api: add dc_replace_webxdc()

Previously it was required that a directory path is provided to the import API.
Now it is possible to point directly to the .asc file containing a secret key.

This allows UI to present a file selection dialog to the user
and let select the file directly.

Selecting a directory is still supported for backwards compatibility.

CHANGELOG.md

@@ -1,5 +1,55 @@
 # Changelog
 
+## [1.122.0] - 2023-09-12
+
+### API-Changes
+
+- jsonrpc: Return only chat IDs for similar chats.
+
+### Fixes
+
+- Reopen all connections on database passpharse change.
+- Do not block new group chats if 1:1 chat is blocked.
+- Improve group membership consistency algorithm ([#3782](https://github.com/deltachat/deltachat-core-rust/pull/3782))([#4624](https://github.com/deltachat/deltachat-core-rust/pull/4624)).
+- Forbid membership changes from possible non-members ([#3782](https://github.com/deltachat/deltachat-core-rust/pull/3782)).
+- `ChatId::parent_query()`: Don't filter out OutPending and OutFailed messages.
+
+### Build system
+
+- Update to OpenSSL 3.0.
+- Bump webpki from 0.22.0 to 0.22.1.
+- python: Add link to Mastodon into projects.urls.
+
+### Features / Changes
+
+- Add RSA-4096 key generation support.
+
+### Refactor
+
+- pgp: Add constants for encryption algorithm and hash.
+
+## [1.121.0] - 2023-09-06
+
+### API-Changes
+
+- Add `dc_context_change_passphrase()`.
+- Add `Message.set_file_from_bytes()` API.
+- Add experimental API to get similar chats.
+
+### Build system
+
+- Build node packages on Ubuntu 18.04 instead of Debian 10.
+  This reduces the requirement for glibc version from 2.28 to 2.27.
+
+### Fixes
+
+- Allow membership changes by a MUA if we're not in the group ([#4624](https://github.com/deltachat/deltachat-core-rust/pull/4624)).
+- Save mime headers for messages not signed with a known key ([#4557](https://github.com/deltachat/deltachat-core-rust/pull/4557)).
+- Return from `dc_get_chatlist(DC_GCL_FOR_FORWARDING)` only chats where we can send ([#4616](https://github.com/deltachat/deltachat-core-rust/pull/4616)).
+- Do not allow dots at the end of email addresses.
+- deltachat-rpc-client: Remove `aiodns` optional dependency from required dependencies.
+  `aiodns` depends on `pycares` which [fails to install in Termux](https://github.com/saghul/aiodns/issues/98).
+
 ## [1.120.0] - 2023-08-28
 
 ### API-Changes
@@ -2764,3 +2814,5 @@ https://github.com/deltachat/deltachat-core-rust/pulls?q=is%3Apr+is%3Aclosed
 [1.119.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.118.0...v1.119.0
 [1.119.1]: https://github.com/deltachat/deltachat-core-rust/compare/v1.119.0...v1.119.1
 [1.120.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.119.1...v1.120.0
+[1.121.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.120.0...v1.121.0
+[1.122.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.121.0...v1.122.0

Cargo.lock

@@ -1103,7 +1103,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat"
-version = "1.120.0"
+version = "1.122.0"
 dependencies = [
  "ansi_term",
  "anyhow",
@@ -1179,7 +1179,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-jsonrpc"
-version = "1.120.0"
+version = "1.122.0"
 dependencies = [
  "anyhow",
  "async-channel",
@@ -1203,7 +1203,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-repl"
-version = "1.120.0"
+version = "1.122.0"
 dependencies = [
  "ansi_term",
  "anyhow",
@@ -1218,7 +1218,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat-rpc-server"
-version = "1.120.0"
+version = "1.122.0"
 dependencies = [
  "anyhow",
  "deltachat",
@@ -1243,7 +1243,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat_ffi"
-version = "1.120.0"
+version = "1.122.0"
 dependencies = [
  "anyhow",
  "deltachat",
@@ -3078,11 +3078,11 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
 
 [[package]]
 name = "openssl"
-version = "0.10.55"
+version = "0.10.57"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "345df152bc43501c5eb9e4654ff05f794effb78d4efe3d53abc158baddc0703d"
+checksum = "bac25ee399abb46215765b1cb35bc0212377e58a061560d8b29b024fd0430e7c"
 dependencies = [
- "bitflags 1.3.2",
+ "bitflags 2.3.3",
  "cfg-if",
  "foreign-types",
  "libc",
@@ -3110,18 +3110,18 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
 
 [[package]]
 name = "openssl-src"
-version = "111.26.0+1.1.1u"
+version = "300.1.3+3.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "efc62c9f12b22b8f5208c23a7200a442b2e5999f8bdf80233852122b5a4f6f37"
+checksum = "cd2c101a165fff9935e34def4669595ab1c7847943c42be86e21503e482be107"
 dependencies = [
  "cc",
 ]
 
 [[package]]
 name = "openssl-sys"
-version = "0.9.90"
+version = "0.9.93"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "374533b0e45f3a7ced10fcaeccca020e66656bc03dac384f852e4e5a7a8104a6"
+checksum = "db4d56a4c0478783083cfafcc42493dd4a981d41669da64b4572a2a089b51b1d"
 dependencies = [
  "cc",
  "libc",
@@ -5448,9 +5448,9 @@ dependencies = [
 
 [[package]]
 name = "webpki"
-version = "0.22.0"
+version = "0.22.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd"
+checksum = "f0e74f82d49d545ad128049b7e88f6576df2da6b02e9ce565c6f533be576957e"
 dependencies = [
  "ring",
  "untrusted",

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat"
-version = "1.120.0"
+version = "1.122.0"
 edition = "2021"
 license = "MPL-2.0"
 rust-version = "1.65"

deltachat-ffi/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "1.120.0"
+version = "1.122.0"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"

deltachat-ffi/deltachat.h

@@ -443,7 +443,9 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  *                    DC_KEY_GEN_RSA2048 (1)=
  *                    generate RSA 2048 keypair
  *                    DC_KEY_GEN_ED25519 (2)=
- *                    generate Ed25519 keypair
+ *                    generate Curve25519 keypair
+ *                    DC_KEY_GEN_RSA4096 (3)=
+ *                    generate RSA 4096 keypair
  * - `save_mime_headers` = 1=save mime headers
  *                    and make dc_get_mime_headers() work for subsequent calls,
  *                    0=do not save mime headers (default)
@@ -1173,6 +1175,24 @@ int dc_send_webxdc_status_update (dc_context_t* context, uint32_t msg_id, const
  */
 char* dc_get_webxdc_status_updates (dc_context_t* context, uint32_t msg_id, uint32_t serial);
 
+
+/**
+ * Replaces webxdc app with a new version.
+ *
+ * On the JavaScript side this API could be used like this:
+ * ```
+ * window.webxdc.replaceWebxdc(blob);
+ * ```
+ *
+ * @memberof dc_context_t
+ * @param context The context object.
+ * @param msg_id The ID of the WebXDC message to be replaced.
+ * @param blob New blob to replace WebXDC with.
+ * @param n Blob size.
+ */
+void dc_replace_webxdc(dc_context_t* context, uint32_t msg_id, uint8_t *blob, size_t n);
+
+
 /**
  * Save a draft for a chat in the database.
  *
@@ -2282,6 +2302,7 @@ dc_contact_t*   dc_get_contact               (dc_context_t* context, uint32_t co
  *
  * - **DC_IMEX_IMPORT_SELF_KEYS** (2) - Import private keys found in the directory given as `param1`.
  *   The last imported key is made the default keys unless its name contains the string `legacy`. Public keys are not imported.
+ *   If `param1` is a filename, import the private key from the file and make it the default.
  *
  * While dc_imex() returns immediately, the started job may take a while,
  * you can stop it using dc_stop_ongoing_process(). During execution of the job,
@@ -6293,6 +6314,7 @@ void dc_event_unref(dc_event_t* event);
 #define DC_KEY_GEN_DEFAULT 0
 #define DC_KEY_GEN_RSA2048 1
 #define DC_KEY_GEN_ED25519 2
+#define DC_KEY_GEN_RSA4096 3
 
