chore(release): prepare for 2.30.0

See the documentation at <https://docs.npmjs.com/trusted-publishers>.
I have removed the token that was used since <https://github.com/chatmail/core/pull/5575>,
created two new GitHub deployment environments and configured
trusted publishing for two packages (see the environment URLs) on https://www.npmjs.com/

.github/workflows/ci.yml

@@ -23,14 +23,15 @@ env:
   RUST_VERSION: 1.91.0
 
   # Minimum Supported Rust Version
-  MSRV: 1.85.0
+  MSRV: 1.88.0
 
 jobs:
   lint_rust:
     name: Lint Rust
     runs-on: ubuntu-latest
+    timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -52,8 +53,9 @@ jobs:
   cargo_deny:
     name: cargo deny
     runs-on: ubuntu-latest
+    timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -66,8 +68,9 @@ jobs:
   provider_database:
     name: Check provider database
     runs-on: ubuntu-latest
+    timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -79,10 +82,11 @@ jobs:
   docs:
     name: Rust doc comments
     runs-on: ubuntu-latest
+    timeout-minutes: 60
     env:
       RUSTDOCFLAGS: -Dwarnings
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -107,6 +111,7 @@ jobs:
           - os: ubuntu-latest
             rust: minimum
     runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
     steps:
       - run:
           echo "RUSTUP_TOOLCHAIN=$MSRV" >> $GITHUB_ENV
@@ -117,7 +122,7 @@ jobs:
         shell: bash
         if: matrix.rust == 'latest'
 
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -155,8 +160,9 @@ jobs:
       matrix:
         os: [ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -180,8 +186,9 @@ jobs:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -202,8 +209,9 @@ jobs:
   python_lint:
     name: Python lint
     runs-on: ubuntu-latest
+    timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -219,6 +227,38 @@ jobs:
         working-directory: deltachat-rpc-client
         run: tox -e lint
 
+  # mypy does not work with PyPy since mypy 1.19
+  # as it introduced native `librt` dependency
+  # that uses CPython internals.
+  # We only run mypy with CPython because of this.
+  cffi_python_mypy:
+    name: CFFI Python mypy
+    needs: ["c_library", "python_lint"]
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+
+      - name: Download libdeltachat.a
+        uses: actions/download-artifact@v6
+        with:
+          name: ubuntu-latest-libdeltachat.a
+          path: target/debug
+
+      - name: Install tox
+        run: pip install tox
+
+      - name: Run mypy
+        env:
+          DCC_RS_TARGET: debug
+          DCC_RS_DEV: ${{ github.workspace }}
+        working-directory: python
+        run: tox -e mypy
+
+
   cffi_python_tests:
     name: CFFI Python tests
     needs: ["c_library", "python_lint"]
@@ -238,15 +278,16 @@ jobs:
           - os: macos-latest
             python: pypy3.10
 
-          # Minimum Supported Python Version = 3.8
+          # Minimum Supported Python Version = 3.10
           # This is the minimum version for which manylinux Python wheels are
           # built. Test it with minimum supported Rust version.
           - os: ubuntu-latest
-            python: 3.8
+            python: "3.10"
 
     runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -271,7 +312,7 @@ jobs:
           DCC_RS_TARGET: debug
           DCC_RS_DEV: ${{ github.workspace }}
         working-directory: python
-        run: tox -e mypy,doc,py
+        run: tox -e doc,py
 
   rpc_python_tests:
     name: JSON-RPC Python tests
@@ -293,13 +334,14 @@ jobs:
           - os: macos-latest
             python: pypy3.10
 
-          # Minimum Supported Python Version = 3.8
+          # Minimum Supported Python Version = 3.10
           - os: ubuntu-latest
-            python: 3.8
+            python: "3.10"
 
     runs-on: ${{ matrix.os }}
+    timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/deltachat-rpc-server.yml

@@ -30,11 +30,11 @@ jobs:
         arch: [aarch64, armv7l, armv6l, i686, x86_64]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
 
       - name: Build deltachat-rpc-server binaries
         run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-linux
@@ -46,6 +46,30 @@ jobs:
           path: result/bin/deltachat-rpc-server
           if-no-files-found: error
 
+  build_linux_wheel:
+    name: Linux wheel
+    strategy:
+      fail-fast: false
+      matrix:
+        arch: [aarch64, armv7l, armv6l, i686, x86_64]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
+
+      - name: Build deltachat-rpc-server wheels
+        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-linux-wheel
+
+      - name: Upload wheel
+        uses: actions/upload-artifact@v5
+        with:
+          name: deltachat-rpc-server-${{ matrix.arch }}-linux-wheel
+          path: result/*.whl
+          if-no-files-found: error
+
   build_windows:
     name: Windows
     strategy:
@@ -54,11 +78,11 @@ jobs:
         arch: [win32, win64]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
 
       - name: Build deltachat-rpc-server binaries
         run: nix build .#deltachat-rpc-server-${{ matrix.arch }}
@@ -70,6 +94,30 @@ jobs:
           path: result/bin/deltachat-rpc-server.exe
           if-no-files-found: error
 
+  build_windows_wheel:
+    name: Windows wheel
+    strategy:
+      fail-fast: false
+      matrix:
+        arch: [win32, win64]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
+
+      - name: Build deltachat-rpc-server wheels
+        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-wheel
+
+      - name: Upload wheel
+        uses: actions/upload-artifact@v5
+        with:
+          name: deltachat-rpc-server-${{ matrix.arch }}-wheel
+          path: result/*.whl
+          if-no-files-found: error
+
   build_macos:
     name: macOS
     strategy:
@@ -79,7 +127,7 @@ jobs:
 
     runs-on: macos-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -105,11 +153,11 @@ jobs:
         arch: [arm64-v8a, armeabi-v7a]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
 
       - name: Build deltachat-rpc-server binaries
         run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-android
@@ -121,9 +169,33 @@ jobs:
           path: result/bin/deltachat-rpc-server
           if-no-files-found: error
 
+  build_android_wheel:
+    name: Android wheel
+    strategy:
+      fail-fast: false
+      matrix:
+        arch: [arm64-v8a, armeabi-v7a]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          show-progress: false
+          persist-credentials: false
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
+
+      - name: Build deltachat-rpc-server wheels
+        run: nix build .#deltachat-rpc-server-${{ matrix.arch }}-android-wheel
+
+      - name: Upload wheel
+        uses: actions/upload-artifact@v5
+        with:
+          name: deltachat-rpc-server-${{ matrix.arch }}-android-wheel
+          path: result/*.whl
+          if-no-files-found: error
+
   publish:
     name: Build wheels and upload binaries to the release
-    needs: ["build_linux", "build_windows", "build_macos"]
+    needs: ["build_linux", "build_linux_wheel", "build_windows", "build_windows_wheel", "build_macos", "build_android", "build_android_wheel"]
     environment:
       name: pypi
       url: https://pypi.org/p/deltachat-rpc-server
@@ -132,11 +204,11 @@ jobs:
       contents: write
     runs-on: "ubuntu-latest"
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
 
       - name: Download Linux aarch64 binary
         uses: actions/download-artifact@v6
@@ -144,42 +216,84 @@ jobs:
           name: deltachat-rpc-server-aarch64-linux
           path: deltachat-rpc-server-aarch64-linux.d
 
+      - name: Download Linux aarch64 wheel
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-aarch64-linux-wheel
+          path: deltachat-rpc-server-aarch64-linux-wheel.d
+
       - name: Download Linux armv7l binary
         uses: actions/download-artifact@v6
         with:
           name: deltachat-rpc-server-armv7l-linux
           path: deltachat-rpc-server-armv7l-linux.d
 
+      - name: Download Linux armv7l wheel
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-armv7l-linux-wheel
+          path: deltachat-rpc-server-armv7l-linux-wheel.d
+
       - name: Download Linux armv6l binary
         uses: actions/download-artifact@v6
         with:
           name: deltachat-rpc-server-armv6l-linux
           path: deltachat-rpc-server-armv6l-linux.d
 
+      - name: Download Linux armv6l wheel
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-armv6l-linux-wheel
+          path: deltachat-rpc-server-armv6l-linux-wheel.d
+
       - name: Download Linux i686 binary
         uses: actions/download-artifact@v6
         with:
           name: deltachat-rpc-server-i686-linux
           path: deltachat-rpc-server-i686-linux.d
 
+      - name: Download Linux i686 wheel
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-i686-linux-wheel
+          path: deltachat-rpc-server-i686-linux-wheel.d
+
       - name: Download Linux x86_64 binary
         uses: actions/download-artifact@v6
         with:
           name: deltachat-rpc-server-x86_64-linux
           path: deltachat-rpc-server-x86_64-linux.d
 
+      - name: Download Linux x86_64 wheel
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-x86_64-linux-wheel
+          path: deltachat-rpc-server-x86_64-linux-wheel.d
+
       - name: Download Win32 binary
         uses: actions/download-artifact@v6
         with:
           name: deltachat-rpc-server-win32
           path: deltachat-rpc-server-win32.d
 
+      - name: Download Win32 wheel
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-win32-wheel
+          path: deltachat-rpc-server-win32-wheel.d
+
       - name: Download Win64 binary
         uses: actions/download-artifact@v6
         with:
           name: deltachat-rpc-server-win64
           path: deltachat-rpc-server-win64.d
 
+      - name: Download Win64 wheel
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-win64-wheel
+          path: deltachat-rpc-server-win64-wheel.d
+
       - name: Download macOS binary for x86_64
         uses: actions/download-artifact@v6
         with:
@@ -198,12 +312,24 @@ jobs:
           name: deltachat-rpc-server-arm64-v8a-android
           path: deltachat-rpc-server-arm64-v8a-android.d
 
+      - name: Download Android wheel for arm64-v8a
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-arm64-v8a-android-wheel
+          path: deltachat-rpc-server-arm64-v8a-android-wheel.d
+
       - name: Download Android binary for armeabi-v7a
         uses: actions/download-artifact@v6
         with:
           name: deltachat-rpc-server-armeabi-v7a-android
           path: deltachat-rpc-server-armeabi-v7a-android.d
 
+      - name: Download Android wheel for armeabi-v7a
+        uses: actions/download-artifact@v6
+        with:
+          name: deltachat-rpc-server-armeabi-v7a-android-wheel
+          path: deltachat-rpc-server-armeabi-v7a-android-wheel.d
+
       - name: Create bin/ directory
         run: |
           mkdir -p bin
@@ -222,38 +348,21 @@ jobs:
       - name: List binaries
         run: ls -l bin/
 
-      # Python 3.11 is needed for tomllib used in scripts/wheel-rpc-server.py
-      - name: Install python 3.12
-        uses: actions/setup-python@v6
-        with:
-          python-version: 3.12
-
       - name: Install wheel
         run: pip install wheel
 
-      - name: Build deltachat-rpc-server Python wheels and source package
+      - name: Build deltachat-rpc-server Python wheels
         run: |
           mkdir -p dist
-          nix build .#deltachat-rpc-server-x86_64-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-armv7l-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-armv6l-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-aarch64-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-i686-linux-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-win64-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-win32-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-arm64-v8a-android-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-armeabi-v7a-android-wheel
-          cp result/*.whl dist/
-          nix build .#deltachat-rpc-server-source
-          cp result/*.tar.gz dist/
+          mv deltachat-rpc-server-aarch64-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-armv7l-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-armv6l-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-i686-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-x86_64-linux-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-win64-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-win32-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-arm64-v8a-android-wheel.d/*.whl dist/
+          mv deltachat-rpc-server-armeabi-v7a-android-wheel.d/*.whl dist/
           python3 scripts/wheel-rpc-server.py x86_64-darwin bin/deltachat-rpc-server-x86_64-macos
           python3 scripts/wheel-rpc-server.py aarch64-darwin bin/deltachat-rpc-server-aarch64-macos
           mv *.whl dist/
@@ -271,7 +380,7 @@ jobs:
             --repo ${{ github.repository }} \
             bin/* dist/*
 
-      - name: Publish deltachat-rpc-client to PyPI
+      - name: Publish deltachat-rpc-server to PyPI
         if: github.event_name == 'release'
         uses: pypa/gh-action-pypi-publish@release/v1
 
@@ -279,13 +388,16 @@ jobs:
     name: Build & Publish npm prebuilds and deltachat-rpc-server
     needs: ["build_linux", "build_windows", "build_macos"]
     runs-on: "ubuntu-latest"
+    environment:
+      name: npm-stdio-rpc-server
+      url: https://www.npmjs.com/package/@deltachat/stdio-rpc-server
     permissions:
       id-token: write
 
       # Needed to publish the binaries to the release.
       contents: write
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -412,5 +524,3 @@ jobs:
         run: |
           ls -lah platform_package
           for platform in *.tgz; do npm publish --provenance "$platform" --access public; done
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/jsonrpc-client-npm-package.yml

@@ -10,11 +10,14 @@ jobs:
   pack-module:
     name: "Publish @deltachat/jsonrpc-client"
     runs-on: ubuntu-latest
+    environment:
+      name: npm-jsonrpc-client
+      url: https://www.npmjs.com/package/@deltachat/jsonrpc-client
     permissions:
       id-token: write
       contents: read
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -37,5 +40,3 @@ jobs:
       - name: Publish
         working-directory: deltachat-jsonrpc/typescript
         run: npm publish --provenance deltachat-jsonrpc-client-* --access public
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/jsonrpc.yml

@@ -16,7 +16,7 @@ jobs:
   build_and_test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/nix.yml

@@ -21,11 +21,11 @@ jobs:
     name: check flake formatting
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
       - run: nix fmt flake.nix -- --check
 
   build:
@@ -80,11 +80,11 @@ jobs:
           #- deltachat-rpc-server-x86_64-android
           #- deltachat-rpc-server-x86-android
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
       - run: nix build .#${{ matrix.installable }}
 
   build-macos:
@@ -101,9 +101,9 @@ jobs:
           # because of <https://github.com/NixOS/nixpkgs/issues/413910>.
           # - deltachat-rpc-server-aarch64-darwin
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
       - run: nix build .#${{ matrix.installable }}

.github/workflows/publish-deltachat-rpc-client-pypi.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/repl.yml

@@ -14,11 +14,11 @@ jobs:
     name: Build REPL example
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
       - name: Build
         run: nix build .#deltachat-repl-win64
       - name: Upload binary

.github/workflows/upload-docs.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
@@ -31,12 +31,12 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
           fetch-depth: 0 # Fetch history to calculate VCS version number.
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
       - name: Build Python documentation
         run: nix build .#python-docs
       - name: Upload to py.delta.chat
@@ -50,12 +50,12 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false
           fetch-depth: 0 # Fetch history to calculate VCS version number.
-      - uses: cachix/install-nix-action@fd24c48048070c1be9acd18c9d369a83f0fe94d7 # v31
+      - uses: cachix/install-nix-action@0b0e072294b088b73964f1d72dfdac0951439dbd # v31
       - name: Build C documentation
         run: nix build .#docs
       - name: Upload to c.delta.chat
@@ -72,7 +72,7 @@ jobs:
         working-directory: ./deltachat-jsonrpc/typescript
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/upload-ffi-docs.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/zizmor-scan.yml

@@ -14,12 +14,12 @@ jobs:
       security-events: write
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           persist-credentials: false
 
       - name: Install the latest version of uv
-        uses: astral-sh/setup-uv@85856786d1ce8acfbcc2f13a5f3fbd6b938f9f41
+        uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244
 
       - name: Run zizmor
         run: uvx zizmor --format sarif . > results.sarif

CHANGELOG.md

@@ -1,5 +1,197 @@
 # Changelog
 
+## [2.30.0] - 2025-12-04
+
+### Features / Changes
+
+- Disable SNI for STARTTLS ([#7499](https://github.com/chatmail/core/pull/7499)).
+- Introduce cross-core testing along with improvements to test frameworking.
+- Synchronize transports via sync messages.
+
+### Fixes
+
+- Fix shutdown shortly after call.
+
+### API-Changes
+
+- Add `TransportsModified` event (for tests).
+
+### CI
+
+- Use "trusted publishing" for NPM packages.
+
+### Miscellaneous Tasks
+
+- deps: Bump actions/checkout from 5 to 6.
+- cargo: Bump syn from 2.0.110 to 2.0.111.
+- deps: Bump astral-sh/setup-uv from 7.1.3 to 7.1.4.
+- cargo: Bump sdp from 0.8.0 to 0.10.0.
+- Remove two outdated todo comments ([#7550](https://github.com/chatmail/core/pull/7550)).
+
+## [2.29.0] - 2025-12-01
+
+### API-Changes
+
+- deltachat-rpc-client: Add Message.exists().
+
+### Features / Changes
+
+- [**breaking**] Increase backup version from 3 to 4.
+- Hide `To` header in encrypted messages.
+- `deltachat_rpc_client.Rpc` accepts `rpc_server_path` for using a particular deltachat-rpc-server ([#7493](https://github.com/chatmail/core/pull/7493)).
+- Don't send `Chat-Group-Avatar` header in unencrypted groups.
+- Don't update `self-{avatar,status}` from received messages ([#7002](https://github.com/chatmail/core/pull/7002)).
+
+### Fixes
+
+- `CREATE INDEX imap_only_rfc724_mid ON imap(rfc724_mid)` ([#7490](https://github.com/chatmail/core/pull/7490)).
+- Use the same webxdc ratelimit for all email servers.
+- Handle the case when account does not exist in `get_existing_msg_ids()`.
+- Don't send self-avatar in unencrypted messages ([#7136](https://github.com/chatmail/core/pull/7136)).
+- Do not configure folders during transport configuration.
+- Upload sync messages only with the primary transport.
+- Do not use deprecated ConfiguredProvider in get_configured_provider.
+
+### Build system
+
+- Make scripts for remote testing usable.
+- Increase minimum supported Python version to 3.10.
+- Use SPDX license expression in Python package metadata.
+
+### CI
+
+- Set timeout-minutes for all jobs in ci.yaml workflow.
+- Do not install Python manually to bulid RPC server wheels.
+- Do not build fake RPC server source packages.
+- Build Python wheels in separate jobs.
+
+### Refactor
+
+- [**breaking**] Remove some unneeded stock strings ([#7496](https://github.com/chatmail/core/pull/7496)).
+- Strike events in rpc-client request handling, get result from queue.
+- Use ConfiguredProvider config directly when loading legacy settings.
+- Remove update_icons and disable_server_delete migrations.
+- Use `SYMMETRIC_KEY_ALGORITHM` constant in `symm_encrypt_message()`.
+- Make signing key non-optional for `pk_encrypt`.
+
+### Tests
+
+- `test_remove_member_bcc`: Test unencrypted group as it was initially.
+
+### Miscellaneous Tasks
+
+- deps: Bump cachix/install-nix-action from 31.8.1 to 31.8.4.
+- cargo: Bump hyper from 1.7.0 to 1.8.1.
+- cargo: Bump human-panic from 2.0.3 to 2.0.4.
+- cargo: Bump hyper-util from 0.1.17 to 0.1.18.
+- cargo: Bump rusqlite from 0.36.0 to 0.37.0.
+- cargo: Bump tokio-util from 0.7.16 to 0.7.17.
+- cargo: Bump toml from 0.9.7 to 0.9.8.
+- cargo: Bump proptest from 1.8.0 to 1.9.0.
+- cargo: Bump parking_lot from 0.12.4 to 0.12.5.
+- cargo: Bump syn from 2.0.106 to 2.0.110.
+- cargo: Bump quick-xml from 0.38.3 to 0.38.4.
+- cargo: Bump rustls-pki-types from 1.12.0 to 1.13.0.
+- cargo: Bump nu-ansi-term from 0.50.1 to 0.50.3.
+- cargo: Bump sanitize-filename from 0.5.0 to 0.6.0.
+- cargo: Bump quote from 1.0.41 to 1.0.42.
+- cargo: Bump libc from 0.2.176 to 0.2.177.
+- cargo: Bump bytes from 1.10.1 to 1.11.0.
+- cargo: Bump image from 0.25.8 to 0.25.9.
+- cargo: Bump rand from 0.9.0 to 0.9.2 ([#7501](https://github.com/chatmail/core/pull/7501)).
+- cargo: Bump tokio from 1.45.1 to 1.48.0.
+
+## [2.28.0] - 2025-11-23
+
+### API-Changes
+
+- New API `get_existing_msg_ids()` to check if the messages with given IDs exist.
+- Add API to get storage usage information. (JSON-RPC method: `get_storage_usage_report_string`) ([#7486](https://github.com/chatmail/core/pull/7486)).
+
+### Features / Changes
+
+- Experimentaly allow adding second transport.
+  There is no synchronization yet, so UIs should not allow the user to change the address manually and only expose the ability to add transports if `bcc_self` is disabled.
+- Default `bcc_self` to 0 for all new accounts.
+- Rephrase "Establishing end-to-end encryption" -> "Establishing connection".
+- Stock string for joining a channel ([#7480](https://github.com/chatmail/core/pull/7480)).
+
+### Fixes
+
+- Limit the range of `Date` to up to 6 days in the past.
+- `ContactId::set_name_ex()`: Emit ContactsChanged when transaction is completed.
+- Set SQLite busy timeout to 1 minute on iOS.
+- Sort system messages to the bottom of the chat.
+- Assign outgoing self-sent unencrypted messages to ad-hoc groups with only SELF ([#7409](https://github.com/chatmail/core/pull/7409)).
+- Add missing stock strings.
+- Look up or create ad-hoc group if there are duplicate addresses in "To".
+
+### Documentation
+
+- Add missing RFC 9788, link 'Header Protection for Cryptographically Protected Email' as other RFC.
+- Remove unsupported RFC 3503 (`$MDNSent` flag) from the list of standards.
+- Mark database encryption support as deprecated ([#7403](https://github.com/chatmail/core/pull/7403)).
+
+### Build system
+
+- Increase Minimum Supported Rust Version to 1.88.0.
+- Update rPGP from 0.17.0 to 0.18.0.
+- nix: Update `fenix` and use it for all Rust builds.
+
+### CI
+
+- Do not use --encoding option for rst-lint.
+
+### Refactor
+
+- Use `HashMap::extract_if()` stabilized in Rust 1.88.0.
+- Remove some easy to remove unwrap() calls.
+
+### Tests
+
+- Contact shalln't be verified by another having unknown verifier.
+
+## [2.27.0] - 2025-11-16
+
+### API-Changes
+
+- Add APIs to stop background fetch.
+- [**breaking**]: rename JSON-RPC method accounts_background_fetch() into background_fetch()
+- rpc-client: Add APIs for background fetch.
+- rpc-client: Add Account.wait_for_msg().
+- Deprecate deletion timer string for '1 Minute'.
+
+### Features / Changes
+
+- Implement RFC 9788 (Header Protection for Cryptographically Protected Email) ([#7130](https://github.com/chatmail/core/pull/7130)).
+- Tweak initial info-message for unencrypted chats ([#7427](https://github.com/chatmail/core/pull/7427)).
+- Add Contact::get_or_gen_color. Use it in CFFI and JSON-RPC to avoid gray self-color ([#7374](https://github.com/chatmail/core/pull/7374)).
+- [**breaking**] Withdraw broadcast invites. Add Qr::WithdrawJoinBroadcast and Qr::ReviveJoinBroadcast QR code types. ([#7439](https://github.com/chatmail/core/pull/7439)).
+
+### Fixes
+
+- Set `get_max_smtp_rcpt_to` for chatmail to the actual limit of 1000 instead of unlimited. ([#7432](https://github.com/chatmail/core/pull/7432)).
+- Always set bcc_self on backup import/export.
+- Escape connectivity HTML.
+- Send webm as file, it is not supported by all UI.
+
+### Build system
+
+- nix: Exclude CONTRIBUTING.md from the source files.
+
+### Refactor
+
+- Use wait_for_incoming_msg() in more tests.
+
+### Tests
+
+- Fix flaky test_send_receive_locations.
+- Port folder-related CFFI tests to JSON-RPC.
+- HP-Outer headers are added to messages with standard Header Protection ([#7130](https://github.com/chatmail/core/pull/7130)).
+- rpc-client: Test_qr_securejoin_broadcast: Wait for incoming message before getting chatlist ([#7442](https://github.com/chatmail/core/pull/7442)).
+- Add pytest fixture for account manager.
+- Test background_fetch() and stop_background_fetch().
+
 ## [2.26.0] - 2025-11-11
 
 ### API-Changes
@@ -7143,3 +7335,7 @@ https://github.com/chatmail/core/pulls?q=is%3Apr+is%3Aclosed
 [2.24.0]: https://github.com/chatmail/core/compare/v2.23.0..v2.24.0
 [2.25.0]: https://github.com/chatmail/core/compare/v2.24.0..v2.25.0
 [2.26.0]: https://github.com/chatmail/core/compare/v2.25.0..v2.26.0
+[2.27.0]: https://github.com/chatmail/core/compare/v2.26.0..v2.27.0
+[2.28.0]: https://github.com/chatmail/core/compare/v2.27.0..v2.28.0
+[2.29.0]: https://github.com/chatmail/core/compare/v2.28.0..v2.29.0
+[2.30.0]: https://github.com/chatmail/core/compare/v2.29.0..v2.30.0

CONTRIBUTING.md

@@ -1,4 +1,4 @@
-# Contributing to Delta Chat
+# Contributing to chatmail core
 
 ## Bug reports
 

Cargo.toml

@@ -1,9 +1,9 @@
 [package]
 name = "deltachat"
-version = "2.26.0"
+version = "2.30.0"
 edition = "2024"
 license = "MPL-2.0"
-rust-version = "1.85"
+rust-version = "1.88"
 repository = "https://github.com/chatmail/core"
 
 [profile.dev]
@@ -78,7 +78,7 @@ num-derive = "0.4"
 num-traits = { workspace = true }
 parking_lot = "0.12.4"
 percent-encoding = "2.3"
-pgp = { version = "0.17.0", default-features = false }
+pgp = { version = "0.18.0", default-features = false }
 pin-project = "1"
 qrcodegen = "1.7.0"
 quick-xml = { version = "0.38", features = ["escape-html"] }
@@ -88,7 +88,7 @@ regex = { workspace = true }
 rusqlite = { workspace = true, features = ["sqlcipher"] }
 rustls-pki-types = "1.12.0"
 sanitize-filename = { workspace = true }
-sdp = "0.8.0"
+sdp = "0.10.0"
 serde_json = { workspace = true }
 serde_urlencoded = "0.7.1"
 serde = { workspace = true, features = ["derive"] }
@@ -194,14 +194,14 @@ nu-ansi-term = "0.50"
 num-traits = "0.2"
 rand = "0.9"
 regex = "1.10"
-rusqlite = "0.36"
-sanitize-filename = "0.5"
+rusqlite = "0.37"
+sanitize-filename = "0.6"
 serde = "1.0"
 serde_json = "1"
 tempfile = "3.23.0"
 thiserror = "2"
 tokio = "1"
-tokio-util = "0.7.16"
+tokio-util = "0.7.17"
 tracing-subscriber = "0.3"
 yerpc = "0.6.4"
 

benches/decrypting.rs

@@ -108,7 +108,7 @@ fn criterion_benchmark(c: &mut Criterion) {
             pk_encrypt(
                 plain.clone(),
                 vec![black_box(key_pair.public.clone())],
-                Some(key_pair.secret.clone()),
+                key_pair.secret.clone(),
                 true,
                 true,
             )

deltachat-ffi/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "2.26.0"
+version = "2.30.0"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"

deltachat-ffi/deltachat.h

@@ -247,7 +247,7 @@ typedef struct _dc_event_emitter dc_accounts_event_emitter_t;
 // create/open/config/information
 
 /**
- * Create a new context object and try to open it without passphrase. If
+ * Create a new context object and try to open it. If
  * database is encrypted, the result is the same as using
  * dc_context_new_closed() and the database should be opened with
  * dc_context_open() before using.
@@ -283,8 +283,13 @@ dc_context_t*   dc_context_new_closed        (const char* dbfile);
 
 
 /**
- * Opens the database with the given passphrase. This can only be used on
- * closed context, such as created by dc_context_new_closed(). If the database
+ * Opens the database with the given passphrase.
+ * NB: Nonempty passphrase (db encryption) is deprecated 2025-11:
+ * - Db encryption does nothing with blobs, so fs/disk encryption is recommended.
+ * - Isolation from other apps is needed anyway.
+ *
+ * This can only be used on closed context, such as
+ * created by dc_context_new_closed(). If the database
  * is new, this operation sets the database passphrase. For existing databases
  * the passphrase should be the one used to encrypt the database the first
  * time.
@@ -301,6 +306,8 @@ int             dc_context_open              (dc_context_t *context, const char*
 
 /**
  * Changes the passphrase on the open database.
+ * Deprecated 2025-11, see `dc_context_open()` for reasoning.
+ *
  * Existing database must already be encrypted and the passphrase cannot be NULL or empty.
  * It is impossible to encrypt unencrypted database with this method and vice versa.
  *
@@ -2578,8 +2585,10 @@ void            dc_stop_ongoing_process      (dc_context_t* context);
 #define         DC_QR_ERROR                  400 // text1=error string
 #define         DC_QR_WITHDRAW_VERIFYCONTACT 500
 #define         DC_QR_WITHDRAW_VERIFYGROUP   502 // text1=groupname
+#define         DC_QR_WITHDRAW_JOINBROADCAST 504 // text1=broadcast name
 #define         DC_QR_REVIVE_VERIFYCONTACT   510
 #define         DC_QR_REVIVE_VERIFYGROUP     512 // text1=groupname
+#define         DC_QR_REVIVE_JOINBROADCAST   514 // text1=broadcast name
 #define         DC_QR_LOGIN                  520 // text1=email_address
 
 /**
@@ -3296,12 +3305,30 @@ void           dc_accounts_maybe_network_lost    (dc_accounts_t* accounts);
  * without forgetting to create notifications caused by timing race conditions.
  *
  * @memberof dc_accounts_t
+ * @param accounts The account manager as created by dc_accounts_new().
  * @param timeout The timeout in seconds
  * @return Return 1 if DC_EVENT_ACCOUNTS_BACKGROUND_FETCH_DONE was emitted and 0 otherwise.
  */
 int            dc_accounts_background_fetch    (dc_accounts_t* accounts, uint64_t timeout);
 
 
+/**
+ * Stop ongoing background fetch.
+ *
+ * Calling this function allows to stop dc_accounts_background_fetch() early.
+ * dc_accounts_background_fetch() will then return immediately
+ * and emit DC_EVENT_ACCOUNTS_BACKGROUND_FETCH_DONE unless
+ * if it has failed and returned 0.
+ *
+ * If there is no ongoing dc_accounts_background_fetch() call,
+ * calling this function does nothing.
+ *
+ * @memberof dc_accounts_t
+ * @param accounts The account manager as created by dc_accounts_new().
+ */
+void           dc_accounts_stop_background_fetch (dc_accounts_t *accounts);
+
+
 /**
  * Sets device token for Apple Push Notification service.
  * Returns immediately.
@@ -7188,11 +7215,6 @@ void dc_event_unref(dc_event_t* event);
 /// Used as device message text.
 #define DC_STR_SELF_DELETED_MSG_BODY      91
 
-/// "'Delete messages from server' turned off as now all folders are affected."
-///
-/// Used as device message text.
-#define DC_STR_SERVER_TURNED_OFF          92
-
 /// "Message deletion timer is set to %1$s minutes."
 ///
 /// Used in status messages.
@@ -7389,19 +7411,6 @@ void dc_event_unref(dc_event_t* event);
 /// @deprecated 2025-06-05
 #define DC_STR_AEAP_ADDR_CHANGED          122
 
-/// "You changed your email address from %1$s to %2$s.
-/// If you now send a message to a group, contacts there will automatically
-/// replace the old with your new address.\n\n It's highly advised to set up 
-/// your old email provider to forward all emails to your new email address. 
-/// Otherwise you might miss messages of contacts who did not get your new 
-/// address yet." + the link to the AEAP blog post
-/// 
-/// As soon as there is a post about AEAP, the UIs should add it:
-/// set_stock_translation(123, getString(aeap_explanation) + "\n\n" + AEAP_BLOG_LINK)
-///
-/// Used in a device message that explains AEAP.
-#define DC_STR_AEAP_EXPLANATION_AND_LINK  123
-
 /// "You changed group name from \"%1$s\" to \"%2$s\"."
 ///
 /// `%1$s` will be replaced by the old group name.
@@ -7518,14 +7527,13 @@ void dc_event_unref(dc_event_t* event);
 
 /// "You set message deletion timer to 1 minute."
 ///
-/// Used in status messages.
+/// @deprecated 2025-11-14, this string is no longer needed
 #define DC_STR_EPHEMERAL_TIMER_1_MINUTE_BY_YOU 142
 
 /// "Message deletion timer is set to 1 minute by %1$s."
 ///
 /// `%1$s` will be replaced by name and address of the contact.
-///
-/// Used in status messages.
+/// @deprecated 2025-11-14, this string is no longer needed
 #define DC_STR_EPHEMERAL_TIMER_1_MINUTE_BY_OTHER 143
 
 /// "You set message deletion timer to 1 hour."
@@ -7651,12 +7659,6 @@ void dc_event_unref(dc_event_t* event);
 /// Used in info messages.
 #define DC_STR_CHAT_PROTECTION_ENABLED 170
 
-/// "%1$s sent a message from another device."
-///
-/// Used in info messages.
-/// @deprecated 2025-07
-#define DC_STR_CHAT_PROTECTION_DISABLED 171
-
 /// "Others will only see this group after you sent a first message."
 ///
 /// Used as the first info messages in newly created groups.
@@ -7693,7 +7695,12 @@ void dc_event_unref(dc_event_t* event);
 /// Used in summaries.
 #define DC_STR_REACTED_BY 177
 
-/// "Establishing guaranteed end-to-end encryption, please wait…"
+/// "Member %1$s removed."
+///
+/// `%1$s` will be replaced by name of the removed contact.
+#define DC_STR_REMOVE_MEMBER 178
+
+/// "Establishing connection, please wait…"
 ///
 /// Used as info message.
 #define DC_STR_SECUREJOIN_WAIT 190
@@ -7737,7 +7744,22 @@ void dc_event_unref(dc_event_t* event);
 /// Subtitle for channel join qrcode svg image generated by the core.
 ///
 /// `%1$s` will be replaced with the channel name.
-#define DC_STR_SECURE_JOIN_CHANNEL_QR_DESC  201
+#define DC_STR_SECURE_JOIN_CHANNEL_QR_DESC 201
+
+/// "You joined the channel."
+#define DC_STR_MSG_YOU_JOINED_CHANNEL 202
+
+/// "%1$s invited you to join this channel. Waiting for the device of %2$s to reply…"
+///
+/// Added as an info-message directly after scanning a QR code for joining a broadcast channel.
+///
+/// `%1$s` and `%2$s` will both be replaced by the name of the inviter.
+#define DC_STR_SECURE_JOIN_CHANNEL_STARTED 203
+
+/// "The attachment contains anonymous usage statistics, which help us improve Delta Chat. Thank you!"
+///
+/// Used as the message body for statistics sent out.
+#define DC_STR_STATS_MSG_BODY 210
 
 /// "Proxy Enabled"
 ///

deltachat-ffi/src/lib.rs

@@ -559,6 +559,7 @@ pub unsafe extern "C" fn dc_event_get_id(event: *mut dc_event_t) -> libc::c_int
         EventType::IncomingCallAccepted { .. } => 2560,
         EventType::OutgoingCallAccepted { .. } => 2570,
         EventType::CallEnded { .. } => 2580,
+        EventType::TransportsModified => 2600,
         #[allow(unreachable_patterns)]
         #[cfg(test)]
         _ => unreachable!("This is just to silence a rust_analyzer false-positive"),
@@ -593,7 +594,8 @@ pub unsafe extern "C" fn dc_event_get_data1_int(event: *mut dc_event_t) -> libc:
         | EventType::AccountsBackgroundFetchDone
         | EventType::ChatlistChanged
         | EventType::AccountsChanged
-        | EventType::AccountsItemChanged => 0,
+        | EventType::AccountsItemChanged
+        | EventType::TransportsModified => 0,
         EventType::IncomingReaction { contact_id, .. }
         | EventType::IncomingWebxdcNotify { contact_id, .. } => contact_id.to_u32() as libc::c_int,
         EventType::MsgsChanged { chat_id, .. }
@@ -681,7 +683,8 @@ pub unsafe extern "C" fn dc_event_get_data2_int(event: *mut dc_event_t) -> libc:
         | EventType::IncomingCallAccepted { .. }
         | EventType::OutgoingCallAccepted { .. }
         | EventType::CallEnded { .. }
-        | EventType::EventChannelOverflow { .. } => 0,
+        | EventType::EventChannelOverflow { .. }
+        | EventType::TransportsModified => 0,
         EventType::MsgsChanged { msg_id, .. }
         | EventType::ReactionsChanged { msg_id, .. }
         | EventType::IncomingReaction { msg_id, .. }
@@ -780,7 +783,8 @@ pub unsafe extern "C" fn dc_event_get_data2_str(event: *mut dc_event_t) -> *mut
         | EventType::AccountsChanged
         | EventType::AccountsItemChanged
         | EventType::IncomingCallAccepted { .. }
-        | EventType::WebxdcRealtimeAdvertisementReceived { .. } => ptr::null_mut(),
+        | EventType::WebxdcRealtimeAdvertisementReceived { .. }
+        | EventType::TransportsModified => ptr::null_mut(),
         EventType::IncomingCall {
             place_call_info, ..
         } => {
@@ -5027,6 +5031,17 @@ pub unsafe extern "C" fn dc_accounts_background_fetch(
     1
 }
 
