feat: AEAP: Check that the old peerstate verified key fingerprint hasn't changed when removing it

Otherwise if the user tries to send a message, that would just fail. `Chat::can_send()` returning
false makes the chat input field unavailable. A protected 1:1 chat with a not forward verified
contact may be a result of AEAP, the user should use the 1:1 chat with the new contact then.

.github/workflows/ci.yml

@@ -249,7 +249,7 @@ jobs:
 
       - name: Run python tests
         env:
-          CHATMAIL_DOMAIN: ${{ secrets.CHATMAIL_DOMAIN }}
+          CHATMAIL_DOMAIN: ${{ vars.CHATMAIL_DOMAIN }}
           DCC_RS_TARGET: debug
           DCC_RS_DEV: ${{ github.workspace }}
         working-directory: python
@@ -314,6 +314,6 @@ jobs:
 
       - name: Run deltachat-rpc-client tests
         env:
-          CHATMAIL_DOMAIN: ${{ secrets.CHATMAIL_DOMAIN }}
+          CHATMAIL_DOMAIN: ${{ vars.CHATMAIL_DOMAIN }}
         working-directory: deltachat-rpc-client
         run: tox -e py

.github/workflows/jsonrpc.yml

@@ -33,7 +33,7 @@ jobs:
         working-directory: deltachat-jsonrpc/typescript
         run: npm run test
         env:
-          CHATMAIL_DOMAIN: ${{ secrets.CHATMAIL_DOMAIN }}
+          CHATMAIL_DOMAIN: ${{ vars.CHATMAIL_DOMAIN }}
       - name: make sure websocket server version still builds
         working-directory: deltachat-jsonrpc
         run: cargo build --bin deltachat-jsonrpc-server --features webserver

.github/workflows/nix.yml

@@ -0,0 +1,22 @@
+name: Test Nix flake
+
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+
+jobs:
+  format:
+    name: check flake formatting
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          show-progress: false
+      - uses: DeterminateSystems/nix-installer-action@main
+      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - run: nix fmt
+
+      # Check that formatting does not change anything.
+      - run: git diff --exit-code

.github/workflows/node-tests.yml

@@ -64,5 +64,5 @@ jobs:
         working-directory: node
         run: npm run test
         env:
-          CHATMAIL_DOMAIN: ${{ secrets.CHATMAIL_DOMAIN }}
+          CHATMAIL_DOMAIN: ${{ vars.CHATMAIL_DOMAIN }}
           NODE_OPTIONS: "--force-node-api-uncaught-exceptions-policy=true"

CHANGELOG.md

@@ -1,5 +1,292 @@
 # Changelog
 
+## [1.150.0] - 2024-11-21
+
+### API-Changes
+
+- Correct `DC_CERTCK_ACCEPT_*` values and docs ([#6176](https://github.com/deltachat/deltachat-core-rust/pull/6176)).
+
+### Features / Changes
+
+- Use Rustls for connections with strict TLS ([#6186](https://github.com/deltachat/deltachat-core-rust/pull/6186)).
+- Experimental header protection for Autocrypt.
+- Tune down io-not-started info in connectivity-html.
+- Clear config cache in start_io() ([#6228](https://github.com/deltachat/deltachat-core-rust/pull/6228)).
+- Line-before-quote may be up to 120 character long instead of 80.
+- Use i.delta.chat in qr codes ([#6223](https://github.com/deltachat/deltachat-core-rust/pull/6223)).
+
+### Fixes
+
+- Prevent accidental wrong-password-notifications ([#6122](https://github.com/deltachat/deltachat-core-rust/pull/6122)).
+- Remove footers from "Show Full Message...".
+- `send_msg_to_smtp`: Return Ok if `smtp` row is deleted in parallel.
+- Only add "member added/removed" messages if they actually do that ([#5992](https://github.com/deltachat/deltachat-core-rust/pull/5992)).
+- Do not fail to load chatlist summary if the message got removed.
+- deltachat-jsonrpc: Do not fail `get_chatlist_items_by_entries` if the message got deleted.
+- deltachat-jsonrpc: Do not fail `get_draft` if draft is deleted.
+- `markseen_msgs`: Limit not yet downloaded messages state to `InNoticed` ([#2970](https://github.com/deltachat/deltachat-core-rust/pull/2970)).
+- Update state of message when fully downloading it.
+- Dont overwrite equal drafts ([#6212](https://github.com/deltachat/deltachat-core-rust/pull/6212)).
+
+### Build system
+
+- Silence RUSTSEC-2024-0384.
+- cargo: Update rPGP from 0.13.2 to 0.14.0.
+- cargo: Update futures-concurrency from 7.6.1 to 7.6.2.
+- Update flake.nix ([#6200](https://github.com/deltachat/deltachat-core-rust/pull/6200))
+
+### CI
+
+- Ensure flake is formatted.
+
+### Documentation
+
+- Scanned proxies are added and normalized.
+
+### Refactor
+
+- Fix nightly clippy warnings.
+- Remove slicing from `is_file_in_use`.
+- Remove unnecessary `allow(clippy::indexing_slicing)`.
+- Don't use slicing in `remove_nonstandard_footer`.
+- Do not use slicing in `qr` module.
+- Eliminate indexing in `compute_mailinglist_name`.
+- Remove unused `allow(clippy::indexing_slicing)`.
+- Remove indexing/slicing from `remove_message_footer`.
+- Remove indexing/slicing from `squash_attachment_parts`.
+- Remove unused allow(clippy::indexing_slicing) for heuristically_parse_ndn.
+- Remove indexing/slicing from `parse_message_ids`.
+- Remove slicing from `remove_bottom_quote`.
+- Get rid of slicing in `remove_top_quote`.
+- Remove unused allow(clippy::indexing_slicing) from 'truncate'.
+- Forbid clippy::indexing_slicing.
+- Forbid clippy::string_slice.
+- Delete chat in a transaction.
+- Fix typo in `context.rs`.
+
+### Tests
+
+- Remove all calls to print() from deltachat-rpc-client tests.
+- Reply to protected group from MUA.
+- Mark not downloaded message as seen ([#2970](https://github.com/deltachat/deltachat-core-rust/pull/2970)).
+- Mark `receive_imf()` as only for tests and "internals" feature ([#6235](https://github.com/deltachat/deltachat-core-rust/pull/6235)).
+
+## [1.149.0] - 2024-11-05
+
+### Build system
+
+- Update tokio to 1.41 and Android NDK to r27.
+- `nix flake update android`.
+
+### Fixes
+
+- cargo: Update iroh to 0.28.1.
+  This fixes the problem with iroh not sending the `Host:` header and not being able to connect to relays behind nginx reverse proxy.
+
+## [1.148.7] - 2024-11-03
+
+### API-Changes
+
+- Add API to reset contact encryption.
+
+### Features / Changes
+
+- Emit chatlist events only if message still exists.
+
+### Fixes
+
+- send_msg_to_smtp: Do not fail if the message does not exist anymore.
+- Do not percent-encode dot when passing to autoconfig server.
+- Save contact name from SecureJoin QR to `authname`, not to `name` ([#6115](https://github.com/deltachat/deltachat-core-rust/pull/6115)).
+- Always exit fake IDLE after at most 60 seconds.
+- Concat NDNs ([#6129](https://github.com/deltachat/deltachat-core-rust/pull/6129)).
+
+### Refactor
+
+- Remove `has_decrypted_pgp_armor()`.
+
+### Miscellaneous Tasks
+
+- Update dependencies.
+
+## [1.148.6] - 2024-10-31
+
+### API-Changes
+
+- Add Message::new_text() ([#6123](https://github.com/deltachat/deltachat-core-rust/pull/6123)).
+- Add `MessageSearchResult.chat_id` ([#6120](https://github.com/deltachat/deltachat-core-rust/pull/6120)).
+
+### Features / Changes
+
+- Enable Webxdc realtime by default ([#6125](https://github.com/deltachat/deltachat-core-rust/pull/6125)).
+
+### Fixes
+
+- Save full text to mime_headers for long outgoing messages ([#6091](https://github.com/deltachat/deltachat-core-rust/pull/6091)).
+- Show root SMTP connection failure in connectivity view ([#6121](https://github.com/deltachat/deltachat-core-rust/pull/6121)).
+- Skip IDLE if we got unsolicited FETCH ([#6130](https://github.com/deltachat/deltachat-core-rust/pull/6130)).
+
+### Miscellaneous Tasks
+
+- Silence another rust-analyzer false-positive ([#6124](https://github.com/deltachat/deltachat-core-rust/pull/6124)).
+- cargo: Upgrade iroh to 0.26.0.
+
+### Refactor
+
+- Directly use connectives ([#6128](https://github.com/deltachat/deltachat-core-rust/pull/6128)).
+- Use Message::new_text() more ([#6127](https://github.com/deltachat/deltachat-core-rust/pull/6127)).
+
+## [1.148.5] - 2024-10-27
+
+### Fixes
+
+- Set Config::NotifyAboutWrongPw before saving configuration ([#5896](https://github.com/deltachat/deltachat-core-rust/pull/5896)).
+- Do not take write lock for maybe_network_lost() and set_push_device_token().
+- Do not lock the account manager for the whole duration of background_fetch.
+
+### Features / Changes
+
+- Auto-restore 1:1 chat protection after receiving old unverified message.
+
+### CI
+
+- Take `CHATMAIL_DOMAIN` from variables instead of secrets.
+
+### Other
+
+- Revert "build: nix flake update fenix" to fix `nix build .#deltachat-rpc-server-armeabi-v7a-android`.
+
+### Refactor
+
+- Receive_imf::add_parts: Remove excessive `from_id == ContactId::SELF` checks.
+- Factor out `add_gossip_peer_from_header()`.
+
+## [1.148.4] - 2024-10-24
+
+### Features / Changes
+
+- Jsonrpc: add `private_tag` to `Account::Configured` Object ([#6107](https://github.com/deltachat/deltachat-core-rust/pull/6107)).
+
+### Fixes
+
+- Normalize proxy URLs before saving into proxy_url.
+- Do not wait for connections in maybe_add_gossip_peers().
+
+## [1.148.3] - 2024-10-24
+
+### Fixes
+
+- Fix reception of realtime advertisements.
+
+### Features / Changes
+
+- Allow sending realtime messages up to 128 KB in size.
+
+### API-Changes
+
+- deltachat-rpc-client: Add EventType.WEBXDC_REALTIME_ADVERTISEMENT_RECEIVED.
+
+### Documentation
+
+- Fix DC_QR_PROXY docs ([#6099](https://github.com/deltachat/deltachat-core-rust/pull/6099)).
+
+### Refactor
+
+- Generate topic inside create_iroh_header().
+
+### Tests
+
+- Test that realtime advertisements work after chatting.
+
+## [1.148.2] - 2024-10-23
+
+### Fixes
+
+- Never initialize Iroh if realtime is disabled.
+
+### Features / Changes
+
+- Add more logging for iroh initialization and peer addition.
+
+### Build system
+
+- `nix flake update nixpkgs`.
+- `nix flake update fenix`.
+
+## [1.148.1] - 2024-10-23
+
+### Build system
+
+- Revert "build: nix flake update"
+
+This reverts commit 6f22ce2722b51773d7fbb0d89e4764f963cafd91..
+
+## [1.148.0] - 2024-10-22
+
+### API-Changes
+
+- Create QR codes from any data ([#6090](https://github.com/deltachat/deltachat-core-rust/pull/6090)).
+- Add delta chat logo to QR codes ([#6093](https://github.com/deltachat/deltachat-core-rust/pull/6093)).
+- Add realtime advertisement received event ([#6043](https://github.com/deltachat/deltachat-core-rust/pull/6043)).
+- Notify adding reactions ([#6072](https://github.com/deltachat/deltachat-core-rust/pull/6072))
+- Internal profile names ([#6088](https://github.com/deltachat/deltachat-core-rust/pull/6088)).
+
+### Features / Changes
+
+- IMAP COMPRESS support.
+- Sort received outgoing message down if it's fresher than all non fresh messages.
+- Prioritize cached results if DNS resolver returns many results.
+- Add in-memory cache for DNS.
+- deltachat-repl: Built-in QR code printer.
+- Log the logic for (not) doing AEAP.
+- Log when late Autocrypt header is ignored.
+- Add more context to `send_msg` errors.
+
+### Fixes
+
+- Replace old draft with a new one atomically.
+- ChatId::maybe_delete_draft: Don't delete message if it's not a draft anymore ([#6053](https://github.com/deltachat/deltachat-core-rust/pull/6053)).
+- Call update_connection_history for proxified connections.
+- sql: Set PRAGMA query_only to avoid writing on read-only connections.
+- sql: Run `PRAGMA incremental_vacuum` on a write connection.
+- Increase MAX_SECONDS_TO_LEND_FROM_FUTURE to 30.
+
+### Build system
+
+- Nix flake update.
+- Resolve warning about default-features, and make it possible to disable vendoring ([#6079](https://github.com/deltachat/deltachat-core-rust/pull/6079)).
+- Silence a rust-analyzer false-positive ([#6077](https://github.com/deltachat/deltachat-core-rust/pull/6077)).
+
+### CI
+
+- Update Rust to 1.82.0.
+
+### Documentation
+
+- Set_protection_for_timestamp_sort does not send messages.
+- Document MimeFactory.req_mdn.
+- Fix `too_long_first_doc_paragraph` clippy lint.
+
+### Refactor
+
+- Update_msg_state: Don't avoid downgrading OutMdnRcvd to OutDelivered.
+- Fix elided_named_lifetimes warning.
+- set_protection_for_timestamp_sort: Do not log bubbled up errors.
+- Fix clippy::needless_lifetimes warnings.
+- Use `HeaderDef` constant for Chat-Disposition-Notification-To.
+- Resultify get_self_fingerprint().
+- sql: Move write mutex into connection pool.
+
+### Tests
+
+- test_qr_setup_contact_svg: Stop testing for no display name.
+- Always gossip if gossip_period is set to 0.
+- test_aeap_flow_verified: Wait for "member added" before sending messages ([#6057](https://github.com/deltachat/deltachat-core-rust/pull/6057)).
+- Make test_verified_group_member_added_recovery more reliable.
+- test_aeap_flow_verified: Do not start ac1new.
+- Fix `test_securejoin_after_contact_resetup` flakiness.
+- Message from old setup preserves contact verification, but breaks 1:1 protection.
+
 ## [1.147.1] - 2024-10-13
 
 ### Build system
@@ -4265,14 +4552,10 @@ Bugfix release attempting to fix the [iOS build error](https://github.com/deltac
 
 - new qr-code type `DC_QR_WEBRTC` #1779
 
-- new `dc_chatlist_get_summary2()` api #1771
-
 - tweak smtp-timeout for larger mails #1782
 
 - optimize read-receipts #1765
 
-- Allow http scheme for DCACCOUNT URLs #1770
-
 - improve tests #1769
 
 - bug fixes #1766 #1772 #1773 #1775 #1776 #1777
@@ -5008,3 +5291,13 @@ https://github.com/deltachat/deltachat-core-rust/pulls?q=is%3Apr+is%3Aclosed
 [1.146.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.145.0..v1.146.0
 [1.147.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.146.0..v1.147.0
 [1.147.1]: https://github.com/deltachat/deltachat-core-rust/compare/v1.147.0..v1.147.1
+[1.148.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.147.1..v1.148.0
+[1.148.1]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.0..v1.148.1
+[1.148.2]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.1..v1.148.2
+[1.148.3]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.2..v1.148.3
+[1.148.4]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.3..v1.148.4
+[1.148.5]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.4..v1.148.5
+[1.148.6]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.5..v1.148.6
+[1.148.7]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.6..v1.148.7
+[1.149.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.148.7..v1.149.0
+[1.150.0]: https://github.com/deltachat/deltachat-core-rust/compare/v1.149.0..v1.150.0

CONTRIBUTING.md

@@ -1,6 +1,6 @@
-# Contributing guidelines
+# Contributing to Delta Chat
 
-## Reporting bugs
+## Bug reports
 
 If you found a bug, [report it on GitHub](https://github.com/deltachat/deltachat-core-rust/issues).
 If the bug you found is specific to
@@ -9,178 +9,114 @@ If the bug you found is specific to
 [Desktop](https://github.com/deltachat/deltachat-desktop/issues),
 report it to the corresponding repository.
 
-## Proposing features
+## Feature proposals
 
 If you have a feature request, create a new topic on the [forum](https://support.delta.chat/).
 
-## Contributing code
+## Code contributions
 
-If you want to contribute a code, [open a Pull Request](https://github.com/deltachat/deltachat-core-rust/pulls).
+If you want to contribute a code, follow this guide.
 
-If you have write access to the repository,
-push a branch named `<username>/<feature>`
-so it is clear who is responsible for the branch,
-and open a PR proposing to merge the change.
-Otherwise fork the repository and create a branch in your fork.
+1. **Select an issue to work on.**
+
+   If you have an write access to the repository, assign the issue to yourself.
+   Otherwise state in the comment that you are going to work on the issue
+   to avoid duplicate work.
+
+   If the issue does not exist yet, create it first.
+
+2. **Write the code.**
+
+   Follow the [coding conventions](STYLE.md) when writing the code.
+
+3. **Commit the code.**
+
+   If you have write access to the repository,
+   push a branch named `<username>/<feature>`
+   so it is clear who is responsible for the branch,
+   and open a PR proposing to merge the change.
+   Otherwise fork the repository and create a branch in your fork.
+
+   Commit messages follow the [Conventional Commits] notation.
+   We use [git-cliff] to generate the changelog from commit messages before the release.
+
+   With **`git cliff --unreleased`**, you can check how the changelog entry for your commit will look.
+
+   The following prefix types are used:
+   - `feat`: Features, e.g. "feat: Pause IO for BackupProvider". If you are unsure what's the category of your commit, you can often just use `feat`.
+   - `fix`: Bug fixes, e.g. "fix: delete `smtp` rows when message sending is cancelled"
+   - `api`: API changes, e.g. "api(rust): add `get_msg_read_receipts(context, msg_id)`"
+   - `refactor`: Refactorings, e.g. "refactor: iterate over `msg_ids` without `.iter()`"
+   - `perf`: Performance improvements, e.g. "perf: improve SQLite performance with `PRAGMA synchronous=normal`"
+   - `test`: Test changes and improvements to the testing framework.
+   - `build`: Build system and tool configuration changes, e.g. "build(git-cliff): put "ci" commits into "CI" section of changelog"
+   - `ci`: CI configuration changes, e.g. "ci: limit artifact retention time for `libdeltachat.a` to 1 day"
+   - `docs`: Documentation changes, e.g. "docs: add contributing guidelines"
+   - `chore`: miscellaneous tasks, e.g. "chore: add `.DS_Store` to `.gitignore`"
+
+   Release preparation commits are marked as "chore(release): prepare for X.Y.Z"
+   as described in [releasing guide](RELEASE.md).
+
+   Use a `!` to mark breaking changes, e.g. "api!: Remove `dc_chat_can_send`".
+
+   Alternatively, breaking changes can go into the commit description, e.g.:
+
+   ```
+   fix: Fix race condition and db corruption when a message was received during backup
+
+   BREAKING CHANGE: You have to call `dc_stop_io()`/`dc_start_io()` before/after `dc_imex(DC_IMEX_EXPORT_BACKUP)`
+   ```
+
+4. [**Open a Pull Request**](https://github.com/deltachat/deltachat-core-rust/pulls).
+
+   Refer to the corresponding issue.
+
+   If you intend to squash merge the PR from the web interface,
+   make sure the PR title follows the conventional commits notation
+   as it will end up being a commit title.
+   Otherwise make sure each commit title follows the conventional commit notation.
+
+5. **Make sure all CI checks succeed.**
+
+   CI runs the tests and checks code formatting.
+
+   While it is running, self-review your PR to make sure all the changes you expect are there
+   and there are no accidentally commited unrelated changes and files.
+
+   Push the necessary fixup commits or force-push to your branch if needed.
+
+6. **Ask for review.**
+
+   Use built-in GitHub feature to request a review from suggested reviewers.
+
+   If you do not have write access to the repository, ask for review in the comments.
+
+7. **Merge the PR.**
+
+   Once a PR has an approval and passes CI, it can be merged.
+
+   PRs from a branch created in the main repository,
+   i.e. authored by those who have write access, are merged by their authors.
+
+   This is to ensure that PRs are merged as intended by the author,
+   e.g. as a squash merge, by rebasing from the web interface or manually from the command line.
+
+   If you have multiple changes in one PR, do a rebase merge.
+   Otherwise, you should usually do a squash merge.
+
+   If PR author does not have write access to the repository,
+   maintainers who reviewed the PR can merge it.
+
+   If you do not have access to the repository and created a PR from a fork,
+   ask the maintainers to merge the PR and say how it should be merged.
+
+## Other ways to contribute
+
+For other ways to contribute, refer to the [website](https://delta.chat/en/contribute).
 
 You can find the list of good first issues
 and a link to this guide
 on the contributing page: <https://github.com/deltachat/deltachat-core-rust/contribute>
 
-### Coding conventions
-
-We format the code using `rustfmt`. Run `cargo fmt` prior to committing the code.
-Run `scripts/clippy.sh` to check the code for common mistakes with [Clippy].
-
-### SQL
-
-Multi-line SQL statements should be formatted using string literals,
-for example
-```
-    sql.execute(
-        "CREATE TABLE messages (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-text TEXT DEFAULT '' NOT NULL -- message text
-) STRICT",
-    )
-    .await?;
-```
-
-Do not use macros like [`concat!`](https://doc.rust-lang.org/std/macro.concat.html)
-or [`indoc!](https://docs.rs/indoc).
-Do not escape newlines like this:
-```
-    sql.execute(
-        "CREATE TABLE messages ( \
-id INTEGER PRIMARY KEY AUTOINCREMENT, \
-text TEXT DEFAULT '' NOT NULL \
-) STRICT",
-    )
-    .await?;
-```
-Escaping newlines
-is prone to errors like this if space before backslash is missing:
-```
-"SELECT foo\
- FROM bar"
-```
-Literal above results in `SELECT fooFROM bar` string.
-This style also does not allow using `--` comments.
-
----
-
-Declare new SQL tables with [`STRICT`](https://sqlite.org/stricttables.html) keyword
-to make SQLite check column types.
-
-Declare primary keys with [`AUTOINCREMENT`](https://www.sqlite.org/autoinc.html) keyword.
-This avoids reuse of the row IDs and can avoid dangerous bugs
-like forwarding wrong message because the message was deleted
-and another message took its row ID.
-
-Declare all new columns as `NOT NULL`
-and set the `DEFAULT` value if it is optional so the column can be skipped in `INSERT` statements.
-Dealing with `NULL` values both in SQL and in Rust is tricky and we try to avoid it.
-If column is already declared without `NOT NULL`, use `IFNULL` function to provide default value when selecting it.
-Use `HAVING COUNT(*) > 0` clause
-to [prevent aggregate functions such as `MIN` and `MAX` from returning `NULL`](https://stackoverflow.com/questions/66527856/aggregate-functions-max-etc-return-null-instead-of-no-rows).
-
-Don't delete unused columns too early, but maybe after several months/releases, unused columns are
-still used by older versions, so deleting them breaks downgrading the core or importing a backup in
-an older version. Also don't change the column type, consider adding a new column with another name
-instead. Finally, never change column semantics, this is especially dangerous because the `STRICT`
-keyword doesn't help here.
-
-### Commit messages
-
-Commit messages follow the [Conventional Commits] notation.
-We use [git-cliff] to generate the changelog from commit messages before the release.
-
-With **`git cliff --unreleased`**, you can check how the changelog entry for your commit will look.
-
-The following prefix types are used:
-- `feat`: Features, e.g. "feat: Pause IO for BackupProvider". If you are unsure what's the category of your commit, you can often just use `feat`.
-- `fix`: Bug fixes, e.g. "fix: delete `smtp` rows when message sending is cancelled"
-- `api`: API changes, e.g. "api(rust): add `get_msg_read_receipts(context, msg_id)`"
-- `refactor`: Refactorings, e.g. "refactor: iterate over `msg_ids` without `.iter()`"
-- `perf`: Performance improvements, e.g. "perf: improve SQLite performance with `PRAGMA synchronous=normal`"
-- `test`: Test changes and improvements to the testing framework.
-- `build`: Build system and tool configuration changes, e.g. "build(git-cliff): put "ci" commits into "CI" section of changelog"
-- `ci`: CI configuration changes, e.g. "ci: limit artifact retention time for `libdeltachat.a` to 1 day"
-- `docs`: Documentation changes, e.g. "docs: add contributing guidelines"
-- `chore`: miscellaneous tasks, e.g. "chore: add `.DS_Store` to `.gitignore`"
-
-Release preparation commits are marked as "chore(release): prepare for vX.Y.Z".
-
-If you intend to squash merge the PR from the web interface,
-make sure the PR title follows the conventional commits notation
-as it will end up being a commit title.
-Otherwise make sure each commit title follows the conventional commit notation.
-
-#### Breaking Changes
-
-Use a `!` to mark breaking changes, e.g. "api!: Remove `dc_chat_can_send`".
-
-Alternatively, breaking changes can go into the commit description, e.g.:
-
-```
-fix: Fix race condition and db corruption when a message was received during backup
-
-BREAKING CHANGE: You have to call `dc_stop_io()`/`dc_start_io()` before/after `dc_imex(DC_IMEX_EXPORT_BACKUP)`
-```
-
-#### Multiple Changes in one PR
-
-If you have multiple changes in one PR, create multiple conventional commits, and then do a rebase merge. Otherwise, you should usually do a squash merge.
-
-[Clippy]: https://doc.rust-lang.org/clippy/
 [Conventional Commits]: https://www.conventionalcommits.org/
 [git-cliff]: https://git-cliff.org/
-
-### Errors
-
-Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.
-When using [`Context`](https://docs.rs/anyhow/latest/anyhow/trait.Context.html),
-capitalize it but do not add a full stop as the contexts will be separated by `:`.
-For example:
-```
-.with_context(|| format!("Unable to trash message {msg_id}"))
-```
-
-All errors should be handled in one of these ways:
-- With `if let Err() =` (incl. logging them into `warn!()`/`err!()`).
-- With `.log_err().ok()`.
-- Bubbled up with `?`.
-
-`backtrace` feature is enabled for `anyhow` crate
-and `debug = 1` option is set in the test profile.
-This allows to run `RUST_BACKTRACE=1 cargo test`
-and get a backtrace with line numbers in resultified tests
-which return `anyhow::Result`.
-
-### Logging
-
-For logging, use `info!`, `warn!` and `error!` macros.
-Log messages should be capitalized and have a full stop in the end. For example:
-```
-info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
-```
-
-Format anyhow errors with `{:#}` to print all the contexts like this:
-```
-error!(context, "Failed to set selfavatar timestamp: {err:#}.");
-```
-
-### Reviewing
-
-Once a PR has an approval and passes CI, it can be merged.
-
-PRs from a branch created in the main repository, i.e. authored by those who have write access, are merged by their authors.
-This is to ensure that PRs are merged as intended by the author,
-e.g. as a squash merge, by rebasing from the web interface or manually from the command line.
-
-If you do not have access to the repository and created a PR from a fork,
-ask the maintainers to merge the PR and say how it should be merged.
-
-## Other ways to contribute
-
-For other ways to contribute, refer to the [website](https://delta.chat/en/contribute).

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat"
-version = "1.147.1"
+version = "1.150.0"
 edition = "2021"
 license = "MPL-2.0"
 rust-version = "1.77"
@@ -46,7 +46,7 @@ async-native-tls = { version = "0.5", default-features = false, features = ["run
 async-smtp = { version = "0.9", default-features = false, features = ["runtime-tokio"] }
 async_zip = { version = "0.0.17", default-features = false, features = ["deflate", "tokio-fs"] }
 base64 = { workspace = true }
-brotli = { version = "6", default-features=false, features = ["std"] }
+brotli = { version = "7", default-features=false, features = ["std"] }
 bytes = "1"
 chrono = { workspace = true, features = ["alloc", "clock", "std"] }
 email = { git = "https://github.com/deltachat/rust-email", branch = "master" }
@@ -61,11 +61,11 @@ hickory-resolver = "=0.25.0-alpha.2"
 http-body-util = "0.1.2"
 humansize = "2"
 hyper = "1"
-hyper-util = "0.1.9"
-image = { version = "0.25.1", default-features=false, features = ["gif", "jpeg", "ico", "png", "pnm", "webp", "bmp"] }
-iroh-gossip = { version = "0.25.0", default-features = false, features = ["net"] }
-iroh-net = { version = "0.25.0", default-features = false }
-kamadak-exif = "0.5.3"
+hyper-util = "0.1.10"
+image = { version = "0.25.4", default-features=false, features = ["gif", "jpeg", "ico", "png", "pnm", "webp", "bmp"] }
+iroh-gossip = { version = "0.28.1", default-features = false, features = ["net"] }
+iroh-net = { version = "0.28.1", default-features = false }
+kamadak-exif = "0.6.0"
 lettre_email = { git = "https://github.com/deltachat/lettre", branch = "master" }
 libc = { workspace = true }
 mailparse = "0.15"
@@ -76,22 +76,23 @@ num-traits = { workspace = true }
 once_cell = { workspace = true }
 parking_lot = "0.12"
 percent-encoding = "2.3"
-pgp = { version = "0.13.2", default-features = false }
+pgp = { version = "0.14.0", default-features = false }
 pin-project = "1"
 qrcodegen = "1.7.0"
-quick-xml = "0.36"
+quick-xml = "0.37"
 quoted_printable = "0.5"
 rand = { workspace = true }
 regex = { workspace = true }
 rusqlite = { workspace = true, features = ["sqlcipher"] }
 rust-hsluv = "0.1"
-rustls-pki-types = "1.9.0"
-rustls = { version = "0.23.13", default-features = false }
+rustls-pki-types = "1.10.0"
+rustls = { version = "0.23.14", default-features = false }
 sanitize-filename = { workspace = true }
 serde_json = { workspace = true }
 serde_urlencoded = "0.7.1"
 serde = { workspace = true, features = ["derive"] }
 sha-1 = "0.10"
+sha2 = "0.10"
 shadowsocks = { version = "1.21.0", default-features = false, features = ["aead-cipher-2022"] }
 smallvec = "1.13.2"
 strum = "0.26"
@@ -171,13 +172,13 @@ chrono = { version = "0.4.38", default-features = false }
 deltachat-contact-tools = { path = "deltachat-contact-tools" }
 deltachat-jsonrpc = { path = "deltachat-jsonrpc", default-features = false }
 deltachat = { path = ".", default-features = false }
-futures = "0.3.30"
-futures-lite = "2.3.0"
+futures = "0.3.31"
+futures-lite = "2.4.0"
 libc = "0.2"
 log = "0.4"
 nu-ansi-term = "0.46"
 num-traits = "0.2"
-once_cell = "1.18.0"
+once_cell = "1.20.2"
 rand = "0.8"
 regex = "1.10"
 rusqlite = "0.32"
@@ -186,14 +187,7 @@ serde = "1.0"
 serde_json = "1"
 tempfile = "3.13.0"
 thiserror = "1"
-
-# 1.38 is the latest version before `mio` dependency update
-# that broke compilation with Android NDK r23c and r24.
-# Version 1.39.0 cannot be compiled using these NDKs,
-# see issue <https://github.com/tokio-rs/tokio/issues/6748>
-# for details.
-tokio = "~1.38.1"
-
+tokio = "1"
 tokio-util = "0.7.11"
 tracing-subscriber = "0.3"
 yerpc = "0.6.2"

STYLE.md

@@ -0,0 +1,98 @@
+# Coding conventions
+
+We format the code using `rustfmt`. Run `cargo fmt` prior to committing the code.
+Run `scripts/clippy.sh` to check the code for common mistakes with [Clippy].
+
+[Clippy]: https://doc.rust-lang.org/clippy/
+
+## SQL
+
+Multi-line SQL statements should be formatted using string literals,
+for example
+```
+    sql.execute(
+        "CREATE TABLE messages (
+id INTEGER PRIMARY KEY AUTOINCREMENT,
+text TEXT DEFAULT '' NOT NULL -- message text
+) STRICT",
+    )
+    .await?;
+```
+
+Do not use macros like [`concat!`](https://doc.rust-lang.org/std/macro.concat.html)
+or [`indoc!](https://docs.rs/indoc).
+Do not escape newlines like this:
+```
+    sql.execute(
+        "CREATE TABLE messages ( \
+id INTEGER PRIMARY KEY AUTOINCREMENT, \
+text TEXT DEFAULT '' NOT NULL \
+) STRICT",
+    )
+    .await?;
+```
+Escaping newlines
+is prone to errors like this if space before backslash is missing:
+```
+"SELECT foo\
+ FROM bar"
+```
+Literal above results in `SELECT fooFROM bar` string.
+This style also does not allow using `--` comments.
+
+---
+
+Declare new SQL tables with [`STRICT`](https://sqlite.org/stricttables.html) keyword
+to make SQLite check column types.
+
+Declare primary keys with [`AUTOINCREMENT`](https://www.sqlite.org/autoinc.html) keyword.
+This avoids reuse of the row IDs and can avoid dangerous bugs
+like forwarding wrong message because the message was deleted
+and another message took its row ID.
+
+Declare all new columns as `NOT NULL`
+and set the `DEFAULT` value if it is optional so the column can be skipped in `INSERT` statements.
+Dealing with `NULL` values both in SQL and in Rust is tricky and we try to avoid it.
+If column is already declared without `NOT NULL`, use `IFNULL` function to provide default value when selecting it.
+Use `HAVING COUNT(*) > 0` clause
+to [prevent aggregate functions such as `MIN` and `MAX` from returning `NULL`](https://stackoverflow.com/questions/66527856/aggregate-functions-max-etc-return-null-instead-of-no-rows).
+
+Don't delete unused columns too early, but maybe after several months/releases, unused columns are
+still used by older versions, so deleting them breaks downgrading the core or importing a backup in
+an older version. Also don't change the column type, consider adding a new column with another name
+instead. Finally, never change column semantics, this is especially dangerous because the `STRICT`
+keyword doesn't help here.
+
+## Errors
+
+Delta Chat core mostly uses [`anyhow`](https://docs.rs/anyhow/) errors.
+When using [`Context`](https://docs.rs/anyhow/latest/anyhow/trait.Context.html),
+capitalize it but do not add a full stop as the contexts will be separated by `:`.
+For example:
+```
+.with_context(|| format!("Unable to trash message {msg_id}"))
+```
+
+All errors should be handled in one of these ways:
+- With `if let Err() =` (incl. logging them into `warn!()`/`err!()`).
+- With `.log_err().ok()`.
+- Bubbled up with `?`.
+
+`backtrace` feature is enabled for `anyhow` crate
+and `debug = 1` option is set in the test profile.
+This allows to run `RUST_BACKTRACE=1 cargo test`
+and get a backtrace with line numbers in resultified tests
+which return `anyhow::Result`.
+
+## Logging
+
+For logging, use `info!`, `warn!` and `error!` macros.
+Log messages should be capitalized and have a full stop in the end. For example:
+```
+info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
+```
+
+Format anyhow errors with `{:#}` to print all the contexts like this:
+```
+error!(context, "Failed to set selfavatar timestamp: {err:#}.");
+```

assets/qr_overlay_delta.svg-part

@@ -0,0 +1,12 @@
+<path
+   style="fill:#ffffff;fill-opacity:1;stroke:none"
+   d="m 24.015419,1.2870249 c -12.549421,0 -22.7283936,10.1789711 -22.7283936,22.7283931 0,12.549422 10.1789726,22.728395 22.7283936,22.728395 14.337742,-0.342877 9.614352,-4.702705 23.697556,0.969161 -7.545453,-13.001555 -1.082973,-13.32964 -0.969161,-23.697556 0,-12.549422 -10.178973,-22.7283931 -22.728395,-22.7283931 z" />
+<path
+   style="fill:#000000;fill-opacity:1;stroke:none"
+   d="M 23.982249,5.3106163 C 13.645822,5.4364005 5.2618355,13.92999 5.2618355,24.275753 c 0,10.345764 8.3839865,18.635301 18.7204135,18.509516 9.827724,-0.03951 7.516769,-5.489695 18.380082,-0.443187 -5.950849,-9.296115 0.201753,-10.533667 0.340336,-18.521947 0,-10.345766 -8.383989,-18.6353031 -18.720418,-18.5095187 z" />
+<g
+    style="fill:#ffffff"
+    transform="scale(1.1342891,0.88160947)">
+  <path
+     d="m 21.360141,23.513382 q -1.218487,-1.364705 -3.387392,-3.265543 -2.388233,-2.095797 -3.216804,-3.289913 -0.828571,-1.218486 -0.828571,-2.6563 0,-2.144536 1.998318,-3.363022 1.998317,-1.2428565 5.215121,-1.2428565 3.216804,0 5.605037,1.0966375 2.412603,1.096638 2.412603,3.021846 0,0.92605 -0.584873,1.535293 -0.584874,0.609243 -1.364705,0.609243 -1.121008,0 -2.631931,-1.681511 -1.535292,-1.705881 -2.60756,-2.388233 -1.047898,-0.706722 -2.461343,-0.706722 -1.803359,0 -2.973106,0.804201 -1.145377,0.804201 -1.145377,2.047057 0,1.169747 0.950419,2.193275 0.950419,1.023529 4.898315,3.728568 4.215963,2.899998 5.946213,4.532769 1.75462,1.632772 2.851258,3.972265 1.096638,2.339494 1.096638,4.947055 0,4.581508 -3.241174,8.090749 -3.216804,3.484871 -7.530245,3.484871 -3.923526,0 -6.628566,-2.802519 -2.705039,-2.802518 -2.705039,-7.481506 0,-4.508399 2.973106,-7.530245 2.997477,-3.021846 7.359658,-3.655459 z m 1.072268,1.121008 q -6.994112,1.145377 -6.994112,9.601672 0,4.36218 1.730251,6.774783 1.75462,2.412603 4.069744,2.412603 2.412603,0 3.972265,-2.315124 1.559663,-2.339493 1.559663,-6.311759 0,-5.751255 -4.337811,-10.162175 z" />
+</g>

deltachat-contact-tools/src/lib.rs

@@ -15,7 +15,8 @@
     clippy::explicit_into_iter_loop,
     clippy::cloned_instead_of_copied
 )]
-#![cfg_attr(not(test), warn(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::string_slice))]
 #![allow(
     clippy::match_bool,
     clippy::mixed_read_write_in_expression,

deltachat-ffi/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "1.147.1"
+version = "1.150.0"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"

deltachat-ffi/deltachat.h

@@ -506,6 +506,11 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  *                    to not mess up with non-delivery-reports or read-receipts.
  *                    0=no limit (default).
  *                    Changes affect future messages only.
+ * - `protect_autocrypt` = Enable Header Protection for Autocrypt header.
+ *                    This is an experimental option not compatible to other MUAs
+ *                    and older Delta Chat versions.
+ *                    1 = enable.
+ *                    0 = disable (default).
  * - `gossip_period` = How often to gossip Autocrypt keys in chats with multiple recipients, in
  *                    seconds. 2 days by default.
  *                    This is not supposed to be changed by UIs and only used for testing.
@@ -530,8 +535,8 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  *                    These keys go to backups and allow easy per-account settings when using @ref dc_accounts_t,
  *                    however, are not handled by the core otherwise.
  * - `webxdc_realtime_enabled` = Whether the realtime APIs should be enabled.
- *                               0 = WebXDC realtime API is disabled and behaves as noop (default).
- *                               1 = WebXDC realtime API is enabled.
+ *                               0 = WebXDC realtime API is disabled and behaves as noop.
+ *                               1 = WebXDC realtime API is enabled (default).
  *
  * If you want to retrieve a value, use dc_get_config().
  *
@@ -2533,9 +2538,11 @@ void            dc_stop_ongoing_process      (dc_context_t* context);
  *   ask the user if they want to use the given service for video chats;
  *   if so, call dc_set_config_from_qr().
  *
- * - DC_QR_SOCKS5_PROXY with dc_lot_t::text1=host, dc_lot_t::text2=port:
- *   ask the user if they want to use the given proxy and overwrite the previous one, if any.
+ * - DC_QR_PROXY with dc_lot_t::text1=address:
+ *   ask the user if they want to use the given proxy.
  *   if so, call dc_set_config_from_qr() and restart I/O.
+ *   On success, dc_get_config(context, "proxy_url")
+ *   will contain the new proxy in normalized form as the first element.
  *
  * - DC_QR_ADDR with dc_lot_t::id=Contact ID:
  *   e-mail address scanned, optionally, a draft message could be set in
@@ -4190,6 +4197,7 @@ char*             dc_msg_get_webxdc_blob      (const dc_msg_t* msg, const char*
  *   true if the Webxdc should get full internet access, including Webrtc.
  *   currently, this is only true for encrypted Webxdc's in the self chat
  *   that have requested internet access in the manifest.
+ * - self_addr: address to be used for `window.webxdc.selfAddr` in JS land.
  *
  * @memberof dc_msg_t
  * @param msg The webxdc instance.
@@ -5704,8 +5712,14 @@ int64_t         dc_lot_get_timestamp     (const dc_lot_t* lot);
 #define DC_CERTCK_STRICT 1
 
