Use generated types

Resolved conflicts due to asyncio removal.

.github/workflows/ci.yml

@@ -87,13 +87,9 @@ jobs:
           - os: macos-latest
             rust: 1.73.0
 
-          # Minimum Supported Rust Version = 1.65.0
-          #
-          # Minimum Supported Python Version = 3.7
-          # This is the minimum version for which manylinux Python wheels are
-          # built.
+          # Minimum Supported Rust Version = 1.67.0
           - os: ubuntu-latest
-            rust: 1.65.0
+            rust: 1.67.0
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v3
@@ -106,6 +102,8 @@ jobs:
         uses: swatinem/rust-cache@v2
 
       - name: Tests
+        env:
+          RUST_BACKTRACE: 1
         run: cargo test --workspace
 
       - name: Test cargo vendor

.gitignore

@@ -18,9 +18,6 @@ python/.eggs
 __pycache__
 python/src/deltachat/capi*.so
 python/.venv/
-python/venv/
-venv/
-env/
 
 python/liveconfig*
 

CONTRIBUTING.md

@@ -76,6 +76,29 @@ If you have multiple changes in one PR, create multiple conventional commits, an
 [Conventional Commits]: https://www.conventionalcommits.org/
 [git-cliff]: https://git-cliff.org/
 
+### Errors
+
+Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.
+When using [`Context`](https://docs.rs/anyhow/latest/anyhow/trait.Context.html),
+capitalize it but do not add a full stop as the contexts will be separated by `:`.
+For example:
+```
+.with_context(|| format!("Unable to trash message {msg_id}"))
+```
+
+### Logging
+
+For logging, use `info!`, `warn!` and `error!` macros.
+Log messages should be capitalized and have a full stop in the end. For example:
+```
+info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
+```
+
+Format anyhow errors with `{:#}` to print all the contexts like this:
+```
+error!(context, "Failed to set selfavatar timestamp: {err:#}.");
+```
+
 ### Reviewing
 
 Once a PR has an approval and passes CI, it can be merged.

Cargo.toml

@@ -3,7 +3,7 @@ name = "deltachat"
 version = "1.124.1"
 edition = "2021"
 license = "MPL-2.0"
-rust-version = "1.65"
+rust-version = "1.67"
 
 [profile.dev]
 debug = 0
@@ -42,17 +42,18 @@ async-smtp = { version = "0.9", default-features = false, features = ["runtime-t
 async_zip = { version = "0.0.12", default-features = false, features = ["deflate", "fs"] }
 backtrace = "0.3"
 base64 = "0.21"
-brotli = { version = "3.3", default-features=false, features = ["std"] }
+brotli = { version = "3.4", default-features=false, features = ["std"] }
 chrono = { version = "0.4", default-features=false, features = ["clock", "std"] }
 email = { git = "https://github.com/deltachat/rust-email", branch = "master" }
 encoded-words = { git = "https://github.com/async-email/encoded-words", branch = "master" }
 escaper = "0.1"
 fast-socks5 = "0.8"
+fd-lock = "3.0.11"
 futures = "0.3"
 futures-lite = "1.13.0"
 hex = "0.4.0"
 humansize = "2"
-image = { version = "0.24.6", default-features=false, features = ["gif", "jpeg", "ico", "png", "pnm", "webp", "bmp"] }
+image = { version = "0.24.7", default-features=false, features = ["gif", "jpeg", "ico", "png", "pnm", "webp", "bmp"] }
 iroh = { version = "0.4.1", default-features = false }
 kamadak-exif = "0.5"
 lettre_email = { git = "https://github.com/deltachat/lettre", branch = "master" }
@@ -68,13 +69,13 @@ parking_lot = "0.12"
 pgp = { version = "0.10", default-features = false }
 pretty_env_logger = { version = "0.5", optional = true }
 qrcodegen = "1.7.0"
-quick-xml = "0.29"
+quick-xml = "0.30"
 rand = "0.8"
-regex = "1.8"
-reqwest = { version = "0.11.18", features = ["json"] }
+regex = "1.9"
+reqwest = { version = "0.11.20", features = ["json"] }
 rusqlite = { version = "0.29", features = ["sqlcipher"] }
 rust-hsluv = "0.1"
-sanitize-filename = "0.4"
+sanitize-filename = "0.5"
 serde_json = "1.0"
 serde = { version = "1.0", features = ["derive"] }
 sha-1 = "0.10"
@@ -89,12 +90,11 @@ tokio = { version = "1", features = ["fs", "rt-multi-thread", "macros"] }
 tokio-io-timeout = "1.2.0"
 tokio-stream = { version = "0.1.14", features = ["fs"] }
 tokio-tar = { version = "0.3" } # TODO: integrate tokio into async-tar
-tokio-util = "0.7.8"
+tokio-util = "0.7.9"
 toml = "0.7"
-trust-dns-resolver = "0.22"
+trust-dns-resolver = "0.23"
 url = "2"
 uuid = { version = "1", features = ["serde", "v4"] }
-deltachat_message_parser = "0.8.0"
 
 [dev-dependencies]
 ansi_term = "0.12.0"
@@ -119,11 +119,6 @@ members = [
   "format-flowed",
 ]
 
-[[example]]
-name = "simple"
-path = "examples/simple.rs"
-
-
 [[bench]]
 name = "create_account"
 harness = false
@@ -155,4 +150,8 @@ harness = false
 [features]
 default = ["vendored"]
 internals = []
-vendored = ["async-native-tls/vendored", "rusqlite/bundled-sqlcipher-vendored-openssl", "reqwest/native-tls-vendored"]
+vendored = [
+  "async-native-tls/vendored",
+  "rusqlite/bundled-sqlcipher-vendored-openssl",
+  "reqwest/native-tls-vendored"
+]

README.md

@@ -1,8 +1,16 @@
-# Delta Chat Rust
+<p align="center">
+  <img alt="Delta Chat Logo" height="200px" src="https://raw.githubusercontent.com/deltachat/deltachat-pages/master/assets/blog/rust-delta.png">
+</p>
 
-> Deltachat-core written in Rust 
+<p align="center">
+  <a href="https://github.com/yoav-lavi/melody/actions/workflows/rust.yml">
+    <img alt="Rust CI" src="https://github.com/yoav-lavi/melody/actions/workflows/rust.yml/badge.svg">
+  </a>
+</p>
 
-[![Rust CI](https://github.com/deltachat/deltachat-core-rust/actions/workflows/ci.yml/badge.svg)](https://github.com/deltachat/deltachat-core-rust/actions/workflows/ci.yml)
+<p align="center">
+The core library for Delta Chat, written in Rust
+</p>
 
 ## Installing Rust and Cargo
 

benches/create_account.rs

@@ -8,7 +8,8 @@ async fn create_accounts(n: u32) {
     let dir = tempdir().unwrap();
     let p: PathBuf = dir.path().join("accounts");
 
-    let mut accounts = Accounts::new(p.clone()).await.unwrap();
+    let writable = true;
+    let mut accounts = Accounts::new(p.clone(), writable).await.unwrap();
 
     for expected_id in 2..n {
         let id = accounts.add_account().await.unwrap();

cliff.toml

@@ -54,7 +54,7 @@ header = """
 # Changelog\n
 """
 # template for the changelog body
-# https://tera.netlify.app/docs/#introduction
+# https://keats.github.io/tera/docs/#templates
 body = """
 {% if version %}\
     ## [{{ version | trim_start_matches(pat="v") }}] - {{ timestamp | date(format="%Y-%m-%d") }}

deltachat-ffi/Doxyfile

@@ -846,7 +846,7 @@ EXCLUDE_PATTERNS       =
 # exclude all test directories use the pattern */test/*
 
 ######################################################
-EXCLUDE_SYMBOLS        = dc_aheader_t dc_apeerstate_t dc_e2ee_helper_t dc_imap_t dc_job*_t dc_key_t dc_keyring_t dc_loginparam_t dc_mime*_t
+EXCLUDE_SYMBOLS        = dc_aheader_t dc_apeerstate_t dc_e2ee_helper_t dc_imap_t dc_job*_t dc_key_t dc_loginparam_t dc_mime*_t
 EXCLUDE_SYMBOLS       += dc_saxparser_t dc_simplify_t dc_smtp_t dc_sqlite3_t dc_strbuilder_t dc_param_t dc_hash_t dc_hashelem_t
 EXCLUDE_SYMBOLS       += _dc_* jsmn*
 ######################################################

deltachat-ffi/deltachat.h

@@ -492,9 +492,6 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  * - `fetch_existing_msgs` = 1=fetch most recent existing messages on configure (default),
  *                    0=do not fetch existing messages on configure.
  *                    In both cases, existing recipients are added to the contact database.
- * - `disable_idle` = 1=disable IMAP IDLE even if the server supports it,
- *                    0=use IMAP IDLE if the server supports it.
- *                    This is a developer option used for testing polling used as an IDLE fallback.
  * - `download_limit` = Messages up to this number of bytes are downloaded automatically.
  *                    For larger messages, only the header is downloaded and a placeholder is shown.
  *                    These messages can be downloaded fully using dc_download_full_msg() later.
@@ -503,6 +500,13 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  *                    to not mess up with non-delivery-reports or read-receipts.
  *                    0=no limit (default).
  *                    Changes affect future messages only.
+ * - `verified_one_on_one_chats` = Feature flag for verified 1:1 chats; the UI should set it
+ *                    to 1 if it supports verified 1:1 chats.
+ *                    Regardless of this setting, `dc_chat_is_protected()` returns true while the key is verified,
+ *                    and when the key changes, an info message is posted into the chat.
+ *                    0=Nothing else happens when the key changes.
+ *                    1=After the key changed, `dc_chat_can_send()` returns false and `dc_chat_is_protection_broken()` returns true
+ *                    until `dc_accept_chat()` is called.
  * - `ui.*`         = All keys prefixed by `ui.` can be used by the user-interfaces for system-specific purposes.
  *                    The prefix should be followed by the system and maybe subsystem,
  *                    e.g. `ui.desktop.foo`, `ui.desktop.linux.bar`, `ui.android.foo`, `ui.dc40.bar`, `ui.bot.simplebot.baz`.
@@ -1121,7 +1125,7 @@ dc_reactions_t* dc_get_msg_reactions (dc_context_t *context, int msg_id);
  *
  * In JS land, that would be mapped to something as:
  * ```
- * success = window.webxdc.sendUpdate('{"action":"move","src":"A3","dest":"B4"}', 'move A3 B4');
+ * success = window.webxdc.sendUpdate('{payload: {"action":"move","src":"A3","dest":"B4"}}', 'move A3 B4');
  * ```
  * `context` and `msg_id` are not needed in JS as those are unique within a webxdc instance.
  * See dc_get_webxdc_status_updates() for the receiving counterpart.
@@ -1503,24 +1507,6 @@ dc_array_t*     dc_get_chat_media            (dc_context_t* context, uint32_t ch
 uint32_t        dc_get_next_media            (dc_context_t* context, uint32_t msg_id, int dir, int msg_type, int msg_type2, int msg_type3);
 
 
-/**
- * Enable or disable protection against active attacks.
- * To enable protection, it is needed that all members are verified;
- * if this condition is met, end-to-end-encryption is always enabled
- * and only the verified keys are used.
- *
- * Sends out #DC_EVENT_CHAT_MODIFIED on changes
- * and #DC_EVENT_MSGS_CHANGED if a status message was sent.
- *
- * @memberof dc_context_t
- * @param context The context object as returned from dc_context_new().
- * @param chat_id The ID of the chat to change the protection for.
- * @param protect 1=protect chat, 0=unprotect chat
- * @return 1=success, 0=error, e.g. some members may be unverified
- */
-int             dc_set_chat_protection       (dc_context_t* context, uint32_t chat_id, int protect);
-
-
 /**
  * Set chat visibility to pinned, archived or normal.
  *
@@ -2960,12 +2946,15 @@ int dc_receive_backup (dc_context_t* context, const char* qr);
  * @param dir The directory to create the context-databases in.
  *     If the directory does not exist,
  *     dc_accounts_new() will try to create it.
+ * @param writable Whether the returned account manager is writable, i.e. calling these functions on
+ *     it is possible: dc_accounts_add_account(), dc_accounts_add_closed_account(),
+ *     dc_accounts_migrate_account(), dc_accounts_remove_account(), dc_accounts_select_account().
  * @return An account manager object.
  *     The object must be passed to the other account manager functions
  *     and must be freed using dc_accounts_unref() after usage.
  *     On errors, NULL is returned.
  */
-dc_accounts_t* dc_accounts_new                  (const char* os_name, const char* dir);
+dc_accounts_t* dc_accounts_new                  (const char* dir, int writable);
 
 
 /**
@@ -3746,7 +3735,6 @@ int             dc_chat_can_send              (const dc_chat_t* chat);
  * Check if a chat is protected.
  * Protected chats contain only verified members and encryption is always enabled.
  * Protected chats are created using dc_create_group_chat() by setting the 'protect' parameter to 1.
- * The status can be changed using dc_set_chat_protection().
  *
  * @memberof dc_chat_t
  * @param chat The chat object.
@@ -3755,6 +3743,26 @@ int             dc_chat_can_send              (const dc_chat_t* chat);
 int             dc_chat_is_protected         (const dc_chat_t* chat);
 
 
+/**
+ * Checks if the chat was protected, and then an incoming message broke this protection.
+ *
+ * This function is only useful if the UI enabled the `verified_one_on_one_chats` feature flag,
+ * otherwise it will return false for all chats.
+ *
+ * 1:1 chats are automatically set as protected when a contact is verified.
+ * When a message comes in that is not encrypted / signed correctly,
+ * the chat is automatically set as unprotected again.
+ * dc_chat_is_protection_broken() will return true until dc_accept_chat() is called.
+ *
+ * The UI should let the user confirm that this is OK with a message like
+ * `Bob sent a message from another device. Tap to learn more` and then call dc_accept_chat().
+ * @memberof dc_chat_t
+ * @param chat The chat object.
+ * @return 1=chat protection broken, 0=otherwise.
+ */
+int             dc_chat_is_protection_broken (const dc_chat_t* chat);
+
+
 /**
  * Check if locations are sent to the chat
  * at the time the object was created using dc_get_chat().
@@ -3993,36 +4001,6 @@ int64_t          dc_msg_get_sort_timestamp     (const dc_msg_t* msg);
 char*           dc_msg_get_text               (const dc_msg_t* msg);
 
 
-#define         MESSAGE_PARSER_MODE_ONLY_TEXT        0x00
-#define         MESSAGE_PARSER_MODE_DESKTOP_SET      0x01
-#define         MESSAGE_PARSER_MODE_MARKDOWN         0x02
-
-/**
- * Parse text with the message parser.
- *
- * @memberof dc_context_t
- * @param input The text to parse.
- * @param mode Sets the parsing mode, you can choose between MESSAGE_PARSER_MODE_ONLY_TEXT, MESSAGE_PARSER_MODE_DESKTOP_SET and MESSAGE_PARSER_MODE_MARKDOWN.
- *        Look at https://github.com/deltachat/message-parser/blob/master/spec.md#modes-of-the-parser to learn more about the parser modes.
- * @return Abstract Syntax Tree for your message that you can use to display parts of a message specially like links.
- *         This ast is returned in json (look at the sourcecode for reference for the format: https://github.com/deltachat/message-parser/blob/master/src/parser/mod.rs#L11)
- */
-char*           dc_parse_message_text_to_ast_json (const char* input, int mode);
-
-
-/**
- * Parse the text of a message with the message parser.
- *
- * @memberof dc_msg_t
- * @param msg The message object.
- * @param mode Sets the parsing mode, you can choose between MESSAGE_PARSER_MODE_ONLY_TEXT, MESSAGE_PARSER_MODE_DESKTOP_SET and MESSAGE_PARSER_MODE_MARKDOWN.
- *        Look at https://github.com/deltachat/message-parser/blob/master/spec.md#modes-of-the-parser to learn more about the parser modes.
- * @return Abstract Syntax Tree for your message that you can use to display parts of a message specially like links.
- *         This ast is returned in json (look at the sourcecode for reference for the format: https://github.com/deltachat/message-parser/blob/master/src/parser/mod.rs#L11)
- */
-char*           dc_msg_get_parsed_text_as_json (const dc_msg_t* msg, int mode);
-
-
 /**
  * Get the subject of the e-mail.
  * If there is no subject associated with the message, an empty string is returned.
@@ -4379,7 +4357,7 @@ int             dc_msg_is_forwarded           (const dc_msg_t* msg);
  * Check if the message is an informational message, created by the
  * device or by another users. Such messages are not "typed" by the user but
  * created due to other actions,
- * e.g. dc_set_chat_name(), dc_set_chat_profile_image(), dc_set_chat_protection()
+ * e.g. dc_set_chat_name(), dc_set_chat_profile_image(),
  * or dc_add_contact_to_chat().
  *
  * These messages are typically shown in the center of the chat view,
@@ -5073,7 +5051,12 @@ int             dc_contact_is_verified       (dc_contact_t* contact);
 /**
  * Return the address that verified a contact
  *
- * The UI may use this in addition to a checkmark showing the verification status
+ * The UI may use this in addition to a checkmark showing the verification status.
+ * In case of verification chains,
+ * the last contact in the chain is shown.
+ * This is because of privacy reasons, but also as it would not help the user
+ * to see a unknown name here - where one can mostly always ask the shown name
+ * as it is directly known.
  *
  * @memberof dc_contact_t
  * @param contact The contact object.
@@ -6814,15 +6797,6 @@ void dc_event_unref(dc_event_t* event);
 /// Used in error strings.
 #define DC_STR_ERROR_NO_NETWORK           87
 
-/// "Chat protection enabled."
-///
-
-/// @deprecated Deprecated, replaced by DC_STR_MSG_YOU_ENABLED_PROTECTION and DC_STR_MSG_PROTECTION_ENABLED_BY.
-#define DC_STR_PROTECTION_ENABLED         88
-
-/// @deprecated Deprecated, replaced by DC_STR_MSG_YOU_DISABLED_PROTECTION and DC_STR_MSG_PROTECTION_DISABLED_BY.
-#define DC_STR_PROTECTION_DISABLED        89
-
 /// "Reply"
 ///
 /// Used in summaries.
@@ -7267,26 +7241,6 @@ void dc_event_unref(dc_event_t* event);
 /// `%2$s` will be replaced by name and address of the contact.
 #define DC_STR_EPHEMERAL_TIMER_WEEKS_BY_OTHER 157
 
-/// "You enabled chat protection."
-///
-/// Used in status messages.
-#define DC_STR_PROTECTION_ENABLED_BY_YOU 158
-
-/// "Chat protection enabled by %1$s."
-///
-/// `%1$s` will be replaced by name and address of the contact.
-///
-/// Used in status messages.
-#define DC_STR_PROTECTION_ENABLED_BY_OTHER 159
-
-/// "You disabled chat protection."
-#define DC_STR_PROTECTION_DISABLED_BY_YOU 160
-
-/// "Chat protection disabled by %1$s."
-///
-/// `%1$s` will be replaced by name and address of the contact.
-#define DC_STR_PROTECTION_DISABLED_BY_OTHER 161
-
 /// "Scan to set up second device for %1$s"
 ///
 /// `%1$s` will be replaced by name and address of the account.
@@ -7297,6 +7251,16 @@ void dc_event_unref(dc_event_t* event);
 /// Used as a device message after a successful backup transfer.
 #define DC_STR_BACKUP_TRANSFER_MSG_BODY 163
 
+/// "Messages are guaranteed to be end-to-end encrypted from now on."
+///
+/// Used in info messages.
+#define DC_STR_CHAT_PROTECTION_ENABLED 170
+
+/// "%1$s sent a message from another device."
+///
+/// Used in info messages.
+#define DC_STR_CHAT_PROTECTION_DISABLED 171
+
 /**
  * @}
  */

deltachat-ffi/src/lib.rs

@@ -29,9 +29,8 @@ use deltachat::contact::{Contact, ContactId, Origin};
 use deltachat::context::Context;
 use deltachat::ephemeral::Timer as EphemeralTimer;
 use deltachat::imex::BackupProvider;
-use deltachat::key::{DcKey, DcSecretKey};
+use deltachat::key::preconfigure_keypair;
 use deltachat::message::MsgId;
-use deltachat::message_parser::parser;
 use deltachat::net::read_url_blob;
 use deltachat::qr_code_generator::{generate_backup_qr, get_securejoin_qr_svg};
 use deltachat::reaction::{get_msg_reactions, send_reaction, Reactions};
@@ -814,21 +813,12 @@ pub unsafe extern "C" fn dc_preconfigure_keypair(
         return 0;
     }
     let ctx = &*context;
-    block_on(async move {
-        let addr = tools::EmailAddress::new(&to_string_lossy(addr))?;
-        let secret = key::SignedSecretKey::from_asc(&to_string_lossy(secret_data))?.0;
-        let public = secret.split_public_key()?;
-        let keypair = key::KeyPair {
-            addr,
-            public,
-            secret,
-        };
-        key::store_self_keypair(ctx, &keypair, key::KeyPairUse::Default).await?;
-        Ok::<_, anyhow::Error>(1)
-    })
-    .context("Failed to save keypair")
-    .log_err(ctx)
-    .unwrap_or(0)
+    let addr = to_string_lossy(addr);
+    let secret_data = to_string_lossy(secret_data);
+    block_on(preconfigure_keypair(ctx, &addr, &secret_data))
+        .context("Failed to save keypair")
+        .log_err(ctx)
+        .is_ok() as libc::c_int
 }
 
 #[no_mangle]
@@ -1473,32 +1463,6 @@ pub unsafe extern "C" fn dc_get_next_media(
     })
 }
 
-#[no_mangle]
-pub unsafe extern "C" fn dc_set_chat_protection(
-    context: *mut dc_context_t,
-    chat_id: u32,
-    protect: libc::c_int,
-) -> libc::c_int {
-    if context.is_null() {
-        eprintln!("ignoring careless call to dc_set_chat_protection()");
-        return 0;
-    }
-    let ctx = &*context;
-    let protect = if let Some(s) = ProtectionStatus::from_i32(protect) {
-        s
-    } else {
-        warn!(ctx, "bad protect-value for dc_set_chat_protection()");
-        return 0;
-    };
-
-    block_on(async move {
-        match ChatId::new(chat_id).set_protection(ctx, protect).await {
-            Ok(()) => 1,
-            Err(_) => 0,
-        }
-    })
-}
-
 #[no_mangle]
 pub unsafe extern "C" fn dc_set_chat_visibility(
     context: *mut dc_context_t,
@@ -3133,6 +3097,16 @@ pub unsafe extern "C" fn dc_chat_is_protected(chat: *mut dc_chat_t) -> libc::c_i
     ffi_chat.chat.is_protected() as libc::c_int
 }
 
+#[no_mangle]
+pub unsafe extern "C" fn dc_chat_is_protection_broken(chat: *mut dc_chat_t) -> libc::c_int {
+    if chat.is_null() {
+        eprintln!("ignoring careless call to dc_chat_is_protection_broken()");
+        return 0;
+    }
+    let ffi_chat = &*chat;
+    ffi_chat.chat.is_protection_broken() as libc::c_int
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_chat_is_sending_locations(chat: *mut dc_chat_t) -> libc::c_int {
     if chat.is_null() {
@@ -3357,58 +3331,6 @@ pub unsafe extern "C" fn dc_msg_get_text(msg: *mut dc_msg_t) -> *mut libc::c_cha
     ffi_msg.message.get_text().strdup()
 }
 
-#[no_mangle]
-pub unsafe extern "C" fn dc_parse_message_text_to_ast_json(
-    text: *const libc::c_char,
-    mode: u32,
-) -> *mut libc::c_char {
-    if text.is_null() {
-        eprintln!("ignoring careless call to dc_parse_message_text_to_ast_json()");
-    }
-    let text = to_string_lossy(text);
-    let result = match mode {
-        0 /* OnlyText */ => parser::parse_only_text(&text),
-        1 /* DesktopSet */ => parser::parse_desktop_set(&text),
-        2 /* Markdown */ => parser::parse_markdown_text(&text),
-        _ => {
-            eprintln!("ignoring careless call to dc_parse_message_text_to_ast_json() - invalid mode");
-            return "".strdup();
-        }
-    };
-    if let Ok(result) = serde_json::to_string(&result) {
-        result.strdup()
-    } else {
-        "".strdup()
-    }
-}
-
-#[no_mangle]
-pub unsafe extern "C" fn dc_msg_get_parsed_text_as_json(
-    msg: *mut dc_msg_t,
-    mode: u32,
-) -> *mut libc::c_char {
-    if msg.is_null() {
-        eprintln!("ignoring careless call to dc_msg_get_parsed_text_as_json()");
-        return "".strdup();
-    }
-    let ffi_msg = &*msg;
-    let text = ffi_msg.message.get_text();
-    let result = match mode {
-        0 /* OnlyText */ => parser::parse_only_text(&text),
-        1 /* DesktopSet */ => parser::parse_desktop_set(&text),
-        2 /* Markdown */ => parser::parse_markdown_text(&text),
-        _ => {
-            eprintln!("ignoring careless call to dc_msg_get_parsed_text_as_json() - invalid mode");
-            return "".strdup();
-        }
-    };
-    if let Ok(result) = serde_json::to_string(&result) {
-        result.strdup()
-    } else {
-        "".strdup()
-    }
-}
-
 #[no_mangle]
 pub unsafe extern "C" fn dc_msg_get_subject(msg: *mut dc_msg_t) -> *mut libc::c_char {
     if msg.is_null() {
@@ -4803,17 +4725,17 @@ pub type dc_accounts_t = AccountsWrapper;
 
 #[no_mangle]
 pub unsafe extern "C" fn dc_accounts_new(
-    _os_name: *const libc::c_char,
-    dbfile: *const libc::c_char,
+    dir: *const libc::c_char,
+    writable: libc::c_int,
 ) -> *mut dc_accounts_t {
     setup_panic!();
 
-    if dbfile.is_null() {
+    if dir.is_null() {
         eprintln!("ignoring careless call to dc_accounts_new()");
         return ptr::null_mut();
     }
 
-    let accs = block_on(Accounts::new(as_path(dbfile).into()));
+    let accs = block_on(Accounts::new(as_path(dir).into(), writable != 0));
 
     match accs {
         Ok(accs) => Box::into_raw(Box::new(AccountsWrapper::new(accs))),

deltachat-jsonrpc/Cargo.toml

@@ -15,26 +15,26 @@ required-features = ["webserver"]
 anyhow = "1"
 deltachat = { path = ".." }
 num-traits = "0.2"
-schemars = "0.8.11"
+schemars = "0.8.13"
 serde = { version = "1.0", features = ["derive"] }
-tempfile = "3.6.0"
+tempfile = "3.8.0"
 log = "0.4"
 async-channel = { version = "1.8.0" }
 futures = { version = "0.3.28" }
-serde_json = "1.0.99"
-yerpc = { version = "0.5.1", features = ["anyhow_expose", "openrpc"] }
-typescript-type-def = { version = "0.5.5", features = ["json_value"] }
-tokio = { version = "1.29.1" }
-sanitize-filename = "0.4"
+serde_json = "1.0.105"
+yerpc = { version = "0.5.2", features = ["anyhow_expose", "openrpc"] }
+typescript-type-def = { version = "0.5.8", features = ["json_value"] }
+tokio = { version = "1.32.0" }
+sanitize-filename = "0.5"
 walkdir = "2.3.3"
 base64 = "0.21"
 
 # optional dependencies
-axum = { version = "0.6.18", optional = true, features = ["ws"] }
+axum = { version = "0.6.20", optional = true, features = ["ws"] }
 env_logger = { version = "0.10.0", optional = true }
 
 [dev-dependencies]
-tokio = { version = "1.29.1", features = ["full", "rt-multi-thread"] }
+tokio = { version = "1.32.0", features = ["full", "rt-multi-thread"] }
 
 
 [features]

deltachat-jsonrpc/src/api/mod.rs

@@ -4,30 +4,30 @@ use std::{collections::HashMap, str::FromStr};
 
 use anyhow::{anyhow, bail, ensure, Context, Result};
 pub use deltachat::accounts::Accounts;
-use deltachat::message::get_msg_read_receipts;
-use deltachat::qr::Qr;
-use deltachat::{
-    chat::{
-        self, add_contact_to_chat, forward_msgs, get_chat_media, get_chat_msgs, get_chat_msgs_ex,
-        marknoticed_chat, remove_contact_from_chat, Chat, ChatId, ChatItem, MessageListOptions,
-        ProtectionStatus,
-    },
-    chatlist::Chatlist,
-    config::Config,
-    constants::DC_MSG_ID_DAYMARKER,
-    contact::{may_be_valid_addr, Contact, ContactId, Origin},
-    context::get_info,
-    ephemeral::Timer,
-    imex, location,
-    message::{self, delete_msgs, markseen_msgs, Message, MessageState, MsgId, Viewtype},
-    provider::get_provider_info,
-    qr,
-    qr_code_generator::{generate_backup_qr, get_securejoin_qr_svg},
-    reaction::{get_msg_reactions, send_reaction},
-    securejoin,
-    stock_str::StockMessage,
-    webxdc::StatusUpdateSerial,
+use deltachat::chat::{
+    self, add_contact_to_chat, forward_msgs, get_chat_media, get_chat_msgs, get_chat_msgs_ex,
+    marknoticed_chat, remove_contact_from_chat, Chat, ChatId, ChatItem, MessageListOptions,
+    ProtectionStatus,
 };
+use deltachat::chatlist::Chatlist;
+use deltachat::config::Config;
+use deltachat::constants::DC_MSG_ID_DAYMARKER;
+use deltachat::contact::{may_be_valid_addr, Contact, ContactId, Origin};
+use deltachat::context::get_info;
+use deltachat::ephemeral::Timer;
+use deltachat::imex;
+use deltachat::location;
+use deltachat::message::get_msg_read_receipts;
+use deltachat::message::{
+    self, delete_msgs, markseen_msgs, Message, MessageState, MsgId, Viewtype,
+};
+use deltachat::provider::get_provider_info;
+use deltachat::qr::{self, Qr};
+use deltachat::qr_code_generator::{generate_backup_qr, get_securejoin_qr_svg};
+use deltachat::reaction::{get_msg_reactions, send_reaction};
+use deltachat::securejoin;
+use deltachat::stock_str::StockMessage;
+use deltachat::webxdc::StatusUpdateSerial;
 use sanitize_filename::is_sanitized;
 use tokio::fs;
 use tokio::sync::{watch, Mutex, RwLock};
@@ -43,13 +43,11 @@ use types::contact::ContactObject;
 use types::events::Event;
 use types::http::HttpResponse;
 use types::message::{MessageData, MessageObject, MessageReadReceipt};
-use types::message_parser;
 use types::provider_info::ProviderInfo;
 use types::reactions::JSONRPCReactions;
 use types::webxdc::WebxdcMessageInfo;
 
 use self::types::message::MessageLoadResult;
-use self::types::message_parser::MessageParserMode;
 use self::types::{
     chat::{BasicChat, JSONRPCChatVisibility, MuteDuration},
     location::JsonrpcLocation,
@@ -144,11 +142,7 @@ impl CommandApi {
     }
 }
 
-#[rpc(
-    all_positional,
-    ts_outdir = "typescript/generated",
-    openrpc_outdir = "openrpc"
-)]
+#[rpc(all_positional, ts_outdir = "typescript/generated")]
 impl CommandApi {
     /// Test function.
     async fn sleep(&self, delay: f64) {
@@ -159,12 +153,12 @@ impl CommandApi {
     //  Misc top level functions
     // ---------------------------------------------
 
-    /// Check if an email address is valid.
+    /// Checks if an email address is valid.
     async fn check_email_validity(&self, email: String) -> bool {
         may_be_valid_addr(&email)
     }
 
-    /// Get general system info.
+    /// Returns general system info.
     async fn get_system_info(&self) -> BTreeMap<&'static str, String> {
         get_info()
     }
@@ -225,11 +219,13 @@ impl CommandApi {
         Ok(accounts)
     }
 
+    /// Starts background tasks for all accounts.
     async fn start_io_for_all_accounts(&self) -> Result<()> {
         self.accounts.read().await.start_io().await;
         Ok(())
     }
 
+    /// Stops background tasks for all accounts.
     async fn stop_io_for_all_accounts(&self) -> Result<()> {
         self.accounts.read().await.stop_io().await;
         Ok(())
@@ -239,14 +235,16 @@ impl CommandApi {
     // Methods that work on individual accounts
     // ---------------------------------------------
 
-    async fn start_io(&self, id: u32) -> Result<()> {
-        let ctx = self.get_context(id).await?;
+    /// Starts background tasks for a single account.
+    async fn start_io(&self, account_id: u32) -> Result<()> {
+        let ctx = self.get_context(account_id).await?;
         ctx.start_io().await;
         Ok(())
     }
 
-    async fn stop_io(&self, id: u32) -> Result<()> {
-        let ctx = self.get_context(id).await?;
+    /// Stops background tasks for a single account.
+    async fn stop_io(&self, account_id: u32) -> Result<()> {
+        let ctx = self.get_context(account_id).await?;
         ctx.stop_io().await;
         Ok(())
     }
@@ -313,11 +311,13 @@ impl CommandApi {
         ctx.get_info().await
     }
 
+    /// Sets the given configuration key.
     async fn set_config(&self, account_id: u32, key: String, value: Option<String>) -> Result<()> {
         let ctx = self.get_context(account_id).await?;
         set_config(&ctx, &key, value.as_deref()).await
     }
 
+    /// Updates a batch of configuration values.
     async fn batch_set_config(
         &self,
         account_id: u32,
@@ -349,6 +349,7 @@ impl CommandApi {
         Ok(qr_object)
     }
 
+    /// Returns configuration value for the given key.
     async fn get_config(&self, account_id: u32, key: String) -> Result<Option<String>> {
         let ctx = self.get_context(account_id).await?;
         get_config(&ctx, &key).await
@@ -1083,31 +1084,6 @@ impl CommandApi {
         MsgId::new(message_id).get_html(&ctx).await
     }
 
-    // no specific typings because of https://github.com/dbeckwith/rust-typescript-type-def/issues/18
-    async fn get_parsed_message_text_ast_json(
-        &self,
-        account_id: u32,
-        message_id: u32,
-        mode: MessageParserMode,
-    ) -> Result<serde_json::Value> {
-        let ctx = self.get_context(account_id).await?;
-        let msg_text = Message::load_from_db(&ctx, MsgId::new(message_id))
-            .await?
-            .get_text();
-        let result = message_parser::parse_text(&msg_text, mode);
-        Ok(serde_json::to_value(result)?)
-    }
-
-    // no specific typings because of https://github.com/dbeckwith/rust-typescript-type-def/issues/18
-    async fn parse_text_to_ast_json(
-        &self,
-        text: String,
-        mode: MessageParserMode,
-    ) -> Result<serde_json::Value> {
-        let result = message_parser::parse_text(&text, mode);
-        Ok(serde_json::to_value(result)?)
-    }
-
     /// get multiple messages in one call,
     /// if loading one message fails the error is stored in the result object in it's place.
     ///
@@ -1913,7 +1889,7 @@ impl CommandApi {
             .context("path conversion to string failed")
     }
 
-    /// save a sticker to a collection/folder in the account's sticker folder
+    /// Saves a sticker to a collection/folder in the account's sticker folder.
     async fn misc_save_sticker(
         &self,
         account_id: u32,

deltachat-jsonrpc/src/api/types/account.rs

@@ -7,7 +7,7 @@ use typescript_type_def::TypeDef;
 use super::color_int_to_hex_string;
 
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
-#[serde(tag = "type")]
+#[serde(tag = "kind")]
 pub enum Account {
     #[serde(rename_all = "camelCase")]
     Configured {

deltachat-jsonrpc/src/api/types/chat.rs

@@ -167,10 +167,11 @@ impl BasicChat {
 }
 
 #[derive(Clone, Serialize, Deserialize, TypeDef, schemars::JsonSchema)]
+#[serde(tag = "kind")]
 pub enum MuteDuration {
     NotMuted,
     Forever,
-    Until(i64),
+    Until { duration: i64 },
 }
 
 impl MuteDuration {
@@ -178,13 +179,13 @@ impl MuteDuration {
         match self {
             MuteDuration::NotMuted => Ok(chat::MuteDuration::NotMuted),
             MuteDuration::Forever => Ok(chat::MuteDuration::Forever),
-            MuteDuration::Until(n) => {
-                if n <= 0 {
+            MuteDuration::Until { duration } => {
+                if duration <= 0 {
                     bail!("failed to read mute duration")
                 }
 
                 Ok(SystemTime::now()
-                    .checked_add(Duration::from_secs(n as u64))
+                    .checked_add(Duration::from_secs(duration as u64))
                     .map_or(chat::MuteDuration::Forever, chat::MuteDuration::Until))
             }
         }

deltachat-jsonrpc/src/api/types/chat_list.rs

@@ -15,7 +15,7 @@ use super::color_int_to_hex_string;
 use super::message::MessageViewtype;
 
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
-#[serde(tag = "type")]
+#[serde(tag = "kind")]
 pub enum ChatListItemFetchResult {
     #[serde(rename_all = "camelCase")]
     ChatListItem {

deltachat-jsonrpc/src/api/types/events.rs

@@ -22,7 +22,7 @@ impl From<CoreEvent> for Event {
 }
 
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
-#[serde(tag = "type")]
+#[serde(tag = "kind")]
 pub enum EventType {
     /// The library-user may write an informational string to the log.
     ///

deltachat-jsonrpc/src/api/types/message.rs

@@ -19,7 +19,7 @@ use super::reactions::JSONRPCReactions;
 use super::webxdc::WebxdcMessageInfo;
 
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
-#[serde(rename_all = "camelCase", tag = "variant")]
+#[serde(rename_all = "camelCase", tag = "kind")]
 pub enum MessageLoadResult {
     Message(MessageObject),
     LoadingError { error: String },

deltachat-jsonrpc/src/api/types/message_parser.rs

@@ -1,19 +0,0 @@
-use deltachat::message_parser::parser::{self, Element};
-use serde::{Deserialize, Serialize};
-use typescript_type_def::TypeDef;
-
-#[repr(u8)]
-#[derive(Serialize, Deserialize, TypeDef, schemars::JsonSchema)]
-pub enum MessageParserMode {
-    OnlyText,
-    DesktopSet,
-    Markdown,
-}
-
-pub fn parse_text(input: &str, mode: MessageParserMode) -> std::vec::Vec<Element> {
-    match mode {
-        MessageParserMode::OnlyText => parser::parse_only_text(input),
-        MessageParserMode::DesktopSet => parser::parse_desktop_set(input),
-        MessageParserMode::Markdown => parser::parse_markdown_text(input),
-    }
-}

deltachat-jsonrpc/src/api/types/mod.rs

@@ -6,7 +6,6 @@ pub mod events;
 pub mod http;
 pub mod location;
 pub mod message;
-pub mod message_parser;
 pub mod provider_info;
 pub mod qr;
 pub mod reactions;

deltachat-jsonrpc/src/api/types/qr.rs

@@ -4,7 +4,7 @@ use typescript_type_def::TypeDef;
 
