chore(release): prepare for 1.151.6

Bumps [quinn-proto](https://github.com/quinn-rs/quinn) from 0.11.3 to 0.11.9.
- [Release notes](https://github.com/quinn-rs/quinn/releases)
- [Commits](https://github.com/quinn-rs/quinn/compare/quinn-proto-0.11.3...quinn-proto-0.11.9)

---
updated-dependencies:
- dependency-name: quinn-proto
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/ci.yml

@@ -24,7 +24,7 @@ jobs:
     name: Lint Rust
     runs-on: ubuntu-latest
     env:
-      RUSTUP_TOOLCHAIN: 1.82.0
+      RUSTUP_TOOLCHAIN: 1.83.0
     steps:
       - uses: actions/checkout@v4
         with:
@@ -37,8 +37,10 @@ jobs:
         run: cargo fmt --all -- --check
       - name: Run clippy
         run: scripts/clippy.sh
-      - name: Check
+      - name: Check with all features
         run: cargo check --workspace --all-targets --all-features
+      - name: Check with only default features
+        run: cargo check --all-targets
 
   npm_constants:
     name: Check if node constants are up to date
@@ -95,11 +97,11 @@ jobs:
       matrix:
         include:
           - os: ubuntu-latest
-            rust: 1.82.0
+            rust: 1.83.0
           - os: windows-latest
-            rust: 1.82.0
+            rust: 1.83.0
           - os: macos-latest
-            rust: 1.82.0
+            rust: 1.83.0
 
           # Minimum Supported Rust Version = 1.77.0
           - os: ubuntu-latest

.github/workflows/nix.yml

@@ -0,0 +1,104 @@
+name: Test Nix flake
+
+on:
+  pull_request:
+    paths:
+      - flake.nix
+      - flake.lock
+  push:
+    paths:
+      - flake.nix
+      - flake.lock
+    branches:
+      - main
+
+jobs:
+  format:
+    name: check flake formatting
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          show-progress: false
+      - uses: DeterminateSystems/nix-installer-action@main
+      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - run: nix fmt
+
+      # Check that formatting does not change anything.
+      - run: git diff --exit-code
+
+  build:
+    name: nix build
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        installable:
+          # Ensure `nix develop` will work.
+          - devShells.x86_64-linux.default
+
+          - deltachat-python
+          - deltachat-repl
+          - deltachat-repl-aarch64-linux
+          - deltachat-repl-arm64-v8a-android
+          - deltachat-repl-armeabi-v7a-android
+          - deltachat-repl-armv6l-linux
+          - deltachat-repl-armv7l-linux
+          - deltachat-repl-i686-linux
+          - deltachat-repl-win32
+          - deltachat-repl-win64
+          - deltachat-repl-x86_64-linux
+          - deltachat-rpc-client
+          - deltachat-rpc-server
+          - deltachat-rpc-server-aarch64-linux
+          - deltachat-rpc-server-aarch64-linux-wheel
+          - deltachat-rpc-server-arm64-v8a-android
+          - deltachat-rpc-server-armeabi-v7a-android
+          - deltachat-rpc-server-armv6l-linux
+          - deltachat-rpc-server-armv6l-linux-wheel
+          - deltachat-rpc-server-armv7l-linux
+          - deltachat-rpc-server-armv7l-linux-wheel
+          - deltachat-rpc-server-i686-linux
+          - deltachat-rpc-server-i686-linux-wheel
+          - deltachat-rpc-server-source
+          - deltachat-rpc-server-win32
+          - deltachat-rpc-server-win32-wheel
+          - deltachat-rpc-server-win64
+          - deltachat-rpc-server-win64-wheel
+          - deltachat-rpc-server-x86_64-linux
+          - deltachat-rpc-server-x86_64-linux-wheel
+          - docs
+          - libdeltachat
+          - python-docs
+
+          # Fails to build
+          #- deltachat-repl-x86_64-android
+          #- deltachat-repl-x86-android
+          #- deltachat-rpc-server-x86_64-android
+          #- deltachat-rpc-server-x86-android
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          show-progress: false
+      - uses: DeterminateSystems/nix-installer-action@main
+      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - run: nix build .#${{ matrix.installable }}
+
+  build-macos:
+    name: nix build on macOS
+    runs-on: macos-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        installable:
+          - deltachat-rpc-server-aarch64-darwin
+
+          # Fails to bulid
+          # - deltachat-rpc-server-x86_64-darwin
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          show-progress: false
+      - uses: DeterminateSystems/nix-installer-action@main
+      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - run: nix build .#${{ matrix.installable }}

CHANGELOG.md

@@ -1,5 +1,293 @@
 # Changelog
 
+## [1.151.6] - 2024-12-11
+
+### Features / Changes
+
+- Don't add "Failed to send message to ..." info messages to group chats.
+- Add info messages about implicit membership changes if group member list is recreated ([#6314](https://github.com/deltachat/deltachat-core-rust/pull/6314)).
+
+### Fixes
+
+- Add self-addition message to chat when recreating member list.
+- Do not subscribe to heartbeat if already subscribed via metadata.
+
+### Build system
+
+- Add idna 0.5.0 exception into deny.toml.
+
+### Documentation
+
+- Update links to Node.js bindings in the README.
+
+### Refactor
+
+- Factor out `wait_for_all_work_done()`.
+
+### Tests
+
+- Notifiy more prominently & in more tests about false positives when running `cargo test` ([#6308](https://github.com/deltachat/deltachat-core-rust/pull/6308)).
+
+## [1.151.5] - 2024-12-05
+
+### API-Changes
+
+- [**breaking**] Remove dc_all_work_done().
+
+### Security
+
+- cargo: Update rPGP to 0.14.2.
+
+  This fixes [Panics on Malformed Untrusted Input](https://github.com/rpgp/rpgp/security/advisories/GHSA-9rmp-2568-59rv)
+  and [Potential Resource Exhaustion when handling Untrusted Messages](https://github.com/rpgp/rpgp/security/advisories/GHSA-4grw-m28r-q285).
+  This allows the attacker to crash the application via specially crafted messages and keys.
+  We recommend all users and bot operators to upgrade to the latest version.
+  There is no impact on the confidentiality of the messages and keys so no action other than upgrading is needed.
+
+### Fixes
+
+- Store plaintext in mime_headers of truncated sent messages ([#6273](https://github.com/deltachat/deltachat-core-rust/pull/6273)).
+
+### Documentation
+
+- Document `push` module.
+- Remove mention of non-existent `nightly` feature.
+
+### Tests
+
+- Fix panic in `receive_emails` benchmark ([#6306](https://github.com/deltachat/deltachat-core-rust/pull/6306)).
+
+## [1.151.4] - 2024-12-03
+
+### Features / Changes
+
+- Encrypt notification tokens.
+
+### Fixes
+
+- Replace connectivity state "Connected" with "Preparing".
+
+### Miscellaneous Tasks
+
+- Beta clippy suggestions ([#6271](https://github.com/deltachat/deltachat-core-rust/pull/6271)).
+
+### Tests
+
+- Fix `cargo check` for `receive_emails` benchmark.
+
+### CI
+
+- Also run cargo check without all-features.
+
+## [1.151.3] - 2024-12-02
+
+### API-Changes
+
+- Remove experimental `request_internet_access` option from webxdc's `manifest.toml`.
+- Add getWebxdcHref to json api ([#6281](https://github.com/deltachat/deltachat-core-rust/pull/6281)).
+
+### CI
+
+- Update Rust to 1.83.0.
+
+### Documentation
+
+- Update dc_msg_get_info_type() and dc_get_securejoin_qr() ([#6269](https://github.com/deltachat/deltachat-core-rust/pull/6269)).
+- Fix references to iroh-related headers in peer_channels docs.
+- Improve CFFI docs, link to corresponding JSON-RPC docs.
+
+### Features / Changes
+
+- Allow the user to replace maps integration ([#5678](https://github.com/deltachat/deltachat-core-rust/pull/5678)).
+- Mark saved messages chat as protected.
+
+### Fixes
+
+- Close iroh endpoint when I/O is stopped.
+- Do not add protection messages to Saved Messages chat.
+- Mark Saved Messages chat as protected if it exists.
+- Sync chat action even if sync message arrives before first one from contact ([#6259](https://github.com/deltachat/deltachat-core-rust/pull/6259)).
+
+### Refactor
+
+- Remove some .unwrap() calls.
+- Create_status_update_record: Remove double check of info_msg_id.
+- Use Option::or_else() to dedup emitting IncomingWebxdcNotify.
+
+## [1.151.2] - 2024-11-26
+
+### API-Changes
+
+- Deprecate webxdc `descr` parameter ([#6255](https://github.com/deltachat/deltachat-core-rust/pull/6255)).
+
+### Features / Changes
+
+- AEAP: Check that the old peerstate verified key fingerprint hasn't changed when removing it.
+- Add `AccountsChanged` and `AccountsItemChanged` events ([#6118](https://github.com/deltachat/deltachat-core-rust/pull/6118)).
+- Do not use format=flowed in outgoing messages ([#6256](https://github.com/deltachat/deltachat-core-rust/pull/6256)).
+- Add webxdc limits api.
+- Add href to IncomingWebxdcNotify event ([#6266](https://github.com/deltachat/deltachat-core-rust/pull/6266)).
+
+### Fixes
+
+- Revert treating some transient SMTP errors as permanent.
+
+### Refactor
+
+- Create_status_update_record: Get rid of `notify` var.
+
+### Tests
+
+- Check that IncomingMsg isn't emitted for reactions.
+
+## [1.151.1] - 2024-11-24
+
+### Build system
+
+- nix: Fix deltachat-rpc-server-source installable.
+
+### CI
+
+- Test building nix targets to avoid regressions.
+
+## [1.151.0] - 2024-11-23
+
+### Features / Changes
+
+- Trim whitespace from scanned QR codes.
+- Use privacy-preserving webxdc addresses ([#6237](https://github.com/deltachat/deltachat-core-rust/pull/6237)).
+- Webxdc notify ([#6230](https://github.com/deltachat/deltachat-core-rust/pull/6230)).
+- `update.href` api ([#6248](https://github.com/deltachat/deltachat-core-rust/pull/6248)).
+
+### Fixes
+
+- Never notify SELF ([#6251](https://github.com/deltachat/deltachat-core-rust/pull/6251)).
+
+### Build system
+
+- Use underscores in deltachat-rpc-server source package filename.
+- Remove imap_tools from dependencies ([#6238](https://github.com/deltachat/deltachat-core-rust/pull/6238)).
+- cargo: Update Rustls from 0.23.14 to 0.23.18.
+- deps: Bump curve25519-dalek from 3.2.0 to 4.1.3 in /fuzz.
+
+### Documentation
+
+- Move style guide into a separate document.
+- Clarify DC_EVENT_INCOMING_WEBXDC_NOTIFY documentation ([#6249](https://github.com/deltachat/deltachat-core-rust/pull/6249)).
+
+### Tests
+
+- After AEAP, 1:1 chat isn't available for sending, but unprotected groups are ([#6222](https://github.com/deltachat/deltachat-core-rust/pull/6222)).
+
+## [1.150.0] - 2024-11-21
+
+### API-Changes
+
+- Correct `DC_CERTCK_ACCEPT_*` values and docs ([#6176](https://github.com/deltachat/deltachat-core-rust/pull/6176)).
+
+### Features / Changes
+
+- Use Rustls for connections with strict TLS ([#6186](https://github.com/deltachat/deltachat-core-rust/pull/6186)).
+- Experimental header protection for Autocrypt.
+- Tune down io-not-started info in connectivity-html.
+- Clear config cache in start_io() ([#6228](https://github.com/deltachat/deltachat-core-rust/pull/6228)).
+- Line-before-quote may be up to 120 character long instead of 80.
+- Use i.delta.chat in qr codes ([#6223](https://github.com/deltachat/deltachat-core-rust/pull/6223)).
+
+### Fixes
+
+- Prevent accidental wrong-password-notifications ([#6122](https://github.com/deltachat/deltachat-core-rust/pull/6122)).
+- Remove footers from "Show Full Message...".
+- `send_msg_to_smtp`: Return Ok if `smtp` row is deleted in parallel.
+- Only add "member added/removed" messages if they actually do that ([#5992](https://github.com/deltachat/deltachat-core-rust/pull/5992)).
+- Do not fail to load chatlist summary if the message got removed.
+- deltachat-jsonrpc: Do not fail `get_chatlist_items_by_entries` if the message got deleted.
+- deltachat-jsonrpc: Do not fail `get_draft` if draft is deleted.
+- `markseen_msgs`: Limit not yet downloaded messages state to `InNoticed` ([#2970](https://github.com/deltachat/deltachat-core-rust/pull/2970)).
+- Update state of message when fully downloading it.
+- Dont overwrite equal drafts ([#6212](https://github.com/deltachat/deltachat-core-rust/pull/6212)).
+
+### Build system
+
+- Silence RUSTSEC-2024-0384.
+- cargo: Update rPGP from 0.13.2 to 0.14.0.
+- cargo: Update futures-concurrency from 7.6.1 to 7.6.2.
+- Update flake.nix ([#6200](https://github.com/deltachat/deltachat-core-rust/pull/6200))
+
+### CI
+
+- Ensure flake is formatted.
+
+### Documentation
+
+- Scanned proxies are added and normalized.
+
+### Refactor
+
+- Fix nightly clippy warnings.
+- Remove slicing from `is_file_in_use`.
+- Remove unnecessary `allow(clippy::indexing_slicing)`.
+- Don't use slicing in `remove_nonstandard_footer`.
+- Do not use slicing in `qr` module.
+- Eliminate indexing in `compute_mailinglist_name`.
+- Remove unused `allow(clippy::indexing_slicing)`.
+- Remove indexing/slicing from `remove_message_footer`.
+- Remove indexing/slicing from `squash_attachment_parts`.
+- Remove unused allow(clippy::indexing_slicing) for heuristically_parse_ndn.
+- Remove indexing/slicing from `parse_message_ids`.
+- Remove slicing from `remove_bottom_quote`.
+- Get rid of slicing in `remove_top_quote`.
+- Remove unused allow(clippy::indexing_slicing) from 'truncate'.
+- Forbid clippy::indexing_slicing.
+- Forbid clippy::string_slice.
+- Delete chat in a transaction.
+- Fix typo in `context.rs`.
+
+### Tests
+
+- Remove all calls to print() from deltachat-rpc-client tests.
+- Reply to protected group from MUA.
+- Mark not downloaded message as seen ([#2970](https://github.com/deltachat/deltachat-core-rust/pull/2970)).
+- Mark `receive_imf()` as only for tests and "internals" feature ([#6235](https://github.com/deltachat/deltachat-core-rust/pull/6235)).
+
+## [1.149.0] - 2024-11-05
+
+### Build system
+
+- Update tokio to 1.41 and Android NDK to r27.
+- `nix flake update android`.
+
+### Fixes
+
+- cargo: Update iroh to 0.28.1.
+  This fixes the problem with iroh not sending the `Host:` header and not being able to connect to relays behind nginx reverse proxy.
+
+## [1.148.7] - 2024-11-03
+
+### API-Changes
+
+- Add API to reset contact encryption.
+
+### Features / Changes
+
+- Emit chatlist events only if message still exists.
+
+### Fixes
+
+- send_msg_to_smtp: Do not fail if the message does not exist anymore.
+- Do not percent-encode dot when passing to autoconfig server.
+- Save contact name from SecureJoin QR to `authname`, not to `name` ([#6115](https://github.com/deltachat/deltachat-core-rust/pull/6115)).
+- Always exit fake IDLE after at most 60 seconds.
+- Concat NDNs ([#6129](https://github.com/deltachat/deltachat-core-rust/pull/6129)).
+
+### Refactor
+
+- Remove `has_decrypted_pgp_armor()`.
+
+### Miscellaneous Tasks
+
+- Update dependencies.
+
 ## [1.148.6] - 2024-10-31
 
 ### API-Changes
@@ -198,7 +486,7 @@ This reverts commit 6f22ce2722b51773d7fbb0d89e4764f963cafd91..
 - Reset quota on configured address change ([#5908](https://github.com/deltachat/deltachat-core-rust/pull/5908)).
 - Do not emit progress 1000 when configuration is cancelled.
 - Assume file extensions are 32 chars max and don't contain whitespace ([#5338](https://github.com/deltachat/deltachat-core-rust/pull/5338)).
-- Readd tokens.foreign_id column ([#6038](https://github.com/deltachat/deltachat-core-rust/pull/6038)).
+- Re-add tokens.foreign_id column ([#6038](https://github.com/deltachat/deltachat-core-rust/pull/6038)).
 
 ### Miscellaneous Tasks
 
@@ -789,7 +1077,7 @@ This reverts commit 6f22ce2722b51773d7fbb0d89e4764f963cafd91..
 
 ### Tests
 
-- deltachat-rpc-client: reenable `log_cli`.
+- deltachat-rpc-client: re-enable `log_cli`.
 
 ## [1.140.0] - 2024-06-04
 
@@ -1726,7 +2014,7 @@ This reverts commit 6f22ce2722b51773d7fbb0d89e4764f963cafd91..
   - Mark 1:1 chat as verified for Bob early. 1:1 chat with Alice is verified as soon as Alice's key is verified rather than at the end of the protocol.
 - Put Message-ID into hidden headers and take it from there on receiver ([#4798](https://github.com/deltachat/deltachat-core-rust/pull/4798)). This works around servers which generate their own Message-ID and overwrite the one generated by Delta Chat.
 - deltachat-repl: Enable INFO logging by default and add timestamps.
-- Add `ConfigSynced` (`DC_EVENT_CONFIG_SYNCED`) event which is emitted when configuration is changed via synchronization message or synchronization message for configuration is sent. UI may refresh elments based on the configuration key which is a part of the event.
+- Add `ConfigSynced` (`DC_EVENT_CONFIG_SYNCED`) event which is emitted when configuration is changed via synchronization message or synchronization message for configuration is sent. UI may refresh elements based on the configuration key which is a part of the event.
 - Sync contact creation/rename across devices ([#5163](https://github.com/deltachat/deltachat-core-rust/pull/5163)).
 - Encrypt MDNs ([#5175](https://github.com/deltachat/deltachat-core-rust/pull/5175)).
 - Only try to configure non-strict TLS checks if explicitly set ([#5181](https://github.com/deltachat/deltachat-core-rust/pull/5181)).
@@ -4443,14 +4731,10 @@ Bugfix release attempting to fix the [iOS build error](https://github.com/deltac
 
 - new qr-code type `DC_QR_WEBRTC` #1779
 
-- new `dc_chatlist_get_summary2()` api #1771
-
 - tweak smtp-timeout for larger mails #1782
 
 - optimize read-receipts #1765
 
-- Allow http scheme for DCACCOUNT URLs #1770
-
 - improve tests #1769
 
 - bug fixes #1766 #1772 #1773 #1775 #1776 #1777
@@ -5193,3 +5477,13 @@ https://github.com/deltachat/deltachat-core-rust/pulls?q=is%3Apr+is%3Aclosed
 [1.148.4]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.3..v1.148.4
 [1.148.5]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.4..v1.148.5
 [1.148.6]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.5..v1.148.6
+[1.148.7]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.6..v1.148.7
+[1.149.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.7..v1.149.0
+[1.150.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.149.0..v1.150.0
+[1.151.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.150.0..v1.151.0
+[1.151.1]: https://github.com/deltachat/deltachat-core-rust/compare/v1.151.0..v1.151.1
+[1.151.2]: https://github.com/deltachat/deltachat-core-rust/compare/v1.151.1..v1.151.2
+[1.151.3]: https://github.com/deltachat/deltachat-core-rust/compare/v1.151.2..v1.151.3
+[1.151.4]: https://github.com/deltachat/deltachat-core-rust/compare/v1.151.3..v1.151.4
+[1.151.5]: https://github.com/deltachat/deltachat-core-rust/compare/v1.151.4..v1.151.5
+[1.151.6]: https://github.com/deltachat/deltachat-core-rust/compare/v1.151.5..v1.151.6

CONTRIBUTING.md

@@ -1,6 +1,6 @@
-# Contributing guidelines
+# Contributing to Delta Chat
 
-## Reporting bugs
+## Bug reports
 
 If you found a bug, [report it on GitHub](https://github.com/deltachat/deltachat-core-rust/issues).
 If the bug you found is specific to
@@ -9,178 +9,114 @@ If the bug you found is specific to
 [Desktop](https://github.com/deltachat/deltachat-desktop/issues),
 report it to the corresponding repository.
 
-## Proposing features
+## Feature proposals
 
 If you have a feature request, create a new topic on the [forum](https://support.delta.chat/).
 
-## Contributing code
+## Code contributions
 
-If you want to contribute a code, [open a Pull Request](https://github.com/deltachat/deltachat-core-rust/pulls).
+If you want to contribute a code, follow this guide.
 
-If you have write access to the repository,
-push a branch named `<username>/<feature>`
-so it is clear who is responsible for the branch,
-and open a PR proposing to merge the change.
-Otherwise fork the repository and create a branch in your fork.
+1. **Select an issue to work on.**
+
+   If you have an write access to the repository, assign the issue to yourself.
+   Otherwise state in the comment that you are going to work on the issue
+   to avoid duplicate work.
+
+   If the issue does not exist yet, create it first.
+
+2. **Write the code.**
+
+   Follow the [coding conventions](STYLE.md) when writing the code.
+
+3. **Commit the code.**
+
+   If you have write access to the repository,
+   push a branch named `<username>/<feature>`
+   so it is clear who is responsible for the branch,
+   and open a PR proposing to merge the change.
+   Otherwise fork the repository and create a branch in your fork.
+
+   Commit messages follow the [Conventional Commits] notation.
+   We use [git-cliff] to generate the changelog from commit messages before the release.
+
+   With **`git cliff --unreleased`**, you can check how the changelog entry for your commit will look.
+
+   The following prefix types are used:
+   - `feat`: Features, e.g. "feat: Pause IO for BackupProvider". If you are unsure what's the category of your commit, you can often just use `feat`.
+   - `fix`: Bug fixes, e.g. "fix: delete `smtp` rows when message sending is cancelled"
+   - `api`: API changes, e.g. "api(rust): add `get_msg_read_receipts(context, msg_id)`"
+   - `refactor`: Refactorings, e.g. "refactor: iterate over `msg_ids` without `.iter()`"
+   - `perf`: Performance improvements, e.g. "perf: improve SQLite performance with `PRAGMA synchronous=normal`"
+   - `test`: Test changes and improvements to the testing framework.
+   - `build`: Build system and tool configuration changes, e.g. "build(git-cliff): put "ci" commits into "CI" section of changelog"
+   - `ci`: CI configuration changes, e.g. "ci: limit artifact retention time for `libdeltachat.a` to 1 day"
+   - `docs`: Documentation changes, e.g. "docs: add contributing guidelines"
+   - `chore`: miscellaneous tasks, e.g. "chore: add `.DS_Store` to `.gitignore`"
+
+   Release preparation commits are marked as "chore(release): prepare for X.Y.Z"
+   as described in [releasing guide](RELEASE.md).
+
+   Use a `!` to mark breaking changes, e.g. "api!: Remove `dc_chat_can_send`".
+
+   Alternatively, breaking changes can go into the commit description, e.g.:
+
+   ```
+   fix: Fix race condition and db corruption when a message was received during backup
+
+   BREAKING CHANGE: You have to call `dc_stop_io()`/`dc_start_io()` before/after `dc_imex(DC_IMEX_EXPORT_BACKUP)`
+   ```
+
+4. [**Open a Pull Request**](https://github.com/deltachat/deltachat-core-rust/pulls).
+
+   Refer to the corresponding issue.
+
+   If you intend to squash merge the PR from the web interface,
+   make sure the PR title follows the conventional commits notation
+   as it will end up being a commit title.
+   Otherwise make sure each commit title follows the conventional commit notation.
+
+5. **Make sure all CI checks succeed.**
+
+   CI runs the tests and checks code formatting.
+
+   While it is running, self-review your PR to make sure all the changes you expect are there
+   and there are no accidentally committed unrelated changes and files.
+
+   Push the necessary fixup commits or force-push to your branch if needed.
+
+6. **Ask for review.**
+
+   Use built-in GitHub feature to request a review from suggested reviewers.
+
+   If you do not have write access to the repository, ask for review in the comments.
+
+7. **Merge the PR.**
+
+   Once a PR has an approval and passes CI, it can be merged.
+
+   PRs from a branch created in the main repository,
+   i.e. authored by those who have write access, are merged by their authors.
+
+   This is to ensure that PRs are merged as intended by the author,
+   e.g. as a squash merge, by rebasing from the web interface or manually from the command line.
+
+   If you have multiple changes in one PR, do a rebase merge.
+   Otherwise, you should usually do a squash merge.
+
+   If PR author does not have write access to the repository,
+   maintainers who reviewed the PR can merge it.
+
+   If you do not have access to the repository and created a PR from a fork,
+   ask the maintainers to merge the PR and say how it should be merged.
+
+## Other ways to contribute
+
+For other ways to contribute, refer to the [website](https://delta.chat/en/contribute).
 
 You can find the list of good first issues
 and a link to this guide
 on the contributing page: <https://github.com/deltachat/deltachat-core-rust/contribute>
 
-### Coding conventions
-
-We format the code using `rustfmt`. Run `cargo fmt` prior to committing the code.
-Run `scripts/clippy.sh` to check the code for common mistakes with [Clippy].
-
-### SQL
-
-Multi-line SQL statements should be formatted using string literals,
-for example
-```
-    sql.execute(
-        "CREATE TABLE messages (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-text TEXT DEFAULT '' NOT NULL -- message text
-) STRICT",
-    )
-    .await?;
-```
-
-Do not use macros like [`concat!`](https://doc.rust-lang.org/std/macro.concat.html)
-or [`indoc!](https://docs.rs/indoc).
-Do not escape newlines like this:
-```
-    sql.execute(
-        "CREATE TABLE messages ( \
-id INTEGER PRIMARY KEY AUTOINCREMENT, \
-text TEXT DEFAULT '' NOT NULL \
-) STRICT",
-    )
-    .await?;
-```
-Escaping newlines
-is prone to errors like this if space before backslash is missing:
-```
-"SELECT foo\
- FROM bar"
-```
-Literal above results in `SELECT fooFROM bar` string.
-This style also does not allow using `--` comments.
-
----
-
-Declare new SQL tables with [`STRICT`](https://sqlite.org/stricttables.html) keyword
-to make SQLite check column types.
-
-Declare primary keys with [`AUTOINCREMENT`](https://www.sqlite.org/autoinc.html) keyword.
-This avoids reuse of the row IDs and can avoid dangerous bugs
-like forwarding wrong message because the message was deleted
-and another message took its row ID.
-
-Declare all new columns as `NOT NULL`
-and set the `DEFAULT` value if it is optional so the column can be skipped in `INSERT` statements.
-Dealing with `NULL` values both in SQL and in Rust is tricky and we try to avoid it.
-If column is already declared without `NOT NULL`, use `IFNULL` function to provide default value when selecting it.
-Use `HAVING COUNT(*) > 0` clause
-to [prevent aggregate functions such as `MIN` and `MAX` from returning `NULL`](https://stackoverflow.com/questions/66527856/aggregate-functions-max-etc-return-null-instead-of-no-rows).
-
-Don't delete unused columns too early, but maybe after several months/releases, unused columns are
-still used by older versions, so deleting them breaks downgrading the core or importing a backup in
-an older version. Also don't change the column type, consider adding a new column with another name
-instead. Finally, never change column semantics, this is especially dangerous because the `STRICT`
-keyword doesn't help here.
-
-### Commit messages
-
-Commit messages follow the [Conventional Commits] notation.
-We use [git-cliff] to generate the changelog from commit messages before the release.
-
-With **`git cliff --unreleased`**, you can check how the changelog entry for your commit will look.
-
-The following prefix types are used:
-- `feat`: Features, e.g. "feat: Pause IO for BackupProvider". If you are unsure what's the category of your commit, you can often just use `feat`.
-- `fix`: Bug fixes, e.g. "fix: delete `smtp` rows when message sending is cancelled"
-- `api`: API changes, e.g. "api(rust): add `get_msg_read_receipts(context, msg_id)`"
-- `refactor`: Refactorings, e.g. "refactor: iterate over `msg_ids` without `.iter()`"
-- `perf`: Performance improvements, e.g. "perf: improve SQLite performance with `PRAGMA synchronous=normal`"
-- `test`: Test changes and improvements to the testing framework.
-- `build`: Build system and tool configuration changes, e.g. "build(git-cliff): put "ci" commits into "CI" section of changelog"
-- `ci`: CI configuration changes, e.g. "ci: limit artifact retention time for `libdeltachat.a` to 1 day"
-- `docs`: Documentation changes, e.g. "docs: add contributing guidelines"
-- `chore`: miscellaneous tasks, e.g. "chore: add `.DS_Store` to `.gitignore`"
-
-Release preparation commits are marked as "chore(release): prepare for vX.Y.Z".
-
-If you intend to squash merge the PR from the web interface,
-make sure the PR title follows the conventional commits notation
-as it will end up being a commit title.
-Otherwise make sure each commit title follows the conventional commit notation.
-
-#### Breaking Changes
-
-Use a `!` to mark breaking changes, e.g. "api!: Remove `dc_chat_can_send`".
-
-Alternatively, breaking changes can go into the commit description, e.g.:
-
-```
-fix: Fix race condition and db corruption when a message was received during backup
-
-BREAKING CHANGE: You have to call `dc_stop_io()`/`dc_start_io()` before/after `dc_imex(DC_IMEX_EXPORT_BACKUP)`
-```
-
-#### Multiple Changes in one PR
-
-If you have multiple changes in one PR, create multiple conventional commits, and then do a rebase merge. Otherwise, you should usually do a squash merge.
-
-[Clippy]: https://doc.rust-lang.org/clippy/
 [Conventional Commits]: https://www.conventionalcommits.org/
 [git-cliff]: https://git-cliff.org/
-
-### Errors
-
-Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.
-When using [`Context`](https://docs.rs/anyhow/latest/anyhow/trait.Context.html),
-capitalize it but do not add a full stop as the contexts will be separated by `:`.
-For example:
-```
-.with_context(|| format!("Unable to trash message {msg_id}"))
-```
-
-All errors should be handled in one of these ways:
-- With `if let Err() =` (incl. logging them into `warn!()`/`err!()`).
-- With `.log_err().ok()`.
-- Bubbled up with `?`.
-
-`backtrace` feature is enabled for `anyhow` crate
-and `debug = 1` option is set in the test profile.
-This allows to run `RUST_BACKTRACE=1 cargo test`
-and get a backtrace with line numbers in resultified tests
-which return `anyhow::Result`.
-
-### Logging
-
-For logging, use `info!`, `warn!` and `error!` macros.
-Log messages should be capitalized and have a full stop in the end. For example:
-```
-info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
-```
-
-Format anyhow errors with `{:#}` to print all the contexts like this:
-```
-error!(context, "Failed to set selfavatar timestamp: {err:#}.");
-```
-
-### Reviewing
-
-Once a PR has an approval and passes CI, it can be merged.
-
-PRs from a branch created in the main repository, i.e. authored by those who have write access, are merged by their authors.
-This is to ensure that PRs are merged as intended by the author,
-e.g. as a squash merge, by rebasing from the web interface or manually from the command line.
-
-If you do not have access to the repository and created a PR from a fork,
-ask the maintainers to merge the PR and say how it should be merged.
-
-## Other ways to contribute
-
-For other ways to contribute, refer to the [website](https://delta.chat/en/contribute).

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat"
-version = "1.148.6"
+version = "1.151.6"
 edition = "2021"
 license = "MPL-2.0"
 rust-version = "1.77"
@@ -43,10 +43,10 @@ async-broadcast = "0.7.1"
 async-channel = { workspace = true }
 async-imap = { version = "0.10.2", default-features = false, features = ["runtime-tokio", "compress"] }
 async-native-tls = { version = "0.5", default-features = false, features = ["runtime-tokio"] }
-async-smtp = { version = "0.9", default-features = false, features = ["runtime-tokio"] }
+async-smtp = { version = "0.10", default-features = false, features = ["runtime-tokio"] }
 async_zip = { version = "0.0.17", default-features = false, features = ["deflate", "tokio-fs"] }
 base64 = { workspace = true }
-brotli = { version = "6", default-features=false, features = ["std"] }
+brotli = { version = "7", default-features=false, features = ["std"] }
 bytes = "1"
 chrono = { workspace = true, features = ["alloc", "clock", "std"] }
 email = { git = "https://github.com/deltachat/rust-email", branch = "master" }
@@ -61,11 +61,11 @@ hickory-resolver = "=0.25.0-alpha.2"
 http-body-util = "0.1.2"
 humansize = "2"
 hyper = "1"
-hyper-util = "0.1.9"
-image = { version = "0.25.1", default-features=false, features = ["gif", "jpeg", "ico", "png", "pnm", "webp", "bmp"] }
-iroh-gossip = { version = "0.26.0", default-features = false, features = ["net"] }
-iroh-net = { version = "0.26.0", default-features = false }
-kamadak-exif = "0.5.3"
+hyper-util = "0.1.10"
+image = { version = "0.25.5", default-features=false, features = ["gif", "jpeg", "ico", "png", "pnm", "webp", "bmp"] }
+iroh-gossip = { version = "0.28.1", default-features = false, features = ["net"] }
+iroh-net = { version = "0.28.1", default-features = false }
+kamadak-exif = "0.6.1"
 lettre_email = { git = "https://github.com/deltachat/lettre", branch = "master" }
 libc = { workspace = true }
 mailparse = "0.15"
@@ -76,22 +76,23 @@ num-traits = { workspace = true }
 once_cell = { workspace = true }
 parking_lot = "0.12"
 percent-encoding = "2.3"
-pgp = { version = "0.13.2", default-features = false }
+pgp = { version = "0.14.2", default-features = false }
 pin-project = "1"
 qrcodegen = "1.7.0"
-quick-xml = "0.36"
+quick-xml = "0.37"
 quoted_printable = "0.5"
 rand = { workspace = true }
 regex = { workspace = true }
 rusqlite = { workspace = true, features = ["sqlcipher"] }
 rust-hsluv = "0.1"
-rustls-pki-types = "1.9.0"
-rustls = { version = "0.23.13", default-features = false }
+rustls-pki-types = "1.10.0"
+rustls = { version = "0.23.19", default-features = false }
 sanitize-filename = { workspace = true }
 serde_json = { workspace = true }
 serde_urlencoded = "0.7.1"
 serde = { workspace = true, features = ["derive"] }
 sha-1 = "0.10"
+sha2 = "0.10"
 shadowsocks = { version = "1.21.0", default-features = false, features = ["aead-cipher-2022"] }
 smallvec = "1.13.2"
 strum = "0.26"
@@ -108,7 +109,7 @@ tokio = { workspace = true, features = ["fs", "rt-multi-thread", "macros"] }
 toml = "0.8"
 url = "2"
 uuid = { version = "1", features = ["serde", "v4"] }
-webpki-roots = "0.26.6"
+webpki-roots = "0.26.7"
 
 [dev-dependencies]
 anyhow = { workspace = true, features = ["backtrace"] } # Enable `backtrace` feature in tests.
@@ -149,6 +150,7 @@ harness = false
 
 [[bench]]
 name = "receive_emails"
+required-features = ["internals"]
 harness = false
 
 [[bench]]
@@ -171,29 +173,22 @@ chrono = { version = "0.4.38", default-features = false }
 deltachat-contact-tools = { path = "deltachat-contact-tools" }
 deltachat-jsonrpc = { path = "deltachat-jsonrpc", default-features = false }
 deltachat = { path = ".", default-features = false }
-futures = "0.3.30"
-futures-lite = "2.3.0"
+futures = "0.3.31"
+futures-lite = "2.5.0"
 libc = "0.2"
 log = "0.4"
 nu-ansi-term = "0.46"
 num-traits = "0.2"
-once_cell = "1.18.0"
+once_cell = "1.20.2"
 rand = "0.8"
 regex = "1.10"
 rusqlite = "0.32"
 sanitize-filename = "0.5"
 serde = "1.0"
 serde_json = "1"
-tempfile = "3.13.0"
+tempfile = "3.14.0"
 thiserror = "1"
-
-# 1.38 is the latest version before `mio` dependency update
-# that broke compilation with Android NDK r23c and r24.
-# Version 1.39.0 cannot be compiled using these NDKs,
-# see issue <https://github.com/tokio-rs/tokio/issues/6748>
-# for details.
-tokio = "~1.38.1"
-
+tokio = "1"
 tokio-util = "0.7.11"
 tracing-subscriber = "0.3"
 yerpc = "0.6.2"

README.md

@@ -161,7 +161,6 @@ $ cargo bolero test fuzz_format_flowed --release=false -e afl -s NONE
 ## Features
 
 - `vendored`: When using Openssl for TLS, this bundles a vendored version.
-- `nightly`: Enable nightly only performance and security related features.
 
 ## Update Provider Data
 
@@ -178,8 +177,8 @@ Language bindings are available for:
 
 - **C** \[[📂 source](./deltachat-ffi) | [📚 docs](https://c.delta.chat)\]
 - **Node.js** 
-  - over cffi: \[[📂 source](./node) | [📦 npm](https://www.npmjs.com/package/deltachat-node) | [📚 docs](https://js.delta.chat)\]
-  - over jsonrpc built with napi.rs (experimental): \[[📂 source](https://github.com/deltachat/napi-jsonrpc) | [📦 npm](https://www.npmjs.com/package/@deltachat/napi-jsonrpc)\]
+  - over JSON-RPC: \[[📂 source](./deltachat-rpc-client) | [📦 npm](https://www.npmjs.com/package/@deltachat/jsonrpc-client) | [📚 docs](https://js.jsonrpc.delta.chat/)\]
+  - over CFFI[^1]: \[[📂 source](./node) | [📦 npm](https://www.npmjs.com/package/deltachat-node) | [📚 docs](https://js.delta.chat/)\]
 - **Python** \[[📂 source](./python) | [📦 pypi](https://pypi.org/project/deltachat) | [📚 docs](https://py.delta.chat)\]
 - **Go**
   - over jsonrpc: \[[📂 source](https://github.com/deltachat/deltachat-rpc-client-go/)\]

RELEASE.md

@@ -14,8 +14,8 @@ For example, to release version 1.116.0 of the core, do the following steps.
 5. Commit the changes as `chore(release): prepare for 1.116.0`.
    Optionally, use a separate branch like `prep-1.116.0` for this commit and open a PR for review.
 