 
 /**

deltachat-ffi/src/lib.rs

@@ -36,7 +36,7 @@ use deltachat::qr_code_generator::{generate_backup_qr, get_securejoin_qr_svg};
 use deltachat::reaction::{get_msg_reactions, send_reaction, Reactions};
 use deltachat::stock_str::StockMessage;
 use deltachat::stock_str::StockStrings;
-use deltachat::webxdc::StatusUpdateSerial;
+use deltachat::webxdc::{replace_webxdc, StatusUpdateSerial};
 use deltachat::*;
 use deltachat::{accounts::Accounts, log::LogExt};
 use num_traits::{FromPrimitive, ToPrimitive};
@@ -1097,6 +1097,32 @@ pub unsafe extern "C" fn dc_get_webxdc_status_updates(
     .strdup()
 }
 
+#[no_mangle]
+pub unsafe extern "C" fn dc_replace_webxdc(
+    context: *mut dc_context_t,
+    msg_id: u32,
+    blob: *const u8,
+    n: libc::size_t,
+) {
+    if context.is_null() {
+        eprintln!("ignoring careless call to dc_replace_webxdc()");
+        return;
+    }
+
+    let msg_id = MsgId::new(msg_id);
+    let blob_slice = std::slice::from_raw_parts(blob, n);
+
+    let ctx = &*context;
+
+    block_on(async move {
+        replace_webxdc(ctx, msg_id, blob_slice)
+            .await
+            .context("Failed to replace WebXDC")
+            .log_err(ctx)
+            .ok();
+    })
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_set_draft(
     context: *mut dc_context_t,
@@ -1539,14 +1565,10 @@ pub unsafe extern "C" fn dc_delete_chat(context: *mut dc_context_t, chat_id: u32
     }
     let ctx = &*context;
 
-    block_on(async move {
-        ChatId::new(chat_id)
-            .delete(ctx)
-            .await
-            .context("Failed chat delete")
-            .log_err(ctx)
-            .ok();
-    })
+    block_on(ChatId::new(chat_id).delete(ctx))
+        .context("Failed chat delete")
+        .log_err(ctx)
+        .ok();
 }
 
 #[no_mangle]

deltachat-jsonrpc/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "1.120.0"
+version = "1.122.0"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 default-run = "deltachat-jsonrpc-server"

deltachat-jsonrpc/src/api/mod.rs

@@ -39,7 +39,6 @@ pub mod types;
 use num_traits::FromPrimitive;
 use types::account::Account;
 use types::chat::FullChat;
-use types::chat_list::ChatListEntry;
 use types::contact::ContactObject;
 use types::events::Event;
 use types::http::HttpResponse;
@@ -568,22 +567,18 @@ impl CommandApi {
     }
 
     /// Returns chats similar to the given one.
-    async fn get_similar_chatlist_entries(
-        &self,
-        account_id: u32,
-        chat_id: u32,
-    ) -> Result<Vec<ChatListEntry>> {
+    ///
+    /// Experimental API, subject to change without notice.
+    async fn get_similar_chat_ids(&self, account_id: u32, chat_id: u32) -> Result<Vec<u32>> {
         let ctx = self.get_context(account_id).await?;
         let chat_id = ChatId::new(chat_id);
-        let list = chat_id.get_similar_chatlist(&ctx).await?;
-        let mut l: Vec<ChatListEntry> = Vec::with_capacity(list.len());
-        for i in 0..list.len() {
-            l.push(ChatListEntry(
-                list.get_chat_id(i)?.to_u32(),
-                list.get_msg_id(i)?.unwrap_or_default().to_u32(),
-            ));
-        }
-        Ok(l)
+        let list = chat_id
+            .get_similar_chat_ids(&ctx)
+            .await?
+            .into_iter()
+            .map(|(chat_id, _metric)| chat_id.to_u32())
+            .collect();
+        Ok(list)
     }
 
     async fn get_chatlist_items_by_entries(

deltachat-jsonrpc/src/api/types/chat_list.rs

@@ -8,15 +8,12 @@ use deltachat::{
     chatlist::Chatlist,
 };
 use num_traits::cast::ToPrimitive;
-use serde::{Deserialize, Serialize};
+use serde::Serialize;
 use typescript_type_def::TypeDef;
 
 use super::color_int_to_hex_string;
 use super::message::MessageViewtype;
 
-#[derive(Deserialize, Serialize, TypeDef, schemars::JsonSchema)]
-pub struct ChatListEntry(pub u32, pub u32);
-
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
 #[serde(tag = "type")]
 pub enum ChatListItemFetchResult {

deltachat-jsonrpc/src/api/types/message.rs

@@ -318,6 +318,7 @@ pub enum DownloadState {
     Done,
     Available,
     Failure,
+    Undecipherable,
     InProgress,
 }
 
@@ -327,6 +328,7 @@ impl From<download::DownloadState> for DownloadState {
             download::DownloadState::Done => DownloadState::Done,
             download::DownloadState::Available => DownloadState::Available,
             download::DownloadState::Failure => DownloadState::Failure,
+            download::DownloadState::Undecipherable => DownloadState::Undecipherable,
             download::DownloadState::InProgress => DownloadState::InProgress,
         }
     }

deltachat-jsonrpc/typescript/package.json

@@ -55,5 +55,5 @@
   },
   "type": "module",
   "types": "dist/deltachat.d.ts",
-  "version": "1.120.0"
+  "version": "1.122.0"
 }

deltachat-repl/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "1.120.0"
+version = "1.122.0"
 license = "MPL-2.0"
 edition = "2021"
 

deltachat-repl/src/cmdline.rs

@@ -187,6 +187,7 @@ async fn log_msg(context: &Context, prefix: impl AsRef<str>, msg: &Message) {
         DownloadState::Available => " [⬇ Download available]",
         DownloadState::InProgress => " [⬇ Download in progress...]️",
         DownloadState::Failure => " [⬇ Download failed]",
+        DownloadState::Undecipherable => " [⬇ Decryption failed]",
     };
 
     let temp2 = timestamp_to_str(msg.get_timestamp());

deltachat-rpc-server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "1.120.0"
+version = "1.122.0"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"

deny.toml

@@ -3,11 +3,6 @@ unmaintained = "allow"
 ignore = [
     "RUSTSEC-2020-0071",
     "RUSTSEC-2022-0093",
-
-    # Exponential CPU time usage for TLS certificate processing in webpki.
-    # It is only used for backup transfer, so does not affect IMAP and SMTP connections.
-    # Waiting for `iroh` to update dependencies.
-    "RUSTSEC-2023-0052",
 ]
 
 [bans]

node/constants.js

@@ -90,6 +90,7 @@ module.exports = {
   DC_KEY_GEN_DEFAULT: 0,
   DC_KEY_GEN_ED25519: 2,
   DC_KEY_GEN_RSA2048: 1,
+  DC_KEY_GEN_RSA4096: 3,
   DC_LP_AUTH_NORMAL: 4,
   DC_LP_AUTH_OAUTH2: 2,
   DC_MEDIA_QUALITY_BALANCED: 0,

node/lib/constants.ts

@@ -90,6 +90,7 @@ export enum C {
   DC_KEY_GEN_DEFAULT = 0,
   DC_KEY_GEN_ED25519 = 2,
   DC_KEY_GEN_RSA2048 = 1,
+  DC_KEY_GEN_RSA4096 = 3,
   DC_LP_AUTH_NORMAL = 4,
   DC_LP_AUTH_OAUTH2 = 2,
   DC_MEDIA_QUALITY_BALANCED = 0,

package.json

@@ -60,5 +60,5 @@
     "test:mocha": "mocha -r esm node/test/test.js --growl --reporter=spec --bail --exit"
   },
   "types": "node/dist/index.d.ts",
-  "version": "1.120.0"
+  "version": "1.122.0"
 }

python/pyproject.toml

@@ -34,6 +34,7 @@ dynamic = [
 "Home" = "https://github.com/deltachat/deltachat-core-rust/"
 "Bug Tracker" = "https://github.com/deltachat/deltachat-core-rust/issues"
 "Documentation" = "https://py.delta.chat/"
+"Mastodon" = "https://chaos.social/@delta"
 