+#[no_mangle]
+pub unsafe extern "C" fn dc_accounts_stop_background_fetch(accounts: *mut dc_accounts_t) {
+    if accounts.is_null() {
+        eprintln!("ignoring careless call to dc_accounts_stop_background_fetch()");
+        return;
+    }
+
+    let accounts = &*accounts;
+    block_on(accounts.read()).stop_background_fetch();
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_set_push_device_token(
     accounts: *mut dc_accounts_t,

deltachat-ffi/src/lot.rs

@@ -58,8 +58,10 @@ impl Lot {
                 Qr::Text { text } => Some(Cow::Borrowed(text)),
                 Qr::WithdrawVerifyContact { .. } => None,
                 Qr::WithdrawVerifyGroup { grpname, .. } => Some(Cow::Borrowed(grpname)),
+                Qr::WithdrawJoinBroadcast { name, .. } => Some(Cow::Borrowed(name)),
                 Qr::ReviveVerifyContact { .. } => None,
                 Qr::ReviveVerifyGroup { grpname, .. } => Some(Cow::Borrowed(grpname)),
+                Qr::ReviveJoinBroadcast { name, .. } => Some(Cow::Borrowed(name)),
                 Qr::Login { address, .. } => Some(Cow::Borrowed(address)),
             },
             Self::Error(err) => Some(Cow::Borrowed(err)),
@@ -112,8 +114,10 @@ impl Lot {
                 Qr::Text { .. } => LotState::QrText,
                 Qr::WithdrawVerifyContact { .. } => LotState::QrWithdrawVerifyContact,
                 Qr::WithdrawVerifyGroup { .. } => LotState::QrWithdrawVerifyGroup,
+                Qr::WithdrawJoinBroadcast { .. } => LotState::QrWithdrawJoinBroadcast,
                 Qr::ReviveVerifyContact { .. } => LotState::QrReviveVerifyContact,
                 Qr::ReviveVerifyGroup { .. } => LotState::QrReviveVerifyGroup,
+                Qr::ReviveJoinBroadcast { .. } => LotState::QrReviveJoinBroadcast,
                 Qr::Login { .. } => LotState::QrLogin,
             },
             Self::Error(_err) => LotState::QrError,
@@ -138,9 +142,11 @@ impl Lot {
                 Qr::Url { .. } => Default::default(),
                 Qr::Text { .. } => Default::default(),
                 Qr::WithdrawVerifyContact { contact_id, .. } => contact_id.to_u32(),
-                Qr::WithdrawVerifyGroup { .. } => Default::default(),
+                Qr::WithdrawVerifyGroup { .. } | Qr::WithdrawJoinBroadcast { .. } => {
+                    Default::default()
+                }
                 Qr::ReviveVerifyContact { contact_id, .. } => contact_id.to_u32(),
-                Qr::ReviveVerifyGroup { .. } => Default::default(),
+                Qr::ReviveVerifyGroup { .. } | Qr::ReviveJoinBroadcast { .. } => Default::default(),
                 Qr::Login { .. } => Default::default(),
             },
             Self::Error(_) => Default::default(),
@@ -207,11 +213,15 @@ pub enum LotState {
 
     /// text1=groupname
     QrWithdrawVerifyGroup = 502,
+    /// text1=broadcast channel name
+    QrWithdrawJoinBroadcast = 504,
 
     QrReviveVerifyContact = 510,
 
     /// text1=groupname
     QrReviveVerifyGroup = 512,
+    /// text1=groupname
+    QrReviveJoinBroadcast = 514,
 
     /// text1=email_address
     QrLogin = 520,

deltachat-jsonrpc/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "2.26.0"
+version = "2.30.0"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 license = "MPL-2.0"

deltachat-jsonrpc/src/api.rs

@@ -21,9 +21,9 @@ use deltachat::context::get_info;
 use deltachat::ephemeral::Timer;
 use deltachat::imex;
 use deltachat::location;
-use deltachat::message::get_msg_read_receipts;
 use deltachat::message::{
-    self, delete_msgs_ex, markseen_msgs, Message, MessageState, MsgId, Viewtype,
+    self, delete_msgs_ex, get_existing_msg_ids, get_msg_read_receipts, markseen_msgs, Message,
+    MessageState, MsgId, Viewtype,
 };
 use deltachat::peer_channels::{
     leave_webxdc_realtime, send_webxdc_realtime_advertisement, send_webxdc_realtime_data,
@@ -34,6 +34,7 @@ use deltachat::qr_code_generator::{generate_backup_qr, get_securejoin_qr_svg};
 use deltachat::reaction::{get_msg_reactions, send_reaction};
 use deltachat::securejoin;
 use deltachat::stock_str::StockMessage;
+use deltachat::storage_usage::get_storage_usage;
 use deltachat::webxdc::StatusUpdateSerial;
 use deltachat::EventEmitter;
 use sanitize_filename::is_sanitized;
@@ -120,14 +121,14 @@ impl CommandApi {
         }
     }
 
+    async fn get_context_opt(&self, id: u32) -> Option<deltachat::context::Context> {
+        self.accounts.read().await.get_account(id)
+    }
+
     async fn get_context(&self, id: u32) -> Result<deltachat::context::Context> {
-        let sc = self
-            .accounts
-            .read()
+        self.get_context_opt(id)
             .await
-            .get_account(id)
-            .ok_or_else(|| anyhow!("account with id {id} not found"))?;
-        Ok(sc)
+            .ok_or_else(|| anyhow!("account with id {id} not found"))
     }
 
     async fn with_state<F, T>(&self, id: u32, with_state: F) -> T
@@ -273,7 +274,7 @@ impl CommandApi {
     /// The `AccountsBackgroundFetchDone` event is emitted at the end even in case of timeout.
     /// Process all events until you get this one and you can safely return to the background
     /// without forgetting to create notifications caused by timing race conditions.
-    async fn accounts_background_fetch(&self, timeout_in_seconds: f64) -> Result<()> {
+    async fn background_fetch(&self, timeout_in_seconds: f64) -> Result<()> {
         let future = {
             let lock = self.accounts.read().await;
             lock.background_fetch(std::time::Duration::from_secs_f64(timeout_in_seconds))
@@ -283,6 +284,11 @@ impl CommandApi {
         Ok(())
     }
 
+    async fn stop_background_fetch(&self) -> Result<()> {
+        self.accounts.read().await.stop_background_fetch();
+        Ok(())
+    }
+
     // ---------------------------------------------
     // Methods that work on individual accounts
     // ---------------------------------------------
@@ -361,6 +367,13 @@ impl CommandApi {
         ctx.get_info().await
     }
 
+    /// Get storage usage report as formatted string
+    async fn get_storage_usage_report_string(&self, account_id: u32) -> Result<String> {
+        let ctx = self.get_context(account_id).await?;
+        let storage_usage = get_storage_usage(&ctx).await?;
+        Ok(storage_usage.to_string())
+    }
+
     /// Get the blob dir.
     async fn get_blob_dir(&self, account_id: u32) -> Result<Option<String>> {
         let ctx = self.get_context(account_id).await?;
@@ -1290,6 +1303,24 @@ impl CommandApi {
             .collect())
     }
 
+    /// Checks if the messages with given IDs exist.
+    ///
+    /// Returns IDs of existing messages.
+    async fn get_existing_msg_ids(&self, account_id: u32, msg_ids: Vec<u32>) -> Result<Vec<u32>> {
+        if let Some(context) = self.get_context_opt(account_id).await {
+            let msg_ids: Vec<MsgId> = msg_ids.into_iter().map(MsgId::new).collect();
+            let existing_msg_ids = get_existing_msg_ids(&context, &msg_ids).await?;
+            Ok(existing_msg_ids
+                .into_iter()
+                .map(|msg_id| msg_id.to_u32())
+                .collect())
+        } else {
+            // Account does not exist, so messages do not exist either,
+            // but this is not an error.
+            Ok(Vec::new())
+        }
+    }
+
     async fn get_message_list_items(
         &self,
         account_id: u32,

deltachat-jsonrpc/src/api/types/account.rs

@@ -15,7 +15,7 @@ pub enum Account {
         display_name: Option<String>,
         addr: Option<String>,
         // size: u32,
-        profile_image: Option<String>, // TODO: This needs to be converted to work with blob http server.
+        profile_image: Option<String>,
         color: String,
         /// Optional tag as "Work", "Family".
         /// Meant to help profile owner to differ between profiles with similar names.

deltachat-jsonrpc/src/api/types/chat.rs

@@ -69,7 +69,7 @@ pub struct FullChat {
     // but that would be an extra DB query.
     self_in_group: bool,
     is_muted: bool,
-    ephemeral_timer: u32, //TODO look if there are more important properties in newer core versions
+    ephemeral_timer: u32,
     can_send: bool,
     was_seen_recently: bool,
     mailing_list_address: Option<String>,

deltachat-jsonrpc/src/api/types/events.rs

@@ -460,6 +460,15 @@ pub enum EventType {
         /// ID of the chat which the message belongs to.
         chat_id: u32,
     },
+
+    /// One or more transports has changed.
+    ///
+    /// This event is used for tests to detect when transport
+    /// synchronization messages arrives.
+    /// UIs don't need to use it, it is unlikely
+    /// that user modifies transports on multiple
+    /// devices simultaneously.
+    TransportsModified,
 }
 
 impl From<CoreEventType> for EventType {
@@ -642,6 +651,8 @@ impl From<CoreEventType> for EventType {
                 msg_id: msg_id.to_u32(),
                 chat_id: chat_id.to_u32(),
             },
+            CoreEventType::TransportsModified => TransportsModified,
+
             #[allow(unreachable_patterns)]
             #[cfg(test)]
             _ => unreachable!("This is just to silence a rust_analyzer false-positive"),

deltachat-jsonrpc/src/api/types/qr.rs

@@ -157,6 +157,21 @@ pub enum QrObject {
         /// Authentication code.
         authcode: String,
     },
+    /// Ask the user if they want to withdraw their own broadcast channel invite QR code.
+    WithdrawJoinBroadcast {
+        /// Broadcast name.
+        name: String,
+        /// ID, uniquely identifying this chat. Called grpid for historic reasons.
+        grpid: String,
+        /// Contact ID. Always `ContactId::SELF`.
+        contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
+        fingerprint: String,
+        /// Invite number.
+        invitenumber: String,
+        /// Authentication code.
+        authcode: String,
+    },
     /// Ask the user if they want to revive their own QR code.
     ReviveVerifyContact {
         /// Contact ID.
@@ -183,6 +198,21 @@ pub enum QrObject {
         /// Authentication code.
         authcode: String,
     },
+    /// Ask the user if they want to revive their own broadcast channel invite QR code.
+    ReviveJoinBroadcast {
+        /// Broadcast name.
+        name: String,
+        /// Globally unique chat ID. Called grpid for historic reasons.
+        grpid: String,
+        /// Contact ID. Always `ContactId::SELF`.
+        contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
+        fingerprint: String,
+        /// Invite number.
+        invitenumber: String,
+        /// Authentication code.
+        authcode: String,
+    },
     /// `dclogin:` scheme parameters.
     ///
     /// Ask the user if they want to login with the email address.
@@ -306,6 +336,25 @@ impl From<Qr> for QrObject {
                     authcode,
                 }
             }
+            Qr::WithdrawJoinBroadcast {
+                name,
+                grpid,
+                contact_id,
+                fingerprint,
+                invitenumber,
+                authcode,
+            } => {
+                let contact_id = contact_id.to_u32();
+                let fingerprint = fingerprint.to_string();
+                QrObject::WithdrawJoinBroadcast {
+                    name,
+                    grpid,
+                    contact_id,
+                    fingerprint,
+                    invitenumber,
+                    authcode,
+                }
+            }
             Qr::ReviveVerifyContact {
                 contact_id,
                 fingerprint,
@@ -340,6 +389,25 @@ impl From<Qr> for QrObject {
                     authcode,
                 }
             }
+            Qr::ReviveJoinBroadcast {
+                name,
+                grpid,
+                contact_id,
+                fingerprint,
+                invitenumber,
+                authcode,
+            } => {
+                let contact_id = contact_id.to_u32();
+                let fingerprint = fingerprint.to_string();
+                QrObject::ReviveJoinBroadcast {
+                    name,
+                    grpid,
+                    contact_id,
+                    fingerprint,
+                    invitenumber,
+                    authcode,
+                }
+            }
             Qr::Login { address, .. } => QrObject::Login { address },
         }
     }

deltachat-jsonrpc/typescript/package.json

@@ -54,5 +54,5 @@
   },
   "type": "module",
   "types": "dist/deltachat.d.ts",
-  "version": "2.26.0"
+  "version": "2.30.0"
 }

deltachat-jsonrpc/typescript/test/online.ts

@@ -64,6 +64,7 @@ describe("online tests", function () {
     await dc.rpc.setConfig(accountId1, "addr", account1.email);
     await dc.rpc.setConfig(accountId1, "mail_pw", account1.password);
     await dc.rpc.configure(accountId1);
+    await waitForEvent(dc, "ImapInboxIdle", accountId1);
 
     accountId2 = await dc.rpc.addAccount();
     await dc.rpc.batchSetConfig(accountId2, {
@@ -71,6 +72,7 @@ describe("online tests", function () {
       mail_pw: account2.password,
     });
     await dc.rpc.configure(accountId2);
+    await waitForEvent(dc, "ImapInboxIdle", accountId2);
     accountsConfigured = true;
   });
 

deltachat-repl/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "2.26.0"
+version = "2.30.0"
 license = "MPL-2.0"
 edition = "2021"
 repository = "https://github.com/chatmail/core"

deltachat-rpc-client/README.md

@@ -30,6 +30,15 @@ $ pip install .
 
 Additional arguments to `tox` are passed to pytest, e.g. `tox -- -s` does not capture test output.
 
+
+## Activating current checkout of deltachat-rpc-client and -server for development 
+
+Go to root repository directory and run: 
+```
+$ scripts/make-rpc-testenv.sh 
+$ source venv/bin/activate 
+```
+
 ## Using in REPL
 
 Setup a development environment:

deltachat-rpc-client/pyproject.toml

@@ -1,20 +1,18 @@
 [build-system]
-requires = ["setuptools>=45"]
+requires = ["setuptools>=77"]
 build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat-rpc-client"
-version = "2.26.0"
+version = "2.30.0"
+license = "MPL-2.0"
 description = "Python client for Delta Chat core JSON-RPC interface"
 classifiers = [
     "Development Status :: 5 - Production/Stable",
     "Intended Audience :: Developers",
-    "License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)",
     "Operating System :: POSIX :: Linux",
     "Operating System :: MacOS :: MacOS X",
     "Programming Language :: Python :: 3",
-    "Programming Language :: Python :: 3.8",
-    "Programming Language :: Python :: 3.9",
     "Programming Language :: Python :: 3.10",
     "Programming Language :: Python :: 3.11",
     "Programming Language :: Python :: 3.12",
@@ -24,7 +22,7 @@ classifiers = [
     "Topic :: Communications :: Email"
 ]
 readme = "README.md"
-requires-python = ">=3.8"
+requires-python = ">=3.10"
 
 [tool.setuptools.package-data]
 deltachat_rpc_client = [

deltachat-rpc-client/src/deltachat_rpc_client/account.py

@@ -130,6 +130,10 @@ class Account:
         """Add a new transport using a QR code."""
         yield self._rpc.add_transport_from_qr.future(self.id, qr)
 
+    def delete_transport(self, addr: str):
+        """Delete a transport."""
+        self._rpc.delete_transport(self.id, addr)
+
     @futuremethod
     def list_transports(self):
         """Return the list of all email accounts that are used as a transport in the current profile."""

deltachat-rpc-client/src/deltachat_rpc_client/const.py

@@ -80,6 +80,7 @@ class EventType(str, Enum):
     CONFIG_SYNCED = "ConfigSynced"
     WEBXDC_REALTIME_DATA = "WebxdcRealtimeData"
     WEBXDC_REALTIME_ADVERTISEMENT_RECEIVED = "WebxdcRealtimeAdvertisementReceived"
+    TRANSPORTS_MODIFIED = "TransportsModified"
 
 
 class ChatId(IntEnum):

deltachat-rpc-client/src/deltachat_rpc_client/deltachat.py

@@ -4,7 +4,7 @@ from __future__ import annotations
 
 from typing import TYPE_CHECKING
 
-from ._utils import AttrDict
+from ._utils import AttrDict, futuremethod
 from .account import Account
 
 if TYPE_CHECKING:
@@ -39,6 +39,15 @@ class DeltaChat:
         """Stop the I/O of all accounts."""
         self.rpc.stop_io_for_all_accounts()
 
+    @futuremethod
+    def background_fetch(self, timeout_in_seconds: int) -> None:
+        """Run background fetch for all accounts."""
+        yield self.rpc.background_fetch.future(timeout_in_seconds)
+
+    def stop_background_fetch(self) -> None:
+        """Stop ongoing background fetch."""
+        self.rpc.stop_background_fetch()
+
     def maybe_network(self) -> None:
         """Indicate that the network conditions might have changed."""
         self.rpc.maybe_network()

deltachat-rpc-client/src/deltachat_rpc_client/message.py

@@ -60,6 +60,10 @@ class Message:
         """Mark the message as seen."""
         self._rpc.markseen_msgs(self.account.id, [self.id])
 
+    def exists(self) -> bool:
+        """Return True if the message exists."""
+        return bool(self._rpc.get_existing_msg_ids(self.account.id, [self.id]))
+
     def continue_autocrypt_key_transfer(self, setup_code: str) -> None:
         """Continue the Autocrypt Setup Message key transfer.
 

deltachat-rpc-client/src/deltachat_rpc_client/pytestplugin.py

@@ -3,9 +3,14 @@
 from __future__ import annotations
 
 import os
+import pathlib
+import platform
 import random
+import subprocess
+import sys
 from typing import AsyncGenerator, Optional
 
+import execnet
 import py
 import pytest
 
@@ -20,6 +25,18 @@ Currently this is "End-to-end encryption available".
 """
 
 
+def pytest_report_header():
+    for base in os.get_exec_path():
+        fn = pathlib.Path(base).joinpath(base, "deltachat-rpc-server")
+        if fn.exists():
+            proc = subprocess.Popen([str(fn), "--version"], stderr=subprocess.PIPE)
+            proc.wait()
+            version = proc.stderr.read().decode().strip()
+            return f"deltachat-rpc-server: {fn} [{version}]"
+
+    return None
+
+
 class ACFactory:
     """Test account factory."""
 
@@ -40,12 +57,17 @@ class ACFactory:
         username = "ci-" + "".join(random.choice("2345789acdefghjkmnpqrstuvwxyz") for i in range(6))
         return f"{username}@{domain}", f"{username}${username}"
 
+    def get_account_qr(self):
+        """Return "dcaccount:" QR code for testing chatmail relay."""
+        domain = os.getenv("CHATMAIL_DOMAIN")
+        return f"dcaccount:{domain}"
+
     @futuremethod
     def new_configured_account(self):
         """Create a new configured account."""
         account = self.get_unconfigured_account()
-        domain = os.getenv("CHATMAIL_DOMAIN")
-        yield account.add_transport_from_qr.future(f"dcaccount:{domain}")
+        qr = self.get_account_qr()
+        yield account.add_transport_from_qr.future(qr)
 
         assert account.is_configured()
         return account
@@ -77,6 +99,7 @@ class ACFactory:
         ac_clone = self.get_unconfigured_account()
         for transport in transports:
             ac_clone.add_or_update_transport(transport)
+        ac_clone.bring_online()
         return ac_clone
 
     def get_accepted_chat(self, ac1: Account, ac2: Account) -> Chat:
@@ -135,9 +158,15 @@ def rpc(tmp_path) -> AsyncGenerator:
 
 
 @pytest.fixture
-def acfactory(rpc) -> AsyncGenerator:
+def dc(rpc) -> DeltaChat:
+    """Return account manager."""
+    return DeltaChat(rpc)
+
+
+@pytest.fixture
+def acfactory(dc) -> AsyncGenerator:
     """Return account factory fixture."""
-    return ACFactory(DeltaChat(rpc))
+    return ACFactory(dc)
 
 
 @pytest.fixture
@@ -185,3 +214,134 @@ def log():
             print("  " + msg)
 
     return Printer()
+
+
+#
+# support for testing against different deltachat-rpc-server/clients
+# installed into a temporary virtualenv and connected via 'execnet' channels
+#
+
+
+def find_path(venv, name):
+    is_windows = platform.system() == "Windows"
+    bin = venv / ("bin" if not is_windows else "Scripts")
+
+    tryadd = [""]
+    if is_windows:
+        tryadd += os.environ["PATHEXT"].split(os.pathsep)
+    for ext in tryadd:
+        p = bin.joinpath(name + ext)
+        if p.exists():
+            return str(p)
+
+    return None
+
+
+@pytest.fixture(scope="session")
+def get_core_python_env(tmp_path_factory):
+    """Return a factory to create virtualenv environments with rpc server/client packages
+    installed.
+
+    The factory takes a version and returns a (python_path, rpc_server_path) tuple
+    of the respective binaries in the virtualenv.
+    """
+
+    envs = {}
+
+    def get_versioned_venv(core_version):
+        venv = envs.get(core_version)
+        if not venv:
+            venv = tmp_path_factory.mktemp(f"temp-{core_version}")
+            subprocess.check_call([sys.executable, "-m", "venv", venv])
+
+            python = find_path(venv, "python")
+            pkgs = [f"deltachat-rpc-server=={core_version}", f"deltachat-rpc-client=={core_version}", "pytest"]
+            subprocess.check_call([python, "-m", "pip", "install"] + pkgs)
+
+            envs[core_version] = venv
+        python = find_path(venv, "python")
+        rpc_server_path = find_path(venv, "deltachat-rpc-server")
+        print(f"python={python}\nrpc_server={rpc_server_path}")
+        return python, rpc_server_path
+
+    return get_versioned_venv
+
+
+@pytest.fixture
+def alice_and_remote_bob(tmp_path, acfactory, get_core_python_env):
+    """return local Alice account, a contact to bob, and a remote 'eval' function for bob.
+
+    The 'eval' function allows to remote-execute arbitrary expressions
+    that can use the `bob` online account, and the `bob_contact_alice`.
+    """
+
+    def factory(core_version):
+        python, rpc_server_path = get_core_python_env(core_version)
+        gw = execnet.makegateway(f"popen//python={python}")
+
+        accounts_dir = str(tmp_path.joinpath("account1_venv1"))
+        channel = gw.remote_exec(remote_bob_loop)
+        cm = os.environ.get("CHATMAIL_DOMAIN")
+
+        # trigger getting an online account on bob's side
+        channel.send((accounts_dir, str(rpc_server_path), cm))
+
+        # meanwhile get a local alice account
+        alice = acfactory.get_online_account()
+        channel.send(alice.self_contact.make_vcard())
+
+        # wait for bob to have started
+        sysinfo = channel.receive()
+        assert sysinfo == f"v{core_version}"
+        bob_vcard = channel.receive()
+        [alice_contact_bob] = alice.import_vcard(bob_vcard)
+
+        def eval(eval_str):
+            channel.send(eval_str)
+            return channel.receive()
+
+        return alice, alice_contact_bob, eval
+
+    return factory
+
+
+def remote_bob_loop(channel):
+    # This function executes with versioned
+    # deltachat-rpc-client/server packages
+    # installed into the virtualenv.
+    #
+    # The "channel" argument is a send/receive pipe
+    # to the process that runs the corresponding remote_exec(remote_bob_loop)
+
+    import os
+
+    from deltachat_rpc_client import DeltaChat, Rpc
+    from deltachat_rpc_client.pytestplugin import ACFactory
+
+    accounts_dir, rpc_server_path, chatmail_domain = channel.receive()
+    os.environ["CHATMAIL_DOMAIN"] = chatmail_domain
+
+    # older core versions don't support specifying rpc_server_path
+    # so we can't just pass `rpc_server_path` argument to Rpc constructor
+    basepath = os.path.dirname(rpc_server_path)
+    os.environ["PATH"] = os.pathsep.join([basepath, os.environ["PATH"]])
+    rpc = Rpc(accounts_dir=accounts_dir)
+
+    with rpc:
+        dc = DeltaChat(rpc)
+        channel.send(dc.rpc.get_system_info()["deltachat_core_version"])
+        acfactory = ACFactory(dc)
+        bob = acfactory.get_online_account()
+        alice_vcard = channel.receive()
+        [alice_contact] = bob.import_vcard(alice_vcard)
+        ns = {"bob": bob, "bob_contact_alice": alice_contact}
+        channel.send(bob.self_contact.make_vcard())
+
+        while 1:
+            eval_str = channel.receive()
+            res = eval(eval_str, ns)
+            try:
+                channel.send(res)
+            except Exception:
+                # some unserializable result
+                channel.send(None)

deltachat-rpc-client/src/deltachat_rpc_client/rpc.py

@@ -9,7 +9,7 @@ import os
 import subprocess
 import sys
 from queue import Empty, Queue
-from threading import Event, Thread
+from threading import Thread
 from typing import Any, Iterator, Optional
 
 
@@ -17,25 +17,6 @@ class JsonRpcError(Exception):
     """JSON-RPC error."""
 
 
-class RpcFuture:
-    """RPC future waiting for RPC call result."""
-
-    def __init__(self, rpc: "Rpc", request_id: int, event: Event):
-        self.rpc = rpc
-        self.request_id = request_id
-        self.event = event
-
-    def __call__(self):
-        """Wait for the future to return the result."""
-        self.event.wait()
-        response = self.rpc.request_results.pop(self.request_id)
-        if "error" in response:
-            raise JsonRpcError(response["error"])
-        if "result" in response:
-            return response["result"]
-        return None
-
-
 class RpcMethod:
     """RPC method."""
 
@@ -57,20 +38,26 @@ class RpcMethod:
             "params": args,
             "id": request_id,
         }
-        event = Event()
-        self.rpc.request_events[request_id] = event
+        self.rpc.request_results[request_id] = queue = Queue()
         self.rpc.request_queue.put(request)
 
-        return RpcFuture(self.rpc, request_id, event)
+        def rpc_future():
+            """Wait for the request to receive a result."""
+            response = queue.get()
+            if "error" in response:
+                raise JsonRpcError(response["error"])
+            return response.get("result", None)
+
+        return rpc_future
 
 
 class Rpc:
     """RPC client."""
 
-    def __init__(self, accounts_dir: Optional[str] = None, **kwargs):
+    def __init__(self, accounts_dir: Optional[str] = None, rpc_server_path="deltachat-rpc-server", **kwargs):
         """Initialize RPC client.
 
-        The given arguments will be passed to subprocess.Popen().
+        The 'kwargs' arguments will be passed to subprocess.Popen().
         """
         if accounts_dir:
             kwargs["env"] = {
@@ -79,13 +66,12 @@ class Rpc:
             }
 
         self._kwargs = kwargs
+        self.rpc_server_path = rpc_server_path
         self.process: subprocess.Popen
         self.id_iterator: Iterator[int]
         self.event_queues: dict[int, Queue]
-        # Map from request ID to `threading.Event`.
-        self.request_events: dict[int, Event]
-        # Map from request ID to the result.
-        self.request_results: dict[int, Any]
+        # Map from request ID to a Queue which provides a single result
+        self.request_results: dict[int, Queue]
         self.request_queue: Queue[Any]
         self.closing: bool
         self.reader_thread: Thread
@@ -94,27 +80,18 @@ class Rpc:
 
     def start(self) -> None:
         """Start RPC server subprocess."""
+        popen_kwargs = {"stdin": subprocess.PIPE, "stdout": subprocess.PIPE}
         if sys.version_info >= (3, 11):
-            self.process = subprocess.Popen(
-                "deltachat-rpc-server",
-                stdin=subprocess.PIPE,
-                stdout=subprocess.PIPE,
-                # Prevent subprocess from capturing SIGINT.
-                process_group=0,
-                **self._kwargs,
-            )
+            # Prevent subprocess from capturing SIGINT.
+            popen_kwargs["process_group"] = 0
         else:
-            self.process = subprocess.Popen(
-                "deltachat-rpc-server",
-                stdin=subprocess.PIPE,
-                stdout=subprocess.PIPE,
-                # `process_group` is not supported before Python 3.11.
-                preexec_fn=os.setpgrp,  # noqa: PLW1509
-                **self._kwargs,
-            )
+            # `process_group` is not supported before Python 3.11.
+            popen_kwargs["preexec_fn"] = os.setpgrp  # noqa: PLW1509
+
+        popen_kwargs.update(self._kwargs)
+        self.process = subprocess.Popen(self.rpc_server_path, **popen_kwargs)
         self.id_iterator = itertools.count(start=1)
         self.event_queues = {}
-        self.request_events = {}
         self.request_results = {}
         self.request_queue = Queue()
         self.closing = False
@@ -149,9 +126,7 @@ class Rpc:
                 response = json.loads(line)
                 if "id" in response:
                     response_id = response["id"]
-                    event = self.request_events.pop(response_id)
-                    self.request_results[response_id] = response
-                    event.set()
+                    self.request_results.pop(response_id).put(response)
                 else:
                     logging.warning("Got a response without ID: %s", response)
         except Exception:

deltachat-rpc-client/tests/test_cross_core.py

@@ -0,0 +1,44 @@
+import subprocess
+
+import pytest
+
+from deltachat_rpc_client import DeltaChat, Rpc
+
+
+def test_install_venv_and_use_other_core(tmp_path, get_core_python_env):
+    python, rpc_server_path = get_core_python_env("2.24.0")
+    subprocess.check_call([python, "-m", "pip", "install", "deltachat-rpc-server==2.24.0"])
+    rpc = Rpc(accounts_dir=tmp_path.joinpath("accounts"), rpc_server_path=rpc_server_path)
+
+    with rpc:
+        dc = DeltaChat(rpc)
+        assert dc.rpc.get_system_info()["deltachat_core_version"] == "v2.24.0"
+
+
+@pytest.mark.parametrize("version", ["2.24.0"])
+def test_qr_setup_contact(alice_and_remote_bob, version) -> None:
+    """Test other-core Bob profile can do securejoin with Alice on current core."""
+    alice, alice_contact_bob, remote_eval = alice_and_remote_bob(version)
+
+    qr_code = alice.get_qr_code()
+    remote_eval(f"bob.secure_join({qr_code!r})")
+    alice.wait_for_securejoin_inviter_success()
+
+    # Test that Alice verified Bob's profile.
+    alice_contact_bob_snapshot = alice_contact_bob.get_snapshot()
+    assert alice_contact_bob_snapshot.is_verified
+
+    remote_eval("bob.wait_for_securejoin_joiner_success()")
+
+    # Test that Bob verified Alice's profile.
+    assert remote_eval("bob_contact_alice.get_snapshot().is_verified")
+
+
+def test_send_and_receive_message(alice_and_remote_bob) -> None:
+    """Test other-core Bob profile can send a message to Alice on current core."""
+    alice, alice_contact_bob, remote_eval = alice_and_remote_bob("2.20.0")
+
+    remote_eval("bob_contact_alice.create_chat().send_text('hello')")
+
+    msg = alice.wait_for_incoming_msg()
+    assert msg.get_snapshot().text == "hello"

deltachat-rpc-client/tests/test_folders.py

@@ -143,7 +143,7 @@ def test_delete_deltachat_folder(acfactory, direct_imap):
     # Wait until new folder is created and UIDVALIDITY is updated.
     while True:
         event = ac1.wait_for_event()
-        if event.kind == EventType.INFO and "uid/validity change folder DeltaChat" in event.msg:
+        if event.kind == EventType.INFO and "transport 1: UID validity for folder DeltaChat changed from " in event.msg:
             break
 
     ac2 = acfactory.get_online_account()

deltachat-rpc-client/tests/test_multidevice.py

@@ -4,6 +4,41 @@ from deltachat_rpc_client import EventType
 from deltachat_rpc_client.const import MessageState
 
 
+def test_bcc_self_delete_server_after_defaults(acfactory):
+    """Test default values for bcc_self and delete_server_after."""
+    ac = acfactory.get_online_account()
+
+    # Initially after getting online
+    # the setting bcc_self is set to 0 because there is only one device
+    # and delete_server_after is "1", meaning immediate deletion.
+    assert ac.get_config("bcc_self") == "0"
+    assert ac.get_config("delete_server_after") == "1"
+
+    # Setup a second device.
+    ac_clone = ac.clone()
+    ac_clone.bring_online()
+
+    # Second device setup
+    # enables bcc_self and changes default delete_server_after.
+    assert ac.get_config("bcc_self") == "1"
+    assert ac.get_config("delete_server_after") == "0"
+
+    assert ac_clone.get_config("bcc_self") == "1"
+    assert ac_clone.get_config("delete_server_after") == "0"
+
+    # Manually disabling bcc_self
+    # also restores the default for delete_server_after.
+    ac.set_config("bcc_self", "0")
+    assert ac.get_config("bcc_self") == "0"
+    assert ac.get_config("delete_server_after") == "1"
+
+    # Cloning the account again enables bcc_self
+    # even though it was manually disabled.
+    ac_clone = ac.clone()
+    assert ac.get_config("bcc_self") == "1"
+    assert ac.get_config("delete_server_after") == "0"
+
+
 def test_one_account_send_bcc_setting(acfactory, log, direct_imap):
     ac1, ac2 = acfactory.get_online_accounts(2)
     ac1_clone = ac1.clone()

deltachat-rpc-client/tests/test_multitransport.py

@@ -0,0 +1,203 @@
+import pytest
+
+from deltachat_rpc_client import EventType
+from deltachat_rpc_client.rpc import JsonRpcError
+
+
+def test_add_second_address(acfactory) -> None:
+    account = acfactory.new_configured_account()
+    assert len(account.list_transports()) == 1
+
+    # When the first transport is created,
+    # mvbox_move and only_fetch_mvbox should be disabled.
+    assert account.get_config("mvbox_move") == "0"
+    assert account.get_config("only_fetch_mvbox") == "0"
+    assert account.get_config("show_emails") == "2"
+
+    qr = acfactory.get_account_qr()
+    account.add_transport_from_qr(qr)
+    assert len(account.list_transports()) == 2
+
+    account.add_transport_from_qr(qr)
+    assert len(account.list_transports()) == 3
+
+    first_addr = account.list_transports()[0]["addr"]
+    second_addr = account.list_transports()[1]["addr"]
+
+    # Cannot delete the first address.
+    with pytest.raises(JsonRpcError):
+        account.delete_transport(first_addr)
+
+    account.delete_transport(second_addr)
+    assert len(account.list_transports()) == 2
+
+    # Enabling mvbox_move or only_fetch_mvbox
+    # is not allowed when multi-transport is enabled.
+    for option in ["mvbox_move", "only_fetch_mvbox"]:
+        with pytest.raises(JsonRpcError):
+            account.set_config(option, "1")
+
+    with pytest.raises(JsonRpcError):
+        account.set_config("show_emails", "0")
+
+
+@pytest.mark.parametrize("key", ["mvbox_move", "only_fetch_mvbox"])
+def test_no_second_transport_with_mvbox(acfactory, key) -> None:
+    """Test that second transport cannot be configured if mvbox is used."""
+    account = acfactory.new_configured_account()
+    assert len(account.list_transports()) == 1
+
+    assert account.get_config("mvbox_move") == "0"
+    assert account.get_config("only_fetch_mvbox") == "0"
+
+    qr = acfactory.get_account_qr()
+    account.set_config(key, "1")
+
+    with pytest.raises(JsonRpcError):
+        account.add_transport_from_qr(qr)
+
+
+def test_no_second_transport_without_classic_emails(acfactory) -> None:
+    """Test that second transport cannot be configured if classic emails are not fetched."""
+    account = acfactory.new_configured_account()
+    assert len(account.list_transports()) == 1
+
+    assert account.get_config("show_emails") == "2"
+
+    qr = acfactory.get_account_qr()
+    account.set_config("show_emails", "0")
+
+    with pytest.raises(JsonRpcError):
+        account.add_transport_from_qr(qr)
+
+
+def test_change_address(acfactory) -> None:
+    """Test Alice configuring a second transport and setting it as a primary one."""
+    alice, bob = acfactory.get_online_accounts(2)
+
+    bob_addr = bob.get_config("configured_addr")
+    bob.create_chat(alice)
+
+    alice_chat_bob = alice.create_chat(bob)
+    alice_chat_bob.send_text("Hello!")
+
+    msg1 = bob.wait_for_incoming_msg().get_snapshot()
+    sender_addr1 = msg1.sender.get_snapshot().address
+
+    alice.stop_io()
+    old_alice_addr = alice.get_config("configured_addr")
+    alice_vcard = alice.self_contact.make_vcard()
+    assert old_alice_addr in alice_vcard
+    qr = acfactory.get_account_qr()
+    alice.add_transport_from_qr(qr)
+    new_alice_addr = alice.list_transports()[1]["addr"]
+    with pytest.raises(JsonRpcError):
+        # Cannot use the address that is not
+        # configured for any transport.
+        alice.set_config("configured_addr", bob_addr)
+
+    # Load old address so it is cached.
+    assert alice.get_config("configured_addr") == old_alice_addr
+    alice.set_config("configured_addr", new_alice_addr)
+    # Make sure that setting `configured_addr` invalidated the cache.
+    assert alice.get_config("configured_addr") == new_alice_addr
+
+    alice_vcard = alice.self_contact.make_vcard()
+    assert old_alice_addr not in alice_vcard
+    assert new_alice_addr in alice_vcard
+    with pytest.raises(JsonRpcError):
+        alice.delete_transport(new_alice_addr)
+    alice.start_io()
+
+    alice_chat_bob.send_text("Hello again!")
+
+    msg2 = bob.wait_for_incoming_msg().get_snapshot()
+    sender_addr2 = msg2.sender.get_snapshot().address
+
+    assert msg1.sender == msg2.sender
+    assert sender_addr1 != sender_addr2
+    assert sender_addr1 == old_alice_addr
+    assert sender_addr2 == new_alice_addr
+
+
+@pytest.mark.parametrize("is_chatmail", ["0", "1"])
+def test_mvbox_move_first_transport(acfactory, is_chatmail) -> None:
+    """Test that mvbox_move is disabled by default even for non-chatmail accounts.
+    Disabling mvbox_move is required to be able to setup a second transport.
+    """
+    account = acfactory.get_unconfigured_account()
+
+    account.set_config("fix_is_chatmail", "1")
+    account.set_config("is_chatmail", is_chatmail)
+
+    # The default value when the setting is unset is "1".
+    # This is not changed for compatibility with old databases
+    # imported from backups.
+    assert account.get_config("mvbox_move") == "1"
+
+    qr = acfactory.get_account_qr()
+    account.add_transport_from_qr(qr)
+
+    # Once the first transport is set up,
+    # mvbox_move is disabled.
+    assert account.get_config("mvbox_move") == "0"
+    assert account.get_config("is_chatmail") == is_chatmail
+
+
+def test_reconfigure_transport(acfactory) -> None:
+    """Test that reconfiguring the transport works
+    even if settings not supported for multi-transport
+    like mvbox_move are enabled."""
+    account = acfactory.get_online_account()
+    account.set_config("mvbox_move", "1")
+
+    [transport] = account.list_transports()
+    account.add_or_update_transport(transport)
+
+    # Reconfiguring the transport should not reset
+    # the settings as if when configuring the first transport.
+    assert account.get_config("mvbox_move") == "1"
+
+
+def test_transport_synchronization(acfactory, log) -> None:
+    """Test synchronization of transports between devices."""
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    ac1_clone = ac1.clone()
+    ac1_clone.bring_online()
+
+    qr = acfactory.get_account_qr()
+
+    ac1.add_transport_from_qr(qr)
+    ac1_clone.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    assert len(ac1.list_transports()) == 2
+    assert len(ac1_clone.list_transports()) == 2
+
+    ac1_clone.add_transport_from_qr(qr)
+    ac1.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    assert len(ac1.list_transports()) == 3
+    assert len(ac1_clone.list_transports()) == 3
+
+    log.section("ac1 clone removes second transport")
+    [transport1, transport2, transport3] = ac1_clone.list_transports()
+    addr3 = transport3["addr"]
+    ac1_clone.delete_transport(transport2["addr"])
+
+    ac1.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    [transport1, transport3] = ac1.list_transports()
+
+    log.section("ac1 changes the primary transport")
+    ac1.set_config("configured_addr", transport3["addr"])
+
+    log.section("ac1 removes the first transport")
+    ac1.delete_transport(transport1["addr"])
+
+    ac1_clone.wait_for_event(EventType.TRANSPORTS_MODIFIED)
+    [transport3] = ac1_clone.list_transports()
+    assert transport3["addr"] == addr3
+    assert ac1_clone.get_config("configured_addr") == addr3
+
+    ac2_chat = ac2.create_chat(ac1)
+    ac2_chat.send_text("Hello!")
+
+    assert ac1.wait_for_incoming_msg().get_snapshot().text == "Hello!"
+    assert ac1_clone.wait_for_incoming_msg().get_snapshot().text == "Hello!"

