Fix build error

Move to gradle kotlin DSL
Use gradle version catalog
All android build parameters are set via cmake files
Use gradle abi split to build APKs
Improve local development in the android project folder

.gitattributes

@@ -3,3 +3,4 @@ deploy/data/windows/x64/tap/windows_10/OemVista.inf eol=crlf
 deploy/data/windows/x32/tap/windows_7/OemVista.inf eol=crlf
 deploy/data/windows/x32/tap/windows_10/OemVista.inf eol=crlf
 client/3rd/* linguist-vendored
+client/android/gradlew.bat eol=crlf

.github/workflows/deploy.yml

@@ -273,21 +273,10 @@ jobs:
     name: 'Build-Android'
     runs-on: ubuntu-latest
 
-    strategy:
-      matrix:
-        include:
-        - abi: 'x86_64'
-          qt_arch: 'android_x86_64'
-        - abi: 'x86'
-          qt_arch: 'android_x86'
-        - abi: 'armeabi-v7a'
-          qt_arch: 'android_armv7'
-        - abi: 'arm64-v8a'
-          qt_arch: 'android_arm64_v8a'
-
     env:
-      QT_VERSION: 6.5.2
-      ANDROID_BUILD_PLATFORM: android-33
+      ANDROID_BUILD_PLATFORM: android-34
+      QT_VERSION: 6.5.3
+      QT_MODULES: 'qtremoteobjects qt5compat qtimageformats qtshadertools'
 
     steps:
     - name: 'Install desktop Qt'
@@ -297,29 +286,58 @@ jobs:
         host: 'linux'
         target: 'desktop'
         arch: 'gcc_64'
-        modules: 'qtremoteobjects qt5compat qtimageformats qtshadertools'
+        modules: ${{ env.QT_MODULES }}
         dir: ${{ runner.temp }}
-        setup-python: 'true'
-        set-env: 'true'
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
-    - name: 'Install android Qt'
+    - name: 'Install android_x86_64 Qt'
       uses: jurplel/install-qt-action@v3
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
         target: 'android'
-        arch: ${{ matrix.qt_arch }}
-        modules: 'qtremoteobjects qt5compat qtimageformats qtshadertools'
+        arch: 'android_x86_64'
+        modules: ${{ env.QT_MODULES }}
+        dir: ${{ runner.temp }}
+        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
+
+    - name: 'Install android_x86 Qt'
+      uses: jurplel/install-qt-action@v3
+      with:
+        version: ${{ env.QT_VERSION }}
+        host: 'linux'
+        target: 'android'
+        arch: 'android_x86'
+        modules: ${{ env.QT_MODULES }}
+        dir: ${{ runner.temp }}
+        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
+
+    - name: 'Install android_armv7 Qt'
+      uses: jurplel/install-qt-action@v3
+      with:
+        version: ${{ env.QT_VERSION }}
+        host: 'linux'
+        target: 'android'
+        arch: 'android_armv7'
+        modules: ${{ env.QT_MODULES }}
+        dir: ${{ runner.temp }}
+        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
+
+    - name: 'Install android_arm64_v8a Qt'
+      uses: jurplel/install-qt-action@v3
+      with:
+        version: ${{ env.QT_VERSION }}
+        host: 'linux'
+        target: 'android'
+        arch: 'android_arm64_v8a'
+        modules: ${{ env.QT_MODULES }}
         dir: ${{ runner.temp }}
-        setup-python: 'true'
-        set-env: 'true'
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Grant execute permission for qt-cmake'
       shell: bash
       run: |
-        chmod +x ${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/${{ matrix.qt_arch }}/bin/qt-cmake
+        chmod +x ${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/android_x86_64/bin/qt-cmake
 
     - name: 'Get sources'
       uses: actions/checkout@v3
@@ -333,15 +351,14 @@ jobs:
       uses: actions/setup-java@v3
       with:
         distribution: 'temurin'
-        java-version: '11'
+        java-version: '17'
         cache: 'gradle'
 
     - name: 'Setup Android NDK'
       id: setup-ndk
       uses: nttld/setup-ndk@v1
       with:
-        ndk-version: 'r25c'
-        local-cache: 'true'
+        ndk-version: 'r26b'
 
