correlation between encrypted messages that we might not wish
  147. tmolitor mathieui, yes, but that was not the point ;) the point is: chat states are useful (especially with a large number of users in your roster) and omemo could make this difficult (I don't know if this 2 approaches really clash, though)...
  148. Kryptonite html? Is that sarcasm over there? *pokes*
  149. Holger I think it's wrong to have remote clients bother the activity/inactivity state of individual clients of mine. Remote clients should talk to my account, not to an individual client, most of the time. (That's not quite happening as much as it should right now, but that's hopefully where things are heading.)
  150. Holger *bother with the ...
  151. mathieui Kryptonite, a <replace/> is outside <body/> and yet gives information about it
  152. tmolitor Holger, yes, thats absolutely right!
  153. Kryptonite Interesting. Are there any more leakages like that?
  154. mathieui there is <attention/> that gives information about the priority of the message
  155. Kryptonite So, OMEMO is safe as long as we stick to basic messaging, no fancy nudges and corrections?
  156. mathieui yes
  157. mathieui OMEMO is perfectly fine for rough IM
  158. Kryptonite That would be perfectly fine for 99.999% of users then. Does anyone even use nudge?
  159. Kryptonite Does anyone even implement message corrections?
  160. mathieui gajim does, poezio does, swift does, mcabber does with a patch iirc, jappix does, yaxim does iirc…
  161. mathieui message correction is pretty standard nowadays
  162. mathieui (also there is stuff outside message elements, like entity time and ping, that would probably better off encrypted in a tinfoil scenario)
  163. mathieui I don’t think many people use nudge, maybe pidgin users who are used to it from other protocols
  164. Kryptonite Those are fair issues, but I think most of them are pretty minor in practice. With the exception corrections (Which I don't use)
  165. mathieui at least OMEMO doesn’t half-assedly say "you may use html, or not" with no way to define it, like OTR
  166. Kryptonite of corrections*
  167. Holger Why are corrections such an issue?
  168. Holger They just leak the information how bad I am at typing, no?
  169. Holger Or is there actual content leaked?
  170. mathieui yes, that
  171. Kryptonite They leak the correction, I assume
  172. mathieui (you are bad at typing)
  173. mathieui no, they don’t
  174. Holger Kryptonite: Nah.
  175. Kryptonite Oh!
  176. Kryptonite Man
  177. mathieui they link that one message is a correction of another
  178. Kryptonite You ARE overestimating this
  179. mathieui Kryptonite, the main issue is xhtml-im, imo
  180. mathieui users want their rich text
  181. mathieui colors and fonts everywhere
  182. Kryptonite We haven't used any rich text during this conversation until now. I think this roughly reflects the usage statistics.
  183. Kryptonite Alright, that was an enlightening conversation. To me, OMEMO is godly perfect. And I think it is so to anyone who doesn't need rich text.
  184. Kryptonite Thanks for the info :)
  185. mathieui Kryptonite, for me, TLS is godly perfect, because I trust my server, and I trust my contact’s server :p
  186. Kryptonite That is, until *they* come and grab it, and suck out your MAM history
  187. Kryptonite physically
  188. Kryptonite :P
  189. mathieui if they suck out my MAM history physically, I’m screwed anyway
  190. mathieui because my client is on the same machine
  191. Kryptonite Lol!
  192. Kryptonite Fair point.
  193. mathieui iirc there is a beginning of a python axolotl implementation on github
  194. mathieui so it might be a base for a gajim plugin
  195. Holger I guess many "they"s will be mostly interested in the metadata which none of these techniques can hide.
  196. Link Mauve Kryptonite, note that presences and iqs contain also some quite sensitive information you don’t want to leak like that.
  197. Link Mauve And no, omemo isn’t godly perfect, far from it.
  198. Kryptonite What does IQ stand for?
  199. Link Mauve info/query
  200. Kryptonite I wonder of the Conversations guy left those feature out because he had security in mind.
  201. Kryptonite You can't even set the presence status in Conversations.
  202. Link Mauve This is the basic mechanism by which you query anything from any other entity.
  203. mathieui Kryptonite, err, really ? :|
  204. Kryptonite It's always Online, no status message either.
  205. Link Mauve It’s totally broken then. :/
  206. Kryptonite I disagree, that's what I thought at first.
  207. Kryptonite He explains his rationale here:
  208. Kryptonite It's kind of WhatsApp-style, you never set a presence status at WhatsApp, you only care about messaging.
  209. Link Mauve Kryptonite, because some random app is broken doesn’t make it ok to make an XMPP client that is so broken.