 [project.entry-points.pytest11]
 "deltachat.testplugin" = "deltachat.testplugin"

python/tests/test_1_online.py

@@ -1679,6 +1679,36 @@ def test_qr_join_chat(acfactory, lp):
     ac1._evtracker.wait_securejoin_inviter_progress(1000)
 
 
+def test_qr_new_group_unblocked(acfactory, lp):
+    """Regression test for a bug intoduced in core v1.113.0.
+    ac2 scans a verified group QR code created by ac1.
+    This results in creation of a blocked 1:1 chat with ac1 on ac2,
+    but ac1 contact is not blocked on ac2.
+    Then ac1 creates a group, adds ac2 there and promotes it by sending a message.
+    ac2 should receive a message and create a contact request for the group.
+    Due to a bug previously ac2 created a blocked group.
+    """
+
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    ac1_chat = ac1.create_group_chat("Group for joining", verified=True)
+    qr = ac1_chat.get_join_qr()
+    ac2.qr_join_chat(qr)
+
+    ac1._evtracker.wait_securejoin_inviter_progress(1000)
+
+    ac1_new_chat = ac1.create_group_chat("Another group")
+    ac1_new_chat.add_contact(ac2)
+    ac1_new_chat.send_text("Hello!")
+
+    # Receive "Member added" message.
+    ac2._evtracker.wait_next_incoming_message()
+
+    # Receive "Hello!" message.
+    ac2_msg = ac2._evtracker.wait_next_incoming_message()
+    assert ac2_msg.text == "Hello!"
+    assert ac2_msg.chat.is_contact_request()
+
+
 def test_qr_email_capitalization(acfactory, lp):
     """Regression test for a bug
     that resulted in failure to propagate verification via gossip in a verified group

release-date.in

@@ -1 +1 @@
-2023-08-28
+2023-09-12

src/chat.rs

@@ -23,6 +23,7 @@ use crate::constants::{
 use crate::contact::{Contact, ContactId, Origin, VerifiedStatus};
 use crate::context::Context;
 use crate::debug_logging::maybe_set_logging_xdc;
+use crate::download::DownloadState;
 use crate::ephemeral::Timer as EphemeralTimer;
 use crate::events::EventType;
 use crate::html::new_html_mimepart;
@@ -1038,11 +1039,14 @@ impl ChatId {
         T: Send + 'static,
     {
         let sql = &context.sql;
+        // Do not reply to not fully downloaded messages. Such a message could be a group chat
+        // message that we assigned to 1:1 chat.
         let query = format!(
             "SELECT {fields} \
-             FROM msgs WHERE chat_id=? AND state NOT IN (?, ?, ?, ?) AND NOT hidden \
+             FROM msgs WHERE chat_id=? AND state NOT IN (?, ?) AND NOT hidden AND download_state={} \
              ORDER BY timestamp DESC, id DESC \
-             LIMIT 1;"
+             LIMIT 1;",
+             DownloadState::Done as u32,
         );
         let row = sql
             .query_row_optional(
@@ -1051,8 +1055,11 @@ impl ChatId {
                     self,
                     MessageState::OutPreparing,
                     MessageState::OutDraft,
-                    MessageState::OutPending,
-                    MessageState::OutFailed,
+                    // We don't filter `OutPending` and `OutFailed` messages because the new message
+                    // for which `parent_query()` is done may assume that it will be received in a
+                    // context affected by those messages, e.g. they could add new members to a
+                    // group and the new message will contain them in "To:". Anyway recipients must
+                    // be prepared to orphaned references.
                 ),
                 f,
             )
@@ -1064,34 +1071,17 @@ impl ChatId {
         self,
         context: &Context,
     ) -> Result<Option<(String, String, String)>> {
-        if let Some((rfc724_mid, mime_in_reply_to, mime_references, error)) = self
-            .parent_query(
-                context,
-                "rfc724_mid, mime_in_reply_to, mime_references, error",
-                |row: &rusqlite::Row| {
-                    let rfc724_mid: String = row.get(0)?;
-                    let mime_in_reply_to: String = row.get(1)?;
-                    let mime_references: String = row.get(2)?;
-                    let error: String = row.get(3)?;
-                    Ok((rfc724_mid, mime_in_reply_to, mime_references, error))
-                },
-            )
-            .await?
-        {
-            if !error.is_empty() {
-                // Do not reply to error messages.
-                //
-                // An error message could be a group chat message that we failed to decrypt and
-                // assigned to 1:1 chat. A reply to it will show up as a reply to group message
-                // on the other side. To avoid such situations, it is better not to reply to
-                // error messages at all.
-                Ok(None)
-            } else {
-                Ok(Some((rfc724_mid, mime_in_reply_to, mime_references)))
-            }
-        } else {
-            Ok(None)
-        }
+        self.parent_query(
+            context,
+            "rfc724_mid, mime_in_reply_to, mime_references",
+            |row: &rusqlite::Row| {
+                let rfc724_mid: String = row.get(0)?;
+                let mime_in_reply_to: String = row.get(1)?;
+                let mime_references: String = row.get(2)?;
+                Ok((rfc724_mid, mime_in_reply_to, mime_references))
+            },
+        )
+        .await
     }
 
     /// Returns multi-line text summary of encryption preferences of all chat contacts.

src/constants.rs

@@ -62,8 +62,15 @@ pub enum MediaQuality {
 pub enum KeyGenType {
     #[default]
     Default = 0,
+
+    /// 2048-bit RSA.
     Rsa2048 = 1,
+
+    /// [Ed25519](https://ed25519.cr.yp.to/) signature and X25519 encryption.
     Ed25519 = 2,
+
+    /// 4096-bit RSA.
+    Rsa4096 = 3,
 }
 
 /// Video chat URL type.
@@ -231,6 +238,7 @@ mod tests {
         assert_eq!(KeyGenType::Default, KeyGenType::from_i32(0).unwrap());
         assert_eq!(KeyGenType::Rsa2048, KeyGenType::from_i32(1).unwrap());
         assert_eq!(KeyGenType::Ed25519, KeyGenType::from_i32(2).unwrap());
+        assert_eq!(KeyGenType::Rsa4096, KeyGenType::from_i32(3).unwrap());
     }
 
     #[test]

src/context.rs

@@ -1459,6 +1459,35 @@ mod tests {
         Ok(())
     }
 
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_context_change_passphrase() -> Result<()> {
+        let dir = tempdir()?;
+        let dbfile = dir.path().join("db.sqlite");
+
+        let id = 1;
+        let context = Context::new_closed(&dbfile, id, Events::new(), StockStrings::new())
+            .await
+            .context("failed to create context")?;
+        assert_eq!(context.open("foo".to_string()).await?, true);
+        assert_eq!(context.is_open().await, true);
+
+        context
+            .set_config(Config::Addr, Some("alice@example.org"))
+            .await?;
+
+        context
+            .change_passphrase("bar".to_string())
+            .await
+            .context("Failed to change passphrase")?;
+
+        assert_eq!(
+            context.get_config(Config::Addr).await?.unwrap(),
+            "alice@example.org"
+        );
+
+        Ok(())
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_ongoing() -> Result<()> {
         let context = TestContext::new().await;

src/download.rs

@@ -59,6 +59,9 @@ pub enum DownloadState {
     /// Failed to fully download the message.
     Failure = 20,
 