     - name: 'Decode keystore secret to file'
       env:
@@ -354,16 +371,36 @@ jobs:
       env:
         ANDROID_NDK_ROOT: ${{ steps.setup-ndk.outputs.ndk-path }}
         QT_HOST_PATH: ${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/gcc_64
-        QT_ANDROID_KEYSTORE_PATH: ${{ github.workspace }}/android.keystore
-        QT_ANDROID_KEYSTORE_ALIAS: ${{ secrets.ANDROID_RELEASE_KEYSTORE_KEY_ALIAS }}
-        QT_ANDROID_KEYSTORE_STORE_PASS: ${{ secrets.ANDROID_RELEASE_KEYSTORE_KEY_PASS }}
-        QT_ANDROID_KEYSTORE_KEY_PASS: ${{ secrets.ANDROID_RELEASE_KEYSTORE_KEY_PASS }}
+        ANDROID_KEYSTORE_PATH: ${{ github.workspace }}/android.keystore
+        ANDROID_KEYSTORE_KEY_ALIAS: ${{ secrets.ANDROID_RELEASE_KEYSTORE_KEY_ALIAS }}
+        ANDROID_KEYSTORE_KEY_PASS: ${{ secrets.ANDROID_RELEASE_KEYSTORE_KEY_PASS }}
       shell: bash
-      run: ./deploy/build_android.sh --apk ${{ matrix.abi }} --platform ${{ env.ANDROID_BUILD_PLATFORM }}
+      run: ./deploy/build_android.sh --apk all --build-platform ${{ env.ANDROID_BUILD_PLATFORM }}
 
-    - name: 'Upload apk'
+    - name: 'Upload x86_64 apk'
       uses: actions/upload-artifact@v3
       with:
-        name: AmneziaVPN-android-${{ matrix.abi }}
-        path: deploy/build/AmneziaVPN-${{ matrix.abi }}-release-signed.apk
+        name: AmneziaVPN-android-x86_64
+        path: deploy/build/AmneziaVPN-x86_64-release.apk
+        retention-days: 7
+
+    - name: 'Upload x86 apk'
+      uses: actions/upload-artifact@v3
+      with:
+        name: AmneziaVPN-android-x86
+        path: deploy/build/AmneziaVPN-x86-release.apk
+        retention-days: 7
+
+    - name: 'Upload arm64-v8a apk'
+      uses: actions/upload-artifact@v3
+      with:
+        name: AmneziaVPN-android-arm64-v8a
+        path: deploy/build/AmneziaVPN-arm64-v8a-release.apk
+        retention-days: 7
+
+    - name: 'Upload armeabi-v7a apk'
+      uses: actions/upload-artifact@v3
+      with:
+        name: AmneziaVPN-android-armeabi-v7a
+        path: deploy/build/AmneziaVPN-armeabi-v7a-release.apk
         retention-days: 7

CMakeLists.txt

@@ -11,6 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
 set(RELEASE_DATE "${CURRENT_DATE}")
 
 set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
+set(APP_ANDROID_VERSION_CODE 39)
 
 if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
     set(MZ_PLATFORM_NAME "linux")

client/amnezia_application.cpp

@@ -279,7 +279,7 @@ void AmneziaApplication::initModels()
 {
     m_containersModel.reset(new ContainersModel(m_settings, this));
     m_engine->rootContext()->setContextProperty("ContainersModel", m_containersModel.get());
-    connect(m_configurator.get(), &VpnConfigurator::newVpnConfigCreated, m_containersModel.get(),
+    connect(m_vpnConnection.get(), &VpnConnection::newVpnConfigurationCreated, m_containersModel.get(),
             &ContainersModel::updateContainersConfig);
 
     m_serversModel.reset(new ServersModel(m_settings, this));
@@ -324,11 +324,6 @@ void AmneziaApplication::initModels()
 
     m_sftpConfigModel.reset(new SftpConfigModel(this));
     m_engine->rootContext()->setContextProperty("SftpConfigModel", m_sftpConfigModel.get());
-
-    m_clientManagementModel.reset(new ClientManagementModel(m_settings, this));
-    m_engine->rootContext()->setContextProperty("ClientManagementModel", m_clientManagementModel.get());
-    connect(m_configurator.get(), &VpnConfigurator::newVpnConfigCreated, m_clientManagementModel.get(),
-            &ClientManagementModel::appendClient);
 }
 
 void AmneziaApplication::initControllers()
@@ -354,12 +349,12 @@ void AmneziaApplication::initControllers()
     m_importController.reset(new ImportController(m_serversModel, m_containersModel, m_settings));
     m_engine->rootContext()->setContextProperty("ImportController", m_importController.get());
 