deltachat-rpc-client/tests/test_securejoin.py

@@ -140,15 +140,15 @@ def test_qr_securejoin_broadcast(acfactory, all_devices_online):
         return chat
 
     def wait_for_broadcast_messages(ac):
+        snapshot1 = ac.wait_for_incoming_msg().get_snapshot()
+        assert snapshot1.text == "You joined the channel."
+
+        snapshot2 = ac.wait_for_incoming_msg().get_snapshot()
+        assert snapshot2.text == "Hello everyone!"
+
         chat = get_broadcast(ac)
-
-        snapshot = ac.wait_for_incoming_msg().get_snapshot()
-        assert snapshot.text == "You joined the channel."
-        assert snapshot.chat_id == chat.id
-
-        snapshot = ac.wait_for_incoming_msg().get_snapshot()
-        assert snapshot.text == "Hello everyone!"
-        assert snapshot.chat_id == chat.id
+        assert snapshot1.chat_id == chat.id
+        assert snapshot2.chat_id == chat.id
 
     def check_account(ac, contact, inviter_side, please_wait_info_msg=False):
         # Check that the chat partner is verified.
@@ -158,29 +158,29 @@ def test_qr_securejoin_broadcast(acfactory, all_devices_online):
         chat = get_broadcast(ac)
         chat_msgs = chat.get_messages()
 
-        if please_wait_info_msg:
-            first_msg = chat_msgs.pop(0).get_snapshot()
-            assert first_msg.text == "Establishing guaranteed end-to-end encryption, please wait…"
-            assert first_msg.is_info
-
-        encrypted_msg = chat_msgs[0].get_snapshot()
+        encrypted_msg = chat_msgs.pop(0).get_snapshot()
         assert encrypted_msg.text == "Messages are end-to-end encrypted."
         assert encrypted_msg.is_info
 
-        member_added_msg = chat_msgs[1].get_snapshot()
+        if please_wait_info_msg:
+            first_msg = chat_msgs.pop(0).get_snapshot()
+            assert "invited you to join this channel" in first_msg.text
+            assert first_msg.is_info
+
+        member_added_msg = chat_msgs.pop(0).get_snapshot()
         if inviter_side:
             assert member_added_msg.text == f"Member {contact_snapshot.display_name} added."
         else:
             assert member_added_msg.text == "You joined the channel."
         assert member_added_msg.is_info
 
-        hello_msg = chat_msgs[2].get_snapshot()
+        hello_msg = chat_msgs.pop(0).get_snapshot()
         assert hello_msg.text == "Hello everyone!"
         assert not hello_msg.is_info
         assert hello_msg.show_padlock
         assert hello_msg.error is None
 
-        assert len(chat_msgs) == 3
+        assert len(chat_msgs) == 0
 
         chat_snapshot = chat.get_full_snapshot()
         assert chat_snapshot.is_encrypted

deltachat-rpc-client/tests/test_something.py

@@ -467,7 +467,7 @@ def test_bot(acfactory) -> None:
 
 
 def test_wait_next_messages(acfactory) -> None:
-    alice = acfactory.new_configured_account()
+    alice = acfactory.get_online_account()
 
     # Create a bot account so it does not receive device messages in the beginning.
     addr, password = acfactory.get_credentials()
@@ -475,6 +475,7 @@ def test_wait_next_messages(acfactory) -> None:
     bot.set_config("bot", "1")
     bot.add_or_update_transport({"addr": addr, "password": password})
     assert bot.is_configured()
+    bot.bring_online()
 
     # There are no old messages and the call returns immediately.
     assert not bot.wait_next_messages()
@@ -660,8 +661,6 @@ def test_download_limit_chat_assignment(acfactory, tmp_path, n_accounts):
         contact = alice.create_contact(account)
         alice_group.add_contact(contact)
 
-    if n_accounts == 2:
-        bob_chat_alice = bob.create_chat(alice)
     bob.set_config("download_limit", str(download_limit))
 
     alice_group.send_text("hi")
@@ -677,15 +676,7 @@ def test_download_limit_chat_assignment(acfactory, tmp_path, n_accounts):
         alice_group.send_file(str(path))
         snapshot = bob.wait_for_incoming_msg().get_snapshot()
         assert snapshot.download_state == DownloadState.AVAILABLE
-        if n_accounts > 2:
-            assert snapshot.chat == bob_group
-        else:
-            # Group contains only Alice and Bob,
-            # so partially downloaded messages are
-            # hard to distinguish from private replies to group messages.
-            #
-            # Message may be a private reply, so we assign it to 1:1 chat with Alice.
-            assert snapshot.chat == bob_chat_alice
+        assert snapshot.chat == bob_group
 
 
 def test_markseen_contact_request(acfactory):
@@ -867,15 +858,15 @@ def test_leave_broadcast(acfactory, all_devices_online):
         contact_snapshot = contact.get_snapshot()
         chat_msgs = chat.get_messages()
 
-        if please_wait_info_msg:
-            first_msg = chat_msgs.pop(0).get_snapshot()
-            assert first_msg.text == "Establishing guaranteed end-to-end encryption, please wait…"
-            assert first_msg.is_info
-
         encrypted_msg = chat_msgs.pop(0).get_snapshot()
         assert encrypted_msg.text == "Messages are end-to-end encrypted."
         assert encrypted_msg.is_info
 
+        if please_wait_info_msg:
+            first_msg = chat_msgs.pop(0).get_snapshot()
+            assert "invited you to join this channel" in first_msg.text
+            assert first_msg.is_info
+
         member_added_msg = chat_msgs.pop(0).get_snapshot()
         if inviter_side:
             assert member_added_msg.text == f"Member {contact_snapshot.display_name} added."
@@ -965,3 +956,59 @@ def test_immediate_autodelete(acfactory, direct_imap, log):
     ev = ac1.wait_for_event(EventType.MSG_READ)
     assert ev.chat_id == chat1.id
     assert ev.msg_id == sent_msg.id
+
+
+def test_background_fetch(acfactory, dc):
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    ac1.stop_io()
+
+    ac1_chat = ac1.create_chat(ac2)
+
+    ac2_chat = ac2.create_chat(ac1)
+    ac2_chat.send_text("Hello!")
+
+    while True:
+        dc.background_fetch(300)
+        messages = ac1_chat.get_messages()
+        snapshot = messages[-1].get_snapshot()
+        if snapshot.text == "Hello!":
+            break
+
+    # Stopping background fetch immediately after starting
+    # does not result in any errors.
+    background_fetch_future = dc.background_fetch.future(300)
+    dc.stop_background_fetch()
+    background_fetch_future()
+
+    # Starting background fetch with zero timeout is ok,
+    # it should terminate immediately.
+    dc.background_fetch(0)
+
+    # Background fetch can still be used to send and receive messages.
+    ac2_chat.send_text("Hello again!")
+
+    while True:
+        dc.background_fetch(300)
+        messages = ac1_chat.get_messages()
+        snapshot = messages[-1].get_snapshot()
+        if snapshot.text == "Hello again!":
+            break
+
+
+def test_message_exists(acfactory):
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    chat = ac1.create_chat(ac2)
+    message1 = chat.send_text("Hello!")
+    message2 = chat.send_text("Hello again!")
+    assert message1.exists()
+    assert message2.exists()
+
+    ac1.delete_messages([message1])
+    assert not message1.exists()
+    assert message2.exists()
+
+    # There is no error when checking if
+    # the message exists for deleted account.
+    ac1.remove()
+    assert not message1.exists()
+    assert not message2.exists()

deltachat-rpc-server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "2.26.0"
+version = "2.30.0"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"

deltachat-rpc-server/npm-package/package.json

@@ -15,5 +15,5 @@
   },
   "type": "module",
   "types": "index.d.ts",
-  "version": "2.26.0"
+  "version": "2.30.0"
 }

deny.toml

@@ -38,6 +38,7 @@ skip = [
      { name = "rand", version = "0.8.5" },
      { name = "rustix", version = "0.38.44" },
      { name = "serdect", version = "0.2.0" },
+     { name = "socket2", version = "0.5.9" },
      { name = "spin", version = "0.9.8" },
      { name = "strum_macros", version = "0.26.2" },
      { name = "strum", version = "0.26.2" },
@@ -62,7 +63,6 @@ skip = [
      { name = "windows_x86_64_gnu" },
      { name = "windows_x86_64_gnullvm" },
      { name = "windows_x86_64_msvc" },
-     { name = "zerocopy", version = "0.7.32" },
 ]
 
 

flake.lock

@@ -47,11 +47,11 @@
         "rust-analyzer-src": "rust-analyzer-src"
       },
       "locked": {
-        "lastModified": 1747291057,
-        "narHash": "sha256-9Wir6aLJAeJKqdoQUiwfKdBn7SyNXTJGRSscRyVOo2Y=",
+        "lastModified": 1763361733,
+        "narHash": "sha256-ka7dpwH3HIXCyD2wl5F7cPLeRbqZoY2ullALsvxdPt8=",
         "owner": "nix-community",
         "repo": "fenix",
-        "rev": "76ffc1b7b3ec8078fe01794628b6abff35cbda8f",
+        "rev": "6c8d48e3b0ae371b19ac1485744687b788e80193",
         "type": "github"
       },
       "original": {
@@ -147,11 +147,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1747179050,
-        "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=",
+        "lastModified": 1762977756,
+        "narHash": "sha256-4PqRErxfe+2toFJFgcRKZ0UI9NSIOJa+7RXVtBhy4KE=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e",
+        "rev": "c5ae371f1a6a7fd27823bc500d9390b38c05fa55",
         "type": "github"
       },
       "original": {
@@ -202,11 +202,11 @@
     "rust-analyzer-src": {
       "flake": false,
       "locked": {
-        "lastModified": 1746889290,
-        "narHash": "sha256-h3LQYZgyv2l3U7r+mcsrEOGRldaK0zJFwAAva4hV/6g=",
+        "lastModified": 1762860488,
+        "narHash": "sha256-rMfWMCOo/pPefM2We0iMBLi2kLBAnYoB9thi4qS7uk4=",
         "owner": "rust-lang",
         "repo": "rust-analyzer",
-        "rev": "2bafe9d96c6734aacfd49e115f6cf61e7adc68bc",
+        "rev": "2efc80078029894eec0699f62ec8d5c1a56af763",
         "type": "github"
       },
       "original": {

flake.nix

@@ -1,5 +1,5 @@
 {
-  description = "Delta Chat core";
+  description = "Chatmail core";
   inputs = {
     fenix.url = "github:nix-community/fenix";
     flake-utils.url = "github:numtide/flake-utils";
@@ -14,7 +14,15 @@
         pkgs = nixpkgs.legacyPackages.${system};
         inherit (pkgs.stdenv) isDarwin;
         fenixPkgs = fenix.packages.${system};
-        naersk' = pkgs.callPackage naersk { };
+        fenixToolchain = fenixPkgs.combine [
+          fenixPkgs.stable.rustc
+          fenixPkgs.stable.cargo
+          fenixPkgs.stable.rust-std
+        ];
+        naersk' = pkgs.callPackage naersk {
+          cargo = fenixToolchain;
+          rustc = fenixToolchain;
+        };
         manifest = (pkgs.lib.importTOML ./Cargo.toml).package;
         androidSdk = android.sdk.${system} (sdkPkgs:
           builtins.attrValues {
@@ -34,7 +42,6 @@
             ./Cargo.lock
             ./Cargo.toml
             ./CMakeLists.txt
-            ./CONTRIBUTING.md
             ./deltachat_derive
             ./deltachat-contact-tools
             ./deltachat-ffi
@@ -471,6 +478,12 @@
               };
 
             libdeltachat =
+              let
+                rustPlatform = (pkgs.makeRustPlatform {
+                  cargo = fenixToolchain;
+                  rustc = fenixToolchain;
+                });
+              in
               pkgs.stdenv.mkDerivation {
                 pname = "libdeltachat";
                 version = manifest.version;
@@ -480,8 +493,9 @@
                 nativeBuildInputs = [
                   pkgs.perl # Needed to build vendored OpenSSL.
                   pkgs.cmake
-                  pkgs.rustPlatform.cargoSetupHook
-                  pkgs.cargo
+                  rustPlatform.cargoSetupHook
+                  fenixPkgs.stable.rustc
+                  fenixPkgs.stable.cargo
                 ];
 
                 postInstall = ''

python/examples/test_examples.py

@@ -14,6 +14,7 @@ def datadir():
     return None
 
 
+@pytest.mark.skip("The test is flaky in CI and crashes the interpreter as of 2025-11-12")
 def test_echo_quit_plugin(acfactory, lp):
     lp.sec("creating one echo_and_quit bot")
     botproc = acfactory.run_bot_process(echo_and_quit)

python/pyproject.toml

@@ -1,20 +1,20 @@
 [build-system]
-requires = ["setuptools>=45", "wheel", "cffi>=1.0.0", "pkgconfig"]
+requires = ["setuptools>=77", "wheel", "cffi>=1.0.0", "pkgconfig"]
 build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat"
-version = "2.26.0"
+version = "2.30.0"
+license = "MPL-2.0"
 description = "Python bindings for the Delta Chat Core library using CFFI against the Rust-implemented libdeltachat"
 readme = "README.rst"
-requires-python = ">=3.8"
+requires-python = ">=3.10"
 authors = [
     { name = "holger krekel, Floris Bruynooghe, Bjoern Petersen and contributors" },
 ]
 classifiers = [
     "Development Status :: 5 - Production/Stable",
     "Intended Audience :: Developers",
-    "License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)",
     "Programming Language :: Python :: 3",
     "Topic :: Communications :: Chat",
     "Topic :: Communications :: Email",
@@ -23,7 +23,6 @@ classifiers = [
 dependencies = [
     "cffi>=1.0.0",
     "imap-tools",
-    "importlib_metadata;python_version<'3.8'",
     "pluggy",
     "requests",
 ]

python/tests/test_3_offline.py

@@ -35,7 +35,7 @@ class TestOfflineAccountBasic:
         d = ac1.get_info()
         assert d["arch"]
         assert d["number_of_chats"] == "0"
-        assert d["bcc_self"] == "1"
+        assert d["bcc_self"] == "0"
 
     def test_is_not_configured(self, acfactory):
         ac1 = acfactory.get_unconfigured_account()
@@ -69,7 +69,7 @@ class TestOfflineAccountBasic:
     def test_has_bccself(self, acfactory):
         ac1 = acfactory.get_unconfigured_account()
         assert "bcc_self" in ac1.get_config("sys.config_keys").split()
-        assert ac1.get_config("bcc_self") == "1"
+        assert ac1.get_config("bcc_self") == "0"
 
     def test_selfcontact_if_unconfigured(self, acfactory):
         ac1 = acfactory.get_unconfigured_account()

python/tox.ini

@@ -46,7 +46,7 @@ deps =
 commands =
     ruff format --diff setup.py src/deltachat examples/ tests/
     ruff check src/deltachat tests/ examples/
-    rst-lint --encoding 'utf-8' README.rst
+    rst-lint README.rst
 
 [testenv:mypy]
 deps =

release-date.in

@@ -1 +1 @@
-2025-11-11
+2025-12-04

scripts/README.md

@@ -26,10 +26,10 @@ and an own build machine.
    i.e. `deltachat-rpc-client` and `deltachat-rpc-server`.
 
 - `remote_tests_python.sh` rsyncs to a build machine and runs
-  `run-python-test.sh` remotely on the build machine. 
+  JSON-RPC Python tests remotely on the build machine. 
 
 - `remote_tests_rust.sh` rsyncs to the build machine and runs
-  `run-rust-test.sh` remotely on the build machine. 
+  Rust tests remotely on the build machine. 
 
 - `run-doxygen.sh` generates C-docs which are then uploaded to https://c.delta.chat/
 

scripts/remote_tests_python.sh

@@ -1,45 +1,32 @@
-#!/bin/bash 
+#!/usr/bin/env bash
+set -euo pipefail
 
-BUILD_ID=${1:?specify build ID}
-
-SSHTARGET=${SSHTARGET-ci@b1.delta.chat}
-BUILDDIR=ci_builds/$BUILD_ID
+set -x
+if ! test -v SSHTARGET; then
+	echo >&2 SSHTARGET is not set
+	exit 1
+fi
+BUILDDIR=ci_builds/chatmailcore
 
 echo "--- Copying files to $SSHTARGET:$BUILDDIR"
 
-set -xe
-
-ssh -oBatchMode=yes -oStrictHostKeyChecking=no  $SSHTARGET mkdir -p "$BUILDDIR"
-git ls-files >.rsynclist 
-# we seem to need .git for setuptools_scm versioning 
-find .git >>.rsynclist
-rsync --delete --files-from=.rsynclist -az ./ "$SSHTARGET:$BUILDDIR"
-
-set +x
+rsync -az --delete --mkpath --files-from=<(git ls-files) ./ "$SSHTARGET:$BUILDDIR"
 
 echo "--- Running Python tests remotely"
 
-ssh $SSHTARGET <<_HERE
+ssh -oBatchMode=yes -- "$SSHTARGET" <<_HERE
     set +x -e
 
     # make sure all processes exit when ssh dies
     shopt -s huponexit
 
-    export RUSTC_WRAPPER=\`which sccache\`
+    export RUSTC_WRAPPER=\`command -v sccache\`
     cd $BUILDDIR
-    export TARGET=release
     export CHATMAIL_DOMAIN=$CHATMAIL_DOMAIN
 
-    #we rely on tox/virtualenv being available in the host
-    #rm -rf virtualenv venv
-    #virtualenv -q -p python3.7 venv 
-    #source venv/bin/activate
-    #pip install -q tox virtualenv
+    scripts/make-rpc-testenv.sh
+    . venv/bin/activate
 
-    set -x
-    which python
-    source \$HOME/venv/bin/activate
-    which python
-
-    bash scripts/run-python-test.sh 
+    cd deltachat-rpc-client
+    pytest -n6 $@
 _HERE

scripts/remote_tests_rust.sh

@@ -1,29 +1,25 @@
-#!/bin/bash 
+#!/usr/bin/env bash
+set -euo pipefail
 
-BUILD_ID=${1:?specify build ID}
-
-SSHTARGET=${SSHTARGET-ci@b1.delta.chat}
-BUILDDIR=ci_builds/$BUILD_ID
-
-set -e
+if ! test -v SSHTARGET; then
+        echo >&2 SSHTARGET is not set
+        exit 1
+fi
+BUILDDIR=ci_builds/chatmailcore
 
 echo "--- Copying files to $SSHTARGET:$BUILDDIR"
 
-ssh -oBatchMode=yes -oStrictHostKeyChecking=no $SSHTARGET mkdir -p "$BUILDDIR"
-git ls-files >.rsynclist
-rsync --delete --files-from=.rsynclist -az ./ "$SSHTARGET:$BUILDDIR"
+rsync -az --delete --mkpath --files-from=<(git ls-files) ./ "$SSHTARGET:$BUILDDIR"
 
 echo "--- Running Rust tests remotely"
 
-ssh $SSHTARGET <<_HERE
+ssh -oBatchMode=yes -- "$SSHTARGET" <<_HERE
     set +x -e
     # make sure all processes exit when ssh dies
     shopt -s huponexit
-    export RUSTC_WRAPPER=\`which sccache\`
+    export RUSTC_WRAPPER=\`command -v sccache\`
     cd $BUILDDIR
-    export TARGET=x86_64-unknown-linux-gnu
-    export RUSTC_WRAPPER=sccache
 
-    bash scripts/run-rust-test.sh
+    cargo nextest run
 _HERE
 

scripts/run_all.sh

@@ -31,6 +31,6 @@ unset CHATMAIL_DOMAIN
 
 # Try to build wheels for a range of interpreters, but don't fail if they are not available.
 # E.g. musllinux_1_1 does not have PyPy interpreters as of 2022-07-10
-tox --workdir "$TOXWORKDIR" -e py38,py39,py310,py311,py312,py313,pypy38,pypy39,pypy310 --skip-missing-interpreters true
+tox --workdir "$TOXWORKDIR" -e py310,py311,py312,py313,pypy310 --skip-missing-interpreters true
 
 auditwheel repair "$TOXWORKDIR"/wheelhouse/deltachat* -w "$TOXWORKDIR/wheelhouse"

src/accounts.rs

@@ -3,8 +3,12 @@
 use std::collections::{BTreeMap, BTreeSet};
 use std::future::Future;
 use std::path::{Path, PathBuf};
+use std::sync::Arc;
 
 use anyhow::{Context as _, Result, bail, ensure};
+use async_channel::{self, Receiver, Sender};
+use futures::FutureExt as _;
+use futures_lite::FutureExt as _;
 use serde::{Deserialize, Serialize};
 use tokio::fs;
 use tokio::io::AsyncWriteExt;
@@ -41,6 +45,13 @@ pub struct Accounts {
 
     /// Push notification subscriber shared between accounts.
     push_subscriber: PushSubscriber,
+
+    /// Channel sender to cancel ongoing background_fetch().
+    ///
+    /// If background_fetch() is not running, this is `None`.
+    /// New background_fetch() should not be started if this
+    /// contains `Some`.
+    background_fetch_interrupt_sender: Arc<parking_lot::Mutex<Option<Sender<()>>>>,
 }
 
 impl Accounts {
@@ -96,6 +107,7 @@ impl Accounts {
             events,
             stockstrings,
             push_subscriber,
+            background_fetch_interrupt_sender: Default::default(),
         })
     }
 
@@ -352,6 +364,11 @@ impl Accounts {
     ///
     /// This is an auxiliary function and not part of public API.
     /// Use [Accounts::background_fetch] instead.
+    ///
+    /// This function is cancellation-safe.
+    /// It is intended to be cancellable,
+    /// either because of the timeout or because background
+    /// fetch was explicitly cancelled.
     async fn background_fetch_no_timeout(accounts: Vec<Context>, events: Events) {
         let n_accounts = accounts.len();
         events.emit(Event {
@@ -378,14 +395,33 @@ impl Accounts {
     }
 
     /// Auxiliary function for [Accounts::background_fetch].
+    ///
+    /// Runs `background_fetch` until it finishes
+    /// or until the timeout.
+    ///
+    /// Produces `AccountsBackgroundFetchDone` event in every case
+    /// and clears [`Self::background_fetch_interrupt_sender`]
+    /// so a new background fetch can be started.
+    ///
+    /// This function is not cancellation-safe.
+    /// Cancelling it before it returns may result
+    /// in not being able to run any new background fetch
+    /// if interrupt sender was not cleared.
     async fn background_fetch_with_timeout(
         accounts: Vec<Context>,
         events: Events,
         timeout: std::time::Duration,
+        interrupt_sender: Arc<parking_lot::Mutex<Option<Sender<()>>>>,
+        interrupt_receiver: Option<Receiver<()>>,
     ) {
+        let Some(interrupt_receiver) = interrupt_receiver else {
+            // Nothing to do if we got no interrupt receiver.
+            return;
+        };
         if let Err(_err) = tokio::time::timeout(
             timeout,
-            Self::background_fetch_no_timeout(accounts, events.clone()),
+            Self::background_fetch_no_timeout(accounts, events.clone())
+                .race(interrupt_receiver.recv().map(|_| ())),
         )
         .await
         {
@@ -398,10 +434,16 @@ impl Accounts {
             id: 0,
             typ: EventType::AccountsBackgroundFetchDone,
         });
+        (*interrupt_sender.lock()) = None;
     }
 
     /// Performs a background fetch for all accounts in parallel with a timeout.
     ///
+    /// Ongoing background fetch can also be cancelled manually
+    /// by calling `stop_background_fetch()`, in which case it will
+    /// return immediately even before the timeout expiration
+    /// or finishing fetching.
+    ///
     /// The `AccountsBackgroundFetchDone` event is emitted at the end,
     /// process all events until you get this one and you can safely return to the background
     /// without forgetting to create notifications caused by timing race conditions.
@@ -414,7 +456,39 @@ impl Accounts {
     ) -> impl Future<Output = ()> + use<> {
         let accounts: Vec<Context> = self.accounts.values().cloned().collect();
         let events = self.events.clone();
-        Self::background_fetch_with_timeout(accounts, events, timeout)
+        let (sender, receiver) = async_channel::bounded(1);
+        let receiver = {
+            let mut lock = self.background_fetch_interrupt_sender.lock();
+            if (*lock).is_some() {
+                // Another background_fetch() is already running,
+                // return immeidately.
+                None
+            } else {
+                *lock = Some(sender);
+                Some(receiver)
+            }
+        };
+        Self::background_fetch_with_timeout(
+            accounts,
+            events,
+            timeout,
+            self.background_fetch_interrupt_sender.clone(),
+            receiver,
+        )
+    }
+
+    /// Interrupts ongoing background_fetch() call,
+    /// making it return early.
+    ///
+    /// This method allows to cancel background_fetch() early,
+    /// e.g. on Android, when `Service.onTimeout` is called.
+    ///
+    /// If there is no ongoing background_fetch(), does nothing.
+    pub fn stop_background_fetch(&self) {
+        let mut lock = self.background_fetch_interrupt_sender.lock();
+        if let Some(sender) = lock.take() {
+            sender.try_send(()).ok();
+        }
     }
 
     /// Emits a single event.
@@ -604,13 +678,12 @@ impl Config {
         // Convert them to relative paths.
         let mut modified = false;
         for account in &mut config.inner.accounts {
-            if account.dir.is_absolute() {
-                if let Some(old_path_parent) = account.dir.parent() {
-                    if let Ok(new_path) = account.dir.strip_prefix(old_path_parent) {
-                        account.dir = new_path.to_path_buf();
-                        modified = true;
-                    }
-                }
+            if account.dir.is_absolute()
+                && let Some(old_path_parent) = account.dir.parent()
+                && let Ok(new_path) = account.dir.strip_prefix(old_path_parent)
+            {
+                account.dir = new_path.to_path_buf();
+                modified = true;
             }
         }
         if modified && writable {

src/blob/blob_tests.rs

@@ -173,11 +173,8 @@ async fn test_selfavatar_outside_blobdir() {
         .unwrap();
     let avatar_blob = t.get_config(Config::Selfavatar).await.unwrap().unwrap();
     let avatar_path = Path::new(&avatar_blob);
-    assert!(
-        avatar_blob.ends_with("7dde69e06b5ae6c27520a436bbfd65b.jpg"),
-        "The avatar filename should be its hash, put instead it's {avatar_blob}"
-    );
     let scaled_avatar_size = file_size(avatar_path).await;
+    info!(&t, "Scaled avatar size: {scaled_avatar_size}.");
     assert!(scaled_avatar_size < avatar_bytes.len() as u64);
 
     check_image_size(avatar_src, 1000, 1000);
@@ -187,6 +184,11 @@ async fn test_selfavatar_outside_blobdir() {
         constants::BALANCED_AVATAR_SIZE,
     );
 
+    assert!(
+        avatar_blob.ends_with("2a048b6fcd86448032b854ea1ad7608.jpg"),
+        "The avatar filename should be its hash, but instead it's {avatar_blob}"
+    );
+
     let mut blob = BlobObject::create_and_deduplicate(&t, avatar_path, avatar_path).unwrap();
     let viewtype = &mut Viewtype::Image;
     let strict_limits = true;

src/calls.rs

@@ -6,7 +6,7 @@ use crate::chat::ChatIdBlocked;
 use crate::chat::{Chat, ChatId, send_msg};
 use crate::constants::{Blocked, Chattype};
 use crate::contact::ContactId;
-use crate::context::Context;
+use crate::context::{Context, WeakContext};
 use crate::events::EventType;
 use crate::headerdef::HeaderDef;
 use crate::log::warn;
@@ -199,8 +199,9 @@ impl Context {
         call.id = send_msg(self, chat_id, &mut call).await?;
 
         let wait = RINGING_SECONDS;
+        let context = self.get_weak_context();
         task::spawn(Context::emit_end_call_if_unaccepted(
-            self.clone(),
+            context,
             wait.try_into()?,
             call.id,
         ));
@@ -291,11 +292,12 @@ impl Context {
     }
 
     async fn emit_end_call_if_unaccepted(
-        context: Context,
+        context: WeakContext,
         wait: u64,
         call_id: MsgId,
     ) -> Result<()> {
         sleep(Duration::from_secs(wait)).await;
+        let context = context.upgrade()?;
         let Some(mut call) = context.load_call_by_id(call_id).await? else {
             warn!(
                 context,
@@ -368,8 +370,9 @@ impl Context {
                         }
                     }
                     let wait = call.remaining_ring_seconds();
+                    let context = self.get_weak_context();
                     task::spawn(Context::emit_end_call_if_unaccepted(
-                        self.clone(),
+                        context,
                         wait.try_into()?,
                         call.msg.id,
                     ));

src/chat.rs

@@ -301,7 +301,7 @@ impl ChatId {
         let chat = Chat::load_from_db(context, chat_id).await?;
 
         if chat.is_encrypted(context).await? {
-            chat_id.add_encrypted_msg(context, timestamp).await?;
+            chat_id.add_e2ee_notice(context, timestamp).await?;
         }
 
         info!(
@@ -462,19 +462,15 @@ impl ChatId {
     }
 
     /// Adds message "Messages are end-to-end encrypted".
-    pub(crate) async fn add_encrypted_msg(
-        self,
-        context: &Context,
-        timestamp_sort: i64,
-    ) -> Result<()> {
+    pub(crate) async fn add_e2ee_notice(self, context: &Context, timestamp: i64) -> Result<()> {
         let text = stock_str::messages_e2e_encrypted(context).await;
         add_info_msg_with_cmd(
             context,
             self,
             &text,
             SystemMessage::ChatE2ee,
-            timestamp_sort,
-            None,
+            Some(timestamp),
+            timestamp,
             None,
             None,
             None,
@@ -740,16 +736,15 @@ impl ChatId {
                 }
             }
             _ => {
-                if msg.viewtype == Viewtype::File {
-                    if let Some((better_type, _)) = message::guess_msgtype_from_suffix(msg)
+                if msg.viewtype == Viewtype::File
+                    && let Some((better_type, _)) = message::guess_msgtype_from_suffix(msg)
                         // We do not do an automatic conversion to other viewtypes here so that
                         // users can send images as "files" to preserve the original quality
                         // (usually we compress images). The remaining conversions are done by
                         // `prepare_msg_blob()` later.
                         .filter(|&(vt, _)| vt == Viewtype::Webxdc || vt == Viewtype::Vcard)
-                    {
-                        msg.viewtype = better_type;
-                    }
+                {
+                    msg.viewtype = better_type;
                 }
                 if msg.viewtype == Viewtype::Vcard {
                     let blob = msg
@@ -767,13 +762,13 @@ impl ChatId {
         msg.chat_id = self;
 
         // if possible, replace existing draft and keep id
-        if !msg.id.is_special() {
-            if let Some(old_draft) = self.get_draft(context).await? {
-                if old_draft.id == msg.id
-                    && old_draft.chat_id == self
-                    && old_draft.state == MessageState::OutDraft
-                {
-                    let affected_rows = context
+        if !msg.id.is_special()
+            && let Some(old_draft) = self.get_draft(context).await?
+            && old_draft.id == msg.id
+            && old_draft.chat_id == self
+            && old_draft.state == MessageState::OutDraft
+        {
+            let affected_rows = context
                         .sql.execute(
                                 "UPDATE msgs
                                 SET timestamp=?1,type=?2,txt=?3,txt_normalized=?4,param=?5,mime_in_reply_to=?6
@@ -793,9 +788,7 @@ impl ChatId {
                                     msg.id,
                                 ),
                             ).await?;
-                    return Ok(affected_rows > 0);
-                }
-            }
+            return Ok(affected_rows > 0);
         }
 
         let row_id = context
@@ -993,11 +986,11 @@ impl ChatId {
         let mut res = Vec::new();
         let now = time();
         for (chat_id, metric) in chats_with_metrics {
-            if let Some(chat_timestamp) = chat_id.get_timestamp(context).await? {
-                if now > chat_timestamp + 42 * 24 * 3600 {
-                    // Chat was inactive for 42 days, skip.
-                    continue;
-                }
+            if let Some(chat_timestamp) = chat_id.get_timestamp(context).await?
+                && now > chat_timestamp + 42 * 24 * 3600
+            {
+                // Chat was inactive for 42 days, skip.
+                continue;
             }
 
             if metric < 0.1 {
@@ -1252,10 +1245,10 @@ impl ChatId {
             None
         };
 
-        if let Some(last_msg_time) = last_msg_time {
-            if last_msg_time > sort_timestamp {
-                sort_timestamp = last_msg_time;
-            }
+        if let Some(last_msg_time) = last_msg_time
+            && last_msg_time > sort_timestamp
+        {
+            sort_timestamp = last_msg_time;
         }
 
         Ok(sort_timestamp)
@@ -1376,10 +1369,10 @@ impl Chat {
                 let mut chat_name = "Err [Name not found]".to_owned();
                 match get_chat_contacts(context, chat.id).await {
                     Ok(contacts) => {
-                        if let Some(contact_id) = contacts.first() {
-                            if let Ok(contact) = Contact::get_by_id(context, *contact_id).await {
-                                contact.get_display_name().clone_into(&mut chat_name);
-                            }
+                        if let Some(contact_id) = contacts.first()
+                            && let Ok(contact) = Contact::get_by_id(context, *contact_id).await
+                        {
+                            contact.get_display_name().clone_into(&mut chat_name);
                         }
                     }
                     Err(err) => {
@@ -1576,10 +1569,10 @@ impl Chat {
 
         if self.typ == Chattype::Single {
             let contacts = get_chat_contacts(context, self.id).await?;
-            if let Some(contact_id) = contacts.first() {
-                if let Ok(contact) = Contact::get_by_id(context, *contact_id).await {
-                    color = contact.get_color();
-                }
+            if let Some(contact_id) = contacts.first()
+                && let Ok(contact) = Contact::get_by_id(context, *contact_id).await
+            {
+                color = contact.get_color();
             }
         } else if !self.grpid.is_empty() {
             color = str_to_color(&self.grpid);
@@ -1841,8 +1834,8 @@ impl Chat {
         }
 
         // add independent location to database
-        if msg.param.exists(Param::SetLatitude) {
-            if let Ok(row_id) = context
+        if msg.param.exists(Param::SetLatitude)
+            && let Ok(row_id) = context
                 .sql
                 .insert(
                     "INSERT INTO locations \
@@ -1857,9 +1850,8 @@ impl Chat {
                     ),
                 )
                 .await
-            {
-                location_id = row_id;
-            }
+        {
+            location_id = row_id;
         }
 
         let ephemeral_timer = if msg.param.get_cmd() == SystemMessage::EphemeralTimerChanged {
@@ -2429,7 +2421,7 @@ impl ChatIdBlocked {
             && !chat.param.exists(Param::Devicetalk)
             && !chat.param.exists(Param::Selftalk)
         {
-            chat_id.add_encrypted_msg(context, smeared_time).await?;
+            chat_id.add_e2ee_notice(context, smeared_time).await?;
         }
 
         Ok(Self {
@@ -2497,18 +2489,18 @@ async fn prepare_msg_blob(context: &Context, msg: &mut Message) -> Result<()> {
             msg.param.set(Param::File, blob.as_name());
         }
 
-        if !msg.param.exists(Param::MimeType) {
-            if let Some((viewtype, mime)) = message::guess_msgtype_from_suffix(msg) {
-                // If we unexpectedly didn't recognize the file as image, don't send it as such,
-                // either the format is unsupported or the image is corrupted.
-                let mime = match viewtype != Viewtype::Image
-                    || matches!(msg.viewtype, Viewtype::Image | Viewtype::Sticker)
-                {
-                    true => mime,
-                    false => "application/octet-stream",
-                };
-                msg.param.set(Param::MimeType, mime);
-            }
+        if !msg.param.exists(Param::MimeType)
+            && let Some((viewtype, mime)) = message::guess_msgtype_from_suffix(msg)
+        {
+            // If we unexpectedly didn't recognize the file as image, don't send it as such,
+            // either the format is unsupported or the image is corrupted.
+            let mime = match viewtype != Viewtype::Image
+                || matches!(msg.viewtype, Viewtype::Image | Viewtype::Sticker)
+            {
+                true => mime,
+                false => "application/octet-stream",
+            };
+            msg.param.set(Param::MimeType, mime);
         }
 
         msg.try_calc_and_set_dimensions(context).await?;
@@ -2692,15 +2684,15 @@ async fn prepare_send_msg(
     // This is meant as a last line of defence, the UI should check that before as well.
     // (We allow Chattype::Single in general for "Reply Privately";
     // checking for exact contact_id will produce false positives when ppl just left the group)
-    if chat.typ != Chattype::Single && !context.get_config_bool(Config::Bot).await? {
-        if let Some(quoted_message) = msg.quoted_message(context).await? {
-            if quoted_message.chat_id != chat_id {
-                bail!(
-                    "Quote of message from {} cannot be sent to {chat_id}",
-                    quoted_message.chat_id
-                );
-            }
-        }
+    if chat.typ != Chattype::Single
+        && !context.get_config_bool(Config::Bot).await?
+        && let Some(quoted_message) = msg.quoted_message(context).await?
+        && quoted_message.chat_id != chat_id
+    {
+        bail!(
+            "Quote of message from {} cannot be sent to {chat_id}",
+            quoted_message.chat_id
+        );
     }
 