-6. Tag the release: `git tag -a v1.116.0`.
+6. Tag the release: `git tag --annotate v1.116.0`.
 
 7. Push the release tag: `git push origin v1.116.0`.
 
-8. Create a GitHub release: `gh release create v1.116.0 -n ''`.
+8. Create a GitHub release: `gh release create v1.116.0 --notes ''`.

STYLE.md

@@ -0,0 +1,98 @@
+# Coding conventions
+
+We format the code using `rustfmt`. Run `cargo fmt` prior to committing the code.
+Run `scripts/clippy.sh` to check the code for common mistakes with [Clippy].
+
+[Clippy]: https://doc.rust-lang.org/clippy/
+
+## SQL
+
+Multi-line SQL statements should be formatted using string literals,
+for example
+```
+    sql.execute(
+        "CREATE TABLE messages (
+id INTEGER PRIMARY KEY AUTOINCREMENT,
+text TEXT DEFAULT '' NOT NULL -- message text
+) STRICT",
+    )
+    .await?;
+```
+
+Do not use macros like [`concat!`](https://doc.rust-lang.org/std/macro.concat.html)
+or [`indoc!](https://docs.rs/indoc).
+Do not escape newlines like this:
+```
+    sql.execute(
+        "CREATE TABLE messages ( \
+id INTEGER PRIMARY KEY AUTOINCREMENT, \
+text TEXT DEFAULT '' NOT NULL \
+) STRICT",
+    )
+    .await?;
+```
+Escaping newlines
+is prone to errors like this if space before backslash is missing:
+```
+"SELECT foo\
+ FROM bar"
+```
+Literal above results in `SELECT fooFROM bar` string.
+This style also does not allow using `--` comments.
+
+---
+
+Declare new SQL tables with [`STRICT`](https://sqlite.org/stricttables.html) keyword
+to make SQLite check column types.
+
+Declare primary keys with [`AUTOINCREMENT`](https://www.sqlite.org/autoinc.html) keyword.
+This avoids reuse of the row IDs and can avoid dangerous bugs
+like forwarding wrong message because the message was deleted
+and another message took its row ID.
+
+Declare all new columns as `NOT NULL`
+and set the `DEFAULT` value if it is optional so the column can be skipped in `INSERT` statements.
+Dealing with `NULL` values both in SQL and in Rust is tricky and we try to avoid it.
+If column is already declared without `NOT NULL`, use `IFNULL` function to provide default value when selecting it.
+Use `HAVING COUNT(*) > 0` clause
+to [prevent aggregate functions such as `MIN` and `MAX` from returning `NULL`](https://stackoverflow.com/questions/66527856/aggregate-functions-max-etc-return-null-instead-of-no-rows).
+
+Don't delete unused columns too early, but maybe after several months/releases, unused columns are
+still used by older versions, so deleting them breaks downgrading the core or importing a backup in
+an older version. Also don't change the column type, consider adding a new column with another name
+instead. Finally, never change column semantics, this is especially dangerous because the `STRICT`
+keyword doesn't help here.
+
+## Errors
+
+Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.
+When using [`Context`](https://docs.rs/anyhow/latest/anyhow/trait.Context.html),
+capitalize it but do not add a full stop as the contexts will be separated by `:`.
+For example:
+```
+.with_context(|| format!("Unable to trash message {msg_id}"))
+```
+
+All errors should be handled in one of these ways:
+- With `if let Err() =` (incl. logging them into `warn!()`/`err!()`).
+- With `.log_err().ok()`.
+- Bubbled up with `?`.
+
+`backtrace` feature is enabled for `anyhow` crate
+and `debug = 1` option is set in the test profile.
+This allows to run `RUST_BACKTRACE=1 cargo test`
+and get a backtrace with line numbers in resultified tests
+which return `anyhow::Result`.
+
+## Logging
+
+For logging, use `info!`, `warn!` and `error!` macros.
+Log messages should be capitalized and have a full stop in the end. For example:
+```
+info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
+```
+
+Format anyhow errors with `{:#}` to print all the contexts like this:
+```
+error!(context, "Failed to set selfavatar timestamp: {err:#}.");
+```

benches/receive_emails.rs

@@ -12,18 +12,18 @@ use deltachat::{
 };
 use tempfile::tempdir;
 
-async fn recv_all_emails(context: Context) -> Context {
+async fn recv_all_emails(context: Context, iteration: u32) -> Context {
     for i in 0..100 {
         let imf_raw = format!(
             "Subject: Benchmark
-Message-ID: Mr.OssSYnOFkhR.{i}@testrun.org
+Message-ID: Mr.{iteration}.{i}@testrun.org
 Date: Sat, 07 Dec 2019 19:00:27 +0000
 To: alice@example.com
 From: sender@testrun.org
 Chat-Version: 1.0
 Chat-Disposition-Notification-To: sender@testrun.org
 Chat-User-Avatar: 0
-In-Reply-To: Mr.OssSYnOFkhR.{i_dec}@testrun.org
+In-Reply-To: Mr.{iteration}.{i_dec}@testrun.org
 MIME-Version: 1.0
 
 Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
@@ -41,11 +41,11 @@ Hello {i}",
 
 /// Receive 100 emails that remove charlie@example.com and add
 /// him back
-async fn recv_groupmembership_emails(context: Context) -> Context {
+async fn recv_groupmembership_emails(context: Context, iteration: u32) -> Context {
     for i in 0..50 {
         let imf_raw = format!(
             "Subject: Benchmark
-Message-ID: Gr.OssSYnOFkhR.{i}@testrun.org
+Message-ID: Gr.{iteration}.ADD.{i}@testrun.org
 Date: Sat, 07 Dec 2019 19:00:27 +0000
 To: alice@example.com, b@example.com, c@example.com, d@example.com, e@example.com, f@example.com
 From: sender@testrun.org
@@ -53,13 +53,12 @@ Chat-Version: 1.0
 Chat-Disposition-Notification-To: sender@testrun.org
 Chat-User-Avatar: 0
 Chat-Group-Member-Added: charlie@example.com
-In-Reply-To: Gr.OssSYnOFkhR.{i_dec}@testrun.org
+In-Reply-To: Gr.{iteration}.REMOVE.{i_dec}@testrun.org
 MIME-Version: 1.0
 
 Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
 
 Hello {i}",
-            i = i,
             i_dec = i - 1,
         );
         receive_imf(&context, black_box(imf_raw.as_bytes()), false)
@@ -68,7 +67,7 @@ Hello {i}",
 
         let imf_raw = format!(
             "Subject: Benchmark
-Message-ID: Gr.OssSYnOFkhR.{i}@testrun.org
+Message-ID: Gr.{iteration}.REMOVE.{i}@testrun.org
 Date: Sat, 07 Dec 2019 19:00:27 +0000
 To: alice@example.com, b@example.com, c@example.com, d@example.com, e@example.com, f@example.com
 From: sender@testrun.org
@@ -76,14 +75,12 @@ Chat-Version: 1.0
 Chat-Disposition-Notification-To: sender@testrun.org
 Chat-User-Avatar: 0
 Chat-Group-Member-Removed: charlie@example.com
-In-Reply-To: Gr.OssSYnOFkhR.{i_dec}@testrun.org
+In-Reply-To: Gr.{iteration}.ADD.{i}@testrun.org
 MIME-Version: 1.0
 
 Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
 
-Hello {i}",
-            i = i,
-            i_dec = i - 1,
+Hello {i}"
         );
         receive_imf(&context, black_box(imf_raw.as_bytes()), false)
             .await
@@ -129,11 +126,13 @@ fn criterion_benchmark(c: &mut Criterion) {
     group.bench_function("Receive 100 simple text msgs", |b| {
         let rt = tokio::runtime::Runtime::new().unwrap();
         let context = rt.block_on(create_context());
+        let mut i = 0;
 
         b.to_async(&rt).iter(|| {
             let ctx = context.clone();
+            i += 1;
             async move {
-                recv_all_emails(black_box(ctx)).await;
+                recv_all_emails(black_box(ctx), i).await;
             }
         });
     });
@@ -142,11 +141,13 @@ fn criterion_benchmark(c: &mut Criterion) {
         |b| {
             let rt = tokio::runtime::Runtime::new().unwrap();
             let context = rt.block_on(create_context());
+            let mut i = 0;
 
             b.to_async(&rt).iter(|| {
                 let ctx = context.clone();
+                i += 1;
                 async move {
-                    recv_groupmembership_emails(black_box(ctx)).await;
+                    recv_groupmembership_emails(black_box(ctx), i).await;
                 }
             });
         },

deltachat-contact-tools/src/lib.rs

@@ -15,7 +15,8 @@
     clippy::explicit_into_iter_loop,
     clippy::cloned_instead_of_copied
 )]
-#![cfg_attr(not(test), warn(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::string_slice))]
 #![allow(
     clippy::match_bool,
     clippy::mixed_read_write_in_expression,

deltachat-ffi/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "1.148.6"
+version = "1.151.6"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"

deltachat-ffi/deltachat.h

@@ -418,7 +418,7 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  * - `e2ee_enabled` = 0=no end-to-end-encryption, 1=prefer end-to-end-encryption (default)
  * - `mdns_enabled` = 0=do not send or request read receipts,
  *                    1=send and request read receipts
- *                    default=send and request read receipts, only send but not reuqest if `bot` is set
+ *                    default=send and request read receipts, only send but not request if `bot` is set
  * - `bcc_self`     = 0=do not send a copy of outgoing messages to self,
  *                    1=send a copy of outgoing messages to self (default).
  *                    Sending messages to self is needed for a proper multi-account setup,
@@ -506,6 +506,11 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  *                    to not mess up with non-delivery-reports or read-receipts.
  *                    0=no limit (default).
  *                    Changes affect future messages only.
+ * - `protect_autocrypt` = Enable Header Protection for Autocrypt header.
+ *                    This is an experimental option not compatible to other MUAs
+ *                    and older Delta Chat versions.
+ *                    1 = enable.
+ *                    0 = disable (default).
  * - `gossip_period` = How often to gossip Autocrypt keys in chats with multiple recipients, in
  *                    seconds. 2 days by default.
  *                    This is not supposed to be changed by UIs and only used for testing.
@@ -717,12 +722,6 @@ char*           dc_get_connectivity_html     (dc_context_t* context);
 int              dc_get_push_state           (dc_context_t* context);
 
 
-/**
- * Only used by the python tests.
- */
-int             dc_all_work_done             (dc_context_t* context);
-
-
 // connect
 
