Gajim - 2017-12-16

  1. link mauve Test.
  2. bot Link Mauve modified an issue in _gajim_ <>: #8801: <Send the <active/> chatstate in the same message as the body>
  3. Link Mauve Asterix: btw it’s “useful”, not “usefull”.
  4. Asterix Citizen Zibb: all is packaged in the installer
  5. Asterix Link Mauve: ok thx. Will try to remember
  6. marc Can somebody explain why Gajim checks for custom ports in SRV record handling even though SRV records are not used when custom host/port is specified? See
  7. marc I would remove the code in _on_resolve
  8. Link Mauve lovetox: what was the issue with URIs in the end?
  9. lovetox Link Mauve, when did you send this message
  10. lovetox "‎[11:22:26] ‎Link Mauve‎: lovetox: what was the issue with URIs in the end?"
  11. lovetox just now?
  12. Link Mauve lovetox, my client sent it just now, yeah.
  13. lovetox hm ok, still then we have a issue with message ordering if someone writes something while mam messages come in
  14. lovetox and no i did not solve the problem with the uri
  15. marc lovetox, I'm also working on proper URI handling
  16. marc lovetox, you could focus on other things :)
  17. marc lovetox, can you confirm my found "dead code" (see backlog)?
  18. Link Mauve lovetox, oh, so that was my issue I think.
  19. Link Mauve The one where I couldn’t see my own messages.
  20. Link Mauve lovetox, I was asking because you merged my PR.
  21. Link Mauve marc, what do you mean by “proper”? Apart from many actions still not handled?
  22. marc Link Mauve, not splitting it up by hand for example ;)
  23. marc Link Mauve, last time I looked at it something like "xmpp:asdf" failed
  24. marc And some other corner cases
  25. marc Well, even "" failed
  26. lovetox what do you want gajim to do with that
  27. lovetox "xmpp:asdf"
  28. lovetox ?
  29. marc lovetox, ignore is since it is not a valid JID
  30. Link Mauve marc, uh, it should work.
  31. Link Mauve marc, it is a valid JID though.
  32. Link Mauve It doesn’t have a localpart nor a resourcepart, but it has the mandatory domainpart.
  33. marc a valid JID without host part?
  34. Link Mauve With only the host part.
  35. marc Well okay
  36. Link Mauve “11:30:58 marc> Well, even "" failed”, I explicitly tested that, are you sure you are on latest master?
  37. marc But the action is not defined
  38. marc Link Mauve, I know you fixed it, I fixed it too but didn't push it
  39. Link Mauve marc, I defined the action to be message.
  40. marc Link Mauve, makes sense
  41. Link Mauve And testing both of your examples, they work on master.
  42. marc at the moment I work on SRV fixup in Gajim but I would improve URI handling too later
  43. lovetox what do you mean by fixup, what is the problem
  44. lovetox ?
  45. marc lovetox, (1) dead code I mentioned
  46. marc (2) Gajim stores the last connection type (tls, ssl) _forever_
  47. marc Once the server doesn't support the connection type Gajim never successfully connects
  48. marc Even though proper SRV records are available
  49. marc (3) XEP-0368 support
  50. pep. marc: re SRV, it's not dead if it's still used even though not required (if that's what you were trying to say)
  51. marc pep., SRV is used only of no hostname/port is specified
  52. lovetox srv is used when "if use_srv and self._proxy is None:"
  53. lovetox and use_srv is only false if "not self.redirected" has nothing to do with custom host and port
  54. marc lovetox, oh yeah, correct
  55. lovetox thoug i dont know whats self.redirected is for
  56. marc but does it make sense to use ssl port for every SRV record?
  57. lovetox this part of the code is not easy to understand :)
  58. lovetox hm what gajim does, it gets a host, and then a port and a ssl port
  59. lovetox if the user has connection types "ssl, tls"
  60. lovetox it will try both in case one fails
  61. lovetox if tls fails, it needs a ssl port
  62. marc lovetox, I think it would be more clear if we would have a record for ssl and tls each
  63. marc lovetox, still, Gajim stores the last successful connection type
  64. marc And never tries to use other SRV records and just fails if the last type doesn't work
  65. pep. lovetox: why do you differentiate SSL and tls? Do you mean direct/starttls?
  66. marc yes
  67. pep. K
  68. lovetox marc because gajim currently supports only one srv lookup
  69. lovetox there is never be more than one srv record
  70. marc lovetox, you mean one srv record _type_ ?