+    /// Undecipherable message.
+    Undecipherable = 30,
+
     /// Full download of the message is in progress.
     InProgress = 1000,
 }
@@ -80,7 +83,9 @@ impl MsgId {
     pub async fn download_full(self, context: &Context) -> Result<()> {
         let msg = Message::load_from_db(context, self).await?;
         match msg.download_state() {
-            DownloadState::Done => return Err(anyhow!("Nothing to download.")),
+            DownloadState::Done | DownloadState::Undecipherable => {
+                return Err(anyhow!("Nothing to download."))
+            }
             DownloadState::InProgress => return Err(anyhow!("Download already in progress.")),
             DownloadState::Available | DownloadState::Failure => {
                 self.update_download_state(context, DownloadState::InProgress)

src/headerdef.rs

@@ -77,9 +77,6 @@ pub enum HeaderDef {
     SecureJoinAuth,
     Sender,
 
-    /// [`Supersedes`](https://www.rfc-editor.org/rfc/rfc4021.html#section-2.1.46) header.
-    Supersedes,
-
     /// Ephemeral message timer.
     EphemeralTimer,
     Received,

src/imex.rs

@@ -586,63 +586,74 @@ async fn export_backup_inner(
     Ok(())
 }
 
-/*******************************************************************************
- * Classic key import
- ******************************************************************************/
-async fn import_self_keys(context: &Context, dir: &Path) -> Result<()> {
-    /* hint: even if we switch to import Autocrypt Setup Files, we should leave the possibility to import
-    plain ASC keys, at least keys without a password, if we do not want to implement a password entry function.
-    Importing ASC keys is useful to use keys in Delta Chat used by any other non-Autocrypt-PGP implementation.
+/// Imports secret key from a file.
+async fn import_secret_key(context: &Context, path: &Path, set_default: bool) -> Result<()> {
+    let buf = read_file(context, &path).await?;
+    let armored = std::string::String::from_utf8_lossy(&buf);
+    set_self_key(context, &armored, set_default, false).await?;
+    Ok(())
+}
+
+/// Imports secret keys from the provided file or directory.
+///
+/// If provided path is a file, ASCII-armored secret key is read from the file
+/// and set as the default key.
+///
+/// If provided path is a directory, all files with .asc extension
+/// containing secret keys are imported and the last successfully
+/// imported which does not contain "legacy" in its filename
+/// is set as the default.
+async fn import_self_keys(context: &Context, path: &Path) -> Result<()> {
+    let attr = tokio::fs::metadata(path).await?;
+
+    if attr.is_file() {
+        info!(
+            context,
+            "Importing secret key from {} as the default key.",
+            path.display()
+        );
+        let set_default = true;
+        import_secret_key(context, path, set_default).await?;
+        return Ok(());
+    }
 
-    Maybe we should make the "default" key handlong also a little bit smarter
-    (currently, the last imported key is the standard key unless it contains the string "legacy" in its name) */
-    let mut set_default: bool;
     let mut imported_cnt = 0;
 
-    let dir_name = dir.to_string_lossy();
-    let mut dir_handle = tokio::fs::read_dir(&dir).await?;
+    let mut dir_handle = tokio::fs::read_dir(&path).await?;
     while let Ok(Some(entry)) = dir_handle.next_entry().await {
         let entry_fn = entry.file_name();
         let name_f = entry_fn.to_string_lossy();
-        let path_plus_name = dir.join(&entry_fn);
-        match get_filesuffix_lc(&name_f) {
-            Some(suffix) => {
-                if suffix != "asc" {
-                    continue;
-                }
-                set_default = if name_f.contains("legacy") {
-                    info!(context, "found legacy key '{}'", path_plus_name.display());
-                    false
-                } else {
-                    true
-                }
-            }
-            None => {
+        let path_plus_name = path.join(&entry_fn);
+        if let Some(suffix) = get_filesuffix_lc(&name_f) {
+            if suffix != "asc" {
                 continue;
             }
-        }
+        } else {
+            continue;
+        };
+        let set_default = !name_f.contains("legacy");
         info!(
             context,
-            "considering key file: {}",
+            "Considering key file: {}.",
             path_plus_name.display()
         );
 
-        match read_file(context, &path_plus_name).await {
-            Ok(buf) => {
-                let armored = std::string::String::from_utf8_lossy(&buf);
-                if let Err(err) = set_self_key(context, &armored, set_default, false).await {
-                    info!(context, "set_self_key: {}", err);
-                    continue;
-                }
-            }
-            Err(_) => continue,
+        if let Err(err) = import_secret_key(context, &path_plus_name, set_default).await {
+            warn!(
+                context,
+                "Failed to import secret key from {}: {:#}.",
+                path_plus_name.display(),
+                err
+            );
+            continue;
         }
+
         imported_cnt += 1;
     }
     ensure!(
         imported_cnt > 0,
-        "No private keys found in \"{}\".",
-        dir_name
+        "No private keys found in {}.",
+        path.display()
     );
     Ok(())
 }
@@ -673,7 +684,8 @@ async fn export_self_keys(context: &Context, dir: &Path) -> Result<()> {
         .await?;
 
     for (id, public_key, private_key, is_default) in keys {
-        let id = Some(id).filter(|_| is_default != 0);
+        let id = Some(id).filter(|_| is_default == 0);
+
         if let Ok(key) = public_key {
             if let Err(err) = export_key_to_asc_file(context, dir, id, &key).await {
                 error!(context, "Failed to export public key: {:#}.", err);
@@ -864,14 +876,35 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_export_and_import_key() {
+        let export_dir = tempfile::tempdir().unwrap();
+
         let context = TestContext::new_alice().await;
-        let blobdir = context.ctx.get_blobdir();
-        if let Err(err) = imex(&context.ctx, ImexMode::ExportSelfKeys, blobdir, None).await {
+        if let Err(err) = imex(
+            &context.ctx,
+            ImexMode::ExportSelfKeys,
+            export_dir.path(),
+            None,
+        )
+        .await
+        {
             panic!("got error on export: {err:#}");
         }
 
         let context2 = TestContext::new_alice().await;
-        if let Err(err) = imex(&context2.ctx, ImexMode::ImportSelfKeys, blobdir, None).await {
+        if let Err(err) = imex(
+            &context2.ctx,
+            ImexMode::ImportSelfKeys,
+            export_dir.path(),
+            None,
+        )
+        .await
+        {
+            panic!("got error on import: {err:#}");
+        }
+
+        let keyfile = export_dir.path().join("private-key-default.asc");
+        let context3 = TestContext::new_alice().await;
+        if let Err(err) = imex(&context3.ctx, ImexMode::ImportSelfKeys, &keyfile, None).await {
             panic!("got error on import: {err:#}");
         }
     }

src/message.rs

@@ -435,18 +435,6 @@ pub struct Message {
 
     /// `In-Reply-To` header value.
     pub(crate) in_reply_to: Option<String>,
-
-    /// `Supersedes` header value.
-    ///
-    /// It is only used for sending and not stored in the database.
-    ///
-    /// The header contains `Message-ID` of the original message
-    /// superseded by this one.
-    ///
-    /// The header is specified
-    /// in <https://www.rfc-editor.org/rfc/rfc4021.html#section-2.1.46>.
-    pub(crate) supersedes: Option<String>,
-
     pub(crate) is_dc_message: MessengerMessage,
     pub(crate) mime_modified: bool,
     pub(crate) chat_blocked: Blocked,
@@ -542,7 +530,6 @@ impl Message {
                         download_state: row.get("download_state")?,
                         error: Some(row.get::<_, String>("error")?)
                             .filter(|error| !error.is_empty()),
-                        supersedes: None, // `Supersedes` header is only used for sending and not stored in the database.
                         is_dc_message: row.get("msgrmsg")?,
                         mime_modified: row.get("mime_modified")?,
                         text,

src/mimefactory.rs

@@ -549,11 +549,6 @@ impl<'a> MimeFactory<'a> {
             Loaded::Mdn { .. } => create_outgoing_rfc724_mid(None, &self.from_addr),
         };
         let rfc724_mid_headervalue = render_rfc724_mid(&rfc724_mid);
-        if let Some(supersedes) = &self.msg.supersedes {
-            headers
-                .protected
-                .push(Header::new("Supersedes".into(), supersedes.to_string()));
-        }
 