 /**
- * Accept invalid certificates, including self-signed ones
- * or having incorrect hostname.
+ * Accept certificates that are expired, self-signed
+ * or not valid for the server hostname.
+ */
+#define DC_CERTCK_ACCEPT_INVALID 2
+
+/**
+ * For API compatibility only: Treat this as DC_CERTCK_ACCEPT_INVALID on reading.
+ * Must not be written.
  */
 #define DC_CERTCK_ACCEPT_INVALID_CERTIFICATES 3
 

deltachat-ffi/src/lib.rs

@@ -4868,7 +4868,7 @@ pub unsafe extern "C" fn dc_accounts_maybe_network_lost(accounts: *mut dc_accoun
     }
 
     let accounts = &*accounts;
-    block_on(async move { accounts.write().await.maybe_network_lost().await });
+    block_on(async move { accounts.read().await.maybe_network_lost().await });
 }
 
 #[no_mangle]
@@ -4882,12 +4882,12 @@ pub unsafe extern "C" fn dc_accounts_background_fetch(
     }
 
     let accounts = &*accounts;
-    block_on(async move {
-        let accounts = accounts.read().await;
-        accounts
-            .background_fetch(Duration::from_secs(timeout_in_seconds))
-            .await;
-    });
+    let background_fetch_future = {
+        let lock = block_on(accounts.read());
+        lock.background_fetch(Duration::from_secs(timeout_in_seconds))
+    };
+    // At this point account manager is not locked anymore.
+    block_on(background_fetch_future);
     1
 }
 
@@ -4905,7 +4905,7 @@ pub unsafe extern "C" fn dc_accounts_set_push_device_token(
     let token = to_string_lossy(token);
 
     block_on(async move {
-        let mut accounts = accounts.write().await;
+        let accounts = accounts.read().await;
         if let Err(err) = accounts.set_push_device_token(&token).await {
             accounts.emit_event(EventType::Error(format!(
                 "Failed to set notify token: {err:#}."

deltachat-jsonrpc/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "1.147.1"
+version = "1.150.0"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 default-run = "deltachat-jsonrpc-server"
@@ -25,7 +25,7 @@ async-channel = { workspace = true }
 futures = { workspace = true }
 serde_json = { workspace = true }
 yerpc = { workspace = true, features = ["anyhow_expose", "openrpc"] }
-typescript-type-def = { version = "0.5.12", features = ["json_value"] }
+typescript-type-def = { version = "0.5.13", features = ["json_value"] }
 tokio = { workspace = true }
 sanitize-filename = { workspace = true }
 walkdir = "2.5.0"

deltachat-jsonrpc/src/api.rs

@@ -254,11 +254,12 @@ impl CommandApi {
     /// Process all events until you get this one and you can safely return to the background
     /// without forgetting to create notifications caused by timing race conditions.
     async fn accounts_background_fetch(&self, timeout_in_seconds: f64) -> Result<()> {
-        self.accounts
-            .write()
-            .await
-            .background_fetch(std::time::Duration::from_secs_f64(timeout_in_seconds))
-            .await;
+        let future = {
+            let lock = self.accounts.read().await;
+            lock.background_fetch(std::time::Duration::from_secs_f64(timeout_in_seconds))
+        };
+        // At this point account manager is not locked anymore.
+        future.await;
         Ok(())
     }
 
@@ -1134,9 +1135,11 @@ impl CommandApi {
     async fn get_message(&self, account_id: u32, msg_id: u32) -> Result<MessageObject> {
         let ctx = self.get_context(account_id).await?;
         let msg_id = MsgId::new(msg_id);
-        MessageObject::from_msg_id(&ctx, msg_id)
+        let message_object = MessageObject::from_msg_id(&ctx, msg_id)
             .await
-            .with_context(|| format!("Failed to load message {msg_id} for account {account_id}"))
+            .with_context(|| format!("Failed to load message {msg_id} for account {account_id}"))?
+            .with_context(|| format!("Message {msg_id} does not exist for account {account_id}"))?;
+        Ok(message_object)
     }
 
     async fn get_message_html(&self, account_id: u32, message_id: u32) -> Result<Option<String>> {
@@ -1160,7 +1163,10 @@ impl CommandApi {
             messages.insert(
                 message_id,
                 match message_result {
-                    Ok(message) => MessageLoadResult::Message(message),
+                    Ok(Some(message)) => MessageLoadResult::Message(message),
+                    Ok(None) => MessageLoadResult::LoadingError {
+                        error: "Message does not exist".to_string(),
+                    },
                     Err(error) => MessageLoadResult::LoadingError {
                         error: format!("{error:#}"),
                     },
@@ -1418,6 +1424,15 @@ impl CommandApi {
         Ok(())
     }
 
+    /// Resets contact encryption.
+    async fn reset_contact_encryption(&self, account_id: u32, contact_id: u32) -> Result<()> {
+        let ctx = self.get_context(account_id).await?;
+        let contact_id = ContactId::new(contact_id);
+
+        contact_id.reset_encryption(&ctx).await?;
+        Ok(())
+    }
+
     async fn change_contact_name(
         &self,
         account_id: u32,
@@ -1989,9 +2004,7 @@ impl CommandApi {
     async fn get_draft(&self, account_id: u32, chat_id: u32) -> Result<Option<MessageObject>> {
         let ctx = self.get_context(account_id).await?;
         if let Some(draft) = ChatId::new(chat_id).get_draft(&ctx).await? {
-            Ok(Some(
-                MessageObject::from_msg_id(&ctx, draft.get_id()).await?,
-            ))
+            Ok(MessageObject::from_msg_id(&ctx, draft.get_id()).await?)
         } else {
             Ok(None)
         }
@@ -2117,8 +2130,7 @@ impl CommandApi {
     ) -> Result<u32> {
         let ctx = self.get_context(account_id).await?;
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text(text);
+        let mut msg = Message::new_text(text);
 
         let message_id = deltachat::chat::send_msg(&ctx, ChatId::new(chat_id), &mut msg).await?;
         Ok(message_id.to_u32())
@@ -2161,7 +2173,9 @@ impl CommandApi {
                 .await?;
         }
         let msg_id = chat::send_msg(&ctx, ChatId::new(chat_id), &mut message).await?;
-        let message = MessageObject::from_msg_id(&ctx, msg_id).await?;
+        let message = MessageObject::from_msg_id(&ctx, msg_id)
+            .await?
+            .context("Just sent message does not exist")?;
         Ok((msg_id.to_u32(), message))
     }
 

deltachat-jsonrpc/src/api/types/account.rs

@@ -17,6 +17,9 @@ pub enum Account {
         // size: u32,
         profile_image: Option<String>, // TODO: This needs to be converted to work with blob http server.
         color: String,
+        /// Optional tag as "Work", "Family".
+        /// Meant to help profile owner to differ between profiles with similar names.
+        private_tag: Option<String>,
     },
     #[serde(rename_all = "camelCase")]
     Unconfigured { id: u32 },
@@ -31,12 +34,14 @@ impl Account {
             let color = color_int_to_hex_string(
                 Contact::get_by_id(ctx, ContactId::SELF).await?.get_color(),
             );
+            let private_tag = ctx.get_config(Config::PrivateTag).await?;
             Ok(Account::Configured {
                 id,
                 display_name,
                 addr,
                 profile_image,
                 color,
+                private_tag,
             })
         } else {
             Ok(Account::Unconfigured { id })

deltachat-jsonrpc/src/api/types/chat_list.rs

@@ -88,11 +88,17 @@ pub(crate) async fn get_chat_list_item_by_id(
 
     let (last_updated, message_type) = match last_msgid {
         Some(id) => {
-            let last_message = deltachat::message::Message::load_from_db(ctx, id).await?;
-            (
-                Some(last_message.get_timestamp() * 1000),
-                Some(last_message.get_viewtype().into()),
-            )
+            if let Some(last_message) =
+                deltachat::message::Message::load_from_db_optional(ctx, id).await?
+            {
+                (
+                    Some(last_message.get_timestamp() * 1000),
+                    Some(last_message.get_viewtype().into()),
+                )
+            } else {
+                // Message may be deleted by the time we try to load it.
+                (None, None)
+            }
         }
         None => (None, None),
     };

deltachat-jsonrpc/src/api/types/events.rs

@@ -409,6 +409,9 @@ impl From<CoreEventType> for EventType {
             },
             CoreEventType::ChatlistChanged => ChatlistChanged,
             CoreEventType::EventChannelOverflow { n } => EventChannelOverflow { n },
+            #[allow(unreachable_patterns)]
+            #[cfg(test)]
+            _ => unreachable!("This is just to silence a rust_analyzer false-positive"),
         }
     }
 }

deltachat-jsonrpc/src/api/types/message.rs

@@ -112,8 +112,10 @@ enum MessageQuote {
 }
 
 impl MessageObject {
-    pub async fn from_msg_id(context: &Context, msg_id: MsgId) -> Result<Self> {
-        let message = Message::load_from_db(context, msg_id).await?;
+    pub async fn from_msg_id(context: &Context, msg_id: MsgId) -> Result<Option<Self>> {
+        let Some(message) = Message::load_from_db_optional(context, msg_id).await? else {
+            return Ok(None);
+        };
 
         let sender_contact = Contact::get_by_id(context, message.get_from_id())
             .await
@@ -183,7 +185,7 @@ impl MessageObject {
             .map(Into::into)
             .collect();
 
-        Ok(MessageObject {
+        let message_object = MessageObject {
             id: msg_id.to_u32(),
             chat_id: message.get_chat_id().to_u32(),
             from_id: message.get_from_id().to_u32(),
@@ -244,7 +246,8 @@ impl MessageObject {
             reactions,
 
             vcard_contact: vcard_contacts.first().cloned(),
-        })
+        };
+        Ok(Some(message_object))
     }
 }
 
@@ -490,6 +493,7 @@ pub struct MessageSearchResult {
     author_name: String,
     author_color: String,
     author_id: u32,
+    chat_id: u32,
     chat_profile_image: Option<String>,
     chat_color: String,
     chat_name: String,
@@ -529,6 +533,7 @@ impl MessageSearchResult {
             author_name,
             author_color: color_int_to_hex_string(sender.get_color()),
             author_id: sender.id.to_u32(),
+            chat_id: chat.id.to_u32(),
             chat_name: chat.get_name().to_owned(),
             chat_color,
             chat_type: chat.get_type().to_u32().context("unknown chat type id")?,

deltachat-jsonrpc/src/api/types/qr.rs

@@ -6,87 +6,161 @@ use typescript_type_def::TypeDef;
 #[serde(rename = "Qr", rename_all = "camelCase")]
 #[serde(tag = "kind")]
 pub enum QrObject {
+    /// Ask the user whether to verify the contact.
+    ///
+    /// If the user agrees, pass this QR code to [`crate::securejoin::join_securejoin`].
     AskVerifyContact {
+        /// ID of the contact.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Ask the user whether to join the group.
     AskVerifyGroup {
+        /// Group name.
         grpname: String,
+        /// Group ID.
         grpid: String,
+        /// ID of the contact.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Contact fingerprint is verified.
+    ///
+    /// Ask the user if they want to start chatting.
     FprOk {
+        /// Contact ID.
         contact_id: u32,
     },
+    /// Scanned fingerprint does not match the last seen fingerprint.
     FprMismatch {
+        /// Contact ID.
         contact_id: Option<u32>,
     },
+    /// The scanned QR code contains a fingerprint but no e-mail address.
     FprWithoutAddr {
+        /// Key fingerprint.
         fingerprint: String,
     },
+    /// Ask the user if they want to create an account on the given domain.
     Account {
+        /// Server domain name.
         domain: String,
     },
+    /// Provides a backup that can be retrieved using iroh-net based backup transfer protocol.
     Backup2 {
+        /// Authentication token.
         auth_token: String,
-
+        /// Iroh node address.
         node_addr: String,
     },
+    /// Ask the user if they want to use the given service for video chats.
     WebrtcInstance {
         domain: String,
         instance_pattern: String,
     },
+    /// Ask the user if they want to use the given proxy.
+    ///
+    /// Note that HTTP(S) URLs without a path
+    /// and query parameters are treated as HTTP(S) proxy URL.
+    /// UI may want to still offer to open the URL
+    /// in the browser if QR code contents
+    /// starts with `http://` or `https://`
+    /// and the QR code was not scanned from
+    /// the proxy configuration screen.
     Proxy {
+        /// Proxy URL.
+        ///
+        /// This is the URL that is going to be added.
         url: String,
+        /// Host extracted from the URL to display in the UI.
         host: String,
+        /// Port extracted from the URL to display in the UI.
         port: u16,
     },
+    /// Contact address is scanned.
+    ///
+    /// Optionally, a draft message could be provided.
+    /// Ask the user if they want to start chatting.
     Addr {
+        /// Contact ID.
         contact_id: u32,
+        /// Draft message.
         draft: Option<String>,
     },
-    Url {
-        url: String,
-    },
-    Text {
-        text: String,
-    },
+    /// URL scanned.
+    ///
+    /// Ask the user if they want to open a browser or copy the URL to clipboard.
+    Url { url: String },
+    /// Text scanned.
+    ///
+    /// Ask the user if they want to copy the text to clipboard.
+    Text { text: String },
+    /// Ask the user if they want to withdraw their own QR code.
     WithdrawVerifyContact {
+        /// Contact ID.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Ask the user if they want to withdraw their own group invite QR code.
     WithdrawVerifyGroup {
+        /// Group name.
         grpname: String,
+        /// Group ID.
         grpid: String,
+        /// Contact ID.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Ask the user if they want to revive their own QR code.
     ReviveVerifyContact {
+        /// Contact ID.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
+    /// Ask the user if they want to revive their own group invite QR code.
     ReviveVerifyGroup {
+        /// Contact ID.
         grpname: String,
+        /// Group ID.
         grpid: String,
+        /// Contact ID.
         contact_id: u32,
+        /// Fingerprint of the contact key as scanned from the QR code.
         fingerprint: String,
+        /// Invite number.
         invitenumber: String,
+        /// Authentication code.
         authcode: String,
     },
-    Login {
-        address: String,
-    },
+    /// `dclogin:` scheme parameters.
+    ///
+    /// Ask the user if they want to login with the email address.
+    Login { address: String },
 }
 
 impl From<Qr> for QrObject {
@@ -141,7 +215,6 @@ impl From<Qr> for QrObject {
                 auth_token,
             } => QrObject::Backup2 {
                 node_addr: serde_json::to_string(node_addr).unwrap_or_default(),
-
                 auth_token,
             },
             Qr::WebrtcInstance {

deltachat-jsonrpc/src/api/types/webxdc.rs

@@ -35,6 +35,8 @@ pub struct WebxdcMessageInfo {
     source_code_url: Option<String>,
     /// True if full internet access should be granted to the app.
     internet_access: bool,
+    /// Address to be used for `window.webxdc.selfAddr` in JS land.
+    self_addr: String,
 }
 
 impl WebxdcMessageInfo {
@@ -50,6 +52,7 @@ impl WebxdcMessageInfo {
             summary,
             source_code_url,
             internet_access,
+            self_addr,
         } = message.get_webxdc_info(context).await?;
 
         Ok(Self {
@@ -59,6 +62,7 @@ impl WebxdcMessageInfo {
             summary: maybe_empty_string_to_option(summary),
             source_code_url: maybe_empty_string_to_option(source_code_url),
             internet_access,
+            self_addr,
         })
     }
 }

deltachat-jsonrpc/src/lib.rs

@@ -1,4 +1,6 @@
 #![recursion_limit = "256"]
+#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::string_slice))]
 pub mod api;
 pub use yerpc;
 

deltachat-jsonrpc/typescript/package.json

@@ -58,5 +58,5 @@
   },
   "type": "module",
   "types": "dist/deltachat.d.ts",
-  "version": "1.147.1"
+  "version": "1.150.0"
 }

deltachat-repl/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "1.147.1"
+version = "1.150.0"
 license = "MPL-2.0"
 edition = "2021"
 repository = "https://github.com/deltachat/deltachat-core-rust"

deltachat-repl/src/cmdline.rs

@@ -1004,8 +1004,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
             ensure!(sel_chat.is_some(), "No chat selected.");
 
             if !arg1.is_empty() {
-                let mut draft = Message::new(Viewtype::Text);
-                draft.set_text(arg1.to_string());
+                let mut draft = Message::new_text(arg1.to_string());
                 sel_chat
                     .as_ref()
                     .unwrap()
@@ -1028,8 +1027,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                 !arg1.is_empty(),
                 "Please specify text to add as device message."
             );
-            let mut msg = Message::new(Viewtype::Text);
-            msg.set_text(arg1.to_string());
+            let mut msg = Message::new_text(arg1.to_string());
             chat::add_device_msg(&context, None, Some(&mut msg)).await?;
         }
         "listmedia" => {

deltachat-rpc-client/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat-rpc-client"
-version = "1.147.1"
+version = "1.150.0"
 description = "Python client for Delta Chat core JSON-RPC interface"
 classifiers = [
     "Development Status :: 5 - Production/Stable",

deltachat-rpc-client/src/deltachat_rpc_client/const.py

@@ -63,6 +63,7 @@ class EventType(str, Enum):
     CHATLIST_ITEM_CHANGED = "ChatlistItemChanged"
     CONFIG_SYNCED = "ConfigSynced"
     WEBXDC_REALTIME_DATA = "WebxdcRealtimeData"
+    WEBXDC_REALTIME_ADVERTISEMENT_RECEIVED = "WebxdcRealtimeAdvertisementReceived"
 
 
 class ChatId(IntEnum):

deltachat-rpc-client/src/deltachat_rpc_client/contact.py

@@ -36,6 +36,10 @@ class Contact:
         """Delete contact."""
         self._rpc.delete_contact(self.account.id, self.id)
 
+    def reset_encryption(self) -> None:
+        """Reset contact encryption."""
+        self._rpc.reset_contact_encryption(self.account.id, self.id)
+
     def set_name(self, name: str) -> None:
         """Change the name of this contact."""
         self._rpc.change_contact_name(self.account.id, self.id, name)

deltachat-rpc-client/tests/test_iroh_webxdc.py

@@ -7,7 +7,8 @@ If you want to debug iroh at rust-trace/log level set
     RUST_LOG=iroh_net=trace,iroh_gossip=trace
 """
 
-import sys
+import logging
+import os
 import threading
 import time
 
@@ -24,9 +25,7 @@ def path_to_webxdc(request):
 
 
 def log(msg):
-    print()
-    print("*" * 80 + "\n" + msg + "\n", file=sys.stderr)
-    print()
+    logging.info(msg)
 
 
 def setup_realtime_webxdc(ac1, ac2, path_to_webxdc):
@@ -107,13 +106,15 @@ def test_realtime_sequentially(acfactory, path_to_webxdc):
     assert snapshot.text == "ping2"
 
     log("sending realtime data ac1 -> ac2")
-    ac1_webxdc_msg.send_webxdc_realtime_data(b"foo")
+    # Test that 128 KB of data can be sent in a single message.
+    data = os.urandom(128000)
+    ac1_webxdc_msg.send_webxdc_realtime_data(data)
 
     log("ac2: waiting for realtime data")
     while 1:
         event = ac2.wait_for_event()
         if event.kind == EventType.WEBXDC_REALTIME_DATA:
-            assert event.data == list(b"foo")
+            assert event.data == list(data)
             break
 
 
@@ -208,3 +209,28 @@ def test_no_reordering(acfactory, path_to_webxdc):
                 if event.data[0] == i:
                     break
                 pytest.fail("Reordering detected")
+
+
+def test_advertisement_after_chatting(acfactory, path_to_webxdc):
+    """Test that realtime advertisement is assigned to the correct message after chatting."""
+    ac1, ac2 = acfactory.get_online_accounts(2)
+    ac1.set_config("webxdc_realtime_enabled", "1")
+    ac2.set_config("webxdc_realtime_enabled", "1")
+
+    ac1_ac2_chat = ac1.create_chat(ac2)
+    ac1_webxdc_msg = ac1_ac2_chat.send_message(text="WebXDC", file=path_to_webxdc)
+    ac2_webxdc_msg = ac2.wait_for_incoming_msg()
+    assert ac2_webxdc_msg.get_snapshot().text == "WebXDC"
+
+    ac1_ac2_chat.send_text("Hello!")
+    ac2_hello_msg = ac2.wait_for_incoming_msg()
+    ac2_hello_msg_snapshot = ac2_hello_msg.get_snapshot()
+    assert ac2_hello_msg_snapshot.text == "Hello!"
+    ac2_hello_msg_snapshot.chat.accept()
+
+    ac2_webxdc_msg.send_webxdc_realtime_advertisement()
+    while 1:
+        event = ac1.wait_for_event()
+        if event.kind == EventType.WEBXDC_REALTIME_ADVERTISEMENT_RECEIVED:
+            assert event.msg_id == ac1_webxdc_msg.id
+            break

deltachat-rpc-client/tests/test_something.py

@@ -57,8 +57,8 @@ def test_acfactory(acfactory) -> None:
             if event.progress == 1000:  # Success
                 break
         else:
-            print(event)
-    print("Successful configuration")
+            logging.info(event)
+    logging.info("Successful configuration")
 
 
 def test_configure_starttls(acfactory) -> None:
@@ -246,6 +246,7 @@ def test_contact(acfactory) -> None:
     assert repr(alice_contact_bob)
     alice_contact_bob.block()
     alice_contact_bob.unblock()
+    alice_contact_bob.reset_encryption()
     alice_contact_bob.set_name("new name")
     alice_contact_bob.get_encryption_info()
     snapshot = alice_contact_bob.get_snapshot()

deltachat-rpc-client/tests/test_webxdc.py

@@ -24,6 +24,7 @@ def test_webxdc(acfactory) -> None:
         "name": "Chess Board",
         "sourceCodeUrl": None,
         "summary": None,
+        "selfAddr": webxdc_info["selfAddr"],
     }
 
     status_updates = message.get_webxdc_status_updates()

deltachat-rpc-server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "1.147.1"
+version = "1.150.0"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"

deltachat-rpc-server/npm-package/package.json

@@ -15,5 +15,5 @@
   },
   "type": "module",
   "types": "index.d.ts",
-  "version": "1.147.1"
+  "version": "1.150.0"
 }

deny.toml

@@ -11,6 +11,13 @@ ignore = [
 
     # Unmaintained encoding
     "RUSTSEC-2021-0153",
+
+    # Unmaintained proc-macro-error
+    # <https://rustsec.org/advisories/RUSTSEC-2024-0370>
+    "RUSTSEC-2024-0370",
+
+    # Unmaintained instant
+    "RUSTSEC-2024-0384",
 ]
 
 [bans]
@@ -26,13 +33,14 @@ skip = [
      { name = "event-listener", version = "2.5.3" },
      { name = "event-listener", version = "4.0.3" },
      { name = "fastrand", version = "1.9.0" },
+     { name = "fiat-crypto", version = "0.1.20" },
      { name = "futures-lite", version = "1.13.0" },
      { name = "getrandom", version = "<0.2" },
-     { name = "h2", version = "0.3.26" },
-     { name = "http-body", version = "0.4.6" },
      { name = "http", version = "0.2.12" },
-     { name = "hyper", version = "0.14.28" },
      { name = "nix", version = "0.26.4" },
+     { name = "num_enum_derive", version = "0.5.11" },
+     { name = "num_enum", version = "0.5.11" },
+     { name = "proc-macro-crate", version = "1.3.1" },
      { name = "quick-error", version = "<2.0" },
      { name = "rand_chacha", version = "<0.3" },
      { name = "rand_core", version = "<0.6" },
@@ -43,6 +51,7 @@ skip = [
      { name = "sync_wrapper", version = "0.1.2" },
      { name = "syn", version = "1.0.109" },
      { name = "time", version = "<0.3" },
+     { name = "toml_edit", version = "0.19.15" },
      { name = "wasi", version = "<0.11" },
      { name = "windows_aarch64_gnullvm", version = "<0.52" },
      { name = "windows_aarch64_msvc", version = "<0.52" },
@@ -55,6 +64,7 @@ skip = [
      { name = "windows_x86_64_gnullvm", version = "<0.52" },
      { name = "windows_x86_64_gnu", version = "<0.52" },
      { name = "windows_x86_64_msvc", version = "<0.52" },
+     { name = "winnow", version = "0.5.40" },
      { name = "winreg", version = "0.50.0" },
 ]
 

flake.lock

@@ -7,11 +7,11 @@
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "lastModified": 1729369131,
-        "narHash": "sha256-PtfScp+nQd1PsT5rf0Qgjdbsh4Iag6R1ivYMWLizyIc=",
+        "lastModified": 1731356359,
+        "narHash": "sha256-vYqJnu6jotmWpPT4DgzHVdvNIZcKZCIUqS8QaptsZA0=",
         "owner": "tadfisher",
         "repo": "android-nixpkgs",
-        "rev": "82bffbf3f06bdccf44fc62a9bd4f152ac80a55b0",
+        "rev": "c028ead7e88edb2e94cd7c90ee37593f63ae494a",
         "type": "github"
       },
       "original": {
@@ -47,11 +47,11 @@
         "rust-analyzer-src": "rust-analyzer-src"
       },
       "locked": {
-        "lastModified": 1729375822,
-        "narHash": "sha256-bRo4xVwUhvJ4Gz+OhWMREFMdBOYSw4Yi1Apj01ebbug=",
+        "lastModified": 1731393059,
+        "narHash": "sha256-rmzi0GHEwpzg1LGfGPO4SRD7D6QGV3UYGQxkJvn+J5U=",
         "owner": "nix-community",
         "repo": "fenix",
-        "rev": "2853e7d9b5c52a148a9fb824bfe4f9f433f557ab",
+        "rev": "fda8d5b59bb0dc0021ad3ba1d722f9ef6d36e4d9",
         "type": "github"
       },
       "original": {
@@ -116,11 +116,11 @@
     },
     "nix-filter": {
       "locked": {
-        "lastModified": 1710156097,
-        "narHash": "sha256-1Wvk8UP7PXdf8bCCaEoMnOT1qe5/Duqgj+rL8sRQsSM=",
+        "lastModified": 1730207686,
+        "narHash": "sha256-SCHiL+1f7q9TAnxpasriP6fMarWE5H43t25F5/9e28I=",
         "owner": "numtide",
         "repo": "nix-filter",
-        "rev": "3342559a24e85fc164b295c3444e8a139924675b",
+        "rev": "776e68c1d014c3adde193a18db9d738458cd2ba4",
         "type": "github"
       },
       "original": {
@@ -131,11 +131,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1729256560,
-        "narHash": "sha256-/uilDXvCIEs3C9l73JTACm4quuHUsIHcns1c+cHUJwA=",
+        "lastModified": 1731139594,
+        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "4c2fcb090b1f3e5b47eaa7bd33913b574a11e0a0",
+        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
         "type": "github"
       },
       "original": {
@@ -147,11 +147,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1729070438,
-        "narHash": "sha256-KOTTUfPkugH52avUvXGxvWy8ibKKj4genodIYUED+Kc=",
+        "lastModified": 1731139594,
+        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "5785b6bb5eaae44e627d541023034e1601455827",
+        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
         "type": "github"
       },
       "original": {
@@ -163,12 +163,10 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 1729265718,
-        "narHash": "sha256-4HQI+6LsO3kpWTYuVGIzhJs1cetFcwT7quWCk/6rqeo=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "ccc0c2126893dd20963580b6478d1a10a4512185",
-        "type": "github"
+        "lastModified": 0,
+        "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=",
+        "path": "/nix/store/zq2axpgzd5kykk1v446rkffj3bxa2m2h-source",
+        "type": "path"
       },
       "original": {
         "id": "nixpkgs",
@@ -177,11 +175,11 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1729256560,
-        "narHash": "sha256-/uilDXvCIEs3C9l73JTACm4quuHUsIHcns1c+cHUJwA=",
+        "lastModified": 1731139594,
+        "narHash": "sha256-IigrKK3vYRpUu+HEjPL/phrfh7Ox881er1UEsZvw9Q4=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "4c2fcb090b1f3e5b47eaa7bd33913b574a11e0a0",
+        "rev": "76612b17c0ce71689921ca12d9ffdc9c23ce40b2",
         "type": "github"
       },
       "original": {
@@ -204,11 +202,11 @@
     "rust-analyzer-src": {
       "flake": false,
       "locked": {
-        "lastModified": 1729255720,
-        "narHash": "sha256-yODOuZxBkS0UfqMa6nmbqNbVfIbsu0tYLbV5vZzmsqI=",
+        "lastModified": 1731342671,
+        "narHash": "sha256-36eYDHoPzjavnpmEpc2MXdzMk557S0YooGms07mDuKk=",
         "owner": "rust-lang",
         "repo": "rust-analyzer",
-        "rev": "72b214fbfbe6f7b95a7877b962783bd42062cc0a",
+        "rev": "fc98e0657abf3ce07eed513e38274c89bbb2f8ad",
         "type": "github"
       },
       "original": {

flake.nix

@@ -18,9 +18,9 @@
         manifest = (pkgs.lib.importTOML ./Cargo.toml).package;
         androidSdk = android.sdk.${system} (sdkPkgs:
           builtins.attrValues {
-            inherit (sdkPkgs) ndk-24-0-8215888 cmdline-tools-latest;
+            inherit (sdkPkgs) ndk-27-0-11902837 cmdline-tools-latest;
           });
-        androidNdkRoot = "${androidSdk}/share/android-sdk/ndk/24.0.8215888";
+        androidNdkRoot = "${androidSdk}/share/android-sdk/ndk/27.0.11902837";
 
         rustSrc = nix-filter.lib {
           root = ./.;
@@ -257,13 +257,21 @@
 
         androidAttrs = {
           armeabi-v7a = {
-            cc = "armv7a-linux-androideabi19-clang";
+            cc = "armv7a-linux-androideabi21-clang";
             rustTarget = "armv7-linux-androideabi";
           };
           arm64-v8a = {
             cc = "aarch64-linux-android21-clang";
             rustTarget = "aarch64-linux-android";
           };
+          x86 = {
+            cc = "i686-linux-android21-clang";
+            rustTarget = "i686-linux-android";
+          };
+          x86_64 = {
+            cc = "x86_64-linux-android21-clang";
+            rustTarget = "x86_64-linux-android";
+          };
         };
 
         mkAndroidRustPackage = arch: packageName:
@@ -525,28 +533,30 @@
               };
           };
 
-        devShells.default = let 
-          pkgs = import nixpkgs {
-            system = system;
-            overlays = [ fenix.overlays.default ];
-          };
-          in pkgs.mkShell {
+        devShells.default =
+          let
+            pkgs = import nixpkgs {
+              system = system;
+              overlays = [ fenix.overlays.default ];
+            };
+          in
+          pkgs.mkShell {
 
-          buildInputs = with pkgs; [
-            (fenix.packages.${system}.complete.withComponents [
-              "cargo"
-              "clippy"
-              "rust-src"
-              "rustc"
-              "rustfmt"
-            ])
-            cargo-deny
-            rust-analyzer-nightly
-            cargo-nextest
-            perl # needed to build vendored OpenSSL
-            git-cliff
-          ];
-        };
+            buildInputs = with pkgs; [
+              (fenix.packages.${system}.complete.withComponents [
+                "cargo"
+                "clippy"
+                "rust-src"
+                "rustc"
+                "rustfmt"
+              ])
+              cargo-deny
+              rust-analyzer-nightly
+              cargo-nextest
+              perl # needed to build vendored OpenSSL
+              git-cliff
+            ];
+          };
       }
     );
 }

format-flowed/src/lib.rs

@@ -8,6 +8,8 @@
 //! is assumed to be set to "no".
 //!
 //! For received messages, DelSp parameter is honoured.
+#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::string_slice))]
 
 /// Wraps line to 72 characters using format=flowed soft breaks.
 ///

node/constants.js

@@ -1,6 +1,7 @@
 // Generated!
 
 module.exports = {
+  DC_CERTCK_ACCEPT_INVALID: 2,
   DC_CERTCK_ACCEPT_INVALID_CERTIFICATES: 3,
   DC_CERTCK_AUTO: 0,
   DC_CERTCK_STRICT: 1,

node/lib/constants.ts

@@ -1,6 +1,7 @@
 // Generated!
 
