chore(release): prepare for 1.128.0

documentation and reasoning is fully in `delete_chat()`,
the remove line does not add much to it, also, the hint to "above" is wrong.

.github/workflows/ci.yml

@@ -211,7 +211,7 @@ jobs:
 
       - name: Run python tests
         env:
-          DCC_NEW_TMP_EMAIL: ${{ secrets.DCC_NEW_TMP_EMAIL }}
+          CHATMAIL_DOMAIN: ${{ secrets.CHATMAIL_DOMAIN }}
           DCC_RS_TARGET: debug
           DCC_RS_DEV: ${{ github.workspace }}
         working-directory: python
@@ -274,6 +274,6 @@ jobs:
 
       - name: Run deltachat-rpc-client tests
         env:
-          DCC_NEW_TMP_EMAIL: ${{ secrets.DCC_NEW_TMP_EMAIL }}
+          CHATMAIL_DOMAIN: ${{ secrets.CHATMAIL_DOMAIN }}
         working-directory: deltachat-rpc-client
         run: tox -e py

.github/workflows/jsonrpc-client-npm-package.yml

@@ -17,7 +17,7 @@ jobs:
         uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: "16"
+          node-version: "18"
       - name: Get tag
         id: tag
         uses: dawidd6/action-get-tag@v1

.github/workflows/jsonrpc.yml

@@ -15,10 +15,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - name: Use Node.js 16.x
+      - name: Use Node.js 18.x
         uses: actions/setup-node@v3
         with:
-          node-version: 16.x
+          node-version: 18.x
       - name: Add Rust cache
         uses: Swatinem/rust-cache@v2
       - name: npm install
@@ -31,7 +31,7 @@ jobs:
         working-directory: deltachat-jsonrpc/typescript
         run: npm run test
         env:
-          DCC_NEW_TMP_EMAIL: ${{ secrets.DCC_NEW_TMP_EMAIL }}
+          CHATMAIL_DOMAIN: ${{ secrets.CHATMAIL_DOMAIN }}
       - name: make sure websocket server version still builds
         working-directory: deltachat-jsonrpc
         run: cargo build --bin deltachat-jsonrpc-server --features webserver

.github/workflows/node-docs.yml

@@ -16,10 +16,10 @@ jobs:
     steps:
       - uses: actions/checkout@v3
 
-      - name: Use Node.js 16.x
+      - name: Use Node.js 18.x
         uses: actions/setup-node@v3
         with:
-          node-version: 16.x
+          node-version: 18.x
 
       - name: npm install and generate documentation
         working-directory: node

.github/workflows/node-package.yml

@@ -18,7 +18,7 @@ jobs:
         uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: "16"
+          node-version: "18"
       - name: System info
         run: |
           rustc -vV
@@ -66,10 +66,8 @@ jobs:
     runs-on: ubuntu-latest
 
     # Build Linux prebuilds inside a container with old glibc for backwards compatibility.
-    # Debian 10 contained glibc 2.28 at the time of the writing (2023-06-04): https://packages.debian.org/buster/libc6
-    # Ubuntu 18.04 is at the End of Standard Support since June 2023, but it contains glibc 2.27,
-    # so we are using it to support Ubuntu 18.04 setups that are still not upgraded.
-    container: ubuntu:18.04
+    # Debian 10 contained glibc 2.28: https://packages.debian.org/buster/libc6
+    container: debian:10
     steps:
       # Working directory is owned by 1001:1001 by default.
       # Change it to our user.
@@ -80,7 +78,7 @@ jobs:
         uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: "16"
+          node-version: "18"
       - run: apt-get update
 
       # Python is needed for node-gyp
@@ -143,7 +141,7 @@ jobs:
         uses: actions/checkout@v3
       - uses: actions/setup-node@v2
         with:
-          node-version: "16"
+          node-version: "18"
       - name: Get tag
         id: tag
         uses: dawidd6/action-get-tag@v1

.github/workflows/node-tests.yml

@@ -27,7 +27,7 @@ jobs:
         uses: actions/checkout@v3
       - uses: actions/setup-node@v3
         with:
-          node-version: "16"
+          node-version: "18"
       - name: System info
         run: |
           rustc -vV
@@ -63,5 +63,5 @@ jobs:
         working-directory: node
         run: npm run test
         env:
-          DCC_NEW_TMP_EMAIL: ${{ secrets.DCC_NEW_TMP_EMAIL }}
+          CHATMAIL_DOMAIN: ${{ secrets.CHATMAIL_DOMAIN }}
           NODE_OPTIONS: "--force-node-api-uncaught-exceptions-policy=true"

CHANGELOG.md

@@ -1,5 +1,35 @@
 # Changelog
 
+## [1.128.0] - 2023-11-02
+
+### Build system
+- [**breaking**] Upgrade nodejs version to 18 ([#4903](https://github.com/deltachat/deltachat-core-rust/pull/4903)).
+
+### Features / Changes
+
+- deltachat-rpc-client: Add `Account.wait_for_incoming_msg_event()`.
+- Decrease ratelimit for .testrun.org subdomains.
+
+### Fixes
+
+- Do not fail securejoin due to unrelated pending bobstate  ([#4896](https://github.com/deltachat/deltachat-core-rust/pull/4896)).
+- Allow other verified group recipients to be unverified, only check the sender verification.
+- Remove not working attempt to recover from verified key changes.
+
+## [1.127.2] - 2023-10-29
+
+### API-Changes
+
+- [**breaking**] Jsonrpc `misc_set_draft` now requires setting the viewtype.
+- jsonrpc: Add `get_message_info_object`.
+
+### Tests
+
+- deltachat-rpc-client: Move pytest option from pyproject.toml to tox.ini and set log level.
+- deltachat-rpc-client: Test securejoin.
+- Increase pytest timeout to 10 minutes.
+- Compile deltachat-rpc-server in debug mode for tests.
+
 ## [1.127.1] - 2023-10-27
 
 ### API-Changes
@@ -1078,7 +1108,7 @@ Bugfix release attempting to fix the [iOS build error](https://github.com/deltac
 
 ### Changes
 - Look at Authentication-Results. Don't accept Autocrypt key changes
-  if they come with negative authentiation results while this contact
+  if they come with negative authentication results while this contact
   sent emails with positive authentication results in the past. #3583
 - jsonrpc in cffi also sends events now #3662
 - jsonrpc: new format for events and better typescript autocompletion
@@ -2664,7 +2694,7 @@ Bugfix release attempting to fix the [iOS build error](https://github.com/deltac
 
 - delete all consumed secure-join handshake messagess #1209 #1212
 
-- rust-level cleanups #1218 #1217 #1210 #1205
+- Rust-level cleanups #1218 #1217 #1210 #1205
 
 - python-level cleanups #1204 #1202 #1201
 
@@ -3034,3 +3064,5 @@ https://github.com/deltachat/deltachat-core-rust/pulls?q=is%3Apr+is%3Aclosed
 [1.126.1]: https://github.com/deltachat/deltachat-core-rust/compare/v1.126.0...v1.126.1
 [1.127.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.126.1...v1.127.0
 [1.127.1]: https://github.com/deltachat/deltachat-core-rust/compare/v1.127.0...v1.127.1
+[1.127.2]: https://github.com/deltachat/deltachat-core-rust/compare/v1.127.1...v1.127.2
+[1.128.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.127.2...v1.128.0

Cargo.lock

@@ -1087,7 +1087,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat"
-version = "1.127.1"
+version = "1.128.0"
 dependencies = [
  "ansi_term",
  "anyhow",
@@ -1165,7 +1165,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-jsonrpc"
-version = "1.127.1"
+version = "1.128.0"
 dependencies = [
  "anyhow",
  "async-channel 2.0.0",
@@ -1189,7 +1189,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-repl"
-version = "1.127.1"
+version = "1.128.0"
 dependencies = [
  "ansi_term",
  "anyhow",
@@ -1204,7 +1204,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-rpc-server"
-version = "1.127.1"
+version = "1.128.0"
 dependencies = [
  "anyhow",
  "deltachat",
@@ -1229,7 +1229,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat_ffi"
-version = "1.127.1"
+version = "1.128.0"
 dependencies = [
  "anyhow",
  "deltachat",
@@ -3438,9 +3438,9 @@ dependencies = [
 
 [[package]]
 name = "portable-atomic"
-version = "1.5.0"
+version = "1.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b559898e0b4931ed2d3b959ab0c2da4d99cc644c4b0b1a35b4d344027f474023"
+checksum = "3bccab0e7fd7cc19f820a1c8c91720af652d0c88dc9664dd72aef2614f04af3b"
 
 [[package]]
 name = "postcard"