  71. marc because there can be multiple xmpp-client SRV records
  72. lovetox ah yeah, that gets ordered with weight
  73. lovetox hm so you are saying
  74. lovetox a server should announce his ssl record there with the port he wises
  75. marc lovetox, I would add a field 'type' to the SRV record instead of 'ssl_port'
  76. marc And I would remove the common "connection_types"
  77. marc And use a two default records (if no SRV is available) for SSL and TLS
  78. lovetox but for 0368 we have to make two queries
  79. marc lovetox, yes
  80. marc I already implemented it for a PoC
  81. lovetox hm ok do what you think is right, we test it than in the MR
  82. marc Merge both SRV records and just try them
  83. lovetox yeah but do you wait for both?
  84. marc no
  85. marc lovetox, okay, but I would like to understand why Gajim stores the last connection_type
  86. marc Is there a use-case I don't see?
  87. lovetox where do you see that exactly
  88. marc sec
  89. marc lovetox,
  90. marc If Gajim connected last time successfully via TLS
  91. lovetox you mean the config value?
  92. marc This connection type will be stored and SSL is never used
  93. marc Even if TLS fails
  94. SaltyBones anybody got an idea what this is
  95. SaltyBones getting random disconnects
  96. SaltyBones could be network issues but i don't notice anything outside of gajim
  97. marc lovetox, of course this is just a corner case but I don't get the idea why it is useful to store the last connection type
  98. SaltyBones and gajim is spamming that 16.12.2017 11:51:31 (W) nbxmpp.transports_nb remove_timeout: no self.fd state is CONNECTED
  99. lovetox i think the reason is for disconnect
  100. SaltyBones every second
  101. lovetox so that we can try the last working one
  102. lovetox not cycle everything again to find a working one
  103. lovetox but why do say its forever stored
  104. lovetox last_connection_type is a var thats goine if you quit gajim
  105. lovetox if you mean the config setting
  106. lovetox "connection_types"
  107. lovetox thats not the last connection type
  108. lovetox that are the allowed connection types
  109. lovetox gajim also supports "plain" connection
  110. marc lovetox, yes, and why do we remove allowed connection types?
  111. lovetox hm yeah,
  112. lovetox thats not really coherent
  113. lovetox the idea in that part was, if we once succesful connect to tls
  114. lovetox never try ssl
  115. marc Yes, but why does it make sense?
  116. lovetox but yeah all that will be useless if we have 0368
  117. lovetox the idea is that you probably dont want to cycle between tls or ssl
  118. lovetox marc yeah this probably can be done better
  119. lovetox get all src with 0368
  120. lovetox then use these
  121. marc hm okay, I'll remove this and implement 0368
  122. marc lovetox, if you're fine with it
  123. lovetox but still allow for a "plain" connection, but only if the config value is set for that, never in some default way
  124. lovetox marc any help is welcome :)
  125. marc lovetox, okay,
  126. lovetox just to come back to the srv thing, but if you do 2 srv queries
  127. lovetox right now gajim start connecting after the first one arrives
  128. lovetox because the callback of the srv starts the connecting
  129. marc yes, I think start connecting after the first one arrives is still fine
  130. marc But I will start with xmpps-client first I think
  131. lovetox its not according to the xep
  132. marc oh really?
  133. lovetox Both 'xmpp-' and 'xmpps-' records SHOULD be treated as the same record with regard to connection order as specified by RFC 2782 [3], in that all priorities and weights are mixed.
  134. marc Oh okay
  135. marc Good catch
  136. lovetox and this makes it a bit more complicated
  137. marc The most simple solution would be to chain the two requests I think
  138. lovetox only a bit, but enough that i focused on other things back then
  139. lovetox marc, yeah good idea
  140. marc s/more simple/simplest
  141. marc argh
  142. marc s/most simple/simplest
  143. marc lovetox, do we need the 'connection_types' option at all then?
  144. marc I can be changed via config editor but is not used in the code at all if I remove this "connection type restriction" feature
  145. marc s/I/It
  146. lovetox if we have 0368 i think there is no need that the user can decide what i wants to use, so no
  147. lovetox but plain should be a user option
  148. marc But how can the user enforce plain?
  149. lovetox with a config setting
  150. marc And _why_ should a user can enforce plain? :D
  151. lovetox its not that he wants to enforce
  152. SaltyBones plain?
  153. lovetox its because some devs dont want to set up tls certs on their local test machines
  154. SaltyBones plain should not even be supported. :p
  155. marc SaltyBones, +1
  156. marc Okay, 'plain' should be an option for devs only
  157. SaltyBones setitng up a self signed cert is 5 minutes of googling and copy pasta
  158. lovetox there will be no button or anything, just a config option in the advanced config settings
  159. lovetox and if it is set, we should try plain first
  160. SaltyBones it is definitely not the hard part of setting up a testserver
  161. pep. lovetox do you know his that provides an "easy way for clients to bypass restrictive firewalls that only allow https"
  162. pep. How this provides*
  163. marc pep., that's one reason why I implement it :)
  164. lovetox because direct tls is not inspectable
  165. lovetox was that a question pep. ?