 #[derive(Serialize, TypeDef, schemars::JsonSchema)]
 #[serde(rename = "Qr", rename_all = "camelCase")]
-#[serde(tag = "type")]
+#[serde(tag = "kind")]
 pub enum QrObject {
     AskVerifyContact {
         contact_id: u32,

deltachat-jsonrpc/src/lib.rs

@@ -13,7 +13,8 @@ mod tests {
     #[tokio::test(flavor = "multi_thread")]
     async fn basic_json_rpc_functionality() -> anyhow::Result<()> {
         let tmp_dir = TempDir::new().unwrap().path().into();
-        let accounts = Accounts::new(tmp_dir).await?;
+        let writable = true;
+        let accounts = Accounts::new(tmp_dir, writable).await?;
         let api = CommandApi::new(accounts);
 
         let (sender, mut receiver) = unbounded::<String>();
@@ -54,7 +55,8 @@ mod tests {
     #[tokio::test(flavor = "multi_thread")]
     async fn test_batch_set_config() -> anyhow::Result<()> {
         let tmp_dir = TempDir::new().unwrap().path().into();
-        let accounts = Accounts::new(tmp_dir).await?;
+        let writable = true;
+        let accounts = Accounts::new(tmp_dir, writable).await?;
         let api = CommandApi::new(accounts);
 
         let (sender, mut receiver) = unbounded::<String>();

deltachat-jsonrpc/src/webserver.rs

@@ -19,7 +19,8 @@ async fn main() -> Result<(), std::io::Error> {
         .map(|port| port.parse::<u16>().expect("DC_PORT must be a number"))
         .unwrap_or(DEFAULT_PORT);
     log::info!("Starting with accounts directory `{path}`.");
-    let accounts = Accounts::new(PathBuf::from(&path)).await.unwrap();
+    let writable = true;
+    let accounts = Accounts::new(PathBuf::from(&path), writable).await.unwrap();
     let state = CommandApi::new(accounts);
 
     let app = Router::new()

deltachat-jsonrpc/typescript/example/example.ts

@@ -35,7 +35,7 @@ async function run() {
     const accounts = await client.rpc.getAllAccounts();
     console.log("accounts loaded", accounts);
     for (const account of accounts) {
-      if (account.type === "Configured") {
+      if (account.kind === "Configured") {
         write(
           $head,
           `<a href="#" onclick="selectDeltaAccount(${account.id})">
@@ -57,7 +57,7 @@ async function run() {
     clear($main);
     const selectedAccount = SELECTED_ACCOUNT;
     const info = await client.rpc.getAccountInfo(selectedAccount);
-    if (info.type !== "Configured") {
+    if (info.kind !== "Configured") {
       return write($main, "Account is not configured");
     }
     write($main, `<h2>${info.addr!}</h2>`);
@@ -81,8 +81,7 @@ async function run() {
         messageIds
       );
       for (const [_messageId, message] of Object.entries(messages)) {
-        if (message.variant === "message")
-          write($main, `<p>${message.text}</p>`);
+        if (message.kind === "message") write($main, `<p>${message.text}</p>`);
         else write($main, `<p>loading error: ${message.error}</p>`);
       }
     }
@@ -93,9 +92,9 @@ async function run() {
       $side,
       `
         <p class="message">
-          [<strong>${event.type}</strong> on account ${accountId}]<br>
+          [<strong>${event.kind}</strong> on account ${accountId}]<br>
           <em>f1:</em> ${JSON.stringify(
-            Object.assign({}, event, { type: undefined })
+            Object.assign({}, event, { kind: undefined })
           )}
         </p>`
     );

deltachat-jsonrpc/typescript/src/client.ts

@@ -6,22 +6,22 @@ import { WebsocketTransport, BaseTransport, Request } from "yerpc";
 import { TinyEmitter } from "@deltachat/tiny-emitter";
 
 type Events = { ALL: (accountId: number, event: EventType) => void } & {
-  [Property in EventType["type"]]: (
+  [Property in EventType["kind"]]: (
     accountId: number,
-    event: Extract<EventType, { type: Property }>
+    event: Extract<EventType, { kind: Property }>
   ) => void;
 };
 
 type ContextEvents = { ALL: (event: EventType) => void } & {
-  [Property in EventType["type"]]: (
-    event: Extract<EventType, { type: Property }>
+  [Property in EventType["kind"]]: (
+    event: Extract<EventType, { kind: Property }>
   ) => void;
 };
 
 export type DcEvent = EventType;
-export type DcEventType<T extends EventType["type"]> = Extract<
+export type DcEventType<T extends EventType["kind"]> = Extract<
   EventType,
-  { type: T }
+  { kind: T }
 >;
 
 export class BaseDeltaChat<
@@ -46,12 +46,12 @@ export class BaseDeltaChat<
     while (true) {
       const event = await this.rpc.getNextEvent();
       //@ts-ignore
-      this.emit(event.event.type, event.contextId, event.event);
+      this.emit(event.event.kind, event.contextId, event.event);
       this.emit("ALL", event.contextId, event.event);
 
       if (this.contextEmitters[event.contextId]) {
         this.contextEmitters[event.contextId].emit(
-          event.event.type,
+          event.event.kind,
           //@ts-ignore
           event.event as any
         );

deltachat-jsonrpc/typescript/test/online.ts

@@ -29,8 +29,8 @@ describe("online tests", function () {
     serverHandle = await startServer();
     dc = new DeltaChat(serverHandle.stdin, serverHandle.stdout, true);
 
-    dc.on("ALL", (contextId, { type }) => {
-      if (type !== "Info") console.log(contextId, type);
+    dc.on("ALL", (contextId, { kind }) => {
+      if (kind !== "Info") console.log(contextId, kind);
     });
 
     account1 = await createTempUser(process.env.DCC_NEW_TMP_EMAIL);
@@ -177,12 +177,12 @@ describe("online tests", function () {
   });
 });
 
-async function waitForEvent<T extends DcEvent["type"]>(
+async function waitForEvent<T extends DcEvent["kind"]>(
   dc: DeltaChat,
   eventType: T,
   accountId: number,
   timeout: number = EVENT_TIMEOUT
-): Promise<Extract<DcEvent, { type: T }>> {
+): Promise<Extract<DcEvent, { kind: T }>> {
   return new Promise((resolve, reject) => {
     const rejectTimeout = setTimeout(
       () => reject(new Error("Timeout reached before event came in")),

deltachat-repl/Cargo.toml

@@ -9,7 +9,7 @@ ansi_term = "0.12.1"
 anyhow = "1"
 deltachat = { path = "..", features = ["internals"]}
 dirs = "5"
-log = "0.4.19"
+log = "0.4.20"
 pretty_env_logger = "0.5"
 rusqlite = "0.29"
 rustyline = "12"

deltachat-repl/src/cmdline.rs

@@ -18,6 +18,7 @@ use deltachat::imex::*;
 use deltachat::location;
 use deltachat::log::LogExt;
 use deltachat::message::{self, Message, MessageState, MsgId, Viewtype};
+use deltachat::mimeparser::SystemMessage;
 use deltachat::peerstate::*;
 use deltachat::qr::*;
 use deltachat::reaction::send_reaction;
@@ -210,7 +211,17 @@ async fn log_msg(context: &Context, prefix: impl AsRef<str>, msg: &Message) {
         } else {
             "[FRESH]"
         },
-        if msg.is_info() { "[INFO]" } else { "" },
+        if msg.is_info() {
+            if msg.get_info_type() == SystemMessage::ChatProtectionEnabled {
+                "[INFO 🛡️]"
+            } else if msg.get_info_type() == SystemMessage::ChatProtectionDisabled {
+                "[INFO 🛡️❌]"
+            } else {
+                "[INFO]"
+            }
+        } else {
+            ""
+        },
         if msg.get_viewtype() == Viewtype::VideochatInvitation {
             format!(
                 "[VIDEOCHAT-INVITATION: {}, type={}]",
@@ -395,8 +406,6 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                  unpin <chat-id>\n\
                  mute <chat-id> [<seconds>]\n\
                  unmute <chat-id>\n\
-                 protect <chat-id>\n\
-                 unprotect <chat-id>\n\
                  delchat <chat-id>\n\
                  accept <chat-id>\n\
                  decline <chat-id>\n\
@@ -1071,20 +1080,6 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
             };
             chat::set_muted(&context, chat_id, duration).await?;
         }
-        "protect" | "unprotect" => {
-            ensure!(!arg1.is_empty(), "Argument <chat-id> missing.");
-            let chat_id = ChatId::new(arg1.parse()?);
-            chat_id
-                .set_protection(
-                    &context,
-                    match arg0 {
-                        "protect" => ProtectionStatus::Protected,
-                        "unprotect" => ProtectionStatus::Unprotected,
-                        _ => unreachable!("arg0={:?}", arg0),
-                    },
-                )
-                .await?;
-        }
         "delchat" => {
             ensure!(!arg1.is_empty(), "Argument <chat-id> missing.");
             let chat_id = ChatId::new(arg1.parse()?);

deltachat-rpc-client/examples/echobot_advanced.py

@@ -14,9 +14,9 @@ hooks = events.HookCollection()
 
 @hooks.on(events.RawEvent)
 def log_event(event):
-    if event.type == EventType.INFO:
+    if event.kind == EventType.INFO:
         logging.info(event.msg)
-    elif event.type == EventType.WARNING:
+    elif event.kind == EventType.WARNING:
         logging.warning(event.msg)
 
 

deltachat-rpc-client/pyproject.toml

@@ -7,6 +7,7 @@ name = "deltachat-rpc-client"
 description = "Python client for Delta Chat core JSON-RPC interface"
 classifiers = [
     "Development Status :: 5 - Production/Stable",
+    "Framework :: AsyncIO",
     "Intended Audience :: Developers",
     "License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)",
     "Operating System :: POSIX :: Linux",

deltachat-rpc-client/src/deltachat_rpc_client/_generated_types.py

@@ -0,0 +1,775 @@
+from dataclasses import dataclass
+from enum import Enum
+from typing import TypeAlias, Union, Optional, Tuple, Any
+
+
+class AccountEnum:
+    @dataclass(kw_only=True)
+    class Configured:
+        kind: str = "Configured"
+        addr: Optional[str]
+        color: str
+        display_name: Optional[str]
+        id: int
+        profile_image: Optional[str]
+
+    @dataclass(kw_only=True)
+    class Unconfigured:
+        kind: str = "Unconfigured"
+        id: int
+
+
+Account: TypeAlias = AccountEnum.Configured | AccountEnum.Unconfigured
+
+
+@dataclass(kw_only=True)
+class BasicChat:
+    archived: bool
+    chat_type: int
+    color: str
+    id: int
+    is_contact_request: bool
+    is_device_chat: bool
+    is_muted: bool
+    is_protected: bool
+    is_self_talk: bool
+    is_unpromoted: bool
+    name: str
+    profile_image: str
+
+
+class ChatListItemFetchResultEnum:
+    @dataclass(kw_only=True)
+    class ChatListItem:
+        kind: str = "ChatListItem"
+        avatar_path: Optional[str]
+        color: str
+        dm_chat_contact: Optional[int]
+        fresh_message_counter: int
+        id: int
+        is_archived: bool
+        is_broadcast: bool
+        is_contact_request: bool
+        is_device_talk: bool
+        is_group: bool
+        is_muted: bool
+        is_pinned: bool
+        is_protected: bool
+        is_self_in_group: bool
+        is_self_talk: bool
+        is_sending_location: bool
+        last_message_id: Optional[int]
+        last_message_type: Optional["Viewtype"]
+        last_updated: Optional[int]
+        name: str
+        summary_preview_image: Optional[str]
+        summary_status: int
+        summary_text1: str
+        summary_text2: str
+        was_seen_recently: bool
+
+    @dataclass(kw_only=True)
+    class ArchiveLink:
+        kind: str = "ArchiveLink"
+        fresh_message_counter: int
+
+    @dataclass(kw_only=True)
+    class Error:
+        kind: str = "Error"
+        error: str
+        id: int
+
+
+ChatListItemFetchResult: TypeAlias = (
+    ChatListItemFetchResultEnum.ChatListItem
+    | ChatListItemFetchResultEnum.ArchiveLink
+    | ChatListItemFetchResultEnum.Error
+)
+
+
+class ChatVisibility(Enum):
+    NORMAL = "Normal"
+    ARCHIVED = "Archived"
+    PINNED = "Pinned"
+
+
+@dataclass(kw_only=True)
+class Contact:
+    address: str
+    auth_name: str
+    color: str
+    display_name: str
+    id: int
+    is_blocked: bool
+    is_verified: bool
+    last_seen: int
+    name: str
+    name_and_addr: str
+    profile_image: str
+    status: str
+    verifier_addr: str
+    verifier_id: int
+    was_seen_recently: bool
+
+
+class DownloadState(Enum):
+    DONE = "Done"
+    AVAILABLE = "Available"
+    FAILURE = "Failure"
+    IN_PROGRESS = "InProgress"
+
+
+@dataclass(kw_only=True)
+class Event:
+    context_id: int
+    event: "EventType"
+
+
+class EventTypeEnum:
+    @dataclass(kw_only=True)
+    class Info:
+        kind: str = "Info"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class SmtpConnected:
+        kind: str = "SmtpConnected"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class ImapConnected:
+        kind: str = "ImapConnected"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class SmtpMessageSent:
+        kind: str = "SmtpMessageSent"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class ImapMessageDeleted:
+        kind: str = "ImapMessageDeleted"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class ImapMessageMoved:
+        kind: str = "ImapMessageMoved"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class ImapInboxIdle:
+        kind: str = "ImapInboxIdle"
+
+    @dataclass(kw_only=True)
+    class NewBlobFile:
+        kind: str = "NewBlobFile"
+        file: str
+
+    @dataclass(kw_only=True)
+    class DeletedBlobFile:
+        kind: str = "DeletedBlobFile"
+        file: str
+
+    @dataclass(kw_only=True)
+    class Warning:
+        kind: str = "Warning"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class Error:
+        kind: str = "Error"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class ErrorSelfNotInGroup:
+        kind: str = "ErrorSelfNotInGroup"
+        msg: str
+
+    @dataclass(kw_only=True)
+    class MsgsChanged:
+        kind: str = "MsgsChanged"
+        chat_id: int
+        msg_id: int
+
+    @dataclass(kw_only=True)
+    class ReactionsChanged:
+        kind: str = "ReactionsChanged"
+        chat_id: int
+        contact_id: int
+        msg_id: int
+
+    @dataclass(kw_only=True)
+    class IncomingMsg:
+        kind: str = "IncomingMsg"
+        chat_id: int
+        msg_id: int
+
+    @dataclass(kw_only=True)
+    class IncomingMsgBunch:
+        kind: str = "IncomingMsgBunch"
+        msg_ids: list[int]
+
+    @dataclass(kw_only=True)
+    class MsgsNoticed:
+        kind: str = "MsgsNoticed"
+        chat_id: int
+
+    @dataclass(kw_only=True)
+    class MsgDelivered:
+        kind: str = "MsgDelivered"
+        chat_id: int
+        msg_id: int
+
+    @dataclass(kw_only=True)
+    class MsgFailed:
+        kind: str = "MsgFailed"
+        chat_id: int
+        msg_id: int
+
+    @dataclass(kw_only=True)
+    class MsgRead:
+        kind: str = "MsgRead"
+        chat_id: int
+        msg_id: int
+
+    @dataclass(kw_only=True)
+    class MsgDeleted:
+        kind: str = "MsgDeleted"
+        chat_id: int
+        msg_id: int
+
+    @dataclass(kw_only=True)
+    class ChatModified:
+        kind: str = "ChatModified"
+        chat_id: int
+
+    @dataclass(kw_only=True)
+    class ChatEphemeralTimerModified:
+        kind: str = "ChatEphemeralTimerModified"
+        chat_id: int
+        timer: int
+
+    @dataclass(kw_only=True)
+    class ContactsChanged:
+        kind: str = "ContactsChanged"
+        contact_id: Optional[int]
+
+    @dataclass(kw_only=True)
+    class LocationChanged:
+        kind: str = "LocationChanged"
+        contact_id: Optional[int]
+
+    @dataclass(kw_only=True)
+    class ConfigureProgress:
+        kind: str = "ConfigureProgress"
+        comment: Optional[str]
+        progress: int
+
+    @dataclass(kw_only=True)
+    class ImexProgress:
+        kind: str = "ImexProgress"
+        progress: int
+
+    @dataclass(kw_only=True)
+    class ImexFileWritten:
+        kind: str = "ImexFileWritten"
+        path: str
+
+    @dataclass(kw_only=True)
+    class SecurejoinInviterProgress:
+        kind: str = "SecurejoinInviterProgress"
+        contact_id: int
+        progress: int
+
+    @dataclass(kw_only=True)
+    class SecurejoinJoinerProgress:
+        kind: str = "SecurejoinJoinerProgress"
+        contact_id: int
+        progress: int
+
+    @dataclass(kw_only=True)
+    class ConnectivityChanged:
+        kind: str = "ConnectivityChanged"
+
+    @dataclass(kw_only=True)
+    class SelfavatarChanged:
+        kind: str = "SelfavatarChanged"
+
+    @dataclass(kw_only=True)
+    class WebxdcStatusUpdate:
+        kind: str = "WebxdcStatusUpdate"
+        msg_id: int
+        status_update_serial: int
+
+    @dataclass(kw_only=True)
+    class WebxdcInstanceDeleted:
+        kind: str = "WebxdcInstanceDeleted"
+        msg_id: int
+
+
+EventType: TypeAlias = (
+    EventTypeEnum.Info
+    | EventTypeEnum.SmtpConnected
+    | EventTypeEnum.ImapConnected
+    | EventTypeEnum.SmtpMessageSent
+    | EventTypeEnum.ImapMessageDeleted
+    | EventTypeEnum.ImapMessageMoved
+    | EventTypeEnum.ImapInboxIdle
+    | EventTypeEnum.NewBlobFile
+    | EventTypeEnum.DeletedBlobFile
+    | EventTypeEnum.Warning
+    | EventTypeEnum.Error
+    | EventTypeEnum.ErrorSelfNotInGroup
+    | EventTypeEnum.MsgsChanged
+    | EventTypeEnum.ReactionsChanged
+    | EventTypeEnum.IncomingMsg
+    | EventTypeEnum.IncomingMsgBunch
+    | EventTypeEnum.MsgsNoticed
+    | EventTypeEnum.MsgDelivered
+    | EventTypeEnum.MsgFailed
+    | EventTypeEnum.MsgRead
+    | EventTypeEnum.MsgDeleted
+    | EventTypeEnum.ChatModified
+    | EventTypeEnum.ChatEphemeralTimerModified
+    | EventTypeEnum.ContactsChanged
+    | EventTypeEnum.LocationChanged
+    | EventTypeEnum.ConfigureProgress
+    | EventTypeEnum.ImexProgress
+    | EventTypeEnum.ImexFileWritten
+    | EventTypeEnum.SecurejoinInviterProgress
+    | EventTypeEnum.SecurejoinJoinerProgress
+    | EventTypeEnum.ConnectivityChanged
+    | EventTypeEnum.SelfavatarChanged
+    | EventTypeEnum.WebxdcStatusUpdate
+    | EventTypeEnum.WebxdcInstanceDeleted
+)
+
+
+@dataclass(kw_only=True)
+class FullChat:
+    archived: bool
+    can_send: bool
+    chat_type: int
+    color: str
+    contact_ids: list[int]
+    contacts: list["Contact"]
+    ephemeral_timer: int
+    fresh_message_counter: int
+    id: int
+    is_contact_request: bool
+    is_device_chat: bool
+    is_muted: bool
+    is_protected: bool
+    is_self_talk: bool
+    is_unpromoted: bool
+    mailing_list_address: str
+    name: str
+    profile_image: str
+    self_in_group: bool
+    was_seen_recently: bool
+
+
+@dataclass(kw_only=True)
+class HttpResponse:
+    blob: str
+    encoding: str
+    mimetype: str
+
+
+@dataclass(kw_only=True)
+class Location:
+    accuracy: float
+    chat_id: int
+    contact_id: int
+    is_independent: bool
+    latitude: float
+    location_id: int
+    longitude: float
+    marker: str
+    msg_id: int
+    timestamp: int
+
+
+@dataclass(kw_only=True)
+class Message:
+    chat_id: int
+    dimensions_height: int
+    dimensions_width: int
+    download_state: "DownloadState"
+    duration: int
+    error: str
+    file: str
+    file_bytes: int
+    file_mime: str
+    file_name: str
+    from_id: int
+    has_deviating_timestamp: bool
+    has_html: bool
+    has_location: bool
+    id: int
+    is_bot: bool
+    is_forwarded: bool
+    is_info: bool
+    is_setupmessage: bool
+    override_sender_name: str
+    parent_id: int
+    quote: Optional["MessageQuote"]
+    reactions: Optional["Reactions"]
+    received_timestamp: int
+    sender: "Contact"
+    setup_code_begin: str
+    show_padlock: bool
+    sort_timestamp: int
+    state: int
+    subject: str
+    system_message_type: "SystemMessageType"
+    text: str
+    timestamp: int
+    videochat_type: int
+    videochat_url: str
+    view_type: "Viewtype"
+    webxdc_info: Optional["WebxdcMessageInfo"]
+
+
+@dataclass(kw_only=True)
+class MessageData:
+    file: str
+    html: str
+    location: Tuple[float, float]
+    override_sender_name: str
+    quoted_message_id: int
+    text: str
+    viewtype: Optional["Viewtype"]
+
+
+class MessageListItemEnum:
+    @dataclass(kw_only=True)
+    class Message:
+        kind: str = "Message"
+        msg_id: int
+
+    @dataclass(kw_only=True)
+    class DayMarker:
+        kind: str = "DayMarker"
+        timestamp: int
+
+
+MessageListItem: TypeAlias = MessageListItemEnum.Message | MessageListItemEnum.DayMarker
+
+
+class MessageLoadResultEnum:
+    @dataclass(kw_only=True)
+    class Message:
+        kind: str = "Message"
+        chat_id: int
+        dimensions_height: int
+        dimensions_width: int
+        download_state: "DownloadState"
+        duration: int
+        error: Optional[str]
+        file: Optional[str]
+        file_bytes: int
+        file_mime: Optional[str]
+        file_name: Optional[str]
+        from_id: int
+        has_deviating_timestamp: bool
+        has_html: bool
+        has_location: bool
+        id: int
+        is_bot: bool
+        is_forwarded: bool
+        is_info: bool
+        is_setupmessage: bool
+        override_sender_name: Optional[str]
+        parent_id: Optional[int]
+        quote: Optional["MessageQuote"]
+        reactions: Optional["Reactions"]
+        received_timestamp: int
+        sender: "Contact"
+        setup_code_begin: Optional[str]
+        show_padlock: bool
+        sort_timestamp: int
+        state: int
+        subject: str
+        system_message_type: "SystemMessageType"
+        text: str
+        timestamp: int
+        videochat_type: Optional[int]
+        videochat_url: Optional[str]
+        view_type: "Viewtype"
+        webxdc_info: Optional["WebxdcMessageInfo"]
+
+    @dataclass(kw_only=True)
+    class LoadingError:
+        kind: str = "LoadingError"
+        error: str
+
+
+MessageLoadResult: TypeAlias = MessageLoadResultEnum.Message | MessageLoadResultEnum.LoadingError
+
+
+@dataclass(kw_only=True)
+class MessageNotificationInfo:
+    account_id: int
+    chat_id: int
+    chat_name: str
+    chat_profile_image: str
+    id: int
+    image: str
+    image_mime_type: str
+    summary_prefix: str
+    summary_text: str
+
+
+class MessageQuoteEnum:
+    @dataclass(kw_only=True)
+    class JustText:
+        kind: str = "JustText"
+        text: str
+
+    @dataclass(kw_only=True)
+    class WithMessage:
+        kind: str = "WithMessage"
+        author_display_color: str
+        author_display_name: str
+        image: Optional[str]
+        is_forwarded: bool
+        message_id: int
+        override_sender_name: Optional[str]
+        text: str
+        view_type: "Viewtype"
+
+
+MessageQuote: TypeAlias = MessageQuoteEnum.JustText | MessageQuoteEnum.WithMessage
+
+
+@dataclass(kw_only=True)
+class MessageReadReceipt:
+    contact_id: int
+    timestamp: int
+
+
+@dataclass(kw_only=True)
+class MessageSearchResult:
+    author_color: str
+    author_id: int
+    author_name: str
+    author_profile_image: str
+    chat_color: str
+    chat_name: str
+    chat_profile_image: str
+    chat_type: int
+    id: int
+    is_chat_archived: bool
+    is_chat_contact_request: bool
+    is_chat_protected: bool
+    message: str
+    timestamp: int
+
+
+class MuteDurationEnum:
+    @dataclass(kw_only=True)
+    class NotMuted:
+        kind: str = "NotMuted"
+
+    @dataclass(kw_only=True)
+    class Forever:
+        kind: str = "Forever"
+
+    @dataclass(kw_only=True)
+    class Until:
+        kind: str = "Until"
+        timestamp: int
+
+
+MuteDuration: TypeAlias = MuteDurationEnum.NotMuted | MuteDurationEnum.Forever | MuteDurationEnum.Until
+
+
+@dataclass(kw_only=True)
+class ProviderInfo:
+    before_login_hint: str
+    overview_page: str
+    status: int
+
+
+class QrEnum:
+    @dataclass(kw_only=True)
+    class AskVerifyContact:
+        kind: str = "AskVerifyContact"
+        authcode: str
+        contact_id: int
+        fingerprint: str
+        invitenumber: str
+
+    @dataclass(kw_only=True)
+    class AskVerifyGroup:
+        kind: str = "AskVerifyGroup"
+        authcode: str
+        contact_id: int
+        fingerprint: str
+        grpid: str
+        grpname: str
+        invitenumber: str
+
+    @dataclass(kw_only=True)
+    class FprOk:
+        kind: str = "FprOk"
+        contact_id: int
+
+    @dataclass(kw_only=True)
+    class FprMismatch:
+        kind: str = "FprMismatch"
+        contact_id: Optional[int]
+
+    @dataclass(kw_only=True)
+    class FprWithoutAddr:
+        kind: str = "FprWithoutAddr"
+        fingerprint: str
+
+    @dataclass(kw_only=True)
+    class Account:
+        kind: str = "Account"
+        domain: str
+
+    @dataclass(kw_only=True)
+    class Backup:
+        kind: str = "Backup"
+        ticket: str
+
+    @dataclass(kw_only=True)
+    class WebrtcInstance:
+        kind: str = "WebrtcInstance"
+        domain: str
+        instance_pattern: str
+
+    @dataclass(kw_only=True)
+    class Addr:
+        kind: str = "Addr"
+        contact_id: int
+        draft: Optional[str]
+
+    @dataclass(kw_only=True)
+    class Url:
+        kind: str = "Url"
+        url: str
+
+    @dataclass(kw_only=True)
+    class Text:
+        kind: str = "Text"
+        text: str
+
+    @dataclass(kw_only=True)
+    class WithdrawVerifyContact:
+        kind: str = "WithdrawVerifyContact"
+        authcode: str
+        contact_id: int
+        fingerprint: str
+        invitenumber: str
+
+    @dataclass(kw_only=True)
+    class WithdrawVerifyGroup:
+        kind: str = "WithdrawVerifyGroup"
+        authcode: str
+        contact_id: int
+        fingerprint: str
+        grpid: str
+        grpname: str
+        invitenumber: str
+
+    @dataclass(kw_only=True)
+    class ReviveVerifyContact:
+        kind: str = "ReviveVerifyContact"
+        authcode: str
+        contact_id: int
+        fingerprint: str
+        invitenumber: str
+
+    @dataclass(kw_only=True)
+    class ReviveVerifyGroup:
+        kind: str = "ReviveVerifyGroup"
+        authcode: str
+        contact_id: int
+        fingerprint: str
+        grpid: str
+        grpname: str
+        invitenumber: str
+
+    @dataclass(kw_only=True)
+    class Login:
+        kind: str = "Login"
+        address: str
+
+
+Qr: TypeAlias = (
+    QrEnum.AskVerifyContact
+    | QrEnum.AskVerifyGroup
+    | QrEnum.FprOk
+    | QrEnum.FprMismatch
+    | QrEnum.FprWithoutAddr
+    | QrEnum.Account
+    | QrEnum.Backup
+    | QrEnum.WebrtcInstance
+    | QrEnum.Addr
+    | QrEnum.Url
+    | QrEnum.Text
+    | QrEnum.WithdrawVerifyContact
+    | QrEnum.WithdrawVerifyGroup
+    | QrEnum.ReviveVerifyContact
+    | QrEnum.ReviveVerifyGroup
+    | QrEnum.Login
+)
+
+
+@dataclass(kw_only=True)
+class Reaction:
+    count: int
+    emoji: str
+    is_from_self: bool
+
+
+@dataclass(kw_only=True)
+class Reactions:
+    reactions: list["Reaction"]
+    reactions_by_contact: dict[Any, list[str]]
+
+
+class SystemMessageType(Enum):
+    UNKNOWN = "Unknown"
+    GROUP_NAME_CHANGED = "GroupNameChanged"
+    GROUP_IMAGE_CHANGED = "GroupImageChanged"
+    MEMBER_ADDED_TO_GROUP = "MemberAddedToGroup"
+    MEMBER_REMOVED_FROM_GROUP = "MemberRemovedFromGroup"
+    AUTOCRYPT_SETUP_MESSAGE = "AutocryptSetupMessage"
+    SECUREJOIN_MESSAGE = "SecurejoinMessage"
+    LOCATION_STREAMING_ENABLED = "LocationStreamingEnabled"
+    LOCATION_ONLY = "LocationOnly"
+    CHAT_PROTECTION_ENABLED = "ChatProtectionEnabled"
+    CHAT_PROTECTION_DISABLED = "ChatProtectionDisabled"
+    WEBXDC_STATUS_UPDATE = "WebxdcStatusUpdate"
+    EPHEMERAL_TIMER_CHANGED = "EphemeralTimerChanged"
+    MULTI_DEVICE_SYNC = "MultiDeviceSync"
+    WEBXDC_INFO_MESSAGE = "WebxdcInfoMessage"
+
+
+class Viewtype(Enum):
+    UNKNOWN = "Unknown"
+    TEXT = "Text"
+    IMAGE = "Image"
+    GIF = "Gif"
+    STICKER = "Sticker"
+    AUDIO = "Audio"
+    VOICE = "Voice"
+    VIDEO = "Video"
+    FILE = "File"
+    VIDEOCHAT_INVITATION = "VideochatInvitation"
+    WEBXDC = "Webxdc"
+
+
+@dataclass(kw_only=True)
+class WebxdcMessageInfo:
+    document: str
+    icon: str
+    internet_access: bool
+    name: str
+    source_code_url: str
+    summary: str

deltachat-rpc-client/src/deltachat_rpc_client/chat.py

@@ -2,6 +2,7 @@ import calendar
 from dataclasses import dataclass
 from typing import TYPE_CHECKING, Dict, List, Optional, Tuple, Union
 
+from ._generated_types import MuteDurationEnum
 from ._utils import AttrDict
 from .const import ChatVisibility, ViewType
 from .contact import Contact
@@ -54,14 +55,14 @@ class Chat:
         """
         if duration is not None:
             assert duration > 0, "Invalid duration"
-            dur: Union[str, dict] = {"Until": duration}
+            dur: dict = MuteDurationEnum.Until(duration=duration)
         else:
-            dur = "Forever"
+            dur = MuteDurationEnum.Forever()
         self._rpc.set_chat_mute_duration(self.account.id, self.id, dur)
 
     def unmute(self) -> None:
         """Unmute this chat."""
-        self._rpc.set_chat_mute_duration(self.account.id, self.id, "NotMuted")
+        self._rpc.set_chat_mute_duration(self.account.id, self.id, MuteDurationEnum.NotMuted())
 
     def pin(self) -> None:
         """Pin this chat."""

deltachat-rpc-client/src/deltachat_rpc_client/client.py

@@ -105,10 +105,10 @@ class Client:
         self._process_messages()  # Process old messages.
         while True:
             event = self.account.wait_for_event()
-            event["type"] = EventType(event.type)
+            event["kind"] = EventType(event.kind)
             event["account"] = self.account
             self._on_event(event)
-            if event.type == EventType.INCOMING_MSG:
+            if event.kind == EventType.INCOMING_MSG:
                 self._process_messages()
 
             stop = func(event)

deltachat-rpc-client/src/deltachat_rpc_client/events.py

@@ -79,7 +79,7 @@ class RawEvent(EventFilter):
         return False
 
     def filter(self, event: "AttrDict") -> bool:
-        if self.types and event.type not in self.types:
+        if self.types and event.kind not in self.types:
             return False
         return self._call_func(event)
 

deltachat-rpc-client/src/deltachat_rpc_client/pytestplugin.py

@@ -54,7 +54,7 @@ class ACFactory:
         account.start_io()
         while True:
             event = account.wait_for_event()
-            if event.type == EventType.IMAP_INBOX_IDLE:
+            if event.kind == EventType.IMAP_INBOX_IDLE:
                 break
         return account
 
@@ -95,7 +95,7 @@ class ACFactory:
             group=group,
         )
 
-        return to_client.run_until(lambda e: e.type == EventType.INCOMING_MSG)
+        return to_client.run_until(lambda e: e.kind == EventType.INCOMING_MSG)
 
 
 @pytest.fixture()

deltachat-rpc-client/src/deltachat_rpc_client/rpc.py

@@ -1,3 +1,4 @@
+import dataclasses
 import json
 import logging
 import os
@@ -12,6 +13,13 @@ class JsonRpcError(Exception):
     pass
 
 
+class DataclassEncoder(json.JSONEncoder):
+    def default(self, obj):
+        if dataclasses.is_dataclass(obj) and not isinstance(obj, type):
+            return dataclasses.asdict(obj)
+        return json.JSONEncoder.default(self, obj)
+
+
 class Rpc:
     def __init__(self, accounts_dir: Optional[str] = None, **kwargs):
         """The given arguments will be passed to subprocess.Popen()"""
@@ -109,7 +117,7 @@ class Rpc:
                 request = self.request_queue.get()
                 if not request:
                     break
-                data = (json.dumps(request) + "\n").encode()
+                data = (json.dumps(request, cls=DataclassEncoder) + "\n").encode()
                 self.process.stdin.write(data)
                 self.process.stdin.flush()
 

deltachat-rpc-client/tests/test_something.py

@@ -1,4 +1,6 @@
 import concurrent.futures
+import json
+import subprocess
 from unittest.mock import MagicMock
 
 import pytest
@@ -42,7 +44,7 @@ def test_acfactory(acfactory) -> None:
     account = acfactory.new_configured_account()
     while True:
         event = account.wait_for_event()
-        if event.type == EventType.CONFIGURE_PROGRESS:
+        if event.kind == EventType.CONFIGURE_PROGRESS:
             assert event.progress != 0  # Progress 0 indicates error.
             if event.progress == 1000:  # Success
                 break
@@ -71,7 +73,7 @@ def test_account(acfactory) -> None:
 
     while True:
         event = bob.wait_for_event()
-        if event.type == EventType.INCOMING_MSG:
+        if event.kind == EventType.INCOMING_MSG:
             chat_id = event.chat_id
             msg_id = event.msg_id
             break
@@ -140,7 +142,7 @@ def test_chat(acfactory) -> None:
 
     while True:
         event = bob.wait_for_event()
-        if event.type == EventType.INCOMING_MSG:
+        if event.kind == EventType.INCOMING_MSG:
             chat_id = event.chat_id
             msg_id = event.msg_id
             break
@@ -224,7 +226,7 @@ def test_message(acfactory) -> None:
 
     while True:
         event = bob.wait_for_event()
-        if event.type == EventType.INCOMING_MSG:
+        if event.kind == EventType.INCOMING_MSG:
             chat_id = event.chat_id
             msg_id = event.msg_id
             break
@@ -263,7 +265,7 @@ def test_is_bot(acfactory) -> None:
 
     while True:
         event = bob.wait_for_event()
-        if event.type == EventType.INCOMING_MSG:
+        if event.kind == EventType.INCOMING_MSG:
             msg_id = event.msg_id
             message = bob.get_message_by_id(msg_id)
             snapshot = message.get_snapshot()
@@ -346,3 +348,13 @@ def test_import_export(acfactory, tmp_path) -> None:
     files = list(tmp_path.glob("*.tar"))
     alice2 = acfactory.get_unconfigured_account()
     alice2.import_backup(files[0])
+
+    assert alice2.manager.get_system_info()
+
+
+def test_openrpc_command_line() -> None:
+    """Test that "deltachat-rpc-server --openrpc" command returns an OpenRPC specification."""
+    out = subprocess.run(["deltachat-rpc-server", "--openrpc"], capture_output=True, check=True).stdout
+    openrpc = json.loads(out)
+    assert "openrpc" in openrpc
+    assert "methods" in openrpc

deltachat-rpc-client/tests/test_webxdc.py

@@ -11,7 +11,7 @@ def test_webxdc(acfactory) -> None:
 
     while True:
         event = bob.wait_for_event()
-        if event.type == EventType.INCOMING_MSG:
+        if event.kind == EventType.INCOMING_MSG:
             bob_chat_alice = bob.get_chat_by_id(event.chat_id)
             message = bob.get_message_by_id(event.msg_id)
             break

deltachat-rpc-server/Cargo.toml

@@ -17,11 +17,11 @@ anyhow = "1"
 env_logger = { version = "0.10.0" }
 futures-lite = "1.13.0"
 log = "0.4"
-serde_json = "1.0.99"
+serde_json = "1.0.105"
 serde = { version = "1.0", features = ["derive"] }
-tokio = { version = "1.29.1", features = ["io-std"] }
-tokio-util = "0.7.8"
-yerpc = { version = "0.5.1", features = ["anyhow_expose"] }
+tokio = { version = "1.32.0", features = ["io-std"] }
+tokio-util = "0.7.9"
+yerpc = { version = "0.5.2", features = ["anyhow_expose", "openrpc"] }
 
