Add option to force E2EE encryption preference

Enabling this option ignores Autocrypt recommendation taking others
encryption preferences into account and overrides it with our own
encryption preference when possible.

This is similar to user always manually enabling/disabling encryption
manually in a classic Autocrypt-capable MUA UI whenever the control is
not disabled.

The goal is to allow encrypting responses to MUAs which can send
Autocrypt header but don't support setting encryption preference, such
as Thunderbird 91.

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 1.68.0
+
+### Fixes
+- fix chat assignment when forwarding #2843
+- fix layout issues with the generated QR code svg #2842
+
+
 ## 1.67.0
 
 ### API changes

Cargo.lock

@@ -114,9 +114,9 @@ dependencies = [
 
 [[package]]
 name = "anyhow"
-version = "1.0.47"
+version = "1.0.48"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "38d9ff5d688f1c13395289f67db01d4826b46dd694e7580accdc3e8430f2d98e"
+checksum = "62e1f47f7dc0422027a4e370dd4548d4d66b26782e513e98dca1e689e058a80e"
 
 [[package]]
 name = "arrayvec"
@@ -1056,7 +1056,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat"
-version = "1.67.0"
+version = "1.68.0"
 dependencies = [
  "ansi_term",
  "anyhow",
@@ -1136,7 +1136,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat_ffi"
-version = "1.67.0"
+version = "1.68.0"
 dependencies = [
  "anyhow",
  "async-std",
@@ -2067,9 +2067,9 @@ dependencies = [
 
 [[package]]
 name = "libc"
-version = "0.2.107"
+version = "0.2.108"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fbe5e23404da5b4f555ef85ebed98fb4083e55a00c317800bc2a50ede9f3d219"
+checksum = "8521a1b57e76b1ec69af7599e75e38e7b7fad6610f037db8c79b127201b5d119"
 
 [[package]]
 name = "libm"

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat"
-version = "1.67.0"
+version = "1.68.0"
 authors = ["Delta Chat Developers (ML) <delta@codespeak.net>"]
 edition = "2018"
 license = "MPL-2.0"

deltachat-ffi/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "1.67.0"
+version = "1.68.0"
 description = "Deltachat FFI"
 authors = ["Delta Chat Developers (ML) <delta@codespeak.net>"]
 edition = "2018"

deltachat-ffi/deltachat.h

@@ -287,6 +287,8 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  *                    To save traffic, however, the avatar is attached only as needed
  *                    and also recoded to a reasonable size.
  * - `e2ee_enabled` = 0=no end-to-end-encryption, 1=prefer end-to-end-encryption (default)
+ * - `e2ee_force`   = 1=ignore encryption preferences of others,
+ *                    0=use majority vote when deciding whether to encrypt (default).
  * - `mdns_enabled` = 0=do not send or request read receipts,
  *                    1=send and request read receipts (default)
  * - `bcc_self`     = 0=do not send a copy of outgoing messages to self (default),

draft/aeap-mvp.rst

@@ -0,0 +1,33 @@
+AEAP MVP
+========
+
+Changes to the UIs
+------------------
+
+- The secondary self addresses (see below) are shown in the UI, but not editable.
+
+- When the user changed the email address in the configure screen, show a dialog to the user, either directly explaining things or with a link to the FAQ (see "Other" below)
+
+Changes in the core
+-------------------
+
+- We have one primary self address and any number of secondary self addresses. `is_self_addr()` checks all of them.
+
+- If the user does a reconfigure and changes the email address, the previous address is added as a secondary self address.
+
+  - don't forget to deduplicate secondary self addresses in case the user switches back and forth between addresses).
+
+  - The key stays the same.
+
+- No changes for 1:1 chats, there simply is a new one
+
+- When we send a message to a group, and the primary address is not a member of a group, but a secondary address is:
+  
+  Add Chat-Group-Member-Removed=<old address> and Chat-Group-Member-Added=<new address> headers to this message
+
+  - On the receiving side, make sure that we accept this (even in verified groups) if the message is signed and the key stayed the same
+
+Other
+-----
+
+- The user is responsible that messages to the old address arrive at the new address, for example by configuring the old provider to forward all emails to the new one.