-    m_exportController.reset(new ExportController(m_serversModel, m_containersModel, m_clientManagementModel, m_settings, m_configurator));
+    m_exportController.reset(new ExportController(m_serversModel, m_containersModel, m_settings, m_configurator));
     m_engine->rootContext()->setContextProperty("ExportController", m_exportController.get());
 
     m_settingsController.reset(new SettingsController(m_serversModel, m_containersModel, m_languageModel, m_settings));
     m_engine->rootContext()->setContextProperty("SettingsController", m_settingsController.get());
-    if (m_settingsController->isAutoConnectEnabled() && m_serversModel->getDefaultServerIndex() >= 0) {
+    if (m_settingsController->isAutoStartEnabled() && m_serversModel->getDefaultServerIndex() >= 0) {
         QTimer::singleShot(1000, this, [this]() { m_connectionController->openConnection(); });
     }
 

client/amnezia_application.h

@@ -39,7 +39,6 @@
 #include "ui/models/servers_model.h"
 #include "ui/models/services/sftpConfigModel.h"
 #include "ui/models/sites_model.h"
-#include "ui/models/clientManagementModel.h"
 
 #define amnApp (static_cast<AmneziaApplication *>(QCoreApplication::instance()))
 
@@ -95,7 +94,6 @@ private:
     QSharedPointer<LanguageModel> m_languageModel;
     QSharedPointer<ProtocolsModel> m_protocolsModel;
     QSharedPointer<SitesModel> m_sitesModel;
-    QSharedPointer<ClientManagementModel> m_clientManagementModel;
 
     QScopedPointer<OpenVpnConfigModel> m_openVpnConfigModel;
     QScopedPointer<ShadowSocksConfigModel> m_shadowSocksConfigModel;

client/android/AndroidManifest.xml

@@ -1,60 +1,52 @@
 <?xml version="1.0"?>
-<manifest
+<!-- Leave package attribute for androiddeployqt -->
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
     package="org.amnezia.vpn"
-    xmlns:android="http://schemas.android.com/apk/res/android"
     android:versionName="-- %%INSERT_VERSION_NAME%% --"
     android:versionCode="-- %%INSERT_VERSION_CODE%% --"
     android:installLocation="auto">
 
-   <uses-permission android:name="android.permission.INTERNET"/>
-   <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
-   <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
-   <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>
-   <uses-permission android:name="android.permission.FOREGROUND_SERVICE"/>
-   <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
-   <uses-permission android:name="android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE" /> 
+    <uses-feature android:name="android.hardware.camera" android:required="false" />
+    <uses-feature android:name="android.hardware.camera.any" android:required="false" />
+    <uses-feature android:name="android.hardware.camera.autofocus" android:required="false" />
 
-   <!-- Enable when VPN-per-app mode will be implemented -->
-   <!-- <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"/> -->
-   <uses-permission android:name="android.permission.CAMERA"/>
-
-    <!-- The following comment will be replaced upon deployment with default features based on the dependencies of the application.
-         Remove the comment if you do not require these default features. -->
+    <!-- The following comment will be replaced upon deployment with default features based on the dependencies
+    of the application. Remove the comment if you do not require these default features. -->
     <!-- %%INSERT_FEATURES -->
 
-    <supports-screens
-        android:largeScreens="true"
-        android:normalScreens="true"
-        android:anyDensity="true"
-        android:smallScreens="true"/>
+    <uses-permission android:name="android.permission.INTERNET" />
+    <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
+    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
+    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
+    <uses-permission android:name="android.permission.CAMERA" />
+    <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
+    <uses-permission android:name="android.permission.FOREGROUND_SERVICE_SPECIAL_USE" />
+    <uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
+    <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
+
+    <!-- Enable when VPN-per-app mode will be implemented -->
+    <!-- <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"/> -->
 
