Gajim - 2023-12-11

I hit this issue recently where certain things being pasted (links I think) tries to open the file picker or something. Doesn't matter if I paste with ctrl-v or right click -> paste. My workaround is to use a script to copy the clipboard contents to the primary selection and then I can middle click paste the link. Anyone run into that before?

is there a way i can check my current outgoing ip in the app?

> I hit this issue recently where certain things being pasted (links I think) tries to open the file picker or something. Doesn't matter if I paste with ctrl-v or right click -> paste. My workaround is to use a script to copy the clipboard contents to the primary selection and then I can middle click paste the link. Anyone run into that before? never

> is there a way i can check my current outgoing ip in the app? no

bard_: let us know if you can tell us exactly what triggers this

The latest thing I hit that does it is going to this twitch page: https://www.twitch.tv/verybusythenia/videos and then if I right click the channel trailer video in qutebrowser and hit copy link address, I believe that then acts weird any time I try to paste in gajim

but oddly if I copy the link via hints with the keyboard using ;y instead it doesn't seem to happen

checking my clipboard contents with `wl-paste | less`, I don't see anything weird about it, I just see the link looking normal. also checked in vim. no weird characters at the end that I see

works normally for me

>using ;y what?

those are the literal keypresses in qutebrowser to copy things on the page via hints mode

so there are two ways I can copy the same thing but I'm getting different results

s/things/links/

you need to figure out what is different in the copied strings that cause or don't cause the issue

https://disroot.org/upload/065768d1-7159-7458-987a-3234997780f5/2023-12-10-221616_grim.png

so I see this and then press is to get the link on my clipboard

I seem to have qutebrowser using xwayland right now in case that's a useful clue to clipboard issues. and gajim in wayland mode

seems likely related

run in xwayland whatever text editor that will show all chars and paste it there ✏

wait

make that wayland

pasting into mousepad I don't see anything extra there, and iirc it was able to show me newlines that were invisible elsewhere in the past

well, there could be other non-printing chars

doing `wl-paste | cat -e` there's a $ shown at the end which I think just means a line ending

not sure if you want to do it here but just do the thing that opens the file picker, press send, then open the posted file

the thing is, it's not trying to upload an actual file, send is blurred out, nothing is selected. it's simply opening the file clicker screen as if I'd clicked on it

https://disroot.org/upload/065768f2-bdf6-7a84-923c-c342b0f2fd74/2023-12-10-222502_grim.png

there's a screenshot of what I get after pasting

interesting

is there some control character or something that could be activating the file picker?

bard_: I tested it and it's specific to qute browser. It does the same thing with youtube video links. This is my guess. I see that the copy video link action produces an X selection target type of text/uri-list. When you paste into gajim, I think gajim checks for this and uses it, expecting it to be a local file uri, but in this case, the data contained is a http link, so gajim can't do anything.

Does a dev who knows this want to tell me if I'm right? ^

Seems like it's either a qute bug or gajim bug.

According to https://developer.mozilla.org/en-US/docs/Web/API/HTML_Drag_and_Drop_API/Recommended_drag_types >Dragged hyperlinks should include data of two types: text/uri-list, and text/plain. Both types should use the link's URL for their data.

>As usual, set the text/plain type last, as a fallback for the text/uri-list type.

Strangely, firefox does not generate text/uri-list when copying a link

If the recommendation at the link above is still correct, it seems this is a gajim bug.

I can reproduce this without qute.

I do `echo test | xclip -in -selection clipboard -target text/uri-list`

Then, the only available target type is text/uri-list. When I paste in gajim, it opens the file upload view.

>via mouse is handled by Qt, via hints is handled by qutebrowser according to the qutebrowser dev

There is another issue concerning TLS. I cannot receive images from my server. There is no problem in Conversations - like with previous issue. Images can be sent/received without any issue. (Gajim 1.7.3, Debian repo) https://paste.aryu.de/?9ae7e4b7f92fa798#HW2Lt75ixYjXkykVHDw91q2kiWbwngKbrZZDYxnvVRvJ

beduk, The certificate used for the http upload endpoint has an unknown CA

Of course , it's self signed. It's my server.

thats the issue then :)

gajim cant verify the cert

Yes, it's the issue. This is bug.

probably more of a feature to prevent MITM

I believe python-gnutls is used

> probably more of a feature to prevent MITM No, it's not.

which would link against gnutls I would have thought

stick your CA cert into the truststore

you should have your TLS certificate, and then the CA cert you signed it with correct?

stick CA into truststore

Gajim doesn't allow use unencrypted connection too. If one uses .onion or i2p tls is not needed

Devs of Conversations understand that.

pretty sure it is useful for onion routing

because the exit node has it decrypted

iirc

> pretty sure it is useful for onion routing > > because the exit node has it decrypted > > iirc What are you talking about?🤔 you don't use exit nodes... omg

onion routing works on the concept of encapsulating with multiple layers on encryption

each hop will decrypt a layer

like peeling an onion (hence the name)

the last node before the destination decrypts the onion to the "core"

the core being the data

I can't view emojis in gajim, on archlinux. Any ideas?

which means the last decryption can be seen in plaintext iirc

barlas, you do not have a font providing said emojis

unifont works fine

wait no

@polarin 🫣

noto-font-emoji

googles fonts used on android

https://archlinux.org/packages/extra/any/noto-fonts-emoji/

beduk, This is not matrix, the @ does nothing and in fact prevents it mentioning me

barlas, see above :)

install that, restart gajim, done!