examples/repl/cmdline.rs

@@ -755,7 +755,12 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
         "groupname" => {
             ensure!(sel_chat.is_some(), "No chat selected.");
             ensure!(!arg1.is_empty(), "Argument <name> missing.");
-            chat::set_chat_name(&context, sel_chat.as_ref().unwrap().get_id(), arg1).await?;
+            chat::set_chat_name(
+                &context,
+                sel_chat.as_ref().unwrap().get_id(),
+                &format!("{} {}", arg1, arg2).trim(),
+            )
+            .await?;
 
             println!("Chat name set");
         }

src/chat.rs

@@ -2846,6 +2846,7 @@ pub async fn forward_msgs(context: &Context, msg_ids: &[MsgId], chat_id: ChatId)
             msg.param.remove(Param::ForcePlaintext);
             msg.param.remove(Param::Cmd);
             msg.param.remove(Param::OverrideSenderDisplayname);
+            msg.in_reply_to = None;
 
             // do not leak data as group names; a default subject is generated by mimfactory
             msg.subject = "".to_string();
@@ -4291,6 +4292,98 @@ mod tests {
         Ok(())
     }
 
+    #[async_std::test]
+    async fn test_forward_quote() -> Result<()> {
+        let alice = TestContext::new_alice().await;
+        let bob = TestContext::new_bob().await;
+        let alice_chat = alice.create_chat(&bob).await;
+        let bob_chat = bob.create_chat(&alice).await;
+
+        // Alice sends a message to Bob.
+        let sent_msg = alice.send_text(alice_chat.id, "Hi Bob").await;
+        bob.recv_msg(&sent_msg).await;
+        let received_msg = bob.get_last_msg().await;
+
+        // Bob quotes received message and sends a reply to Alice.
+        let mut reply = Message::new(Viewtype::Text);
+        reply.set_text(Some("Reply".to_owned()));
+        reply.set_quote(&bob, &received_msg).await?;
+        let sent_reply = bob.send_msg(bob_chat.id, &mut reply).await;
+        alice.recv_msg(&sent_reply).await;
+        let received_reply = alice.get_last_msg().await;
+
+        // Alice forwards a reply.
+        forward_msgs(&alice, &[received_reply.id], alice_chat.get_id()).await?;
+        let forwarded_msg = alice.pop_sent_msg().await;
+        bob.recv_msg(&forwarded_msg).await;
+
+        let alice_forwarded_msg = alice.get_last_msg().await;
+        assert!(alice_forwarded_msg.quoted_message(&alice).await?.is_none());
+        assert_eq!(
+            alice_forwarded_msg.quoted_text(),
+            Some("Hi Bob".to_string())
+        );
+
+        let bob_forwarded_msg = bob.get_last_msg().await;
+        assert!(bob_forwarded_msg.quoted_message(&bob).await?.is_none());
+        assert_eq!(bob_forwarded_msg.quoted_text(), Some("Hi Bob".to_string()));
+
+        Ok(())
+    }
+
+    #[async_std::test]
+    async fn test_forward_group() -> Result<()> {
+        let alice = TestContext::new_alice().await;
+        let bob = TestContext::new_bob().await;
+
+        let alice_chat = alice.create_chat(&bob).await;
+        let bob_chat = bob.create_chat(&alice).await;
+
+        // Alice creates a group with Bob.
+        let alice_group_chat_id =
+            create_group_chat(&alice, ProtectionStatus::Unprotected, "Group").await?;
+        let bob_id = Contact::create(&alice, "Bob", "bob@example.net").await?;
+        let claire_id = Contact::create(&alice, "Claire", "claire@example.net").await?;
+        add_contact_to_chat(&alice, alice_group_chat_id, bob_id).await?;
+        add_contact_to_chat(&alice, alice_group_chat_id, claire_id).await?;
+        let sent_group_msg = alice
+            .send_text(alice_group_chat_id, "Hi Bob and Claire")
+            .await;
+        bob.recv_msg(&sent_group_msg).await;
+        let bob_group_chat_id = bob.get_last_msg().await.chat_id;
+
+        // Alice deletes a message on her device.
+        // This is needed to make assignment of further messages received in this group
+        // based on `References:` header harder.
+        // Previously this exposed a bug, so this is a regression test.
+        message::delete_msgs(&alice, &[sent_group_msg.sender_msg_id]).await?;
+
+        // Alice sends a message to Bob.
+        let sent_msg = alice.send_text(alice_chat.id, "Hi Bob").await;
+        bob.recv_msg(&sent_msg).await;
+        let received_msg = bob.get_last_msg().await;
+        assert_eq!(received_msg.get_text(), Some("Hi Bob".to_string()));
+        assert_eq!(received_msg.chat_id, bob_chat.id);
+
+        // Alice sends another message to Bob, this has first message as a parent.
+        let sent_msg = alice.send_text(alice_chat.id, "Hello Bob").await;
+        bob.recv_msg(&sent_msg).await;
+        let received_msg = bob.get_last_msg().await;
+        assert_eq!(received_msg.get_text(), Some("Hello Bob".to_string()));
+        assert_eq!(received_msg.chat_id, bob_chat.id);
+
+        // Bob forwards message to a group chat with Alice.
+        forward_msgs(&bob, &[received_msg.id], bob_group_chat_id).await?;
+        let forwarded_msg = bob.pop_sent_msg().await;
+        alice.recv_msg(&forwarded_msg).await;
+
+        let received_forwarded_msg = alice.get_last_msg_in(alice_group_chat_id).await;
+        assert!(received_forwarded_msg.is_forwarded());
+        assert_eq!(received_forwarded_msg.chat_id, alice_group_chat_id);
+
+        Ok(())
+    }
+
     #[async_std::test]
     async fn test_only_minimal_data_are_forwarded() -> Result<()> {
         // send a message from Alice to a group with Bob