  210. mathieui (do chat markers even work in MUC?)
  211. Kryptonite Haha, well, that's subjective and we can't really convince each other. I like the idea of a KISS client, you just chat.
  212. mathieui I like the idea of a usable client
  213. Kryptonite KISS is pretty usable, and "Presence is a horrible metric anyways"
  214. Link Mauve I like the idea of not bringing the brokenness to other clients.
  215. Link Mauve Putting the URL of an uploaded image in the body of a message, just because your encryption protocol is too broken to encrypt anything else, is not ok.
  216. Kryptonite Are you referring to Conversations here?
  217. Link Mauve Yes.
  218. Kryptonite Files are transferred out of band in an encrypted manner when a proxy is available.
  219. Kryptonite That's true for either OTR or OMEMO, not sure about GPG
  220. Link Mauve This is a case where XHTML-IM is useful, and it has been correctly implemented in Gajim’s plugin.
  221. Link Mauve I wasn’t speaking about the file transfer itself, but about the way they expose it to the actual recipient.
  222. Link Mauve Uploading a file over HTTPS is quite trivial.
  223. Holger I think the URL is put into the body mostly to make it just work with all existing clients out of the box, rather than to make it cope with an OMEMO limitation.
  224. Link Mauve Holger, I’d be ok if there was an XHTML-IM payload alongside.
  225. Link Mauve But when I discussed that, they answered that HTML is the embodiment of evil, quite literally.
  226. Holger Link Mauve: I now you disagree with the Conversations guys on the usefulness of XHTML-IM, but that's probably a separate question.
  227. Holger *I know.
  228. Holger definitely needs a client with message correction support.
  229. Link Mauve :)
  230. Kryptonite test
  231. Link Mauve poezio is quite nice, hint hint.
  232. Kryptonite Btw, is MAM broken in Gajim?
  233. Holger Link Mauve: Hehe, yes Poezio is awesome. I reverted back to MCabber because I got too used to some UI detail, but Poezio is superior in many other ways.
  234. Kryptonite The ones sent from Conversations are arriving in incorrect order in Gajim. The other way around works fine. Not sure which app to blame.
  235. arune tmolitor, I've made a patched httpupload without pil (I think)
  236. Kryptonite Arune, you're "not available"
  237. Kryptonite That's just a case in point: Presence is a horrible metric.
  238. mathieui Presence is not a metric, it’s an heuristic
  239. arune Kryptonite, what?
  240. mathieui chat states are a better metric to know what people are doing
  241. tmolitor arune: nice :) could you modify the patch to use pil when available and to fall back to the second method if not? afaik pil gives better image quality when downsampling...especially for such small image sizes we aim to use...
  242. Kryptonite @arune: We discussed whether presence is useful previously.
  243. Kryptonite @mathieui: That's just a clever way of saying that presence is useless :P
  244. arune tmolitor, oh...
  245. mathieui Kryptonite, presence generally works
  246. tmolitor arune: no worries, I'll merge the two approaches if you don't have the time to do it :)
  247. Kryptonite "Link Mauve" appears "busy", what does that mean? Am I supposed to talk to him or leave him alone? Wait, he's talking back so it doesn't really matter.
  248. Kryptonite An often, people who are "available" aren't available
  249. Kryptonite And it's all chaotic.
  250. Kryptonite And often*
  251. arune tmolitor, can you test this?
  252. mathieui I don’t see how chat markers make things better
  253. Kryptonite Me neither
  254. mathieui that’s only one more information to improve your heuristic
  255. Kryptonite My view is not fully aligned with the Conversations, so no, I don't like markers either.
  256. Kryptonite (By the way, presence gets even messier with multiple resources)
  257. Kryptonite The only real way to know anything about the other guy's status (and not heuristicly) is chatting with them.
  258. Kryptonite Offtopic: Is it acceptable to venture that far off from discussing Gajim in this MUC?
  259. Holger I guess the idea is that it often won't work well to base the decision whether or not to send a message on the presence status.
  260. Kryptonite Yes, more precisely, it won't work well to base *anything* on presence, hence we don't need presence.
  261. mathieui nothing works, actually
  262. Holger So you rather just send the message no matter what, and then chat markers allow you to verify whether or not it was read.
  263. mathieui if you want to send a message, you should send a message
  264. Kryptonite Chatting works, so keep that :P
  265. Holger Not that I think the latter info is useful, generally.
  266. Holger mathieui: Indeed.
  267. Kryptonite I gotta go now. bb