 [features]
 default = ["vendored"]

deltachat-rpc-server/README.md

@@ -32,3 +32,6 @@ languages other than Rust, for example:
 
 1. Python: https://github.com/deltachat/deltachat-core-rust/tree/master/deltachat-rpc-client/
 2. Go: https://github.com/deltachat/deltachat-rpc-client-go/
+
+Run `deltachat-rpc-server --version` to check the version of the server.
+Run `deltachat-rpc-server --openrpc` to get [OpenRPC](https://open-rpc.org/) specification of the provided JSON-RPC API.

deltachat-rpc-server/src/main.rs

@@ -10,6 +10,7 @@ use deltachat::constants::DC_VERSION_STR;
 use deltachat_jsonrpc::api::{Accounts, CommandApi};
 use futures_lite::stream::StreamExt;
 use tokio::io::{self, AsyncBufReadExt, BufReader};
+use yerpc::RpcServer as _;
 
 #[cfg(target_family = "unix")]
 use tokio::signal::unix as signal_unix;
@@ -39,6 +40,12 @@ async fn main_impl() -> Result<()> {
             }
             eprintln!("{}", &*DC_VERSION_STR);
             return Ok(());
+        } else if first_arg.to_str() == Some("--openrpc") {
+            if let Some(arg) = args.next() {
+                return Err(anyhow!("Unrecognized argument {:?}", arg));
+            }
+            println!("{}", CommandApi::openrpc_specification()?);
+            return Ok(());
         } else {
             return Err(anyhow!("Unrecognized option {:?}", first_arg));
         }
@@ -56,7 +63,8 @@ async fn main_impl() -> Result<()> {
 
     let path = std::env::var("DC_ACCOUNTS_PATH").unwrap_or_else(|_| "accounts".to_string());
     log::info!("Starting with accounts directory `{}`.", path);
-    let accounts = Accounts::new(PathBuf::from(&path)).await?;
+    let writable = true;
+    let accounts = Accounts::new(PathBuf::from(&path), writable).await?;
 
     log::info!("Creating JSON-RPC API.");
     let accounts = Arc::new(RwLock::new(accounts));

deny.toml

@@ -11,7 +11,6 @@ ignore = [
 # when upgrading.
 # Please keep this list alphabetically sorted.
 skip = [
-     { name = "ahash", version = "0.7.6" },
      { name = "base16ct", version = "0.1.1" },
      { name = "base64", version = "<0.21" },
      { name = "bitflags", version = "1.3.2" },
@@ -25,12 +24,10 @@ skip = [
      { name = "digest", version = "<0.10" },
      { name = "ed25519-dalek", version = "1.0.1" },
      { name = "ed25519", version = "1.5.3" },
+     { name = "fastrand", version = "1.9.0" },
      { name = "getrandom", version = "<0.2" },
      { name = "hashbrown", version = "<0.14.0" },
-     { name = "idna", version = "<0.3" },
      { name = "indexmap", version = "<2.0.0" },
-     { name = "linux-raw-sys", version = "0.3.8" },
-     { name = "num-derive", version = "0.3.3" },
      { name = "pem-rfc7468", version = "0.6.0" },
      { name = "pkcs8", version = "0.9.0" },
      { name = "quick-error", version = "<2.0" },
@@ -38,8 +35,8 @@ skip = [
      { name = "rand_core", version = "<0.6" },
      { name = "rand", version = "<0.8" },
      { name = "redox_syscall", version = "0.2.16" },
+     { name = "regex-automata", version = "0.1.10" },
      { name = "regex-syntax", version = "0.6.29" },
-     { name = "rustix", version = "0.37.21" },
      { name = "sec1", version = "0.3.0" },
      { name = "sha2", version = "<0.10" },
      { name = "signature", version = "1.6.4" },
@@ -55,11 +52,10 @@ skip = [
      { name = "windows_i686_msvc", version = "<0.48" },
      { name = "windows-sys", version = "<0.48" },
      { name = "windows-targets", version = "<0.48" },
-     { name = "windows_x86_64_gnullvm", version = "<0.48" },
      { name = "windows", version = "0.32.0" },
+     { name = "windows_x86_64_gnullvm", version = "<0.48" },
      { name = "windows_x86_64_gnu", version = "<0.48" },
      { name = "windows_x86_64_msvc", version = "<0.48" },
-     { name = "winreg", version = "0.10.1" },
 ]
 
 

examples/simple.rs

@@ -1,100 +0,0 @@
-use deltachat::chat::{self, ChatId};
-use deltachat::chatlist::*;
-use deltachat::config;
-use deltachat::contact::*;
-use deltachat::context::*;
-use deltachat::message::Message;
-use deltachat::stock_str::StockStrings;
-use deltachat::{EventType, Events};
-use tempfile::tempdir;
-
-fn cb(event: EventType) {
-    match event {
-        EventType::ConfigureProgress { progress, .. } => {
-            log::info!("progress: {}", progress);
-        }
-        EventType::Info(msg) => {
-            log::info!("{}", msg);
-        }
-        EventType::Warning(msg) => {
-            log::warn!("{}", msg);
-        }
-        EventType::Error(msg) => {
-            log::error!("{}", msg);
-        }
-        event => {
-            log::info!("{:?}", event);
-        }
-    }
-}
-
-/// Run with `RUST_LOG=simple=info cargo run --release --example simple -- email pw`.
-#[tokio::main]
-async fn main() {
-    pretty_env_logger::try_init_timed().ok();
-
-    let dir = tempdir().unwrap();
-    let dbfile = dir.path().join("db.sqlite");
-    log::info!("creating database {:?}", dbfile);
-    let ctx = Context::new(&dbfile, 0, Events::new(), StockStrings::new())
-        .await
-        .expect("Failed to create context");
-    let info = ctx.get_info().await;
-    log::info!("info: {:#?}", info);
-
-    let events = ctx.get_event_emitter();
-    let events_spawn = tokio::task::spawn(async move {
-        while let Some(event) = events.recv().await {
-            cb(event.typ);
-        }
-    });
-
-    log::info!("configuring");
-    let args = std::env::args().collect::<Vec<String>>();
-    assert_eq!(args.len(), 3, "requires email password");
-    let email = args[1].clone();
-    let pw = args[2].clone();
-    ctx.set_config(config::Config::Addr, Some(&email))
-        .await
-        .unwrap();
-    ctx.set_config(config::Config::MailPw, Some(&pw))
-        .await
-        .unwrap();
-
-    ctx.configure().await.unwrap();
-
-    log::info!("------ RUN ------");
-    ctx.start_io().await;
-    log::info!("--- SENDING A MESSAGE ---");
-
-    let contact_id = Contact::create(&ctx, "dignifiedquire", "dignifiedquire@gmail.com")
-        .await
-        .unwrap();
-    let chat_id = ChatId::create_for_contact(&ctx, contact_id).await.unwrap();
-
-    for i in 0..1 {
-        log::info!("sending message {}", i);
-        chat::send_text_msg(&ctx, chat_id, format!("Hi, here is my {i}nth message!"))
-            .await
-            .unwrap();
-    }
-
-    // wait for the message to be sent out
-    tokio::time::sleep(std::time::Duration::from_secs(1)).await;
-
-    log::info!("fetching chats..");
-    let chats = Chatlist::try_load(&ctx, 0, None, None).await.unwrap();
-
-    for i in 0..chats.len() {
-        let msg = Message::load_from_db(&ctx, chats.get_msg_id(i).unwrap().unwrap())
-            .await
-            .unwrap();
-        log::info!("[{}] msg: {:?}", i, msg);
-    }
-
-    log::info!("stopping");
-    ctx.stop_io().await;
-    log::info!("closing");
-    drop(ctx);
-    events_spawn.await.unwrap();
-}

fuzz/Cargo.lock

@@ -177,13 +177,13 @@ dependencies = [
 
 [[package]]
 name = "async-imap"
-version = "0.9.0"
+version = "0.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da93622739d458dd9a6abc1abf0e38e81965a5824a3b37f9500437c82a8bb572"
+checksum = "b538b767cbf9c162a6c5795d4b932bd2c20ba10b5a91a94d2b2b6886c1dce6a8"
 dependencies = [
  "async-channel",
  "base64 0.21.0",
- "byte-pool",
+ "bytes",
  "chrono",
  "futures",
  "imap-proto",
@@ -337,9 +337,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
 
 [[package]]
 name = "bitflags"
-version = "2.0.2"
+version = "2.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "487f1e0fcbe47deb8b0574e646def1c903389d95241dd1bbcc6ce4a715dfc0c1"
+checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635"
 
 [[package]]
 name = "blake3"
@@ -529,16 +529,6 @@ version = "3.11.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "572f695136211188308f16ad2ca5c851a712c464060ae6974944458eb83880ba"
 
-[[package]]
-name = "byte-pool"
-version = "0.2.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c2f1b21189f50b5625efa6227cf45e9d4cfdc2e73582df2b879e9689e78a7158"
-dependencies = [
- "crossbeam-queue",
- "stable_deref_trait",
-]
-
 [[package]]
 name = "bytemuck"
 version = "1.12.3"
@@ -741,16 +731,6 @@ dependencies = [
  "cfg-if",
 ]
 
-[[package]]
-name = "crossbeam-queue"
-version = "0.3.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d1cfb3ea8a53f37c40dea2c7bedcbd88bdfae54f5e2175d6ecaff1c988353add"
-dependencies = [
- "cfg-if",
- "crossbeam-utils",
-]
-
 [[package]]
 name = "crossbeam-utils"
 version = "0.8.14"
@@ -926,7 +906,7 @@ dependencies = [
 
 [[package]]
 name = "deltachat"
-version = "1.117.0"
+version = "1.123.0"
 dependencies = [
  "anyhow",
  "async-channel",
@@ -943,6 +923,7 @@ dependencies = [
  "encoded-words",
  "escaper",
  "fast-socks5",
+ "fd-lock",
  "format-flowed",
  "futures",
  "futures-lite",
@@ -955,7 +936,7 @@ dependencies = [
  "libc",
  "mailparse 0.14.0",
  "mime",
- "num-derive",
+ "num-derive 0.4.0",
  "num-traits",
  "num_cpus",
  "once_cell",
@@ -1429,14 +1410,14 @@ checksum = "b5320ae4c3782150d900b79807611a59a99fc9a1d61d686faafc24b93fc8d7ca"
 
 [[package]]
 name = "enum-as-inner"
-version = "0.5.1"
+version = "0.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c9720bba047d567ffc8a3cba48bf19126600e249ab7f128e9233e6376976a116"
+checksum = "5ffccbb6966c05b32ef8fbac435df276c4ae4d3dc55a8cd0eb9745e6c12f546a"
 dependencies = [
  "heck",
  "proc-macro2",
  "quote",
- "syn 1.0.107",
+ "syn 2.0.15",
 ]
 
 [[package]]
@@ -1464,6 +1445,17 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "errno"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "136526188508e25c6fef639d7927dfb3e0e3084488bf202267829cf7fc23dbdd"
+dependencies = [
+ "errno-dragonfly",
+ "libc",
+ "windows-sys 0.48.0",
+]
+
 [[package]]
 name = "errno-dragonfly"
 version = "0.1.2"
@@ -1532,6 +1524,17 @@ dependencies = [
  "instant",
 ]
 
+[[package]]
+name = "fd-lock"
+version = "3.0.13"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ef033ed5e9bad94e55838ca0ca906db0e043f517adda0c8b79c7a8c66c93c1b5"
+dependencies = [
+ "cfg-if",
+ "rustix 0.38.14",
+ "windows-sys 0.48.0",
+]
+
 [[package]]
 name = "ff"
 version = "0.12.1"
@@ -1616,9 +1619,9 @@ checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
 
 [[package]]
 name = "form_urlencoded"
-version = "1.1.0"
+version = "1.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a9c384f161156f5260c24a097c56119f9be8c798586aecc13afbcbe7b7e26bf8"
+checksum = "a62bc1cf6f830c2ec14a513a9fb124d0a213a629668a4186f329db21fe045652"
 dependencies = [
  "percent-encoding",
 ]
@@ -1843,18 +1846,15 @@ dependencies = [
 
 [[package]]
 name = "heck"
-version = "0.4.0"
+version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9"
+checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8"
 
 [[package]]
 name = "hermit-abi"
-version = "0.2.6"
+version = "0.3.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7"
-dependencies = [
- "libc",
-]
+checksum = "d77f7ec81a6d05a3abb01ab6eb7590f6083d08449fe5a1c8b1e620283546ccb7"
 
 [[package]]
 name = "hex"
@@ -1951,7 +1951,7 @@ dependencies = [
  "httpdate",
  "itoa",
  "pin-project-lite",
- "socket2",
+ "socket2 0.4.7",
  "tokio",
  "tower-service",
  "tracing",
@@ -2012,20 +2012,9 @@ checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39"
 
 [[package]]
 name = "idna"
-version = "0.2.3"
+version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "418a0a6fab821475f634efe3ccc45c013f742efe03d853e8d3355d5cb850ecf8"
-dependencies = [
- "matches",
- "unicode-bidi",
- "unicode-normalization",
-]
-
-[[package]]
-name = "idna"
-version = "0.3.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6"
+checksum = "7d20d6b07bfbc108882d88ed8e37d39636dcc260e15e30c45e6ba089610b917c"
 dependencies = [
  "unicode-bidi",
  "unicode-normalization",
@@ -2033,9 +2022,9 @@ dependencies = [
 
 [[package]]
 name = "image"
-version = "0.24.6"
+version = "0.24.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "527909aa81e20ac3a44803521443a765550f09b5130c2c2fa1ea59c2f8f50a3a"
+checksum = "6f3dfdbdd72063086ff443e297b61695500514b1e41095b6fb9a5ab48a70a711"
 dependencies = [
  "bytemuck",
  "byteorder",
@@ -2100,10 +2089,10 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bd302af1b90f2463a98fa5ad469fc212c8e3175a41c3068601bfa2727591c5be"
 dependencies = [
- "socket2",
+ "socket2 0.4.7",
  "widestring",
  "winapi",
- "winreg",
+ "winreg 0.10.1",
 ]
 
 [[package]]
@@ -2230,9 +2219,9 @@ dependencies = [
 
 [[package]]
 name = "libc"
-version = "0.2.139"
+version = "0.2.148"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79"
+checksum = "9cdc71e17332e86d2e1d38c1f99edcb6288ee11b815fb1a4b049eaa2114d369b"
 
 [[package]]
 name = "libm"
@@ -2279,6 +2268,12 @@ version = "0.1.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f051f77a7c8e6957c0696eac88f26b0117e54f52d3fc682ab19397a8812846a4"
 
+[[package]]
+name = "linux-raw-sys"
+version = "0.4.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1a9bad9f94746442c783ca431b22403b519cd7fbeed0533fdd6328b2f2212128"
+
 [[package]]
 name = "lock_api"
 version = "0.4.9"
@@ -2341,15 +2336,9 @@ version = "0.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8263075bb86c5a1b1427b5ae862e8889656f126e9f77c484496e8b47cf5c5558"
 dependencies = [
- "regex-automata",
+ "regex-automata 0.1.10",
 ]
 
-[[package]]
-name = "matches"
-version = "0.1.9"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a3e378b66a060d48947b590737b30a1be76706c8dd7b8ba0f2fe3989c68a853f"
-
 [[package]]
 name = "md-5"
 version = "0.10.5"
@@ -2367,9 +2356,9 @@ checksum = "df39d232f5c40b0891c10216992c2f250c054105cb1e56f0fc9032db6203ecc1"
 
 [[package]]
 name = "memchr"
-version = "2.5.0"
+version = "2.6.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d"
+checksum = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c"
 
 [[package]]
 name = "mime"
@@ -2394,14 +2383,13 @@ dependencies = [
 
 [[package]]
 name = "mio"
-version = "0.8.5"
+version = "0.8.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e5d732bc30207a6423068df043e3d02e0735b155ad7ce1a6f76fe2baa5b158de"
+checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2"
 dependencies = [
  "libc",
- "log",
  "wasi 0.11.0+wasi-snapshot-preview1",
- "windows-sys 0.42.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -2555,6 +2543,17 @@ dependencies = [
  "syn 1.0.107",
 ]
 
+[[package]]
+name = "num-derive"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9e6a0fd4f737c707bd9086cc16c925f294943eb62eb71499e9fd4cf71f8b9f4e"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.15",
+]
+
 [[package]]
 name = "num-integer"
 version = "0.1.45"
@@ -2599,9 +2598,9 @@ dependencies = [
 
 [[package]]
 name = "num_cpus"
-version = "1.15.0"
+version = "1.16.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0fac9e2da13b5eb447a6ce3d392f23a29d8694bff781bf03a16cd9ac8697593b"
+checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43"
 dependencies = [
  "hermit-abi",
  "libc",
@@ -2854,7 +2853,7 @@ dependencies = [
  "md-5",
  "nom",
  "num-bigint-dig",
- "num-derive",
+ "num-derive 0.3.3",
  "num-traits",
  "p256 0.13.1",
  "p384 0.13.0",
@@ -2894,9 +2893,9 @@ dependencies = [
 
 [[package]]
 name = "pin-project-lite"
-version = "0.2.9"
+version = "0.2.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116"
+checksum = "8afb450f006bf6385ca15ef45d71d2288452bc3683ce2e2cacc0d18e4be60b58"
 
 [[package]]
 name = "pin-utils"
@@ -3087,9 +3086,9 @@ checksum = "a1d01941d82fa2ab50be1e79e6714289dd7cde78eba4c074bc5a4374f650dfe0"
 
 [[package]]
 name = "quick-xml"
-version = "0.28.2"
+version = "0.30.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0ce5e73202a820a31f8a0ee32ada5e21029c81fd9e3ebf668a40832e4219d9d1"
+checksum = "eff6510e86862b57b210fd8cbe8ed3f0d7d600b9c2863cd4549a2e033c66e956"
 dependencies = [
  "memchr",
 ]
@@ -3114,9 +3113,9 @@ dependencies = [
 
 [[package]]
 name = "quinn-proto"
-version = "0.9.2"
+version = "0.9.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "72ef4ced82a24bb281af338b9e8f94429b6eca01b4e66d899f40031f074e74c9"
+checksum = "c956be1b23f4261676aed05a0046e204e8a6836e50203902683a718af0797989"
 dependencies = [
  "bytes",
  "rand 0.8.5",
@@ -3139,7 +3138,7 @@ checksum = "641538578b21f5e5c8ea733b736895576d0fe329bb883b937db6f4d163dbaaf4"
 dependencies = [
  "libc",
  "quinn-proto",
- "socket2",
+ "socket2 0.4.7",
  "tracing",
  "windows-sys 0.42.0",
 ]
@@ -3268,13 +3267,14 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.8.4"
+version = "1.9.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d0ab3ca65655bb1e41f2a8c8cd662eb4fb035e67c3f78da1d61dffe89d07300f"
+checksum = "697061221ea1b4a94a624f67d0ae2bfe4e22b8a17b6a192afb11046542cc8c47"
 dependencies = [
  "aho-corasick",
  "memchr",
- "regex-syntax 0.7.2",
+ "regex-automata 0.3.8",
+ "regex-syntax 0.7.5",
 ]
 
 [[package]]
@@ -3286,6 +3286,17 @@ dependencies = [
  "regex-syntax 0.6.28",
 ]
 
+[[package]]
+name = "regex-automata"
+version = "0.3.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c2f401f4955220693b56f8ec66ee9c78abffd8d1c4f23dc41a23839eb88f0795"
+dependencies = [
+ "aho-corasick",
+ "memchr",
+ "regex-syntax 0.7.5",
+]
+
 [[package]]
 name = "regex-syntax"
 version = "0.6.28"
@@ -3294,15 +3305,15 @@ checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848"
 
 [[package]]
 name = "regex-syntax"
-version = "0.7.2"
+version = "0.7.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78"
+checksum = "dbb5fb1acd8a1a18b3dd5be62d25485eb770e05afb408a9627d14d451bae12da"
 
 [[package]]
 name = "reqwest"
-version = "0.11.18"
+version = "0.11.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cde824a14b7c14f85caff81225f411faacc04a2013f41670f41443742b1c1c55"
+checksum = "3e9ad3fe7488d7e34558a2033d45a0c90b72d97b4f80705666fea71472e2e6a1"
 dependencies = [
  "base64 0.21.0",
  "bytes",
@@ -3332,7 +3343,7 @@ dependencies = [
  "wasm-bindgen",
  "wasm-bindgen-futures",
  "web-sys",
- "winreg",
+ "winreg 0.50.0",
 ]
 
 [[package]]
@@ -3438,7 +3449,7 @@ version = "0.29.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "549b9d036d571d42e6e85d1c1425e2ac83491075078ca9a15be021c56b1641f2"
 dependencies = [
- "bitflags 2.0.2",
+ "bitflags 2.4.0",
  "fallible-iterator",
  "fallible-streaming-iterator",
  "hashlink",
@@ -3489,13 +3500,26 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d4fdebc4b395b7fbb9ab11e462e20ed9051e7b16e42d24042c776eca0ac81b03"
 dependencies = [
  "bitflags 1.3.2",
- "errno",
+ "errno 0.2.8",
  "io-lifetimes",
  "libc",
- "linux-raw-sys",
+ "linux-raw-sys 0.1.4",
  "windows-sys 0.42.0",
 ]
 
+[[package]]
+name = "rustix"
+version = "0.38.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "747c788e9ce8e92b12cd485c49ddf90723550b654b32508f979b71a7b1ecda4f"
+dependencies = [
+ "bitflags 2.4.0",
+ "errno 0.3.3",
+ "libc",
+ "linux-raw-sys 0.4.7",
+ "windows-sys 0.48.0",
+]
+
 [[package]]
 name = "rustls"
 version = "0.20.8"
@@ -3557,9 +3581,9 @@ dependencies = [
 
 [[package]]
 name = "sanitize-filename"
-version = "0.4.0"
+version = "0.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "08c502bdb638f1396509467cb0580ef3b29aa2a45c5d43e5d84928241280296c"
+checksum = "2ed72fbaf78e6f2d41744923916966c4fbe3d7c74e3037a8ee482f1115572603"
 dependencies = [
  "lazy_static",
  "regex",
@@ -3855,6 +3879,16 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "socket2"
+version = "0.5.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4031e820eb552adee9295814c0ced9e5cf38ddf1e8b7d566d6de8e2538ea989e"
+dependencies = [
+ "libc",
+ "windows-sys 0.48.0",
+]
+
 [[package]]
 name = "spin"
 version = "0.5.2"
@@ -3919,12 +3953,6 @@ dependencies = [
  "zeroize",
 ]
 
-[[package]]
-name = "stable_deref_trait"
-version = "1.2.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3"
-
 [[package]]
 name = "stop-token"
 version = "0.7.0"
@@ -3945,21 +3973,21 @@ checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
 
 [[package]]
 name = "strum"
-version = "0.24.1"
+version = "0.25.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "063e6045c0e62079840579a7e47a355ae92f60eb74daaf156fb1e84ba164e63f"
+checksum = "290d54ea6f91c969195bdbcd7442c8c2a2ba87da8bf60a7ee86a235d4bc1e125"
 
 [[package]]
 name = "strum_macros"
-version = "0.24.3"
+version = "0.25.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1e385be0d24f186b4ce2f9982191e7101bb737312ad61c1f2f984f34bcf85d59"
+checksum = "ad8d03b598d3d0fff69bf533ee3ef19b8eeb342729596df84bcc7e1f96ec4059"
 dependencies = [
  "heck",
  "proc-macro2",
  "quote",
  "rustversion",
- "syn 1.0.107",
+ "syn 2.0.15",
 ]
 
 [[package]]
@@ -4038,7 +4066,7 @@ dependencies = [
  "cfg-if",
  "fastrand",
  "redox_syscall",
- "rustix",
+ "rustix 0.36.7",
  "windows-sys 0.42.0",
 ]
 
@@ -4147,22 +4175,21 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c"
 
 [[package]]
 name = "tokio"
-version = "1.25.0"
+version = "1.32.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c8e00990ebabbe4c14c08aca901caed183ecd5c09562a12c824bb53d3c3fd3af"
+checksum = "17ed6077ed6cd6c74735e21f37eb16dc3935f96878b1fe961074089cc80893f9"
 dependencies = [
- "autocfg",
+ "backtrace",
  "bytes",
  "libc",
- "memchr",
  "mio",
  "num_cpus",
  "parking_lot",
  "pin-project-lite",
  "signal-hook-registry",
- "socket2",
+ "socket2 0.5.4",
  "tokio-macros",
- "windows-sys 0.42.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -4177,13 +4204,13 @@ dependencies = [
 
 [[package]]
 name = "tokio-macros"
-version = "1.8.2"
+version = "2.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d266c00fde287f55d3f1c3e96c500c362a2b8c695076ec180f27918820bc6df8"
+checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 1.0.107",
+ "syn 2.0.15",
 ]
 
 [[package]]
@@ -4239,9 +4266,9 @@ dependencies = [
 
 [[package]]
 name = "tokio-util"
-version = "0.7.8"
+version = "0.7.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "806fe8c2c87eccc8b3267cbae29ed3ab2d0bd37fca70ab622e46aaa9375ddb7d"
+checksum = "1d68074620f57a0b21594d9735eb2e98ab38b17f80d3fcb189fca266771ca60d"
 dependencies = [
  "bytes",
  "futures-core",
@@ -4365,9 +4392,9 @@ dependencies = [
 
 [[package]]
 name = "trust-dns-proto"
-version = "0.22.0"
+version = "0.23.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4f7f83d1e4a0e4358ac54c5c3681e5d7da5efc5a7a632c90bb6d6669ddd9bc26"
+checksum = "0dc775440033cb114085f6f2437682b194fa7546466024b1037e82a48a052a69"
 dependencies = [
  "async-trait",
  "cfg-if",
@@ -4376,9 +4403,9 @@ dependencies = [
  "futures-channel",
  "futures-io",
  "futures-util",
- "idna 0.2.3",
+ "idna",
  "ipnet",
- "lazy_static",
+ "once_cell",
  "rand 0.8.5",
  "smallvec",
  "thiserror",
@@ -4390,16 +4417,17 @@ dependencies = [
 
 [[package]]
 name = "trust-dns-resolver"
-version = "0.22.0"
+version = "0.23.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "aff21aa4dcefb0a1afbfac26deb0adc93888c7d295fb63ab273ef276ba2b7cfe"
+checksum = "2dff7aed33ef3e8bf2c9966fccdfed93f93d46f432282ea875cd66faabc6ef2f"
 dependencies = [
  "cfg-if",
  "futures-util",
  "ipconfig",
- "lazy_static",
  "lru-cache",
+ "once_cell",
  "parking_lot",
+ "rand 0.8.5",
  "resolv-conf",
  "smallvec",
  "thiserror",
@@ -4431,9 +4459,9 @@ checksum = "497961ef93d974e23eb6f433eb5fe1b7930b659f06d12dec6fc44a8f554c0bba"
 
 [[package]]
 name = "unicode-bidi"
-version = "0.3.8"
+version = "0.3.13"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992"
+checksum = "92888ba5573ff080736b3648696b70cafad7d250551175acbaa4e0385b3e1460"
 
 [[package]]
 name = "unicode-ident"
@@ -4480,12 +4508,12 @@ checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a"
 
 [[package]]
 name = "url"
-version = "2.3.1"
+version = "2.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0d68c799ae75762b8c3fe375feb6600ef5602c883c5d21eb51c09f22b83c4643"
+checksum = "143b538f18257fac9cad154828a57c6bf5157e1aa604d4816b5995bf6de87ae5"
 dependencies = [
  "form_urlencoded",
- "idna 0.3.0",
+ "idna",
  "percent-encoding",
 ]
 
@@ -4648,9 +4676,9 @@ dependencies = [
 
 [[package]]
 name = "webpki"
-version = "0.22.0"
+version = "0.22.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd"
+checksum = "07ecc0cd7cac091bf682ec5efa18b1cff79d617b84181f38b3951dbe135f607f"
 dependencies = [
  "ring",
  "untrusted",
@@ -4731,21 +4759,51 @@ version = "0.42.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7"
 dependencies = [
- "windows_aarch64_gnullvm",
+ "windows_aarch64_gnullvm 0.42.0",
  "windows_aarch64_msvc 0.42.0",
  "windows_i686_gnu 0.42.0",
  "windows_i686_msvc 0.42.0",
  "windows_x86_64_gnu 0.42.0",
- "windows_x86_64_gnullvm",
+ "windows_x86_64_gnullvm 0.42.0",
  "windows_x86_64_msvc 0.42.0",
 ]
 
+[[package]]
+name = "windows-sys"
+version = "0.48.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9"
+dependencies = [
+ "windows-targets",
+]
+
+[[package]]
+name = "windows-targets"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c"
+dependencies = [
+ "windows_aarch64_gnullvm 0.48.5",
+ "windows_aarch64_msvc 0.48.5",
+ "windows_i686_gnu 0.48.5",
+ "windows_i686_msvc 0.48.5",
+ "windows_x86_64_gnu 0.48.5",
+ "windows_x86_64_gnullvm 0.48.5",
+ "windows_x86_64_msvc 0.48.5",
+]
+
 [[package]]
 name = "windows_aarch64_gnullvm"
 version = "0.42.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "41d2aa71f6f0cbe00ae5167d90ef3cfe66527d6f613ca78ac8024c3ccab9a19e"
 
+[[package]]
+name = "windows_aarch64_gnullvm"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8"
+
 [[package]]
 name = "windows_aarch64_msvc"
 version = "0.32.0"
@@ -4764,6 +4822,12 @@ version = "0.42.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dd0f252f5a35cac83d6311b2e795981f5ee6e67eb1f9a7f64eb4500fbc4dcdb4"
 
+[[package]]
+name = "windows_aarch64_msvc"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc"
+
 [[package]]
 name = "windows_i686_gnu"
 version = "0.32.0"
@@ -4782,6 +4846,12 @@ version = "0.42.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "fbeae19f6716841636c28d695375df17562ca208b2b7d0dc47635a50ae6c5de7"
 
+[[package]]
+name = "windows_i686_gnu"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e"
+
 [[package]]
 name = "windows_i686_msvc"
 version = "0.32.0"
@@ -4800,6 +4870,12 @@ version = "0.42.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "84c12f65daa39dd2babe6e442988fc329d6243fdce47d7d2d155b8d874862246"
 
+[[package]]
+name = "windows_i686_msvc"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406"
+
 [[package]]
 name = "windows_x86_64_gnu"
 version = "0.32.0"
@@ -4818,12 +4894,24 @@ version = "0.42.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bf7b1b21b5362cbc318f686150e5bcea75ecedc74dd157d874d754a2ca44b0ed"
 
+[[package]]
+name = "windows_x86_64_gnu"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e"
+
 [[package]]
 name = "windows_x86_64_gnullvm"
 version = "0.42.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "09d525d2ba30eeb3297665bd434a54297e4170c7f1a44cad4ef58095b4cd2028"
 
+[[package]]
+name = "windows_x86_64_gnullvm"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc"
+
 [[package]]
 name = "windows_x86_64_msvc"
 version = "0.32.0"
@@ -4842,6 +4930,12 @@ version = "0.42.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f40009d85759725a34da6d89a94e63d7bdc50a862acf0dbc7c8e488f1edcb6f5"
 
+[[package]]
+name = "windows_x86_64_msvc"
+version = "0.48.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538"
+
 [[package]]
 name = "winreg"
 version = "0.10.1"
@@ -4851,6 +4945,16 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "winreg"
+version = "0.50.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "524e57b2c537c0f9b1e69f1965311ec12182b4122e45035b1508cd24d2adadb1"
+dependencies = [
+ "cfg-if",
+ "windows-sys 0.48.0",
+]
+
 [[package]]
 name = "x25519-dalek"
 version = "2.0.0-pre.1"

node/constants.js

@@ -159,6 +159,8 @@ module.exports = {
   DC_STR_BROADCAST_LIST: 115,
   DC_STR_CANNOT_LOGIN: 60,
   DC_STR_CANTDECRYPT_MSG_BODY: 29,
+  DC_STR_CHAT_PROTECTION_DISABLED: 171,
+  DC_STR_CHAT_PROTECTION_ENABLED: 170,
   DC_STR_CONFIGURATION_FAILED: 84,
   DC_STR_CONNECTED: 107,
   DC_STR_CONNTECTING: 108,
@@ -244,12 +246,6 @@ module.exports = {
   DC_STR_OUTGOING_MESSAGES: 104,
   DC_STR_PARTIAL_DOWNLOAD_MSG_BODY: 99,
   DC_STR_PART_OF_TOTAL_USED: 116,
-  DC_STR_PROTECTION_DISABLED: 89,
-  DC_STR_PROTECTION_DISABLED_BY_OTHER: 161,
-  DC_STR_PROTECTION_DISABLED_BY_YOU: 160,
-  DC_STR_PROTECTION_ENABLED: 88,
-  DC_STR_PROTECTION_ENABLED_BY_OTHER: 159,
-  DC_STR_PROTECTION_ENABLED_BY_YOU: 158,
   DC_STR_QUOTA_EXCEEDING_MSG_BODY: 98,
   DC_STR_READRCPT: 31,
   DC_STR_READRCPT_MAILBODY: 32,

node/lib/constants.ts

@@ -159,6 +159,8 @@ export enum C {
   DC_STR_BROADCAST_LIST = 115,
   DC_STR_CANNOT_LOGIN = 60,
   DC_STR_CANTDECRYPT_MSG_BODY = 29,
+  DC_STR_CHAT_PROTECTION_DISABLED = 171,
+  DC_STR_CHAT_PROTECTION_ENABLED = 170,
   DC_STR_CONFIGURATION_FAILED = 84,
   DC_STR_CONNECTED = 107,
   DC_STR_CONNTECTING = 108,
@@ -244,12 +246,6 @@ export enum C {
   DC_STR_OUTGOING_MESSAGES = 104,
   DC_STR_PARTIAL_DOWNLOAD_MSG_BODY = 99,
   DC_STR_PART_OF_TOTAL_USED = 116,
-  DC_STR_PROTECTION_DISABLED = 89,
-  DC_STR_PROTECTION_DISABLED_BY_OTHER = 161,
-  DC_STR_PROTECTION_DISABLED_BY_YOU = 160,
-  DC_STR_PROTECTION_ENABLED = 88,
-  DC_STR_PROTECTION_ENABLED_BY_OTHER = 159,
-  DC_STR_PROTECTION_ENABLED_BY_YOU = 158,
   DC_STR_QUOTA_EXCEEDING_MSG_BODY = 98,
   DC_STR_READRCPT = 31,
   DC_STR_READRCPT_MAILBODY = 32,

node/lib/context.ts

@@ -699,23 +699,6 @@ export class Context extends EventEmitter {
     )
   }
 
-  /**
-   *
-   * @param chatId
-   * @param protect
-   * @returns success boolean
-   */
-  setChatProtection(chatId: number, protect: boolean) {
-    debug(`setChatProtection ${chatId} ${protect}`)
-    return Boolean(
-      binding.dcn_set_chat_protection(
-        this.dcn_context,
-        Number(chatId),
-        protect ? 1 : 0
-      )
-    )
-  }
-
   getChatEphemeralTimer(chatId: number): number {
     debug(`getChatEphemeralTimer ${chatId}`)
     return binding.dcn_get_chat_ephemeral_timer(

node/lib/deltachat.ts

@@ -21,12 +21,15 @@ export class AccountManager extends EventEmitter {
   accountDir: string
   jsonRpcStarted = false
 
-  constructor(cwd: string, os = 'deltachat-node') {
+  constructor(cwd: string, writable = true) {
     super()
     debug('DeltaChat constructor')
 
     this.accountDir = cwd
-    this.dcn_accounts = binding.dcn_accounts_new(os, this.accountDir)
+    this.dcn_accounts = binding.dcn_accounts_new(
+      this.accountDir,
+      writable ? 1 : 0
+    )
   }
 
   getAllAccountIds() {

node/src/module.c

@@ -1399,18 +1399,6 @@ NAPI_METHOD(dcn_set_chat_name) {
   NAPI_RETURN_INT32(result);
 }
 
-NAPI_METHOD(dcn_set_chat_protection) {
-  NAPI_ARGV(3);
-  NAPI_DCN_CONTEXT();
-  NAPI_ARGV_UINT32(chat_id, 1);
-  NAPI_ARGV_INT32(protect, 1);
-
-  int result = dc_set_chat_protection(dcn_context->dc_context,
-                                      chat_id,
-                                      protect);
-  NAPI_RETURN_INT32(result);
-}
-
 NAPI_METHOD(dcn_get_chat_ephemeral_timer) {
   NAPI_ARGV(2);
   NAPI_DCN_CONTEXT();
@@ -2915,8 +2903,8 @@ NAPI_METHOD(dcn_msg_get_webxdc_blob){
 
 NAPI_METHOD(dcn_accounts_new) {
   NAPI_ARGV(2);
-  NAPI_ARGV_UTF8_MALLOC(os_name, 0);
-  NAPI_ARGV_UTF8_MALLOC(dir, 1);
+  NAPI_ARGV_UTF8_MALLOC(dir, 0);
+  NAPI_ARGV_INT32(writable, 1);
   TRACE("calling..");
 
   dcn_accounts_t* dcn_accounts = calloc(1, sizeof(dcn_accounts_t));
@@ -2925,7 +2913,7 @@ NAPI_METHOD(dcn_accounts_new) {
   }
 
 
-  dcn_accounts->dc_accounts = dc_accounts_new(os_name, dir);
+  dcn_accounts->dc_accounts = dc_accounts_new(dir, writable);
 
   napi_value result;
   NAPI_STATUS_THROWS(napi_create_external(env, dcn_accounts,
@@ -3491,7 +3479,6 @@ NAPI_INIT() {
   NAPI_EXPORT_FUNCTION(dcn_send_msg);
   NAPI_EXPORT_FUNCTION(dcn_send_videochat_invitation);
   NAPI_EXPORT_FUNCTION(dcn_set_chat_name);
-  NAPI_EXPORT_FUNCTION(dcn_set_chat_protection);
   NAPI_EXPORT_FUNCTION(dcn_get_chat_ephemeral_timer);
   NAPI_EXPORT_FUNCTION(dcn_set_chat_ephemeral_timer);
   NAPI_EXPORT_FUNCTION(dcn_set_chat_profile_image);

python/src/deltachat/account.py

@@ -617,18 +617,18 @@ class Account:
     # meta API for start/stop and event based processing
     #
 
-    def run_account(self, addr=None, password=None, account_plugins=None, show_ffi=False, displayname=None):
+    def run_account(self, addr=None, password=None, account_plugins=None, show_ffi=False):
+        from .events import FFIEventLogger
+
         """get the account running, configure it if necessary. add plugins if provided.
 