     <application
         android:name=".qt.AmneziaApp"
-        android:hardwareAccelerated="true"
         android:label="-- %%INSERT_APP_NAME%% --"
-        android:extractNativeLibs="true"
-        android:requestLegacyExternalStorage="true"
         android:allowNativeHeapPointerTagging="false"
-        android:theme="@style/Theme.AppCompat.NoActionBar"
         android:icon="@drawable/icon"
-        android:roundIcon="@drawable/icon_round">
-        
+        android:roundIcon="@drawable/icon_round"
+        android:theme="@style/Theme.AppCompat.NoActionBar">
+
         <activity
-            android:configChanges="orientation|uiMode|screenLayout|screenSize|smallestScreenSize|layoutDirection|locale|fontScale|keyboard|keyboardHidden|navigation|mcc|mnc|density"
             android:name=".qt.VPNActivity"
-            android:label="-- %%INSERT_APP_NAME%% --"
-            android:screenOrientation="unspecified"
+            android:configChanges="uiMode|screenSize|smallestScreenSize|screenLayout|orientation|density
+                |fontScale|layoutDirection|locale|keyboard|keyboardHidden|navigation|mcc|mnc"
             android:launchMode="singleInstance"
-            android:windowSoftInputMode="adjustResize"
             android:exported="true">
-    
-<!--            android:theme="@style/splashScreenTheme"-->
-            
+
             <intent-filter>
-                <action android:name="android.intent.action.MAIN"/>
-                <category android:name="android.intent.category.LAUNCHER"/>
+                <action android:name="android.intent.action.MAIN" />
+                <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
-    
+
             <intent-filter>
                 <action android:name="org.amnezia.vpn.qt.IMPORT_CONFIG" />
                 <category android:name="android.intent.category.DEFAULT" />
@@ -62,73 +54,70 @@
 
             <meta-data
                 android:name="android.app.lib_name"
-                android:value="-- %%INSERT_APP_LIB_NAME%% --"/>
-            
+                android:value="-- %%INSERT_APP_LIB_NAME%% --" />
+
             <meta-data
                 android:name="android.app.extract_android_style"
                 android:value="minimal" />
-            
-            <meta-data
-                android:name="android.app.background_running"
-                android:value="false"/>
-            
-            <meta-data
-                android:name="android.app.arguments"
-                android:value="-- %%INSERT_APP_ARGUMENTS%% --" />
-
         </activity>
-    
+
         <activity
             android:name=".qt.CameraActivity"
             android:exported="false" />
-    
+
         <activity
             android:name=".qt.ImportConfigActivity"
-            android:exported="true" >
-    
+            android:exported="true">
+
             <intent-filter android:label="AmneziaVPN">
-                <action android:name="android.intent.action.SEND"/>
-                <action android:name="android.intent.action.VIEW"/>
-                <category android:name="android.intent.category.DEFAULT"/>
-                <data android:scheme="file"/>
-                <data android:scheme="content"/>
-                <data android:mimeType="*/*"/>
-                <data android:host="*"/>
-                <data android:pathPattern=".*\\.vpn"/>
-                <data android:pathPattern=".*\\..*\\.vpn"/>
-                <data android:pathPattern=".*\\..*\\..*\\.vpn"/>
-                <data android:pathPattern=".*\\..*\\..*\\..*\\.vpn"/>
-                <data android:pathPattern=".*\\..*\\..*\\..*\\..*\\.vpn"/>
+                <action android:name="android.intent.action.SEND" />
+                <action android:name="android.intent.action.VIEW" />
+
+                <category android:name="android.intent.category.DEFAULT" />
+
+                <data android:scheme="file" />
+                <data android:scheme="content" />
+                <data android:mimeType="*/*" />
+                <data android:host="*" />
+                <data android:pathPattern=".*\\.vpn" />
+                <data android:pathPattern=".*\\..*\\.vpn" />
+                <data android:pathPattern=".*\\..*\\..*\\.vpn" />
+                <data android:pathPattern=".*\\..*\\..*\\..*\\.vpn" />
+                <data android:pathPattern=".*\\..*\\..*\\..*\\..*\\.vpn" />
             </intent-filter>
-        
+
             <intent-filter android:label="AmneziaVPN">
-                <action android:name="android.intent.action.SEND"/>
-                <action android:name="android.intent.action.VIEW"/>
-                <category android:name="android.intent.category.DEFAULT"/>
-                <data android:scheme="file"/>
-                <data android:scheme="content"/>
-                <data android:mimeType="*/*"/>
-                <data android:host="*"/>
-                <data android:pathPattern=".*\\.cfg"/>
-                <data android:pathPattern=".*\\..*\\.cfg"/>
-                <data android:pathPattern=".*\\..*\\..*\\.cfg"/>
-                <data android:pathPattern=".*\\..*\\..*\\..*\\.cfg"/>
-                <data android:pathPattern=".*\\..*\\..*\\..*\\..*\\.cfg"/>
+                <action android:name="android.intent.action.SEND" />
+                <action android:name="android.intent.action.VIEW" />
+
+                <category android:name="android.intent.category.DEFAULT" />
+
+                <data android:scheme="file" />
+                <data android:scheme="content" />
+                <data android:mimeType="*/*" />
+                <data android:host="*" />
+                <data android:pathPattern=".*\\.cfg" />
+                <data android:pathPattern=".*\\..*\\.cfg" />
+                <data android:pathPattern=".*\\..*\\..*\\.cfg" />
+                <data android:pathPattern=".*\\..*\\..*\\..*\\.cfg" />
+                <data android:pathPattern=".*\\..*\\..*\\..*\\..*\\.cfg" />
             </intent-filter>
-        
+
             <intent-filter android:label="AmneziaVPN">
-                <action android:name="android.intent.action.SEND"/>
-                <action android:name="android.intent.action.VIEW"/>
-                <category android:name="android.intent.category.DEFAULT"/>
-                <data android:scheme="file"/>
-                <data android:scheme="content"/>
-                <data android:mimeType="*/*"/>
-                <data android:host="*"/>
-                <data android:pathPattern=".*\\.conf"/>
-                <data android:pathPattern=".*\\..*\\.conf"/>
-                <data android:pathPattern=".*\\..*\\..*\\.conf"/>
-                <data android:pathPattern=".*\\..*\\..*\\..*\\.conf"/>
-                <data android:pathPattern=".*\\..*\\..*\\..*\\..*\\.conf"/>
+                <action android:name="android.intent.action.SEND" />
+                <action android:name="android.intent.action.VIEW" />
+
+                <category android:name="android.intent.category.DEFAULT" />
+
+                <data android:scheme="file" />
+                <data android:scheme="content" />
+                <data android:mimeType="*/*" />
+                <data android:host="*" />
+                <data android:pathPattern=".*\\.conf" />
+                <data android:pathPattern=".*\\..*\\.conf" />
+                <data android:pathPattern=".*\\..*\\..*\\.conf" />
+                <data android:pathPattern=".*\\..*\\..*\\..*\\.conf" />
+                <data android:pathPattern=".*\\..*\\..*\\..*\\..*\\.conf" />
             </intent-filter>
         </activity>
 
