ao2-client/src/widgets, branch master AO2 client fork Integrate the keyring into UI 2026-03-29T22:22:25+00:00 Osmium Sorcerer os@sof.beauty 2026-03-22T18:51:12+00:00 b1ad938c37f4e175e5509f727d1033b074b134d4 Add "Keyring" tab to the options dialog. The tab displays the keys from the table model (notes and certificates) and lets users create and delete keys. Key generation dialog includes passphare confirmation and a note. 
Add "Keyring" tab to the options dialog. The tab displays the keys from
the table model (notes and certificates) and lets users create and
delete keys.

Key generation dialog includes passphare confirmation and a note.
Add the keyring for secret key management 2026-03-29T22:22:25+00:00 Osmium Sorcerer os@sof.beauty 2026-03-22T18:40:15+00:00 4274f5036004ae6d3db0e88c8e28eb78c6e37d27 The keyring provides the system to store secret keys in an encrypted format, create and delete keys, display public keys and notes for the user, and use these keys to peform public-key authentication on servers. Keyring is serialized into `keyring.cbor` in the application directory. It's a CBOR map with keys being key IDs (fingerprints), and the values are key entries, the schema of which looks like this: key-entry { 0 => uint, ; Algorithm tag, 1 byte 1 => text, ; Comment/note for the key 2 => bytes, ; Public key (certificate), 32 bytes 3 => bytes ; Encrypted and authenticated secret key (AEAD payload) } Key fingerprint is `BLAKE2b-256(tag || public_key)`, where `||` denotes concatenation of byte strings. Encrypted payload is a fixed binary structure (field sizes in bytes): Version(1) Salt(16) Opslimit(4) Memlimit(4) Alg(1) Ciphertext(32) MAC(16) Upon key generation, a new secret key is created, sourced from a secure RNG. The wrap key is derived from the passphrase using Argon2 with the specified iterations, memory cost, variant (3 iterations, 1 GB of memory, Argon2id), and 16 bytes of randomly generated unique salt. This wrap key is used with ChaCha20-Poly1305 to encrypt the secret key, with all the prior fields as additional authenticatied data and all-zero nonce (the uniqueness is already provided by the salt). The key pairs are X25519, used specifically for key exchange. When the server sends the ephemeral public key as a challenge, the client uses `unlock_and_auth` function with the key corresponding to the right certificate. After entering the correct passphrase, the secret key is decrypted and used to derive a shared secret with the server's ephemeral key. The client then responds with: BLAKE2b-256("Einsof-Auth-DHCR" || shared_secret || challenge || certificate || username) Where the first string is provided for domain separation, shared secret proves possession of the secret key, and other parameters are hashed in to bind this authentication attempt to the current session (via random challenge), identity (via public key and username), and transcript. Note on canonicalization: all fields but last are fixed-length, concatenation here is unambiguous. The server, in turn, performs the same opeations, except the shared secret is derived from the server's ephemeral secret and the client's public key. Naturally, username and public key must be correct. If the response matches, the server authenticates the client. The client never transmits its secret. This scheme is essentially deriving a session secret and computing MAC over the transcript with that secret to prove authenticity. It serves as a simple identification protocol. Unlike digital signatures, it's interactive, valid only in the context of a single authentication attempt, and only between two participants involved. Signatures, in contrast, are valid everywhere, for everyone, and they require additional nonces and context. In fact, they're interactive identification protocols turned non-interactive, so forcing them back into this setting is unnecessary complexity. The primitives are fixed: X25519 for key exchange, Argon2 for password-based key derivation, ChaCha20-Poly1305 for encryption, BLAKE2b for hashing. Provided by libsodium. Simplicity is key. There's no flexibility, negotiation, or compatibility, and it'll hopefully stay this way. Unless you're worried about quantum computers appearing tomorrow and attacking a niche AO implementation, in which case I'll add the ML-KEM variant just for you. 
The keyring provides the system to store secret keys in an encrypted
format, create and delete keys, display public keys and notes for the
user, and use these keys to peform public-key authentication on servers.

Keyring is serialized into `keyring.cbor` in the application directory.
It's a CBOR map with keys being key IDs (fingerprints), and the values
are key entries, the schema of which looks like this:

key-entry {
  0 => uint,   ; Algorithm tag, 1 byte
  1 => text,   ; Comment/note for the key
  2 => bytes,  ; Public key (certificate), 32 bytes
  3 => bytes   ; Encrypted and authenticated secret key (AEAD payload)
}

Key fingerprint is `BLAKE2b-256(tag || public_key)`, where `||` denotes
concatenation of byte strings.