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat"
-version = "1.127.1"
+version = "1.128.0"
 edition = "2021"
 license = "MPL-2.0"
 rust-version = "1.70"

deltachat-ffi/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "1.127.1"
+version = "1.128.0"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"

deltachat-ffi/src/lib.rs

@@ -489,7 +489,7 @@ pub unsafe extern "C" fn dc_start_io(context: *mut dc_context_t) {
     if context.is_null() {
         return;
     }
-    let ctx = &*context;
+    let ctx = &mut *context;
 
     block_on(ctx.start_io())
 }
@@ -4946,8 +4946,8 @@ pub unsafe extern "C" fn dc_accounts_start_io(accounts: *mut dc_accounts_t) {
         return;
     }
 
-    let accounts = &*accounts;
-    block_on(async move { accounts.read().await.start_io().await });
+    let accounts = &mut *accounts;
+    block_on(async move { accounts.write().await.start_io().await });
 }
 
 #[no_mangle]

deltachat-jsonrpc/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "1.127.1"
+version = "1.128.0"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 default-run = "deltachat-jsonrpc-server"

deltachat-jsonrpc/README.md

@@ -108,10 +108,10 @@ This will build the `deltachat-jsonrpc-server` binary and then run a test suite
 
 The test suite includes some tests that need online connectivity and a way to create test email accounts. To run these tests, talk to DeltaChat developers to get a token for the `testrun.org` service, or use a local instance of [`mailadm`](https://github.com/deltachat/docker-mailadm).
 
-Then, set the `DCC_NEW_TMP_EMAIL` environment variable to your mailadm token before running the tests.
+Then, set the `CHATMAIL_DOMAIN` environment variable to your testing email server domain.
 
 ```
-DCC_NEW_TMP_EMAIL=https://testrun.org/new_email?t=yourtoken npm run test
+CHATMAIL_DOMAIN=chat.example.org npm run test
 ```
 
 #### Test Coverage

deltachat-jsonrpc/src/api.rs

@@ -47,7 +47,7 @@ use types::provider_info::ProviderInfo;
 use types::reactions::JSONRPCReactions;
 use types::webxdc::WebxdcMessageInfo;
 
-use self::types::message::MessageLoadResult;
+use self::types::message::{MessageInfo, MessageLoadResult};
 use self::types::{
     chat::{BasicChat, JSONRPCChatVisibility, MuteDuration},
     location::JsonrpcLocation,
@@ -221,13 +221,13 @@ impl CommandApi {
 
     /// Starts background tasks for all accounts.
     async fn start_io_for_all_accounts(&self) -> Result<()> {
-        self.accounts.read().await.start_io().await;
+        self.accounts.write().await.start_io().await;
         Ok(())
     }
 
     /// Stops background tasks for all accounts.
     async fn stop_io_for_all_accounts(&self) -> Result<()> {
-        self.accounts.read().await.stop_io().await;
+        self.accounts.write().await.stop_io().await;
         Ok(())
     }
 
@@ -237,7 +237,7 @@ impl CommandApi {
 
     /// Starts background tasks for a single account.
     async fn start_io(&self, account_id: u32) -> Result<()> {
-        let ctx = self.get_context(account_id).await?;
+        let mut ctx = self.get_context(account_id).await?;
         ctx.start_io().await;
         Ok(())
     }
@@ -383,7 +383,7 @@ impl CommandApi {
     /// Configures this account with the currently set parameters.
     /// Setup the credential config before calling this.
     async fn configure(&self, account_id: u32) -> Result<()> {
-        let ctx = self.get_context(account_id).await?;
+        let mut ctx = self.get_context(account_id).await?;
         ctx.stop_io().await;
         let result = ctx.configure().await;
         if result.is_err() {
@@ -1126,6 +1126,16 @@ impl CommandApi {
         MsgId::new(message_id).get_info(&ctx).await
     }
 
+    /// Returns additional information for single message.
+    async fn get_message_info_object(
+        &self,
+        account_id: u32,
+        message_id: u32,
+    ) -> Result<MessageInfo> {
+        let ctx = self.get_context(account_id).await?;
+        MessageInfo::from_msg_id(&ctx, MsgId::new(message_id)).await
+    }
+
     /// Returns contacts that sent read receipts and the time of reading.
     async fn get_message_read_receipts(
         &self,
@@ -2033,13 +2043,19 @@ impl CommandApi {
         text: Option<String>,
         file: Option<String>,
         quoted_message_id: Option<u32>,
+        view_type: Option<MessageViewtype>,
     ) -> Result<()> {
         let ctx = self.get_context(account_id).await?;
-        let mut draft = Message::new(if file.is_some() {
-            Viewtype::File
-        } else {
-            Viewtype::Text
-        });
+        let mut draft = Message::new(view_type.map_or_else(
+            || {
+                if file.is_some() {
+                    Viewtype::File
+                } else {
+                    Viewtype::Text
+                }
+            },
+            |v| v.into(),
+        ));
         draft.set_text(text.unwrap_or_default());
         if let Some(file) = file {
             draft.set_file(file, None);

deltachat-jsonrpc/src/api/types/message.rs

@@ -552,3 +552,71 @@ pub struct MessageReadReceipt {
     pub contact_id: u32,
     pub timestamp: i64,
 }
+
+#[derive(Serialize, TypeDef, schemars::JsonSchema)]
+#[serde(rename_all = "camelCase")]
+pub struct MessageInfo {
+    rawtext: String,
+    ephemeral_timer: EphemeralTimer,
+    /// When message is ephemeral this contains the timestamp of the message expiry
+    ephemeral_timestamp: Option<i64>,
+    error: Option<String>,
+    rfc724_mid: String,
+    server_urls: Vec<String>,
+    hop_info: Option<String>,
+}
+
+impl MessageInfo {
+    pub async fn from_msg_id(context: &Context, msg_id: MsgId) -> Result<Self> {
+        let message = Message::load_from_db(context, msg_id).await?;
+        let rawtext = msg_id.rawtext(context).await?;
+        let ephemeral_timer = message.get_ephemeral_timer().into();
+        let ephemeral_timestamp = match message.get_ephemeral_timer() {
+            deltachat::ephemeral::Timer::Disabled => None,
+            deltachat::ephemeral::Timer::Enabled { .. } => Some(message.get_ephemeral_timestamp()),
+        };
+
+        let server_urls =
+            MsgId::get_info_server_urls(context, message.rfc724_mid().to_owned()).await?;
+
+        let hop_info = msg_id.hop_info(context).await?;
+
+        Ok(Self {
+            rawtext,
+            ephemeral_timer,
+            ephemeral_timestamp,
+            error: message.error(),
+            rfc724_mid: message.rfc724_mid().to_owned(),
+            server_urls,
+            hop_info,
+        })
+    }
+}
+
+#[derive(
+    Debug, PartialEq, Eq, Copy, Clone, Serialize, Deserialize, TypeDef, schemars::JsonSchema,
+)]
+#[serde(rename_all = "camelCase", tag = "variant")]
+pub enum EphemeralTimer {
+    /// Timer is disabled.
+    Disabled,
+
+    /// Timer is enabled.
+    Enabled {
+        /// Timer duration in seconds.
+        ///
+        /// The value cannot be 0.
+        duration: u32,
+    },
+}
+
+impl From<deltachat::ephemeral::Timer> for EphemeralTimer {
+    fn from(value: deltachat::ephemeral::Timer) -> Self {
+        match value {
+            deltachat::ephemeral::Timer::Disabled => EphemeralTimer::Disabled,
+            deltachat::ephemeral::Timer::Enabled { duration } => {
+                EphemeralTimer::Enabled { duration }
+            }
+        }
+    }
+}

deltachat-jsonrpc/src/webserver.rs

@@ -28,7 +28,7 @@ async fn main() -> Result<(), std::io::Error> {
         .layer(Extension(state.clone()));
 
     tokio::spawn(async move {
-        state.accounts.read().await.start_io().await;
+        state.accounts.write().await.start_io().await;
     });
 
     let addr = SocketAddr::from(([127, 0, 0, 1], port));

deltachat-jsonrpc/typescript/package.json

@@ -55,5 +55,5 @@
   },
   "type": "module",
   "types": "dist/deltachat.d.ts",
-  "version": "1.127.1"
+  "version": "1.128.0"
 }

deltachat-jsonrpc/typescript/test/online.ts

@@ -13,16 +13,16 @@ describe("online tests", function () {
 
   before(async function () {
     this.timeout(60000);
-    if (!process.env.DCC_NEW_TMP_EMAIL) {
+    if (!process.env.CHATMAIL_DOMAIN) {
       if (process.env.COVERAGE && !process.env.COVERAGE_OFFLINE) {
         console.error(
-          "CAN NOT RUN COVERAGE correctly: Missing DCC_NEW_TMP_EMAIL environment variable!\n\n",
+          "CAN NOT RUN COVERAGE correctly: Missing CHATMAIL_DOMAIN environment variable!\n\n",
           "You can set COVERAGE_OFFLINE=1 to circumvent this check and skip the online tests, but those coverage results will be wrong, because some functions can only be tested in the online test"
         );
         process.exit(1);
       }
       console.log(
-        "Missing DCC_NEW_TMP_EMAIL environment variable!, skip integration tests"
+        "Missing CHATMAIL_DOMAIN environment variable!, skip integration tests"
       );
       this.skip();
     }
@@ -33,7 +33,7 @@ describe("online tests", function () {
       if (kind !== "Info") console.log(contextId, kind);
     });
 