     // check current MessageState for drafts (to keep msg_id) ...
@@ -2830,16 +2822,15 @@ pub(crate) async fn create_send_msg_jobs(context: &Context, msg: &mut Message) -
 
     let now = smeared_time(context);
 
-    if rendered_msg.last_added_location_id.is_some() {
-        if let Err(err) = location::set_kml_sent_timestamp(context, msg.chat_id, now).await {
-            error!(context, "Failed to set kml sent_timestamp: {err:#}.");
-        }
+    if rendered_msg.last_added_location_id.is_some()
+        && let Err(err) = location::set_kml_sent_timestamp(context, msg.chat_id, now).await
+    {
+        error!(context, "Failed to set kml sent_timestamp: {err:#}.");
     }
 
-    if attach_selfavatar {
-        if let Err(err) = msg.chat_id.set_selfavatar_timestamp(context, now).await {
-            error!(context, "Failed to set selfavatar timestamp: {err:#}.");
-        }
+    if attach_selfavatar && let Err(err) = msg.chat_id.set_selfavatar_timestamp(context, now).await
+    {
+        error!(context, "Failed to set selfavatar timestamp: {err:#}.");
     }
 
     if rendered_msg.is_encrypted {
@@ -3457,7 +3448,7 @@ pub(crate) async fn create_group_ex(
 
     if !grpid.is_empty() {
         // Add "Messages are end-to-end encrypted." message.
-        chat_id.add_encrypted_msg(context, timestamp).await?;
+        chat_id.add_e2ee_notice(context, timestamp).await?;
     }
 
     if !context.get_config_bool(Config::Bot).await?
@@ -3470,7 +3461,7 @@ pub(crate) async fn create_group_ex(
             // Add "Messages in this chat use classic email and are not encrypted." message.
             stock_str::chat_unencrypted_explanation(context).await
         };
-        add_info_msg(context, chat_id, &text, create_smeared_timestamp(context)).await?;
+        add_info_msg(context, chat_id, &text).await?;
     }
     if let (true, true) = (sync.into(), !grpid.is_empty()) {
         let id = SyncId::Grpid(grpid);
@@ -3538,7 +3529,7 @@ pub(crate) async fn create_out_broadcast_ex(
         Ok(chat_id)
     };
     let chat_id = context.sql.transaction(trans_fn).await?;
-    chat_id.add_encrypted_msg(context, timestamp).await?;
+    chat_id.add_e2ee_notice(context, timestamp).await?;
 
     context.emit_msgs_changed_without_ids();
     chatlist_events::emit_chatlist_changed(context);
@@ -3739,10 +3730,16 @@ pub(crate) async fn add_contact_to_chat_ex(
         chat.typ != Chattype::OutBroadcast || contact_id != ContactId::SELF,
         "Cannot add SELF to broadcast channel."
     );
-    ensure!(
-        chat.is_encrypted(context).await? == contact.is_key_contact(),
-        "Only key-contacts can be added to encrypted chats"
-    );
+    match chat.is_encrypted(context).await? {
+        true => ensure!(
+            contact.is_key_contact(),
+            "Only key-contacts can be added to encrypted chats"
+        ),
+        false => ensure!(
+            !contact.is_key_contact(),
+            "Only address-contacts can be added to unencrypted chats"
+        ),
+    }
 
     if !chat.is_self_in_chat(context).await? {
         context.emit_event(EventType::ErrorSelfNotInGroup(
@@ -4483,11 +4480,11 @@ pub async fn add_device_msg_with_importance(
     let mut chat_id = ChatId::new(0);
     let mut msg_id = MsgId::new_unset();
 
-    if let Some(label) = label {
-        if was_device_msg_ever_added(context, label).await? {
-            info!(context, "Device-message {label} already added.");
-            return Ok(msg_id);
-        }
+    if let Some(label) = label
+        && was_device_msg_ever_added(context, label).await?
+    {
+        info!(context, "Device-message {label} already added.");
+        return Ok(msg_id);
     }
 
     if let Some(msg) = msg {
@@ -4499,10 +4496,10 @@ pub async fn add_device_msg_with_importance(
         // makes sure, the added message is the last one,
         // even if the date is wrong (useful esp. when warning about bad dates)
         msg.timestamp_sort = timestamp_sent;
-        if let Some(last_msg_time) = chat_id.get_timestamp(context).await? {
-            if msg.timestamp_sort <= last_msg_time {
-                msg.timestamp_sort = last_msg_time + 1;
-            }
+        if let Some(last_msg_time) = chat_id.get_timestamp(context).await?
+            && msg.timestamp_sort <= last_msg_time
+        {
+            msg.timestamp_sort = last_msg_time + 1;
         }
         prepare_msg_blob(context, msg).await?;
         let state = MessageState::InFresh;
@@ -4621,9 +4618,11 @@ pub(crate) async fn add_info_msg_with_cmd(
     chat_id: ChatId,
     text: &str,
     cmd: SystemMessage,
-    timestamp_sort: i64,
-    // Timestamp to show to the user (if this is None, `timestamp_sort` will be shown to the user)
-    timestamp_sent_rcvd: Option<i64>,
+    // Timestamp where in the chat the message will be sorted.
+    // If this is None, the message will be sorted to the bottom.
+    timestamp_sort: Option<i64>,
+    // Timestamp to show to the user
+    timestamp_sent_rcvd: i64,
     parent: Option<&Message>,
     from_id: Option<ContactId>,
     added_removed_id: Option<ContactId>,
@@ -4639,6 +4638,22 @@ pub(crate) async fn add_info_msg_with_cmd(
         param.set(Param::ContactAddedRemoved, contact_id.to_u32().to_string());
     }
 
+    let timestamp_sort = if let Some(ts) = timestamp_sort {
+        ts
+    } else {
+        let sort_to_bottom = true;
+        let (received, incoming) = (false, false);
+        chat_id
+            .calc_sort_timestamp(
+                context,
+                smeared_time(context),
+                sort_to_bottom,
+                received,
+                incoming,
+            )
+            .await?
+    };
+
     let row_id =
     context.sql.insert(
         "INSERT INTO msgs (chat_id,from_id,to_id,timestamp,timestamp_sent,timestamp_rcvd,type,state,txt,txt_normalized,rfc724_mid,ephemeral_timer,param,mime_in_reply_to)
@@ -4648,8 +4663,8 @@ pub(crate) async fn add_info_msg_with_cmd(
             from_id.unwrap_or(ContactId::INFO),
             ContactId::INFO,
             timestamp_sort,
-            timestamp_sent_rcvd.unwrap_or(0),
-            timestamp_sent_rcvd.unwrap_or(0),
+            timestamp_sent_rcvd,
+            timestamp_sent_rcvd,
             Viewtype::Text,
             MessageState::InNoticed,
             text,
@@ -4669,19 +4684,14 @@ pub(crate) async fn add_info_msg_with_cmd(
 }
 
 /// Adds info message with a given text and `timestamp` to the chat.
-pub(crate) async fn add_info_msg(
-    context: &Context,
-    chat_id: ChatId,
-    text: &str,
-    timestamp: i64,
-) -> Result<MsgId> {
+pub(crate) async fn add_info_msg(context: &Context, chat_id: ChatId, text: &str) -> Result<MsgId> {
     add_info_msg_with_cmd(
         context,
         chat_id,
         text,
         SystemMessage::Unknown,
-        timestamp,
         None,
+        time(),
         None,
         None,
         None,

src/chat/chat_tests.rs

@@ -815,15 +815,6 @@ async fn test_self_talk() -> Result<()> {
     assert!(msg.get_showpadlock());
 
     let sent_msg = t.pop_sent_msg().await;
-    let payload = sent_msg.payload();
-    // Make sure the `To` field contains the address and not
-    // "undisclosed recipients".
-    // Otherwise Delta Chat core <1.153.0 assigns the message
-    // to the trash chat.
-    assert_eq!(
-        payload.match_indices("To: <alice@example.org>\r\n").count(),
-        1
-    );
 
     let t2 = TestContext::new_alice().await;
     t2.recv_msg(&sent_msg).await;
@@ -1238,7 +1229,7 @@ async fn test_unarchive_if_muted() -> Result<()> {
     chat_id.set_visibility(&t, ChatVisibility::Archived).await?;
     set_muted(&t, chat_id, MuteDuration::Forever).await?;
     send_text_msg(&t, chat_id, "out".to_string()).await?;
-    add_info_msg(&t, chat_id, "info", time()).await?;
+    add_info_msg(&t, chat_id, "info").await?;
     assert_eq!(get_archived_cnt(&t).await?, 1);
 
     // finally, unarchive on sending to not muted chat
@@ -1637,7 +1628,7 @@ async fn test_set_mute_duration() {
 async fn test_add_info_msg() -> Result<()> {
     let t = TestContext::new().await;
     let chat_id = create_group(&t, "foo").await?;
-    add_info_msg(&t, chat_id, "foo info", time()).await?;
+    add_info_msg(&t, chat_id, "foo info").await?;
 
     let msg = t.get_last_msg_in(chat_id).await;
     assert_eq!(msg.get_chat_id(), chat_id);
@@ -1659,8 +1650,8 @@ async fn test_add_info_msg_with_cmd() -> Result<()> {
         chat_id,
         "foo bar info",
         SystemMessage::EphemeralTimerChanged,
-        time(),
         None,
+        time(),
         None,
         None,
         None,
@@ -2632,12 +2623,6 @@ async fn test_can_send_group() -> Result<()> {
 /// the recipients can't see the identity of their fellow recipients.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
-    fn contains(parsed: &MimeMessage, s: &str) -> bool {
-        assert_eq!(parsed.decrypting_failed, false);
-        let decoded_str = std::str::from_utf8(&parsed.decoded_data).unwrap();
-        decoded_str.contains(s)
-    }
-
     let mut tcm = TestContextManager::new();
     let alice = &tcm.alice().await;
     let bob = &tcm.bob().await;
@@ -2669,8 +2654,8 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
         );
         let parsed = charlie.parse_msg(&auth_required).await;
         assert!(parsed.get_header(HeaderDef::AutocryptGossip).is_some());
-        assert!(contains(&parsed, "charlie@example.net"));
-        assert_eq!(contains(&parsed, "bob@example.net"), false);
+        assert!(parsed.decoded_data_contains("charlie@example.net"));
+        assert_eq!(parsed.decoded_data_contains("bob@example.net"), false);
 
         let parsed_by_bob = bob.parse_msg(&auth_required).await;
         assert!(parsed_by_bob.decrypting_failed);
@@ -2698,8 +2683,8 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
         );
         let parsed = charlie.parse_msg(&member_added).await;
         assert!(parsed.get_header(HeaderDef::AutocryptGossip).is_some());
-        assert!(contains(&parsed, "charlie@example.net"));
-        assert_eq!(contains(&parsed, "bob@example.net"), false);
+        assert!(parsed.decoded_data_contains("charlie@example.net"));
+        assert_eq!(parsed.decoded_data_contains("bob@example.net"), false);
 
         let parsed_by_bob = bob.parse_msg(&member_added).await;
         assert!(parsed_by_bob.decrypting_failed);
@@ -2713,8 +2698,8 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
         let hi_msg = alice.send_text(alice_broadcast_id, "hi").await;
         let parsed = charlie.parse_msg(&hi_msg).await;
         assert_eq!(parsed.header_exists(HeaderDef::AutocryptGossip), false);
-        assert_eq!(contains(&parsed, "charlie@example.net"), false);
-        assert_eq!(contains(&parsed, "bob@example.net"), false);
+        assert_eq!(parsed.decoded_data_contains("charlie@example.net"), false);
+        assert_eq!(parsed.decoded_data_contains("bob@example.net"), false);
 
         let parsed_by_bob = bob.parse_msg(&hi_msg).await;
         assert_eq!(parsed_by_bob.decrypting_failed, false);
@@ -2730,8 +2715,8 @@ async fn test_broadcast_members_cant_see_each_other() -> Result<()> {
             "charlie@example.net alice@example.org"
         );
         let parsed = charlie.parse_msg(&member_removed).await;
-        assert!(contains(&parsed, "charlie@example.net"));
-        assert_eq!(contains(&parsed, "bob@example.net"), false);
+        assert!(parsed.decoded_data_contains("charlie@example.net"));
+        assert_eq!(parsed.decoded_data_contains("bob@example.net"), false);
 
         let parsed_by_bob = bob.parse_msg(&member_removed).await;
         assert!(parsed_by_bob.decrypting_failed);
@@ -3327,10 +3312,7 @@ async fn test_leave_broadcast_multidevice() -> Result<()> {
 
     let leave_msg = bob0.pop_sent_msg().await;
     let parsed = MimeMessage::from_bytes(bob1, leave_msg.payload().as_bytes(), None).await?;
-    assert_eq!(
-        parsed.parts[0].msg,
-        stock_str::msg_group_left_remote(bob0).await
-    );
+    assert_eq!(parsed.parts[0].msg, "I left the group.");
 
     let rcvd = bob1.recv_msg(&leave_msg).await;
 
@@ -4513,7 +4495,7 @@ async fn test_info_not_referenced() -> Result<()> {
 
     let bob_received_message = tcm.send_recv_accept(alice, bob, "Hi!").await;
     let bob_chat_id = bob_received_message.chat_id;
-    add_info_msg(bob, bob_chat_id, "Some info", create_smeared_timestamp(bob)).await?;
+    add_info_msg(bob, bob_chat_id, "Some info").await?;
 
     // Bob sends a message.
     // This message should reference Alice's "Hi!" message and not the info message.

src/config.rs

@@ -18,7 +18,7 @@ use crate::context::Context;
 use crate::events::EventType;
 use crate::log::LogExt;
 use crate::mimefactory::RECOMMENDED_FILE_SIZE;
-use crate::provider::{Provider, get_provider_by_id};
+use crate::provider::Provider;
 use crate::sync::{self, Sync::*, SyncData};
 use crate::tools::get_abs_path;
 use crate::transport::ConfiguredLoginParam;
@@ -144,11 +144,11 @@ pub enum Config {
 
     /// Send BCC copy to self.
     ///
-    /// Should be enabled for multidevice setups.
-    /// Default is 0 for chatmail accounts, 1 otherwise.
+    /// Should be enabled for multi-device setups.
     ///
     /// This is automatically enabled when importing/exporting a backup,
     /// setting up a second device, or receiving a sync message.
+    #[strum(props(default = "0"))]
     BccSelf,
 
     /// True if Message Delivery Notifications (read receipts) should
@@ -438,8 +438,19 @@ pub enum Config {
     /// storing the same token multiple times on the server.
     EncryptedDeviceToken,
 
+    /// Enables running test hooks, e.g. see `InnerContext::pre_encrypt_mime_hook`.
+    /// This way is better than conditional compilation, i.e. `#[cfg(test)]`, because tests not
+    /// using this still run unmodified code.
+    TestHooks,
+
     /// Return an error from `receive_imf_inner()` for a fully downloaded message. For tests.
     FailOnReceivingFullMsg,
+
+    /// Enable composing emails with Header Protection as defined in
+    /// <https://www.rfc-editor.org/rfc/rfc9788.html> "Header Protection for Cryptographically
+    /// Protected Email".
+    #[strum(props(default = "1"))]
+    StdHeaderProtectionComposing,
 }
 
 impl Config {
@@ -466,7 +477,10 @@ impl Config {
 
     /// Whether the config option needs an IO scheduler restart to take effect.
     pub(crate) fn needs_io_restart(&self) -> bool {
-        matches!(self, Config::MvboxMove | Config::OnlyFetchMvbox)
+        matches!(
+            self,
+            Config::MvboxMove | Config::OnlyFetchMvbox | Config::ConfiguredAddr
+        )
     }
 }
 
@@ -512,10 +526,6 @@ impl Context {
 
         // Default values
         let val = match key {
-            Config::BccSelf => match Box::pin(self.is_chatmail()).await? {
-                false => Some("1".to_string()),
-                true => Some("0".to_string()),
-            },
             Config::ConfiguredInboxFolder => Some("INBOX".to_string()),
             Config::DeleteServerAfter => {
                 match !Box::pin(self.get_config_bool(Config::BccSelf)).await?
@@ -636,15 +646,14 @@ impl Context {
         Ok(val)
     }
 
-    /// Gets the configured provider, as saved in the `configured_provider` value.
+    /// Gets the configured provider.
     ///
-    /// The provider is determined by `get_provider_info()` during configuration and then saved
-    /// to the db in `param.save_to_database()`, together with all the other `configured_*` values.
+    /// The provider is determined by the current primary transport.
     pub async fn get_configured_provider(&self) -> Result<Option<&'static Provider>> {
-        if let Some(cfg) = self.get_config(Config::ConfiguredProvider).await? {
-            return Ok(get_provider_by_id(&cfg));
-        }
-        Ok(None)
+        let provider = ConfiguredLoginParam::load(self)
+            .await?
+            .and_then(|(_transport_id, param)| param.provider);
+        Ok(provider)
     }
 
     /// Gets configured "delete_device_after" value.
@@ -706,6 +715,16 @@ impl Context {
     pub async fn set_config(&self, key: Config, value: Option<&str>) -> Result<()> {
         Self::check_config(key, value)?;
 
+        let n_transports = self.count_transports().await?;
+        if n_transports > 1
+            && matches!(
+                key,
+                Config::MvboxMove | Config::OnlyFetchMvbox | Config::ShowEmails
+            )
+        {
+            bail!("Cannot reconfigure {key} when multiple transports are configured");
+        }
+
         let _pause = match key.needs_io_restart() {
             true => self.scheduler.pause(self).await?,
             _ => Default::default(),
@@ -791,20 +810,59 @@ impl Context {
                     .await?;
             }
             Config::ConfiguredAddr => {
-                if self.is_configured().await? {
-                    bail!("Cannot change ConfiguredAddr");
-                }
-                if let Some(addr) = value {
+                let Some(addr) = value else {
+                    bail!("Cannot unset configured_addr");
+                };
+
+                if !self.is_configured().await? {
                     info!(
                         self,
                         "Creating a pseudo configured account which will not be able to send or receive messages. Only meant for tests!"
                     );
-                    ConfiguredLoginParam::from_json(&format!(
-                        r#"{{"addr":"{addr}","imap":[],"imap_user":"","imap_password":"","smtp":[],"smtp_user":"","smtp_password":"","certificate_checks":"Automatic","oauth2":false}}"#
-                    ))?
-                    .save_to_transports_table(self, &EnteredLoginParam::default())
-                    .await?;
+                    self.sql
+                        .execute(
+                            "INSERT INTO transports (addr, entered_param, configured_param) VALUES (?, ?, ?)",
+                            (
+                                addr,
+                                serde_json::to_string(&EnteredLoginParam::default())?,
+                                format!(r#"{{"addr":"{addr}","imap":[],"imap_user":"","imap_password":"","smtp":[],"smtp_user":"","smtp_password":"","certificate_checks":"Automatic","oauth2":false}}"#)
+                            ),
+                        )
+                        .await?;
+                    self.sql
+                        .set_raw_config(Config::ConfiguredAddr.as_ref(), Some(addr))
+                        .await?;
                 }
+                self.sql
+                    .transaction(|transaction| {
+                        if transaction.query_row(
+                            "SELECT COUNT(*) FROM transports WHERE addr=?",
+                            (addr,),
+                            |row| {
+                                let res: i64 = row.get(0)?;
+                                Ok(res)
+                            },
+                        )? == 0
+                        {
+                            bail!("Address does not belong to any transport.");
+                        }
+                        transaction.execute(
+                            "UPDATE config SET value=? WHERE keyname='configured_addr'",
+                            (addr,),
+                        )?;
+
+                        // Clean up SMTP and IMAP APPEND queue.
+                        //
+                        // The messages in the queue have a different
+                        // From address so we cannot send them over
+                        // the new SMTP transport.
+                        transaction.execute("DELETE FROM smtp", ())?;
+                        transaction.execute("DELETE FROM imap_send", ())?;
+
+                        Ok(())
+                    })
+                    .await?;
+                self.sql.uncache_raw_config("configured_addr").await;
             }
             _ => {
                 self.sql.set_raw_config(key.as_ref(), value).await?;

src/config/config_tests.rs

@@ -278,7 +278,6 @@ async fn test_sync() -> Result<()> {
     Ok(())
 }
 
-/// Sync message mustn't be sent if self-{status,avatar} is changed by a self-sent message.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_no_sync_on_self_sent_msg() -> Result<()> {
     let mut tcm = TestContextManager::new();
@@ -288,7 +287,7 @@ async fn test_no_sync_on_self_sent_msg() -> Result<()> {
         a.set_config_bool(Config::SyncMsgs, true).await?;
     }
 
-    let status = "Synced via usual message";
+    let status = "Sent via usual message";
     alice0.set_config(Config::Selfstatus, Some(status)).await?;
     alice0.send_sync_msg().await?;
     alice0.pop_sent_sync_msg().await;
@@ -297,7 +296,7 @@ async fn test_no_sync_on_self_sent_msg() -> Result<()> {
     tcm.send_recv(alice0, alice1, "hi Alice!").await;
     assert_eq!(
         alice1.get_config(Config::Selfstatus).await?,
-        Some(status.to_string())
+        Some(status1.to_string())
     );
     sync(alice1, alice0).await;
     assert_eq!(
@@ -328,7 +327,7 @@ async fn test_no_sync_on_self_sent_msg() -> Result<()> {
         alice1
             .get_config(Config::Selfavatar)
             .await?
-            .filter(|path| path.ends_with(".png"))
+            .filter(|path| path.ends_with(".jpg"))
             .is_some()
     );
     sync(alice1, alice0).await;

src/configure.rs

@@ -27,7 +27,7 @@ use crate::config::{self, Config};
 use crate::constants::NON_ALPHANUMERIC_WITHOUT_DOT;
 use crate::context::Context;
 use crate::imap::Imap;
-use crate::log::{LogExt, warn};
+use crate::log::warn;
 use crate::login_param::EnteredCertificateChecks;
 pub use crate::login_param::EnteredLoginParam;
 use crate::message::Message;
@@ -40,11 +40,10 @@ use crate::sync::Sync::*;
 use crate::tools::time;
 use crate::transport::{
     ConfiguredCertificateChecks, ConfiguredLoginParam, ConfiguredServerLoginParam,
-    ConnectionCandidate,
+    ConnectionCandidate, send_sync_transports,
 };
 use crate::{EventType, stock_str};
 use crate::{chat, provider};
-use deltachat_contact_tools::addr_cmp;
 
 macro_rules! progress {
     ($context:tt, $progress:expr, $comment:expr) => {
@@ -130,12 +129,6 @@ impl Context {
             "cannot configure, database not opened."
         );
         param.addr = addr_normalize(&param.addr);
-        let old_addr = self.get_config(Config::ConfiguredAddr).await?;
-        if self.is_configured().await? && !addr_cmp(&old_addr.unwrap_or_default(), &param.addr) {
-            let error_msg = "Changing your email address is not supported right now. Check back in a few months!";
-            progress!(self, 0, Some(error_msg.to_string()));
-            bail!(error_msg);
-        }
         let cancel_channel = self.alloc_ongoing().await?;
 
         let res = self
@@ -204,23 +197,92 @@ impl Context {
         Ok(transports)
     }
 
+    /// Returns the number of configured transports.
+    pub async fn count_transports(&self) -> Result<usize> {
+        self.sql.count("SELECT COUNT(*) FROM transports", ()).await
+    }
+
     /// Removes the transport with the specified email address
     /// (i.e. [EnteredLoginParam::addr]).
-    #[expect(clippy::unused_async)]
-    pub async fn delete_transport(&self, _addr: &str) -> Result<()> {
-        bail!(
-            "Adding and removing additional transports is not supported yet. Check back in a few months!"
-        )
+    pub async fn delete_transport(&self, addr: &str) -> Result<()> {
+        let now = time();
+        self.sql
+            .transaction(|transaction| {
+                let primary_addr = transaction.query_row(
+                    "SELECT value FROM config WHERE keyname='configured_addr'",
+                    (),
+                    |row| {
+                        let addr: String = row.get(0)?;
+                        Ok(addr)
+                    },
+                )?;
+
+                if primary_addr == addr {
+                    bail!("Cannot delete primary transport");
+                }
+                let (transport_id, add_timestamp) = transaction.query_row(
+                    "DELETE FROM transports WHERE addr=? RETURNING id, add_timestamp",
+                    (addr,),
+                    |row| {
+                        let id: u32 = row.get(0)?;
+                        let add_timestamp: i64 = row.get(1)?;
+                        Ok((id, add_timestamp))
+                    },
+                )?;
+                transaction.execute("DELETE FROM imap WHERE transport_id=?", (transport_id,))?;
+                transaction.execute(
+                    "DELETE FROM imap_sync WHERE transport_id=?",
+                    (transport_id,),
+                )?;
+
+                // Removal timestamp should not be lower than addition timestamp
+                // to be accepted by other devices when synced.
+                let remove_timestamp = std::cmp::max(now, add_timestamp);
+
+                transaction.execute(
+                    "INSERT INTO removed_transports (addr, remove_timestamp)
+                     VALUES (?, ?)
+                     ON CONFLICT (addr)
+                     DO UPDATE SET remove_timestamp = excluded.remove_timestamp",
+                    (addr, remove_timestamp),
+                )?;
+
+                Ok(())
+            })
+            .await?;
+        send_sync_transports(self).await?;
+
+        Ok(())
     }
 
     async fn inner_configure(&self, param: &EnteredLoginParam) -> Result<()> {
         info!(self, "Configure ...");
 
         let old_addr = self.get_config(Config::ConfiguredAddr).await?;
+        if old_addr.is_some()
+            && !self
+                .sql
+                .exists(
+                    "SELECT COUNT(*) FROM transports WHERE addr=?",
+                    (&param.addr,),
+                )
+                .await?
+        {
+            if self.get_config(Config::MvboxMove).await?.as_deref() != Some("0") {
+                bail!("Cannot use multi-transport with mvbox_move enabled.");
+            }
+            if self.get_config(Config::OnlyFetchMvbox).await?.as_deref() != Some("0") {
+                bail!("Cannot use multi-transport with only_fetch_mvbox enabled.");
+            }
+            if self.get_config(Config::ShowEmails).await?.as_deref() != Some("2") {
+                bail!("Cannot use multi-transport with disabled fetching of classic emails.");
+            }
+        }
+
         let provider = configure(self, param).await?;
         self.set_config_internal(Config::NotifyAboutWrongPw, Some("1"))
             .await?;
-        on_configure_completed(self, provider, old_addr).await?;
+        on_configure_completed(self, provider).await?;
         Ok(())
     }
 }
@@ -228,7 +290,6 @@ impl Context {
 async fn on_configure_completed(
     context: &Context,
     provider: Option<&'static Provider>,
-    old_addr: Option<String>,
 ) -> Result<()> {
     if let Some(provider) = provider {
         if let Some(config_defaults) = provider.config_defaults {
@@ -258,21 +319,6 @@ async fn on_configure_completed(
         }
     }
 
-    if let Some(new_addr) = context.get_config(Config::ConfiguredAddr).await? {
-        if let Some(old_addr) = old_addr {
-            if !addr_cmp(&new_addr, &old_addr) {
-                let mut msg = Message::new_text(
-                    stock_str::aeap_explanation_and_link(context, &old_addr, &new_addr).await,
-                );
-                chat::add_device_msg(context, None, Some(&mut msg))
-                    .await
-                    .context("Cannot add AEAP explanation")
-                    .log_err(context)
-                    .ok();
-            }
-        }
-    }
-
     Ok(())
 }
 
@@ -504,71 +550,40 @@ async fn configure(ctx: &Context, param: &EnteredLoginParam) -> Result<Option<&'
 
     // Configure IMAP
 
+    let transport_id = 0;
     let (_s, r) = async_channel::bounded(1);
-    let mut imap = Imap::new(
-        configured_param.imap.clone(),
-        configured_param.imap_password.clone(),
-        proxy_config,
-        &configured_param.addr,
-        strict_tls,
-        configured_param.oauth2,
-        r,
-    );
+    let mut imap = Imap::new(ctx, transport_id, configured_param.clone(), r).await?;
     let configuring = true;
-    let mut imap_session = match imap.connect(ctx, configuring).await {
-        Ok(session) => session,
-        Err(err) => bail!(
+    if let Err(err) = imap.connect(ctx, configuring).await {
+        bail!(
             "{}",
             nicer_configuration_error(ctx, format!("{err:#}")).await
-        ),
+        );
     };
 
     progress!(ctx, 850);
 
     // Wait for SMTP configuration
-    smtp_config_task.await.unwrap()?;
+    smtp_config_task.await??;
 
     progress!(ctx, 900);
 
-    let is_chatmail = match ctx.get_config_bool(Config::FixIsChatmail).await? {
-        false => {
-            let is_chatmail = imap_session.is_chatmail();
-            ctx.set_config(
-                Config::IsChatmail,
-                Some(match is_chatmail {
-                    false => "0",
-                    true => "1",
-                }),
-            )
-            .await?;
-            is_chatmail
-        }
-        true => ctx.get_config_bool(Config::IsChatmail).await?,
-    };
-    if is_chatmail {
-        ctx.set_config(Config::MvboxMove, Some("0")).await?;
-        ctx.set_config(Config::OnlyFetchMvbox, None).await?;
-        ctx.set_config(Config::ShowEmails, None).await?;
+    let is_configured = ctx.is_configured().await?;
+    if !is_configured {
+        ctx.sql.set_raw_config("mvbox_move", Some("0")).await?;
+        ctx.sql.set_raw_config("only_fetch_mvbox", None).await?;
     }
 
-    let create_mvbox = !is_chatmail;
-    imap.configure_folders(ctx, &mut imap_session, create_mvbox)
-        .await?;
-
-    let create = true;
-    imap_session
-        .select_with_uidvalidity(ctx, "INBOX", create)
-        .await
-        .context("could not read INBOX status")?;
-
     drop(imap);
 
     progress!(ctx, 910);
 
     let provider = configured_param.provider;
     configured_param
-        .save_to_transports_table(ctx, param)
+        .clone()
+        .save_to_transports_table(ctx, param, time())
         .await?;
+    send_sync_transports(ctx).await?;
 
     ctx.set_config_internal(Config::ConfiguredTimestamp, Some(&time().to_string()))
         .await?;

src/configure/auto_mozilla.rs

@@ -154,10 +154,10 @@ fn parse_xml_reader<B: BufRead>(
                     if let Some(incoming_server) = parse_server(reader, event)? {
                         incoming_servers.push(incoming_server);
                     }
-                } else if tag == "outgoingserver" {
-                    if let Some(outgoing_server) = parse_server(reader, event)? {
-                        outgoing_servers.push(outgoing_server);
-                    }
+                } else if tag == "outgoingserver"
+                    && let Some(outgoing_server) = parse_server(reader, event)?
+                {
+                    outgoing_servers.push(outgoing_server);
                 }
             }
             Event::Eof => break,

src/contact.rs

@@ -130,35 +130,37 @@ impl ContactId {
                             Ok((addr, fingerprint))
                         },
                     )?;
-                    context.emit_event(EventType::ContactsChanged(Some(self)));
                     Ok(Some((addr, fingerprint)))
                 } else {
                     Ok(None)
                 }
             })
             .await?;
+        if row.is_some() {
+            context.emit_event(EventType::ContactsChanged(Some(self)));
+        }
 
-        if sync.into() {
-            if let Some((addr, fingerprint)) = row {
-                if fingerprint.is_empty() {
-                    chat::sync(
-                        context,
-                        chat::SyncId::ContactAddr(addr),
-                        chat::SyncAction::Rename(name.to_string()),
-                    )
-                    .await
-                    .log_err(context)
-                    .ok();
-                } else {
-                    chat::sync(
-                        context,
-                        chat::SyncId::ContactFingerprint(fingerprint),
-                        chat::SyncAction::Rename(name.to_string()),
-                    )
-                    .await
-                    .log_err(context)
-                    .ok();
-                }
+        if sync.into()
+            && let Some((addr, fingerprint)) = row
+        {
+            if fingerprint.is_empty() {
+                chat::sync(
+                    context,
+                    chat::SyncId::ContactAddr(addr),
+                    chat::SyncAction::Rename(name.to_string()),
+                )
+                .await
+                .log_err(context)
+                .ok();
+            } else {
+                chat::sync(
+                    context,
+                    chat::SyncId::ContactFingerprint(fingerprint),
+                    chat::SyncAction::Rename(name.to_string()),
+                )
+                .await
+                .log_err(context)
+                .ok();
             }
         }
         Ok(())
@@ -381,25 +383,21 @@ async fn import_vcard_contact(context: &Context, contact: &VcardContact) -> Resu
         },
         None => None,
     };
-    if let Some(path) = path {
-        // Currently this value doesn't matter as we don't import the contact of self.
-        let was_encrypted = false;
-        if let Err(e) =
-            set_profile_image(context, id, &AvatarAction::Change(path), was_encrypted).await
-        {
-            warn!(
-                context,
-                "import_vcard_contact: Could not set avatar for {}: {e:#}.", contact.addr
-            );
-        }
+    if let Some(path) = path
+        && let Err(e) = set_profile_image(context, id, &AvatarAction::Change(path)).await
+    {
+        warn!(
+            context,
+            "import_vcard_contact: Could not set avatar for {}: {e:#}.", contact.addr
+        );
     }
-    if let Some(biography) = &contact.biography {
-        if let Err(e) = set_status(context, id, biography.to_owned(), false, false).await {
-            warn!(
-                context,
-                "import_vcard_contact: Could not set biography for {}: {e:#}.", contact.addr
-            );
-        }
+    if let Some(biography) = &contact.biography
+        && let Err(e) = set_status(context, id, biography.to_owned()).await
+    {
+        warn!(
+            context,
+            "import_vcard_contact: Could not set biography for {}: {e:#}.", contact.addr
+        );
     }
     Ok(id)
 }
@@ -1507,18 +1505,6 @@ impl Contact {
         &self.addr
     }
 
-    /// Get authorized name or address.
-    ///
-    /// This string is suitable for sending over email
-    /// as it does not leak the locally set name.
-    pub(crate) fn get_authname_or_addr(&self) -> String {
-        if !self.authname.is_empty() {
-            (&self.authname).into()
-        } else {
-            (&self.addr).into()
-        }
-    }
-
     /// Get a summary of name and address.
     ///
     /// The returned string is either "Name (email@domain.com)" or just
@@ -1564,10 +1550,10 @@ impl Contact {
         if show_fallback_icon && !self.id.is_special() && !self.is_key_contact() {
             return Ok(Some(chat::get_unencrypted_icon(context).await?));
         }
-        if let Some(image_rel) = self.param.get(Param::ProfileImage) {
-            if !image_rel.is_empty() {
-                return Ok(Some(get_abs_path(context, Path::new(image_rel))));
-            }
+        if let Some(image_rel) = self.param.get(Param::ProfileImage)
+            && !image_rel.is_empty()
+        {
+            return Ok(Some(get_abs_path(context, Path::new(image_rel))));
         }
         Ok(None)
     }
@@ -1800,10 +1786,11 @@ WHERE type=? AND id IN (
 
         // also unblock mailinglist
         // if the contact is a mailinglist address explicitly created to allow unblocking
-        if !new_blocking && contact.origin == Origin::MailinglistAddress {
-            if let Some((chat_id, ..)) = chat::get_chat_id_by_grpid(context, &contact.addr).await? {
-                chat_id.unblock_ex(context, Nosync).await?;
-            }
+        if !new_blocking
+            && contact.origin == Origin::MailinglistAddress
+            && let Some((chat_id, ..)) = chat::get_chat_id_by_grpid(context, &contact.addr).await?
+        {
+            chat_id.unblock_ex(context, Nosync).await?;
         }
 
         if sync.into() {
@@ -1833,25 +1820,19 @@ WHERE type=? AND id IN (
 /// The given profile image is expected to be already in the blob directory
 /// as profile images can be set only by receiving messages, this should be always the case, however.
 ///
-/// For contact SELF, the image is not saved in the contact-database but as Config::Selfavatar;
-/// this typically happens if we see message with our own profile image.
+/// For contact SELF, the image is not saved in the contact-database but as Config::Selfavatar.
 pub(crate) async fn set_profile_image(
     context: &Context,
     contact_id: ContactId,
     profile_image: &AvatarAction,
-    was_encrypted: bool,
 ) -> Result<()> {
     let mut contact = Contact::get_by_id(context, contact_id).await?;
     let changed = match profile_image {
         AvatarAction::Change(profile_image) => {
             if contact_id == ContactId::SELF {
-                if was_encrypted {
-                    context
-                        .set_config_ex(Nosync, Config::Selfavatar, Some(profile_image))
-                        .await?;
-                } else {
-                    info!(context, "Do not use unencrypted selfavatar.");
-                }
+                context
+                    .set_config_ex(Nosync, Config::Selfavatar, Some(profile_image))
+                    .await?;
             } else {
                 contact.param.set(Param::ProfileImage, profile_image);
             }
@@ -1859,13 +1840,9 @@ pub(crate) async fn set_profile_image(
         }
         AvatarAction::Delete => {
             if contact_id == ContactId::SELF {
-                if was_encrypted {
-                    context
-                        .set_config_ex(Nosync, Config::Selfavatar, None)
-                        .await?;
-                } else {
-                    info!(context, "Do not use unencrypted selfavatar deletion.");
-                }
+                context
+                    .set_config_ex(Nosync, Config::Selfavatar, None)
+                    .await?;
             } else {
                 contact.param.remove(Param::ProfileImage);
             }
@@ -1882,22 +1859,16 @@ pub(crate) async fn set_profile_image(
 