 /**
@@ -980,7 +979,7 @@ uint32_t        dc_get_chat_id_by_contact_id (dc_context_t* context, uint32_t co
  * If the increation-method is not used - which is probably the normal case -
  * dc_send_msg() copies the file to the blob directory if it is not yet there.
  * To distinguish the two cases, msg->state must be set properly. The easiest
- * way to ensure this is to re-use the same object for both calls.
+ * way to ensure this is to reuse the same object for both calls.
  *
  * Example:
  * ~~~
@@ -1149,9 +1148,14 @@ uint32_t dc_send_videochat_invitation (dc_context_t* context, uint32_t chat_id);
  * @memberof dc_context_t
  * @param context The context object.
  * @param msg_id The ID of the message with the webxdc instance.
- * @param json program-readable data, the actual payload
- * @param descr The user-visible description of JSON data,
- *     in case of a chess game, e.g. the move.
+ * @param json program-readable data, this is created in JS land as:
+ *     - `payload`: any JS object or primitive.
+ *     - `info`: optional informational message. Will be shown in chat and may be added as system notification.
+ *       note that also users that are not notified explicitly get the `info` or `summary` update shown in the chat.
+ *     - `document`: optional document name. shown eg. in title bar.
+ *     - `summary`: optional summary. shown beside app icon.
+ *     - `notify`: optional array of other users `selfAddr` to be notified e.g. by a sound about `info` or `summary`.
+ * @param descr Deprecated, set to NULL
  * @return 1=success, 0=error
  */
 int dc_send_webxdc_status_update (dc_context_t* context, uint32_t msg_id, const char* json, const char* descr);
@@ -2536,6 +2540,8 @@ void            dc_stop_ongoing_process      (dc_context_t* context);
  * - DC_QR_PROXY with dc_lot_t::text1=address:
  *   ask the user if they want to use the given proxy.
  *   if so, call dc_set_config_from_qr() and restart I/O.
+ *   On success, dc_get_config(context, "proxy_url")
+ *   will contain the new proxy in normalized form as the first element.
  *
  * - DC_QR_ADDR with dc_lot_t::id=Contact ID:
  *   e-mail address scanned, optionally, a draft message could be set in
@@ -2585,13 +2591,15 @@ dc_lot_t*       dc_check_qr                  (dc_context_t* context, const char*
 
 /**
  * Get QR code text that will offer an Setup-Contact or Verified-Group invitation.
- * The QR code is compatible to the OPENPGP4FPR format
- * so that a basic fingerprint comparison also works e.g. with OpenKeychain.
  *
  * The scanning device will pass the scanned content to dc_check_qr() then;
  * if dc_check_qr() returns DC_QR_ASK_VERIFYCONTACT or DC_QR_ASK_VERIFYGROUP
  * an out-of-band-verification can be joined using dc_join_securejoin()
  *
+ * The returned text will also work as a normal https:-link,
+ * so that the QR code is useful also without Delta Chat being installed
+ * or can be passed to contacts through other channels.
+ *
  * @memberof dc_context_t
  * @param context The context object.
  * @param chat_id If set to a group-chat-id,
@@ -4187,9 +4195,13 @@ char*             dc_msg_get_webxdc_blob      (const dc_msg_t* msg, const char*
  *   defaults to an empty string.
  *   Implementations may offer an menu or a button to open this URL.
  * - internet_access:
- *   true if the Webxdc should get full internet access, including Webrtc.
- *   currently, this is only true for encrypted Webxdc's in the self chat
- *   that have requested internet access in the manifest.
+ *   true if the Webxdc should get internet access;
+ *   this is the case i.e. for experimental maps integration.
+ * - self_addr: address to be used for `window.webxdc.selfAddr` in JS land.
+ * - send_update_interval: Milliseconds to wait before calling `sendUpdate()` again since the last call.
+ *   Should be exposed to `webxdc.sendUpdateInterval` in JS land.
+ * - send_update_max_size: Maximum number of bytes accepted for a serialized update object.
+ *   Should be exposed to `webxdc.sendUpdateMaxSize` in JS land.
  *
  * @memberof dc_msg_t
  * @param msg The webxdc instance.
@@ -4475,6 +4487,7 @@ int             dc_msg_is_info                (const dc_msg_t* msg);
  * - DC_INFO_INVALID_UNENCRYPTED_MAIL (13) - Info-message for "Provider requires end-to-end encryption which is not setup yet",
  *   the UI should change the corresponding string using #DC_STR_INVALID_UNENCRYPTED_MAIL
  *   and also offer a way to fix the encryption, eg. by a button offering a QR scan
+ * - DC_INFO_WEBXDC_INFO_MESSAGE (32) - Info-message created by webxdc app sending `update.info`
  *
  * Even when you display an icon,
  * you should still display the text of the informational message using dc_msg_get_text()
@@ -4504,6 +4517,24 @@ int             dc_msg_get_info_type          (const dc_msg_t* msg);
 #define         DC_INFO_INVALID_UNENCRYPTED_MAIL  13
 #define         DC_INFO_WEBXDC_INFO_MESSAGE       32
 
+
+/**
+ * Get link attached to an webxdc info message.
+ * The info message needs to be of type DC_INFO_WEBXDC_INFO_MESSAGE.
+ *
+ * Typically, this is used to set `document.location.href` in JS land.
+ *
+ * Webxdc apps can define the link by setting `update.href` when sending and update,
+ * see dc_send_webxdc_status_update().
+ *
+ * @memberof dc_msg_t
+ * @param msg The info message object.
+ *     Not: the webxdc instance.
+ * @return The link to be set to `document.location.href` in JS land.
+ *     Returns NULL if there is no link attached to the info message and on errors.
+ */
+char*           dc_msg_get_webxdc_href        (const dc_msg_t* msg);
+
 /**
  * Check if a message is still in creation. A message is in creation between
  * the calls to dc_prepare_msg() and dc_send_msg().
@@ -4669,7 +4700,7 @@ int dc_msg_has_html (dc_msg_t* msg);
   *                                     If the download fails or succeeds,
   *                                     the event @ref DC_EVENT_MSGS_CHANGED is emitted.
   *
-  * - @ref DC_DOWNLOAD_UNDECIPHERABLE - The message does not need any futher download action.
+  * - @ref DC_DOWNLOAD_UNDECIPHERABLE - The message does not need any further download action.
   *                                     It was fully downloaded, but we failed to decrypt it.
   * - @ref DC_DOWNLOAD_FAILURE        - Download error, the user may start over calling dc_download_full_msg() again.
   *
@@ -5704,8 +5735,14 @@ int64_t         dc_lot_get_timestamp     (const dc_lot_t* lot);
 #define DC_CERTCK_STRICT 1
 
 /**
- * Accept invalid certificates, including self-signed ones
- * or having incorrect hostname.
+ * Accept certificates that are expired, self-signed
+ * or not valid for the server hostname.
+ */
+#define DC_CERTCK_ACCEPT_INVALID 2
+
+/**
+ * For API compatibility only: Treat this as DC_CERTCK_ACCEPT_INVALID on reading.
+ * Must not be written.
  */
 #define DC_CERTCK_ACCEPT_INVALID_CERTIFICATES 3
 
@@ -5745,6 +5782,23 @@ void dc_jsonrpc_unref(dc_jsonrpc_instance_t* jsonrpc_instance);
  * returns immediately and once the result is ready it can be retrieved via dc_jsonrpc_next_response()
  * the jsonrpc specification defines an invocation id that can then be used to match request and response.
  *
+ * An overview of JSON-RPC calls is available at
+ * <https://js.jsonrpc.delta.chat/classes/RawClient.html>.
+ * Note that the page describes only the rough methods.
+ * Calling convention, casing etc. does vary, this is a known flaw,
+ * and at some point we will get to improve that :)
+ *
+ * Also, note that most calls are more high-level than this CFFI, require more database calls and are slower.
+ * They're more suitable for an environment that is totally async and/or cannot use CFFI, which might not be true for native apps.
+ *
+ * Notable exceptions that exist only as JSON-RPC and probably never get a CFFI counterpart:
+ * - getMessageReactions(), sendReaction()
+ * - getHttpResponse()
+ * - draftSelfReport()
+ * - getAccountFileSize()
+ * - importVcard(), parseVcard(), makeVcard()
+ * - sendWebxdcRealtimeData, sendWebxdcRealtimeAdvertisement(), leaveWebxdcRealtime()
+ *
  * @memberof dc_jsonrpc_instance_t
  * @param jsonrpc_instance jsonrpc instance as returned from dc_jsonrpc_init().
  * @param request JSON-RPC request as string
@@ -5765,6 +5819,8 @@ char* dc_jsonrpc_next_response(dc_jsonrpc_instance_t* jsonrpc_instance);
 /**
  * Make a JSON-RPC call and return a response.
  *
+ * See dc_jsonrpc_request() for an overview of possible calls and for more information.
+ *
  * @memberof dc_jsonrpc_instance_t
  * @param jsonrpc_instance jsonrpc instance as returned from dc_jsonrpc_init().
  * @param input JSON-RPC request.
@@ -5860,15 +5916,26 @@ int dc_event_get_data2_int(dc_event_t* event);
 
 /**
  * Get data associated with an event object.
- * The meaning of the data depends on the event ID
- * returned as @ref DC_EVENT constants by dc_event_get_id().
- * See also dc_event_get_data1_int() and dc_event_get_data2_int().
+ * The meaning of the data depends on the event ID returned as @ref DC_EVENT constants.
  *
  * @memberof dc_event_t
  * @param event Event object as returned from dc_get_next_event().
- * @return "data2" as a string or NULL.
- *     the meaning depends on the event type associated with this event.
- *     Once you're done with the string, you have to unref it using dc_unref_str().
+ * @return "data1" string or NULL.
+ *     The meaning depends on the event type associated with this event.
+ *     Must be freed using dc_str_unref().
+ */
+char* dc_event_get_data1_str(dc_event_t* event);
+
+
+/**
+ * Get data associated with an event object.
+ * The meaning of the data depends on the event ID returned as @ref DC_EVENT constants.
+ *
+ * @memberof dc_event_t
+ * @param event Event object as returned from dc_get_next_event().
+ * @return "data2" string or NULL.
+ *     The meaning depends on the event type associated with this event.
+ *     Must be freed using dc_str_unref().
  */
 char* dc_event_get_data2_str(dc_event_t* event);
 
@@ -6066,12 +6133,35 @@ void dc_event_unref(dc_event_t* event);
 #define DC_EVENT_INCOMING_REACTION        2002
 
 
+
+/**
+ * A webxdc wants an info message or a changed summary to be notified.
+ *
+ * @param data1 (int) contact_id ID _and_ (char*) href.
+ *      - dc_event_get_data1_int() returns contact_id of the sending contact.
+ *      - dc_event_get_data1_str() returns the href as set to `update.href`.
+ * @param data2 (int) msg_id _and_ (char*) text_to_notify.
+ *      - dc_event_get_data2_int() returns the msg_id,
+ *        referring to the webxdc-info-message, if there is any.
+ *        Sometimes no webxdc-info-message is added to the chat
+ *        and yet a notification is sent; in this case the msg_id
+ *        of the webxdc instance is returned.
+ *      - dc_event_get_data2_str() returns text_to_notify,
+ *        the text that shall be shown in the notification.
+ *        string must be passed to dc_str_unref() afterwards.
+ */
+#define DC_EVENT_INCOMING_WEBXDC_NOTIFY   2003
+
+
 /**
  * There is a fresh message. Typically, the user will show an notification
  * when receiving this message.
  *
  * There is no extra #DC_EVENT_MSGS_CHANGED event send together with this event.
  *
+ * If the message is a webxdc info message,
+ * dc_msg_get_parent() returns the webxdc instance the notification belongs to.
+ *
  * @param data1 (int) chat_id
  * @param data2 (int) msg_id
  */
@@ -6355,6 +6445,25 @@ void dc_event_unref(dc_event_t* event);
 
 #define DC_EVENT_CHATLIST_ITEM_CHANGED         2301
 
+/**
+ * Inform that the list of accounts has changed (an account removed or added or (not yet implemented) the account order changes)
+ *
+ * This event is only emitted by the account manager.
+ */
+
+#define DC_EVENT_ACCOUNTS_CHANGED              2302
+
+/**
+ * Inform that an account property that might be shown in the account list changed, namely:
+ * - is_configured (see dc_is_configured())
+ * - displayname
+ * - selfavatar
+ * - private_tag
+ * 
+ * This event is emitted from the account whose property changed.
+ */
+
+#define DC_EVENT_ACCOUNTS_ITEM_CHANGED         2303
 
 /**
  * Inform that some events have been skipped due to event channel overflow.
@@ -6802,7 +6911,7 @@ void dc_event_unref(dc_event_t* event);
 
 /// "Failed to send message to %1$s."
 ///
-/// Used in status messages.
+/// Unused. Was used in group chat status messages.
 /// - %1$s will be replaced by the name of the contact the message cannot be sent to
 #define DC_STR_FAILED_SENDING_TO          74
 

deltachat-ffi/src/lib.rs

@@ -413,16 +413,6 @@ pub unsafe extern "C" fn dc_get_push_state(context: *const dc_context_t) -> libc
     block_on(ctx.push_state()) as libc::c_int
 }
 
-#[no_mangle]
-pub unsafe extern "C" fn dc_all_work_done(context: *mut dc_context_t) -> libc::c_int {
-    if context.is_null() {
-        eprintln!("ignoring careless call to dc_all_work_done()");
-        return 0;
-    }
-    let ctx = &*context;
-    block_on(async move { ctx.all_work_done().await as libc::c_int })
-}
-
 #[no_mangle]
 pub unsafe extern "C" fn dc_get_oauth2_url(
     context: *mut dc_context_t,
@@ -542,6 +532,7 @@ pub unsafe extern "C" fn dc_event_get_id(event: *mut dc_event_t) -> libc::c_int
         EventType::MsgsChanged { .. } => 2000,
         EventType::ReactionsChanged { .. } => 2001,
         EventType::IncomingReaction { .. } => 2002,
+        EventType::IncomingWebxdcNotify { .. } => 2003,
         EventType::IncomingMsg { .. } => 2005,
         EventType::IncomingMsgBunch { .. } => 2006,
         EventType::MsgsNoticed { .. } => 2008,
@@ -568,6 +559,8 @@ pub unsafe extern "C" fn dc_event_get_id(event: *mut dc_event_t) -> libc::c_int
         EventType::AccountsBackgroundFetchDone => 2200,
         EventType::ChatlistChanged => 2300,
         EventType::ChatlistItemChanged { .. } => 2301,
+        EventType::AccountsChanged => 2302,
+        EventType::AccountsItemChanged => 2303,
         EventType::EventChannelOverflow { .. } => 2400,
         #[allow(unreachable_patterns)]
         #[cfg(test)]
@@ -600,9 +593,12 @@ pub unsafe extern "C" fn dc_event_get_data1_int(event: *mut dc_event_t) -> libc:
         | EventType::ConfigSynced { .. }
         | EventType::IncomingMsgBunch { .. }
         | EventType::ErrorSelfNotInGroup(_)
-        | EventType::AccountsBackgroundFetchDone => 0,
-        EventType::ChatlistChanged => 0,
-        EventType::IncomingReaction { contact_id, .. } => contact_id.to_u32() as libc::c_int,
+        | EventType::AccountsBackgroundFetchDone
+        | EventType::ChatlistChanged
+        | EventType::AccountsChanged
+        | EventType::AccountsItemChanged => 0,
+        EventType::IncomingReaction { contact_id, .. }
+        | EventType::IncomingWebxdcNotify { contact_id, .. } => contact_id.to_u32() as libc::c_int,
         EventType::MsgsChanged { chat_id, .. }
         | EventType::ReactionsChanged { chat_id, .. }
         | EventType::IncomingMsg { chat_id, .. }
@@ -674,6 +670,8 @@ pub unsafe extern "C" fn dc_event_get_data2_int(event: *mut dc_event_t) -> libc:
         | EventType::AccountsBackgroundFetchDone
         | EventType::ChatlistChanged
         | EventType::ChatlistItemChanged { .. }
+        | EventType::AccountsChanged
+        | EventType::AccountsItemChanged
         | EventType::ConfigSynced { .. }
         | EventType::ChatModified(_)
         | EventType::WebxdcRealtimeAdvertisementReceived { .. }
@@ -681,6 +679,7 @@ pub unsafe extern "C" fn dc_event_get_data2_int(event: *mut dc_event_t) -> libc:
         EventType::MsgsChanged { msg_id, .. }
         | EventType::ReactionsChanged { msg_id, .. }
         | EventType::IncomingReaction { msg_id, .. }
+        | EventType::IncomingWebxdcNotify { msg_id, .. }
         | EventType::IncomingMsg { msg_id, .. }
         | EventType::MsgDelivered { msg_id, .. }
         | EventType::MsgFailed { msg_id, .. }
@@ -700,6 +699,27 @@ pub unsafe extern "C" fn dc_event_get_data2_int(event: *mut dc_event_t) -> libc:
     }
 }
 
+#[no_mangle]
+pub unsafe extern "C" fn dc_event_get_data1_str(event: *mut dc_event_t) -> *mut libc::c_char {
+    if event.is_null() {
+        eprintln!("ignoring careless call to dc_event_get_data1_str()");
+        return ptr::null_mut();
+    }
+
+    let event = &(*event).typ;
+
+    match event {
+        EventType::IncomingWebxdcNotify { href, .. } => {
+            if let Some(href) = href {
+                href.to_c_string().unwrap_or_default().into_raw()
+            } else {
+                ptr::null_mut()
+            }
+        }
+        _ => ptr::null_mut(),
+    }
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_event_get_data2_str(event: *mut dc_event_t) -> *mut libc::c_char {
     if event.is_null() {
@@ -748,6 +768,8 @@ pub unsafe extern "C" fn dc_event_get_data2_str(event: *mut dc_event_t) -> *mut
         | EventType::IncomingMsgBunch { .. }
         | EventType::ChatlistItemChanged { .. }
         | EventType::ChatlistChanged
+        | EventType::AccountsChanged
+        | EventType::AccountsItemChanged
         | EventType::WebxdcRealtimeAdvertisementReceived { .. }
         | EventType::EventChannelOverflow { .. } => ptr::null_mut(),
         EventType::ConfigureProgress { comment, .. } => {
@@ -775,6 +797,9 @@ pub unsafe extern "C" fn dc_event_get_data2_str(event: *mut dc_event_t) -> *mut
             .to_c_string()
             .unwrap_or_default()
             .into_raw(),
+        EventType::IncomingWebxdcNotify { text, .. } => {
+            text.to_c_string().unwrap_or_default().into_raw()
+        }
         #[allow(unreachable_patterns)]
         #[cfg(test)]
         _ => unreachable!("This is just to silence a rust_analyzer false-positive"),
@@ -1059,7 +1084,7 @@ pub unsafe extern "C" fn dc_send_webxdc_status_update(
     context: *mut dc_context_t,
     msg_id: u32,
     json: *const libc::c_char,
-    descr: *const libc::c_char,
+    _descr: *const libc::c_char,
 ) -> libc::c_int {
     if context.is_null() {
         eprintln!("ignoring careless call to dc_send_webxdc_status_update()");
@@ -1067,14 +1092,10 @@ pub unsafe extern "C" fn dc_send_webxdc_status_update(
     }
     let ctx = &*context;
 
-    block_on(ctx.send_webxdc_status_update(
-        MsgId::new(msg_id),
-        &to_string_lossy(json),
-        &to_string_lossy(descr),
-    ))
-    .context("Failed to send webxdc update")
-    .log_err(ctx)
-    .is_ok() as libc::c_int
+    block_on(ctx.send_webxdc_status_update(MsgId::new(msg_id), &to_string_lossy(json)))
+        .context("Failed to send webxdc update")
+        .log_err(ctx)
+        .is_ok() as libc::c_int
 }
 
 #[no_mangle]
@@ -3681,6 +3702,17 @@ pub unsafe extern "C" fn dc_msg_get_info_type(msg: *mut dc_msg_t) -> libc::c_int
     ffi_msg.message.get_info_type() as libc::c_int
 }
 
+#[no_mangle]
+pub unsafe extern "C" fn dc_msg_get_webxdc_href(msg: *mut dc_msg_t) -> *mut libc::c_char {
+    if msg.is_null() {
+        eprintln!("ignoring careless call to dc_msg_get_webxdc_href()");
+        return "".strdup();
+    }
+
+    let ffi_msg = &*msg;
+    ffi_msg.message.get_webxdc_href().strdup()
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_msg_is_increation(msg: *mut dc_msg_t) -> libc::c_int {
     if msg.is_null() {

deltachat-jsonrpc/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "1.148.6"
+version = "1.151.6"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 default-run = "deltachat-jsonrpc-server"
@@ -25,7 +25,7 @@ async-channel = { workspace = true }
 futures = { workspace = true }
 serde_json = { workspace = true }
 yerpc = { workspace = true, features = ["anyhow_expose", "openrpc"] }
-typescript-type-def = { version = "0.5.12", features = ["json_value"] }
+typescript-type-def = { version = "0.5.13", features = ["json_value"] }
 tokio = { workspace = true }
 sanitize-filename = { workspace = true }
 walkdir = "2.5.0"

deltachat-jsonrpc/src/api.rs

@@ -1135,9 +1135,11 @@ impl CommandApi {
     async fn get_message(&self, account_id: u32, msg_id: u32) -> Result<MessageObject> {
         let ctx = self.get_context(account_id).await?;
         let msg_id = MsgId::new(msg_id);
-        MessageObject::from_msg_id(&ctx, msg_id)
+        let message_object = MessageObject::from_msg_id(&ctx, msg_id)
             .await
-            .with_context(|| format!("Failed to load message {msg_id} for account {account_id}"))
+            .with_context(|| format!("Failed to load message {msg_id} for account {account_id}"))?
+            .with_context(|| format!("Message {msg_id} does not exist for account {account_id}"))?;
+        Ok(message_object)
     }
 
     async fn get_message_html(&self, account_id: u32, message_id: u32) -> Result<Option<String>> {
@@ -1161,7 +1163,10 @@ impl CommandApi {
             messages.insert(
                 message_id,
                 match message_result {
-                    Ok(message) => MessageLoadResult::Message(message),
+                    Ok(Some(message)) => MessageLoadResult::Message(message),
+                    Ok(None) => MessageLoadResult::LoadingError {
+                        error: "Message does not exist".to_string(),
+                    },
                     Err(error) => MessageLoadResult::LoadingError {
                         error: format!("{error:#}"),
                     },
@@ -1419,6 +1424,15 @@ impl CommandApi {
         Ok(())
     }
 
+    /// Resets contact encryption.
+    async fn reset_contact_encryption(&self, account_id: u32, contact_id: u32) -> Result<()> {
+        let ctx = self.get_context(account_id).await?;
+        let contact_id = ContactId::new(contact_id);
+
+        contact_id.reset_encryption(&ctx).await?;
+        Ok(())
+    }
+
     async fn change_contact_name(
         &self,
         account_id: u32,
@@ -1753,10 +1767,10 @@ impl CommandApi {
         account_id: u32,
         instance_msg_id: u32,
         update_str: String,
-        description: String,
+        _descr: Option<String>,
     ) -> Result<()> {
         let ctx = self.get_context(account_id).await?;
-        ctx.send_webxdc_status_update(MsgId::new(instance_msg_id), &update_str, &description)
+        ctx.send_webxdc_status_update(MsgId::new(instance_msg_id), &update_str)
             .await
     }
 
@@ -1815,6 +1829,18 @@ impl CommandApi {
         WebxdcMessageInfo::get_for_message(&ctx, MsgId::new(instance_msg_id)).await
     }
 
+    /// Get href from a WebxdcInfoMessage which might include a hash holding
+    /// information about a specific position or state in a webxdc app (optional)
+    async fn get_webxdc_href(
+        &self,
+        account_id: u32,
+        instance_msg_id: u32,
+    ) -> Result<Option<String>> {
+        let ctx = self.get_context(account_id).await?;
+        let message = Message::load_from_db(&ctx, MsgId::new(instance_msg_id)).await?;
+        Ok(message.get_webxdc_href())
+    }
+
     /// Get blob encoded as base64 from a webxdc message
     ///
     /// path is the path of the file within webxdc archive
@@ -1990,9 +2016,7 @@ impl CommandApi {
     async fn get_draft(&self, account_id: u32, chat_id: u32) -> Result<Option<MessageObject>> {
         let ctx = self.get_context(account_id).await?;
         if let Some(draft) = ChatId::new(chat_id).get_draft(&ctx).await? {
-            Ok(Some(
-                MessageObject::from_msg_id(&ctx, draft.get_id()).await?,
-            ))
+            Ok(MessageObject::from_msg_id(&ctx, draft.get_id()).await?)
         } else {
             Ok(None)
         }
@@ -2161,7 +2185,9 @@ impl CommandApi {
                 .await?;
         }
         let msg_id = chat::send_msg(&ctx, ChatId::new(chat_id), &mut message).await?;
-        let message = MessageObject::from_msg_id(&ctx, msg_id).await?;
+        let message = MessageObject::from_msg_id(&ctx, msg_id)
+            .await?
+            .context("Just sent message does not exist")?;
         Ok((msg_id.to_u32(), message))
     }
 

deltachat-jsonrpc/src/api/types/chat_list.rs

@@ -88,11 +88,17 @@ pub(crate) async fn get_chat_list_item_by_id(
 
     let (last_updated, message_type) = match last_msgid {
         Some(id) => {
-            let last_message = deltachat::message::Message::load_from_db(ctx, id).await?;
-            (
-                Some(last_message.get_timestamp() * 1000),
-                Some(last_message.get_viewtype().into()),
-            )
+            if let Some(last_message) =
+                deltachat::message::Message::load_from_db_optional(ctx, id).await?
+            {
+                (
+                    Some(last_message.get_timestamp() * 1000),
+                    Some(last_message.get_viewtype().into()),
+                )
+            } else {
+                // Message may be deleted by the time we try to load it.
+                (None, None)
+            }
         }
         None => (None, None),
     };

deltachat-jsonrpc/src/api/types/events.rs

@@ -69,7 +69,7 @@ pub enum EventType {
     /// or for functions that are expected to fail (eg. autocryptContinueKeyTransfer())
     /// it might be better to delay showing these events until the function has really
     /// failed (returned false). It should be sufficient to report only the *last* error
-    /// in a messasge box then.
+    /// in a message box then.
     Error { msg: String },
 
     /// An action cannot be performed because the user is not in the group.
@@ -106,6 +106,15 @@ pub enum EventType {
         reaction: String,
     },
 
+    /// Incoming webxdc info or summary update, should be notified.
+    #[serde(rename_all = "camelCase")]
+    IncomingWebxdcNotify {
+        contact_id: u32,
+        msg_id: u32,
+        text: String,
+        href: Option<String>,
+    },
+
     /// There is a fresh message. Typically, the user will show an notification
     /// when receiving this message.
     ///
@@ -277,6 +286,20 @@ pub enum EventType {
     #[serde(rename_all = "camelCase")]
     ChatlistItemChanged { chat_id: Option<u32> },
 
+    /// Inform that the list of accounts has changed (an account removed or added or (not yet implemented) the account order changes)
+    ///
+    /// This event is only emitted by the account manager
+    AccountsChanged,
+
+    /// Inform that an account property that might be shown in the account list changed, namely:
+    /// - is_configured (see is_configured())
+    /// - displayname
+    /// - selfavatar
+    /// - private_tag
+    ///
+    /// This event is emitted from the account whose property changed.
+    AccountsItemChanged,
+
     /// Inform than some events have been skipped due to event channel overflow.
     EventChannelOverflow { n: u64 },
 }
@@ -319,6 +342,17 @@ impl From<CoreEventType> for EventType {
                 msg_id: msg_id.to_u32(),
                 reaction: reaction.as_str().to_string(),
             },
+            CoreEventType::IncomingWebxdcNotify {
+                contact_id,
+                msg_id,
+                text,
+                href,
+            } => IncomingWebxdcNotify {
+                contact_id: contact_id.to_u32(),
+                msg_id: msg_id.to_u32(),
+                text,
+                href,
+            },
             CoreEventType::IncomingMsg { chat_id, msg_id } => IncomingMsg {
                 chat_id: chat_id.to_u32(),
                 msg_id: msg_id.to_u32(),
@@ -409,6 +443,8 @@ impl From<CoreEventType> for EventType {
             },
             CoreEventType::ChatlistChanged => ChatlistChanged,
             CoreEventType::EventChannelOverflow { n } => EventChannelOverflow { n },
+            CoreEventType::AccountsChanged => AccountsChanged,
+            CoreEventType::AccountsItemChanged => AccountsItemChanged,
             #[allow(unreachable_patterns)]
             #[cfg(test)]
             _ => unreachable!("This is just to silence a rust_analyzer false-positive"),

deltachat-jsonrpc/src/api/types/message.rs

@@ -85,6 +85,8 @@ pub struct MessageObject {
 
     webxdc_info: Option<WebxdcMessageInfo>,
 
+    webxdc_href: Option<String>,
+
     download_state: DownloadState,
 
     reactions: Option<JSONRPCReactions>,
@@ -112,8 +114,10 @@ enum MessageQuote {
 }
 
 impl MessageObject {
-    pub async fn from_msg_id(context: &Context, msg_id: MsgId) -> Result<Self> {
-        let message = Message::load_from_db(context, msg_id).await?;
+    pub async fn from_msg_id(context: &Context, msg_id: MsgId) -> Result<Option<Self>> {
+        let Some(message) = Message::load_from_db_optional(context, msg_id).await? else {
+            return Ok(None);
+        };
 
         let sender_contact = Contact::get_by_id(context, message.get_from_id())
             .await
@@ -183,7 +187,7 @@ impl MessageObject {
             .map(Into::into)
             .collect();
 
-        Ok(MessageObject {
+        let message_object = MessageObject {
             id: msg_id.to_u32(),
             chat_id: message.get_chat_id().to_u32(),
             from_id: message.get_from_id().to_u32(),
@@ -239,12 +243,17 @@ impl MessageObject {
             file_name: message.get_filename(),
             webxdc_info,
 
+            // On a WebxdcInfoMessage this might include a hash holding
+            // information about a specific position or state in a webxdc app
+            webxdc_href: message.get_webxdc_href(),
+
             download_state,
 
             reactions,
 
             vcard_contact: vcard_contacts.first().cloned(),
-        })
+        };
+        Ok(Some(message_object))
     }
 }
 

deltachat-jsonrpc/src/api/types/qr.rs

@@ -6,87 +6,161 @@ use typescript_type_def::TypeDef;
 #[serde(rename = "Qr", rename_all = "camelCase")]
 #[serde(tag = "kind")]
 pub enum QrObject {
+    /// Ask the user whether to verify the contact.
+    ///
+    /// If the user agrees, pass this QR code to [`crate::securejoin::join_securejoin`].
     AskVerifyContact {
+        /// ID of the contact.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Ask the user whether to join the group.
     AskVerifyGroup {
+        /// Group name.
         grpname: String,
+        /// Group ID.
         grpid: String,
+        /// ID of the contact.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Contact fingerprint is verified.
+    ///
+    /// Ask the user if they want to start chatting.
     FprOk {
+        /// Contact ID.
         contact_id: u32,
     },
+    /// Scanned fingerprint does not match the last seen fingerprint.
     FprMismatch {
+        /// Contact ID.
         contact_id: Option<u32>,
     },
+    /// The scanned QR code contains a fingerprint but no e-mail address.
     FprWithoutAddr {
+        /// Key fingerprint.
         fingerprint: String,
     },
+    /// Ask the user if they want to create an account on the given domain.
     Account {
+        /// Server domain name.
         domain: String,
     },
+    /// Provides a backup that can be retrieved using iroh-net based backup transfer protocol.
     Backup2 {
+        /// Authentication token.
         auth_token: String,
-
+        /// Iroh node address.
         node_addr: String,
     },
+    /// Ask the user if they want to use the given service for video chats.
     WebrtcInstance {
         domain: String,
         instance_pattern: String,
     },
+    /// Ask the user if they want to use the given proxy.
+    ///
+    /// Note that HTTP(S) URLs without a path
+    /// and query parameters are treated as HTTP(S) proxy URL.
+    /// UI may want to still offer to open the URL
+    /// in the browser if QR code contents
+    /// starts with `http://` or `https://`
+    /// and the QR code was not scanned from
+    /// the proxy configuration screen.
     Proxy {
+        /// Proxy URL.
+        ///
+        /// This is the URL that is going to be added.
         url: String,
+        /// Host extracted from the URL to display in the UI.
         host: String,
+        /// Port extracted from the URL to display in the UI.
         port: u16,
     },
+    /// Contact address is scanned.
+    ///
+    /// Optionally, a draft message could be provided.
+    /// Ask the user if they want to start chatting.
     Addr {
+        /// Contact ID.
         contact_id: u32,
+        /// Draft message.
         draft: Option<String>,
     },
-    Url {
-        url: String,
-    },
-    Text {
-        text: String,
-    },
+    /// URL scanned.
+    ///
+    /// Ask the user if they want to open a browser or copy the URL to clipboard.
+    Url { url: String },
+    /// Text scanned.
+    ///
+    /// Ask the user if they want to copy the text to clipboard.
+    Text { text: String },
+    /// Ask the user if they want to withdraw their own QR code.
     WithdrawVerifyContact {
+        /// Contact ID.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Ask the user if they want to withdraw their own group invite QR code.
     WithdrawVerifyGroup {
+        /// Group name.
         grpname: String,
+        /// Group ID.
         grpid: String,
+        /// Contact ID.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Ask the user if they want to revive their own QR code.
     ReviveVerifyContact {
+        /// Contact ID.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Ask the user if they want to revive their own group invite QR code.
     ReviveVerifyGroup {
+        /// Contact ID.
         grpname: String,
+        /// Group ID.
         grpid: String,
+        /// Contact ID.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
-    Login {
-        address: String,
-    },
+    /// `dclogin:` scheme parameters.
+    ///
+    /// Ask the user if they want to login with the email address.
+    Login { address: String },
 }
 
 impl From<Qr> for QrObject {
@@ -141,7 +215,6 @@ impl From<Qr> for QrObject {
                 auth_token,
             } => QrObject::Backup2 {
                 node_addr: serde_json::to_string(node_addr).unwrap_or_default(),
-
                 auth_token,
             },
             Qr::WebrtcInstance {

deltachat-jsonrpc/src/api/types/webxdc.rs

@@ -35,6 +35,14 @@ pub struct WebxdcMessageInfo {
     source_code_url: Option<String>,
     /// True if full internet access should be granted to the app.
     internet_access: bool,
+    /// Address to be used for `window.webxdc.selfAddr` in JS land.
+    self_addr: String,
+    /// Milliseconds to wait before calling `sendUpdate()` again since the last call.
+    /// Should be exposed to `window.sendUpdateInterval` in JS land.
+    send_update_interval: usize,
+    /// Maximum number of bytes accepted for a serialized update object.
+    /// Should be exposed to `window.sendUpdateMaxSize` in JS land.
+    send_update_max_size: usize,
 }
 
 impl WebxdcMessageInfo {
@@ -49,7 +57,11 @@ impl WebxdcMessageInfo {
             document,
             summary,
             source_code_url,
+            request_integration: _,
             internet_access,
+            self_addr,
+            send_update_interval,
+            send_update_max_size,
         } = message.get_webxdc_info(context).await?;
 
         Ok(Self {
@@ -59,6 +71,9 @@ impl WebxdcMessageInfo {
             summary: maybe_empty_string_to_option(summary),
             source_code_url: maybe_empty_string_to_option(source_code_url),
             internet_access,
+            self_addr,
+            send_update_interval,
+            send_update_max_size,
         })
     }
 }

deltachat-jsonrpc/src/lib.rs

@@ -1,4 +1,6 @@
 #![recursion_limit = "256"]
+#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::string_slice))]
 pub mod api;
 pub use yerpc;
 

deltachat-jsonrpc/typescript/package.json

@@ -58,5 +58,5 @@
   },
   "type": "module",
   "types": "dist/deltachat.d.ts",
-  "version": "1.148.6"
+  "version": "1.151.6"
 }

deltachat-ratelimit/src/lib.rs

@@ -90,6 +90,11 @@ impl Ratelimit {
     pub fn until_can_send(&self) -> Duration {
         self.until_can_send_at(SystemTime::now())
     }
+
+    /// Returns minimum possible update interval in milliseconds.
+    pub fn update_interval(&self) -> usize {
+        (self.window.as_millis() as f64 / self.quota) as usize
+    }
 }
 
 #[cfg(test)]
@@ -102,6 +107,7 @@ mod tests {
 
         let mut ratelimit = Ratelimit::new_at(Duration::new(60, 0), 3.0, now);
         assert!(ratelimit.can_send_at(now));
+        assert_eq!(ratelimit.update_interval(), 20_000);
 
         // Send burst of 3 messages.
         ratelimit.send_at(now);

deltachat-repl/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "1.148.6"
+version = "1.151.6"
 license = "MPL-2.0"
 edition = "2021"
 repository = "https://github.com/deltachat/deltachat-core-rust"

deltachat-repl/src/cmdline.rs

@@ -969,9 +969,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                 "Arguments <msg-id> <json status update> expected"
             );
             let msg_id = MsgId::new(arg1.parse()?);
-            context
-                .send_webxdc_status_update(msg_id, arg2, "this is a webxdc status update")
-                .await?;
+            context.send_webxdc_status_update(msg_id, arg2).await?;
         }
         "videochat" => {
             ensure!(sel_chat.is_some(), "No chat selected.");

deltachat-rpc-client/README.md

@@ -25,7 +25,8 @@ $ pip install .
 ## Testing
 
 1. Build `deltachat-rpc-server` with `cargo build -p deltachat-rpc-server`.
-2. Run `CHATMAIL_DOMAIN=nine.testrun.org PATH="../target/debug:$PATH" tox`.
+2. Install tox `pip install -U tox`
+3. Run `CHATMAIL_DOMAIN=nine.testrun.org PATH="../target/debug:$PATH" tox`.
 
 Additional arguments to `tox` are passed to pytest, e.g. `tox -- -s` does not capture test output.
 

deltachat-rpc-client/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat-rpc-client"
-version = "1.148.6"
+version = "1.151.6"
 description = "Python client for Delta Chat core JSON-RPC interface"
 classifiers = [
     "Development Status :: 5 - Production/Stable",
@@ -24,9 +24,6 @@ classifiers = [
     "Topic :: Communications :: Email"
 ]
 readme = "README.md"
-dependencies = [
-    "imap-tools",
-]
 
 [tool.setuptools.package-data]
 deltachat_rpc_client = [

deltachat-rpc-client/src/deltachat_rpc_client/const.py

@@ -61,6 +61,8 @@ class EventType(str, Enum):
     WEBXDC_INSTANCE_DELETED = "WebxdcInstanceDeleted"
     CHATLIST_CHANGED = "ChatlistChanged"
     CHATLIST_ITEM_CHANGED = "ChatlistItemChanged"
+    ACCOUNTS_CHANGED = "AccountsChanged"
+    ACCOUNTS_ITEM_CHANGED = "AccountsItemChanged"
     CONFIG_SYNCED = "ConfigSynced"
     WEBXDC_REALTIME_DATA = "WebxdcRealtimeData"
     WEBXDC_REALTIME_ADVERTISEMENT_RECEIVED = "WebxdcRealtimeAdvertisementReceived"

deltachat-rpc-client/src/deltachat_rpc_client/contact.py

@@ -36,6 +36,10 @@ class Contact:
         """Delete contact."""
         self._rpc.delete_contact(self.account.id, self.id)
 
+    def reset_encryption(self) -> None:
+        """Reset contact encryption."""
+        self._rpc.reset_contact_encryption(self.account.id, self.id)
+
     def set_name(self, name: str) -> None:
         """Change the name of this contact."""
         self._rpc.change_contact_name(self.account.id, self.id, name)

deltachat-rpc-client/tests/conftest.py

@@ -1,7 +1,3 @@
-"""
-Internal Python-level IMAP handling used by the tests.
-"""
-
 from __future__ import annotations
 
 import imaplib
@@ -11,17 +7,11 @@ import ssl
 from contextlib import contextmanager
 from typing import TYPE_CHECKING
 
-from imap_tools import (
-    AND,
-    Header,
-    MailBox,
-    MailMessage,
-    MailMessageFlags,
-    errors,
-)
+import pytest
+from imap_tools import AND, Header, MailBox, MailMessage, MailMessageFlags, errors
 
 if TYPE_CHECKING:
-    from . import Account
+    from deltachat_rpc_client import Account
 
 FLAGS = b"FLAGS"
 FETCH = b"FETCH"
@@ -29,6 +19,8 @@ ALL = "1:*"
 
 
 class DirectImap:
+    """Internal Python-level IMAP handling."""
+
     def __init__(self, account: Account) -> None:
         self.account = account
         self.logid = account.get_config("displayname") or id(account)
@@ -212,3 +204,8 @@ class IdleManager:
     def done(self):
         """send idle-done to server if we are currently in idle mode."""
         return self.direct_imap.conn.idle.stop()
+
+
+@pytest.fixture
+def direct_imap():
+    return DirectImap

deltachat-rpc-client/tests/test_account_events.py

@@ -0,0 +1,29 @@
+from __future__ import annotations
+
+from typing import TYPE_CHECKING
+
+from deltachat_rpc_client import EventType
+
+if TYPE_CHECKING:
+    from deltachat_rpc_client.pytestplugin import ACFactory
+
+
+def test_event_on_configuration(acfactory: ACFactory) -> None:
+    """
+    Test if ACCOUNTS_ITEM_CHANGED event is emitted on configure
+    """
+
+    account = acfactory.new_preconfigured_account()
+    account.clear_all_events()
+    assert not account.is_configured()
+    future = account.configure.future()
+    while True:
+        event = account.wait_for_event()
+        if event.kind == EventType.ACCOUNTS_ITEM_CHANGED:
+            break
+    assert account.is_configured()
+
+    future()
+
+
+# other tests are written in rust: src/tests/account_events.rs

deltachat-rpc-client/tests/test_iroh_webxdc.py

@@ -7,8 +7,8 @@ If you want to debug iroh at rust-trace/log level set
     RUST_LOG=iroh_net=trace,iroh_gossip=trace
 """
 
+import logging
 import os
-import sys
 import threading
 import time
 
@@ -25,9 +25,7 @@ def path_to_webxdc(request):
 
 
 def log(msg):
-    print()
-    print("*" * 80 + "\n" + msg + "\n", file=sys.stderr)
-    print()
+    logging.info(msg)
 
 
 def setup_realtime_webxdc(ac1, ac2, path_to_webxdc):

deltachat-rpc-client/tests/test_something.py

@@ -12,7 +12,6 @@ import pytest
 
 from deltachat_rpc_client import Contact, EventType, Message, events
 from deltachat_rpc_client.const import DownloadState, MessageState
-from deltachat_rpc_client.direct_imap import DirectImap
 from deltachat_rpc_client.rpc import JsonRpcError
 
 
@@ -57,8 +56,8 @@ def test_acfactory(acfactory) -> None:
             if event.progress == 1000:  # Success
                 break
         else:
-            print(event)
-    print("Successful configuration")
+            logging.info(event)
+    logging.info("Successful configuration")
 
 
 def test_configure_starttls(acfactory) -> None:
@@ -246,6 +245,7 @@ def test_contact(acfactory) -> None:
     assert repr(alice_contact_bob)
     alice_contact_bob.block()
     alice_contact_bob.unblock()
+    alice_contact_bob.reset_encryption()
     alice_contact_bob.set_name("new name")
     alice_contact_bob.get_encryption_info()
     snapshot = alice_contact_bob.get_snapshot()
@@ -535,7 +535,7 @@ def test_reaction_to_partially_fetched_msg(acfactory, tmp_path):
     assert list(reactions.reactions_by_contact.values())[0] == [react_str]
 
 
-def test_reactions_for_a_reordering_move(acfactory):
+def test_reactions_for_a_reordering_move(acfactory, direct_imap):
     """When a batch of messages is moved from Inbox to DeltaChat folder with a single MOVE command,
     their UIDs may be reordered (e.g. Gmail is known for that) which led to that messages were