         :param addr: the email address of the account
         :param password: the password of the account
         :param account_plugins: a list of plugins to add
         :param show_ffi: show low level ffi events
-        :param displayname: the display name of the account
         """
-        from .events import FFIEventLogger
-
         if show_ffi:
+            self.set_config("displayname", "bot")
             log = FFIEventLogger(self)
             self.add_account_plugin(log)
 
@@ -644,8 +644,6 @@ class Account:
             configtracker = self.configure()
             configtracker.wait_finish()
 
-        if displayname:
-            self.set_config("displayname", displayname)
         # start IO threads and configure if necessary
         self.start_io()
 

python/tests/test_0_complex_or_slow.py

@@ -137,6 +137,7 @@ def test_qr_verified_group_and_chatting(acfactory, lp):
     lp.sec("ac2: read member added message")
     msg = ac2._evtracker.wait_next_incoming_message()
     assert msg.is_encrypted()
+    assert msg.is_system_message()
     assert "added" in msg.text.lower()
 
     lp.sec("ac1: send message")
@@ -182,8 +183,9 @@ def test_qr_verified_group_and_chatting(acfactory, lp):
 
     lp.sec("ac2: send message and let ac3 read it")
     chat2.send_text("hi")
-    # Skip system message about added member
-    ac3._evtracker.wait_next_incoming_message()
+    # System message about the added member.
+    msg = ac3._evtracker.wait_next_incoming_message()
+    assert msg.is_system_message()
     msg = ac3._evtracker.wait_next_incoming_message()
     assert msg.text == "hi"
     assert msg.is_encrypted()
@@ -524,7 +526,8 @@ def test_see_new_verified_member_after_going_online(acfactory, tmp_path, lp):
     lp.sec("ac2: sending message")
     # Message can be sent only after a receipt of "vg-member-added" message. Just wait for
     # "Member Me (<addr>) added by <addr>." message.
-    ac2._evtracker.wait_next_incoming_message()
+    msg_in = ac2._evtracker.wait_next_incoming_message()
+    assert msg_in.is_system_message()
     msg_out = chat2.send_text("hello")
 
     lp.sec("ac1: receiving message")

python/tests/test_1_online.py

@@ -9,7 +9,7 @@ import pytest
 from imap_tools import AND, U
 
 import deltachat as dc
-from deltachat import account_hookimpl, Message
+from deltachat import account_hookimpl, Message, Chat
 from deltachat.tracker import ImexTracker
 
 
@@ -1467,13 +1467,18 @@ def test_reaction_to_partially_fetched_msg(acfactory, lp, tmp_path):
     path = tmp_path / "large"
     path.write_bytes(os.urandom(download_limit + 1))
     msgs.append(chat.send_file(str(path)))
-
-    lp.sec("sending a reaction to the large message from ac1 to ac2")
-    react_str = "\N{THUMBS UP SIGN}"
-    msgs.append(msgs[-1].send_reaction(react_str))
-
     for m in msgs:
         ac1._evtracker.wait_msg_delivered(m)
+
+    lp.sec("sending a reaction to the large message from ac1 to ac2")
+    # TODO: Find the reason of an occasional message reordering on the server (so that the reaction
+    # has a lower UID than the previous message). W/a is to sleep for some time to let the reaction
+    # have a later INTERNALDATE.
+    time.sleep(1.1)
+    react_str = "\N{THUMBS UP SIGN}"
+    msgs.append(msgs[-1].send_reaction(react_str))
+    ac1._evtracker.wait_msg_delivered(msgs[-1])
+
     ac2.start_io()
 
     lp.sec("wait for ac2 to receive a reaction")
@@ -1505,7 +1510,7 @@ def test_reactions_for_a_reordering_move(acfactory, lp):
     ac1._evtracker.wait_msg_delivered(msg1)
     # It's is sad, but messages must differ in their INTERNALDATEs to be processed in the correct
     # order by DC, and most (if not all) mail servers provide only seconds precision.
-    time.sleep(2)
+    time.sleep(1.1)
     react_str = "\N{THUMBS UP SIGN}"
     ac1._evtracker.wait_msg_delivered(msg1.send_reaction(react_str))
 
@@ -1664,8 +1669,12 @@ def test_qr_setup_contact(acfactory, lp):
     ac1._evtracker.wait_securejoin_inviter_progress(1000)
 
 
-def test_qr_join_chat(acfactory, lp):
+@pytest.mark.parametrize("verified_one_on_one_chats", [0, 1])
+def test_qr_join_chat(acfactory, lp, verified_one_on_one_chats):
     ac1, ac2 = acfactory.get_online_accounts(2)
+    ac1.set_config("verified_one_on_one_chats", verified_one_on_one_chats)
+    ac2.set_config("verified_one_on_one_chats", verified_one_on_one_chats)
+
     lp.sec("ac1: create QR code and let ac2 scan it, starting the securejoin")
     chat = ac1.create_group_chat("hello")
     qr = chat.get_join_qr()
@@ -1678,6 +1687,17 @@ def test_qr_join_chat(acfactory, lp):
     ac2._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_DELETED")
     ac1._evtracker.wait_securejoin_inviter_progress(1000)
 
+    msg = ac2._evtracker.wait_next_incoming_message()
+    assert msg.text == "Member Me ({}) added by {}.".format(ac2.get_config("addr"), ac1.get_config("addr"))
+
+    # ac1 reloads the chat.
+    chat = Chat(chat.account, chat.id)
+    assert not chat.is_protected()
+
+    # ac2 reloads the chat.
+    ch = Chat(ch.account, ch.id)
+    assert not ch.is_protected()
+
 
 def test_qr_new_group_unblocked(acfactory, lp):
     """Regression test for a bug intoduced in core v1.113.0.
@@ -1926,15 +1946,13 @@ def test_set_get_group_image(acfactory, data, lp):
     lp.sec("ac1: add ac2 to promoted group chat")
     chat.add_contact(ac2)  # sends one message
 
-    lp.sec("ac2: wait for receiving member added message from ac1")
-    msg1 = ac2._evtracker.wait_next_incoming_message()
-    assert msg1.is_system_message()  # Member added
-
     lp.sec("ac1: send a first message to ac2")
     chat.send_text("hi")  # sends another message
     assert chat.is_promoted()
 
     lp.sec("ac2: wait for receiving message from ac1")
+    msg1 = ac2._evtracker.wait_next_incoming_message()
+    assert msg1.is_system_message()  # Member added
     msg2 = ac2._evtracker.wait_next_incoming_message()
     assert msg2.text == "hi"
     assert msg1.chat.id == msg2.chat.id

python/tests/test_4_lowlevel.py

@@ -222,8 +222,9 @@ def test_logged_ac_process_ffi_failure(acfactory):
 
 def test_jsonrpc_blocking_call(tmp_path):
     accounts_fname = tmp_path / "accounts"
+    writable = True
     accounts = ffi.gc(
-        lib.dc_accounts_new(ffi.NULL, str(accounts_fname).encode("ascii")),
+        lib.dc_accounts_new(str(accounts_fname).encode("ascii"), writable),
         lib.dc_accounts_unref,
     )
     jsonrpc = ffi.gc(lib.dc_jsonrpc_init(accounts), lib.dc_jsonrpc_unref)

python/tox.ini

@@ -62,7 +62,8 @@ commands =
 [testenv:doc]
 changedir=doc
 deps =
-    sphinx
+# Pinned due to incompatibility of breathe with sphinx 7.2: <https://github.com/breathe-doc/breathe/issues/943>
+    sphinx<=7.1.2
     breathe
 commands =
     sphinx-build -Q -w toxdoc-warnings.log -b html . _build/html

scripts/README.md

@@ -18,7 +18,7 @@ and an own build machine.
 - `remote_tests_rust.sh` rsyncs to the build machine and runs
   `run-rust-test.sh` remotely on the build machine. 
 
-- `make-python-testenv.sh` creates local python test development environment.
+- `make-python-testenv.sh` creates or updates local python test development environment.
   Reusing the same environment is faster than running `run-python-test.sh` which always
   recreates environment from scratch and runs additional lints.
 

scripts/coredeps/Dockerfile

@@ -6,3 +6,4 @@ FROM $BASEIMAGE
 RUN pipx install tox
 COPY install-rust.sh /scripts/
 RUN /scripts/install-rust.sh
+RUN if command -v yum; then yum install -y perl-IPC-Cmd; fi

scripts/generate_openrpc_bindings.py

@@ -0,0 +1,177 @@
+#!/usr/bin/env python3
+import subprocess
+import json
+from pprint import pprint
+
+
+def from_camel_case(name):
+    """Convert a camelCase identifier to snake case."""
+    l = len(name)
+    name += "X"
+    res = ""
+    start = 0
+    for i in range(len(name)):
+        if i > 0 and name[i].isupper():
+            res += name[start:i].lower()
+            if i != l:
+                res += "_"
+            start = i
+    return res
+
+
+def generate_method(method):
+    assert method["paramStructure"] == "by-position"
+    name = method["name"]
+    params = method["params"]
+    args_typed = ", ".join(
+        [
+            from_camel_case(param["name"])
+            + ": "
+            + (decode_type(param["schema"]) or "Any")
+            for param in params
+        ]
+    )
+    args = ", ".join([from_camel_case(param["name"]) for param in params])
+    result_type = decode_type(method["result"]["schema"])
+    print(f"def {name}({args_typed}) -> {result_type}:")
+    if "description" in method:
+        description = method["description"]
+        if "\n" in description:
+            print(f'    """{method["description"].lstrip()}\n    """')
+        else:
+            print(f'    """{method["description"].lstrip()}"""')
+    print(f"    rpc_call({args})")
+    print()
+
+
+def generate_openrpc_methods(openrpc_spec):
+    for method in openrpc_spec["methods"]:
+        generate_method(method)
+
+
+def decode_type(property_desc):
+    if "anyOf" in property_desc:
+        t = property_desc["anyOf"]
+        assert len(t) == 2
+        assert t[1] == {"type": "null"}
+        ref = t[0]["$ref"]
+        assert ref.startswith("#/components/schemas/")
+        return f'Optional["{ref.removeprefix("#/components/schemas/")}"]'
+    elif "$ref" in property_desc:
+        t = property_desc["$ref"]
+        assert t.startswith("#/components/schemas/")
+        t = t.removeprefix("#/components/schemas/")
+        return f'"{t}"'
+    elif property_desc["type"] == "null":
+        return "None"
+    elif "null" in property_desc["type"]:
+        assert len(property_desc["type"]) == 2
+        assert property_desc["type"][1] == "null"
+        property_desc["type"] = property_desc["type"][0]
+        t = decode_type(property_desc)
+        if t:
+            return f"Optional[{t}]"
+    elif property_desc["type"] == "boolean":
+        return "bool"
+    elif property_desc["type"] == "integer":
+        return "int"
+    elif property_desc["type"] == "number" and property_desc["format"] == "double":
+        return "float"
+    elif property_desc["type"] == "string":
+        return "str"
+    elif property_desc["type"] == "array":
+        if isinstance(property_desc["items"], list):
+            items_desc = ", ".join(decode_type(x) for x in property_desc["items"])
+            return f"Tuple[{items_desc}]"
+        else:
+            items_type = decode_type(property_desc["items"])
+            return f"list[{items_type}]"
+    elif "additionalProperties" in property_desc:
+        additional_properties = property_desc["additionalProperties"]
+        return f"dict[Any, {decode_type(additional_properties)}]"
+    return None
+
+
+def generate_variant(variant) -> str:
+    """Prints generated type for enum variant.
+
+    Returns the name of the generated type.
+    """
+    assert variant["type"] == "object"
+    kind = variant["properties"]["kind"]
+    assert kind["type"] == "string"
+    assert len(kind["enum"]) == 1
+    kind_name = kind["enum"][0]
+    kind_name = kind_name[0].upper() + kind_name[1:]
+
+    print(f"    @dataclass(kw_only=True)")
+    print(f"    class {kind_name}:")
+    print(f"        kind: str = \"{kind_name}\"")
+    for property_name, property_desc in variant["properties"].items():
+        property_name = from_camel_case(property_name)
+        if property_name == "kind":
+            continue
+        if t := decode_type(property_desc):
+            print(f"        {property_name}: {t}")
+        else:
+            print("# TODO")
+            pprint(property_name)
+            pprint(property_desc)
+    print()
+
+    return kind_name
+
+
+def generate_type(type_name, schema):
+    if "oneOf" in schema:
+        if all(x["type"] == "string" for x in schema["oneOf"]):
+            # Simple enumeration consisting only of various string types.
+            print(f"class {type_name}(Enum):")
+            for x in schema["oneOf"]:
+                for e in x["enum"]:
+                    print(f'    {from_camel_case(e).upper()} = "{e}"')
+        else:
+            # Union type.
+            namespace = f"{type_name}Enum"
+            print(f"class {namespace}:")
+            kind_names = [f"{namespace}.{generate_variant(x)}" for x in schema["oneOf"]]
+
+            print(f"{type_name}: TypeAlias = {' | '.join(kind_names)}")
+    elif schema["type"] == "string":
+        print(f"class {type_name}(Enum):")
+        for e in schema["enum"]:
+            print(f'    {from_camel_case(e).upper()} = "{e}"')
+    else:
+        print("@dataclass(kw_only=True)")
+        print(f"class {type_name}:")
+        for property_name, property_desc in schema["properties"].items():
+            property_name = from_camel_case(property_name)
+            if decode_type(property_desc):
+                print(f"    {property_name}: {decode_type(property_desc)}")
+            else:
+                print(f"# TODO {property_name}")
+                pprint(property_desc)
+
+    print()
+
+
+def generate_openrpc_types(openrpc_spec):
+    for type_name, schema in openrpc_spec["components"]["schemas"].items():
+        generate_type(type_name, schema)
+
+
+def main():
+    openrpc_spec = json.loads(
+        subprocess.run(
+            ["deltachat-rpc-server", "--openrpc"], capture_output=True
+        ).stdout
+    )
+    print("from dataclasses import dataclass")
+    print("from enum import Enum")
+    print("from typing import TypeAlias, Union, Optional, Tuple, Any")
+    generate_openrpc_types(openrpc_spec)
+    generate_openrpc_methods(openrpc_spec)
+
+
+if __name__ == "__main__":
+    main()

scripts/make-python-testenv.sh

@@ -4,8 +4,8 @@
 # It rebuilds the core and bindings as needed.
 #
 # After running the script, you can either
-# run `pytest` directly with `venv/bin/pytest python/`
-# or activate the environment with `. venv/bin/activate`
+# run `pytest` directly with `env/bin/pytest python/`
+# or activate the environment with `. env/bin/activacte`
 # and run `pytest` from there.
 set -euo pipefail
 
@@ -13,5 +13,9 @@ export DCC_RS_TARGET=debug
 export DCC_RS_DEV="$PWD"
 cargo build -p deltachat_ffi --features jsonrpc
 
-tox -c python -e py --devenv venv
-env/bin/pip install --upgrade pip
+if test -d env; then
+	env/bin/pip install -e python --force-reinstall
+else
+	tox -e py --devenv env
+	env/bin/pip install --upgrade pip
+fi

src/accounts.rs

@@ -7,6 +7,9 @@ use anyhow::{ensure, Context as _, Result};
 use serde::{Deserialize, Serialize};
 use tokio::fs;
 use tokio::io::AsyncWriteExt;
+use tokio::sync::oneshot;
+use tokio::task::JoinHandle;
+use tokio::time::{sleep, Duration};
 use uuid::Uuid;
 
 use crate::context::Context;
@@ -33,16 +36,16 @@ pub struct Accounts {
 
 impl Accounts {
     /// Loads or creates an accounts folder at the given `dir`.
-    pub async fn new(dir: PathBuf) -> Result<Self> {
-        if !dir.exists() {
+    pub async fn new(dir: PathBuf, writable: bool) -> Result<Self> {
+        if writable && !dir.exists() {
             Accounts::create(&dir).await?;
         }
 
-        Accounts::open(dir).await
+        Accounts::open(dir, writable).await
     }
 
     /// Creates a new default structure.
-    pub async fn create(dir: &Path) -> Result<()> {
+    async fn create(dir: &Path) -> Result<()> {
         fs::create_dir_all(dir)
             .await
             .context("failed to create folder")?;
@@ -54,13 +57,13 @@ impl Accounts {
 
     /// Opens an existing accounts structure. Will error if the folder doesn't exist,
     /// no account exists and no config exists.
-    pub async fn open(dir: PathBuf) -> Result<Self> {
+    async fn open(dir: PathBuf, writable: bool) -> Result<Self> {
         ensure!(dir.exists(), "directory does not exist");
 
         let config_file = dir.join(CONFIG_NAME);
         ensure!(config_file.exists(), "{:?} does not exist", config_file);
 
-        let config = Config::from_file(config_file)
+        let config = Config::from_file(config_file, writable)
             .await
             .context("failed to load accounts config")?;
         let events = Events::new();
@@ -298,14 +301,20 @@ impl Accounts {
 /// Configuration file name.
 const CONFIG_NAME: &str = "accounts.toml";
 
+/// Lockfile name.
+const LOCKFILE_NAME: &str = "accounts.lock";
+
 /// Database file name.
 const DB_NAME: &str = "dc.db";
 
 /// Account manager configuration file.
-#[derive(Debug, Clone, PartialEq)]
+#[derive(Debug)]
 struct Config {
     file: PathBuf,
     inner: InnerConfig,
+    // We lock the lockfile in the Config constructors to protect also from having multiple Config
+    // objects for the same config file.
+    lock_task: Option<JoinHandle<anyhow::Result<()>>>,
 }
 
 /// Account manager configuration file contents.
@@ -319,17 +328,74 @@ struct InnerConfig {
     pub accounts: Vec<AccountConfig>,
 }
 
+impl Drop for Config {
+    fn drop(&mut self) {
+        if let Some(lock_task) = self.lock_task.take() {
+            lock_task.abort();
+        }
+    }
+}
+
 impl Config {
-    /// Creates a new configuration file in the given account manager directory.
-    pub async fn new(dir: &Path) -> Result<Self> {
+    /// Creates a new Config for `file`, but doesn't open/sync it.
+    async fn new_nosync(file: PathBuf, lock: bool) -> Result<Self> {
+        let dir = file.parent().context("Cannot get config file directory")?;
         let inner = InnerConfig {
             accounts: Vec::new(),
             selected_account: 0,
             next_id: 1,
         };
-        let file = dir.join(CONFIG_NAME);
-        let mut cfg = Self { file, inner };
+        if !lock {
+            let cfg = Self {
+                file,
+                inner,
+                lock_task: None,
+            };
+            return Ok(cfg);
+        }
+        let lockfile = dir.join(LOCKFILE_NAME);
+        let mut lock = fd_lock::RwLock::new(fs::File::create(lockfile).await?);
+        let (locked_tx, locked_rx) = oneshot::channel();
+        let lock_task: JoinHandle<anyhow::Result<()>> = tokio::spawn(async move {
+            let mut timeout = Duration::from_millis(100);
+            let _guard = loop {
+                match lock.try_write() {
+                    Ok(guard) => break Ok(guard),
+                    Err(err) => {
+                        if timeout.as_millis() > 1600 {
+                            break Err(err);
+                        }
+                        // We need to wait for the previous lock_task to be aborted thus unlocking
+                        // the lockfile. We don't open configs for writing often outside of the
+                        // tests, so this adds delays to the tests, but otherwise ok.
+                        sleep(timeout).await;
+                        if err.kind() == std::io::ErrorKind::WouldBlock {
+                            timeout *= 2;
+                        }
+                    }
+                }
+            }?;
+            locked_tx
+                .send(())
+                .ok()
+                .context("Cannot notify about lockfile locking")?;
+            let (_tx, rx) = oneshot::channel();
+            rx.await?;
+            Ok(())
+        });
+        let cfg = Self {
+            file,
+            inner,
+            lock_task: Some(lock_task),
+        };
+        locked_rx.await?;
+        Ok(cfg)
+    }
 
+    /// Creates a new configuration file in the given account manager directory.
+    pub async fn new(dir: &Path) -> Result<Self> {
+        let lock = true;
+        let mut cfg = Self::new_nosync(dir.join(CONFIG_NAME), lock).await?;
         cfg.sync().await?;
 
         Ok(cfg)
@@ -339,6 +405,11 @@ impl Config {
     /// Takes a mutable reference because the saved file is a part of the `Config` state. This
     /// protects from parallel calls resulting to a wrong file contents.
     async fn sync(&mut self) -> Result<()> {
+        ensure!(!self
+            .lock_task
+            .as_ref()
+            .context("Config is read-only")?
+            .is_finished());
         let tmp_path = self.file.with_extension("toml.tmp");
         let mut file = fs::File::create(&tmp_path)
             .await
@@ -357,24 +428,28 @@ impl Config {
     }
 
     /// Read a configuration from the given file into memory.
-    pub async fn from_file(file: PathBuf) -> Result<Self> {
-        let dir = file.parent().context("can't get config file directory")?;
-        let bytes = fs::read(&file).await.context("failed to read file")?;
+    pub async fn from_file(file: PathBuf, writable: bool) -> Result<Self> {
+        let dir = file
+            .parent()
+            .context("Cannot get config file directory")?
+            .to_path_buf();
+        let mut config = Self::new_nosync(file, writable).await?;
+        let bytes = fs::read(&config.file)
+            .await
+            .context("Failed to read file")?;
         let s = std::str::from_utf8(&bytes)?;
-        let mut inner: InnerConfig = toml::from_str(s).context("failed to parse config")?;
+        config.inner = toml::from_str(s).context("Failed to parse config")?;
 
         // Previous versions of the core stored absolute paths in account config.
         // Convert them to relative paths.
         let mut modified = false;
-        for account in &mut inner.accounts {
-            if let Ok(new_dir) = account.dir.strip_prefix(dir) {
+        for account in &mut config.inner.accounts {
+            if let Ok(new_dir) = account.dir.strip_prefix(&dir) {
                 account.dir = new_dir.to_path_buf();
                 modified = true;
             }
         }
-
-        let mut config = Self { file, inner };
-        if modified {
+        if modified && writable {
             config.sync().await?;
         }
 
@@ -518,26 +593,44 @@ mod tests {
         let p: PathBuf = dir.path().join("accounts1");
 
         {
-            let mut accounts = Accounts::new(p.clone()).await.unwrap();
+            let writable = true;
+            let mut accounts = Accounts::new(p.clone(), writable).await.unwrap();
             accounts.add_account().await.unwrap();
 
             assert_eq!(accounts.accounts.len(), 1);
             assert_eq!(accounts.config.get_selected_account(), 1);
         }
-        {
-            let accounts = Accounts::open(p).await.unwrap();
+        for writable in [true, false] {
+            let accounts = Accounts::new(p.clone(), writable).await.unwrap();
 
             assert_eq!(accounts.accounts.len(), 1);
             assert_eq!(accounts.config.get_selected_account(), 1);
         }
     }
 
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_account_new_open_conflict() {
+        let dir = tempfile::tempdir().unwrap();
+        let p: PathBuf = dir.path().join("accounts");
+        let writable = true;
+        let _accounts = Accounts::new(p.clone(), writable).await.unwrap();
+
+        let writable = true;
+        assert!(Accounts::new(p.clone(), writable).await.is_err());
+
+        let writable = false;
+        let accounts = Accounts::new(p, writable).await.unwrap();
+        assert_eq!(accounts.accounts.len(), 0);
+        assert_eq!(accounts.config.get_selected_account(), 0);
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_account_new_add_remove() {
         let dir = tempfile::tempdir().unwrap();
         let p: PathBuf = dir.path().join("accounts");
 
-        let mut accounts = Accounts::new(p.clone()).await.unwrap();
+        let writable = true;
+        let mut accounts = Accounts::new(p.clone(), writable).await.unwrap();
         assert_eq!(accounts.accounts.len(), 0);
         assert_eq!(accounts.config.get_selected_account(), 0);
 
@@ -564,7 +657,8 @@ mod tests {
         let dir = tempfile::tempdir()?;
         let p: PathBuf = dir.path().join("accounts");
 
-        let mut accounts = Accounts::new(p.clone()).await?;
+        let writable = true;
+        let mut accounts = Accounts::new(p.clone(), writable).await?;
         assert!(accounts.get_selected_account().is_none());
         assert_eq!(accounts.config.get_selected_account(), 0);
 
@@ -585,7 +679,8 @@ mod tests {
         let dir = tempfile::tempdir().unwrap();
         let p: PathBuf = dir.path().join("accounts");
 
-        let mut accounts = Accounts::new(p.clone()).await.unwrap();
+        let writable = true;
+        let mut accounts = Accounts::new(p.clone(), writable).await.unwrap();
         assert_eq!(accounts.accounts.len(), 0);
         assert_eq!(accounts.config.get_selected_account(), 0);
 
@@ -622,7 +717,8 @@ mod tests {
         let dir = tempfile::tempdir().unwrap();
         let p: PathBuf = dir.path().join("accounts");
 
-        let mut accounts = Accounts::new(p.clone()).await.unwrap();
+        let writable = true;
+        let mut accounts = Accounts::new(p.clone(), writable).await.unwrap();
 
         for expected_id in 1..10 {
             let id = accounts.add_account().await.unwrap();
@@ -642,7 +738,8 @@ mod tests {
         let dummy_accounts = 10;
 
         let (id0, id1, id2) = {
-            let mut accounts = Accounts::new(p.clone()).await?;
+            let writable = true;
+            let mut accounts = Accounts::new(p.clone(), writable).await?;
             accounts.add_account().await?;
             let ids = accounts.get_all();
             assert_eq!(ids.len(), 1);
@@ -677,7 +774,8 @@ mod tests {
         assert!(id2 > id1 + dummy_accounts);
 
         let (id0_reopened, id1_reopened, id2_reopened) = {
-            let accounts = Accounts::new(p.clone()).await?;
+            let writable = false;
+            let accounts = Accounts::new(p.clone(), writable).await?;
             let ctx = accounts.get_selected_account().unwrap();
             assert_eq!(
                 ctx.get_config(crate::config::Config::Addr).await?,
@@ -722,7 +820,8 @@ mod tests {
         let dir = tempfile::tempdir().unwrap();
         let p: PathBuf = dir.path().join("accounts");
 
-        let accounts = Accounts::new(p.clone()).await?;
+        let writable = true;
+        let accounts = Accounts::new(p.clone(), writable).await?;
 
         // Make sure there are no accounts.
         assert_eq!(accounts.accounts.len(), 0);
@@ -748,7 +847,8 @@ mod tests {
         let dir = tempfile::tempdir().context("failed to create tempdir")?;
         let p: PathBuf = dir.path().join("accounts");
 
-        let mut accounts = Accounts::new(p.clone())
+        let writable = true;
+        let mut accounts = Accounts::new(p.clone(), writable)
             .await
             .context("failed to create accounts manager")?;
 
@@ -768,7 +868,8 @@ mod tests {
         assert!(passphrase_set_success);
         drop(accounts);
 
-        let accounts = Accounts::new(p.clone())
+        let writable = false;
+        let accounts = Accounts::new(p.clone(), writable)
             .await
             .context("failed to create second accounts manager")?;
         let account = accounts
@@ -792,7 +893,8 @@ mod tests {
         let dir = tempfile::tempdir().unwrap();
         let p: PathBuf = dir.path().join("accounts");
 
-        let mut accounts = Accounts::new(p.clone()).await?;
+        let writable = true;
+        let mut accounts = Accounts::new(p.clone(), writable).await?;
         accounts.add_account().await?;
         accounts.add_account().await?;
 

src/chat.rs

@@ -27,6 +27,7 @@ use crate::download::DownloadState;
 use crate::ephemeral::Timer as EphemeralTimer;
 use crate::events::EventType;
 use crate::html::new_html_mimepart;
+use crate::location;
 use crate::message::{self, Message, MessageState, MsgId, Viewtype};
 use crate::mimefactory::MimeFactory;
 use crate::mimeparser::SystemMessage;
@@ -35,6 +36,7 @@ use crate::peerstate::{Peerstate, PeerstateVerifiedStatus};
 use crate::receive_imf::ReceivedMsg;
 use crate::scheduler::InterruptInfo;
 use crate::smtp::send_msg_to_smtp;
+use crate::sql;
 use crate::stock_str;
 use crate::tools::{
     buf_compress, create_id, create_outgoing_rfc724_mid, create_smeared_timestamp,
@@ -42,7 +44,6 @@ use crate::tools::{
     strip_rtlo_characters, time, IsNoneOrEmpty,
 };
 use crate::webxdc::WEBXDC_SUFFIX;
-use crate::{location, sql};
 
 /// An chat item, such as a message or a marker.
 #[derive(Debug, Copy, Clone, PartialEq, Eq)]
@@ -88,6 +89,14 @@ pub enum ProtectionStatus {
     ///
     /// All members of the chat must be verified.
     Protected = 1,
+
+    /// The chat was protected, but now a new message came in
+    /// which was not encrypted / signed correctly.
+    /// The user has to confirm that this is OK.
+    ///
+    /// We only do this in 1:1 chats; in group chats, the chat just
+    /// stays protected.
+    ProtectionBroken = 3, // `2` was never used as a value.
 }
 
 /// The reason why messages cannot be sent to the chat.
@@ -104,6 +113,10 @@ pub(crate) enum CantSendReason {
     /// The chat is a contact request, it needs to be accepted before sending a message.
     ContactRequest,
 
+    /// The chat was protected, but now a new message came in
+    /// which was not encrypted / signed correctly.
+    ProtectionBroken,
+
     /// Mailing list without known List-Post header.
     ReadOnlyMailingList,
 
@@ -120,6 +133,10 @@ impl fmt::Display for CantSendReason {
                 f,
                 "contact request chat should be accepted before sending messages"
             ),
+            Self::ProtectionBroken => write!(
+                f,
+                "accept that the encryption isn't verified anymore before sending messages"
+            ),
             Self::ReadOnlyMailingList => {
                 write!(f, "mailing list does not have a know post address")
             }
@@ -272,6 +289,7 @@ impl ChatId {
         param: Option<String>,
     ) -> Result<Self> {
         let grpname = strip_rtlo_characters(grpname);
+        let smeared_time = create_smeared_timestamp(context);
         let row_id =
             context.sql.insert(
                 "INSERT INTO chats (type, name, grpid, blocked, created_timestamp, protected, param) VALUES(?, ?, ?, ?, ?, ?, ?);",
@@ -280,13 +298,20 @@ impl ChatId {
                     &grpname,
                     grpid,
                     create_blocked,
-                    create_smeared_timestamp(context),
+                    smeared_time,
                     create_protected,
                     param.unwrap_or_default(),
                 ),
             ).await?;
 
         let chat_id = ChatId::new(u32::try_from(row_id)?);
+
+        if create_protected == ProtectionStatus::Protected {
+            chat_id
+                .add_protection_msg(context, ProtectionStatus::Protected, None, smeared_time)
+                .await?;
+        }
+
         info!(
             context,
             "Created group/mailinglist '{}' grpid={} as {}, blocked={}.",
@@ -334,7 +359,7 @@ impl ChatId {
         let chat = Chat::load_from_db(context, self).await?;
 
         match chat.typ {
-            Chattype::Undefined | Chattype::Broadcast => {
+            Chattype::Broadcast => {
                 bail!("Can't block chat of type {:?}", chat.typ)
             }
             Chattype::Single => {
@@ -375,7 +400,16 @@ impl ChatId {
         let chat = Chat::load_from_db(context, self).await?;
 
         match chat.typ {
-            Chattype::Undefined => bail!("Can't accept chat of undefined chattype"),
+            Chattype::Single
+                if chat.blocked == Blocked::Not
+                    && chat.protected == ProtectionStatus::ProtectionBroken =>
+            {
+                // The protection was broken, then the user clicked 'Accept'/'OK',
+                // so, now we want to set the status to Unprotected again:
+                chat.id
+                    .inner_set_protection(context, ProtectionStatus::Unprotected)
+                    .await?;
+            }
             Chattype::Single | Chattype::Group | Chattype::Broadcast => {
                 // User has "created a chat" with all these contacts.
                 //
@@ -402,20 +436,19 @@ impl ChatId {
 
     /// Sets protection without sending a message.
     ///
-    /// Used when a message arrives indicating that someone else has
-    /// changed the protection value for a chat.
+    /// Returns whether the protection status was actually modified.
     pub(crate) async fn inner_set_protection(
         self,
         context: &Context,
         protect: ProtectionStatus,
-    ) -> Result<()> {
-        ensure!(!self.is_special(), "Invalid chat-id.");
+    ) -> Result<bool> {
+        ensure!(!self.is_special(), "Invalid chat-id {self}.");
 
         let chat = Chat::load_from_db(context, self).await?;
 
         if protect == chat.protected {
             info!(context, "Protection status unchanged for {}.", self);
-            return Ok(());
+            return Ok(false);
         }
 
         match protect {
@@ -430,9 +463,8 @@ impl ChatId {
                     }
                 }
                 Chattype::Mailinglist => bail!("Cannot protect mailing lists"),
-                Chattype::Undefined => bail!("Undefined group type"),
             },
-            ProtectionStatus::Unprotected => {}
+            ProtectionStatus::Unprotected | ProtectionStatus::ProtectionBroken => {}
         };
 
         context
@@ -445,68 +477,58 @@ impl ChatId {
         // make sure, the receivers will get all keys
         self.reset_gossiped_timestamp(context).await?;
 
-        Ok(())
+        Ok(true)
     }
 
-    /// Send protected status message to the chat.
+    /// Adds an info message to the chat, telling the user that the protection status changed.
     ///
-    /// This sends the message with the protected status change to the chat,
-    /// notifying the user on this device as well as the other users in the chat.
+    /// Params:
     ///
-    /// If `promote` is false this means, the message must not be sent out
-    /// and only a local info message should be added to the chat.
-    /// This is used when protection is enabled implicitly or when a chat is not yet promoted.
+    /// * `contact_id`: In a 1:1 chat, pass the chat partner's contact id.
+    /// * `timestamp_sort` is used as the timestamp of the added message
+    ///   and should be the timestamp of the change happening.
     pub(crate) async fn add_protection_msg(
         self,
         context: &Context,
         protect: ProtectionStatus,
-        promote: bool,
-        from_id: ContactId,
+        contact_id: Option<ContactId>,
+        timestamp_sort: i64,
     ) -> Result<()> {
-        let text = context.stock_protection_msg(protect, from_id).await;
+        let text = context.stock_protection_msg(protect, contact_id).await;
         let cmd = match protect {
             ProtectionStatus::Protected => SystemMessage::ChatProtectionEnabled,
             ProtectionStatus::Unprotected => SystemMessage::ChatProtectionDisabled,
+            ProtectionStatus::ProtectionBroken => SystemMessage::ChatProtectionDisabled,
         };
-
-        if promote {
-            let mut msg = Message {
-                viewtype: Viewtype::Text,
-                text,
-                ..Default::default()
-            };
-            msg.param.set_cmd(cmd);
-            send_msg(context, self, &mut msg).await?;
-        } else {
-            add_info_msg_with_cmd(
-                context,
-                self,
-                &text,
-                cmd,
-                create_smeared_timestamp(context),
-                None,
-                None,
-                None,
-            )
-            .await?;
-        }
+        add_info_msg_with_cmd(context, self, &text, cmd, timestamp_sort, None, None, None).await?;
 
         Ok(())
     }
 
     /// Sets protection and sends or adds a message.
-    pub async fn set_protection(self, context: &Context, protect: ProtectionStatus) -> Result<()> {
-        ensure!(!self.is_special(), "set protection: invalid chat-id.");
-
-        let chat = Chat::load_from_db(context, self).await?;
-
-        if let Err(e) = self.inner_set_protection(context, protect).await {
-            error!(context, "Cannot set protection: {e:#}."); // make error user-visible
-            return Err(e);
+    ///
+    /// `timestamp_sort` is used as the timestamp of the added message
+    /// and should be the timestamp of the change happening.
+    pub(crate) async fn set_protection(
+        self,
+        context: &Context,
+        protect: ProtectionStatus,
+        timestamp_sort: i64,
+        contact_id: Option<ContactId>,
+    ) -> Result<()> {
+        match self.inner_set_protection(context, protect).await {
+            Ok(protection_status_modified) => {
+                if protection_status_modified {
+                    self.add_protection_msg(context, protect, contact_id, timestamp_sort)
+                        .await?;
+                }
+                Ok(())
+            }
+            Err(e) => {
+                error!(context, "Cannot set protection: {e:#}."); // make error user-visible
+                Err(e)
+            }
         }
-
-        self.add_protection_msg(context, protect, chat.is_promoted(), ContactId::SELF)
-            .await
     }
 
     /// Archives or unarchives a chat.
@@ -743,14 +765,6 @@ impl ChatId {
             }
         }
 
-        let chat = Chat::load_from_db(context, self).await?;
-        if let Some(cant_send_reason) = chat.why_cant_send(context).await? {
-            bail!(
-                "Can't set a draft because chat is not writeable: {}",
-                cant_send_reason
-            );
-        }
-
         // set back draft information to allow identifying the draft later on -
         // no matter if message object is reused or reloaded from db
         msg.state = MessageState::OutDraft;
@@ -1260,7 +1274,7 @@ pub struct Chat {
     pub grpid: String,
 
     /// Whether the chat is blocked, unblocked or a contact request.
-    pub(crate) blocked: Blocked,
+    pub blocked: Blocked,
 
     /// Additional chat parameters stored in the database.
     pub param: Params,
@@ -1272,7 +1286,7 @@ pub struct Chat {
     pub mute_duration: MuteDuration,
 
     /// If the chat is protected (verified).
-    protected: ProtectionStatus,
+    pub(crate) protected: ProtectionStatus,
 }
 
 impl Chat {
@@ -1367,6 +1381,8 @@ impl Chat {
             Some(DeviceChat)
         } else if self.is_contact_request() {
             Some(ContactRequest)
+        } else if self.is_protection_broken() {
+            Some(ProtectionBroken)
         } else if self.is_mailing_list() && self.get_mailinglist_addr().is_none_or_empty() {
             Some(ReadOnlyMailingList)
         } else if !self.is_self_in_chat(context).await? {
@@ -1391,7 +1407,6 @@ impl Chat {
         match self.typ {
             Chattype::Single | Chattype::Broadcast | Chattype::Mailinglist => Ok(true),
             Chattype::Group => is_contact_in_chat(context, self.id, ContactId::SELF).await,
-            Chattype::Undefined => Ok(false),
         }
     }
 