-    account1 = await createTempUser(process.env.DCC_NEW_TMP_EMAIL);
+    account1 = createTempUser(process.env.CHATMAIL_DOMAIN);
     if (!account1 || !account1.email || !account1.password) {
       console.log(
         "We didn't got back an account from the api, skip integration tests"
@@ -41,7 +41,7 @@ describe("online tests", function () {
       this.skip();
     }
 
-    account2 = await createTempUser(process.env.DCC_NEW_TMP_EMAIL);
+    account2 = createTempUser(process.env.CHATMAIL_DOMAIN);
     if (!account2 || !account2.email || !account2.password) {
       console.log(
         "We didn't got back an account2 from the api, skip integration tests"

deltachat-jsonrpc/typescript/test/test_base.ts

@@ -57,15 +57,14 @@ export async function startServer(): Promise<RpcServerHandle> {
   };
 }
 
-export async function createTempUser(url: string) {
-  const response = await fetch(url, {
-    method: "POST",
-    headers: {
-      "cache-control": "no-cache",
-    },
-  });
-  if (!response.ok) throw new Error("Received invalid response");
-  return response.json();
+export function createTempUser(chatmailDomain: String) {
+  const charset = "2345789acdefghjkmnpqrstuvwxyz";
+  let user = "ci-";
+  for (let i = 0; i < 6; i++) {
+    user += charset[Math.floor(Math.random() * charset.length)];
+  }
+  const email = user + "@" + chatmailDomain;
+  return { email: email, password: user + "$" + user };
 }
 
 function getTargetDir(): Promise<string> {

deltachat-repl/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "1.127.1"
+version = "1.128.0"
 license = "MPL-2.0"
 edition = "2021"
 

deltachat-repl/src/main.rs

@@ -401,7 +401,7 @@ enum ExitResult {
 
 async fn handle_cmd(
     line: &str,
-    ctx: Context,
+    mut ctx: Context,
     selected_chat: &mut ChatId,
 ) -> Result<ExitResult, Error> {
     let mut args = line.splitn(2, ' ');

deltachat-rpc-client/src/deltachat_rpc_client/account.py

@@ -4,7 +4,7 @@ from warnings import warn
 
 from ._utils import AttrDict
 from .chat import Chat
-from .const import ChatlistFlag, ContactFlag, SpecialContactId
+from .const import ChatlistFlag, ContactFlag, EventType, SpecialContactId
 from .contact import Contact
 from .message import Message
 
@@ -250,6 +250,13 @@ class Account:
         next_msg_ids = self._rpc.wait_next_msgs(self.id)
         return [Message(self, msg_id) for msg_id in next_msg_ids]
 
+    def wait_for_incoming_msg_event(self):
+        """Wait for incoming message event and return it."""
+        while True:
+            event = self.wait_for_event()
+            if event.kind == EventType.INCOMING_MSG:
+                return event
+
     def get_fresh_messages_in_arrival_order(self) -> List[Message]:
         """Return fresh messages list sorted in the order of their arrival, with ascending IDs."""
         warn(

deltachat-rpc-client/src/deltachat_rpc_client/chat.py

@@ -160,11 +160,12 @@ class Chat:
         text: Optional[str] = None,
         file: Optional[str] = None,
         quoted_msg: Optional[int] = None,
+        viewtype: Optional[str] = None,
     ) -> None:
         """Set draft message."""
         if isinstance(quoted_msg, Message):
             quoted_msg = quoted_msg.id
-        self._rpc.misc_set_draft(self.account.id, self.id, text, file, quoted_msg)
+        self._rpc.misc_set_draft(self.account.id, self.id, text, file, quoted_msg, viewtype)
 
     def remove_draft(self) -> None:
         """Remove draft message."""

deltachat-rpc-client/src/deltachat_rpc_client/pytestplugin.py

@@ -1,6 +1,5 @@
-import json
 import os
-import urllib.request
+import random
 from typing import AsyncGenerator, List, Optional
 
 import pytest
@@ -10,12 +9,11 @@ from .rpc import Rpc
 
 
 def get_temp_credentials() -> dict:
-    url = os.getenv("DCC_NEW_TMP_EMAIL")
-    assert url, "Failed to get online account, DCC_NEW_TMP_EMAIL is not set"
-
-    request = urllib.request.Request(url, method="POST")
-    with urllib.request.urlopen(request, timeout=60) as f:
-        return json.load(f)
+    domain = os.getenv("CHATMAIL_DOMAIN")
+    username = "ci-" + "".join(random.choice("2345789acdefghjkmnpqrstuvwxyz") for i in range(6))
+    password = f"{username}${username}"
+    addr = f"{username}@{domain}"
+    return {"email": addr, "password": password}
 
 
 class ACFactory:
@@ -61,6 +59,16 @@ class ACFactory:
     def get_online_accounts(self, num: int) -> List[Account]:
         return [self.get_online_account() for _ in range(num)]
 
+    def resetup_account(self, ac: Account) -> Account:
+        """Resetup account from scratch, losing the encryption key."""
+        ac.stop_io()
+        ac_clone = self.get_unconfigured_account()
+        for i in ["addr", "mail_pw"]:
+            ac_clone.set_config(i, ac.get_config(i))
+        ac.remove()
+        ac_clone.configure()
+        return ac_clone
+
     def send_message(
         self,
         to_account: Account,

deltachat-rpc-client/tests/test_something.py

@@ -1,10 +1,11 @@
 import concurrent.futures
 import json
+import logging
 import subprocess
 from unittest.mock import MagicMock
 
 import pytest
-from deltachat_rpc_client import EventType, events
+from deltachat_rpc_client import Chat, EventType, SpecialContactId, events
 from deltachat_rpc_client.rpc import JsonRpcError
 
 
@@ -389,3 +390,95 @@ def test_qr_setup_contact(acfactory) -> None:
         event = alice.wait_for_event()
         if event["kind"] == "SecurejoinInviterProgress" and event["progress"] == 1000:
             return
+
+
+@pytest.mark.xfail()
+def test_verified_group_recovery(acfactory, rpc) -> None:
+    ac1, ac2, ac3 = acfactory.get_online_accounts(3)
+
+    logging.info("ac1 creates verified group")
+    chat = ac1.create_group("Verified group", protect=True)
+    assert chat.get_basic_snapshot().is_protected
+
+    logging.info("ac2 joins verified group")
+    qr_code, _svg = chat.get_qr_code()
+    ac2.secure_join(qr_code)
+    while True:
+        event = ac1.wait_for_event()
+        if event.kind == "SecurejoinInviterProgress" and event["progress"] == 1000:
+            break
+
+    # ac1 has ac2 directly verified.
+    ac1_contact_ac2 = ac1.get_contact_by_addr(ac2.get_config("addr"))
+    assert ac1_contact_ac2.get_snapshot().verifier_id == SpecialContactId.SELF
+
+    logging.info("ac3 joins verified group")
+    ac3_chat = ac3.secure_join(qr_code)
+    while True:
+        event = ac1.wait_for_event()
+        if event.kind == "SecurejoinInviterProgress" and event["progress"] == 1000:
+            break
+
+    logging.info("ac2 logs in on a new device")
+    ac2 = acfactory.resetup_account(ac2)
+
+    logging.info("ac2 reverifies with ac3")
+    qr_code, _svg = ac3.get_qr_code()
+    ac2.secure_join(qr_code)
+
+    while True:
+        event = ac3.wait_for_event()
+        if event.kind == "SecurejoinInviterProgress" and event["progress"] == 1000:
+            break
+
+    logging.info("ac3 sends a message to the group")
+    assert len(ac3_chat.get_contacts()) == 3
+    ac3_chat.send_text("Hi!")
+
+    msg_id = ac2.wait_for_incoming_msg_event().msg_id
+    message = ac2.get_message_by_id(msg_id)
+    snapshot = message.get_snapshot()
+    logging.info("Received message %s", snapshot.text)
+    assert snapshot.text == "Hi!"
+
+    # ac1 contact cannot be verified by ac2 because ac3 did not gossip ac1 key in the "Hi!" message.
+    ac1_contact = ac2.get_contact_by_addr(ac1.get_config("addr"))
+    assert not ac1_contact.get_snapshot().is_verified
+
+    ac3_contact_id_ac1 = rpc.lookup_contact_id_by_addr(ac3.id, ac1.get_config("addr"))
+    ac3_chat.remove_contact(ac3_contact_id_ac1)
+    ac3_chat.add_contact(ac3_contact_id_ac1)
+
+    msg_id = ac2.wait_for_incoming_msg_event().msg_id
+    message = ac2.get_message_by_id(msg_id)
+    snapshot = message.get_snapshot()
+    logging.info("ac2 got event message: %s", snapshot.text)
+    assert "removed" in snapshot.text
+
+    event = ac2.wait_for_incoming_msg_event()
+    msg_id = event.msg_id
+    chat_id = event.chat_id
+    message = ac2.get_message_by_id(msg_id)
+    snapshot = message.get_snapshot()
+    logging.info("ac2 got event message: %s", snapshot.text)
+    assert "added" in snapshot.text
+
+    assert ac1_contact.get_snapshot().is_verified
+
+    chat = Chat(ac2, chat_id)
+    chat.send_text("Works again!")
+
+    msg_id = ac3.wait_for_incoming_msg_event().msg_id
+    message = ac3.get_message_by_id(msg_id)
+    snapshot = message.get_snapshot()
+    assert snapshot.text == "Works again!"
+
+    ac1.wait_for_incoming_msg_event()  # Hi!
+    ac1.wait_for_incoming_msg_event()  # Member removed
+    ac1.wait_for_incoming_msg_event()  # Member added
+    snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
+    assert snapshot.text == "Works again!"
+
+    # ac2 is now verified by ac3 for ac1
+    ac1_contact_ac3 = ac1.get_contact_by_addr(ac3.get_config("addr"))
+    assert ac1_contact_ac2.get_snapshot().verifier_id == ac1_contact_ac3.id