  166. pep. lovetox: hmm, assuming the xmpp server serve in 443 right
  167. pep. serves
  168. pep. Also, the firewall could be stateful and look for your SRV query
  169. pep. Then block connections to that IP/port
  170. lovetox pep., of course there are ways
  171. pep. Yeah
  172. lovetox you have to talk to the xep autor about that :9
  173. pep. I mean I get why you would want such records, to revive direct TLS, but I don't think this particular claim is worth making :p
  174. pep. That's an "implementation detail" (by the service)
  175. SaltyBones I mean...this is a bit dubious
  176. SaltyBones Essentially people are implementing half a HTTPS tunnel in XMPP. :p
  177. marc SaltyBones, Using port 80 or 443 is a common way to bypass firewalls for many protocols AFAIK
  178. SaltyBones Hm..maybe I'm misunderstanding the proposal.
  179. SaltyBones marc, but don't you think it's weird?
  180. marc SaltyBones, well, blocking ports is weird :D
  181. SaltyBones Essentially the firewalls block everything except port 443 for $reasons and now we just move everything to port 443?
  182. SaltyBones That's just stupid. :)
  183. SaltyBones Plus, a decent firewall will open up your TLS connection anyway and look at the traffic.
  184. marc SaltyBones, the assumption that everything is safe and secure by just blocking everything than 443 is stupid ^^
  185. pep. At work we block incoming except what's needed, we don't block outgoing
  186. SaltyBones And, in corporate environments where this might be an issue HTTP tunneling is usually prohibited AND they don't let you install stuff on your PC anyway. :p
  187. SaltyBones marc, yes, but moving everything to 443 is also a bit retarded. :)
  188. SaltyBones In the end ports will disappear magically because everything is 443. xD
  189. marc SaltyBones, let's say WhatsApp does the same... we have to follow ;)
  190. marc Because you don't want explain users why WhatsApp works and Jabber does not...
  191. SaltyBones Well, then let's at least also get rid of all other ways to connect for simplicity.
  192. marc SaltyBones, what do you mean?
  193. SaltyBones marc, my jabber users are not delusional they don't expect things to work. ;)
  194. SaltyBones I mean there are so many ways to connect now that clients and servers need to support it gets a bit unwieldy, no?
  195. marc so many?
  196. SaltyBones 5222 5223 bosh this ?
  197. marc Yeah, but that's not a big deal is it?
  198. marc You have to specify these ports in your server config and you're done
  199. SaltyBones Maybe but it seems to me that you will need sublty different code for all of those and they all need to be maintained...
  200. SaltyBones But whatever.
  201. SaltyBones It's an interesting idea. I'm not clear on the details, how is this different from BOSH?
  202. marc SaltyBones, you just use a different port, that's it
  203. marc (for direct TLS)
  204. bot SaltyBones proposed a new merge request for _gajim/master_ <>: Remove incorrect assert
  205. SaltyBones Oh, BOSH doesn't use 443?
  206. SaltyBones Is there some kind of reverse proxy that I can use to easily pick apart HTTPS and XEP-0368 on my server based on SNI?
  207. marc SaltyBones, BOSH is a different protocol
  208. marc With 0368 you just use XMPP with direct TLS on port 443
  209. SaltyBones Yes, but it does use HTTPS, doesn't it?
  210. marc Yes, but the port doesn't matter
  211. marc You could also run BOSH via HTTPS on port 5222
  212. SaltyBones Well, that's not really interesting. :)
  213. SaltyBones BOSH was developed for the same purpose iiuc.
  214. marc SaltyBones, AFAIK BOSH was developed for web clients
  215. pep. marc: not "on port 443" (direct TLS), on port whatever-is-configured
  216. marc But I'm not sure
  217. marc pep., yes, of course
  218. pep. I definitely would not put that on 443, as the main port at least
  219. pep. If users ask for it, maybe
  220. pep. If possible, with alpn or whatever
  221. pep. There's no mention of mitm in this xep? Isn't that the main concern
  222. pep. (As a reason why one would want that)
  223. SaltyBones pep., i don't see the connection
  224. SaltyBones the old things all protect you from mitm, too
  225. pep. Old things?
  226. pep. Starttls?