 export enum C {
+  DC_CERTCK_ACCEPT_INVALID = 2,
   DC_CERTCK_ACCEPT_INVALID_CERTIFICATES = 3,
   DC_CERTCK_AUTO = 0,
   DC_CERTCK_STRICT = 1,

package.json

@@ -55,5 +55,5 @@
     "test:mocha": "mocha node/test/test.mjs --growl --reporter=spec --bail --exit"
   },
   "types": "node/dist/index.d.ts",
-  "version": "1.147.1"
+  "version": "1.150.0"
 }

python/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat"
-version = "1.147.1"
+version = "1.150.0"
 description = "Python bindings for the Delta Chat Core library using CFFI against the Rust-implemented libdeltachat"
 readme = "README.rst"
 requires-python = ">=3.7"

python/tests/test_1_online.py

@@ -2209,6 +2209,19 @@ def test_configure_error_msgs_wrong_pw(acfactory):
     # Password is wrong so it definitely has to say something about "password"
     assert "password" in ev.data2
 
+    ac1.stop_io()
+    ac1.set_config("mail_pw", "abc")  # Wrong mail pw
+    ac1.configure()
+    while True:
+        ev = ac1._evtracker.get_matching("DC_EVENT_CONFIGURE_PROGRESS")
+        print(f"Configuration progress: {ev.data1}")
+        if ev.data1 == 0:
+            break
+    assert "password" in ev.data2
+    # Account will continue to work with the old password, so if it becomes wrong, a notification
+    # must be shown.
+    assert ac1.get_config("notify_about_wrong_pw") == "1"
+
 
 def test_configure_error_msgs_invalid_server(acfactory):
     ac2 = acfactory.get_unconfigured_account()

python/tests/test_3_offline.py

@@ -705,7 +705,7 @@ class TestOfflineChat:
         ac1 = acfactory.get_pseudo_configured_account()
         ac2 = acfactory.get_pseudo_configured_account()
         qr = ac1.get_setup_contact_qr()
-        assert qr.startswith("OPENPGP4FPR:")
+        assert qr.startswith("https://i.delta.chat")
         res = ac2.check_qr(qr)
         assert res.is_ask_verifycontact()
         assert not res.is_ask_verifygroup()

release-date.in

@@ -1 +1 @@
-2024-10-13
+2024-11-21

src/accounts.rs

@@ -5,7 +5,8 @@ use std::future::Future;
 use std::path::{Path, PathBuf};
 
 use anyhow::{ensure, Context as _, Result};
-use futures::future::join_all;
+use futures::stream::FuturesUnordered;
+use futures::StreamExt;
 use serde::{Deserialize, Serialize};
 use tokio::fs;
 use tokio::io::AsyncWriteExt;
@@ -301,20 +302,48 @@ impl Accounts {
     ///
     /// This is an auxiliary function and not part of public API.
     /// Use [Accounts::background_fetch] instead.
-    async fn background_fetch_without_timeout(&self) {
+    async fn background_fetch_no_timeout(accounts: Vec<Context>, events: Events) {
         async fn background_fetch_and_log_error(account: Context) {
             if let Err(error) = account.background_fetch().await {
                 warn!(account, "{error:#}");
             }
         }
 
-        join_all(
-            self.accounts
-                .values()
-                .cloned()
-                .map(background_fetch_and_log_error),
+        events.emit(Event {
+            id: 0,
+            typ: EventType::Info(format!(
+                "Starting background fetch for {} accounts.",
+                accounts.len()
+            )),
+        });
+        let mut futures_unordered: FuturesUnordered<_> = accounts
+            .into_iter()
+            .map(background_fetch_and_log_error)
+            .collect();
+        while futures_unordered.next().await.is_some() {}
+    }
+
+    /// Auxiliary function for [Accounts::background_fetch].
+    async fn background_fetch_with_timeout(
+        accounts: Vec<Context>,
+        events: Events,
+        timeout: std::time::Duration,
+    ) {
+        if let Err(_err) = tokio::time::timeout(
+            timeout,
+            Self::background_fetch_no_timeout(accounts, events.clone()),
         )
-        .await;
+        .await
+        {
+            events.emit(Event {
+                id: 0,
+                typ: EventType::Warning("Background fetch timed out.".to_string()),
+            });
+        }
+        events.emit(Event {
+            id: 0,
+            typ: EventType::AccountsBackgroundFetchDone,
+        });
     }
 
     /// Performs a background fetch for all accounts in parallel with a timeout.
@@ -322,15 +351,13 @@ impl Accounts {
     /// The `AccountsBackgroundFetchDone` event is emitted at the end,
     /// process all events until you get this one and you can safely return to the background
     /// without forgetting to create notifications caused by timing race conditions.
-    pub async fn background_fetch(&self, timeout: std::time::Duration) {
-        if let Err(_err) =
-            tokio::time::timeout(timeout, self.background_fetch_without_timeout()).await
-        {
-            self.emit_event(EventType::Warning(
-                "Background fetch timed out.".to_string(),
-            ));
-        }
-        self.emit_event(EventType::AccountsBackgroundFetchDone);
+    ///
+    /// Returns a future that resolves when background fetch is done,
+    /// but does not capture `&self`.
+    pub fn background_fetch(&self, timeout: std::time::Duration) -> impl Future<Output = ()> {
+        let accounts: Vec<Context> = self.accounts.values().cloned().collect();
+        let events = self.events.clone();
+        Self::background_fetch_with_timeout(accounts, events, timeout)
     }
 
     /// Emits a single event.
@@ -344,7 +371,7 @@ impl Accounts {
     }
 
     /// Sets notification token for Apple Push Notification service.
-    pub async fn set_push_device_token(&mut self, token: &str) -> Result<()> {
+    pub async fn set_push_device_token(&self, token: &str) -> Result<()> {
         self.push_subscriber.set_device_token(token).await;
         Ok(())
     }

src/authres.rs

@@ -260,7 +260,6 @@ fn parse_authservid_candidates_config(config: &Option<String>) -> BTreeSet<&str>
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
     use tokio::fs;
     use tokio::io::AsyncReadExt;
 
@@ -520,8 +519,13 @@ Authentication-Results: dkim=";
         handle_authres(&t, &mail, "invalid@rom.com").await.unwrap();
     }
 
+    // Test that Autocrypt works with mailing list.
+    //
+    // Previous versions of Delta Chat ignored Autocrypt based on the List-Post header.
+    // This is not needed: comparing of the From address to Autocrypt header address is enough.
+    // If the mailing list is not rewriting the From header, Autocrypt should be applied.
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_autocrypt_in_mailinglist_ignored() -> Result<()> {
+    async fn test_autocrypt_in_mailinglist_not_ignored() -> Result<()> {
         let mut tcm = TestContextManager::new();
         let alice = tcm.alice().await;
         let bob = tcm.bob().await;
@@ -533,28 +537,18 @@ Authentication-Results: dkim=";
             .insert_str(0, "List-Post: <mailto:deltachat-community.example.net>\n");
         bob.recv_msg(&sent).await;
         let peerstate = Peerstate::from_addr(&bob, "alice@example.org").await?;
-        assert!(peerstate.is_none());
-
-        // Do the same without the mailing list header, this time the peerstate should be accepted
-        let sent = alice
-            .send_text(alice_bob_chat.id, "hellooo without mailing list")
-            .await;
-        bob.recv_msg(&sent).await;
-        let peerstate = Peerstate::from_addr(&bob, "alice@example.org").await?;
         assert!(peerstate.is_some());
 
-        // This also means that Bob can now write encrypted to Alice:
+        // Bob can now write encrypted to Alice:
         let mut sent = bob
             .send_text(bob_alice_chat.id, "hellooo in the mailinglist again")
             .await;
         assert!(sent.load_from_db().await.get_showpadlock());
 
-        // But if Bob writes to a mailing list, Alice doesn't show a padlock
-        // since she can't verify the signature without accepting Bob's key:
         sent.payload
             .insert_str(0, "List-Post: <mailto:deltachat-community.example.net>\n");
         let rcvd = alice.recv_msg(&sent).await;
-        assert!(!rcvd.get_showpadlock());
+        assert!(rcvd.get_showpadlock());
         assert_eq!(&rcvd.text, "hellooo in the mailinglist again");
 
         Ok(())

src/chat.rs

@@ -132,6 +132,9 @@ pub(crate) enum CantSendReason {
     /// Temporary state for 1:1 chats while SecureJoin is in progress, after a timeout sending
     /// messages (incl. unencrypted if we don't yet know the contact's pubkey) is allowed.
     SecurejoinWait,
+
+    /// The contact isn't forward verified which is needed by protected 1:1 chats.
+    NoForwardVerification,
 }
 
 impl fmt::Display for CantSendReason {
@@ -152,6 +155,7 @@ impl fmt::Display for CantSendReason {
             }
             Self::NotAMember => write!(f, "not a member of the chat"),
             Self::SecurejoinWait => write!(f, "awaiting SecureJoin for 1:1 chat"),
+            Self::NoForwardVerification => write!(f, "contact isn't forward verified"),
         }
     }
 }
@@ -765,27 +769,19 @@ impl ChatId {
         );
 
         let chat = Chat::load_from_db(context, self).await?;
-        context
-            .sql
-            .execute(
-                "DELETE FROM msgs_mdns WHERE msg_id IN (SELECT id FROM msgs WHERE chat_id=?);",
-                (self,),
-            )
-            .await?;
 
         context
             .sql
-            .execute("DELETE FROM msgs WHERE chat_id=?;", (self,))
-            .await?;
-
-        context
-            .sql
-            .execute("DELETE FROM chats_contacts WHERE chat_id=?;", (self,))
-            .await?;
-
-        context
-            .sql
-            .execute("DELETE FROM chats WHERE id=?;", (self,))
+            .transaction(|transaction| {
+                transaction.execute(
+                    "DELETE FROM msgs_mdns WHERE msg_id IN (SELECT id FROM msgs WHERE chat_id=?)",
+                    (self,),
+                )?;
+                transaction.execute("DELETE FROM msgs WHERE chat_id=?", (self,))?;
+                transaction.execute("DELETE FROM chats_contacts WHERE chat_id=?", (self,))?;
+                transaction.execute("DELETE FROM chats WHERE id=?", (self,))?;
+                Ok(())
+            })
             .await?;
 
         context.emit_msgs_changed_without_ids();
@@ -797,8 +793,7 @@ impl ChatId {
         context.scheduler.interrupt_inbox().await;
 
         if chat.is_self_talk() {
-            let mut msg = Message::new(Viewtype::Text);
-            msg.text = stock_str::self_deleted_msg_body(context).await;
+            let mut msg = Message::new_text(stock_str::self_deleted_msg_body(context).await);
             add_device_msg(context, None, Some(&mut msg)).await?;
         }
         chatlist_events::emit_chatlist_changed(context);
@@ -923,24 +918,27 @@ impl ChatId {
                     && old_draft.chat_id == self
                     && old_draft.state == MessageState::OutDraft
                 {
-                    context
-                        .sql
-                        .execute(
-                            "UPDATE msgs
-                            SET timestamp=?,type=?,txt=?,txt_normalized=?,param=?,mime_in_reply_to=?
-                            WHERE id=?;",
-                            (
-                                time(),
-                                msg.viewtype,
-                                &msg.text,
-                                message::normalize_text(&msg.text),
-                                msg.param.to_string(),
-                                msg.in_reply_to.as_deref().unwrap_or_default(),
-                                msg.id,
-                            ),
-                        )
-                        .await?;
-                    return Ok(true);
+                    let affected_rows = context
+                        .sql.execute(
+                                "UPDATE msgs
+                                SET timestamp=?1,type=?2,txt=?3,txt_normalized=?4,param=?5,mime_in_reply_to=?6
+                                WHERE id=?7
+                                AND (type <> ?2 
+                                    OR txt <> ?3 
+                                    OR txt_normalized <> ?4
+                                    OR param <> ?5
+                                    OR mime_in_reply_to <> ?6);",
+                                (
+                                    time(),
+                                    msg.viewtype,
+                                    &msg.text,
+                                    message::normalize_text(&msg.text),
+                                    msg.param.to_string(),
+                                    msg.in_reply_to.as_deref().unwrap_or_default(),
+                                    msg.id,
+                                ),
+                            ).await?;
+                    return Ok(affected_rows > 0);
                 }
             }
         }
@@ -1668,6 +1666,19 @@ impl Chat {
             > 0
         {
             Some(SecurejoinWait)
+        } else if self.typ == Chattype::Single
+            && self.is_protected()
+            && match get_chat_contacts(context, self.id).await?.pop() {
+                Some(contact_id) => {
+                    !Contact::get_by_id(context, contact_id)
+                        .await?
+                        .is_forward_verified(context)
+                        .await?
+                }
+                None => false,
+            }
+        {
+            Some(NoForwardVerification)
         } else {
             None
         };
@@ -2092,28 +2103,31 @@ impl Chat {
             EphemeralTimer::Enabled { duration } => time().saturating_add(duration.into()),
         };
 
+        let (msg_text, was_truncated) = truncate_msg_text(context, msg.text.clone()).await?;
         let new_mime_headers = if msg.has_html() {
-            let html = if msg.param.exists(Param::Forwarded) {
+            if msg.param.exists(Param::Forwarded) {
                 msg.get_id().get_html(context).await?
             } else {
                 msg.param.get(Param::SendHtml).map(|s| s.to_string())
-            };
-            match html {
-                Some(html) => Some(tokio::task::block_in_place(move || {
-                    buf_compress(new_html_mimepart(html).build().as_string().as_bytes())
-                })?),
-                None => None,
             }
         } else {
             None
         };
+        let new_mime_headers = new_mime_headers.or_else(|| match was_truncated {
+            true => Some(msg.text.clone()),
+            false => None,
+        });
+        let new_mime_headers = match new_mime_headers {
+            Some(h) => Some(tokio::task::block_in_place(move || {
+                buf_compress(new_html_mimepart(h).build().as_string().as_bytes())
+            })?),
+            None => None,
+        };
 
         msg.chat_id = self.id;
         msg.from_id = ContactId::SELF;
         msg.rfc724_mid = new_rfc724_mid;
         msg.timestamp_sort = timestamp;
-        let (msg_text, was_truncated) = truncate_msg_text(context, msg.text.clone()).await?;
-        let mime_modified = new_mime_headers.is_some() | was_truncated;
 
         // add message to the database
         if let Some(update_msg_id) = update_msg_id {
@@ -2142,7 +2156,7 @@ impl Chat {
                         msg.hidden,
                         msg.in_reply_to.as_deref().unwrap_or_default(),
                         new_references,
-                        mime_modified,
+                        new_mime_headers.is_some(),
                         new_mime_headers.unwrap_or_default(),
                         location_id as i32,
                         ephemeral_timer,
@@ -2193,7 +2207,7 @@ impl Chat {
                         msg.hidden,
                         msg.in_reply_to.as_deref().unwrap_or_default(),
                         new_references,
-                        mime_modified,
+                        new_mime_headers.is_some(),
                         new_mime_headers.unwrap_or_default(),
                         location_id as i32,
                         ephemeral_timer,
@@ -2772,6 +2786,7 @@ async fn prepare_msg_common(
             CantSendReason::ProtectionBroken
                 | CantSendReason::ContactRequest
                 | CantSendReason::SecurejoinWait
+                | CantSendReason::NoForwardVerification
         ) && msg.param.get_cmd() == SystemMessage::SecurejoinMessage
         {
             // Send out the message, the securejoin message is supposed to repair the verification.
@@ -3103,8 +3118,7 @@ pub async fn send_text_msg(
         chat_id
     );
 
-    let mut msg = Message::new(Viewtype::Text);
-    msg.text = text_to_send;
+    let mut msg = Message::new_text(text_to_send);
     send_msg(context, chat_id, &mut msg).await
 }
 
@@ -4504,6 +4518,7 @@ pub(crate) async fn delete_and_reset_all_device_msgs(context: &Context) -> Resul
 /// Adds an informational message to chat.
 ///
 /// For example, it can be a message showing that a member was added to a group.
+/// Doesn't fail if the chat doesn't exist.
 #[allow(clippy::too_many_arguments)]
 pub(crate) async fn add_info_msg_with_cmd(
     context: &Context,
@@ -4777,8 +4792,7 @@ mod tests {
     async fn test_get_draft() {
         let t = TestContext::new().await;
         let chat_id = &t.get_self_chat().await.id;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("hello".to_string());
+        let mut msg = Message::new_text("hello".to_string());
 
         chat_id.set_draft(&t, Some(&mut msg)).await.unwrap();
         let draft = chat_id.get_draft(&t).await.unwrap().unwrap();
@@ -4792,13 +4806,11 @@ mod tests {
         let t = TestContext::new_alice().await;
         let chat_id = create_group_chat(&t, ProtectionStatus::Unprotected, "abc").await?;
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("hi!".to_string());
+        let mut msg = Message::new_text("hi!".to_string());
         chat_id.set_draft(&t, Some(&mut msg)).await?;
         assert!(chat_id.get_draft(&t).await?.is_some());
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("another".to_string());
+        let mut msg = Message::new_text("another".to_string());
         chat_id.set_draft(&t, Some(&mut msg)).await?;
         assert!(chat_id.get_draft(&t).await?.is_some());
 
@@ -4812,8 +4824,7 @@ mod tests {
     async fn test_forwarding_draft_failing() -> Result<()> {
         let t = TestContext::new_alice().await;
         let chat_id = &t.get_self_chat().await.id;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("hello".to_string());
+        let mut msg = Message::new_text("hello".to_string());
         chat_id.set_draft(&t, Some(&mut msg)).await?;
         assert_eq!(msg.id, chat_id.get_draft(&t).await?.unwrap().id);
 
@@ -4826,8 +4837,7 @@ mod tests {
     async fn test_draft_stable_ids() -> Result<()> {
         let t = TestContext::new_alice().await;
         let chat_id = &t.get_self_chat().await.id;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("hello".to_string());
+        let mut msg = Message::new_text("hello".to_string());
         assert_eq!(msg.id, MsgId::new_unset());
         assert!(chat_id.get_draft_msg_id(&t).await?.is_none());
 
@@ -4873,11 +4883,7 @@ mod tests {
         let chat_id = create_group_chat(&t, ProtectionStatus::Unprotected, "abc").await?;
 
         let msgs: Vec<message::Message> = (1..=1000)
-            .map(|i| {
-                let mut msg = Message::new(Viewtype::Text);
-                msg.set_text(i.to_string());
-                msg
-            })
+            .map(|i| Message::new_text(i.to_string()))
             .collect();
         let mut tasks = Vec::new();
         for mut msg in msgs {
@@ -4910,8 +4916,7 @@ mod tests {
                 .await?;
 
         // save a draft
-        let mut draft = Message::new(Viewtype::Text);
-        draft.set_text("draft text".to_string());
+        let mut draft = Message::new_text("draft text".to_string());
         chat_id.set_draft(&t, Some(&mut draft)).await?;
 
         let test = Message::load_from_db(&t, draft.id).await?;
@@ -4964,29 +4969,25 @@ mod tests {
         let one2one_msg = Message::load_from_db(&alice, one2one_msg_id).await?;
 
         // quoting messages in same chat is okay
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("baz".to_string());
+        let mut msg = Message::new_text("baz".to_string());
         msg.set_quote(&alice, Some(&grp_msg)).await?;
         let result = send_msg(&alice, grp_chat_id, &mut msg).await;
         assert!(result.is_ok());
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("baz".to_string());
+        let mut msg = Message::new_text("baz".to_string());
         msg.set_quote(&alice, Some(&one2one_msg)).await?;
         let result = send_msg(&alice, one2one_chat_id, &mut msg).await;
         assert!(result.is_ok());
         let one2one_quote_reply_msg_id = result.unwrap();
 
         // quoting messages from groups to one-to-ones is okay ("reply privately")
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("baz".to_string());
+        let mut msg = Message::new_text("baz".to_string());
         msg.set_quote(&alice, Some(&grp_msg)).await?;
         let result = send_msg(&alice, one2one_chat_id, &mut msg).await;
         assert!(result.is_ok());
 
         // quoting messages from one-to-one chats in groups is an error; usually this is also not allowed by UI at all ...
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("baz".to_string());
+        let mut msg = Message::new_text("baz".to_string());
         msg.set_quote(&alice, Some(&one2one_msg)).await?;
         let result = send_msg(&alice, grp_chat_id, &mut msg).await;
         assert!(result.is_err());
@@ -5383,7 +5384,7 @@ mod tests {
 
         // Eventually, first removal message arrives.
         // This has no effect.
-        bob.recv_msg(&remove1).await;
+        bob.recv_msg_trash(&remove1).await;
         assert_eq!(get_chat_contacts(&bob, bob_chat_id).await?.len(), 2);
         Ok(())
     }
@@ -5478,13 +5479,11 @@ mod tests {
         let t = TestContext::new().await;
 
         // add two device-messages
-        let mut msg1 = Message::new(Viewtype::Text);
-        msg1.set_text("first message".to_string());
+        let mut msg1 = Message::new_text("first message".to_string());
         let msg1_id = add_device_msg(&t, None, Some(&mut msg1)).await;
         assert!(msg1_id.is_ok());
 
-        let mut msg2 = Message::new(Viewtype::Text);
-        msg2.set_text("second message".to_string());
+        let mut msg2 = Message::new_text("second message".to_string());
         let msg2_id = add_device_msg(&t, None, Some(&mut msg2)).await;
         assert!(msg2_id.is_ok());
         assert_ne!(msg1_id.as_ref().unwrap(), msg2_id.as_ref().unwrap());
@@ -5513,14 +5512,12 @@ mod tests {
         let t = TestContext::new().await;
 
         // add two device-messages with the same label (second attempt is not added)
-        let mut msg1 = Message::new(Viewtype::Text);
-        msg1.text = "first message".to_string();
+        let mut msg1 = Message::new_text("first message".to_string());
         let msg1_id = add_device_msg(&t, Some("any-label"), Some(&mut msg1)).await;
         assert!(msg1_id.is_ok());
         assert!(!msg1_id.as_ref().unwrap().is_unset());
 
-        let mut msg2 = Message::new(Viewtype::Text);
-        msg2.text = "second message".to_string();
+        let mut msg2 = Message::new_text("second message".to_string());
         let msg2_id = add_device_msg(&t, Some("any-label"), Some(&mut msg2)).await;
         assert!(msg2_id.is_ok());
         assert!(msg2_id.as_ref().unwrap().is_unset());
@@ -5567,8 +5564,7 @@ mod tests {
         let res = add_device_msg(&t, Some("some-label"), None).await;
         assert!(res.is_ok());
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("message text".to_string());
+        let mut msg = Message::new_text("message text".to_string());
 
         let msg_id = add_device_msg(&t, Some("some-label"), Some(&mut msg)).await;
         assert!(msg_id.is_ok());
@@ -5585,8 +5581,7 @@ mod tests {
         add_device_msg(&t, Some("some-label"), None).await.ok();
         assert!(was_device_msg_ever_added(&t, "some-label").await.unwrap());
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("message text".to_string());
+        let mut msg = Message::new_text("message text".to_string());
         add_device_msg(&t, Some("another-label"), Some(&mut msg))
             .await
             .ok();
@@ -5603,8 +5598,7 @@ mod tests {
     async fn test_delete_device_chat() {
         let t = TestContext::new().await;
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("message text".to_string());
+        let mut msg = Message::new_text("message text".to_string());
         add_device_msg(&t, Some("some-label"), Some(&mut msg))
             .await
             .ok();
@@ -5627,8 +5621,7 @@ mod tests {
             .await
             .unwrap();
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("message text".to_string());
+        let mut msg = Message::new_text("message text".to_string());
         assert!(send_msg(&t, device_chat_id, &mut msg).await.is_err());
         assert!(prepare_msg(&t, device_chat_id, &mut msg).await.is_err());
 
@@ -5639,8 +5632,7 @@ mod tests {
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_delete_and_reset_all_device_msgs() {
         let t = TestContext::new().await;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("message text".to_string());
+        let mut msg = Message::new_text("message text".to_string());
         let msg_id1 = add_device_msg(&t, Some("some-label"), Some(&mut msg))
             .await
             .unwrap();
@@ -5672,8 +5664,7 @@ mod tests {
     async fn test_archive() {
         // create two chats
         let t = TestContext::new().await;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("foo".to_string());
+        let mut msg = Message::new_text("foo".to_string());
         let msg_id = add_device_msg(&t, None, Some(&mut msg)).await.unwrap();
         let chat_id1 = message::Message::load_from_db(&t, msg_id)
             .await
@@ -5973,8 +5964,7 @@ mod tests {
         let t = TestContext::new().await;
 
         // create 3 chats, wait 1 second in between to get a reliable order (we order by time)
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("foo".to_string());
+        let mut msg = Message::new_text("foo".to_string());
         let msg_id = add_device_msg(&t, None, Some(&mut msg)).await.unwrap();
         let chat_id1 = message::Message::load_from_db(&t, msg_id)
             .await
@@ -6051,8 +6041,7 @@ mod tests {
             ChatVisibility::Pinned,
         );
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("hi!".into());
+        let mut msg = Message::new_text("hi!".into());
         let sent_msg = bob.send_msg(bob_chat_id, &mut msg).await;
         let msg = alice.recv_msg(&sent_msg).await;
         assert_eq!(msg.chat_id, alice_chat_id);
@@ -6691,8 +6680,7 @@ mod tests {
         let alice_chat = alice.create_chat(&bob).await;
         let bob_chat = bob.create_chat(&alice).await;
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("Hi Bob".to_owned());
+        let mut msg = Message::new_text("Hi Bob".to_owned());
         let sent_msg = alice.send_msg(alice_chat.get_id(), &mut msg).await;
         let msg = bob.recv_msg(&sent_msg).await;
 
@@ -6743,8 +6731,7 @@ mod tests {
         let received_msg = bob.recv_msg(&sent_msg).await;
 
         // Bob quotes received message and sends a reply to Alice.
-        let mut reply = Message::new(Viewtype::Text);
-        reply.set_text("Reply".to_owned());
+        let mut reply = Message::new_text("Reply".to_owned());
         reply.set_quote(&bob, Some(&received_msg)).await?;
         let sent_reply = bob.send_msg(bob_chat.id, &mut reply).await;
         let received_reply = alice.recv_msg(&sent_reply).await;
@@ -6827,8 +6814,7 @@ mod tests {
         let group_id =
             create_group_chat(&alice, ProtectionStatus::Unprotected, "secretgrpname").await?;
         add_contact_to_chat(&alice, group_id, bob_id).await?;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("bla foo".to_owned());
+        let mut msg = Message::new_text("bla foo".to_owned());
         let sent_msg = alice.send_msg(group_id, &mut msg).await;
         assert!(sent_msg.payload().contains("secretgrpname"));
         assert!(sent_msg.payload().contains("secretname"));
@@ -7723,4 +7709,19 @@ mod tests {
 
         Ok(())
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_do_not_overwrite_draft() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = tcm.alice().await;
+        let mut msg = Message::new_text("This is a draft message".to_string());
+        let self_chat = alice.get_self_chat().await.id;
+        self_chat.set_draft(&alice, Some(&mut msg)).await.unwrap();
+        let draft1 = self_chat.get_draft(&alice).await?.unwrap();
+        SystemTime::shift(Duration::from_secs(1));
+        self_chat.set_draft(&alice, Some(&mut msg)).await.unwrap();
+        let draft2 = self_chat.get_draft(&alice).await?.unwrap();
+        assert_eq!(draft1.timestamp_sort, draft2.timestamp_sort);
+        Ok(())
+    }
 }

src/chatlist.rs

@@ -394,25 +394,32 @@ impl Chatlist {
             &chat_loaded
         };
 
-        let (lastmsg, lastcontact) = if let Some(lastmsg_id) = lastmsg_id {
-            let lastmsg = Message::load_from_db(context, lastmsg_id)
+        let lastmsg = if let Some(lastmsg_id) = lastmsg_id {
+            // Message may be deleted by the time we try to load it,
+            // so use `load_from_db_optional` instead of `load_from_db`.
+            Message::load_from_db_optional(context, lastmsg_id)
                 .await
-                .context("loading message failed")?;
+                .context("Loading message failed")?
+        } else {
+            None
+        };
+
+        let lastcontact = if let Some(lastmsg) = &lastmsg {
             if lastmsg.from_id == ContactId::SELF {
-                (Some(lastmsg), None)
+                None
             } else {
                 match chat.typ {
                     Chattype::Group | Chattype::Broadcast | Chattype::Mailinglist => {
                         let lastcontact = Contact::get_by_id(context, lastmsg.from_id)
                             .await
                             .context("loading contact failed")?;
-                        (Some(lastmsg), Some(lastcontact))
+                        Some(lastcontact)
                     }
-                    Chattype::Single => (Some(lastmsg), None),
+                    Chattype::Single => None,
                 }
             }
         } else {
-            (None, None)
+            None
         };
 
         if chat.id.is_archived_link() {
@@ -476,7 +483,6 @@ mod tests {
         add_contact_to_chat, create_group_chat, get_chat_contacts, remove_contact_from_chat,
         send_text_msg, ProtectionStatus,
     };
-    use crate::message::Viewtype;
     use crate::receive_imf::receive_imf;
     use crate::stock_str::StockMessage;
     use crate::test_utils::TestContext;
@@ -510,8 +516,7 @@ mod tests {
         // Instead of setting drafts for chat_id1 and chat_id3, we could also sleep
         // 2s here.
         for chat_id in &[chat_id1, chat_id3, chat_id2] {
-            let mut msg = Message::new(Viewtype::Text);
-            msg.set_text("hello".to_string());
+            let mut msg = Message::new_text("hello".to_string());
             chat_id.set_draft(&t, Some(&mut msg)).await.unwrap();
         }
 
@@ -755,8 +760,7 @@ mod tests {
             .await
             .unwrap();
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("foo:\nbar \r\n test".to_string());
+        let mut msg = Message::new_text("foo:\nbar \r\n test".to_string());
         chat_id1.set_draft(&t, Some(&mut msg)).await.unwrap();
 
         let chats = Chatlist::try_load(&t, 0, None, None).await.unwrap();
@@ -764,6 +768,25 @@ mod tests {
         assert_eq!(summary.text, "foo: bar test"); // the linebreak should be removed from summary
     }
 
+    /// Tests that summary does not fail to load
+    /// if the draft was deleted after loading the chatlist.
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_get_summary_deleted_draft() {
+        let t = TestContext::new().await;
+
+        let chat_id = create_group_chat(&t, ProtectionStatus::Unprotected, "a chat")
+            .await
+            .unwrap();
+        let mut msg = Message::new_text("Foobar".to_string());
+        chat_id.set_draft(&t, Some(&mut msg)).await.unwrap();
+
+        let chats = Chatlist::try_load(&t, 0, None, None).await.unwrap();
+        chat_id.set_draft(&t, None).await.unwrap();
+
+        let summary_res = chats.get_summary(&t, 0, None).await;
+        assert!(summary_res.is_ok());
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_load_broken() {
         let t = TestContext::new_bob().await;

src/config.rs

@@ -396,6 +396,12 @@ pub enum Config {
     /// Make all outgoing messages with Autocrypt header "multipart/signed".
     SignUnencrypted,
 
+    /// Enable header protection for `Autocrypt` header.
+    ///
+    /// This is an experimental setting not compatible to other MUAs
+    /// and older Delta Chat versions (core version <= v1.149.0).
+    ProtectAutocrypt,
+
     /// Let the core save all events to the database.
     /// This value is used internally to remember the MsgId of the logging xdc
     #[strum(props(default = "0"))]
@@ -433,6 +439,7 @@ pub enum Config {
     WebxdcIntegration,
 
     /// Enable webxdc realtime features.
+    #[strum(props(default = "1"))]
     WebxdcRealtimeEnabled,
 }
 

src/configure.rs

@@ -19,11 +19,12 @@ use auto_outlook::outlk_autodiscover;
 use deltachat_contact_tools::EmailAddress;
 use futures::FutureExt;
 use futures_lite::FutureExt as _;
-use percent_encoding::{utf8_percent_encode, NON_ALPHANUMERIC};
+use percent_encoding::utf8_percent_encode;
 use server_params::{expand_param_vector, ServerParams};
 use tokio::task;
 
 use crate::config::{self, Config};
+use crate::constants::NON_ALPHANUMERIC_WITHOUT_DOT;
 use crate::context::Context;
 use crate::imap::Imap;
 use crate::log::LogExt;
@@ -31,7 +32,7 @@ use crate::login_param::{
     ConfiguredCertificateChecks, ConfiguredLoginParam, ConfiguredServerLoginParam,
     ConnectionCandidate, EnteredCertificateChecks, EnteredLoginParam,
 };
-use crate::message::{Message, Viewtype};
+use crate::message::Message;
 use crate::oauth2::get_oauth2_addr;
 use crate::provider::{Protocol, Socket, UsernamePattern};
 use crate::smtp::Smtp;
@@ -111,15 +112,10 @@ impl Context {
 
         let param = EnteredLoginParam::load(self).await?;
         let old_addr = self.get_config(Config::ConfiguredAddr).await?;
-
-        let configured_param_res = configure(self, &param).await;
-        self.set_config_internal(Config::NotifyAboutWrongPw, None)
-            .await?;
-
-        on_configure_completed(self, configured_param_res?, old_addr).await?;
-
+        let configured_param = configure(self, &param).await?;
         self.set_config_internal(Config::NotifyAboutWrongPw, Some("1"))
             .await?;
+        on_configure_completed(self, configured_param, old_addr).await?;
         Ok(())
     }
 }
@@ -147,8 +143,7 @@ async fn on_configure_completed(
         }
 
         if !provider.after_login_hint.is_empty() {
-            let mut msg = Message::new(Viewtype::Text);
-            msg.text = provider.after_login_hint.to_string();
+            let mut msg = Message::new_text(provider.after_login_hint.to_string());
             if chat::add_device_msg(context, Some("core-provider-info"), Some(&mut msg))
                 .await
                 .is_err()
@@ -161,9 +156,9 @@ async fn on_configure_completed(
     if let Some(new_addr) = context.get_config(Config::ConfiguredAddr).await? {
         if let Some(old_addr) = old_addr {
             if !addr_cmp(&new_addr, &old_addr) {
-                let mut msg = Message::new(Viewtype::Text);
-                msg.text =
-                    stock_str::aeap_explanation_and_link(context, &old_addr, &new_addr).await;
+                let mut msg = Message::new_text(
+                    stock_str::aeap_explanation_and_link(context, &old_addr, &new_addr).await,
+                );
                 chat::add_device_msg(context, None, Some(&mut msg))
                     .await
                     .context("Cannot add AEAP explanation")
@@ -417,7 +412,8 @@ async fn configure(ctx: &Context, param: &EnteredLoginParam) -> Result<Configure
         configured_param.oauth2,
         r,
     );
-    let mut imap_session = match imap.connect(ctx).await {
+    let configuring = true;
+    let mut imap_session = match imap.connect(ctx, configuring).await {
         Ok(session) => session,
         Err(err) => bail!("{}", nicer_configuration_error(ctx, err.to_string()).await),
     };
@@ -503,7 +499,15 @@ async fn get_autoconfig(
     param: &EnteredLoginParam,
     param_domain: &str,
 ) -> Option<Vec<ServerParams>> {
-    let param_addr_urlencoded = utf8_percent_encode(&param.addr, NON_ALPHANUMERIC).to_string();
+    // Make sure to not encode `.` as `%2E` here.
+    // Some servers like murena.io on 2024-11-01 produce incorrect autoconfig XML
+    // when address is encoded.
+    // E.g.
+    // <https://autoconfig.murena.io/mail/config-v1.1.xml?emailaddress=foobar%40example%2Eorg>
+    // produced XML file with `<username>foobar@example%2Eorg</username>`
+    // resulting in failure to log in.
+    let param_addr_urlencoded =
+        utf8_percent_encode(&param.addr, NON_ALPHANUMERIC_WITHOUT_DOT).to_string();
 
     if let Ok(res) = moz_autoconfigure(
         ctx,
@@ -607,8 +611,6 @@ pub enum Error {
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
     use crate::config::Config;
     use crate::login_param::EnteredServerLoginParam;

src/configure/auto_mozilla.rs

@@ -272,8 +272,6 @@ pub(crate) async fn moz_autoconfigure(
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
 
     #[test]

src/configure/auto_outlook.rs

@@ -215,8 +215,6 @@ pub(crate) async fn outlk_autodiscover(
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
 
     #[test]

src/constants.rs

@@ -4,12 +4,16 @@
 
 use deltachat_derive::{FromSql, ToSql};
 use once_cell::sync::Lazy;
+use percent_encoding::{AsciiSet, NON_ALPHANUMERIC};
 use serde::{Deserialize, Serialize};
 
 use crate::chat::ChatId;
 
 pub static DC_VERSION_STR: Lazy<String> = Lazy::new(|| env!("CARGO_PKG_VERSION").to_string());
 