Encrypted payload is a fixed binary structure (field sizes in bytes):

  Version(1)
  Salt(16)
  Opslimit(4)
  Memlimit(4)
  Alg(1)
  Ciphertext(32)
  MAC(16)

Upon key generation, a new secret key is created, sourced from a secure
RNG. The wrap key is derived from the passphrase using Argon2 with
the specified iterations, memory cost, variant (3 iterations, 1 GB of
memory, Argon2id), and 16 bytes of randomly generated unique salt. This
wrap key is used with ChaCha20-Poly1305 to encrypt the secret key, with
all the prior fields as additional authenticatied data and all-zero
nonce (the uniqueness is already provided by the salt).

The key pairs are X25519, used specifically for key exchange. When the
server sends the ephemeral public key as a challenge, the client uses
`unlock_and_auth` function with the key corresponding to the right
certificate. After entering the correct passphrase, the secret key is
decrypted and used to derive a shared secret with the server's ephemeral
key. The client then responds with:

  BLAKE2b-256("Einsof-Auth-DHCR" || shared_secret || challenge
              || certificate || username)

Where the first string is provided for domain separation, shared secret
proves possession of the secret key, and other parameters are hashed in
to bind this authentication attempt to the current session (via random
challenge), identity (via public key and username), and transcript.

Note on canonicalization: all fields but last are fixed-length,
concatenation here is unambiguous.

The server, in turn, performs the same opeations, except the shared
secret is derived from the server's ephemeral secret and the client's
public key. Naturally, username and public key must be correct. If the
response matches, the server authenticates the client. The client never
transmits its secret.

This scheme is essentially deriving a session secret and computing MAC
over the transcript with that secret to prove authenticity. It serves as
a simple identification protocol. Unlike digital signatures, it's
interactive, valid only in the context of a single authentication
attempt, and only between two participants involved. Signatures, in
contrast, are valid everywhere, for everyone, and they require
additional nonces and context. In fact, they're interactive
identification protocols turned non-interactive, so forcing them back
into this setting is unnecessary complexity.

The primitives are fixed: X25519 for key exchange, Argon2 for
password-based key derivation, ChaCha20-Poly1305 for encryption, BLAKE2b
for hashing. Provided by libsodium.

Simplicity is key. There's no flexibility, negotiation, or
compatibility, and it'll hopefully stay this way. Unless you're worried
about quantum computers appearing tomorrow and attacking a niche AO
implementation, in which case I'll add the ML-KEM variant just for you.
Support Secure WebSocket 2026-03-29T22:22:25+00:00 Osmium Sorcerer os@sof.beauty 2026-03-22T17:57:13+00:00 79c2262cae02b513aee70943f7e07a9205316bdf Add full WSS support to public server list (using wss_port, overriding insecure port), favorite servers list, and direct connections, and show which servers are secure. Revert the upstream's removal of `legacy` ServerInfo field, as I use it to filter out legacy servers. To differentiate schemes, the `scheme` field is used, either "ws" or "wss". I don't see the reason to add "tcp" protocol when we don't even support it. For the UI, add icons for secure and insecure connections. Highlight secure servers with a green background. In the favorite server dialog, a checkbox was added to select whether the server is using WSS. In the direct connection dialog, support "wss" scheme and default ports: 80 for WS, 443 for WSS, as per the WebSocket specification. 
Add full WSS support to public server list (using wss_port, overriding
insecure port), favorite servers list, and direct connections, and show
which servers are secure.

Revert the upstream's removal of `legacy` ServerInfo field, as I use it
to filter out legacy servers. To differentiate schemes, the `scheme`
field is used, either "ws" or "wss". I don't see the reason to add "tcp"
protocol when we don't even support it.

For the UI, add icons for secure and insecure connections. Highlight
secure servers with a green background.

In the favorite server dialog, a checkbox was added to select whether
the server is using WSS.