  227. SaltyBones yeah
  228. SaltyBones and 5223
  229. pep. You start in clear first
  230. pep. 5223 is exactly direct TLS
  231. SaltyBones Sure but you don't send anything interesting in the clear. ;)
  232. SaltyBones pep., well there must be some difference, right?
  233. pep. Well the server could say "nope I don't do starttls", and some client would still accept unfortunately
  234. pep. I'm not sure about differences. I assume this xep is just way to advertise direct TLS
  235. marc pep., yes it is
  236. pep. K
  237. lovetox SaltyBones, about your MR
  238. lovetox does the server really send IQs with wrong id?
  239. lovetox because that would be a violation of the protocol
  240. lovetox your MR is good, but it will not solve your problem i think
  241. lovetox ping is only called when we run into timeouts
  242. lovetox to check if the connection is still alive
  243. lovetox its not something we do every X seconds
  244. bot Philipp Hörist pushed 3 commits to branch _refs/heads/master_ of _gajim-plugins_ <>:
  245. bot Philipp Hörist merged a merge request for _gajim-plugins/master_ <>: [OMEMO] Make some strings translatable
  246. bot Philipp Hörist pushed 3 commits to branch _refs/heads/master_ of _gajim-plugins_ <>:
  247. bot Philipp Hörist closed an issue in _gajim-plugins_ <>: #212: <Client icons plugin doesn't recognize Dino>
  248. bot Philipp Hörist merged a merge request for _gajim-plugins/master_ <>: [client_icons] Adds Dino client icon
  249. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _gajim-plugins_ <>: *dd9983a0* <> [client_icons] Update manifest.ini
  250. Asterix marc, I have't read all, but SSL is quite dead
  251. Asterix it's not used anymore, disabled by default, and automatically removed from config option if TLS works
  252. Asterix and yes we keep in mind last connection type tha work to speed up re-connection
  253. marc Asterix, If I understand the code correctly "ssl = direct TLS"
  254. Asterix yes
  255. Asterix tls is starttls
  256. lovetox Asterix its rising up from the dead and used again to circumvent firewalls
  257. Asterix not a good name I agree
  258. marc Asterix, keeping the last connection type is fine but not removing possible connection types _forever_ is bad
  259. Asterix lovetox, bosh is better for FW issues
  260. marc And that is what happens at the moment in Gajim
  261. Asterix marc, there is no reason to use SSL if TLS works
  262. lovetox marc this was written under assumption that whole community goes away from SSL
  263. lovetox there was no reason to believe that a server that supports tls goes back to ssl
  264. lovetox then came xep 0368 ^^
  265. marc lovetox, yes, so the assumption is not correct
  266. lovetox Asterix the idea is, that the server decides what to use, not gajim
  267. lovetox via srv records and weight
  268. Asterix srv records gives host and port, not method
  269. lovetox read xep 0368
  270. marc Asterix, xmpps-client does
  271. lovetox it does
  272. Asterix I read it
  273. Asterix hmm then indeed Gajim don't do that this way. IIRC, finding the host and trying different methods is completly separate
  274. Asterix we test all type on all hosts
  275. Asterix that's not what this XEP suggests
  276. marc Asterix, yes, I try to implement it atm
  277. Asterix tls on xmpp-client and ssl on xmmps-client
  278. Asterix ok
  279. lovetox yes, we dont have to test types anymore
  280. lovetox the server tells us what is what
  281. lovetox no need for guessing game
  282. Asterix yes but if I don't want to use SSL at all ...
  283. lovetox ... why would you care about that
  284. marc Asterix, then you can set "tls" in your config by hand
  285. Asterix and for plain, we should try it only if it's conenction_types option
  286. lovetox yes of course plain only if its explicitly set
  287. marc default is "ssl tls"
  288. lovetox like now
  289. Asterix marc, yes exactly. So the logic is: if server announce xmmps-client AND if I have ssl in connection_types, then try that
  290. marc Asterix, yep
  291. Asterix but we also need to handle the case where server don't announce any SRV record. Then we need to try all types
  292. Asterix as we do actually
  293. marc yep
  294. bot Yann Leboulanger pushed 1 commit to branch _refs/heads/master_ of _website_ <>: *55d386ce* <> add windows portable installer link for alpha1 release
  295. Link Mauve pep., SaltyBones, marc, both StartTLS and “direct TLS” start with exchanging data unencrypted, the only benefit of the latter is one less roundtrip, so connection time.
  296. marc Link Mauve, are you sure that direct TLS starts unencrypted?
  297. Link Mauve Of course, how would you negociate which encryption to use, which protocol to use, which certificate to use, otherwise?
  298. Link Mauve This is what TLS is.
  299. marc Link Mauve, okay, data != payload, right?