         // Amazon's SMTP servers change the `Message-ID`, just as Outlook's SMTP servers do.
         // Outlook's servers add an `X-Microsoft-Original-Message-ID` header with the original `Message-ID`,
@@ -1253,7 +1248,7 @@ impl<'a> MimeFactory<'a> {
         } else if command == SystemMessage::WebxdcStatusUpdate {
             let json = self.msg.param.get(Param::Arg).unwrap_or_default();
             parts.push(context.build_status_update_part(json));
-        } else if self.msg.viewtype == Viewtype::Webxdc && self.msg.supersedes.is_none() {
+        } else if self.msg.viewtype == Viewtype::Webxdc {
             if let Some(json) = context
                 .render_webxdc_status_update_object(self.msg.id, None)
                 .await?

src/mimeparser.rs

@@ -438,6 +438,8 @@ impl MimeMessage {
                         typ: Viewtype::Text,
                         msg_raw: Some(txt.clone()),
                         msg: txt,
+                        // Don't change the error prefix for now,
+                        // receive_imf.rs:lookup_chat_by_reply() checks it.
                         error: Some(format!("Decrypting failed: {err:#}")),
                         ..Default::default()
                     };

src/pgp.rs

@@ -30,6 +30,12 @@ pub(crate) const HEADER_AUTOCRYPT: &str = "autocrypt-prefer-encrypt";
 #[allow(missing_docs)]
 pub const HEADER_SETUPCODE: &str = "passphrase-begin";
 
+/// Preferred symmetric encryption algorithm.
+const SYMMETRIC_KEY_ALGORITHM: SymmetricKeyAlgorithm = SymmetricKeyAlgorithm::AES128;
+
+/// Preferred cryptographic hash.
+const HASH_ALGORITHM: HashAlgorithm = HashAlgorithm::SHA2_256;
+
 /// A wrapper for rPGP public key types
 #[derive(Debug)]
 enum SignedPublicKeyOrSubkey<'a> {
@@ -136,6 +142,7 @@ pub struct KeyPair {
 pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Result<KeyPair> {
     let (secret_key_type, public_key_type) = match keygen_type {
         KeyGenType::Rsa2048 => (PgpKeyType::Rsa(2048), PgpKeyType::Rsa(2048)),
+        KeyGenType::Rsa4096 => (PgpKeyType::Rsa(4096), PgpKeyType::Rsa(4096)),
         KeyGenType::Ed25519 | KeyGenType::Default => (PgpKeyType::EdDSA, PgpKeyType::ECDH),
     };
 
@@ -249,11 +256,13 @@ pub async fn pk_encrypt(
             // TODO: measure time
             let encrypted_msg = if let Some(ref skey) = private_key_for_signing {
                 lit_msg
-                    .sign(skey, || "".into(), Default::default())
+                    .sign(skey, || "".into(), HASH_ALGORITHM)
                     .and_then(|msg| msg.compress(CompressionAlgorithm::ZLIB))
-                    .and_then(|msg| msg.encrypt_to_keys(&mut rng, Default::default(), &pkeys_refs))
+                    .and_then(|msg| {
+                        msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)
+                    })
             } else {
-                lit_msg.encrypt_to_keys(&mut rng, Default::default(), &pkeys_refs)
+                lit_msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)
             };
 
             let msg = encrypted_msg?;
@@ -272,7 +281,7 @@ pub fn pk_calc_signature(
     let msg = Message::new_literal_bytes("", plain).sign(
         private_key_for_signing,
         || "".into(),
-        Default::default(),
+        HASH_ALGORITHM,
     )?;
     let signature = msg.into_signature().to_armored_string(None)?;
     Ok(signature)
@@ -369,7 +378,7 @@ pub async fn symm_encrypt(passphrase: &str, plain: &[u8]) -> Result<String> {
         let mut rng = thread_rng();
         let s2k = StringToKey::new_default(&mut rng);
         let msg =
-            lit_msg.encrypt_with_password(&mut rng, s2k, Default::default(), || passphrase)?;
+            lit_msg.encrypt_with_password(&mut rng, s2k, SYMMETRIC_KEY_ALGORITHM, || passphrase)?;
 
         let encoded_msg = msg.to_armored_string(None)?;
 

src/receive_imf.rs

@@ -62,10 +62,6 @@ pub struct ReceivedMsg {
 
     /// Whether IMAP messages should be immediately deleted.
     pub needs_delete_job: bool,
-
-    /// Message-ID saved into the database.
-    /// For messages with `Supersedes` header this is the Message-ID of the original message.
-    pub rfc724_mid: String,
 }
 
 /// Emulates reception of a message from the network.
@@ -138,7 +134,6 @@ pub(crate) async fn receive_imf_inner(
                 sort_timestamp: 0,
                 msg_ids,
                 needs_delete_job: false,
-                rfc724_mid: rfc724_mid.to_string(),
             }));
         }
         Ok(mime_parser) => mime_parser,
@@ -343,12 +338,12 @@ pub(crate) async fn receive_imf_inner(
                 .sql
                 .execute(
                     "UPDATE imap SET target=? WHERE rfc724_mid=?",
-                    (target, &received_msg.rfc724_mid),
+                    (target, rfc724_mid),
                 )
                 .await?;
         } else if !mime_parser.mdn_reports.is_empty() && mime_parser.has_chat_version() {
             // This is a Delta Chat MDN. Mark as read.
-            markseen_on_imap_table(context, &received_msg.rfc724_mid).await?;
+            markseen_on_imap_table(context, rfc724_mid).await?;
         }
     }
 
@@ -551,19 +546,30 @@ async fn add_parts(
         // signals whether the current user is a bot
         let is_bot = context.get_config_bool(Config::Bot).await?;
 
-        let create_blocked = match test_normal_chat {
-            Some(ChatIdBlocked {
-                id: _,
-                blocked: Blocked::Request,
-            }) if is_bot => Blocked::Not,
-            Some(ChatIdBlocked { id: _, blocked }) => blocked,
-            None => {
-                if is_bot {
-                    Blocked::Not
-                } else {
-                    Blocked::Request
+        let create_blocked_default = if is_bot {
+            Blocked::Not
+        } else {
+            Blocked::Request
+        };
+        let create_blocked = if let Some(ChatIdBlocked { id: _, blocked }) = test_normal_chat {
+            match blocked {
+                Blocked::Request => create_blocked_default,
+                Blocked::Not => Blocked::Not,
+                Blocked::Yes => {
+                    if Contact::is_blocked_load(context, from_id).await? {
+                        // User has blocked the contact.
+                        // Block the group contact created as well.
+                        Blocked::Yes
+                    } else {
+                        // 1:1 chat is blocked, but the contact is not.
+                        // This happens when 1:1 chat is hidden
+                        // during scanning of a group invitation code.
+                        Blocked::Request
+                    }
                 }
             }
+        } else {
+            create_blocked_default
         };
 
         if chat_id.is_none() {
@@ -1055,43 +1061,6 @@ async fn add_parts(
         .cloned()
         .unwrap_or_default();
 