src/config.rs

@@ -64,6 +64,13 @@ pub enum Config {
     #[strum(props(default = "1"))]
     E2eeEnabled,
 
+    /// Ignore Autocrypt recommendation for message encryption if possible.
+    ///
+    /// The only expection is when recommendation is "disable", i.e. encryption is not possible
+    /// because some recipient has no OpenPGP key.
+    #[strum(props(default = "0"))]
+    E2eeForce,
+
     #[strum(props(default = "1"))]
     MdnsEnabled,
 

src/context.rs

@@ -307,6 +307,7 @@ impl Context {
             .await?
             .unwrap_or_else(|| "unknown".to_string());
         let e2ee_enabled = self.get_config_int(Config::E2eeEnabled).await?;
+        let e2ee_force = self.get_config_int(Config::E2eeForce).await?;
         let mdns_enabled = self.get_config_int(Config::MdnsEnabled).await?;
         let bcc_self = self.get_config_int(Config::BccSelf).await?;
         let send_sync_msgs = self.get_config_int(Config::SendSyncMsgs).await?;
@@ -394,6 +395,7 @@ impl Context {
         res.insert("configured_mvbox_folder", configured_mvbox_folder);
         res.insert("mdns_enabled", mdns_enabled.to_string());
         res.insert("e2ee_enabled", e2ee_enabled.to_string());
+        res.insert("e2ee_force", e2ee_force.to_string());
         res.insert(
             "key_gen_type",
             self.get_config_int(Config::KeyGenType).await?.to_string(),

src/dc_receive_imf.rs

@@ -2113,6 +2113,8 @@ fn set_better_msg(mime_parser: &mut MimeMessage, better_msg: impl AsRef<str>) {
 /// Returns the last message referenced from `References` header if it is in the database.
 ///
 /// For Delta Chat messages it is the last message in the chat of the sender.
+///
+/// Note that the returned message may be trashed.
 async fn get_previous_message(
     context: &Context,
     mime_parser: &MimeMessage,
@@ -2128,6 +2130,8 @@ async fn get_previous_message(
 }
 
 /// Given a list of Message-IDs, returns the latest message found in the database.
+///
+/// Only messages that are not in the trash chat are considered.
 async fn get_rfc724_mid_in_list(context: &Context, mid_list: &str) -> Result<Option<Message>> {
     if mid_list.is_empty() {
         return Ok(None);
@@ -2135,7 +2139,10 @@ async fn get_rfc724_mid_in_list(context: &Context, mid_list: &str) -> Result<Opt
 
     for id in parse_message_ids(mid_list).iter().rev() {
         if let Some((_, _, msg_id)) = rfc724_mid_exists(context, id).await? {
-            return Ok(Some(Message::load_from_db(context, msg_id).await?));
+            let msg = Message::load_from_db(context, msg_id).await?;
+            if msg.chat_id != DC_CHAT_ID_TRASH {
+                return Ok(Some(msg));
+            }
         }
     }
 