  300. Link Mauve (And what SNI and ALPN build upon.)
  301. Link Mauve marc, StartTLS doesn’t share any more unencrypted data than a TLS handshake.
  302. marc Link Mauve, AFAIK start tls expose the XMPP protocol
  303. marc +s
  304. Link Mauve All data after the initial handshake is properly encrypted.
  305. Link Mauve marc, ALPN does too.
  306. Link Mauve And 0368, just like modern HTTP, mandates ALPN.
  307. Link Mauve “13:40:45 Asterix> and for plain, we should try it only if it's conenction_types option”, I would be in favour of removing connection_types altogether, and adding a way more explicit option, such as insecure_allow_plain_text_connection = True or something like that.
  308. marc Link Mauve, "Direct TLS provides AT LEAST the same level of security as STARTTLS, and more privacy without ALPN as using STARTTLS leaks that the underlying protocol is XMPP, while any direct TLS stream should be indistinguishable from any other direct TLS stream."
  309. Link Mauve marc, it provides exactly as much security, this statement is misleading by making people think “at least” means “more”.
  310. marc Link Mauve, not me ;)
  311. Link Mauve Because using ALPN is a SHOULD, so no one will disable it anywhere.
  312. marc just depends if you use ALPN, right?
  313. Link Mauve marc, also, this sentence mixes security and hiding which protocol you’re using, which is all in all pretty easy to figure out by doing pattern analysis.
  314. marc Link Mauve, sure, not saying this is a perfect solution for everything ;)
  315. Asterix Link Mauve, this mean we cannot refuse direct TLS if server annoucne it then, and this means that if server doesn't have SRV records, we will try both TLS and SSL (while I think SSL should not as it's most of the time not used, and if it's used, it's for FW fo probably not on 5223)
  316. Link Mauve Asterix, just remove legacy TLS, 5223 is dead and has no use.
  317. Asterix legacy TLS = direct TLS, no?
  318. Link Mauve Yes, but without SRV records, instead using the hardcoded 5223 port.
  319. Asterix ha yes ok
  320. Link Mauve (Or worse, asking the user for one.)
  321. Asterix yes why not, but still we cannot tell Gajim not to use direct TLS then. But ok there is no real need to do ...
  322. Link Mauve Exactly, why would you want that? :)
  323. Link Mauve It’s up to the server admin to decide whether to advertise 0368 SRV records or not.
  324. Asterix just because itn't an answer? ;)
  325. Link Mauve No, it isn’t. :p
  326. Link Mauve You have to think about users, not about possibilities. :p
  327. Asterix I know
  328. Link Mauve And users do get confused by options which do misleading things.
  329. bot Philipp Hörist pushed 2 commits to branch _refs/heads/master_ of _gajim-plugins_ <>:
  330. bot Philipp Hörist closed an issue in _gajim-plugins_ <>: #234: <UrlimagePreview: type of image preview jpeg >> png>
  331. bot Philipp Hörist merged a merge request for _gajim-plugins/master_ <>: [UrlImagePreview] Add PNG and GIF thumbnails to
  332. marc Link Mauve, what are you proposing now? not to use xmpps-client SRV record at all?
  333. Asterix yes
  334. Asterix use direct TLS (what is called ssl in Gajim) only if there is xmmps-client record
  335. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _gajim-plugins_ <>: *84fb14e5* <> [url_image_preview] Update manifest.ini
  336. Link Mauve marc, respect the specification, use both _xmpp-client and _xmpps-client when they are present, without any override mechanism.
  337. Asterix and remove connection_types completly. Replace it with a "allow plain" or the like option
  338. Link Mauve Asterix, yes, exactly.
  339. Link Mauve Asterix, this option needs to be scary.
  340. Asterix yes of course
  341. marc Asterix, just a couple of minutes ago you wanted an option to disable direct TLS via connection_types ;)
  342. Asterix so if not SRV record, only try plain if SRV records, try what they propose
  343. Asterix and add plain if option is enabled
  344. Asterix marc, yes, but everybody says it's useless, and I have to admit there is no reason to do that
  345. Link Mauve Asterix, if no SRV records, act as if there was a single record pointing to the same domain and port 5222.
