Add option to force encryption#8220
Open
link2xt wants to merge 4 commits into
Open
Conversation
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
8 times, most recently
from
8914248 to
f1652d4
Compare
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
4 times, most recently
from
bb4bde4 to
b47d145
Compare
link2xt
changed the title
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
from
b47d145 to
c67dc51
Compare
adbenitez
approved these changes
May 13, 2026
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
3 times, most recently
from
15d971f to
a1137cb
Compare
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
3 times, most recently
from
a412867 to
5836a72
Compare
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
2 times, most recently
from
098f508 to
cb8ffb6
Compare
link2xt
force-pushed
the
link2xt/remove-timesmearing
branch
from
2b97913 to
5e61bba
Compare
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
6 times, most recently
from
ec863ca to
ae4c3f3
Compare
link2xt
commented
May 15, 2026
hpk42
reviewed
May 15, 2026
hpk42
reviewed
May 15, 2026
hpk42
reviewed
May 18, 2026
hpk42
reviewed
May 18, 2026
iequidoo
reviewed
May 18, 2026
| let encrypted_message = test_utils::encrypt_raw_message( | ||
| bob, | ||
| &[alice], | ||
| b"From: bob@example.net\r\n\ |
Collaborator
There was a problem hiding this comment.
Maybe replace "\n" with "\r\n" in encrypt_raw_message() before encryption, or do we sometimes need just "\n"?
iequidoo
approved these changes
May 19, 2026
|
|
||
| let now = tools::time(); | ||
| let max_unencrypted_timestamp = std::cmp::max(max_unencrypted_timestamp, max_mailing_list_timestamp); | ||
| if max_unencrypted_timestamp.saturating_add(3600 * 24 * 90) > now { |
Collaborator
There was a problem hiding this comment.
delete_device_after affects this if it's set to <= 5 weeks. It may even be disabled, but set right before, we can't know that. Just disabling force_encryption for existing users is probably not what we want however. Maybe it makes sense to also check if there are any messages older than 90 days at all, not sure.
| assert!(chat::send_msg(alice, chat.id, &mut msg).await.is_err()); | ||
| assert_eq!( | ||
| msg.error().unwrap(), | ||
| "\u{26a0}\u{fe0f} Your email provider example.org requires end-to-end encryption which is not setup yet." |
Collaborator
There was a problem hiding this comment.
"Your server" or "Your relay" may be better these days, may be reworded in another PR
Collaborator
Author
There was a problem hiding this comment.
This is a fallback wording, it is replaced by the UIs even for English version. Can be tweaked, but the user never sees this.
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
from
4747fa7 to
65ed62a
Compare
This change is a preparation for ignoring unencrypted messages by default. New test_utils::encrypt_raw_message and test_utils::receive_encrypted_imf are used to encrypt the messages before "receiving" them with receive_imf.
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
from
65ed62a to
4046ca5
Compare
link2xt
force-pushed
the
link2xt/process-unencrypted
branch
from
4046ca5 to
a9aa493
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #7494
There is a new
force_encryptionconfig which is enabled by default. For users with recently active unencrypted chats it is disabled in a migration. Enabling it prevents both sending and receiving unencrypted messages, so when sending to unencrypted chats we will no longer send unencrypted message to a chatmail relay for it to be rejected, but fail locally.There are many changes to tests because we had a lot of tests using unencrypted chats, I have put them into separate commits.
The setting is not per-relay as there have been more discussion after the comments below. UIs will put the setting somewhere deeper than "Advanced" likely inside the "Relays" configuration but not in the individual relay settings.