@@ -1530,6 +1545,27 @@ impl Chat {
         self.protected == ProtectionStatus::Protected
     }
 
+    /// Returns true if the chat was protected, and then an incoming message broke this protection.
+    ///
+    /// This function is only useful if the UI enabled the `verified_one_on_one_chats` feature flag,
+    /// otherwise it will return false for all chats.
+    ///
+    /// 1:1 chats are automatically set as protected when a contact is verified.
+    /// When a message comes in that is not encrypted / signed correctly,
+    /// the chat is automatically set as unprotected again.
+    /// `is_protection_broken()` will return true until `chat_id.accept()` is called.
+    ///
+    /// The UI should let the user confirm that this is OK with a message like
+    /// `Bob sent a message from another device. Tap to learn more`
+    /// and then call `chat_id.accept()`.
+    pub fn is_protection_broken(&self) -> bool {
+        match self.protected {
+            ProtectionStatus::Protected => false,
+            ProtectionStatus::Unprotected => false,
+            ProtectionStatus::ProtectionBroken => true,
+        }
+    }
+
     /// Returns true if location streaming is enabled in the chat.
     pub fn is_sending_locations(&self) -> bool {
         self.is_sending_locations
@@ -1560,15 +1596,6 @@ impl Chat {
         let mut to_id = 0;
         let mut location_id = 0;
 
-        if let Some(reason) = self.why_cant_send(context).await? {
-            if self.typ == Chattype::Group && reason == CantSendReason::NotAMember {
-                context.emit_event(EventType::ErrorSelfNotInGroup(
-                    "Cannot send message; self not in group.".into(),
-                ));
-            }
-            bail!("Cannot send message to {}: {}", self.id, reason);
-        }
-
         let from = context.get_primary_self_addr().await?;
         let new_rfc724_mid = {
             let grpid = match self.typ {
@@ -2089,19 +2116,30 @@ impl ChatIdBlocked {
             _ => (),
         }
 
+        let peerstate = Peerstate::from_addr(context, contact.get_addr()).await?;
+        let protected = peerstate.map_or(false, |p| {
+            p.is_using_verified_key() && p.prefer_encrypt == EncryptPreference::Mutual
+        });
+        let smeared_time = create_smeared_timestamp(context);
+
         let chat_id = context
             .sql
             .transaction(move |transaction| {
                 transaction.execute(
                     "INSERT INTO chats
-                     (type, name, param, blocked, created_timestamp)
-                     VALUES(?, ?, ?, ?, ?)",
+                     (type, name, param, blocked, created_timestamp, protected)
+                     VALUES(?, ?, ?, ?, ?, ?)",
                     (
                         Chattype::Single,
                         chat_name,
                         params.to_string(),
                         create_blocked as u8,
-                        create_smeared_timestamp(context),
+                        smeared_time,
+                        if protected {
+                            ProtectionStatus::Protected
+                        } else {
+                            ProtectionStatus::Unprotected
+                        },
                     ),
                 )?;
                 let chat_id = ChatId::new(
@@ -2122,6 +2160,17 @@ impl ChatIdBlocked {
             })
             .await?;
 
+        if protected {
+            chat_id
+                .add_protection_msg(
+                    context,
+                    ProtectionStatus::Protected,
+                    Some(contact_id),
+                    smeared_time,
+                )
+                .await?;
+        }
+
         match contact_id {
             ContactId::SELF => update_saved_messages_icon(context).await?,
             ContactId::DEVICE => update_device_icon(context).await?,
@@ -2235,7 +2284,13 @@ async fn prepare_msg_common(
 
     // Check if the chat can be sent to.
     if let Some(reason) = chat.why_cant_send(context).await? {
-        bail!("cannot send to {}: {}", chat_id, reason);
+        if reason == CantSendReason::ProtectionBroken
+            && msg.param.get_cmd() == SystemMessage::SecurejoinMessage
+        {
+            // Send out the message, the securejoin message is supposed to repair the verification
+        } else {
+            bail!("cannot send to {chat_id}: {reason}");
+        }
     }
 
     // check current MessageState for drafts (to keep msg_id) ...
@@ -2337,7 +2392,7 @@ pub async fn send_msg_sync(context: &Context, chat_id: ChatId, msg: &mut Message
 }
 
 async fn send_msg_inner(context: &Context, chat_id: ChatId, msg: &mut Message) -> Result<MsgId> {
-    // protect all system messages againts RTLO attacks
+    // protect all system messages against RTLO attacks
     if msg.is_system_message() {
         msg.text = strip_rtlo_characters(&msg.text);
     }
@@ -2459,14 +2514,13 @@ pub(crate) async fn create_send_msg_job(
         msg.chat_id.set_gossiped_timestamp(context, time()).await?;
     }
 
-    if 0 != rendered_msg.last_added_location_id {
+    if let Some(last_added_location_id) = rendered_msg.last_added_location_id {
         if let Err(err) = location::set_kml_sent_timestamp(context, msg.chat_id, time()).await {
             error!(context, "Failed to set kml sent_timestamp: {err:#}.");
         }
         if !msg.hidden {
             if let Err(err) =
-                location::set_msg_location_id(context, msg.id, rendered_msg.last_added_location_id)
-                    .await
+                location::set_msg_location_id(context, msg.id, last_added_location_id).await
             {
                 error!(context, "Failed to set msg_location_id: {err:#}.");
             }
@@ -2979,18 +3033,14 @@ pub async fn create_group_chat(
 
     let grpid = create_id();
 
+    let timestamp = create_smeared_timestamp(context);
     let row_id = context
         .sql
         .insert(
             "INSERT INTO chats
         (type, name, grpid, param, created_timestamp)
         VALUES(?, ?, ?, \'U=1\', ?);",
-            (
-                Chattype::Group,
-                chat_name,
-                grpid,
-                create_smeared_timestamp(context),
-            ),
+            (Chattype::Group, chat_name, grpid, timestamp),
         )
         .await?;
 
@@ -3002,9 +3052,9 @@ pub async fn create_group_chat(
     context.emit_msgs_changed_without_ids();
 
     if protect == ProtectionStatus::Protected {
-        // this part is to stay compatible to verified groups,
-        // in some future, we will drop the "protect"-flag from create_group_chat()
-        chat_id.inner_set_protection(context, protect).await?;
+        chat_id
+            .set_protection(context, protect, timestamp, None)
+            .await?;
     }
 
     Ok(chat_id)
@@ -5260,72 +5310,6 @@ mod tests {
         Ok(())
     }
 
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_set_protection() -> Result<()> {
-        let t = TestContext::new_alice().await;
-        t.set_config_bool(Config::BccSelf, false).await?;
-        let chat_id = create_group_chat(&t, ProtectionStatus::Unprotected, "foo").await?;
-        let chat = Chat::load_from_db(&t, chat_id).await?;
-        assert!(!chat.is_protected());
-        assert!(chat.is_unpromoted());
-
-        // enable protection on unpromoted chat, the info-message is added via add_info_msg()
-        chat_id
-            .set_protection(&t, ProtectionStatus::Protected)
-            .await?;
-
-        let chat = Chat::load_from_db(&t, chat_id).await?;
-        assert!(chat.is_protected());
-        assert!(chat.is_unpromoted());
-
-        let msgs = get_chat_msgs(&t, chat_id).await?;
-        assert_eq!(msgs.len(), 1);
-
-        let msg = t.get_last_msg_in(chat_id).await;
-        assert!(msg.is_info());
-        assert_eq!(msg.get_info_type(), SystemMessage::ChatProtectionEnabled);
-        assert_eq!(msg.get_state(), MessageState::InNoticed);
-
-        // disable protection again, still unpromoted
-        chat_id
-            .set_protection(&t, ProtectionStatus::Unprotected)
-            .await?;
-
-        let chat = Chat::load_from_db(&t, chat_id).await?;
-        assert!(!chat.is_protected());
-        assert!(chat.is_unpromoted());
-
-        let msg = t.get_last_msg_in(chat_id).await;
-        assert!(msg.is_info());
-        assert_eq!(msg.get_info_type(), SystemMessage::ChatProtectionDisabled);
-        assert_eq!(msg.get_state(), MessageState::InNoticed);
-
-        // send a message, this switches to promoted state
-        send_text_msg(&t, chat_id, "hi!".to_string()).await?;
-
-        let chat = Chat::load_from_db(&t, chat_id).await?;
-        assert!(!chat.is_protected());
-        assert!(!chat.is_unpromoted());
-
-        let msgs = get_chat_msgs(&t, chat_id).await?;
-        assert_eq!(msgs.len(), 3);
-
-        // enable protection on promoted chat, the info-message is sent via send_msg() this time
-        chat_id
-            .set_protection(&t, ProtectionStatus::Protected)
-            .await?;
-        let chat = Chat::load_from_db(&t, chat_id).await?;
-        assert!(chat.is_protected());
-        assert!(!chat.is_unpromoted());
-
-        let msg = t.get_last_msg_in(chat_id).await;
-        assert!(msg.is_info());
-        assert_eq!(msg.get_info_type(), SystemMessage::ChatProtectionEnabled);
-        assert_eq!(msg.get_state(), MessageState::OutDelivered); // as bcc-self is disabled and there is nobody else in the chat
-
-        Ok(())
-    }
-
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_lookup_by_contact_id() {
         let ctx = TestContext::new_alice().await;

src/chatlist.rs

@@ -397,7 +397,7 @@ impl Chatlist {
                             .context("loading contact failed")?;
                         (Some(lastmsg), Some(lastcontact))
                     }
-                    Chattype::Single | Chattype::Undefined => (Some(lastmsg), None),
+                    Chattype::Single => (Some(lastmsg), None),
                 }
             }
         } else {

src/config.rs

@@ -286,12 +286,6 @@ pub enum Config {
     #[strum(props(default = "60"))]
     ScanAllFoldersDebounceSecs,
 
-    /// Whether to avoid using IMAP IDLE even if the server supports it.
-    ///
-    /// This is a developer option for testing "fake idle".
-    #[strum(props(default = "0"))]
-    DisableIdle,
-
     /// Defines the max. size (in bytes) of messages downloaded automatically.
     /// 0 = no limit.
     #[strum(props(default = "0"))]
@@ -318,6 +312,16 @@ pub enum Config {
 
     /// Last message processed by the bot.
     LastMsgId,
+
+    /// Feature flag for verified 1:1 chats; the UI should set it
+    /// to 1 if it supports verified 1:1 chats.
+    /// Regardless of this setting, `chat.is_protected()` returns true while the key is verified,
+    /// and when the key changes, an info message is posted into the chat.
+    /// 0=Nothing else happens when the key changes.
+    /// 1=After the key changed, `can_send()` returns false and `is_protection_broken()` returns true
+    /// until `chat_id.accept()` is called.
+    #[strum(props(default = "0"))]
+    VerifiedOneOnOneChats,
 }
 
 impl Context {
@@ -471,28 +475,6 @@ impl Context {
                     .set_raw_config(key.as_ref(), value.as_deref())
                     .await?;
             }
-            Config::Socks5Enabled
-            | Config::BccSelf
-            | Config::E2eeEnabled
-            | Config::MdnsEnabled
-            | Config::SentboxWatch
-            | Config::MvboxMove
-            | Config::OnlyFetchMvbox
-            | Config::FetchExistingMsgs
-            | Config::DeleteToTrash
-            | Config::SaveMimeHeaders
-            | Config::Configured
-            | Config::Bot
-            | Config::NotifyAboutWrongPw
-            | Config::SendSyncMsgs
-            | Config::SignUnencrypted
-            | Config::DisableIdle => {
-                ensure!(
-                    matches!(value, None | Some("0") | Some("1")),
-                    "Boolean value must be either 0 or 1"
-                );
-                self.sql.set_raw_config(key.as_ref(), value).await?;
-            }
             _ => {
                 self.sql.set_raw_config(key.as_ref(), value).await?;
             }
@@ -642,18 +624,6 @@ mod tests {
         );
     }
 
-    /// Tests that "bot" config can only be set to "0" or "1".
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_set_config_bot() {
-        let t = TestContext::new().await;
-
-        assert!(t.set_config(Config::Bot, None).await.is_ok());
-        assert!(t.set_config(Config::Bot, Some("0")).await.is_ok());
-        assert!(t.set_config(Config::Bot, Some("1")).await.is_ok());
-        assert!(t.set_config(Config::Bot, Some("2")).await.is_err());
-        assert!(t.set_config(Config::Bot, Some("Foobar")).await.is_err());
-    }
-
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_media_quality_config_option() {
         let t = TestContext::new().await;

src/constants.rs

@@ -125,7 +125,6 @@ pub const DC_CHAT_ID_LAST_SPECIAL: ChatId = ChatId::new(9);
 /// Chat type.
 #[derive(
     Debug,
-    Default,
     Display,
     Clone,
     Copy,
@@ -141,10 +140,6 @@ pub const DC_CHAT_ID_LAST_SPECIAL: ChatId = ChatId::new(9);
 )]
 #[repr(u32)]
 pub enum Chattype {
-    /// Undefined chat type.
-    #[default]
-    Undefined = 0,
-
     /// 1:1 chat.
     Single = 100,
 
@@ -223,8 +218,6 @@ mod tests {
     #[test]
     fn test_chattype_values() {
         // values may be written to disk and must not change
-        assert_eq!(Chattype::Undefined, Chattype::default());
-        assert_eq!(Chattype::Undefined, Chattype::from_i32(0).unwrap());
         assert_eq!(Chattype::Single, Chattype::from_i32(100).unwrap());
         assert_eq!(Chattype::Group, Chattype::from_i32(120).unwrap());
         assert_eq!(Chattype::Mailinglist, Chattype::from_i32(140).unwrap());

src/contact.rs

@@ -25,7 +25,7 @@ use crate::config::Config;
 use crate::constants::{Blocked, Chattype, DC_GCL_ADD_SELF, DC_GCL_VERIFIED_ONLY};
 use crate::context::Context;
 use crate::events::EventType;
-use crate::key::{DcKey, SignedPublicKey};
+use crate::key::{load_self_public_key, DcKey};
 use crate::login_param::LoginParam;
 use crate::message::MessageState;
 use crate::mimeparser::AvatarAction;
@@ -812,11 +812,7 @@ impl Contact {
         let mut ret = Vec::new();
         let flag_verified_only = (listflags & DC_GCL_VERIFIED_ONLY) != 0;
         let flag_add_self = (listflags & DC_GCL_ADD_SELF) != 0;
-        let minimal_origin = if context.get_config_bool(Config::Bot).await? {
-            Origin::Unknown
-        } else {
-            Origin::IncomingReplyTo
-        };
+
         if flag_verified_only || query.is_some() {
             let s3str_like_cmd = format!("%{}%", query.unwrap_or(""));
             context
@@ -836,7 +832,7 @@ impl Contact {
                     ),
                     rusqlite::params_from_iter(params_iter(&self_addrs).chain(params_slice![
                         ContactId::LAST_SPECIAL,
-                        minimal_origin,
+                        Origin::IncomingReplyTo,
                         s3str_like_cmd,
                         s3str_like_cmd,
                         if flag_verified_only { 0i32 } else { 1i32 }
@@ -886,10 +882,10 @@ impl Contact {
                  ORDER BY last_seen DESC, id DESC;",
                         sql::repeat_vars(self_addrs.len())
                     ),
-                    rusqlite::params_from_iter(
-                        params_iter(&self_addrs)
-                            .chain(params_slice![ContactId::LAST_SPECIAL, minimal_origin]),
-                    ),
+                    rusqlite::params_from_iter(params_iter(&self_addrs).chain(params_slice![
+                        ContactId::LAST_SPECIAL,
+                        Origin::IncomingReplyTo
+                    ])),
                     |row| row.get::<_, ContactId>(0),
                     |ids| {
                         for id in ids {
@@ -1013,7 +1009,7 @@ impl Contact {
                 let finger_prints = stock_str::finger_prints(context).await;
                 ret += &format!("{stock_message}.\n{finger_prints}:");
 
-                let fingerprint_self = SignedPublicKey::load_self(context)
+                let fingerprint_self = load_self_public_key(context)
                     .await?
                     .fingerprint()
                     .to_string();
@@ -1215,31 +1211,15 @@ impl Contact {
     /// and if the key has not changed since this verification.
     ///
     /// The UI may draw a checkbox or something like that beside verified contacts.
-    ///
     pub async fn is_verified(&self, context: &Context) -> Result<VerifiedStatus> {
-        self.is_verified_ex(context, None).await
-    }
-
-    /// Same as `Contact::is_verified` but allows speeding up things
-    /// by adding the peerstate belonging to the contact.
-    /// If you do not have the peerstate available, it is loaded automatically.
-    pub async fn is_verified_ex(
-        &self,
-        context: &Context,
-        peerstate: Option<&Peerstate>,
-    ) -> Result<VerifiedStatus> {
         // We're always sort of secured-verified as we could verify the key on this device any time with the key
         // on this device
         if self.id == ContactId::SELF {
             return Ok(VerifiedStatus::BidirectVerified);
         }
 
-        if let Some(peerstate) = peerstate {
-            if peerstate.verified_key.is_some() {
-                return Ok(VerifiedStatus::BidirectVerified);
-            }
-        } else if let Some(peerstate) = Peerstate::from_addr(context, &self.addr).await? {
-            if peerstate.verified_key.is_some() {
+        if let Some(peerstate) = Peerstate::from_addr(context, &self.addr).await? {
+            if peerstate.is_using_verified_key() {
                 return Ok(VerifiedStatus::BidirectVerified);
             }
         }

src/context.rs

@@ -19,7 +19,7 @@ use crate::constants::DC_VERSION_STR;
 use crate::contact::Contact;
 use crate::debug_logging::DebugLogging;
 use crate::events::{Event, EventEmitter, EventType, Events};
-use crate::key::{DcKey, SignedPublicKey};
+use crate::key::{load_self_public_key, DcKey as _};
 use crate::login_param::LoginParam;
 use crate::message::{self, MessageState, MsgId};
 use crate::quota::QuotaInfo;
@@ -579,7 +579,6 @@ impl Context {
         let mdns_enabled = self.get_config_int(Config::MdnsEnabled).await?;
         let bcc_self = self.get_config_int(Config::BccSelf).await?;
         let send_sync_msgs = self.get_config_int(Config::SendSyncMsgs).await?;
-        let disable_idle = self.get_config_bool(Config::DisableIdle).await?;
 
         let prv_key_cnt = self.sql.count("SELECT COUNT(*) FROM keypairs;", ()).await?;
 
@@ -587,7 +586,7 @@ impl Context {
             .sql
             .count("SELECT COUNT(*) FROM acpeerstates;", ())
             .await?;
-        let fingerprint_str = match SignedPublicKey::load_self(self).await {
+        let fingerprint_str = match load_self_public_key(self).await {
             Ok(key) => key.fingerprint().hex(),
             Err(err) => format!("<key failure: {err}>"),
         };
@@ -692,7 +691,6 @@ impl Context {
         );
         res.insert("bcc_self", bcc_self.to_string());
         res.insert("send_sync_msgs", send_sync_msgs.to_string());
-        res.insert("disable_idle", disable_idle.to_string());
         res.insert("private_key_count", prv_key_cnt.to_string());
         res.insert("public_key_count", pub_key_cnt.to_string());
         res.insert("fingerprint", fingerprint_str);
@@ -763,6 +761,12 @@ impl Context {
             "last_msg_id",
             self.get_config_int(Config::LastMsgId).await?.to_string(),
         );
+        res.insert(
+            "verified_one_on_one_chats",
+            self.get_config_bool(Config::VerifiedOneOnOneChats)
+                .await?
+                .to_string(),
+        );
 
         let elapsed = self.creation_time.elapsed();
         res.insert("uptime", duration_to_str(elapsed.unwrap_or_default()));

src/debug_logging.rs

@@ -1,14 +1,12 @@
 //! Forward log messages to logging webxdc
-use crate::{
-    chat::ChatId,
-    config::Config,
-    context::Context,
-    message::{Message, MsgId, Viewtype},
-    param::Param,
-    tools::time,
-    webxdc::StatusUpdateItem,
-    EventType,
-};
+use crate::chat::ChatId;
+use crate::config::Config;
+use crate::context::Context;
+use crate::events::EventType;
+use crate::message::{Message, MsgId, Viewtype};
+use crate::param::Param;
+use crate::tools::time;
+use crate::webxdc::StatusUpdateItem;
 use async_channel::{self as channel, Receiver, Sender};
 use serde_json::json;
 use std::path::PathBuf;

src/decrypt.rs

@@ -13,7 +13,6 @@ use crate::contact::addr_cmp;
 use crate::context::Context;
 use crate::headerdef::{HeaderDef, HeaderDefMap};
 use crate::key::{DcKey, Fingerprint, SignedPublicKey, SignedSecretKey};
-use crate::keyring::Keyring;
 use crate::peerstate::Peerstate;
 use crate::pgp;
 
@@ -26,8 +25,8 @@ use crate::pgp;
 pub fn try_decrypt(
     context: &Context,
     mail: &ParsedMail<'_>,
-    private_keyring: &Keyring<SignedSecretKey>,
-    public_keyring_for_validate: &Keyring<SignedPublicKey>,
+    private_keyring: &[SignedSecretKey],
+    public_keyring_for_validate: &[SignedPublicKey],
 ) -> Result<Option<(Vec<u8>, HashSet<Fingerprint>)>> {
     let encrypted_data_part = match {
         let mime = get_autocrypt_mime(mail);
@@ -227,8 +226,8 @@ fn get_autocrypt_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail
 /// Returns Ok(None) if nothing encrypted was found.
 fn decrypt_part(
     mail: &ParsedMail<'_>,
-    private_keyring: &Keyring<SignedSecretKey>,
-    public_keyring_for_validate: &Keyring<SignedPublicKey>,
+    private_keyring: &[SignedSecretKey],
+    public_keyring_for_validate: &[SignedPublicKey],
 ) -> Result<Option<(Vec<u8>, HashSet<Fingerprint>)>> {
     let data = mail.get_body_raw()?;
 
@@ -263,7 +262,7 @@ fn has_decrypted_pgp_armor(input: &[u8]) -> bool {
 /// Returns None if the message is not Multipart/Signed or doesn't contain necessary parts.
 pub(crate) fn validate_detached_signature<'a, 'b>(
     mail: &'a ParsedMail<'b>,
-    public_keyring_for_validate: &Keyring<SignedPublicKey>,
+    public_keyring_for_validate: &[SignedPublicKey],
 ) -> Option<(&'a ParsedMail<'b>, HashSet<Fingerprint>)> {
     if mail.ctype.mimetype != "multipart/signed" {
         return None;
@@ -283,13 +282,13 @@ pub(crate) fn validate_detached_signature<'a, 'b>(
     }
 }
 
-pub(crate) fn keyring_from_peerstate(peerstate: Option<&Peerstate>) -> Keyring<SignedPublicKey> {
-    let mut public_keyring_for_validate: Keyring<SignedPublicKey> = Keyring::new();
+pub(crate) fn keyring_from_peerstate(peerstate: Option<&Peerstate>) -> Vec<SignedPublicKey> {
+    let mut public_keyring_for_validate = Vec::new();
     if let Some(peerstate) = peerstate {
         if let Some(key) = &peerstate.public_key {
-            public_keyring_for_validate.add(key.clone());
+            public_keyring_for_validate.push(key.clone());
         } else if let Some(key) = &peerstate.gossip_key {
-            public_keyring_for_validate.add(key.clone());
+            public_keyring_for_validate.push(key.clone());
         }
     }
     public_keyring_for_validate

src/download.rs

@@ -23,7 +23,7 @@ use crate::{job_try, stock_str, EventType};
 /// eg. to assign them to the correct chat.
 /// As these messages are typically small,
 /// they're caught by `MIN_DOWNLOAD_LIMIT`.
-pub(crate) const MIN_DOWNLOAD_LIMIT: u32 = 32768;
+const MIN_DOWNLOAD_LIMIT: u32 = 32768;
 
 /// If a message is downloaded only partially
 /// and `delete_server_after` is set to small timeouts (eg. "at once"),

src/e2ee.rs

@@ -6,8 +6,7 @@ use num_traits::FromPrimitive;
 use crate::aheader::{Aheader, EncryptPreference};
 use crate::config::Config;
 use crate::context::Context;
-use crate::key::{DcKey, SignedPublicKey, SignedSecretKey};
-use crate::keyring::Keyring;
+use crate::key::{load_self_public_key, load_self_secret_key, SignedPublicKey};
 use crate::peerstate::{Peerstate, PeerstateVerifiedStatus};
 use crate::pgp;
 
@@ -24,7 +23,7 @@ impl EncryptHelper {
             EncryptPreference::from_i32(context.get_config_int(Config::E2eeEnabled).await?)
                 .unwrap_or_default();
         let addr = context.get_primary_self_addr().await?;
-        let public_key = SignedPublicKey::load_self(context).await?;
+        let public_key = load_self_public_key(context).await?;
 
         Ok(EncryptHelper {
             prefer_encrypt,
@@ -104,7 +103,7 @@ impl EncryptHelper {
         mail_to_encrypt: lettre_email::PartBuilder,
         peerstates: Vec<(Option<Peerstate>, &str)>,
     ) -> Result<String> {
-        let mut keyring: Keyring<SignedPublicKey> = Keyring::new();
+        let mut keyring: Vec<SignedPublicKey> = Vec::new();
 
         for (peerstate, addr) in peerstates
             .into_iter()
@@ -113,10 +112,10 @@ impl EncryptHelper {
             let key = peerstate
                 .take_key(min_verified)
                 .with_context(|| format!("proper enc-key for {addr} missing, cannot encrypt"))?;
-            keyring.add(key);
+            keyring.push(key);
         }
-        keyring.add(self.public_key.clone());
-        let sign_key = SignedSecretKey::load_self(context).await?;
+        keyring.push(self.public_key.clone());
+        let sign_key = load_self_secret_key(context).await?;
 
         let raw_message = mail_to_encrypt.build().as_string().into_bytes();
 
@@ -132,7 +131,7 @@ impl EncryptHelper {
         context: &Context,
         mail: lettre_email::PartBuilder,
     ) -> Result<(lettre_email::MimeMessage, String)> {
-        let sign_key = SignedSecretKey::load_self(context).await?;
+        let sign_key = load_self_secret_key(context).await?;
         let mime_message = mail.build();
         let signature = pgp::pk_calc_signature(mime_message.as_string().as_bytes(), &sign_key)?;
         Ok((mime_message, signature))
@@ -145,20 +144,17 @@ impl EncryptHelper {
 /// sent but in a few locations there are no such guarantees,
 /// e.g. when exporting keys, and calling this function ensures a
 /// private key will be present.
-///
-/// If this succeeds you are also guaranteed that the
-/// [Config::ConfiguredAddr] is configured, this address is returned.
 // TODO, remove this once deltachat::key::Key no longer exists.
-pub async fn ensure_secret_key_exists(context: &Context) -> Result<String> {
-    let self_addr = context.get_primary_self_addr().await?;
-    SignedPublicKey::load_self(context).await?;
-    Ok(self_addr)
+pub async fn ensure_secret_key_exists(context: &Context) -> Result<()> {
+    load_self_public_key(context).await?;
+    Ok(())
 }
 
 #[cfg(test)]
 mod tests {
     use super::*;
     use crate::chat;
+    use crate::key::DcKey;
     use crate::message::{Message, Viewtype};
     use crate::param::Param;
     use crate::test_utils::{bob_keypair, TestContext};
@@ -169,10 +165,7 @@ mod tests {
         #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
         async fn test_prexisting() {
             let t = TestContext::new_alice().await;
-            assert_eq!(
-                ensure_secret_key_exists(&t).await.unwrap(),
-                "alice@example.org"
-            );
+            assert!(ensure_secret_key_exists(&t).await.is_ok());
         }
 
         #[tokio::test(flavor = "multi_thread", worker_threads = 2)]

src/ephemeral.rs

@@ -545,7 +545,7 @@ async fn next_expiration_timestamp(context: &Context) -> Option<i64> {
 
     ephemeral_timestamp
         .into_iter()
-        .chain(delete_device_after_timestamp.into_iter())
+        .chain(delete_device_after_timestamp)
         .min()
 }
 
@@ -986,7 +986,7 @@ mod tests {
         t.send_text(self_chat.id, "Saved message, which we delete manually")
             .await;
         let msg = t.get_last_msg_in(self_chat.id).await;
-        msg.id.delete_from_db(&t).await?;
+        msg.id.trash(&t).await?;
         check_msg_is_deleted(&t, &self_chat, msg.id).await;
 
         self_chat
@@ -1003,7 +1003,7 @@ mod tests {
             .await
             .unwrap();
 
-        // Set DeleteDeviceAfter to 1800s. Thend send a saved message which will
+        // Set DeleteDeviceAfter to 1800s. Then send a saved message which will
         // still be deleted after 3600s because DeleteDeviceAfter doesn't apply to saved messages.
         t.set_config(Config::DeleteDeviceAfter, Some("1800"))
             .await?;
@@ -1260,8 +1260,8 @@ mod tests {
         );
         let msg = alice.get_last_msg().await;
 
-        // Message is deleted from the database when its timer expires.
-        msg.id.delete_from_db(&alice).await?;
+        // Message is deleted when its timer expires.
+        msg.id.trash(&alice).await?;
 
         // Message with Message-ID <third@example.com>, referencing <first@example.com> and
         // <second@example.com>, is received.  The message <second@example.come> is not in the

src/html.rs

@@ -17,12 +17,12 @@ use lettre_email::mime::{self, Mime};
 use lettre_email::PartBuilder;
 use mailparse::ParsedContentType;
 
+use crate::context::Context;
 use crate::headerdef::{HeaderDef, HeaderDefMap};
-use crate::message::{Message, MsgId};
+use crate::message::{self, Message, MsgId};
 use crate::mimeparser::parse_message_id;
 use crate::param::Param::SendHtml;
 use crate::plaintext::PlainText;
-use crate::{context::Context, message};
 
 impl Message {
     /// Check if the message can be retrieved as HTML.

src/imap/idle.rs

@@ -7,9 +7,7 @@ use futures_lite::FutureExt;
 
 use super::session::Session;
 use super::Imap;
-use crate::config::Config;
 use crate::imap::{client::IMAP_TIMEOUT, FolderMeaning};
-use crate::log::LogExt;
 use crate::{context::Context, scheduler::InterruptInfo};
 
 const IDLE_TIMEOUT: Duration = Duration::from_secs(23 * 60);
@@ -23,10 +21,6 @@ impl Session {
     ) -> Result<(Self, InterruptInfo)> {
         use futures::future::FutureExt;
 
-        if context.get_config_bool(Config::DisableIdle).await? {
-            bail!("IMAP IDLE is disabled");
-        }
-
         if !self.can_idle() {
             bail!("IMAP server does not have IDLE capability");
         }
@@ -169,14 +163,7 @@ impl Imap {
                         continue;
                     }
                     if let Some(session) = &self.session {
-                        if session.can_idle()
-                            && !context
-                                .get_config_bool(Config::DisableIdle)
-                                .await
-                                .context("Failed to get disable_idle config")
-                                .log_err(context)
-                                .unwrap_or_default()
-                        {
+                        if session.can_idle() {
                             // we only fake-idled because network was gone during IDLE, probably
                             break InterruptInfo::new(false);
                         }

src/imex.rs

@@ -19,7 +19,9 @@ use crate::contact::ContactId;
 use crate::context::Context;
 use crate::e2ee;
 use crate::events::EventType;
-use crate::key::{self, DcKey, DcSecretKey, SignedPublicKey, SignedSecretKey};
+use crate::key::{
+    self, load_self_secret_key, DcKey, DcSecretKey, SignedPublicKey, SignedSecretKey,
+};
 use crate::log::LogExt;
 use crate::message::{Message, MsgId, Viewtype};
 use crate::mimeparser::SystemMessage;
@@ -186,7 +188,7 @@ pub async fn render_setup_file(context: &Context, passphrase: &str) -> Result<St
     } else {
         bail!("Passphrase must be at least 2 chars long.");
     };
-    let private_key = SignedSecretKey::load_self(context).await?;
+    let private_key = load_self_secret_key(context).await?;
     let ac_headers = match context.get_config_bool(Config::E2eeEnabled).await? {
         false => None,
         true => Some(("Autocrypt-Prefer-Encrypt", "mutual")),
@@ -781,6 +783,11 @@ async fn export_database(context: &Context, dest: &Path, passphrase: String) ->
             let res = conn
                 .query_row("SELECT sqlcipher_export('backup')", [], |_row| Ok(()))
                 .context("failed to export to attached backup database");
+            conn.execute(
+                "UPDATE backup.config SET value='0' WHERE keyname='verified_one_on_one_chats';",
+                [],
+            )
+            .ok(); // If verified_one_on_one_chats was not set, this errors, which we ignore
             conn.execute("DETACH DATABASE backup", [])
                 .context("failed to detach backup database")?;
             res?;
@@ -911,55 +918,73 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_export_and_import_backup() -> Result<()> {
-        let backup_dir = tempfile::tempdir().unwrap();
+        for set_verified_oneonone_chats in [true, false] {
+            let backup_dir = tempfile::tempdir().unwrap();
 
-        let context1 = TestContext::new_alice().await;
-        assert!(context1.is_configured().await?);
+            let context1 = TestContext::new_alice().await;
+            assert!(context1.is_configured().await?);
+            if set_verified_oneonone_chats {
+                context1
+                    .set_config_bool(Config::VerifiedOneOnOneChats, true)
+                    .await?;
+            }
 
-        let context2 = TestContext::new().await;
-        assert!(!context2.is_configured().await?);
-        assert!(has_backup(&context2, backup_dir.path()).await.is_err());
+            let context2 = TestContext::new().await;
+            assert!(!context2.is_configured().await?);
+            assert!(has_backup(&context2, backup_dir.path()).await.is_err());
 
-        // export from context1
-        assert!(
-            imex(&context1, ImexMode::ExportBackup, backup_dir.path(), None)
-                .await
-                .is_ok()
-        );
-        let _event = context1
-            .evtracker
-            .get_matching(|evt| matches!(evt, EventType::ImexProgress(1000)))
-            .await;
+            // export from context1
+            assert!(
+                imex(&context1, ImexMode::ExportBackup, backup_dir.path(), None)
+                    .await
+                    .is_ok()
+            );
+            let _event = context1
+                .evtracker
+                .get_matching(|evt| matches!(evt, EventType::ImexProgress(1000)))
+                .await;
 
-        // import to context2
-        let backup = has_backup(&context2, backup_dir.path()).await?;
+            // import to context2
+            let backup = has_backup(&context2, backup_dir.path()).await?;
 
-        // Import of unencrypted backup with incorrect "foobar" backup passphrase fails.
-        assert!(imex(
-            &context2,
-            ImexMode::ImportBackup,
-            backup.as_ref(),
-            Some("foobar".to_string())
-        )
-        .await
-        .is_err());
+            // Import of unencrypted backup with incorrect "foobar" backup passphrase fails.
+            assert!(imex(
+                &context2,
+                ImexMode::ImportBackup,
+                backup.as_ref(),
+                Some("foobar".to_string())
+            )
+            .await
+            .is_err());
 
-        assert!(
-            imex(&context2, ImexMode::ImportBackup, backup.as_ref(), None)
-                .await
-                .is_ok()
-        );
-        let _event = context2
-            .evtracker
-            .get_matching(|evt| matches!(evt, EventType::ImexProgress(1000)))
-            .await;
-
-        assert!(context2.is_configured().await?);
-        assert_eq!(
-            context2.get_config(Config::Addr).await?,
-            Some("alice@example.org".to_string())
-        );
+            assert!(
+                imex(&context2, ImexMode::ImportBackup, backup.as_ref(), None)
+                    .await
+                    .is_ok()
+            );
+            let _event = context2
+                .evtracker
+                .get_matching(|evt| matches!(evt, EventType::ImexProgress(1000)))
+                .await;
 
+            assert!(context2.is_configured().await?);
+            assert_eq!(
+                context2.get_config(Config::Addr).await?,
+                Some("alice@example.org".to_string())
+            );
+            assert_eq!(
+                context2
+                    .get_config_bool(Config::VerifiedOneOnOneChats)
+                    .await?,
+                false
+            );
+            assert_eq!(
+                context1
+                    .get_config_bool(Config::VerifiedOneOnOneChats)
+                    .await?,
+                set_verified_oneonone_chats
+            );
+        }
         Ok(())
     }
 

src/key.rs

@@ -3,11 +3,9 @@
 use std::collections::BTreeMap;
 use std::fmt;
 use std::io::Cursor;
-use std::pin::Pin;
 
 use anyhow::{ensure, Context as _, Result};
 use base64::Engine as _;
-use futures::Future;
 use num_traits::FromPrimitive;
 use pgp::composed::Deserializable;
 pub use pgp::composed::{SignedPublicKey, SignedSecretKey};
@@ -18,8 +16,7 @@ use tokio::runtime::Handle;
 use crate::config::Config;
 use crate::constants::KeyGenType;
 use crate::context::Context;
-// Re-export key types
-pub use crate::pgp::KeyPair;
+use crate::pgp::KeyPair;
 use crate::tools::{time, EmailAddress};
 
 /// Convenience trait for working with keys.
@@ -27,7 +24,7 @@ use crate::tools::{time, EmailAddress};
 /// This trait is implemented for rPGP's [SignedPublicKey] and
 /// [SignedSecretKey] types and makes working with them a little
 /// easier in the deltachat world.
-pub trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
+pub(crate) trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
     /// Create a key from some bytes.
     fn from_slice(bytes: &[u8]) -> Result<Self> {
         Ok(<Self as Deserializable>::from_bytes(Cursor::new(bytes))?)
@@ -50,11 +47,6 @@ pub trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
         Self::from_armor_single(Cursor::new(bytes)).context("rPGP error")
     }
 
-    /// Load the users' default key from the database.
-    fn load_self<'a>(
-        context: &'a Context,
-    ) -> Pin<Box<dyn Future<Output = Result<Self>> + 'a + Send>>;
-
     /// Serialise the key as bytes.
     fn to_bytes(&self) -> Vec<u8> {
         // Not using Serialize::to_bytes() to make clear *why* it is
@@ -85,38 +77,55 @@ pub trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
     }
 }
 