     processed by receive_imf in the wrong order, and, particularly, reactions were processed before
@@ -559,7 +559,7 @@ def test_reactions_for_a_reordering_move(acfactory):
     msg1.send_reaction(react_str).wait_until_delivered()
 
     logging.info("moving messages to ac2's DeltaChat folder in the reverse order")
-    ac2_direct_imap = DirectImap(ac2)
+    ac2_direct_imap = direct_imap(ac2)
     ac2_direct_imap.connect()
     for uid in sorted([m.uid for m in ac2_direct_imap.get_all_messages()], reverse=True):
         ac2_direct_imap.conn.move(uid, "DeltaChat")

deltachat-rpc-client/tests/test_webxdc.py

@@ -24,6 +24,9 @@ def test_webxdc(acfactory) -> None:
         "name": "Chess Board",
         "sourceCodeUrl": None,
         "summary": None,
+        "selfAddr": webxdc_info["selfAddr"],
+        "sendUpdateInterval": 1000,
+        "sendUpdateMaxSize": 18874368,
     }
 
     status_updates = message.get_webxdc_status_updates()

deltachat-rpc-client/tox.ini

@@ -16,6 +16,7 @@ deps =
     pytest
     pytest-timeout
     pytest-xdist
+    imap-tools
 
 [testenv:lint]
 skipsdist = True

deltachat-rpc-server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "1.148.6"
+version = "1.151.6"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"

deltachat-rpc-server/npm-package/README.md

@@ -65,13 +65,13 @@ so by default it uses the prebuilds.
   - this will run `update_optional_dependencies_and_version.js` (in the `prepack` script),
     which puts all platform packages into `optionalDependencies` and updates the `version` in `package.json`
 
-## How to build a version you can use localy on your host machine for development
+## How to build a version you can use locally on your host machine for development
 
-You can not install the npm packet from the previous section locally, unless you have a local npm registry set up where you upload it too. This is why we have seperate scripts for making it work for local installation.
+You can not install the npm packet from the previous section locally, unless you have a local npm registry set up where you upload it too. This is why we have separate scripts for making it work for local installation.
 
 - If you just need your host platform run `python scripts/make_local_dev_version.py`
 - note: this clears the `platform_package` folder
-- (advanced) If you need more than one platform for local install you can just run `node scripts/update_optional_dependencies_and_version.js` after building multiple plaftorms with `build_platform_package.py`
+- (advanced) If you need more than one platform for local install you can just run `node scripts/update_optional_dependencies_and_version.js` after building multiple platforms with `build_platform_package.py`
 
 ## Thanks to nlnet
 

deltachat-rpc-server/npm-package/package.json

@@ -15,5 +15,5 @@
   },
   "type": "module",
   "types": "index.d.ts",
-  "version": "1.148.6"
+  "version": "1.151.6"
 }

deltachat-rpc-server/npm-package/scripts/update_optional_dependencies_and_version.js

@@ -6,7 +6,7 @@ const expected_cwd = join(dirname(fileURLToPath(import.meta.url)), "..");
 
 if (process.cwd() !== expected_cwd) {
   console.error(
-    "CWD missmatch: this script needs to be run from " + expected_cwd,
+    "CWD mismatch: this script needs to be run from " + expected_cwd,
     { actual: process.cwd(), expected: expected_cwd }
   );
   process.exit(1);
@@ -40,7 +40,7 @@ const platform_package_names = await Promise.all(
         "has a different version than the version of the rpc server.",
         { rpc_server: version, platform_package: p.version }
       );
-      throw new Error("version missmatch");
+      throw new Error("version mismatch");
     }
     return { folder_name: name, package_name: p.name };
   })

deltachat-rpc-server/src/main.rs

@@ -66,7 +66,7 @@ async fn main_impl() -> Result<()> {
 
     // Logs from `log` crate and traces from `tracing` crate
     // are configurable with `RUST_LOG` environment variable
-    // and go to stderr to avoid interferring with JSON-RPC using stdout.
+    // and go to stderr to avoid interfering with JSON-RPC using stdout.
     tracing_subscriber::fmt()
         .with_env_filter(EnvFilter::from_default_env())
         .with_writer(std::io::stderr)

deny.toml

@@ -11,6 +11,16 @@ ignore = [
 
     # Unmaintained encoding
     "RUSTSEC-2021-0153",
+
+    # Unmaintained proc-macro-error
+    # <https://rustsec.org/advisories/RUSTSEC-2024-0370>
+    "RUSTSEC-2024-0370",
+
+    # Unmaintained instant
+    "RUSTSEC-2024-0384",
+
+    # idna 0.5.0
+    "RUSTSEC-2024-0421",
 ]
 
 [bans]
@@ -26,12 +36,11 @@ skip = [
      { name = "event-listener", version = "2.5.3" },
      { name = "event-listener", version = "4.0.3" },
      { name = "fastrand", version = "1.9.0" },
+     { name = "fiat-crypto", version = "0.1.20" },
      { name = "futures-lite", version = "1.13.0" },
      { name = "getrandom", version = "<0.2" },
-     { name = "h2", version = "0.3.26" },
-     { name = "http-body", version = "0.4.6" },
      { name = "http", version = "0.2.12" },
-     { name = "hyper", version = "0.14.28" },
+     { name = "idna", version = "0.5.0" },
      { name = "nix", version = "0.26.4" },
      { name = "quick-error", version = "<2.0" },
      { name = "rand_chacha", version = "<0.3" },
@@ -71,6 +80,7 @@ allow = [
     "MIT",
     "MPL-2.0",
     "OpenSSL",
+    "Unicode-3.0",
     "Unicode-DFS-2016",
     "Zlib",
 ]

flake.lock

@@ -3,15 +3,15 @@
     "android": {
       "inputs": {
         "devshell": "devshell",
-        "flake-utils": "flake-utils_2",
+        "flake-utils": "flake-utils",
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "lastModified": 1712088936,
-        "narHash": "sha256-mVjeSWQiR/t4UZ9fUawY9OEPAhY1R3meYG+0oh8DUBs=",
+        "lastModified": 1731356359,
+        "narHash": "sha256-vYqJnu6jotmWpPT4DgzHVdvNIZcKZCIUqS8QaptsZA0=",
         "owner": "tadfisher",
         "repo": "android-nixpkgs",
-        "rev": "2d8181caef279f19c4a33dc694723f89ffc195d4",
+        "rev": "c028ead7e88edb2e94cd7c90ee37593f63ae494a",
         "type": "github"
       },
       "original": {
@@ -22,18 +22,17 @@
     },
     "devshell": {
       "inputs": {
-        "flake-utils": "flake-utils",
         "nixpkgs": [
           "android",
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1711099426,
-        "narHash": "sha256-HzpgM/wc3aqpnHJJ2oDqPBkNsqWbW0WfWUO8lKu8nGk=",
+        "lastModified": 1728330715,
+        "narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
         "owner": "numtide",
         "repo": "devshell",
-        "rev": "2d45b54ca4a183f2fdcf4b19c895b64fbf620ee8",
+        "rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
         "type": "github"
       },
       "original": {
@@ -48,11 +47,11 @@
         "rust-analyzer-src": "rust-analyzer-src"
       },
       "locked": {
-        "lastModified": 1714112748,
-        "narHash": "sha256-jq6Cpf/pQH85p+uTwPPrGG8Ky/zUOTwMJ7mcqc5M4So=",
+        "lastModified": 1731393059,
+        "narHash": "sha256-rmzi0GHEwpzg1LGfGPO4SRD7D6QGV3UYGQxkJvn+J5U=",
         "owner": "nix-community",
         "repo": "fenix",
-        "rev": "3ae4b908a795b6a3824d401a0702e11a7157d7e1",
+        "rev": "fda8d5b59bb0dc0021ad3ba1d722f9ef6d36e4d9",
         "type": "github"
       },
       "original": {
@@ -66,11 +65,11 @@
         "systems": "systems"
       },
       "locked": {
-        "lastModified": 1701680307,
-        "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
+        "lastModified": 1726560853,
+        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
+        "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
         "type": "github"
       },
       "original": {
@@ -84,29 +83,11 @@
         "systems": "systems_2"
       },
       "locked": {
-        "lastModified": 1710146030,
-        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+        "lastModified": 1726560853,
+        "narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_3": {
-      "inputs": {
-        "systems": "systems_3"
-      },
-      "locked": {
-        "lastModified": 1710146030,
-        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+        "rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
         "type": "github"
       },
       "original": {
@@ -120,11 +101,11 @@
         "nixpkgs": "nixpkgs_3"
       },
       "locked": {
-        "lastModified": 1713520724,
-        "narHash": "sha256-CO8MmVDmqZX2FovL75pu5BvwhW+Vugc7Q6ze7Hj8heI=",
+        "lastModified": 1721727458,
+        "narHash": "sha256-r/xppY958gmZ4oTfLiHN0ZGuQ+RSTijDblVgVLFi1mw=",
         "owner": "nix-community",
         "repo": "naersk",
-        "rev": "c5037590290c6c7dae2e42e7da1e247e54ed2d49",
+        "rev": "3fb418eaf352498f6b6c30592e3beb63df42ef11",
         "type": "github"
       },
       "original": {
@@ -135,11 +116,11 @@
     },
     "nix-filter": {
       "locked": {
-        "lastModified": 1710156097,
-        "narHash": "sha256-1Wvk8UP7PXdf8bCCaEoMnOT1qe5/Duqgj+rL8sRQsSM=",
+        "lastModified": 1730207686,
+        "narHash": "sha256-SCHiL+1f7q9TAnxpasriP6fMarWE5H43t25F5/9e28I=",
         "owner": "numtide",
         "repo": "nix-filter",
-        "rev": "3342559a24e85fc164b295c3444e8a139924675b",
+        "rev": "776e68c1d014c3adde193a18db9d738458cd2ba4",
         "type": "github"
       },
       "original": {
@@ -150,11 +131,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1711703276,
-        "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
+        "lastModified": 1731139594,
+        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
+        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
         "type": "github"
       },
       "original": {
@@ -166,11 +147,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1713895582,
-        "narHash": "sha256-cfh1hi+6muQMbi9acOlju3V1gl8BEaZBXBR9jQfQi4U=",
+        "lastModified": 1731139594,
+        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "572af610f6151fd41c212f897c71f7056e3fb518",
+        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
         "type": "github"
       },
       "original": {
@@ -182,10 +163,9 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1711668574,
-        "narHash": "sha256-u1dfs0ASQIEr1icTVrsKwg2xToIpn7ZXxW3RHfHxshg=",
-        "path": "/nix/store/9fpv0kjq9a80isa1wkkvrdqsh9dpcn05-source",
-        "rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659",
+        "lastModified": 0,
+        "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
+        "path": "/nix/store/zq2axpgzd5kykk1v446rkffj3bxa2m2h-source",
         "type": "path"
       },
       "original": {
@@ -195,11 +175,11 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1729413321,
-        "narHash": "sha256-I4tuhRpZFa6Fu6dcH9Dlo5LlH17peT79vx1y1SpeKt0=",
+        "lastModified": 1731139594,
+        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "1997e4aa514312c1af7e2bda7fad1644e778ff26",
+        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
         "type": "github"
       },
       "original": {
@@ -213,7 +193,7 @@
       "inputs": {
         "android": "android",
         "fenix": "fenix",
-        "flake-utils": "flake-utils_3",
+        "flake-utils": "flake-utils_2",
         "naersk": "naersk",
         "nix-filter": "nix-filter",
         "nixpkgs": "nixpkgs_4"
@@ -222,11 +202,11 @@
     "rust-analyzer-src": {
       "flake": false,
       "locked": {
-        "lastModified": 1714031783,
-        "narHash": "sha256-xS/niQsq1CQPOe4M4jvVPO2cnXS/EIeRG5gIopUbk+Q=",
+        "lastModified": 1731342671,
+        "narHash": "sha256-36eYDHoPzjavnpmEpc2MXdzMk557S0YooGms07mDuKk=",
         "owner": "rust-lang",
         "repo": "rust-analyzer",
-        "rev": "56bee2ddafa6177b19c631eedc88d43366553223",
+        "rev": "fc98e0657abf3ce07eed513e38274c89bbb2f8ad",
         "type": "github"
       },
       "original": {
@@ -265,21 +245,6 @@
         "repo": "default",
         "type": "github"
       }
-    },
-    "systems_3": {
-      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
-        "type": "github"
-      }
     }
   },
   "root": "root",

flake.nix

@@ -18,9 +18,9 @@
         manifest = (pkgs.lib.importTOML ./Cargo.toml).package;
         androidSdk = android.sdk.${system} (sdkPkgs:
           builtins.attrValues {
-            inherit (sdkPkgs) ndk-24-0-8215888 cmdline-tools-latest;
+            inherit (sdkPkgs) ndk-27-0-11902837 cmdline-tools-latest;
           });
-        androidNdkRoot = "${androidSdk}/share/android-sdk/ndk/24.0.8215888";
+        androidNdkRoot = "${androidSdk}/share/android-sdk/ndk/27.0.11902837";
 
         rustSrc = nix-filter.lib {
           root = ./.;
@@ -257,13 +257,21 @@
 
         androidAttrs = {
           armeabi-v7a = {
-            cc = "armv7a-linux-androideabi19-clang";
+            cc = "armv7a-linux-androideabi21-clang";
             rustTarget = "armv7-linux-androideabi";
           };
           arm64-v8a = {
             cc = "aarch64-linux-android21-clang";
             rustTarget = "aarch64-linux-android";
           };
+          x86 = {
+            cc = "i686-linux-android21-clang";
+            rustTarget = "i686-linux-android";
+          };
+          x86_64 = {
+            cc = "x86_64-linux-android21-clang";
+            rustTarget = "x86_64-linux-android";
+          };
         };
 
         mkAndroidRustPackage = arch: packageName:
@@ -355,6 +363,8 @@
           mkRustPackages "x86_64-linux" //
           mkRustPackages "armv7l-linux" //
           mkRustPackages "armv6l-linux" //
+          mkRustPackages "x86_64-darwin" //
+          mkRustPackages "aarch64-darwin" //
           mkAndroidPackages "armeabi-v7a" //
           mkAndroidPackages "arm64-v8a" //
           mkAndroidPackages "x86" //
@@ -471,8 +481,8 @@
                   pkgs.python3
                   pkgs.python3Packages.wheel
                 ];
-                buildPhase = ''python3 scripts/wheel-rpc-server.py source deltachat-rpc-server-${manifest.version}.tar.gz'';
-                installPhase = ''mkdir -p $out; cp -av deltachat-rpc-server-${manifest.version}.tar.gz $out'';
+                buildPhase = ''python3 scripts/wheel-rpc-server.py source deltachat_rpc_server-${manifest.version}.tar.gz'';
+                installPhase = ''mkdir -p $out; cp -av deltachat_rpc_server-${manifest.version}.tar.gz $out'';
               };
 
             deltachat-rpc-client =
@@ -525,28 +535,30 @@
               };
           };
 
-        devShells.default = let 
-          pkgs = import nixpkgs {
-            system = system;
-            overlays = [ fenix.overlays.default ];
-          };
-          in pkgs.mkShell {
+        devShells.default =
+          let
+            pkgs = import nixpkgs {
+              system = system;
+              overlays = [ fenix.overlays.default ];
+            };
+          in
+          pkgs.mkShell {
 
-          buildInputs = with pkgs; [
-            (fenix.packages.${system}.complete.withComponents [
-              "cargo"
-              "clippy"
-              "rust-src"
-              "rustc"
-              "rustfmt"
-            ])
-            cargo-deny
-            rust-analyzer-nightly
-            cargo-nextest
-            perl # needed to build vendored OpenSSL
-            git-cliff
-          ];
-        };
+            buildInputs = with pkgs; [
+              (fenix.packages.${system}.complete.withComponents [
+                "cargo"
+                "clippy"
+                "rust-src"
+                "rustc"
+                "rustfmt"
+              ])
+              cargo-deny
+              rust-analyzer-nightly
+              cargo-nextest
+              perl # needed to build vendored OpenSSL
+              git-cliff
+            ];
+          };
       }
     );
 }

format-flowed/src/lib.rs

@@ -8,6 +8,8 @@
 //! is assumed to be set to "no".
 //!
 //! For received messages, DelSp parameter is honoured.
+#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::string_slice))]
 
 /// Wraps line to 72 characters using format=flowed soft breaks.
 ///

node/constants.js

@@ -1,6 +1,7 @@
 // Generated!
 
 module.exports = {
+  DC_CERTCK_ACCEPT_INVALID: 2,
   DC_CERTCK_ACCEPT_INVALID_CERTIFICATES: 3,
   DC_CERTCK_AUTO: 0,
   DC_CERTCK_STRICT: 1,
@@ -30,6 +31,8 @@ module.exports = {
   DC_DOWNLOAD_IN_PROGRESS: 1000,
   DC_DOWNLOAD_UNDECIPHERABLE: 30,
   DC_EVENT_ACCOUNTS_BACKGROUND_FETCH_DONE: 2200,
+  DC_EVENT_ACCOUNTS_CHANGED: 2302,
+  DC_EVENT_ACCOUNTS_ITEM_CHANGED: 2303,
   DC_EVENT_CHANNEL_OVERFLOW: 2400,
   DC_EVENT_CHATLIST_CHANGED: 2300,
   DC_EVENT_CHATLIST_ITEM_CHANGED: 2301,
@@ -51,6 +54,7 @@ module.exports = {
   DC_EVENT_INCOMING_MSG: 2005,
   DC_EVENT_INCOMING_MSG_BUNCH: 2006,
   DC_EVENT_INCOMING_REACTION: 2002,
+  DC_EVENT_INCOMING_WEBXDC_NOTIFY: 2003,
   DC_EVENT_INFO: 100,
   DC_EVENT_LOCATION_CHANGED: 2035,
   DC_EVENT_MSGS_CHANGED: 2000,

node/events.js

@@ -17,6 +17,7 @@ module.exports = {
   2000: 'DC_EVENT_MSGS_CHANGED',
   2001: 'DC_EVENT_REACTIONS_CHANGED',
   2002: 'DC_EVENT_INCOMING_REACTION',
+  2003: 'DC_EVENT_INCOMING_WEBXDC_NOTIFY',
   2005: 'DC_EVENT_INCOMING_MSG',
   2006: 'DC_EVENT_INCOMING_MSG_BUNCH',
   2008: 'DC_EVENT_MSGS_NOTICED',
@@ -43,5 +44,7 @@ module.exports = {
   2200: 'DC_EVENT_ACCOUNTS_BACKGROUND_FETCH_DONE',
   2300: 'DC_EVENT_CHATLIST_CHANGED',
   2301: 'DC_EVENT_CHATLIST_ITEM_CHANGED',
+  2302: 'DC_EVENT_ACCOUNTS_CHANGED',
+  2303: 'DC_EVENT_ACCOUNTS_ITEM_CHANGED',
   2400: 'DC_EVENT_CHANNEL_OVERFLOW'
 }

node/lib/constants.ts

@@ -1,6 +1,7 @@
 // Generated!
 
 export enum C {
+  DC_CERTCK_ACCEPT_INVALID = 2,
   DC_CERTCK_ACCEPT_INVALID_CERTIFICATES = 3,
   DC_CERTCK_AUTO = 0,
   DC_CERTCK_STRICT = 1,
@@ -30,6 +31,8 @@ export enum C {
   DC_DOWNLOAD_IN_PROGRESS = 1000,
   DC_DOWNLOAD_UNDECIPHERABLE = 30,
   DC_EVENT_ACCOUNTS_BACKGROUND_FETCH_DONE = 2200,
+  DC_EVENT_ACCOUNTS_CHANGED = 2302,
+  DC_EVENT_ACCOUNTS_ITEM_CHANGED = 2303,
   DC_EVENT_CHANNEL_OVERFLOW = 2400,
   DC_EVENT_CHATLIST_CHANGED = 2300,
   DC_EVENT_CHATLIST_ITEM_CHANGED = 2301,
@@ -51,6 +54,7 @@ export enum C {
   DC_EVENT_INCOMING_MSG = 2005,
   DC_EVENT_INCOMING_MSG_BUNCH = 2006,
   DC_EVENT_INCOMING_REACTION = 2002,
+  DC_EVENT_INCOMING_WEBXDC_NOTIFY = 2003,
   DC_EVENT_INFO = 100,
   DC_EVENT_LOCATION_CHANGED = 2035,
   DC_EVENT_MSGS_CHANGED = 2000,
@@ -324,6 +328,7 @@ export const EventId2EventName: { [key: number]: string } = {
   2000: 'DC_EVENT_MSGS_CHANGED',
   2001: 'DC_EVENT_REACTIONS_CHANGED',
   2002: 'DC_EVENT_INCOMING_REACTION',
+  2003: 'DC_EVENT_INCOMING_WEBXDC_NOTIFY',
   2005: 'DC_EVENT_INCOMING_MSG',
   2006: 'DC_EVENT_INCOMING_MSG_BUNCH',
   2008: 'DC_EVENT_MSGS_NOTICED',
@@ -350,5 +355,7 @@ export const EventId2EventName: { [key: number]: string } = {
   2200: 'DC_EVENT_ACCOUNTS_BACKGROUND_FETCH_DONE',
   2300: 'DC_EVENT_CHATLIST_CHANGED',
   2301: 'DC_EVENT_CHATLIST_ITEM_CHANGED',
+  2302: 'DC_EVENT_ACCOUNTS_CHANGED',
+  2303: 'DC_EVENT_ACCOUNTS_ITEM_CHANGED',
   2400: 'DC_EVENT_CHANNEL_OVERFLOW',
 }

package.json

@@ -55,5 +55,5 @@
     "test:mocha": "mocha node/test/test.mjs --growl --reporter=spec --bail --exit"
   },
   "types": "node/dist/index.d.ts",
-  "version": "1.148.6"
+  "version": "1.151.6"
 }

python/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat"
-version = "1.148.6"
+version = "1.151.6"
 description = "Python bindings for the Delta Chat Core library using CFFI against the Rust-implemented libdeltachat"
 readme = "README.rst"
 requires-python = ">=3.7"

python/src/deltachat/account.py

@@ -671,9 +671,6 @@ class Account:
     def get_connectivity_html(self) -> str:
         return from_dc_charpointer(lib.dc_get_connectivity_html(self._dc_context))
 
-    def all_work_done(self):
-        return lib.dc_all_work_done(self._dc_context)
-
     def start_io(self):
         """start this account's IO scheduling (Rust-core async scheduler).
 

python/src/deltachat/events.py

@@ -158,12 +158,6 @@ class FFIEventTracker:
 
             self.get_matching("DC_EVENT_CONNECTIVITY_CHANGED")
 
-    def wait_for_all_work_done(self):
-        while True:
-            if self.account.all_work_done():
-                return
-            self.get_matching("DC_EVENT_CONNECTIVITY_CHANGED")
-
     def ensure_event_not_queued(self, event_name_regex):
         __tracebackhide__ = True
         rex = re.compile(f"(?:{event_name_regex}).*")

python/src/deltachat/testplugin.py

@@ -152,7 +152,7 @@ class TestProcess:
 
     def get_liveconfig_producer(self):
         """provide live account configs, cached on a per-test-process scope
-        so that test functions can re-use already known live configs.
+        so that test functions can reuse already known live configs.
         """
         chatmail_opt = self.pytestconfig.getoption("--chatmail")
         if chatmail_opt:

python/tests/test_1_online.py

@@ -1899,10 +1899,11 @@ def test_connectivity(acfactory, lp):
 
     ac1.start_io()
     ac1._evtracker.wait_for_connectivity(dc.const.DC_CONNECTIVITY_CONNECTING)
-    ac1._evtracker.wait_for_connectivity_change(dc.const.DC_CONNECTIVITY_CONNECTING, dc.const.DC_CONNECTIVITY_CONNECTED)
+    ac1._evtracker.wait_for_connectivity_change(dc.const.DC_CONNECTIVITY_CONNECTING, dc.const.DC_CONNECTIVITY_WORKING)
+    ac1._evtracker.wait_for_connectivity_change(dc.const.DC_CONNECTIVITY_WORKING, dc.const.DC_CONNECTIVITY_CONNECTED)
 
     lp.sec(
-        "Test that after calling start_io(), maybe_network() and waiting for `all_work_done()`, "
+        "Test that after calling start_io(), maybe_network() and waiting for `DC_CONNECTIVITY_CONNECTED`, "
         "all messages are fetched",
     )
 
@@ -1911,7 +1912,7 @@ def test_connectivity(acfactory, lp):
         ac2.create_chat(ac1).send_text("Hi")
         idle1.wait_for_new_message()
     ac1.maybe_network()
-    ac1._evtracker.wait_for_all_work_done()
+    ac1._evtracker.wait_for_connectivity(dc.const.DC_CONNECTIVITY_CONNECTED)
     msgs = ac1.create_chat(ac2).get_messages()
     assert len(msgs) == 1
     assert msgs[0].text == "Hi"
@@ -1927,30 +1928,6 @@ def test_connectivity(acfactory, lp):
     assert len(msgs) == 2
     assert msgs[1].text == "Hi 2"
 
-    lp.sec("Test that the connectivity doesn't flicker to WORKING if there are no new messages")
-
-    ac1.maybe_network()
-    while 1:
-        assert ac1.get_connectivity() == dc.const.DC_CONNECTIVITY_CONNECTED
-        if ac1.all_work_done():
-            break
-        ac1._evtracker.get_matching("DC_EVENT_CONNECTIVITY_CHANGED")
-
-    lp.sec("Test that the connectivity doesn't flicker to WORKING if the sender of the message is blocked")
-    ac1.create_contact(ac2).block()
-
-    ac1.direct_imap.select_config_folder("inbox")
-    with ac1.direct_imap.idle() as idle1:
-        ac2.create_chat(ac1).send_text("Hi")
-        idle1.wait_for_new_message()
-    ac1.maybe_network()
-
-    while 1:
-        assert ac1.get_connectivity() == dc.const.DC_CONNECTIVITY_CONNECTED
-        if ac1.all_work_done():
-            break
-        ac1._evtracker.get_matching("DC_EVENT_CONNECTIVITY_CHANGED")
-
     lp.sec("Test that the connectivity is NOT_CONNECTED if the password is wrong")
 
     ac1.set_config("configured_mail_pw", "abc")
@@ -1961,32 +1938,6 @@ def test_connectivity(acfactory, lp):
     ac1._evtracker.wait_for_connectivity(dc.const.DC_CONNECTIVITY_NOT_CONNECTED)
 
 
-def test_all_work_done(acfactory, lp):
-    """
-    Tests that calling start_io() immediately followed by maybe_network()
-    and then waiting for all_work_done() reliably fetches the messages
-    delivered while account was offline.
-    In other words, connectivity should not change to a state
-    where all_work_done() returns true until IMAP connection goes idle.
-    """
-    ac1, ac2 = acfactory.get_online_accounts(2)
-
-    ac1.stop_io()
-    ac1._evtracker.wait_for_connectivity(dc.const.DC_CONNECTIVITY_NOT_CONNECTED)
-
-    ac1.direct_imap.select_config_folder("inbox")
-    with ac1.direct_imap.idle() as idle1:
-        ac2.create_chat(ac1).send_text("Hi")
-        idle1.wait_for_new_message()
-
-    ac1.start_io()
-    ac1.maybe_network()
-    ac1._evtracker.wait_for_all_work_done()
-    msgs = ac1.create_chat(ac2).get_messages()
-    assert len(msgs) == 1
-    assert msgs[0].text == "Hi"
-
-
 def test_fetch_deleted_msg(acfactory, lp):
     """This is a regression test: Messages with \\Deleted flag were downloaded again and again,
     hundreds of times, because uid_next was not updated.

python/tests/test_3_offline.py

@@ -705,7 +705,7 @@ class TestOfflineChat:
         ac1 = acfactory.get_pseudo_configured_account()
         ac2 = acfactory.get_pseudo_configured_account()
         qr = ac1.get_setup_contact_qr()
-        assert qr.startswith("OPENPGP4FPR:")
+        assert qr.startswith("https://i.delta.chat")
         res = ac2.check_qr(qr)
         assert res.is_ask_verifycontact()
         assert not res.is_ask_verifygroup()

release-date.in

@@ -1 +1 @@
-2024-10-31
+2024-12-11

scripts/coredeps/install-rust.sh

@@ -7,7 +7,7 @@ set -euo pipefail
 #
 # Avoid using rustup here as it depends on reading /proc/self/exe and
 # has problems running under QEMU.
-RUST_VERSION=1.82.0
+RUST_VERSION=1.83.0
 
 ARCH="$(uname -m)"
 test -f "/lib/libc.musl-$ARCH.so.1" && LIBC=musl || LIBC=gnu

scripts/wheel-rpc-server.py

@@ -25,7 +25,7 @@ def build_source_package(version, filename):
 
         def pack(name, contents):
             contents = contents.encode()
-            tar_info = tarfile.TarInfo(f"deltachat-rpc-server-{version}/{name}")
+            tar_info = tarfile.TarInfo(f"deltachat_rpc_server-{version}/{name}")
             tar_info.mode = 0o644
             tar_info.size = len(contents)
             pkg.addfile(tar_info, BytesIO(contents))
@@ -167,7 +167,7 @@ def main():
         cargo_manifest = tomllib.load(fp)
     version = cargo_manifest["package"]["version"]
     if sys.argv[1] == "source":
-        filename = f"deltachat-rpc-server-{version}.tar.gz"
+        filename = f"deltachat_rpc_server-{version}.tar.gz"
         build_source_package(version, filename)
     else:
         arch = sys.argv[1]

src/accounts.rs

@@ -139,6 +139,7 @@ impl Accounts {
         ctx.open("".to_string()).await?;
 
         self.accounts.insert(account_config.id, ctx);
+        self.emit_event(EventType::AccountsChanged);
 
         Ok(account_config.id)
     }
@@ -156,6 +157,7 @@ impl Accounts {
             .build()
             .await?;
         self.accounts.insert(account_config.id, ctx);
+        self.emit_event(EventType::AccountsChanged);
 
         Ok(account_config.id)
     }
@@ -190,6 +192,7 @@ impl Accounts {
                 .context("failed to remove account data")?;
         }
         self.config.remove_account(id).await?;
+        self.emit_event(EventType::AccountsChanged);
 
         Ok(())
     }

src/authres.rs

@@ -260,7 +260,6 @@ fn parse_authservid_candidates_config(config: &Option<String>) -> BTreeSet<&str>
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
     use tokio::fs;
     use tokio::io::AsyncReadExt;
 
@@ -520,8 +519,13 @@ Authentication-Results: dkim=";
         handle_authres(&t, &mail, "invalid@rom.com").await.unwrap();
     }
 
+    // Test that Autocrypt works with mailing list.
+    //
+    // Previous versions of Delta Chat ignored Autocrypt based on the List-Post header.
+    // This is not needed: comparing of the From address to Autocrypt header address is enough.
+    // If the mailing list is not rewriting the From header, Autocrypt should be applied.
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_autocrypt_in_mailinglist_ignored() -> Result<()> {
+    async fn test_autocrypt_in_mailinglist_not_ignored() -> Result<()> {
         let mut tcm = TestContextManager::new();
         let alice = tcm.alice().await;
         let bob = tcm.bob().await;
@@ -533,28 +537,18 @@ Authentication-Results: dkim=";
             .insert_str(0, "List-Post: <mailto:deltachat-community.example.net>\n");
         bob.recv_msg(&sent).await;
         let peerstate = Peerstate::from_addr(&bob, "alice@example.org").await?;
-        assert!(peerstate.is_none());
-
-        // Do the same without the mailing list header, this time the peerstate should be accepted
-        let sent = alice
-            .send_text(alice_bob_chat.id, "hellooo without mailing list")
-            .await;
-        bob.recv_msg(&sent).await;
-        let peerstate = Peerstate::from_addr(&bob, "alice@example.org").await?;
         assert!(peerstate.is_some());
 
-        // This also means that Bob can now write encrypted to Alice:
+        // Bob can now write encrypted to Alice:
         let mut sent = bob
             .send_text(bob_alice_chat.id, "hellooo in the mailinglist again")
             .await;
         assert!(sent.load_from_db().await.get_showpadlock());
 
-        // But if Bob writes to a mailing list, Alice doesn't show a padlock
-        // since she can't verify the signature without accepting Bob's key:
         sent.payload
             .insert_str(0, "List-Post: <mailto:deltachat-community.example.net>\n");
         let rcvd = alice.recv_msg(&sent).await;
-        assert!(!rcvd.get_showpadlock());
+        assert!(rcvd.get_showpadlock());
         assert_eq!(&rcvd.text, "hellooo in the mailinglist again");
 
         Ok(())

src/chat.rs

@@ -567,6 +567,14 @@ impl ChatId {
         contact_id: Option<ContactId>,
         timestamp_sort: i64,
     ) -> Result<()> {
+        if contact_id == Some(ContactId::SELF) {
+            // Do not add protection messages to Saved Messages chat.
+            // This chat never gets protected and unprotected,
+            // we do not want the first message
+            // to be a protection message with an arbitrary timestamp.
+            return Ok(());
+        }
+
         let text = context.stock_protection_msg(protect, contact_id).await;
         let cmd = match protect {
             ProtectionStatus::Protected => SystemMessage::ChatProtectionEnabled,
@@ -765,27 +773,19 @@ impl ChatId {
         );
 
         let chat = Chat::load_from_db(context, self).await?;
-        context
-            .sql
-            .execute(
-                "DELETE FROM msgs_mdns WHERE msg_id IN (SELECT id FROM msgs WHERE chat_id=?);",
-                (self,),
-            )
-            .await?;
 
         context
             .sql
-            .execute("DELETE FROM msgs WHERE chat_id=?;", (self,))
-            .await?;
-
-        context
-            .sql
-            .execute("DELETE FROM chats_contacts WHERE chat_id=?;", (self,))
-            .await?;
-
-        context
-            .sql
-            .execute("DELETE FROM chats WHERE id=?;", (self,))
+            .transaction(|transaction| {
+                transaction.execute(
+                    "DELETE FROM msgs_mdns WHERE msg_id IN (SELECT id FROM msgs WHERE chat_id=?)",
+                    (self,),
+                )?;
+                transaction.execute("DELETE FROM msgs WHERE chat_id=?", (self,))?;
+                transaction.execute("DELETE FROM chats_contacts WHERE chat_id=?", (self,))?;
+                transaction.execute("DELETE FROM chats WHERE id=?", (self,))?;
+                Ok(())
+            })
             .await?;
 
         context.emit_msgs_changed_without_ids();
@@ -922,24 +922,27 @@ impl ChatId {
                     && old_draft.chat_id == self
                     && old_draft.state == MessageState::OutDraft
                 {
-                    context
-                        .sql
-                        .execute(
-                            "UPDATE msgs
-                            SET timestamp=?,type=?,txt=?,txt_normalized=?,param=?,mime_in_reply_to=?
-                            WHERE id=?;",
-                            (
-                                time(),
-                                msg.viewtype,
-                                &msg.text,
-                                message::normalize_text(&msg.text),
-                                msg.param.to_string(),
-                                msg.in_reply_to.as_deref().unwrap_or_default(),
-                                msg.id,
-                            ),
-                        )
-                        .await?;
-                    return Ok(true);
+                    let affected_rows = context
+                        .sql.execute(
+                                "UPDATE msgs
+                                SET timestamp=?1,type=?2,txt=?3,txt_normalized=?4,param=?5,mime_in_reply_to=?6
+                                WHERE id=?7
+                                AND (type <> ?2 
+                                    OR txt <> ?3 
+                                    OR txt_normalized <> ?4
+                                    OR param <> ?5
+                                    OR mime_in_reply_to <> ?6);",
+                                (
+                                    time(),
+                                    msg.viewtype,
+                                    &msg.text,
+                                    message::normalize_text(&msg.text),
+                                    msg.param.to_string(),
+                                    msg.in_reply_to.as_deref().unwrap_or_default(),
+                                    msg.id,
+                                ),
+                            ).await?;
+                    return Ok(affected_rows > 0);
                 }
             }
         }
@@ -1396,7 +1399,7 @@ impl ChatId {
     ///
     /// `message_timestamp` should be either the message "sent" timestamp or a timestamp of the
     /// corresponding event in case of a system message (usually the current system time).
-    /// `always_sort_to_bottom` makes this ajust the returned timestamp up so that the message goes
+    /// `always_sort_to_bottom` makes this adjust the returned timestamp up so that the message goes
     /// to the chat bottom.
     /// `received` -- whether the message is received. Otherwise being sent.
     /// `incoming` -- whether the message is incoming.
@@ -2101,13 +2104,19 @@ impl Chat {
         } else {
             None
         };
+        let new_mime_headers = new_mime_headers.map(|s| new_html_mimepart(s).build().as_string());
         let new_mime_headers = new_mime_headers.or_else(|| match was_truncated {
-            true => Some(msg.text.clone()),
+            // We need to add some headers so that they are stripped before formatting HTML by
+            // `MsgId::get_html()`, not a part of the actual text. Let's add "Content-Type", it's
+            // anyway a useful metadata about the stored text.
+            true => Some(
+                "Content-Type: text/plain; charset=utf-8\r\n\r\n".to_string() + &msg.text + "\r\n",
+            ),
             false => None,
         });
         let new_mime_headers = match new_mime_headers {
             Some(h) => Some(tokio::task::block_in_place(move || {
-                buf_compress(new_html_mimepart(h).build().as_string().as_bytes())
+                buf_compress(h.as_bytes())
             })?),
             None => None,
         };
@@ -2207,7 +2216,9 @@ impl Chat {
             msg.id = MsgId::new(u32::try_from(raw_id)?);
 
             maybe_set_logging_xdc(context, msg, self.id).await?;
-            context.update_webxdc_integration_database(msg).await?;
+            context
+                .update_webxdc_integration_database(msg, context)
+                .await?;
         }
         context.scheduler.interrupt_ephemeral_task().await;
         Ok(msg.id)
@@ -2596,10 +2607,12 @@ impl ChatIdBlocked {
             _ => (),
         }
 
-        let peerstate = Peerstate::from_addr(context, contact.get_addr()).await?;
-        let protected = peerstate.map_or(false, |p| {
-            p.is_using_verified_key() && p.prefer_encrypt == EncryptPreference::Mutual
-        });
+        let protected = contact_id == ContactId::SELF || {
+            let peerstate = Peerstate::from_addr(context, contact.get_addr()).await?;
+            peerstate.is_some_and(|p| {
+                p.is_using_verified_key() && p.prefer_encrypt == EncryptPreference::Mutual
+            })
+        };
         let smeared_time = create_smeared_timestamp(context);
 
         let chat_id = context
@@ -2982,8 +2995,8 @@ pub(crate) async fn create_send_msg_jobs(context: &Context, msg: &mut Message) -
         recipients.push(from);
     }
 
-    // Webxdc integrations are messages, however, shipped with main app and must not be sent out
-    if msg.param.get_int(Param::WebxdcIntegration).is_some() {
+    // Default Webxdc integrations are hidden messages and must not be sent out
+    if msg.param.get_int(Param::WebxdcIntegration).is_some() && msg.hidden {
         recipients.clear();
     }
 
@@ -4488,7 +4501,7 @@ pub(crate) async fn delete_and_reset_all_device_msgs(context: &Context) -> Resul
         .await?;
     context.sql.execute("DELETE FROM devmsglabels;", ()).await?;
 
-    // Insert labels for welcome messages to avoid them being readded on reconfiguration.
+    // Insert labels for welcome messages to avoid them being re-added on reconfiguration.
     context
         .sql
         .execute(
@@ -4505,6 +4518,7 @@ pub(crate) async fn delete_and_reset_all_device_msgs(context: &Context) -> Resul
 /// Adds an informational message to chat.
 ///
 /// For example, it can be a message showing that a member was added to a group.
+/// Doesn't fail if the chat doesn't exist.
 #[allow(clippy::too_many_arguments)]
 pub(crate) async fn add_info_msg_with_cmd(
     context: &Context,
@@ -4649,9 +4663,9 @@ impl Context {
                     Contact::create_ex(self, Nosync, to, addr).await?;
                     return Ok(());
                 }
-                let contact_id = Contact::lookup_id_by_addr_ex(self, addr, Origin::Unknown, None)
-                    .await?
-                    .with_context(|| format!("No contact for addr '{addr}'"))?;
+                let addr = ContactAddress::new(addr).context("Invalid address")?;
+                let (contact_id, _) =
+                    Contact::add_or_lookup(self, "", &addr, Origin::Hidden).await?;
                 match action {
                     SyncAction::Block => {
                         return contact::set_blocked(self, Nosync, contact_id, true).await
@@ -4661,9 +4675,10 @@ impl Context {
                     }
                     _ => (),
                 }
-                ChatIdBlocked::lookup_by_contact(self, contact_id)
+                // Use `Request` so that even if the program crashes, the user doesn't have to look
+                // into the blocked contacts.
+                ChatIdBlocked::get_for_contact(self, contact_id, Blocked::Request)
                     .await?
-                    .with_context(|| format!("No chat for addr '{addr}'"))?
                     .id
             }
             SyncId::Grpid(grpid) => {
@@ -4700,7 +4715,7 @@ impl Context {
 
     /// Emits the appropriate `MsgsChanged` event. Should be called if the number of unnoticed
     /// archived chats could decrease. In general we don't want to make an extra db query to know if
-    /// a noticied chat is archived. Emitting events should be cheap, a false-positive `MsgsChanged`
+    /// a noticed chat is archived. Emitting events should be cheap, a false-positive `MsgsChanged`
     /// is ok.
     pub(crate) fn on_archived_chats_maybe_noticed(&self) {
         self.emit_msgs_changed(DC_CHAT_ID_ARCHIVED_LINK, MsgId::new(0));
@@ -4715,7 +4730,7 @@ mod tests {
     use crate::headerdef::HeaderDef;
     use crate::message::delete_msgs;
     use crate::receive_imf::receive_imf;
-    use crate::test_utils::{sync, TestContext, TestContextManager};
+    use crate::test_utils::{sync, TestContext, TestContextManager, TimeShiftFalsePositiveNote};
     use strum::IntoEnumIterator;
     use tokio::fs;
 
@@ -5259,6 +5274,8 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_modify_chat_disordered() -> Result<()> {
+        let _n = TimeShiftFalsePositiveNote;
+
         // Alice creates a group with Bob, Claire and Daisy and then removes Claire and Daisy
         // (sleep() is needed as otherwise smeared time from Alice looks to Bob like messages from the future which are all set to "now" then)
         let alice = TestContext::new_alice().await;
@@ -5370,7 +5387,7 @@ mod tests {
 
         // Eventually, first removal message arrives.
         // This has no effect.
-        bob.recv_msg(&remove1).await;
+        bob.recv_msg_trash(&remove1).await;
         assert_eq!(get_chat_contacts(&bob, bob_chat_id).await?.len(), 2);
         Ok(())
     }
@@ -7469,6 +7486,71 @@ mod tests {
         Ok(())
     }
 
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_sync_accept_before_first_msg() -> Result<()> {
+        let alice0 = &TestContext::new_alice().await;
+        let alice1 = &TestContext::new_alice().await;
+        for a in [alice0, alice1] {
+            a.set_config_bool(Config::SyncMsgs, true).await?;
+        }
+        let bob = TestContext::new_bob().await;
+
+        let ba_chat = bob.create_chat(alice0).await;
+        let sent_msg = bob.send_text(ba_chat.id, "hi").await;
+        let a0b_chat_id = alice0.recv_msg(&sent_msg).await.chat_id;
+        assert_eq!(alice0.get_chat(&bob).await.blocked, Blocked::Request);
+        a0b_chat_id.accept(alice0).await?;
+        let a0b_contact = alice0.add_or_lookup_contact(&bob).await;
+        assert_eq!(a0b_contact.origin, Origin::CreateChat);
+        assert_eq!(alice0.get_chat(&bob).await.blocked, Blocked::Not);
+
+        sync(alice0, alice1).await;
+        let a1b_contact = alice1.add_or_lookup_contact(&bob).await;
+        assert_eq!(a1b_contact.origin, Origin::CreateChat);
+        let a1b_chat = alice1.get_chat(&bob).await;
+        assert_eq!(a1b_chat.blocked, Blocked::Not);
+        let chats = Chatlist::try_load(alice1, 0, None, None).await?;
+        assert_eq!(chats.len(), 1);
+
+        let rcvd_msg = alice1.recv_msg(&sent_msg).await;
+        assert_eq!(rcvd_msg.chat_id, a1b_chat.id);
+        Ok(())
+    }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_sync_block_before_first_msg() -> Result<()> {
+        let alice0 = &TestContext::new_alice().await;
+        let alice1 = &TestContext::new_alice().await;
+        for a in [alice0, alice1] {
+            a.set_config_bool(Config::SyncMsgs, true).await?;
+        }
+        let bob = TestContext::new_bob().await;
+
+        let ba_chat = bob.create_chat(alice0).await;
+        let sent_msg = bob.send_text(ba_chat.id, "hi").await;
+        let a0b_chat_id = alice0.recv_msg(&sent_msg).await.chat_id;
+        assert_eq!(alice0.get_chat(&bob).await.blocked, Blocked::Request);
+        a0b_chat_id.block(alice0).await?;
+        let a0b_contact = alice0.add_or_lookup_contact(&bob).await;
+        assert_eq!(a0b_contact.origin, Origin::IncomingUnknownFrom);
+        assert_eq!(alice0.get_chat(&bob).await.blocked, Blocked::Yes);
+
+        sync(alice0, alice1).await;