-    let rfc724_mid = if let Some(supersedes) = mime_parser.get_header(HeaderDef::Supersedes) {
-        supersedes.to_string()
-    } else {
-        rfc724_mid.to_string()
-    };
-
-    let supersedes_msg_id = match mime_parser.get_header(HeaderDef::Supersedes) {
-        Some(supersedes) => {
-            if let Some(msg_id) = rfc724_mid_exists(context, supersedes).await? {
-                if let Some(orig_from_id) = context
-                    .sql
-                    .query_row_optional("SELECT from_id FROM msgs WHERE id=?", (msg_id,), |row| {
-                        let from_id: ContactId = row.get(0)?;
-
-                        Ok(from_id)
-                    })
-                    .await?
-                {
-                    if from_id == orig_from_id {
-                        Some(msg_id)
-                    } else {
-                        None
-                    }
-                } else {
-                    None
-                }
-            } else {
-                None
-            }
-        }
-        None => None,
-    };
-    if supersedes_msg_id.is_some() {
-        replace_msg_id = supersedes_msg_id;
-        info!(context, "Superseding {supersedes_msg_id:?}");
-    }
-
     // fine, so far.  now, split the message into simple parts usable as "short messages"
     // and add them to the database (mails sent by other messenger clients should result
     // into only one message; mails sent by other clients may result in several messages
@@ -1258,6 +1227,8 @@ RETURNING id
                     ephemeral_timestamp,
                     if is_partial_download.is_some() {
                         DownloadState::Available
+                    } else if mime_parser.decrypting_failed {
+                        DownloadState::Undecipherable
                     } else {
                         DownloadState::Done
                     },
@@ -1343,7 +1314,6 @@ RETURNING id
         sort_timestamp,
         msg_ids: created_db_entries,
         needs_delete_job,
-        rfc724_mid,
     })
 }
 
@@ -1441,11 +1411,18 @@ async fn lookup_chat_by_reply(
     if let Some(parent) = parent {
         let parent_chat = Chat::load_from_db(context, parent.chat_id).await?;
 
-        if parent.error.is_some() {
-            // If the parent msg is undecipherable, then it may have been assigned to the wrong chat
-            // (undecipherable group msgs often get assigned to the 1:1 chat with the sender).
-            // We don't have any way of finding out whether a msg is undecipherable, so we check for
-            // error.is_some() instead.
+        if parent.download_state != DownloadState::Done
+            // TODO (2023-09-12): Added for backward compatibility with versions that did not have
+            // `DownloadState::Undecipherable`. Remove eventually with the comment in
+            // `MimeMessage::from_bytes()`.
+            || parent
+                .error
+                .as_ref()
+                .filter(|e| e.starts_with("Decrypting failed:"))
+                .is_some()
+        {
+            // If the parent msg is not fully downloaded or undecipherable, it may have been
+            // assigned to the wrong chat (they often get assigned to the 1:1 chat with the sender).
             return Ok(None);
         }
 
@@ -1697,40 +1674,37 @@ async fn apply_group_changes(
             false
         };
 
-    // Whether to allow any changes to the member list at all.
-    let allow_member_list_changes = if chat::is_contact_in_chat(context, chat_id, ContactId::SELF)
-        .await?
-        || self_added
-        || !mime_parser.has_chat_version()
-    {
-        // Reject old group changes.
-        chat_id
+    let is_from_in_chat = !chat::is_contact_in_chat(context, chat_id, ContactId::SELF).await?
+        || chat::is_contact_in_chat(context, chat_id, from_id).await?;
+
+    // Reject group membership changes from non-members and old changes.
+    let allow_member_list_changes = is_from_in_chat
+        && chat_id
             .update_timestamp(context, Param::MemberListTimestamp, sent_timestamp)
-            .await?
-    } else {
-        // Member list changes are not allowed if we're not in the group
-        // and are not explicitly added.
-        // This message comes from a Delta Chat that restored an old backup
-        // or the message is a MUA reply to an old message.
-        false
-    };
+            .await?;
 
     // Whether to rebuild the member list from scratch.
-    let recreate_member_list = if allow_member_list_changes {
+    let recreate_member_list = {
         // Recreate member list if the message comes from a MUA as these messages do _not_ set add/remove headers.
-        // Always recreate membership list if self has been added.
-        if !mime_parser.has_chat_version() || self_added {
-            true
-        } else {
-            match mime_parser.get_header(HeaderDef::InReplyTo) {
+        !mime_parser.has_chat_version()
+            // Always recreate membership list if SELF has been added. The older versions of DC
+            // don't always set "In-Reply-To" to the latest message they sent, but to the latest
+            // delivered message (so it's a race), so we have this heuristic here.
+            || self_added
+            || match mime_parser.get_header(HeaderDef::InReplyTo) {
                 // If we don't know the referenced message, we missed some messages.
                 // Maybe they added/removed members, so we need to recreate our member list.
                 Some(reply_to) => rfc724_mid_exists(context, reply_to).await?.is_none(),
                 None => false,
             }
+    } && {
+        if !allow_member_list_changes {
+            info!(
+                context,
+                "Ignoring a try to recreate member list of {chat_id} by {from_id}.",
+            );
         }
-    } else {
-        false
+        allow_member_list_changes
     };
 
     if let Some(removed_addr) = mime_parser.get_header(HeaderDef::ChatGroupMemberRemoved) {
@@ -1837,43 +1811,35 @@ async fn apply_group_changes(
 
     // Recreate the member list.
     if recreate_member_list {
-        if !chat::is_contact_in_chat(context, chat_id, from_id).await? {
-            warn!(
-                context,
-                "Contact {from_id} attempts to modify group chat {chat_id} member list without being a member."
-            );
-        } else {
-            // Only delete old contacts if the sender is not a classical MUA user:
-            // Classical MUA users usually don't intend to remove users from an email
-            // thread, so if they removed a recipient then it was probably by accident.
-            if mime_parser.has_chat_version() {
-                context
-                    .sql
-                    .execute("DELETE FROM chats_contacts WHERE chat_id=?;", (chat_id,))
-                    .await?;
-            }
-
-            let mut members_to_add = HashSet::new();
-            members_to_add.extend(to_ids);
-            members_to_add.insert(ContactId::SELF);
-
-            if !from_id.is_special() {
-                members_to_add.insert(from_id);
-            }
-
-            if let Some(removed_id) = removed_id {
-                members_to_add.remove(&removed_id);
-            }
-
-            info!(
-                context,
-                "Recreating chat {chat_id} with members {members_to_add:?}."
-            );
-
-            chat::add_to_chat_contacts_table(context, chat_id, &Vec::from_iter(members_to_add))
+        // Only delete old contacts if the sender is not a classical MUA user:
+        // Classical MUA users usually don't intend to remove users from an email
+        // thread, so if they removed a recipient then it was probably by accident.
+        if mime_parser.has_chat_version() {
+            context
+                .sql
+                .execute("DELETE FROM chats_contacts WHERE chat_id=?;", (chat_id,))
                 .await?;
-            send_event_chat_modified = true;
         }
+
+        let mut members_to_add = HashSet::new();
+        members_to_add.extend(to_ids);
+        members_to_add.insert(ContactId::SELF);
+
+        if !from_id.is_special() {
+            members_to_add.insert(from_id);
+        }
+
+        if let Some(removed_id) = removed_id {
+            members_to_add.remove(&removed_id);
+        }
+
+        info!(
+            context,
+            "Recreating chat {chat_id} with members {members_to_add:?}."
+        );
+
+        chat::add_to_chat_contacts_table(context, chat_id, &Vec::from_iter(members_to_add)).await?;
+        send_event_chat_modified = true;
     }
 