+/// Set of characters to percent-encode in email addresses and names.
+pub(crate) const NON_ALPHANUMERIC_WITHOUT_DOT: &AsciiSet = &NON_ALPHANUMERIC.remove(b'.');
+
 #[derive(
     Debug,
     Default,

src/contact.rs

@@ -143,6 +143,43 @@ impl ContactId {
             .await?;
         Ok(())
     }
+
+    /// Returns contact adress.
+    pub async fn addr(&self, context: &Context) -> Result<String> {
+        let addr = context
+            .sql
+            .query_row("SELECT addr FROM contacts WHERE id=?", (self,), |row| {
+                let addr: String = row.get(0)?;
+                Ok(addr)
+            })
+            .await?;
+        Ok(addr)
+    }
+
+    /// Resets encryption with the contact.
+    ///
+    /// Effect is similar to receiving a message without Autocrypt header
+    /// from the contact, but this action is triggered manually by the user.
+    ///
+    /// For example, this will result in sending the next message
+    /// to 1:1 chat unencrypted, but will not remove existing verified keys.
+    pub async fn reset_encryption(self, context: &Context) -> Result<()> {
+        let now = time();
+
+        let addr = self.addr(context).await?;
+        if let Some(mut peerstate) = Peerstate::from_addr(context, &addr).await? {
+            peerstate.degrade_encryption(now);
+            peerstate.save_to_db(&context.sql).await?;
+        }
+
+        // Reset 1:1 chat protection.
+        if let Some(chat_id) = ChatId::lookup_by_contact(context, self).await? {
+            chat_id
+                .set_protection(context, ProtectionStatus::Unprotected, now, Some(self))
+                .await?;
+        }
+        Ok(())
+    }
 }
 
 impl fmt::Display for ContactId {
@@ -425,9 +462,12 @@ pub enum Origin {
     /// To: of incoming messages of unknown sender
     IncomingUnknownTo = 0x40,
 
-    /// address scanned but not verified
+    /// Address scanned but not verified.
     UnhandledQrScan = 0x80,
 
+    /// Address scanned from a SecureJoin QR code, but not verified yet.
+    UnhandledSecurejoinQrScan = 0x81,
+
     /// Reply-To: of incoming message of known sender
     /// Contacts with at least this origin value are shown in the contact list.
     IncomingReplyTo = 0x100,
@@ -1212,15 +1252,15 @@ impl Contact {
 
         let fingerprint_self = load_self_public_key(context)
             .await?
-            .fingerprint()
+            .dc_fingerprint()
             .to_string();
         let fingerprint_other_verified = peerstate
             .peek_key(true)
-            .map(|k| k.fingerprint().to_string())
+            .map(|k| k.dc_fingerprint().to_string())
             .unwrap_or_default();
         let fingerprint_other_unverified = peerstate
             .peek_key(false)
-            .map(|k| k.fingerprint().to_string())
+            .map(|k| k.dc_fingerprint().to_string())
             .unwrap_or_default();
         if addr < peerstate.addr {
             cat_fingerprint(&mut ret, &addr, &fingerprint_self, "");
@@ -3149,4 +3189,59 @@ Until the false-positive is fixed:
 
         Ok(())
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_reset_encryption() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        let bob = &tcm.bob().await;
+
+        let msg = tcm.send_recv_accept(alice, bob, "Hello!").await;
+        assert_eq!(msg.get_showpadlock(), false);
+
+        let msg = tcm.send_recv(bob, alice, "Hi!").await;
+        assert_eq!(msg.get_showpadlock(), true);
+        let alice_bob_contact_id = msg.from_id;
+
+        alice_bob_contact_id.reset_encryption(alice).await?;
+
+        let msg = tcm.send_recv(alice, bob, "Unencrypted").await;
+        assert_eq!(msg.get_showpadlock(), false);
+
+        Ok(())
+    }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_reset_verified_encryption() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        let bob = &tcm.bob().await;
+
+        tcm.execute_securejoin(bob, alice).await;
+
+        let msg = tcm.send_recv(bob, alice, "Encrypted").await;
+        assert_eq!(msg.get_showpadlock(), true);
+
+        let alice_bob_chat_id = msg.chat_id;
+        let alice_bob_contact_id = msg.from_id;
+        alice_bob_contact_id.reset_encryption(alice).await?;
+
+        // Check that the contact is still verified after resetting encryption.
+        let alice_bob_contact = Contact::get_by_id(alice, alice_bob_contact_id).await?;
+        assert_eq!(alice_bob_contact.is_verified(alice).await?, true);
+
+        // 1:1 chat and profile is no longer verified.
+        assert_eq!(alice_bob_contact.is_profile_verified(alice).await?, false);
+
+        let info_msg = alice.get_last_msg_in(alice_bob_chat_id).await;
+        assert_eq!(
+            info_msg.text,
+            "bob@example.net sent a message from another device."
+        );
+
+        let msg = tcm.send_recv(alice, bob, "Unencrypted").await;
+        assert_eq!(msg.get_showpadlock(), false);
+
+        Ok(())
+    }
 }

src/context.rs

@@ -10,6 +10,7 @@ use std::time::Duration;
 
 use anyhow::{bail, ensure, Context as _, Result};
 use async_channel::{self as channel, Receiver, Sender};
+use pgp::types::PublicKeyTrait;
 use pgp::SignedPublicKey;
 use ratelimit::Ratelimit;
 use tokio::sync::{Mutex, Notify, OnceCell, RwLock};
@@ -28,7 +29,7 @@ use crate::events::{Event, EventEmitter, EventType, Events};
 use crate::imap::{FolderMeaning, Imap, ServerMetadata};
 use crate::key::{load_self_public_key, load_self_secret_key, DcKey as _};
 use crate::login_param::{ConfiguredLoginParam, EnteredLoginParam};
-use crate::message::{self, Message, MessageState, MsgId, Viewtype};
+use crate::message::{self, Message, MessageState, MsgId};
 use crate::param::{Param, Params};
 use crate::peer_channels::Iroh;
 use crate::peerstate::Peerstate;
@@ -471,6 +472,14 @@ impl Context {
             // Allow at least 1 message every second + a burst of 3.
             *lock = Ratelimit::new(Duration::new(3, 0), 3.0);
         }
+
+        // The next line is mainly for iOS:
+        // iOS starts a separate process for receiving notifications and if the user concurrently
+        // starts the app, the UI process opens the database but waits with calling start_io()
+        // until the notifications process finishes.
+        // Now, some configs may have changed, so, we need to invalidate the cache.
+        self.sql.config_cache.write().await.clear();
+
         self.scheduler.start(self.clone()).await;
     }
 
@@ -781,7 +790,7 @@ impl Context {
             .count("SELECT COUNT(*) FROM acpeerstates;", ())
             .await?;
         let fingerprint_str = match load_self_public_key(self).await {
-            Ok(key) => key.fingerprint().hex(),
+            Ok(key) => key.dc_fingerprint().hex(),
             Err(err) => format!("<key failure: {err}>"),
         };
 
@@ -990,6 +999,12 @@ impl Context {
                 .await?
                 .to_string(),
         );
+        res.insert(
+            "protect_autocrypt",
+            self.get_config_int(Config::ProtectAutocrypt)
+                .await?
+                .to_string(),
+        );
         res.insert(
             "debug_logging",
             self.get_config_int(Config::DebugLogging).await?.to_string(),
@@ -1171,15 +1186,14 @@ impl Context {
             EncryptPreference::Mutual,
             &public_key,
         );
-        let fingerprint = public_key.fingerprint();
+        let fingerprint = public_key.dc_fingerprint();
         peerstate.set_verified(public_key, fingerprint, "".to_string())?;
         peerstate.save_to_db(&self.sql).await?;
         chat_id
             .set_protection(self, ProtectionStatus::Protected, time(), Some(contact_id))
             .await?;
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.text = self.get_self_report().await?;
+        let mut msg = Message::new_text(self.get_self_report().await?);
 
         chat_id.set_draft(self, Some(&mut msg)).await?;
 
@@ -1778,12 +1792,10 @@ mod tests {
         assert!(res.is_empty());
 
         // Add messages to chat with Bob.
-        let mut msg1 = Message::new(Viewtype::Text);
-        msg1.set_text("foobar".to_string());
+        let mut msg1 = Message::new_text("foobar".to_string());
         send_msg(&alice, chat.id, &mut msg1).await?;
 
-        let mut msg2 = Message::new(Viewtype::Text);
-        msg2.set_text("barbaz".to_string());
+        let mut msg2 = Message::new_text("barbaz".to_string());
         send_msg(&alice, chat.id, &mut msg2).await?;
 
         alice.send_text(chat.id, "Δ-Chat").await;
@@ -1886,8 +1898,7 @@ mod tests {
             .await;
 
         // Add 999 messages
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("foobar".to_string());
+        let mut msg = Message::new_text("foobar".to_string());
         for _ in 0..999 {
             send_msg(&alice, chat.id, &mut msg).await?;
         }
@@ -2061,4 +2072,41 @@ mod tests {
 
         Ok(())
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_cache_is_cleared_when_io_is_started() -> Result<()> {
+        let alice = TestContext::new_alice().await;
+        assert_eq!(
+            alice.get_config(Config::ShowEmails).await?,
+            Some("2".to_string())
+        );
+
+        // Change the config circumventing the cache
+        // This simulates what the notification plugin on iOS might do
+        // because it runs in a different process
+        alice
+            .sql
+            .execute(
+                "INSERT OR REPLACE INTO config (keyname, value) VALUES ('show_emails', '0')",
+                (),
+            )
+            .await?;
+
+        // Alice's Delta Chat doesn't know about it yet:
+        assert_eq!(
+            alice.get_config(Config::ShowEmails).await?,
+            Some("2".to_string())
+        );
+
+        // Starting IO will fail of course because no server settings are configured,
+        // but it should invalidate the caches:
+        alice.start_io().await;
+
+        assert_eq!(
+            alice.get_config(Config::ShowEmails).await?,
+            Some("0".to_string())
+        );
+
+        Ok(())
+    }
 }

src/decrypt.rs

@@ -1,125 +1,36 @@
 //! End-to-end decryption support.
 
 use std::collections::HashSet;
-use std::str::FromStr;
 
 use anyhow::Result;
 use deltachat_contact_tools::addr_cmp;
 use mailparse::ParsedMail;
 
 use crate::aheader::Aheader;
-use crate::authres::handle_authres;
-use crate::authres::{self, DkimResults};
 use crate::context::Context;
-use crate::headerdef::{HeaderDef, HeaderDefMap};
 use crate::key::{DcKey, Fingerprint, SignedPublicKey, SignedSecretKey};
 use crate::peerstate::Peerstate;
 use crate::pgp;
 
 /// Tries to decrypt a message, but only if it is structured as an Autocrypt message.
 ///
-/// If successful and the message is encrypted, returns decrypted body and a set of valid
-/// signature fingerprints.
-///
-/// If the message is wrongly signed, HashSet will be empty.
+/// If successful and the message is encrypted, returns decrypted body.
 pub fn try_decrypt(
     mail: &ParsedMail<'_>,
     private_keyring: &[SignedSecretKey],
-    public_keyring_for_validate: &[SignedPublicKey],
-) -> Result<Option<(Vec<u8>, HashSet<Fingerprint>)>> {
+) -> Result<Option<::pgp::composed::Message>> {
     let Some(encrypted_data_part) = get_encrypted_mime(mail) else {
         return Ok(None);
     };
 
-    decrypt_part(
-        encrypted_data_part,
-        private_keyring,
-        public_keyring_for_validate,
-    )
-}
+    let data = encrypted_data_part.get_body_raw()?;
+    let msg = pgp::pk_decrypt(data, private_keyring)?;
 
-pub(crate) async fn prepare_decryption(
-    context: &Context,
-    mail: &ParsedMail<'_>,
-    from: &str,
-    message_time: i64,
-) -> Result<DecryptionInfo> {
-    if mail.headers.get_header(HeaderDef::ListPost).is_some() {
-        if mail.headers.get_header(HeaderDef::Autocrypt).is_some() {
-            info!(
-                context,
-                "Ignoring autocrypt header since this is a mailing list message. \
-                NOTE: For privacy reasons, the mailing list software should remove Autocrypt headers."
-            );
-        }
-        return Ok(DecryptionInfo {
-            from: from.to_string(),
-            autocrypt_header: None,
-            peerstate: None,
-            message_time,
-            dkim_results: DkimResults { dkim_passed: false },
-        });
-    }
-
-    let autocrypt_header = if context.is_self_addr(from).await? {
-        None
-    } else if let Some(aheader_value) = mail.headers.get_header_value(HeaderDef::Autocrypt) {
-        match Aheader::from_str(&aheader_value) {
-            Ok(header) if addr_cmp(&header.addr, from) => Some(header),
-            Ok(header) => {
-                warn!(
-                    context,
-                    "Autocrypt header address {:?} is not {:?}.", header.addr, from
-                );
-                None
-            }
-            Err(err) => {
-                warn!(context, "Failed to parse Autocrypt header: {:#}.", err);
-                None
-            }
-        }
-    } else {
-        None
-    };
-
-    let dkim_results = handle_authres(context, mail, from).await?;
-    let allow_aeap = get_encrypted_mime(mail).is_some();
-    let peerstate = get_autocrypt_peerstate(
-        context,
-        from,
-        autocrypt_header.as_ref(),
-        message_time,
-        allow_aeap,
-    )
-    .await?;
-
-    Ok(DecryptionInfo {
-        from: from.to_string(),
-        autocrypt_header,
-        peerstate,
-        message_time,
-        dkim_results,
-    })
-}
-
-#[derive(Debug)]
-pub struct DecryptionInfo {
-    /// The From address. This is the address from the unnencrypted, outer
-    /// From header.
-    pub from: String,
-    pub autocrypt_header: Option<Aheader>,
-    /// The peerstate that will be used to validate the signatures
-    pub peerstate: Option<Peerstate>,
-    /// The timestamp when the message was sent.
-    /// If this is older than the peerstate's last_seen, this probably
-    /// means out-of-order message arrival, We don't modify the
-    /// peerstate in this case.
-    pub message_time: i64,
-    pub(crate) dkim_results: authres::DkimResults,
+    Ok(Some(msg))
 }
 
 /// Returns a reference to the encrypted payload of a message.
-fn get_encrypted_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail<'b>> {
+pub(crate) fn get_encrypted_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail<'b>> {
     get_autocrypt_mime(mail)
         .or_else(|| get_mixed_up_mime(mail))
         .or_else(|| get_attachment_mime(mail))
@@ -204,37 +115,6 @@ fn get_autocrypt_mime<'a, 'b>(mail: &'a ParsedMail<'b>) -> Option<&'a ParsedMail
     }
 }
 
-/// Returns Ok(None) if nothing encrypted was found.
-fn decrypt_part(
-    mail: &ParsedMail<'_>,
-    private_keyring: &[SignedSecretKey],
-    public_keyring_for_validate: &[SignedPublicKey],
-) -> Result<Option<(Vec<u8>, HashSet<Fingerprint>)>> {
-    let data = mail.get_body_raw()?;
-
-    if has_decrypted_pgp_armor(&data) {
-        let (plain, ret_valid_signatures) =
-            pgp::pk_decrypt(data, private_keyring, public_keyring_for_validate)?;
-        return Ok(Some((plain, ret_valid_signatures)));
-    }
-
-    Ok(None)
-}
-
-#[allow(clippy::indexing_slicing)]
-fn has_decrypted_pgp_armor(input: &[u8]) -> bool {
-    if let Some(index) = input.iter().position(|b| *b > b' ') {
-        if input.len() - index > 26 {
-            let start = index;
-            let end = start + 27;
-
-            return &input[start..end] == b"-----BEGIN PGP MESSAGE-----";
-        }
-    }
-
-    false
-}
-
 /// Validates signatures of Multipart/Signed message part, as defined in RFC 1847.
 ///
 /// Returns the signed part and the set of key
@@ -302,7 +182,7 @@ pub(crate) async fn get_autocrypt_peerstate(
             // if the fingerprint is verified.
             peerstate = Peerstate::from_verified_fingerprint_or_addr(
                 context,
-                &header.public_key.fingerprint(),
+                &header.public_key.dc_fingerprint(),
                 from,
             )
             .await?;
@@ -346,24 +226,6 @@ mod tests {
     use crate::receive_imf::receive_imf;
     use crate::test_utils::TestContext;
 
-    #[test]
-    fn test_has_decrypted_pgp_armor() {
-        let data = b" -----BEGIN PGP MESSAGE-----";
-        assert_eq!(has_decrypted_pgp_armor(data), true);
-
-        let data = b"    \n-----BEGIN PGP MESSAGE-----";
-        assert_eq!(has_decrypted_pgp_armor(data), true);
-
-        let data = b"    -----BEGIN PGP MESSAGE---";
-        assert_eq!(has_decrypted_pgp_armor(data), false);
-
-        let data = b" -----BEGIN PGP MESSAGE-----";
-        assert_eq!(has_decrypted_pgp_armor(data), true);
-
-        let data = b"blas";
-        assert_eq!(has_decrypted_pgp_armor(data), false);
-    }
-
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_mixed_up_mime() -> Result<()> {
         // "Mixed Up" mail as received when sending an encrypted

src/download.rs

@@ -318,8 +318,7 @@ mod tests {
         let t = TestContext::new_alice().await;
         let chat = t.create_chat_with_contact("Bob", "bob@example.org").await;
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("Hi Bob".to_owned());
+        let mut msg = Message::new_text("Hi Bob".to_owned());
         let msg_id = send_msg(&t, chat.id, &mut msg).await?;
         let msg = Message::load_from_db(&t, msg_id).await?;
         assert_eq!(msg.download_state(), DownloadState::Done);

src/e2ee.rs

@@ -303,12 +303,12 @@ Sent with my Delta Chat Messenger: https://delta.chat";
             last_seen_autocrypt: 14,
             prefer_encrypt,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: Some(pub_key.clone()),
             gossip_timestamp: 15,
-            gossip_key_fingerprint: Some(pub_key.fingerprint()),
+            gossip_key_fingerprint: Some(pub_key.dc_fingerprint()),
             verified_key: Some(pub_key.clone()),
-            verified_key_fingerprint: Some(pub_key.fingerprint()),
+            verified_key_fingerprint: Some(pub_key.dc_fingerprint()),
             verifier: None,
             secondary_verified_key: None,
             secondary_verified_key_fingerprint: None,

src/ephemeral.rs

@@ -223,8 +223,9 @@ impl ChatId {
         self.inner_set_ephemeral_timer(context, timer).await?;
 
         if self.is_promoted(context).await? {
-            let mut msg = Message::new(Viewtype::Text);
-            msg.text = stock_ephemeral_timer_changed(context, timer, ContactId::SELF).await;
+            let mut msg = Message::new_text(
+                stock_ephemeral_timer_changed(context, timer, ContactId::SELF).await,
+            );
             msg.param.set_cmd(SystemMessage::EphemeralTimerChanged);
             if let Err(err) = send_msg(context, self, &mut msg).await {
                 error!(
@@ -1362,8 +1363,7 @@ mod tests {
         chat.id
             .set_ephemeral_timer(&alice, Timer::Enabled { duration })
             .await?;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("hi".to_string());
+        let mut msg = Message::new_text("hi".to_string());
         assert!(chat::send_msg_sync(&alice, chat.id, &mut msg)
             .await
             .is_err());
@@ -1393,8 +1393,7 @@ mod tests {
         let sent = alice.pop_sent_msg().await;
         bob.recv_msg(&sent).await;
 
-        let mut poi_msg = Message::new(Viewtype::Text);
-        poi_msg.text = "Here".to_string();
+        let mut poi_msg = Message::new_text("Here".to_string());
         poi_msg.set_location(10.0, 20.0);
 
         let alice_sent_message = alice.send_msg(chat.id, &mut poi_msg).await;

src/html.rs

@@ -144,12 +144,12 @@ impl HtmlMsgParser {
                         self.plain = Some(PlainText {
                             text: decoded_data,
                             flowed: if let Some(format) = mail.ctype.params.get("format") {
-                                format.as_str().to_ascii_lowercase() == "flowed"
+                                format.as_str().eq_ignore_ascii_case("flowed")
                             } else {
                                 false
                             },
                             delsp: if let Some(delsp) = mail.ctype.params.get("delsp") {
-                                delsp.as_str().to_ascii_lowercase() == "yes"
+                                delsp.as_str().eq_ignore_ascii_case("yes")
                             } else {
                                 false
                             },
@@ -283,7 +283,6 @@ mod tests {
 <meta name="color-scheme" content="light dark" />
 </head><body>
 This message does not have Content-Type nor Subject.<br/>
-<br/>
 </body></html>
 "#
         );
@@ -302,7 +301,6 @@ This message does not have Content-Type nor Subject.<br/>
 <meta name="color-scheme" content="light dark" />
 </head><body>
 message with a non-UTF-8 encoding: äöüßÄÖÜ<br/>
-<br/>
 </body></html>
 "#
         );
@@ -325,7 +323,6 @@ This line ends with a space and will be merged with the next one due to format=f
 <br/>
 This line does not end with a space<br/>
 and will be wrapped as usual.<br/>
-<br/>
 </body></html>
 "#
         );
@@ -347,7 +344,6 @@ mime-modified should not be set set as there is no html and no special stuff;<br
 although not being a delta-message.<br/>
 test some special html-characters as &lt; &gt; and &amp; but also &quot; and &#x27; :)<br/>
 <br/>
-<br/>
 </body></html>
 "#
         );
@@ -525,8 +521,7 @@ test some special html-characters as &lt; &gt; and &amp; but also &quot; and &#x
 
         // alice sends a message with html-part to bob
         let chat_id = alice.create_chat(&bob).await.id;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("plain text".to_string());
+        let mut msg = Message::new_text("plain text".to_string());
         msg.set_html(Some("<b>html</b> text".to_string()));
         assert!(msg.mime_modified);
         chat::send_msg(&alice, chat_id, &mut msg).await.unwrap();

src/imap.rs

@@ -36,7 +36,7 @@ use crate::log::LogExt;
 use crate::login_param::{
     prioritize_server_login_params, ConfiguredLoginParam, ConfiguredServerLoginParam,
 };
-use crate::message::{self, Message, MessageState, MessengerMessage, MsgId, Viewtype};
+use crate::message::{self, Message, MessageState, MessengerMessage, MsgId};
 use crate::mimeparser;
 use crate::net::proxy::ProxyConfig;
 use crate::net::session::SessionStream;
@@ -89,7 +89,7 @@ pub(crate) struct Imap {
 
     oauth2: bool,
 
-    login_failed_once: bool,
+    authentication_failed_once: bool,
 
     pub(crate) connectivity: ConnectivityStore,
 
@@ -254,7 +254,7 @@ impl Imap {
             proxy_config,
             strict_tls,
             oauth2,
-            login_failed_once: false,
+            authentication_failed_once: false,
             connectivity: Default::default(),
             conn_last_try: UNIX_EPOCH,
             conn_backoff_ms: 0,
@@ -290,7 +290,11 @@ impl Imap {
     /// Calling this function is not enough to perform IMAP operations. Use [`Imap::prepare`]
     /// instead if you are going to actually use connection rather than trying connection
     /// parameters.
-    pub(crate) async fn connect(&mut self, context: &Context) -> Result<Session> {
+    pub(crate) async fn connect(
+        &mut self,
+        context: &Context,
+        configuring: bool,
+    ) -> Result<Session> {
         let now = tools::Time::now();
         let until_can_send = max(
             min(self.conn_last_try, now)
@@ -398,7 +402,7 @@ impl Imap {
                     let mut lock = context.server_id.write().await;
                     lock.clone_from(&session.capabilities.server_id);
 
-                    self.login_failed_once = false;
+                    self.authentication_failed_once = false;
                     context.emit_event(EventType::ImapConnected(format!(
                         "IMAP-LOGIN as {}",
                         lp.user
@@ -412,37 +416,38 @@ impl Imap {
                     let imap_user = lp.user.to_owned();
                     let message = stock_str::cannot_login(context, &imap_user).await;
 
-                    let err_str = err.to_string();
                     warn!(context, "IMAP failed to login: {err:#}.");
                     first_error.get_or_insert(format_err!("{message} ({err:#})"));
 
-                    let lock = context.wrong_pw_warning_mutex.lock().await;
-                    if self.login_failed_once
-                        && err_str.to_lowercase().contains("authentication")
-                        && context.get_config_bool(Config::NotifyAboutWrongPw).await?
-                    {
-                        if let Err(e) = context
-                            .set_config_internal(Config::NotifyAboutWrongPw, None)
+                    // If it looks like the password is wrong, send a notification:
+                    let _lock = context.wrong_pw_warning_mutex.lock().await;
+                    if err.to_string().to_lowercase().contains("authentication") {
+                        if self.authentication_failed_once
+                            && !configuring
+                            && context.get_config_bool(Config::NotifyAboutWrongPw).await?
+                        {
+                            let mut msg = Message::new_text(message);
+                            if let Err(e) = chat::add_device_msg_with_importance(
+                                context,
+                                None,
+                                Some(&mut msg),
+                                true,
+                            )
                             .await
-                        {
-                            warn!(context, "{e:#}.");
-                        }
-                        drop(lock);
-
-                        let mut msg = Message::new(Viewtype::Text);
-                        msg.text.clone_from(&message);
-                        if let Err(e) = chat::add_device_msg_with_importance(
-                            context,
-                            None,
-                            Some(&mut msg),
-                            true,
-                        )
-                        .await
-                        {
-                            warn!(context, "Failed to add device message: {e:#}.");
+                            {
+                                warn!(context, "Failed to add device message: {e:#}.");
+                            } else {
+                                context
+                                    .set_config_internal(Config::NotifyAboutWrongPw, None)
+                                    .await
+                                    .log_err(context)
+                                    .ok();
+                            }
+                        } else {
+                            self.authentication_failed_once = true;
                         }
                     } else {
-                        self.login_failed_once = true;
+                        self.authentication_failed_once = false;
                     }
                 }
             }
@@ -456,7 +461,8 @@ impl Imap {
     /// Ensure that IMAP client is connected, folders are created and IMAP capabilities are
     /// determined.
     pub(crate) async fn prepare(&mut self, context: &Context) -> Result<Session> {
-        let mut session = match self.connect(context).await {
+        let configuring = false;
+        let mut session = match self.connect(context, configuring).await {
             Ok(session) => session,
             Err(err) => {
                 self.connectivity.set_err(context, &err).await;
@@ -1196,6 +1202,8 @@ impl Session {
             .await
             .context("failed to fetch flags")?;
 
+        let mut got_unsolicited_fetch = false;
+
         while let Some(fetch) = list
             .try_next()
             .await
@@ -1205,6 +1213,7 @@ impl Session {
                 uid
             } else {
                 info!(context, "FETCH result contains no UID, skipping");
+                got_unsolicited_fetch = true;
                 continue;
             };
             let is_seen = fetch.flags().any(|flag| flag == Flag::Seen);
@@ -1227,6 +1236,15 @@ impl Session {
                 warn!(context, "FETCH result contains no MODSEQ");
             }
         }
+        drop(list);
+
+        if got_unsolicited_fetch {
+            // We got unsolicited FETCH, which means some flags
+            // have been modified while our request was in progress.
+            // We may or may not have these new flags as a part of the response,
+            // so better skip next IDLE and do another round of flag synchronization.
+            self.new_mail = true;
+        }
 
         set_modseq(context, folder, highest_modseq)
             .await
@@ -1712,17 +1730,21 @@ impl Imap {
 }
 
 impl Session {
-    /// Return whether the server sent an unsolicited EXISTS response.
+    /// Return whether the server sent an unsolicited EXISTS or FETCH response.
+    ///
     /// Drains all responses from `session.unsolicited_responses` in the process.
-    /// If this returns `true`, this means that new emails arrived and you should
-    /// fetch again, even if you just fetched.
-    fn server_sent_unsolicited_exists(&self, context: &Context) -> Result<bool> {
+    ///
+    /// If this returns `true`, this means that new emails arrived
+    /// or flags have been changed.
+    /// In this case we may want to skip next IDLE and do a round
+    /// of fetching new messages and synchronizing seen flags.
+    fn drain_unsolicited_responses(&self, context: &Context) -> Result<bool> {
         use async_imap::imap_proto::Response;
         use async_imap::imap_proto::ResponseCode;
         use UnsolicitedResponse::*;
 
         let folder = self.selected_folder.as_deref().unwrap_or_default();
-        let mut unsolicited_exists = false;
+        let mut should_refetch = false;
         while let Ok(response) = self.unsolicited_responses.try_recv() {
             match response {
                 Exists(_) => {
@@ -1730,28 +1752,38 @@ impl Session {
                         context,
                         "Need to refetch {folder:?}, got unsolicited EXISTS {response:?}"
                     );
-                    unsolicited_exists = true;
+                    should_refetch = true;
                 }
 
-                // We are not interested in the following responses and they are are
-                // sent quite frequently, so, we ignore them without logging them
                 Expunge(_) | Recent(_) => {}
-                Other(response_data)
-                    if matches!(
-                        response_data.parsed(),
-                        Response::Fetch { .. }
-                            | Response::Done {
-                                code: Some(ResponseCode::CopyUid(_, _, _)),
-                                ..
-                            }
-                    ) => {}
+                Other(ref response_data) => {
+                    match response_data.parsed() {
+                        Response::Fetch { .. } => {
+                            info!(
+                                context,
+                                "Need to refetch {folder:?}, got unsolicited FETCH {response:?}"
+                            );
+                            should_refetch = true;
+                        }
 
+                        // We are not interested in the following responses and they are are
+                        // sent quite frequently, so, we ignore them without logging them.
+                        Response::Done {
+                            code: Some(ResponseCode::CopyUid(_, _, _)),
+                            ..
+                        } => {}
+
+                        _ => {
+                            info!(context, "{folder:?}: got unsolicited response {response:?}")
+                        }
+                    }
+                }
                 _ => {
                     info!(context, "{folder:?}: got unsolicited response {response:?}")
                 }
             }
         }
-        Ok(unsolicited_exists)
+        Ok(should_refetch)
     }
 }
 
@@ -1884,7 +1916,7 @@ async fn needs_move_to_mvbox(
         && has_chat_version
         && headers
             .get_header_value(HeaderDef::AutoSubmitted)
-            .filter(|val| val.to_ascii_lowercase() == "auto-generated")
+            .filter(|val| val.eq_ignore_ascii_case("auto-generated"))
             .is_some()
     {
         if let Some(from) = mimeparser::get_from(headers) {

src/imap/idle.rs

@@ -9,7 +9,6 @@ use tokio::time::timeout;
 use super::session::Session;
 use super::Imap;
 use crate::context::Context;
-use crate::imap::FolderMeaning;
 use crate::net::TIMEOUT;
 use crate::tools::{self, time_elapsed};
 
@@ -32,7 +31,7 @@ impl Session {
 
         self.select_with_uidvalidity(context, folder).await?;
 
-        if self.server_sent_unsolicited_exists(context)? {
+        if self.drain_unsolicited_responses(context)? {
             self.new_mail = true;
         }
 
@@ -109,37 +108,16 @@ impl Imap {
     pub(crate) async fn fake_idle(
         &mut self,
         context: &Context,
-        session: &mut Session,
         watch_folder: String,
-        folder_meaning: FolderMeaning,
     ) -> Result<()> {
         let fake_idle_start_time = tools::Time::now();
 
         info!(context, "IMAP-fake-IDLEing folder={:?}", watch_folder);
 
-        // Loop until we are interrupted or until we fetch something.
-        loop {
-            match timeout(Duration::from_secs(60), self.idle_interrupt_receiver.recv()).await {
-                Err(_) => {
-                    // Let's see if fetching messages results
-                    // in anything.  If so, we behave as if IDLE had data but
-                    // will have already fetched the messages so perform_*_fetch
-                    // will not find any new.
-                    let res = self
-                        .fetch_new_messages(context, session, &watch_folder, folder_meaning, false)
-                        .await?;
-
-                    info!(context, "fetch_new_messages returned {:?}", res);
-
-                    if res {
-                        break;
-                    }
-                }
-                Ok(_) => {
-                    info!(context, "Fake IDLE interrupted.");
-                    break;
-                }
-            }
+        // Wait for 60 seconds or until we are interrupted.
+        match timeout(Duration::from_secs(60), self.idle_interrupt_receiver.recv()).await {
+            Err(_) => info!(context, "Fake IDLE finished."),
+            Ok(_) => info!(context, "Fake IDLE interrupted."),
         }
 
         info!(

src/imap/scan_folders.rs

@@ -66,21 +66,11 @@ impl Imap {
                 && folder_meaning != FolderMeaning::Drafts
                 && folder_meaning != FolderMeaning::Trash
             {
-                // Drain leftover unsolicited EXISTS messages
-                session.server_sent_unsolicited_exists(context)?;
-
-                loop {
-                    self.fetch_move_delete(context, session, folder.name(), folder_meaning)
-                        .await
-                        .context("Can't fetch new msgs in scanned folder")
-                        .log_err(context)
-                        .ok();
-
-                    // If the server sent an unsocicited EXISTS during the fetch, we need to fetch again
-                    if !session.server_sent_unsolicited_exists(context)? {
-                        break;
-                    }
-                }
+                self.fetch_move_delete(context, session, folder.name(), folder_meaning)
+                    .await
+                    .context("Can't fetch new msgs in scanned folder")
+                    .log_err(context)
+                    .ok();
             }
         }
 

src/imex.rs

@@ -4,7 +4,7 @@ use std::ffi::OsStr;
 use std::path::{Path, PathBuf};
 use std::pin::Pin;
 
-use ::pgp::types::KeyTrait;
+use ::pgp::types::PublicKeyTrait;
 use anyhow::{bail, ensure, format_err, Context as _, Result};
 use futures::TryStreamExt;
 use futures_lite::FutureExt;
@@ -750,7 +750,7 @@ where
             true => "private",
         };
         let id = id.map_or("default".into(), |i| i.to_string());
-        let fp = DcKey::fingerprint(key).hex();
+        let fp = key.dc_fingerprint().hex();
         format!("{kind}-key-{addr}-{id}-{fp}.asc")
     };
     let path = dir.join(&file_name);
@@ -878,7 +878,7 @@ mod tests {
             .unwrap()
             .strip_suffix(".asc")
             .unwrap();
-        assert_eq!(fingerprint, DcKey::fingerprint(&key).hex());
+        assert_eq!(fingerprint, key.dc_fingerprint().hex());
         let blobdir = context.ctx.get_blobdir().to_str().unwrap();
         let filename = format!("{blobdir}/{filename}");
         let bytes = tokio::fs::read(&filename).await.unwrap();

src/imex/transfer.rs

@@ -42,7 +42,7 @@ use tokio_util::sync::CancellationToken;
 use crate::chat::add_device_msg;
 use crate::context::Context;
 use crate::imex::BlobDirContents;
-use crate::message::{Message, Viewtype};
+use crate::message::Message;
 use crate::qr::Qr;
 use crate::stock_str::backup_transfer_msg_body;
 use crate::tools::{create_id, time, TempPathGuard};
@@ -200,8 +200,7 @@ impl BackupProvider {
         info!(context, "Received backup reception acknowledgement.");
         context.emit_event(EventType::ImexProgress(1000));
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.text = backup_transfer_msg_body(&context).await;
+        let mut msg = Message::new_text(backup_transfer_msg_body(&context).await);
         add_device_msg(&context, None, Some(&mut msg)).await?;
 
         Ok(())
@@ -369,6 +368,7 @@ mod tests {
     use std::time::Duration;
 
     use crate::chat::{get_chat_msgs, send_msg, ChatItem};
+    use crate::message::Viewtype;
     use crate::test_utils::TestContextManager;
 
     use super::*;
@@ -382,8 +382,7 @@ mod tests {
 
         // Write a message in the self chat
         let self_chat = ctx0.get_self_chat().await;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("hi there".to_string());
+        let mut msg = Message::new_text("hi there".to_string());
         send_msg(&ctx0, self_chat.id, &mut msg).await.unwrap();
 
         // Send an attachment in the self chat

src/key.rs

@@ -11,7 +11,8 @@ use num_traits::FromPrimitive;
 use pgp::composed::Deserializable;
 pub use pgp::composed::{SignedPublicKey, SignedSecretKey};
 use pgp::ser::Serialize;
-use pgp::types::{KeyTrait, SecretKeyTrait};
+use pgp::types::{PublicKeyTrait, SecretKeyTrait};
+use rand::thread_rng;
 use tokio::runtime::Handle;
 
 use crate::config::Config;
@@ -26,7 +27,7 @@ use crate::tools::{self, time_elapsed};
 /// This trait is implemented for rPGP's [SignedPublicKey] and
 /// [SignedSecretKey] types and makes working with them a little
 /// easier in the deltachat world.
-pub(crate) trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
+pub(crate) trait DcKey: Serialize + Deserializable + PublicKeyTrait + Clone {
     /// Create a key from some bytes.
     fn from_slice(bytes: &[u8]) -> Result<Self> {
         Ok(<Self as Deserializable>::from_bytes(Cursor::new(bytes))?)
@@ -93,8 +94,8 @@ pub(crate) trait DcKey: Serialize + Deserializable + KeyTrait + Clone {
     fn to_asc(&self, header: Option<(&str, &str)>) -> String;
 