-impl DcKey for SignedPublicKey {
-    fn load_self<'a>(
-        context: &'a Context,
-    ) -> Pin<Box<dyn Future<Output = Result<Self>> + 'a + Send>> {
-        Box::pin(async move {
-            let addr = context.get_primary_self_addr().await?;
-            match context
-                .sql
-                .query_row_optional(
-                    r#"
-                    SELECT public_key
-                      FROM keypairs
-                     WHERE addr=?
-                       AND is_default=1;
-                    "#,
-                    (addr,),
-                    |row| {
-                        let bytes: Vec<u8> = row.get(0)?;
-                        Ok(bytes)
-                    },
-                )
-                .await?
-            {
-                Some(bytes) => Self::from_slice(&bytes),
-                None => {
-                    let keypair = generate_keypair(context).await?;
-                    Ok(keypair.public)
-                }
-            }
-        })
+pub(crate) async fn load_self_public_key(context: &Context) -> Result<SignedPublicKey> {
+    match context
+        .sql
+        .query_row_optional(
+            r#"SELECT public_key
+               FROM keypairs
+               WHERE addr=(SELECT value FROM config WHERE keyname="configured_addr")
+               AND is_default=1"#,
+            (),
+            |row| {
+                let bytes: Vec<u8> = row.get(0)?;
+                Ok(bytes)
+            },
+        )
+        .await?
+    {
+        Some(bytes) => SignedPublicKey::from_slice(&bytes),
+        None => {
+            let keypair = generate_keypair(context).await?;
+            Ok(keypair.public)
+        }
     }
+}
 
+pub(crate) async fn load_self_secret_key(context: &Context) -> Result<SignedSecretKey> {
+    match context
+        .sql
+        .query_row_optional(
+            r#"SELECT private_key
+               FROM keypairs
+               WHERE addr=(SELECT value FROM config WHERE keyname="configured_addr")
+               AND is_default=1"#,
+            (),
+            |row| {
+                let bytes: Vec<u8> = row.get(0)?;
+                Ok(bytes)
+            },
+        )
+        .await?
+    {
+        Some(bytes) => SignedSecretKey::from_slice(&bytes),
+        None => {
+            let keypair = generate_keypair(context).await?;
+            Ok(keypair.secret)
+        }
+    }
+}
+
+impl DcKey for SignedPublicKey {
     fn to_asc(&self, header: Option<(&str, &str)>) -> String {
         // Not using .to_armored_string() to make clear *why* it is
         // safe to ignore this error.
@@ -135,36 +144,6 @@ impl DcKey for SignedPublicKey {
 }
 
 impl DcKey for SignedSecretKey {
-    fn load_self<'a>(
-        context: &'a Context,
-    ) -> Pin<Box<dyn Future<Output = Result<Self>> + 'a + Send>> {
-        Box::pin(async move {
-            match context
-                .sql
-                .query_row_optional(
-                    r#"
-                    SELECT private_key
-                      FROM keypairs
-                     WHERE addr=(SELECT value FROM config WHERE keyname="configured_addr")
-                       AND is_default=1;
-                    "#,
-                    (),
-                    |row| {
-                        let bytes: Vec<u8> = row.get(0)?;
-                        Ok(bytes)
-                    },
-                )
-                .await?
-            {
-                Some(bytes) => Self::from_slice(&bytes),
-                None => {
-                    let keypair = generate_keypair(context).await?;
-                    Ok(keypair.secret)
-                }
-            }
-        })
-    }
-
     fn to_asc(&self, header: Option<(&str, &str)>) -> String {
         // Not using .to_armored_string() to make clear *why* it is
         // safe to do these unwraps.
@@ -185,7 +164,7 @@ impl DcKey for SignedSecretKey {
 /// Deltachat extension trait for secret keys.
 ///
 /// Provides some convenience wrappers only applicable to [SignedSecretKey].
-pub trait DcSecretKey {
+pub(crate) trait DcSecretKey {
     /// Create a public key from a private one.
     fn split_public_key(&self) -> Result<SignedPublicKey>;
 }
@@ -328,6 +307,24 @@ pub async fn store_self_keypair(
     Ok(())
 }
 
+/// Saves a keypair as the default keys.
+///
+/// This API is used for testing purposes
+/// to avoid generating the key in tests.
+/// Use import/export APIs instead.
+pub async fn preconfigure_keypair(context: &Context, addr: &str, secret_data: &str) -> Result<()> {
+    let addr = EmailAddress::new(addr)?;
+    let secret = SignedSecretKey::from_asc(secret_data)?.0;
+    let public = secret.split_public_key()?;
+    let keypair = KeyPair {
+        addr,
+        public,
+        secret,
+    };
+    store_self_keypair(context, &keypair, KeyPairUse::Default).await?;
+    Ok(())
+}
+
 /// A key fingerprint
 #[derive(Clone, Eq, PartialEq, Hash, serde::Serialize, serde::Deserialize)]
 pub struct Fingerprint(Vec<u8>);
@@ -522,9 +519,9 @@ i8pcjGO+IZffvyZJVRWfVooBJmWWbPB1pueo3tx8w3+fcuzpxz+RLFKaPyqXO+dD
     async fn test_load_self_existing() {
         let alice = alice_keypair();
         let t = TestContext::new_alice().await;
-        let pubkey = SignedPublicKey::load_self(&t).await.unwrap();
+        let pubkey = load_self_public_key(&t).await.unwrap();
         assert_eq!(alice.public, pubkey);
-        let seckey = SignedSecretKey::load_self(&t).await.unwrap();
+        let seckey = load_self_secret_key(&t).await.unwrap();
         assert_eq!(alice.secret, seckey);
     }
 
@@ -534,7 +531,7 @@ i8pcjGO+IZffvyZJVRWfVooBJmWWbPB1pueo3tx8w3+fcuzpxz+RLFKaPyqXO+dD
         t.set_config(Config::ConfiguredAddr, Some("alice@example.org"))
             .await
             .unwrap();
-        let key = SignedPublicKey::load_self(&t).await;
+        let key = load_self_public_key(&t).await;
         assert!(key.is_ok());
     }
 
@@ -544,7 +541,7 @@ i8pcjGO+IZffvyZJVRWfVooBJmWWbPB1pueo3tx8w3+fcuzpxz+RLFKaPyqXO+dD
         t.set_config(Config::ConfiguredAddr, Some("alice@example.org"))
             .await
             .unwrap();
-        let key = SignedSecretKey::load_self(&t).await;
+        let key = load_self_secret_key(&t).await;
         assert!(key.is_ok());
     }
 
@@ -561,7 +558,7 @@ i8pcjGO+IZffvyZJVRWfVooBJmWWbPB1pueo3tx8w3+fcuzpxz+RLFKaPyqXO+dD
             thread::spawn(move || {
                 tokio::runtime::Runtime::new()
                     .unwrap()
-                    .block_on(SignedPublicKey::load_self(&ctx))
+                    .block_on(load_self_public_key(&ctx))
             })
         };
         let thr1 = {
@@ -569,7 +566,7 @@ i8pcjGO+IZffvyZJVRWfVooBJmWWbPB1pueo3tx8w3+fcuzpxz+RLFKaPyqXO+dD
             thread::spawn(move || {
                 tokio::runtime::Runtime::new()
                     .unwrap()
-                    .block_on(SignedPublicKey::load_self(&ctx))
+                    .block_on(load_self_public_key(&ctx))
             })
         };
         let res0 = thr0.join().unwrap();

src/keyring.rs

@@ -1,87 +0,0 @@
-//! Keyring to perform rpgp operations with.
-
-use anyhow::Result;
-
-use crate::context::Context;
-use crate::key::DcKey;
-
-/// An in-memory keyring.
-///
-/// Instances are usually constructed just for the rpgp operation and
-/// short-lived.
-#[derive(Clone, Debug, Default)]
-pub struct Keyring<T>
-where
-    T: DcKey,
-{
-    keys: Vec<T>,
-}
-
-impl<T> Keyring<T>
-where
-    T: DcKey,
-{
-    /// New empty keyring.
-    pub fn new() -> Keyring<T> {
-        Keyring { keys: Vec::new() }
-    }
-
-    /// Create a new keyring with the the user's secret key loaded.
-    pub async fn new_self(context: &Context) -> Result<Keyring<T>> {
-        let mut keyring: Keyring<T> = Keyring::new();
-        keyring.load_self(context).await?;
-        Ok(keyring)
-    }
-
-    /// Load the user's key into the keyring.
-    pub async fn load_self(&mut self, context: &Context) -> Result<()> {
-        self.add(T::load_self(context).await?);
-        Ok(())
-    }
-
-    /// Add a key to the keyring.
-    pub fn add(&mut self, key: T) {
-        self.keys.push(key);
-    }
-
-    pub fn is_empty(&self) -> bool {
-        self.keys.is_empty()
-    }
-
-    /// A vector with reference to all the keys in the keyring.
-    pub fn keys(&self) -> &[T] {
-        &self.keys
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-    use crate::key::{SignedPublicKey, SignedSecretKey};
-    use crate::test_utils::{alice_keypair, TestContext};
-
-    #[test]
-    fn test_keyring_add_keys() {
-        let alice = alice_keypair();
-        let mut pub_ring: Keyring<SignedPublicKey> = Keyring::new();
-        pub_ring.add(alice.public.clone());
-        assert_eq!(pub_ring.keys(), [alice.public]);
-
-        let mut sec_ring: Keyring<SignedSecretKey> = Keyring::new();
-        sec_ring.add(alice.secret.clone());
-        assert_eq!(sec_ring.keys(), [alice.secret]);
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_keyring_load_self() {
-        // new_self() implies load_self()
-        let t = TestContext::new_alice().await;
-        let alice = alice_keypair();
-
-        let pub_ring: Keyring<SignedPublicKey> = Keyring::new_self(&t).await.unwrap();
-        assert_eq!(pub_ring.keys(), [alice.public]);
-
-        let sec_ring: Keyring<SignedSecretKey> = Keyring::new_self(&t).await.unwrap();
-        assert_eq!(sec_ring.keys(), [alice.secret]);
-    }
-}

src/lib.rs

@@ -8,7 +8,6 @@
     missing_debug_implementations,
     missing_docs,
     clippy::all,
-    clippy::indexing_slicing,
     clippy::wildcard_imports,
     clippy::needless_borrow,
     clippy::cast_lossless,
@@ -17,6 +16,7 @@
     clippy::explicit_into_iter_loop,
     clippy::cloned_instead_of_copied
 )]
+#![cfg_attr(not(test), warn(clippy::indexing_slicing))]
 #![allow(
     clippy::match_bool,
     clippy::mixed_read_write_in_expression,
@@ -70,7 +70,6 @@ mod scheduler;
 #[macro_use]
 mod job;
 pub mod key;
-mod keyring;
 pub mod location;
 mod login_param;
 pub mod message;
@@ -110,8 +109,6 @@ pub mod tools;
 pub mod accounts;
 pub mod reaction;
 
-pub use deltachat_message_parser as message_parser;
-
 /// If set IMAP/incoming and SMTP/outgoing MIME messages will be printed.
 pub const DCC_MIME_DEBUG: &str = "DCC_MIME_DEBUG";
 

src/location.rs

@@ -733,7 +733,7 @@ async fn maybe_send_locations(context: &Context) -> Result<Option<u64>> {
 
             next_event = next_event
                 .into_iter()
-                .chain(u64::try_from(locations_send_until - now).into_iter())
+                .chain(u64::try_from(locations_send_until - now))
                 .min();
 
             if has_locations {
@@ -757,7 +757,7 @@ async fn maybe_send_locations(context: &Context) -> Result<Option<u64>> {
                     );
                     next_event = next_event
                         .into_iter()
-                        .chain(u64::try_from(locations_last_sent + 61 - now).into_iter())
+                        .chain(u64::try_from(locations_last_sent + 61 - now))
                         .min();
                 }
             } else {

src/login_param.rs

@@ -5,9 +5,10 @@ use std::fmt;
 use anyhow::{ensure, Result};
 
 use crate::constants::{DC_LP_AUTH_FLAGS, DC_LP_AUTH_NORMAL, DC_LP_AUTH_OAUTH2};
+use crate::context::Context;
+use crate::provider::Socket;
 use crate::provider::{get_provider_by_id, Provider};
 use crate::socks::Socks5Config;
-use crate::{context::Context, provider::Socket};
 
 #[derive(Copy, Clone, Debug, Display, FromPrimitive, ToPrimitive, PartialEq, Eq)]
 #[repr(u32)]

src/message.rs

@@ -114,24 +114,16 @@ WHERE id=?;
     }
 
     /// Deletes a message, corresponding MDNs and unsent SMTP messages from the database.
-    pub async fn delete_from_db(self, context: &Context) -> Result<()> {
-        // We don't use transactions yet, so remove MDNs first to make
-        // sure they are not left while the message is deleted.
+    pub(crate) async fn delete_from_db(self, context: &Context) -> Result<()> {
         context
             .sql
-            .execute("DELETE FROM smtp WHERE msg_id=?", (self,))
-            .await?;
-        context
-            .sql
-            .execute("DELETE FROM msgs_mdns WHERE msg_id=?;", (self,))
-            .await?;
-        context
-            .sql
-            .execute("DELETE FROM msgs_status_updates WHERE msg_id=?;", (self,))
-            .await?;
-        context
-            .sql
-            .execute("DELETE FROM msgs WHERE id=?;", (self,))
+            .transaction(move |transaction| {
+                transaction.execute("DELETE FROM smtp WHERE msg_id=?", (self,))?;
+                transaction.execute("DELETE FROM msgs_mdns WHERE msg_id=?", (self,))?;
+                transaction.execute("DELETE FROM msgs_status_updates WHERE msg_id=?", (self,))?;
+                transaction.execute("DELETE FROM msgs WHERE id=?", (self,))?;
+                Ok(())
+            })
             .await?;
         Ok(())
     }
@@ -772,7 +764,7 @@ impl Message {
                 Chattype::Group | Chattype::Broadcast | Chattype::Mailinglist => {
                     Some(Contact::get_by_id(context, self.from_id).await?)
                 }
-                Chattype::Single | Chattype::Undefined => None,
+                Chattype::Single => None,
             }
         } else {
             None

src/mimefactory.rs

@@ -66,7 +66,7 @@ pub struct MimeFactory<'a> {
     in_reply_to: String,
     references: String,
     req_mdn: bool,
-    last_added_location_id: u32,
+    last_added_location_id: Option<u32>,
 
     /// If the created mime-structure contains sync-items,
     /// the IDs of these items are listed here.
@@ -85,7 +85,7 @@ pub struct RenderedEmail {
     // pub envelope: Envelope,
     pub is_encrypted: bool,
     pub is_gossiped: bool,
-    pub last_added_location_id: u32,
+    pub last_added_location_id: Option<u32>,
 
     /// A comma-separated string of sync-IDs that are used by the rendered email
     /// and must be deleted once the message is actually queued for sending
@@ -223,7 +223,7 @@ impl<'a> MimeFactory<'a> {
             in_reply_to,
             references,
             req_mdn,
-            last_added_location_id: 0,
+            last_added_location_id: None,
             sync_ids_to_delete: None,
             attach_selfavatar,
         };
@@ -264,7 +264,7 @@ impl<'a> MimeFactory<'a> {
             in_reply_to: String::default(),
             references: String::default(),
             req_mdn: false,
-            last_added_location_id: 0,
+            last_added_location_id: None,
             sync_ids_to_delete: None,
             attach_selfavatar: false,
         };
@@ -884,7 +884,7 @@ impl<'a> MimeFactory<'a> {
             .body(kml_content);
         if !self.msg.param.exists(Param::SetLatitude) {
             // otherwise, the independent location is already filed
-            self.last_added_location_id = last_added_location_id;
+            self.last_added_location_id = Some(last_added_location_id);
         }
         Ok(Some(part))
     }
@@ -904,7 +904,16 @@ impl<'a> MimeFactory<'a> {
         let mut placeholdertext = None;
         let mut meta_part = None;
 
-        if chat.is_protected() {
+        let send_verified_headers = match chat.typ {
+            // In single chats, the protection status isn't necessarily the same for both sides,
+            // so we don't send the Chat-Verified header:
+            Chattype::Single => false,
+            Chattype::Group => true,
+            // Mailinglists and broadcast lists can actually never be verified:
+            Chattype::Mailinglist => false,
+            Chattype::Broadcast => false,
+        };
+        if chat.is_protected() && send_verified_headers {
             headers
                 .protected
                 .push(Header::new("Chat-Verified".to_string(), "1".to_string()));
@@ -1965,7 +1974,7 @@ mod tests {
         let incoming_msg = get_chat_msg(&t, new_msg.chat_id, 0, 2).await;
 
         if delete_original_msg {
-            incoming_msg.id.delete_from_db(&t).await.unwrap();
+            incoming_msg.id.trash(&t).await.unwrap();
         }
 
         if message_arrives_inbetween {

src/mimeparser.rs

@@ -27,8 +27,7 @@ use crate::decrypt::{
 use crate::dehtml::dehtml;
 use crate::events::EventType;
 use crate::headerdef::{HeaderDef, HeaderDefMap};
-use crate::key::{DcKey, Fingerprint, SignedPublicKey, SignedSecretKey};
-use crate::keyring::Keyring;
+use crate::key::{load_self_secret_key, DcKey, Fingerprint, SignedPublicKey};
 use crate::message::{
     self, set_msg_failed, update_msg_state, Message, MessageState, MsgId, Viewtype,
 };
@@ -110,7 +109,7 @@ pub(crate) struct MimeMessage {
 
     /// The decrypted, raw mime structure.
     ///
-    /// This is non-empty iff `is_mime_modified` and the message was actually encrypted. It is used
+    /// This is non-empty only if the message was actually encrypted.  It is used
     /// for e.g. late-parsing HTML.
     pub decoded_data: Vec<u8>,
 
@@ -278,9 +277,10 @@ impl MimeMessage {
         headers.remove("chat-verified");
 
         let from = from.context("No from in message")?;
-        let private_keyring: Keyring<SignedSecretKey> = Keyring::new_self(context)
+        let private_keyring = vec![load_self_secret_key(context)
             .await
-            .context("failed to get own keyring")?;
+            .context("Failed to get own key")?];
+
         let mut decryption_info =
             prepare_decryption(context, &mail, &from.addr, message_time).await?;
 
@@ -1893,7 +1893,7 @@ fn get_mime_type(
             } else {
                 // Enacapsulated messages, see <https://www.w3.org/Protocols/rfc1341/7_3_Message.html>
                 // Also used as part "message/disposition-notification" of "multipart/report", which, however, will
-                // be handled separatedly.
+                // be handled separately.
                 // I've not seen any messages using this, so we do not attach these parts (maybe they're used to attach replies,
                 // which are unwanted at all).
                 // For now, we skip these parts at all; if desired, we could return DcMimeType::File/DC_MSG_File
@@ -2192,7 +2192,7 @@ async fn ndn_maybe_add_info_msg(
             // If we get an NDN for the mailing list, just issue a warning.
             warn!(context, "ignoring NDN for mailing list.");
         }
-        Chattype::Single | Chattype::Undefined => {}
+        Chattype::Single => {}
     }
     Ok(())
 }

src/peerstate.rs

@@ -392,6 +392,31 @@ impl Peerstate {
         }
     }
 
+    /// Returns a reference to the contact's public key fingerprint.
+    ///
+    /// Similar to [`Self::peek_key`], but returns the fingerprint instead of the key.
+    fn peek_key_fingerprint(&self, min_verified: PeerstateVerifiedStatus) -> Option<&Fingerprint> {
+        match min_verified {
+            PeerstateVerifiedStatus::BidirectVerified => self.verified_key_fingerprint.as_ref(),
+            PeerstateVerifiedStatus::Unverified => self
+                .public_key_fingerprint
+                .as_ref()
+                .or(self.gossip_key_fingerprint.as_ref()),
+        }
+    }
+
+    /// Returns true if the key used for opportunistic encryption in the 1:1 chat
+    /// is the same as the verified key.
+    ///
+    /// Note that verified groups always use the verified key no matter if the
+    /// opportunistic key matches or not.
+    pub(crate) fn is_using_verified_key(&self) -> bool {
+        let verified = self.peek_key_fingerprint(PeerstateVerifiedStatus::BidirectVerified);
+
+        verified.is_some()
+            && verified == self.peek_key_fingerprint(PeerstateVerifiedStatus::Unverified)
+    }
+
     /// Set this peerstate to verified
     /// Make sure to call `self.save_to_db` to save these changes
     /// Params:

src/pgp.rs

@@ -20,7 +20,6 @@ use tokio::runtime::Handle;
 
 use crate::constants::KeyGenType;
 use crate::key::{DcKey, Fingerprint};
-use crate::keyring::Keyring;
 use crate::tools::EmailAddress;
 
 #[allow(missing_docs)]
@@ -237,7 +236,7 @@ fn select_pk_for_encryption(key: &SignedPublicKey) -> Option<SignedPublicKeyOrSu
 /// and signs it using `private_key_for_signing`.
 pub async fn pk_encrypt(
     plain: &[u8],
-    public_keys_for_encryption: Keyring<SignedPublicKey>,
+    public_keys_for_encryption: Vec<SignedPublicKey>,
     private_key_for_signing: Option<SignedSecretKey>,
 ) -> Result<String> {
     let lit_msg = Message::new_literal_bytes("", plain);
@@ -245,7 +244,6 @@ pub async fn pk_encrypt(
     Handle::current()
         .spawn_blocking(move || {
             let pkeys: Vec<SignedPublicKeyOrSubkey> = public_keys_for_encryption
-                .keys()
                 .iter()
                 .filter_map(select_pk_for_encryption)
                 .collect();
@@ -298,15 +296,15 @@ pub fn pk_calc_signature(
 #[allow(clippy::implicit_hasher)]
 pub fn pk_decrypt(
     ctext: Vec<u8>,
-    private_keys_for_decryption: &Keyring<SignedSecretKey>,
-    public_keys_for_validation: &Keyring<SignedPublicKey>,
+    private_keys_for_decryption: &[SignedSecretKey],
+    public_keys_for_validation: &[SignedPublicKey],
 ) -> Result<(Vec<u8>, HashSet<Fingerprint>)> {
     let mut ret_signature_fingerprints: HashSet<Fingerprint> = Default::default();
 
     let cursor = Cursor::new(ctext);
     let (msg, _) = Message::from_armor_single(cursor)?;
 
-    let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption.keys().iter().collect();
+    let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption.iter().collect();
 
     let (decryptor, _) = msg.decrypt(|| "".into(), &skeys[..])?;
     let msgs = decryptor.collect::<pgp::errors::Result<Vec<_>>>()?;
@@ -321,20 +319,13 @@ pub fn pk_decrypt(
             None => bail!("The decrypted message is empty"),
         };
 
-        if !public_keys_for_validation.is_empty() {
-            let pkeys = public_keys_for_validation.keys();
-
-            let mut fingerprints: Vec<Fingerprint> = Vec::new();
-            if let signed_msg @ pgp::composed::Message::Signed { .. } = msg {
-                for pkey in pkeys {
-                    if signed_msg.verify(&pkey.primary_key).is_ok() {
-                        let fp = DcKey::fingerprint(pkey);
-                        fingerprints.push(fp);
-                    }
+        if let signed_msg @ pgp::composed::Message::Signed { .. } = msg {
+            for pkey in public_keys_for_validation {
+                if signed_msg.verify(&pkey.primary_key).is_ok() {
+                    let fp = DcKey::fingerprint(pkey);
+                    ret_signature_fingerprints.insert(fp);
                 }
             }
-
-            ret_signature_fingerprints.extend(fingerprints);
         }
         Ok((content, ret_signature_fingerprints))
     } else {
@@ -346,12 +337,11 @@ pub fn pk_decrypt(
 pub fn pk_validate(
     content: &[u8],
     signature: &[u8],
-    public_keys_for_validation: &Keyring<SignedPublicKey>,
+    public_keys_for_validation: &[SignedPublicKey],
 ) -> Result<HashSet<Fingerprint>> {
     let mut ret: HashSet<Fingerprint> = Default::default();
 
     let standalone_signature = StandaloneSignature::from_armor_single(Cursor::new(signature))?.0;
-    let pkeys = public_keys_for_validation.keys();
 
     // Remove trailing CRLF before the delimiter.
     // According to RFC 3156 it is considered to be part of the MIME delimiter for the purpose of
@@ -360,7 +350,7 @@ pub fn pk_validate(
         .get(..content.len().saturating_sub(2))
         .context("index is out of range")?;
 
-    for pkey in pkeys {
+    for pkey in public_keys_for_validation {
         if standalone_signature.verify(pkey, content).is_ok() {
             let fp = DcKey::fingerprint(pkey);
             ret.insert(fp);
@@ -495,9 +485,7 @@ mod tests {
     async fn ctext_signed() -> &'static String {
         CTEXT_SIGNED
             .get_or_init(|| async {
-                let mut keyring = Keyring::new();
-                keyring.add(KEYS.alice_public.clone());
-                keyring.add(KEYS.bob_public.clone());
+                let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
 
                 pk_encrypt(CLEARTEXT, keyring, Some(KEYS.alice_secret.clone()))
                     .await
@@ -510,9 +498,7 @@ mod tests {
     async fn ctext_unsigned() -> &'static String {
         CTEXT_UNSIGNED
             .get_or_init(|| async {
-                let mut keyring = Keyring::new();
-                keyring.add(KEYS.alice_public.clone());
-                keyring.add(KEYS.bob_public.clone());
+                let keyring = vec![KEYS.alice_public.clone(), KEYS.bob_public.clone()];
                 pk_encrypt(CLEARTEXT, keyring, None).await.unwrap()
             })
             .await
@@ -537,10 +523,8 @@ mod tests {
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_singed() {
         // Check decrypting as Alice
-        let mut decrypt_keyring: Keyring<SignedSecretKey> = Keyring::new();
-        decrypt_keyring.add(KEYS.alice_secret.clone());
-        let mut sig_check_keyring: Keyring<SignedPublicKey> = Keyring::new();
-        sig_check_keyring.add(KEYS.alice_public.clone());
+        let decrypt_keyring = vec![KEYS.alice_secret.clone()];
+        let sig_check_keyring = vec![KEYS.alice_public.clone()];
         let (plain, valid_signatures) = pk_decrypt(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
@@ -551,10 +535,8 @@ mod tests {
         assert_eq!(valid_signatures.len(), 1);
 
         // Check decrypting as Bob
-        let mut decrypt_keyring = Keyring::new();
-        decrypt_keyring.add(KEYS.bob_secret.clone());
-        let mut sig_check_keyring = Keyring::new();
-        sig_check_keyring.add(KEYS.alice_public.clone());
+        let decrypt_keyring = vec![KEYS.bob_secret.clone()];
+        let sig_check_keyring = vec![KEYS.alice_public.clone()];
         let (plain, valid_signatures) = pk_decrypt(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
@@ -567,15 +549,9 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_no_sig_check() {
-        let mut keyring = Keyring::new();
-        keyring.add(KEYS.alice_secret.clone());
-        let empty_keyring = Keyring::new();
-        let (plain, valid_signatures) = pk_decrypt(
-            ctext_signed().await.as_bytes().to_vec(),
-            &keyring,
-            &empty_keyring,
-        )
-        .unwrap();
+        let keyring = vec![KEYS.alice_secret.clone()];
+        let (plain, valid_signatures) =
+            pk_decrypt(ctext_signed().await.as_bytes().to_vec(), &keyring, &[]).unwrap();
         assert_eq!(plain, CLEARTEXT);
         assert_eq!(valid_signatures.len(), 0);
     }
@@ -583,10 +559,8 @@ mod tests {
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_signed_no_key() {
         // The validation does not have the public key of the signer.
-        let mut decrypt_keyring = Keyring::new();
-        decrypt_keyring.add(KEYS.bob_secret.clone());
-        let mut sig_check_keyring = Keyring::new();
-        sig_check_keyring.add(KEYS.bob_public.clone());
+        let decrypt_keyring = vec![KEYS.bob_secret.clone()];
+        let sig_check_keyring = vec![KEYS.bob_public.clone()];
         let (plain, valid_signatures) = pk_decrypt(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
@@ -599,13 +573,11 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_unsigned() {
-        let mut decrypt_keyring = Keyring::new();
-        decrypt_keyring.add(KEYS.bob_secret.clone());
-        let sig_check_keyring = Keyring::new();
+        let decrypt_keyring = vec![KEYS.bob_secret.clone()];
         let (plain, valid_signatures) = pk_decrypt(
             ctext_unsigned().await.as_bytes().to_vec(),
             &decrypt_keyring,
-            &sig_check_keyring,
+            &[],
         )
         .unwrap();
         assert_eq!(plain, CLEARTEXT);

src/provider.rs

@@ -172,7 +172,7 @@ fn get_resolver() -> Result<TokioAsyncResolver> {
     let resolver = AsyncResolver::tokio(
         config::ResolverConfig::default(),
         config::ResolverOpts::default(),
-    )?;
+    );
     Ok(resolver)
 }
 

src/qr.rs

@@ -17,11 +17,12 @@ use crate::contact::{
     addr_normalize, may_be_valid_addr, Contact, ContactAddress, ContactId, Origin,
 };
 use crate::context::Context;
+use crate::events::EventType;
 use crate::key::Fingerprint;
 use crate::message::Message;
 use crate::peerstate::Peerstate;
 use crate::socks::Socks5Config;
-use crate::{token, EventType};
+use crate::token;
 
 const OPENPGP4FPR_SCHEME: &str = "OPENPGP4FPR:"; // yes: uppercase
 const DCACCOUNT_SCHEME: &str = "DCACCOUNT:";

src/qr_code_generator.rs

@@ -4,17 +4,15 @@ use anyhow::Result;
 use base64::Engine as _;
 use qrcodegen::{QrCode, QrCodeEcc};
 
-use crate::{
-    blob::BlobObject,
-    chat::{Chat, ChatId},
-    color::color_int_to_hex_string,
-    config::Config,
-    contact::{Contact, ContactId},
-    context::Context,
-    qr::{self, Qr},
-    securejoin,
-    stock_str::{self, backup_transfer_qr},
-};
+use crate::blob::BlobObject;
+use crate::chat::{Chat, ChatId};
+use crate::color::color_int_to_hex_string;
+use crate::config::Config;
+use crate::contact::{Contact, ContactId};
+use crate::context::Context;
+use crate::qr::{self, Qr};
+use crate::securejoin;
+use crate::stock_str::{self, backup_transfer_qr};
 
 /// Returns SVG of the QR code to join the group or verify contact.
 ///

src/receive_imf.rs

@@ -4,7 +4,7 @@ use std::cmp::min;
 use std::collections::HashSet;
 use std::convert::TryFrom;
 
-use anyhow::{bail, ensure, Context as _, Result};
+use anyhow::{Context as _, Result};
 use mailparse::{parse_mail, SingleInfo};
 use num_traits::FromPrimitive;
 use once_cell::sync::Lazy;
@@ -14,7 +14,7 @@ use crate::chat::{self, Chat, ChatId, ChatIdBlocked, ProtectionStatus};
 use crate::config::Config;
 use crate::constants::{Blocked, Chattype, ShowEmails, DC_CHAT_ID_TRASH};
 use crate::contact::{
-    may_be_valid_addr, normalize_name, Contact, ContactAddress, ContactId, Origin, VerifiedStatus,
+    may_be_valid_addr, normalize_name, Contact, ContactAddress, ContactId, Origin,
 };
 use crate::context::Context;
 use crate::debug_logging::maybe_set_logging_xdc_inner;
@@ -77,24 +77,6 @@ pub async fn receive_imf(
     let mail = parse_mail(imf_raw).context("can't parse mail")?;
     let rfc724_mid =
         imap::prefetch_get_message_id(&mail.headers).unwrap_or_else(imap::create_message_id);
-    if let Some(download_limit) = context.download_limit().await? {
-        let download_limit: usize = download_limit.try_into()?;
-        if imf_raw.len() > download_limit {
-            let head = std::str::from_utf8(imf_raw)?
-                .split("\r\n\r\n")
-                .next()
-                .context("No empty line in the message")?;
-            return receive_imf_inner(
-                context,
-                &rfc724_mid,
-                head.as_bytes(),
-                seen,
-                Some(imf_raw.len().try_into()?),
-                false,
-            )
-            .await;
-        }
-    }
     receive_imf_inner(context, &rfc724_mid, imf_raw, seen, None, false).await
 }
 
@@ -534,6 +516,10 @@ async fn add_parts(
                     securejoin_seen = true;
                 }
             }
+            // Peerstate could be updated by handling the Securejoin handshake.
+            let contact = Contact::get_by_id(context, from_id).await?;
+            mime_parser.decryption_info.peerstate =
+                Peerstate::from_addr(context, contact.get_addr()).await?;
         } else {
             securejoin_seen = false;
         }
@@ -596,7 +582,6 @@ async fn add_parts(
             if let Some((new_chat_id, new_chat_id_blocked)) = create_or_lookup_group(
                 context,
                 mime_parser,
-                is_partial_download.is_some(),
                 if test_normal_chat.is_none() {
                     allow_creation
                 } else {
@@ -624,12 +609,17 @@ async fn add_parts(
 
         // In lookup_chat_by_reply() and create_or_lookup_group(), it can happen that the message is put into a chat
         // but the From-address is not a member of this chat.
-        if let Some(chat_id) = chat_id {
-            if !chat::is_contact_in_chat(context, chat_id, from_id).await? {
-                let chat = Chat::load_from_db(context, chat_id).await?;
+        if let Some(group_chat_id) = chat_id {
+            if !chat::is_contact_in_chat(context, group_chat_id, from_id).await? {
+                let chat = Chat::load_from_db(context, group_chat_id).await?;
                 if chat.is_protected() {
-                    let s = stock_str::unknown_sender_for_chat(context).await;
-                    mime_parser.repl_msg_by_error(&s);
+                    if chat.typ == Chattype::Single {
+                        // Just assign the message to the 1:1 chat with the actual sender instead.
+                        chat_id = None;
+                    } else {
+                        let s = stock_str::unknown_sender_for_chat(context).await;
+                        mime_parser.repl_msg_by_error(&s);
+                    }
                 } else {
                     // In non-protected chats, just mark the sender as overridden. Therefore, the UI will prepend `~`
                     // to the sender's name, indicating to the user that he/she is not part of the group.
@@ -645,7 +635,7 @@ async fn add_parts(
                 context,
                 mime_parser,
                 sent_timestamp,
-                chat_id,
+                group_chat_id,
                 from_id,
                 to_ids,
             )
@@ -748,6 +738,51 @@ async fn add_parts(
                         );
                     }
                 }
+
+                // Check if the message was sent with verified encryption and set the protection of
+                // the 1:1 chat accordingly.
+                let chat = match is_partial_download.is_none()
+                    && mime_parser.get_header(HeaderDef::SecureJoin).is_none()
+                    && !is_mdn
+                {
+                    true => Some(Chat::load_from_db(context, chat_id).await?)
+                        .filter(|chat| chat.typ == Chattype::Single),
+                    false => None,
+                };
+                if let Some(chat) = chat {
+                    let mut new_protection = match has_verified_encryption(
+                        context,
+                        mime_parser,
+                        from_id,
+                        to_ids,
+                        Chattype::Single,
+                    )
+                    .await?
+                    {
+                        VerifiedEncryption::Verified => ProtectionStatus::Protected,
+                        VerifiedEncryption::NotVerified(_) => ProtectionStatus::Unprotected,
+                    };
+
+                    if chat.protected != ProtectionStatus::Unprotected
+                        && new_protection == ProtectionStatus::Unprotected
+                        // `chat.protected` must be maintained regardless of the `Config::VerifiedOneOnOneChats`.
+                        // That's why the config is checked here, and not above.
+                        && context.get_config_bool(Config::VerifiedOneOnOneChats).await?
+                    {
+                        new_protection = ProtectionStatus::ProtectionBroken;
+                    }
+                    if chat.protected != new_protection {
+                        // The message itself will be sorted under the device message since the device
+                        // message is `MessageState::InNoticed`, which means that all following
+                        // messages are sorted under it.
+                        let sort_timestamp =
+                            calc_sort_timestamp(context, sent_timestamp, chat_id, true, incoming)
+                                .await?;
+                        chat_id
+                            .set_protection(context, new_protection, sort_timestamp, Some(from_id))
+                            .await?;
+                    }
+                }
             }
         }
 
@@ -823,7 +858,6 @@ async fn add_parts(
                 if let Some((new_chat_id, new_chat_id_blocked)) = create_or_lookup_group(
                     context,
                     mime_parser,
-                    is_partial_download.is_some(),
                     allow_creation,
                     Blocked::Not,
                     from_id,
@@ -936,7 +970,8 @@ async fn add_parts(
     };
 
     let in_fresh = state == MessageState::InFresh;
-    let sort_timestamp = calc_sort_timestamp(context, sent_timestamp, chat_id, in_fresh).await?;
+    let sort_timestamp =
+        calc_sort_timestamp(context, sent_timestamp, chat_id, false, incoming).await?;
 
     // Apply ephemeral timer changes to the chat.
     //
@@ -1015,42 +1050,14 @@ async fn add_parts(
     // if a chat is protected and the message is fully downloaded, check additional properties
     if !chat_id.is_special() && is_partial_download.is_none() {
         let chat = Chat::load_from_db(context, chat_id).await?;
-        let new_status = match mime_parser.is_system_message {
-            SystemMessage::ChatProtectionEnabled => Some(ProtectionStatus::Protected),
-            SystemMessage::ChatProtectionDisabled => Some(ProtectionStatus::Unprotected),
-            _ => None,
-        };
 