 /// Sets contact status.
 ///
-/// For contact SELF, the status is not saved in the contact table, but as Config::Selfstatus.  This
-/// is only done if message is sent from Delta Chat and it is encrypted, to synchronize signature
-/// between Delta Chat devices.
+/// For contact SELF, the status is not saved in the contact table, but as Config::Selfstatus.
 pub(crate) async fn set_status(
     context: &Context,
     contact_id: ContactId,
     status: String,
-    encrypted: bool,
-    has_chat_version: bool,
 ) -> Result<()> {
     if contact_id == ContactId::SELF {
-        if encrypted && has_chat_version {
-            context
-                .set_config_ex(Nosync, Config::Selfstatus, Some(&status))
-                .await?;
-        }
+        context
+            .set_config_ex(Nosync, Config::Selfstatus, Some(&status))
+            .await?;
     } else {
         let mut contact = Contact::get_by_id(context, contact_id).await?;
 

src/contact/contact_tests.rs

@@ -4,7 +4,7 @@ use super::*;
 use crate::chat::{Chat, get_chat_contacts, send_text_msg};
 use crate::chatlist::Chatlist;
 use crate::receive_imf::receive_imf;
-use crate::test_utils::{self, TestContext, TestContextManager, TimeShiftFalsePositiveNote};
+use crate::test_utils::{self, TestContext, TestContextManager, TimeShiftFalsePositiveNote, sync};
 
 #[test]
 fn test_contact_id_values() {
@@ -850,8 +850,7 @@ CCCB 5AA9 F6E1 141C 9431
     Ok(())
 }
 
-/// Tests that status is synchronized when sending encrypted BCC-self messages and not
-/// synchronized when the message is not encrypted.
+/// Tests that self-status is not synchronized from outgoing messages.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_synchronize_status() -> Result<()> {
     let mut tcm = TestContextManager::new();
@@ -870,21 +869,12 @@ async fn test_synchronize_status() -> Result<()> {
         .await?;
     let chat = alice1.create_email_chat(bob).await;
 
-    // Alice sends a message to Bob from the first device.
+    // Alice sends an unencrypted message to Bob from the first device.
     send_text_msg(alice1, chat.id, "Hello".to_string()).await?;
     let sent_msg = alice1.pop_sent_msg().await;
 
-    // Message is not encrypted.
-    let message = sent_msg.load_from_db().await;
-    assert!(!message.get_showpadlock());
-
     // Alice's second devices receives a copy of outgoing message.
     alice2.recv_msg(&sent_msg).await;
-
-    // Bob receives message.
-    bob.recv_msg(&sent_msg).await;
-
-    // Message was not encrypted, so status is not copied.
     assert_eq!(alice2.get_config(Config::Selfstatus).await?, default_status);
 
     // Alice sends encrypted message.
@@ -892,17 +882,9 @@ async fn test_synchronize_status() -> Result<()> {
     send_text_msg(alice1, chat.id, "Hello".to_string()).await?;
     let sent_msg = alice1.pop_sent_msg().await;
 
-    // Second message is encrypted.
-    let message = sent_msg.load_from_db().await;
-    assert!(message.get_showpadlock());
-
     // Alice's second devices receives a copy of second outgoing message.
     alice2.recv_msg(&sent_msg).await;
-
-    assert_eq!(
-        alice2.get_config(Config::Selfstatus).await?,
-        Some("New status".to_string())
-    );
+    assert_eq!(alice2.get_config(Config::Selfstatus).await?, default_status);
 
     Ok(())
 }
@@ -915,9 +897,9 @@ async fn test_selfavatar_changed_event() -> Result<()> {
     // Alice has two devices.
     let alice1 = &tcm.alice().await;
     let alice2 = &tcm.alice().await;
-
-    // Bob has one device.
-    let bob = &tcm.bob().await;
+    for a in [alice1, alice2] {
+        a.set_config_bool(Config::SyncMsgs, true).await?;
+    }
 
     assert_eq!(alice1.get_config(Config::Selfavatar).await?, None);
 
@@ -933,17 +915,7 @@ async fn test_selfavatar_changed_event() -> Result<()> {
         .get_matching(|e| matches!(e, EventType::SelfavatarChanged))
         .await;
 
-    // Alice sends a message.
-    let alice1_chat_id = alice1.create_chat(bob).await.id;
-    send_text_msg(alice1, alice1_chat_id, "Hello".to_string()).await?;
-    let sent_msg = alice1.pop_sent_msg().await;
-
-    // The message is encrypted.
-    let message = sent_msg.load_from_db().await;
-    assert!(message.get_showpadlock());
-
-    // Alice's second device receives a copy of the outgoing message.
-    alice2.recv_msg(&sent_msg).await;
+    sync(alice1, alice2).await;
 
     // Alice's second device applies the selfavatar.
     assert!(alice2.get_config(Config::Selfavatar).await?.is_some());

src/context.rs

@@ -5,7 +5,7 @@ use std::ffi::OsString;
 use std::ops::Deref;
 use std::path::{Path, PathBuf};
 use std::sync::atomic::AtomicBool;
-use std::sync::{Arc, OnceLock};
+use std::sync::{Arc, OnceLock, Weak};
 use std::time::Duration;
 
 use anyhow::{Context as _, Result, bail, ensure};
@@ -46,7 +46,7 @@ use crate::{chatlist_events, stats};
 ///
 /// # Examples
 ///
-/// Creating a new unencrypted database:
+/// Creating a new database:
 ///
 /// ```
 /// # let rt = tokio::runtime::Runtime::new().unwrap();
@@ -61,24 +61,6 @@ use crate::{chatlist_events, stats};
 /// drop(context);
 /// # });
 /// ```
-///
-/// To use an encrypted database provide a password.  If the database does not yet exist it
-/// will be created:
-///
-/// ```
-/// # let rt = tokio::runtime::Runtime::new().unwrap();
-/// # rt.block_on(async move {
-/// use deltachat::context::ContextBuilder;
-///
-/// let dir = tempfile::tempdir().unwrap();
-/// let context = ContextBuilder::new(dir.path().join("db"))
-///      .with_password("secret".into())
-///      .open()
-///      .await
-///      .unwrap();
-/// drop(context);
-/// # });
-/// ```
 #[derive(Clone, Debug)]
 pub struct ContextBuilder {
     dbfile: PathBuf,
@@ -150,9 +132,13 @@ impl ContextBuilder {
     }
 
     /// Sets the password to unlock the database.
+    /// Deprecated 2025-11:
+    /// - Db encryption does nothing with blobs, so fs/disk encryption is recommended.
+    /// - Isolation from other apps is needed anyway.
     ///
     /// If an encrypted database is used it must be opened with a password.  Setting a
     /// password on a new database will enable encryption.
+    #[deprecated(since = "TBD")]
     pub fn with_password(mut self, password: String) -> Self {
         self.password = Some(password);
         self
@@ -180,7 +166,7 @@ impl ContextBuilder {
 
     /// Builds the [`Context`] and opens it.
     ///
-    /// Returns error if context cannot be opened with the given passphrase.
+    /// Returns error if context cannot be opened.
     pub async fn open(self) -> Result<Context> {
         let password = self.password.clone().unwrap_or_default();
         let context = self.build().await?;
@@ -215,6 +201,25 @@ impl Deref for Context {
     }
 }
 
+/// A weak reference to a [`Context`]
+///
+/// Can be used to obtain a [`Context`]. An existing weak reference does not prevent the corresponding [`Context`] from being dropped.
+#[derive(Clone, Debug)]
+pub(crate) struct WeakContext {
+    inner: Weak<InnerContext>,
+}
+
+impl WeakContext {
+    /// Returns the [`Context`] if it is still available.
+    pub(crate) fn upgrade(&self) -> Result<Context> {
+        let inner = self
+            .inner
+            .upgrade()
+            .ok_or_else(|| anyhow::anyhow!("Inner struct has been dropped"))?;
+        Ok(Context { inner })
+    }
+}
+
 /// Actual context, expensive to clone.
 #[derive(Debug)]
 pub struct InnerContext {
@@ -303,6 +308,17 @@ pub struct InnerContext {
     /// `Connectivity` values for mailboxes, unordered. Used to compute the aggregate connectivity,
     /// see [`Context::get_connectivity()`].
     pub(crate) connectivities: parking_lot::Mutex<Vec<ConnectivityStore>>,
+
+    #[expect(clippy::type_complexity)]
+    /// Transforms the root of the cryptographic payload before encryption.
+    pub(crate) pre_encrypt_mime_hook: parking_lot::Mutex<
+        Option<
+            for<'a> fn(
+                &Context,
+                mail_builder::mime::MimePart<'a>,
+            ) -> mail_builder::mime::MimePart<'a>,
+        >,
+    >,
 }
 
 /// The state of ongoing process.
@@ -388,10 +404,20 @@ impl Context {
         Ok(context)
     }
 
+    /// Returns a weak reference to this [`Context`].
+    pub(crate) fn get_weak_context(&self) -> WeakContext {
+        WeakContext {
+            inner: Arc::downgrade(&self.inner),
+        }
+    }
+
     /// Opens the database with the given passphrase.
+    /// NB: Db encryption is deprecated, so `passphrase` should be empty normally. See
+    /// [`ContextBuilder::with_password()`] for reasoning.
     ///
     /// Returns true if passphrase is correct, false is passphrase is not correct. Fails on other
     /// errors.
+    #[deprecated(since = "TBD")]
     pub async fn open(&self, passphrase: String) -> Result<bool> {
         if self.sql.check_passphrase(passphrase.clone()).await? {
             self.sql.open(self, passphrase).await?;
@@ -402,6 +428,7 @@ impl Context {
     }
 
     /// Changes encrypted database passphrase.
+    /// Deprecated 2025-11, see [`ContextBuilder::with_password()`] for reasoning.
     pub async fn change_passphrase(&self, passphrase: String) -> Result<()> {
         self.sql.change_passphrase(passphrase).await?;
         Ok(())
@@ -452,7 +479,7 @@ impl Context {
             translated_stockstrings: stockstrings,
             events,
             scheduler: SchedulerState::new(),
-            ratelimit: RwLock::new(Ratelimit::new(Duration::new(60, 0), 6.0)), // Allow at least 1 message every 10 seconds + a burst of 6.
+            ratelimit: RwLock::new(Ratelimit::new(Duration::new(3, 0), 3.0)), // Allow at least 1 message every second + a burst of 3.
             quota: RwLock::new(None),
             new_msgs_notify,
             server_id: RwLock::new(None),
@@ -467,6 +494,7 @@ impl Context {
             iroh: Arc::new(RwLock::new(None)),
             self_fingerprint: OnceLock::new(),
             connectivities: parking_lot::Mutex::new(Vec::new()),
+            pre_encrypt_mime_hook: None.into(),
         };
 
         let ctx = Context {
@@ -483,12 +511,6 @@ impl Context {
             return;
         }
 
-        if self.is_chatmail().await.unwrap_or_default() {
-            let mut lock = self.ratelimit.write().await;
-            // Allow at least 1 message every second + a burst of 3.
-            *lock = Ratelimit::new(Duration::new(3, 0), 3.0);
-        }
-
         // The next line is mainly for iOS:
         // iOS starts a separate process for receiving notifications and if the user concurrently
         // starts the app, the UI process opens the database but waits with calling start_io()
@@ -596,10 +618,9 @@ impl Context {
             if self
                 .quota_needs_update(DC_BACKGROUND_FETCH_QUOTA_CHECK_RATELIMIT)
                 .await
+                && let Err(err) = self.update_recent_quota(&mut session).await
             {
-                if let Err(err) = self.update_recent_quota(&mut session).await {
-                    warn!(self, "Failed to update quota: {err:#}.");
-                }
+                warn!(self, "Failed to update quota: {err:#}.");
             }
         }
 
@@ -796,9 +817,10 @@ impl Context {
     /// Returns information about the context as key-value pairs.
     pub async fn get_info(&self) -> Result<BTreeMap<&'static str, String>> {
         let l = EnteredLoginParam::load(self).await?;
-        let l2 = ConfiguredLoginParam::load(self)
-            .await?
-            .map_or_else(|| "Not configured".to_string(), |param| param.to_string());
+        let l2 = ConfiguredLoginParam::load(self).await?.map_or_else(
+            || "Not configured".to_string(),
+            |(_transport_id, param)| param.to_string(),
+        );
         let secondary_addrs = self.get_secondary_self_addrs().await?.join(", ");
         let chats = get_chat_cnt(self).await?;
         let unblocked_msgs = message::get_unblocked_msg_cnt(self).await;
@@ -1051,6 +1073,13 @@ impl Context {
                 .await?
                 .to_string(),
         );
+        res.insert(
+            "test_hooks",
+            self.sql
+                .get_raw_config("test_hooks")
+                .await?
+                .unwrap_or_default(),
+        );
         res.insert(
             "fail_on_receiving_full_msg",
             self.sql
@@ -1058,6 +1087,13 @@ impl Context {
                 .await?
                 .unwrap_or_default(),
         );
+        res.insert(
+            "std_header_protection_composing",
+            self.sql
+                .get_raw_config("std_header_protection_composing")
+                .await?
+                .unwrap_or_default(),
+        );
 
         let elapsed = time_elapsed(&self.creation_time);
         res.insert("uptime", duration_to_str(elapsed));

src/debug_logging.rs

@@ -115,15 +115,13 @@ pub async fn maybe_set_logging_xdc_inner(
     filename: Option<&str>,
     msg_id: MsgId,
 ) -> anyhow::Result<()> {
-    if viewtype == Viewtype::Webxdc {
-        if let Some(filename) = filename {
-            if filename.starts_with("debug_logging")
-                && filename.ends_with(".xdc")
-                && chat_id.is_self_talk(context).await?
-            {
-                set_debug_logging_xdc(context, Some(msg_id)).await?;
-            }
-        }
+    if viewtype == Viewtype::Webxdc
+        && let Some(filename) = filename
+        && filename.starts_with("debug_logging")
+        && filename.ends_with(".xdc")
+        && chat_id.is_self_talk(context).await?
+    {
+        set_debug_logging_xdc(context, Some(msg_id)).await?;
     }
     Ok(())
 }

src/dehtml.rs

@@ -13,6 +13,7 @@ use quick_xml::{
 
 use crate::simplify::{SimplifiedText, simplify_quote};
 
+#[derive(Default)]
 struct Dehtml {
     strbuilder: String,
     quote: String,
@@ -25,6 +26,9 @@ struct Dehtml {
     /// Everything between `<div name="quote">` and `<div name="quoted-content">` is usually metadata
     /// If this is > `0`, then we are inside a `<div name="quoted-content">`.
     divs_since_quoted_content_div: u32,
+    /// `<div class="header-protection-legacy-display">` elements should be omitted, see
+    /// <https://www.rfc-editor.org/rfc/rfc9788.html#section-4.5.3.3>.
+    divs_since_hp_legacy_display: u32,
     /// All-Inkl just puts the quote into `<blockquote> </blockquote>`. This count is
     /// increased at each `<blockquote>` and decreased at each `</blockquote>`.
     blockquotes_since_blockquote: u32,
@@ -48,20 +52,25 @@ impl Dehtml {
     }
 
     fn get_add_text(&self) -> AddText {
-        if self.divs_since_quote_div > 0 && self.divs_since_quoted_content_div == 0 {
-            AddText::No // Everything between `<div name="quoted">` and `<div name="quoted_content">` is metadata which we don't want
+        // Everything between `<div name="quoted">` and `<div name="quoted_content">` is
+        // metadata which we don't want.
+        if self.divs_since_quote_div > 0 && self.divs_since_quoted_content_div == 0
+            || self.divs_since_hp_legacy_display > 0
+        {
+            AddText::No
         } else {
             self.add_text
         }
     }
 }
 
-#[derive(Debug, PartialEq, Clone, Copy)]
+#[derive(Debug, Default, PartialEq, Clone, Copy)]
 enum AddText {
     /// Inside `<script>`, `<style>` and similar tags
     /// which contents should not be displayed.
     No,
 
+    #[default]
     YesRemoveLineEnds,
 
     /// Inside `<pre>`.
@@ -121,12 +130,7 @@ fn dehtml_quick_xml(buf: &str) -> (String, String) {
 
     let mut dehtml = Dehtml {
         strbuilder: String::with_capacity(buf.len()),
-        quote: String::new(),
-        add_text: AddText::YesRemoveLineEnds,
-        last_href: None,
-        divs_since_quote_div: 0,
-        divs_since_quoted_content_div: 0,
-        blockquotes_since_blockquote: 0,
+        ..Default::default()
     };
 
     let mut reader = quick_xml::Reader::from_str(buf);
@@ -244,6 +248,7 @@ fn dehtml_endtag_cb(event: &BytesEnd, dehtml: &mut Dehtml) {
         "div" => {
             pop_tag(&mut dehtml.divs_since_quote_div);
             pop_tag(&mut dehtml.divs_since_quoted_content_div);
+            pop_tag(&mut dehtml.divs_since_hp_legacy_display);
 
             *dehtml.get_buf() += "\n\n";
             dehtml.add_text = AddText::YesRemoveLineEnds;
@@ -295,6 +300,8 @@ fn dehtml_starttag_cb<B: std::io::BufRead>(
         "div" => {
             maybe_push_tag(event, reader, "quote", &mut dehtml.divs_since_quote_div);
             maybe_push_tag(event, reader, "quoted-content", &mut dehtml.divs_since_quoted_content_div);
+            maybe_push_tag(event, reader, "header-protection-legacy-display",
+                &mut dehtml.divs_since_hp_legacy_display);
 
             *dehtml.get_buf() += "\n\n";
             dehtml.add_text = AddText::YesRemoveLineEnds;
@@ -539,6 +546,27 @@ mod tests {
         assert_eq!(txt.text.trim(), "two\nlines");
     }
 
+    #[test]
+    fn test_hp_legacy_display() {
+        let input = r#"
+<html><head><title></title></head><body>
+<div class="header-protection-legacy-display">
+<pre>Subject: Dinner plans</pre>
+</div>
+<p>
+Let's meet at Rama's Roti Shop at 8pm and go to the park
+from there.
+</p>
+</body>
+</html>
+        "#;
+        let txt = dehtml(input).unwrap();
+        assert_eq!(
+            txt.text.trim(),
+            "Let's meet at Rama's Roti Shop at 8pm and go to the park from there."
+        );
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_quote_div() {
         let input = include_str!("../test-data/message/gmx-quote-body.eml");

src/e2ee.rs

@@ -57,7 +57,7 @@ impl EncryptHelper {
         let ctext = pgp::pk_encrypt(
             raw_message,
             keyring,
-            Some(sign_key),
+            sign_key,
             compress,
             anonymous_recipients,
         )

src/ephemeral.rs

@@ -241,10 +241,9 @@ pub(crate) async fn stock_ephemeral_timer_changed(
     match timer {
         Timer::Disabled => stock_str::msg_ephemeral_timer_disabled(context, from_id).await,
         Timer::Enabled { duration } => match duration {
-            0..=59 => {
+            0..=60 => {
                 stock_str::msg_ephemeral_timer_enabled(context, &timer.to_string(), from_id).await
             }
-            60 => stock_str::msg_ephemeral_timer_minute(context, from_id).await,
             61..=3599 => {
                 stock_str::msg_ephemeral_timer_minutes(
                     context,

src/ephemeral/ephemeral_tests.rs

@@ -38,7 +38,7 @@ async fn test_stock_ephemeral_messages() {
     assert_eq!(
         stock_ephemeral_timer_changed(&context, Timer::Enabled { duration: 60 }, ContactId::SELF)
             .await,
-        "You set message deletion timer to 1 minute."
+        "You set message deletion timer to 60 s."
     );
     assert_eq!(
         stock_ephemeral_timer_changed(&context, Timer::Enabled { duration: 90 }, ContactId::SELF)
@@ -142,7 +142,7 @@ async fn test_ephemeral_enable_disable() -> Result<()> {
     let bob_received_message = bob.recv_msg(&sent).await;
     assert_eq!(
         bob_received_message.text,
-        "Message deletion timer is set to 1 minute by alice@example.org."
+        "Message deletion timer is set to 60 s by alice@example.org."
     );
     assert_eq!(
         chat_bob.get_ephemeral_timer(bob).await?,
@@ -451,6 +451,8 @@ async fn test_delete_expired_imap_messages() -> Result<()> {
     let t = TestContext::new_alice().await;
     const HOUR: i64 = 60 * 60;
     let now = time();
+    let transport_id = 1;
+    let uidvalidity = 12345;
     for (id, timestamp, ephemeral_timestamp) in &[
         (900, now - 2 * HOUR, 0),
         (1000, now - 23 * HOUR - MIN_DELETE_SERVER_AFTER, 0),
@@ -470,8 +472,8 @@ async fn test_delete_expired_imap_messages() -> Result<()> {
                .await?;
         t.sql
             .execute(
-                "INSERT INTO imap (rfc724_mid, folder, uid, target) VALUES (?,'INBOX',?, 'INBOX');",
-                (&message_id, id),
+                "INSERT INTO imap (transport_id, rfc724_mid, folder, uid, target, uidvalidity) VALUES (?, ?,'INBOX',?, 'INBOX', ?);",
+                (transport_id, &message_id, id, uidvalidity),
             )
             .await?;
     }

src/events/payload.rs

@@ -417,6 +417,15 @@ pub enum EventType {
         chat_id: ChatId,
     },
 
+    /// One or more transports has changed.
+    ///
+    /// This event is used for tests to detect when transport
+    /// synchronization messages arrives.
+    /// UIs don't need to use it, it is unlikely
+    /// that user modifies transports on multiple
+    /// devices simultaneously.
+    TransportsModified,
+
     /// Event for using in tests, e.g. as a fence between normally generated events.
     #[cfg(test)]
     Test,

src/headerdef.rs

@@ -138,6 +138,9 @@ pub enum HeaderDef {
     /// Advertised gossip topic for one webxdc.
     IrohGossipTopic,
 
+    /// See <https://www.rfc-editor.org/rfc/rfc9788.html#name-hp-outer-header-field>.
+    HpOuter,
+
     #[cfg(test)]
     TestHeader,
 }

src/html.rs

@@ -169,27 +169,28 @@ impl HtmlMsgParser {
             MimeMultipartType::Single => {
                 let mimetype = mail.ctype.mimetype.parse::<Mime>()?;
                 if mimetype == mime::TEXT_HTML {
-                    if self.html.is_empty() {
-                        if let Ok(decoded_data) = mail.get_body() {
-                            self.html = decoded_data;
-                        }
-                    }
-                } else if mimetype == mime::TEXT_PLAIN && self.plain.is_none() {
-                    if let Ok(decoded_data) = mail.get_body() {
-                        self.plain = Some(PlainText {
-                            text: decoded_data,
-                            flowed: if let Some(format) = mail.ctype.params.get("format") {
-                                format.as_str().eq_ignore_ascii_case("flowed")
-                            } else {
-                                false
-                            },
-                            delsp: if let Some(delsp) = mail.ctype.params.get("delsp") {
-                                delsp.as_str().eq_ignore_ascii_case("yes")
-                            } else {
-                                false
-                            },
-                        });
+                    if self.html.is_empty()
+                        && let Ok(decoded_data) = mail.get_body()
+                    {
+                        self.html = decoded_data;
                     }
+                } else if mimetype == mime::TEXT_PLAIN
+                    && self.plain.is_none()
+                    && let Ok(decoded_data) = mail.get_body()
+                {
+                    self.plain = Some(PlainText {
+                        text: decoded_data,
+                        flowed: if let Some(format) = mail.ctype.params.get("format") {
+                            format.as_str().eq_ignore_ascii_case("flowed")
+                        } else {
+                            false
+                        },
+                        delsp: if let Some(delsp) = mail.ctype.params.get("delsp") {
+                            delsp.as_str().eq_ignore_ascii_case("yes")
+                        } else {
+                            false
+                        },
+                    });
                 }
                 Ok(())
             }
@@ -213,31 +214,29 @@ impl HtmlMsgParser {
             MimeMultipartType::Message => Ok(()),
             MimeMultipartType::Single => {
                 let mimetype = mail.ctype.mimetype.parse::<Mime>()?;
-                if mimetype.type_() == mime::IMAGE {
-                    if let Some(cid) = mail.headers.get_header_value(HeaderDef::ContentId) {
-                        if let Ok(cid) = parse_message_id(&cid) {
-                            if let Ok(replacement) = mimepart_to_data_url(mail) {
-                                let re_string = format!(
-                                    "(<img[^>]*src[^>]*=[^>]*)(cid:{})([^>]*>)",
-                                    regex::escape(&cid)
-                                );
-                                match regex::Regex::new(&re_string) {
-                                    Ok(re) => {
-                                        self.html = re
-                                            .replace_all(
-                                                &self.html,
-                                                format!("${{1}}{replacement}${{3}}").as_str(),
-                                            )
-                                            .as_ref()
-                                            .to_string()
-                                    }
-                                    Err(e) => warn!(
-                                        context,
-                                        "Cannot create regex for cid: {} throws {}", re_string, e
-                                    ),
-                                }
-                            }
+                if mimetype.type_() == mime::IMAGE
+                    && let Some(cid) = mail.headers.get_header_value(HeaderDef::ContentId)
+                    && let Ok(cid) = parse_message_id(&cid)
+                    && let Ok(replacement) = mimepart_to_data_url(mail)
+                {
+                    let re_string = format!(
+                        "(<img[^>]*src[^>]*=[^>]*)(cid:{})([^>]*>)",
+                        regex::escape(&cid)
+                    );
+                    match regex::Regex::new(&re_string) {
+                        Ok(re) => {
+                            self.html = re
+                                .replace_all(
+                                    &self.html,
+                                    format!("${{1}}{replacement}${{3}}").as_str(),
+                                )
+                                .as_ref()
+                                .to_string()
                         }
+                        Err(e) => warn!(
+                            context,
+                            "Cannot create regex for cid: {} throws {}", re_string, e
+                        ),
                     }
                 }
                 Ok(())

src/imap.rs

@@ -71,10 +71,15 @@ const BODY_PARTIAL: &str = "(FLAGS RFC822.SIZE BODY.PEEK[HEADER])";
 
 #[derive(Debug)]
 pub(crate) struct Imap {
+    /// ID of the transport configuration in the `transports` table.
+    ///
+    /// This ID is used to namespace records in the `imap` table.
+    transport_id: u32,
+
     pub(crate) idle_interrupt_receiver: Receiver<()>,
 
     /// Email address.
-    addr: String,
+    pub(crate) addr: String,
 
     /// Login parameters.
     lp: Vec<ConfiguredServerLoginParam>,
@@ -249,19 +254,21 @@ impl<T: Iterator<Item = (i64, u32, String)>> Iterator for UidGrouper<T> {
 
 impl Imap {
     /// Creates new disconnected IMAP client using the specific login parameters.
-    ///
-    /// `addr` is used to renew token if OAuth2 authentication is used.
-    pub fn new(
-        lp: Vec<ConfiguredServerLoginParam>,
-        password: String,
-        proxy_config: Option<ProxyConfig>,
-        addr: &str,
-        strict_tls: bool,
-        oauth2: bool,
+    pub async fn new(
+        context: &Context,
+        transport_id: u32,
+        param: ConfiguredLoginParam,
         idle_interrupt_receiver: Receiver<()>,
-    ) -> Self {
+    ) -> Result<Self> {
+        let lp = param.imap.clone();
+        let password = param.imap_password.clone();
+        let proxy_config = ProxyConfig::load(context).await?;
+        let addr = &param.addr;
+        let strict_tls = param.strict_tls(proxy_config.is_some());
+        let oauth2 = param.oauth2;
         let (resync_request_sender, resync_request_receiver) = async_channel::bounded(1);
-        Imap {
+        Ok(Imap {
+            transport_id,
             idle_interrupt_receiver,
             addr: addr.to_string(),
             lp,
@@ -277,7 +284,7 @@ impl Imap {
             ratelimit: Ratelimit::new(Duration::new(120, 0), 2.0),
             resync_request_sender,
             resync_request_receiver,
-        }
+        })
     }
 
     /// Creates new disconnected IMAP client using configured parameters.
@@ -285,20 +292,10 @@ impl Imap {
         context: &Context,
         idle_interrupt_receiver: Receiver<()>,
     ) -> Result<Self> {
-        let param = ConfiguredLoginParam::load(context)
+        let (transport_id, param) = ConfiguredLoginParam::load(context)
             .await?
             .context("Not configured")?;
-        let proxy_config = ProxyConfig::load(context).await?;
-        let strict_tls = param.strict_tls(proxy_config.is_some());
-        let imap = Self::new(
-            param.imap.clone(),
-            param.imap_password.clone(),
-            proxy_config,
-            &param.addr,
-            strict_tls,
-            param.oauth2,
-            idle_interrupt_receiver,
-        );
+        let imap = Self::new(context, transport_id, param, idle_interrupt_receiver).await?;
         Ok(imap)
     }
 
@@ -412,9 +409,19 @@ impl Imap {
                             })
                             .await
                             .context("Failed to enable IMAP compression")?;
-                        Session::new(compressed_session, capabilities, resync_request_sender)
+                        Session::new(
+                            compressed_session,
+                            capabilities,
+                            resync_request_sender,
+                            self.transport_id,
+                        )
                     } else {
-                        Session::new(session, capabilities, resync_request_sender)
+                        Session::new(
+                            session,
+                            capabilities,
+                            resync_request_sender,
+                            self.transport_id,
+                        )
                     };
 
                     // Store server ID in the context to display in account info.
@@ -593,8 +600,9 @@ impl Imap {
         folder: &str,
         folder_meaning: FolderMeaning,
     ) -> Result<(usize, bool)> {
-        let uid_validity = get_uidvalidity(context, folder).await?;
-        let old_uid_next = get_uid_next(context, folder).await?;
+        let transport_id = self.transport_id;
+        let uid_validity = get_uidvalidity(context, transport_id, folder).await?;
+        let old_uid_next = get_uid_next(context, transport_id, folder).await?;
         info!(
             context,
             "fetch_new_msg_batch({folder}): UIDVALIDITY={uid_validity}, UIDNEXT={old_uid_next}."
@@ -662,12 +670,19 @@ impl Imap {
             context
                 .sql
                 .execute(
-                    "INSERT INTO imap (rfc724_mid, folder, uid, uidvalidity, target)
-                       VALUES         (?1,         ?2,     ?3,  ?4,          ?5)
-                       ON CONFLICT(folder, uid, uidvalidity)
+                    "INSERT INTO imap (transport_id, rfc724_mid, folder, uid, uidvalidity, target)
+                       VALUES         (?,            ?,          ?,      ?,   ?,           ?)
+                       ON CONFLICT(transport_id, folder, uid, uidvalidity)
                        DO UPDATE SET rfc724_mid=excluded.rfc724_mid,
                                      target=excluded.target",
-                    (&message_id, &folder, uid, uid_validity, target),
+                    (
+                        self.transport_id,
+                        &message_id,
+                        &folder,
+                        uid,
+                        uid_validity,
+                        target,
+                    ),
                 )
                 .await?;
 
@@ -778,7 +793,7 @@ impl Imap {
             prefetch_uid_next < mailbox_uid_next
         };
         if new_uid_next > old_uid_next {
-            set_uid_next(context, folder, new_uid_next).await?;
+            set_uid_next(context, self.transport_id, folder, new_uid_next).await?;
         }
 
         info!(context, "{} mails read from \"{}\".", read_cnt, folder);
@@ -858,6 +873,7 @@ impl Session {
         let folder_exists = self
             .select_with_uidvalidity(context, folder, create)
             .await?;
+        let transport_id = self.transport_id();
         if folder_exists {
             let mut list = self
                 .uid_fetch("1:*", RFC724MID_UID)
@@ -890,7 +906,7 @@ impl Session {
                 msgs.len(),
             );
 
-            uid_validity = get_uidvalidity(context, folder).await?;
+            uid_validity = get_uidvalidity(context, transport_id, folder).await?;
         } else {
             warn!(context, "resync_folder_uids: No folder {folder}.");
             uid_validity = 0;
@@ -905,12 +921,12 @@ impl Session {
                     // This may detect previously undetected moved
                     // messages, so we update server_folder too.
                     transaction.execute(
-                        "INSERT INTO imap (rfc724_mid, folder, uid, uidvalidity, target)
-                         VALUES           (?1,         ?2,     ?3,  ?4,          ?5)
-                         ON CONFLICT(folder, uid, uidvalidity)
+                        "INSERT INTO imap (transport_id, rfc724_mid, folder, uid, uidvalidity, target)
+                         VALUES           (?,            ?,          ?,      ?,   ?,           ?)
+                         ON CONFLICT(transport_id, folder, uid, uidvalidity)
                          DO UPDATE SET rfc724_mid=excluded.rfc724_mid,
                                        target=excluded.target",
-                        (rfc724_mid, folder, uid, uid_validity, target),
+                        (transport_id, rfc724_mid, folder, uid, uid_validity, target),
                     )?;
                 }
                 Ok(())
@@ -1232,11 +1248,12 @@ impl Session {
             return Ok(());
         }
 
+        let transport_id = self.transport_id();
         let mut updated_chat_ids = BTreeSet::new();
-        let uid_validity = get_uidvalidity(context, folder)
+        let uid_validity = get_uidvalidity(context, transport_id, folder)
             .await
             .with_context(|| format!("failed to get UID validity for folder {folder}"))?;
-        let mut highest_modseq = get_modseq(context, folder)
+        let mut highest_modseq = get_modseq(context, transport_id, folder)
             .await
             .with_context(|| format!("failed to get MODSEQ for folder {folder}"))?;
         let mut list = self
@@ -1259,15 +1276,14 @@ impl Session {
                 continue;
             };
             let is_seen = fetch.flags().any(|flag| flag == Flag::Seen);
-            if is_seen {
-                if let Some(chat_id) = mark_seen_by_uid(context, folder, uid_validity, uid)
+            if is_seen
+                && let Some(chat_id) = mark_seen_by_uid(context, folder, uid_validity, uid)
                     .await
                     .with_context(|| {
                         format!("failed to update seen status for msg {folder}/{uid}")
                     })?
-                {
-                    updated_chat_ids.insert(chat_id);
-                }
+            {
+                updated_chat_ids.insert(chat_id);
             }
 
             if let Some(modseq) = fetch.modseq {
@@ -1288,7 +1304,7 @@ impl Session {
             self.new_mail = true;
         }
 
-        set_modseq(context, folder, highest_modseq)
+        set_modseq(context, transport_id, folder, highest_modseq)
             .await
             .with_context(|| format!("failed to set MODSEQ for folder {folder}"))?;
         if !updated_chat_ids.is_empty() {
@@ -1321,10 +1337,10 @@ impl Session {
             while let Some(msg) = list.try_next().await? {
                 match get_fetch_headers(&msg) {
                     Ok(headers) => {
-                        if let Some(from) = mimeparser::get_from(&headers) {
-                            if context.is_self_addr(&from.addr).await? {
-                                result.extend(mimeparser::get_recipients(&headers));
-                            }
+                        if let Some(from) = mimeparser::get_from(&headers)
+                            && context.is_self_addr(&from.addr).await?
+                        {
+                            result.extend(mimeparser::get_recipients(&headers));
                         }
                     }
                     Err(err) => {
@@ -1557,17 +1573,17 @@ impl Session {
                 .await?;
             let mut got_turn_server = false;
             for m in metadata {
-                if m.entry == "/shared/vendor/deltachat/turn" {
-                    if let Some(value) = m.value {
-                        match create_ice_servers_from_metadata(context, &value).await {
-                            Ok((parsed_timestamp, parsed_ice_servers)) => {
-                                old_metadata.ice_servers_expiration_timestamp = parsed_timestamp;
-                                old_metadata.ice_servers = parsed_ice_servers;
-                                got_turn_server = false;
-                            }
-                            Err(err) => {
-                                warn!(context, "Failed to parse TURN server metadata: {err:#}.");
-                            }
+                if m.entry == "/shared/vendor/deltachat/turn"
+                    && let Some(value) = m.value
+                {
+                    match create_ice_servers_from_metadata(context, &value).await {
+                        Ok((parsed_timestamp, parsed_ice_servers)) => {
+                            old_metadata.ice_servers_expiration_timestamp = parsed_timestamp;
+                            old_metadata.ice_servers = parsed_ice_servers;
+                            got_turn_server = false;
+                        }
+                        Err(err) => {
+                            warn!(context, "Failed to parse TURN server metadata: {err:#}.");
                         }
                     }
                 }
@@ -1852,11 +1868,13 @@ impl Imap {
             info!(context, "Scanning folder: {:?}", folder);
 
             // Update the delimiter iff there is a different one, but only once.
-            if let Some(d) = folder.delimiter() {
-                if delimiter_is_default && !d.is_empty() && delimiter != d {
-                    delimiter = d.to_string();
-                    delimiter_is_default = false;
-                }
+            if let Some(d) = folder.delimiter()
+                && delimiter_is_default
+                && !d.is_empty()
+                && delimiter != d
+            {
+                delimiter = d.to_string();
+                delimiter_is_default = false;
             }
 
             let folder_meaning = get_folder_meaning_by_attrs(folder.attributes());
@@ -2097,12 +2115,10 @@ async fn needs_move_to_mvbox(
             .get_header_value(HeaderDef::AutoSubmitted)
             .filter(|val| val.eq_ignore_ascii_case("auto-generated"))
             .is_some()
+        && let Some(from) = mimeparser::get_from(headers)
+        && context.is_self_addr(&from.addr).await?
     {
-        if let Some(from) = mimeparser::get_from(headers) {
-            if context.is_self_addr(&from.addr).await? {
-                return Ok(true);
-            }
-        }
+        return Ok(true);
     }
     if !context.get_config_bool(Config::MvboxMove).await? {
         return Ok(false);
@@ -2272,12 +2288,13 @@ pub(crate) async fn prefetch_should_download(
     // We do not know the Message-ID or the Message-ID is missing (in this case, we create one in
     // the further process).
 
