• chevron_right

    OpenPGP mit XMPP - Wie funktioniert dies eigentlich?

    DebXWoody · Sunday, 2 August - 08:42 · 1 minute

Um Nachrichten zu signierten und / oder zu verschlüssel kann bei XMPP OpenPGP verwendet werden. Die Erweiterung wird in XEP-0373: OpenPGP for XMPP (OX) beschrieben.

Wie funktioniert dies?

Alle Teilnehmer besitzt je ein Schlüsselpaar. Also einen private und einen öffentlich Schlüssel. Wem dies noch nicht bekannt ist, es gib ein sehr gut gemachtes Video. XEP-0373 beschreibt wie ein XMPP Client einen öffentlichen Schlüssel im "Personal Eventing Protocol" (PEP) abspeichern kann. XMPP Nutzer können so auf das PEP des Kommunikationspartner zugreifen und dessen öffentlichen Schlüssel beziehen.

Im ersten Schritt werden die im PEP gespeicherten öffentlichen Schlüsse abgefragt. Die Rückgabe ist eine Liste der Fingerprints. Danach kann der Client die öffentlichen Schlüssel pro Fingerprint abfragen und importieren.

Wenn der öffentliche Schlüssel des Kommunikationspartner bekannt ist, kann die Kommunikation via OpenPGP erfolgen. I.d.R. sollte man drauf achten, dass man den öffentlichen Schlüssel des Kommunikationspartner signiert hat. Denn nur durch den Abgleich des Fingerprints und des unterschreiben des öffentlichen Schlüssel, kann sichergestellt werden, dass der Schlüssel wirklich der richtige ist.


Ich habe angefangen OX in profanty zu implementieren. Hierzu werden ich demnächst ein kleinen Eintrag im Blog von profanity vornehmen.

#XMPP #OX #Profanity

  • favorite

    1 Like


  • Be chevron_right

    We'll Meet Again, in real life!

    debacle · / berlin-xmpp-meetup · Monday, 6 July - 18:12 edit

We'll Meet Again, in real life!

This time, we will enjoy socialising and talking about this and that and XMPP. We meet outside of xHain using their chairs on the pavement. We will keep 2 meters of physical distance and use cloth face masks when entering xHain.

When? Wednesday, 2020-07-08 18:00 CEST (always 2ⁿᵈ Wednesday of every month)

Where? Pavement in front of xHain hack+makespace, Grünberger Str. 16, 10243 Berlin (as formerly)

Please respect the xHain "house rules"!

See you then!

Or join our non-physical room (!

#xmpp #community #xhain #freesoftware #berlin #meetup #federation #fediverse

  • favorite

    1 Like


Profanity 0.9.0 wurde released!

Four months and 350 commits after 0.8.1 we are happy to release 0.9.0.

profanity ist ein XMPP Client für die console mit sehr vielen coole Funktionen.

#XMPP #profanity #Messenger #IM #Linux #console

  • link

    Profanity 0.9.0

    Four months and 350 commits after 0.8.1 we are happy to release 0.9.0. 7 people contributed code to it: pasis, wstrm, DebXWoody, toogley, pmaziere, moppman and jubalh. Thanks to everybody who was involved, be it testing, writing documentation, updating the website or whatever you did! I also would like to express my gratitude to my sponsors mdosch and wstrm! LMC We support XEP-0308: Last Message Correction now. Enable it with /correction on.

  • favorite

    2 Like

    debacle , DebXWoody

  • Pr chevron_right

    Profanity 0.9.0 / profanity-blog · Tuesday, 9 June - 13:46 edit · 5 minutes

Four months and 350 commits after 0.8.1 we are happy to release 0.9.0 .

7 people contributed code to it: pasis , wstrm , DebXWoody , toogley , pmaziere , moppman and jubalh .

Thanks to everybody who was involved, be it testing, writing documentation, updating the website or whatever you did! I also would like to express my gratitude to my sponsors mdosch and wstrm !



We support XEP-0308: Last Message Correction now. Enable it with /correction on . If you mistyped a word just type /correct and hit tab to autocomplete the last sent message, then fix it and press enter.


In our MUC we often see messages like “q/uit” or people having whitespaces before a command " /quit”. To help you to avoid such mistakes we introduce slashguard. Once enabled ( /slashguard on ) Profanity won’t send messages that contain a backslash in the first four letters.

New parameters

You can specify a logfile upon startup via the new -f option: profanity -f TEST will log to ~/.local/share/profanity/logs/TEST.log .

Hopefully this is useful for our testers!

The new -t option will let you select a theme right at startup: /profanity -t bios . This is useful if you run multiple instances of Profanity. Maybe you have multiple accounts and want to visually destinguish between them.

Did you know we have a blogpost that should help you create such a setup with tmux?


Previously you could choose whether to display the MUC name or MUC title in the titlebar. Now you can choose to do both or neither. /titlebar use name|jid became /titlebar show|hide name|jid .

What software is this server running?