deltachat-rpc-client/tox.ini

@@ -11,7 +11,7 @@ setenv =
 # Avoid stack overflow when Rust core is built without optimizations.
     RUST_MIN_STACK=8388608
 passenv =
-    DCC_NEW_TMP_EMAIL
+    CHATMAIL_DOMAIN
 deps =
     pytest
     pytest-timeout
@@ -28,6 +28,6 @@ commands =
     ruff src/ examples/ tests/
 
 [pytest]
-timeout = 60
+timeout = 300
 log_cli = true
 log_level = info

deltachat-rpc-server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "1.127.1"
+version = "1.128.0"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"
@@ -17,7 +17,6 @@ anyhow = "1"
 env_logger = { version = "0.10.0" }
 futures-lite = "2.0.0"
 log = "0.4"
-num_cpus = "1"
 serde_json = "1.0.105"
 serde = { version = "1.0", features = ["derive"] }
 tokio = { version = "1.33.0", features = ["io-std"] }

deltachat-rpc-server/src/main.rs

@@ -20,18 +20,9 @@ use tokio::task::JoinHandle;
 use tokio_util::sync::CancellationToken;
 use yerpc::{RpcClient, RpcSession};
 
-fn main() {
-    // Build multithreaded runtime with at least two threads.
-    // This ensures that on systems with one CPU
-    // such as CI runners there are at least two threads
-    // and it is more difficult to deadlock.
-    let r = tokio::runtime::Builder::new_multi_thread()
-        .worker_threads(std::cmp::max(2, num_cpus::get()))
-        .enable_all()
-        .build()
-        .unwrap()
-        .block_on(main_impl());
-
+#[tokio::main(flavor = "multi_thread")]
+async fn main() {
+    let r = main_impl().await;
     // From tokio documentation:
     // "For technical reasons, stdin is implemented by using an ordinary blocking read on a separate
     // thread, and it is impossible to cancel that read. This can make shutdown of the runtime hang

draft/aeap-mvp.md

@@ -57,7 +57,7 @@ Note that usually a mail is signed by a key that has a UID matching the from add
 ### Notes:
   
 - We treat protected and non-protected chats the same
-- We leave the aeap transition statement away since it seems not to be needed, makes things harder on the sending side, wastes some network traffic, and is worse for privacy (since more pepole know what old addresses you had).
+- We leave the aeap transition statement away since it seems not to be needed, makes things harder on the sending side, wastes some network traffic, and is worse for privacy (since more people know what old addresses you had).
 - As soon as we encrypt read receipts, sending a read receipt will be enough to tell a lot of people that you transitioned
 - AEAP will make the problem of inconsistent group state worse, both because it doesn't work if the message is unencrypted (even if the design allowed it, it would be problematic security-wise) and because some chat partners may have gotten the transition and some not. We should do something against this at some point in the future, like asking the user whether they want to add/remove the members to restore consistent group state.
 

node/README.md

@@ -40,7 +40,7 @@ npm install deltachat-node
 
 ## Dependencies
 
-- Nodejs >= `v16.0.0`
+- Nodejs >= `v18.0.0`
 - rustup (optional if you can't use the prebuilds)
 
 > On Windows, you may need to also install **Perl** to be able to compile deltachat-core.
@@ -113,8 +113,8 @@ Then, in the `deltachat-desktop` repository, run:
 deltachat doesn't support universal (fat) binaries (that contain builds for both cpu architectures) yet, until it does you can use the following workaround to get x86_64 builds:
 
 ```
-$ fnm install 17 --arch x64
-$ fnm use 17
+$ fnm install 19 --arch x64
+$ fnm use 19
 $ node -p process.arch
 # result should be x64
 $ rustup target add x86_64-apple-darwin
@@ -127,8 +127,8 @@ $ npm run test
 If your node and electron are already build for arm64 you can also try building for arm:
 
 ```
-$ fnm install 16 --arch arm64
-$ fnm use 16
+$ fnm install 18 --arch arm64
+$ fnm use 18
 $ node -p process.arch
 # result should be arm64
 $ npm_config_arch=arm64 npm run build
@@ -204,10 +204,10 @@ Running `npm test` ends with showing a code coverage report, which is produced b
 
 The coverage report from `nyc` in the console is rather limited. To get a more detailed coverage report you can run `npm run coverage-html-report`. This will produce a html report from the `nyc` data and display it in a browser on your local machine.
 
-To run the integration tests you need to set the `DCC_NEW_TMP_EMAIL` environment variables. E.g.:
+To run the integration tests you need to set the `CHATMAIL_DOMAIN` environment variables. E.g.:
 
 ```
-$ export DCC_NEW_TMP_EMAIL=https://testrun.org/new_email?t=[token]
+$ export CHATMAIL_DOMAIN=chat.example.org
 $ npm run test
 ```
 

node/test/test.js

@@ -12,22 +12,14 @@ import fetch from 'node-fetch'
 chai.use(chaiAsPromised)
 chai.config.truncateThreshold = 0 // Do not truncate assertion errors.
 
-async function createTempUser(url) {
-  async function postData(url = '') {
-    // Default options are marked with *
-    const response = await fetch(url, {
-      method: 'POST', // *GET, POST, PUT, DELETE, etc.
-      headers: {
-        'cache-control': 'no-cache',
-      },
-    })
-    if (!response.ok) {
-      throw new Error('request failed: ' + response.body.read())
-    }
-    return response.json() // parses JSON response into native JavaScript objects
+function createTempUser(chatmailDomain) {
+  const charset = "2345789acdefghjkmnpqrstuvwxyz";
+  let user = "ci-";
+  for (let i = 0; i < 6; i++) {
+    user += charset[Math.floor(Math.random() * charset.length)];
   }
-
-  return await postData(url)
+  const email = user + "@" + chatmailDomain;
+  return { email: email, password: user + "$" + user };
 }
 
 describe('static tests', function () {
@@ -768,14 +760,7 @@ describe('Integration tests', function () {
   })
 
   this.beforeAll(async function () {
-    if (!process.env.DCC_NEW_TMP_EMAIL) {
-      console.log(
-        'Missing DCC_NEW_TMP_EMAIL environment variable!, skip integration tests'
-      )
-      this.skip()
-    }
-
-    account = await createTempUser(process.env.DCC_NEW_TMP_EMAIL)
+    account = createTempUser(process.env.CHATMAIL_DOMAIN)
     if (!account || !account.email || !account.password) {
       console.log(
         "We didn't got back an account from the api, skip integration tests"

node/tsconfig.json

@@ -13,10 +13,10 @@
     },
     "exclude": ["node_modules", "deltachat-core-rust", "dist", "scripts"],
     "typedocOptions": {
-        "mode": "file",
         "out": "docs",
-        "excludeNotExported": true,
+        "excludePrivate": true,
         "defaultCategory": "index",
-        "includeVersion": true
+        "includeVersion": true,
+        "entryPoints": ["lib/index.ts"]
     }
 }

node/windows.md

@@ -6,7 +6,7 @@ E.g via <https://git-scm.com/download/win>
 
 ## install node
 
-Download and install `v16` from <https://nodejs.org/en/>
+Download and install `v18` from <https://nodejs.org/en/>
 