-    if let Some(chat) = prefetch_get_chat(context, headers).await? {
-        if chat.typ == Chattype::Group && !chat.id.is_special() {
-            // This might be a group command, like removing a group member.
-            // We really need to fetch this to avoid inconsistent group state.
-            return Ok(true);
-        }
+    if let Some(chat) = prefetch_get_chat(context, headers).await?
+        && chat.typ == Chattype::Group
+        && !chat.id.is_special()
+    {
+        // This might be a group command, like removing a group member.
+        // We really need to fetch this to avoid inconsistent group state.
+        return Ok(true);
     }
 
     let maybe_ndn = if let Some(from) = headers.get_header_value(HeaderDef::From_) {
@@ -2417,13 +2434,18 @@ pub(crate) async fn markseen_on_imap_table(context: &Context, message_id: &str)
 /// uid_next is the next unique identifier value from the last time we fetched a folder
 /// See <https://tools.ietf.org/html/rfc3501#section-2.3.1.1>
 /// This function is used to update our uid_next after fetching messages.
-pub(crate) async fn set_uid_next(context: &Context, folder: &str, uid_next: u32) -> Result<()> {
+pub(crate) async fn set_uid_next(
+    context: &Context,
+    transport_id: u32,
+    folder: &str,
+    uid_next: u32,
+) -> Result<()> {
     context
         .sql
         .execute(
-            "INSERT INTO imap_sync (folder, uid_next) VALUES (?,?)
-                ON CONFLICT(folder) DO UPDATE SET uid_next=excluded.uid_next",
-            (folder, uid_next),
+            "INSERT INTO imap_sync (transport_id, folder, uid_next) VALUES (?, ?,?)
+                ON CONFLICT(transport_id, folder) DO UPDATE SET uid_next=excluded.uid_next",
+            (transport_id, folder, uid_next),
         )
         .await?;
     Ok(())
@@ -2434,57 +2456,69 @@ pub(crate) async fn set_uid_next(context: &Context, folder: &str, uid_next: u32)
 /// This method returns the uid_next from the last time we fetched messages.
 /// We can compare this to the current uid_next to find out whether there are new messages
 /// and fetch from this value on to get all new messages.
-async fn get_uid_next(context: &Context, folder: &str) -> Result<u32> {
+async fn get_uid_next(context: &Context, transport_id: u32, folder: &str) -> Result<u32> {
     Ok(context
         .sql
-        .query_get_value("SELECT uid_next FROM imap_sync WHERE folder=?;", (folder,))
+        .query_get_value(
+            "SELECT uid_next FROM imap_sync WHERE transport_id=? AND folder=?",
+            (transport_id, folder),
+        )
         .await?
         .unwrap_or(0))
 }
 
 pub(crate) async fn set_uidvalidity(
     context: &Context,
+    transport_id: u32,
     folder: &str,
     uidvalidity: u32,
 ) -> Result<()> {
     context
         .sql
         .execute(
-            "INSERT INTO imap_sync (folder, uidvalidity) VALUES (?,?)
-                ON CONFLICT(folder) DO UPDATE SET uidvalidity=excluded.uidvalidity",
-            (folder, uidvalidity),
+            "INSERT INTO imap_sync (transport_id, folder, uidvalidity) VALUES (?,?,?)
+                ON CONFLICT(transport_id, folder) DO UPDATE SET uidvalidity=excluded.uidvalidity",
+            (transport_id, folder, uidvalidity),
         )
         .await?;
     Ok(())
 }
 
-async fn get_uidvalidity(context: &Context, folder: &str) -> Result<u32> {
+async fn get_uidvalidity(context: &Context, transport_id: u32, folder: &str) -> Result<u32> {
     Ok(context
         .sql
         .query_get_value(
-            "SELECT uidvalidity FROM imap_sync WHERE folder=?;",
-            (folder,),
+            "SELECT uidvalidity FROM imap_sync WHERE transport_id=? AND folder=?",
+            (transport_id, folder),
         )
         .await?
         .unwrap_or(0))
 }
 
-pub(crate) async fn set_modseq(context: &Context, folder: &str, modseq: u64) -> Result<()> {
+pub(crate) async fn set_modseq(
+    context: &Context,
+    transport_id: u32,
+    folder: &str,
+    modseq: u64,
+) -> Result<()> {
     context
         .sql
         .execute(
-            "INSERT INTO imap_sync (folder, modseq) VALUES (?,?)
-                ON CONFLICT(folder) DO UPDATE SET modseq=excluded.modseq",
-            (folder, modseq),
+            "INSERT INTO imap_sync (transport_id, folder, modseq) VALUES (?,?,?)
+                ON CONFLICT(transport_id, folder) DO UPDATE SET modseq=excluded.modseq",
+            (transport_id, folder, modseq),
         )
         .await?;
     Ok(())
 }
 
-async fn get_modseq(context: &Context, folder: &str) -> Result<u64> {
+async fn get_modseq(context: &Context, transport_id: u32, folder: &str) -> Result<u64> {
     Ok(context
         .sql
-        .query_get_value("SELECT modseq FROM imap_sync WHERE folder=?;", (folder,))
+        .query_get_value(
+            "SELECT modseq FROM imap_sync WHERE transport_id=? AND folder=?",
+            (transport_id, folder),
+        )
         .await?
         .unwrap_or(0))
 }
@@ -2524,11 +2558,11 @@ fn build_sequence_sets(uids: &[u32]) -> Result<Vec<(Vec<u32>, String)>> {
     let mut ranges: Vec<UidRange> = vec![];
 
     for &current in uids {
-        if let Some(last) = ranges.last_mut() {
-            if last.end + 1 == current {
-                last.end = current;
-                continue;
-            }
+        if let Some(last) = ranges.last_mut()
+            && last.end + 1 == current
+        {
+            last.end = current;
+            continue;
         }
 
         ranges.push(UidRange {

src/imap/client.rs

@@ -207,6 +207,7 @@ impl Client {
         hostname: &str,
         strict_tls: bool,
     ) -> Result<Self> {
+        let use_sni = true;
         let tcp_stream = connect_tcp_inner(addr).await?;
         let account_id = context.get_id();
         let events = context.events.clone();
@@ -215,6 +216,7 @@ impl Client {
             strict_tls,
             hostname,
             addr.port(),
+            use_sni,
             alpn(addr.port()),
             logging_stream,
             &context.tls_session_store,
@@ -251,6 +253,7 @@ impl Client {
         host: &str,
         strict_tls: bool,
     ) -> Result<Self> {
+        let use_sni = false;
         let tcp_stream = connect_tcp_inner(addr).await?;
 
         let account_id = context.get_id();
@@ -275,6 +278,7 @@ impl Client {
             strict_tls,
             host,
             addr.port(),
+            use_sni,
             "",
             tcp_stream,
             &context.tls_session_store,
@@ -294,6 +298,7 @@ impl Client {
         strict_tls: bool,
         proxy_config: ProxyConfig,
     ) -> Result<Self> {
+        let use_sni = true;
         let proxy_stream = proxy_config
             .connect(context, domain, port, strict_tls)
             .await?;
@@ -301,6 +306,7 @@ impl Client {
             strict_tls,
             domain,
             port,
+            use_sni,
             alpn(port),
             proxy_stream,
             &context.tls_session_store,
@@ -340,6 +346,7 @@ impl Client {
         proxy_config: ProxyConfig,
         strict_tls: bool,
     ) -> Result<Self> {
+        let use_sni = false;
         let proxy_stream = proxy_config
             .connect(context, hostname, port, strict_tls)
             .await?;
@@ -362,6 +369,7 @@ impl Client {
             strict_tls,
             hostname,
             port,
+            use_sni,
             "",
             proxy_stream,
             &context.tls_session_store,

src/imap/imap_tests.rs

@@ -11,17 +11,23 @@ fn test_get_folder_meaning_by_name() {
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_set_uid_next_validity() {
     let t = TestContext::new_alice().await;
-    assert_eq!(get_uid_next(&t.ctx, "Inbox").await.unwrap(), 0);
-    assert_eq!(get_uidvalidity(&t.ctx, "Inbox").await.unwrap(), 0);
+    assert_eq!(get_uid_next(&t.ctx, 1, "Inbox").await.unwrap(), 0);
+    assert_eq!(get_uidvalidity(&t.ctx, 1, "Inbox").await.unwrap(), 0);
 
-    set_uidvalidity(&t.ctx, "Inbox", 7).await.unwrap();
-    assert_eq!(get_uidvalidity(&t.ctx, "Inbox").await.unwrap(), 7);
-    assert_eq!(get_uid_next(&t.ctx, "Inbox").await.unwrap(), 0);
+    set_uidvalidity(&t.ctx, 1, "Inbox", 7).await.unwrap();
+    assert_eq!(get_uidvalidity(&t.ctx, 1, "Inbox").await.unwrap(), 7);
+    assert_eq!(get_uid_next(&t.ctx, 1, "Inbox").await.unwrap(), 0);
 
-    set_uid_next(&t.ctx, "Inbox", 5).await.unwrap();
-    set_uidvalidity(&t.ctx, "Inbox", 6).await.unwrap();
-    assert_eq!(get_uid_next(&t.ctx, "Inbox").await.unwrap(), 5);
-    assert_eq!(get_uidvalidity(&t.ctx, "Inbox").await.unwrap(), 6);
+    // For another transport there is still no UIDVALIDITY set.
+    assert_eq!(get_uidvalidity(&t.ctx, 2, "Inbox").await.unwrap(), 0);
+
+    set_uid_next(&t.ctx, 1, "Inbox", 5).await.unwrap();
+    set_uidvalidity(&t.ctx, 1, "Inbox", 6).await.unwrap();
+    assert_eq!(get_uid_next(&t.ctx, 1, "Inbox").await.unwrap(), 5);
+    assert_eq!(get_uidvalidity(&t.ctx, 1, "Inbox").await.unwrap(), 6);
+
+    assert_eq!(get_uid_next(&t.ctx, 2, "Inbox").await.unwrap(), 0);
+    assert_eq!(get_uidvalidity(&t.ctx, 2, "Inbox").await.unwrap(), 0);
 }
 
 #[test]

src/imap/select_folder.rs

@@ -5,6 +5,7 @@ use anyhow::Context as _;
 use super::session::Session as ImapSession;
 use super::{get_uid_next, get_uidvalidity, set_modseq, set_uid_next, set_uidvalidity};
 use crate::context::Context;
+use crate::ensure_and_debug_assert;
 use crate::log::warn;
 
 type Result<T> = std::result::Result<T, Error>;
@@ -34,16 +35,16 @@ impl ImapSession {
     /// because no EXPUNGE responses are sent, see
     /// <https://tools.ietf.org/html/rfc3501#section-6.4.2>
     pub(super) async fn maybe_close_folder(&mut self, context: &Context) -> anyhow::Result<()> {
-        if let Some(folder) = &self.selected_folder {
-            if self.selected_folder_needs_expunge {
-                info!(context, "Expunge messages in {folder:?}.");
+        if let Some(folder) = &self.selected_folder
+            && self.selected_folder_needs_expunge
+        {
+            info!(context, "Expunge messages in {folder:?}.");
 
-                self.close().await.context("IMAP close/expunge failed")?;
-                info!(context, "Close/expunge succeeded.");
-                self.selected_folder = None;
-                self.selected_folder_needs_expunge = false;
-                self.new_mail = false;
-            }
+            self.close().await.context("IMAP close/expunge failed")?;
+            info!(context, "Close/expunge succeeded.");
+            self.selected_folder = None;
+            self.selected_folder_needs_expunge = false;
+            self.new_mail = false;
         }
         Ok(())
     }
@@ -54,10 +55,10 @@ impl ImapSession {
     async fn select_folder(&mut self, context: &Context, folder: &str) -> Result<NewlySelected> {
         // if there is a new folder and the new folder is equal to the selected one, there's nothing to do.
         // if there is _no_ new folder, we continue as we might want to expunge below.
-        if let Some(selected_folder) = &self.selected_folder {
-            if folder == selected_folder {
-                return Ok(NewlySelected::No);
-            }
+        if let Some(selected_folder) = &self.selected_folder
+            && folder == selected_folder
+        {
+            return Ok(NewlySelected::No);
         }
 
         // deselect existing folder, if needed (it's also done implicitly by SELECT, however, without EXPUNGE then)
@@ -129,7 +130,7 @@ impl ImapSession {
         context: &Context,
         folder: &str,
         create: bool,
-    ) -> Result<bool> {
+    ) -> anyhow::Result<bool> {
         let newly_selected = if create {
             self.select_or_create_folder(context, folder)
                 .await
@@ -146,15 +147,24 @@ impl ImapSession {
                 },
             }
         };
+        let transport_id = self.transport_id();
+
+        // Folders should not be selected when transport_id is not assigned yet
+        // because we cannot save UID validity then.
+        ensure_and_debug_assert!(
+            transport_id > 0,
+            "Cannot select folder when transport ID is unknown"
+        );
+
         let mailbox = self
             .selected_mailbox
             .as_mut()
             .with_context(|| format!("No mailbox selected, folder: {folder:?}"))?;
 
-        let old_uid_validity = get_uidvalidity(context, folder)
+        let old_uid_validity = get_uidvalidity(context, transport_id, folder)
             .await
             .with_context(|| format!("Failed to get old UID validity for folder {folder:?}"))?;
-        let old_uid_next = get_uid_next(context, folder)
+        let old_uid_next = get_uid_next(context, transport_id, folder)
             .await
             .with_context(|| format!("Failed to get old UID NEXT for folder {folder:?}"))?;
 
@@ -205,7 +215,7 @@ impl ImapSession {
                             context,
                             "The server illegally decreased the uid_next of folder {folder:?} from {old_uid_next} to {new_uid_next} without changing validity ({new_uid_validity}), resyncing UIDs...",
                         );
-                        set_uid_next(context, folder, new_uid_next).await?;
+                        set_uid_next(context, transport_id, folder, new_uid_next).await?;
                         self.resync_request_sender.try_send(()).ok();
                     }
 
@@ -224,21 +234,21 @@ impl ImapSession {
         }
 
         // UIDVALIDITY is modified, reset highest seen MODSEQ.
-        set_modseq(context, folder, 0).await?;
+        set_modseq(context, transport_id, folder, 0).await?;
 
         // ==============  uid_validity has changed or is being set the first time.  ==============
 
         let new_uid_next = new_uid_next.unwrap_or_default();
-        set_uid_next(context, folder, new_uid_next).await?;
-        set_uidvalidity(context, folder, new_uid_validity).await?;
+        set_uid_next(context, transport_id, folder, new_uid_next).await?;
+        set_uidvalidity(context, transport_id, folder, new_uid_validity).await?;
         self.new_mail = true;
 
         // Collect garbage entries in `imap` table.
         context
             .sql
             .execute(
-                "DELETE FROM imap WHERE folder=? AND uidvalidity!=?",
-                (&folder, new_uid_validity),
+                "DELETE FROM imap WHERE transport_id=? AND folder=? AND uidvalidity!=?",
+                (transport_id, &folder, new_uid_validity),
             )
             .await?;
 
@@ -247,12 +257,7 @@ impl ImapSession {
         }
         info!(
             context,
-            "uid/validity change folder {}: new {}/{} previous {}/{}.",
-            folder,
-            new_uid_next,
-            new_uid_validity,
-            old_uid_next,
-            old_uid_validity,
+            "transport {transport_id}: UID validity for folder {folder} changed from {old_uid_validity}/{old_uid_next} to {new_uid_validity}/{new_uid_next}.",
         );
         Ok(true)
     }

src/imap/session.rs

@@ -30,6 +30,8 @@ const PREFETCH_FLAGS: &str = "(UID INTERNALDATE RFC822.SIZE BODY.PEEK[HEADER.FIE
 
 #[derive(Debug)]
 pub(crate) struct Session {
+    transport_id: u32,
+
     pub(super) inner: ImapSession<Box<dyn SessionStream>>,
 
     pub capabilities: Capabilities,
@@ -71,8 +73,10 @@ impl Session {
         inner: ImapSession<Box<dyn SessionStream>>,
         capabilities: Capabilities,
         resync_request_sender: async_channel::Sender<()>,
+        transport_id: u32,
     ) -> Self {
         Self {
+            transport_id,
             inner,
             capabilities,
             selected_folder: None,
@@ -84,6 +88,11 @@ impl Session {
         }
     }
 
+    /// Returns ID of the transport for which this session was created.
+    pub(crate) fn transport_id(&self) -> u32 {
+        self.transport_id
+    }
+
     pub fn can_idle(&self) -> bool {
         self.capabilities.can_idle
     }

src/imex.rs

@@ -377,7 +377,15 @@ async fn import_backup_stream_inner<R: tokio::io::AsyncRead + Unpin>(
         res = check_backup_version(context).await;
     }
     if res.is_ok() {
-        res = adjust_bcc_self(context).await;
+        // All recent backups have `bcc_self` set to "1" before export.
+        //
+        // Setting `bcc_self` to "1" on export was introduced on 2024-12-17
+        // in commit 21664125d798021be75f47d5b0d5006d338b4531
+        //
+        // We additionally try to set `bcc_self` to "1" after import here
+        // for compatibility with older backups,
+        // but eventually this code can be removed.
+        res = context.set_config(Config::BccSelf, Some("1")).await;
     }
     fs::remove_file(unpacked_database)
         .await
@@ -751,7 +759,7 @@ async fn export_database(
         .to_str()
         .with_context(|| format!("path {} is not valid unicode", dest.display()))?;
 
-    adjust_bcc_self(context).await?;
+    context.set_config(Config::BccSelf, Some("1")).await?;
     context
         .sql
         .set_raw_config_int("backup_time", timestamp)
@@ -785,18 +793,6 @@ async fn export_database(
         .await
 }
 
-/// Sets `Config::BccSelf` (and `DeleteServerAfter` to "never" in effect) if needed so that new
-/// messages are present on the server after a backup restoration or available for all devices in
-/// multi-device case. NB: Calling this after a backup import isn't reliable as we can crash in
-/// between, but this is a problem only for old backups, new backups already have `BccSelf` set if
-/// necessary.
-async fn adjust_bcc_self(context: &Context) -> Result<()> {
-    if context.is_chatmail().await? && !context.config_exists(Config::BccSelf).await? {
-        context.set_config(Config::BccSelf, Some("1")).await?;
-    }
-    Ok(())
-}
-
 async fn check_backup_version(context: &Context) -> Result<()> {
     let version = (context.sql.get_raw_config_int("backup_version").await?).unwrap_or(2);
     ensure!(
@@ -983,11 +979,10 @@ mod tests {
 
         let context1 = &TestContext::new_alice().await;
 
+        // `bcc_self` is enabled by default for test contexts. Unset it.
+        context1.set_config(Config::BccSelf, None).await?;
+
         // Check that the settings are displayed correctly.
-        assert_eq!(
-            context1.get_config(Config::BccSelf).await?,
-            Some("1".to_string())
-        );
         assert_eq!(
             context1.get_config(Config::DeleteServerAfter).await?,
             Some("0".to_string())

src/lib.rs

@@ -89,6 +89,7 @@ pub mod securejoin;
 mod simplify;
 mod smtp;
 pub mod stock_str;
+pub mod storage_usage;
 mod sync;
 mod timesmearing;
 mod token;

src/location.rs

@@ -294,7 +294,7 @@ pub async fn send_locations_to_chat(
             .unwrap_or_default();
     } else if 0 == seconds && is_sending_locations_before {
         let stock_str = stock_str::msg_location_disabled(context).await;
-        chat::add_info_msg(context, chat_id, &stock_str, now).await?;
+        chat::add_info_msg(context, chat_id, &stock_str).await?;
     }
     context.emit_event(EventType::ChatModified(chat_id));
     chatlist_events::emit_chatlist_item_changed(context, chat_id);
@@ -849,7 +849,7 @@ async fn maybe_send_locations(context: &Context) -> Result<Option<u64>> {
                 .context("failed to disable location streaming")?;
 
             let stock_str = stock_str::msg_location_disabled(context).await;
-            chat::add_info_msg(context, chat_id, &stock_str, now).await?;
+            chat::add_info_msg(context, chat_id, &stock_str).await?;
             context.emit_event(EventType::ChatModified(chat_id));
             chatlist_events::emit_chatlist_item_changed(context, chat_id);
         }

src/message.rs

@@ -638,33 +638,33 @@ impl Message {
     pub(crate) async fn try_calc_and_set_dimensions(&mut self, context: &Context) -> Result<()> {
         if self.viewtype.has_file() {
             let file_param = self.param.get_file_path(context)?;
-            if let Some(path_and_filename) = file_param {
-                if matches!(
+            if let Some(path_and_filename) = file_param
+                && matches!(
                     self.viewtype,
                     Viewtype::Image | Viewtype::Gif | Viewtype::Sticker
-                ) && !self.param.exists(Param::Width)
-                {
-                    let buf = read_file(context, &path_and_filename).await?;
+                )
+                && !self.param.exists(Param::Width)
+            {
+                let buf = read_file(context, &path_and_filename).await?;
 
-                    match get_filemeta(&buf) {
-                        Ok((width, height)) => {
-                            self.param.set_int(Param::Width, width as i32);
-                            self.param.set_int(Param::Height, height as i32);
-                        }
-                        Err(err) => {
-                            self.param.set_int(Param::Width, 0);
-                            self.param.set_int(Param::Height, 0);
-                            warn!(
-                                context,
-                                "Failed to get width and height for {}: {err:#}.",
-                                path_and_filename.display()
-                            );
-                        }
+                match get_filemeta(&buf) {
+                    Ok((width, height)) => {
+                        self.param.set_int(Param::Width, width as i32);
+                        self.param.set_int(Param::Height, height as i32);
                     }
+                    Err(err) => {
+                        self.param.set_int(Param::Width, 0);
+                        self.param.set_int(Param::Height, 0);
+                        warn!(
+                            context,
+                            "Failed to get width and height for {}: {err:#}.",
+                            path_and_filename.display()
+                        );
+                    }
+                }
 
-                    if !self.id.is_unset() {
-                        self.update_param(context).await?;
-                    }
+                if !self.id.is_unset() {
+                    self.update_param(context).await?;
                 }
             }
         }
@@ -992,14 +992,12 @@ impl Message {
             return None;
         }
 
-        if let Some(filename) = self.get_file(context) {
-            if let Ok(ref buf) = read_file(context, &filename).await {
-                if let Ok((typ, headers, _)) = split_armored_data(buf) {
-                    if typ == pgp::armor::BlockType::Message {
-                        return headers.get(crate::pgp::HEADER_SETUPCODE).cloned();
-                    }
-                }
-            }
+        if let Some(filename) = self.get_file(context)
+            && let Ok(ref buf) = read_file(context, &filename).await
+            && let Ok((typ, headers, _)) = split_armored_data(buf)
+            && typ == pgp::armor::BlockType::Message
+        {
+            return headers.get(crate::pgp::HEADER_SETUPCODE).cloned();
         }
 
         None
@@ -1224,26 +1222,25 @@ impl Message {
     ///
     /// `References` header is not taken into account.
     pub async fn parent(&self, context: &Context) -> Result<Option<Message>> {
-        if let Some(in_reply_to) = &self.in_reply_to {
-            if let Some(msg_id) = rfc724_mid_exists(context, in_reply_to).await? {
-                let msg = Message::load_from_db_optional(context, msg_id).await?;
-                return Ok(msg);
-            }
+        if let Some(in_reply_to) = &self.in_reply_to
+            && let Some(msg_id) = rfc724_mid_exists(context, in_reply_to).await?
+        {
+            let msg = Message::load_from_db_optional(context, msg_id).await?;
+            return Ok(msg);
         }
         Ok(None)
     }
 
     /// Returns original message ID for message from "Saved Messages".
     pub async fn get_original_msg_id(&self, context: &Context) -> Result<Option<MsgId>> {
-        if !self.original_msg_id.is_special() {
-            if let Some(msg) = Message::load_from_db_optional(context, self.original_msg_id).await?
-            {
-                return if msg.chat_id.is_trash() {
-                    Ok(None)
-                } else {
-                    Ok(Some(msg.id))
-                };
-            }
+        if !self.original_msg_id.is_special()
+            && let Some(msg) = Message::load_from_db_optional(context, self.original_msg_id).await?
+        {
+            return if msg.chat_id.is_trash() {
+                Ok(None)
+            } else {
+                Ok(Some(msg.id))
+            };
         }
         Ok(None)
     }
@@ -1440,7 +1437,15 @@ pub(crate) fn guess_msgtype_from_path_suffix(path: &Path) -> Option<(Viewtype, &
     let extension: &str = &path.extension()?.to_str()?.to_lowercase();
     let info = match extension {
         // before using viewtype other than Viewtype::File,
-        // make sure, all target UIs support that type in the context of the used viewer/player.
+        // make sure, all target UIs support that type.
+        //
+        // it is a non-goal to support as many formats as possible in-app.
+        // additional parser come at security and maintainance costs and
+        // should only be added when strictly neccessary,
+        // eg. when a format comes from the camera app on a significant number of devices.
+        // it is okay, when eg. dragging some video from a browser results in a "File"
+        // for everyone, sender as well as all receivers.
+        //
         // if in doubt, it is better to default to Viewtype::File that passes handing to an external app.
         // (cmp. <https://developer.android.com/guide/topics/media/media-formats>)
         "3gp" => (Viewtype::Video, "video/3gpp"),
@@ -1503,7 +1508,7 @@ pub(crate) fn guess_msgtype_from_path_suffix(path: &Path) -> Option<(Viewtype, &
         "vcf" => (Viewtype::Vcard, "text/vcard"),
         "wav" => (Viewtype::Audio, "audio/wav"),
         "weba" => (Viewtype::File, "audio/webm"),
-        "webm" => (Viewtype::Video, "video/webm"),
+        "webm" => (Viewtype::File, "video/webm"), // not supported natively by iOS nor by SDWebImage
         "webp" => (Viewtype::Image, "image/webp"), // iOS via SDWebImage, Android since 4.0
         "wmv" => (Viewtype::Video, "video/x-ms-wmv"),
         "xdc" => (Viewtype::Webxdc, "application/webxdc+zip"),
@@ -1605,10 +1610,10 @@ pub(crate) async fn delete_msg_locally(context: &Context, msg: &Message) -> Resu
         .expect("RwLock is poisoned")
         .as_ref()
         .map(|dl| dl.msg_id);
-    if let Some(id) = logging_xdc_id {
-        if id == msg.id {
-            set_debug_logging_xdc(context, None).await?;
-        }
+    if let Some(id) = logging_xdc_id
+        && id == msg.id
+    {
+        set_debug_logging_xdc(context, None).await?;
     }
 
     Ok(())
@@ -1863,6 +1868,33 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
     Ok(())
 }
 
+/// Checks if the messages with given IDs exist.
+///
+/// Returns IDs of existing messages.
+pub async fn get_existing_msg_ids(context: &Context, ids: &[MsgId]) -> Result<Vec<MsgId>> {
+    let query_only = true;
+    let res = context
+        .sql
+        .transaction_ex(query_only, |transaction| {
+            let mut res: Vec<MsgId> = Vec::new();
+            for id in ids {
+                if transaction.query_one(
+                    "SELECT COUNT(*) > 0 FROM msgs WHERE id=? AND chat_id!=3",
+                    (id,),
+                    |row| {
+                        let exists: bool = row.get(0)?;
+                        Ok(exists)
+                    },
+                )? {
+                    res.push(*id);
+                }
+            }
+            Ok(res)
+        })
+        .await?;
+    Ok(res)
+}
+
 pub(crate) async fn update_msg_state(
     context: &Context,
     msg_id: MsgId,

src/message/message_tests.rs

@@ -39,17 +39,16 @@ async fn test_get_width_height() {
     let mut has_image = false;
     let chatitems = chat::get_chat_msgs(&t, device_chat_id).await.unwrap();
     for chatitem in chatitems {
-        if let ChatItem::Message { msg_id } = chatitem {
-            if let Ok(msg) = Message::load_from_db(&t, msg_id).await {
-                if msg.get_viewtype() == Viewtype::Image {
-                    has_image = true;
-                    // just check that width/height are inside some reasonable ranges
-                    assert!(msg.get_width() > 100);
-                    assert!(msg.get_height() > 100);
-                    assert!(msg.get_width() < 4000);
-                    assert!(msg.get_height() < 4000);
-                }
-            }
+        if let ChatItem::Message { msg_id } = chatitem
+            && let Ok(msg) = Message::load_from_db(&t, msg_id).await
+            && msg.get_viewtype() == Viewtype::Image
+        {
+            has_image = true;
+            // just check that width/height are inside some reasonable ranges
+            assert!(msg.get_width() > 100);
+            assert!(msg.get_height() > 100);
+            assert!(msg.get_width() < 4000);
+            assert!(msg.get_height() < 4000);
         }
     }
     assert!(has_image);
@@ -765,3 +764,27 @@ async fn test_load_unknown_viewtype() -> Result<()> {
     assert_eq!(bob_msg.get_viewtype(), Viewtype::Unknown);
     Ok(())
 }
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_get_existing_msg_ids() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+
+    let msg1_id = tcm.send_recv(alice, bob, "Hello 1!").await.id;
+    let msg2_id = tcm.send_recv(alice, bob, "Hello 2!").await.id;
+    let msg3_id = tcm.send_recv(alice, bob, "Hello 3!").await.id;
+    let msg4_id = tcm.send_recv(alice, bob, "Hello 4!").await.id;
+
+    assert_eq!(
+        get_existing_msg_ids(bob, &[msg1_id, msg2_id, msg3_id, msg4_id]).await?,
+        vec![msg1_id, msg2_id, msg3_id, msg4_id]
+    );
+    delete_msgs(bob, &[msg1_id, msg3_id]).await?;
+    assert_eq!(
+        get_existing_msg_ids(bob, &[msg1_id, msg2_id, msg3_id, msg4_id]).await?,
+        vec![msg2_id, msg4_id]
+    );
+
+    Ok(())
+}

src/mimefactory.rs

@@ -9,7 +9,7 @@ use data_encoding::BASE32_NOPAD;
 use deltachat_contact_tools::sanitize_bidi_characters;
 use iroh_gossip::proto::TopicId;
 use mail_builder::headers::HeaderType;
-use mail_builder::headers::address::{Address, EmailAddress};
+use mail_builder::headers::address::Address;
 use mail_builder::mime::MimePart;
 use tokio::fs;
 
@@ -292,11 +292,10 @@ impl MimeFactory {
 
                             // In a broadcast channel, only send member-added/removed messages
                             // to the affected member:
-                            if let Some(fp) = must_have_only_one_recipient(&msg, &chat) {
-                                if fp? != fingerprint {
+                            if let Some(fp) = must_have_only_one_recipient(&msg, &chat)
+                                && fp? != fingerprint {
                                     continue;
                                 }
-                            }
 
                             let public_key_opt = if let Some(public_key_bytes) = &public_key_bytes_opt {
                                 Some(SignedPublicKey::from_slice(public_key_bytes)?)
@@ -347,8 +346,8 @@ impl MimeFactory {
                                 // Row is a tombstone,
                                 // member is not actually part of the group.
                                 if !recipients_contain_addr(&past_members, &addr) {
-                                    if let Some(email_to_remove) = email_to_remove {
-                                        if email_to_remove == addr {
+                                    if let Some(email_to_remove) = email_to_remove
+                                        && email_to_remove == addr {
                                             // This is a "member removed" message,
                                             // we need to notify removed member
                                             // that it was removed.
@@ -365,7 +364,6 @@ impl MimeFactory {
                                                 }
                                             }
                                         }
-                                    }
                                     if !undisclosed_recipients {
                                         past_members.push((name, addr.clone()));
                                         past_member_timestamps.push(remove_timestamp);
@@ -395,15 +393,14 @@ impl MimeFactory {
                             "member_fingerprints.len() ({}) < to.len() ({})",
                             member_fingerprints.len(), to.len());
 
-                        if to.len() > 1 {
-                            if let Some(position) = to.iter().position(|(_, x)| x == &from_addr) {
+                        if to.len() > 1
+                            && let Some(position) = to.iter().position(|(_, x)| x == &from_addr) {
                                 to.remove(position);
                                 member_timestamps.remove(position);
                                 if is_encrypted {
                                     member_fingerprints.remove(position);
                                 }
                             }
-                        }
 
                         member_timestamps.extend(past_member_timestamps);
                         if is_encrypted {
@@ -467,7 +464,11 @@ impl MimeFactory {
                 .unwrap_or_default(),
             false => "".to_string(),
         };
-        let attach_selfavatar = Self::should_attach_selfavatar(context, &msg).await;
+        // We don't display avatars for address-contacts, so sending avatars w/o encryption is not
+        // useful and causes e.g. Outlook to reject a message with a big header, see
+        // https://support.delta.chat/t/invalid-mime-content-single-text-value-size-32822-exceeded-allowed-maximum-32768-for-the-chat-user-avatar-header/4067.
+        let attach_selfavatar =
+            Self::should_attach_selfavatar(context, &msg).await && encryption_pubkeys.is_some();
 
         ensure_and_debug_assert!(
             member_timestamps.is_empty()
@@ -733,36 +734,35 @@ impl MimeFactory {
             ));
         }
 
-        if let Loaded::Message { chat, .. } = &self.loaded {
-            if chat.typ == Chattype::Group {
-                if !self.member_timestamps.is_empty() && !chat.member_list_is_stale(context).await?
-                {
-                    headers.push((
-                        "Chat-Group-Member-Timestamps",
-                        mail_builder::headers::raw::Raw::new(
-                            self.member_timestamps
-                                .iter()
-                                .map(|ts| ts.to_string())
-                                .collect::<Vec<String>>()
-                                .join(" "),
-                        )
-                        .into(),
-                    ));
-                }
+        if let Loaded::Message { chat, .. } = &self.loaded
+            && chat.typ == Chattype::Group
+        {
+            if !self.member_timestamps.is_empty() && !chat.member_list_is_stale(context).await? {
+                headers.push((
+                    "Chat-Group-Member-Timestamps",
+                    mail_builder::headers::raw::Raw::new(
+                        self.member_timestamps
+                            .iter()
+                            .map(|ts| ts.to_string())
+                            .collect::<Vec<String>>()
+                            .join(" "),
+                    )
+                    .into(),
+                ));
+            }
 
-                if !self.member_fingerprints.is_empty() {
-                    headers.push((
-                        "Chat-Group-Member-Fpr",
-                        mail_builder::headers::raw::Raw::new(
-                            self.member_fingerprints
-                                .iter()
-                                .map(|fp| fp.to_string())
-                                .collect::<Vec<String>>()
-                                .join(" "),
-                        )
-                        .into(),
-                    ));
-                }
+            if !self.member_fingerprints.is_empty() {
+                headers.push((
+                    "Chat-Group-Member-Fpr",
+                    mail_builder::headers::raw::Raw::new(
+                        self.member_fingerprints
+                            .iter()
+                            .map(|fp| fp.to_string())
+                            .collect::<Vec<String>>()
+                            .join(" "),
+                    )
+                    .into(),
+                ));
             }
         }
 
@@ -814,37 +814,34 @@ impl MimeFactory {
                 "Auto-Submitted",
                 mail_builder::headers::raw::Raw::new("auto-generated".to_string()).into(),
             ));
-        } else if let Loaded::Message { msg, .. } = &self.loaded {
-            if msg.param.get_cmd() == SystemMessage::SecurejoinMessage {
-                let step = msg.param.get(Param::Arg).unwrap_or_default();
-                if step != "vg-request" && step != "vc-request" {
-                    headers.push((
-                        "Auto-Submitted",
-                        mail_builder::headers::raw::Raw::new("auto-replied".to_string()).into(),
-                    ));
-                }
+        } else if let Loaded::Message { msg, .. } = &self.loaded
+            && msg.param.get_cmd() == SystemMessage::SecurejoinMessage
+        {
+            let step = msg.param.get(Param::Arg).unwrap_or_default();
+            if step != "vg-request" && step != "vc-request" {
+                headers.push((
+                    "Auto-Submitted",
+                    mail_builder::headers::raw::Raw::new("auto-replied".to_string()).into(),
+                ));
             }
         }
 
-        if let Loaded::Message { msg, chat } = &self.loaded {
-            if chat.typ == Chattype::OutBroadcast || chat.typ == Chattype::InBroadcast {
-                headers.push((
-                    "Chat-List-ID",
-                    mail_builder::headers::text::Text::new(format!(
-                        "{} <{}>",
-                        chat.name, chat.grpid
-                    ))
+        if let Loaded::Message { msg, chat } = &self.loaded
+            && (chat.typ == Chattype::OutBroadcast || chat.typ == Chattype::InBroadcast)
+        {
+            headers.push((
+                "Chat-List-ID",
+                mail_builder::headers::text::Text::new(format!("{} <{}>", chat.name, chat.grpid))
                     .into(),
-                ));
+            ));
 
-                if msg.param.get_cmd() == SystemMessage::MemberAddedToGroup {
-                    if let Some(secret) = msg.param.get(PARAM_BROADCAST_SECRET) {
-                        headers.push((
-                            "Chat-Broadcast-Secret",
-                            mail_builder::headers::text::Text::new(secret.to_string()).into(),
-                        ));
-                    }
-                }
+            if msg.param.get_cmd() == SystemMessage::MemberAddedToGroup
+                && let Some(secret) = msg.param.get(PARAM_BROADCAST_SECRET)
+            {
+                headers.push((
+                    "Chat-Broadcast-Secret",
+                    mail_builder::headers::text::Text::new(secret.to_string()).into(),
+                ));
             }
         }
 
@@ -1000,24 +997,7 @@ impl MimeFactory {
             } else if header_name == "to" {
                 protected_headers.push(header.clone());
                 if is_encrypted {
-                    let mut to_without_names = to
-                        .clone()
-                        .into_iter()
-                        .filter_map(|header| match header {
-                            Address::Address(mb) => Some(Address::Address(EmailAddress {
-                                name: None,
-                                email: mb.email,
-                            })),
-                            _ => None,
-                        })
-                        .collect::<Vec<_>>();
-                    if to_without_names.is_empty() {
-                        to_without_names.push(hidden_recipients());
-                    }
-                    unprotected_headers.push((
-                        original_header_name,
-                        Address::new_list(to_without_names).into(),
-                    ));
+                    unprotected_headers.push(("To", hidden_recipients().into()));
                 } else {
                     unprotected_headers.push(header.clone());
                 }
@@ -1043,7 +1023,15 @@ impl MimeFactory {
                 //
                 // and the explanation page says
                 // "The time information deviates too much from the actual time".
-                let timestamp_offset = rand::random_range(0..1000000);
+                //
+                // We also limit the range to 6 days (518400 seconds)
+                // because with a larger range we got
+                // error "500 Date header far in the past/future"
+                // which apparently originates from Symantec Messaging Gateway
+                // and means the message has a Date that is more
+                // than 7 days in the past:
+                // <https://github.com/chatmail/core/issues/7466>
+                let timestamp_offset = rand::random_range(0..518400);
                 let protected_timestamp = self.timestamp.saturating_sub(timestamp_offset);
                 let unprotected_date =
                     chrono::DateTime::<chrono::Utc>::from_timestamp(protected_timestamp, 0)
@@ -1083,6 +1071,9 @@ impl MimeFactory {
             }
         }
 