@@ -4741,4 +4748,66 @@ Second thread."#;
             }
         }
     }
+
+    #[async_std::test]
+    async fn test_get_parent_message() -> Result<()> {
+        let t = TestContext::new_alice().await;
+        t.set_config(Config::ShowEmails, Some("2")).await?;
+
+        let mime = br#"Subject: First
+Message-ID: first@example.net
+To: Alice <alice@example.com>
+From: Bob <bob@example.net>
+Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
+
+First."#;
+        dc_receive_imf(&t, mime, "INBOX", 1, false).await?;
+        let first = t.get_last_msg().await;
+        let mime = br#"Subject: Second
+Message-ID: second@example.net
+To: Alice <alice@example.com>
+From: Bob <bob@example.net>
+Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
+
+First."#;
+        dc_receive_imf(&t, mime, "INBOX", 2, false).await?;
+        let second = t.get_last_msg().await;
+        let mime = br#"Subject: Third
+Message-ID: third@example.net
+To: Alice <alice@example.com>
+From: Bob <bob@example.net>
+Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
+
+First."#;
+        dc_receive_imf(&t, mime, "INBOX", 3, false).await?;
+        let third = t.get_last_msg().await;
+
+        let mime = br#"Subject: Message with references.
+Message-ID: second@example.net
+To: Alice <alice@example.com>
+From: Bob <bob@example.net>
+In-Reply-To: <third@example.net>
+References: <second@example.net> <nonexistent@example.net> <first@example.net>
+Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
+
+Message with references."#;
+        let mime_parser = MimeMessage::from_bytes(&t, &mime[..]).await?;
+
+        let parent = get_parent_message(&t, &mime_parser).await?.unwrap();
+        assert_eq!(parent.id, first.id);
+
+        message::delete_msgs(&t, &[first.id]).await?;
+        let parent = get_parent_message(&t, &mime_parser).await?.unwrap();
+        assert_eq!(parent.id, second.id);
+
+        message::delete_msgs(&t, &[second.id]).await?;
+        let parent = get_parent_message(&t, &mime_parser).await?.unwrap();
+        assert_eq!(parent.id, third.id);
+
+        message::delete_msgs(&t, &[third.id]).await?;
+        let parent = get_parent_message(&t, &mime_parser).await?;
+        assert!(parent.is_none());
+
+        Ok(())
+    }
 }

src/e2ee.rs

@@ -19,6 +19,7 @@ use crate::pgp;
 #[derive(Debug)]
 pub struct EncryptHelper {
     pub prefer_encrypt: EncryptPreference,
+    force_preference: bool,
     pub addr: String,
     pub public_key: SignedPublicKey,
 }
@@ -28,6 +29,7 @@ impl EncryptHelper {
         let prefer_encrypt =
             EncryptPreference::from_i32(context.get_config_int(Config::E2eeEnabled).await?)
                 .unwrap_or_default();
+        let force_preference = context.get_config_bool(Config::E2eeForce).await?;
         let addr = match context.get_config(Config::ConfiguredAddr).await? {
             None => {
                 bail!("addr not configured!");
@@ -39,6 +41,7 @@ impl EncryptHelper {
 
         Ok(EncryptHelper {
             prefer_encrypt,
+            force_preference,
             addr,
             public_key,
         })
@@ -100,11 +103,17 @@ impl EncryptHelper {
             }
         }
 
-        // Count number of recipients, including self.
-        // This does not depend on whether we send a copy to self or not.
-        let recipients_count = peerstates.len() + 1;
+        let want_encrypt = if self.force_preference {
+            // Ignore preferences of others.
+            self.prefer_encrypt == EncryptPreference::Mutual
+        } else {
+            // Count number of recipients, including self.
+            // This does not depend on whether we send a copy to self or not.
+            let recipients_count = peerstates.len() + 1;
+            2 * prefer_encrypt_count > recipients_count
+        };
 
-        Ok(e2ee_guaranteed || 2 * prefer_encrypt_count > recipients_count)
+        Ok(e2ee_guaranteed || want_encrypt)
     }
 
     /// Tries to encrypt the passed in `mail`.
@@ -381,6 +390,7 @@ mod tests {
 
     use crate::chat;
     use crate::constants::Viewtype;
+    use crate::dc_receive_imf::dc_receive_imf;
     use crate::message::Message;
     use crate::param::Param;
     use crate::peerstate::ToSave;
@@ -602,4 +612,68 @@ Sent with my Delta Chat Messenger: https://delta.chat";
 