-        if chat.is_protected() || new_status.is_some() {
-            if let Err(err) = check_verified_properties(context, mime_parser, from_id, to_ids).await
+        if chat.is_protected() {
+            if let VerifiedEncryption::NotVerified(err) =
+                has_verified_encryption(context, mime_parser, from_id, to_ids, chat.typ).await?
             {
                 warn!(context, "Verification problem: {err:#}.");
                 let s = format!("{err}. See 'Info' for more details");
                 mime_parser.repl_msg_by_error(&s);
-            } else {
-                // change chat protection only when verification check passes
-                if let Some(new_status) = new_status {
-                    if chat_id
-                        .update_timestamp(
-                            context,
-                            Param::ProtectionSettingsTimestamp,
-                            sent_timestamp,
-                        )
-                        .await?
-                    {
-                        if let Err(e) = chat_id.inner_set_protection(context, new_status).await {
-                            chat::add_info_msg(
-                                context,
-                                chat_id,
-                                &format!("Cannot set protection: {e}"),
-                                sort_timestamp,
-                            )
-                            .await?;
-                            // do not return an error as this would result in retrying the message
-                        }
-                    }
-                    better_msg = Some(context.stock_protection_msg(new_status, from_id).await);
-                }
             }
         }
     }
@@ -1206,8 +1213,8 @@ INSERT INTO msgs
   )
 ON CONFLICT (id) DO UPDATE
 SET rfc724_mid=excluded.rfc724_mid, chat_id=excluded.chat_id,
-    from_id=excluded.from_id, to_id=excluded.to_id, timestamp_sent=excluded.timestamp_sent,
-    type=excluded.type, msgrmsg=excluded.msgrmsg,
+    from_id=excluded.from_id, to_id=excluded.to_id, timestamp=excluded.timestamp, timestamp_sent=excluded.timestamp_sent,
+    timestamp_rcvd=excluded.timestamp_rcvd, type=excluded.type, state=excluded.state, msgrmsg=excluded.msgrmsg,
     txt=excluded.txt, subject=excluded.subject, txt_raw=excluded.txt_raw, param=excluded.param,
     bytes=excluded.bytes, mime_headers=excluded.mime_headers,
     mime_compressed=excluded.mime_compressed, mime_in_reply_to=excluded.mime_in_reply_to,
@@ -1290,7 +1297,7 @@ RETURNING id
 
     if let Some(replace_msg_id) = replace_msg_id {
         // "Replace" placeholder with a message that has no parts.
-        replace_msg_id.delete_from_db(context).await?;
+        replace_msg_id.trash(context).await?;
     }
 
     chat_id.unarchive_if_not_muted(context, state).await?;
@@ -1397,25 +1404,43 @@ async fn calc_sort_timestamp(
     context: &Context,
     message_timestamp: i64,
     chat_id: ChatId,
-    is_fresh_msg: bool,
+    always_sort_to_bottom: bool,
+    incoming: bool,
 ) -> Result<i64> {
     let mut sort_timestamp = message_timestamp;
 
-    // get newest non fresh message for this chat
-    // update sort_timestamp if less than that
-    if is_fresh_msg {
-        let last_msg_time: Option<i64> = context
+    let last_msg_time: Option<i64> = if always_sort_to_bottom {
+        // get newest message for this chat
+        context
+            .sql
+            .query_get_value(
+                "SELECT MAX(timestamp) FROM msgs WHERE chat_id=?",
+                (chat_id,),
+            )
+            .await?
+    } else if incoming {
+        // get newest non fresh message for this chat.
+
+        // If a user hasn't been online for some time, the Inbox is fetched first and then the
+        // Sentbox. In order for Inbox and Sent messages to be allowed to mingle, outgoing messages
+        // are purely sorted by their sent timestamp. NB: The Inbox must be fetched first otherwise
+        // Inbox messages would be always below old Sentbox messages. We could take in the query
+        // below only incoming messages, but then new incoming messages would mingle with just sent
+        // outgoing ones and apear somewhere in the middle of the chat.
+        context
             .sql
             .query_get_value(
                 "SELECT MAX(timestamp) FROM msgs WHERE chat_id=? AND state>?",
                 (chat_id, MessageState::InFresh),
             )
-            .await?;
+            .await?
+    } else {
+        None
+    };
 
-        if let Some(last_msg_time) = last_msg_time {
-            if last_msg_time > sort_timestamp {
-                sort_timestamp = last_msg_time;
-            }
+    if let Some(last_msg_time) = last_msg_time {
+        if last_msg_time > sort_timestamp {
+            sort_timestamp = last_msg_time;
         }
     }
 
@@ -1520,7 +1545,6 @@ async fn is_probably_private_reply(
 async fn create_or_lookup_group(
     context: &Context,
     mime_parser: &mut MimeMessage,
-    is_partial_download: bool,
     allow_creation: bool,
     create_blocked: Blocked,
     from_id: ContactId,
@@ -1568,7 +1592,9 @@ async fn create_or_lookup_group(
     }
 
     let create_protected = if mime_parser.get_header(HeaderDef::ChatVerified).is_some() {
-        if let Err(err) = check_verified_properties(context, mime_parser, from_id, to_ids).await {
+        if let VerifiedEncryption::NotVerified(err) =
+            has_verified_encryption(context, mime_parser, from_id, to_ids, Chattype::Group).await?
+        {
             warn!(context, "Verification problem: {err:#}.");
             let s = format!("{err}. See 'Info' for more details");
             mime_parser.repl_msg_by_error(&s);
@@ -1651,7 +1677,7 @@ async fn create_or_lookup_group(
 
     if let Some(chat_id) = chat_id {
         Ok(Some((chat_id, chat_id_blocked)))
-    } else if is_partial_download || mime_parser.decrypting_failed {
+    } else if mime_parser.decrypting_failed {
         // It is possible that the message was sent to a valid,
         // yet unknown group, which was rejected because
         // Chat-Group-Name, which is in the encrypted part, was
@@ -1727,6 +1753,22 @@ async fn apply_group_changes(
         allow_member_list_changes
     };
 
+    if mime_parser.get_header(HeaderDef::ChatVerified).is_some() {
+        if let VerifiedEncryption::NotVerified(err) =
+            has_verified_encryption(context, mime_parser, from_id, to_ids, chat.typ).await?
+        {
+            warn!(context, "Verification problem: {err:#}.");
+            let s = format!("{err}. See 'Info' for more details");
+            mime_parser.repl_msg_by_error(&s);
+        }
+
+        if !chat.is_protected() {
+            chat_id
+                .inner_set_protection(context, ProtectionStatus::Protected)
+                .await?;
+        }
+    }
+
     if let Some(removed_addr) = mime_parser.get_header(HeaderDef::ChatGroupMemberRemoved) {
         removed_id = Contact::lookup_id_by_addr(context, removed_addr, Origin::Unknown).await?;
 
@@ -1807,20 +1849,6 @@ async fn apply_group_changes(
         }
     }
 
-    if mime_parser.get_header(HeaderDef::ChatVerified).is_some() {
-        if let Err(err) = check_verified_properties(context, mime_parser, from_id, to_ids).await {
-            warn!(context, "Verification problem: {err:#}.");
-            let s = format!("{err}. See 'Info' for more details");
-            mime_parser.repl_msg_by_error(&s);
-        }
-
-        if !chat.is_protected() {
-            chat_id
-                .inner_set_protection(context, ProtectionStatus::Protected)
-                .await?;
-        }
-    }
-
     if allow_member_list_changes {
         let mut new_members = HashSet::from_iter(to_ids.iter().copied());
         new_members.insert(ContactId::SELF);
@@ -2180,49 +2208,55 @@ async fn create_adhoc_group(
     Ok(Some(new_chat_id))
 }
 
-async fn check_verified_properties(
+enum VerifiedEncryption {
+    Verified,
+    NotVerified(String), // The string contains the reason why it's not verified
+}
+
+/// Checks whether the message is allowed to appear in a protected chat.
+///
+/// This means that it is encrypted, signed with a verified key,
+/// and if it's a group, all the recipients are verified.
+async fn has_verified_encryption(
     context: &Context,
     mimeparser: &MimeMessage,
     from_id: ContactId,
     to_ids: &[ContactId],
-) -> Result<()> {
-    let contact = Contact::get_by_id(context, from_id).await?;
+    chat_type: Chattype,
+) -> Result<VerifiedEncryption> {
+    use VerifiedEncryption::*;
 
-    ensure!(mimeparser.was_encrypted(), "This message is not encrypted");
-
-    if mimeparser.get_header(HeaderDef::ChatVerified).is_none() {
-        // we do not fail here currently, this would exclude (a) non-deltas
-        // and (b) deltas with different protection views across multiple devices.
-        // for group creation or protection enabled/disabled, however, Chat-Verified is respected.
-        warn!(
-            context,
-            "{} did not mark message as protected.",
-            contact.get_addr()
-        );
+    if from_id == ContactId::SELF && chat_type == Chattype::Single {
+        // For outgoing emails in the 1:1 chat, we have an exception that
+        // they are allowed to be unencrypted:
+        // 1. They can't be an attack (they are outgoing, not incoming)
+        // 2. Probably the unencryptedness is just a temporary state, after all
+        //    the user obviously still uses DC
+        //    -> Showing info messages everytime would be a lot of noise
+        // 3. The info messages that are shown to the user ("Your chat partner
+        //    likely reinstalled DC" or similar) would be wrong.
+        return Ok(Verified);
     }
 
+    if !mimeparser.was_encrypted() {
+        return Ok(NotVerified("This message is not encrypted".to_string()));
+    };
+
     // ensure, the contact is verified
     // and the message is signed with a verified key of the sender.
     // this check is skipped for SELF as there is no proper SELF-peerstate
     // and results in group-splits otherwise.
     if from_id != ContactId::SELF {
-        let peerstate = Peerstate::from_addr(context, contact.get_addr()).await?;
+        let Some(peerstate) = &mimeparser.decryption_info.peerstate else {
+            return Ok(NotVerified(
+                "No peerstate, the contact isn't verified".to_string(),
+            ));
+        };
 
-        if peerstate.is_none()
-            || contact.is_verified_ex(context, peerstate.as_ref()).await?
-                != VerifiedStatus::BidirectVerified
-        {
-            bail!(
-                "Sender of this message is not verified: {}",
-                contact.get_addr()
-            );
-        }
-
-        if let Some(peerstate) = peerstate {
-            ensure!(
-                peerstate.has_verified_key(&mimeparser.signatures),
-                "The message was sent with non-verified encryption"
-            );
+        if !peerstate.has_verified_key(&mimeparser.signatures) {
+            return Ok(NotVerified(
+                "The message was sent with non-verified encryption".to_string(),
+            ));
         }
     }
 
@@ -2234,7 +2268,7 @@ async fn check_verified_properties(
         .collect::<Vec<ContactId>>();
 
     if to_ids.is_empty() {
-        return Ok(());
+        return Ok(Verified);
     }
 
     let rows = context
@@ -2258,10 +2292,12 @@ async fn check_verified_properties(
         )
         .await?;
 
+    let contact = Contact::get_by_id(context, from_id).await?;
+
     for (to_addr, mut is_verified) in rows {
         info!(
             context,
-            "check_verified_properties: {:?} self={:?}.",
+            "has_verified_encryption: {:?} self={:?}.",
             to_addr,
             context.is_self_addr(&to_addr).await
         );
@@ -2295,13 +2331,13 @@ async fn check_verified_properties(
             }
         }
         if !is_verified {
-            bail!(
+            return Ok(NotVerified(format!(
                 "{} is not a member of this protected chat",
-                to_addr.to_string()
-            );
+                to_addr
+            )));
         }
     }
-    Ok(())
+    Ok(Verified)
 }
 
 /// Returns the last message referenced from `References` header if it is in the database.

src/receive_imf/tests.rs

@@ -10,9 +10,8 @@ use crate::chat::{get_chat_msgs, ChatItem, ChatVisibility};
 use crate::chatlist::Chatlist;
 use crate::config::Config;
 use crate::constants::{DC_GCL_FOR_FORWARDING, DC_GCL_NO_SPECIALS};
-use crate::download::{DownloadState, MIN_DOWNLOAD_LIMIT};
 use crate::imap::prefetch_should_download;
-use crate::message::{self, Message};
+use crate::message::Message;
 use crate::test_utils::{get_chat_msg, TestContext, TestContextManager};
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -2945,7 +2944,7 @@ async fn test_outgoing_private_reply_multidevice() -> Result<()> {
     let received = alice2.get_last_msg().await;
 
     // That's a regression test for https://github.com/deltachat/deltachat-core-rust/issues/2949:
-    assert_eq!(received.chat_id, alice2.get_chat(&bob).await.unwrap().id);
+    assert_eq!(received.chat_id, alice2.get_chat(&bob).await.id);
 
     let alice2_bob_contact = alice2.add_or_lookup_contact(&bob).await;
     assert_eq!(received.from_id, ContactId::SELF);
@@ -2974,7 +2973,6 @@ async fn test_auto_accept_for_bots() -> Result<()> {
     let msg = t.get_last_msg().await;
     let chat = chat::Chat::load_from_db(&t, msg.chat_id).await?;
     assert!(!chat.is_contact_request());
-    assert!(Contact::get_all(&t, 0, None).await?.len() == 1);
     Ok(())
 }
 
@@ -3699,114 +3697,3 @@ async fn test_keep_member_list_if_possibly_nomember() -> Result<()> {
     assert!(is_contact_in_chat(&bob, bob_chat_id, bob_alice_contact).await?);
     Ok(())
 }
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_download_later() -> Result<()> {
-    let mut tcm = TestContextManager::new();
-    let alice = tcm.alice().await;
-    alice.set_config(Config::DownloadLimit, Some("1")).await?;
-    assert_eq!(alice.download_limit().await?, Some(MIN_DOWNLOAD_LIMIT));
-
-    let bob = tcm.bob().await;
-    let bob_chat = bob.create_chat(&alice).await;
-    let text = String::from_utf8(vec![b'a'; MIN_DOWNLOAD_LIMIT as usize])?;
-    let sent_msg = bob.send_text(bob_chat.id, &text).await;
-    let msg = alice.recv_msg(&sent_msg).await;
-    assert_eq!(msg.download_state, DownloadState::Available);
-    assert_eq!(msg.state, MessageState::InFresh);
-
-    let hi_msg = tcm.send_recv(&bob, &alice, "hi").await;
-
-    alice.set_config(Config::DownloadLimit, None).await?;
-    let msg = alice.recv_msg(&sent_msg).await;
-    assert_eq!(msg.download_state, DownloadState::Done);
-    assert_eq!(msg.state, MessageState::InFresh);
-    assert_eq!(alice.get_last_msg_in(msg.chat_id).await.id, hi_msg.id);
-    assert!(msg.timestamp_sort <= hi_msg.timestamp_sort);
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_create_group_with_big_msg() -> Result<()> {
-    let mut tcm = TestContextManager::new();
-    let alice = tcm.alice().await;
-    let bob = tcm.bob().await;
-    let ba_contact = Contact::create(
-        &bob,
-        "alice",
-        &alice.get_config(Config::Addr).await?.unwrap(),
-    )
-    .await?;
-    let file_bytes = include_bytes!("../../test-data/image/screenshot.png");
-
-    let bob_grp_id = create_group_chat(&bob, ProtectionStatus::Unprotected, "Group").await?;
-    add_contact_to_chat(&bob, bob_grp_id, ba_contact).await?;
-    let mut msg = Message::new(Viewtype::Image);
-    msg.set_file_from_bytes(&bob, "a.jpg", file_bytes, None)
-        .await?;
-    let sent_msg = bob.send_msg(bob_grp_id, &mut msg).await;
-    assert!(!msg.get_showpadlock());
-
-    alice.set_config(Config::DownloadLimit, Some("1")).await?;
-    assert_eq!(alice.download_limit().await?, Some(MIN_DOWNLOAD_LIMIT));
-    let msg = alice.recv_msg(&sent_msg).await;
-    assert_eq!(msg.download_state, DownloadState::Available);
-    let alice_grp = Chat::load_from_db(&alice, msg.chat_id).await?;
-    assert_eq!(alice_grp.typ, Chattype::Group);
-    assert_eq!(alice_grp.name, "Group");
-    assert_eq!(
-        chat::get_chat_contacts(&alice, alice_grp.id).await?.len(),
-        2
-    );
-
-    alice.set_config(Config::DownloadLimit, None).await?;
-    let msg = alice.recv_msg(&sent_msg).await;
-    assert_eq!(msg.download_state, DownloadState::Done);
-    assert_eq!(msg.state, MessageState::InFresh);
-    assert_eq!(msg.viewtype, Viewtype::Image);
-    assert_eq!(msg.chat_id, alice_grp.id);
-    let alice_grp = Chat::load_from_db(&alice, msg.chat_id).await?;
-    assert_eq!(alice_grp.typ, Chattype::Group);
-    assert_eq!(alice_grp.name, "Group");
-    assert_eq!(
-        chat::get_chat_contacts(&alice, alice_grp.id).await?.len(),
-        2
-    );
-
-    let ab_chat_id = tcm.send_recv_accept(&alice, &bob, "hi").await.chat_id;
-    // Now Bob can send encrypted messages to Alice.
-
-    let bob_grp_id = create_group_chat(&bob, ProtectionStatus::Unprotected, "Group1").await?;
-    add_contact_to_chat(&bob, bob_grp_id, ba_contact).await?;
-    let mut msg = Message::new(Viewtype::Image);
-    msg.set_file_from_bytes(&bob, "a.jpg", file_bytes, None)
-        .await?;
-    let sent_msg = bob.send_msg(bob_grp_id, &mut msg).await;
-    assert!(msg.get_showpadlock());
-
-    alice.set_config(Config::DownloadLimit, Some("1")).await?;
-    let msg = alice.recv_msg(&sent_msg).await;
-    assert_eq!(msg.download_state, DownloadState::Available);
-    // Until fully downloaded, an encrypted message must sit in the 1:1 chat.
-    assert_eq!(msg.chat_id, ab_chat_id);
-
-    alice.set_config(Config::DownloadLimit, None).await?;
-    let msg = alice.recv_msg(&sent_msg).await;
-    assert_eq!(msg.download_state, DownloadState::Done);
-    assert_eq!(msg.state, MessageState::InFresh);
-    assert_eq!(msg.viewtype, Viewtype::Image);
-    assert_ne!(msg.chat_id, ab_chat_id);
-    let alice_grp = Chat::load_from_db(&alice, msg.chat_id).await?;
-    assert_eq!(alice_grp.typ, Chattype::Group);
-    assert_eq!(alice_grp.name, "Group1");
-    assert_eq!(
-        chat::get_chat_contacts(&alice, alice_grp.id).await?.len(),
-        2
-    );
-
-    // The big message must go away from the 1:1 chat.
-    assert_eq!(alice.get_last_msg_in(ab_chat_id).await.text, "hi");
-
-    Ok(())
-}

src/scheduler.rs

@@ -574,19 +574,6 @@ async fn fetch_idle(
                 .await;
         }
 
-        if ctx
-            .get_config_bool(Config::DisableIdle)
-            .await
-            .context("Failed to get disable_idle config")
-            .log_err(ctx)
-            .unwrap_or_default()
-        {
-            info!(ctx, "IMAP IDLE is disabled, going to fake idle.");
-            return connection
-                .fake_idle(ctx, Some(watch_folder), folder_meaning)
-                .await;
-        }
-
         info!(ctx, "IMAP session supports IDLE, using it.");
         match session
             .idle(
@@ -877,7 +864,7 @@ impl Scheduler {
 
         // Actually shutdown tasks.
         let timeout_duration = std::time::Duration::from_secs(30);
-        for b in once(self.inbox).chain(self.oboxes.into_iter()) {
+        for b in once(self.inbox).chain(self.oboxes) {
             tokio::time::timeout(timeout_duration, b.handle)
                 .await
                 .log_err(context)

src/securejoin.rs

@@ -6,15 +6,15 @@ use anyhow::{bail, Context as _, Error, Result};
 use percent_encoding::{utf8_percent_encode, AsciiSet, NON_ALPHANUMERIC};
 
 use crate::aheader::EncryptPreference;
-use crate::chat::{self, Chat, ChatId, ChatIdBlocked};
+use crate::chat::{self, Chat, ChatId, ChatIdBlocked, ProtectionStatus};
 use crate::config::Config;
-use crate::constants::Blocked;
+use crate::constants::{Blocked, Chattype};
 use crate::contact::{Contact, ContactId, Origin, VerifiedStatus};
 use crate::context::Context;
 use crate::e2ee::ensure_secret_key_exists;
 use crate::events::EventType;
 use crate::headerdef::HeaderDef;
-use crate::key::{DcKey, Fingerprint, SignedPublicKey};
+use crate::key::{load_self_public_key, DcKey, Fingerprint};
 use crate::message::{Message, Viewtype};
 use crate::mimeparser::{MimeMessage, SystemMessage};
 use crate::param::Param;
@@ -130,7 +130,7 @@ pub async fn get_securejoin_qr(context: &Context, group: Option<ChatId>) -> Resu
 }
 
 async fn get_self_fingerprint(context: &Context) -> Option<Fingerprint> {
-    match SignedPublicKey::load_self(context).await {
+    match load_self_public_key(context).await {
         Ok(key) => Some(key.fingerprint()),
         Err(_) => {
             warn!(context, "get_self_fingerprint(): failed to load key");
@@ -701,6 +701,22 @@ async fn secure_connection_established(
     let contact = Contact::get_by_id(context, contact_id).await?;
     let msg = stock_str::contact_verified(context, &contact).await;
     chat::add_info_msg(context, chat_id, &msg, time()).await?;
+    if context
+        .get_config_bool(Config::VerifiedOneOnOneChats)
+        .await?
+    {
+        let chat = Chat::load_from_db(context, chat_id).await?;
+        if chat.typ == Chattype::Single {
+            chat_id
+                .set_protection(
+                    context,
+                    ProtectionStatus::Protected,
+                    time(),
+                    Some(contact_id),
+                )
+                .await?;
+        }
+    }
     context.emit_event(EventType::ChatModified(chat_id));
     Ok(())
 }
@@ -778,11 +794,12 @@ mod tests {
     use crate::chat;
     use crate::chat::ProtectionStatus;
     use crate::chatlist::Chatlist;
-    use crate::constants::Chattype;
     use crate::contact::ContactAddress;
     use crate::contact::VerifiedStatus;
     use crate::peerstate::Peerstate;
     use crate::receive_imf::receive_imf;
+    use crate::stock_str::chat_protection_enabled;
+    use crate::test_utils::get_chat_msg;
     use crate::test_utils::{TestContext, TestContextManager};
     use crate::tools::EmailAddress;
 
@@ -791,6 +808,14 @@ mod tests {
         let mut tcm = TestContextManager::new();
         let alice = tcm.alice().await;
         let bob = tcm.bob().await;
+        alice
+            .set_config(Config::VerifiedOneOnOneChats, Some("1"))
+            .await
+            .unwrap();
+        bob.set_config(Config::VerifiedOneOnOneChats, Some("1"))
+            .await
+            .unwrap();
+
         assert_eq!(
             Chatlist::try_load(&alice, 0, None, None)
                 .await
@@ -874,10 +899,7 @@ mod tests {
             "vc-request-with-auth"
         );
         assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = SignedPublicKey::load_self(&bob.ctx)
-            .await
-            .unwrap()
-            .fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx).await.unwrap().fingerprint();
         assert_eq!(
             *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
             bob_fp.hex()
@@ -921,7 +943,7 @@ mod tests {
         // Check Alice got the verified message in her 1:1 chat.
         {
             let chat = alice.create_chat(&bob).await;
-            let msg_id = chat::get_chat_msgs(&alice.ctx, chat.get_id())
+            let msg_ids: Vec<_> = chat::get_chat_msgs(&alice.ctx, chat.get_id())
                 .await
                 .unwrap()
                 .into_iter()
@@ -929,11 +951,17 @@ mod tests {
                     chat::ChatItem::Message { msg_id } => Some(msg_id),
                     _ => None,
                 })
-                .max()
-                .expect("No messages in Alice's 1:1 chat");
-            let msg = Message::load_from_db(&alice.ctx, msg_id).await.unwrap();
-            assert!(msg.is_info());
-            assert!(msg.get_text().contains("bob@example.net verified"));
+                .collect();
+            assert_eq!(msg_ids.len(), 2);
+
+            let msg0 = Message::load_from_db(&alice.ctx, msg_ids[0]).await.unwrap();
+            assert!(msg0.is_info());
+            assert!(msg0.get_text().contains("bob@example.net verified"));
+
+            let msg1 = Message::load_from_db(&alice.ctx, msg_ids[1]).await.unwrap();
+            assert!(msg1.is_info());
+            let expected_text = chat_protection_enabled(&alice).await;
+            assert_eq!(msg1.get_text(), expected_text);
         }
 
         // Check Alice sent the right message to Bob.
@@ -969,7 +997,7 @@ mod tests {
         // Check Bob got the verified message in his 1:1 chat.
         {
             let chat = bob.create_chat(&alice).await;
-            let msg_id = chat::get_chat_msgs(&bob.ctx, chat.get_id())
+            let msg_ids: Vec<_> = chat::get_chat_msgs(&bob.ctx, chat.get_id())
                 .await
                 .unwrap()
                 .into_iter()
@@ -977,11 +1005,16 @@ mod tests {
                     chat::ChatItem::Message { msg_id } => Some(msg_id),
                     _ => None,
                 })
-                .max()
-                .expect("No messages in Bob's 1:1 chat");
-            let msg = Message::load_from_db(&bob.ctx, msg_id).await.unwrap();
-            assert!(msg.is_info());
-            assert!(msg.get_text().contains("alice@example.org verified"));
+                .collect();
+
+            let msg0 = Message::load_from_db(&bob.ctx, msg_ids[0]).await.unwrap();
+            assert!(msg0.is_info());
+            assert!(msg0.get_text().contains("alice@example.org verified"));
+
+            let msg1 = Message::load_from_db(&bob.ctx, msg_ids[1]).await.unwrap();
+            assert!(msg1.is_info());
+            let expected_text = chat_protection_enabled(&bob).await;
+            assert_eq!(msg1.get_text(), expected_text);
         }
 
         // Check Bob sent the final message
@@ -1008,7 +1041,7 @@ mod tests {
         let bob = tcm.bob().await;
 
         // Ensure Bob knows Alice_FP
-        let alice_pubkey = SignedPublicKey::load_self(&alice.ctx).await?;
+        let alice_pubkey = load_self_public_key(&alice.ctx).await?;
         let peerstate = Peerstate {
             addr: "alice@example.org".into(),
             last_seen: 10,
@@ -1062,7 +1095,7 @@ mod tests {
             "vc-request-with-auth"
         );
         assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = SignedPublicKey::load_self(&bob.ctx).await?.fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx).await?.fingerprint();
         assert_eq!(
             *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
             bob_fp.hex()
@@ -1233,7 +1266,7 @@ mod tests {
             "vg-request-with-auth"
         );
         assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = SignedPublicKey::load_self(&bob.ctx).await?.fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx).await?.fingerprint();
         assert_eq!(
             *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
             bob_fp.hex()
@@ -1269,26 +1302,17 @@ mod tests {
             // Now Alice's chat with Bob should still be hidden, the verified message should
             // appear in the group chat.
 
-            let chat = alice
-                .get_chat(&bob)
-                .await
-                .expect("Alice has no 1:1 chat with bob");
+            let chat = alice.get_chat(&bob).await;
             assert_eq!(
                 chat.blocked,
                 Blocked::Yes,
                 "Alice's 1:1 chat with Bob is not hidden"
             );
-            let msg_id = chat::get_chat_msgs(&alice.ctx, alice_chatid)
-                .await
-                .unwrap()
-                .into_iter()
-                .filter_map(|item| match item {
-                    chat::ChatItem::Message { msg_id } => Some(msg_id),
-                    _ => None,
-                })
-                .min()
-                .expect("No messages in Alice's group chat");
-            let msg = Message::load_from_db(&alice.ctx, msg_id).await.unwrap();
+            // There should be 3 messages in the chat:
+            // - The ChatProtectionEnabled message
+            // - bob@example.net verified
+            // - You added member bob@example.net
+            let msg = get_chat_msg(&alice, alice_chatid, 1, 3).await;
             assert!(msg.is_info());
             assert!(msg.get_text().contains("bob@example.net verified"));
         }
@@ -1313,10 +1337,7 @@ mod tests {
                 contact_alice.is_verified(&bob.ctx).await?,
                 VerifiedStatus::BidirectVerified
             );
-            let chat = bob
-                .get_chat(&alice)
-                .await
-                .expect("Bob has no 1:1 chat with Alice");
+            let chat = bob.get_chat(&alice).await;
             assert_eq!(
                 chat.blocked,
                 Blocked::Yes,

src/securejoin/bob.rs

@@ -9,6 +9,7 @@ use super::bobstate::{BobHandshakeStage, BobState};
 use super::qrinvite::QrInvite;
 use super::HandshakeMessage;
 use crate::chat::{is_contact_in_chat, ChatId, ProtectionStatus};
+use crate::config::Config;
 use crate::constants::{Blocked, Chattype};
 use crate::contact::Contact;
 use crate::context::Context;
@@ -222,6 +223,22 @@ impl BobState {
         let msg = stock_str::contact_verified(context, &contact).await;
         let chat_id = self.joining_chat_id(context).await?;
         chat::add_info_msg(context, chat_id, &msg, time()).await?;
+
+        if context
+            .get_config_bool(Config::VerifiedOneOnOneChats)
+            .await?
+            && chat_id == self.alice_chat()
+        {
+            chat_id
+                .set_protection(
+                    context,
+                    ProtectionStatus::Protected,
+                    time(),
+                    Some(contact.id),
+                )
+                .await?;
+        }
+
         context.emit_event(EventType::ChatModified(chat_id));
         Ok(())
     }

src/securejoin/bobstate.rs

@@ -17,7 +17,7 @@ use crate::contact::{Contact, Origin};
 use crate::context::Context;
 use crate::events::EventType;
 use crate::headerdef::HeaderDef;
-use crate::key::{DcKey, SignedPublicKey};
+use crate::key::{load_self_public_key, DcKey};
 use crate::message::{Message, Viewtype};
 use crate::mimeparser::{MimeMessage, SystemMessage};
 use crate::param::Param;
@@ -448,7 +448,7 @@ async fn send_handshake_message(
     };
 
     // Sends our own fingerprint in the Secure-Join-Fingerprint header.
-    let bob_fp = SignedPublicKey::load_self(context).await?.fingerprint();
+    let bob_fp = load_self_public_key(context).await?.fingerprint();
     msg.param.set(Param::Arg3, bob_fp.hex());
 
     // Sends the grpid in the Secure-Join-Group header.

src/smtp.rs

@@ -12,6 +12,7 @@ use tokio::task;
 
 use crate::config::Config;
 use crate::contact::{Contact, ContactId};
+use crate::context::Context;
 use crate::events::EventType;
 use crate::login_param::{CertificateChecks, LoginParam, ServerLoginParam};
 use crate::message::Message;
@@ -22,9 +23,9 @@ use crate::net::session::SessionBufStream;
 use crate::net::tls::wrap_tls;
 use crate::oauth2::get_oauth2_access_token;
 use crate::provider::Socket;
+use crate::scheduler::connectivity::ConnectivityStore;
 use crate::socks::Socks5Config;
 use crate::sql;
-use crate::{context::Context, scheduler::connectivity::ConnectivityStore};
 
 /// SMTP write and read timeout.
 const SMTP_TIMEOUT: Duration = Duration::from_secs(30);

src/stock_str.rs

@@ -393,18 +393,6 @@ pub enum StockMessage {
     #[strum(props(fallback = "Message deletion timer is set to %1$s weeks by %2$s."))]
     MsgEphemeralTimerWeeksBy = 157,
 
-    #[strum(props(fallback = "You enabled chat protection."))]
-    YouEnabledProtection = 158,
-
-    #[strum(props(fallback = "Chat protection enabled by %1$s."))]
-    ProtectionEnabledBy = 159,
-
-    #[strum(props(fallback = "You disabled chat protection."))]
-    YouDisabledProtection = 160,
-
-    #[strum(props(fallback = "Chat protection disabled by %1$s."))]
-    ProtectionDisabledBy = 161,
-
     #[strum(props(fallback = "Scan to set up second device for %1$s"))]
     BackupTransferQr = 162,
 
@@ -419,6 +407,12 @@ pub enum StockMessage {
 
     #[strum(props(fallback = "I left the group."))]
     MsgILeftGroup = 166,
+
+    #[strum(props(fallback = "Messages are guaranteed to be end-to-end encrypted from now on."))]
+    ChatProtectionEnabled = 170,
+
+    #[strum(props(fallback = "%1$s sent a message from another device."))]
+    ChatProtectionDisabled = 171,
 }
 
 impl StockMessage {
@@ -515,13 +509,21 @@ trait StockStringMods: AsRef<str> + Sized {
 }
 
 impl ContactId {
-    /// Get contact name for stock string.
-    async fn get_stock_name(self, context: &Context) -> String {
+    /// Get contact name and address for stock string, e.g. `Bob (bob@example.net)`
+    async fn get_stock_name_n_addr(self, context: &Context) -> String {
         Contact::get_by_id(context, self)
             .await
             .map(|contact| contact.get_name_n_addr())
             .unwrap_or_else(|_| self.to_string())
     }
+
+    /// Get contact name, e.g. `Bob`, or `bob@exmple.net` if no name is set.
+    async fn get_stock_name(self, context: &Context) -> String {
+        Contact::get_by_id(context, self)
+            .await
+            .map(|contact| contact.get_display_name().to_string())
+            .unwrap_or_else(|_| self.to_string())
+    }
 }
 
 impl StockStringMods for String {}
@@ -583,7 +585,7 @@ pub(crate) async fn msg_grp_name(
             .await
             .replace1(from_group)
             .replace2(to_group)
-            .replace3(&by_contact.get_stock_name(context).await)
+            .replace3(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -593,7 +595,7 @@ pub(crate) async fn msg_grp_img_changed(context: &Context, by_contact: ContactId
     } else {
         translated(context, StockMessage::MsgGrpImgChangedBy)
             .await
-            .replace1(&by_contact.get_stock_name(context).await)
+            .replace1(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -640,7 +642,7 @@ pub(crate) async fn msg_add_member_local(
         translated(context, StockMessage::MsgAddMemberBy)
             .await
             .replace1(whom)
-            .replace2(&by_contact.get_stock_name(context).await)
+            .replace2(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -687,7 +689,7 @@ pub(crate) async fn msg_del_member_local(
         translated(context, StockMessage::MsgDelMemberBy)
             .await
             .replace1(whom)
-            .replace2(&by_contact.get_stock_name(context).await)
+            .replace2(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -703,7 +705,7 @@ pub(crate) async fn msg_group_left_local(context: &Context, by_contact: ContactI
     } else {
         translated(context, StockMessage::MsgGroupLeftBy)
             .await
-            .replace1(&by_contact.get_stock_name(context).await)
+            .replace1(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -756,7 +758,7 @@ pub(crate) async fn msg_grp_img_deleted(context: &Context, by_contact: ContactId
     } else {
         translated(context, StockMessage::MsgGrpImgDeletedBy)
             .await
-            .replace1(&by_contact.get_stock_name(context).await)
+            .replace1(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -782,13 +784,9 @@ pub(crate) async fn secure_join_started(
 
 /// Stock string: `%1$s replied, waiting for being added to the group…`.
 pub(crate) async fn secure_join_replies(context: &Context, contact_id: ContactId) -> String {
-    if let Ok(contact) = Contact::get_by_id(context, contact_id).await {
-        translated(context, StockMessage::SecureJoinReplies)
-            .await
-            .replace1(contact.get_display_name())
-    } else {
-        format!("secure_join_replies: unknown contact {contact_id}")
-    }
+    translated(context, StockMessage::SecureJoinReplies)
+        .await
+        .replace1(&contact_id.get_stock_name(context).await)
 }
 
 /// Stock string: `Scan to chat with %1$s`.
@@ -881,7 +879,7 @@ pub(crate) async fn msg_location_enabled_by(context: &Context, contact: ContactI
     } else {
         translated(context, StockMessage::MsgLocationEnabledBy)
             .await
-            .replace1(&contact.get_stock_name(context).await)
+            .replace1(&contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -950,7 +948,7 @@ pub(crate) async fn msg_ephemeral_timer_disabled(
     } else {
         translated(context, StockMessage::MsgEphemeralTimerDisabledBy)
             .await
-            .replace1(&by_contact.get_stock_name(context).await)
+            .replace1(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -968,7 +966,7 @@ pub(crate) async fn msg_ephemeral_timer_enabled(
         translated(context, StockMessage::MsgEphemeralTimerEnabledBy)
             .await
             .replace1(timer)
-            .replace2(&by_contact.get_stock_name(context).await)
+            .replace2(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -979,7 +977,7 @@ pub(crate) async fn msg_ephemeral_timer_minute(context: &Context, by_contact: Co
     } else {
         translated(context, StockMessage::MsgEphemeralTimerMinuteBy)
             .await
-            .replace1(&by_contact.get_stock_name(context).await)
+            .replace1(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -990,7 +988,7 @@ pub(crate) async fn msg_ephemeral_timer_hour(context: &Context, by_contact: Cont
     } else {
         translated(context, StockMessage::MsgEphemeralTimerHourBy)
             .await
-            .replace1(&by_contact.get_stock_name(context).await)
+            .replace1(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -1001,7 +999,7 @@ pub(crate) async fn msg_ephemeral_timer_day(context: &Context, by_contact: Conta
     } else {
         translated(context, StockMessage::MsgEphemeralTimerDayBy)
             .await
-            .replace1(&by_contact.get_stock_name(context).await)
+            .replace1(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -1012,7 +1010,7 @@ pub(crate) async fn msg_ephemeral_timer_week(context: &Context, by_contact: Cont
     } else {
         translated(context, StockMessage::MsgEphemeralTimerWeekBy)
             .await
-            .replace1(&by_contact.get_stock_name(context).await)
+            .replace1(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -1053,26 +1051,16 @@ pub(crate) async fn error_no_network(context: &Context) -> String {
     translated(context, StockMessage::ErrorNoNetwork).await
 }
 
-/// Stock string: `Chat protection enabled.`.
-pub(crate) async fn protection_enabled(context: &Context, by_contact: ContactId) -> String {
-    if by_contact == ContactId::SELF {
-        translated(context, StockMessage::YouEnabledProtection).await
-    } else {
-        translated(context, StockMessage::ProtectionEnabledBy)
-            .await
-            .replace1(&by_contact.get_stock_name(context).await)
-    }
+/// Stock string: `Messages are guaranteed to be end-to-end encrypted from now on.`
+pub(crate) async fn chat_protection_enabled(context: &Context) -> String {
+    translated(context, StockMessage::ChatProtectionEnabled).await
 }
 
-/// Stock string: `Chat protection disabled.`.
-pub(crate) async fn protection_disabled(context: &Context, by_contact: ContactId) -> String {
-    if by_contact == ContactId::SELF {
-        translated(context, StockMessage::YouDisabledProtection).await
-    } else {
-        translated(context, StockMessage::ProtectionDisabledBy)
-            .await
-            .replace1(&by_contact.get_stock_name(context).await)
-    }
+/// Stock string: `%1$s sent a message from another device.`
+pub(crate) async fn chat_protection_disabled(context: &Context, contact_id: ContactId) -> String {
+    translated(context, StockMessage::ChatProtectionDisabled)
+        .await
+        .replace1(&contact_id.get_stock_name(context).await)
 }
 