+        let use_std_header_protection = context
+            .get_config_bool(Config::StdHeaderProtectionComposing)
+            .await?;
         let outer_message = if let Some(encryption_pubkeys) = self.encryption_pubkeys {
             // Store protected headers in the inner message.
             let message = protected_headers
@@ -1098,6 +1089,22 @@ impl MimeFactory {
                     message.header(header, value)
                 });
 
+            if use_std_header_protection {
+                message = unprotected_headers
+                    .iter()
+                    // Structural headers shouldn't be added as "HP-Outer". They are defined in
+                    // <https://www.rfc-editor.org/rfc/rfc9787.html#structural-header-fields>.
+                    .filter(|(name, _)| {
+                        !(name.eq_ignore_ascii_case("mime-version")
+                            || name.eq_ignore_ascii_case("content-type")
+                            || name.eq_ignore_ascii_case("content-transfer-encoding")
+                            || name.eq_ignore_ascii_case("content-disposition"))
+                    })
+                    .fold(message, |message, (name, value)| {
+                        message.header(format!("HP-Outer: {name}"), value.clone())
+                    });
+            }
+
             // Add gossip headers in chats with multiple recipients
             let multiple_recipients =
                 encryption_pubkeys.len() > 1 || context.get_config_bool(Config::BccSelf).await?;
@@ -1185,10 +1192,16 @@ impl MimeFactory {
 
             // Set the appropriate Content-Type for the inner message.
             for (h, v) in &mut message.headers {
-                if h == "Content-Type" {
-                    if let mail_builder::headers::HeaderType::ContentType(ct) = v {
-                        *ct = ct.clone().attribute("protected-headers", "v1");
+                if h == "Content-Type"
+                    && let mail_builder::headers::HeaderType::ContentType(ct) = v
+                {
+                    let mut ct_new = ct.clone();
+                    ct_new = ct_new.attribute("protected-headers", "v1");
+                    if use_std_header_protection {
+                        ct_new = ct_new.attribute("hp", "cipher");
                     }
+                    *ct = ct_new;
+                    break;
                 }
             }
 
@@ -1213,7 +1226,7 @@ impl MimeFactory {
                         // created before we had symmetric encryption,
                         // we show an error message.
                         let text = BROADCAST_INCOMPATIBILITY_MSG;
-                        chat::add_info_msg(context, chat.id, text, time()).await?;
+                        chat::add_info_msg(context, chat.id, text).await?;
                         bail!(text);
                     }
                     secret
@@ -1232,6 +1245,12 @@ impl MimeFactory {
             // once new core versions are sufficiently deployed.
             let anonymous_recipients = false;
 
+            if context.get_config_bool(Config::TestHooks).await?
+                && let Some(hook) = &*context.pre_encrypt_mime_hook.lock()
+            {
+                message = hook(context, message);
+            }
+
             let encrypted = if let Some(shared_secret) = shared_secret {
                 encrypt_helper
                     .encrypt_symmetrically(context, &shared_secret, message, compress)
@@ -1317,10 +1336,16 @@ impl MimeFactory {
                 message
             } else {
                 for (h, v) in &mut message.headers {
-                    if h == "Content-Type" {
-                        if let mail_builder::headers::HeaderType::ContentType(ct) = v {
-                            *ct = ct.clone().attribute("protected-headers", "v1");
+                    if h == "Content-Type"
+                        && let mail_builder::headers::HeaderType::ContentType(ct) = v
+                    {
+                        let mut ct_new = ct.clone();
+                        ct_new = ct_new.attribute("protected-headers", "v1");
+                        if use_std_header_protection {
+                            ct_new = ct_new.attribute("hp", "clear");
                         }
+                        *ct = ct_new;
+                        break;
                     }
                 }
 
@@ -1500,10 +1525,9 @@ impl MimeFactory {
                             .await?
                             .unwrap_or_default()
                     {
-                        placeholdertext = Some(stock_str::msg_group_left_remote(context).await);
+                        placeholdertext = Some("I left the group.".to_string());
                     } else {
-                        placeholdertext =
-                            Some(stock_str::msg_del_member_remote(context, email_to_remove).await);
+                        placeholdertext = Some(format!("I removed member {email_to_remove}."));
                     };
 
                     if !email_to_remove.is_empty() {
@@ -1526,8 +1550,7 @@ impl MimeFactory {
                     let email_to_add = msg.param.get(Param::Arg).unwrap_or_default();
                     let fingerprint_to_add = msg.param.get(Param::Arg4).unwrap_or_default();
 
-                    placeholdertext =
-                        Some(stock_str::msg_add_member_remote(context, email_to_add).await);
+                    placeholdertext = Some(format!("I added member {email_to_add}."));
 
                     if !email_to_add.is_empty() {
                         headers.push((
@@ -1563,7 +1586,7 @@ impl MimeFactory {
                         "Chat-Content",
                         mail_builder::headers::text::Text::new("group-avatar-changed").into(),
                     ));
-                    if grpimage.is_none() {
+                    if grpimage.is_none() && is_encrypted {
                         headers.push((
                             "Chat-Group-Avatar",
                             mail_builder::headers::raw::Raw::new("0").into(),
@@ -1690,7 +1713,9 @@ impl MimeFactory {
             _ => {}
         }
 
-        if let Some(grpimage) = grpimage {
+        if let Some(grpimage) = grpimage
+            && is_encrypted
+        {
             info!(context, "setting group image '{}'", grpimage);
             let avatar = build_avatar_file(context, grpimage)
                 .await
@@ -1845,10 +1870,10 @@ impl MimeFactory {
             parts.push(msg_kml_part);
         }
 
-        if location::is_sending_locations_to_chat(context, Some(msg.chat_id)).await? {
-            if let Some(part) = self.get_location_kml_part(context).await? {
-                parts.push(part);
-            }
+        if location::is_sending_locations_to_chat(context, Some(msg.chat_id)).await?
+            && let Some(part) = self.get_location_kml_part(context).await?
+        {
+            parts.push(part);
         }
 
         // we do not piggyback sync-files to other self-sent-messages

src/mimefactory/mimefactory_tests.rs

@@ -6,7 +6,8 @@ use std::time::Duration;
 
 use super::*;
 use crate::chat::{
-    self, ChatId, add_contact_to_chat, create_group, remove_contact_from_chat, send_text_msg,
+    self, ChatId, add_contact_to_chat, create_group, create_group_unencrypted,
+    remove_contact_from_chat, send_text_msg,
 };
 use crate::chatlist::Chatlist;
 use crate::constants;
@@ -351,7 +352,7 @@ async fn test_subject_in_group() -> Result<()> {
     let mut tcm = TestContextManager::new();
     let t = tcm.alice().await;
     let bob = tcm.bob().await;
-    let group_id = chat::create_group(&t, "groupname").await.unwrap();
+    let group_id = create_group(&t, "groupname").await.unwrap();
     let bob_contact_id = t.add_or_lookup_contact_id(&bob).await;
     chat::add_contact_to_chat(&t, group_id, bob_contact_id).await?;
 
@@ -592,26 +593,6 @@ async fn test_selfavatar_unencrypted() -> anyhow::Result<()> {
     assert_eq!(outer.match_indices("Autocrypt:").count(), 1);
     assert_eq!(outer.match_indices("Chat-User-Avatar:").count(), 0);
 
-    assert_eq!(inner.match_indices("text/plain").count(), 1);
-    assert_eq!(inner.match_indices("Message-ID:").count(), 1);
-    assert_eq!(inner.match_indices("Chat-User-Avatar:").count(), 1);
-    assert_eq!(inner.match_indices("Subject:").count(), 0);
-
-    assert_eq!(body.match_indices("this is the text!").count(), 1);
-
-    // if another message is sent, that one must not contain the avatar
-    let sent_msg = t.send_msg(chat.id, &mut msg).await;
-    let mut payload = sent_msg.payload().splitn(3, "\r\n\r\n");
-    let outer = payload.next().unwrap();
-    let inner = payload.next().unwrap();
-    let body = payload.next().unwrap();
-
-    assert_eq!(outer.match_indices("multipart/mixed").count(), 1);
-    assert_eq!(outer.match_indices("Message-ID:").count(), 1);
-    assert_eq!(outer.match_indices("Subject:").count(), 1);
-    assert_eq!(outer.match_indices("Autocrypt:").count(), 1);
-    assert_eq!(outer.match_indices("Chat-User-Avatar:").count(), 0);
-
     assert_eq!(inner.match_indices("text/plain").count(), 1);
     assert_eq!(inner.match_indices("Message-ID:").count(), 1);
     assert_eq!(inner.match_indices("Chat-User-Avatar:").count(), 0);
@@ -670,7 +651,7 @@ async fn test_selfavatar_unencrypted_signed() {
     assert_eq!(part.match_indices("text/plain").count(), 1);
     assert_eq!(part.match_indices("From:").count(), 0);
     assert_eq!(part.match_indices("Message-ID:").count(), 1);
-    assert_eq!(part.match_indices("Chat-User-Avatar:").count(), 1);
+    assert_eq!(part.match_indices("Chat-User-Avatar:").count(), 0);
     assert_eq!(part.match_indices("Subject:").count(), 0);
 
     let body = payload.next().unwrap();
@@ -684,58 +665,6 @@ async fn test_selfavatar_unencrypted_signed() {
         .unwrap();
     let alice_contact = Contact::get_by_id(&bob.ctx, alice_id).await.unwrap();
     assert_eq!(alice_contact.is_key_contact(), false);
-    assert!(
-        alice_contact
-            .get_profile_image(&bob.ctx)
-            .await
-            .unwrap()
-            .is_some()
-    );
-
-    // if another message is sent, that one must not contain the avatar
-    let mut msg = Message::new_text("this is the text!".to_string());
-    let sent_msg = t.send_msg(chat.id, &mut msg).await;
-    let mut payload = sent_msg.payload().splitn(4, "\r\n\r\n");
-
-    let part = payload.next().unwrap();
-    assert_eq!(part.match_indices("multipart/signed").count(), 1);
-    assert_eq!(part.match_indices("From:").count(), 1);
-    assert_eq!(part.match_indices("Message-ID:").count(), 1);
-    assert_eq!(part.match_indices("Subject:").count(), 1);
-    assert_eq!(part.match_indices("Autocrypt:").count(), 1);
-    assert_eq!(part.match_indices("Chat-User-Avatar:").count(), 0);
-
-    let part = payload.next().unwrap();
-    assert_eq!(
-        part.match_indices("multipart/mixed; protected-headers=\"v1\"")
-            .count(),
-        1
-    );
-    assert_eq!(part.match_indices("From:").count(), 1);
-    assert_eq!(part.match_indices("Message-ID:").count(), 0);
-    assert_eq!(part.match_indices("Subject:").count(), 1);
-    assert_eq!(part.match_indices("Autocrypt:").count(), 1);
-    assert_eq!(part.match_indices("Chat-User-Avatar:").count(), 0);
-
-    let part = payload.next().unwrap();
-    assert_eq!(part.match_indices("text/plain").count(), 1);
-    assert_eq!(body.match_indices("From:").count(), 0);
-    assert_eq!(part.match_indices("Message-ID:").count(), 1);
-    assert_eq!(part.match_indices("Chat-User-Avatar:").count(), 0);
-    assert_eq!(part.match_indices("Subject:").count(), 0);
-
-    let body = payload.next().unwrap();
-    assert_eq!(body.match_indices("this is the text!").count(), 1);
-
-    bob.recv_msg(&sent_msg).await;
-    let alice_contact = Contact::get_by_id(&bob.ctx, alice_id).await.unwrap();
-    assert!(
-        alice_contact
-            .get_profile_image(&bob.ctx)
-            .await
-            .unwrap()
-            .is_some()
-    );
 }
 
 /// Test that removed member address does not go into the `To:` field.
@@ -743,17 +672,20 @@ async fn test_selfavatar_unencrypted_signed() {
 async fn test_remove_member_bcc() -> Result<()> {
     let mut tcm = TestContextManager::new();
 
-    // Alice creates a group with Bob and Claire and then removes Bob.
+    // Alice creates a group with Bob and Charlie and then removes Charlie.
+
     let alice = &tcm.alice().await;
     let bob = &tcm.bob().await;
     let charlie = &tcm.charlie().await;
 
-    let bob_id = alice.add_or_lookup_contact_id(bob).await;
-    let charlie_id = alice.add_or_lookup_contact_id(charlie).await;
-    let charlie_contact = Contact::get_by_id(alice, charlie_id).await?;
-    let charlie_addr = charlie_contact.get_addr();
+    let alice_addr = alice.get_config(Config::Addr).await?.unwrap();
+    let bob_addr = bob.get_config(Config::Addr).await?.unwrap();
+    let charlie_addr = charlie.get_config(Config::Addr).await?.unwrap();
 
-    let alice_chat_id = create_group(alice, "foo").await?;
+    let bob_id = alice.add_or_lookup_address_contact_id(bob).await;
+    let charlie_id = alice.add_or_lookup_address_contact_id(charlie).await;
+
+    let alice_chat_id = create_group_unencrypted(alice, "foo").await?;
     add_contact_to_chat(alice, alice_chat_id, bob_id).await?;
     add_contact_to_chat(alice, alice_chat_id, charlie_id).await?;
     send_text_msg(alice, alice_chat_id, "Creating a group".to_string()).await?;
@@ -770,8 +702,9 @@ async fn test_remove_member_bcc() -> Result<()> {
     for to_addr in to.iter() {
         match to_addr {
             mailparse::MailAddr::Single(info) => {
-                // Addresses should be of existing members (Alice and Bob) and not Charlie.
+                // Addresses should be of existing members and not Charlie.
                 assert_ne!(info.addr, charlie_addr);
+                assert!(info.addr == alice_addr || info.addr == bob_addr);
             }
             mailparse::MailAddr::Group(_) => {
                 panic!("Group addresses are not expected here");
@@ -832,8 +765,32 @@ async fn test_protected_headers_directive() -> Result<()> {
             .count(),
         1
     );
-    assert_eq!(part.match_indices("Subject:").count(), 1);
+    assert_eq!(part.match_indices("Subject:").count(), 2);
+    assert_eq!(part.match_indices("HP-Outer: Subject:").count(), 1);
+    Ok(())
+}
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_hp_outer_headers() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let t = &tcm.alice().await;
+    let chat_id = t.get_self_chat().await.id;
+
+    for std_hp_composing in [false, true] {
+        t.set_config_bool(Config::StdHeaderProtectionComposing, std_hp_composing)
+            .await?;
+        chat::send_text_msg(t, chat_id, "hi!".to_string()).await?;
+        let sent_msg = t.pop_sent_msg().await;
+        let msg = MimeMessage::from_bytes(t, sent_msg.payload.as_bytes(), None).await?;
+        assert_eq!(msg.header_exists(HeaderDef::HpOuter), std_hp_composing);
+        for hdr in ["Date", "From", "Message-ID"] {
+            assert_eq!(
+                msg.decoded_data_contains(&format!("HP-Outer: {hdr}:")),
+                std_hp_composing,
+            );
+        }
+        assert!(!msg.decoded_data_contains("HP-Outer: Content-Type"));
+    }
     Ok(())
 }
 

src/mimeparser.rs

@@ -271,14 +271,13 @@ impl MimeMessage {
             &mut from,
             &mut list_post,
             &mut chat_disposition_notification_to,
-            &mail.headers,
+            &mail,
+        );
+        headers_removed.extend(
+            headers
+                .extract_if(|k, _v| is_hidden(k))
+                .map(|(k, _v)| k.to_string()),
         );
-        headers.retain(|k, _| {
-            !is_hidden(k) || {
-                headers_removed.insert(k.to_string());
-                false
-            }
-        });
 
         // Parse hidden headers.
         let mimetype = mail.ctype.mimetype.parse::<Mime>()?;
@@ -299,7 +298,7 @@ impl MimeMessage {
                         &mut from,
                         &mut list_post,
                         &mut chat_disposition_notification_to,
-                        &part.headers,
+                        part,
                     );
                     (part, part.ctype.mimetype.parse::<Mime>()?)
                 } else {
@@ -310,13 +309,14 @@ impl MimeMessage {
                 // Currently we do not sign unencrypted messages by default.
                 (&mail, mimetype)
             };
-        if mimetype.type_() == mime::MULTIPART && mimetype.subtype().as_str() == "mixed" {
-            if let Some(part) = part.subparts.first() {
-                for field in &part.headers {
-                    let key = field.get_key().to_lowercase();
-                    if !headers.contains_key(&key) && is_hidden(&key) || key == "message-id" {
-                        headers.insert(key.to_string(), field.get_value());
-                    }
+        if mimetype.type_() == mime::MULTIPART
+            && mimetype.subtype().as_str() == "mixed"
+            && let Some(part) = part.subparts.first()
+        {
+            for field in &part.headers {
+                let key = field.get_key().to_lowercase();
+                if !headers.contains_key(&key) && is_hidden(&key) || key == "message-id" {
+                    headers.insert(key.to_string(), field.get_value());
                 }
             }
         }
@@ -536,7 +536,7 @@ impl MimeMessage {
                 &mut inner_from,
                 &mut list_post,
                 &mut chat_disposition_notification_to,
-                &mail.headers,
+                mail,
             );
 
             if !signatures.is_empty() {
@@ -679,8 +679,9 @@ impl MimeMessage {
     fn parse_system_message_headers(&mut self, context: &Context) {
         if self.get_header(HeaderDef::AutocryptSetupMessage).is_some() && !self.incoming {
             self.parts.retain(|part| {
-                part.mimetype.is_none()
-                    || part.mimetype.as_ref().unwrap().as_ref() == MIME_AC_SETUP_FILE
+                part.mimetype
+                    .as_ref()
+                    .is_none_or(|mimetype| mimetype.as_ref() == MIME_AC_SETUP_FILE)
             });
 
             if self.parts.len() == 1 {
@@ -805,22 +806,20 @@ impl MimeMessage {
             {
                 part.typ = Viewtype::Voice;
             }
-            if part.typ == Viewtype::Image || part.typ == Viewtype::Gif {
-                if let Some(value) = self.get_header(HeaderDef::ChatContent) {
-                    if value == "sticker" {
-                        part.typ = Viewtype::Sticker;
-                    }
-                }
-            }
-            if part.typ == Viewtype::Audio
-                || part.typ == Viewtype::Voice
-                || part.typ == Viewtype::Video
+            if (part.typ == Viewtype::Image || part.typ == Viewtype::Gif)
+                && let Some(value) = self.get_header(HeaderDef::ChatContent)
+                && value == "sticker"
             {
-                if let Some(field_0) = self.get_header(HeaderDef::ChatDuration) {
-                    let duration_ms = field_0.parse().unwrap_or_default();
-                    if duration_ms > 0 && duration_ms < 24 * 60 * 60 * 1000 {
-                        part.param.set_int(Param::Duration, duration_ms);
-                    }
+                part.typ = Viewtype::Sticker;
+            }
+            if (part.typ == Viewtype::Audio
+                || part.typ == Viewtype::Voice
+                || part.typ == Viewtype::Video)
+                && let Some(field_0) = self.get_header(HeaderDef::ChatDuration)
+            {
+                let duration_ms = field_0.parse().unwrap_or_default();
+                if duration_ms > 0 && duration_ms < 24 * 60 * 60 * 1000 {
+                    part.param.set_int(Param::Duration, duration_ms);
                 }
             }
 
@@ -836,38 +835,38 @@ impl MimeMessage {
             self.squash_attachment_parts();
         }
 
-        if !context.get_config_bool(Config::Bot).await? {
-            if let Some(ref subject) = self.get_subject() {
-                let mut prepend_subject = true;
-                if !self.decrypting_failed {
-                    let colon = subject.find(':');
-                    if colon == Some(2)
-                        || colon == Some(3)
-                        || self.has_chat_version()
-                        || subject.contains("Chat:")
-                    {
-                        prepend_subject = false
-                    }
+        if !context.get_config_bool(Config::Bot).await?
+            && let Some(ref subject) = self.get_subject()
+        {
+            let mut prepend_subject = true;
+            if !self.decrypting_failed {
+                let colon = subject.find(':');
+                if colon == Some(2)
+                    || colon == Some(3)
+                    || self.has_chat_version()
+                    || subject.contains("Chat:")
+                {
+                    prepend_subject = false
                 }
+            }
 
-                // For mailing lists, always add the subject because sometimes there are different topics
-                // and otherwise it might be hard to keep track:
-                if self.is_mailinglist_message() && !self.has_chat_version() {
-                    prepend_subject = true;
-                }
+            // For mailing lists, always add the subject because sometimes there are different topics
+            // and otherwise it might be hard to keep track:
+            if self.is_mailinglist_message() && !self.has_chat_version() {
+                prepend_subject = true;
+            }
 
-                if prepend_subject && !subject.is_empty() {
-                    let part_with_text = self
-                        .parts
-                        .iter_mut()
-                        .find(|part| !part.msg.is_empty() && !part.is_reaction);
-                    if let Some(part) = part_with_text {
-                        // Message bubbles are small, so we use en dash to save space. In some
-                        // languages there may be em dashes in the message text added by the author,
-                        // they may look stronger than Subject separation, this is a known thing.
-                        // Anyway, classic email support isn't a priority as of 2025.
-                        part.msg = format!("{} – {}", subject, part.msg);
-                    }
+            if prepend_subject && !subject.is_empty() {
+                let part_with_text = self
+                    .parts
+                    .iter_mut()
+                    .find(|part| !part.msg.is_empty() && !part.is_reaction);
+                if let Some(part) = part_with_text {
+                    // Message bubbles are small, so we use en dash to save space. In some
+                    // languages there may be em dashes in the message text added by the author,
+                    // they may look stronger than Subject separation, this is a known thing.
+                    // Anyway, classic email support isn't a priority as of 2025.
+                    part.msg = format!("{} – {}", subject, part.msg);
                 }
             }
         }
@@ -881,21 +880,22 @@ impl MimeMessage {
         self.parse_attachments();
 
         // See if an MDN is requested from the other side
-        if !self.decrypting_failed && !self.parts.is_empty() {
-            if let Some(ref dn_to) = self.chat_disposition_notification_to {
-                // Check that the message is not outgoing.
-                let from = &self.from.addr;
-                if !context.is_self_addr(from).await? {
-                    if from.to_lowercase() == dn_to.addr.to_lowercase() {
-                        if let Some(part) = self.parts.last_mut() {
-                            part.param.set_int(Param::WantsMdn, 1);
-                        }
-                    } else {
-                        warn!(
-                            context,
-                            "{} requested a read receipt to {}, ignoring", from, dn_to.addr
-                        );
+        if !self.decrypting_failed
+            && !self.parts.is_empty()
+            && let Some(ref dn_to) = self.chat_disposition_notification_to
+        {
+            // Check that the message is not outgoing.
+            let from = &self.from.addr;
+            if !context.is_self_addr(from).await? {
+                if from.to_lowercase() == dn_to.addr.to_lowercase() {
+                    if let Some(part) = self.parts.last_mut() {
+                        part.param.set_int(Param::WantsMdn, 1);
                     }
+                } else {
+                    warn!(
+                        context,
+                        "{} requested a read receipt to {}, ignoring", from, dn_to.addr
+                    );
                 }
             }
         }
@@ -910,10 +910,11 @@ impl MimeMessage {
                 ..Default::default()
             };
 
-            if let Some(ref subject) = self.get_subject() {
-                if !self.has_chat_version() && self.webxdc_status_update.is_none() {
-                    part.msg = subject.to_string();
-                }
+            if let Some(ref subject) = self.get_subject()
+                && !self.has_chat_version()
+                && self.webxdc_status_update.is_none()
+            {
+                part.msg = subject.to_string();
             }
 
             self.do_add_single_part(part);
@@ -952,15 +953,15 @@ impl MimeMessage {
 
             let mut i = 0;
             while let Some(part) = self.parts.get_mut(i) {
-                if let Some(part_filename) = &part.org_filename {
-                    if part_filename == &header_value {
-                        if let Some(blob) = part.param.get(Param::File) {
-                            let res = Some(AvatarAction::Change(blob.to_string()));
-                            self.parts.remove(i);
-                            return Ok(res);
-                        }
-                        break;
+                if let Some(part_filename) = &part.org_filename
+                    && part_filename == &header_value
+                {
+                    if let Some(blob) = part.param.get(Param::File) {
+                        let res = Some(AvatarAction::Change(blob.to_string()));
+                        self.parts.remove(i);
+                        return Ok(res);
                     }
+                    break;
                 }
                 i += 1;
             }
@@ -1007,6 +1008,14 @@ impl MimeMessage {
         self.headers.contains_key(hname) || self.headers_removed.contains(hname)
     }
 
+    #[cfg(test)]
+    /// Returns whether the decrypted data contains the given `&str`.
+    pub(crate) fn decoded_data_contains(&self, s: &str) -> bool {
+        assert!(!self.decrypting_failed);
+        let decoded_str = str::from_utf8(&self.decoded_data).unwrap();
+        decoded_str.contains(s)
+    }
+
     /// Returns `Chat-Group-ID` header value if it is a valid group ID.
     pub fn get_chat_group_id(&self) -> Option<&str> {
         self.get_header(HeaderDef::ChatGroupId)
@@ -1323,6 +1332,10 @@ impl MimeMessage {
                             let is_html = mime_type == mime::TEXT_HTML;
                             if is_html {
                                 self.is_mime_modified = true;
+                                // NB: This unconditionally removes Legacy Display Elements (see
+                                // <https://www.rfc-editor.org/rfc/rfc9788.html#section-4.5.3.3>). We
+                                // don't check for the "hp-legacy-display" Content-Type parameter
+                                // for simplicity.
                                 if let Some(text) = dehtml(&decoded_data) {
                                     text
                                 } else {
@@ -1350,16 +1363,30 @@ impl MimeMessage {
 
                         let (simplified_txt, simplified_quote) = if mime_type.type_() == mime::TEXT
                             && mime_type.subtype() == mime::PLAIN
-                            && is_format_flowed
                         {
-                            let delsp = if let Some(delsp) = mail.ctype.params.get("delsp") {
-                                delsp.as_str().eq_ignore_ascii_case("yes")
-                            } else {
-                                false
+                            // Don't check that we're inside an encrypted or signed part for
+                            // simplicity.
+                            let simplified_txt = match mail
+                                .ctype
+                                .params
+                                .get("hp-legacy-display")
+                                .is_some_and(|v| v == "1")
+                            {
+                                false => simplified_txt,
+                                true => rm_legacy_display_elements(&simplified_txt),
                             };
-                            let unflowed_text = unformat_flowed(&simplified_txt, delsp);
-                            let unflowed_quote = top_quote.map(|q| unformat_flowed(&q, delsp));
-                            (unflowed_text, unflowed_quote)
+                            if is_format_flowed {
+                                let delsp = if let Some(delsp) = mail.ctype.params.get("delsp") {
+                                    delsp.as_str().eq_ignore_ascii_case("yes")
+                                } else {
+                                    false
+                                };
+                                let unflowed_text = unformat_flowed(&simplified_txt, delsp);
+                                let unflowed_quote = top_quote.map(|q| unformat_flowed(&q, delsp));
+                                (unflowed_text, unflowed_quote)
+                            } else {
+                                (simplified_txt, top_quote)
+                            }
                         } else {
                             (simplified_txt, top_quote)
                         };
@@ -1578,13 +1605,13 @@ impl MimeMessage {
         } else if let Some(sender) = self.get_header(HeaderDef::Sender) {
             // the `Sender:`-header alone is no indicator for mailing list
             // as also used for bot-impersonation via `set_override_sender_name()`
-            if let Some(precedence) = self.get_header(HeaderDef::Precedence) {
-                if precedence == "list" || precedence == "bulk" {
-                    // The message belongs to a mailing list, but there is no `ListId:`-header;
-                    // `Sender:`-header is be used to get a unique id.
-                    // This method is used by implementations as Majordomo.
-                    return Some(sender);
-                }
+            if let Some(precedence) = self.get_header(HeaderDef::Precedence)
+                && (precedence == "list" || precedence == "bulk")
+            {
+                // The message belongs to a mailing list, but there is no `ListId:`-header;
+                // `Sender:`-header is be used to get a unique id.
+                // This method is used by implementations as Majordomo.
+                return Some(sender);
             }
         }
         None
@@ -1625,13 +1652,18 @@ impl MimeMessage {
         remove_header(headers, "autocrypt-gossip", removed);
 
         // Secure-Join is secured unless it is an initial "vc-request"/"vg-request".
-        if let Some(secure_join) = remove_header(headers, "secure-join", removed) {
-            if secure_join == "vc-request" || secure_join == "vg-request" {
-                headers.insert("secure-join".to_string(), secure_join);
-            }
+        if let Some(secure_join) = remove_header(headers, "secure-join", removed)
+            && (secure_join == "vc-request" || secure_join == "vg-request")
+        {
+            headers.insert("secure-join".to_string(), secure_join);
         }
     }
 
+    /// Merges headers from the email `part` into `headers` respecting header protection.
+    /// Should only be called with nonempty `headers` if `part` is a root of the Cryptographic
+    /// Payload as defined in <https://www.rfc-editor.org/rfc/rfc9788.html> "Header Protection for
+    /// Cryptographically Protected Email", otherwise this may unnecessarily discard headers from
+    /// outer parts.
     #[allow(clippy::too_many_arguments)]
     fn merge_headers(
         context: &Context,
@@ -1642,14 +1674,17 @@ impl MimeMessage {
         from: &mut Option<SingleInfo>,
         list_post: &mut Option<String>,
         chat_disposition_notification_to: &mut Option<SingleInfo>,
-        fields: &[mailparse::MailHeader<'_>],
+        part: &mailparse::ParsedMail,
     ) {
-        headers.retain(|k, _| {
-            !is_protected(k) || {
-                headers_removed.insert(k.to_string());
-                false
-            }
-        });
+        let fields = &part.headers;
+        // See <https://www.rfc-editor.org/rfc/rfc9788.html>.
+        let has_header_protection = part.ctype.params.contains_key("hp");
+
+        headers_removed.extend(
+            headers
+                .extract_if(|k, _v| has_header_protection || is_protected(k))
+                .map(|(k, _v)| k.to_string()),
+        );
         for field in fields {
             // lowercasing all headers is technically not correct, but makes things work better
             let key = field.get_key().to_lowercase();
@@ -1854,12 +1889,11 @@ impl MimeMessage {
                 .iter()
                 .filter(|p| p.typ == Viewtype::Text)
                 .count();
-            if text_part_cnt == 2 {
-                if let Some(last_part) = self.parts.last() {
-                    if last_part.typ == Viewtype::Text {
-                        self.parts.pop();
-                    }
-                }
+            if text_part_cnt == 2
+                && let Some(last_part) = self.parts.last()
+                && last_part.typ == Viewtype::Text
+            {
+                self.parts.pop();
             }
         }
     }
@@ -1912,15 +1946,15 @@ impl MimeMessage {
             }
         }
 
-        if let Some(delivery_report) = &self.delivery_report {
-            if delivery_report.failure {
-                let error = parts
-                    .iter()
-                    .find(|p| p.typ == Viewtype::Text)
-                    .map(|p| p.msg.clone());
-                if let Err(err) = handle_ndn(context, delivery_report, error).await {
-                    warn!(context, "Could not handle NDN: {err:#}.");
-                }
+        if let Some(delivery_report) = &self.delivery_report
+            && delivery_report.failure
+        {
+            let error = parts
+                .iter()
+                .find(|p| p.typ == Viewtype::Text)
+                .map(|p| p.msg.clone());
+            if let Err(err) = handle_ndn(context, delivery_report, error).await {
+                warn!(context, "Could not handle NDN: {err:#}.");
             }
         }
     }
@@ -1972,6 +2006,20 @@ impl MimeMessage {
     }
 }
 
+fn rm_legacy_display_elements(text: &str) -> String {
+    let mut res = None;
+    for l in text.lines() {
+        res = res.map(|r: String| match r.is_empty() {
+            true => l.to_string(),
+            false => r + "\r\n" + l,
+        });
+        if l.is_empty() {
+            res = Some(String::new());
+        }
+    }
+    res.unwrap_or_default()
+}
+
 fn remove_header(
     headers: &mut HashMap<String, String>,
     key: &str,
@@ -2096,7 +2144,8 @@ pub(crate) fn parse_message_id(ids: &str) -> Result<String> {
 }
 
 /// Returns whether the outer header value must be ignored if the message contains a signed (and
-/// optionally encrypted) part.
+/// optionally encrypted) part. This is independent from the modern Header Protection defined in
+/// <https://www.rfc-editor.org/rfc/rfc9788.html>.
 ///
 /// NB: There are known cases when Subject and List-ID only appear in the outer headers of
 /// signed-only messages. Such messages are shown as unencrypted anyway.
@@ -2253,14 +2302,14 @@ fn get_attachment_filename(
     // `Content-Disposition: ... filename=...`
     let mut desired_filename = ct.params.get("filename").map(|s| s.to_string());
 
-    if desired_filename.is_none() {
-        if let Some(name) = ct.params.get("filename*").map(|s| s.to_string()) {
-            // be graceful and just use the original name.
-            // some MUA, including Delta Chat up to core1.50,
-            // use `filename*` mistakenly for simple encoded-words without following rfc2231
-            warn!(context, "apostrophed encoding invalid: {}", name);
-            desired_filename = Some(name);
-        }
+    if desired_filename.is_none()
+        && let Some(name) = ct.params.get("filename*").map(|s| s.to_string())
+    {
+        // be graceful and just use the original name.
+        // some MUA, including Delta Chat up to core1.50,
+        // use `filename*` mistakenly for simple encoded-words without following rfc2231
+        warn!(context, "apostrophed encoding invalid: {}", name);
+        desired_filename = Some(name);
     }
 
     // if no filename is set, try `Content-Disposition: ... name=...`
@@ -2333,24 +2382,23 @@ fn get_all_addresses_from_header(headers: &[MailHeader], header: &str) -> Vec<Si
         .iter()
         .rev()
         .find(|h| h.get_key().to_lowercase() == header)
+        && let Ok(addrs) = mailparse::addrparse_header(header)
     {
-        if let Ok(addrs) = mailparse::addrparse_header(header) {
-            for addr in addrs.iter() {
-                match addr {
-                    mailparse::MailAddr::Single(info) => {
+        for addr in addrs.iter() {
+            match addr {
+                mailparse::MailAddr::Single(info) => {
+                    result.push(SingleInfo {
+                        addr: addr_normalize(&info.addr).to_lowercase(),
+                        display_name: info.display_name.clone(),
+                    });
+                }
+                mailparse::MailAddr::Group(infos) => {
+                    for info in &infos.addrs {
                         result.push(SingleInfo {
                             addr: addr_normalize(&info.addr).to_lowercase(),
                             display_name: info.display_name.clone(),
                         });
                     }
-                    mailparse::MailAddr::Group(infos) => {
-                        for info in &infos.addrs {
-                            result.push(SingleInfo {
-                                addr: addr_normalize(&info.addr).to_lowercase(),
-                                display_name: info.display_name.clone(),
-                            });
-                        }
-                    }
                 }
             }
         }

src/mimeparser/mimeparser_tests.rs

@@ -1401,22 +1401,28 @@ async fn test_x_microsoft_original_message_id_precedence() -> Result<()> {
 }
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_extra_imf_chat_header() -> Result<()> {
+async fn test_extra_imf_headers() -> Result<()> {
     let mut tcm = TestContextManager::new();
     let t = &tcm.alice().await;
     let chat_id = t.get_self_chat().await.id;
 
-    chat::send_text_msg(t, chat_id, "hi!".to_string()).await?;
-    let sent_msg = t.pop_sent_msg().await;
-    // Check removal of some nonexistent "Chat-*" header to protect the code from future breakages.
-    let payload = sent_msg
-        .payload
-        .replace("Message-ID:", "Chat-Forty-Two: 42\r\nMessage-ID:");
-    let msg = MimeMessage::from_bytes(t, payload.as_bytes(), None)
-        .await
-        .unwrap();
-    assert!(msg.headers.contains_key("chat-version"));
-    assert!(!msg.headers.contains_key("chat-forty-two"));
+    for std_hp_composing in [false, true] {
+        t.set_config_bool(Config::StdHeaderProtectionComposing, std_hp_composing)
+            .await?;
+        chat::send_text_msg(t, chat_id, "hi!".to_string()).await?;
+        let sent_msg = t.pop_sent_msg().await;
+        // Check removal of some nonexistent "Chat-*" header to protect the code from future
+        // breakages. But headers not prefixed with "Chat-" remain unless a message has standard
+        // Header Protection.
+        let payload = sent_msg.payload.replace(
+            "Message-ID:",
+            "Chat-Forty-Two: 42\r\nForty-Two: 42\r\nMessage-ID:",
+        );
+        let msg = MimeMessage::from_bytes(t, payload.as_bytes(), None).await?;
+        assert!(msg.headers.contains_key("chat-version"));
+        assert!(!msg.headers.contains_key("chat-forty-two"));
+        assert_ne!(msg.headers.contains_key("forty-two"), std_hp_composing);
+    }
     Ok(())
 }
 