You can now use XEP-0092 not just to request client software information but also server software information. Use /serversoftware .


You can now colorize your trackbar by using main.trackbar in your theme.

And you can use UTF-8 symbols as your OMEMO char.

You can now choose not to colorize your own nick if you enabled XEP-0392. Use /color own off if you want consistent color generation for everybody else but not for yourself.

MUC history messages were colored in one uniform color (grey by default). Many users would just like to get the same coloring and hilighting for freshly received messages. So we removed the uniform color feature #1261 .

And there is a new theme based on default: jubalian. Check it out ;)


Avatars can not only be downloaded but also opened automatically now. In 0.8.x you used /avatar . Now you can either just download it /avatar get or open it: /avatar open .

By default we rely on xdg-open, so your default image viewer will be used. But you can choose to configure it yourself. For example to use feh instead: /executable avatar feh

Open URLs

People often had issues with URLs that were too long and then broken into several lines. If they were in a MUC and had the occupants panel enabled, this made it impossible to click on the URL to open it because it was not one consecutive string.

If you run Profanity locally (not on a remote machine where you log in via ssh) you can use use /urlopen to open an URL in your browser.

We use xdg-open again. But you can configure it with /executable urlopen firefox .


OMEMO autocompletion had some quirks. We fixed them! We also stopped requesting the device list in non anon MUCs.


Sometimes it happened that you scroll up a window to read up on something. Then switch to another application and later forget that you actually scrolled up. Why is noone saying anything in this MUC anymore?

In this version of Profanity we display a hint in the titlebar if a window is scrolled. Use titlebar.scrolled to theme it.

Legacy authentication

Some servers still only allow legacy authentication #1236 . If you want to connect to them you will need libstrophe 0.9.3 and Profanity 0.9.0.

Use /connect <account> [auth default|legacy] or /account <account> set auth default|legacy .

Too many tabs

In case you many opened windows you might want to only display the ones that have something going on in them. Use /statusbar show|hide read to configure this to your liking.


We now print the boomark names when using /bookmark list . You can also now add a name when using /bookmark add .

Gajim uses a custom way to save whether (autojoined) bookmarks should be minimized. When we updated a bookmark in Profanity we didn’t respect this flag and it was overwritten. Now Profanity works nicer with Gajim #1326 .

When you use multiple clients you probalby have some MUCs that you want to join on all devices. You use the autojoin flag for these cases. If you want to ignore the autojoin flag in a Profanity instance you can use /bookmark ignore .

Narrow terminals

We can’t support all edge cases and users will need to have a reasonable window size to use Profanity properly. We fixed a bug about a messed up titlebar if a user had a very long resource name #715 .

Change in default settings

To give a better experience to new users we changed the default settings for some popular features.

  • Allow message correction
  • Send receipts
  • Enable carbons
  • Enable type/chat states

Under the hood

Plenty of memory leaks where discovered and fixed. Profanity should run a lot smoother now. The UI and message functions were cleaned up in preparation to add MAM support.

Messages are now logged in an sqlite database which is located at ~/.local/share/profanity/database/accountname/chatlog.db . All later retrieval (history) is done using this database from now on. We still output regular chat logs in ~/.local/share/profanity/chatlogs if the user enabled it ( /loggin chat|group on ) but don’t rely on them anymore. They are just for the users convenience.

This will also benefit us when implementing message searching #206 or MAM #660 for example.

We always send delivery receipts and not just if the other client advertises it #1268 .

Some users experienced connectivity problems. Several things were done by DebXWoody to improve this.

We also had an edge case where the roster only displayed offline contacts because we received the presence after the roster.

Značky: #XMPP

  • chevron_right

    Linker - LD_LIBRARY_PATH

    DebXWoody · Sunday, 7 June - 11:16 · 1 minute

Ich habe gestern angefangen meine XEP Implementierungen in eine eigene lib zu ziehen. Ich habe wenig Lust immer alles in die verschieden Anwendungen nachzuziehen :-) Dabei bin ich auf folgendes gekommen,...

‎Wenn ich eine Anwendung bauen will, bei der die shared lib nicht in den Verzeichnissen von ld liegt, dann kommt es bei der Ausführung zu einem Fehler (kann die shared lib nicht finden). Mit der Variable LD_LIBRARY_PATH kann man das Problem beheben.

Beispiel Ich baue eine Anwendung mit folgendem Befehl:

 gcc `pkg-config --cflags --libs libstrophe` `gpgme-config --libs --cflags`  -I../ ../.libs/ -o XEP-0030-disco XEP-0030-disco.c

libcxmppx ist meine lib, die ich lokal entwickel und nicht im System ist. Wenn ich die Anwendung ausführe, dann kommt:

./XEP-0030-disco: error while loading shared libraries: cannot open shared object file: No such file or directory

Bei der Ausführung der Anwendung guckt (Was auch immer die ELF ausführt) nach der lib, findet die aber nicht im System (/etc/ Also setzte ich die Variable export LD_LIBRARY_PATH=../.libs/. Dann bekomme ich auch meine Anwendung zum laufen:

‎./XEP-0030-disco user pwd jid
Abfrage <iq id="c3d05d07-af84-410d-84f8-58483af7e584" to= ....