     if let Some(avatar_action) = &mime_parser.group_avatar {

src/receive_imf/tests.rs

@@ -8,6 +8,7 @@ use crate::chat::{
 };
 use crate::chat::{get_chat_msgs, ChatItem, ChatVisibility};
 use crate::chatlist::Chatlist;
+use crate::config::Config;
 use crate::constants::{DC_GCL_FOR_FORWARDING, DC_GCL_NO_SPECIALS};
 use crate::imap::prefetch_should_download;
 use crate::message::Message;
@@ -3611,3 +3612,70 @@ async fn test_mua_can_readd() -> Result<()> {
     assert!(is_contact_in_chat(&alice, alice_chat.id, ContactId::SELF).await?);
     Ok(())
 }
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_recreate_member_list_on_missing_add_of_self() -> Result<()> {
+    let alice = TestContext::new_alice().await;
+    let bob = TestContext::new_bob().await;
+    let alice_chat_id = create_group_chat(&alice, ProtectionStatus::Unprotected, "Group").await?;
+    add_contact_to_chat(
+        &alice,
+        alice_chat_id,
+        Contact::create(&alice, "bob", &bob.get_config(Config::Addr).await?.unwrap()).await?,
+    )
+    .await?;
+    send_text_msg(&alice, alice_chat_id, "populate".to_string()).await?;
+    alice.pop_sent_msg().await;
+    remove_contact_from_chat(&alice, alice_chat_id, ContactId::SELF).await?;
+    let bob_chat_id = bob.recv_msg(&alice.pop_sent_msg().await).await.chat_id;
+
+    // Bob missed the message adding them, but must recreate the member list.
+    assert_eq!(get_chat_contacts(&bob, bob_chat_id).await?.len(), 1);
+    assert!(is_contact_in_chat(&bob, bob_chat_id, ContactId::SELF).await?);
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_keep_member_list_if_possibly_nomember() -> Result<()> {
+    let alice = TestContext::new_alice().await;
+    let bob = TestContext::new_bob().await;
+    let alice_chat_id = create_group_chat(&alice, ProtectionStatus::Unprotected, "Group").await?;
+    add_contact_to_chat(
+        &alice,
+        alice_chat_id,
+        Contact::create(&alice, "bob", &bob.get_config(Config::Addr).await?.unwrap()).await?,
+    )
+    .await?;
+    send_text_msg(&alice, alice_chat_id, "populate".to_string()).await?;
+    let bob_chat_id = bob.recv_msg(&alice.pop_sent_msg().await).await.chat_id;
+
+    let fiona = TestContext::new_fiona().await;
+    add_contact_to_chat(
+        &alice,
+        alice_chat_id,
+        Contact::create(
+            &alice,
+            "fiona",
+            &fiona.get_config(Config::Addr).await?.unwrap(),
+        )
+        .await?,
+    )
+    .await?;
+    let fiona_chat_id = fiona.recv_msg(&alice.pop_sent_msg().await).await.chat_id;
+    fiona_chat_id.accept(&fiona).await?;
+
+    send_text_msg(&fiona, fiona_chat_id, "hi".to_string()).await?;
+    bob.recv_msg(&fiona.pop_sent_msg().await).await;
+
+    // Bob missed the message adding fiona, but mustn't recreate the member list.
+    assert_eq!(get_chat_contacts(&bob, bob_chat_id).await?.len(), 2);
+    assert!(is_contact_in_chat(&bob, bob_chat_id, ContactId::SELF).await?);
+    let bob_alice_contact = Contact::create(
+        &bob,
+        "alice",
+        &alice.get_config(Config::Addr).await?.unwrap(),
+    )
+    .await?;
+    assert!(is_contact_in_chat(&bob, bob_chat_id, bob_alice_contact).await?);
+    Ok(())
+}

src/sql.rs

@@ -310,12 +310,17 @@ impl Sql {
     /// It is impossible to turn encrypted database into unencrypted
     /// and vice versa this way, use import/export for this.
     pub async fn change_passphrase(&self, passphrase: String) -> Result<()> {
-        self.call_write(move |conn| {
-            conn.pragma_update(None, "rekey", passphrase)
-                .context("failed to set PRAGMA rekey")?;
-            Ok(())
-        })
-        .await
+        let mut lock = self.pool.write().await;
+
+        let pool = lock.take().context("SQL connection pool is not open")?;
+        let conn = pool.get().await?;
+        conn.pragma_update(None, "rekey", passphrase.clone())
+            .context("failed to set PRAGMA rekey")?;
+        drop(pool);
+
+        *lock = Some(Self::new_pool(&self.dbfile, passphrase.to_string())?);
+
+        Ok(())
     }
 
     /// Locks the write transactions mutex in order to make sure that there never are
@@ -1265,7 +1270,7 @@ mod tests {
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_change_passphrase() -> Result<()> {
+    async fn test_sql_change_passphrase() -> Result<()> {
         use tempfile::tempdir;
 
         // The context is used only for logging.
@@ -1289,6 +1294,23 @@ mod tests {
         sql.change_passphrase("bar".to_string())
             .await
             .context("failed to change passphrase")?;
+
+        // Test that at least two connections are still working.
+        // This ensures that not only the connection which changed the password is working,
+        // but other connections as well.
+        {
+            let lock = sql.pool.read().await;
+            let pool = lock.as_ref().unwrap();
+            let conn1 = pool.get().await?;
+            let conn2 = pool.get().await?;
+            conn1
+                .query_row("SELECT count(*) FROM sqlite_master", [], |_row| Ok(()))
+                .unwrap();
+            conn2
+                .query_row("SELECT count(*) FROM sqlite_master", [], |_row| Ok(()))
+                .unwrap();
+        }
+
         sql.close().await;
 
         let sql = Sql::new(dbfile);

src/webxdc.rs

@@ -27,7 +27,7 @@ use serde_json::Value;
 use tokio::io::AsyncReadExt;
 
 use crate::blob::BlobObject;
-use crate::chat::{self, create_send_msg_job, Chat};
+use crate::chat::Chat;
 use crate::constants::Chattype;
 use crate::contact::ContactId;
 use crate::context::Context;
@@ -35,12 +35,12 @@ use crate::download::DownloadState;
 use crate::message::{Message, MessageState, MsgId, Viewtype};
 use crate::mimefactory::wrapped_base64_encode;
 use crate::mimeparser::SystemMessage;
-use crate::param::{Param, Params};
+use crate::param::Param;
+use crate::param::Params;
 use crate::scheduler::InterruptInfo;
-use crate::tools::{
-    create_outgoing_rfc724_mid, create_smeared_timestamp, get_abs_path, strip_rtlo_characters,
-};
-use crate::EventType;
+use crate::tools::strip_rtlo_characters;
+use crate::tools::{create_smeared_timestamp, get_abs_path};
+use crate::{chat, EventType};
 
 /// The current API version.
 /// If `min_api` in manifest.toml is set to a larger value,
@@ -846,73 +846,31 @@ impl Message {
     }
 }
 
-/// Sends a replacement for an own WebXDC message.
-pub async fn send_webxdc_replacement(
-    context: &Context,
-    msg_id: MsgId,
-    filename: &str,
-) -> Result<()> {
+/// Replaces WebXDC blob of existing message.
+///
+/// This API is supposed to be called from within a WebXDC to replace itself
+/// e.g. with an updated or persistently reconfigured version.
+pub async fn replace_webxdc(context: &Context, msg_id: MsgId, data: &[u8]) -> Result<()> {
     let mut msg = Message::load_from_db(context, msg_id).await?;
 
-    ensure!(
-        msg.from_id == ContactId::SELF,
-        "Can update WebXDC only in own messages"
-    );
     ensure!(
         msg.get_viewtype() == Viewtype::Webxdc,
         "Message {msg_id} is not a WebXDC instance"
     );
-    let state = msg.get_state();
-    match state {
-        MessageState::OutFailed | MessageState::OutDelivered | MessageState::OutMdnRcvd => {}
-        MessageState::Undefined
-        | MessageState::InFresh
-        | MessageState::InNoticed
-        | MessageState::InSeen
-        | MessageState::OutPreparing
-        | MessageState::OutPending
-        | MessageState::OutDraft => bail!("Unexpected message state: {state}"),
-    }
 