+        let a1b_contact = alice1.add_or_lookup_contact(&bob).await;
+        assert_eq!(a1b_contact.origin, Origin::Hidden);
+        assert!(ChatIdBlocked::lookup_by_contact(alice1, a1b_contact.id)
+            .await?
+            .is_none());
+
+        let rcvd_msg = alice1.recv_msg(&sent_msg).await;
+        let a1b_contact = alice1.add_or_lookup_contact(&bob).await;
+        assert_eq!(a1b_contact.origin, Origin::IncomingUnknownFrom);
+        let a1b_chat = alice1.get_chat(&bob).await;
+        assert_eq!(a1b_chat.blocked, Blocked::Yes);
+        assert_eq!(rcvd_msg.chat_id, a1b_chat.id);
+        Ok(())
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_sync_adhoc_grp() -> Result<()> {
         let alice0 = &TestContext::new_alice().await;
@@ -7695,4 +7777,19 @@ mod tests {
 
         Ok(())
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_do_not_overwrite_draft() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = tcm.alice().await;
+        let mut msg = Message::new_text("This is a draft message".to_string());
+        let self_chat = alice.get_self_chat().await.id;
+        self_chat.set_draft(&alice, Some(&mut msg)).await.unwrap();
+        let draft1 = self_chat.get_draft(&alice).await?.unwrap();
+        SystemTime::shift(Duration::from_secs(1));
+        self_chat.set_draft(&alice, Some(&mut msg)).await.unwrap();
+        let draft2 = self_chat.get_draft(&alice).await?.unwrap();
+        assert_eq!(draft1.timestamp_sort, draft2.timestamp_sort);
+        Ok(())
+    }
 }

src/chatlist.rs

@@ -394,25 +394,32 @@ impl Chatlist {
             &chat_loaded
         };
 
-        let (lastmsg, lastcontact) = if let Some(lastmsg_id) = lastmsg_id {
-            let lastmsg = Message::load_from_db(context, lastmsg_id)
+        let lastmsg = if let Some(lastmsg_id) = lastmsg_id {
+            // Message may be deleted by the time we try to load it,
+            // so use `load_from_db_optional` instead of `load_from_db`.
+            Message::load_from_db_optional(context, lastmsg_id)
                 .await
-                .context("loading message failed")?;
+                .context("Loading message failed")?
+        } else {
+            None
+        };
+
+        let lastcontact = if let Some(lastmsg) = &lastmsg {
             if lastmsg.from_id == ContactId::SELF {
-                (Some(lastmsg), None)
+                None
             } else {
                 match chat.typ {
                     Chattype::Group | Chattype::Broadcast | Chattype::Mailinglist => {
                         let lastcontact = Contact::get_by_id(context, lastmsg.from_id)
                             .await
                             .context("loading contact failed")?;
-                        (Some(lastmsg), Some(lastcontact))
+                        Some(lastcontact)
                     }
-                    Chattype::Single => (Some(lastmsg), None),
+                    Chattype::Single => None,
                 }
             }
         } else {
-            (None, None)
+            None
         };
 
         if chat.id.is_archived_link() {
@@ -761,6 +768,25 @@ mod tests {
         assert_eq!(summary.text, "foo: bar test"); // the linebreak should be removed from summary
     }
 
+    /// Tests that summary does not fail to load
+    /// if the draft was deleted after loading the chatlist.
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_get_summary_deleted_draft() {
+        let t = TestContext::new().await;
+
+        let chat_id = create_group_chat(&t, ProtectionStatus::Unprotected, "a chat")
+            .await
+            .unwrap();
+        let mut msg = Message::new_text("Foobar".to_string());
+        chat_id.set_draft(&t, Some(&mut msg)).await.unwrap();
+
+        let chats = Chatlist::try_load(&t, 0, None, None).await.unwrap();
+        chat_id.set_draft(&t, None).await.unwrap();
+
+        let summary_res = chats.get_summary(&t, 0, None).await;
+        assert!(summary_res.is_ok());
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_load_broken() {
         let t = TestContext::new_bob().await;

src/config.rs

@@ -80,7 +80,7 @@ pub enum Config {
     /// SMTP server security (e.g. TLS, STARTTLS).
     SendSecurity,
 
-    /// Deprecated option for backwards compatibilty.
+    /// Deprecated option for backwards compatibility.
     ///
     /// Certificate checks for SMTP are actually controlled by `imap_certificate_checks` config.
     SmtpCertificateChecks,
@@ -396,6 +396,12 @@ pub enum Config {
     /// Make all outgoing messages with Autocrypt header "multipart/signed".
     SignUnencrypted,
 
+    /// Enable header protection for `Autocrypt` header.
+    ///
+    /// This is an experimental setting not compatible to other MUAs
+    /// and older Delta Chat versions (core version <= v1.149.0).
+    ProtectAutocrypt,
+
     /// Let the core save all events to the database.
     /// This value is used internally to remember the MsgId of the logging xdc
     #[strum(props(default = "0"))]
@@ -435,6 +441,12 @@ pub enum Config {
     /// Enable webxdc realtime features.
     #[strum(props(default = "1"))]
     WebxdcRealtimeEnabled,
+
+    /// Last device token stored on the chatmail server.
+    ///
+    /// If it has not changed, we do not store
+    /// the device token again.
+    DeviceToken,
 }
 
 impl Config {
@@ -785,6 +797,12 @@ impl Context {
                 self.sql.set_raw_config(key.as_ref(), value).await?;
             }
         }
+        if matches!(
+            key,
+            Config::Displayname | Config::Selfavatar | Config::PrivateTag
+        ) {
+            self.emit_event(EventType::AccountsItemChanged);
+        }
         if key.is_synced() {
             self.emit_event(EventType::ConfigSynced { key });
         }

src/configure.rs

@@ -36,10 +36,10 @@ use crate::message::Message;
 use crate::oauth2::get_oauth2_addr;
 use crate::provider::{Protocol, Socket, UsernamePattern};
 use crate::smtp::Smtp;
-use crate::stock_str;
 use crate::sync::Sync::*;
 use crate::tools::time;
 use crate::{chat, e2ee, provider};
+use crate::{stock_str, EventType};
 use deltachat_contact_tools::addr_cmp;
 
 macro_rules! progress {
@@ -486,6 +486,7 @@ async fn configure(ctx: &Context, param: &EnteredLoginParam) -> Result<Configure
     update_device_chats_handle.await??;
 
     ctx.sql.set_raw_config_bool("configured", true).await?;
+    ctx.emit_event(EventType::AccountsItemChanged);
 
     Ok(configured_param)
 }
@@ -611,8 +612,6 @@ pub enum Error {
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
     use crate::config::Config;
     use crate::login_param::EnteredServerLoginParam;

src/configure/auto_mozilla.rs

@@ -67,19 +67,15 @@ fn parse_server<B: BufRead>(
 
     let typ = server_event
         .attributes()
-        .find(|attr| {
-            attr.as_ref()
-                .map(|a| {
-                    String::from_utf8_lossy(a.key.as_ref())
-                        .trim()
-                        .to_lowercase()
-                        == "type"
-                })
-                .unwrap_or_default()
+        .find_map(|attr| {
+            attr.ok().filter(|a| {
+                String::from_utf8_lossy(a.key.as_ref())
+                    .trim()
+                    .eq_ignore_ascii_case("type")
+            })
         })
         .map(|typ| {
-            typ.unwrap()
-                .decode_and_unescape_value(reader.decoder())
+            typ.decode_and_unescape_value(reader.decoder())
                 .unwrap_or_default()
                 .to_lowercase()
         })
@@ -272,8 +268,6 @@ pub(crate) async fn moz_autoconfigure(
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
 
     #[test]

src/configure/auto_outlook.rs

@@ -215,8 +215,6 @@ pub(crate) async fn outlk_autodiscover(
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
 
     #[test]

src/contact.rs

@@ -143,6 +143,43 @@ impl ContactId {
             .await?;
         Ok(())
     }
+
+    /// Returns contact address.
+    pub async fn addr(&self, context: &Context) -> Result<String> {
+        let addr = context
+            .sql
+            .query_row("SELECT addr FROM contacts WHERE id=?", (self,), |row| {
+                let addr: String = row.get(0)?;
+                Ok(addr)
+            })
+            .await?;
+        Ok(addr)
+    }
+
+    /// Resets encryption with the contact.
+    ///
+    /// Effect is similar to receiving a message without Autocrypt header
+    /// from the contact, but this action is triggered manually by the user.
+    ///
+    /// For example, this will result in sending the next message
+    /// to 1:1 chat unencrypted, but will not remove existing verified keys.
+    pub async fn reset_encryption(self, context: &Context) -> Result<()> {
+        let now = time();
+
+        let addr = self.addr(context).await?;
+        if let Some(mut peerstate) = Peerstate::from_addr(context, &addr).await? {
+            peerstate.degrade_encryption(now);
+            peerstate.save_to_db(&context.sql).await?;
+        }
+
+        // Reset 1:1 chat protection.
+        if let Some(chat_id) = ChatId::lookup_by_contact(context, self).await? {
+            chat_id
+                .set_protection(context, ProtectionStatus::Unprotected, now, Some(self))
+                .await?;
+        }
+        Ok(())
+    }
 }
 
 impl fmt::Display for ContactId {
@@ -425,9 +462,12 @@ pub enum Origin {
     /// To: of incoming messages of unknown sender
     IncomingUnknownTo = 0x40,
 
-    /// address scanned but not verified
+    /// Address scanned but not verified.
     UnhandledQrScan = 0x80,
 
+    /// Address scanned from a SecureJoin QR code, but not verified yet.
+    UnhandledSecurejoinQrScan = 0x81,
+
     /// Reply-To: of incoming message of known sender
     /// Contacts with at least this origin value are shown in the contact list.
     IncomingReplyTo = 0x100,
@@ -1212,15 +1252,15 @@ impl Contact {
 
         let fingerprint_self = load_self_public_key(context)
             .await?
-            .fingerprint()
+            .dc_fingerprint()
             .to_string();
         let fingerprint_other_verified = peerstate
             .peek_key(true)
-            .map(|k| k.fingerprint().to_string())
+            .map(|k| k.dc_fingerprint().to_string())
             .unwrap_or_default();
         let fingerprint_other_unverified = peerstate
             .peek_key(false)
-            .map(|k| k.fingerprint().to_string())
+            .map(|k| k.dc_fingerprint().to_string())
             .unwrap_or_default();
         if addr < peerstate.addr {
             cat_fingerprint(&mut ret, &addr, &fingerprint_self, "");
@@ -1944,7 +1984,7 @@ mod tests {
     use crate::chat::{get_chat_contacts, send_text_msg, Chat};
     use crate::chatlist::Chatlist;
     use crate::receive_imf::receive_imf;
-    use crate::test_utils::{self, TestContext, TestContextManager};
+    use crate::test_utils::{self, TestContext, TestContextManager, TimeShiftFalsePositiveNote};
 
     #[test]
     fn test_contact_id_values() {
@@ -2875,6 +2915,8 @@ Hi."#;
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_was_seen_recently() -> Result<()> {
+        let _n = TimeShiftFalsePositiveNote;
+
         let mut tcm = TestContextManager::new();
         let alice = tcm.alice().await;
         let bob = tcm.bob().await;
@@ -2890,18 +2932,7 @@ Hi."#;
         bob.recv_msg(&sent_msg).await;
         let contact = Contact::get_by_id(&bob, *contacts.first().unwrap()).await?;
 
-        let green = nu_ansi_term::Color::Green.normal();
-        assert!(
-            contact.was_seen_recently(),
-            "{}",
-            green.paint(
-                "\nNOTE: This test failure is probably a false-positive, caused by tests running in parallel.
-The issue is that `SystemTime::shift()` (a utility function for tests) changes the time for all threads doing tests, and not only for the running test.
-Until the false-positive is fixed:
-- Use `cargo test -- --test-threads 1` instead of `cargo test`
-- Or use `cargo nextest run` (install with `cargo install cargo-nextest --locked`)\n"
-            )
-        );
+        assert!(contact.was_seen_recently());
 
         let self_contact = Contact::get_by_id(&bob, ContactId::SELF).await?;
         assert!(!self_contact.was_seen_recently());
@@ -3149,4 +3180,75 @@ Until the false-positive is fixed:
 
         Ok(())
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_reset_encryption() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        let bob = &tcm.bob().await;
+
+        let msg = tcm.send_recv_accept(alice, bob, "Hello!").await;
+        assert_eq!(msg.get_showpadlock(), false);
+
+        let msg = tcm.send_recv(bob, alice, "Hi!").await;
+        assert_eq!(msg.get_showpadlock(), true);
+        let alice_bob_contact_id = msg.from_id;
+
+        alice_bob_contact_id.reset_encryption(alice).await?;
+
+        let msg = tcm.send_recv(alice, bob, "Unencrypted").await;
+        assert_eq!(msg.get_showpadlock(), false);
+
+        Ok(())
+    }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_reset_verified_encryption() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        let bob = &tcm.bob().await;
+
+        tcm.execute_securejoin(bob, alice).await;
+
+        let msg = tcm.send_recv(bob, alice, "Encrypted").await;
+        assert_eq!(msg.get_showpadlock(), true);
+
+        let alice_bob_chat_id = msg.chat_id;
+        let alice_bob_contact_id = msg.from_id;
+        alice_bob_contact_id.reset_encryption(alice).await?;
+
+        // Check that the contact is still verified after resetting encryption.
+        let alice_bob_contact = Contact::get_by_id(alice, alice_bob_contact_id).await?;
+        assert_eq!(alice_bob_contact.is_verified(alice).await?, true);
+
+        // 1:1 chat and profile is no longer verified.
+        assert_eq!(alice_bob_contact.is_profile_verified(alice).await?, false);
+
+        let info_msg = alice.get_last_msg_in(alice_bob_chat_id).await;
+        assert_eq!(
+            info_msg.text,
+            "bob@example.net sent a message from another device."
+        );
+
+        let msg = tcm.send_recv(alice, bob, "Unencrypted").await;
+        assert_eq!(msg.get_showpadlock(), false);
+
+        Ok(())
+    }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_self_is_verified() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = tcm.alice().await;
+
+        let contact = Contact::get_by_id(&alice, ContactId::SELF).await?;
+        assert_eq!(contact.is_verified(&alice).await?, true);
+        assert!(contact.is_profile_verified(&alice).await?);
+        assert!(contact.get_verifier_id(&alice).await?.is_none());
+
+        let chat_id = ChatId::get_for_contact(&alice, ContactId::SELF).await?;
+        assert!(chat_id.is_protected(&alice).await.unwrap() == ProtectionStatus::Protected);
+
+        Ok(())
+    }
 }

src/context.rs

@@ -10,9 +10,10 @@ use std::time::Duration;
 
 use anyhow::{bail, ensure, Context as _, Result};
 use async_channel::{self as channel, Receiver, Sender};
+use pgp::types::PublicKeyTrait;
 use pgp::SignedPublicKey;
 use ratelimit::Ratelimit;
-use tokio::sync::{Mutex, Notify, OnceCell, RwLock};
+use tokio::sync::{Mutex, Notify, RwLock};
 
 use crate::aheader::EncryptPreference;
 use crate::chat::{get_chat_cnt, ChatId, ProtectionStatus};
@@ -275,7 +276,7 @@ pub struct InnerContext {
     /// The text of the last error logged and emitted as an event.
     /// If the ui wants to display an error after a failure,
     /// `last_error` should be used to avoid races with the event thread.
-    pub(crate) last_error: std::sync::RwLock<String>,
+    pub(crate) last_error: parking_lot::RwLock<String>,
 
     /// If debug logging is enabled, this contains all necessary information
     ///
@@ -291,7 +292,7 @@ pub struct InnerContext {
     pub(crate) push_subscribed: AtomicBool,
 
     /// Iroh for realtime peer channels.
-    pub(crate) iroh: OnceCell<Iroh>,
+    pub(crate) iroh: Arc<RwLock<Option<Iroh>>>,
 }
 
 /// The state of ongoing process.
@@ -445,11 +446,11 @@ impl Context {
             metadata: RwLock::new(None),
             creation_time: tools::Time::now(),
             last_full_folder_scan: Mutex::new(None),
-            last_error: std::sync::RwLock::new("".to_string()),
+            last_error: parking_lot::RwLock::new("".to_string()),
             debug_logging: std::sync::RwLock::new(None),
             push_subscriber,
             push_subscribed: AtomicBool::new(false),
-            iroh: OnceCell::new(),
+            iroh: Arc::new(RwLock::new(None)),
         };
 
         let ctx = Context {
@@ -471,12 +472,33 @@ impl Context {
             // Allow at least 1 message every second + a burst of 3.
             *lock = Ratelimit::new(Duration::new(3, 0), 3.0);
         }
+
+        // The next line is mainly for iOS:
+        // iOS starts a separate process for receiving notifications and if the user concurrently
+        // starts the app, the UI process opens the database but waits with calling start_io()
+        // until the notifications process finishes.
+        // Now, some configs may have changed, so, we need to invalidate the cache.
+        self.sql.config_cache.write().await.clear();
+
         self.scheduler.start(self.clone()).await;
     }
 
     /// Stops the IO scheduler.
     pub async fn stop_io(&self) {
         self.scheduler.stop(self).await;
+        if let Some(iroh) = self.iroh.write().await.take() {
+            // Close all QUIC connections.
+
+            // Spawn into a separate task,
+            // because Iroh calls `wait_idle()` internally
+            // and it may take time, especially if the network
+            // has become unavailable.
+            tokio::spawn(async move {
+                // We do not log the error because we do not want the task
+                // to hold the reference to Context.
+                let _ = tokio::time::timeout(Duration::from_secs(60), iroh.close()).await;
+            });
+        }
     }
 
     /// Restarts the IO scheduler if it was running before
@@ -487,7 +509,7 @@ impl Context {
 
     /// Indicate that the network likely has come back.
     pub async fn maybe_network(&self) {
-        if let Some(iroh) = self.iroh.get() {
+        if let Some(ref iroh) = *self.iroh.read().await {
             iroh.network_change().await;
         }
         self.scheduler.maybe_network().await;
@@ -531,23 +553,7 @@ impl Context {
 
         if self.scheduler.is_running().await {
             self.scheduler.maybe_network().await;
-
-            // Wait until fetching is finished.
-            // Ideally we could wait for connectivity change events,
-            // but sleep loop is good enough.
-
-            // First 100 ms sleep in chunks of 10 ms.
-            for _ in 0..10 {
-                if self.all_work_done().await {
-                    break;
-                }
-                tokio::time::sleep(std::time::Duration::from_millis(10)).await;
-            }
-
-            // If we are not finished in 100 ms, keep waking up every 100 ms.
-            while !self.all_work_done().await {
-                tokio::time::sleep(std::time::Duration::from_millis(100)).await;
-            }
+            self.wait_for_all_work_done().await;
         } else {
             // Pause the scheduler to ensure another connection does not start
             // while we are fetching on a dedicated connection.
@@ -781,7 +787,7 @@ impl Context {
             .count("SELECT COUNT(*) FROM acpeerstates;", ())
             .await?;
         let fingerprint_str = match load_self_public_key(self).await {
-            Ok(key) => key.fingerprint().hex(),
+            Ok(key) => key.dc_fingerprint().hex(),
             Err(err) => format!("<key failure: {err}>"),
         };
 
@@ -990,6 +996,12 @@ impl Context {
                 .await?
                 .to_string(),
         );
+        res.insert(
+            "protect_autocrypt",
+            self.get_config_int(Config::ProtectAutocrypt)
+                .await?
+                .to_string(),
+        );
         res.insert(
             "debug_logging",
             self.get_config_int(Config::DebugLogging).await?.to_string(),
@@ -1171,7 +1183,7 @@ impl Context {
             EncryptPreference::Mutual,
             &public_key,
         );
-        let fingerprint = public_key.fingerprint();
+        let fingerprint = public_key.dc_fingerprint();
         peerstate.set_verified(public_key, fingerprint, "".to_string())?;
         peerstate.save_to_db(&self.sql).await?;
         chat_id
@@ -1743,6 +1755,7 @@ mod tests {
             "socks5_password",
             "key_id",
             "webxdc_integration",
+            "device_token",
         ];
         let t = TestContext::new().await;
         let info = t.get_info().await.unwrap();
@@ -2057,4 +2070,41 @@ mod tests {
 
         Ok(())
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_cache_is_cleared_when_io_is_started() -> Result<()> {
+        let alice = TestContext::new_alice().await;
+        assert_eq!(
+            alice.get_config(Config::ShowEmails).await?,
+            Some("2".to_string())
+        );
+
+        // Change the config circumventing the cache
+        // This simulates what the notification plugin on iOS might do
+        // because it runs in a different process
+        alice
+            .sql
+            .execute(
+                "INSERT OR REPLACE INTO config (keyname, value) VALUES ('show_emails', '0')",
+                (),
+            )
+            .await?;
+
+        // Alice's Delta Chat doesn't know about it yet:
+        assert_eq!(
+            alice.get_config(Config::ShowEmails).await?,
+            Some("2".to_string())
+        );
+
+        // Starting IO will fail of course because no server settings are configured,
+        // but it should invalidate the caches:
+        alice.start_io().await;
+
+        assert_eq!(
+            alice.get_config(Config::ShowEmails).await?,
+            Some("0".to_string())
+        );
+
+        Ok(())
+    }
 }

src/debug_logging.rs

@@ -60,9 +60,11 @@ pub async fn debug_logging_loop(context: &Context, events: Receiver<DebugEventLo
                         "time": time,
                     }),
                     info: None,
+                    href: None,
                     summary: None,
                     document: None,
                     uid: None,
+                    notify: None,
                 },
                 time,
             )

src/decrypt.rs

@@ -1,125 +1,36 @@
 //! End-to-end decryption support.
 
 use std::collections::HashSet;
-use std::str::FromStr;
 
 use anyhow::Result;
 use deltachat_contact_tools::addr_cmp;
 use mailparse::ParsedMail;
 
 use crate::aheader::Aheader;
-use crate::authres::handle_authres;
-use crate::authres::{self, DkimResults};
 use crate::context::Context;
-use crate::headerdef::{HeaderDef, HeaderDefMap};
 use crate::key::{DcKey, Fingerprint, SignedPublicKey, SignedSecretKey};
 use crate::peerstate::Peerstate;
 use crate::pgp;
 
 /// Tries to decrypt a message, but only if it is structured as an Autocrypt message.
 ///
-/// If successful and the message is encrypted, returns decrypted body and a set of valid
-/// signature fingerprints.
-///
-/// If the message is wrongly signed, HashSet will be empty.
+/// If successful and the message is encrypted, returns decrypted body.
 pub fn try_decrypt(
     mail: &ParsedMail<'_>,
     private_keyring: &[SignedSecretKey],
-    public_keyring_for_validate: &[SignedPublicKey],
-) -> Result<Option<(Vec<u8>, HashSet<Fingerprint>)>> {
+) -> Result<Option<::pgp::composed::Message>> {
     let Some(encrypted_data_part) = get_encrypted_mime(mail) else {
         return Ok(None);
     };
 
-    decrypt_part(
-        encrypted_data_part,
-        private_keyring,
-        public_keyring_for_validate,
-    )
-}
+    let data = encrypted_data_part.get_body_raw()?;
+    let msg = pgp::pk_decrypt(data, private_keyring)?;
 
-pub(crate) async fn prepare_decryption(
-    context: &Context,
-    mail: &ParsedMail<'_>,
-    from: &str,
-    message_time: i64,
-) -> Result<DecryptionInfo> {
-    if mail.headers.get_header(HeaderDef::ListPost).is_some() {
-        if mail.headers.get_header(HeaderDef::Autocrypt).is_some() {
-            info!(
-                context,
-                "Ignoring autocrypt header since this is a mailing list message. \
-                NOTE: For privacy reasons, the mailing list software should remove Autocrypt headers."
-            );
-        }
-        return Ok(DecryptionInfo {
-            from: from.to_string(),
-            autocrypt_header: None,
-            peerstate: None,
-            message_time,
-            dkim_results: DkimResults { dkim_passed: false },
-        });
-    }
-
-    let autocrypt_header = if context.is_self_addr(from).await? {
-        None
-    } else if let Some(aheader_value) = mail.headers.get_header_value(HeaderDef::Autocrypt) {
-        match Aheader::from_str(&aheader_value) {
-            Ok(header) if addr_cmp(&header.addr, from) => Some(header),
-            Ok(header) => {
-                warn!(
-                    context,
-                    "Autocrypt header address {:?} is not {:?}.", header.addr, from
-                );
-                None
-            }
-            Err(err) => {
-                warn!(context, "Failed to parse Autocrypt header: {:#}.", err);
-                None
-            }
-        }
-    } else {
-        None
-    };
-
-    let dkim_results = handle_authres(context, mail, from).await?;
-    let allow_aeap = get_encrypted_mime(mail).is_some();
-    let peerstate = get_autocrypt_peerstate(
-        context,
-        from,
-        autocrypt_header.as_ref(),
-        message_time,
-        allow_aeap,
-    )
-    .await?;
-
-    Ok(DecryptionInfo {
-        from: from.to_string(),
-        autocrypt_header,
-        peerstate,
-        message_time,
-        dkim_results,
-    })
-}
-
-#[derive(Debug)]
-pub struct DecryptionInfo {
-    /// The From address. This is the address from the unnencrypted, outer
-    /// From header.
-    pub from: String,
-    pub autocrypt_header: Option<Aheader>,
-    /// The peerstate that will be used to validate the signatures
-    pub peerstate: Option<Peerstate>,
-    /// The timestamp when the message was sent.
-    /// If this is older than the peerstate's last_seen, this probably
-    /// means out-of-order message arrival, We don't modify the
-    /// peerstate in this case.
-    pub message_time: i64,
-    pub(crate) dkim_results: authres::DkimResults,
+    Ok(Some(msg))
 }
 
 /// Returns a reference to the encrypted payload of a message.
-fn get_encrypted_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail<'b>> {
+pub(crate) fn get_encrypted_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail<'b>> {
     get_autocrypt_mime(mail)
         .or_else(|| get_mixed_up_mime(mail))
         .or_else(|| get_attachment_mime(mail))
@@ -204,37 +115,6 @@ fn get_autocrypt_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail
     }
 }
 
-/// Returns Ok(None) if nothing encrypted was found.
-fn decrypt_part(
-    mail: &ParsedMail<'_>,
-    private_keyring: &[SignedSecretKey],
-    public_keyring_for_validate: &[SignedPublicKey],
-) -> Result<Option<(Vec<u8>, HashSet<Fingerprint>)>> {
-    let data = mail.get_body_raw()?;
-
-    if has_decrypted_pgp_armor(&data) {
-        let (plain, ret_valid_signatures) =
-            pgp::pk_decrypt(data, private_keyring, public_keyring_for_validate)?;
-        return Ok(Some((plain, ret_valid_signatures)));
-    }
-
-    Ok(None)
-}
-
-#[allow(clippy::indexing_slicing)]
-fn has_decrypted_pgp_armor(input: &[u8]) -> bool {
-    if let Some(index) = input.iter().position(|b| *b > b' ') {
-        if input.len() - index > 26 {
-            let start = index;
-            let end = start + 27;
-
-            return &input[start..end] == b"-----BEGIN PGP MESSAGE-----";
-        }
-    }
-
-    false
-}
-
 /// Validates signatures of Multipart/Signed message part, as defined in RFC 1847.
 ///
 /// Returns the signed part and the set of key
@@ -302,7 +182,7 @@ pub(crate) async fn get_autocrypt_peerstate(
             // if the fingerprint is verified.
             peerstate = Peerstate::from_verified_fingerprint_or_addr(
                 context,
-                &header.public_key.fingerprint(),
+                &header.public_key.dc_fingerprint(),
                 from,
             )
             .await?;
@@ -346,24 +226,6 @@ mod tests {
     use crate::receive_imf::receive_imf;
     use crate::test_utils::TestContext;
 
-    #[test]
-    fn test_has_decrypted_pgp_armor() {
-        let data = b" -----BEGIN PGP MESSAGE-----";
-        assert_eq!(has_decrypted_pgp_armor(data), true);
-
-        let data = b"    \n-----BEGIN PGP MESSAGE-----";
-        assert_eq!(has_decrypted_pgp_armor(data), true);
-
-        let data = b"    -----BEGIN PGP MESSAGE---";
-        assert_eq!(has_decrypted_pgp_armor(data), false);
-
-        let data = b" -----BEGIN PGP MESSAGE-----";
-        assert_eq!(has_decrypted_pgp_armor(data), true);
-
-        let data = b"blas";
-        assert_eq!(has_decrypted_pgp_armor(data), false);
-    }
-
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_mixed_up_mime() -> Result<()> {
         // "Mixed Up" mail as received when sending an encrypted

src/download.rs

@@ -440,7 +440,7 @@ mod tests {
         let _sent1 = alice.send_msg(chat_id, &mut instance).await;
 
         alice
-            .send_webxdc_status_update(instance.id, r#"{"payload":7}"#, "d")
+            .send_webxdc_status_update(instance.id, r#"{"payload":7}"#)
             .await?;
         alice.flush_status_updates().await?;
         let sent2 = alice.pop_sent_msg().await;

src/e2ee.rs

@@ -303,12 +303,12 @@ Sent with my Delta Chat Messenger: https://delta.chat";
             last_seen_autocrypt: 14,
             prefer_encrypt,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: Some(pub_key.clone()),
             gossip_timestamp: 15,
-            gossip_key_fingerprint: Some(pub_key.fingerprint()),
+            gossip_key_fingerprint: Some(pub_key.dc_fingerprint()),
             verified_key: Some(pub_key.clone()),
-            verified_key_fingerprint: Some(pub_key.fingerprint()),
+            verified_key_fingerprint: Some(pub_key.dc_fingerprint()),
             verifier: None,
             secondary_verified_key: None,
             secondary_verified_key_fingerprint: None,

src/events/payload.rs

@@ -59,7 +59,7 @@ pub enum EventType {
     /// or for functions that are expected to fail (eg. dc_continue_key_transfer())
     /// it might be better to delay showing these events until the function has really
     /// failed (returned false). It should be sufficient to report only the *last* error
-    /// in a messasge box then.
+    /// in a message box then.
     Error(String),
 
     /// An action cannot be performed because the user is not in the group.
@@ -107,6 +107,21 @@ pub enum EventType {
         reaction: Reaction,
     },
 
+    /// A webxdc wants an info message or a changed summary to be notified.
+    IncomingWebxdcNotify {
+        /// ID of the contact sending.
+        contact_id: ContactId,
+
+        /// ID of the added info message or webxdc instance in case of summary change.
+        msg_id: MsgId,
+
+        /// Text to notify.
+        text: String,
+
+        /// Link assigned to this notification, if any.
+        href: Option<String>,
+    },
+
     /// There is a fresh message. Typically, the user will show an notification
     /// when receiving this message.
     ///
@@ -332,6 +347,20 @@ pub enum EventType {
         chat_id: Option<ChatId>,
     },
 
+    /// Inform that the list of accounts has changed (an account removed or added or (not yet implemented) the account order changes)
+    ///
+    /// This event is only emitted by the account manager
+    AccountsChanged,
+
+    /// Inform that an account property that might be shown in the account list changed, namely:
+    /// - is_configured (see [crate::context::Context::is_configured])
+    /// - displayname
+    /// - selfavatar
+    /// - private_tag
+    ///
+    /// This event is emitted from the account whose property changed.
+    AccountsItemChanged,
+
     /// Event for using in tests, e.g. as a fence between normally generated events.
     #[cfg(test)]
     Test,

src/html.rs

@@ -144,12 +144,12 @@ impl HtmlMsgParser {
                         self.plain = Some(PlainText {
                             text: decoded_data,
                             flowed: if let Some(format) = mail.ctype.params.get("format") {
-                                format.as_str().to_ascii_lowercase() == "flowed"
+                                format.as_str().eq_ignore_ascii_case("flowed")
                             } else {
                                 false
                             },
                             delsp: if let Some(delsp) = mail.ctype.params.get("delsp") {
-                                delsp.as_str().to_ascii_lowercase() == "yes"
+                                delsp.as_str().eq_ignore_ascii_case("yes")
                             } else {
                                 false
                             },
@@ -283,7 +283,6 @@ mod tests {
 <meta name="color-scheme" content="light dark" />
 </head><body>
 This message does not have Content-Type nor Subject.<br/>
-<br/>
 </body></html>
 "#
         );
@@ -302,7 +301,6 @@ This message does not have Content-Type nor Subject.<br/>
 <meta name="color-scheme" content="light dark" />
 </head><body>
 message with a non-UTF-8 encoding: äöüßÄÖÜ<br/>
-<br/>
 </body></html>
 "#
         );
@@ -325,7 +323,6 @@ This line ends with a space and will be merged with the next one due to format=f
 <br/>
 This line does not end with a space<br/>
 and will be wrapped as usual.<br/>
-<br/>
 </body></html>
 "#
         );
@@ -347,7 +344,6 @@ mime-modified should not be set set as there is no html and no special stuff;<br
 although not being a delta-message.<br/>
 test some special html-characters as &lt; &gt; and &amp; but also &quot; and &#x27; :)<br/>
 <br/>
-<br/>
 </body></html>
 "#
         );

src/imap.rs

@@ -41,6 +41,7 @@ use crate::mimeparser;
 use crate::net::proxy::ProxyConfig;
 use crate::net::session::SessionStream;
 use crate::oauth2::get_oauth2_access_token;
+use crate::push::encrypt_device_token;
 use crate::receive_imf::{
     from_field_to_contact_id, get_prefetch_parent_message, receive_imf_inner, ReceivedMsg,
 };
@@ -89,7 +90,7 @@ pub(crate) struct Imap {
 
     oauth2: bool,
 
-    login_failed_once: bool,
+    authentication_failed_once: bool,
 
     pub(crate) connectivity: ConnectivityStore,
 
@@ -254,7 +255,7 @@ impl Imap {
             proxy_config,
             strict_tls,
             oauth2,
-            login_failed_once: false,
+            authentication_failed_once: false,
             connectivity: Default::default(),
             conn_last_try: UNIX_EPOCH,
             conn_backoff_ms: 0,
@@ -402,12 +403,12 @@ impl Imap {
                     let mut lock = context.server_id.write().await;
                     lock.clone_from(&session.capabilities.server_id);
 
-                    self.login_failed_once = false;
+                    self.authentication_failed_once = false;
                     context.emit_event(EventType::ImapConnected(format!(
                         "IMAP-LOGIN as {}",
                         lp.user
                     )));
-                    self.connectivity.set_connected(context).await;
+                    self.connectivity.set_preparing(context).await;
                     info!(context, "Successfully logged into IMAP server");
                     return Ok(session);
                 }
@@ -416,35 +417,38 @@ impl Imap {
                     let imap_user = lp.user.to_owned();
                     let message = stock_str::cannot_login(context, &imap_user).await;
 
-                    let err_str = err.to_string();
                     warn!(context, "IMAP failed to login: {err:#}.");
                     first_error.get_or_insert(format_err!("{message} ({err:#})"));
 
+                    // If it looks like the password is wrong, send a notification:
                     let _lock = context.wrong_pw_warning_mutex.lock().await;
-                    if !configuring
-                        && self.login_failed_once
-                        && err_str.to_lowercase().contains("authentication")
-                        && context.get_config_bool(Config::NotifyAboutWrongPw).await?
-                    {
-                        let mut msg = Message::new_text(message);
-                        if let Err(e) = chat::add_device_msg_with_importance(
-                            context,
-                            None,
-                            Some(&mut msg),
-                            true,
-                        )
-                        .await
+                    if err.to_string().to_lowercase().contains("authentication") {
+                        if self.authentication_failed_once
+                            && !configuring
+                            && context.get_config_bool(Config::NotifyAboutWrongPw).await?
                         {
-                            warn!(context, "Failed to add device message: {e:#}.");
+                            let mut msg = Message::new_text(message);
+                            if let Err(e) = chat::add_device_msg_with_importance(
+                                context,
+                                None,
+                                Some(&mut msg),
+                                true,
+                            )
+                            .await
+                            {
+                                warn!(context, "Failed to add device message: {e:#}.");
+                            } else {
+                                context
+                                    .set_config_internal(Config::NotifyAboutWrongPw, None)
+                                    .await
+                                    .log_err(context)
+                                    .ok();
+                            }
                         } else {
-                            context
-                                .set_config_internal(Config::NotifyAboutWrongPw, None)
-                                .await
-                                .log_err(context)
-                                .ok();
+                            self.authentication_failed_once = true;
                         }
                     } else {
-                        self.login_failed_once = true;
+                        self.authentication_failed_once = false;
                     }
                 }
             }
@@ -1557,16 +1561,54 @@ impl Session {
         };
 
         if self.can_metadata() && self.can_push() {
-            let folder = context
-                .get_config(Config::ConfiguredInboxFolder)
+            let device_token_changed = context
+                .get_config(Config::DeviceToken)
                 .await?
-                .context("INBOX is not configured")?;
+                .map_or(true, |config_token| device_token != config_token);
 
-            self.run_command_and_check_ok(format!(
-                "SETMETADATA \"{folder}\" (/private/devicetoken \"{device_token}\")"
-            ))
-            .await
-            .context("SETMETADATA command failed")?;
+            if device_token_changed {
+                let folder = context
+                    .get_config(Config::ConfiguredInboxFolder)
+                    .await?
+                    .context("INBOX is not configured")?;
+
+                let encrypted_device_token = encrypt_device_token(&device_token)
+                    .context("Failed to encrypt device token")?;
+
+                // We expect that the server supporting `XDELTAPUSH` capability
+                // has non-synchronizing literals support as well:
+                // <https://www.rfc-editor.org/rfc/rfc7888>.
+                let encrypted_device_token_len = encrypted_device_token.len();
+
+                if encrypted_device_token_len <= 4096 {
+                    self.run_command_and_check_ok(&format_setmetadata(
+                        &folder,
+                        &encrypted_device_token,
+                    ))
+                    .await
+                    .context("SETMETADATA command failed")?;
+
+                    // Store device token saved on the server
+                    // to prevent storing duplicate tokens.
+                    // The server cannot deduplicate on its own
+                    // because encryption gives a different
+                    // result each time.
+                    context
+                        .set_config_internal(Config::DeviceToken, Some(&device_token))
+                        .await?;
+                } else {
+                    // If Apple or Google (FCM) gives us a very large token,
+                    // do not even try to give it to IMAP servers.
+                    //
+                    // Limit of 4096 is arbitrarily selected
+                    // to be the same as required by LITERAL- IMAP extension.
+                    //
+                    // Dovecot supports LITERAL+ and non-synchronizing literals
+                    // of any length, but there is no reason for tokens
+                    // to be that large even after OpenPGP encryption.
+                    warn!(context, "Device token is too long for LITERAL-, ignoring.");
+                }
+            }
             context.push_subscribed.store(true, Ordering::Relaxed);
         } else if !context.push_subscriber.heartbeat_subscribed().await {
             let context = context.clone();
@@ -1578,6 +1620,13 @@ impl Session {
     }
 }
 
+fn format_setmetadata(folder: &str, device_token: &str) -> String {
+    let device_token_len = device_token.len();
+    format!(
+        "SETMETADATA \"{folder}\" (/private/devicetoken {{{device_token_len}+}}\r\n{device_token})"
+    )
+}
+
 impl Session {
     /// Returns success if we successfully set the flag or we otherwise
     /// think add_flag should not be retried: Disconnection during setting
@@ -1913,7 +1962,7 @@ async fn needs_move_to_mvbox(
         && has_chat_version
         && headers
             .get_header_value(HeaderDef::AutoSubmitted)
-            .filter(|val| val.to_ascii_lowercase() == "auto-generated")
+            .filter(|val| val.eq_ignore_ascii_case("auto-generated"))
             .is_some()
     {
         if let Some(from) = mimeparser::get_from(headers) {
@@ -2861,4 +2910,16 @@ mod tests {
             vec![("INBOX".to_string(), vec![1, 2, 3], "2:3".to_string())]
         );
     }
+
+    #[test]
+    fn test_setmetadata_device_token() {
+        assert_eq!(
+            format_setmetadata("INBOX", "foobarbaz"),