 ## install rust
 

package.json

@@ -2,28 +2,26 @@
   "dependencies": {
     "debug": "^4.1.1",
     "napi-macros": "^2.0.0",
-    "node-gyp-build": "^4.1.0"
+    "node-gyp-build": "^4.6.1"
   },
   "description": "node.js bindings for deltachat-core",
   "devDependencies": {
     "@types/debug": "^4.1.7",
-    "@types/node": "^16.11.26",
+    "@types/node": "^18.18.8",
     "chai": "^4.2.0",
     "chai-as-promised": "^7.1.1",
     "esm": "^3.2.25",
-    "hallmark": "^2.0.0",
     "mocha": "^8.2.1",
     "node-fetch": "^2.6.7",
-    "node-gyp": "^9.0.0",
-    "opn-cli": "^5.0.0",
-    "prebuildify": "^3.0.0",
-    "prebuildify-ci": "^1.0.4",
+    "node-gyp": "^10.0.0",
+    "prebuildify": "^5.0.1",
+    "prebuildify-ci": "^1.0.5",
     "prettier": "^2.0.5",
-    "typedoc": "^0.17.0",
-    "typescript": "^3.9.10"
+    "typedoc": "^0.25.3",
+    "typescript": "^5.2.2"
   },
   "engines": {
-    "node": ">=16.0.0"
+    "node": ">=18.0.0"
   },
   "files": [
     "node/scripts/*",
@@ -49,16 +47,15 @@
     "build:core:rust": "node node/scripts/rebuild-core.js",
     "clean": "rm -rf node/dist node/build node/prebuilds node/node_modules ./target",
     "download-prebuilds": "prebuildify-ci download",
-    "hallmark": "hallmark --fix",
     "install": "node node/scripts/install.js",
     "install:prebuilds": "cd node && node-gyp-build \"npm run build:core\" \"npm run build:bindings:c:postinstall\"",
     "lint": "prettier --check \"node/lib/**/*.{ts,tsx}\"",
     "lint-fix": "prettier --write \"node/lib/**/*.{ts,tsx}\" \"node/test/**/*.js\"",
-    "prebuildify": "cd node && prebuildify -t 16.13.0 --napi --strip --postinstall \"node scripts/postinstall.js --prebuild\"",
+    "prebuildify": "cd node && prebuildify -t 18.0.0 --napi --strip --postinstall \"node scripts/postinstall.js --prebuild\"",
     "test": "npm run test:lint && npm run test:mocha",
     "test:lint": "npm run lint",
     "test:mocha": "mocha -r esm node/test/test.js --growl --reporter=spec --bail --exit"
   },
   "types": "node/dist/index.d.ts",
-  "version": "1.127.1"
+  "version": "1.128.0"
 }

python/README.rst

@@ -53,14 +53,14 @@ end-to-end tests that require accounts on real e-mail servers.
 Running "live" tests with temporary accounts
 --------------------------------------------
 
-If you want to run live functional tests you can set ``DCC_NEW_TMP_EMAIL`` to a URL that creates e-mail accounts.  Most developers use https://testrun.org URLs created and managed by `mailadm <https://mailadm.readthedocs.io/>`_.
+If you want to run live functional tests
+you can set ``CHATMAIL_DOMAIN`` to a domain of the email server
+that creates e-mail accounts like this::
 
-Please feel free to contact us through a github issue or by e-mail and we'll send you a URL that you can then use for functional tests like this::
+    export CHATMAIL_DOMAIN=nine.testrun.org
 
-    export DCC_NEW_TMP_EMAIL=<URL you got from us>
-
-With this account-creation setting, pytest runs create ephemeral e-mail accounts on the http://testrun.org server.
-These accounts are removed automatically as they expire.
+With this account-creation setting, pytest runs create ephemeral e-mail accounts on the server.
+These accounts have the pattern `ci-{6 characters}@{CHATMAIL_DOMAIN}`.
 After setting the variable, either rerun `scripts/run-python-test.sh`
 or run offline and online tests with `tox` directly::
 
@@ -159,6 +159,6 @@ find it with::
 
 This docker image can be used to run tests and build Python wheels for all interpreters::
 
-    $ docker run -e DCC_NEW_TMP_EMAIL \
+    $ docker run -e CHATMAIL_DOMAIN \
        --rm -it -v $(pwd):/mnt -w /mnt \
        deltachat/coredeps scripts/run_all.sh

python/src/deltachat/testplugin.py

@@ -8,11 +8,11 @@ import sys
 import threading
 import time
 import weakref
+import random
 from queue import Queue
 from typing import Callable, Dict, List, Optional, Set
 
 import pytest
-import requests
 from _pytest._code import Source
 
 import deltachat
@@ -29,6 +29,12 @@ def pytest_addoption(parser):
         default=None,
         help="a file with >=2 lines where each line contains NAME=VALUE config settings for one account",
     )
+    group.addoption(
+        "--chatmail",
+        action="store",
+        default=None,
+        help="chatmail server domain name",
+    )
     group.addoption(
         "--ignored",
         action="store_true",
@@ -53,10 +59,12 @@ def pytest_addoption(parser):
 
 def pytest_configure(config):
     cfg = config.getoption("--liveconfig")
+
+    cfg = config.getoption("--chatmail")
     if not cfg:
-        cfg = os.getenv("DCC_NEW_TMP_EMAIL")
+        cfg = os.getenv("CHATMAIL_DOMAIN")
         if cfg:
-            config.option.liveconfig = cfg
+            config.option.chatmail = cfg
 
     # Make sure we don't get garbled output because threads keep running
     # collect all ever created accounts in a weakref-set (so we don't
@@ -157,13 +165,29 @@ class TestProcess:
         """provide live account configs, cached on a per-test-process scope
         so that test functions can re-use already known live configs.
         Depending on the --liveconfig option this comes from
-        a HTTP provider or a file with a line specifying each accounts config.
+        a file with a line specifying each accounts config
+        or a --chatmail domain.
         """
         liveconfig_opt = self.pytestconfig.getoption("--liveconfig")
-        if not liveconfig_opt:
-            pytest.skip("specify DCC_NEW_TMP_EMAIL or --liveconfig to provide live accounts")
-
-        if not liveconfig_opt.startswith("http"):
+        chatmail_opt = self.pytestconfig.getoption("--chatmail")
+        if chatmail_opt:
+            # Use a chatmail instance.
+            domain = chatmail_opt
+            MAX_LIVE_CREATED_ACCOUNTS = 10
+            for index in range(MAX_LIVE_CREATED_ACCOUNTS):
+                try:
+                    yield self._configlist[index]
+                except IndexError:
+                    username = "ci-" + "".join(random.choice("2345789acdefghjkmnpqrstuvwxyz") for i in range(6))
+                    password = f"{username}${username}"
+                    addr = f"{username}@{domain}"
+                    config = {"addr": addr, "mail_pw": password}
+                    print("newtmpuser {}: addr={}".format(index, config["addr"]))
+                    self._configlist.append(config)
+                    yield config
+            pytest.fail(f"more than {MAX_LIVE_CREATED_ACCOUNTS} live accounts requested.")
+        elif liveconfig_opt:
+            # Read a list of accounts from file.
             for line in open(liveconfig_opt):
                 if line.strip() and not line.strip().startswith("#"):
                     d = {}
@@ -174,20 +198,9 @@ class TestProcess:
 
             yield from iter(self._configlist)
         else:
-            MAX_LIVE_CREATED_ACCOUNTS = 10
-            for index in range(MAX_LIVE_CREATED_ACCOUNTS):
-                try:
-                    yield self._configlist[index]
-                except IndexError:
-                    res = requests.post(liveconfig_opt, timeout=60)
-                    if res.status_code != 200:
-                        pytest.fail(f"newtmpuser count={index} code={res.status_code}: '{res.text}'")
-                    d = res.json()
-                    config = {"addr": d["email"], "mail_pw": d["password"]}
-                    print("newtmpuser {}: addr={}".format(index, config["addr"]))
-                    self._configlist.append(config)
-                    yield config
-            pytest.fail(f"more than {MAX_LIVE_CREATED_ACCOUNTS} live accounts requested.")
+            pytest.skip(
+                "specify --liveconfig, CHATMAIL_DOMAIN or --chatmail to provide live accounts",
+            )
 
     def cache_maybe_retrieve_configured_db_files(self, cache_addr, db_target_path):
         db_target_path = pathlib.Path(db_target_path)

python/tests/test_1_online.py

@@ -1699,6 +1699,59 @@ def test_qr_join_chat(acfactory, lp, verified_one_on_one_chats):
     assert not ch.is_protected()
 