Kaidan is a user-friendly and modern chat app for every device. It uses the open communication protocol XMPP (Jabber). Unlike other chat apps, you are not dependent on one specific service provider.

Kaidan does not have all basic features yet and has still some stability issues. But we do our best to improve it!

  • Mo chevron_right

    Chat picture resolver and Telegram stickers

    Timothée Jaussoin · / Movim · Friday, 15 May - 07:50 edit · 3 minutes

Movim 0.18 is planned to be released soon.

In the meantime, let's have a look at one specific feature that is really useful when you integrate Movim with the Spectrum2 - Telegram bridge.

For those that are not aware, XMPP can connect to other chat networks using tools called "transport". One of the most used is called Spectrum2 and can connect to many other networks thanks to its libpurple support.

Telegram transport setup

What will we do here is:

  • Setup telegram-purple in Spectrum2 on Debian
  • Connect it to a XMPP server (here ejabberd)
  • Adapt the transport to integrate with Movim

Setup Spectrum2 and telegram-purple

Here I will not detail the basic installation, the official Spectrum2 documentation is pretty complete.

Once the repository is setup, please install the base package and the libpurple module:

apt install spectrum2 spectrum2-backend-libpurple

For telegram-purple the README is also quite complete

Create a Telegram transport

Once all the packages are setup, we will create a transport configuration file. You can reuse the spectrum.cfg.example located in the /etc/spectrum2/transports/ as a base.

# nano /etc/spectrum2/transports/spectrum_telegram.cfg

This is basically the config file that I used for my own transport:

server_mode = 0

jid =
password = spectrumpassword
server =
port = 5347
backend_host =




name=Telegram Transport

config = /etc/spectrum2/logging.cfg
backend_config = /etc/spectrum2/backend-logging.cfg

type = sqlite3


When Spectrum2 will connect to the Telegram network, the stickers will be downloaded as files on the server. By default an ugly path is simply sent to the XMPP clients. We will turn it to a proper URL and let Movim to its magic.

To do that we need to configure the Web Storage module. You can also find more documentation about it there.


It's pretty self explanatory. The downloaded stickers will be put in the web_directory directory. The second parameter, web_url, is basically telling Spectrum2 how to general its URL before sending them in the messages.

Configure ejabberd

Then we need to add a new service in our ejabberd.yml configuration file.

    port: 5347
    module: ejabberd_service
    access: all
    ip: ""
    global_routes: false
        password: "spectrumpassword"

Once everything is setup, restart Spectrum2 and ejabberd. For Spectrum2 you can do it using spectrum2_manager or a dedicated systemd configuration file.

Configure our web server

We then need to expose those files to the web. A simple nginx configuration will handle it.

server {

    listen 443 ssl http2;
    listen [::]:443 ssl http2;


    root /home/movim/upload;

    location /spectrum {
        alias /home/movim/movim/spectrum;

Fix the nasty file rights with Incron

If you start to use your Telegram transport at this point you'll notice that the stickers URLs are returning a 403 Forbidden error.

Indeed, Spectrum2 is writting the files in the directory using it's own rights. And this can't be configured.

We will then use another useful tool called Incron. This tool works like CRON but instead of working on time events, it works on file events.

You can find a pretty complete documentation there.

apt install incron 
nano /etc/incron.allow # add your spectrum user there
sudo -su spectrum
incrontab -e

In the incrontab file well then change dynamicaly the rights of the files once they are wrote in the directory (check the documentation for more details).

/home/movim/upload/spectrum   IN_CLOSE_WRITE          chmod 664 $@/$#

Enjoy your nice Telegram stickers in Movim

In Movim, nothing more to do. With the version 0.18, Movim will try to resolve the incoming messages that contains a URL and see if it's a valid picture. Which is the case for Telegram stickers.

Telegram stickers displayed in the Movim chat

You can also note that it works for any other incoming picture URL, including those sent using Conversations or other XMPP clients.

That's all folks!

#telegram #xmpp #movim #transport #stickers #ejabberd #admin

  • favorite

    7 Like

    Felipe , Slavko , debacle , Marzanna , U , Sandeep , norz


  • 15 May ThurahT

    Fantastic that libpurpl is still useful : ) I hope the bridge works out, not that I have any telegram contacts.

  • chevron_right

    y sin embargo se mueve,

    xikufrancesc · Wednesday, 13 May - 02:59

Nada que envidiar este modelo de Movim sobre los demás.

La agradable sorpresa de como el protocolo #xmpp puede dar mucho mas que la mensajería por si sola. Y sin descartar que todavía se le puede extender y añadir mas funciones por que así lo permite el propio protocolo.

Muy de primera mano quiero seguir este modelo de red, suscripción y participación.