+            "SETMETADATA \"INBOX\" (/private/devicetoken {9+}\r\nfoobarbaz)"
+        );
+        assert_eq!(
+            format_setmetadata("INBOX", "foo\r\nbar\r\nbaz\r\n"),
+            "SETMETADATA \"INBOX\" (/private/devicetoken {15+}\r\nfoo\r\nbar\r\nbaz\r\n)"
+        );
+    }
 }

src/imap/idle.rs

@@ -9,7 +9,6 @@ use tokio::time::timeout;
 use super::session::Session;
 use super::Imap;
 use crate::context::Context;
-use crate::imap::FolderMeaning;
 use crate::net::TIMEOUT;
 use crate::tools::{self, time_elapsed};
 
@@ -109,37 +108,16 @@ impl Imap {
     pub(crate) async fn fake_idle(
         &mut self,
         context: &Context,
-        session: &mut Session,
         watch_folder: String,
-        folder_meaning: FolderMeaning,
     ) -> Result<()> {
         let fake_idle_start_time = tools::Time::now();
 
         info!(context, "IMAP-fake-IDLEing folder={:?}", watch_folder);
 
-        // Loop until we are interrupted or until we fetch something.
-        loop {
-            match timeout(Duration::from_secs(60), self.idle_interrupt_receiver.recv()).await {
-                Err(_) => {
-                    // Let's see if fetching messages results
-                    // in anything.  If so, we behave as if IDLE had data but
-                    // will have already fetched the messages so perform_*_fetch
-                    // will not find any new.
-                    let res = self
-                        .fetch_new_messages(context, session, &watch_folder, folder_meaning, false)
-                        .await?;
-
-                    info!(context, "fetch_new_messages returned {:?}", res);
-
-                    if res {
-                        break;
-                    }
-                }
-                Ok(_) => {
-                    info!(context, "Fake IDLE interrupted.");
-                    break;
-                }
-            }
+        // Wait for 60 seconds or until we are interrupted.
+        match timeout(Duration::from_secs(60), self.idle_interrupt_receiver.recv()).await {
+            Err(_) => info!(context, "Fake IDLE finished."),
+            Ok(_) => info!(context, "Fake IDLE interrupted."),
         }
 
         info!(

src/imex.rs

@@ -4,7 +4,7 @@ use std::ffi::OsStr;
 use std::path::{Path, PathBuf};
 use std::pin::Pin;
 
-use ::pgp::types::KeyTrait;
+use ::pgp::types::PublicKeyTrait;
 use anyhow::{bail, ensure, format_err, Context as _, Result};
 use futures::TryStreamExt;
 use futures_lite::FutureExt;
@@ -426,6 +426,7 @@ async fn import_backup_stream_inner<R: tokio::io::AsyncRead + Unpin>(
     if res.is_ok() {
         context.emit_event(EventType::ImexProgress(999));
         res = context.sql.run_migrations(context).await;
+        context.emit_event(EventType::AccountsItemChanged);
     }
     if res.is_ok() {
         delete_and_reset_all_device_msgs(context)
@@ -750,7 +751,7 @@ where
             true => "private",
         };
         let id = id.map_or("default".into(), |i| i.to_string());
-        let fp = DcKey::fingerprint(key).hex();
+        let fp = key.dc_fingerprint().hex();
         format!("{kind}-key-{addr}-{id}-{fp}.asc")
     };
     let path = dir.join(&file_name);
@@ -878,7 +879,7 @@ mod tests {
             .unwrap()
             .strip_suffix(".asc")
             .unwrap();
-        assert_eq!(fingerprint, DcKey::fingerprint(&key).hex());
+        assert_eq!(fingerprint, key.dc_fingerprint().hex());
         let blobdir = context.ctx.get_blobdir().to_str().unwrap();
         let filename = format!("{blobdir}/{filename}");
         let bytes = tokio::fs::read(&filename).await.unwrap();

src/key.rs

@@ -11,7 +11,8 @@ use num_traits::FromPrimitive;
 use pgp::composed::Deserializable;
 pub use pgp::composed::{SignedPublicKey, SignedSecretKey};
 use pgp::ser::Serialize;
-use pgp::types::{KeyTrait, SecretKeyTrait};
+use pgp::types::{PublicKeyTrait, SecretKeyTrait};
+use rand::thread_rng;
 use tokio::runtime::Handle;
 
 use crate::config::Config;
@@ -26,7 +27,7 @@ use crate::tools::{self, time_elapsed};
 /// This trait is implemented for rPGP's [SignedPublicKey] and
 /// [SignedSecretKey] types and makes working with them a little
 /// easier in the deltachat world.
-pub(crate) trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
+pub(crate) trait DcKey: Serialize + Deserializable + PublicKeyTrait + Clone {
     /// Create a key from some bytes.
     fn from_slice(bytes: &[u8]) -> Result<Self> {
         Ok(<Self as Deserializable>::from_bytes(Cursor::new(bytes))?)
@@ -93,8 +94,8 @@ pub(crate) trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
     fn to_asc(&self, header: Option<(&str, &str)>) -> String;
 
     /// The fingerprint for the key.
-    fn fingerprint(&self) -> Fingerprint {
-        Fingerprint::new(KeyTrait::fingerprint(self))
+    fn dc_fingerprint(&self) -> Fingerprint {
+        PublicKeyTrait::fingerprint(self).into()
     }
 
     fn is_private() -> bool;
@@ -233,7 +234,8 @@ impl DcSecretKey for SignedSecretKey {
     fn split_public_key(&self) -> Result<SignedPublicKey> {
         self.verify()?;
         let unsigned_pubkey = SecretKeyTrait::public_key(self);
-        let signed_pubkey = unsigned_pubkey.sign(self, || "".into())?;
+        let mut rng = thread_rng();
+        let signed_pubkey = unsigned_pubkey.sign(&mut rng, self, || "".into())?;
         Ok(signed_pubkey)
     }
 }
@@ -395,6 +397,12 @@ impl Fingerprint {
     }
 }
 
+impl From<pgp::types::Fingerprint> for Fingerprint {
+    fn from(fingerprint: pgp::types::Fingerprint) -> Fingerprint {
+        Self::new(fingerprint.as_bytes().into())
+    }
+}
+
 impl fmt::Debug for Fingerprint {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         f.debug_struct("Fingerprint")

src/lib.rs

@@ -16,7 +16,8 @@
     clippy::explicit_into_iter_loop,
     clippy::cloned_instead_of_copied
 )]
-#![cfg_attr(not(test), warn(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::string_slice))]
 #![allow(
     clippy::match_bool,
     clippy::mixed_read_write_in_expression,

src/location.rs

@@ -244,18 +244,14 @@ impl Kml {
             self.tag = KmlTag::PlacemarkPoint;
         } else if tag == "coordinates" && self.tag == KmlTag::PlacemarkPoint {
             self.tag = KmlTag::PlacemarkPointCoordinates;
-            if let Some(acc) = event.attributes().find(|attr| {
-                attr.as_ref()
-                    .map(|a| {
-                        String::from_utf8_lossy(a.key.as_ref())
-                            .trim()
-                            .to_lowercase()
-                            == "accuracy"
-                    })
-                    .unwrap_or_default()
+            if let Some(acc) = event.attributes().find_map(|attr| {
+                attr.ok().filter(|a| {
+                    String::from_utf8_lossy(a.key.as_ref())
+                        .trim()
+                        .eq_ignore_ascii_case("accuracy")
+                })
             }) {
                 let v = acc
-                    .unwrap()
                     .decode_and_unescape_value(reader.decoder())
                     .unwrap_or_default();
 
@@ -880,8 +876,6 @@ async fn maybe_send_locations(context: &Context) -> Result<Option<u64>> {
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
     use crate::config::Config;
     use crate::message::MessageState;

src/log.rs

@@ -50,13 +50,13 @@ impl Context {
     /// Set last error string.
     /// Implemented as blocking as used from macros in different, not always async blocks.
     pub fn set_last_error(&self, error: &str) {
-        let mut last_error = self.last_error.write().unwrap();
+        let mut last_error = self.last_error.write();
         *last_error = error.to_string();
     }
 
     /// Get last error string.
     pub fn get_last_error(&self) -> String {
-        let last_error = &*self.last_error.read().unwrap();
+        let last_error = &*self.last_error.read();
         last_error.clone()
     }
 }

src/message.rs

@@ -150,16 +150,17 @@ impl MsgId {
 
     pub(crate) async fn set_delivered(self, context: &Context) -> Result<()> {
         update_msg_state(context, self, MessageState::OutDelivered).await?;
-        let chat_id: ChatId = context
+        let chat_id: Option<ChatId> = context
             .sql
             .query_get_value("SELECT chat_id FROM msgs WHERE id=?", (self,))
-            .await?
-            .unwrap_or_default();
+            .await?;
         context.emit_event(EventType::MsgDelivered {
-            chat_id,
+            chat_id: chat_id.unwrap_or_default(),
             msg_id: self,
         });
-        chatlist_events::emit_chatlist_item_changed(context, chat_id);
+        if let Some(chat_id) = chat_id {
+            chatlist_events::emit_chatlist_item_changed(context, chat_id);
+        }
         Ok(())
     }
 
@@ -723,7 +724,7 @@ impl Message {
     /// `contact_id` set to [`ContactId::SELF`].
     ///
     /// `latitude` is the North-south position of the location.
-    /// `longitutde` is the East-west position of the location.
+    /// `longitude` is the East-west position of the location.
     ///
     /// [`location::set()`]: crate::location::set
     /// [`send_locations_to_chat()`]: crate::location::send_locations_to_chat
@@ -1692,6 +1693,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                     m.id AS id,
                     m.chat_id AS chat_id,
                     m.state AS state,
+                    m.download_state as download_state,
                     m.ephemeral_timer AS ephemeral_timer,
                     m.param AS param,
                     m.from_id AS from_id,
@@ -1707,6 +1709,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                 let id: MsgId = row.get("id")?;
                 let chat_id: ChatId = row.get("chat_id")?;
                 let state: MessageState = row.get("state")?;
+                let download_state: DownloadState = row.get("download_state")?;
                 let param: Params = row.get::<_, String>("param")?.parse().unwrap_or_default();
                 let from_id: ContactId = row.get("from_id")?;
                 let rfc724_mid: String = row.get("rfc724_mid")?;
@@ -1718,6 +1721,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                         id,
                         chat_id,
                         state,
+                        download_state,
                         param,
                         from_id,
                         rfc724_mid,
@@ -1747,6 +1751,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
             id,
             curr_chat_id,
             curr_state,
+            curr_download_state,
             curr_param,
             curr_from_id,
             curr_rfc724_mid,
@@ -1756,7 +1761,14 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
         _curr_ephemeral_timer,
     ) in msgs
     {
-        if curr_state == MessageState::InFresh || curr_state == MessageState::InNoticed {
+        if curr_download_state != DownloadState::Done {
+            if curr_state == MessageState::InFresh {
+                // Don't mark partially downloaded messages as seen or send a read receipt since
+                // they are not really seen by the user.
+                update_msg_state(context, id, MessageState::InNoticed).await?;
+                updated_chat_ids.insert(curr_chat_id);
+            }
+        } else if curr_state == MessageState::InFresh || curr_state == MessageState::InNoticed {
             update_msg_state(context, id, MessageState::InSeen).await?;
             info!(context, "Seen message {}.", id);
 
@@ -1850,20 +1862,21 @@ pub(crate) async fn set_msg_failed(
     }
     msg.error = Some(error.to_string());
 
-    context
+    let exists = context
         .sql
         .execute(
             "UPDATE msgs SET state=?, error=? WHERE id=?;",
             (msg.state, error, msg.id),
         )
-        .await?;
-
+        .await?
+        > 0;
     context.emit_event(EventType::MsgFailed {
         chat_id: msg.chat_id,
         msg_id: msg.id,
     });
-    chatlist_events::emit_chatlist_item_changed(context, msg.chat_id);
-
+    if exists {
+        chatlist_events::emit_chatlist_item_changed(context, msg.chat_id);
+    }
     Ok(())
 }
 
@@ -2581,6 +2594,110 @@ mod tests {
         Ok(())
     }
 
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_markseen_not_downloaded_msg() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        alice.set_config(Config::DownloadLimit, Some("1")).await?;
+        let bob = &tcm.bob().await;
+        let bob_chat_id = tcm.send_recv_accept(alice, bob, "hi").await.chat_id;
+
+        let file_bytes = include_bytes!("../test-data/image/screenshot.png");
+        let mut msg = Message::new(Viewtype::Image);
+        msg.set_file_from_bytes(bob, "a.jpg", file_bytes, None)
+            .await?;
+        let sent_msg = bob.send_msg(bob_chat_id, &mut msg).await;
+        let msg = alice.recv_msg(&sent_msg).await;
+        assert_eq!(msg.download_state, DownloadState::Available);
+        assert!(!msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
+        assert_eq!(msg.state, MessageState::InFresh);
+        markseen_msgs(alice, vec![msg.id]).await?;
+        // A not downloaded message can be seen only if it's seen on another device.
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+        // Marking the message as seen again is a no op.
+        markseen_msgs(alice, vec![msg.id]).await?;
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+
+        msg.id
+            .update_download_state(alice, DownloadState::InProgress)
+            .await?;
+        markseen_msgs(alice, vec![msg.id]).await?;
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+        msg.id
+            .update_download_state(alice, DownloadState::Failure)
+            .await?;
+        markseen_msgs(alice, vec![msg.id]).await?;
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+        msg.id
+            .update_download_state(alice, DownloadState::Undecipherable)
+            .await?;
+        markseen_msgs(alice, vec![msg.id]).await?;
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+
+        assert!(
+            !alice
+                .sql
+                .exists("SELECT COUNT(*) FROM smtp_mdns", ())
+                .await?
+        );
+
+        alice.set_config(Config::DownloadLimit, None).await?;
+        // Let's assume that Alice and Bob resolved the problem with encryption.
+        let old_msg = msg;
+        let msg = alice.recv_msg(&sent_msg).await;
+        assert_eq!(msg.chat_id, old_msg.chat_id);
+        assert_eq!(msg.download_state, DownloadState::Done);
+        assert!(msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
+        assert!(msg.get_showpadlock());
+        // The message state mustn't be downgraded to `InFresh`.
+        assert_eq!(msg.state, MessageState::InNoticed);
+        markseen_msgs(alice, vec![msg.id]).await?;
+        let msg = Message::load_from_db(alice, msg.id).await?;
+        assert_eq!(msg.state, MessageState::InSeen);
+        assert_eq!(
+            alice
+                .sql
+                .count("SELECT COUNT(*) FROM smtp_mdns", ())
+                .await?,
+            1
+        );
+        Ok(())
+    }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_msg_seen_on_imap_when_downloaded() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        alice.set_config(Config::DownloadLimit, Some("1")).await?;
+        let bob = &tcm.bob().await;
+        let bob_chat_id = tcm.send_recv_accept(alice, bob, "hi").await.chat_id;
+
+        let file_bytes = include_bytes!("../test-data/image/screenshot.png");
+        let mut msg = Message::new(Viewtype::Image);
+        msg.set_file_from_bytes(bob, "a.jpg", file_bytes, None)
+            .await?;
+        let sent_msg = bob.send_msg(bob_chat_id, &mut msg).await;
+        let msg = alice.recv_msg(&sent_msg).await;
+        assert_eq!(msg.download_state, DownloadState::Available);
+        assert_eq!(msg.state, MessageState::InFresh);
+
+        alice.set_config(Config::DownloadLimit, None).await?;
+        let seen = true;
+        let rcvd_msg = receive_imf(alice, sent_msg.payload().as_bytes(), seen)
+            .await
+            .unwrap()
+            .unwrap();
+        assert_eq!(rcvd_msg.chat_id, msg.chat_id);
+        let msg = Message::load_from_db(alice, *rcvd_msg.msg_ids.last().unwrap())
+            .await
+            .unwrap();
+        assert_eq!(msg.download_state, DownloadState::Done);
+        assert!(msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
+        assert!(msg.get_showpadlock());
+        assert_eq!(msg.state, MessageState::InSeen);
+        Ok(())
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_get_state() -> Result<()> {
         let alice = TestContext::new_alice().await;

src/mimefactory.rs

@@ -6,7 +6,6 @@ use anyhow::{bail, Context as _, Result};
 use base64::Engine as _;
 use chrono::TimeZone;
 use email::Mailbox;
-use format_flowed::{format_flowed, format_flowed_quote};
 use lettre_email::{Address, Header, MimeMultipartType, PartBuilder};
 use tokio::fs;
 
@@ -357,7 +356,7 @@ impl MimeFactory {
                     let gossip_period = context.get_config_i64(Config::GossipPeriod).await?;
                     // `gossip_period == 0` is a special case for testing,
                     // enabling gossip in every message.
-                    // Othewise "smeared timestamps" may result in the condition
+                    // Otherwise "smeared timestamps" may result in the condition
                     // to fail even if the clock is monotonic.
                     if gossip_period == 0 || time() >= gossiped_timestamp + gossip_period {
                         Ok(true)
@@ -743,7 +742,9 @@ impl MimeFactory {
                 hidden_headers.push(header);
             } else if header_name == "chat-user-avatar" {
                 hidden_headers.push(header);
-            } else if header_name == "autocrypt" {
+            } else if header_name == "autocrypt"
+                && !context.get_config_bool(Config::ProtectAutocrypt).await?
+            {
                 unprotected_headers.push(header.clone());
             } else if header_name == "from" {
                 // Unencrypted securejoin messages should _not_ include the display name:
@@ -1298,9 +1299,18 @@ impl MimeFactory {
 
         let final_text = placeholdertext.as_deref().unwrap_or(&msg.text);
 
-        let mut quoted_text = msg
-            .quoted_text()
-            .map(|quote| format_flowed_quote(&quote) + "\r\n\r\n");
+        let mut quoted_text = None;
+        if let Some(msg_quoted_text) = msg.quoted_text() {
+            let mut some_quoted_text = String::new();
+            for quoted_line in msg_quoted_text.split('\n') {
+                some_quoted_text += "> ";
+                some_quoted_text += quoted_line;
+                some_quoted_text += "\r\n";
+            }
+            some_quoted_text += "\r\n";
+            quoted_text = Some(some_quoted_text)
+        }
+
         if !is_encrypted && msg.param.get_bool(Param::ProtectQuote).unwrap_or_default() {
             // Message is not encrypted but quotes encrypted message.
             quoted_text = Some("> ...\r\n\r\n".to_string());
@@ -1310,7 +1320,6 @@ impl MimeFactory {
             // Delta Chat.
             quoted_text = Some("\r\n".to_string());
         }
-        let flowed_text = format_flowed(final_text);
 
         let is_reaction = msg.param.get_int(Param::Reaction).unwrap_or_default() != 0;
 
@@ -1320,7 +1329,7 @@ impl MimeFactory {
             "{}{}{}{}{}{}",
             fwdhint.unwrap_or_default(),
             quoted_text.unwrap_or_default(),
-            escape_message_footer_marks(&flowed_text),
+            escape_message_footer_marks(final_text),
             if !final_text.is_empty() && !footer.is_empty() {
                 "\r\n\r\n"
             } else {
@@ -1330,10 +1339,8 @@ impl MimeFactory {
             footer
         );
 
-        let mut main_part = PartBuilder::new().header((
-            "Content-Type",
-            "text/plain; charset=utf-8; format=flowed; delsp=no",
-        ));
+        let mut main_part =
+            PartBuilder::new().header(("Content-Type", "text/plain; charset=utf-8"));
         main_part = self.add_message_text(main_part, message_text);
 
         if is_reaction {
@@ -2272,7 +2279,6 @@ mod tests {
         let msg = message.as_string();
 
         let header_end = msg.find("Hi").unwrap();
-        #[allow(clippy::indexing_slicing)]
         let headers = msg[0..header_end].trim();
 
         assert!(!headers.lines().any(|l| l.trim().is_empty()));

src/mimeparser.rs

@@ -4,6 +4,7 @@ use std::cmp::min;
 use std::collections::{HashMap, HashSet};
 use std::path::Path;
 use std::str;
+use std::str::FromStr;
 
 use anyhow::{bail, Context as _, Result};
 use deltachat_contact_tools::{addr_cmp, addr_normalize, sanitize_bidi_characters};
@@ -14,15 +15,16 @@ use mailparse::{addrparse_header, DispositionType, MailHeader, MailHeaderMap, Si
 use rand::distributions::{Alphanumeric, DistString};
 
 use crate::aheader::{Aheader, EncryptPreference};
+use crate::authres::handle_authres;
 use crate::blob::BlobObject;
-use crate::chat::{add_info_msg, ChatId};
+use crate::chat::ChatId;
 use crate::config::Config;
-use crate::constants::{self, Chattype};
-use crate::contact::{Contact, ContactId, Origin};
+use crate::constants;
+use crate::contact::ContactId;
 use crate::context::Context;
 use crate::decrypt::{
-    keyring_from_peerstate, prepare_decryption, try_decrypt, validate_detached_signature,
-    DecryptionInfo,
+    get_autocrypt_peerstate, get_encrypted_mime, keyring_from_peerstate, try_decrypt,
+    validate_detached_signature,
 };
 use crate::dehtml::dehtml;
 use crate::events::EventType;
@@ -34,8 +36,7 @@ use crate::peerstate::Peerstate;
 use crate::simplify::{simplify, SimplifiedText};
 use crate::sync::SyncItems;
 use crate::tools::{
-    create_smeared_timestamp, get_filemeta, parse_receive_headers, smeared_time, truncate_msg_text,
-    validate_id,
+    get_filemeta, parse_receive_headers, smeared_time, truncate_msg_text, validate_id,
 };
 use crate::{chatlist_events, location, stock_str, tools};
 
@@ -71,7 +72,8 @@ pub(crate) struct MimeMessage {
     /// messages to this address to post them to the list.
     pub list_post: Option<String>,
     pub chat_disposition_notification_to: Option<SingleInfo>,
-    pub decryption_info: DecryptionInfo,
+    pub autocrypt_header: Option<Aheader>,
+    pub peerstate: Option<Peerstate>,
     pub decrypting_failed: bool,
 
     /// Set of valid signature fingerprints if a message is an
@@ -301,42 +303,101 @@ impl MimeMessage {
         let mut from = from.context("No from in message")?;
         let private_keyring = load_self_secret_keyring(context).await?;
 
-        let mut decryption_info =
-            prepare_decryption(context, &mail, &from.addr, timestamp_sent).await?;
+        let allow_aeap = get_encrypted_mime(&mail).is_some();
+
+        let dkim_results = handle_authres(context, &mail, &from.addr).await?;
 
-        // Memory location for a possible decrypted message.
-        let mut mail_raw = Vec::new();
         let mut gossiped_keys = Default::default();
         let mut from_is_signed = false;
         hop_info += "\n\n";
-        hop_info += &decryption_info.dkim_results.to_string();
+        hop_info += &dkim_results.to_string();
 
         let incoming = !context.is_self_addr(&from.addr).await?;
-        let public_keyring = match decryption_info.peerstate.is_none() && !incoming {
-            true => key::load_self_public_keyring(context).await?,
-            false => keyring_from_peerstate(decryption_info.peerstate.as_ref()),
-        };
-        let (mail, mut signatures, encrypted) = match tokio::task::block_in_place(|| {
-            try_decrypt(&mail, &private_keyring, &public_keyring)
-        }) {
-            Ok(Some((raw, signatures))) => {
-                mail_raw = raw;
-                let decrypted_mail = mailparse::parse_mail(&mail_raw)?;
-                if std::env::var(crate::DCC_MIME_DEBUG).is_ok() {
-                    info!(
-                        context,
-                        "decrypted message mime-body:\n{}",
-                        String::from_utf8_lossy(&mail_raw),
-                    );
+
+        let mut aheader_value: Option<String> = mail.headers.get_header_value(HeaderDef::Autocrypt);
+
+        let mail_raw; // Memory location for a possible decrypted message.
+        let decrypted_msg; // Decrypted signed OpenPGP message.
+
+        let (mail, encrypted) =
+            match tokio::task::block_in_place(|| try_decrypt(&mail, &private_keyring)) {
+                Ok(Some(msg)) => {
+                    mail_raw = msg.get_content()?.unwrap_or_default();
+
+                    let decrypted_mail = mailparse::parse_mail(&mail_raw)?;
+                    if std::env::var(crate::DCC_MIME_DEBUG).is_ok() {
+                        info!(
+                            context,
+                            "decrypted message mime-body:\n{}",
+                            String::from_utf8_lossy(&mail_raw),
+                        );
+                    }
+
+                    decrypted_msg = Some(msg);
+                    if let Some(protected_aheader_value) = decrypted_mail
+                        .headers
+                        .get_header_value(HeaderDef::Autocrypt)
+                    {
+                        aheader_value = Some(protected_aheader_value);
+                    }
+
+                    (Ok(decrypted_mail), true)
+                }
+                Ok(None) => {
+                    mail_raw = Vec::new();
+                    decrypted_msg = None;
+                    (Ok(mail), false)
+                }
+                Err(err) => {
+                    mail_raw = Vec::new();
+                    decrypted_msg = None;
+                    warn!(context, "decryption failed: {:#}", err);
+                    (Err(err), false)
+                }
+            };
+
+        let autocrypt_header = if !incoming {
+            None
+        } else if let Some(aheader_value) = aheader_value {
+            match Aheader::from_str(&aheader_value) {
+                Ok(header) if addr_cmp(&header.addr, &from.addr) => Some(header),
+                Ok(header) => {
+                    warn!(
+                        context,
+                        "Autocrypt header address {:?} is not {:?}.", header.addr, from.addr
+                    );
+                    None
+                }
+                Err(err) => {
+                    warn!(context, "Failed to parse Autocrypt header: {:#}.", err);
+                    None
                 }
-                (Ok(decrypted_mail), signatures, true)
-            }
-            Ok(None) => (Ok(mail), HashSet::new(), false),
-            Err(err) => {
-                warn!(context, "decryption failed: {:#}", err);
-                (Err(err), HashSet::new(), false)
             }
+        } else {
+            None
         };
+
+        // The peerstate that will be used to validate the signatures.
+        let mut peerstate = get_autocrypt_peerstate(
+            context,
+            &from.addr,
+            autocrypt_header.as_ref(),
+            timestamp_sent,
+            allow_aeap,
+        )
+        .await?;
+
+        let public_keyring = match peerstate.is_none() && !incoming {
+            true => key::load_self_public_keyring(context).await?,
+            false => keyring_from_peerstate(peerstate.as_ref()),
+        };
+
+        let mut signatures = if let Some(ref decrypted_msg) = decrypted_msg {
+            crate::pgp::valid_signature_fingerprints(decrypted_msg, &public_keyring)?
+        } else {
+            HashSet::new()
+        };
+
         let mail = mail.as_ref().map(|mail| {
             let (content, signatures_detached) = validate_detached_signature(mail, &public_keyring)
                 .unwrap_or((mail, Default::default()));
@@ -422,7 +483,7 @@ impl MimeMessage {
             Self::remove_secured_headers(&mut headers);
 
             // If it is not a read receipt, degrade encryption.
-            if let (Some(peerstate), Ok(mail)) = (&mut decryption_info.peerstate, mail) {
+            if let (Some(peerstate), Ok(mail)) = (&mut peerstate, mail) {
                 if timestamp_sent > peerstate.last_seen_autocrypt
                     && mail.ctype.mimetype != "multipart/report"
                 {
@@ -433,7 +494,7 @@ impl MimeMessage {
         if !encrypted {
             signatures.clear();
         }
-        if let Some(peerstate) = &mut decryption_info.peerstate {
+        if let Some(peerstate) = &mut peerstate {
             if peerstate.prefer_encrypt != EncryptPreference::Mutual && !signatures.is_empty() {
                 peerstate.prefer_encrypt = EncryptPreference::Mutual;
                 peerstate.save_to_db(&context.sql).await?;
@@ -449,7 +510,8 @@ impl MimeMessage {
             from_is_signed,
             incoming,
             chat_disposition_notification_to,
-            decryption_info,
+            autocrypt_header,
+            peerstate,
             decrypting_failed: mail.is_err(),
 
             // only non-empty if it was a valid autocrypt message
@@ -602,11 +664,13 @@ impl MimeMessage {
     /// Delta Chat sends attachments, such as images, in two-part messages, with the first message
     /// containing a description. If such a message is detected, text from the first part can be
     /// moved to the second part, and the first part dropped.
-    #[allow(clippy::indexing_slicing)]
     fn squash_attachment_parts(&mut self) {
-        if let [textpart, filepart] = &self.parts[..] {
-            let need_drop = textpart.typ == Viewtype::Text
-                && match filepart.typ {
+        if self.parts.len() == 2
+            && self.parts.first().map(|textpart| textpart.typ) == Some(Viewtype::Text)
+            && self
+                .parts
+                .get(1)
+                .is_some_and(|filepart| match filepart.typ {
                     Viewtype::Image
                     | Viewtype::Gif
                     | Viewtype::Sticker
@@ -617,24 +681,24 @@ impl MimeMessage {
                     | Viewtype::File
                     | Viewtype::Webxdc => true,
                     Viewtype::Unknown | Viewtype::Text | Viewtype::VideochatInvitation => false,
-                };
+                })
+        {
+            let mut parts = std::mem::take(&mut self.parts);
+            let Some(mut filepart) = parts.pop() else {
+                // Should never happen.
+                return;
+            };
+            let Some(textpart) = parts.pop() else {
+                // Should never happen.
+                return;
+            };
 
-            if need_drop {
-                let mut filepart = self.parts.swap_remove(1);
-
-                // insert new one
-                filepart.msg.clone_from(&self.parts[0].msg);
-                if let Some(quote) = self.parts[0].param.get(Param::Quote) {
-                    filepart.param.set(Param::Quote, quote);
-                }
-
-                // forget the one we use now
-                self.parts[0].msg = "".to_string();
-
-                // swap new with old
-                self.parts.push(filepart); // push to the end
-                let _ = self.parts.swap_remove(0); // drops first element, replacing it with the last one in O(1)
+            filepart.msg.clone_from(&textpart.msg);
+            if let Some(quote) = textpart.param.get(Param::Quote) {
+                filepart.param.set(Param::Quote, quote);
             }
+
+            self.parts = vec![filepart];
         }
     }
 
@@ -1158,7 +1222,7 @@ impl MimeMessage {
 
                         let is_format_flowed = if let Some(format) = mail.ctype.params.get("format")
                         {
-                            format.as_str().to_ascii_lowercase() == "flowed"
+                            format.as_str().eq_ignore_ascii_case("flowed")
                         } else {
                             false
                         };
@@ -1168,7 +1232,7 @@ impl MimeMessage {
                             && is_format_flowed
                         {
                             let delsp = if let Some(delsp) = mail.ctype.params.get("delsp") {
-                                delsp.as_str().to_ascii_lowercase() == "yes"
+                                delsp.as_str().eq_ignore_ascii_case("yes")
                             } else {
                                 false
                             };
@@ -1231,7 +1295,7 @@ impl MimeMessage {
         if decoded_data.is_empty() {
             return Ok(());
         }
-        if let Some(peerstate) = &mut self.decryption_info.peerstate {
+        if let Some(peerstate) = &mut self.peerstate {
             if peerstate.prefer_encrypt != EncryptPreference::Mutual
                 && mime_type.type_() == mime::APPLICATION
                 && mime_type.subtype().as_str() == "pgp-keys"
@@ -1600,17 +1664,8 @@ impl MimeMessage {
                 .get_header_value(HeaderDef::MessageId)
                 .and_then(|v| parse_message_id(&v).ok())
             {
-                let mut to_list =
-                    get_all_addresses_from_header(&report.headers, "x-failed-recipients");
-                let to = if to_list.len() == 1 {
-                    Some(to_list.pop().unwrap())
-                } else {
-                    None // We do not know which recipient failed
-                };
-
                 return Ok(Some(DeliveryReport {
                     rfc724_mid: original_message_id,
-                    failed_recipient: to.map(|s| s.addr),
                     failure,
                 }));
             }
@@ -1688,7 +1743,6 @@ impl MimeMessage {
     /// Some providers like GMX and Yahoo do not send standard NDNs (Non Delivery notifications).
     /// If you improve heuristics here you might also have to change prefetch_should_download() in imap/mod.rs.
     /// Also you should add a test in receive_imf.rs (there already are lots of test_parse_ndn_* tests).
-    #[allow(clippy::indexing_slicing)]
     async fn heuristically_parse_ndn(&mut self, context: &Context) {
         let maybe_ndn = if let Some(from) = self.get_header(HeaderDef::From_) {
             let from = from.to_ascii_lowercase();
@@ -1709,7 +1763,6 @@ impl MimeMessage {
                 {
                     self.delivery_report = Some(DeliveryReport {
                         rfc724_mid: original_message_id,
-                        failed_recipient: None,
                         failure: true,
                     })
                 }
@@ -1847,22 +1900,20 @@ pub(crate) struct Report {
 #[derive(Debug)]
 pub(crate) struct DeliveryReport {
     pub rfc724_mid: String,
-    pub failed_recipient: Option<String>,
     pub failure: bool,
 }
 
-#[allow(clippy::indexing_slicing)]
 pub(crate) fn parse_message_ids(ids: &str) -> Vec<String> {
     // take care with mailparse::msgidparse() that is pretty untolerant eg. wrt missing `<` or `>`
     let mut msgids = Vec::new();
     for id in ids.split_whitespace() {
         let mut id = id.to_string();
-        if id.starts_with('<') {
-            id = id[1..].to_string();
-        }
-        if id.ends_with('>') {
-            id = id[..id.len() - 1].to_string();
-        }
+        if let Some(id_without_prefix) = id.strip_prefix('<') {
+            id = id_without_prefix.to_string();
+        };
+        if let Some(id_without_suffix) = id.strip_suffix('>') {
+            id = id_without_suffix.to_string();
+        };
         if !id.is_empty() {
             msgids.push(id);
         }
@@ -2214,20 +2265,12 @@ async fn handle_ndn(
     let msgs: Vec<_> = context
         .sql
         .query_map(
-            concat!(
-                "SELECT",
-                "    m.id AS msg_id,",
-                "    c.id AS chat_id,",
-                "    c.type AS type",
-                " FROM msgs m LEFT JOIN chats c ON m.chat_id=c.id",
-                " WHERE rfc724_mid=? AND from_id=1",
-            ),
+            "SELECT id FROM msgs
+                WHERE rfc724_mid=? AND from_id=1",
             (&failed.rfc724_mid,),
             |row| {
-                let msg_id: MsgId = row.get("msg_id")?;
-                let chat_id: ChatId = row.get("chat_id")?;
-                let chat_type: Chattype = row.get("type")?;
-                Ok((msg_id, chat_id, chat_type))
+                let msg_id: MsgId = row.get(0)?;
+                Ok(msg_id)
             },
             |rows| Ok(rows.collect::<Vec<_>>()),
         )
@@ -2235,62 +2278,31 @@ async fn handle_ndn(
 
     let error = if let Some(error) = error {
         error
-    } else if let Some(failed_recipient) = &failed.failed_recipient {
-        format!("Delivery to {failed_recipient} failed.").clone()
     } else {
         "Delivery to at least one recipient failed.".to_string()
     };
+    let err_msg = &error;
 
-    let mut first = true;
     for msg in msgs {
-        let (msg_id, chat_id, chat_type) = msg?;
+        let msg_id = msg?;
         let mut message = Message::load_from_db(context, msg_id).await?;
-        set_msg_failed(context, &mut message, &error).await?;
-        if first {
-            // Add only one info msg for all failed messages
-            ndn_maybe_add_info_msg(context, failed, chat_id, chat_type).await?;
-        }
-        first = false;
+        let aggregated_error = message
+            .error
+            .as_ref()
+            .map(|err| format!("{}\n\n{}", err, err_msg));
+        set_msg_failed(
+            context,
+            &mut message,
+            aggregated_error.as_ref().unwrap_or(err_msg),
+        )
+        .await?;
     }
 
     Ok(())
 }
 
-async fn ndn_maybe_add_info_msg(
-    context: &Context,
-    failed: &DeliveryReport,
-    chat_id: ChatId,
-    chat_type: Chattype,
-) -> Result<()> {
-    match chat_type {
-        Chattype::Group | Chattype::Broadcast => {
-            if let Some(failed_recipient) = &failed.failed_recipient {
-                let contact_id =
-                    Contact::lookup_id_by_addr(context, failed_recipient, Origin::Unknown)
-                        .await?
-                        .context("contact ID not found")?;
-                let contact = Contact::get_by_id(context, contact_id).await?;
-                // Tell the user which of the recipients failed if we know that (because in
-                // a group, this might otherwise be unclear)
-                let text = stock_str::failed_sending_to(context, contact.get_display_name()).await;
-                add_info_msg(context, chat_id, &text, create_smeared_timestamp(context)).await?;
-                context.emit_event(EventType::ChatModified(chat_id));
-            }
-        }
-        Chattype::Mailinglist => {
-            // ndn_maybe_add_info_msg() is about the case when delivery to the group failed.
-            // If we get an NDN for the mailing list, just issue a warning.
-            warn!(context, "ignoring NDN for mailing list.");
-        }
-        Chattype::Single => {}
-    }
-    Ok(())
-}
-
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use mailparse::ParsedMail;
 
     use super::*;
@@ -3581,9 +3593,10 @@ On 2020-10-25, Bob wrote:
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_mime_modified_large_plain() -> Result<()> {
         let t = TestContext::new_alice().await;
+        let t1 = TestContext::new_alice().await;
 
         static REPEAT_TXT: &str = "this text with 42 chars is just repeated.\n";
-        static REPEAT_CNT: usize = 2000; // results in a text of 84k, should be more than DC_DESIRED_TEXT_LEN
+        static REPEAT_CNT: usize = DC_DESIRED_TEXT_LEN / REPEAT_TXT.len() + 2;
         let long_txt = format!("From: alice@c.de\n\n{}", REPEAT_TXT.repeat(REPEAT_CNT));
         assert_eq!(long_txt.matches("just repeated").count(), REPEAT_CNT);
         assert!(long_txt.len() > DC_DESIRED_TEXT_LEN);
@@ -3604,22 +3617,21 @@ On 2020-10-25, Bob wrote:
             if draft {
                 chat.id.set_draft(&t, Some(&mut msg)).await?;
             }
-            t.send_msg(chat.id, &mut msg).await;
+            let sent_msg = t.send_msg(chat.id, &mut msg).await;
             let msg = t.get_last_msg_in(chat.id).await;
             assert!(msg.has_html());
-            assert_eq!(
-                msg.id
-                    .get_html(&t)
-                    .await?
-                    .unwrap()
-                    .matches("just repeated")
-                    .count(),
-                REPEAT_CNT
-            );
+            let html = msg.id.get_html(&t).await?.unwrap();
+            assert_eq!(html.matches("<!DOCTYPE html>").count(), 1);
+            assert_eq!(html.matches("just repeated.<br/>").count(), REPEAT_CNT);
             assert!(
-                msg.text.matches("just repeated").count() <= DC_DESIRED_TEXT_LEN / REPEAT_TXT.len()
+                msg.text.matches("just repeated.").count()
+                    <= DC_DESIRED_TEXT_LEN / REPEAT_TXT.len()
             );
             assert!(msg.text.len() <= DC_DESIRED_TEXT_LEN + DC_ELLIPSIS.len());
+
+            let msg = t1.recv_msg(&sent_msg).await;
+            assert!(msg.has_html());
+            assert_eq!(msg.id.get_html(&t1).await?.unwrap(), html);
         }
 
         t.set_config(Config::Bot, Some("1")).await?;
@@ -3635,6 +3647,28 @@ On 2020-10-25, Bob wrote:
         Ok(())
     }
 
+    /// Tests that sender status (signature) does not appear
+    /// in HTML view of a long message.
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_large_message_no_signature() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        let bob = &tcm.bob().await;
+
+        alice
+            .set_config(Config::Selfstatus, Some("Some signature"))
+            .await?;
+        let chat = alice.create_chat(bob).await;
+        let txt = "Hello!\n".repeat(500);
+        let sent = alice.send_text(chat.id, &txt).await;
+        let msg = bob.recv_msg(&sent).await;
+
+        assert_eq!(msg.has_html(), true);
+        let html = msg.id.get_html(bob).await?.unwrap();
+        assert_eq!(html.contains("Some signature"), false);
+        Ok(())
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_x_microsoft_original_message_id() {
         let t = TestContext::new_alice().await;
@@ -4002,12 +4036,8 @@ Content-Disposition: reaction\n\
 
         // We do allow the time to be in the future a bit (because of unsynchronized clocks),
         // but only 60 seconds:
-        assert!(mime_message.decryption_info.message_time <= time() + 60);
-        assert!(mime_message.decryption_info.message_time >= beginning_time + 60);
-        assert_eq!(
-            mime_message.decryption_info.message_time,
-            mime_message.timestamp_sent
-        );