 /// Stock string: `Reply`.
@@ -1104,7 +1092,7 @@ pub(crate) async fn msg_ephemeral_timer_minutes(
         translated(context, StockMessage::MsgEphemeralTimerMinutesBy)
             .await
             .replace1(minutes)
-            .replace2(&by_contact.get_stock_name(context).await)
+            .replace2(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -1122,7 +1110,7 @@ pub(crate) async fn msg_ephemeral_timer_hours(
         translated(context, StockMessage::MsgEphemeralTimerHoursBy)
             .await
             .replace1(hours)
-            .replace2(&by_contact.get_stock_name(context).await)
+            .replace2(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -1140,7 +1128,7 @@ pub(crate) async fn msg_ephemeral_timer_days(
         translated(context, StockMessage::MsgEphemeralTimerDaysBy)
             .await
             .replace1(days)
-            .replace2(&by_contact.get_stock_name(context).await)
+            .replace2(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -1158,7 +1146,7 @@ pub(crate) async fn msg_ephemeral_timer_weeks(
         translated(context, StockMessage::MsgEphemeralTimerWeeksBy)
             .await
             .replace1(weeks)
-            .replace2(&by_contact.get_stock_name(context).await)
+            .replace2(&by_contact.get_stock_name_n_addr(context).await)
     }
 }
 
@@ -1332,11 +1320,19 @@ impl Context {
     pub(crate) async fn stock_protection_msg(
         &self,
         protect: ProtectionStatus,
-        from_id: ContactId,
+        contact_id: Option<ContactId>,
     ) -> String {
         match protect {
-            ProtectionStatus::Unprotected => protection_enabled(self, from_id).await,
-            ProtectionStatus::Protected => protection_disabled(self, from_id).await,
+            ProtectionStatus::Unprotected | ProtectionStatus::ProtectionBroken => {
+                if let Some(contact_id) = contact_id {
+                    chat_protection_disabled(self, contact_id).await
+                } else {
+                    // In a group chat, it's not possible to downgrade verification.
+                    // In a 1:1 chat, the `contact_id` always has to be provided.
+                    "[Error] No contact_id given".to_string()
+                }
+            }
+            ProtectionStatus::Protected => chat_protection_enabled(self).await,
         }
     }
 

src/summary.rs

@@ -82,7 +82,7 @@ impl Summary {
                             .map(SummaryPrefix::Username)
                     }
                 }
-                Chattype::Single | Chattype::Undefined => None,
+                Chattype::Single => None,
             }
         };
 

src/test_utils.rs

@@ -27,15 +27,19 @@ use crate::chat::{
 };
 use crate::chatlist::Chatlist;
 use crate::config::Config;
-use crate::constants::Chattype;
+use crate::constants::{Blocked, Chattype};
 use crate::constants::{DC_GCL_NO_SPECIALS, DC_MSG_ID_DAYMARKER};
 use crate::contact::{Contact, ContactAddress, ContactId, Modifier, Origin};
 use crate::context::Context;
+use crate::e2ee::EncryptHelper;
 use crate::events::{Event, EventType, Events};
-use crate::key::{self, DcKey, KeyPair, KeyPairUse};
+use crate::key::{self, DcKey, KeyPairUse};
 use crate::message::{update_msg_state, Message, MessageState, MsgId, Viewtype};
-use crate::mimeparser::MimeMessage;
+use crate::mimeparser::{MimeMessage, SystemMessage};
+use crate::peerstate::Peerstate;
+use crate::pgp::KeyPair;
 use crate::receive_imf::receive_imf;
+use crate::securejoin::{get_securejoin_qr, join_securejoin};
 use crate::stock_str::StockStrings;
 use crate::tools::EmailAddress;
 
@@ -115,6 +119,10 @@ impl TestContextManager {
         msg: &str,
     ) -> Message {
         let received_msg = self.send_recv(from, to, msg).await;
+        assert_eq!(
+            received_msg.chat_blocked, Blocked::Request,
+            "`send_recv_accept()` is meant to be used for chat requests. Use `send_recv()` if the chat is already accepted."
+        );
         received_msg.chat_id.accept(to).await.unwrap();
         received_msg
     }
@@ -158,6 +166,27 @@ impl TestContextManager {
             new_addr
         );
     }
+
+    pub async fn execute_securejoin(&self, scanner: &TestContext, scanned: &TestContext) {
+        self.section(&format!(
+            "{} scans {}'s QR code",
+            scanner.name(),
+            scanned.name()
+        ));
+
+        let qr = get_securejoin_qr(&scanned.ctx, None).await.unwrap();
+        join_securejoin(&scanner.ctx, &qr).await.unwrap();
+
+        loop {
+            if let Some(sent) = scanner.pop_sent_msg_opt(Duration::ZERO).await {
+                scanned.recv_msg(&sent).await;
+            } else if let Some(sent) = scanned.pop_sent_msg_opt(Duration::ZERO).await {
+                scanner.recv_msg(&sent).await;
+            } else {
+                break;
+            }
+        }
+    }
 }
 
 #[derive(Debug, Clone, Default)]
@@ -562,19 +591,21 @@ impl TestContext {
         Contact::get_by_id(&self.ctx, contact_id).await.unwrap()
     }
 
-    /// Returns 1:1 [`Chat`] with another account, if it exists.
+    /// Returns 1:1 [`Chat`] with another account. Panics if it doesn't exist.
     ///
     /// This first creates a contact using the configured details on the other account, then
-    /// creates a 1:1 chat with this contact.
-    pub async fn get_chat(&self, other: &TestContext) -> Option<Chat> {
+    /// gets the 1:1 chat with this contact.
+    pub async fn get_chat(&self, other: &TestContext) -> Chat {
         let contact = self.add_or_lookup_contact(other).await;
-        match ChatId::lookup_by_contact(&self.ctx, contact.id)
+        let chat_id = ChatId::lookup_by_contact(&self.ctx, contact.id)
             .await
             .unwrap()
-        {
-            Some(id) => Some(Chat::load_from_db(&self.ctx, id).await.unwrap()),
-            None => None,
-        }
+            .expect(
+                "There is no chat with this contact. \
+                Hint: Use create_chat() instead of get_chat() if this is expected.",
+            );
+
+        Chat::load_from_db(&self.ctx, chat_id).await.unwrap()
     }
 
     /// Creates or returns an existing 1:1 [`Chat`] with another account.
@@ -633,7 +664,6 @@ impl TestContext {
         res
     }
 
-    #[allow(unused)]
     pub async fn golden_test_chat(&self, chat_id: ChatId, filename: &str) {
         let filename = Path::new("test-data/golden/").join(filename);
 
@@ -642,7 +672,7 @@ impl TestContext {
         // We're using `unwrap_or_default()` here so that if the file doesn't exist,
         // it can be created using `write` below.
         let expected = fs::read(&filename).await.unwrap_or_default();
-        let expected = String::from_utf8(expected).unwrap();
+        let expected = String::from_utf8(expected).unwrap().replace("\r\n", "\n");
         if (std::env::var("UPDATE_GOLDEN_TESTS") == Ok("1".to_string())) && actual != expected {
             fs::write(&filename, &actual)
                 .await
@@ -660,8 +690,6 @@ impl TestContext {
     /// You can use this to debug your test by printing the entire chat conversation.
     // This code is mainly the same as `log_msglist` in `cmdline.rs`, so one day, we could
     // merge them to a public function in the `deltachat` crate.
-    #[allow(dead_code)]
-    #[allow(clippy::indexing_slicing)]
     async fn display_chat(&self, chat_id: ChatId) -> String {
         let mut res = String::new();
 
@@ -886,7 +914,7 @@ pub fn alice_keypair() -> KeyPair {
     let secret = key::SignedSecretKey::from_asc(include_str!("../test-data/key/alice-secret.asc"))
         .unwrap()
         .0;
-    key::KeyPair {
+    KeyPair {
         addr,
         public,
         secret,
@@ -904,7 +932,7 @@ pub fn bob_keypair() -> KeyPair {
     let secret = key::SignedSecretKey::from_asc(include_str!("../test-data/key/bob-secret.asc"))
         .unwrap()
         .0;
-    key::KeyPair {
+    KeyPair {
         addr,
         public,
         secret,
@@ -914,7 +942,7 @@ pub fn bob_keypair() -> KeyPair {
 /// Load a pre-generated keypair for fiona@example.net from disk.
 ///
 /// Like [alice_keypair] but a different key and identity.
-pub fn fiona_keypair() -> key::KeyPair {
+pub fn fiona_keypair() -> KeyPair {
     let addr = EmailAddress::new("fiona@example.net").unwrap();
     let public = key::SignedPublicKey::from_asc(include_str!("../test-data/key/fiona-public.asc"))
         .unwrap()
@@ -922,7 +950,7 @@ pub fn fiona_keypair() -> key::KeyPair {
     let secret = key::SignedSecretKey::from_asc(include_str!("../test-data/key/fiona-secret.asc"))
         .unwrap()
         .0;
-    key::KeyPair {
+    KeyPair {
         addr,
         public,
         secret,
@@ -1014,6 +1042,26 @@ fn print_logevent(logevent: &LogEvent) {
     }
 }
 
+/// Saves the other account's public key as verified.
+pub(crate) async fn mark_as_verified(this: &TestContext, other: &TestContext) {
+    let mut peerstate = Peerstate::from_header(
+        &EncryptHelper::new(other).await.unwrap().get_aheader(),
+        // We have to give 0 as the time, not the current time:
+        // The time is going to be saved in peerstate.last_seen.
+        // The code in `peerstate.rs` then compares `if message_time > self.last_seen`,
+        // and many similar checks in peerstate.rs, and doesn't allow changes otherwise.
+        // Giving the current time would mean that message_time == peerstate.last_seen,
+        // so changes would not be allowed.
+        // This might lead to flaky tests.
+        0,
+    );
+
+    peerstate.verified_key = peerstate.public_key.clone();
+    peerstate.verified_key_fingerprint = peerstate.public_key_fingerprint.clone();
+
+    peerstate.save_to_db(&this.sql).await.unwrap();
+}
+
 /// Pretty-print an event to stdout
 ///
 /// Done during tests this is captured by `cargo test` and associated with the test itself.
@@ -1120,7 +1168,17 @@ async fn write_msg(context: &Context, prefix: &str, msg: &Message, buf: &mut Str
         } else {
             "[FRESH]"
         },
-        if msg.is_info() { "[INFO]" } else { "" },
+        if msg.is_info() {
+            if msg.get_info_type() == SystemMessage::ChatProtectionEnabled {
+                "[INFO 🛡️]"
+            } else if msg.get_info_type() == SystemMessage::ChatProtectionDisabled {
+                "[INFO 🛡️❌]"
+            } else {
+                "[INFO]"
+            }
+        } else {
+            ""
+        },
         if msg.get_viewtype() == Viewtype::VideochatInvitation {
             format!(
                 "[VIDEOCHAT-INVITATION: {}, type={}]",

src/tests.rs

@@ -1 +1,2 @@
 mod aeap;
+mod verified_chats;

src/tests/aeap.rs

@@ -8,10 +8,10 @@ use crate::contact;
 use crate::contact::Contact;
 use crate::contact::ContactId;
 use crate::message::Message;
-use crate::peerstate;
 use crate::peerstate::Peerstate;
 use crate::receive_imf::receive_imf;
 use crate::stock_str;
+use crate::test_utils::mark_as_verified;
 use crate::test_utils::TestContext;
 use crate::test_utils::TestContextManager;
 
@@ -134,11 +134,11 @@ async fn check_aeap_transition(
         let fiona = tcm.fiona().await;
 
         tcm.send_recv_accept(&fiona, &bob, "Hi").await;
-        tcm.send_recv_accept(&bob, &fiona, "Hi back").await;
+        tcm.send_recv(&bob, &fiona, "Hi back").await;
     }
 
     tcm.send_recv_accept(&alice, &bob, "Hi").await;
-    tcm.send_recv_accept(&bob, &alice, "Hi back").await;
+    tcm.send_recv(&bob, &alice, "Hi back").await;
 
     if verified {
         mark_as_verified(&alice, &bob).await;
@@ -327,19 +327,6 @@ async fn check_no_transition_done(groups: &[ChatId], old_alice_addr: &str, bob:
     }
 }
 
-async fn mark_as_verified(this: &TestContext, other: &TestContext) {
-    let other_addr = other.get_primary_self_addr().await.unwrap();
-    let mut peerstate = peerstate::Peerstate::from_addr(this, &other_addr)
-        .await
-        .unwrap()
-        .unwrap();
-
-    peerstate.verified_key = peerstate.public_key.clone();
-    peerstate.verified_key_fingerprint = peerstate.public_key_fingerprint.clone();
-
-    peerstate.save_to_db(&this.sql).await.unwrap();
-}
-
 async fn get_last_info_msg(t: &TestContext, chat_id: ChatId) -> Option<Message> {
     let msgs = chat::get_chat_msgs_ex(
         &t.ctx,
@@ -368,7 +355,7 @@ async fn test_aeap_replay_attack() -> Result<()> {
     let bob = tcm.bob().await;
 
     tcm.send_recv_accept(&alice, &bob, "Hi").await;
-    tcm.send_recv_accept(&bob, &alice, "Hi back").await;
+    tcm.send_recv(&bob, &alice, "Hi back").await;
 
     let group =
         chat::create_group_chat(&bob, chat::ProtectionStatus::Unprotected, "Group 0").await?;

src/tests/verified_chats.rs

@@ -0,0 +1,770 @@
+use anyhow::Result;
+use pretty_assertions::assert_eq;
+
+use crate::chat::{Chat, ProtectionStatus};
+use crate::chatlist::Chatlist;
+use crate::config::Config;
+use crate::constants::DC_GCL_FOR_FORWARDING;
+use crate::contact::VerifiedStatus;
+use crate::contact::{Contact, Origin};
+use crate::message::{Message, Viewtype};
+use crate::mimefactory::MimeFactory;
+use crate::mimeparser::SystemMessage;
+use crate::receive_imf::receive_imf;
+use crate::stock_str;
+use crate::test_utils::{get_chat_msg, mark_as_verified, TestContext, TestContextManager};
+use crate::{e2ee, message};
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_verified_oneonone_chat_broken_by_classical() {
+    check_verified_oneonone_chat(true).await;
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_verified_oneonone_chat_broken_by_device_change() {
+    check_verified_oneonone_chat(false).await;
+}
+
+async fn check_verified_oneonone_chat(broken_by_classical_email: bool) {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    tcm.execute_securejoin(&alice, &bob).await;
+
+    assert_verified(&alice, &bob, ProtectionStatus::Protected).await;
+    assert_verified(&bob, &alice, ProtectionStatus::Protected).await;
+
+    if broken_by_classical_email {
+        tcm.section("Bob uses a classical MUA to send a message to Alice");
+        receive_imf(
+            &alice,
+            b"Subject: Re: Message from alice\r\n\
+          From: <bob@example.net>\r\n\
+          To: <alice@example.org>\r\n\
+          Date: Mon, 12 Dec 2022 14:33:39 +0000\r\n\
+          Message-ID: <abcd@example.net>\r\n\
+          \r\n\
+          Heyho!\r\n",
+            false,
+        )
+        .await
+        .unwrap()
+        .unwrap();
+    } else {
+        tcm.section("Bob sets up another Delta Chat device");
+        let bob2 = TestContext::new().await;
+        enable_verified_oneonone_chats(&[&bob2]).await;
+        bob2.set_name("bob2");
+        bob2.configure_addr("bob@example.net").await;
+
+        tcm.send_recv(&bob2, &alice, "Using another device now")
+            .await;
+    }
+
+    // Bob's contact is still verified, but the chat isn't marked as protected anymore
+    assert_verified(&alice, &bob, ProtectionStatus::ProtectionBroken).await;
+
+    tcm.section("Bob sends another message from DC");
+    tcm.send_recv(&bob, &alice, "Using DC again").await;
+
+    let contact = alice.add_or_lookup_contact(&bob).await;
+    assert_eq!(
+        contact.is_verified(&alice.ctx).await.unwrap(),
+        VerifiedStatus::BidirectVerified
+    );
+
+    // Bob's chat is marked as verified again
+    assert_verified(&alice, &bob, ProtectionStatus::Protected).await;
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_create_verified_oneonone_chat() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    let fiona = tcm.fiona().await;
+    enable_verified_oneonone_chats(&[&alice, &bob, &fiona]).await;
+
+    tcm.execute_securejoin(&alice, &bob).await;
+    tcm.execute_securejoin(&bob, &fiona).await;
+    assert_verified(&alice, &bob, ProtectionStatus::Protected).await;
+    assert_verified(&bob, &alice, ProtectionStatus::Protected).await;
+    assert_verified(&bob, &fiona, ProtectionStatus::Protected).await;
+    assert_verified(&fiona, &bob, ProtectionStatus::Protected).await;
+
+    let group_id = bob
+        .create_group_with_members(
+            ProtectionStatus::Protected,
+            "Group with everyone",
+            &[&alice, &fiona],
+        )
+        .await;
+    assert_eq!(
+        get_chat_msg(&bob, group_id, 0, 1).await.get_info_type(),
+        SystemMessage::ChatProtectionEnabled
+    );
+
+    {
+        let sent = bob.send_text(group_id, "Heyho").await;
+        alice.recv_msg(&sent).await;
+
+        let msg = fiona.recv_msg(&sent).await;
+        assert_eq!(
+            get_chat_msg(&fiona, msg.chat_id, 0, 2)
+                .await
+                .get_info_type(),
+            SystemMessage::ChatProtectionEnabled
+        );
+    }
+
+    // Alice and Fiona should now be verified because of gossip
+    let alice_fiona_contact = alice.add_or_lookup_contact(&fiona).await;
+    assert_eq!(
+        alice_fiona_contact.is_verified(&alice).await.unwrap(),
+        VerifiedStatus::BidirectVerified
+    );
+
+    // As soon as Alice creates a chat with Fiona, it should directly be protected
+    {
+        let chat = alice.create_chat(&fiona).await;
+        assert!(chat.is_protected());
+
+        let msg = alice.get_last_msg().await;
+        let expected_text = stock_str::chat_protection_enabled(&alice).await;
+        assert_eq!(msg.text, expected_text);
+    }
+
+    // Fiona should also see the chat as protected
+    {
+        let rcvd = tcm.send_recv(&alice, &fiona, "Hi Fiona").await;
+        let alice_fiona_id = rcvd.chat_id;
+        let chat = Chat::load_from_db(&fiona, alice_fiona_id).await?;
+        assert!(chat.is_protected());
+
+        let msg0 = get_chat_msg(&fiona, chat.id, 0, 2).await;
+        let expected_text = stock_str::chat_protection_enabled(&fiona).await;
+        assert_eq!(msg0.text, expected_text);
+    }
+
+    tcm.section("Fiona reinstalls DC");
+    drop(fiona);
+
+    let fiona_new = tcm.unconfigured().await;
+    enable_verified_oneonone_chats(&[&fiona_new]).await;
+    fiona_new.configure_addr("fiona@example.net").await;
+    e2ee::ensure_secret_key_exists(&fiona_new).await?;
+
+    tcm.send_recv(&fiona_new, &alice, "I have a new device")
+        .await;
+
+    // The chat should be and stay unprotected
+    {
+        let chat = alice.get_chat(&fiona_new).await;
+        assert!(!chat.is_protected());
+        assert!(chat.is_protection_broken());
+
+        // After recreating the chat, it should still be unprotected
+        chat.id.delete(&alice).await?;
+
+        let chat = alice.create_chat(&fiona_new).await;
+        assert!(!chat.is_protected());
+        assert!(!chat.is_protection_broken());
+    }
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_create_unverified_oneonone_chat() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    // A chat with an unknown contact should be created unprotected
+    let chat = alice.create_chat(&bob).await;
+    assert!(!chat.is_protected());
+    assert!(!chat.is_protection_broken());
+
+    receive_imf(
+        &alice,
+        b"From: Bob <bob@example.net>\n\
+          To: alice@example.org\n\
+          Message-ID: <1234-2@example.org>\n\
+          \n\
+          hello\n",
+        false,
+    )
+    .await?;
+
+    chat.id.delete(&alice).await.unwrap();
+    // Now Bob is a known contact, new chats should still be created unprotected
+    let chat = alice.create_chat(&bob).await;
+    assert!(!chat.is_protected());
+    assert!(!chat.is_protection_broken());
+
+    tcm.send_recv(&bob, &alice, "hi").await;
+    chat.id.delete(&alice).await.unwrap();
+    // Now we have a public key, new chats should still be created unprotected
+    let chat = alice.create_chat(&bob).await;
+    assert!(!chat.is_protected());
+    assert!(!chat.is_protection_broken());
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_degrade_verified_oneonone_chat() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    mark_as_verified(&alice, &bob).await;
+
+    let alice_chat = alice.create_chat(&bob).await;
+    assert!(alice_chat.is_protected());
+
+    receive_imf(
+        &alice,
+        b"From: Bob <bob@example.net>\n\
+          To: alice@example.org\n\
+          Message-ID: <1234-2@example.org>\n\
+          \n\
+          hello\n",
+        false,
+    )
+    .await?;
+
+    let contact_id = Contact::lookup_id_by_addr(&alice, "bob@example.net", Origin::Hidden)
+        .await?
+        .unwrap();
+
+    let msg0 = get_chat_msg(&alice, alice_chat.id, 0, 3).await;
+    let enabled = stock_str::chat_protection_enabled(&alice).await;
+    assert_eq!(msg0.text, enabled);
+    assert_eq!(msg0.param.get_cmd(), SystemMessage::ChatProtectionEnabled);
+
+    let msg1 = get_chat_msg(&alice, alice_chat.id, 1, 3).await;
+    let disabled = stock_str::chat_protection_disabled(&alice, contact_id).await;
+    assert_eq!(msg1.text, disabled);
+    assert_eq!(msg1.param.get_cmd(), SystemMessage::ChatProtectionDisabled);
+
+    let msg2 = get_chat_msg(&alice, alice_chat.id, 2, 3).await;
+    assert_eq!(msg2.text, "hello".to_string());
+    assert!(!msg2.is_system_message());
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_verified_oneonone_chat_enable_disable() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    // Alice & Bob verify each other
+    mark_as_verified(&alice, &bob).await;
+    mark_as_verified(&bob, &alice).await;
+
+    let chat = alice.create_chat(&bob).await;
+    assert!(chat.is_protected());
+
+    for alice_accepts_breakage in [true, false] {
+        // Bob uses Thunderbird to send a message
+        receive_imf(
+            &alice,
+            format!(
+                "From: Bob <bob@example.net>\n\
+              To: alice@example.org\n\
+              Message-ID: <1234-2{alice_accepts_breakage}@example.org>\n\
+              \n\
+              Message from Thunderbird\n"
+            )
+            .as_bytes(),
+            false,
+        )
+        .await?;
+
+        let chat = alice.get_chat(&bob).await;
+        assert!(!chat.is_protected());
+        assert!(chat.is_protection_broken());
+
+        if alice_accepts_breakage {
+            tcm.section("Alice clicks 'Accept' on the input-bar-dialog");
+            chat.id.accept(&alice).await?;
+            let chat = alice.get_chat(&bob).await;
+            assert!(!chat.is_protected());
+            assert!(!chat.is_protection_broken());
+        }
+
+        // Bob sends a message from DC again
+        tcm.send_recv(&bob, &alice, "Hello from DC").await;
+        let chat = alice.get_chat(&bob).await;
+        assert!(chat.is_protected());
+        assert!(!chat.is_protection_broken());
+    }
+
+    alice
+        .golden_test_chat(chat.id, "test_verified_oneonone_chat_enable_disable")
+        .await;
+
+    Ok(())
+}
+
+/// Messages with old timestamps are difficult for verified chats:
+/// - They must not be sorted over a protection-changed info message.
+///   That's what `test_old_message_2` tests
+/// - If they change the protection, then they must not be sorted over existing other messages,
+///   because then the protection-changed info message would also be above these existing messages.
+///   That's what `test_old_message_3` tests.
+///
+/// `test_old_message_1` tests the case where both the old and the new message
+/// change verification
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_old_message_1() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    mark_as_verified(&alice, &bob).await;
+
+    let chat = alice.create_chat(&bob).await; // This creates a protection-changed info message
+    assert!(chat.is_protected());
+
+    // This creates protection-changed info message #2;
+    // even though the date is old, info message and email must be sorted below the original info message.
+    receive_imf(
+        &alice,
+        b"From: Bob <bob@example.net>\n\
+          To: alice@example.org\n\
+          Message-ID: <1234-2-3@example.org>\n\
+          Date: Sat, 07 Dec 2019 19:00:27 +0000\n\
+          \n\
+          Message from Thunderbird\n",
+        true,
+    )
+    .await?;
+
+    alice.golden_test_chat(chat.id, "test_old_message_1").await;
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_old_message_2() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    mark_as_verified(&alice, &bob).await;
+
+    // This creates protection-changed info message #1:
+    let chat = alice.create_chat(&bob).await;
+    assert!(chat.is_protected());
+    let protection_msg = alice.get_last_msg().await;
+    assert_eq!(
+        protection_msg.param.get_cmd(),
+        SystemMessage::ChatProtectionEnabled
+    );
+
+    // This creates protection-changed info message #2.
+    let first_email = receive_imf(
+        &alice,
+        b"From: Bob <bob@example.net>\n\
+          To: alice@example.org\n\
+          Message-ID: <1234-2-3@example.org>\n\
+          Date: Sun, 08 Dec 2019 19:00:27 +0000\n\
+          \n\
+          Somewhat old message\n",
+        false,
+    )
+    .await?
+    .unwrap();
+
+    // Both messages will get the same timestamp as the protection-changed
+    // message, so this one will be sorted under the previous one
+    // even though it has an older timestamp.
+    let second_email = receive_imf(
+        &alice,
+        b"From: Bob <bob@example.net>\n\
+          To: alice@example.org\n\
+          Message-ID: <2319-2-3@example.org>\n\
+          Date: Sat, 07 Dec 2019 19:00:27 +0000\n\
+          \n\
+          Even older message, that must NOT be shown before the info message\n",
+        true,
+    )
+    .await?
+    .unwrap();
+
+    assert_eq!(first_email.sort_timestamp, second_email.sort_timestamp);
+    assert_eq!(first_email.sort_timestamp, protection_msg.timestamp_sort);
+
+    alice.golden_test_chat(chat.id, "test_old_message_2").await;
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_old_message_3() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    mark_as_verified(&alice, &bob).await;
+    mark_as_verified(&bob, &alice).await;
+
+    tcm.send_recv_accept(&bob, &alice, "Heyho from my verified device!")
+        .await;
+
+    // This unverified message must not be sorted over the message sent in the previous line:
+    receive_imf(
+        &alice,
+        b"From: Bob <bob@example.net>\n\
+          To: alice@example.org\n\
+          Message-ID: <1234-2-3@example.org>\n\
+          Date: Sat, 07 Dec 2019 19:00:27 +0000\n\
+          \n\
+          Old, unverified message\n",
+        true,
+    )
+    .await?;
+
+    alice
+        .golden_test_chat(alice.get_chat(&bob).await.id, "test_old_message_3")
+        .await;
+
+    Ok(())
+}
+
+/// Alice is offline for some time.
+/// When she comes online, first her inbox is synced and then her sentbox.
+/// This test tests that the messages are still in the right order.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_old_message_4() -> Result<()> {
+    let alice = TestContext::new_alice().await;
+    let msg_incoming = receive_imf(
+        &alice,
+        b"From: Bob <bob@example.net>\n\
+          To: alice@example.org\n\
+          Message-ID: <1234-2-3@example.org>\n\
+          Date: Sun, 08 Dec 2019 19:00:27 +0000\n\
+          \n\
+          Thanks, Alice!\n",
+        true,
+    )
+    .await?
+    .unwrap();
+
+    let msg_sent = receive_imf(
+        &alice,
+        b"From: alice@example.org\n\
+          To: Bob <bob@example.net>\n\
+          Message-ID: <1234-2-4@example.org>\n\
+          Date: Sat, 07 Dec 2019 19:00:27 +0000\n\
+          \n\
+          Happy birthday, Bob!\n",
+        true,
+    )
+    .await?
+    .unwrap();
+
+    // The "Happy birthday" message should be shown first, and then the "Thanks" message
+    assert!(msg_sent.sort_timestamp < msg_incoming.sort_timestamp);
+
+    Ok(())
+}
+
+/// Alice is offline for some time.
+/// When they come online, first their sentbox is synced and then their inbox.
+/// This test tests that the messages are still in the right order.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_old_message_5() -> Result<()> {
+    let alice = TestContext::new_alice().await;
+    let msg_sent = receive_imf(
+        &alice,
+        b"From: alice@example.org\n\
+          To: Bob <bob@example.net>\n\
+          Message-ID: <1234-2-4@example.org>\n\
+          Date: Sat, 07 Dec 2019 19:00:27 +0000\n\
+          \n\
+          Happy birthday, Bob!\n",
+        true,
+    )
+    .await?
+    .unwrap();
+
+    let msg_incoming = receive_imf(
+        &alice,
+        b"From: Bob <bob@example.net>\n\
+          To: alice@example.org\n\
+          Message-ID: <1234-2-3@example.org>\n\
+          Date: Sun, 07 Dec 2019 19:00:26 +0000\n\
+          \n\
+          Happy birthday to me, Alice!\n",
+        false,
+    )
+    .await?
+    .unwrap();
+
+    assert!(msg_sent.sort_timestamp == msg_incoming.sort_timestamp);
+    alice
+        .golden_test_chat(msg_sent.chat_id, "test_old_message_5")
+        .await;
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_mdn_doesnt_disable_verification() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+    bob.set_config_bool(Config::MdnsEnabled, true).await?;
+
+    // Alice & Bob verify each other
+    mark_as_verified(&alice, &bob).await;
+    mark_as_verified(&bob, &alice).await;
+
+    let rcvd = tcm.send_recv_accept(&alice, &bob, "Heyho").await;
+    message::markseen_msgs(&bob, vec![rcvd.id]).await?;
+
+    let mimefactory = MimeFactory::from_mdn(&bob, &rcvd, vec![]).await?;
+    let rendered_msg = mimefactory.render(&bob).await?;
+    let body = rendered_msg.message;
+    receive_imf(&alice, body.as_bytes(), false).await.unwrap();
+
+    assert_verified(&alice, &bob, ProtectionStatus::Protected).await;
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_outgoing_mua_msg() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    mark_as_verified(&alice, &bob).await;
+    mark_as_verified(&bob, &alice).await;
+
+    tcm.send_recv_accept(&bob, &alice, "Heyho from DC").await;
+    assert_verified(&alice, &bob, ProtectionStatus::Protected).await;
+
+    let sent = receive_imf(
+        &alice,
+        b"From: alice@example.org\n\
+          To: bob@example.net\n\
+          \n\
+          One classical MUA message",
+        false,
+    )
+    .await?
+    .unwrap();
+    tcm.send_recv(&alice, &bob, "Sending with DC again").await;
+
+    alice
+        .golden_test_chat(sent.chat_id, "test_outgoing_mua_msg")
+        .await;
+
+    Ok(())
+}
+
+/// If Bob answers unencrypted from another address with a classical MUA,
+/// the message is under some circumstances still assigned to the original
+/// chat (see lookup_chat_by_reply()); this is meant to make aliases
+/// work nicely.
+/// However, if the original chat is verified, the unencrypted message
+/// must NOT be assigned to it (it would be replaced by an error
+/// message in the verified chat, so, this would just be a usability issue,
+/// not a security issue).
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_reply() -> Result<()> {
+    for verified in [false, true] {
+        let mut tcm = TestContextManager::new();
+        let alice = tcm.alice().await;
+        let bob = tcm.bob().await;
+        enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+        if verified {
+            mark_as_verified(&alice, &bob).await;
+            mark_as_verified(&bob, &alice).await;
+        }
+
+        tcm.send_recv_accept(&bob, &alice, "Heyho from DC").await;
+        let encrypted_msg = tcm.send_recv(&alice, &bob, "Heyho back").await;
+
+        let unencrypted_msg = receive_imf(
+            &alice,
+            format!(
+                "From: bob@someotherdomain.org\n\
+                 To: some-alias-forwarding-to-alice@example.org\n\
+                 In-Reply-To: {}\n\
+                 \n\
+                 Weird reply",
+                encrypted_msg.rfc724_mid
+            )
+            .as_bytes(),
+            false,
+        )
+        .await?
+        .unwrap();
+
+        let unencrypted_msg = Message::load_from_db(&alice, unencrypted_msg.msg_ids[0]).await?;
+        assert_eq!(unencrypted_msg.text, "Weird reply");
+
+        if verified {
+            assert_ne!(unencrypted_msg.chat_id, encrypted_msg.chat_id);
+        } else {
+            assert_eq!(unencrypted_msg.chat_id, encrypted_msg.chat_id);
+        }
+    }
+
+    Ok(())
+}
+
+/// Regression test for the following bug:
+///
+/// - Scan your chat partner's QR Code
+/// - They change devices
+/// - They send you a message
+/// - Without accepting the encryption downgrade, scan your chat partner's QR Code again
+///
+/// -> The re-verification fails.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_break_protection_then_verify_again() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice, &bob]).await;
+
+    // Cave: Bob can't write a message to Alice here.
+    // If he did, alice would increase his peerstate's last_seen timestamp.
+    // Then, after Bob reinstalls DC, alice's `if message_time > last_seen*`
+    // checks would return false (there are many checks of this form in peerstate.rs).
+    // Therefore, during the securejoin, Alice wouldn't accept the new key
+    // and reject the securejoin.
+
+    mark_as_verified(&alice, &bob).await;
+    mark_as_verified(&bob, &alice).await;
+
+    alice.create_chat(&bob).await;
+    assert_verified(&alice, &bob, ProtectionStatus::Protected).await;
+    let chats = Chatlist::try_load(&alice, DC_GCL_FOR_FORWARDING, None, None).await?;
+    assert!(chats.len() == 1);
+
+    tcm.section("Bob reinstalls DC");
+    drop(bob);
+    let bob_new = tcm.unconfigured().await;
+    enable_verified_oneonone_chats(&[&bob_new]).await;
+    bob_new.configure_addr("bob@example.net").await;
+    e2ee::ensure_secret_key_exists(&bob_new).await?;
+
+    tcm.send_recv(&bob_new, &alice, "I have a new device").await;
+
+    let contact = alice.add_or_lookup_contact(&bob_new).await;
+    assert_eq!(
+        contact.is_verified(&alice).await.unwrap(),
+        // Bob sent a message with a new key, so he most likely doesn't have
+        // the old key anymore. This means that Alice's device should show
+        // him as unverified:
+        VerifiedStatus::Unverified
+    );
+    let chat = alice.get_chat(&bob_new).await;
+    assert_eq!(chat.is_protected(), false);
+    assert_eq!(chat.is_protection_broken(), true);
+    let chats = Chatlist::try_load(&alice, DC_GCL_FOR_FORWARDING, None, None).await?;
+    assert!(chats.len() == 1);
+
+    {
+        let alice_bob_chat = alice.get_chat(&bob_new).await;
+        assert!(!alice_bob_chat.can_send(&alice).await?);
+
+        // Alice's UI should still be able to save a draft, which Alice started to type right when she got Bob's message:
+        let mut msg = Message::new(Viewtype::Text);
+        msg.set_text("Draftttt".to_string());
+        alice_bob_chat.id.set_draft(&alice, Some(&mut msg)).await?;
+        assert_eq!(
+            alice_bob_chat.id.get_draft(&alice).await?.unwrap().text,
+            "Draftttt"
+        );
+    }
+
+    tcm.execute_securejoin(&alice, &bob_new).await;
+    assert_verified(&alice, &bob_new, ProtectionStatus::Protected).await;
+
+    Ok(())
+}
+
+/// Regression test:
+/// - Verify a contact
+/// - The contact stops using DC and sends a message from a classical MUA instead
+/// - Delete the 1:1 chat
+/// - Create a 1:1 chat
+/// - Check that the created chat is not marked as protected
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_create_oneonone_chat_with_former_verified_contact() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let bob = tcm.bob().await;
+    enable_verified_oneonone_chats(&[&alice]).await;
+
+    mark_as_verified(&alice, &bob).await;
+
+    receive_imf(
+        &alice,
+        b"Subject: Message from bob\r\n\
+          From: <bob@example.net>\r\n\
+          To: <alice@example.org>\r\n\
+          Date: Mon, 12 Dec 2022 14:33:39 +0000\r\n\
+          Message-ID: <abcd@example.net>\r\n\
+          \r\n\
+          Heyho!\r\n",
+        false,
+    )
+    .await
+    .unwrap()
+    .unwrap();
+
+    alice.create_chat(&bob).await;
+
+    assert_verified(&alice, &bob, ProtectionStatus::Unprotected).await;
+
+    Ok(())
+}
+
+// ============== Helper Functions ==============
+
+async fn assert_verified(this: &TestContext, other: &TestContext, protected: ProtectionStatus) {
+    let contact = this.add_or_lookup_contact(other).await;
+    assert_eq!(
+        contact.is_verified(this).await.unwrap(),
+        VerifiedStatus::BidirectVerified
+    );
+
+    let chat = this.get_chat(other).await;
+    let (expect_protected, expect_broken) = match protected {
+        ProtectionStatus::Unprotected => (false, false),
+        ProtectionStatus::Protected => (true, false),
+        ProtectionStatus::ProtectionBroken => (false, true),
+    };
+    assert_eq!(chat.is_protected(), expect_protected);
+    assert_eq!(chat.is_protection_broken(), expect_broken);
+}
+
+async fn enable_verified_oneonone_chats(test_contexts: &[&TestContext]) {
+    for t in test_contexts {
+        t.set_config_bool(Config::VerifiedOneOnOneChats, true)
+            .await
+            .unwrap()
+    }
+}

src/tools.rs

@@ -700,7 +700,7 @@ pub(crate) fn buf_decompress(buf: &[u8]) -> Result<Vec<u8>> {
 }
 
 const RTLO_CHARACTERS: [char; 5] = ['\u{202A}', '\u{202B}', '\u{202C}', '\u{202D}', '\u{202E}'];
-/// This method strips all occurances of the RTLO Unicode character.
+/// This method strips all occurrences of the RTLO Unicode character.
 /// [Why is this needed](https://github.com/deltachat/deltachat-core-rust/issues/3479)?
 pub(crate) fn strip_rtlo_characters(input_str: &str) -> String {
     input_str.replace(|char| RTLO_CHARACTERS.contains(&char), "")