@@ -1751,6 +1757,39 @@ async fn test_time_in_future() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_hp_legacy_display() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+
+    let mut msg = Message::new_text(
+        "Subject: Dinner plans\n\
+        \n\
+        Let's eat"
+            .to_string(),
+    );
+    msg.set_subject("Dinner plans".to_string());
+    let chat_id = alice.create_chat(bob).await.id;
+    alice.set_config_bool(Config::TestHooks, true).await?;
+    *alice.pre_encrypt_mime_hook.lock() = Some(|_, mut mime| {
+        for (h, v) in &mut mime.headers {
+            if h == "Content-Type"
+                && let mail_builder::headers::HeaderType::ContentType(ct) = v
+            {
+                *ct = ct.clone().attribute("hp-legacy-display", "1");
+            }
+        }
+        mime
+    });
+    let sent_msg = alice.send_msg(chat_id, &mut msg).await;
+
+    let msg_bob = bob.recv_msg(&sent_msg).await;
+    assert_eq!(msg_bob.subject, "Dinner plans");
+    assert_eq!(msg_bob.text, "Let's eat");
+    Ok(())
+}
+
 /// Tests that subject is not prepended to the message
 /// when bot receives it.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]

src/net.rs

@@ -131,11 +131,13 @@ pub(crate) async fn connect_tls_inner(
     alpn: &str,
     tls_session_store: &TlsSessionStore,
 ) -> Result<impl SessionStream + 'static> {
+    let use_sni = true;
     let tcp_stream = connect_tcp_inner(addr).await?;
     let tls_stream = wrap_tls(
         strict_tls,
         host,
         addr.port(),
+        use_sni,
         alpn,
         tcp_stream,
         tls_session_store,

src/net/dns.rs

@@ -229,64 +229,6 @@ pub(crate) async fn update_connect_timestamp(
 /// Preloaded DNS results that can be used in case of DNS server failures.
 static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new(|| {
     HashMap::from([
-        (
-            "mail.sangham.net",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(159, 69, 186, 85)),
-                IpAddr::V6(Ipv6Addr::new(0x2a01, 0x4f8, 0xc17, 0x798c, 0, 0, 0, 1)),
-            ],
-        ),
-        (
-            "nine.testrun.org",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(116, 202, 233, 236)),
-                IpAddr::V4(Ipv4Addr::new(128, 140, 126, 197)),
-                IpAddr::V4(Ipv4Addr::new(49, 12, 116, 128)),
-                IpAddr::V6(Ipv6Addr::new(0x2a01, 0x4f8, 0x241, 0x4ce8, 0, 0, 0, 2)),
-            ],
-        ),
-        (
-            "disroot.org",
-            vec![IpAddr::V4(Ipv4Addr::new(178, 21, 23, 139))],
-        ),
-        (
-            "imap.gmail.com",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(142, 250, 110, 108)),
-                IpAddr::V4(Ipv4Addr::new(142, 250, 110, 109)),
-                IpAddr::V4(Ipv4Addr::new(66, 102, 1, 108)),
-                IpAddr::V4(Ipv4Addr::new(66, 102, 1, 109)),
-                IpAddr::V6(Ipv6Addr::new(0x2a00, 0x1450, 0x400c, 0xc1f, 0, 0, 0, 0x6c)),
-                IpAddr::V6(Ipv6Addr::new(0x2a00, 0x1450, 0x400c, 0xc1f, 0, 0, 0, 0x6d)),
-            ],
-        ),
-        (
-            "smtp.gmail.com",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(142, 250, 110, 109)),
-                IpAddr::V6(Ipv6Addr::new(0x2a00, 0x1450, 0x4013, 0xc04, 0, 0, 0, 0x6c)),
-            ],
-        ),
-        (
-            "mail.autistici.org",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(198, 167, 222, 108)),
-                IpAddr::V4(Ipv4Addr::new(82, 94, 249, 234)),
-                IpAddr::V4(Ipv4Addr::new(93, 190, 126, 19)),
-            ],
-        ),
-        (
-            "smtp.autistici.org",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(198, 167, 222, 108)),
-                IpAddr::V4(Ipv4Addr::new(82, 94, 249, 234)),
-                IpAddr::V4(Ipv4Addr::new(93, 190, 126, 19)),
-            ],
-        ),
-        (
-            "daleth.cafe",
-            vec![IpAddr::V4(Ipv4Addr::new(37, 27, 6, 204))],
-        ),
         (
             "imap.163.com",
             vec![IpAddr::V4(Ipv4Addr::new(111, 124, 203, 45))],
@@ -295,6 +237,21 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
             "smtp.163.com",
             vec![IpAddr::V4(Ipv4Addr::new(103, 129, 252, 45))],
         ),
+        (
+            "newyear.aktivix.org",
+            vec![IpAddr::V4(Ipv4Addr::new(209, 51, 180, 245))],
+        ),
+        (
+            "smtp.aliyun.com",
+            vec![IpAddr::V4(Ipv4Addr::new(47, 246, 136, 232))],
+        ),
+        (
+            "imap.aliyun.com",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(59, 82, 43, 123)),
+                IpAddr::V4(Ipv4Addr::new(59, 82, 9, 176)),
+            ],
+        ),
         (
             "imap.aol.com",
             vec![
@@ -302,17 +259,67 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
                 IpAddr::V4(Ipv4Addr::new(87, 248, 98, 69)),
             ],
         ),
+        (
+            "imap.arcor.de",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(178, 15, 69, 210)),
+                IpAddr::V4(Ipv4Addr::new(151, 189, 176, 206)),
+            ],
+        ),
         (
             "smtp.aol.com",
             vec![IpAddr::V4(Ipv4Addr::new(87, 248, 97, 31))],
         ),
         (
             "mail.arcor.de",
-            vec![IpAddr::V4(Ipv4Addr::new(2, 207, 150, 234))],
+            vec![
+                IpAddr::V4(Ipv4Addr::new(151, 189, 176, 206)),
+                IpAddr::V4(Ipv4Addr::new(178, 15, 69, 206)),
+            ],
         ),
         (
-            "imap.arcor.de",
-            vec![IpAddr::V4(Ipv4Addr::new(2, 207, 150, 230))],
+            "mail.autistici.org",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(93, 190, 126, 19)),
+                IpAddr::V4(Ipv4Addr::new(185, 218, 207, 228)),
+                IpAddr::V4(Ipv4Addr::new(198, 167, 222, 108)),
+            ],
+        ),
+        (
+            "smtp.autistici.org",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(82, 94, 249, 234)),
+                IpAddr::V4(Ipv4Addr::new(93, 190, 126, 19)),
+                IpAddr::V4(Ipv4Addr::new(198, 167, 222, 108)),
+            ],
+        ),
+        (
+            "imaps.bluewin.ch",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(16, 62, 253, 42)),
+                IpAddr::V4(Ipv4Addr::new(16, 63, 141, 244)),
+                IpAddr::V4(Ipv4Addr::new(16, 63, 146, 183)),
+            ],
+        ),
+        (
+            "smtpauths.bluewin.ch",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(16, 62, 176, 232)),
+                IpAddr::V4(Ipv4Addr::new(16, 62, 15, 25)),
+                IpAddr::V4(Ipv4Addr::new(16, 63, 183, 216)),
+            ],
+        ),
+        (
+            "mail.buzon.uy",
+            vec![IpAddr::V4(Ipv4Addr::new(200, 40, 115, 74))],
+        ),
+        (
+            "daleth.cafe",
+            vec![IpAddr::V4(Ipv4Addr::new(37, 27, 6, 204))],
+        ),
+        (
+            "disroot.org",
+            vec![IpAddr::V4(Ipv4Addr::new(178, 21, 23, 139))],
         ),
         (
             "imap.fastmail.com",
@@ -328,6 +335,39 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
                 IpAddr::V4(Ipv4Addr::new(103, 168, 172, 60)),
             ],
         ),
+        (
+            "imap.gmail.com",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(142, 250, 110, 108)),
+                IpAddr::V4(Ipv4Addr::new(142, 250, 110, 109)),
+                IpAddr::V4(Ipv4Addr::new(66, 102, 1, 108)),
+                IpAddr::V4(Ipv4Addr::new(66, 102, 1, 109)),
+                IpAddr::V6(Ipv6Addr::new(0x2a00, 0x1450, 0x400c, 0xc1f, 0, 0, 0, 0x6c)),
+                IpAddr::V6(Ipv6Addr::new(0x2a00, 0x1450, 0x400c, 0xc1f, 0, 0, 0, 0x6d)),
+            ],
+        ),
+        (
+            "mail.ecloud.global",
+            vec![IpAddr::V4(Ipv4Addr::new(95, 217, 246, 96))],
+        ),
+        (
+            "mail.ende.in.net",
+            vec![IpAddr::V4(Ipv4Addr::new(95, 217, 5, 72))],
+        ),
+        (
+            "smtp.gmail.com",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(142, 250, 110, 109)),
+                IpAddr::V6(Ipv6Addr::new(0x2a00, 0x1450, 0x4013, 0xc04, 0, 0, 0, 0x6c)),
+            ],
+        ),
+        (
+            "mail.gmx.net",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(212, 227, 17, 190)),
+                IpAddr::V4(Ipv4Addr::new(212, 227, 17, 168)),
+            ],
+        ),
         (
             "imap.gmx.net",
             vec![
@@ -335,6 +375,13 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
                 IpAddr::V4(Ipv4Addr::new(212, 227, 17, 186)),
             ],
         ),
+        (
+            "mail.sangham.net",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(159, 69, 186, 85)),
+                IpAddr::V6(Ipv6Addr::new(0x2a01, 0x4f8, 0xc17, 0x798c, 0, 0, 0, 1)),
+            ],
+        ),
         (
             "imap.mail.de",
             vec![IpAddr::V4(Ipv4Addr::new(62, 201, 172, 16))],
@@ -349,7 +396,7 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
         ),
         (
             "imap.naver.com",
-            vec![IpAddr::V4(Ipv4Addr::new(125, 209, 238, 153))],
+            vec![IpAddr::V4(Ipv4Addr::new(125, 209, 233, 34))],
         ),
         (
             "imap.ouvaton.coop",
@@ -359,6 +406,57 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
             "imap.purelymail.com",
             vec![IpAddr::V4(Ipv4Addr::new(18, 204, 123, 63))],
         ),
+        (
+            "mail.systemausfall.org",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(51, 75, 71, 249)),
+                IpAddr::V4(Ipv4Addr::new(80, 153, 252, 42)),
+            ],
+        ),
+        (
+            "mail.systemli.org",
+            vec![IpAddr::V4(Ipv4Addr::new(93, 190, 126, 36))],
+        ),
+        ("testrun.org", vec![IpAddr::V4(Ipv4Addr::new(5, 1, 76, 52))]),
+        (
+            "nine.testrun.org",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(128, 140, 126, 197)),
+                IpAddr::V4(Ipv4Addr::new(116, 202, 233, 236)),
+                IpAddr::V4(Ipv4Addr::new(216, 144, 228, 100)),
+                IpAddr::V6(Ipv6Addr::new(0x2a01, 0x4f8, 0x241, 0x4ce8, 0, 0, 0, 2)),
+                IpAddr::V6(Ipv6Addr::new(
+                    0x2001, 0x41d0, 0x701, 0x1100, 0, 0, 0, 0x8ab1,
+                )),
+            ],
+        ),
+        (
+            "secureimap.t-online.de",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 114)),
+                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 115)),
+                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 50)),
+                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 51)),
+            ],
+        ),
+        (
+            "securesmtp.t-online.de",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 46)),
+                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 110)),
+            ],
+        ),
+        (
+            "mail.riseup.net",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(198, 252, 153, 171)),
+                IpAddr::V4(Ipv4Addr::new(198, 252, 153, 170)),
+            ],
+        ),
+        (
+            "pimap.schulon.org",
+            vec![IpAddr::V4(Ipv4Addr::new(194, 77, 246, 20))],
+        ),
         (
             "imap.tiscali.it",
             vec![IpAddr::V4(Ipv4Addr::new(213, 205, 33, 10))],
@@ -367,6 +465,14 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
             "smtp.tiscali.it",
             vec![IpAddr::V4(Ipv4Addr::new(213, 205, 33, 13))],
         ),
+        (
+            "imap.ukr.net",
+            vec![IpAddr::V4(Ipv4Addr::new(212, 42, 75, 240))],
+        ),
+        (
+            "smtp.ukr.net",
+            vec![IpAddr::V4(Ipv4Addr::new(212, 42, 75, 250))],
+        ),
         (
             "imap.web.de",
             vec![
@@ -380,33 +486,9 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
         ),
         (
             "imap.zoho.eu",
-            vec![IpAddr::V4(Ipv4Addr::new(185, 230, 214, 25))],
-        ),
-        (
-            "imaps.bluewin.ch",
             vec![
-                IpAddr::V4(Ipv4Addr::new(16, 62, 253, 42)),
-                IpAddr::V4(Ipv4Addr::new(16, 63, 141, 244)),
-                IpAddr::V4(Ipv4Addr::new(16, 63, 146, 183)),
-            ],
-        ),
-        (
-            "mail.buzon.uy",
-            vec![IpAddr::V4(Ipv4Addr::new(185, 101, 93, 79))],
-        ),
-        (
-            "mail.ecloud.global",
-            vec![IpAddr::V4(Ipv4Addr::new(95, 217, 246, 96))],
-        ),
-        (
-            "mail.ende.in.net",
-            vec![IpAddr::V4(Ipv4Addr::new(95, 217, 5, 72))],
-        ),
-        (
-            "mail.gmx.net",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(212, 227, 17, 168)),
-                IpAddr::V4(Ipv4Addr::new(212, 227, 17, 190)),
+                IpAddr::V4(Ipv4Addr::new(185, 230, 214, 25)),
+                IpAddr::V4(Ipv4Addr::new(185, 230, 214, 206)),
             ],
         ),
         (
@@ -424,24 +506,6 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
             "mail.nubo.coop",
             vec![IpAddr::V4(Ipv4Addr::new(79, 99, 201, 10))],
         ),
-        (
-            "mail.riseup.net",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(198, 252, 153, 70)),
-                IpAddr::V4(Ipv4Addr::new(198, 252, 153, 71)),
-            ],
-        ),
-        (
-            "mail.systemausfall.org",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(51, 75, 71, 249)),
-                IpAddr::V4(Ipv4Addr::new(80, 153, 252, 42)),
-            ],
-        ),
-        (
-            "mail.systemli.org",
-            vec![IpAddr::V4(Ipv4Addr::new(93, 190, 126, 36))],
-        ),
         (
             "mehl.cloud",
             vec![IpAddr::V4(Ipv4Addr::new(95, 217, 223, 172))],
@@ -449,20 +513,14 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
         (
             "mx.freenet.de",
             vec![
-                IpAddr::V4(Ipv4Addr::new(195, 4, 92, 210)),
-                IpAddr::V4(Ipv4Addr::new(195, 4, 92, 211)),
-                IpAddr::V4(Ipv4Addr::new(195, 4, 92, 212)),
-                IpAddr::V4(Ipv4Addr::new(195, 4, 92, 213)),
+                IpAddr::V4(Ipv4Addr::new(194, 97, 208, 36)),
+                IpAddr::V4(Ipv4Addr::new(194, 97, 208, 34)),
+                IpAddr::V4(Ipv4Addr::new(194, 97, 208, 35)),
+                IpAddr::V4(Ipv4Addr::new(194, 97, 208, 39)),
+                IpAddr::V4(Ipv4Addr::new(194, 97, 208, 37)),
+                IpAddr::V4(Ipv4Addr::new(194, 97, 208, 38)),
             ],
         ),
-        (
-            "newyear.aktivix.org",
-            vec![IpAddr::V4(Ipv4Addr::new(162, 247, 75, 192))],
-        ),
-        (
-            "pimap.schulon.org",
-            vec![IpAddr::V4(Ipv4Addr::new(194, 77, 246, 20))],
-        ),
         (
             "posteo.de",
             vec![
@@ -474,26 +532,6 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
             "psmtp.schulon.org",
             vec![IpAddr::V4(Ipv4Addr::new(194, 77, 246, 20))],
         ),
-        (
-            "secureimap.t-online.de",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 114)),
-                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 115)),
-                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 50)),
-                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 51)),
-            ],
-        ),
-        (
-            "securesmtp.t-online.de",
-            vec![
-                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 110)),
-                IpAddr::V4(Ipv4Addr::new(194, 25, 134, 46)),
-            ],
-        ),
-        (
-            "smtp.aliyun.com",
-            vec![IpAddr::V4(Ipv4Addr::new(47, 246, 136, 232))],
-        ),
         (
             "smtp.mail.de",
             vec![IpAddr::V4(Ipv4Addr::new(62, 201, 172, 21))],
@@ -501,8 +539,8 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
         (
             "smtp.mail.ru",
             vec![
-                IpAddr::V4(Ipv4Addr::new(217, 69, 139, 160)),
                 IpAddr::V4(Ipv4Addr::new(94, 100, 180, 160)),
+                IpAddr::V4(Ipv4Addr::new(217, 69, 139, 160)),
             ],
         ),
         (
@@ -520,6 +558,20 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
             "imap.mailo.com",
             vec![IpAddr::V4(Ipv4Addr::new(213, 182, 54, 20))],
         ),
+        (
+            "imap.migadu.com",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(51, 210, 3, 23)),
+                IpAddr::V4(Ipv4Addr::new(51, 210, 3, 20)),
+            ],
+        ),
+        (
+            "smtp.migadu.com",
+            vec![
+                IpAddr::V4(Ipv4Addr::new(37, 59, 57, 117)),
+                IpAddr::V4(Ipv4Addr::new(51, 255, 82, 75)),
+            ],
+        ),
         (
             "smtp.mailo.com",
             vec![IpAddr::V4(Ipv4Addr::new(213, 182, 54, 20))],
@@ -538,30 +590,48 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
         ),
         (
             "imap.qq.com",
-            vec![IpAddr::V4(Ipv4Addr::new(43, 129, 255, 54))],
+            vec![
+                IpAddr::V4(Ipv4Addr::new(43, 163, 178, 76)),
+                IpAddr::V4(Ipv4Addr::new(43, 129, 255, 54)),
+            ],
         ),
         (
             "smtp.qq.com",
-            vec![IpAddr::V4(Ipv4Addr::new(43, 129, 255, 54))],
+            vec![
+                IpAddr::V4(Ipv4Addr::new(43, 129, 255, 54)),
+                IpAddr::V4(Ipv4Addr::new(43, 163, 178, 76)),
+            ],
         ),
         (
             "imap.rambler.ru",
             vec![
-                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 169)),
-                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 171)),
                 IpAddr::V4(Ipv4Addr::new(81, 19, 77, 168)),
+                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 169)),
                 IpAddr::V4(Ipv4Addr::new(81, 19, 77, 170)),
+                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 171)),
             ],
         ),
         (
             "smtp.rambler.ru",
             vec![
-                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 165)),
-                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 167)),
-                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 166)),
                 IpAddr::V4(Ipv4Addr::new(81, 19, 77, 164)),
+                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 165)),
+                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 166)),
+                IpAddr::V4(Ipv4Addr::new(81, 19, 77, 167)),
             ],
         ),
+        (
+            "stinpriza.net",
+            vec![IpAddr::V4(Ipv4Addr::new(5, 9, 122, 184))],
+        ),
+        (
+            "webbox222.server-home.org",
+            vec![IpAddr::V4(Ipv4Addr::new(91, 203, 111, 88))],
+        ),
+        (
+            "undernet.uy",
+            vec![IpAddr::V4(Ipv4Addr::new(200, 40, 115, 74))],
+        ),
         (
             "imap.vivaldi.net",
             vec![IpAddr::V4(Ipv4Addr::new(31, 209, 137, 15))],
@@ -572,17 +642,23 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
         ),
         (
             "imap.vodafonemail.de",
-            vec![IpAddr::V4(Ipv4Addr::new(2, 207, 150, 230))],
+            vec![
+                IpAddr::V4(Ipv4Addr::new(178, 15, 69, 210)),
+                IpAddr::V4(Ipv4Addr::new(151, 189, 176, 206)),
+            ],
         ),
         (
             "smtp.vodafonemail.de",
-            vec![IpAddr::V4(Ipv4Addr::new(2, 207, 150, 234))],
+            vec![
+                IpAddr::V4(Ipv4Addr::new(151, 189, 176, 206)),
+                IpAddr::V4(Ipv4Addr::new(178, 15, 69, 206)),
+            ],
         ),
         (
             "smtp.web.de",
             vec![
-                IpAddr::V4(Ipv4Addr::new(213, 165, 67, 108)),
                 IpAddr::V4(Ipv4Addr::new(213, 165, 67, 124)),
+                IpAddr::V4(Ipv4Addr::new(213, 165, 67, 108)),
             ],
         ),
         (
@@ -599,23 +675,10 @@ static DNS_PRELOAD: LazyLock<HashMap<&'static str, Vec<IpAddr>>> = LazyLock::new
         ),
         (
             "smtp.zoho.eu",
-            vec![IpAddr::V4(Ipv4Addr::new(185, 230, 212, 164))],
-        ),
-        (
-            "smtpauths.bluewin.ch",
-            vec![IpAddr::V4(Ipv4Addr::new(195, 186, 120, 54))],
-        ),
-        (
-            "stinpriza.net",
-            vec![IpAddr::V4(Ipv4Addr::new(5, 9, 122, 184))],
-        ),
-        (
-            "undernet.uy",
-            vec![IpAddr::V4(Ipv4Addr::new(167, 62, 254, 153))],
-        ),
-        (
-            "webbox222.server-home.org",
-            vec![IpAddr::V4(Ipv4Addr::new(91, 203, 111, 88))],
+            vec![
+                IpAddr::V4(Ipv4Addr::new(185, 230, 212, 164)),
+                IpAddr::V4(Ipv4Addr::new(185, 230, 214, 164)),
+            ],
         ),
     ])
 });

src/net/http.rs

@@ -74,19 +74,33 @@ where
         }
         "https" => {
             let port = parsed_url.port_u16().unwrap_or(443);
-            let load_cache = true;
+            let (use_sni, load_cache) = (true, true);
 
             if let Some(proxy_config) = proxy_config_opt {
                 let proxy_stream = proxy_config
                     .connect(context, host, port, load_cache)
                     .await?;
-                let tls_stream =
-                    wrap_rustls(host, port, "", proxy_stream, &context.tls_session_store).await?;
+                let tls_stream = wrap_rustls(
+                    host,
+                    port,
+                    use_sni,
+                    "",
+                    proxy_stream,
+                    &context.tls_session_store,
+                )
+                .await?;
                 Box::new(tls_stream)
             } else {
                 let tcp_stream = crate::net::connect_tcp(context, host, port, load_cache).await?;
-                let tls_stream =
-                    wrap_rustls(host, port, "", tcp_stream, &context.tls_session_store).await?;
+                let tls_stream = wrap_rustls(
+                    host,
+                    port,
+                    use_sni,
+                    "",
+                    tcp_stream,
+                    &context.tls_session_store,
+                )
+                .await?;
                 Box::new(tls_stream)
             }
         }

src/net/proxy.rs

@@ -429,9 +429,11 @@ impl ProxyConfig {
                     load_cache,
                 )
                 .await?;
+                let use_sni = true;
                 let tls_stream = wrap_rustls(
                     &https_config.host,
                     https_config.port,
+                    use_sni,
                     "",
                     tcp_stream,
                     &context.tls_session_store,

src/net/tls.rs

@@ -13,12 +13,14 @@ pub async fn wrap_tls<'a>(
     strict_tls: bool,
     hostname: &str,
     port: u16,
+    use_sni: bool,
     alpn: &str,
     stream: impl SessionStream + 'static,
     tls_session_store: &TlsSessionStore,
 ) -> Result<impl SessionStream + 'a> {
     if strict_tls {
-        let tls_stream = wrap_rustls(hostname, port, alpn, stream, tls_session_store).await?;
+        let tls_stream =
+            wrap_rustls(hostname, port, use_sni, alpn, stream, tls_session_store).await?;
         let boxed_stream: Box<dyn SessionStream> = Box::new(tls_stream);
         Ok(boxed_stream)
     } else {
@@ -32,6 +34,7 @@ pub async fn wrap_tls<'a>(
         };
         let tls = async_native_tls::TlsConnector::new()
             .min_protocol_version(Some(async_native_tls::Protocol::Tlsv12))
+            .use_sni(use_sni)
             .request_alpns(&alpns)
             .danger_accept_invalid_hostnames(true)
             .danger_accept_invalid_certs(true);
@@ -90,6 +93,7 @@ impl TlsSessionStore {
 pub async fn wrap_rustls<'a>(
     hostname: &str,
     port: u16,
+    use_sni: bool,
     alpn: &str,
     stream: impl SessionStream + 'a,
     tls_session_store: &TlsSessionStore,
@@ -117,6 +121,7 @@ pub async fn wrap_rustls<'a>(
     let resumption = tokio_rustls::rustls::client::Resumption::store(resumption_store)
         .tls12_resumption(tokio_rustls::rustls::client::Tls12Resumption::Disabled);
     config.resumption = resumption;
+    config.enable_sni = use_sni;
 
     let tls = tokio_rustls::TlsConnector::from(Arc::new(config));
     let name = rustls_pki_types::ServerName::try_from(hostname)?.to_owned();

src/oauth2.rs

@@ -139,10 +139,10 @@ pub(crate) async fn get_oauth2_access_token(
                 value = &redirect_uri;
             } else if value == "$CODE" {
                 value = code;
-            } else if value == "$REFRESH_TOKEN" {
-                if let Some(refresh_token) = refresh_token.as_ref() {
-                    value = refresh_token;
-                }
+            } else if value == "$REFRESH_TOKEN"
+                && let Some(refresh_token) = refresh_token.as_ref()
+            {
+                value = refresh_token;
             }
 
             post_param.insert(key, value);
@@ -261,14 +261,12 @@ impl Oauth2 {
         if let Some(domain) = addr_normalized
             .find('@')
             .map(|index| addr_normalized.split_at(index + 1).1)
-        {
-            if let Some(oauth2_authorizer) = provider::get_provider_info(domain)
+            && let Some(oauth2_authorizer) = provider::get_provider_info(domain)
                 .and_then(|provider| provider.oauth2_authorizer.as_ref())
-            {
-                return Some(match oauth2_authorizer {
-                    Oauth2Authorizer::Yandex => OAUTH2_YANDEX,
-                });
-            }
+        {
+            return Some(match oauth2_authorizer {
+                Oauth2Authorizer::Yandex => OAUTH2_YANDEX,
+            });
         }
         None
     }

src/pgp.rs

@@ -165,7 +165,7 @@ fn select_pk_for_encryption(key: &SignedPublicKey) -> Option<&SignedPublicSubKey
 pub async fn pk_encrypt(
     plain: Vec<u8>,
     public_keys_for_encryption: Vec<SignedPublicKey>,
-    private_key_for_signing: Option<SignedSecretKey>,
+    private_key_for_signing: SignedSecretKey,
     compress: bool,
     anonymous_recipients: bool,
 ) -> Result<String> {
@@ -187,11 +187,9 @@ pub async fn pk_encrypt(
                 }
             }
 
-            if let Some(ref skey) = private_key_for_signing {
-                msg.sign(&**skey, Password::empty(), HASH_ALGORITHM);
-                if compress {
-                    msg.compression(CompressionAlgorithm::ZLIB);
-                }
+            msg.sign(&*private_key_for_signing, Password::empty(), HASH_ALGORITHM);
+            if compress {
+                msg.compression(CompressionAlgorithm::ZLIB);
             }
 
             let encoded_msg = msg.to_armored_string(&mut rng, Default::default())?;
@@ -406,7 +404,7 @@ pub async fn symm_encrypt_message(
         };
         let mut msg = msg.seipd_v2(
             &mut rng,
-            SymmetricKeyAlgorithm::AES128,
+            SYMMETRIC_KEY_ALGORITHM,
             AeadAlgorithm::Ocb,
             ChunkSize::C8KiB,
         );
@@ -534,7 +532,6 @@ mod tests {
     static KEYS: LazyLock<TestKeys> = LazyLock::new(TestKeys::new);
 
     static CTEXT_SIGNED: OnceCell<String> = OnceCell::const_new();
-    static CTEXT_UNSIGNED: OnceCell<String> = OnceCell::const_new();
 
     /// A ciphertext encrypted to Alice & Bob, signed by Alice.
     async fn ctext_signed() -> &'static String {
@@ -547,28 +544,7 @@ mod tests {
                 pk_encrypt(
                     CLEARTEXT.to_vec(),
                     keyring,
-                    Some(KEYS.alice_secret.clone()),
-                    compress,
-                    anonymous_recipients,
-                )
-                .await
-                .unwrap()
-            })
-            .await
-    }
-
-    /// A ciphertext encrypted to Alice & Bob, not signed.
-    async fn ctext_unsigned() -> &'static String {
-        let anonymous_recipients = true;
-        CTEXT_UNSIGNED
-            .get_or_init(|| async {
-                let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
-                let compress = true;
-
-                pk_encrypt(
-                    CLEARTEXT.to_vec(),
-                    keyring,
-                    None,
+                    KEYS.alice_secret.clone(),
                     compress,
                     anonymous_recipients,
                 )
@@ -588,16 +564,6 @@ mod tests {
         );
     }
 
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_encrypt_unsigned() {
-        assert!(!ctext_unsigned().await.is_empty());
-        assert!(
-            ctext_unsigned()
-                .await
-                .starts_with("-----BEGIN PGP MESSAGE-----")
-        );
-    }
-
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_singed() {
         // Check decrypting as Alice
@@ -652,9 +618,9 @@ mod tests {
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_unsigned() {
         let decrypt_keyring = vec![KEYS.bob_secret.clone()];
+        let ctext_unsigned = include_bytes!("../test-data/message/ctext_unsigned.asc");
         let (_msg, valid_signatures, content) =
-            pk_decrypt_and_validate(ctext_unsigned().await.as_bytes(), &decrypt_keyring, &[])
-                .unwrap();
+            pk_decrypt_and_validate(ctext_unsigned, &decrypt_keyring, &[]).unwrap();
         assert_eq!(content, CLEARTEXT);
         assert_eq!(valid_signatures.len(), 0);
     }
@@ -744,7 +710,14 @@ mod tests {
         let pk_for_encryption = load_self_public_key(alice).await?;
 
         // Encrypt a message, but only to self, not to Bob:
-        let ctext = pk_encrypt(plain, vec![pk_for_encryption], None, true, true).await?;
+        let ctext = pk_encrypt(
+            plain,
+            vec![pk_for_encryption],
+            KEYS.alice_secret.clone(),
+            true,
+            true,
+        )
+        .await?;
 
         // Trying to decrypt it should fail with an OK error message:
         let bob_private_keyring = crate::key::load_self_secret_keyring(bob).await?;

src/qr.rs

@@ -42,7 +42,7 @@ pub(crate) const DCBACKUP_SCHEME_PREFIX: &str = "DCBACKUP";
 
 /// Version written to Backups and Backup-QR-Codes.
 /// Imports will fail when they have a larger version.
-pub(crate) const DCBACKUP_VERSION: i32 = 3;
+pub(crate) const DCBACKUP_VERSION: i32 = 4;
 
 /// Scanned QR code.
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -233,6 +233,31 @@ pub enum Qr {
         authcode: String,
     },
 
+    /// Ask the user if they want to withdraw their own broadcast channel invite QR code.
+    WithdrawJoinBroadcast {
+        /// The user-visible name of this broadcast channel
+        name: String,
+
+        /// A string of random characters,
+        /// uniquely identifying this broadcast channel across all databases/clients.
+        /// Called `grpid` for historic reasons:
+        /// The id of multi-user chats is always called `grpid` in the database
+        /// because groups were once the only multi-user chats.
+        grpid: String,
+
+        /// Contact ID. Always `ContactId::SELF`.
+        contact_id: ContactId,
+
+        /// Fingerprint of the contact's key as scanned from the QR code.
+        fingerprint: Fingerprint,
+
+        /// Invite number.
+        invitenumber: String,
+
+        /// Authentication code.
+        authcode: String,
+    },
+
     /// Ask the user if they want to revive their own QR code.
     ReviveVerifyContact {
         /// Contact ID.
@@ -269,6 +294,31 @@ pub enum Qr {
         authcode: String,
     },
 
+    /// Ask the user if they want to revive their own broadcast channel invite QR code.
+    ReviveJoinBroadcast {
+        /// The user-visible name of this broadcast channel
+        name: String,
+
+        /// A string of random characters,
+        /// uniquely identifying this broadcast channel across all databases/clients.
+        /// Called `grpid` for historic reasons:
+        /// The id of multi-user chats is always called `grpid` in the database
+        /// because groups were once the only multi-user chats.
+        grpid: String,
+
+        /// Contact ID. Always `ContactId::SELF`.
+        contact_id: ContactId,
+
+        /// Fingerprint of the contact's key as scanned from the QR code.
+        fingerprint: Fingerprint,
+
+        /// Invite number.
+        invitenumber: String,
+
+        /// Authentication code.
+        authcode: String,
+    },
+
     /// `dclogin:` scheme parameters.
     ///
     /// Ask the user if they want to login with the email address.
@@ -500,14 +550,40 @@ async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
                 })
             }
         } else if let (Some(grpid), Some(name)) = (grpid, broadcast_name) {
-            Ok(Qr::AskJoinBroadcast {
-                name,
-                grpid,
-                contact_id,
-                fingerprint,
-                invitenumber,
-                authcode,
-            })
+            if context
+                .is_self_addr(&addr)
+                .await
+                .with_context(|| format!("Can't check if {addr:?} is our address"))?
+            {
+                if token::exists(context, token::Namespace::InviteNumber, &invitenumber).await? {
+                    Ok(Qr::WithdrawJoinBroadcast {
+                        name,
+                        grpid,
+                        contact_id,
+                        fingerprint,
+                        invitenumber,
+                        authcode,
+                    })
+                } else {
+                    Ok(Qr::ReviveJoinBroadcast {
+                        name,
+                        grpid,
+                        contact_id,
+                        fingerprint,
+                        invitenumber,
+                        authcode,
+                    })
+                }
+            } else {
+                Ok(Qr::AskJoinBroadcast {
+                    name,
+                    grpid,
+                    contact_id,
+                    fingerprint,
+                    invitenumber,
+                    authcode,
+                })
+            }
         } else if context.is_self_addr(&addr).await? {
             if token::exists(context, token::Namespace::InviteNumber, &invitenumber).await? {
                 Ok(Qr::WithdrawVerifyContact {
@@ -800,6 +876,12 @@ pub async fn set_config_from_qr(context: &Context, qr: &str) -> Result<()> {
             invitenumber,
             authcode,
             ..
+        }
+        | Qr::WithdrawJoinBroadcast {
+            grpid,
+            invitenumber,
+            authcode,
+            ..
         } => {
             token::delete(context, &grpid).await?;
             context
@@ -829,6 +911,12 @@ pub async fn set_config_from_qr(context: &Context, qr: &str) -> Result<()> {
             authcode,
             grpid,
             ..
+        }
+        | Qr::ReviveJoinBroadcast {
+            invitenumber,
+            authcode,
+            grpid,
+            ..
         } => {
             let timestamp = time();
             token::save(

src/qr/qr_tests.rs

@@ -1,5 +1,5 @@
 use super::*;
-use crate::chat::create_group;
+use crate::chat::{Chat, create_broadcast, create_group, get_chat_contacts};
 use crate::config::Config;
 use crate::login_param::EnteredCertificateChecks;
 use crate::provider::Socket;
@@ -511,6 +511,56 @@ async fn test_withdraw_verifygroup() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_withdraw_joinbroadcast() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let chat_id = create_broadcast(alice, "foo".to_string()).await?;
+    let qr = get_securejoin_qr(alice, Some(chat_id)).await?;
+
+    // scanning own verify-group code offers withdrawing
+    if let Qr::WithdrawJoinBroadcast { name, .. } = check_qr(alice, &qr).await? {
+        assert_eq!(name, "foo");
+    } else {
+        bail!("Wrong QR type, expected WithdrawJoinBroadcast");
+    }
+    set_config_from_qr(alice, &qr).await?;
+
+    // scanning withdrawn verify-group code offers reviving
+    if let Qr::ReviveJoinBroadcast { name, .. } = check_qr(alice, &qr).await? {
+        assert_eq!(name, "foo");
+    } else {
+        bail!("Wrong QR type, expected ReviveJoinBroadcast");
+    }
+
+    // someone else always scans as ask-verify-group
+    if let Qr::AskJoinBroadcast { name, .. } = check_qr(bob, &qr).await? {
+        assert_eq!(name, "foo");
+    } else {
+        bail!("Wrong QR type, expected AskJoinBroadcast");
+    }
+    assert!(set_config_from_qr(bob, &qr).await.is_err());
+
+    // Bob can't join using this QR code, since it's still withdrawn
+    let bob_chat_id = tcm.exec_securejoin_qr(bob, alice, &qr).await;
+    let bob_chat = Chat::load_from_db(bob, bob_chat_id).await?;
+    assert_eq!(bob_chat.is_self_in_chat(bob).await?, false);
+    assert_eq!(get_chat_contacts(alice, chat_id).await?.len(), 0);
+
+    // Revive
+    set_config_from_qr(alice, &qr).await?;
+
+    // Now Bob can join
+    let bob_chat_id2 = tcm.exec_securejoin_qr(bob, alice, &qr).await;
+    assert_eq!(bob_chat_id, bob_chat_id2);
+    let bob_chat = Chat::load_from_db(bob, bob_chat_id).await?;
+    assert_eq!(bob_chat.is_self_in_chat(bob).await?, true);
+    assert_eq!(get_chat_contacts(alice, chat_id).await?.len(), 1);
+
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_withdraw_multidevice() -> Result<()> {
     let mut tcm = TestContextManager::new();

src/reaction.rs

@@ -991,42 +991,6 @@ Content-Disposition: reaction\n\
         Ok(())
     }
 
-    /// Regression test for reaction resetting self-status.
-    ///
-    /// Reactions do not contain the status,
-    /// but should not result in self-status being reset on other devices.
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_reaction_status_multidevice() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice1 = tcm.alice().await;
-        let alice2 = tcm.alice().await;
-
-        alice1
-            .set_config(Config::Selfstatus, Some("New status"))
-            .await?;
-
-        let alice2_msg = tcm.send_recv(&alice1, &alice2, "Hi!").await;
-        assert_eq!(
-            alice2.get_config(Config::Selfstatus).await?.as_deref(),
-            Some("New status")
-        );
-
-        // Alice reacts to own message from second device,
-        // first device receives rection.
-        {
-            send_reaction(&alice2, alice2_msg.id, "👍").await?;
-            let msg = alice2.pop_sent_msg().await;
-            alice1.recv_msg_hidden(&msg).await;
-        }
-
-        // Check that the status is still the same.
-        assert_eq!(
-            alice1.get_config(Config::Selfstatus).await?.as_deref(),
-            Some("New status")
-        );
-        Ok(())
-    }
-
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_send_reaction_multidevice() -> Result<()> {
         let mut tcm = TestContextManager::new();