+        assert!(mime_message.timestamp_sent <= time() + 60);
+        assert!(mime_message.timestamp_sent >= beginning_time + 60);
         assert!(mime_message.timestamp_rcvd <= time());
 
         Ok(())
@@ -4078,4 +4108,24 @@ Content-Type: text/plain; charset=utf-8
             "alice@example.org"
         );
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_protect_autocrypt() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        let bob = &tcm.bob().await;
+
+        alice
+            .set_config_bool(Config::ProtectAutocrypt, true)
+            .await?;
+        bob.set_config_bool(Config::ProtectAutocrypt, true).await?;
+
+        let msg = tcm.send_recv_accept(alice, bob, "Hello!").await;
+        assert_eq!(msg.get_showpadlock(), false);
+
+        let msg = tcm.send_recv(bob, alice, "Hi!").await;
+        assert_eq!(msg.get_showpadlock(), true);
+
+        Ok(())
+    }
 }

src/net.rs

@@ -5,13 +5,13 @@ use std::pin::Pin;
 use std::time::Duration;
 
 use anyhow::{format_err, Context as _, Result};
-use async_native_tls::TlsStream;
 use tokio::net::TcpStream;
 use tokio::task::JoinSet;
 use tokio::time::timeout;
 use tokio_io_timeout::TimeoutStream;
 
 use crate::context::Context;
+use crate::net::session::SessionStream;
 use crate::sql::Sql;
 use crate::tools::time;
 
@@ -47,7 +47,7 @@ pub(crate) async fn prune_connection_history(context: &Context) -> Result<()> {
     Ok(())
 }
 
-/// Update the timestamp of the last successfull connection
+/// Update the timestamp of the last successful connection
 /// to the given `host` and `port`
 /// with the given application protocol `alpn`.
 ///
@@ -128,7 +128,7 @@ pub(crate) async fn connect_tls_inner(
     host: &str,
     strict_tls: bool,
     alpn: &[&str],
-) -> Result<TlsStream<Pin<Box<TimeoutStream<TcpStream>>>>> {
+) -> Result<impl SessionStream> {
     let tcp_stream = connect_tcp_inner(addr).await?;
     let tls_stream = wrap_tls(strict_tls, host, alpn, tcp_stream).await?;
     Ok(tls_stream)

src/net/proxy.rs

@@ -230,7 +230,7 @@ where
         .get(9..12)
         .context("HTTP status line does not contain a status code")?;
 
-    // Interpert status code according to
+    // Interpret status code according to
     // <https://datatracker.ietf.org/doc/html/rfc7231#section-6>.
     if status_code == b"407" {
         Err(format_err!("Proxy Authentication Required"))

src/net/tls.rs

@@ -2,45 +2,39 @@
 use std::sync::Arc;
 
 use anyhow::Result;
-use async_native_tls::{Certificate, Protocol, TlsConnector, TlsStream};
-use once_cell::sync::Lazy;
-use tokio::io::{AsyncRead, AsyncWrite};
 
-// this certificate is missing on older android devices (eg. lg with android6 from 2017)
-// certificate downloaded from https://letsencrypt.org/certificates/
-static LETSENCRYPT_ROOT: Lazy<Certificate> = Lazy::new(|| {
-    Certificate::from_der(include_bytes!(
-        "../../assets/root-certificates/letsencrypt/isrgrootx1.der"
-    ))
-    .unwrap()
-});
+use crate::net::session::SessionStream;
 
-pub async fn wrap_tls<T: AsyncRead + AsyncWrite + Unpin>(
+pub async fn wrap_tls(
     strict_tls: bool,
     hostname: &str,
     alpn: &[&str],
-    stream: T,
-) -> Result<TlsStream<T>> {
-    let tls_builder = TlsConnector::new()
-        .min_protocol_version(Some(Protocol::Tlsv12))
-        .request_alpns(alpn)
-        .add_root_certificate(LETSENCRYPT_ROOT.clone());
-    let tls = if strict_tls {
-        tls_builder
+    stream: impl SessionStream + 'static,
+) -> Result<impl SessionStream> {
+    if strict_tls {
+        let tls_stream = wrap_rustls(hostname, alpn, stream).await?;
+        let boxed_stream: Box<dyn SessionStream> = Box::new(tls_stream);
+        Ok(boxed_stream)
     } else {
-        tls_builder
+        // We use native_tls because it accepts 1024-bit RSA keys.
+        // Rustls does not support them even if
+        // certificate checks are disabled: <https://github.com/rustls/rustls/issues/234>.
+        let tls = async_native_tls::TlsConnector::new()
+            .min_protocol_version(Some(async_native_tls::Protocol::Tlsv12))
+            .request_alpns(alpn)
             .danger_accept_invalid_hostnames(true)
-            .danger_accept_invalid_certs(true)
-    };
-    let tls_stream = tls.connect(hostname, stream).await?;
-    Ok(tls_stream)
+            .danger_accept_invalid_certs(true);
+        let tls_stream = tls.connect(hostname, stream).await?;
+        let boxed_stream: Box<dyn SessionStream> = Box::new(tls_stream);
+        Ok(boxed_stream)
+    }
 }
 
-pub async fn wrap_rustls<T: AsyncRead + AsyncWrite + Unpin>(
+pub async fn wrap_rustls(
     hostname: &str,
     alpn: &[&str],
-    stream: T,
-) -> Result<tokio_rustls::client::TlsStream<T>> {
+    stream: impl SessionStream,
+) -> Result<impl SessionStream> {
     let mut root_cert_store = rustls::RootCertStore::empty();
     root_cert_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
 

src/peer_channels.rs

@@ -7,15 +7,15 @@
 //! when it's not required. Only when a webxdc subscribes to realtime data or when a reatlime message is sent,
 //! the p2p machinery should be started.
 //!
-//! Adding peer channels to webxdc needs upfront negotation of a topic and sharing of public keys so that
+//! Adding peer channels to webxdc needs upfront negotiation of a topic and sharing of public keys so that
 //! nodes can connect to each other. The explicit approach is as follows:
 //!
-//! 1. We introduce a new [GossipTopic](crate::headerdef::HeaderDef::IrohGossipTopic) message header with a random 32-byte TopicId,
+//! 1. We introduce a new [`IrohGossipTopic`](crate::headerdef::HeaderDef::IrohGossipTopic) message header with a random 32-byte TopicId,
 //!    securely generated on the initial webxdc sender's device. This message header is encrypted
 //!    and sent in the same message as the webxdc application.
 //! 2. Whenever `joinRealtimeChannel().setListener()` or `joinRealtimeChannel().send()` is called by the webxdc application,
 //!    we start a routine to establish p2p connectivity and join the gossip swarm with Iroh.
-//! 3. The first step of this routine is to introduce yourself with a regular message containing the `IrohPublicKey`.
+//! 3. The first step of this routine is to introduce yourself with a regular message containing the [`IrohNodeAddr`](crate::headerdef::HeaderDef::IrohNodeAddr).
 //!    This message contains the users relay-server and public key.
 //!    Direct IP address is not included as this information can be persisted by email providers.
 //! 4. After the announcement, the sending peer joins the gossip swarm with an empty list of peer IDs (as they don't know anyone yet).
@@ -78,6 +78,14 @@ impl Iroh {
         self.endpoint.network_change().await
     }
 
+    /// Closes the QUIC endpoint.
+    pub(crate) async fn close(self) -> Result<()> {
+        self.endpoint
+            .close(0u32.into(), b"")
+            .await
+            .context("Closing iroh endpoint failed")
+    }
+
     /// Join a topic and create the subscriber loop for it.
     ///
     /// If there is no gossip, create it.
@@ -285,15 +293,36 @@ impl Context {
     }
 
     /// Get or initialize the iroh peer channel.
-    pub async fn get_or_try_init_peer_channel(&self) -> Result<&Iroh> {
+    pub async fn get_or_try_init_peer_channel(
+        &self,
+    ) -> Result<tokio::sync::RwLockReadGuard<'_, Iroh>> {
         if !self.get_config_bool(Config::WebxdcRealtimeEnabled).await? {
             bail!("Attempt to get Iroh when realtime is disabled");
         }
 
-        let ctx = self.clone();
-        self.iroh
-            .get_or_try_init(|| async { ctx.init_peer_channels().await })
-            .await
+        if let Ok(lock) = tokio::sync::RwLockReadGuard::<'_, std::option::Option<Iroh>>::try_map(
+            self.iroh.read().await,
+            |opt_iroh| opt_iroh.as_ref(),
+        ) {
+            return Ok(lock);
+        }
+
+        let lock = self.iroh.write().await;
+        match tokio::sync::RwLockWriteGuard::<'_, std::option::Option<Iroh>>::try_downgrade_map(
+            lock,
+            |opt_iroh| opt_iroh.as_ref(),
+        ) {
+            Ok(lock) => Ok(lock),
+            Err(mut lock) => {
+                let iroh = self.init_peer_channels().await?;
+                *lock = Some(iroh);
+                tokio::sync::RwLockWriteGuard::<'_, std::option::Option<Iroh>>::try_downgrade_map(
+                    lock,
+                    |opt_iroh| opt_iroh.as_ref(),
+                )
+                .map_err(|_| anyhow!("Downgrade should succeed as we just stored `Some` value"))
+            }
+        }
     }
 }
 
@@ -626,7 +655,6 @@ mod tests {
                 break;
             }
         }
-        let bob_iroh = bob.get_or_try_init_peer_channel().await.unwrap();
 
         // Bob adds alice to gossip peers.
         let members = get_iroh_gossip_peers(bob, bob_webxdc.id)
@@ -636,13 +664,23 @@ mod tests {
             .map(|addr| addr.node_id)
             .collect::<Vec<_>>();
 
-        let alice_iroh = alice.get_or_try_init_peer_channel().await.unwrap();
         assert_eq!(
             members,
-            vec![alice_iroh.get_node_addr().await.unwrap().node_id]
+            vec![
+                alice
+                    .get_or_try_init_peer_channel()
+                    .await
+                    .unwrap()
+                    .get_node_addr()
+                    .await
+                    .unwrap()
+                    .node_id
+            ]
         );
 
-        bob_iroh
+        bob.get_or_try_init_peer_channel()
+            .await
+            .unwrap()
             .join_and_subscribe_gossip(bob, bob_webxdc.id)
             .await
             .unwrap()
@@ -651,7 +689,10 @@ mod tests {
             .unwrap();
 
         // Alice sends ephemeral message
-        alice_iroh
+        alice
+            .get_or_try_init_peer_channel()
+            .await
+            .unwrap()
             .send_webxdc_realtime_data(alice, alice_webxdc.id, "alice -> bob".as_bytes().to_vec())
             .await
             .unwrap();
@@ -670,7 +711,9 @@ mod tests {
             }
         }
         // Bob sends ephemeral message
-        bob_iroh
+        bob.get_or_try_init_peer_channel()
+            .await
+            .unwrap()
             .send_webxdc_realtime_data(bob, bob_webxdc.id, "bob -> alice".as_bytes().to_vec())
             .await
             .unwrap();
@@ -699,10 +742,20 @@ mod tests {
 
         assert_eq!(
             members,
-            vec![bob_iroh.get_node_addr().await.unwrap().node_id]
+            vec![
+                bob.get_or_try_init_peer_channel()
+                    .await
+                    .unwrap()
+                    .get_node_addr()
+                    .await
+                    .unwrap()
+                    .node_id
+            ]
         );
 
-        bob_iroh
+        bob.get_or_try_init_peer_channel()
+            .await
+            .unwrap()
             .send_webxdc_realtime_data(bob, bob_webxdc.id, "bob -> alice 2".as_bytes().to_vec())
             .await
             .unwrap();
@@ -720,6 +773,12 @@ mod tests {
                 }
             }
         }
+
+        // Calling stop_io() closes iroh endpoint as well,
+        // even though I/O was not started in this test.
+        assert!(alice.iroh.read().await.is_some());
+        alice.stop_io().await;
+        assert!(alice.iroh.read().await.is_none());
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -761,7 +820,6 @@ mod tests {
             .unwrap();
 
         bob.recv_msg_trash(&alice.pop_sent_msg().await).await;
-        let bob_iroh = bob.get_or_try_init_peer_channel().await.unwrap();
 
         // Bob adds alice to gossip peers.
         let members = get_iroh_gossip_peers(bob, bob_webxdc.id)
@@ -771,13 +829,23 @@ mod tests {
             .map(|addr| addr.node_id)
             .collect::<Vec<_>>();
 
-        let alice_iroh = alice.get_or_try_init_peer_channel().await.unwrap();
         assert_eq!(
             members,
-            vec![alice_iroh.get_node_addr().await.unwrap().node_id]
+            vec![
+                alice
+                    .get_or_try_init_peer_channel()
+                    .await
+                    .unwrap()
+                    .get_node_addr()
+                    .await
+                    .unwrap()
+                    .node_id
+            ]
         );
 
-        bob_iroh
+        bob.get_or_try_init_peer_channel()
+            .await
+            .unwrap()
             .join_and_subscribe_gossip(bob, bob_webxdc.id)
             .await
             .unwrap()
@@ -786,7 +854,10 @@ mod tests {
             .unwrap();
 
         // Alice sends ephemeral message
-        alice_iroh
+        alice
+            .get_or_try_init_peer_channel()
+            .await
+            .unwrap()
             .send_webxdc_realtime_data(alice, alice_webxdc.id, "alice -> bob".as_bytes().to_vec())
             .await
             .unwrap();
@@ -811,7 +882,9 @@ mod tests {
             .unwrap();
         let bob_sequence_number = bob
             .iroh
-            .get()
+            .read()
+            .await
+            .as_ref()
             .unwrap()
             .sequence_numbers
             .lock()
@@ -820,7 +893,9 @@ mod tests {
         leave_webxdc_realtime(bob, bob_webxdc.id).await.unwrap();
         let bob_sequence_number_after = bob
             .iroh
-            .get()
+            .read()
+            .await
+            .as_ref()
             .unwrap()
             .sequence_numbers
             .lock()
@@ -829,7 +904,9 @@ mod tests {
         // Check that sequence number is persisted when leaving the channel.
         assert_eq!(bob_sequence_number, bob_sequence_number_after);
 
-        bob_iroh
+        bob.get_or_try_init_peer_channel()
+            .await
+            .unwrap()
             .join_and_subscribe_gossip(bob, bob_webxdc.id)
             .await
             .unwrap()
@@ -837,7 +914,9 @@ mod tests {
             .await
             .unwrap();
 
-        bob_iroh
+        bob.get_or_try_init_peer_channel()
+            .await
+            .unwrap()
             .send_webxdc_realtime_data(bob, bob_webxdc.id, "bob -> alice".as_bytes().to_vec())
             .await
             .unwrap();
@@ -856,11 +935,20 @@ mod tests {
             }
         }
 
-        // channel is only used to remeber if an advertisement has been sent
+        // channel is only used to remember if an advertisement has been sent
         // bob for example does not change the channels because he never sends an
         // advertisement
         assert_eq!(
-            alice.iroh.get().unwrap().iroh_channels.read().await.len(),
+            alice
+                .iroh
+                .read()
+                .await
+                .as_ref()
+                .unwrap()
+                .iroh_channels
+                .read()
+                .await
+                .len(),
             1
         );
         leave_webxdc_realtime(alice, alice_webxdc.id).await.unwrap();
@@ -870,7 +958,9 @@ mod tests {
             .unwrap();
         assert!(alice
             .iroh
-            .get()
+            .read()
+            .await
+            .as_ref()
             .unwrap()
             .iroh_channels
             .read()
@@ -963,19 +1053,19 @@ mod tests {
             .await
             .unwrap();
 
-        assert!(alice.ctx.iroh.get().is_none());
+        assert!(alice.ctx.iroh.read().await.is_none());
 
         // creates iroh endpoint as side effect
         send_webxdc_realtime_data(alice, MsgId::new(1), vec![])
             .await
             .unwrap();
 
-        assert!(alice.ctx.iroh.get().is_none());
+        assert!(alice.ctx.iroh.read().await.is_none());
 
         // creates iroh endpoint as side effect
         leave_webxdc_realtime(alice, MsgId::new(1)).await.unwrap();
 
-        assert!(alice.ctx.iroh.get().is_none());
+        assert!(alice.ctx.iroh.read().await.is_none());
 
         // This internal function should return error
         // if accidentally called with the setting disabled.

src/peerstate.rs

@@ -121,7 +121,7 @@ impl Peerstate {
             last_seen_autocrypt: last_seen,
             prefer_encrypt,
             public_key: Some(public_key.clone()),
-            public_key_fingerprint: Some(public_key.fingerprint()),
+            public_key_fingerprint: Some(public_key.dc_fingerprint()),
             gossip_key: None,
             gossip_key_fingerprint: None,
             gossip_timestamp: 0,
@@ -153,7 +153,7 @@ impl Peerstate {
             public_key: None,
             public_key_fingerprint: None,
             gossip_key: Some(gossip_header.public_key.clone()),
-            gossip_key_fingerprint: Some(gossip_header.public_key.fingerprint()),
+            gossip_key_fingerprint: Some(gossip_header.public_key.dc_fingerprint()),
             gossip_timestamp: message_time,
             verified_key: None,
             verified_key_fingerprint: None,
@@ -308,7 +308,7 @@ impl Peerstate {
     pub fn recalc_fingerprint(&mut self) {
         if let Some(ref public_key) = self.public_key {
             let old_public_fingerprint = self.public_key_fingerprint.take();
-            self.public_key_fingerprint = Some(public_key.fingerprint());
+            self.public_key_fingerprint = Some(public_key.dc_fingerprint());
 
             if old_public_fingerprint.is_some()
                 && old_public_fingerprint != self.public_key_fingerprint
@@ -319,7 +319,7 @@ impl Peerstate {
 
         if let Some(ref gossip_key) = self.gossip_key {
             let old_gossip_fingerprint = self.gossip_key_fingerprint.take();
-            self.gossip_key_fingerprint = Some(gossip_key.fingerprint());
+            self.gossip_key_fingerprint = Some(gossip_key.dc_fingerprint());
 
             if old_gossip_fingerprint.is_none()
                 || self.gossip_key_fingerprint.is_none()
@@ -506,7 +506,7 @@ impl Peerstate {
         fingerprint: Fingerprint,
         verifier: String,
     ) -> Result<()> {
-        if key.fingerprint() == fingerprint {
+        if key.dc_fingerprint() == fingerprint {
             self.verified_key = Some(key);
             self.verified_key_fingerprint = Some(fingerprint);
             self.verifier = Some(verifier);
@@ -524,7 +524,7 @@ impl Peerstate {
     /// do nothing to avoid overwriting secondary verified key
     /// which may be different.
     pub fn set_secondary_verified_key(&mut self, gossip_key: SignedPublicKey, verifier: String) {
-        let fingerprint = gossip_key.fingerprint();
+        let fingerprint = gossip_key.dc_fingerprint();
         if self.verified_key_fingerprint.as_ref() != Some(&fingerprint) {
             self.secondary_verified_key = Some(gossip_key);
             self.secondary_verified_key_fingerprint = Some(fingerprint);
@@ -542,6 +542,8 @@ impl Peerstate {
     /// * `old_addr`: Old address of the peerstate in case of an AEAP transition.
     pub(crate) async fn save_to_db_ex(&self, sql: &Sql, old_addr: Option<&str>) -> Result<()> {
         let trans_fn = |t: &mut rusqlite::Transaction| {
+            let verified_key_fingerprint =
+                self.verified_key_fingerprint.as_ref().map(|fp| fp.hex());
             if let Some(old_addr) = old_addr {
                 // We are doing an AEAP transition to the new address and the SQL INSERT below will
                 // save the existing peerstate as belonging to this new address. We now need to
@@ -551,11 +553,14 @@ impl Peerstate {
                 // existing peerstate as this would break encryption to it. This is critical for
                 // non-verified groups -- if we can't encrypt to the old address, we can't securely
                 // remove it from the group (to add the new one instead).
+                //
+                // NB: We check that `verified_key_fingerprint` hasn't changed to protect from
+                // possible races.
                 t.execute(
-                    "UPDATE acpeerstates \
-                     SET verified_key=NULL, verified_key_fingerprint='', verifier='' \
-                     WHERE addr=?",
-                    (old_addr,),
+                    "UPDATE acpeerstates
+                     SET verified_key=NULL, verified_key_fingerprint='', verifier=''
+                     WHERE addr=? AND verified_key_fingerprint=?",
+                    (old_addr, &verified_key_fingerprint),
                 )?;
             }
             t.execute(
@@ -604,7 +609,7 @@ impl Peerstate {
                     self.public_key_fingerprint.as_ref().map(|fp| fp.hex()),
                     self.gossip_key_fingerprint.as_ref().map(|fp| fp.hex()),
                     self.verified_key.as_ref().map(|k| k.to_bytes()),
-                    self.verified_key_fingerprint.as_ref().map(|fp| fp.hex()),
+                    &verified_key_fingerprint,
                     self.verifier.as_deref().unwrap_or(""),
                     self.secondary_verified_key.as_ref().map(|k| k.to_bytes()),
                     self.secondary_verified_key_fingerprint
@@ -766,8 +771,7 @@ pub(crate) async fn maybe_do_aeap_transition(
     context: &Context,
     mime_parser: &mut crate::mimeparser::MimeMessage,
 ) -> Result<()> {
-    let info = &mime_parser.decryption_info;
-    let Some(peerstate) = &info.peerstate else {
+    let Some(peerstate) = &mime_parser.peerstate else {
         return Ok(());
     };
 
@@ -815,13 +819,13 @@ pub(crate) async fn maybe_do_aeap_transition(
 
         // DC avoids sending messages with the same timestamp, that's why messages
         // with equal timestamps are ignored here unlike in `Peerstate::apply_header()`.
-        if info.message_time <= peerstate.last_seen {
+        if mime_parser.timestamp_sent <= peerstate.last_seen {
             info!(
                 context,
                 "Not doing AEAP from {} to {} because {} < {}.",
                 &peerstate.addr,
                 &mime_parser.from.addr,
-                info.message_time,
+                mime_parser.timestamp_sent,
                 peerstate.last_seen
             );
             return Ok(());
@@ -832,24 +836,23 @@ pub(crate) async fn maybe_do_aeap_transition(
             "Doing AEAP transition from {} to {}.", &peerstate.addr, &mime_parser.from.addr
         );
 
-        let info = &mut mime_parser.decryption_info;
-        let peerstate = info.peerstate.as_mut().context("no peerstate??")?;
+        let peerstate = mime_parser.peerstate.as_mut().context("no peerstate??")?;
         // Add info messages to chats with this (verified) contact
         //
         peerstate
             .handle_setup_change(
                 context,
-                info.message_time,
-                PeerstateChange::Aeap(info.from.clone()),
+                mime_parser.timestamp_sent,
+                PeerstateChange::Aeap(mime_parser.from.addr.clone()),
             )
             .await?;
 
         let old_addr = mem::take(&mut peerstate.addr);
-        peerstate.addr.clone_from(&info.from);
-        let header = info.autocrypt_header.as_ref().context(
+        peerstate.addr.clone_from(&mime_parser.from.addr);
+        let header = mime_parser.autocrypt_header.as_ref().context(
             "Internal error: Tried to do an AEAP transition without an autocrypt header??",
         )?;
-        peerstate.apply_header(context, header, info.message_time);
+        peerstate.apply_header(context, header, mime_parser.timestamp_sent);
 
         peerstate
             .save_to_db_ex(&context.sql, Some(&old_addr))
@@ -890,12 +893,12 @@ mod tests {
             last_seen_autocrypt: 11,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: Some(pub_key.clone()),
             gossip_timestamp: 12,
-            gossip_key_fingerprint: Some(pub_key.fingerprint()),
+            gossip_key_fingerprint: Some(pub_key.dc_fingerprint()),
             verified_key: Some(pub_key.clone()),
-            verified_key_fingerprint: Some(pub_key.fingerprint()),
+            verified_key_fingerprint: Some(pub_key.dc_fingerprint()),
             verifier: None,
             secondary_verified_key: None,
             secondary_verified_key_fingerprint: None,
@@ -915,7 +918,7 @@ mod tests {
             .expect("no peerstate found in the database");
 
         assert_eq!(peerstate, peerstate_new);
-        let peerstate_new2 = Peerstate::from_fingerprint(&ctx.ctx, &pub_key.fingerprint())
+        let peerstate_new2 = Peerstate::from_fingerprint(&ctx.ctx, &pub_key.dc_fingerprint())
             .await
             .expect("failed to load peerstate from db")
             .expect("no peerstate found in the database");
@@ -934,7 +937,7 @@ mod tests {
             last_seen_autocrypt: 11,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: None,
             gossip_timestamp: 12,
             gossip_key_fingerprint: None,
@@ -971,7 +974,7 @@ mod tests {
             last_seen_autocrypt: 11,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: None,
             gossip_timestamp: 12,
             gossip_key_fingerprint: None,

src/pgp.rs

@@ -14,7 +14,7 @@ use pgp::composed::{
 use pgp::crypto::ecc_curve::ECCCurve;
 use pgp::crypto::hash::HashAlgorithm;
 use pgp::crypto::sym::SymmetricKeyAlgorithm;
-use pgp::types::{CompressionAlgorithm, KeyTrait, Mpi, PublicKeyTrait, StringToKey};
+use pgp::types::{CompressionAlgorithm, PublicKeyTrait, SignatureBytes, StringToKey};
 use rand::{thread_rng, CryptoRng, Rng};
 use tokio::runtime::Handle;
 
@@ -41,8 +41,15 @@ enum SignedPublicKeyOrSubkey<'a> {
     Subkey(&'a SignedPublicSubKey),
 }
 
-impl KeyTrait for SignedPublicKeyOrSubkey<'_> {
-    fn fingerprint(&self) -> Vec<u8> {
+impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
+    fn version(&self) -> pgp::types::KeyVersion {
+        match self {
+            Self::Key(k) => k.version(),
+            Self::Subkey(k) => k.version(),
+        }
+    }
+
+    fn fingerprint(&self) -> pgp::types::Fingerprint {
         match self {
             Self::Key(k) => k.fingerprint(),
             Self::Subkey(k) => k.fingerprint(),
@@ -62,14 +69,26 @@ impl KeyTrait for SignedPublicKeyOrSubkey<'_> {
             Self::Subkey(k) => k.algorithm(),
         }
     }
-}
 
-impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
+    fn created_at(&self) -> &chrono::DateTime<chrono::Utc> {
+        match self {
+            Self::Key(k) => k.created_at(),
+            Self::Subkey(k) => k.created_at(),
+        }
+    }
+
+    fn expiration(&self) -> Option<u16> {
+        match self {
+            Self::Key(k) => k.expiration(),
+            Self::Subkey(k) => k.expiration(),
+        }
+    }
+
     fn verify_signature(
         &self,
         hash: HashAlgorithm,
         data: &[u8],
-        sig: &[Mpi],
+        sig: &SignatureBytes,
     ) -> pgp::errors::Result<()> {
         match self {
             Self::Key(k) => k.verify_signature(hash, data, sig),
@@ -79,19 +98,27 @@ impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
 
     fn encrypt<R: Rng + CryptoRng>(
         &self,
-        rng: &mut R,
+        rng: R,
         plain: &[u8],
-    ) -> pgp::errors::Result<Vec<Mpi>> {
+        typ: pgp::types::EskType,
+    ) -> pgp::errors::Result<pgp::types::PkeskBytes> {
         match self {
-            Self::Key(k) => k.encrypt(rng, plain),
-            Self::Subkey(k) => k.encrypt(rng, plain),
+            Self::Key(k) => k.encrypt(rng, plain, typ),
+            Self::Subkey(k) => k.encrypt(rng, plain, typ),
         }
     }
 
-    fn to_writer_old(&self, writer: &mut impl io::Write) -> pgp::errors::Result<()> {
+    fn serialize_for_hashing(&self, writer: &mut impl io::Write) -> pgp::errors::Result<()> {
         match self {
-            Self::Key(k) => k.to_writer_old(writer),
-            Self::Subkey(k) => k.to_writer_old(writer),
+            Self::Key(k) => k.serialize_for_hashing(writer),
+            Self::Subkey(k) => k.serialize_for_hashing(writer),
+        }
+    }
+
+    fn public_params(&self) -> &pgp::types::PublicParams {
+        match self {
+            Self::Key(k) => k.public_params(),
+            Self::Subkey(k) => k.public_params(),
         }
     }
 }
@@ -160,9 +187,10 @@ pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Res
     let (signing_key_type, encryption_key_type) = match keygen_type {
         KeyGenType::Rsa2048 => (PgpKeyType::Rsa(2048), PgpKeyType::Rsa(2048)),
         KeyGenType::Rsa4096 => (PgpKeyType::Rsa(4096), PgpKeyType::Rsa(4096)),
-        KeyGenType::Ed25519 | KeyGenType::Default => {
-            (PgpKeyType::EdDSA, PgpKeyType::ECDH(ECCCurve::Curve25519))
-        }
+        KeyGenType::Ed25519 | KeyGenType::Default => (
+            PgpKeyType::EdDSALegacy,
+            PgpKeyType::ECDH(ECCCurve::Curve25519),
+        ),
     };
 
     let user_id = format!("<{addr}>");
@@ -199,10 +227,11 @@ pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Res
         .build()
         .context("failed to build key parameters")?;
 
+    let mut rng = thread_rng();
     let secret_key = key_params
-        .generate()
+        .generate(&mut rng)
         .context("failed to generate the key")?
-        .sign(|| "".into())
+        .sign(&mut rng, || "".into())
         .context("failed to sign secret key")?;
     secret_key
         .verify()
@@ -261,15 +290,19 @@ pub async fn pk_encrypt(
             let mut rng = thread_rng();
 
             let encrypted_msg = if let Some(ref skey) = private_key_for_signing {
-                let signed_msg = lit_msg.sign(skey, || "".into(), HASH_ALGORITHM)?;
+                let signed_msg = lit_msg.sign(&mut rng, skey, || "".into(), HASH_ALGORITHM)?;
                 let compressed_msg = if compress {
                     signed_msg.compress(CompressionAlgorithm::ZLIB)?
                 } else {
                     signed_msg
                 };
-                compressed_msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
+                compressed_msg.encrypt_to_keys_seipdv1(
+                    &mut rng,
+                    SYMMETRIC_KEY_ALGORITHM,
+                    &pkeys_refs,
+                )?
             } else {
-                lit_msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
+                lit_msg.encrypt_to_keys_seipdv1(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
             };
 
             let encoded_msg = encrypted_msg.to_armored_string(Default::default())?;
@@ -284,7 +317,9 @@ pub fn pk_calc_signature(
     plain: &[u8],
     private_key_for_signing: &SignedSecretKey,
 ) -> Result<String> {
+    let mut rng = thread_rng();
     let msg = Message::new_literal_bytes("", plain).sign(
+        &mut rng,
         private_key_for_signing,
         || "".into(),
         HASH_ALGORITHM,
@@ -297,43 +332,43 @@ pub fn pk_calc_signature(
 ///
 /// Receiver private keys are provided in
 /// `private_keys_for_decryption`.
-///
-/// Returns decrypted message and fingerprints
-/// of all keys from the `public_keys_for_validation` keyring that
-/// have valid signatures there.
-#[allow(clippy::implicit_hasher)]
 pub fn pk_decrypt(
     ctext: Vec<u8>,
     private_keys_for_decryption: &[SignedSecretKey],
-    public_keys_for_validation: &[SignedPublicKey],
-) -> Result<(Vec<u8>, HashSet<Fingerprint>)> {
-    let mut ret_signature_fingerprints: HashSet<Fingerprint> = Default::default();
-
+) -> Result<pgp::composed::Message> {
     let cursor = Cursor::new(ctext);
-    let (msg, _) = Message::from_armor_single(cursor)?;
+    let (msg, _headers) = Message::from_armor_single(cursor)?;
 
     let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption.iter().collect();
 
-    let (msg, _) = msg.decrypt(|| "".into(), &skeys[..])?;
+    let (msg, _key_ids) = msg.decrypt(|| "".into(), &skeys[..])?;
 
     // get_content() will decompress the message if needed,
     // but this avoids decompressing it again to check signatures
     let msg = msg.decompress()?;
 
-    let content = match msg.get_content()? {
-        Some(content) => content,
-        None => bail!("The decrypted message is empty"),
-    };
+    Ok(msg)
+}
 
+/// Returns fingerprints
+/// of all keys from the `public_keys_for_validation` keyring that
+/// have valid signatures there.
+///
+/// If the message is wrongly signed, HashSet will be empty.
+pub fn valid_signature_fingerprints(
+    msg: &pgp::composed::Message,
+    public_keys_for_validation: &[SignedPublicKey],
+) -> Result<HashSet<Fingerprint>> {
+    let mut ret_signature_fingerprints: HashSet<Fingerprint> = Default::default();
     if let signed_msg @ pgp::composed::Message::Signed { .. } = msg {
         for pkey in public_keys_for_validation {
             if signed_msg.verify(&pkey.primary_key).is_ok() {
-                let fp = DcKey::fingerprint(pkey);
+                let fp = pkey.dc_fingerprint();
                 ret_signature_fingerprints.insert(fp);
             }
         }
     }
-    Ok((content, ret_signature_fingerprints))
+    Ok(ret_signature_fingerprints)
 }
 
 /// Validates detached signature.
@@ -355,7 +390,7 @@ pub fn pk_validate(
 
     for pkey in public_keys_for_validation {
         if standalone_signature.verify(pkey, content).is_ok() {
-            let fp = DcKey::fingerprint(pkey);
+            let fp = pkey.dc_fingerprint();
             ret.insert(fp);
         }
     }
@@ -370,8 +405,12 @@ pub async fn symm_encrypt(passphrase: &str, plain: &[u8]) -> Result<String> {
     tokio::task::spawn_blocking(move || {
         let mut rng = thread_rng();
         let s2k = StringToKey::new_default(&mut rng);
-        let msg =
-            lit_msg.encrypt_with_password(&mut rng, s2k, SYMMETRIC_KEY_ALGORITHM, || passphrase)?;
+        let msg = lit_msg.encrypt_with_password_seipdv1(
+            &mut rng,
+            s2k,
+            SYMMETRIC_KEY_ALGORITHM,
+            || passphrase,
+        )?;
 
         let encoded_msg = msg.to_armored_string(Default::default())?;
 
@@ -407,6 +446,18 @@ mod tests {
     use super::*;
     use crate::test_utils::{alice_keypair, bob_keypair};
 
+    fn pk_decrypt_and_validate(
+        ctext: Vec<u8>,
+        private_keys_for_decryption: &[SignedSecretKey],
+        public_keys_for_validation: &[SignedPublicKey],
+    ) -> Result<(pgp::composed::Message, HashSet<Fingerprint>)> {
+        let msg = pk_decrypt(ctext, private_keys_for_decryption)?;
+        let ret_signature_fingerprints =
+            valid_signature_fingerprints(&msg, public_keys_for_validation)?;
+
+        Ok((msg, ret_signature_fingerprints))
+    }
+
     #[test]
     fn test_split_armored_data_1() {
         let (typ, _headers, base64) = split_armored_data(
@@ -534,34 +585,35 @@ mod tests {
         // Check decrypting as Alice
         let decrypt_keyring = vec![KEYS.alice_secret.clone()];
         let sig_check_keyring = vec![KEYS.alice_public.clone()];
-        let (plain, valid_signatures) = pk_decrypt(
+        let (msg, valid_signatures) = pk_decrypt_and_validate(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 1);
 
         // Check decrypting as Bob
         let decrypt_keyring = vec![KEYS.bob_secret.clone()];
         let sig_check_keyring = vec![KEYS.alice_public.clone()];
-        let (plain, valid_signatures) = pk_decrypt(
+        let (msg, valid_signatures) = pk_decrypt_and_validate(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 1);
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_no_sig_check() {
         let keyring = vec![KEYS.alice_secret.clone()];
-        let (plain, valid_signatures) =
-            pk_decrypt(ctext_signed().await.as_bytes().to_vec(), &keyring, &[]).unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        let (msg, valid_signatures) =
+            pk_decrypt_and_validate(ctext_signed().await.as_bytes().to_vec(), &keyring, &[])
+                .unwrap();
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 0);
     }
 
@@ -570,26 +622,26 @@ mod tests {
         // The validation does not have the public key of the signer.
         let decrypt_keyring = vec![KEYS.bob_secret.clone()];
         let sig_check_keyring = vec![KEYS.bob_public.clone()];
-        let (plain, valid_signatures) = pk_decrypt(
+        let (msg, valid_signatures) = pk_decrypt_and_validate(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 0);
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_unsigned() {
         let decrypt_keyring = vec![KEYS.bob_secret.clone()];
-        let (plain, valid_signatures) = pk_decrypt(
+        let (msg, valid_signatures) = pk_decrypt_and_validate(
             ctext_unsigned().await.as_bytes().to_vec(),
             &decrypt_keyring,
             &[],
         )
         .unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 0);
     }
 }

src/plaintext.rs

@@ -2,7 +2,7 @@
 
 use once_cell::sync::Lazy;
 
-use crate::simplify::split_lines;
+use crate::simplify::remove_message_footer;
 
 /// Plaintext message body together with format=flowed attributes.
 #[derive(Debug)]
@@ -32,7 +32,8 @@ impl PlainText {
             regex::Regex::new(r"\b((http|https|ftp|ftps):[\w.,:;$/@!?&%\-~=#+]+)").unwrap()
         });
 
-        let lines = split_lines(&self.text);
+        let lines: Vec<&str> = self.text.lines().collect();
+        let (lines, _footer) = remove_message_footer(&lines);
 
         let mut ret = r#"<!DOCTYPE html>
 <html><head>
@@ -136,7 +137,28 @@ line 1<br/>
 line 2<br/>
 line with <a href="https://link-mid-of-line.org">https://link-mid-of-line.org</a> and <a href="http://link-end-of-line.com/file?foo=bar%20">http://link-end-of-line.com/file?foo=bar%20</a><br/>
 <a href="http://link-at-start-of-line.org">http://link-at-start-of-line.org</a><br/>
-<br/>
+</body></html>
+"#
+        );
+    }
+
+    #[test]
+    fn test_plain_remove_signature() {
+        let html = PlainText {
+            text: "Foo\nbar\n-- \nSignature here".to_string(),
+            flowed: false,
+            delsp: false,
+        }
+        .to_html();
+        assert_eq!(
+            html,
+            r#"<!DOCTYPE html>
+<html><head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="color-scheme" content="light dark" />
+</head><body>
+Foo<br/>
+bar<br/>
 </body></html>
 "#
         );

src/provider.rs

@@ -288,8 +288,6 @@ pub fn get_provider_by_id(id: &str) -> Option<&'static Provider> {
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
     use crate::test_utils::TestContext;
 

src/push.rs

@@ -1,10 +1,24 @@
+//! # Push notifications module.
+//!
+//! This module is responsible for Apple Push Notification Service
+//! and Firebase Cloud Messaging push notifications.
+//!
+//! It provides [`PushSubscriber`] type
+//! which holds push notification token for the device,
+//! shared by all accounts.
 use std::sync::atomic::Ordering;
 use std::sync::Arc;
 
-use anyhow::Result;
+use anyhow::{Context as _, Result};
+use base64::Engine as _;
+use pgp::crypto::aead::AeadAlgorithm;
+use pgp::crypto::sym::SymmetricKeyAlgorithm;
+use pgp::ser::Serialize;
+use rand::thread_rng;
 use tokio::sync::RwLock;
 
 use crate::context::Context;
+use crate::key::DcKey;
 
 /// Manages subscription to Apple Push Notification services.
 ///
@@ -24,20 +38,85 @@ pub struct PushSubscriber {
     inner: Arc<RwLock<PushSubscriberState>>,
 }
 
+/// The key was generated with
+/// `rsop generate-key --profile rfc9580`
+/// and public key was extracted with `rsop extract-cert`.
+const NOTIFIERS_PUBLIC_KEY: &str = "-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+xioGZ03cdhsAAAAg6PasQQylEuWAp9N5PXN93rqjZdqOqN3s9RJEU/K8FZzCsAYf
+GwoAAABBBQJnTdx2AhsDAh4JCAsJCAcKDQwLBRUKCQgLAhYCIiEGiJJktnCmEtXa
+qsSIGRJtupMnxycz/yT0xZK9ez+YkmIAAAAAUfgg/sg0sR2mytzADFBpNAaY0Hyu
+aru8ics3eUkeNn2ziL4ZsIMx+4mcM5POvD0PG9LtH8Rz/y9iItD0c2aoRBab7iri
+/gDm6aQuj3xXgtAiXdaN9s+QPxR9gY/zG1t9iXgBzioGZ03cdhkAAAAgwJ0wQFsk
+MGH4jklfK1fFhYoQZMjEFCRBIk+r1S+WaSDClQYYGwgAAAAsBQJnTdx2AhsMIiEG
+iJJktnCmEtXaqsSIGRJtupMnxycz/yT0xZK9ez+YkmIAAAAKCRCIkmS2cKYS1WdP
+EFerccH2BoIPNbrxi6hwvxxy7G1mHg//ofD90fqmeY9xTfKMYl16bqQh4R1PiYd5
+LMc5VqgXHgioqTYKbltlOtWC+HDt/PrymQsN4q/aEmsM
+=5jvt
+-----END PGP PUBLIC KEY BLOCK-----";
+
+/// Pads the token with spaces.
+///
+/// This makes it impossible to tell
+/// if the user is an Apple user with shorter tokens
+/// or FCM user with longer tokens by the length of ciphertext.
+fn pad_device_token(s: &str) -> String {
+    // 512 is larger than any token, tokens seen so far have not been larger than 200 bytes.
+    let expected_len: usize = 512;
+    let payload_len = s.len();
+    let padding_len = expected_len.saturating_sub(payload_len);
+    let padding = " ".repeat(padding_len);
+    let res = format!("{s}{padding}");
+    debug_assert_eq!(res.len(), expected_len);
+    res
+}
+
+/// Encrypts device token with OpenPGP.
+///
+/// The result is base64-encoded and not ASCII armored to avoid dealing with newlines.
+pub(crate) fn encrypt_device_token(device_token: &str) -> Result<String> {
+    let public_key = pgp::composed::SignedPublicKey::from_asc(NOTIFIERS_PUBLIC_KEY)?.0;
+    let encryption_subkey = public_key
+        .public_subkeys
+        .first()
+        .context("No encryption subkey found")?;
+    let padded_device_token = pad_device_token(device_token);
+    let literal_message = pgp::composed::Message::new_literal("", &padded_device_token);
+    let mut rng = thread_rng();
+    let chunk_size = 8;
+
+    let encrypted_message = literal_message.encrypt_to_keys_seipdv2(
+        &mut rng,
+        SymmetricKeyAlgorithm::AES128,
+        AeadAlgorithm::Ocb,
+        chunk_size,
+        &[&encryption_subkey],
+    )?;
+    let encoded_message = encrypted_message.to_bytes()?;
+    Ok(format!(
+        "openpgp:{}",
+        base64::engine::general_purpose::STANDARD.encode(encoded_message)
+    ))
+}
+
 impl PushSubscriber {
     /// Creates new push notification subscriber.
     pub(crate) fn new() -> Self {
         Default::default()
     }
 
-    /// Sets device token for Apple Push Notification service.
+    /// Sets device token for Apple Push Notification service
+    /// or Firebase Cloud Messaging.
     pub(crate) async fn set_device_token(&self, token: &str) {
         self.inner.write().await.device_token = Some(token.to_string());
     }
 
     /// Retrieves device token.
     ///
+    /// The token is encrypted with OpenPGP.
+    ///
     /// Token may be not available if application is not running on Apple platform,
+    /// does not have Google Play services,
     /// failed to register for remote notifications or is in the process of registering.
     ///
     /// IMAP loop should periodically check if device token is available
@@ -121,3 +200,37 @@ impl Context {
         }
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_set_device_token() {
+        let push_subscriber = PushSubscriber::new();
+        assert_eq!(push_subscriber.device_token().await, None);
+
+        push_subscriber.set_device_token("some-token").await;
+        let device_token = push_subscriber.device_token().await.unwrap();