 
+def test_qr_join_chat_with_pending_bobstate_issue4894(acfactory, lp):
+    ac1, ac2, ac3, ac4 = acfactory.get_online_accounts(4)
+
+    lp.sec("ac3: verify with ac2")
+    ac3.qr_setup_contact(ac2.get_setup_contact_qr())
+    ac2._evtracker.wait_securejoin_inviter_progress(1000)
+
+    # in order for ac2 to have pending bobstate with a verified group
+    # we first create a fully joined verified group, and then start
+    # joining a second time but interrupt it, to create pending bob state
+
+    lp.sec("ac1: create verified group that ac2 fully joins")
+    ch1 = ac1.create_group_chat("ac1-shutoff group", verified=True)
+    ac2.qr_join_chat(ch1.get_join_qr())
+    ac1._evtracker.wait_securejoin_inviter_progress(1000)
+
+    # ensure ac1 can write and ac2 receives messages in verified chat
+    ch1.send_text("ac1 says hello")
+    while 1:
+        msg = ac2.wait_next_incoming_message()
+        if msg.text == "ac1 says hello":
+            assert msg.chat.is_protected()
+            break
+
+    lp.sec("ac1: let ac2 join again but shutoff ac1 in the middle of securejoin")
+    ac2.qr_join_chat(ch1.get_join_qr())
+    ac1.shutdown()
+    lp.sec("ac2 now has pending bobstate but ac1 is shutoff")
+
+    # we meanwhile expect ac3/ac2 verification started in the beginning to have completed
+    assert ac3.get_contact(ac2).is_verified()
+    assert ac2.get_contact(ac3).is_verified()
+
+    lp.sec("ac3: create a verified group VG with ac2")
+    vg = ac3.create_group_chat("ac3-created", [ac2], verified=True)
+
+    # ensure ac2 receives message in VG
+    vg.send_text("hello")
+    while 1:
+        msg = ac2.wait_next_incoming_message()
+        if msg.text == "hello":
+            assert msg.chat.is_protected()
+            break
+
+    lp.sec("ac3: create a join-code for group VG and let ac4 join, check that ac2 got it")
+    ac4.qr_join_chat(vg.get_join_qr())
+    ac3._evtracker.wait_securejoin_inviter_progress(1000)
+    while 1:
+        ev = ac2._evtracker.get()
+        if "added by unrelated SecureJoin" in str(ev):
+            return
+
+
 def test_qr_new_group_unblocked(acfactory, lp):
     """Regression test for a bug intoduced in core v1.113.0.
     ac2 scans a verified group QR code created by ac1.
@@ -2208,7 +2261,17 @@ def test_delete_multiple_messages(acfactory, lp):
 
 def test_trash_multiple_messages(acfactory, lp):
     ac1, ac2 = acfactory.get_online_accounts(2)
+
+    # Create the Trash folder on IMAP server
+    # and recreate the account so Trash folder is configured.
+    lp.sec("Creating trash folder")
+    ac2.direct_imap.create_folder("Trash")
+    lp.sec("Creating new accounts")
+    ac2 = acfactory.new_online_configuring_account(cloned_from=ac2)
+    acfactory.bring_accounts_online()
+
     ac2.set_config("delete_to_trash", "1")
+    assert ac2.get_config("configured_trash_folder")
     chat12 = acfactory.get_accepted_chat(ac1, ac2)
 
     lp.sec("ac1: sending 3 messages")
@@ -2239,13 +2302,15 @@ def test_trash_multiple_messages(acfactory, lp):
 
 
 def test_configure_error_msgs_wrong_pw(acfactory):
-    configdict = acfactory.get_next_liveconfig()
-    ac1 = acfactory.get_unconfigured_account()
-    ac1.update_config(configdict)
-    ac1.set_config("mail_pw", "abc")  # Wrong mail pw
-    ac1.configure()
+    (ac1,) = acfactory.get_online_accounts(1)
+
+    ac2 = acfactory.get_unconfigured_account()
+    ac2.set_config("addr", ac1.get_config("addr"))
+    ac2.set_config("mail_pw", "abc")  # Wrong mail pw
+    ac2.configure()
     while True:
-        ev = ac1._evtracker.get_matching("DC_EVENT_CONFIGURE_PROGRESS")
+        ev = ac2._evtracker.get_matching("DC_EVENT_CONFIGURE_PROGRESS")
+        print(f"Configuration progress: {ev.data1}")
         if ev.data1 == 0:
             break
     # Password is wrong so it definitely has to say something about "password"
@@ -2548,7 +2613,7 @@ class TestOnlineConfigureFails:
     def test_invalid_user(self, acfactory):
         configdict = acfactory.get_next_liveconfig()
         ac1 = acfactory.get_unconfigured_account()
-        configdict["addr"] = "x" + configdict["addr"]
+        configdict["addr"] = "$" + configdict["addr"]
         ac1.update_config(configdict)
         configtracker = ac1.configure()
         configtracker.wait_progress(500)
@@ -2557,7 +2622,7 @@ class TestOnlineConfigureFails:
     def test_invalid_domain(self, acfactory):
         configdict = acfactory.get_next_liveconfig()
         ac1 = acfactory.get_unconfigured_account()
-        configdict["addr"] += "x"
+        configdict["addr"] += "$"
         ac1.update_config(configdict)
         configtracker = ac1.configure()
         configtracker.wait_progress(500)

python/tox.ini

@@ -16,7 +16,7 @@ setenv =
 passenv = 
     DCC_RS_DEV
     DCC_RS_TARGET
-    DCC_NEW_TMP_EMAIL 
+    CHATMAIL_DOMAIN
     CARGO_TARGET_DIR
     RUSTC_WRAPPER
 deps = 
@@ -85,7 +85,7 @@ commands =
 addopts = -v -ra --strict-markers
 norecursedirs = .tox 
 xfail_strict=true
-timeout = 150
+timeout = 300
 timeout_func_only = True
 markers = 
     ignored: ignore this test in default test runs, use --ignored to run.

release-date.in

@@ -1 +1 @@
-2023-10-27
+2023-11-02

scripts/make-rpc-testenv.sh

@@ -3,4 +3,4 @@ set -euo pipefail
 
 tox -c deltachat-rpc-client -e py --devenv venv
 venv/bin/pip install --upgrade pip
-cargo install --path deltachat-rpc-server/ --root "$PWD/venv"
+cargo install --path deltachat-rpc-server/ --root "$PWD/venv" --debug

scripts/remote_tests_python.sh

@@ -28,7 +28,7 @@ ssh $SSHTARGET <<_HERE
     export RUSTC_WRAPPER=\`which sccache\`
     cd $BUILDDIR
     export TARGET=release
-    export DCC_NEW_TMP_EMAIL=$DCC_NEW_TMP_EMAIL
+    export CHATMAIL_DOMAIN=$CHATMAIL_DOMAIN
 
     #we rely on tox/virtualenv being available in the host
     #rm -rf virtualenv venv

scripts/run-rpc-test.sh

@@ -1,4 +1,4 @@
 #!/usr/bin/env bash
 set -euo pipefail
-cargo install --path deltachat-rpc-server/ --root "$PWD/venv"
+cargo install --path deltachat-rpc-server/ --root "$PWD/venv" --debug
 PATH="$PWD/venv/bin:$PATH" tox -c deltachat-rpc-client

scripts/run_all.sh

@@ -27,7 +27,7 @@ mkdir -p $TOXWORKDIR
 # XXX we may switch on some live-tests on for better ensurances 
 # Note that the independent remote_tests_python step does all kinds of
 # live-testing already. 
-unset DCC_NEW_TMP_EMAIL
+unset CHATMAIL_DOMAIN
 
 # Try to build wheels for a range of interpreters, but don't fail if they are not available.
 # E.g. musllinux_1_1 does not have PyPy interpreters as of 2022-07-10

spec.md

@@ -192,7 +192,7 @@ in different orders, esp. on creating new groups.
 To remove a member, a `Chat-Group-Member-Removed` header must be sent
 with the value set to the email-address of the member to remove.
 When receiving a `Chat-Group-Member-Removed` header,
-only exaxtly the given member has to be removed from the member list.
+only exactly the given member has to be removed from the member list.
 
 Messenger clients MUST NOT construct the member list
 on other group messages
@@ -339,7 +339,7 @@ only on image changes.
 