         Ok(())
     }
+
+    #[async_std::test]
+    async fn test_e2ee_force() -> Result<()> {
+        let alice = TestContext::new_alice().await;
+        let bob = TestContext::new_bob().await;
+
+        let alice_chat = alice.create_chat(&bob).await;
+        let bob_chat = bob.create_chat(&alice).await;
+
+        alice.set_config(Config::ShowEmails, Some("2")).await?;
+        bob.set_config(Config::ShowEmails, Some("2")).await?;
+
+        // Alice does not prefer encryption.
+        alice.set_config(Config::E2eeEnabled, Some("0")).await?;
+        bob.set_config(Config::E2eeEnabled, Some("1")).await?;
+
+        // Alice sends her key to Bob.
+        let sent_msg = alice.send_text(alice_chat.id, "Hi Bob").await;
+        bob.recv_msg(&sent_msg).await;
+        let received_msg = bob.get_last_msg().await;
+        assert!(!received_msg.get_showpadlock());
+
+        // Bob should not encrypt, because Alice does not prefer encryption.
+        let sent_msg = bob
+            .send_text(bob_chat.id, "This should not be encrypted")
+            .await;
+        alice.recv_msg(&sent_msg).await;
+        let received_msg = alice.get_last_msg().await;
+        assert!(!received_msg.get_showpadlock());
+
+        // Bob ignores Alice's preference for no encryption.
+        bob.set_config(Config::E2eeForce, Some("1")).await?;
+        let sent_msg = bob.send_text(bob_chat.id, "This should be encrypted").await;
+        alice.recv_msg(&sent_msg).await;
+        let received_msg = alice.get_last_msg().await;
+        assert!(received_msg.get_showpadlock());
+
+        // Alice switches to MUA without Autocrypt support.
+        dc_receive_imf(
+            &bob,
+            br#"Subject: Hello from MUA
+Message-ID: foobar@example.com
+To: Bob <bob@example.net>
+From: Alice <alice@example.com>
+Content-Type: text/plain; charset=utf-8
+Date: Sun, 14 Mar 2500 00:00:00 +0000
+
+Hello from MUA."#,
+            "INBOX",
+            100,
+            false,
+        )
+        .await?;
+
+        // Bob can't encrypt now because Alice has no key.
+        let sent_msg = bob
+            .send_text(bob_chat.id, "This should not be encrypted again")
+            .await;
+        alice.recv_msg(&sent_msg).await;
+        let received_msg = alice.get_last_msg().await;
+        assert!(!received_msg.get_showpadlock());
+
+        Ok(())
+    }
 }

src/message.rs

@@ -877,7 +877,7 @@ impl Message {
     }
 
     pub async fn quoted_message(&self, context: &Context) -> Result<Option<Message>> {
-        if self.param.get(Param::Quote).is_some() {
+        if self.param.get(Param::Quote).is_some() && !self.is_forwarded() {
             if let Some(in_reply_to) = &self.in_reply_to {
                 if let Some((_, _, msg_id)) = rfc724_mid_exists(context, in_reply_to).await? {
                     let msg = Message::load_from_db(context, msg_id).await?;

src/qr_code_generator.rs

@@ -80,11 +80,6 @@ fn inner_generate_secure_join_qr_code(
     let qr_code_size = 400.0;
     let qr_translate_up = 40.0;
     let text_y_pos = ((height - qr_code_size) / 2.0) + qr_code_size;
-    let (text_font_size, max_text_width) = if qrcode_description.len() <= 75 {
-        (27.0, 32)
-    } else {
-        (19.0, 38)
-    };
     let avatar_border_size = 9.0;
     let card_border_size = 2.0;
     let card_roundness = 40.0;
@@ -142,13 +137,25 @@ fn inner_generate_secure_join_qr_code(
                     .attr("transform", format!("scale({})", scale));
             });
         });
+
         // Text
-        for (count, line) in textwrap::fill(qrcode_description, max_text_width)
-            .split('\n')
-            .enumerate()
+        const BIG_TEXT_CHARS_PER_LINE: usize = 32;
+        const SMALL_TEXT_CHARS_PER_LINE: usize = 38;
+        let chars_per_line = if qrcode_description.len() > SMALL_TEXT_CHARS_PER_LINE*2 {
+            SMALL_TEXT_CHARS_PER_LINE
+        } else {
+            BIG_TEXT_CHARS_PER_LINE
+        };
+        let lines = textwrap::fill(qrcode_description, chars_per_line);
+        let (text_font_size, text_y_shift) = if lines.split('\n').count() <= 2 {
+            (27.0, 0.0)
+        } else {
+            (19.0, -10.0)
+        };
+        for (count, line) in lines.split('\n').enumerate()
         {
             w.elem("text", |d| {
-                d.attr("y", (count as f32 * (text_font_size * 1.2)) + text_y_pos)
+                d.attr("y", (count as f32 * (text_font_size * 1.2)) + text_y_pos + text_y_shift)
                     .attr("x", width / 2.0)
                     .attr("text-anchor", "middle")
                     .attr(
@@ -249,7 +256,7 @@ fn inner_generate_secure_join_qr_code(
                 format!(
                     "translate({},{})",
                     (width - FOOTER_WIDTH) / 2.0,
-                    height - logo_offset - FOOTER_HEIGHT
+                    height - logo_offset - FOOTER_HEIGHT - text_y_shift
                 ),
             );
         })