1
0
mirror of https://github.com/weechat/weechat.git synced 2026-07-01 07:16:37 +02:00
Commit Graph

269 Commits

Author SHA1 Message Date
Sébastien Helleu ecd8390ebf core: auto-purge plugin contributions on plugin unload
Call theme_unregister_plugin (plugin) from plugin_remove, right after
config_file_free_all_plugin and before unhook_all_plugin. This drops
every theme contribution whose plugin pointer matches the plugin being
unloaded, so subsequent /theme apply runs no longer try to set
options for an unloaded plugin and per-plugin contributions don't
outlive the plugin.

Script-owned contributions (plugin != NULL && script != NULL) are
left intact - they are cleaned up per-script in the next commit.

This commit is wiring only: the underlying theme_unregister_plugin
function and its semantics are already covered by
TEST(CoreTheme, UnregisterByOwner) in the previous commit.
2026-06-03 22:26:13 +02:00
Sébastien Helleu 83e0d5c9ac api: expose theme_register to plugins
Add a single new entry point to the plugin API:

  struct t_theme *weechat_theme_register (const char *name,
                                          struct t_hashtable *overrides);

Plugins call this at init time to contribute their per-theme color (or
other themable) overrides for a built-in theme like "dark". The
overrides hashtable maps full option names ("irc.color.input_nick") to
their string values; the caller retains ownership and may free it
right after the call. Repeated calls with the same theme name merge
into the existing registry entry, so each plugin can declare its own
contributions independently of core and of other plugins.

Wiring:

- struct t_theme forward-declared in weechat-plugin.h alongside the
  other opaque types.
- theme_register function pointer added to t_weechat_plugin.
- weechat_theme_register convenience macro added.
- plugin.c initializes the pointer to core's theme_register.
- WEECHAT_PLUGIN_API_VERSION bumped to 20260526-01.

This commit is plumbing only: the underlying theme_register function
already has unit-test coverage in tests/unit/core/test-core-theme.cpp
(TEST(CoreTheme, Register)), so no new tests are added here.
2026-06-03 22:26:13 +02:00
Sébastien Helleu 6948aea626 relay: fix timing attack on password authentication (GHSA-vhv8-g2r9-cwcc)
The relay authentication used non-constant-time comparisons (strcasecmp,
strcmp) to verify password hashes and plaintext passwords, allowing an
attacker to derive the expected hash byte-by-byte from response timing
and then authenticate without knowing the password.

- SHA/PBKDF2 hex hash comparisons: normalize the client-supplied hash to
  uppercase and compare in constant time over the fixed expected length.
- Plaintext password comparison: HMAC-SHA256 both passwords with a fresh
  per-call random key and compare the fixed-size MACs in constant time,
  hiding both per-byte timing and the password length.

Add string_memcmp_constant_time helper in core, exposed via the plugin
API. Bump WEECHAT_PLUGIN_API_VERSION accordingly.
2026-05-31 09:16:15 +02:00
Sébastien Helleu f53e7fb9ef core, plugins: fix typos in comments on functions, use imperative 2026-03-23 20:45:36 +01:00
Sébastien Helleu 106fe6ca7c core: update copyright dates 2026-03-08 10:37:15 +01:00
Sébastien Helleu 1c53d3d466 api: add functions to parse integer numbers
New functions:

- util_parse_int
- util_parse_long
- util_parse_longlong
2025-11-12 20:24:00 +01:00
Sébastien Helleu 51d24fd2da api: add function file_compare (issue #2250) 2025-05-07 20:44:48 +02:00
Sébastien Helleu 2475f20cb7 all: move description of C files below the copyright and license 2025-03-31 11:47:49 +02:00
Sébastien Helleu 3a6ac9ee76 all: add SPDX license tag 2025-03-31 07:49:26 +02:00
Sébastien Helleu d8987a1678 all: replace Copyright lines by SPDX copyright tag 2025-03-30 14:47:12 +02:00
Aaron Jones f5038bccbc Fix function prototypes for list of arguments
At the moment, building WeeChat triggers several thousand -Wstrict-prototypes
diagnostics.  This is due to its source code using an empty argument list for
functions and function pointers that take no arguments, instead of explicitly
declaring that they take no arguments by using a void list.

This commit replaces all empty argument lists with a void list.

Note that Ruby's headers also suffer the same problem, which WeeChat can't
do anything to fix.  Thus, building WeeChat with the Ruby plugin enabled
will still issue approximately 30 such diagnostics.
2025-03-10 08:16:52 +01:00
Sébastien Helleu c7d21a3ea6 api: add function completion_set 2025-02-15 23:22:44 +01:00
Sébastien Helleu 547e2b934e core: update copyright dates 2025-02-01 23:13:18 +01:00
Sébastien Helleu 818a4c95a9 core: replace calls to malloc by string_asprintf 2024-12-21 15:12:33 +01:00
Sébastien Helleu 328aa8f202 core, plugins: abort upgrade immediately if any upgrade file fails to be written
Detail of changes:

- the save of upgrade files in plugins is now done as soon as the "upgrade"
  signal is received, and not when the plugin is unloaded (it was too late to
  detect any problem and prevent the upgrade to happen)
- if the write of an upgrade file fails, the signal callback in plugin now
  returns WEECHAT_RC_ERROR and WeeChat checks this code to stop the upgrade as
  soon as this return code is received
- a new flag is added in plugin structure: unload_with_upgrade, it is set to 1
  before unloading all plugins when upgrade will happen (all *.upgrade files
  are then already successfully written).
2024-11-24 10:29:32 +01:00
Josh Soref 4ef3011ea9 spelling: cannot
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-09-28 18:22:02 +02:00
Sébastien Helleu f076db4767 api: add function line_search_by_id 2024-06-27 20:55:42 +02:00
Sébastien Helleu 0b2d9bcb9b plugins: remove check of NULL pointers before calling weechat_hashtable_free() (issue #865) 2024-04-26 08:53:22 +02:00
Sébastien Helleu b56b34711d api: remove check of NULL pointers before calling free() (issue #865) 2024-04-25 20:59:25 +02:00
Sébastien Helleu 2cf66de423 api: add function "asprintf" 2024-04-07 13:18:13 +02:00
Sébastien Helleu 965beb37de core: fix print of pointer values 2024-04-01 21:08:52 +02:00
Sébastien Helleu 24c4029c96 core: remove "wee-" prefix from source files in src/core and src/core/hook 2024-03-12 21:27:37 +01:00
Sébastien Helleu c71e6a50eb core: rename function gui_buffer_search_by_name to gui_buffer_search (issue #2081) 2024-03-12 20:37:40 +01:00
Sébastien Helleu 9e0dd18152 api: add function "hdata_longlong" (issue #2081) 2024-03-12 20:37:11 +01:00
Sébastien Helleu 361d55d9d7 api: add functions config_{boolean|integer|string|color|enum}_inherited in scripting API 2024-03-05 19:52:21 +01:00
Sébastien Helleu f6ba789c3d api: add function util_parse_time (issue #649) 2024-01-05 19:09:19 +01:00
Sébastien Helleu eecb2a997e core: update copyright dates 2024-01-01 22:29:58 +01:00
Sébastien Helleu 9fb3d3f14c core: store microseconds in buffer lines (closes #649) 2023-12-26 19:44:37 +01:00
Sébastien Helleu e34071131e api: add function string_concat (issue #2005) 2023-10-17 18:14:53 +02:00
Sébastien Helleu 63922ca038 api: add function hook_url 2023-09-16 10:19:51 +02:00
Sébastien Helleu 66cb9f6ea2 core: add option type "enum" (closes #1973)
The type "enum" replaces type "integer" when used with string values.

For compatibility, any option created with type "integer" and string values is
automatically created to "enum" on creation, with no error.
2023-07-08 13:28:40 +02:00
Sébastien Helleu 71b85f1238 core: send all command line parameters not beginning with a dash to all plugins, add info "auto_load_scripts"
This fixes an issue with IRC URL given on command line when it starts with
`ircs://` or `irc6://`: the server is not created at all (only `irc://` works
fine).
2023-05-30 20:56:25 +02:00
Sébastien Helleu 66571a0b63 core: add configuration version, add API function config_set_version 2023-03-16 20:42:18 +01:00
Sébastien Helleu fbeab26a35 core, plugins: replace calls to string_str(n)cmp by str(n)cmp (issue #1872) 2023-01-28 15:14:24 +01:00
Sébastien Helleu 5434f4f969 core, plugins: make plugin names case sensitive (issue #1872) 2023-01-28 15:13:57 +01:00
Sébastien Helleu 33bba784c3 core: update copyright dates 2023-01-01 14:54:35 +01:00
Sébastien Helleu 21f3575016 api: add functions string_strcmp and string_strncmp 2022-12-24 18:29:35 +01:00
Sébastien Helleu a67556907d api: rename char comparison functions "utf8_char*" to "string_char*" 2022-12-24 17:33:22 +01:00
Sébastien Helleu 71ae8f1907 api: add function utf8_strncpy 2022-12-10 16:05:14 +01:00
Sébastien Helleu bc2fb071e2 api: add function string_translate_chars 2022-11-05 22:34:38 +01:00
Sébastien Helleu 26e6fdc645 api: add function file_compress 2022-09-27 20:49:12 +02:00
Sébastien Helleu 4d74a89cfc api: add function string_parse_size 2022-09-27 15:50:43 +02:00
Sébastien Helleu 0090695f7d api: add function crypto_hash_file 2022-08-16 21:33:50 +02:00
Sébastien Helleu 62e68f965f api: rename function string_build_with_split_string to string_rebuild_split_string 2022-07-20 12:14:40 +02:00
Sébastien Helleu e5e3a9d2da api: add function buffer_new_props (closes #1759) 2022-03-13 10:35:29 +01:00
Sébastien Helleu 9259442dbf core: add support of date and tags in messages displayed in buffers with free content, add function printf_y_date_tags (closes #1746) 2022-01-30 11:41:06 +01:00
Sébastien Helleu c44b79dce7 core: update copyright dates 2022-01-17 18:41:06 +01:00
Sébastien Helleu 5b87e0c544 api: add function string_cut 2021-07-04 13:27:33 +02:00
Sébastien Helleu 8a11a18dc5 api: add function file_copy (issue #1667) 2021-07-03 16:04:50 +02:00
Sébastien Helleu 5cffb7179f api: add function crypto_hmac (issue #1628) 2021-06-01 20:39:04 +02:00