 In older specs, the profile-image was sent as an attachment
 and `Chat-User-Avatar:` specified its name.
-However, it turned out that these attachments are kind of unuexpected to users,
+However, it turned out that these attachments are kind of unexpected to users,
 therefore the profile-image go to the header now.
 
 

src/accounts.rs

@@ -258,8 +258,8 @@ impl Accounts {
     }
 
     /// Starts background tasks such as IMAP and SMTP loops for all accounts.
-    pub async fn start_io(&self) {
-        for account in self.accounts.values() {
+    pub async fn start_io(&mut self) {
+        for account in self.accounts.values_mut() {
             account.start_io().await;
         }
     }

src/chat.rs

@@ -630,7 +630,6 @@ impl ChatId {
             "bad chat_id, can not be a special chat: {}",
             self
         );
-        /* Up to 2017-11-02 deleting a group also implied leaving it, see above why we have changed this. */
 
         let chat = Chat::load_from_db(context, self).await?;
         context

src/context.rs

@@ -398,11 +398,24 @@ impl Context {
     }
 
     /// Starts the IO scheduler.
-    pub async fn start_io(&self) {
-        if let Ok(false) = self.is_configured().await {
+    pub async fn start_io(&mut self) {
+        if !self.is_configured().await.unwrap_or_default() {
             warn!(self, "can not start io on a context that is not configured");
             return;
         }
+
+        {
+            if self
+                .get_config(Config::ConfiguredAddr)
+                .await
+                .unwrap_or_default()
+                .filter(|s| s.ends_with(".testrun.org"))
+                .is_some()
+            {
+                let mut lock = self.ratelimit.write().await;
+                *lock = Ratelimit::new(Duration::new(40, 0), 6.0);
+            }
+        }
         self.scheduler.start(self.clone()).await;
     }
 

src/message.rs

@@ -150,21 +150,53 @@ WHERE id=?;
         self.0
     }
 
+    /// Returns raw text of a message, used for message info
+    pub async fn rawtext(self, context: &Context) -> Result<String> {
+        Ok(context
+            .sql
+            .query_get_value("SELECT txt_raw FROM msgs WHERE id=?", (self,))
+            .await?
+            .unwrap_or_default())
+    }
+
+    /// Returns server foldernames and UIDs of a message, used for message info
+    pub async fn get_info_server_urls(
+        context: &Context,
+        rfc724_mid: String,
+    ) -> Result<Vec<String>> {
+        context
+            .sql
+            .query_map(
+                "SELECT folder, uid FROM imap WHERE rfc724_mid=?",
+                (rfc724_mid,),
+                |row| {
+                    let folder: String = row.get("folder")?;
+                    let uid: u32 = row.get("uid")?;
+                    Ok(format!("</{folder}/;UID={uid}>"))
+                },
+                |rows| {
+                    rows.collect::<std::result::Result<Vec<_>, _>>()
+                        .map_err(Into::into)
+                },
+            )
+            .await
+    }
+
+    /// Returns information about hops of a message, used for message info
+    pub async fn hop_info(self, context: &Context) -> Result<Option<String>> {
+        context
+            .sql
+            .query_get_value("SELECT hop_info FROM msgs WHERE id=?", (self,))
+            .await
+    }
+
     /// Returns detailed message information in a multi-line text form.
     pub async fn get_info(self, context: &Context) -> Result<String> {
         let msg = Message::load_from_db(context, self).await?;
-        let rawtxt: Option<String> = context
-            .sql
-            .query_get_value("SELECT txt_raw FROM msgs WHERE id=?", (self,))
-            .await?;
+        let rawtxt: String = self.rawtext(context).await?;
 
         let mut ret = String::new();
 
-        if rawtxt.is_none() {
-            ret += &format!("Cannot load message {self}.");
-            return Ok(ret);
-        }
-        let rawtxt = rawtxt.unwrap_or_default();
         let rawtxt = truncate(rawtxt.trim(), DC_DESIRED_TEXT_LEN);
 
         let fts = timestamp_to_str(msg.get_timestamp());
@@ -282,32 +314,13 @@ WHERE id=?;
         if !msg.rfc724_mid.is_empty() {
             ret += &format!("\nMessage-ID: {}", msg.rfc724_mid);
 
-            let server_uids = context
-                .sql
-                .query_map(
-                    "SELECT folder, uid FROM imap WHERE rfc724_mid=?",
-                    (msg.rfc724_mid,),
-                    |row| {
-                        let folder: String = row.get("folder")?;
-                        let uid: u32 = row.get("uid")?;
-                        Ok((folder, uid))
-                    },
-                    |rows| {
-                        rows.collect::<std::result::Result<Vec<_>, _>>()
-                            .map_err(Into::into)
-                    },
-                )
-                .await?;
-
-            for (folder, uid) in server_uids {
+            let server_urls = Self::get_info_server_urls(context, msg.rfc724_mid).await?;
+            for server_url in server_urls {
                 // Format as RFC 5092 relative IMAP URL.
-                ret += &format!("\n</{folder}/;UID={uid}>");
+                ret += &format!("\n{server_url}");
             }
         }
-        let hop_info: Option<String> = context
-            .sql
-            .query_get_value("SELECT hop_info FROM msgs WHERE id=?;", (self,))
-            .await?;
+        let hop_info = self.hop_info(context).await?;
 
         ret += "\n\n";
         ret += &hop_info.unwrap_or_else(|| "No Hop Info".to_owned());
@@ -649,6 +662,12 @@ impl Message {
         self.id
     }
 
+    /// Returns the rfc724 message ID
+    /// May be empty
+    pub fn rfc724_mid(&self) -> &str {
+        &self.rfc724_mid
+    }
+
     /// Returns the ID of the contact who wrote the message.
     pub fn get_from_id(&self) -> ContactId {
         self.from_id

src/mimeparser.rs

@@ -1358,7 +1358,7 @@ impl MimeMessage {
         self.get_mailinglist_header().is_some()
     }
 
-    pub fn repl_msg_by_error(&mut self, error_msg: &str) {
+    pub fn replace_msg_by_error(&mut self, error_msg: &str) {
         self.is_system_message = SystemMessage::Unknown;
         if let Some(part) = self.parts.first_mut() {
             part.typ = Viewtype::Text;

src/peerstate.rs

@@ -427,42 +427,37 @@ impl Peerstate {
         &mut self,
         which_key: PeerstateKeyType,
         fingerprint: Fingerprint,
-        verified: PeerstateVerifiedStatus,
         verifier: String,
     ) -> Result<()> {
-        if verified == PeerstateVerifiedStatus::BidirectVerified {
-            match which_key {
-                PeerstateKeyType::PublicKey => {
-                    if self.public_key_fingerprint.is_some()
-                        && self.public_key_fingerprint.as_ref().unwrap() == &fingerprint
-                    {
-                        self.verified_key = self.public_key.clone();
-                        self.verified_key_fingerprint = Some(fingerprint);
-                        self.verifier = Some(verifier);
-                        Ok(())
-                    } else {
-                        Err(Error::msg(format!(
-                            "{fingerprint} is not peer's public key fingerprint",
-                        )))
-                    }
-                }
-                PeerstateKeyType::GossipKey => {
-                    if self.gossip_key_fingerprint.is_some()
-                        && self.gossip_key_fingerprint.as_ref().unwrap() == &fingerprint
-                    {
-                        self.verified_key = self.gossip_key.clone();
-                        self.verified_key_fingerprint = Some(fingerprint);
-                        self.verifier = Some(verifier);
-                        Ok(())
-                    } else {
-                        Err(Error::msg(format!(
-                            "{fingerprint} is not peer's gossip key fingerprint",
-                        )))
-                    }
+        match which_key {
+            PeerstateKeyType::PublicKey => {
+                if self.public_key_fingerprint.is_some()
+                    && self.public_key_fingerprint.as_ref().unwrap() == &fingerprint
+                {
+                    self.verified_key = self.public_key.clone();
+                    self.verified_key_fingerprint = Some(fingerprint);
+                    self.verifier = Some(verifier);
+                    Ok(())
+                } else {
+                    Err(Error::msg(format!(
+                        "{fingerprint} is not peer's public key fingerprint",
+                    )))
+                }
+            }
+            PeerstateKeyType::GossipKey => {
+                if self.gossip_key_fingerprint.is_some()
+                    && self.gossip_key_fingerprint.as_ref().unwrap() == &fingerprint
+                {
+                    self.verified_key = self.gossip_key.clone();
+                    self.verified_key_fingerprint = Some(fingerprint);
+                    self.verifier = Some(verifier);
+                    Ok(())
+                } else {
+                    Err(Error::msg(format!(
+                        "{fingerprint} is not peer's gossip key fingerprint",
+                    )))
                 }
             }
-        } else {
-            Err(Error::msg("BidirectVerified required"))
         }
     }
 