  346. marc Link Mauve, +1
  347. Link Mauve There is no fallback to plain text at any point depending on SRV.
  348. Asterix yes, so only try TLS (+ plain is option is enabled)
  349. Asterix fallback to plain is only option dependant, not SRV dependant
  350. marc yes, exactly
  351. Link Mauve Oh also, make the new scary allow_plain option display a popup each time Gajim is launched. ^^
  352. marc Otherwise blocking SRV lookup would lead to plain :D
  353. Asterix but no need to fallback to plain for xmmps-client connections
  354. Link Mauve With the option of disabling it.
  355. Asterix Link Mauve, I think there is only one
  356. Asterix just before sending the PW, we check if connection is plain and show a warning
  357. Link Mauve Ah, great. :)
  358. Asterix and text is not "yeah, go one, no problem" of course
  359. Asterix and text is not "yeah, go on, no problem" of course
  360. lovetox Link Mauve, there is already a popup when you connect plain
  361. Link Mauve Perfect.
  362. bot Even created an issue in _gajim_ <>: #8802: <Backgroundcolor in windows10>
  363. SaltyBones lovetox, all i know is, that this assertion popped up on my machine and i think it doesn't make sense ;)
  364. lovetox yeah i think i know why, can you delete the other line i mentioned in the MR
  365. lovetox then i can merge this
  366. Asterix I also mentionned to remove completly the use of a variable
  367. lovetox no its needed asterix because its checked in check_pingalive
  368. bot Yann Leboulanger closed an issue in _gajim_ <>: #8802: <Backgroundcolor in windows10>
  369. Asterix ho ok
  370. Asterix lovetox, Am I wrong in my comment for #8802?
  371. lovetox a bit, because he is using gtk2, and there is no gajim.css there
  372. lovetox but i will answer him
  373. Asterix ha oups :)
  374. lovetox also the theme is not selected in the gajim.css file
  375. lovetox the gajim.css file just overrides the current theme
  376. Asterix this would have been right for 1.0.0 then
  377. Asterix yes it's what I said
  378. lovetox ah yeah
  379. Asterix 1.0.0-alpha1 is released
  380. Asterix you can link to it
  381. lovetox ah nice
  382. Asterix in gtk2 there is a gtk2 theme selector
  383. Asterix at lease there was one when I did the intallers
  384. lovetox yes i dont think i package it, you have to modify Gajim\etc\gtk-3.0\settings.ini
  385. Asterix ok
  386. bot Philipp Hörist closed a merge request for _gajim-plugins/master_ <>: [omemo] add support for jingle file transfer
  387. bot Philipp Hörist pushed 0 commits to branch _refs/heads/gajim_0.16_ of _gajim-plugins_ <>:
  388. bot Philipp Hörist pushed 386 commits to branch _refs/heads/master_ of _gajim-plugins_ <>:
  389. Asterix Ho you already changed branch names !
  390. Asterix I fear all gtk2 plugins will be updated to gtk3 !
  391. pep. Link Mauve: thanks for the clarification (re direct/starttls). Using starttls I'm still vulnerable to downgrade attacks though right? (Is it the name?) Saying "nope I don't have starttls". Some clients might still be vulnerable
  392. pep. Also I'm skiing as a general question, not specific to xmpp
  393. pep. Asking
  394. pep. Fking smartphone
  395. pep. And then use plain*
  396. Link Mauve pep., you’re as vulnerable if an attacker blocks the direct TLS port.
  397. pep. Right. Though that removes the path of "I don't have starttls" "fine I can do plain!"
  398. Link Mauve Also, the RFC says to ignore the advertising of starttls and to proceed anyway, which I’m doubtful helps in any way, but still.
  399. bot rfc2822 created an issue in _gajim_ <>: #8803: <error when upgrading url preview plugin>
  400. bot rfc2822 modified an issue in _gajim_ <>: #8803: <error when upgrading url preview plugin>
  401. bot rfc2822 modified an issue in _gajim_ <>: #8803: <error when upgrading url preview plugin>
  402. Asterix too late
  403. Asterix all gajim users that starts Gajim will update to GTK3 plugins ...
  404. lovetox then delete the plugins from the server
  405. lovetox please
  406. lovetox so they cannot update
  407. lovetox and adapt the script
  408. Asterix I do what I can, I don't have time right now to do that :/
  409. lovetox to connect to the ftp and delete the folders?
  410. Asterix yes ... I am with my family ..
  411. Asterix but I do ...
  412. lovetox i thought you had time because we were chatting :/
  413. Asterix yes but since that they wake up
  414. lovetox i can push the gtk2 back to master
  415. Asterix no no
  416. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _gajim-plugins_ <>: *ad9ffb62* <> Add README and
  417. Link Mauve lovetox, wouldn’t it have been better to rename the branches and force-push, instead of merging anything?
