Gajim - 2016-09-17

00:13:35 lovetox i think we have this problem with every invalid jid
00:13:48 lovetox there is no test for valid jid format
00:14:08 linus Yeah
00:14:24 linus I'll have a look at fixing it tomorrow, if I can get my issues with firejail sorted out
00:14:33 lovetox you could do all sorts of things like xmpp:asd@asd@asda@.at
00:14:51 lovetox this is passed then to all the functions involved with opening chat window
00:14:59 lovetox no way to tell what goes wrong there
00:23:33 lovetox problem lies in chat_control.py
00:23:48 lovetox def _nec_vcard_received
00:23:55 lovetox calls show_avatar()
00:24:03 lovetox which requests a vcard
00:24:10 lovetox which tritters vcard received
00:24:18 lovetox and show_avatar() is called again
00:24:20 lovetox and so on
00:24:23 lovetox endless loop
00:53:38 lovetox ok found the problem
00:53:47 lovetox but we should solve it in a general way
00:53:58 lovetox just dont start new chats with invalid jids
00:54:18 linus That makes sense
00:55:04 lovetox so we need a good function that can test if a jid is vald :)
00:55:16 linus That shouldn't be too hard.
00:55:25 linus ", he said...
00:58:27 lovetox it should test for xxx@xxx.xxx
00:58:56 lovetox but also this has to be valid something like a room jid with a nick has to be valid
00:59:14 lovetox gajim@conference.gajim.org/xxxx
01:00:36 linus I think RFC5122 is the thing to refer to here
01:04:10 lovetox or maybe https://tools.ietf.org/html/rfc6122
01:04:19 lovetox forund this on stackoverflow
01:04:20 lovetox http://stackoverflow.com/questions/3514342/validating-an-xmpp-jid-with-python
01:21:21 linus lovetox, do you know if the URL parsing code conforms to the RFC?
01:21:56 linus URI*
01:22:01 lovetox it says so in the post
01:22:06 linus because it is basically two separate tasks: parsing the URI, and then checking the JID
01:22:15 linus URL parsing code
01:22:18 linus URI*
01:22:23 linus not JID checking
01:22:24 lovetox ah
01:22:38 lovetox no
01:22:40 lovetox i dont know
01:23:53 linus because that's just as important for this stuff not to break :p
01:27:07 lovetox i would just use it, test it against some cases
01:27:27 lovetox there is probably not a 100% perfect solution out there
01:27:41 lovetox if i write it myself it will probably not even be 5% perfect :D
01:27:52 lovetox so i guess we start with some checking function
01:27:58 lovetox and extend it if bugs are reported
01:28:28 lovetox i mean right now there is no check whatsoever
01:28:36 lovetox so its definitly a step forward
01:28:42 lovetox even if it catches not every case
01:30:22 linus True :D
06:44:44 Link Mauve linus, xmpp://user@server would mean “connect as user@server”, which makes no sense on XMPP.
06:48:26 Link Mauve Also, of course Gajim already does validate JIDs, just use that existing code.
07:11:13 praveen stef.an: on poddery.com we accept connections over port 443. You can ask your admin to enable it.
07:14:59 praveen stef.an: https://wiki.debian.org/InstallingProsody#XMPP_over_HTTPS this how we did it using prosody, you can share it with your admin.
13:59:14 lovetox Link Mauve
13:59:26 lovetox gajim does not validate the jid when you click that link
13:59:56 lovetox as you can see in your xml console
14:00:05 lovetox where a endless loop starts requesting vcards
14:00:10 lovetox to an invalid jid
14:00:45 lovetox also you cant produce a link where gajim would tell you "invalid jid"
14:01:05 lovetox it always opens a chat window, like you could start writing to that adress
14:02:21 lovetox and i found no methode in gajim that validates a JID
14:03:45 lovetox some methodes implement their own checks, but i found no dedicated methode that does only check a jid for validity
14:27:13 Link Mauve lovetox, err, just do it the Python way, create a JID from the string and if you catch the InvalidJID or whatever exception you know it was invalid and react accordingly.
14:27:19 Link Mauve Do that at the dbus entrypoint.
14:28:53 lovetox yeah so you need a methode that parses the string and throws exception
14:29:09 lovetox all i can see right now is a methode that does split @ , split /
14:29:16 lovetox and thats user, domain, resource
14:29:38 lovetox thats just not good enough :)
14:30:04 linus then we fix that :p
14:35:26 lovetox there is a parsejid function in helpers.py
14:36:11 linus yeah
14:38:42 lovetox it uses some method from the nbxmpp api
14:38:50 lovetox i think this could be good enough
14:39:04 linus doesn't look like it to me
14:39:15 linus all the actual parsing is in helpers.py, decompose_jid
14:39:27 lovetox no
14:39:37 lovetox return prep(*decompose_jid(jidstring))
14:39:42 lovetox look at prep
14:43:07 lovetox so there is "def hyperlink_handler"
14:43:18 lovetox in htmltextview.py and conversationtextview.py
14:43:27 lovetox that defines what happens if we click a link
14:43:32 lovetox that has xmpp in it
14:44:10 lovetox so before executing the action we should parse the jid, and catch exception
14:44:13 lovetox seems easy enough
15:35:32 Link Mauve lovetox, common.helpers.parse_jid.
15:35:51 linus Link Mauve: yes, he pasted the code for that above
15:35:56 Link Mauve Ah.
15:36:28 Link Mauve Sorry, I wasn’t there yet, I went to a restaurant in the meantime and am only catching up with logs. ^^
15:36:50 Link Mauve Time to sleep soon too.