src/receive_imf.rs

@@ -30,7 +30,7 @@ use crate::message::{
 };
 use crate::mimeparser::{parse_message_ids, AvatarAction, MimeMessage, SystemMessage};
 use crate::param::{Param, Params};
-use crate::peerstate::{Peerstate, PeerstateKeyType, PeerstateVerifiedStatus};
+use crate::peerstate::{Peerstate, PeerstateKeyType};
 use crate::reaction::{set_msg_reaction, Reaction};
 use crate::securejoin::{self, handle_securejoin_handshake, observe_securejoin_on_other_device};
 use crate::simplify;
@@ -637,7 +637,7 @@ async fn add_parts(
                         chat_id = None;
                     } else {
                         let s = stock_str::unknown_sender_for_chat(context).await;
-                        mime_parser.repl_msg_by_error(&s);
+                        mime_parser.replace_msg_by_error(&s);
                     }
                 } else {
                     // In non-protected chats, just mark the sender as overridden. Therefore, the UI will prepend `~`
@@ -1055,7 +1055,7 @@ async fn add_parts(
             {
                 warn!(context, "Verification problem: {err:#}.");
                 let s = format!("{err}. See 'Info' for more details");
-                mime_parser.repl_msg_by_error(&s);
+                mime_parser.replace_msg_by_error(&s);
             }
         }
     }
@@ -1596,7 +1596,7 @@ async fn create_or_lookup_group(
         {
             warn!(context, "Verification problem: {err:#}.");
             let s = format!("{err}. See 'Info' for more details");
-            mime_parser.repl_msg_by_error(&s);
+            mime_parser.replace_msg_by_error(&s);
         }
         ProtectionStatus::Protected
     } else {
@@ -1657,6 +1657,7 @@ async fn create_or_lookup_group(
             members.push(from_id);
         }
         members.extend(to_ids);
+        members.sort_unstable();
         members.dedup();
         chat::add_to_chat_contacts_table(context, new_chat_id, &members).await?;
 
@@ -1758,7 +1759,7 @@ async fn apply_group_changes(
         {
             warn!(context, "Verification problem: {err:#}.");
             let s = format!("{err}. See 'Info' for more details");
-            mime_parser.repl_msg_by_error(&s);
+            mime_parser.replace_msg_by_error(&s);
         }
 
         if !chat.is_protected() {
@@ -2311,7 +2312,7 @@ async fn has_verified_encryption(
              LEFT JOIN acpeerstates ps ON c.addr=ps.addr  WHERE c.id IN({}) ",
                 sql::repeat_vars(to_ids.len())
             ),
-            rusqlite::params_from_iter(to_ids),
+            rusqlite::params_from_iter(&to_ids),
             |row| {
                 let to_addr: String = row.get(0)?;
                 let is_verified: i32 = row.get(1).unwrap_or(0);
@@ -2326,48 +2327,26 @@ async fn has_verified_encryption(
 
     let contact = Contact::get_by_id(context, from_id).await?;
 
-    for (to_addr, mut is_verified) in rows {
-        info!(
-            context,
-            "has_verified_encryption: {:?} self={:?}.",
-            to_addr,
-            context.is_self_addr(&to_addr).await
-        );
-        let peerstate = Peerstate::from_addr(context, &to_addr).await?;
-
+    for (to_addr, is_verified) in rows {
         // mark gossiped keys (if any) as verified
         if mimeparser.gossiped_addr.contains(&to_addr.to_lowercase()) {
-            if let Some(mut peerstate) = peerstate {
-                // if we're here, we know the gossip key is verified:
-                // - use the gossip-key as verified-key if there is no verified-key
-                // - OR if the verified-key does not match public-key or gossip-key
-                //   (otherwise a verified key can _only_ be updated through QR scan which might be annoying,
-                //   see <https://github.com/nextleap-project/countermitm/issues/46> for a discussion about this point)
-                if !is_verified
-                    || peerstate.verified_key_fingerprint != peerstate.public_key_fingerprint
-                        && peerstate.verified_key_fingerprint != peerstate.gossip_key_fingerprint
-                {
+            if let Some(mut peerstate) = Peerstate::from_addr(context, &to_addr).await? {
+                // If we're here, we know the gossip key is verified.
+                // Use the gossip-key as verified-key if there is no verified-key.
+                if !is_verified {
                     info!(context, "{} has verified {}.", contact.get_addr(), to_addr);
                     let fp = peerstate.gossip_key_fingerprint.clone();
                     if let Some(fp) = fp {
                         peerstate.set_verified(
                             PeerstateKeyType::GossipKey,
                             fp,
-                            PeerstateVerifiedStatus::BidirectVerified,
                             contact.get_addr().to_owned(),
                         )?;
                         peerstate.save_to_db(&context.sql).await?;
-                        is_verified = true;
                     }
                 }
             }
         }
-        if !is_verified {
-            return Ok(NotVerified(format!(
-                "{} is not a member of this protected chat",
-                to_addr
-            )));
-        }
     }
     Ok(Verified)
 }

src/securejoin.rs

@@ -18,7 +18,7 @@ use crate::key::{load_self_public_key, DcKey, Fingerprint};
 use crate::message::{Message, Viewtype};
 use crate::mimeparser::{MimeMessage, SystemMessage};
 use crate::param::Param;
-use crate::peerstate::{Peerstate, PeerstateKeyType, PeerstateVerifiedStatus};
+use crate::peerstate::{Peerstate, PeerstateKeyType};
 use crate::qr::check_qr;
 use crate::stock_str;
 use crate::token;
@@ -483,6 +483,19 @@ pub(crate) async fn handle_securejoin_handshake(
             ====             Bob - the joiner's side             ====
             ====   Step 7 in "Setup verified contact" protocol   ====
             =======================================================*/
+
+            if let Some(member_added) = mime_message
+                .get_header(HeaderDef::ChatGroupMemberAdded)
+                .map(|s| s.as_str())
+            {
+                if !context.is_self_addr(member_added).await? {
+                    info!(
+                        context,
+                        "Member {member_added} added by unrelated SecureJoin process"
+                    );
+                    return Ok(HandshakeMessage::Propagate);
+                }
+            }
             match BobState::from_db(&context.sql).await? {
                 Some(bobstate) => {
                     bob::handle_contact_confirm(context, bobstate, mime_message).await
@@ -614,12 +627,9 @@ pub(crate) async fn observe_securejoin_on_other_device(
                         return Ok(HandshakeMessage::Ignore);
                     }
                 };
-                if let Err(err) = peerstate.set_verified(
-                    PeerstateKeyType::GossipKey,
-                    fingerprint,
-                    PeerstateVerifiedStatus::BidirectVerified,
-                    addr,
-                ) {
+                if let Err(err) =
+                    peerstate.set_verified(PeerstateKeyType::GossipKey, fingerprint, addr)
+                {
                     could_not_establish_secure_connection(
                         context,
                         contact_id,
@@ -743,12 +753,8 @@ async fn mark_peer_as_verified(
     verifier: String,
 ) -> Result<()> {
     if let Some(ref mut peerstate) = Peerstate::from_fingerprint(context, &fingerprint).await? {
-        if let Err(err) = peerstate.set_verified(
-            PeerstateKeyType::PublicKey,
-            fingerprint,
-            PeerstateVerifiedStatus::BidirectVerified,
-            verifier,
-        ) {
+        if let Err(err) = peerstate.set_verified(PeerstateKeyType::PublicKey, fingerprint, verifier)
+        {
             error!(context, "Could not mark peer as verified: {}", err);
             return Err(err);
         }

webxdc.md

@@ -38,11 +38,11 @@ While this describes an already working "proof of concept" usage there are alrea
 
 webxdc empowers FOSS developments in unprecedented ways: 
 
-- well-known paradim: use all the existing JS/html5 libraries and designs of your choice
+- well-known paradigm: use all the existing JS/html5 libraries and designs of your choice
 - quick onboarding: only a handful API methods to learn 
 - serverless (but really): no worrying about hosting a server or configuring DNS, AWS etc 
 - permissionless: no worrying about registering at app stores for distribution
-- unbuerocratic: no worrying about login/password/expiry procedures or leaks 
+- unbureaucratic: no worrying about login/password/expiry procedures or leaks 
 - secure: no worrying about cryptographic algos or e2e-encryption complexity
 
 On the flip side, you need to learn how to do state updates between instances of your webxdc apps. This is a classic P2P problem and there are simple (send full state update) and advanced ways (use CRDTs or similar) to arrange decentralized state. In any case, there is no DHT let alone blockchain needed and thus no Crypto or coin needed, either.