     /// The fingerprint for the key.
-    fn fingerprint(&self) -> Fingerprint {
-        Fingerprint::new(KeyTrait::fingerprint(self))
+    fn dc_fingerprint(&self) -> Fingerprint {
+        PublicKeyTrait::fingerprint(self).into()
     }
 
     fn is_private() -> bool;
@@ -233,7 +234,8 @@ impl DcSecretKey for SignedSecretKey {
     fn split_public_key(&self) -> Result<SignedPublicKey> {
         self.verify()?;
         let unsigned_pubkey = SecretKeyTrait::public_key(self);
-        let signed_pubkey = unsigned_pubkey.sign(self, || "".into())?;
+        let mut rng = thread_rng();
+        let signed_pubkey = unsigned_pubkey.sign(&mut rng, self, || "".into())?;
         Ok(signed_pubkey)
     }
 }
@@ -395,6 +397,12 @@ impl Fingerprint {
     }
 }
 
+impl From<pgp::types::Fingerprint> for Fingerprint {
+    fn from(fingerprint: pgp::types::Fingerprint) -> Fingerprint {
+        Self::new(fingerprint.as_bytes().into())
+    }
+}
+
 impl fmt::Debug for Fingerprint {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         f.debug_struct("Fingerprint")

src/lib.rs

@@ -16,7 +16,8 @@
     clippy::explicit_into_iter_loop,
     clippy::cloned_instead_of_copied
 )]
-#![cfg_attr(not(test), warn(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::indexing_slicing))]
+#![cfg_attr(not(test), forbid(clippy::string_slice))]
 #![allow(
     clippy::match_bool,
     clippy::mixed_read_write_in_expression,

src/location.rs

@@ -290,8 +290,7 @@ pub async fn send_locations_to_chat(
         )
         .await?;
     if 0 != seconds && !is_sending_locations_before {
-        let mut msg = Message::new(Viewtype::Text);
-        msg.text = stock_str::msg_location_enabled(context).await;
+        let mut msg = Message::new_text(stock_str::msg_location_enabled(context).await);
         msg.param.set_cmd(SystemMessage::LocationStreamingEnabled);
         chat::send_msg(context, chat_id, &mut msg)
             .await
@@ -881,8 +880,6 @@ async fn maybe_send_locations(context: &Context) -> Result<Option<u64>> {
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
     use crate::config::Config;
     use crate::message::MessageState;

src/message.rs

@@ -150,16 +150,17 @@ impl MsgId {
 
     pub(crate) async fn set_delivered(self, context: &Context) -> Result<()> {
         update_msg_state(context, self, MessageState::OutDelivered).await?;
-        let chat_id: ChatId = context
+        let chat_id: Option<ChatId> = context
             .sql
             .query_get_value("SELECT chat_id FROM msgs WHERE id=?", (self,))
-            .await?
-            .unwrap_or_default();
+            .await?;
         context.emit_event(EventType::MsgDelivered {
-            chat_id,
+            chat_id: chat_id.unwrap_or_default(),
             msg_id: self,
         });
-        chatlist_events::emit_chatlist_item_changed(context, chat_id);
+        if let Some(chat_id) = chat_id {
+            chatlist_events::emit_chatlist_item_changed(context, chat_id);
+        }
         Ok(())
     }
 
@@ -491,6 +492,15 @@ impl Message {
         }
     }
 
+    /// Creates a new message with Viewtype::Text.
+    pub fn new_text(text: String) -> Self {
+        Message {
+            viewtype: Viewtype::Text,
+            text,
+            ..Default::default()
+        }
+    }
+
     /// Loads message with given ID from the database.
     ///
     /// Returns an error if the message does not exist.
@@ -1683,6 +1693,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                     m.id AS id,
                     m.chat_id AS chat_id,
                     m.state AS state,
+                    m.download_state as download_state,
                     m.ephemeral_timer AS ephemeral_timer,
                     m.param AS param,
                     m.from_id AS from_id,
@@ -1698,6 +1709,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                 let id: MsgId = row.get("id")?;
                 let chat_id: ChatId = row.get("chat_id")?;
                 let state: MessageState = row.get("state")?;
+                let download_state: DownloadState = row.get("download_state")?;
                 let param: Params = row.get::<_, String>("param")?.parse().unwrap_or_default();
                 let from_id: ContactId = row.get("from_id")?;
                 let rfc724_mid: String = row.get("rfc724_mid")?;
@@ -1709,6 +1721,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
                         id,
                         chat_id,
                         state,
+                        download_state,
                         param,
                         from_id,
                         rfc724_mid,
@@ -1738,6 +1751,7 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
             id,
             curr_chat_id,
             curr_state,
+            curr_download_state,
             curr_param,
             curr_from_id,
             curr_rfc724_mid,
@@ -1747,7 +1761,14 @@ pub async fn markseen_msgs(context: &Context, msg_ids: Vec<MsgId>) -> Result<()>
         _curr_ephemeral_timer,
     ) in msgs
     {
-        if curr_state == MessageState::InFresh || curr_state == MessageState::InNoticed {
+        if curr_download_state != DownloadState::Done {
+            if curr_state == MessageState::InFresh {
+                // Don't mark partially downloaded messages as seen or send a read receipt since
+                // they are not really seen by the user.
+                update_msg_state(context, id, MessageState::InNoticed).await?;
+                updated_chat_ids.insert(curr_chat_id);
+            }
+        } else if curr_state == MessageState::InFresh || curr_state == MessageState::InNoticed {
             update_msg_state(context, id, MessageState::InSeen).await?;
             info!(context, "Seen message {}.", id);
 
@@ -1841,20 +1862,21 @@ pub(crate) async fn set_msg_failed(
     }
     msg.error = Some(error.to_string());
 
-    context
+    let exists = context
         .sql
         .execute(
             "UPDATE msgs SET state=?, error=? WHERE id=?;",
             (msg.state, error, msg.id),
         )
-        .await?;
-
+        .await?
+        > 0;
     context.emit_event(EventType::MsgFailed {
         chat_id: msg.chat_id,
         msg_id: msg.id,
     });
-    chatlist_events::emit_chatlist_item_changed(context, msg.chat_id);
-
+    if exists {
+        chatlist_events::emit_chatlist_item_changed(context, msg.chat_id);
+    }
     Ok(())
 }
 
@@ -2333,8 +2355,7 @@ mod tests {
 
         let chat = d.create_chat_with_contact("", "dest@example.com").await;
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("Quoted message".to_string());
+        let mut msg = Message::new_text("Quoted message".to_string());
 
         // Prepare message for sending, so it gets a Message-Id.
         assert!(msg.rfc724_mid.is_empty());
@@ -2400,9 +2421,8 @@ mod tests {
         add_contact_to_chat(alice, alice_group, alice_flubby_contact_id).await?;
 
         // Alice quotes encrypted message in unencrypted chat.
-        let mut msg = Message::new(Viewtype::Text);
+        let mut msg = Message::new_text("unencrypted".to_string());
         msg.set_quote(alice, Some(&alice_received_message)).await?;
-        msg.set_text("unencrypted".to_string());
         chat::send_msg(alice, alice_group, &mut msg).await?;
 
         let bob_received_message = bob.recv_msg(&alice.pop_sent_msg().await).await;
@@ -2460,8 +2480,7 @@ mod tests {
             .unwrap();
         let contact = Contact::get_by_id(&alice, contact_id).await.unwrap();
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("bla blubb".to_string());
+        let mut msg = Message::new_text("bla blubb".to_string());
         msg.set_override_sender_name(Some("over ride".to_string()));
         assert_eq!(
             msg.get_override_sender_name(),
@@ -2508,8 +2527,7 @@ mod tests {
         let alice = TestContext::new_alice().await;
         let bob = TestContext::new_bob().await;
         let alice_chat = alice.create_chat(&bob).await;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("this is the text!".to_string());
+        let mut msg = Message::new_text("this is the text!".to_string());
 
         // alice sends to bob,
         assert_eq!(Chatlist::try_load(&bob, 0, None, None).await?.len(), 0);
@@ -2576,6 +2594,110 @@ mod tests {
         Ok(())
     }
 
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_markseen_not_downloaded_msg() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        alice.set_config(Config::DownloadLimit, Some("1")).await?;
+        let bob = &tcm.bob().await;
+        let bob_chat_id = tcm.send_recv_accept(alice, bob, "hi").await.chat_id;
+
+        let file_bytes = include_bytes!("../test-data/image/screenshot.png");
+        let mut msg = Message::new(Viewtype::Image);
+        msg.set_file_from_bytes(bob, "a.jpg", file_bytes, None)
+            .await?;
+        let sent_msg = bob.send_msg(bob_chat_id, &mut msg).await;
+        let msg = alice.recv_msg(&sent_msg).await;
+        assert_eq!(msg.download_state, DownloadState::Available);
+        assert!(!msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
+        assert_eq!(msg.state, MessageState::InFresh);
+        markseen_msgs(alice, vec![msg.id]).await?;
+        // A not downloaded message can be seen only if it's seen on another device.
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+        // Marking the message as seen again is a no op.
+        markseen_msgs(alice, vec![msg.id]).await?;
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+
+        msg.id
+            .update_download_state(alice, DownloadState::InProgress)
+            .await?;
+        markseen_msgs(alice, vec![msg.id]).await?;
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+        msg.id
+            .update_download_state(alice, DownloadState::Failure)
+            .await?;
+        markseen_msgs(alice, vec![msg.id]).await?;
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+        msg.id
+            .update_download_state(alice, DownloadState::Undecipherable)
+            .await?;
+        markseen_msgs(alice, vec![msg.id]).await?;
+        assert_eq!(msg.id.get_state(alice).await?, MessageState::InNoticed);
+
+        assert!(
+            !alice
+                .sql
+                .exists("SELECT COUNT(*) FROM smtp_mdns", ())
+                .await?
+        );
+
+        alice.set_config(Config::DownloadLimit, None).await?;
+        // Let's assume that Alice and Bob resolved the problem with encryption.
+        let old_msg = msg;
+        let msg = alice.recv_msg(&sent_msg).await;
+        assert_eq!(msg.chat_id, old_msg.chat_id);
+        assert_eq!(msg.download_state, DownloadState::Done);
+        assert!(msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
+        assert!(msg.get_showpadlock());
+        // The message state mustn't be downgraded to `InFresh`.
+        assert_eq!(msg.state, MessageState::InNoticed);
+        markseen_msgs(alice, vec![msg.id]).await?;
+        let msg = Message::load_from_db(alice, msg.id).await?;
+        assert_eq!(msg.state, MessageState::InSeen);
+        assert_eq!(
+            alice
+                .sql
+                .count("SELECT COUNT(*) FROM smtp_mdns", ())
+                .await?,
+            1
+        );
+        Ok(())
+    }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_msg_seen_on_imap_when_downloaded() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        alice.set_config(Config::DownloadLimit, Some("1")).await?;
+        let bob = &tcm.bob().await;
+        let bob_chat_id = tcm.send_recv_accept(alice, bob, "hi").await.chat_id;
+
+        let file_bytes = include_bytes!("../test-data/image/screenshot.png");
+        let mut msg = Message::new(Viewtype::Image);
+        msg.set_file_from_bytes(bob, "a.jpg", file_bytes, None)
+            .await?;
+        let sent_msg = bob.send_msg(bob_chat_id, &mut msg).await;
+        let msg = alice.recv_msg(&sent_msg).await;
+        assert_eq!(msg.download_state, DownloadState::Available);
+        assert_eq!(msg.state, MessageState::InFresh);
+
+        alice.set_config(Config::DownloadLimit, None).await?;
+        let seen = true;
+        let rcvd_msg = receive_imf(alice, sent_msg.payload().as_bytes(), seen)
+            .await
+            .unwrap()
+            .unwrap();
+        assert_eq!(rcvd_msg.chat_id, msg.chat_id);
+        let msg = Message::load_from_db(alice, *rcvd_msg.msg_ids.last().unwrap())
+            .await
+            .unwrap();
+        assert_eq!(msg.download_state, DownloadState::Done);
+        assert!(msg.param.get_bool(Param::WantsMdn).unwrap_or_default());
+        assert!(msg.get_showpadlock());
+        assert_eq!(msg.state, MessageState::InSeen);
+        Ok(())
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_get_state() -> Result<()> {
         let alice = TestContext::new_alice().await;
@@ -2594,8 +2716,7 @@ mod tests {
         }
 
         // check outgoing messages states on sender side
-        let mut alice_msg = Message::new(Viewtype::Text);
-        alice_msg.set_text("hi!".to_string());
+        let mut alice_msg = Message::new_text("hi!".to_string());
         assert_eq!(alice_msg.get_state(), MessageState::Undefined); // message not yet in db, assert_state() won't work
 
         alice_chat
@@ -2778,8 +2899,7 @@ def hello():
         let chat = alice
             .create_chat_with_contact("Bob", "bob@example.org")
             .await;
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("hi".to_string());
+        let mut msg = Message::new_text("hi".to_string());
         assert!(chat::send_msg_sync(&alice, chat.id, &mut msg)
             .await
             .is_err());

src/mimefactory.rs

@@ -20,6 +20,7 @@ use crate::e2ee::EncryptHelper;
 use crate::ephemeral::Timer as EphemeralTimer;
 use crate::headerdef::HeaderDef;
 use crate::html::new_html_mimepart;
+use crate::location;
 use crate::message::{self, Message, MsgId, Viewtype};
 use crate::mimeparser::SystemMessage;
 use crate::param::Param;
@@ -32,7 +33,6 @@ use crate::tools::{
     create_outgoing_rfc724_mid, create_smeared_timestamp, remove_subject_prefix, time,
 };
 use crate::webxdc::StatusUpdateSerial;
-use crate::{location, peer_channels};
 
 // attachments of 25 mb brutto should work on the majority of providers
 // (brutto examples: web.de=50, 1&1=40, t-online.de=32, gmail=25, posteo=50, yahoo=25, all-inkl=100).
@@ -743,7 +743,9 @@ impl MimeFactory {
                 hidden_headers.push(header);
             } else if header_name == "chat-user-avatar" {
                 hidden_headers.push(header);
-            } else if header_name == "autocrypt" {
+            } else if header_name == "autocrypt"
+                && !context.get_config_bool(Config::ProtectAutocrypt).await?
+            {
                 unprotected_headers.push(header.clone());
             } else if header_name == "from" {
                 // Unencrypted securejoin messages should _not_ include the display name:
@@ -1387,8 +1389,7 @@ impl MimeFactory {
             let json = msg.param.get(Param::Arg).unwrap_or_default();
             parts.push(context.build_status_update_part(json));
         } else if msg.viewtype == Viewtype::Webxdc {
-            let topic = peer_channels::create_random_topic();
-            headers.push(create_iroh_header(context, topic, msg.id).await?);
+            headers.push(create_iroh_header(context, msg.id).await?);
             if let (Some(json), _) = context
                 .render_webxdc_status_update_object(
                     msg.id,
@@ -1983,8 +1984,7 @@ mod tests {
             group_id: ChatId,
             quote: Option<&Message>,
         ) -> Result<String> {
-            let mut new_msg = Message::new(Viewtype::Text);
-            new_msg.set_text("Hi".to_string());
+            let mut new_msg = Message::new_text("Hi".to_string());
             if let Some(q) = quote {
                 new_msg.set_quote(t, Some(q)).await?;
             }
@@ -2070,8 +2070,7 @@ mod tests {
 
         let chat_id = ChatId::create_for_contact(&t, contact_id).await.unwrap();
 
-        let mut new_msg = Message::new(Viewtype::Text);
-        new_msg.set_text("Hi".to_string());
+        let mut new_msg = Message::new_text("Hi".to_string());
         new_msg.chat_id = chat_id;
         chat::prepare_msg(&t, chat_id, &mut new_msg).await.unwrap();
 
@@ -2178,8 +2177,7 @@ mod tests {
         let chat_id = chats.get_chat_id(0).unwrap();
         chat_id.accept(context).await.unwrap();
 
-        let mut new_msg = Message::new(Viewtype::Text);
-        new_msg.set_text("Hi".to_string());
+        let mut new_msg = Message::new_text("Hi".to_string());
         new_msg.chat_id = chat_id;
         chat::prepare_msg(context, chat_id, &mut new_msg)
             .await
@@ -2276,7 +2274,6 @@ mod tests {
         let msg = message.as_string();
 
         let header_end = msg.find("Hi").unwrap();
-        #[allow(clippy::indexing_slicing)]
         let headers = msg[0..header_end].trim();
 
         assert!(!headers.lines().any(|l| l.trim().is_empty()));
@@ -2296,8 +2293,7 @@ mod tests {
 
         // send message to bob: that should get multipart/mixed because of the avatar moved to inner header;
         // make sure, `Subject:` stays in the outer header (imf header)
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("this is the text!".to_string());
+        let mut msg = Message::new_text("this is the text!".to_string());
 
         let sent_msg = t.send_msg(chat.id, &mut msg).await;
         let mut payload = sent_msg.payload().splitn(3, "\r\n\r\n");
@@ -2363,8 +2359,7 @@ mod tests {
         // send message to bob: that should get multipart/signed.
         // `Subject:` is protected by copying it.
         // make sure, `Subject:` stays in the outer header (imf header)
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("this is the text!".to_string());
+        let mut msg = Message::new_text("this is the text!".to_string());
 
         let sent_msg = t.send_msg(chat.id, &mut msg).await;
         let mut payload = sent_msg.payload().splitn(4, "\r\n\r\n");
@@ -2497,8 +2492,7 @@ mod tests {
 
         // send message to bob: that should get multipart/mixed because of the avatar moved to inner header;
         // make sure, `Subject:` stays in the outer header (imf header)
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("this is the text!".to_string());
+        let mut msg = Message::new_text("this is the text!".to_string());
 
         let sent_msg = t.send_msg(chat.id, &mut msg).await;
         let payload = sent_msg.payload();

src/mimeparser.rs

@@ -4,6 +4,7 @@ use std::cmp::min;
 use std::collections::{HashMap, HashSet};
 use std::path::Path;
 use std::str;
+use std::str::FromStr;
 
 use anyhow::{bail, Context as _, Result};
 use deltachat_contact_tools::{addr_cmp, addr_normalize, sanitize_bidi_characters};
@@ -14,6 +15,7 @@ use mailparse::{addrparse_header, DispositionType, MailHeader, MailHeaderMap, Si
 use rand::distributions::{Alphanumeric, DistString};
 
 use crate::aheader::{Aheader, EncryptPreference};
+use crate::authres::handle_authres;
 use crate::blob::BlobObject;
 use crate::chat::{add_info_msg, ChatId};
 use crate::config::Config;
@@ -21,8 +23,8 @@ use crate::constants::{self, Chattype};
 use crate::contact::{Contact, ContactId, Origin};
 use crate::context::Context;
 use crate::decrypt::{
-    keyring_from_peerstate, prepare_decryption, try_decrypt, validate_detached_signature,
-    DecryptionInfo,
+    get_autocrypt_peerstate, get_encrypted_mime, keyring_from_peerstate, try_decrypt,
+    validate_detached_signature,
 };
 use crate::dehtml::dehtml;
 use crate::events::EventType;
@@ -71,7 +73,8 @@ pub(crate) struct MimeMessage {
     /// messages to this address to post them to the list.
     pub list_post: Option<String>,
     pub chat_disposition_notification_to: Option<SingleInfo>,
-    pub decryption_info: DecryptionInfo,
+    pub autocrypt_header: Option<Aheader>,
+    pub peerstate: Option<Peerstate>,
     pub decrypting_failed: bool,
 
     /// Set of valid signature fingerprints if a message is an
@@ -301,42 +304,101 @@ impl MimeMessage {
         let mut from = from.context("No from in message")?;
         let private_keyring = load_self_secret_keyring(context).await?;
 
-        let mut decryption_info =
-            prepare_decryption(context, &mail, &from.addr, timestamp_sent).await?;
+        let allow_aeap = get_encrypted_mime(&mail).is_some();
+
+        let dkim_results = handle_authres(context, &mail, &from.addr).await?;
 
-        // Memory location for a possible decrypted message.
-        let mut mail_raw = Vec::new();
         let mut gossiped_keys = Default::default();
         let mut from_is_signed = false;
         hop_info += "\n\n";
-        hop_info += &decryption_info.dkim_results.to_string();
+        hop_info += &dkim_results.to_string();
 
         let incoming = !context.is_self_addr(&from.addr).await?;
-        let public_keyring = match decryption_info.peerstate.is_none() && !incoming {
-            true => key::load_self_public_keyring(context).await?,
-            false => keyring_from_peerstate(decryption_info.peerstate.as_ref()),
-        };
-        let (mail, mut signatures, encrypted) = match tokio::task::block_in_place(|| {
-            try_decrypt(&mail, &private_keyring, &public_keyring)
-        }) {
-            Ok(Some((raw, signatures))) => {
-                mail_raw = raw;
-                let decrypted_mail = mailparse::parse_mail(&mail_raw)?;
-                if std::env::var(crate::DCC_MIME_DEBUG).is_ok() {
-                    info!(
-                        context,
-                        "decrypted message mime-body:\n{}",
-                        String::from_utf8_lossy(&mail_raw),
-                    );
+
+        let mut aheader_value: Option<String> = mail.headers.get_header_value(HeaderDef::Autocrypt);
+
+        let mail_raw; // Memory location for a possible decrypted message.
+        let decrypted_msg; // Decrypted signed OpenPGP message.
+
+        let (mail, encrypted) =
+            match tokio::task::block_in_place(|| try_decrypt(&mail, &private_keyring)) {
+                Ok(Some(msg)) => {
+                    mail_raw = msg.get_content()?.unwrap_or_default();
+
+                    let decrypted_mail = mailparse::parse_mail(&mail_raw)?;
+                    if std::env::var(crate::DCC_MIME_DEBUG).is_ok() {
+                        info!(
+                            context,
+                            "decrypted message mime-body:\n{}",
+                            String::from_utf8_lossy(&mail_raw),
+                        );
+                    }
+
+                    decrypted_msg = Some(msg);
+                    if let Some(protected_aheader_value) = decrypted_mail
+                        .headers
+                        .get_header_value(HeaderDef::Autocrypt)
+                    {
+                        aheader_value = Some(protected_aheader_value);
+                    }
+
+                    (Ok(decrypted_mail), true)
+                }
+                Ok(None) => {
+                    mail_raw = Vec::new();
+                    decrypted_msg = None;
+                    (Ok(mail), false)
+                }
+                Err(err) => {
+                    mail_raw = Vec::new();
+                    decrypted_msg = None;
+                    warn!(context, "decryption failed: {:#}", err);
+                    (Err(err), false)
+                }
+            };
+
+        let autocrypt_header = if !incoming {
+            None
+        } else if let Some(aheader_value) = aheader_value {
+            match Aheader::from_str(&aheader_value) {
+                Ok(header) if addr_cmp(&header.addr, &from.addr) => Some(header),
+                Ok(header) => {
+                    warn!(
+                        context,
+                        "Autocrypt header address {:?} is not {:?}.", header.addr, from.addr
+                    );
+                    None
+                }
+                Err(err) => {
+                    warn!(context, "Failed to parse Autocrypt header: {:#}.", err);
+                    None
                 }
-                (Ok(decrypted_mail), signatures, true)
-            }
-            Ok(None) => (Ok(mail), HashSet::new(), false),
-            Err(err) => {
-                warn!(context, "decryption failed: {:#}", err);
-                (Err(err), HashSet::new(), false)
             }
+        } else {
+            None
         };
+
+        // The peerstate that will be used to validate the signatures.
+        let mut peerstate = get_autocrypt_peerstate(
+            context,
+            &from.addr,
+            autocrypt_header.as_ref(),
+            timestamp_sent,
+            allow_aeap,
+        )
+        .await?;
+
+        let public_keyring = match peerstate.is_none() && !incoming {
+            true => key::load_self_public_keyring(context).await?,
+            false => keyring_from_peerstate(peerstate.as_ref()),
+        };
+
+        let mut signatures = if let Some(ref decrypted_msg) = decrypted_msg {
+            crate::pgp::valid_signature_fingerprints(decrypted_msg, &public_keyring)?
+        } else {
+            HashSet::new()
+        };
+
         let mail = mail.as_ref().map(|mail| {
             let (content, signatures_detached) = validate_detached_signature(mail, &public_keyring)
                 .unwrap_or((mail, Default::default()));
@@ -422,7 +484,7 @@ impl MimeMessage {
             Self::remove_secured_headers(&mut headers);
 
             // If it is not a read receipt, degrade encryption.
-            if let (Some(peerstate), Ok(mail)) = (&mut decryption_info.peerstate, mail) {
+            if let (Some(peerstate), Ok(mail)) = (&mut peerstate, mail) {
                 if timestamp_sent > peerstate.last_seen_autocrypt
                     && mail.ctype.mimetype != "multipart/report"
                 {
@@ -433,7 +495,7 @@ impl MimeMessage {
         if !encrypted {
             signatures.clear();
         }
-        if let Some(peerstate) = &mut decryption_info.peerstate {
+        if let Some(peerstate) = &mut peerstate {
             if peerstate.prefer_encrypt != EncryptPreference::Mutual && !signatures.is_empty() {
                 peerstate.prefer_encrypt = EncryptPreference::Mutual;
                 peerstate.save_to_db(&context.sql).await?;
@@ -449,7 +511,8 @@ impl MimeMessage {
             from_is_signed,
             incoming,
             chat_disposition_notification_to,
-            decryption_info,
+            autocrypt_header,
+            peerstate,
             decrypting_failed: mail.is_err(),
 
             // only non-empty if it was a valid autocrypt message
@@ -602,11 +665,13 @@ impl MimeMessage {
     /// Delta Chat sends attachments, such as images, in two-part messages, with the first message
     /// containing a description. If such a message is detected, text from the first part can be
     /// moved to the second part, and the first part dropped.
-    #[allow(clippy::indexing_slicing)]
     fn squash_attachment_parts(&mut self) {
-        if let [textpart, filepart] = &self.parts[..] {
-            let need_drop = textpart.typ == Viewtype::Text
-                && match filepart.typ {
+        if self.parts.len() == 2
+            && self.parts.first().map(|textpart| textpart.typ) == Some(Viewtype::Text)
+            && self
+                .parts
+                .get(1)
+                .map_or(false, |filepart| match filepart.typ {
                     Viewtype::Image
                     | Viewtype::Gif
                     | Viewtype::Sticker
@@ -617,24 +682,24 @@ impl MimeMessage {
                     | Viewtype::File
                     | Viewtype::Webxdc => true,
                     Viewtype::Unknown | Viewtype::Text | Viewtype::VideochatInvitation => false,
-                };
+                })
+        {
+            let mut parts = std::mem::take(&mut self.parts);
+            let Some(mut filepart) = parts.pop() else {
+                // Should never happen.
+                return;
+            };
+            let Some(textpart) = parts.pop() else {
+                // Should never happen.
+                return;
+            };
 
-            if need_drop {
-                let mut filepart = self.parts.swap_remove(1);
-
-                // insert new one
-                filepart.msg.clone_from(&self.parts[0].msg);
-                if let Some(quote) = self.parts[0].param.get(Param::Quote) {
-                    filepart.param.set(Param::Quote, quote);
-                }
-
-                // forget the one we use now
-                self.parts[0].msg = "".to_string();
-
-                // swap new with old
-                self.parts.push(filepart); // push to the end
-                let _ = self.parts.swap_remove(0); // drops first element, replacing it with the last one in O(1)
+            filepart.msg.clone_from(&textpart.msg);
+            if let Some(quote) = textpart.param.get(Param::Quote) {
+                filepart.param.set(Param::Quote, quote);
             }
+
+            self.parts = vec![filepart];
         }
     }
 
@@ -1158,7 +1223,7 @@ impl MimeMessage {
 
                         let is_format_flowed = if let Some(format) = mail.ctype.params.get("format")
                         {
-                            format.as_str().to_ascii_lowercase() == "flowed"
+                            format.as_str().eq_ignore_ascii_case("flowed")
                         } else {
                             false
                         };
@@ -1168,7 +1233,7 @@ impl MimeMessage {
                             && is_format_flowed
                         {
                             let delsp = if let Some(delsp) = mail.ctype.params.get("delsp") {
-                                delsp.as_str().to_ascii_lowercase() == "yes"
+                                delsp.as_str().eq_ignore_ascii_case("yes")
                             } else {
                                 false
                             };
@@ -1231,7 +1296,7 @@ impl MimeMessage {
         if decoded_data.is_empty() {
             return Ok(());
         }
-        if let Some(peerstate) = &mut self.decryption_info.peerstate {
+        if let Some(peerstate) = &mut self.peerstate {
             if peerstate.prefer_encrypt != EncryptPreference::Mutual
                 && mime_type.type_() == mime::APPLICATION
                 && mime_type.subtype().as_str() == "pgp-keys"
@@ -1688,7 +1753,6 @@ impl MimeMessage {
     /// Some providers like GMX and Yahoo do not send standard NDNs (Non Delivery notifications).
     /// If you improve heuristics here you might also have to change prefetch_should_download() in imap/mod.rs.
     /// Also you should add a test in receive_imf.rs (there already are lots of test_parse_ndn_* tests).
-    #[allow(clippy::indexing_slicing)]
     async fn heuristically_parse_ndn(&mut self, context: &Context) {
         let maybe_ndn = if let Some(from) = self.get_header(HeaderDef::From_) {
             let from = from.to_ascii_lowercase();
@@ -1851,18 +1915,17 @@ pub(crate) struct DeliveryReport {
     pub failure: bool,
 }
 
-#[allow(clippy::indexing_slicing)]
 pub(crate) fn parse_message_ids(ids: &str) -> Vec<String> {
     // take care with mailparse::msgidparse() that is pretty untolerant eg. wrt missing `<` or `>`
     let mut msgids = Vec::new();
     for id in ids.split_whitespace() {
         let mut id = id.to_string();
-        if id.starts_with('<') {
-            id = id[1..].to_string();
-        }
-        if id.ends_with('>') {
-            id = id[..id.len() - 1].to_string();
-        }
+        if let Some(id_without_prefix) = id.strip_prefix('<') {
+            id = id_without_prefix.to_string();
+        };
+        if let Some(id_without_suffix) = id.strip_suffix('>') {
+            id = id_without_suffix.to_string();
+        };
         if !id.is_empty() {
             msgids.push(id);
         }
@@ -2240,12 +2303,22 @@ async fn handle_ndn(
     } else {
         "Delivery to at least one recipient failed.".to_string()
     };
+    let err_msg = &error;
 
     let mut first = true;
     for msg in msgs {
         let (msg_id, chat_id, chat_type) = msg?;
         let mut message = Message::load_from_db(context, msg_id).await?;
-        set_msg_failed(context, &mut message, &error).await?;
+        let aggregated_error = message
+            .error
+            .as_ref()
+            .map(|err| format!("{}\n\n{}", err, err_msg));
+        set_msg_failed(
+            context,
+            &mut message,
+            aggregated_error.as_ref().unwrap_or(err_msg),
+        )
+        .await?;
         if first {
             // Add only one info msg for all failed messages
             ndn_maybe_add_info_msg(context, failed, chat_id, chat_type).await?;
@@ -2289,8 +2362,6 @@ async fn ndn_maybe_add_info_msg(
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use mailparse::ParsedMail;
 
     use super::*;
@@ -3598,11 +3669,24 @@ On 2020-10-25, Bob wrote:
             assert!(mimemsg.parts[0].msg.len() <= DC_DESIRED_TEXT_LEN + DC_ELLIPSIS.len());
         }
 
-        {
+        for draft in [false, true] {
             let chat = t.get_self_chat().await;
-            t.send_text(chat.id, &long_txt).await;
+            let mut msg = Message::new_text(long_txt.clone());
+            if draft {
+                chat.id.set_draft(&t, Some(&mut msg)).await?;
+            }
+            t.send_msg(chat.id, &mut msg).await;
             let msg = t.get_last_msg_in(chat.id).await;
             assert!(msg.has_html());
+            assert_eq!(
+                msg.id
+                    .get_html(&t)
+                    .await?
+                    .unwrap()
+                    .matches("just repeated")
+                    .count(),
+                REPEAT_CNT
+            );
             assert!(
                 msg.text.matches("just repeated").count() <= DC_DESIRED_TEXT_LEN / REPEAT_TXT.len()
             );
@@ -3610,7 +3694,6 @@ On 2020-10-25, Bob wrote:
         }
 
         t.set_config(Config::Bot, Some("1")).await?;
-
         {
             let mimemsg = MimeMessage::from_bytes(&t, long_txt.as_ref(), None).await?;
             assert!(!mimemsg.is_mime_modified);
@@ -3623,6 +3706,28 @@ On 2020-10-25, Bob wrote:
         Ok(())
     }
 
+    /// Tests that sender status (signature) does not appear
+    /// in HTML view of a long message.
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_large_message_no_signature() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        let bob = &tcm.bob().await;
+
+        alice
+            .set_config(Config::Selfstatus, Some("Some signature"))
+            .await?;
+        let chat = alice.create_chat(bob).await;
+        let txt = "Hello!\n".repeat(500);
+        let sent = alice.send_text(chat.id, &txt).await;
+        let msg = bob.recv_msg(&sent).await;
+
+        assert_eq!(msg.has_html(), true);
+        let html = msg.id.get_html(bob).await?.unwrap();
+        assert_eq!(html.contains("Some signature"), false);
+        Ok(())
+    }
+
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_x_microsoft_original_message_id() {
         let t = TestContext::new_alice().await;
@@ -3990,12 +4095,8 @@ Content-Disposition: reaction\n\
 
         // We do allow the time to be in the future a bit (because of unsynchronized clocks),
         // but only 60 seconds:
-        assert!(mime_message.decryption_info.message_time <= time() + 60);
-        assert!(mime_message.decryption_info.message_time >= beginning_time + 60);
-        assert_eq!(
-            mime_message.decryption_info.message_time,
-            mime_message.timestamp_sent
-        );
+        assert!(mime_message.timestamp_sent <= time() + 60);
+        assert!(mime_message.timestamp_sent >= beginning_time + 60);
         assert!(mime_message.timestamp_rcvd <= time());
 
         Ok(())
@@ -4066,4 +4167,24 @@ Content-Type: text/plain; charset=utf-8
             "alice@example.org"
         );
     }
+
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_protect_autocrypt() -> Result<()> {
+        let mut tcm = TestContextManager::new();
+        let alice = &tcm.alice().await;
+        let bob = &tcm.bob().await;
+
+        alice
+            .set_config_bool(Config::ProtectAutocrypt, true)
+            .await?;
+        bob.set_config_bool(Config::ProtectAutocrypt, true).await?;
+
+        let msg = tcm.send_recv_accept(alice, bob, "Hello!").await;
+        assert_eq!(msg.get_showpadlock(), false);
+
+        let msg = tcm.send_recv(bob, alice, "Hi!").await;
+        assert_eq!(msg.get_showpadlock(), true);
+
+        Ok(())
+    }
 }

src/net.rs

@@ -5,13 +5,13 @@ use std::pin::Pin;
 use std::time::Duration;
 
 use anyhow::{format_err, Context as _, Result};
-use async_native_tls::TlsStream;
 use tokio::net::TcpStream;
 use tokio::task::JoinSet;
 use tokio::time::timeout;
 use tokio_io_timeout::TimeoutStream;
 
 use crate::context::Context;
+use crate::net::session::SessionStream;
 use crate::sql::Sql;
 use crate::tools::time;
 
@@ -128,7 +128,7 @@ pub(crate) async fn connect_tls_inner(
     host: &str,
     strict_tls: bool,
     alpn: &[&str],
-) -> Result<TlsStream<Pin<Box<TimeoutStream<TcpStream>>>>> {
+) -> Result<impl SessionStream> {
     let tcp_stream = connect_tcp_inner(addr).await?;
     let tls_stream = wrap_tls(strict_tls, host, alpn, tcp_stream).await?;
     Ok(tls_stream)

src/net/proxy.rs

@@ -12,13 +12,14 @@ use fast_socks5::client::Socks5Stream;
 use fast_socks5::util::target_addr::ToTargetAddr;
 use fast_socks5::AuthenticationMethod;
 use fast_socks5::Socks5Command;
-use percent_encoding::{percent_encode, NON_ALPHANUMERIC};
+use percent_encoding::{percent_encode, utf8_percent_encode, NON_ALPHANUMERIC};
 use tokio::io::{AsyncReadExt, AsyncWriteExt};
 use tokio::net::TcpStream;
 use tokio_io_timeout::TimeoutStream;
 use url::Url;
 
 use crate::config::Config;
+use crate::constants::NON_ALPHANUMERIC_WITHOUT_DOT;
 use crate::context::Context;
 use crate::net::connect_tcp;
 use crate::net::session::SessionStream;
@@ -41,6 +42,12 @@ impl PartialEq for ShadowsocksConfig {
 
 impl Eq for ShadowsocksConfig {}
 
+impl ShadowsocksConfig {
+    fn to_url(&self) -> String {
+        self.server_config.to_url()
+    }
+}
+
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub struct HttpConfig {
     /// HTTP proxy host.
@@ -84,6 +91,17 @@ impl HttpConfig {
         };
         Ok(http_config)
     }
+
+    fn to_url(&self, scheme: &str) -> String {
+        let host = utf8_percent_encode(&self.host, NON_ALPHANUMERIC_WITHOUT_DOT);
+        if let Some((user, password)) = &self.user_password {
+            let user = utf8_percent_encode(user, NON_ALPHANUMERIC);
+            let password = utf8_percent_encode(password, NON_ALPHANUMERIC);
+            format!("{scheme}://{user}:{password}@{host}:{}", self.port)
+        } else {
+            format!("{scheme}://{host}:{}", self.port)
+        }
+    }
 }
 