@@ -136,30 +125,32 @@
             android:name=".VPNService"
             android:process=":QtOnlyProcess"
             android:permission="android.permission.BIND_VPN_SERVICE"
-            android:foregroundServiceType="connectedDevice"
+            android:foregroundServiceType="specialUse"
             android:exported="true">
-                <meta-data android:name="android.app.lib_name" android:value="-- %%INSERT_APP_LIB_NAME%% --"/>
-    
-                <intent-filter>
-                    <action android:name="android.net.VpnService"/>
-                </intent-filter>
+
+            <intent-filter>
+                <action android:name="android.net.VpnService" />
+            </intent-filter>
+
+            <property android:name="android.app.PROPERTY_SPECIAL_USE_FGS_SUBTYPE" android:value="vpn" />
         </service>
-        
+
         <service
             android:name=".qt.VPNPermissionHelper"
             android:permission="android.permission.BIND_VPN_SERVICE"
-            android:foregroundServiceType="connectedDevice"
+            android:foregroundServiceType="specialUse"
             android:exported="true">
-                <meta-data android:name="android.app.lib_name" android:value="-- %%INSERT_APP_LIB_NAME%% --"/>
+
+            <property android:name="android.app.PROPERTY_SPECIAL_USE_FGS_SUBTYPE" android:value="vpn" />
         </service>
-        
+
         <!-- For adding service(s) please check: https://wiki.qt.io/AndroidServices -->
         <provider
             android:name="androidx.core.content.FileProvider"
             android:authorities="org.amnezia.vpn.fileprovider"
             android:exported="false"
             android:grantUriPermissions="true">
-                <meta-data android:name="android.support.FILE_PROVIDER_PATHS" android:resource="@xml/fileprovider"/>
+            <meta-data android:name="android.support.FILE_PROVIDER_PATHS" android:resource="@xml/fileprovider" />
         </provider>
     </application>
 

