Merge tag 'v1.124.0'

src/chat.rs

@@ -932,9 +932,10 @@ impl ChatId {
             .sql
             .query_map(
                 "SELECT chat_id, count(*) AS n
-                 FROM chats_contacts where contact_id > 9
+                 FROM chats_contacts
+                 WHERE contact_id > ? AND chat_id > ?
                  GROUP BY chat_id",
-                (),
+                (ContactId::LAST_SPECIAL, DC_CHAT_ID_LAST_SPECIAL),
                 |row| {
                     let chat_id: ChatId = row.get(0)?;
                     let size: f64 = row.get(1)?;
@@ -2951,6 +2952,9 @@ pub enum Direction {
 }
 
 /// Searches next/previous message based on the given message and list of types.
+///
+/// Deprecated since 2023-10-03.
+#[deprecated(note = "use `get_chat_media` instead")]
 pub async fn get_next_media(
     context: &Context,
     curr_msg_id: MsgId,

src/contact.rs

@@ -109,7 +109,7 @@ impl ContactId {
 
     /// ID of the contact for device messages.
     pub const DEVICE: ContactId = ContactId::new(5);
-    const LAST_SPECIAL: ContactId = ContactId::new(9);
+    pub(crate) const LAST_SPECIAL: ContactId = ContactId::new(9);
 
     /// Address to go with [`ContactId::DEVICE`].
     ///

src/mimefactory.rs

@@ -678,6 +678,12 @@ impl<'a> MimeFactory<'a> {
                 })
         };
 
+        let get_content_type_directives_header = || {
+            (
+                "Content-Type-Deltachat-Directives".to_string(),
+                "protected-headers=\"v1\"".to_string(),
+            )
+        };
         let outer_message = if is_encrypted {
             headers.protected.push(from_header);
 
@@ -714,10 +720,7 @@ impl<'a> MimeFactory<'a> {
             if !existing_ct.ends_with(';') {
                 existing_ct += ";";
             }
-            let message = message.replace_header(Header::new(
-                "Content-Type".to_string(),
-                format!("{existing_ct} protected-headers=\"v1\";"),
-            ));
+            let message = message.header(get_content_type_directives_header());
 
             // Set the appropriate Content-Type for the outer message
             let outer_message = PartBuilder::new().header((
@@ -786,11 +789,12 @@ impl<'a> MimeFactory<'a> {
             {
                 message
             } else {
+                let message = message.header(get_content_type_directives_header());
                 let (payload, signature) = encrypt_helper.sign(context, message).await?;
                 PartBuilder::new()
                     .header((
-                        "Content-Type".to_string(),
-                        "multipart/signed; protocol=\"application/pgp-signature\"".to_string(),
+                        "Content-Type",
+                        "multipart/signed; protocol=\"application/pgp-signature\"",
                     ))
                     .child(payload)
                     .child(
@@ -1544,6 +1548,7 @@ fn maybe_encode_words(words: &str) -> String {
 #[cfg(test)]
 mod tests {
     use mailparse::{addrparse_header, MailHeaderMap};
+    use std::str;
 
     use super::*;
     use crate::chat::ChatId;
@@ -1552,10 +1557,11 @@ mod tests {
         ProtectionStatus,
     };
     use crate::chatlist::Chatlist;
+    use crate::constants;
     use crate::contact::{ContactAddress, Origin};
     use crate::mimeparser::MimeMessage;
     use crate::receive_imf::receive_imf;
-    use crate::test_utils::{get_chat_msg, TestContext};
+    use crate::test_utils::{get_chat_msg, TestContext, TestContextManager};
     #[test]
     fn test_render_email_address() {
         let display_name = "ä space";
@@ -2204,7 +2210,11 @@ mod tests {
         assert_eq!(part.match_indices("Chat-User-Avatar:").count(), 0);
 
         let part = payload.next().unwrap();
-        assert_eq!(part.match_indices("multipart/mixed").count(), 1);
+        assert_eq!(
+            part.match_indices("multipart/mixed; protected-headers=\"v1\"")
+                .count(),
+            1
+        );
         assert_eq!(part.match_indices("Subject:").count(), 1);
         assert_eq!(part.match_indices("Autocrypt:").count(), 0);
         assert_eq!(part.match_indices("Chat-User-Avatar:").count(), 0);
@@ -2316,4 +2326,37 @@ mod tests {
 