In the direct connection dialog, support "wss" scheme and default ports:
80 for WS, 443 for WSS, as per the WebSocket specification.
Fix warnings and deprecated functions 2026-03-29T22:22:25+00:00 Osmium Sorcerer os@sof.beauty 2026-03-22T17:44:46+00:00 d4e99dcee4f48bcb34e6f6a38d5bae4fa380c841 - For QCheckBox: stateChanged -> checkStateChanged - QChar(PREANIM) -> QLatin1Char(PREANIM) - Unused result on demo_file.open() - QPointer include was missing from lobby.h - Missing const and override qualifiers 
- For QCheckBox: stateChanged -> checkStateChanged

- QChar(PREANIM) -> QLatin1Char(PREANIM)

- Unused result on demo_file.open()

- QPointer include was missing from lobby.h

- Missing const and override qualifiers
Rewrite audio engine: replace BASS with miniaudio 2026-03-29T22:22:25+00:00 Osmium Sorcerer os@sof.beauty 2026-03-24T02:56:23+00:00 3f6fb17deddd1b366d16db5a2531c82407ced9db SFX and blip players largely remain the same. For the music player, we now have to implement network streaming natively, we no longer have a convenient function that did everything for us. I introduced QNetworkRequest to download the stream in memory and signal when it's ready to be decoded and played back. The size is guarded to prevent the client from accidentally downloading terabytes of audio. Delete QFutureWatcher, we no longer need it for concurrency. miniaudio uses a separate audio thread. Network donwloads and communication with the track name display are handled by Qt signals. Also, delete an odd "music.txt" feature. Its purpose was specifying offsets for loops in a text file per track, but it remained obscure and unused in practice. Unsupported: - Large streams, including unbounded ones (radio). We'll need a ring buffer for that, and a mechanism to write to it from the network and feed it to the audio thread. - Effect flags: fade in, fade out, sync pos. Ignored. - Audio device selection. 
SFX and blip players largely remain the same.

For the music player, we now have to implement network streaming
natively, we no longer have a convenient function that did everything
for us. I introduced QNetworkRequest to download the stream in memory
and signal when it's ready to be decoded and played back. The size is
guarded to prevent the client from accidentally downloading terabytes of
audio.

Delete QFutureWatcher, we no longer need it for concurrency. miniaudio
uses a separate audio thread. Network donwloads and communication with
the track name display are handled by Qt signals.

Also, delete an odd "music.txt" feature. Its purpose was specifying
offsets for loops in a text file per track, but it remained obscure and
unused in practice.

Unsupported:

- Large streams, including unbounded ones (radio). We'll need a ring
  buffer for that, and a mechanism to write to it from the network and
  feed it to the audio thread.

- Effect flags: fade in, fade out, sync pos. Ignored.

- Audio device selection.
Double scaling factor (#1104) 2026-02-06T15:09:21+00:00 stonedDiscord Tukz@gmx.de 2026-02-06T15:09:21+00:00 1176bb5fece1e1b2c8c0c1113cfbfe33efb2a673 * float scaling * float scaling factor * aooptions float * doublespinbox * header file double * double it up * clamp to 0.1 
* float scaling

* float scaling factor

* aooptions float

* doublespinbox

* header file double

* double it up

* clamp to 0.1
 Close punishment dialog when the user leaves (#1097) 2025-05-08T19:21:37+00:00 Salanto 62221668+Salanto@users.noreply.github.com 2025-05-08T19:21:37+00:00 4db979187386326df64b9359b8de5e90468f7fc3 * Close punishment dialog when the user leaves Prevents silly moments where the wrong person gets banned/kicked * Fix formatting --------- Co-authored-by: stonedDiscord <Tukz@gmx.de> 
* Close punishment dialog when the user leaves

Prevents silly moments where the wrong person gets banned/kicked

* Fix formatting

---------

Co-authored-by: stonedDiscord <Tukz@gmx.de>
 Explicitly set app icon on widgets (#1098) 2025-05-08T07:06:47+00:00 Salanto 62221668+Salanto@users.noreply.github.com 2025-05-08T07:06:47+00:00 cde34538dc6045223c965958535218a38d22b2ee 






Merge branch 'master' into cleanup
2025-01-13T23:30:28+00:00

in1tiate
32779090+in1tiate@users.noreply.github.com

2025-01-13T23:30:28+00:00

a9e2ea19508ceb120fbe8a570d35e651c15f819a












don't filter out information we have anyway (#1068)
2025-01-13T23:30:17+00:00

in1tiate
32779090+in1tiate@users.noreply.github.com

2025-01-13T23:30:17+00:00

ed8bc457351005b8590de5a70f8004edcf1635c1