client/android/build.gradle

@@ -1,153 +1,5 @@
-apply plugin: 'com.github.ben-manes.versions'
-
-buildscript {
-   ext{
-       kotlin_version = "1.7.22"
-       //  for libwg
-       appcompatVersion = '1.1.0'
-       annotationsVersion = '1.0.1'
-       databindingVersion = '3.3.1'
-       jsr305Version = '3.0.2'
-       streamsupportVersion = '1.7.0'
-       threetenabpVersion = '1.1.1'
-       groupName = 'org.amnezia.vpn'
-       minSdkVer = '24'
-       cmakeMinVersion = "3.25.0+"
-   }
-
-    repositories {
-        google()
-        jcenter()
-        mavenCentral()
-        maven { url = uri("https://jitpack.io") }
-    }
-
-    dependencies {
-        classpath 'com.android.tools.build:gradle:7.2.1'
-        classpath 'com.github.ben-manes:gradle-versions-plugin:0.21.0'
-        classpath 'com.vanniktech:gradle-maven-publish-plugin:0.8.0'
-        classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlin_version"
-        classpath "org.jetbrains.kotlin:kotlin-serialization:$kotlin_version"
-    }
-}
-
-apply plugin: 'com.android.application'
-apply plugin: 'kotlin-android'
-apply plugin: 'kotlin-android-extensions'
-apply plugin: 'kotlinx-serialization'
-apply plugin: 'kotlin-kapt'
-
-dependencies {
-    implementation fileTree(dir: 'libs', include: ['*.jar', '*.aar'])
-    implementation group: 'org.json', name: 'json', version: '20220924'
-    implementation 'androidx.core:core-ktx:1.7.0'
-    implementation 'androidx.appcompat:appcompat:1.4.1'
-
-    implementation "androidx.security:security-crypto:1.1.0-alpha03"
-    implementation "androidx.security:security-identity-credential:1.0.0-alpha02"
-
-    implementation "org.jetbrains.kotlinx:kotlinx-serialization-json:1.2.2"
-    implementation "org.jetbrains.kotlinx:kotlinx-coroutines-android:1.3.0"
-    implementation "org.jetbrains.kotlinx:kotlinx-coroutines-core:1.3.0"
-
-    coreLibraryDesugaring "com.android.tools:desugar_jdk_libs:1.1.5"
-
-    implementation project(path: ':shadowsocks')
-
-    // CameraX core library using the camera2 implementation
-    def camerax_version = "1.2.1"
-    implementation("androidx.camera:camera-core:${camerax_version}")
-    implementation("androidx.camera:camera-camera2:${camerax_version}")
-    implementation("androidx.camera:camera-lifecycle:${camerax_version}")
-    implementation("androidx.camera:camera-view:${camerax_version}")
-    implementation("androidx.camera:camera-extensions:${camerax_version}")
-
-    def camerax_ml_version = "1.2.0-beta02"
-    def ml_kit_version = "17.0.3"
-    implementation("androidx.camera:camera-mlkit-vision:${camerax_ml_version}")
-    implementation("com.google.mlkit:barcode-scanning:${ml_kit_version}")
-}
-
-androidExtensions {
-    experimental = true
-}
-
-android {
-    /*******************************************************
-     * The following variables:
-     * - androidBuildToolsVersion,
-     * - androidCompileSdkVersion
-     * - qtAndroidDir - holds the path to qt android files
-     *                   needed to build any Qt application
-     *                   on Android.
-     *
-     * are defined in gradle.properties file. This file is
-     * updated by QtCreator and androiddeployqt tools.
-     * Changing them manually might break the compilation!
-     *******************************************************/
-
-    compileSdkVersion androidCompileSdkVersion.toInteger()
-
-    buildToolsVersion androidBuildToolsVersion
-    ndkVersion androidNdkVersion
-
-    // Extract native libraries from the APK
-    packagingOptions.jniLibs.useLegacyPackaging true
-
-    dexOptions {
-       javaMaxHeapSize "3g"
-    }
-
-    sourceSets {
-        main {
-            manifest.srcFile 'AndroidManifest.xml'
-            java.srcDirs = [qtAndroidDir + '/src', 'src', 'java']
-            aidl.srcDirs = [qtAndroidDir + '/src', 'src', 'aidl']
-            res.srcDirs = [qtAndroidDir + '/res', 'res']
-            resources.srcDirs = ['resources']
-            renderscript.srcDirs = ['src']
-            assets.srcDirs = ['assets']
-            jniLibs.srcDirs = ['libs']
-            androidTest.assets.srcDirs += files("${qtAndroidDir}/schemas".toString())
-       }
-    }
-
-    tasks.withType(JavaCompile) {
-        options.incremental = true
-    }
-
-    compileOptions {
-        // Flag to enable support for the new language APIs
-        coreLibraryDesugaringEnabled true
-
-        sourceCompatibility JavaVersion.VERSION_1_8
-        targetCompatibility JavaVersion.VERSION_1_8
-    }
-    kotlinOptions.jvmTarget = JavaVersion.VERSION_1_8
-
-    lintOptions {
-        abortOnError false
-    }
-
-    // Do not compress Qt binary resources file
-    aaptOptions {
-        noCompress 'rcc'
-    }
-
-    defaultConfig {
-        resConfig "en"
-        minSdkVersion = 24
-        targetSdkVersion = 34
-        versionCode 39 // Change to a higher number
-        versionName "4.1.0" // Change to a higher number
-
-        javaCompileOptions.annotationProcessorOptions.arguments = [
-            "room.schemaLocation": "${qtAndroidDir}/schemas".toString()
-        ]
-    }
-
-
-}
-
-
+// dummy file for androiddeployqt
 