Ah.

I have that installed, but I think I broke it when I installed https://aur.archlinux.org/packages/noto-color-emoji-fontconfig-no-binding yesterday

NeoChat (matrix client) was display half emojis, so someone recommended that fontbinding, it fixed it for NeoChat, but I think it broke it for gajim too.

Because I was using dino before and I know emojis were working in it, but now emojis aren't working in it either.

Thanks polarian, going to see if I am right about that. :-)

np

beduk, https://en.wikipedia.org/wiki/File:Onion_diagram.svg

as far as I am aware you want tls for the message section

No luck. Re-installed noto-fonts-emoji too, just to be on safe side. It seems it's broken for all GTK app though.

Maybe should ask in archlinux chat.

barlas, yeah probably, ask in #archlinux @ libera.chat

sure they can help out

> beduk, https://en.wikipedia.org/wiki/File:Onion_diagram.svg > > as far as I am aware you want tls for the message section Please don't compromise yourself 😃

Polarian, just for my curiosity. Are you Gajim dev?

beduk, you can open a feature request if you want for the onion.service no TLS thing

but out of curiosity, why does the onion service not support TLS?

probably because it wants to be anonym and the cert would expose it?

> beduk, you can open a feature request if you want for the onion.service no TLS thing > > but out of curiosity, why does the onion service not support TLS? Traffic within Tor is E2EE.

> beduk, you can open a feature request if you want for the onion.service no TLS thing > > but out of curiosity, why does the onion service not support TLS? In Gajim there is an option to allow unencrypted traffic. I use it and still Gajim requires cert

>> beduk, you can open a feature request if you want for the onion.service no TLS thing >> >> but out of curiosity, why does the onion service not support TLS? > Traffic within Tor is E2EE. The same within i2p

can you give me the adress of that onion service

unencrypted should of course work, i look into this

but instead of hoping all clients support unencrypted

the server operator should simply add a self signed cert and be done with it

beduk, https://www.reddit.com/r/TOR/comments/h8c7z6/why_is_there_no_end_to_end_encryption/

I think you are confused

because I cant find any evidence to back up your point

tor is encrypted between nodes

as per onion routing standards

> Please don't compromise yourself 😃 How would this compromise myself, added encryption will not specifically compromise me, it would add additional un-needed overhead

> Polarian, just for my curiosity. Are you Gajim dev? No... but does that mean I am not allowed to attempt to help?

> can you give me the adress of that onion service > > unencrypted should of course work, i look into this > > but instead of hoping all clients support unencrypted > > the server operator should simply add a self signed cert and be done with it I'm the administrator of this server. I tried to use "unencrypted" with Gajim without cert. There is no justification to use certs within Tor or i2p. It didn't work with Gajim. Conversations works flawlessly without cert. I decided to generate self-signed cert because I really like Gajim and I've been using it for years. Then the next issue appeared. Gajim doesn't like my cert like I mentioned above. The text massages work w/o issue I only had to accept my cert manually. Images don't work with self-signed cert. In Conversations there is no issue. I don't allow s2s. ✏

You come into the channel, throwing insults how gajim is non-compliant and how conversations works flawlessly, which is already aggressive and insulting, and then you belittle people who try to help out?

or am I misunderstanding something here?

hey the latest update of Gajim is GAS

I LOVE IT HOLY SHI

thanks to all the devs who put in so much hard work to modernize xmpp

ong

i can get my friends on xmpp now that its so modern

you're so real for this

wdym lol

hey i just downloaded gajim on windows

if i had the opportunity should i not use xmpp on windows for privacy reasons

so billy gates doesnt see my ahh msgs

> so billy gates doesnt see my ahh msgs Mate, enable omemo encryption and only text in a omemo enabled channel ↺

Immaculate Taste, there is a lot more to worry about in windows than microsoft reading your messages

xD

Immaculate Taste: use Windows XP, it's not as full of spyware as modern versions are. Gajim 0.16 worked there for sure, not sure about newer versions.

or you know, you could just use *nix

But why?

Newer versions could possibly run with OneCore too though.

I can tell for sure that WinAPI is better than X11/Wayland. It allows to paint on other processes' windows, it still follows the widget tree introspection as non-toplevel windows so things like efficient RDP and getting passwords out of other processes' windows can work. Also neat things like ArtMoney (possible on *NIX with root too though, I suppose).

bodqhrohro: please stop suggesting Windows XP (do I really have to say this)

cal0pteryx: why?

It is out of support and there are known vulnerabilities. I'm not going to extend this list. Just stop.

cal0pteryx: support is in no way needed for the software to work. Digital data are immortal.

And everything possibly has vulnerabilities, it should be taken as an axiom. Expecting software does not have vulnerabilities because there are no **known** vulnerabilities is rather dangerous.

It is connected to the internet to use Gajim. There are wormable exploits available. Your arguments are invalid.

You cannot know if NSA can crack OMEMO.

P!=NP is still not proven, so any asymmetric crypto is questionable by default.

cal0pteryx: Gajim connects to certain servers, not to arbitrary "internet". They might even be in the local network. So it's a matter of trust to that servers. Thanks to the C2S nature of XMPP which does not require to make connections to arbitrary servers, if a client does not download media automatically or so.

I don't like that I have to call you out every time. Please stop suggesting old software.

Please stop discriminating old software.

Would you frown upon old persons the same way?

Old hardware/software should be respected in a similar way.

People get more prone to infections with age too.

bodqhrohro, last time, stop now