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -123,6 +141,17 @@ impl Socks5Config {
 
         Ok(socks_stream)
     }
+
+    fn to_url(&self) -> String {
+        let host = utf8_percent_encode(&self.host, NON_ALPHANUMERIC_WITHOUT_DOT);
+        if let Some((user, password)) = &self.user_password {
+            let user = utf8_percent_encode(user, NON_ALPHANUMERIC);
+            let password = utf8_percent_encode(password, NON_ALPHANUMERIC);
+            format!("socks5://{user}:{password}@{host}:{}", self.port)
+        } else {
+            format!("socks5://{host}:{}", self.port)
+        }
+    }
 }
 
 #[derive(Debug, Clone, PartialEq, Eq)]
@@ -217,7 +246,7 @@ where
 
 impl ProxyConfig {
     /// Creates a new proxy configuration by parsing given proxy URL.
-    fn from_url(url: &str) -> Result<Self> {
+    pub(crate) fn from_url(url: &str) -> Result<Self> {
         let url = Url::parse(url).context("Cannot parse proxy URL")?;
         match url.scheme() {
             "http" => {
@@ -272,6 +301,19 @@ impl ProxyConfig {
         }
     }
 
+    /// Serializes proxy config into an URL.
+    ///
+    /// This function can be used to normalize proxy URL
+    /// by parsing it and serializing back.
+    pub(crate) fn to_url(&self) -> String {
+        match self {
+            Self::Http(http_config) => http_config.to_url("http"),
+            Self::Https(http_config) => http_config.to_url("https"),
+            Self::Socks5(socks5_config) => socks5_config.to_url(),
+            Self::Shadowsocks(shadowsocks_config) => shadowsocks_config.to_url(),
+        }
+    }
+
     /// Migrates legacy `socks5_host`, `socks5_port`, `socks5_user` and `socks5_password`
     /// config into `proxy_url` if `proxy_url` is unset or empty.
     ///

src/net/tls.rs

@@ -2,45 +2,39 @@
 use std::sync::Arc;
 
 use anyhow::Result;
-use async_native_tls::{Certificate, Protocol, TlsConnector, TlsStream};
-use once_cell::sync::Lazy;
-use tokio::io::{AsyncRead, AsyncWrite};
 
-// this certificate is missing on older android devices (eg. lg with android6 from 2017)
-// certificate downloaded from https://letsencrypt.org/certificates/
-static LETSENCRYPT_ROOT: Lazy<Certificate> = Lazy::new(|| {
-    Certificate::from_der(include_bytes!(
-        "../../assets/root-certificates/letsencrypt/isrgrootx1.der"
-    ))
-    .unwrap()
-});
+use crate::net::session::SessionStream;
 
-pub async fn wrap_tls<T: AsyncRead + AsyncWrite + Unpin>(
+pub async fn wrap_tls(
     strict_tls: bool,
     hostname: &str,
     alpn: &[&str],
-    stream: T,
-) -> Result<TlsStream<T>> {
-    let tls_builder = TlsConnector::new()
-        .min_protocol_version(Some(Protocol::Tlsv12))
-        .request_alpns(alpn)
-        .add_root_certificate(LETSENCRYPT_ROOT.clone());
-    let tls = if strict_tls {
-        tls_builder
+    stream: impl SessionStream + 'static,
+) -> Result<impl SessionStream> {
+    if strict_tls {
+        let tls_stream = wrap_rustls(hostname, alpn, stream).await?;
+        let boxed_stream: Box<dyn SessionStream> = Box::new(tls_stream);
+        Ok(boxed_stream)
     } else {
-        tls_builder
+        // We use native_tls because it accepts 1024-bit RSA keys.
+        // Rustls does not support them even if
+        // certificate checks are disabled: <https://github.com/rustls/rustls/issues/234>.
+        let tls = async_native_tls::TlsConnector::new()
+            .min_protocol_version(Some(async_native_tls::Protocol::Tlsv12))
+            .request_alpns(alpn)
             .danger_accept_invalid_hostnames(true)
-            .danger_accept_invalid_certs(true)
-    };
-    let tls_stream = tls.connect(hostname, stream).await?;
-    Ok(tls_stream)
+            .danger_accept_invalid_certs(true);
+        let tls_stream = tls.connect(hostname, stream).await?;
+        let boxed_stream: Box<dyn SessionStream> = Box::new(tls_stream);
+        Ok(boxed_stream)
+    }
 }
 
-pub async fn wrap_rustls<T: AsyncRead + AsyncWrite + Unpin>(
+pub async fn wrap_rustls(
     hostname: &str,
     alpn: &[&str],
-    stream: T,
-) -> Result<tokio_rustls::client::TlsStream<T>> {
+    stream: impl SessionStream,
+) -> Result<impl SessionStream> {
     let mut root_cert_store = rustls::RootCertStore::empty();
     root_cert_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
 

src/peer_channels.rs

@@ -23,7 +23,7 @@
 //!    (scoped per WebXDC app instance/message-id). The other peers can then join the gossip with `joinRealtimeChannel().setListener()`
 //!    and `joinRealtimeChannel().send()` just like the other peers.
 
-use anyhow::{anyhow, Context as _, Result};
+use anyhow::{anyhow, bail, Context as _, Result};
 use email::Header;
 use futures_lite::StreamExt;
 use iroh_gossip::net::{Event, Gossip, GossipEvent, JoinOptions, GOSSIP_ALPN};
@@ -143,9 +143,10 @@ impl Iroh {
                 self.endpoint.add_node_addr(peer.clone())?;
             }
 
-            self.gossip
-                .join(topic, peers.into_iter().map(|peer| peer.node_id).collect())
-                .await?;
+            self.gossip.join_with_opts(
+                topic,
+                JoinOptions::with_bootstrap(peers.into_iter().map(|peer| peer.node_id)),
+            );
         }
         Ok(())
     }
@@ -232,6 +233,7 @@ impl ChannelState {
 impl Context {
     /// Create iroh endpoint and gossip.
     async fn init_peer_channels(&self) -> Result<Iroh> {
+        info!(self, "Initializing peer channels.");
         let secret_key = SecretKey::generate();
         let public_key = secret_key.public();
 
@@ -258,7 +260,14 @@ impl Context {
 
         // create gossip
         let my_addr = endpoint.node_addr().await?;
-        let gossip = Gossip::from_endpoint(endpoint.clone(), Default::default(), &my_addr.info);
+        let gossip_config = iroh_gossip::proto::topic::Config {
+            // Allow messages up to 128 KB in size.
+            // We set the limit to 128 KiB to account for internal overhead,
+            // but only guarantee 128 KB of payload to WebXDC developers.
+            max_message_size: 128 * 1024,
+            ..Default::default()
+        };
+        let gossip = Gossip::from_endpoint(endpoint.clone(), gossip_config, &my_addr.info);
 
         // spawn endpoint loop that forwards incoming connections to the gossiper
         let context = self.clone();
@@ -277,6 +286,10 @@ impl Context {
 
     /// Get or initialize the iroh peer channel.
     pub async fn get_or_try_init_peer_channel(&self) -> Result<&Iroh> {
+        if !self.get_config_bool(Config::WebxdcRealtimeEnabled).await? {
+            bail!("Attempt to get Iroh when realtime is disabled");
+        }
+
         let ctx = self.clone();
         self.iroh
             .get_or_try_init(|| async { ctx.init_peer_channels().await })
@@ -301,6 +314,47 @@ pub(crate) async fn iroh_add_peer_for_topic(
     Ok(())
 }
 
+/// Add gossip peer from `Iroh-Node-Addr` header to WebXDC message identified by `instance_id`.
+pub async fn add_gossip_peer_from_header(
+    context: &Context,
+    instance_id: MsgId,
+    node_addr: &str,
+) -> Result<()> {
+    if !context
+        .get_config_bool(Config::WebxdcRealtimeEnabled)
+        .await?
+    {
+        return Ok(());
+    }
+
+    info!(
+        context,
+        "Adding iroh peer with address {node_addr:?} to the topic of {instance_id}."
+    );
+    let node_addr =
+        serde_json::from_str::<NodeAddr>(node_addr).context("Failed to parse node address")?;
+
+    context.emit_event(EventType::WebxdcRealtimeAdvertisementReceived {
+        msg_id: instance_id,
+    });
+
+    let Some(topic) = get_iroh_topic_for_msg(context, instance_id).await? else {
+        warn!(
+            context,
+            "Could not add iroh peer because {instance_id} has no topic."
+        );
+        return Ok(());
+    };
+
+    let node_id = node_addr.node_id;
+    let relay_server = node_addr.relay_url().map(|relay| relay.as_str());
+    iroh_add_peer_for_topic(context, instance_id, topic, node_id, relay_server).await?;
+
+    let iroh = context.get_or_try_init_peer_channel().await?;
+    iroh.maybe_add_gossip_peers(topic, vec![node_addr]).await?;
+    Ok(())
+}
+
 /// Insert topicId into the database so that we can use it to retrieve the topic.
 pub(crate) async fn insert_topic_stub(ctx: &Context, msg_id: MsgId, topic: TopicId) -> Result<()> {
     ctx.sql
@@ -414,15 +468,15 @@ pub async fn leave_webxdc_realtime(ctx: &Context, msg_id: MsgId) -> Result<()> {
     Ok(())
 }
 
-pub(crate) fn create_random_topic() -> TopicId {
+/// Creates a new random gossip topic.
+fn create_random_topic() -> TopicId {
     TopicId::from_bytes(rand::random())
 }
 
-pub(crate) async fn create_iroh_header(
-    ctx: &Context,
-    topic: TopicId,
-    msg_id: MsgId,
-) -> Result<Header> {
+/// Creates `Iroh-Gossip-Header` with a new random topic
+/// and stores the topic for the message.
+pub(crate) async fn create_iroh_header(ctx: &Context, msg_id: MsgId) -> Result<Header> {
+    let topic = create_random_topic();
     insert_topic_stub(ctx, msg_id, topic).await?;
     Ok(Header::new(
         HeaderDef::IrohGossipTopic.get_headername().to_string(),
@@ -536,17 +590,6 @@ mod tests {
         let alice = &mut tcm.alice().await;
         let bob = &mut tcm.bob().await;
 
-        bob.ctx
-            .set_config_bool(Config::WebxdcRealtimeEnabled, true)
-            .await
-            .unwrap();
-
-        alice
-            .ctx
-            .set_config_bool(Config::WebxdcRealtimeEnabled, true)
-            .await
-            .unwrap();
-
         // Alice sends webxdc to bob
         let alice_chat = alice.create_chat(bob).await;
         let mut instance = Message::new(Viewtype::File);
@@ -685,17 +728,6 @@ mod tests {
         let alice = &mut tcm.alice().await;
         let bob = &mut tcm.bob().await;
 
-        bob.ctx
-            .set_config_bool(Config::WebxdcRealtimeEnabled, true)
-            .await
-            .unwrap();
-
-        alice
-            .ctx
-            .set_config_bool(Config::WebxdcRealtimeEnabled, true)
-            .await
-            .unwrap();
-
         assert!(alice
             .get_config_bool(Config::WebxdcRealtimeEnabled)
             .await
@@ -853,17 +885,6 @@ mod tests {
         let alice = &mut tcm.alice().await;
         let bob = &mut tcm.bob().await;
 
-        bob.ctx
-            .set_config_bool(Config::WebxdcRealtimeEnabled, true)
-            .await
-            .unwrap();
-
-        alice
-            .ctx
-            .set_config_bool(Config::WebxdcRealtimeEnabled, true)
-            .await
-            .unwrap();
-
         // Alice sends webxdc to bob
         let alice_chat = alice.create_chat(bob).await;
         let mut instance = Message::new(Viewtype::File);
@@ -932,6 +953,11 @@ mod tests {
         let mut tcm = TestContextManager::new();
         let alice = &mut tcm.alice().await;
 
+        alice
+            .set_config_bool(Config::WebxdcRealtimeEnabled, false)
+            .await
+            .unwrap();
+
         // creates iroh endpoint as side effect
         send_webxdc_realtime_advertisement(alice, MsgId::new(1))
             .await
@@ -949,6 +975,10 @@ mod tests {
         // creates iroh endpoint as side effect
         leave_webxdc_realtime(alice, MsgId::new(1)).await.unwrap();
 
-        assert!(alice.ctx.iroh.get().is_none())
+        assert!(alice.ctx.iroh.get().is_none());
+
+        // This internal function should return error
+        // if accidentally called with the setting disabled.
+        assert!(alice.ctx.get_or_try_init_peer_channel().await.is_err());
     }
 }

src/peerstate.rs

@@ -121,7 +121,7 @@ impl Peerstate {
             last_seen_autocrypt: last_seen,
             prefer_encrypt,
             public_key: Some(public_key.clone()),
-            public_key_fingerprint: Some(public_key.fingerprint()),
+            public_key_fingerprint: Some(public_key.dc_fingerprint()),
             gossip_key: None,
             gossip_key_fingerprint: None,
             gossip_timestamp: 0,
@@ -153,7 +153,7 @@ impl Peerstate {
             public_key: None,
             public_key_fingerprint: None,
             gossip_key: Some(gossip_header.public_key.clone()),
-            gossip_key_fingerprint: Some(gossip_header.public_key.fingerprint()),
+            gossip_key_fingerprint: Some(gossip_header.public_key.dc_fingerprint()),
             gossip_timestamp: message_time,
             verified_key: None,
             verified_key_fingerprint: None,
@@ -308,7 +308,7 @@ impl Peerstate {
     pub fn recalc_fingerprint(&mut self) {
         if let Some(ref public_key) = self.public_key {
             let old_public_fingerprint = self.public_key_fingerprint.take();
-            self.public_key_fingerprint = Some(public_key.fingerprint());
+            self.public_key_fingerprint = Some(public_key.dc_fingerprint());
 
             if old_public_fingerprint.is_some()
                 && old_public_fingerprint != self.public_key_fingerprint
@@ -319,7 +319,7 @@ impl Peerstate {
 
         if let Some(ref gossip_key) = self.gossip_key {
             let old_gossip_fingerprint = self.gossip_key_fingerprint.take();
-            self.gossip_key_fingerprint = Some(gossip_key.fingerprint());
+            self.gossip_key_fingerprint = Some(gossip_key.dc_fingerprint());
 
             if old_gossip_fingerprint.is_none()
                 || self.gossip_key_fingerprint.is_none()
@@ -506,7 +506,7 @@ impl Peerstate {
         fingerprint: Fingerprint,
         verifier: String,
     ) -> Result<()> {
-        if key.fingerprint() == fingerprint {
+        if key.dc_fingerprint() == fingerprint {
             self.verified_key = Some(key);
             self.verified_key_fingerprint = Some(fingerprint);
             self.verifier = Some(verifier);
@@ -524,7 +524,7 @@ impl Peerstate {
     /// do nothing to avoid overwriting secondary verified key
     /// which may be different.
     pub fn set_secondary_verified_key(&mut self, gossip_key: SignedPublicKey, verifier: String) {
-        let fingerprint = gossip_key.fingerprint();
+        let fingerprint = gossip_key.dc_fingerprint();
         if self.verified_key_fingerprint.as_ref() != Some(&fingerprint) {
             self.secondary_verified_key = Some(gossip_key);
             self.secondary_verified_key_fingerprint = Some(fingerprint);
@@ -542,6 +542,8 @@ impl Peerstate {
     /// * `old_addr`: Old address of the peerstate in case of an AEAP transition.
     pub(crate) async fn save_to_db_ex(&self, sql: &Sql, old_addr: Option<&str>) -> Result<()> {
         let trans_fn = |t: &mut rusqlite::Transaction| {
+            let verified_key_fingerprint =
+                self.verified_key_fingerprint.as_ref().map(|fp| fp.hex());
             if let Some(old_addr) = old_addr {
                 // We are doing an AEAP transition to the new address and the SQL INSERT below will
                 // save the existing peerstate as belonging to this new address. We now need to
@@ -551,11 +553,14 @@ impl Peerstate {
                 // existing peerstate as this would break encryption to it. This is critical for
                 // non-verified groups -- if we can't encrypt to the old address, we can't securely
                 // remove it from the group (to add the new one instead).
+                //
+                // NB: We check that `verified_key_fingerprint` hasn't changed to protect from
+                // possible races.
                 t.execute(
-                    "UPDATE acpeerstates \
-                     SET verified_key=NULL, verified_key_fingerprint='', verifier='' \
-                     WHERE addr=?",
-                    (old_addr,),
+                    "UPDATE acpeerstates
+                     SET verified_key=NULL, verified_key_fingerprint='', verifier=''
+                     WHERE addr=? AND verified_key_fingerprint=?",
+                    (old_addr, &verified_key_fingerprint),
                 )?;
             }
             t.execute(
@@ -604,7 +609,7 @@ impl Peerstate {
                     self.public_key_fingerprint.as_ref().map(|fp| fp.hex()),
                     self.gossip_key_fingerprint.as_ref().map(|fp| fp.hex()),
                     self.verified_key.as_ref().map(|k| k.to_bytes()),
-                    self.verified_key_fingerprint.as_ref().map(|fp| fp.hex()),
+                    &verified_key_fingerprint,
                     self.verifier.as_deref().unwrap_or(""),
                     self.secondary_verified_key.as_ref().map(|k| k.to_bytes()),
                     self.secondary_verified_key_fingerprint
@@ -766,8 +771,7 @@ pub(crate) async fn maybe_do_aeap_transition(
     context: &Context,
     mime_parser: &mut crate::mimeparser::MimeMessage,
 ) -> Result<()> {
-    let info = &mime_parser.decryption_info;
-    let Some(peerstate) = &info.peerstate else {
+    let Some(peerstate) = &mime_parser.peerstate else {
         return Ok(());
     };
 
@@ -815,13 +819,13 @@ pub(crate) async fn maybe_do_aeap_transition(
 
         // DC avoids sending messages with the same timestamp, that's why messages
         // with equal timestamps are ignored here unlike in `Peerstate::apply_header()`.
-        if info.message_time <= peerstate.last_seen {
+        if mime_parser.timestamp_sent <= peerstate.last_seen {
             info!(
                 context,
                 "Not doing AEAP from {} to {} because {} < {}.",
                 &peerstate.addr,
                 &mime_parser.from.addr,
-                info.message_time,
+                mime_parser.timestamp_sent,
                 peerstate.last_seen
             );
             return Ok(());
@@ -832,24 +836,23 @@ pub(crate) async fn maybe_do_aeap_transition(
             "Doing AEAP transition from {} to {}.", &peerstate.addr, &mime_parser.from.addr
         );
 
-        let info = &mut mime_parser.decryption_info;
-        let peerstate = info.peerstate.as_mut().context("no peerstate??")?;
+        let peerstate = mime_parser.peerstate.as_mut().context("no peerstate??")?;
         // Add info messages to chats with this (verified) contact
         //
         peerstate
             .handle_setup_change(
                 context,
-                info.message_time,
-                PeerstateChange::Aeap(info.from.clone()),
+                mime_parser.timestamp_sent,
+                PeerstateChange::Aeap(mime_parser.from.addr.clone()),
             )
             .await?;
 
         let old_addr = mem::take(&mut peerstate.addr);
-        peerstate.addr.clone_from(&info.from);
-        let header = info.autocrypt_header.as_ref().context(
+        peerstate.addr.clone_from(&mime_parser.from.addr);
+        let header = mime_parser.autocrypt_header.as_ref().context(
             "Internal error: Tried to do an AEAP transition without an autocrypt header??",
         )?;
-        peerstate.apply_header(context, header, info.message_time);
+        peerstate.apply_header(context, header, mime_parser.timestamp_sent);
 
         peerstate
             .save_to_db_ex(&context.sql, Some(&old_addr))
@@ -890,12 +893,12 @@ mod tests {
             last_seen_autocrypt: 11,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: Some(pub_key.clone()),
             gossip_timestamp: 12,
-            gossip_key_fingerprint: Some(pub_key.fingerprint()),
+            gossip_key_fingerprint: Some(pub_key.dc_fingerprint()),
             verified_key: Some(pub_key.clone()),
-            verified_key_fingerprint: Some(pub_key.fingerprint()),
+            verified_key_fingerprint: Some(pub_key.dc_fingerprint()),
             verifier: None,
             secondary_verified_key: None,
             secondary_verified_key_fingerprint: None,
@@ -915,7 +918,7 @@ mod tests {
             .expect("no peerstate found in the database");
 
         assert_eq!(peerstate, peerstate_new);
-        let peerstate_new2 = Peerstate::from_fingerprint(&ctx.ctx, &pub_key.fingerprint())
+        let peerstate_new2 = Peerstate::from_fingerprint(&ctx.ctx, &pub_key.dc_fingerprint())
             .await
             .expect("failed to load peerstate from db")
             .expect("no peerstate found in the database");
@@ -934,7 +937,7 @@ mod tests {
             last_seen_autocrypt: 11,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: None,
             gossip_timestamp: 12,
             gossip_key_fingerprint: None,
@@ -971,7 +974,7 @@ mod tests {
             last_seen_autocrypt: 11,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: None,
             gossip_timestamp: 12,
             gossip_key_fingerprint: None,

src/pgp.rs

@@ -14,7 +14,7 @@ use pgp::composed::{
 use pgp::crypto::ecc_curve::ECCCurve;
 use pgp::crypto::hash::HashAlgorithm;
 use pgp::crypto::sym::SymmetricKeyAlgorithm;
-use pgp::types::{CompressionAlgorithm, KeyTrait, Mpi, PublicKeyTrait, StringToKey};
+use pgp::types::{CompressionAlgorithm, PublicKeyTrait, SignatureBytes, StringToKey};
 use rand::{thread_rng, CryptoRng, Rng};
 use tokio::runtime::Handle;
 
@@ -41,8 +41,15 @@ enum SignedPublicKeyOrSubkey<'a> {
     Subkey(&'a SignedPublicSubKey),
 }
 
-impl KeyTrait for SignedPublicKeyOrSubkey<'_> {
-    fn fingerprint(&self) -> Vec<u8> {
+impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
+    fn version(&self) -> pgp::types::KeyVersion {
+        match self {
+            Self::Key(k) => k.version(),
+            Self::Subkey(k) => k.version(),
+        }
+    }
+
+    fn fingerprint(&self) -> pgp::types::Fingerprint {
         match self {
             Self::Key(k) => k.fingerprint(),
             Self::Subkey(k) => k.fingerprint(),
@@ -62,14 +69,26 @@ impl KeyTrait for SignedPublicKeyOrSubkey<'_> {
             Self::Subkey(k) => k.algorithm(),
         }
     }
-}
 
-impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
+    fn created_at(&self) -> &chrono::DateTime<chrono::Utc> {
+        match self {
+            Self::Key(k) => k.created_at(),
+            Self::Subkey(k) => k.created_at(),
+        }
+    }
+
+    fn expiration(&self) -> Option<u16> {
+        match self {
+            Self::Key(k) => k.expiration(),
+            Self::Subkey(k) => k.expiration(),
+        }
+    }
+
     fn verify_signature(
         &self,
         hash: HashAlgorithm,
         data: &[u8],
-        sig: &[Mpi],
+        sig: &SignatureBytes,
     ) -> pgp::errors::Result<()> {
         match self {
             Self::Key(k) => k.verify_signature(hash, data, sig),
@@ -79,19 +98,27 @@ impl PublicKeyTrait for SignedPublicKeyOrSubkey<'_> {
 
     fn encrypt<R: Rng + CryptoRng>(
         &self,
-        rng: &mut R,
+        rng: R,
         plain: &[u8],
-    ) -> pgp::errors::Result<Vec<Mpi>> {
+        typ: pgp::types::EskType,
+    ) -> pgp::errors::Result<pgp::types::PkeskBytes> {
         match self {
-            Self::Key(k) => k.encrypt(rng, plain),
-            Self::Subkey(k) => k.encrypt(rng, plain),
+            Self::Key(k) => k.encrypt(rng, plain, typ),
+            Self::Subkey(k) => k.encrypt(rng, plain, typ),
         }
     }
 
-    fn to_writer_old(&self, writer: &mut impl io::Write) -> pgp::errors::Result<()> {
+    fn serialize_for_hashing(&self, writer: &mut impl io::Write) -> pgp::errors::Result<()> {
         match self {
-            Self::Key(k) => k.to_writer_old(writer),
-            Self::Subkey(k) => k.to_writer_old(writer),
+            Self::Key(k) => k.serialize_for_hashing(writer),
+            Self::Subkey(k) => k.serialize_for_hashing(writer),
+        }
+    }
+
+    fn public_params(&self) -> &pgp::types::PublicParams {
+        match self {
+            Self::Key(k) => k.public_params(),
+            Self::Subkey(k) => k.public_params(),
         }
     }
 }
@@ -160,9 +187,10 @@ pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Res
     let (signing_key_type, encryption_key_type) = match keygen_type {
         KeyGenType::Rsa2048 => (PgpKeyType::Rsa(2048), PgpKeyType::Rsa(2048)),
         KeyGenType::Rsa4096 => (PgpKeyType::Rsa(4096), PgpKeyType::Rsa(4096)),
-        KeyGenType::Ed25519 | KeyGenType::Default => {
-            (PgpKeyType::EdDSA, PgpKeyType::ECDH(ECCCurve::Curve25519))
-        }
+        KeyGenType::Ed25519 | KeyGenType::Default => (
+            PgpKeyType::EdDSALegacy,
+            PgpKeyType::ECDH(ECCCurve::Curve25519),
+        ),
     };
 
     let user_id = format!("<{addr}>");
@@ -199,10 +227,11 @@ pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Res
         .build()
         .context("failed to build key parameters")?;
 
+    let mut rng = thread_rng();
     let secret_key = key_params
-        .generate()
+        .generate(&mut rng)
         .context("failed to generate the key")?
-        .sign(|| "".into())
+        .sign(&mut rng, || "".into())
         .context("failed to sign secret key")?;
     secret_key
         .verify()
@@ -261,15 +290,19 @@ pub async fn pk_encrypt(
             let mut rng = thread_rng();
 
             let encrypted_msg = if let Some(ref skey) = private_key_for_signing {
-                let signed_msg = lit_msg.sign(skey, || "".into(), HASH_ALGORITHM)?;
+                let signed_msg = lit_msg.sign(&mut rng, skey, || "".into(), HASH_ALGORITHM)?;
                 let compressed_msg = if compress {
                     signed_msg.compress(CompressionAlgorithm::ZLIB)?
                 } else {
                     signed_msg
                 };
-                compressed_msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
+                compressed_msg.encrypt_to_keys_seipdv1(
+                    &mut rng,
+                    SYMMETRIC_KEY_ALGORITHM,
+                    &pkeys_refs,
+                )?
             } else {
-                lit_msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
+                lit_msg.encrypt_to_keys_seipdv1(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)?
             };
 
             let encoded_msg = encrypted_msg.to_armored_string(Default::default())?;
@@ -284,7 +317,9 @@ pub fn pk_calc_signature(
     plain: &[u8],
     private_key_for_signing: &SignedSecretKey,
 ) -> Result<String> {
+    let mut rng = thread_rng();
     let msg = Message::new_literal_bytes("", plain).sign(
+        &mut rng,
         private_key_for_signing,
         || "".into(),
         HASH_ALGORITHM,
@@ -297,43 +332,43 @@ pub fn pk_calc_signature(
 ///
 /// Receiver private keys are provided in
 /// `private_keys_for_decryption`.
-///
-/// Returns decrypted message and fingerprints
-/// of all keys from the `public_keys_for_validation` keyring that
-/// have valid signatures there.
-#[allow(clippy::implicit_hasher)]
 pub fn pk_decrypt(
     ctext: Vec<u8>,
     private_keys_for_decryption: &[SignedSecretKey],
-    public_keys_for_validation: &[SignedPublicKey],
-) -> Result<(Vec<u8>, HashSet<Fingerprint>)> {
-    let mut ret_signature_fingerprints: HashSet<Fingerprint> = Default::default();
-
+) -> Result<pgp::composed::Message> {
     let cursor = Cursor::new(ctext);
-    let (msg, _) = Message::from_armor_single(cursor)?;
+    let (msg, _headers) = Message::from_armor_single(cursor)?;
 
     let skeys: Vec<&SignedSecretKey> = private_keys_for_decryption.iter().collect();
 
-    let (msg, _) = msg.decrypt(|| "".into(), &skeys[..])?;
+    let (msg, _key_ids) = msg.decrypt(|| "".into(), &skeys[..])?;
 
     // get_content() will decompress the message if needed,
     // but this avoids decompressing it again to check signatures
     let msg = msg.decompress()?;
 
-    let content = match msg.get_content()? {
-        Some(content) => content,
-        None => bail!("The decrypted message is empty"),
-    };
+    Ok(msg)
+}
 
+/// Returns fingerprints
+/// of all keys from the `public_keys_for_validation` keyring that
+/// have valid signatures there.
+///
+/// If the message is wrongly signed, HashSet will be empty.
+pub fn valid_signature_fingerprints(
+    msg: &pgp::composed::Message,
+    public_keys_for_validation: &[SignedPublicKey],
+) -> Result<HashSet<Fingerprint>> {
+    let mut ret_signature_fingerprints: HashSet<Fingerprint> = Default::default();
     if let signed_msg @ pgp::composed::Message::Signed { .. } = msg {
         for pkey in public_keys_for_validation {
             if signed_msg.verify(&pkey.primary_key).is_ok() {
-                let fp = DcKey::fingerprint(pkey);
+                let fp = pkey.dc_fingerprint();
                 ret_signature_fingerprints.insert(fp);
             }
         }
     }
-    Ok((content, ret_signature_fingerprints))
+    Ok(ret_signature_fingerprints)
 }
 
 /// Validates detached signature.
@@ -355,7 +390,7 @@ pub fn pk_validate(
 
     for pkey in public_keys_for_validation {
         if standalone_signature.verify(pkey, content).is_ok() {
-            let fp = DcKey::fingerprint(pkey);
+            let fp = pkey.dc_fingerprint();
             ret.insert(fp);
         }
     }
@@ -370,8 +405,12 @@ pub async fn symm_encrypt(passphrase: &str, plain: &[u8]) -> Result<String> {
     tokio::task::spawn_blocking(move || {
         let mut rng = thread_rng();
         let s2k = StringToKey::new_default(&mut rng);
-        let msg =
-            lit_msg.encrypt_with_password(&mut rng, s2k, SYMMETRIC_KEY_ALGORITHM, || passphrase)?;
+        let msg = lit_msg.encrypt_with_password_seipdv1(
+            &mut rng,
+            s2k,
+            SYMMETRIC_KEY_ALGORITHM,
+            || passphrase,
+        )?;
 
         let encoded_msg = msg.to_armored_string(Default::default())?;
 
@@ -407,6 +446,18 @@ mod tests {
     use super::*;
     use crate::test_utils::{alice_keypair, bob_keypair};
 
+    fn pk_decrypt_and_validate(
+        ctext: Vec<u8>,
+        private_keys_for_decryption: &[SignedSecretKey],
+        public_keys_for_validation: &[SignedPublicKey],
+    ) -> Result<(pgp::composed::Message, HashSet<Fingerprint>)> {
+        let msg = pk_decrypt(ctext, private_keys_for_decryption)?;
+        let ret_signature_fingerprints =
+            valid_signature_fingerprints(&msg, public_keys_for_validation)?;
+
+        Ok((msg, ret_signature_fingerprints))
+    }
+
     #[test]
     fn test_split_armored_data_1() {
         let (typ, _headers, base64) = split_armored_data(
@@ -534,34 +585,35 @@ mod tests {
         // Check decrypting as Alice
         let decrypt_keyring = vec![KEYS.alice_secret.clone()];
         let sig_check_keyring = vec![KEYS.alice_public.clone()];
-        let (plain, valid_signatures) = pk_decrypt(
+        let (msg, valid_signatures) = pk_decrypt_and_validate(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 1);
 
         // Check decrypting as Bob
         let decrypt_keyring = vec![KEYS.bob_secret.clone()];
         let sig_check_keyring = vec![KEYS.alice_public.clone()];
-        let (plain, valid_signatures) = pk_decrypt(
+        let (msg, valid_signatures) = pk_decrypt_and_validate(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 1);
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_no_sig_check() {
         let keyring = vec![KEYS.alice_secret.clone()];
-        let (plain, valid_signatures) =
-            pk_decrypt(ctext_signed().await.as_bytes().to_vec(), &keyring, &[]).unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        let (msg, valid_signatures) =
+            pk_decrypt_and_validate(ctext_signed().await.as_bytes().to_vec(), &keyring, &[])
+                .unwrap();
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 0);
     }
 
@@ -570,26 +622,26 @@ mod tests {
         // The validation does not have the public key of the signer.
         let decrypt_keyring = vec![KEYS.bob_secret.clone()];
         let sig_check_keyring = vec![KEYS.bob_public.clone()];
-        let (plain, valid_signatures) = pk_decrypt(
+        let (msg, valid_signatures) = pk_decrypt_and_validate(
             ctext_signed().await.as_bytes().to_vec(),
             &decrypt_keyring,
             &sig_check_keyring,
         )
         .unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 0);
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_decrypt_unsigned() {
         let decrypt_keyring = vec![KEYS.bob_secret.clone()];
-        let (plain, valid_signatures) = pk_decrypt(
+        let (msg, valid_signatures) = pk_decrypt_and_validate(
             ctext_unsigned().await.as_bytes().to_vec(),
             &decrypt_keyring,
             &[],
         )
         .unwrap();
-        assert_eq!(plain, CLEARTEXT);
+        assert_eq!(msg.get_content().unwrap().unwrap(), CLEARTEXT);
         assert_eq!(valid_signatures.len(), 0);
     }
 }

src/plaintext.rs

@@ -2,7 +2,7 @@
 
 use once_cell::sync::Lazy;
 
-use crate::simplify::split_lines;
+use crate::simplify::remove_message_footer;
 
 /// Plaintext message body together with format=flowed attributes.
 #[derive(Debug)]
@@ -32,7 +32,8 @@ impl PlainText {
             regex::Regex::new(r"\b((http|https|ftp|ftps):[\w.,:;$/@!?&%\-~=#+]+)").unwrap()
         });
 
-        let lines = split_lines(&self.text);
+        let lines: Vec<&str> = self.text.lines().collect();
+        let (lines, _footer) = remove_message_footer(&lines);
 
         let mut ret = r#"<!DOCTYPE html>
 <html><head>
@@ -136,7 +137,28 @@ line 1<br/>
 line 2<br/>
 line with <a href="https://link-mid-of-line.org">https://link-mid-of-line.org</a> and <a href="http://link-end-of-line.com/file?foo=bar%20">http://link-end-of-line.com/file?foo=bar%20</a><br/>
 <a href="http://link-at-start-of-line.org">http://link-at-start-of-line.org</a><br/>
-<br/>
+</body></html>
+"#
+        );
+    }
+
+    #[test]
+    fn test_plain_remove_signature() {
+        let html = PlainText {
+            text: "Foo\nbar\n-- \nSignature here".to_string(),
+            flowed: false,
+            delsp: false,
+        }
+        .to_html();
+        assert_eq!(
+            html,
+            r#"<!DOCTYPE html>
+<html><head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<meta name="color-scheme" content="light dark" />
+</head><body>
+Foo<br/>
+bar<br/>
 </body></html>
 "#
         );

src/provider.rs

@@ -288,8 +288,6 @@ pub fn get_provider_by_id(id: &str) -> Option<&'static Provider> {
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::indexing_slicing)]
-
     use super::*;
     use crate::test_utils::TestContext;
 

src/push.rs

@@ -31,7 +31,7 @@ impl PushSubscriber {
     }
 
     /// Sets device token for Apple Push Notification service.
-    pub(crate) async fn set_device_token(&mut self, token: &str) {
+    pub(crate) async fn set_device_token(&self, token: &str) {
         self.inner.write().await.device_token = Some(token.to_string());
     }
 

src/qr.rs

@@ -20,7 +20,7 @@ use crate::events::EventType;
 use crate::key::Fingerprint;
 use crate::message::Message;
 use crate::net::http::post_empty;
-use crate::net::proxy::DEFAULT_SOCKS_PORT;
+use crate::net::proxy::{ProxyConfig, DEFAULT_SOCKS_PORT};
 use crate::peerstate::Peerstate;
 use crate::token;
 use crate::tools::validate_id;
@@ -270,6 +270,7 @@ fn starts_with_ignore_case(string: &str, pattern: &str) -> bool {
 /// The function should be called after a QR code is scanned.
 /// The function takes the raw text scanned and checks what can be done with it.
 pub async fn check_qr(context: &Context, qr: &str) -> Result<Qr> {
+    let qr = qr.trim();
     let qrcode = if starts_with_ignore_case(qr, OPENPGP4FPR_SCHEME) {
         decode_openpgp(context, qr)
             .await
@@ -367,9 +368,10 @@ pub fn format_backup(qr: &Qr) -> Result<String> {
 /// scheme: `OPENPGP4FPR:FINGERPRINT#a=ADDR&n=NAME&i=INVITENUMBER&s=AUTH`
 ///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR&g=GROUPNAME&x=GROUPID&i=INVITENUMBER&s=AUTH`
 ///     or: `OPENPGP4FPR:FINGERPRINT#a=ADDR`
-#[allow(clippy::indexing_slicing)]
 async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = &qr[OPENPGP4FPR_SCHEME.len()..];
+    let payload = qr
+        .get(OPENPGP4FPR_SCHEME.len()..)
+        .context("Invalid OPENPGP4FPR scheme")?;
 