+// android.bundle.enableUncompressedNativeLibs is deprecated
+// disable adding gradle property android.bundle.enableUncompressedNativeLibs by androiddeployqt
+useLegacyPackaging

client/android/build.gradle.kts

@@ -0,0 +1,92 @@
+plugins {
+    alias(libs.plugins.android.application)
+    alias(libs.plugins.kotlin.android)
+    id("property-delegate")
+}
+
+kotlin {
+    jvmToolchain(17)
+}
+
+// get values from gradle or local properties
+val qtTargetSdkVersion: String by gradleProperties
+val qtTargetAbiList: String by gradleProperties
+val qtAndroidDir: String by gradleProperties
+
+android {
+    namespace = "org.amnezia.vpn"
+
+    buildFeatures {
+        buildConfig = true
+        viewBinding = true
+    }
+
+    androidResources {
+        // don't compress Qt binary resources file
+        noCompress += "rcc"
+    }
+
+    packaging {
+        // compress .so binary libraries
+        jniLibs.useLegacyPackaging = true
+    }
+
+    defaultConfig {
+        applicationId = "org.amnezia.vpn"
+        targetSdk = qtTargetSdkVersion.toInt()
+
+        // keeps language resources for only the locales specified below
+        resourceConfigurations += listOf("en", "ru", "b+zh+Hans")
+    }
+
+    sourceSets {
+        getByName("main") {
+            manifest.srcFile("AndroidManifest.xml")
+            java.setSrcDirs(listOf("$qtAndroidDir/src", "src"))
+            res.setSrcDirs(listOf("$qtAndroidDir/res", "res"))
+            assets.setSrcDirs(listOf("assets"))
+            jniLibs.setSrcDirs(listOf("libs"))
+        }
+    }
+
+    signingConfigs {
+        register("release") {
+            storeFile = providers.environmentVariable("ANDROID_KEYSTORE_PATH").orNull?.let { file(it) }
+            storePassword = providers.environmentVariable("ANDROID_KEYSTORE_KEY_PASS").orNull
+            keyAlias = providers.environmentVariable("ANDROID_KEYSTORE_KEY_ALIAS").orNull
+            keyPassword = providers.environmentVariable("ANDROID_KEYSTORE_KEY_PASS").orNull
+        }
+    }
+
+    buildTypes {
+        release {
+            // exclude coroutine debug resource from release build
+            packaging {
+                resources.excludes += "DebugProbesKt.bin"
+            }
+            signingConfig = signingConfigs["release"]
+        }
+    }
+
+    splits {
+        abi {
+            isEnable = true
+            reset()
+            include(*qtTargetAbiList.split(',').toTypedArray())
+            isUniversalApk = false
+        }
+    }
+}
+
+dependencies {
+    implementation(fileTree(mapOf("dir" to "libs", "include" to listOf("*.jar", "*.aar"))))
+    implementation(libs.androidx.core)
+    implementation(libs.androidx.appcompat)
+    implementation(libs.androidx.security.crypto)
+    implementation(libs.kotlinx.coroutines)
+    implementation(libs.bundles.androidx.camera)
+    implementation(libs.google.mlkit)
+    implementation(project(":shadowsocks"))
+    // todo: remove after finish refactoring
+    implementation(libs.androidx.constraintlayout)
+}