  418. lovetox i did not merge anything
  419. Link Mauve Ah, so the bot output was wrong.
  420. Link Mauve Nvm then.
  421. bot Philipp Hörist pushed 1 commit to branch _refs/heads/gajim_0.16_ of _gajim-plugins_ <>: *a99c284a* <> Remove README and CONTRIBUTING
  422. Asterix Should be ok
  423. Asterix to be tested though
  424. lovetox ok thanks
  425. lovetox seems to work asterix thanks
  426. Asterix I don't know what you did, but hard to update repos of gajim-plugins :/
  427. Asterix a lot of conflicts and all
  428. Asterix git pull / git checkout master fails
  429. lovetox its because your local branches
  430. lovetox dont match the remote ones
  431. lovetox either you push to a branch with "git push origin master"
  432. Asterix I don't think I have local branches for gajim-plugins ...
  433. lovetox or you just clone the whole repo new to your hd then everything should work
  434. lovetox if you clone a repo, you have all branches local
  435. lovetox means on your hd
  436. lovetox every branch is connected to a remote branch
  437. lovetox so local master -> remote master
  438. lovetox but thats not correct anymore since remote has changed
  439. lovetox thats what gets you the errors
  440. lovetox you can overwrite this with telling git where to push to with "git push origin master" for example
  441. lovetox but in the long ru you should clone the whole repo new
  442. lovetox you can also set the remote with git --set-upstream origin branchyouwanttotrack
  443. Asterix daily build scripts updated too
  444. Asterix no need for gitlab-ci.yml, it gets it from ftp
  445. Asterix so GTK3 branch is still there and opened?
  446. Asterix it's marked as merged. Can't we close it?
  447. lovetox i will delete it or?
  448. lovetox master is a clone of gtk3
  449. lovetox i waited until everything was ok
  450. Asterix ok ok
  451. bot Philipp Hörist pushed 0 commits to branch _refs/heads/gtk3_ of _gajim-plugins_ <>:
  452. lovetox so donw
  453. lovetox so done
  454. SaltyBones Is the best way to fix a pull request really to amend the commit in my fork?
  455. lovetox yes
  456. lovetox then do push -f
  457. lovetox to overwrite whatever is on the server
  458. lovetox if you have a bigger MR with lots of fixes and code
  459. lovetox you can just do a new commit
  460. lovetox so its easier to see what you fixed
  461. lovetox and at the end you squash everything
  462. lovetox but for a 2 line commit, this is not necessary
  463. bot SaltyBones updated a merge request for _gajim/master_ <>: Remove incorrect assert
  464. SaltyBones lovetox, so what is your idea why I might have gotten this reply with a wrong id anyway?
  465. lovetox the ping is sent for every read on the socket that times out
  466. lovetox so potentially we send more than one ping
  467. lovetox but we only store one id
  468. lovetox so probably the first arrived we set it to None, afterwards the rest of them arrive
  469. lovetox and give you the error
  470. lovetox the reason for all this is most likely some bad connection
  471. SaltyBones mhm
  472. bronko Hi, the link to the full changelog for 1.0.0alpha on the gajim homepage is a 404. My guess is this is the correct one:
  473. kalkin lovetox, Asterix: Congratulations on 1.0 alpha release
  474. kalkin I love it that you say in changelog use OMEME instead of OTR
  475. lovetox =9
  476. lovetox =)
  477. kalkin Also intersting to see that flatpacks are a thing now
  478. kalkin Now we just need a package manager^W^Wa flatpack app, which checks if your flatpacks have obsolete dependencies packed, before you run them
  479. bot Dmitriy created an issue in _gajim_ <>: #8804: <A programming error must be detected>
  480. debacle The version tagged as `gajim-1.0.0-alpha1` has `__version__ = "0.98.1"` in the code. Shall I package this as 1.0.0-alpha1 or as 0.98.1? I'm going for 1.0.0-alpha1 right now...
  481. debacle Does Gajim talk to for testing purpose? In it looks like `` is used, right?
  482. cuc great congrats on gajim 1.0!
  483. cuc it meantions flatpak support.. but not where to find the repo?
  484. cuc ah found the readme 🙂
  485. marc Yay, OTR is removed in Gajim :)
  486. marc lovetox, how can I connect with plaintext in gajim master?