     // macOS and iOS sometimes replace the # with %23 (uri encode it), we should be able to parse this wrong format too.
     // see issue https://github.com/deltachat/deltachat-core-rust/issues/1969 for more info
@@ -446,7 +448,7 @@ async fn decode_openpgp(context: &Context, qr: &str) -> Result<Qr> {
     if let (Some(addr), Some(invitenumber), Some(authcode)) = (&addr, invitenumber, authcode) {
         let addr = ContactAddress::new(addr)?;
         let (contact_id, _) =
-            Contact::add_or_lookup(context, &name, &addr, Origin::UnhandledQrScan)
+            Contact::add_or_lookup(context, &name, &addr, Origin::UnhandledSecurejoinQrScan)
                 .await
                 .with_context(|| format!("failed to add or lookup contact for address {addr:?}"))?;
 
@@ -546,7 +548,7 @@ async fn decode_ideltachat(context: &Context, prefix: &str, qr: &str) -> Result<
 fn decode_account(qr: &str) -> Result<Qr> {
     let payload = qr
         .get(DCACCOUNT_SCHEME.len()..)
-        .context("invalid DCACCOUNT payload")?;
+        .context("Invalid DCACCOUNT payload")?;
     let url = url::Url::parse(payload).context("Invalid account URL")?;
     if url.scheme() == "http" || url.scheme() == "https" {
         Ok(Qr::Account {
@@ -564,7 +566,7 @@ fn decode_account(qr: &str) -> Result<Qr> {
 fn decode_webrtc_instance(_context: &Context, qr: &str) -> Result<Qr> {
     let payload = qr
         .get(DCWEBRTC_SCHEME.len()..)
-        .context("invalid DCWEBRTC payload")?;
+        .context("Invalid DCWEBRTC payload")?;
 
     let (_type, url) = Message::parse_webrtc_instance(payload);
     let url = url::Url::parse(&url).context("Invalid WebRTC instance")?;
@@ -637,7 +639,7 @@ fn decode_shadowsocks_proxy(qr: &str) -> Result<Qr> {
 fn decode_backup2(qr: &str) -> Result<Qr> {
     let payload = qr
         .strip_prefix(DCBACKUP2_SCHEME)
-        .ok_or_else(|| anyhow!("invalid DCBACKUP scheme"))?;
+        .ok_or_else(|| anyhow!("Invalid DCBACKUP2 scheme"))?;
     let (auth_token, node_addr) = payload
         .split_once('&')
         .context("Backup QR code has no separator")?;
@@ -668,9 +670,10 @@ struct CreateAccountErrorResponse {
 /// take a qr of the type DC_QR_ACCOUNT, parse it's parameters,
 /// download additional information from the contained url and set the parameters.
 /// on success, a configure::configure() should be able to log in to the account
-#[allow(clippy::indexing_slicing)]
 async fn set_account_from_qr(context: &Context, qr: &str) -> Result<()> {
-    let url_str = &qr[DCACCOUNT_SCHEME.len()..];
+    let url_str = qr
+        .get(DCACCOUNT_SCHEME.len()..)
+        .context("Invalid DCACCOUNT scheme")?;
 
     if !url_str.starts_with(HTTPS_SCHEME) {
         bail!("DCACCOUNT QR codes must use HTTPS scheme");
@@ -723,6 +726,10 @@ pub async fn set_config_from_qr(context: &Context, qr: &str) -> Result<()> {
                 .get_config(Config::ProxyUrl)
                 .await?
                 .unwrap_or_default();
+
+            // Normalize the URL.
+            let url = ProxyConfig::from_url(&url)?.to_url();
+
             let proxy_urls: Vec<&str> = std::iter::once(url.as_str())
                 .chain(
                     old_proxy_url_value
@@ -796,15 +803,12 @@ pub async fn set_config_from_qr(context: &Context, qr: &str) -> Result<()> {
 /// Extract address for the mailto scheme.
 ///
 /// Scheme: `mailto:addr...?subject=...&body=..`
-#[allow(clippy::indexing_slicing)]
 async fn decode_mailto(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = &qr[MAILTO_SCHEME.len()..];
+    let payload = qr
+        .get(MAILTO_SCHEME.len()..)
+        .context("Invalid mailto: scheme")?;
 
-    let (addr, query) = if let Some(query_index) = payload.find('?') {
-        (&payload[..query_index], &payload[query_index + 1..])
-    } else {
-        (payload, "")
-    };
+    let (addr, query) = payload.split_once('?').unwrap_or((payload, ""));
 
     let param: BTreeMap<&str, &str> = query
         .split('&')
@@ -851,16 +855,12 @@ async fn decode_mailto(context: &Context, qr: &str) -> Result<Qr> {
 /// Extract address for the smtp scheme.
 ///
 /// Scheme: `SMTP:addr...:subject...:body...`
-#[allow(clippy::indexing_slicing)]
 async fn decode_smtp(context: &Context, qr: &str) -> Result<Qr> {
-    let payload = &qr[SMTP_SCHEME.len()..];
-
-    let addr = if let Some(query_index) = payload.find(':') {
-        &payload[..query_index]
-    } else {
-        bail!("Invalid SMTP found");
-    };
+    let payload = qr.get(SMTP_SCHEME.len()..).context("Invalid SMTP scheme")?;
 
+    let (addr, _rest) = payload
+        .split_once(':')
+        .context("Invalid SMTP scheme payload")?;
     let addr = normalize_address(addr)?;
     let name = "";
     Qr::from_address(context, name, &addr, None).await
@@ -871,14 +871,13 @@ async fn decode_smtp(context: &Context, qr: &str) -> Result<Qr> {
 /// Scheme: `MATMSG:TO:addr...;SUB:subject...;BODY:body...;`
 ///
 /// There may or may not be linebreaks after the fields.
-#[allow(clippy::indexing_slicing)]
 async fn decode_matmsg(context: &Context, qr: &str) -> Result<Qr> {
     // Does not work when the text `TO:` is used in subject/body _and_ TO: is not the first field.
     // we ignore this case.
     let addr = if let Some(to_index) = qr.find("TO:") {
-        let addr = qr[to_index + 3..].trim();
+        let addr = qr.get(to_index + 3..).unwrap_or_default().trim();
         if let Some(semi_index) = addr.find(';') {
-            addr[..semi_index].trim()
+            addr.get(..semi_index).unwrap_or_default().trim()
         } else {
             addr
         }
@@ -899,7 +898,6 @@ static VCARD_EMAIL_RE: Lazy<regex::Regex> =
 /// Extract address for the vcard scheme.
 ///
 /// Scheme: `VCARD:BEGIN\nN:last name;first name;...;\nEMAIL;<type>:addr...;`
-#[allow(clippy::indexing_slicing)]
 async fn decode_vcard(context: &Context, qr: &str) -> Result<Qr> {
     let name = VCARD_NAME_RE
         .captures(qr)
@@ -911,8 +909,8 @@ async fn decode_vcard(context: &Context, qr: &str) -> Result<Qr> {
         })
         .unwrap_or_default();
 
-    let addr = if let Some(caps) = VCARD_EMAIL_RE.captures(qr) {
-        normalize_address(caps[2].trim())?
+    let addr = if let Some(cap) = VCARD_EMAIL_RE.captures(qr).and_then(|caps| caps.get(2)) {
+        normalize_address(cap.as_str().trim())?
     } else {
         bail!("Bad e-mail address");
     };
@@ -997,6 +995,17 @@ mod tests {
             }
         );
 
+        // Test that QR code whitespace is stripped.
+        // Users can copy-paste QR code contents and "scan"
+        // from the clipboard.
+        let qr = check_qr(&ctx.ctx, "  \thttp://www.hello.com/hello  \n\t \r\n ").await?;
+        assert_eq!(
+            qr,
+            Qr::Url {
+                url: "http://www.hello.com/hello".to_string(),
+            }
+        );
+
         Ok(())
     }
 
@@ -1266,7 +1275,8 @@ mod tests {
         if let Qr::AskVerifyContact { contact_id, .. } = qr {
             let contact = Contact::get_by_id(&ctx.ctx, contact_id).await?;
             assert_eq!(contact.get_addr(), "cli@deltachat.de");
-            assert_eq!(contact.get_name(), "Jörn P. P.");
+            assert_eq!(contact.get_authname(), "Jörn P. P.");
+            assert_eq!(contact.get_name(), "");
         } else {
             bail!("Wrong QR code type");
         }
@@ -1281,6 +1291,7 @@ mod tests {
         if let Qr::AskVerifyContact { contact_id, .. } = qr {
             let contact = Contact::get_by_id(&ctx.ctx, contact_id).await?;
             assert_eq!(contact.get_addr(), "cli@deltachat.de");
+            assert_eq!(contact.get_authname(), "");
             assert_eq!(contact.get_name(), "");
         } else {
             bail!("Wrong QR code type");
@@ -1303,7 +1314,7 @@ mod tests {
             last_seen_autocrypt: 1,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.fingerprint()),
+            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
             gossip_key: None,
             gossip_timestamp: 0,
             gossip_key_fingerprint: None,
@@ -1334,7 +1345,10 @@ mod tests {
 
         let qr = check_qr(
             &ctx.ctx,
-            &format!("OPENPGP4FPR:{}#a=alice@example.org", pub_key.fingerprint()),
+            &format!(
+                "OPENPGP4FPR:{}#a=alice@example.org",
+                pub_key.dc_fingerprint()
+            ),
         )
         .await?;
         if let Qr::FprOk { contact_id, .. } = qr {
@@ -1741,7 +1755,9 @@ mod tests {
         );
 
         // Test URL without port.
-        let res = set_config_from_qr(&t, "https://t.me/socks?server=1.2.3.4").await;
+        //
+        // Also check that whitespace is trimmed.
+        let res = set_config_from_qr(&t, " https://t.me/socks?server=1.2.3.4\n").await;
         assert!(res.is_ok());
         assert_eq!(t.get_config_bool(Config::ProxyEnabled).await?, true);
         assert_eq!(
@@ -1787,6 +1803,17 @@ mod tests {
             )
         );
 
+        // SOCKS5 config does not have port 1080 explicitly specified,
+        // but should bring `socks5://1.2.3.4:1080` to the top instead of creating another entry.
+        set_config_from_qr(&t, "socks5://1.2.3.4").await?;
+        assert_eq!(
+            t.get_config(Config::ProxyUrl).await?,
+            Some(
+                "socks5://1.2.3.4:1080\nss://YWVzLTEyOC1nY206dGVzdA@192.168.100.1:8888#Example1\nsocks5://foo:666\nsocks5://Da:x%26%25%24X@jau:1080"
+                    .to_string()
+            )
+        );
+
         Ok(())
     }
 

src/qr_code_generator.rs

@@ -18,6 +18,7 @@ use crate::stock_str::{self, backup_transfer_qr};
 pub fn create_qr_svg(qrcode_content: &str) -> Result<String> {
     let all_size = 512.0;
     let qr_code_size = 416.0;
+    let logo_size = 96.0;
 
     let qr = QrCode::encode_text(qrcode_content, QrCodeEcc::Medium)?;
     let mut svg = String::with_capacity(28000);
@@ -67,7 +68,18 @@ pub fn create_qr_svg(qrcode_content: &str) -> Result<String> {
                 d.attr("d", path_data)?;
                 d.attr("transform", format!("scale({scale})"))
             })
-        })
+        })?;
+        w.elem("g", |d| {
+            d.attr(
+                "transform",
+                format!(
+                    "translate({},{}) scale(2)", // data in qr_overlay_delta.svg-part are 48 x 48, scaling by 2 results in desired logo_size of 96
+                    (all_size - logo_size) / 2.0,
+                    (all_size - logo_size) / 2.0
+                ),
+            )
+        })?
+        .build(|w| w.put_raw_escapable(include_str!("../assets/qr_overlay_delta.svg-part")))
     })?;
 
     Ok(svg)

src/quota.rs

@@ -11,7 +11,7 @@ use crate::config::Config;
 use crate::context::Context;
 use crate::imap::scan_folders::get_watched_folders;
 use crate::imap::session::Session as ImapSession;
-use crate::message::{Message, Viewtype};
+use crate::message::Message;
 use crate::tools::{self, time_elapsed};
 use crate::{stock_str, EventType};
 
@@ -142,8 +142,8 @@ impl Context {
                             Some(&highest.to_string()),
                         )
                         .await?;
-                        let mut msg = Message::new(Viewtype::Text);
-                        msg.text = stock_str::quota_exceeding(self, highest).await;
+                        let mut msg =
+                            Message::new_text(stock_str::quota_exceeding(self, highest).await);
                         add_device_msg_with_importance(self, None, Some(&mut msg), true).await?;
                     } else if highest <= QUOTA_ALLCLEAR_PERCENTAGE {
                         self.set_config_internal(Config::QuotaExceeding, None)

src/reaction.rs

@@ -26,7 +26,7 @@ use crate::chatlist_events;
 use crate::contact::ContactId;
 use crate::context::Context;
 use crate::events::EventType;
-use crate::message::{rfc724_mid_exists, Message, MsgId, Viewtype};
+use crate::message::{rfc724_mid_exists, Message, MsgId};
 use crate::param::Param;
 
 /// A single reaction consisting of multiple emoji sequences.
@@ -229,8 +229,7 @@ pub async fn send_reaction(context: &Context, msg_id: MsgId, reaction: &str) ->
     let chat_id = msg.chat_id;
 
     let reaction: Reaction = reaction.into();
-    let mut reaction_msg = Message::new(Viewtype::Text);
-    reaction_msg.text = reaction.as_str().to_string();
+    let mut reaction_msg = Message::new_text(reaction.as_str().to_string());
     reaction_msg.set_reaction();
     reaction_msg.in_reply_to = Some(msg.rfc724_mid);
     reaction_msg.hidden = true;

src/receive_imf.rs

@@ -6,7 +6,7 @@ use std::str::FromStr;
 use anyhow::{Context as _, Result};
 use deltachat_contact_tools::{addr_cmp, may_be_valid_addr, sanitize_single_line, ContactAddress};
 use iroh_gossip::proto::TopicId;
-use mailparse::{parse_mail, SingleInfo};
+use mailparse::SingleInfo;
 use num_traits::FromPrimitive;
 use once_cell::sync::Lazy;
 use regex::Regex;
@@ -30,7 +30,7 @@ use crate::message::{
 };
 use crate::mimeparser::{parse_message_ids, AvatarAction, MimeMessage, SystemMessage};
 use crate::param::{Param, Params};
-use crate::peer_channels::{get_iroh_topic_for_msg, insert_topic_stub, iroh_add_peer_for_topic};
+use crate::peer_channels::{add_gossip_peer_from_header, insert_topic_stub};
 use crate::peerstate::Peerstate;
 use crate::reaction::{set_msg_reaction, Reaction};
 use crate::securejoin::{self, handle_securejoin_handshake, observe_securejoin_on_other_device};
@@ -41,7 +41,6 @@ use crate::sync::Sync::*;
 use crate::tools::{self, buf_compress, remove_subject_prefix};
 use crate::{chatlist_events, location};
 use crate::{contact, imap};
-use iroh_net::NodeAddr;
 
 /// This is the struct that is returned after receiving one email (aka MIME message).
 ///
@@ -74,12 +73,13 @@ pub struct ReceivedMsg {
 ///
 /// This method returns errors on a failure to parse the mail or extract Message-ID. It's only used
 /// for tests and REPL tool, not actual message reception pipeline.
+#[cfg(any(test, feature = "internals"))]
 pub async fn receive_imf(
     context: &Context,
     imf_raw: &[u8],
     seen: bool,
 ) -> Result<Option<ReceivedMsg>> {
-    let mail = parse_mail(imf_raw).context("can't parse mail")?;
+    let mail = mailparse::parse_mail(imf_raw).context("can't parse mail")?;
     let rfc724_mid =
         imap::prefetch_get_message_id(&mail.headers).unwrap_or_else(imap::create_message_id);
     if let Some(download_limit) = context.download_limit().await? {
@@ -106,6 +106,7 @@ pub async fn receive_imf(
 /// Emulates reception of a message from "INBOX".
 ///
 /// Only used for tests and REPL tool, not actual message reception pipeline.
+#[cfg(any(test, feature = "internals"))]
 pub(crate) async fn receive_imf_from_inbox(
     context: &Context,
     rfc724_mid: &str,
@@ -202,7 +203,7 @@ pub(crate) async fn receive_imf_inner(
     };
 
     crate::peerstate::maybe_do_aeap_transition(context, &mut mime_parser).await?;
-    if let Some(peerstate) = &mime_parser.decryption_info.peerstate {
+    if let Some(peerstate) = &mime_parser.peerstate {
         peerstate
             .handle_fingerprint_change(context, mime_parser.timestamp_sent)
             .await?;
@@ -357,8 +358,7 @@ pub(crate) async fn receive_imf_inner(
 
             // Peerstate could be updated by handling the Securejoin handshake.
             let contact = Contact::get_by_id(context, from_id).await?;
-            mime_parser.decryption_info.peerstate =
-                Peerstate::from_addr(context, contact.get_addr()).await?;
+            mime_parser.peerstate = Peerstate::from_addr(context, contact.get_addr()).await?;
         } else {
             let to_id = to_ids.first().copied().unwrap_or_default();
             // handshake may mark contacts as verified and must be processed before chats are created
@@ -394,7 +394,7 @@ pub(crate) async fn receive_imf_inner(
     if verified_encryption == VerifiedEncryption::Verified
         && mime_parser.get_header(HeaderDef::ChatVerified).is_some()
     {
-        if let Some(peerstate) = &mut mime_parser.decryption_info.peerstate {
+        if let Some(peerstate) = &mut mime_parser.peerstate {
             // NOTE: it might be better to remember ID of the key
             // that we used to decrypt the message, but
             // it is unlikely that default key ever changes
@@ -762,6 +762,7 @@ async fn add_parts(
     let state: MessageState;
     let mut hidden = false;
     let mut needs_delete_job = false;
+    let mut restore_protection = false;
 
     // if contact renaming is prevented (for mailinglists and bots),
     // we use name from From:-header as override name
@@ -930,15 +931,11 @@ async fn add_parts(
 
         if chat_id.is_none() {
             // try to create a normal chat
-            let create_blocked = if from_id == ContactId::SELF {
-                Blocked::Not
-            } else {
-                let contact = Contact::get_by_id(context, from_id).await?;
-                match contact.is_blocked() {
-                    true => Blocked::Yes,
-                    false if is_bot => Blocked::Not,
-                    false => Blocked::Request,
-                }
+            let contact = Contact::get_by_id(context, from_id).await?;
+            let create_blocked = match contact.is_blocked() {
+                true => Blocked::Yes,
+                false if is_bot => Blocked::Not,
+                false => Blocked::Request,
             };
 
             if let Some(chat) = test_normal_chat {
@@ -1010,6 +1007,13 @@ async fn add_parts(
                             )
                             .await?;
                     }
+                    if let Some(peerstate) = &mime_parser.peerstate {
+                        restore_protection = new_protection != ProtectionStatus::Protected
+                            && peerstate.prefer_encrypt == EncryptPreference::Mutual
+                            // Check that the contact still has the Autocrypt key same as the
+                            // verified key, see also `Peerstate::is_using_verified_key()`.
+                            && contact.is_verified(context).await?;
+                    }
                 }
             }
         }
@@ -1032,8 +1036,7 @@ async fn add_parts(
         state = MessageState::OutDelivered;
         to_id = to_ids.first().copied().unwrap_or_default();
 
-        let self_sent =
-            from_id == ContactId::SELF && to_ids.len() == 1 && to_ids.contains(&ContactId::SELF);
+        let self_sent = to_ids.len() == 1 && to_ids.contains(&ContactId::SELF);
 
         if mime_parser.sync_items.is_some() && self_sent {
             chat_id = Some(DC_CHAT_ID_TRASH);
@@ -1091,8 +1094,8 @@ async fn add_parts(
                 .await?;
             let now = tools::time();
             let update_config = if last_time.saturating_add(24 * 60 * 60) <= now {
-                let mut msg = Message::new(Viewtype::Text);
-                msg.text = stock_str::cant_decrypt_outgoing_msgs(context).await;
+                let mut msg =
+                    Message::new_text(stock_str::cant_decrypt_outgoing_msgs(context).await);
                 chat::add_device_msg(context, None, Some(&mut msg))
                     .await
                     .log_err(context)
@@ -1422,7 +1425,11 @@ async fn add_parts(
     if let Some(msg) = group_changes_msgs.1 {
         match &better_msg {
             None => better_msg = Some(msg),
-            Some(_) => group_changes_msgs.0.push(msg),
+            Some(_) => {
+                if !msg.is_empty() {
+                    group_changes_msgs.0.push(msg)
+                }
+            }
         }
     }
 
@@ -1442,30 +1449,28 @@ async fn add_parts(
     }
 
     if let Some(node_addr) = mime_parser.get_header(HeaderDef::IrohNodeAddr) {
-        match serde_json::from_str::<NodeAddr>(node_addr).context("Failed to parse node address") {
-            Ok(node_addr) => {
-                info!(context, "Adding iroh peer with address {node_addr:?}.");
-                let instance_id = parent.context("Failed to get parent message")?.id;
-                context.emit_event(EventType::WebxdcRealtimeAdvertisementReceived {
-                    msg_id: instance_id,
-                });
-                if let Some(topic) = get_iroh_topic_for_msg(context, instance_id).await? {
-                    let node_id = node_addr.node_id;
-                    let relay_server = node_addr.relay_url().map(|relay| relay.as_str());
-                    iroh_add_peer_for_topic(context, instance_id, topic, node_id, relay_server)
-                        .await?;
-                    let iroh = context.get_or_try_init_peer_channel().await?;
-                    iroh.maybe_add_gossip_peers(topic, vec![node_addr]).await?;
-                } else {
+        chat_id = DC_CHAT_ID_TRASH;
+        match mime_parser.get_header(HeaderDef::InReplyTo) {
+            Some(in_reply_to) => match rfc724_mid_exists(context, in_reply_to).await? {
+                Some((instance_id, _ts_sent)) => {
+                    if let Err(err) =
+                        add_gossip_peer_from_header(context, instance_id, node_addr).await
+                    {
+                        warn!(context, "Failed to add iroh peer from header: {err:#}.");
+                    }
+                }
+                None => {
                     warn!(
                         context,
-                        "Could not add iroh peer because {instance_id} has no topic"
+                        "Cannot add iroh peer because WebXDC instance does not exist."
                     );
                 }
-                chat_id = DC_CHAT_ID_TRASH;
-            }
-            Err(err) => {
-                warn!(context, "Couldn't parse NodeAddr: {err:#}.");
+            },
+            None => {
+                warn!(
+                    context,
+                    "Cannot add iroh peer because the message has no In-Reply-To."
+                );
             }
         }
     }
@@ -1507,6 +1512,9 @@ async fn add_parts(
 
         let mut txt_raw = "".to_string();
         let (msg, typ): (&str, Viewtype) = if let Some(better_msg) = &better_msg {
+            if better_msg.is_empty() && is_partial_download.is_none() {
+                chat_id = DC_CHAT_ID_TRASH;
+            }
             (better_msg, Viewtype::Text)
         } else {
             (&part.msg, part.typ)
@@ -1569,7 +1577,7 @@ INSERT INTO msgs
 ON CONFLICT (id) DO UPDATE
 SET rfc724_mid=excluded.rfc724_mid, chat_id=excluded.chat_id,
     from_id=excluded.from_id, to_id=excluded.to_id, timestamp_sent=excluded.timestamp_sent,
-    type=excluded.type, msgrmsg=excluded.msgrmsg,
+    type=excluded.type, state=max(state,excluded.state), msgrmsg=excluded.msgrmsg,
     txt=excluded.txt, txt_normalized=excluded.txt_normalized, subject=excluded.subject,
     txt_raw=excluded.txt_raw, param=excluded.param,
     hidden=excluded.hidden,bytes=excluded.bytes, mime_headers=excluded.mime_headers,
@@ -1714,7 +1722,16 @@ RETURNING id
         // delete it.
         needs_delete_job = true;
     }
-
+    if restore_protection {
+        chat_id
+            .set_protection(
+                context,
+                ProtectionStatus::Protected,
+                mime_parser.timestamp_rcvd,
+                Some(from_id),
+            )
+            .await?;
+    }
     Ok(ReceivedMsg {
         chat_id,
         state,
@@ -2069,8 +2086,11 @@ async fn create_group(
 
 /// Apply group member list, name, avatar and protection status changes from the MIME message.
 ///
-/// Optionally returns better message to replace the original system message.
-/// is_partial_download: whether the message is not fully downloaded.
+/// Returns `Vec` of group changes messages and, optionally, a better message to replace the
+/// original system message. If the better message is empty, the original system message should be
+/// just omitted.
+///
+/// * `is_partial_download` - whether the message is not fully downloaded.
 #[allow(clippy::too_many_arguments)]
 async fn apply_group_changes(
     context: &Context,
@@ -2172,39 +2192,47 @@ async fn apply_group_changes(
 
     if let Some(removed_addr) = mime_parser.get_header(HeaderDef::ChatGroupMemberRemoved) {
         removed_id = Contact::lookup_id_by_addr(context, removed_addr, Origin::Unknown).await?;
-
-        better_msg = if removed_id == Some(from_id) {
-            Some(stock_str::msg_group_left_local(context, from_id).await)
-        } else {
-            Some(stock_str::msg_del_member_local(context, removed_addr, from_id).await)
-        };
-
-        if removed_id.is_some() {
-            if !allow_member_list_changes {
-                info!(
-                    context,
-                    "Ignoring removal of {removed_addr:?} from {chat_id}."
-                );
+        if let Some(id) = removed_id {
+            if allow_member_list_changes && chat_contacts.contains(&id) {
+                better_msg = if id == from_id {
+                    Some(stock_str::msg_group_left_local(context, from_id).await)
+                } else {
+                    Some(stock_str::msg_del_member_local(context, removed_addr, from_id).await)
+                };
             }
         } else {
             warn!(context, "Removed {removed_addr:?} has no contact id.")
         }
+        better_msg.get_or_insert_with(Default::default);
+        if !allow_member_list_changes {
+            info!(
+                context,
+                "Ignoring removal of {removed_addr:?} from {chat_id}."
+            );
+        }
     } else if let Some(added_addr) = mime_parser.get_header(HeaderDef::ChatGroupMemberAdded) {
-        better_msg = Some(stock_str::msg_add_member_local(context, added_addr, from_id).await);
-
         if allow_member_list_changes {
-            if !recreate_member_list {
-                if let Some(contact_id) =
-                    Contact::lookup_id_by_addr(context, added_addr, Origin::Unknown).await?
-                {
+            let is_new_member;
+            if let Some(contact_id) =
+                Contact::lookup_id_by_addr(context, added_addr, Origin::Unknown).await?
+            {
+                if !recreate_member_list {
                     added_id = Some(contact_id);
-                } else {
-                    warn!(context, "Added {added_addr:?} has no contact id.")
                 }
+                is_new_member = !chat_contacts.contains(&contact_id);
+            } else {
+                warn!(context, "Added {added_addr:?} has no contact id.");
+                is_new_member = false;
+            }
+
+            if is_new_member || self_added {
+                better_msg =
+                    Some(stock_str::msg_add_member_local(context, added_addr, from_id).await);
             }
         } else {
             info!(context, "Ignoring addition of {added_addr:?} to {chat_id}.");
         }
+        better_msg.get_or_insert_with(Default::default);
     } else if let Some(old_name) = mime_parser
         .get_header(HeaderDef::ChatGroupNameChanged)
         .map(|s| s.trim())
@@ -2439,14 +2467,16 @@ async fn create_or_lookup_mailinglist(
     }
 }
 
-#[allow(clippy::indexing_slicing)]
 fn compute_mailinglist_name(
     list_id_header: &str,
     listid: &str,
     mime_parser: &MimeMessage,
 ) -> String {
-    let mut name = match LIST_ID_REGEX.captures(list_id_header) {
-        Some(cap) => cap[1].trim().to_string(),
+    let mut name = match LIST_ID_REGEX
+        .captures(list_id_header)
+        .and_then(|caps| caps.get(1))
+    {
+        Some(cap) => cap.as_str().trim().to_string(),
         None => "".to_string(),
     };
 
@@ -2493,8 +2523,11 @@ fn compute_mailinglist_name(
         // 51231231231231231231231232869f58.xing.com -> xing.com
         static PREFIX_32_CHARS_HEX: Lazy<Regex> =
             Lazy::new(|| Regex::new(r"([0-9a-fA-F]{32})\.(.{6,})").unwrap());
-        if let Some(cap) = PREFIX_32_CHARS_HEX.captures(listid) {
-            name = cap[2].to_string();
+        if let Some(cap) = PREFIX_32_CHARS_HEX
+            .captures(listid)
+            .and_then(|caps| caps.get(2))
+        {
+            name = cap.as_str().to_string();
         } else {
             name = listid.to_string();
         }
@@ -2653,7 +2686,7 @@ async fn update_verified_keys(
         return Ok(None);
     }
 
-    let Some(peerstate) = &mut mimeparser.decryption_info.peerstate else {
+    let Some(peerstate) = &mut mimeparser.peerstate else {
         // No peerstate means no verified keys.
         return Ok(None);
     };
@@ -2726,7 +2759,7 @@ async fn has_verified_encryption(
     // this check is skipped for SELF as there is no proper SELF-peerstate
     // and results in group-splits otherwise.
     if from_id != ContactId::SELF {
-        let Some(peerstate) = &mimeparser.decryption_info.peerstate else {
+        let Some(peerstate) = &mimeparser.peerstate else {
             return Ok(NotVerified(
                 "No peerstate, the contact isn't verified".to_string(),
             ));

src/receive_imf/tests.rs

@@ -883,6 +883,54 @@ async fn test_parse_ndn_group_msg() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_concat_multiple_ndns() -> Result<()> {
+    let t = TestContext::new().await;
+    t.configure_addr("alice@posteo.org").await;
+    let mid = "1234@mail.gmail.com";
+    receive_imf(
+        &t,
+        b"Received: (Postfix, from userid 1000); Mon, 4 Dec 2006 14:51:39 +0100 (CET)\n\
+                 From: alice@posteo.org\n\
+                 To: hanerthaertidiuea@gmx.de\n\
+                 Subject: foo\n\
+                 Message-ID: <1234@mail.gmail.com>\n\
+                 Chat-Version: 1.0\n\
+                 Chat-Disposition-Notification-To: alice@example.org\n\
+                 Date: Sun, 22 Mar 2020 22:37:57 +0000\n\
+                 \n\
+                 hello\n",
+        false,
+    )
+    .await?;
+
+    let chats = Chatlist::try_load(&t, 0, None, None).await?;
+    let msg_id = chats.get_msg_id(0)?.unwrap();
+
+    let raw = include_str!("../../test-data/message/posteo_ndn.eml");
+    let raw = raw.replace(
+        "Message-ID: <04422840-f884-3e37-5778-8192fe22d8e1@posteo.de>",
+        &format!("Message-ID: <{}>", mid),
+    );
+    receive_imf(&t, raw.as_bytes(), false).await?;
+
+    let msg = Message::load_from_db(&t, msg_id).await?;
+
+    let err = "Undelivered Mail Returned to Sender – This is the mail system at host mout01.posteo.de.\n\nI'm sorry to have to inform you that your message could not\nbe delivered to one or more recipients. It's attached below.\n\nFor further assistance, please send mail to postmaster.\n\nIf you do so, please include this problem report. You can\ndelete your own text from the attached returned message.\n\n                   The mail system\n\n<hanerthaertidiuea@gmx.de>: host mx01.emig.gmx.net[212.227.17.5] said: 550\n    Requested action not taken: mailbox unavailable (in reply to RCPT TO\n    command)".to_string();
+    assert_eq!(msg.error(), Some(err.clone()));
+    assert_eq!(msg.state, MessageState::OutFailed);
+
+    let raw = raw.replace(
+        "Message-Id: <20200609184422.DCB6B1200DD@mout01.posteo.de>",
+        "Message-Id: <next@mout01.posteo.de>",
+    );
+    receive_imf(&t, raw.as_bytes(), false).await?;
+    let msg = Message::load_from_db(&t, msg_id).await?;
+
+    assert_eq!(msg.error(), Some([err.clone(), err].join("\n\n")));
+    Ok(())
+}
+
 async fn load_imf_email(context: &Context, imf_raw: &[u8]) -> Message {
     context
         .set_config(Config::ShowEmails, Some("2"))
@@ -2178,8 +2226,7 @@ async fn test_no_smtp_job_for_self_chat() -> Result<()> {
     let bob = &tcm.bob().await;
     bob.set_config_bool(Config::BccSelf, false).await?;
     let chat_id = bob.get_self_chat().await.id;
-    let mut msg = Message::new(Viewtype::Text);
-    msg.text = "Happy birthday to me".to_string();
+    let mut msg = Message::new_text("Happy birthday to me".to_string());
     chat::send_msg(bob, chat_id, &mut msg).await?;
     assert!(bob.pop_sent_msg_opt(Duration::ZERO).await.is_none());
     Ok(())
@@ -3298,8 +3345,7 @@ async fn test_outgoing_private_reply_multidevice() -> Result<()> {
     assert_eq!(received_group.name, "Group");
     assert_eq!(received_group.can_send(&alice1).await?, false); // Can't send because it's Blocked::Request
 
-    let mut msg_out = Message::new(Viewtype::Text);
-    msg_out.set_text("Private reply".to_string());
+    let mut msg_out = Message::new_text("Private reply".to_string());
 
     assert_eq!(received_group.blocked, Blocked::Request);
     msg_out.set_quote(&alice1, Some(&received)).await?;
@@ -3506,8 +3552,7 @@ async fn test_no_private_reply_to_blocked_account() -> Result<()> {
     let received_group = Chat::load_from_db(&alice, received.chat_id).await?;
     assert_eq!(received_group.typ, Chattype::Group);
 
-    let mut msg_out = Message::new(Viewtype::Text);
-    msg_out.set_text("Private reply".to_string());
+    let mut msg_out = Message::new_text("Private reply".to_string());
     msg_out.set_quote(&alice, Some(&received)).await?;
 
     let alice_bob_chat = alice.create_chat(&bob).await;
@@ -4140,9 +4185,8 @@ async fn test_recreate_contact_list_on_missing_message() -> Result<()> {
     // readd fiona
     add_contact_to_chat(&alice, chat_id, alice_fiona).await?;
 
-    alice.recv_msg(&remove_msg).await;
-
     // delayed removal of fiona shouldn't remove her
+    alice.recv_msg_trash(&remove_msg).await;
     assert_eq!(get_chat_contacts(&alice, chat_id).await?.len(), 4);
 