+        assert_eq!(device_token, "some-token");
+    }
+
+    #[test]
+    fn test_pad_device_token() {
+        let apple_token = "0155b93b7eb867a0d8b7328b978bb15bf22f70867e39e168d03f199af9496894";
+        assert_eq!(pad_device_token(apple_token).trim(), apple_token);
+    }
+
+    #[test]
+    fn test_encrypt_device_token() {
+        let fcm_token = encrypt_device_token("fcm-chat.delta:c67DVcpVQN2rJHiSszKNDW:APA91bErcJV2b8qG0IT4aiuCqw6Al0_SbydSuz3V0CHBR1X7Fp8YzyvlpxNZIOGYVDFKejZGE1YiGSaqxmkr9ds0DuALmZNDwqIhuZWGKKrs3r7DTSkQ9MQ").unwrap();
+        let fcm_beta_token = encrypt_device_token("fcm-chat.delta.beta:chu-GhZCTLyzq1XseJp3na:APA91bFlsfDawdszWTyOLbxBy7KeRCrYM-SBFqutebF5ix0EZKMuCFUT_Y7R7Ex_eTQG_LbOu3Ky_z5UlTMJtI7ufpIp5wEvsFmVzQcOo3YhrUpbiSVGIlk").unwrap();
+        let apple_token = encrypt_device_token(
+            "0155b93b7eb867a0d8b7328b978bb15bf22f70867e39e168d03f199af9496894",
+        )
+        .unwrap();
+
+        assert_eq!(fcm_token.len(), fcm_beta_token.len());
+        assert_eq!(apple_token.len(), fcm_token.len());
+    }
+}

src/qr.rs

@@ -270,6 +270,7 @@ fn starts_with_ignore_case(string: &str, pattern: &str) -> bool {
 /// The function should be called after a QR code is scanned.
 /// The function takes the raw text scanned and checks what can be done with it.
 pub async fn check_qr(context: &Context, qr: &str) -> Result<Qr> {
+    let qr = qr.trim();
     let qrcode = if starts_with_ignore_case(qr, OPENPGP4FPR_SCHEME) {
         decode_openpgp(context, qr)
             .await
@@ -367,9 +368,10 @@ pub fn format_backup(qr: &Qr) -> Result<String> {
 /// scheme: `OPENPGP4FPR:FINGERPRINT#a=ADDR&n=NAME&i=INVITENUMBER&s=AUTH`
 ///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR&g=GROUPNAME&x=GROUPID&i=INVITENUMBER&s=AUTH`
 ///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR`
-#[allow(clippy::indexing_slicing)]
 async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = &qr[OPENPGP4FPR_SCHEME.len()..];
+    let payload = qr
+        .get(OPENPGP4FPR_SCHEME.len()..)
+        .context("Invalid OPENPGP4FPR scheme")?;
 
     // macOS and iOS sometimes replace the # with %23 (uri encode it), we should be able to parse this wrong format too.
     // see issue https://github.com/deltachat/deltachat-core-rust/issues/1969 for more info
@@ -446,7 +448,7 @@ async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
     if let (Some(addr), Some(invitenumber), Some(authcode)) = (&addr, invitenumber, authcode) {
         let addr = ContactAddress::new(addr)?;
         let (contact_id, _) =
-            Contact::add_or_lookup(context, &name, &addr, Origin::UnhandledQrScan)
+            Contact::add_or_lookup(context, &name, &addr, Origin::UnhandledSecurejoinQrScan)
                 .await
                 .with_context(|| format!("failed to add or lookup contact for address {addr:?}"))?;
 
@@ -546,7 +548,7 @@ async fn decode_ideltachat(context: &Context, prefix: &str, qr: &str) -> Result<
 fn decode_account(qr: &str) -> Result<Qr> {
     let payload = qr
         .get(DCACCOUNT_SCHEME.len()..)
-        .context("invalid DCACCOUNT payload")?;
+        .context("Invalid DCACCOUNT payload")?;
     let url = url::Url::parse(payload).context("Invalid account URL")?;
     if url.scheme() == "http" || url.scheme() == "https" {
         Ok(Qr::Account {
@@ -564,7 +566,7 @@ fn decode_account(qr: &str) -> Result<Qr> {
 fn decode_webrtc_instance(_context: &Context, qr: &str) -> Result<Qr> {
     let payload = qr
         .get(DCWEBRTC_SCHEME.len()..)
-        .context("invalid DCWEBRTC payload")?;
+        .context("Invalid DCWEBRTC payload")?;
 
     let (_type, url) = Message::parse_webrtc_instance(payload);
     let url = url::Url::parse(&url).context("Invalid WebRTC instance")?;
@@ -637,7 +639,7 @@ fn decode_shadowsocks_proxy(qr: &str) -> Result<Qr> {
 fn decode_backup2(qr: &str) -> Result<Qr> {
     let payload = qr
         .strip_prefix(DCBACKUP2_SCHEME)
-        .ok_or_else(|| anyhow!("invalid DCBACKUP scheme"))?;
+        .ok_or_else(|| anyhow!("Invalid DCBACKUP2 scheme"))?;
     let (auth_token, node_addr) = payload
         .split_once('&')
         .context("Backup QR code has no separator")?;
@@ -668,9 +670,10 @@ struct CreateAccountErrorResponse {
 /// take a qr of the type DC_QR_ACCOUNT, parse it's parameters,
 /// download additional information from the contained url and set the parameters.
 /// on success, a configure::configure() should be able to log in to the account
-#[allow(clippy::indexing_slicing)]
 async fn set_account_from_qr(context: &Context, qr: &str) -> Result<()> {
-    let url_str = &qr[DCACCOUNT_SCHEME.len()..];
+    let url_str = qr
+        .get(DCACCOUNT_SCHEME.len()..)
+        .context("Invalid DCACCOUNT scheme")?;
 
     if !url_str.starts_with(HTTPS_SCHEME) {
         bail!("DCACCOUNT QR codes must use HTTPS scheme");
@@ -800,15 +803,12 @@ pub async fn set_config_from_qr(context: &Context, qr: &str) -> Result<()> {
 /// Extract address for the mailto scheme.
 ///
 /// Scheme: `mailto:addr...?subject=...&body=..`
-#[allow(clippy::indexing_slicing)]
 async fn decode_mailto(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = &qr[MAILTO_SCHEME.len()..];
+    let payload = qr
+        .get(MAILTO_SCHEME.len()..)
+        .context("Invalid mailto: scheme")?;
 
-    let (addr, query) = if let Some(query_index) = payload.find('?') {
-        (&payload[..query_index], &payload[query_index + 1..])
-    } else {
-        (payload, "")
-    };
+    let (addr, query) = payload.split_once('?').unwrap_or((payload, ""));
 
     let param: BTreeMap<&str, &str> = query
         .split('&')
@@ -855,16 +855,12 @@ async fn decode_mailto(context: &Context, qr: &str) -> Result<Qr> {
 /// Extract address for the smtp scheme.
 ///
 /// Scheme: `SMTP:addr...:subject...:body...`
-#[allow(clippy::indexing_slicing)]
 async fn decode_smtp(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = &qr[SMTP_SCHEME.len()..];
-
-    let addr = if let Some(query_index) = payload.find(':') {
-        &payload[..query_index]
-    } else {
-        bail!("Invalid SMTP found");
-    };
+    let payload = qr.get(SMTP_SCHEME.len()..).context("Invalid SMTP scheme")?;
 
+    let (addr, _rest) = payload
+        .split_once(':')
+        .context("Invalid SMTP scheme payload")?;
     let addr = normalize_address(addr)?;
     let name = "";
     Qr::from_address(context, name, &addr, None).await
@@ -875,14 +871,13 @@ async fn decode_smtp(context: &Context, qr: &str) -> Result<Qr> {
 /// Scheme: `MATMSG:TO:addr...;SUB:subject...;BODY:body...;`
 ///
 /// There may or may not be linebreaks after the fields.
-#[allow(clippy::indexing_slicing)]
 async fn decode_matmsg(context: &Context, qr: &str) -> Result<Qr> {
     // Does not work when the text `TO:` is used in subject/body _and_ TO: is not the first field.
     // we ignore this case.
     let addr = if let Some(to_index) = qr.find("TO:") {
-        let addr = qr[to_index + 3..].trim();
+        let addr = qr.get(to_index + 3..).unwrap_or_default().trim();
         if let Some(semi_index) = addr.find(';') {
-            addr[..semi_index].trim()
+            addr.get(..semi_index).unwrap_or_default().trim()
         } else {
             addr
         }
@@ -903,7 +898,6 @@ static VCARD_EMAIL_RE: Lazy<regex::Regex> =
 /// Extract address for the vcard scheme.
 ///
 /// Scheme: `VCARD:BEGIN\nN:last name;first name;...;\nEMAIL;<type>:addr...;`
-#[allow(clippy::indexing_slicing)]
 async fn decode_vcard(context: &Context, qr: &str) -> Result<Qr> {
     let name = VCARD_NAME_RE
         .captures(qr)
@@ -915,8 +909,8 @@ async fn decode_vcard(context: &Context, qr: &str) -> Result<Qr> {
         })
         .unwrap_or_default();
 
-    let addr = if let Some(caps) = VCARD_EMAIL_RE.captures(qr) {
-        normalize_address(caps[2].trim())?
+    let addr = if let Some(cap) = VCARD_EMAIL_RE.captures(qr).and_then(|caps| caps.get(2)) {
+        normalize_address(cap.as_str().trim())?
     } else {
         bail!("Bad e-mail address");
     };
@@ -1001,6 +995,17 @@ mod tests {
             }
         );
 
+        // Test that QR code whitespace is stripped.
+        // Users can copy-paste QR code contents and "scan"
+        // from the clipboard.
+        let qr = check_qr(&ctx.ctx, "  \thttp://www.hello.com/hello  \n\t \r\n ").await?;
+        assert_eq!(
+            qr,
+            Qr::Url {
+                url: "http://www.hello.com/hello".to_string(),
+            }
+        );
+
         Ok(())
     }
 
@@ -1270,7 +1275,8 @@ mod tests {
         if let Qr::AskVerifyContact { contact_id, .. } = qr {
             let contact = Contact::get_by_id(&ctx.ctx, contact_id).await?;
             assert_eq!(contact.get_addr(), "cli@deltachat.de");
-            assert_eq!(contact.get_name(), "Jörn P. P.");
+            assert_eq!(contact.get_authname(), "Jörn P. P.");
+            assert_eq!(contact.get_name(), "");
         } else {
             bail!("Wrong QR code type");
         }
@@ -1285,6 +1291,7 @@ mod tests {
         if let Qr::AskVerifyContact { contact_id, .. } = qr {
             let contact = Contact::get_by_id(&ctx.ctx, contact_id).await?;
             assert_eq!(contact.get_addr(), "cli@deltachat.de");
+            assert_eq!(contact.get_authname(), "");
             assert_eq!(contact.get_name(), "");
         } else {
             bail!("Wrong QR code type");
@@ -1307,7 +1314,7 @@ mod tests {
             last_seen_autocrypt: 1,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: None,
             gossip_timestamp: 0,
             gossip_key_fingerprint: None,
@@ -1338,7 +1345,10 @@ mod tests {
 
         let qr = check_qr(
             &ctx.ctx,
-            &format!("OPENPGP4FPR:{}#a=alice@example.org", pub_key.fingerprint()),
+            &format!(
+                "OPENPGP4FPR:{}#a=alice@example.org",
+                pub_key.dc_fingerprint()
+            ),
         )
         .await?;
         if let Qr::FprOk { contact_id, .. } = qr {
@@ -1745,7 +1755,9 @@ mod tests {
         );
 
         // Test URL without port.
-        let res = set_config_from_qr(&t, "https://t.me/socks?server=1.2.3.4").await;
+        //
+        // Also check that whitespace is trimmed.
+        let res = set_config_from_qr(&t, " https://t.me/socks?server=1.2.3.4\n").await;
         assert!(res.is_ok());
         assert_eq!(t.get_config_bool(Config::ProxyEnabled).await?, true);
         assert_eq!(

src/reaction.rs

@@ -558,7 +558,12 @@ Here's my footer -- bob@example.net"
     ) -> Result<()> {
         let event = t
             .evtracker
-            .get_matching(|evt| matches!(evt, EventType::ReactionsChanged { .. }))
+            .get_matching(|evt| {
+                matches!(
+                    evt,
+                    EventType::ReactionsChanged { .. } | EventType::IncomingMsg { .. }
+                )
+            })
             .await;
         match event {
             EventType::ReactionsChanged {
@@ -570,7 +575,7 @@ Here's my footer -- bob@example.net"
                 assert_eq!(msg_id, expected_msg_id);
                 assert_eq!(contact_id, expected_contact_id);
             }
-            _ => unreachable!(),
+            _ => panic!("Unexpected event {event:?}."),
         }
         Ok(())
     }
@@ -583,7 +588,14 @@ Here's my footer -- bob@example.net"
     ) -> Result<()> {
         let event = t
             .evtracker
-            .get_matching(|evt| matches!(evt, EventType::IncomingReaction { .. }))
+            // Check for absence of `IncomingMsg` events -- it appeared that it's quite easy to make
+            // bugs when `IncomingMsg` is issued for reactions.
+            .get_matching(|evt| {
+                matches!(
+                    evt,
+                    EventType::IncomingReaction { .. } | EventType::IncomingMsg { .. }
+                )
+            })
             .await;
         match event {
             EventType::IncomingReaction {
@@ -595,16 +607,25 @@ Here's my footer -- bob@example.net"
                 assert_eq!(contact_id, expected_contact_id);
                 assert_eq!(reaction, Reaction::from(expected_reaction));
             }
-            _ => unreachable!(),
+            _ => panic!("Unexpected event {event:?}."),
         }
         Ok(())
     }
 
-    async fn has_incoming_reactions_event(t: &TestContext) -> bool {
-        t.evtracker
-            .get_matching_opt(t, |evt| matches!(evt, EventType::IncomingReaction { .. }))
-            .await
-            .is_some()
+    /// Checks that no unwanted events remain after expecting "wanted" reaction events.
+    async fn expect_no_unwanted_events(t: &TestContext) {
+        let ev = t
+            .evtracker
+            .get_matching_opt(t, |evt| {
+                matches!(
+                    evt,
+                    EventType::IncomingReaction { .. } | EventType::IncomingMsg { .. }
+                )
+            })
+            .await;
+        if let Some(ev) = ev {
+            panic!("Unwanted event {ev:?}.")
+        }
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -635,9 +656,10 @@ Here's my footer -- bob@example.net"
 
         bob_msg.chat_id.accept(&bob).await?;
 
+        bob.evtracker.clear_events();
         send_reaction(&bob, bob_msg.id, "👍").await.unwrap();
         expect_reactions_changed_event(&bob, bob_msg.chat_id, bob_msg.id, ContactId::SELF).await?;
-        assert!(!has_incoming_reactions_event(&bob).await);
+        expect_no_unwanted_events(&bob).await;
         assert_eq!(get_chat_msgs(&bob, bob_msg.chat_id).await?.len(), 2);
 
         let bob_reaction_msg = bob.pop_sent_msg().await;
@@ -656,6 +678,7 @@ Here's my footer -- bob@example.net"
         expect_reactions_changed_event(&alice, chat_alice.id, alice_msg.sender_msg_id, *bob_id)
             .await?;
         expect_incoming_reactions_event(&alice, alice_msg.sender_msg_id, *bob_id, "👍").await?;
+        expect_no_unwanted_events(&alice).await;
 
         // Alice reacts to own message.
         send_reaction(&alice, alice_msg.sender_msg_id, "👍 😀")
@@ -684,6 +707,7 @@ Here's my footer -- bob@example.net"
         let bob = TestContext::new_bob().await;
         alice.set_config(Config::Displayname, Some("ALICE")).await?;
         bob.set_config(Config::Displayname, Some("BOB")).await?;
+        let alice_bob_id = alice.add_or_lookup_contact_id(&bob).await;
 
         // Alice sends message to Bob
         let alice_chat = alice.create_chat(&bob).await;
@@ -696,7 +720,9 @@ Here's my footer -- bob@example.net"
         send_reaction(&bob, bob_msg1.id, "👍").await?;
         let bob_send_reaction = bob.pop_sent_msg().await;
         alice.recv_msg_trash(&bob_send_reaction).await;
-        assert!(has_incoming_reactions_event(&alice).await);
+        expect_incoming_reactions_event(&alice, alice_msg1.sender_msg_id, alice_bob_id, "👍")
+            .await?;
+        expect_no_unwanted_events(&alice).await;
 
         let chatlist = Chatlist::try_load(&bob, 0, None, None).await?;
         let summary = chatlist.get_summary(&bob, 0, None).await?;
@@ -711,8 +737,9 @@ Here's my footer -- bob@example.net"
         SystemTime::shift(Duration::from_secs(10));
         send_reaction(&alice, alice_msg1.sender_msg_id, "🍿").await?;
         let alice_send_reaction = alice.pop_sent_msg().await;
+        bob.evtracker.clear_events();
         bob.recv_msg_opt(&alice_send_reaction).await;
-        assert!(!has_incoming_reactions_event(&bob).await);
+        expect_no_unwanted_events(&bob).await;
 
         assert_summary(&alice, "You reacted 🍿 to \"Party?\"").await;
         assert_summary(&bob, "ALICE reacted 🍿 to \"Party?\"").await;
@@ -934,7 +961,9 @@ Here's my footer -- bob@example.net"
         expect_reactions_changed_event(&alice0, chat_id, alice0_msg_id, ContactId::SELF).await?;
         expect_reactions_changed_event(&alice1, alice1_msg.chat_id, alice1_msg.id, ContactId::SELF)
             .await?;
-
+        for a in [&alice0, &alice1] {
+            expect_no_unwanted_events(a).await;
+        }
         Ok(())
     }
 }

src/receive_imf.rs

@@ -6,7 +6,7 @@ use std::str::FromStr;
 use anyhow::{Context as _, Result};
 use deltachat_contact_tools::{addr_cmp, may_be_valid_addr, sanitize_single_line, ContactAddress};
 use iroh_gossip::proto::TopicId;
-use mailparse::{parse_mail, SingleInfo};
+use mailparse::SingleInfo;
 use num_traits::FromPrimitive;
 use once_cell::sync::Lazy;
 use regex::Regex;
@@ -73,12 +73,13 @@ pub struct ReceivedMsg {
 ///
 /// This method returns errors on a failure to parse the mail or extract Message-ID. It's only used
 /// for tests and REPL tool, not actual message reception pipeline.
+#[cfg(any(test, feature = "internals"))]
 pub async fn receive_imf(
     context: &Context,
     imf_raw: &[u8],
     seen: bool,
 ) -> Result<Option<ReceivedMsg>> {
-    let mail = parse_mail(imf_raw).context("can't parse mail")?;
+    let mail = mailparse::parse_mail(imf_raw).context("can't parse mail")?;
     let rfc724_mid =
         imap::prefetch_get_message_id(&mail.headers).unwrap_or_else(imap::create_message_id);
     if let Some(download_limit) = context.download_limit().await? {
@@ -105,6 +106,7 @@ pub async fn receive_imf(
 /// Emulates reception of a message from "INBOX".
 ///
 /// Only used for tests and REPL tool, not actual message reception pipeline.
+#[cfg(any(test, feature = "internals"))]
 pub(crate) async fn receive_imf_from_inbox(
     context: &Context,
     rfc724_mid: &str,
@@ -201,7 +203,7 @@ pub(crate) async fn receive_imf_inner(
     };
 
     crate::peerstate::maybe_do_aeap_transition(context, &mut mime_parser).await?;
-    if let Some(peerstate) = &mime_parser.decryption_info.peerstate {
+    if let Some(peerstate) = &mime_parser.peerstate {
         peerstate
             .handle_fingerprint_change(context, mime_parser.timestamp_sent)
             .await?;
@@ -356,8 +358,7 @@ pub(crate) async fn receive_imf_inner(
 
             // Peerstate could be updated by handling the Securejoin handshake.
             let contact = Contact::get_by_id(context, from_id).await?;
-            mime_parser.decryption_info.peerstate =
-                Peerstate::from_addr(context, contact.get_addr()).await?;
+            mime_parser.peerstate = Peerstate::from_addr(context, contact.get_addr()).await?;
         } else {
             let to_id = to_ids.first().copied().unwrap_or_default();
             // handshake may mark contacts as verified and must be processed before chats are created
@@ -393,7 +394,7 @@ pub(crate) async fn receive_imf_inner(
     if verified_encryption == VerifiedEncryption::Verified
         && mime_parser.get_header(HeaderDef::ChatVerified).is_some()
     {
-        if let Some(peerstate) = &mut mime_parser.decryption_info.peerstate {
+        if let Some(peerstate) = &mut mime_parser.peerstate {
             // NOTE: it might be better to remember ID of the key
             // that we used to decrypt the message, but
             // it is unlikely that default key ever changes
@@ -1006,7 +1007,7 @@ async fn add_parts(
                             )
                             .await?;
                     }
-                    if let Some(peerstate) = &mime_parser.decryption_info.peerstate {
+                    if let Some(peerstate) = &mime_parser.peerstate {
                         restore_protection = new_protection != ProtectionStatus::Protected
                             && peerstate.prefer_encrypt == EncryptPreference::Mutual
                             // Check that the contact still has the Autocrypt key same as the
@@ -1355,7 +1356,7 @@ async fn add_parts(
         // 1. They can't be an attack (they are outgoing, not incoming)
         // 2. Probably the unencryptedness is just a temporary state, after all
         //    the user obviously still uses DC
-        //    -> Showing info messages everytime would be a lot of noise
+        //    -> Showing info messages every time would be a lot of noise
         // 3. The info messages that are shown to the user ("Your chat partner
         //    likely reinstalled DC" or similar) would be wrong.
         if chat.is_protected() && (mime_parser.incoming || chat.typ != Chattype::Single) {
@@ -1424,7 +1425,11 @@ async fn add_parts(
     if let Some(msg) = group_changes_msgs.1 {
         match &better_msg {
             None => better_msg = Some(msg),
-            Some(_) => group_changes_msgs.0.push(msg),
+            Some(_) => {
+                if !msg.is_empty() {
+                    group_changes_msgs.0.push(msg)
+                }
+            }
         }
     }
 
@@ -1507,6 +1512,9 @@ async fn add_parts(
 
         let mut txt_raw = "".to_string();
         let (msg, typ): (&str, Viewtype) = if let Some(better_msg) = &better_msg {
+            if better_msg.is_empty() && is_partial_download.is_none() {
+                chat_id = DC_CHAT_ID_TRASH;
+            }
             (better_msg, Viewtype::Text)
         } else {
             (&part.msg, part.typ)
@@ -1569,7 +1577,7 @@ INSERT INTO msgs
 ON CONFLICT (id) DO UPDATE
 SET rfc724_mid=excluded.rfc724_mid, chat_id=excluded.chat_id,
     from_id=excluded.from_id, to_id=excluded.to_id, timestamp_sent=excluded.timestamp_sent,
-    type=excluded.type, msgrmsg=excluded.msgrmsg,
+    type=excluded.type, state=max(state,excluded.state), msgrmsg=excluded.msgrmsg,
     txt=excluded.txt, txt_normalized=excluded.txt_normalized, subject=excluded.subject,
     txt_raw=excluded.txt_raw, param=excluded.param,
     hidden=excluded.hidden,bytes=excluded.bytes, mime_headers=excluded.mime_headers,
@@ -2078,8 +2086,11 @@ async fn create_group(
 
 /// Apply group member list, name, avatar and protection status changes from the MIME message.
 ///
-/// Optionally returns better message to replace the original system message.
-/// is_partial_download: whether the message is not fully downloaded.
+/// Returns `Vec` of group changes messages and, optionally, a better message to replace the
+/// original system message. If the better message is empty, the original system message should be
+/// just omitted.
+///
+/// * `is_partial_download` - whether the message is not fully downloaded.
 #[allow(clippy::too_many_arguments)]
 async fn apply_group_changes(
     context: &Context,
@@ -2181,39 +2192,45 @@ async fn apply_group_changes(
 
     if let Some(removed_addr) = mime_parser.get_header(HeaderDef::ChatGroupMemberRemoved) {
         removed_id = Contact::lookup_id_by_addr(context, removed_addr, Origin::Unknown).await?;
-
-        better_msg = if removed_id == Some(from_id) {
-            Some(stock_str::msg_group_left_local(context, from_id).await)
-        } else {
-            Some(stock_str::msg_del_member_local(context, removed_addr, from_id).await)
-        };
-
-        if removed_id.is_some() {
-            if !allow_member_list_changes {
-                info!(
-                    context,
-                    "Ignoring removal of {removed_addr:?} from {chat_id}."
-                );
+        if let Some(id) = removed_id {
+            if allow_member_list_changes && chat_contacts.contains(&id) {
+                better_msg = if id == from_id {
+                    Some(stock_str::msg_group_left_local(context, from_id).await)
+                } else {
+                    Some(stock_str::msg_del_member_local(context, removed_addr, from_id).await)
+                };
             }
         } else {
             warn!(context, "Removed {removed_addr:?} has no contact id.")
         }
+        better_msg.get_or_insert_with(Default::default);
+        if !allow_member_list_changes {
+            info!(
+                context,
+                "Ignoring removal of {removed_addr:?} from {chat_id}."
+            );
+        }
     } else if let Some(added_addr) = mime_parser.get_header(HeaderDef::ChatGroupMemberAdded) {
-        better_msg = Some(stock_str::msg_add_member_local(context, added_addr, from_id).await);
-
         if allow_member_list_changes {
-            if !recreate_member_list {
-                if let Some(contact_id) =
-                    Contact::lookup_id_by_addr(context, added_addr, Origin::Unknown).await?
-                {
-                    added_id = Some(contact_id);
-                } else {
-                    warn!(context, "Added {added_addr:?} has no contact id.")
-                }
+            let is_new_member;
+            if let Some(contact_id) =
+                Contact::lookup_id_by_addr(context, added_addr, Origin::Unknown).await?
+            {
+                added_id = Some(contact_id);
+                is_new_member = !chat_contacts.contains(&contact_id);
+            } else {
+                warn!(context, "Added {added_addr:?} has no contact id.");
+                is_new_member = false;
+            }
+
+            if is_new_member || self_added {
+                better_msg =
+                    Some(stock_str::msg_add_member_local(context, added_addr, from_id).await);
             }
         } else {
             info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
         }
+        better_msg.get_or_insert_with(Default::default);
     } else if let Some(old_name) = mime_parser
         .get_header(HeaderDef::ChatGroupNameChanged)
         .map(|s| s.trim())
@@ -2267,12 +2284,16 @@ async fn apply_group_changes(
             new_members.insert(from_id);
         }
 
+        // These are for adding info messages about implicit membership changes, so they are only
+        // filled when such messages are needed.
+        let mut added_ids = HashSet::<ContactId>::new();
+        let mut removed_ids = HashSet::<ContactId>::new();
+
         if !recreate_member_list {
-            let mut diff = HashSet::<ContactId>::new();
             if sync_member_list {
-                diff = new_members.difference(&chat_contacts).copied().collect();
+                added_ids = new_members.difference(&chat_contacts).copied().collect();
             } else if let Some(added_id) = added_id {
-                diff.insert(added_id);
+                added_ids.insert(added_id);
             }
             new_members.clone_from(&chat_contacts);
             // Don't delete any members locally, but instead add absent ones to provide group
@@ -2286,33 +2307,62 @@ async fn apply_group_changes(
             // will likely recreate the member list from the next received message. The problem
             // occurs only if that "somebody" managed to reply earlier. Really, it's a problem for
             // big groups with high message rate, but let it be for now.
-            new_members.extend(diff.clone());
-            if let Some(added_id) = added_id {
-                diff.remove(&added_id);
-            }
-            if !diff.is_empty() {
-                warn!(context, "Implicit addition of {diff:?} to chat {chat_id}.");
-            }
-            group_changes_msgs.reserve(diff.len());
-            for contact_id in diff {
-                let contact = Contact::get_by_id(context, contact_id).await?;
-                group_changes_msgs.push(
-                    stock_str::msg_add_member_local(
-                        context,
-                        contact.get_addr(),
-                        ContactId::UNDEFINED,
-                    )
-                    .await,
-                );
-            }
+            new_members.extend(added_ids.clone());
         }
         if let Some(removed_id) = removed_id {
             new_members.remove(&removed_id);
         }
         if recreate_member_list {
-            info!(
+            if self_added {
+                // ... then `better_msg` is already set.
+            } else if chat.blocked == Blocked::Request || !chat_contacts.contains(&ContactId::SELF)
+            {
+                warn!(context, "Implicit addition of SELF to chat {chat_id}.");
+                group_changes_msgs.push(
+                    stock_str::msg_add_member_local(
+                        context,
+                        &context.get_primary_self_addr().await?,
+                        ContactId::UNDEFINED,
+                    )
+                    .await,
+                );
+            } else {
+                added_ids = new_members.difference(&chat_contacts).copied().collect();
+                removed_ids = chat_contacts.difference(&new_members).copied().collect();
+            }
+        }
+
+        if let Some(added_id) = added_id {
+            added_ids.remove(&added_id);
+        }
+        if let Some(removed_id) = removed_id {
+            removed_ids.remove(&removed_id);
+        }
+        if !added_ids.is_empty() {
+            warn!(
                 context,
-                "Recreating chat {chat_id} member list with {new_members:?}.",
+                "Implicit addition of {added_ids:?} to chat {chat_id}."
+            );
+        }
+        if !removed_ids.is_empty() {
+            warn!(
+                context,
+                "Implicit removal of {removed_ids:?} from chat {chat_id}."
+            );
+        }
+        group_changes_msgs.reserve(added_ids.len() + removed_ids.len());
+        for contact_id in added_ids {
+            let contact = Contact::get_by_id(context, contact_id).await?;
+            group_changes_msgs.push(
+                stock_str::msg_add_member_local(context, contact.get_addr(), ContactId::UNDEFINED)
+                    .await,
+            );
+        }
+        for contact_id in removed_ids {
+            let contact = Contact::get_by_id(context, contact_id).await?;
+            group_changes_msgs.push(
+                stock_str::msg_del_member_local(context, contact.get_addr(), ContactId::UNDEFINED)
+                    .await,
             );
         }
 
@@ -2448,14 +2498,16 @@ async fn create_or_lookup_mailinglist(
     }
 }
 
-#[allow(clippy::indexing_slicing)]
 fn compute_mailinglist_name(
     list_id_header: &str,
     listid: &str,
     mime_parser: &MimeMessage,
 ) -> String {
-    let mut name = match LIST_ID_REGEX.captures(list_id_header) {
-        Some(cap) => cap[1].trim().to_string(),
+    let mut name = match LIST_ID_REGEX
+        .captures(list_id_header)
+        .and_then(|caps| caps.get(1))
+    {
+        Some(cap) => cap.as_str().trim().to_string(),
         None => "".to_string(),
     };
 
@@ -2502,8 +2554,11 @@ fn compute_mailinglist_name(
         // 51231231231231231231231232869f58.xing.com -> xing.com
         static PREFIX_32_CHARS_HEX: Lazy<Regex> =
             Lazy::new(|| Regex::new(r"([0-9a-fA-F]{32})\.(.{6,})").unwrap());
-        if let Some(cap) = PREFIX_32_CHARS_HEX.captures(listid) {
-            name = cap[2].to_string();
+        if let Some(cap) = PREFIX_32_CHARS_HEX
+            .captures(listid)
+            .and_then(|caps| caps.get(2))
+        {
+            name = cap.as_str().to_string();
         } else {
             name = listid.to_string();
         }
@@ -2662,7 +2717,7 @@ async fn update_verified_keys(
         return Ok(None);
     }
 
-    let Some(peerstate) = &mut mimeparser.decryption_info.peerstate else {
+    let Some(peerstate) = &mut mimeparser.peerstate else {
         // No peerstate means no verified keys.
         return Ok(None);
     };
@@ -2735,7 +2790,7 @@ async fn has_verified_encryption(
     // this check is skipped for SELF as there is no proper SELF-peerstate
     // and results in group-splits otherwise.
     if from_id != ContactId::SELF {
-        let Some(peerstate) = &mimeparser.decryption_info.peerstate else {
+        let Some(peerstate) = &mimeparser.peerstate else {
             return Ok(NotVerified(
                 "No peerstate, the contact isn't verified".to_string(),
             ));

src/receive_imf/tests.rs

@@ -868,18 +868,58 @@ async fn test_parse_ndn_group_msg() -> Result<()> {
     assert_eq!(msg.state, MessageState::OutFailed);
 
     let msgs = chat::get_chat_msgs(&t, msg.chat_id).await?;
-    let msg_id = if let ChatItem::Message { msg_id } = msgs.last().unwrap() {
-        msg_id
-    } else {
+    let ChatItem::Message { msg_id } = *msgs.last().unwrap() else {
         panic!("Wrong item type");
     };
-    let last_msg = Message::load_from_db(&t, *msg_id).await?;
+    assert_eq!(msg_id, msg.id);
+    Ok(())
+}
 
-    assert_eq!(
-        last_msg.text,
-        stock_str::failed_sending_to(&t, "assidhfaaspocwaeofi@gmail.com").await
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_concat_multiple_ndns() -> Result<()> {
+    let t = TestContext::new().await;
+    t.configure_addr("alice@posteo.org").await;
+    let mid = "1234@mail.gmail.com";
+    receive_imf(
+        &t,
+        b"Received: (Postfix, from userid 1000); Mon, 4 Dec 2006 14:51:39 +0100 (CET)\n\
+                 From: alice@posteo.org\n\
+                 To: hanerthaertidiuea@gmx.de\n\
+                 Subject: foo\n\
+                 Message-ID: <1234@mail.gmail.com>\n\
+                 Chat-Version: 1.0\n\
+                 Chat-Disposition-Notification-To: alice@example.org\n\
+                 Date: Sun, 22 Mar 2020 22:37:57 +0000\n\
+                 \n\
+                 hello\n",
+        false,
+    )
+    .await?;
+
+    let chats = Chatlist::try_load(&t, 0, None, None).await?;
+    let msg_id = chats.get_msg_id(0)?.unwrap();
+
+    let raw = include_str!("../../test-data/message/posteo_ndn.eml");
+    let raw = raw.replace(
+        "Message-ID: <04422840-f884-3e37-5778-8192fe22d8e1@posteo.de>",
+        &format!("Message-ID: <{}>", mid),
     );
-    assert_eq!(last_msg.from_id, ContactId::INFO);
+    receive_imf(&t, raw.as_bytes(), false).await?;
+
+    let msg = Message::load_from_db(&t, msg_id).await?;
+
+    let err = "Undelivered Mail Returned to Sender – This is the mail system at host mout01.posteo.de.\n\nI'm sorry to have to inform you that your message could not\nbe delivered to one or more recipients. It's attached below.\n\nFor further assistance, please send mail to postmaster.\n\nIf you do so, please include this problem report. You can\ndelete your own text from the attached returned message.\n\n                   The mail system\n\n<hanerthaertidiuea@gmx.de>: host mx01.emig.gmx.net[212.227.17.5] said: 550\n    Requested action not taken: mailbox unavailable (in reply to RCPT TO\n    command)".to_string();
+    assert_eq!(msg.error(), Some(err.clone()));
+    assert_eq!(msg.state, MessageState::OutFailed);
+
+    let raw = raw.replace(
+        "Message-Id: <20200609184422.DCB6B1200DD@mout01.posteo.de>",
+        "Message-Id: <next@mout01.posteo.de>",
+    );
+    receive_imf(&t, raw.as_bytes(), false).await?;
+    let msg = Message::load_from_db(&t, msg_id).await?;
+
+    assert_eq!(msg.error(), Some([err.clone(), err].join("\n\n")));
     Ok(())
 }
 
@@ -1020,7 +1060,7 @@ async fn test_classic_mailing_list() -> Result<()> {
     let mime = sent.payload();
 
     println!("Sent mime message is:\n\n{mime}\n\n");
-    assert!(mime.contains("Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no\r\n"));
+    assert!(mime.contains("Content-Type: text/plain; charset=utf-8\r\n"));
     assert!(mime.contains("Subject: =?utf-8?q?Re=3A_=5Bdelta-dev=5D_What=27s_up=3F?=\r\n"));
     assert!(mime.contains("MIME-Version: 1.0\r\n"));
     assert!(mime.contains("In-Reply-To: <38942@posteo.org>\r\n"));
@@ -3985,7 +4025,7 @@ async fn test_sync_member_list_on_rejoin() -> Result<()> {
     remove_contact_from_chat(&alice, alice_chat_id, claire_id).await?;
     alice.pop_sent_msg().await;
 
-    // readd bob
+    // re-add bob
     add_contact_to_chat(&alice, alice_chat_id, bob_id).await?;
     let add2 = alice.pop_sent_msg().await;
     bob.recv_msg(&add2).await;
@@ -4097,7 +4137,7 @@ async fn test_dont_recreate_contacts_on_add_remove() -> Result<()> {
 }
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_recreate_contact_list_on_missing_message() -> Result<()> {
+async fn test_recreate_contact_list_on_missing_messages() -> Result<()> {
     let alice = TestContext::new_alice().await;
     let bob = TestContext::new_bob().await;
     let chat_id = create_group_chat(&alice, ProtectionStatus::Unprotected, "Group").await?;
@@ -4122,26 +4162,33 @@ async fn test_recreate_contact_list_on_missing_message() -> Result<()> {
     remove_contact_from_chat(&bob, bob_chat_id, bob_contact_fiona).await?;
     let remove_msg = bob.pop_sent_msg().await;
 
-    // bob adds a new member
+    // bob adds new members
     let bob_blue = Contact::create(&bob, "blue", "blue@example.net").await?;
     add_contact_to_chat(&bob, bob_chat_id, bob_blue).await?;
-
+    bob.pop_sent_msg().await;
+    let bob_orange = Contact::create(&bob, "orange", "orange@example.net").await?;
+    add_contact_to_chat(&bob, bob_chat_id, bob_orange).await?;
     let add_msg = bob.pop_sent_msg().await;
 
-    // alice only receives the addition of the member
+    // alice only receives the second member addition
     alice.recv_msg(&add_msg).await;
 
-    // since we missed a message, a new contact list should be build
-    assert_eq!(get_chat_contacts(&alice, chat_id).await?.len(), 3);
-
-    // readd fiona
-    add_contact_to_chat(&alice, chat_id, alice_fiona).await?;
-
-    alice.recv_msg(&remove_msg).await;
-
-    // delayed removal of fiona shouldn't remove her
+    // since we missed messages, a new contact list should be build
     assert_eq!(get_chat_contacts(&alice, chat_id).await?.len(), 4);
 
+    // re-add fiona
+    add_contact_to_chat(&alice, chat_id, alice_fiona).await?;
+
+    // delayed removal of fiona shouldn't remove her
+    alice.recv_msg_trash(&remove_msg).await;
+    assert_eq!(get_chat_contacts(&alice, chat_id).await?.len(), 5);
+
+    alice
+        .golden_test_chat(
+            chat_id,
+            "receive_imf_recreate_contact_list_on_missing_messages",
+        )
+        .await;
     Ok(())
 }
 
@@ -4177,7 +4224,7 @@ async fn test_dont_readd_with_normal_msg() -> Result<()> {
     bob.recv_msg(&alice.pop_sent_msg().await).await;
 
     // Alice didn't receive Bob's leave message although a lot of time has
-    // passed, so Bob must readd themselves otherwise other members would think
+    // passed, so Bob must re-add themselves otherwise other members would think
     // Bob is still here while they aren't. Bob should retry to leave if they
     // think that Alice didn't re-add them on purpose (which is possible if Alice uses a classical
     // MUA).
@@ -4408,6 +4455,20 @@ async fn test_recreate_member_list_on_missing_add_of_self() -> Result<()> {
     send_text_msg(&alice, alice_chat_id, "4th message".to_string()).await?;
     bob.recv_msg(&alice.pop_sent_msg().await).await;
     assert!(!is_contact_in_chat(&bob, bob_chat_id, ContactId::SELF).await?);
+
+    // But if Bob left a long time ago, they must recreate the member list after missing a message.
+    SystemTime::shift(Duration::from_secs(3600));
+    send_text_msg(&alice, alice_chat_id, "5th message".to_string()).await?;
+    alice.pop_sent_msg().await;
+    send_text_msg(&alice, alice_chat_id, "6th message".to_string()).await?;
+    bob.recv_msg(&alice.pop_sent_msg().await).await;
+    assert!(is_contact_in_chat(&bob, bob_chat_id, ContactId::SELF).await?);
+
+    bob.golden_test_chat(
+        bob_chat_id,
+        "receive_imf_recreate_member_list_on_missing_add_of_self",
+    )
+    .await;
     Ok(())
 }
 
@@ -4808,6 +4869,37 @@ async fn test_protected_group_add_remove_member_missing_key() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_protected_group_reply_from_mua() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let fiona = &tcm.fiona().await;
+    mark_as_verified(alice, bob).await;
+    mark_as_verified(alice, fiona).await;
+    mark_as_verified(bob, alice).await;
+    let alice_chat_id = alice
+        .create_group_with_members(ProtectionStatus::Protected, "Group", &[bob, fiona])
+        .await;
+    let sent = alice.send_text(alice_chat_id, "Hello!").await;
+    let bob_msg = bob.recv_msg(&sent).await;
+    bob_msg.chat_id.accept(bob).await?;
+    // This is hacky, but i don't know other simple way to simulate a MUA reply. It works because
+    // the message is correctly assigned to the chat by `References:`.
+    bob.sql
+        .execute(
+            "UPDATE chats SET protected=0, grpid='' WHERE id=?",
+            (bob_msg.chat_id,),
+        )
+        .await?;
+    let sent = bob
+        .send_text(bob_msg.chat_id, "/me replying from MUA")
+        .await;
+    let alice_msg = alice.recv_msg(&sent).await;
+    assert_eq!(alice_msg.chat_id, alice_chat_id);
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_older_message_from_2nd_device() -> Result<()> {
     let mut tcm = TestContextManager::new();
@@ -4899,6 +4991,32 @@ async fn test_unarchive_on_member_removal() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_no_op_member_added_is_trash() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let alice_chat_id = alice
+        .create_group_with_members(ProtectionStatus::Unprotected, "foos", &[bob])
+        .await;
+    send_text_msg(alice, alice_chat_id, "populate".to_string()).await?;
+    let msg = alice.pop_sent_msg().await;
+    bob.recv_msg(&msg).await;
+    let bob_chat_id = bob.get_last_msg().await.chat_id;
+    bob_chat_id.accept(bob).await?;
+
+    let fiona_id = Contact::create(alice, "", "fiona@example.net").await?;
+    add_contact_to_chat(alice, alice_chat_id, fiona_id).await?;
+    let msg = alice.pop_sent_msg().await;
+
+    let fiona_id = Contact::create(bob, "", "fiona@example.net").await?;
+    add_contact_to_chat(bob, bob_chat_id, fiona_id).await?;
+    bob.recv_msg_trash(&msg).await;
+    let contacts = get_chat_contacts(bob, bob_chat_id).await?;
+    assert_eq!(contacts.len(), 3);
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_forged_from() -> Result<()> {
     let mut tcm = TestContextManager::new();

src/scheduler.rs

@@ -135,7 +135,7 @@ impl SchedulerState {
     /// If in the meantime [`SchedulerState::start`] or [`SchedulerState::stop`] is called
     /// resume will do the right thing and restore the scheduler to the state requested by
     /// the last call.
-    pub(crate) async fn pause<'a>(&'_ self, context: Context) -> Result<IoPausedGuard> {
+    pub(crate) async fn pause(&'_ self, context: Context) -> Result<IoPausedGuard> {
         {
             let mut inner = self.inner.write().await;
             match *inner {
@@ -655,9 +655,7 @@ async fn fetch_idle(
             ctx,
             "IMAP session does not support IDLE, going to fake idle."
         );
-        connection
-            .fake_idle(ctx, &mut session, watch_folder, folder_meaning)
-            .await?;
+        connection.fake_idle(ctx, watch_folder).await?;
         return Ok(session);
     }
 
@@ -669,9 +667,7 @@ async fn fetch_idle(
         .unwrap_or_default()
     {
         info!(ctx, "IMAP IDLE is disabled, going to fake idle.");
-        connection
-            .fake_idle(ctx, &mut session, watch_folder, folder_meaning)
-            .await?;
+        connection.fake_idle(ctx, watch_folder).await?;
         return Ok(session);
     }