------------------------------------------------------------------- Tue Aug 19 06:18:37 UTC 2025 - Michael Vetter - Update to 0.15.0: Added: * Add flag --verbose to show debug information. * Add flag --recipients to specify recipients by file. * Add flag --retry-connect to try after a waiting time if the connection fails. * Add flag --retry-connect-max to specify the amount of retry attempts. * Add flag --legacy-pgp for using XEP-0027 PGP encryption with Ox keys. * Add support for punycode domains. Changed: * Update gopenpgp library to v3. * Improve error detection for MUC joins. * Don't try to connect to other SRV record targets if error contains 'auth-failure'. * Remove support for old SSDP version (via go-xmpp v0.2.15). * Http-upload: Stop checking other disco items after finding upload component. * Increase default TLS version to 1.3. - bsc#1241814 (CVE-2025-22872): This update includes golang.org/x/net/html 0.43.0 ------------------------------------------------------------------- Tue Jan 28 13:22:45 UTC 2025 - Michael Vetter - Update to 0.14.1: * Use prettier date format for error messages. * Update XEP-0474 to version 0.4.0 (requires go-xmpp >= 0.2.10). ------------------------------------------------------------------- Mon Dec 30 11:04:08 UTC 2024 - Michael Vetter - Update to 0.14.0: Added: * Add --fast-invalidate to allow invalidating the FAST token. Changed: * Don't create legacy Ox private key directory in ~/.local/share/go-sendxmpp/oxprivkeys. * Delete legacy Ox private key directory if it's empty. * Show proper error if saved FAST mechanism isn't usable with current TLS version (requires go-xmpp >= 0.2.9). * Print debug output to stdout, not stderr (requires go-xmpp >= 0.2.9). * Show RECV: and SEND: prefix for debug output (requires go-xmpp >= 0.2.9). * Delete stored fast token if --fast-invalidate and --fast-off are set. * Show error when FAST creds are stored but non-FAST mechanism is requested. ------------------------------------------------------------------- Mon Dec 16 10:58:14 UTC 2024 - Michael Vetter - Update to 0.13.0: Added: * Add --anonymous to support anonymous authentication (requires go-xmpp >= 0.2.8). * Add XEP-0480: SASL Upgrade Tasks support (requires go-xmpp >= 0.2.8). * Add support for see-other-host stream error (requires go-xmpp >= 0.2.8). Changed: * Don't automatically try other auth mechanisms if FAST authentication fails. ------------------------------------------------------------------- Tue Nov 26 07:44:14 UTC 2024 - Michael Vetter - Update to 0.12.1: Changed: * Print error instead of quitting if a message of type error is received. * Allow upload of multiple files. Added: * Add flag --suppress-root-warning to suppress the warning when go-sendxmpp is used by the root user. ------------------------------------------------------------------- Tue Nov 26 07:43:44 UTC 2024 - Michael Vetter - Update to 0.12.0: Added: * Add possibility to look up direct TLS connection endpoint via hostmeta2 (requires xmppsrv >= 0.3.3). * Add flag --allow-plain to allow PLAIN authentication (requires go-xmpp >= 0.2.5). Changed: * Disable PLAIN authentication per default. * Disable PLAIN authentication after first use of a SCRAM auth mechanism (overrides --allow-plain) (requires go-xmpp >= 0.2.5). ------------------------------------------------------------------- Sat Oct 26 17:42:16 UTC 2024 - Michael Vetter - Update to 0.11.4: * Fix bug in SCRAM-SHA-256-PLUS (via go-xmpp >= 0.2.4). ------------------------------------------------------------------- Sat Oct 26 17:41:55 UTC 2024 - Michael Vetter - Update to 0.11.3: * Add go-xmpp library version to --version output (requires go-xmpp >= 0.2.2). * Fix XEP-0474: SASL SCRAM Downgrade Protection hash calculation bug (via go-xmpp >= v0.2.3). * [gocritic]: Improve code quality. ------------------------------------------------------------------- Wed Sep 18 05:38:31 UTC 2024 - Michael Vetter - Update to 0.11.2: * Add Gopenpgp and Xmppsrv version to --version output. * Improve selection between StartTLS and DirectTLS. ------------------------------------------------------------------- Fri Jul 12 02:44:15 UTC 2024 - Michael Vetter - Update to 0.11.1: * Fix Ox encryption in interactive mode (do not add the same recipient key to the keyring over and over again). * Exit with error code if Ox encryption for one recipient fails. * Improved handling of perl sendxmpp config files. ------------------------------------------------------------------- Fri May 31 04:53:19 UTC 2024 - Michael Vetter - Update to 0.11.0: Changed: * Move private Ox key into JID folder in ~/.local/share/go-sendxmpp. * Use fmt.Errorf() instead of errors.New() to create new error messages. Added: * Add new parameter --subject. * Added flag --fast-off to disable XEP-0484: Fast Authentication Streamlining Tokens (requires go-xmpp >= 0.2.1) ------------------------------------------------------------------- Mon Apr 15 08:14:11 UTC 2024 - Michael Vetter - Update to 0.10.0: * Fixed a race condition in receiving stanzas (requires go-xmpp >= v0.1.5). * Add support for SASL2 and BIND2 (via go-xmpp >= v0.2.0). * Add support for FAST authentication (via go-xmpp >= v0.2.0). * Add a warning when run by the user root. ------------------------------------------------------------------- Fri Mar 29 14:06:47 UTC 2024 - Michael Vetter - Update to 0.9.0: Changed: * Properly close stream if Ctrl+C is pressed in interactive mode. * Properly close stream if Ctrl+C is pressed in listening mode. * Print OS, architecture and go version for flag --version. * Improve closing of connection (via go-xmpp v0.1.4). * Don't send stanzas that exceed the size limit provided by XEP-0478 (requires go-xmpp >= v0.1.4). * Fixed hanging forever in stream close if the server doesn't reply with a closing stream element (via go-xmpp >= v0.1.4). Added: * New command line flag ssdp-off to disable XEP-0474: SASL SCRAM Downgrade Protection (requires go-xmpp >= v0.1.4). ------------------------------------------------------------------- Sun Mar 10 07:17:16 UTC 2024 - Michael Vetter - Update to 0.8.4: * Properly handle lost connection. * Better compatibility with perl sendxmpp config files. * Improve file name for private Ox keys. * Improve fallback behavior if no SRV records are provided. * Remove 100ms sleep before closing the connection. This should be no more needed since go-xmpp commit 9684a8ff690f0d75e284f8845696c5057926d276. * Return an error if there is no answer to an IQ within 60s. * Check for errors after sending the auth message during SCRAM authentication (via go-xmpp v0.1.2). ------------------------------------------------------------------- Mon Feb 19 07:38:34 UTC 2024 - Michael Vetter - Update to 0.8.3: * Use a human readable file name for private Ox keys. * Fix specifying a message via command line flag -m. ------------------------------------------------------------------- Sun Jan 21 07:36:03 UTC 2024 - Michael Vetter - Update to 0.8.2: * Fix an issue in look up of SRV records (via xmppsrv v0.2.6) ------------------------------------------------------------------- Wed Jan 17 03:56:07 UTC 2024 - Michael Vetter - Update to 0.8.1: * Add support for tls-server-end-point channel binding * Add experimental support for SOCKS5 proxies using the HTTP_PROXY environment variable * http-upload: Improved error handling. ------------------------------------------------------------------- Tue Jan 9 14:09:06 UTC 2024 - Michael Vetter - Update to 0.8.0: Added: * Add no parameter --scram-mech-pinning. Changed: * Refuse to upload a file if upload slot doesn't provide https. * Use XEP-0474 instead of SCRAM mechanism pinning to prevent downgrade attacks ------------------------------------------------------------------- Tue Nov 14 06:55:48 UTC 2023 - Michael Vetter - Update to 0.7.0: * Reply to XEP-0092 software version requests. * Add support for PLUS variants of SCRAM authentification mechanisms (requires go-xmpp commit 4c385a334c606e8bc387f0a3d4d84975802b3984). * Add pinning of last used authentification mechanism if a SCRAM mechanism was used. * Print every stanza in a new line (requires go-xmpp commit 31c7eb6919b67b18e901dc45a8e5681040ea7f31). ------------------------------------------------------------------- Sat Sep 30 06:42:12 UTC 2023 - Michael Vetter - Update to 0.6.2: * Properly close connection to server if ^C is pressed in interactive mode. * Replace invalid characters by UTF8 replacement char. * Add warning that there is no Ox support for messages of type headline. * Suppress warnings about reading from closed connection if go-sendxmpp closes the connection before exiting. * Remove unnecessary newlines after stanzas. * Fix segfault when authentication fails due to invalid username or password. ------------------------------------------------------------------- Wed Jul 26 06:04:38 UTC 2023 - Michael Vetter - Update to 0.6.1: * Properly close connection to server. ------------------------------------------------------------------- Sun Jul 2 17:55:45 UTC 2023 - Michael Vetter - Update to 0.6.0: Added: * Add support for sending Out of Band Data (OOB). * Add SCRAM-SHA-1, SCRAM-SHA-256 and SCRAM-SHA512 support (via go-xmpp commit bef3e54). * Add support for messages of type headline. Changed: * Print --help output to stdout instead of stderr. * Print sent stanzas when --debug is used (via go-xmpp commit 9129a110df1b). * Allow JIDs without localpart. * Use single quotes for attributes in stanzas created by github.com/beevik/etree (vial etree v1.1.4). * Fix SRV lookup when the domain has a CNAME (via xmppsrv v0.2.5). * Fall back to directTLS on port 5223 (instead of StartTLS on port 5222) if no SRV records are provided and -t is set. * Remove trailing newlines in interactive mode. ------------------------------------------------------------------- Sun Nov 13 20:12:18 UTC 2022 - Michael Vetter - Update to 0.5.6: Added: * Add short option -h for http-upload. Changed: * Fix Ox key generation. ------------------------------------------------------------------- Tue Oct 18 12:00:03 UTC 2022 - Michael Vetter - Update to 0.5.5: * Improve interactive mode. ------------------------------------------------------------------- Fri Sep 30 07:20:09 UTC 2022 - mvetter@suse.com - Update to version 0.5.4: * Fix http-upload. ------------------------------------------------------------------- Thu Sep 29 14:26:25 UTC 2022 - Michael Vetter - Update to 0.5.3: * Don't check for empty message when --listen is used. ------------------------------------------------------------------- Thu Sep 29 14:25:49 UTC 2022 - Michael Vetter - Update to 0.5.2: Added: * Reply to disco#info queries. * Send service-unavailable errors for all other IQs of type get and set. * New config option and command line flag alias to uncouple MUC nickname/alias from resource. Changed: * Ox: Improve error messages for failed key requests. * Ox: Do not encrypt empty messages. * Check for empty messages. * Always look up CNAME before doing SRV lookups (via xmppsrv v0.2.3). * Detect CNAME loops (max. 5 CNAMEs) (via xmppsrv >= v0.2.4). * Deprecate resource config option and command line flag. * Improve error handling in XML parsing. * Don't connect to the XMPP server if the message is empty. ------------------------------------------------------------------- Thu Aug 4 13:52:01 UTC 2022 - Michael Vetter - Initial package of go-sendxmpp 0.5.1 for openSUSE