     Ok(())
@@ -4811,6 +4855,37 @@ async fn test_protected_group_add_remove_member_missing_key() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_protected_group_reply_from_mua() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let fiona = &tcm.fiona().await;
+    mark_as_verified(alice, bob).await;
+    mark_as_verified(alice, fiona).await;
+    mark_as_verified(bob, alice).await;
+    let alice_chat_id = alice
+        .create_group_with_members(ProtectionStatus::Protected, "Group", &[bob, fiona])
+        .await;
+    let sent = alice.send_text(alice_chat_id, "Hello!").await;
+    let bob_msg = bob.recv_msg(&sent).await;
+    bob_msg.chat_id.accept(bob).await?;
+    // This is hacky, but i don't know other simple way to simulate a MUA reply. It works because
+    // the message is correctly assigned to the chat by `References:`.
+    bob.sql
+        .execute(
+            "UPDATE chats SET protected=0, grpid='' WHERE id=?",
+            (bob_msg.chat_id,),
+        )
+        .await?;
+    let sent = bob
+        .send_text(bob_msg.chat_id, "/me replying from MUA")
+        .await;
+    let alice_msg = alice.recv_msg(&sent).await;
+    assert_eq!(alice_msg.chat_id, alice_chat_id);
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_older_message_from_2nd_device() -> Result<()> {
     let mut tcm = TestContextManager::new();
@@ -4902,6 +4977,32 @@ async fn test_unarchive_on_member_removal() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_no_op_member_added_is_trash() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let alice_chat_id = alice
+        .create_group_with_members(ProtectionStatus::Unprotected, "foos", &[bob])
+        .await;
+    send_text_msg(alice, alice_chat_id, "populate".to_string()).await?;
+    let msg = alice.pop_sent_msg().await;
+    bob.recv_msg(&msg).await;
+    let bob_chat_id = bob.get_last_msg().await.chat_id;
+    bob_chat_id.accept(bob).await?;
+
+    let fiona_id = Contact::create(alice, "", "fiona@example.net").await?;
+    add_contact_to_chat(alice, alice_chat_id, fiona_id).await?;
+    let msg = alice.pop_sent_msg().await;
+
+    let fiona_id = Contact::create(bob, "", "fiona@example.net").await?;
+    add_contact_to_chat(bob, bob_chat_id, fiona_id).await?;
+    bob.recv_msg_trash(&msg).await;
+    let contacts = get_chat_contacts(bob, bob_chat_id).await?;
+    assert_eq!(contacts.len(), 3);
+    Ok(())
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_forged_from() -> Result<()> {
     let mut tcm = TestContextManager::new();

src/scheduler.rs

@@ -135,7 +135,7 @@ impl SchedulerState {
     /// If in the meantime [`SchedulerState::start`] or [`SchedulerState::stop`] is called
     /// resume will do the right thing and restore the scheduler to the state requested by
     /// the last call.
-    pub(crate) async fn pause<'a>(&'_ self, context: Context) -> Result<IoPausedGuard> {
+    pub(crate) async fn pause(&'_ self, context: Context) -> Result<IoPausedGuard> {
         {
             let mut inner = self.inner.write().await;
             match *inner {
@@ -655,9 +655,7 @@ async fn fetch_idle(
             ctx,
             "IMAP session does not support IDLE, going to fake idle."
         );
-        connection
-            .fake_idle(ctx, &mut session, watch_folder, folder_meaning)
-            .await?;
+        connection.fake_idle(ctx, watch_folder).await?;
         return Ok(session);
     }
 
@@ -669,9 +667,7 @@ async fn fetch_idle(
         .unwrap_or_default()
     {
         info!(ctx, "IMAP IDLE is disabled, going to fake idle.");
-        connection
-            .fake_idle(ctx, &mut session, watch_folder, folder_meaning)
-            .await?;
+        connection.fake_idle(ctx, watch_folder).await?;
         return Ok(session);
     }
 

src/scheduler/connectivity.rs

@@ -318,10 +318,6 @@ impl Context {
                     .yellow {
                         background-color: #fdc625;
                     }
-                    .not-started-error {
-                        font-size: 2em;
-                        color: red;
-                    }
                 </style>
             </head>
             <body>"#
@@ -341,7 +337,10 @@ impl Context {
                 sched.smtp.state.connectivity.clone(),
             ),
             _ => {
-                ret += "<div class=\"not-started-error\">Error: IO Not Started</div><p>Please report this issue to the app developer.</p>\n</body></html>\n";
+                ret += &format!(
+                    "<h3>{}</h3>\n</body></html>\n",
+                    stock_str::not_connected(self).await
+                );
                 return Ok(ret);
             }
         };

src/securejoin.rs

@@ -1,13 +1,13 @@
 //! Implementation of [SecureJoin protocols](https://securejoin.delta.chat/).
 
 use anyhow::{ensure, Context as _, Error, Result};
-use percent_encoding::{utf8_percent_encode, AsciiSet, NON_ALPHANUMERIC};
+use percent_encoding::{utf8_percent_encode, NON_ALPHANUMERIC};
 
 use crate::aheader::EncryptPreference;
 use crate::chat::{self, get_chat_id_by_grpid, Chat, ChatId, ChatIdBlocked, ProtectionStatus};
 use crate::chatlist_events;
 use crate::config::Config;
-use crate::constants::{Blocked, Chattype};
+use crate::constants::{Blocked, Chattype, NON_ALPHANUMERIC_WITHOUT_DOT};
 use crate::contact::{Contact, ContactId, Origin};
 use crate::context::Context;
 use crate::e2ee::ensure_secret_key_exists;
@@ -34,9 +34,6 @@ use qrinvite::QrInvite;
 
 use crate::token::Namespace;
 
-/// Set of characters to percent-encode in email addresses and names.
-pub const NON_ALPHANUMERIC_WITHOUT_DOT: &AsciiSet = &NON_ALPHANUMERIC.remove(b'.');
-
 fn inviter_progress(context: &Context, contact_id: ContactId, progress: usize) {
     debug_assert!(
         progress <= 1000,
@@ -107,7 +104,7 @@ pub async fn get_securejoin_qr(context: &Context, group: Option<ChatId>) -> Resu
             context.scheduler.interrupt_inbox().await;
         }
         format!(
-            "OPENPGP4FPR:{}#a={}&g={}&x={}&i={}&s={}",
+            "https://i.delta.chat/#{}&a={}&g={}&x={}&i={}&s={}",
             fingerprint.hex(),
             self_addr_urlencoded,
             &group_name_urlencoded,
@@ -122,7 +119,7 @@ pub async fn get_securejoin_qr(context: &Context, group: Option<ChatId>) -> Resu
             context.scheduler.interrupt_inbox().await;
         }
         format!(
-            "OPENPGP4FPR:{}#a={}&n={}&i={}&s={}",
+            "https://i.delta.chat/#{}&a={}&n={}&i={}&s={}",
             fingerprint.hex(),
             self_addr_urlencoded,
             self_name_urlencoded,
@@ -139,7 +136,7 @@ async fn get_self_fingerprint(context: &Context) -> Result<Fingerprint> {
     let key = load_self_public_key(context)
         .await
         .context("Failed to load key")?;
-    Ok(key.fingerprint())
+    Ok(key.dc_fingerprint())
 }
 
 /// Take a scanned QR-code and do the setup-contact/join-group/invite handshake.
@@ -247,10 +244,10 @@ async fn verify_sender_by_fingerprint(
 
 /// What to do with a Secure-Join handshake message after it was handled.
 ///
-/// This status is returned to [`receive_imf`] which will use it to decide what to do
+/// This status is returned to [`receive_imf_inner`] which will use it to decide what to do
 /// next with this incoming setup-contact/secure-join handshake message.
 ///
-/// [`receive_imf`]: crate::receive_imf::receive_imf
+/// [`receive_imf_inner`]: crate::receive_imf::receive_imf_inner
 #[derive(Debug, PartialEq, Eq)]
 pub(crate) enum HandshakeMessage {
     /// The message has been fully handled and should be removed/delete.
@@ -282,7 +279,6 @@ pub(crate) enum HandshakeMessage {
 ///
 /// When `handle_securejoin_handshake()` is called, the message is not yet filed in the
 /// database; this is done by `receive_imf()` later on as needed.
-#[allow(clippy::indexing_slicing)]
 pub(crate) async fn handle_securejoin_handshake(
     context: &Context,
     mime_message: &MimeMessage,
@@ -301,9 +297,9 @@ pub(crate) async fn handle_securejoin_handshake(
 
     if !matches!(step, "vg-request" | "vc-request") {
         let mut self_found = false;
-        let self_fingerprint = load_self_public_key(context).await?.fingerprint();
+        let self_fingerprint = load_self_public_key(context).await?.dc_fingerprint();
         for (addr, key) in &mime_message.gossiped_keys {
-            if key.fingerprint() == self_fingerprint && context.is_self_addr(addr).await? {
+            if key.dc_fingerprint() == self_fingerprint && context.is_self_addr(addr).await? {
                 self_found = true;
                 break;
             }
@@ -351,7 +347,7 @@ pub(crate) async fn handle_securejoin_handshake(
             send_alice_handshake_msg(
                 context,
                 contact_id,
-                &format!("{}-auth-required", &step[..2]),
+                &format!("{}-auth-required", &step.get(..2).unwrap_or_default()),
             )
             .await
             .context("failed sending auth-required handshake message")?;
@@ -768,6 +764,7 @@ mod tests {
         WrongAliceGossip,
         SecurejoinWaitTimeout,
         AliceIsBot,
+        AliceHasName,
     }
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -795,10 +792,21 @@ mod tests {
         test_setup_contact_ex(SetupContactCase::AliceIsBot).await
     }
 
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_setup_contact_alice_has_name() {
+        test_setup_contact_ex(SetupContactCase::AliceHasName).await
+    }
+
     async fn test_setup_contact_ex(case: SetupContactCase) {
         let mut tcm = TestContextManager::new();
         let alice = tcm.alice().await;
         let alice_addr = &alice.get_config(Config::Addr).await.unwrap().unwrap();
+        if case == SetupContactCase::AliceHasName {
+            alice
+                .set_config(Config::Displayname, Some("Alice"))
+                .await
+                .unwrap();
+        }
         let bob = tcm.bob().await;
         bob.set_config(Config::Displayname, Some("Bob Examplenet"))
             .await
@@ -843,7 +851,10 @@ mod tests {
             Chatlist::try_load(&bob, 0, None, None).await.unwrap().len(),
             1
         );
-
+        let contact_alice_id = Contact::lookup_id_by_addr(&bob.ctx, alice_addr, Origin::Unknown)
+            .await
+            .expect("Error looking up contact")
+            .expect("Contact not found");
         let sent = bob.pop_sent_msg().await;
         assert!(!sent.payload.contains("Bob Examplenet"));
         assert_eq!(sent.recipient(), EmailAddress::new(alice_addr).unwrap());
@@ -924,7 +935,10 @@ mod tests {
             "vc-request-with-auth"
         );
         assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = load_self_public_key(&bob.ctx).await.unwrap().fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx)
+            .await
+            .unwrap()
+            .dc_fingerprint();
         assert_eq!(
             *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
             bob_fp.hex()
@@ -977,6 +991,7 @@ mod tests {
             .await
             .unwrap();
         assert_eq!(contact_bob.get_authname(), "Bob Examplenet");
+        assert!(contact_bob.get_name().is_empty());
         assert_eq!(contact_bob.is_bot(), false);
 
         // exactly one one-to-one chat should be visible for both now
@@ -1006,14 +1021,13 @@ mod tests {
         }
 
         // Make sure Alice hasn't yet sent their name to Bob.
-        let contact_alice_id = Contact::lookup_id_by_addr(&bob.ctx, alice_addr, Origin::Unknown)
-            .await
-            .expect("Error looking up contact")
-            .expect("Contact not found");
         let contact_alice = Contact::get_by_id(&bob.ctx, contact_alice_id)
             .await
             .unwrap();
-        assert_eq!(contact_alice.get_authname(), "");
+        match case {
+            SetupContactCase::AliceHasName => assert_eq!(contact_alice.get_authname(), "Alice"),
+            _ => assert_eq!(contact_alice.get_authname(), ""),
+        };
 
         // Check Alice sent the right message to Bob.
         let sent = alice.pop_sent_msg().await;
@@ -1036,6 +1050,7 @@ mod tests {
             .await
             .unwrap();
         assert_eq!(contact_alice.get_authname(), "Alice Exampleorg");
+        assert!(contact_alice.get_name().is_empty());
         assert_eq!(contact_alice.is_bot(), case == SetupContactCase::AliceIsBot);
 
         if case != SetupContactCase::SecurejoinWaitTimeout {
@@ -1093,10 +1108,10 @@ mod tests {
             last_seen_autocrypt: 10,
             prefer_encrypt: EncryptPreference::Mutual,
             public_key: Some(alice_pubkey.clone()),
-            public_key_fingerprint: Some(alice_pubkey.fingerprint()),
+            public_key_fingerprint: Some(alice_pubkey.dc_fingerprint()),
             gossip_key: Some(alice_pubkey.clone()),
             gossip_timestamp: 10,
-            gossip_key_fingerprint: Some(alice_pubkey.fingerprint()),
+            gossip_key_fingerprint: Some(alice_pubkey.dc_fingerprint()),
             verified_key: None,
             verified_key_fingerprint: None,
             verifier: None,
@@ -1144,7 +1159,7 @@ mod tests {
             "vc-request-with-auth"
         );
         assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = load_self_public_key(&bob.ctx).await?.fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx).await?.dc_fingerprint();
         assert_eq!(
             *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
             bob_fp.hex()
@@ -1307,7 +1322,7 @@ mod tests {
             "vg-request-with-auth"
         );
         assert!(msg.get_header(HeaderDef::SecureJoinAuth).is_some());
-        let bob_fp = load_self_public_key(&bob.ctx).await?.fingerprint();
+        let bob_fp = load_self_public_key(&bob.ctx).await?.dc_fingerprint();
         assert_eq!(
             *msg.get_header(HeaderDef::SecureJoinFingerprint).unwrap(),
             bob_fp.hex()

src/securejoin/bobstate.rs

@@ -389,7 +389,7 @@ async fn send_handshake_message(
             msg.param.set_int(Param::GuaranteeE2ee, 1);
 
             // Sends our own fingerprint in the Secure-Join-Fingerprint header.
-            let bob_fp = load_self_public_key(context).await?.fingerprint();
+            let bob_fp = load_self_public_key(context).await?.dc_fingerprint();
             msg.param.set(Param::Arg3, bob_fp.hex());
 
             // Sends the grpid in the Secure-Join-Group header.

src/simplify.rs

@@ -1,4 +1,5 @@
 //! # Simplify incoming plaintext.
+use crate::tools::IsNoneOrEmpty;
 
 /// Protects lines starting with `--` against being treated as a footer.
 /// for that, we insert a ZERO WIDTH SPACE (ZWSP, 0x200B);
@@ -20,20 +21,20 @@ pub fn escape_message_footer_marks(text: &str) -> String {
 /// Returns `(lines, footer_lines)` tuple;
 /// `footer_lines` is set to `Some` if the footer was actually removed from `lines`
 /// (which is equal to the input array otherwise).
-#[allow(clippy::indexing_slicing)]
-fn remove_message_footer<'a>(lines: &'a [&str]) -> (&'a [&'a str], Option<&'a [&'a str]>) {
+pub(crate) fn remove_message_footer<'a>(
+    lines: &'a [&str],
+) -> (&'a [&'a str], Option<&'a [&'a str]>) {
     let mut nearly_standard_footer = None;
     for (ix, &line) in lines.iter().enumerate() {
         match line {
             // some providers encode `-- ` to `-- =20` which results in `--  `
-            "-- " | "--  " => return (&lines[..ix], lines.get(ix + 1..)),
+            "-- " | "--  " => return (lines.get(..ix).unwrap_or(lines), lines.get(ix + 1..)),
             // some providers encode `-- ` to `=2D-` which results in only `--`;
             // use that only when no other footer is found
             // and if the line before is empty and the line after is not empty
             "--" => {
-                if (ix == 0 || lines[ix - 1].is_empty())
-                    && ix != lines.len() - 1
-                    && !lines[ix + 1].is_empty()
+                if (ix == 0 || lines.get(ix.saturating_sub(1)).is_none_or_empty())
+                    && !lines.get(ix + 1).is_none_or_empty()
                 {
                     nearly_standard_footer = Some(ix);
                 }
@@ -42,7 +43,7 @@ fn remove_message_footer<'a>(lines: &'a [&str]) -> (&'a [&'a str], Option<&'a [&
         }
     }
     if let Some(ix) = nearly_standard_footer {
-        return (&lines[..ix], lines.get(ix + 1..));
+        return (lines.get(..ix).unwrap_or(lines), lines.get(ix + 1..));
     }
     (lines, None)
 }
@@ -51,7 +52,6 @@ fn remove_message_footer<'a>(lines: &'a [&str]) -> (&'a [&'a str], Option<&'a [&
 /// Returns `(lines, is_footer_removed)` tuple;
 /// `is_footer_removed` is set to `true` if the footer was actually removed from `lines`
 /// (which is equal to the input array otherwise).
-#[allow(clippy::indexing_slicing)]
 fn remove_nonstandard_footer<'a>(lines: &'a [&str]) -> (&'a [&'a str], bool) {
     for (ix, &line) in lines.iter().enumerate() {
         if line == "--"
@@ -61,7 +61,10 @@ fn remove_nonstandard_footer<'a>(lines: &'a [&str]) -> (&'a [&'a str], bool) {
             || line.starts_with("*****")
             || line.starts_with("~~~~~")
         {
-            return (&lines[..ix], true);
+            // `get` should always return `Some` here.
+            if let Some(lines) = lines.get(..ix) {
+                return (lines, true);
+            }
         }
     }
     (lines, false)
@@ -171,7 +174,6 @@ fn skip_forward_header<'a>(lines: &'a [&str]) -> (&'a [&'a str], bool) {
     }
 }
 
-#[allow(clippy::indexing_slicing)]
 fn remove_bottom_quote<'a>(lines: &'a [&str]) -> (&'a [&'a str], Option<String>) {
     let mut first_quoted_line = lines.len();
     let mut last_quoted_line = None;
@@ -186,30 +188,36 @@ fn remove_bottom_quote<'a>(lines: &'a [&str]) -> (&'a [&'a str], Option<String>)
         }
     }
     if let Some(mut l_last) = last_quoted_line {
-        let quoted_text = lines[l_last..first_quoted_line]
+        let quoted_text = lines
             .iter()
+            .take(first_quoted_line)
+            .skip(l_last)
             .map(|s| {
                 s.strip_prefix('>')
                     .map_or(*s, |u| u.strip_prefix(' ').unwrap_or(u))
             })
             .collect::<Vec<&str>>()
             .join("\n");
-        if l_last > 1 && is_empty_line(lines[l_last - 1]) {
-            l_last -= 1
-        }
         if l_last > 1 {
-            let line = lines[l_last - 1];
-            if is_quoted_headline(line) {
-                l_last -= 1
+            if let Some(line) = lines.get(l_last - 1) {
+                if is_empty_line(line) {
+                    l_last -= 1
+                }
             }
         }
-        (&lines[..l_last], Some(quoted_text))
+        if l_last > 1 {
+            if let Some(line) = lines.get(l_last - 1) {
+                if is_quoted_headline(line) {
+                    l_last -= 1
+                }
+            }
+        }
+        (lines.get(..l_last).unwrap_or(lines), Some(quoted_text))
     } else {
         (lines, None)
     }
 }
 
-#[allow(clippy::indexing_slicing)]
 fn remove_top_quote<'a>(
     lines: &'a [&str],
     is_chat_message: bool,
@@ -236,10 +244,12 @@ fn remove_top_quote<'a>(
     }
     if let Some(last_quoted_line) = last_quoted_line {
         (
-            &lines[last_quoted_line + 1..],
+            lines.get(last_quoted_line + 1..).unwrap_or(lines),
             Some(
-                lines[first_quoted_line..last_quoted_line + 1]
+                lines
                     .iter()
+                    .take(last_quoted_line + 1)
+                    .skip(first_quoted_line)
                     .map(|s| {
                         s.strip_prefix('>')
                             .map_or(*s, |u| u.strip_prefix(' ').unwrap_or(u))
@@ -296,7 +306,7 @@ fn is_quoted_headline(buf: &str) -> bool {
     - Currently, we simply check if the last character is a ':'.
     - Checking for the existence of an email address may fail (headlines may show the user's name instead of the address) */
 
-    buf.len() <= 80 && buf.ends_with(':')
+    buf.len() <= 120 && buf.ends_with(':')
 }
 
 fn is_plain_quote(buf: &str) -> bool {
@@ -401,6 +411,28 @@ mod tests {
         assert!(!is_plain_quote(""));
     }
 
+    #[test]
+    fn test_is_quoted_headline() {
+        assert!(is_quoted_headline("On 2024-08-28, Bob wrote:"));
+        assert!(is_quoted_headline("Am 11. November 2024 schrieb Alice:"));
+        assert!(is_quoted_headline("Anonymous Longer Name a écrit:"));
+        assert!(is_quoted_headline("There is not really a pattern wrote:"));
+        assert!(is_quoted_headline(
+            "On Mon, 3 Jan, 2022 at 8:34 PM \"Anonymous Longer Name\" <anonymous-longer-name@example.com> wrote:"
+        ));
+        assert!(!is_quoted_headline(
+            "How are you? I just want to say that this line does not belong to the quote!"
+        ));
+        assert!(!is_quoted_headline(
+            "No quote headline as not ending with a colon"
+        ));
+        assert!(!is_quoted_headline(
+            "Even though this ends with a colon, \
+            this is no quote-headline as just too long for most cases of date+name+address. \
+            it's all heuristics only, it is expected to go wrong sometimes. there is always the 'Show full message' button:"
+        ));
+    }
+
     #[test]
     fn test_remove_top_quote() {
         let (lines, top_quote) = remove_top_quote(&["> first", "> second"], true);

src/smtp.rs

@@ -126,6 +126,7 @@ impl Smtp {
 
         let login_params =
             prioritize_server_login_params(&context.sql, login_params, "smtp").await?;
+        let mut first_error = None;
         for lp in login_params {
             info!(context, "SMTP trying to connect to {}.", &lp.connection);
             let transport = match connect::connect_and_auth(
@@ -143,6 +144,7 @@ impl Smtp {
                 Ok(transport) => transport,
                 Err(err) => {
                     warn!(context, "SMTP failed to connect and authenticate: {err:#}.");
+                    first_error.get_or_insert(err);
                     continue;
                 }
             };
@@ -157,7 +159,7 @@ impl Smtp {
             return Ok(());
         }
 
-        Err(format_err!("SMTP failed to connect"))
+        Err(first_error.unwrap_or_else(|| format_err!("No SMTP connection candidates provided")))
     }
 }
 
@@ -355,9 +357,9 @@ pub(crate) async fn send_msg_to_smtp(
         .await
         .context("failed to update retries count")?;
 
-    let (body, recipients, msg_id, retries) = context
+    let Some((body, recipients, msg_id, retries)) = context
         .sql
-        .query_row(
+        .query_row_optional(
             "SELECT mime, recipients, msg_id, retries FROM smtp WHERE id=?",
             (rowid,),
             |row| {
@@ -368,10 +370,15 @@ pub(crate) async fn send_msg_to_smtp(
                 Ok((mime, recipients, msg_id, retries))
             },
         )
-        .await?;
+        .await?
+    else {
+        return Ok(());
+    };
     if retries > 6 {
-        let mut msg = Message::load_from_db(context, msg_id).await?;
-        message::set_msg_failed(context, &mut msg, "Number of retries exceeded the limit.").await?;
+        if let Some(mut msg) = Message::load_from_db_optional(context, msg_id).await? {
+            message::set_msg_failed(context, &mut msg, "Number of retries exceeded the limit.")
+                .await?;
+        }
         context
             .sql
             .execute("DELETE FROM smtp WHERE id=?", (rowid,))

src/sql.rs

@@ -17,7 +17,7 @@ use crate::ephemeral::start_ephemeral_timers;
 use crate::imex::BLOBS_BACKUP_NAME;
 use crate::location::delete_orphaned_poi_locations;
 use crate::log::LogExt;
-use crate::message::{Message, MsgId, Viewtype};
+use crate::message::{Message, MsgId};
 use crate::net::dns::prune_dns_cache;
 use crate::net::prune_connection_history;
 use crate::param::{Param, Params};
@@ -154,29 +154,28 @@ impl Sql {
             // don't have main database passphrase at this point.
             // See <https://sqlite.org/c3ref/c_dbconfig_enable_fkey.html> for documentation.
             // Without resetting import may fail due to existing tables.
-            let res = res.and_then(|_| {
+            res.and_then(|_| {
                 conn.set_db_config(DbConfig::SQLITE_DBCONFIG_RESET_DATABASE, true)
                     .context("failed to set SQLITE_DBCONFIG_RESET_DATABASE")
-            });
-            let res = res.and_then(|_| {
+            })
+            .and_then(|_| {
                 conn.execute("VACUUM", [])
                     .context("failed to vacuum the database")
-            });
-            let res = res.and(
+            })
+            .and(
                 conn.set_db_config(DbConfig::SQLITE_DBCONFIG_RESET_DATABASE, false)
                     .context("failed to unset SQLITE_DBCONFIG_RESET_DATABASE"),
-            );
-            let res = res.and_then(|_| {
+            )
+            .and_then(|_| {
                 conn.query_row("SELECT sqlcipher_export('main', 'backup')", [], |_row| {
                     Ok(())
                 })
                 .context("failed to import from attached backup database")
-            });
-            let res = res.and(
+            })
+            .and(
                 conn.execute("DETACH DATABASE backup", [])
                     .context("failed to detach backup database"),
-            );
-            res?;
+            )?;
             Ok(())
         })
         .await
@@ -247,8 +246,7 @@ impl Sql {
             // We now always watch all folders and delete messages there if delete_server is enabled.
             // So, for people who have delete_server enabled, disable it and add a hint to the devicechat:
             if context.get_config_delete_server_after().await?.is_some() {
-                let mut msg = Message::new(Viewtype::Text);
-                msg.set_text(stock_str::delete_server_turned_off(context).await);
+                let mut msg = Message::new_text(stock_str::delete_server_turned_off(context).await);
                 add_device_msg(context, None, Some(&mut msg)).await?;
                 context
                     .set_config_internal(Config::DeleteServerAfter, Some("0"))
@@ -681,6 +679,36 @@ fn new_connection(path: &Path, passphrase: &str) -> Result<Connection> {
     Ok(conn)
 }
 
+// Tries to clear the freelist to free some space on the disk.
+//
+// This only works if auto_vacuum is enabled.
+async fn incremental_vacuum(context: &Context) -> Result<()> {
+    context
+        .sql
+        .call_write(move |conn| {
+            let mut stmt = conn
+                .prepare("PRAGMA incremental_vacuum")
+                .context("Failed to prepare incremental_vacuum statement")?;
+
+            // It is important to step the statement until it returns no more rows.
+            // Otherwise it will not free as many pages as it can:
+            // <https://stackoverflow.com/questions/53746807/sqlite-incremental-vacuum-removing-only-one-free-page>.
+            let mut rows = stmt
+                .query(())
+                .context("Failed to run incremental_vacuum statement")?;
+            let mut row_count = 0;
+            while let Some(_row) = rows
+                .next()
+                .context("Failed to step incremental_vacuum statement")?
+            {
+                row_count += 1;
+            }
+            info!(context, "Incremental vacuum freed {row_count} pages.");
+            Ok(())
+        })
+        .await
+}
+
 /// Cleanup the account to restore some storage and optimize the database.
 pub async fn housekeeping(context: &Context) -> Result<()> {
     // Setting `Config::LastHousekeeping` at the beginning avoids endless loops when things do not
@@ -713,24 +741,8 @@ pub async fn housekeeping(context: &Context) -> Result<()> {
         );
     }
 
-    // Try to clear the freelist to free some space on the disk. This
-    // only works if auto_vacuum is enabled.
-    match context
-        .sql
-        .query_row_optional("PRAGMA incremental_vacuum", (), |_row| Ok(()))
-        .await
-    {
-        Err(err) => {
-            warn!(context, "Failed to run incremental vacuum: {err:#}.");
-        }
-        Ok(Some(())) => {
-            // Incremental vacuum returns a zero-column result if it did anything.
-            info!(context, "Successfully ran incremental vacuum.");
-        }
-        Ok(None) => {
-            // Incremental vacuum returned `SQLITE_DONE` immediately,
-            // there were no pages to remove.
-        }
+    if let Err(err) = incremental_vacuum(context).await {
+        warn!(context, "Failed to run incremental vacuum: {err:#}.");
     }
 
     context
@@ -930,15 +942,12 @@ pub async fn remove_unused_files(context: &Context) -> Result<()> {
     Ok(())
 }
 
-#[allow(clippy::indexing_slicing)]
 fn is_file_in_use(files_in_use: &HashSet<String>, namespc_opt: Option<&str>, name: &str) -> bool {
     let name_to_check = if let Some(namespc) = namespc_opt {
-        let name_len = name.len();
-        let namespc_len = namespc.len();
-        if name_len <= namespc_len || !name.ends_with(namespc) {
+        let Some(name) = name.strip_suffix(namespc) else {
             return false;
-        }
-        &name[..name_len - namespc_len]
+        };
+        name
     } else {
         name
     };
@@ -1115,8 +1124,7 @@ mod tests {
         let t = TestContext::new_alice().await;
 
         let chat = t.create_chat_with_contact("bob", "bob@example.com").await;
-        let mut new_draft = Message::new(Viewtype::Text);
-        new_draft.set_text("This is my draft".to_string());
+        let mut new_draft = Message::new_text("This is my draft".to_string());
         chat.id.set_draft(&t, Some(&mut new_draft)).await.unwrap();
 
         housekeeping(&t).await.unwrap();
@@ -1370,4 +1378,14 @@ mod tests {
 
         Ok(())
     }
+
+    /// Tests that incremental_vacuum does not fail.
+    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+    async fn test_incremental_vacuum() -> Result<()> {
+        let t = TestContext::new().await;
+
+        incremental_vacuum(&t).await?;
+
+        Ok(())
+    }
 }

src/stock_str.rs

@@ -1419,8 +1419,7 @@ impl Context {
         msg.param.set(Param::File, blob.as_name());
         chat::add_device_msg(self, Some("core-welcome-image"), Some(&mut msg)).await?;
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.text = welcome_message(self).await;
+        let mut msg = Message::new_text(welcome_message(self).await);
         chat::add_device_msg(self, Some("core-welcome"), Some(&mut msg)).await?;
         Ok(())
     }

src/summary.rs

@@ -289,7 +289,7 @@ mod tests {
     use super::*;
     use crate::chat::ChatId;
     use crate::param::Param;
-    use crate::test_utils as test;
+    use crate::test_utils::TestContext;
 
     async fn assert_summary_texts(msg: &Message, ctx: &Context, expected: &str) {
         assert_eq!(msg.get_summary_text(ctx).await, expected);
@@ -298,15 +298,14 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_get_summary_text() {
-        let d = test::TestContext::new().await;
+        let d = TestContext::new_alice().await;
         let ctx = &d.ctx;
         let chat_id = ChatId::create_for_contact(ctx, ContactId::SELF)
             .await
             .unwrap();
         let some_text = " bla \t\n\tbla\n\t".to_string();
 
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text(some_text.to_string());
+        let msg = Message::new_text(some_text.to_string());
         assert_summary_texts(&msg, ctx, "bla bla").await; // for simple text, the type is not added to the summary
 
         let mut msg = Message::new(Viewtype::Image);
@@ -415,8 +414,7 @@ mod tests {
         }
 
         // Forwarded
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text(some_text.clone());
+        let mut msg = Message::new_text(some_text.clone());
         msg.param.set_int(Param::Forwarded, 1);
         assert_eq!(msg.get_summary_text(ctx).await, "Forwarded: bla bla"); // for simple text, the type is not added to the summary
         assert_eq!(msg.get_summary_text_without_prefix(ctx).await, "bla bla"); // skipping prefix used for reactions summaries

src/test_utils.rs

@@ -1,7 +1,6 @@
 //! Utilities to help writing tests.
 //!
 //! This private module is only compiled for test runs.
-#![allow(clippy::indexing_slicing)]
 use std::collections::{BTreeMap, HashSet};
 use std::fmt::Write;
 use std::ops::{Deref, DerefMut};
@@ -730,8 +729,7 @@ impl TestContext {
     /// [`TestContext::recv_msg`] with the returned [`SentMessage`] if it wants to receive
     /// the message.
     pub async fn send_text(&self, chat_id: ChatId, txt: &str) -> SentMessage<'_> {
-        let mut msg = Message::new(Viewtype::Text);
-        msg.text = txt.to_string();
+        let mut msg = Message::new_text(txt.to_string());
         self.send_msg(chat_id, &mut msg).await
     }
 

src/tests/aeap.rs

@@ -1,15 +1,13 @@
-#![allow(clippy::indexing_slicing)]
-
 use anyhow::Result;
 
-use crate::chat;
-use crate::chat::ChatId;
+use crate::chat::{self, CantSendReason, Chat, ChatId, ProtectionStatus};
 use crate::contact;
 use crate::contact::Contact;
 use crate::contact::ContactId;
 use crate::message::Message;
 use crate::peerstate::Peerstate;
 use crate::receive_imf::receive_imf;
+use crate::securejoin::get_securejoin_qr;
 use crate::stock_str;
 use crate::test_utils::mark_as_verified;
 use crate::test_utils::TestContext;
@@ -396,3 +394,45 @@ async fn test_aeap_replay_attack() -> Result<()> {
 
     Ok(())
 }
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_write_to_alice_after_aeap() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+    let alice_grp_id = chat::create_group_chat(alice, ProtectionStatus::Protected, "Group").await?;
+    let qr = get_securejoin_qr(alice, Some(alice_grp_id)).await?;
+    tcm.exec_securejoin_qr(bob, alice, &qr).await;
+    let bob_alice_contact = bob.add_or_lookup_contact(alice).await;
+    assert!(bob_alice_contact.is_verified(bob).await?);
+    let bob_alice_chat = bob.create_chat(alice).await;
+    assert!(bob_alice_chat.is_protected());
+    let bob_unprotected_grp_id = bob
+        .create_group_with_members(ProtectionStatus::Unprotected, "Group", &[alice])
+        .await;
+
+    tcm.change_addr(alice, "alice@someotherdomain.xyz").await;
+    let sent = alice.send_text(alice_grp_id, "Hello!").await;
+    bob.recv_msg(&sent).await;
+
+    assert!(!bob_alice_contact.is_verified(bob).await?);
+    let bob_alice_chat = Chat::load_from_db(bob, bob_alice_chat.id).await?;
+    assert!(bob_alice_chat.is_protected());
+    let mut msg = Message::new_text("hi".to_string());
+    assert!(chat::send_msg(bob, bob_alice_chat.id, &mut msg)
+        .await
+        .is_err());
+    assert!(!bob_alice_chat.can_send(bob).await?);
+    assert_eq!(
+        bob_alice_chat.why_cant_send(bob).await?,
+        Some(CantSendReason::NoForwardVerification)
+    );
+
+    // But encrypted communication is still possible in unprotected groups with old Alice.
+    let sent = bob
+        .send_text(bob_unprotected_grp_id, "Alice, how is your address change?")
+        .await;
+    let msg = Message::load_from_db(bob, sent.sender_msg_id).await?;
+    assert!(msg.get_showpadlock());
+    Ok(())
+}

src/tests/verified_chats.rs

@@ -6,7 +6,7 @@ use crate::chatlist::Chatlist;
 use crate::config::Config;
 use crate::constants::{Chattype, DC_GCL_FOR_FORWARDING};
 use crate::contact::{Contact, ContactId, Origin};
-use crate::message::{Message, Viewtype};
+use crate::message::Message;
 use crate::mimefactory::MimeFactory;
 use crate::mimeparser::SystemMessage;
 use crate::receive_imf::receive_imf;
@@ -297,6 +297,7 @@ async fn test_verified_oneonone_chat_enable_disable() -> Result<()> {
     assert!(chat.is_protected());
 
     for alice_accepts_breakage in [true, false] {
+        SystemTime::shift(std::time::Duration::from_secs(300));
         // Bob uses Thunderbird to send a message
         receive_imf(
             &alice,
@@ -715,8 +716,7 @@ async fn test_break_protection_then_verify_again() -> Result<()> {
         assert!(!alice_bob_chat.can_send(&alice).await?);
 
         // Alice's UI should still be able to save a draft, which Alice started to type right when she got Bob's message:
-        let mut msg = Message::new(Viewtype::Text);
-        msg.set_text("Draftttt".to_string());
+        let mut msg = Message::new_text("Draftttt".to_string());
         alice_bob_chat.id.set_draft(&alice, Some(&mut msg)).await?;
         assert_eq!(
             alice_bob_chat.id.get_draft(&alice).await?.unwrap().text,
@@ -760,10 +760,14 @@ async fn test_message_from_old_dc_setup() -> Result<()> {
     // The outdated Bob's Autocrypt header isn't applied, so the verification preserves.
     assert!(contact.is_verified(alice).await.unwrap());
     let chat = alice.get_chat(bob).await;
-    // But the chat protection is broken because the old message is sorted to the bottom as it
-    // mustn't be sorted over the protection info message (which is `InNoticed` moreover).
-    assert_eq!(chat.is_protected(), false);
-    assert_eq!(chat.is_protection_broken(), true);
+    assert!(chat.is_protected());
+    assert_eq!(chat.is_protection_broken(), false);
+    let protection_msg = alice.get_last_msg().await;
+    assert_eq!(
+        protection_msg.param.get_cmd(),
+        SystemMessage::ChatProtectionEnabled
+    );
+    assert!(protection_msg.timestamp_sort >= msg.timestamp_rcvd);
     alice
         .golden_test_chat(msg.chat_id, "verified_chats_message_from_old_dc_setup")
         .await;