diff --git a/.github/workflows/msys-build.yml b/.github/workflows/msys-build.yml deleted file mode 100644 index 20683120..00000000 --- a/.github/workflows/msys-build.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: MSYS2 Build - -on: - push: - branches: [master] - pull_request: - branches: [master] - -jobs: - msys2_build: - runs-on: windows-latest - defaults: - run: - shell: msys2 {0} - - steps: - - uses: actions/checkout@v4 - - - uses: msys2/setup-msys2@v2 - with: - msystem: MINGW64 - update: true - install: >- - mingw-w64-x86_64-gcc - mingw-w64-x86_64-pkg-config - mingw-w64-x86_64-python-cffi - mingw-w64-x86_64-meson - mingw-w64-x86_64-ninja - mingw-w64-x86_64-gtk2 - mingw-w64-x86_64-gtk-update-icon-cache - mingw-w64-x86_64-luajit - mingw-w64-x86_64-desktop-file-utils - mingw-w64-x86_64-gettext-tools - - - name: Sanity check gettext ITS rules - run: | - set -eux - which msgfmt || true - msgfmt --version - ls -la /mingw64/share/gettext-*/its || true - - - name: Configure - run: | - set -eux - rm -rf build - meson setup build \ - -Dtext-frontend=true \ - -Ddbus=disabled \ - -Dwith-upd=false \ - -Dwith-perl=false - - - name: Build - run: ninja -C build - - - name: Test - run: ninja -C build test diff --git a/changelog.rst b/changelog.rst index 6dbcb054..586cc8a5 100644 --- a/changelog.rst +++ b/changelog.rst @@ -1,6 +1,13 @@ ZoiteChat ChangeLog ================= +2.17.4 (2026-02-03) +------------------- + +- STS handling now persists server policies, enforces upgrades more consistently, and falls back to current ports when needed. +- Windows build workflow updated (MSYS2 setup changes) and OpenSSL trust store handling tightened for safer TLS connections. +- Reduced GLib coupling in multiple Windows subsystems (spellcheck, history, sysinfo) plus small stability fixes. + 2.17.3 (2026-01-17) ------------------- diff --git a/data/misc/net.zoite.Zoitechat.appdata.xml.in b/data/misc/net.zoite.Zoitechat.appdata.xml.in index 023d250f..c030cdd2 100644 --- a/data/misc/net.zoite.Zoitechat.appdata.xml.in +++ b/data/misc/net.zoite.Zoitechat.appdata.xml.in @@ -25,6 +25,16 @@ zoitechat.desktop + + +

Fixes and minor features:

+
    +
  • STS handling now persists server policies, enforces upgrades more consistently, and falls back to current ports when needed.
    • +
  • Windows build workflow updated (MSYS2 setup changes) and OpenSSL trust store handling tightened for safer TLS connections.
    • +
  • Reduced GLib coupling in multiple Windows subsystems (spellcheck, history, sysinfo) plus small stability fixes.
    • +
+ +

Fixes and minor features:

diff --git a/meson.build b/meson.build index c03fe3bd..8f35d056 100644 --- a/meson.build +++ b/meson.build @@ -1,5 +1,5 @@ project('zoitechat', 'c', - version: '2.17.3', + version: '2.17.4', meson_version: '>= 0.47.0', default_options: [ 'c_std=c17', diff --git a/readme.md b/readme.md index 5addc74b..cd148c8b 100644 --- a/readme.md +++ b/readme.md @@ -5,7 +5,6 @@ [![Flatpak Build](https://github.com/ZoiteChat/zoitechat/actions/workflows/flatpak-build.yml/badge.svg)](https://github.com/ZoiteChat/zoitechat/actions/workflows/flatpak-build.yml) [![AppImage Build](https://github.com/ZoiteChat/zoitechat/actions/workflows/appimage-build.yml/badge.svg)](https://github.com/ZoiteChat/zoitechat/actions/workflows/appimage-build.yml) [![Windows Build](https://github.com/ZoiteChat/zoitechat/actions/workflows/windows-build.yml/badge.svg)](https://github.com/ZoiteChat/zoitechat/actions/workflows/windows-build.yml) -[![MSYS2 Build](https://github.com/ZoiteChat/zoitechat/actions/workflows/msys-build.yml/badge.svg)](https://github.com/ZoiteChat/zoitechat/actions/workflows/msys-build.yml) [![OpenBSD Build](https://github.com/ZoiteChat/zoitechat/actions/workflows/openbsd-build.yml/badge.svg)](https://github.com/ZoiteChat/zoitechat/actions/workflows/openbsd-build.yml) [![Version][github-version-img]][github-version-uri] [![Downloads][github-downloads-img]][github-downloads-uri] [![Size][github-size-img]][github-size-img] [![Last Commit][github-commit-img]][github-commit-img] [![Contributors][contribs-all-img]](#contributors-) diff --git a/src/common/inbound.c b/src/common/inbound.c index 5c7dc92d..adbe6d34 100644 --- a/src/common/inbound.c +++ b/src/common/inbound.c @@ -1713,6 +1713,26 @@ void inbound_cap_ack (server *serv, char *nick, char *extensions, const message_tags_data *tags_data) { + if (extensions) + { + char **tokens = g_strsplit (extensions, " ", 0); + int i; + + for (i = 0; tokens[i]; i++) + { + char **parts = g_strsplit (tokens[i], "=", 2); + + if (!g_strcmp0 (parts[0], "sts") && parts[1] && parts[1][0]) + { + sts_handle_capability (serv, parts[1]); + } + + g_strfreev (parts); + } + + g_strfreev (tokens); + } + EMIT_SIGNAL_TIMESTAMP (XP_TE_CAPACK, serv->server_session, nick, extensions, NULL, NULL, 0, tags_data->timestamp); @@ -1880,6 +1900,11 @@ inbound_cap_ls (server *serv, char *nick, char *extensions_str, { sts_upgrade_triggered |= sts_handle_capability (serv, value); } + else + { + PrintTextf (serv->server_session, + _("Invalid STS capability token without a value; ignoring.")); + } continue; } diff --git a/src/common/sts.c b/src/common/sts.c index d5dae4bf..eef2a71b 100644 --- a/src/common/sts.c +++ b/src/common/sts.c @@ -338,7 +338,13 @@ sts_parse_value (const char *value, guint16 *port, guint64 *duration, gboolean * { gint64 port_value; - if (*has_port || !val) + if (*has_port) + { + g_strfreev (tokens); + return FALSE; + } + + if (!val) { continue; } @@ -354,7 +360,13 @@ sts_parse_value (const char *value, guint16 *port, guint64 *duration, gboolean * { guint64 duration_value; - if (*has_duration || !val) + if (*has_duration) + { + g_strfreev (tokens); + return FALSE; + } + + if (!val) { continue; } @@ -365,10 +377,16 @@ sts_parse_value (const char *value, guint16 *port, guint64 *duration, gboolean * } else if (!g_ascii_strcasecmp (key, "preload")) { - if (*has_preload) + if (val) { continue; } + + if (*has_preload) + { + g_strfreev (tokens); + return FALSE; + } *preload = TRUE; *has_preload = TRUE; } @@ -553,15 +571,7 @@ sts_handle_capability (struct server *serv, const char *value) { if (!has_port) { - if (serv->port > 0) - { - port = (guint16) serv->port; - has_port = TRUE; - } - else - { - return FALSE; - } + return FALSE; } #ifdef USE_OPENSSL if (serv->sts_upgrade_in_progress) @@ -578,12 +588,13 @@ sts_handle_capability (struct server *serv, const char *value) serv->disconnect (serv->server_session, FALSE, -1); serv->connect (serv, host_copy, (int) port, serv->no_login); } + return TRUE; #else PrintTextf (serv->server_session, _("STS upgrade requested for %s, but TLS is not available.\n"), hostname); + return FALSE; #endif - return TRUE; } if (!has_duration) @@ -601,12 +612,14 @@ sts_handle_capability (struct server *serv, const char *value) { time_t now = time (NULL); time_t expires_at = now + (time_t) duration; - guint16 effective_port = serv->port > 0 ? (guint16) serv->port : port; + guint16 effective_port = 0; + sts_profile *existing_profile; sts_profile *profile; - if (effective_port == 0) + existing_profile = sts_profile_lookup (hostname, now); + if (existing_profile) { - return FALSE; + effective_port = existing_profile->port; } profile = sts_profile_new (hostname, effective_port, expires_at, duration, diff --git a/win32/version.txt b/win32/version.txt index 15d0fc4c..b92cdb1d 100644 --- a/win32/version.txt +++ b/win32/version.txt @@ -1 +1 @@ -2.17.3 +2.17.4