-    let chat = Chat::load_from_db(context, msg.chat_id).await?;
+    let blob = BlobObject::create(
+        context,
+        &msg.get_filename()
+            .context("Cannot get filename of exising WebXDC instance")?,
+        data,
+    )
+    .await
+    .context("Failed to create WebXDC replacement blob")?;
 
     let mut param = msg.param.clone();
-    if !chat.is_protected() {
-        param.remove(Param::GuaranteeE2ee);
-    }
-    let blob = BlobObject::new_from_path(context, Path::new(filename))
-        .await
-        .context("Failed to create webxdc replacement blob")?;
     param.set(Param::File, blob.as_name());
     msg.param = param;
-
-    // Generate new Message-ID.
-    context
-        .sql
-        .execute(
-            "UPDATE msgs
-             SET state=?, param=?
-             WHERE id=?",
-            (MessageState::OutPending, msg.param.to_string(), msg_id),
-        )
-        .await?;
-
-    msg.supersedes = Some(msg.rfc724_mid);
-    msg.rfc724_mid = {
-        let grpid = match chat.typ {
-            Chattype::Group => Some(chat.grpid.as_str()),
-            _ => None,
-        };
-        let from = context.get_primary_self_addr().await?;
-        create_outgoing_rfc724_mid(grpid, &from)
-    };
-
-    if create_send_msg_job(context, &mut msg).await?.is_some() {
-        context
-            .scheduler
-            .interrupt_smtp(InterruptInfo::new(false))
-            .await;
-    }
+    msg.update_param(context).await?;
 
     Ok(())
 }
@@ -2696,7 +2654,7 @@ sth_for_the = "future""#
         Ok(())
     }
 
-    /// Tests sending webxdc and replacing it with a newer version.
+    /// Tests replacing WebXDC with a newer version.
     ///
     /// Updates should be preserved after upgrading.
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -2716,7 +2674,6 @@ sth_for_the = "future""#
         send_msg(&alice, alice_chat.id, &mut alice_instance).await?;
         let alice_instance = alice.get_last_msg().await;
         assert_eq!(alice_instance.get_text(), "user added text");
-        let original_rfc724_mid = alice_instance.rfc724_mid;
 
         // Bob receives that instance.
         let alice_sent_instance = alice.pop_sent_msg().await;
@@ -2736,133 +2693,22 @@ sth_for_the = "future""#
             r#"[{"payload":1,"serial":1,"max_serial":1}]"#
         );
 
-        // Alice sends WebXDC instance replacement.
-        send_webxdc_replacement(
-            &alice,
-            alice_instance.id,
-            "test-data/webxdc/with-minimal-manifest.xdc",
+        // Bob replaces WebXDC.
+        replace_webxdc(
+            &bob,
+            bob_received_instance.id,
+            include_bytes!("../test-data/webxdc/with-minimal-manifest.xdc"),
         )
         .await
-        .context("Failed to send WebXDC replacement")?;
-        let alice_replacement_instance = alice.get_last_msg().await;
-        let alice_replacement_info = alice_replacement_instance.get_webxdc_info(&alice).await?;
-        assert_eq!(alice_replacement_info.name, "nice app!");
-        assert_eq!(alice_instance.id, alice_replacement_instance.id);
-        let alice_sent_replacement_instance = alice.pop_sent_msg().await;
-        assert!(alice_sent_replacement_instance
-            .payload
-            .contains(&format!("Supersedes: {original_rfc724_mid}")));
-        assert_eq!(alice_replacement_instance.rfc724_mid, original_rfc724_mid);
-
-        // Bob receives WebXDC instance replacement.
-        let bob_received_replacement_instance =
-            bob.recv_msg(&alice_sent_replacement_instance).await;
-        assert_eq!(
-            bob_received_instance.id,
-            bob_received_replacement_instance.id
-        );
-        assert_eq!(
-            bob_received_replacement_instance.rfc724_mid,
-            original_rfc724_mid
-        );
-        let bob_received_replacement_info = bob_received_replacement_instance
-            .get_webxdc_info(&bob)
-            .await?;
-        assert_eq!(bob_received_replacement_info.name, "nice app!");
+        .context("Failed to replace WebXDC")?;
 
         // Updates are not modified.
         assert_eq!(
-            bob.get_webxdc_status_updates(
-                bob_received_replacement_instance.id,
-                StatusUpdateSerial(0)
-            )
-            .await?,
+            bob.get_webxdc_status_updates(bob_received_instance.id, StatusUpdateSerial(0))
+                .await?,
             r#"[{"payload":1,"serial":1,"max_serial":1}]"#
         );
 
-        // Bob is not allowed to replace the instance.
-        assert!(send_webxdc_replacement(
-            &bob,
-            bob_received_instance.id,
-            "test-data/webxdc/minimal.xdc"
-        )
-        .await
-        .is_err());
-
-        // Alice sends a second WebXDC instance replacement.
-        send_webxdc_replacement(&alice, alice_instance.id, "test-data/webxdc/minimal.xdc")
-            .await
-            .context("Failed to send second WebXDC replacement")?;
-        let alice_second_sent_replacement_instance = alice.pop_sent_msg().await;
-        let bob_received_second_replacement_instance =
-            bob.recv_msg(&alice_second_sent_replacement_instance).await;
-        assert_eq!(
-            bob_received_instance.id,
-            bob_received_second_replacement_instance.id
-        );
-        assert_eq!(
-            bob_received_second_replacement_instance.rfc724_mid,
-            original_rfc724_mid
-        );
-
-        Ok(())
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_replace_webxdc_missing_original() -> Result<()> {
-        let alice = TestContext::new_alice().await;
-        let bob = TestContext::new_bob().await;
-
-        // Alice sends WebXDC instance.
-        let alice_chat = alice.create_chat(&bob).await;
-        let mut alice_instance = create_webxdc_instance(
-            &alice,
-            "minimal.xdc",
-            include_bytes!("../test-data/webxdc/minimal.xdc"),
-        )
-        .await?;
-        alice_instance.set_text("user added text".to_string());
-        send_msg(&alice, alice_chat.id, &mut alice_instance).await?;
-        alice.pop_sent_msg().await;
-        let alice_instance = alice.get_last_msg().await;
-        assert_eq!(alice_instance.get_text(), "user added text");
-        let original_rfc724_mid = alice_instance.rfc724_mid;
-
-        // Bob missed the original instance message.
-
-        // Alice sends WebXDC instance replacement.
-        send_webxdc_replacement(&alice, alice_instance.id, "test-data/webxdc/minimal.xdc")
-            .await
-            .context("Failed to send WebXDC replacement")?;
-        let alice_sent_replacement_instance = alice.pop_sent_msg().await;
-        assert!(alice_sent_replacement_instance
-            .payload
-            .contains(&format!("Supersedes: {original_rfc724_mid}")));
-
-        // Bob receives WebXDC instance replacement.
-        let bob_received_replacement_instance =
-            bob.recv_msg(&alice_sent_replacement_instance).await;
-        assert_eq!(
-            bob_received_replacement_instance.rfc724_mid,
-            original_rfc724_mid
-        );
-
-        // Alice sends a second WebXDC instance replacement.
-        send_webxdc_replacement(&alice, alice_instance.id, "test-data/webxdc/minimal.xdc")
-            .await
-            .context("Failed to send second WebXDC replacement")?;
-        let alice_second_sent_replacement_instance = alice.pop_sent_msg().await;
-        let bob_received_second_replacement_instance =
-            bob.recv_msg(&alice_second_sent_replacement_instance).await;
-        assert_eq!(
-            bob_received_replacement_instance.id,
-            bob_received_second_replacement_instance.id
-        );
-        assert_eq!(
-            bob_received_second_replacement_instance.rfc724_mid,
-            original_rfc724_mid
-        );
-
         Ok(())
     }
 }