         Ok(())
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_protected_headers_directive() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = tcm.alice().await;
+        let bob = tcm.bob().await;
+        let chat = tcm
+            .send_recv_accept(&alice, &bob, "alice->bob")
+            .await
+            .chat_id;
+
+        // Now Bob can send an encrypted message to Alice.
+        let mut msg = Message::new(Viewtype::File);
+        // Long messages are truncated and MimeMessage::decoded_data is set for them. We need
+        // decoded_data to check presense of the necessary headers.
+        msg.set_text("a".repeat(constants::DC_DESIRED_TEXT_LEN + 1));
+        msg.set_file_from_bytes(&bob, "foo.bar", "content".as_bytes(), None)
+            .await?;
+        let sent = bob.send_msg(chat, &mut msg).await;
+        assert!(msg.get_showpadlock());
+
+        let mime = MimeMessage::from_bytes(&alice, sent.payload.as_bytes(), None).await?;
+        let mut payload = str::from_utf8(&mime.decoded_data)?.splitn(2, "\r\n\r\n");
+        let part = payload.next().unwrap();
+        assert_eq!(
+            part.match_indices("multipart/mixed; protected-headers=\"v1\"")
+                .count(),
+            1
+        );
+        assert_eq!(part.match_indices("Subject:").count(), 1);
+
+        Ok(())
+    }
 }

src/net/http.rs

@@ -4,12 +4,20 @@ use std::time::Duration;
 
 use anyhow::{anyhow, Result};
 use mime::Mime;
+use once_cell::sync::Lazy;
 
 use crate::context::Context;
 use crate::socks::Socks5Config;
 
 const HTTP_TIMEOUT: Duration = Duration::from_secs(30);
 
+static LETSENCRYPT_ROOT: Lazy<reqwest::tls::Certificate> = Lazy::new(|| {
+    reqwest::tls::Certificate::from_der(include_bytes!(
+        "../../assets/root-certificates/letsencrypt/isrgrootx1.der"
+    ))
+    .unwrap()
+});
+
 /// HTTP(S) GET response.
 #[derive(Debug)]
 pub struct Response {
@@ -79,7 +87,10 @@ async fn read_url_inner(context: &Context, url: &str) -> Result<reqwest::Respons
 }
 
 pub(crate) fn get_client(socks5_config: Option<Socks5Config>) -> Result<reqwest::Client> {
-    let builder = reqwest::ClientBuilder::new().timeout(HTTP_TIMEOUT);
+    let builder = reqwest::ClientBuilder::new()
+        .timeout(HTTP_TIMEOUT)
+        .add_root_certificate(LETSENCRYPT_ROOT.clone());
+
     let builder = if let Some(socks5_config) = socks5_config {
         let proxy = reqwest::Proxy::all(socks5_config.to_url())?;
         builder.proxy(proxy)

src/scheduler/connectivity.rs

@@ -1,4 +1,5 @@
 use core::fmt;
+use std::cmp::min;
 use std::{iter::once, ops::Deref, sync::Arc};
 
 use anyhow::{anyhow, Result};
@@ -457,7 +458,8 @@ impl Context {
                                 } else {
                                     "green"
                                 };
-                                ret += &format!("<div class=\"bar\"><div class=\"progress {color}\" style=\"width: {percent}%\">{percent}%</div></div>");
+                                let div_width_percent = min(100, percent);
+                                ret += &format!("<div class=\"bar\"><div class=\"progress {color}\" style=\"width: {div_width_percent}%\">{percent}%</div></div>");
 
                                 ret += "</li>";
                             }