  487. marc added "plain" to connection_types
  488. marc I get the warning dialog and after some time "stanza error" in the debug output
  489. marc "Unknown stanza: error" actually
  490. marc Okay, works. Forgot to enable the checkbox :D
  491. bot Yann Leboulanger pushed 1 commit to branch _refs/heads/master_ of _website_ <>: *1b3f3355* <> fix link
  492. Asterix bronko, Thx
  493. Asterix debacle_, it's because if we set 1.0.0-xxx in __version__ we won't be able to do any DB update or config shame update
  494. Asterix so 0.98 will be alpha releases
  495. Asterix 0.99 for beta
  496. Asterix debacle_, yes, we test FT proxies but we don't connect to, only to the FT proxy
  497. bot Yann Leboulanger closed an issue in _gajim_ <>: #8804: <A programming error must be detected>
  498. Asterix debacle_, check that GTK >= 3.20 is requires when doind the debian package
  499. Asterix lovetox, we don't check GTK version when starting?
  500. Asterix in 0.16 we do
  501. debacle Asterix, I'm packaging for unstable/testing now and will do backport to stable in a week or so. Debian has GTK 3.22 already in stable. A version problem would arise only for oldstable, which I will not support. Thanks for the head-up, anyway!
  502. Asterix you'll put alpha1 in stable?
  503. debacle Asterix, pardon my ignorance: What is an FT proxy? :~)
  504. Asterix file transfer proxy
  505. Asterix when we can't connect each other directly, we both connect to such a proxy to transfer files
  506. debacle Asterix, I will do a backport. I.e. it is not part of stable, only a convenience package for people who like the latest stuff on stable :~)
  507. Asterix ok ok
  508. debacle Asterix, I think the user who entered the Debian bug is concerned, that even a simple connection from Gajim to any host can be a privacy violation. The server admin at least knows, that someone with a certain IP address is probably using Gajim.
  509. Asterix yes ... but then we can't test FT proxies ...
  510. Asterix plugin installer server admin (me) can also know all that 'cause Gajim checkes for updates on startup
  511. Asterix debian server admins knows such things because there are thigns that do update checks automatically ...
  512. debacle Asterix, the version scheme sounds good to me. I'm packaging 0.98.1 as 1.0.0~alpha1 (with tilde - which is a kind of "minus" in Debians version arithmetics).
  513. Asterix yep ok perfect
  514. debacle The plugin manager is disabled in the Debian package. (Unfortunately completely, which is not what I wanted to do!) And the Debian packages might come from whatver server, even ones own.
  515. Asterix it's disabled by default
  516. Asterix we test FT proxies only if test_ft_proxies_on_startup is True.
  517. Asterix It's False by default
  518. debacle Good! The user had the FT proxy check in version 0.16.6-1. Probably it was different back then.
  519. debacle The log he saw was:
  520. debacle 2016-10-08 22:07:16.547 [info] <0.494.0>@mod_proxy65_stream:activate:125 (<0.1029.0>:<0.1028.0>) Activated bytestream for ->
  521. Asterix yes probably. It was enabled by default in the past
  522. debacle Cool, another bug I can just close :~)
  523. debacle Just checked: Yes, the variable defaulted to True back then.
  524. debacle Now it is False.
  525. debacle Problem with httpupload 0.7.3 and url_image_preview 2.1.2:
  526. debacle Traceback (most recent call last):
  527. debacle I need to check, but I believe this was OK with url_image_preview 2.1.1
  528. debacle OK, not related to url_image_preview version, but to omemo version.
  529. debacle It works with omemo 2.5.1 but not with 2.5.3.
  530. debacle Is it because of this change?
  531. lovetox yes sorry i will fix that now
  532. bot Philipp Hörist pushed 2 commits to branch _refs/heads/master_ of _gajim-plugins_ <>:
  533. lovetox should be fixed debacle
  534. debacle thanks, will try now
  535. debacle lovetox, thanks, works and is uploaded to Debian
  536. lovetox ok debacle, we should not put alpha in stable
  537. lovetox lets use the bug reports from the people that update now on unstable to fix them
  538. lovetox then do a beta, then the real release
  539. debacle no, it will go into unstable first, after some days (if nothing bad happens) it goes to testing.
  540. debacle for stable, I will only make "backports", that is something people can install optionally, but the default remains 0.16.6-1.1
  541. debacle until the next Debian release in mid-2019 or so
  542. bot Philipp Hörist pushed 1 commit to branch _refs/heads/master_ of _gajim_ <>: *ba54c304* <> Add GTK+ version check on start
  543. bot Chris S. created an issue in _gajim_ <>: #8805: <Audio/VIdeo on Gajim for WIndows ??>
  544. debacle
  545. bot Philipp Hörist closed an issue in _gajim_ <>: #8805: <Audio/VIdeo on Gajim for WIndows ??>
  546. lovetox thanks debacle
  547. lovetox ThibG, on what system are you?
  548. lovetox where did you experience the bug with the shaking chatwindow
  549. ThibG Debian testing/unstable, GNOME 3 with default theme
  550. lovetox can you tell me your gtk version
  551. lovetox help -> about in gajim
  552. lovetox ThibG,