client/android/gradle.properties

@@ -1,27 +1,46 @@
-# Project-wide Gradle settings.
-# For more details on how to configure your build environment visit
-# http://www.gradle.org/docs/current/userguide/build_environment.html
-# Specifies the JVM arguments used for the daemon process.
-# The setting is particularly useful for tweaking memory settings.
-org.gradle.jvmargs=-Xmx1536m
-
-# Gradle caching allows reusing the build artifacts from a previous
-# build with the same inputs. However, over time, the cache size will
-# grow. Uncomment the following line to enable it.
-#org.gradle.caching=true
+# Specifies the JVM arguments used for the daemon process
+org.gradle.jvmargs=-Xms512m -Xmx4g -XX:+UseParallelGC -XX:MaxMetaspaceSize=768m -XX:+HeapDumpOnOutOfMemoryError \
+  -Dfile.encoding=UTF-8
+org.gradle.caching=true
+org.gradle.parallel=true
+org.gradle.configureondemand=true
 
+# Use AndroidX library instead of a Support Library
 android.useAndroidX=true
-# Automatically convert third-party libraries to use AndroidX
-android.enableJetifier=true
+# Disable adding android:testOnly attribute to the manifest
+android.injected.testOnly=false
 # Kotlin code style for this project: "official" or "obsolete":
 kotlin.code.style=official
 
-android.bundle.enableUncompressedNativeLibs=false
-androidBuildToolsVersion=30.0.2
-androidCompileSdkVersion=30
-org.gradle.caching=true
-org.gradle.parallel=true
-android.enableJetifier=true
-android.injected.testOnly=false
-kapt.use.worker.api=false
-kapt.incremental.apt=false
+# Disable providing custom values to resources from buildscript by default
+android.defaults.buildfeatures.resvalues=false
+# Disable compileShaders tasks by default
+android.defaults.buildfeatures.shaders=false
+# Disable Android resource processing for libraries by default
+android.library.defaults.buildfeatures.androidresources=false
+
+# Qt variables
+# At build time androiddeployqt replaces these values with:
+# androidCompileSdkVersion - androiddeployqt --android-platform parameter
+# androidBuildToolsVersion - QT_ANDROID_SDK_BUILD_TOOLS_REVISION cmake target parameter
+# qtMinSdkVersion - QT_ANDROID_MIN_SDK_VERSION cmake target parameter
+# qtTargetSdkVersion - QT_ANDROID_TARGET_SDK_VERSION cmake target parameter
+# androidNdkVersion - version from ANDROID_NDK_ROOT environment variable
+# qtTargetAbiList - qt-cmake QT_ANDROID_ABIS parameter
+# qtAndroidDir - path to qt binding java source code
+# buildDir - hardcoded "build" value in androiddeployqt
+
+# For development copy and set local values for these parameters in local.properties
+#androidCompileSdkVersion=android-34
+#androidBuildToolsVersion=34.0.0
+#qtMinSdkVersion=24
+#qtTargetSdkVersion=34
+#androidNdkVersion=26.1.10909125
+#qtTargetAbiList=x86_64
+#qtAndroidDir=/QT_BASE/android_ABI/src/android/java
+#buildDir=build
+
+# Note about qtAndroidDir:
+# Some IDEs (for example, IntelliJ IDEA) may index all data from a common root of the project and qtAndroidDir.
+# Therefore, it's recommended to copy qt android files to a directory inside the project
+# and specify the path to that directory in qtAndroidDir.

client/android/gradle/libs.versions.toml

@@ -0,0 +1,35 @@
+[versions]
+agp = "8.1.3"
+kotlin = "1.9.20"
+androidx-core = "1.12.0"
+androidx-appcompat = "1.6.1"
+androidx-camera = "1.2.3"
+androidx-security-crypto = "1.1.0-alpha06"
+kotlinx-coroutines = "1.7.3"
+google-mlkit = "17.2.0"
+
+[libraries]
+androidx-core = { module = "androidx.core:core-ktx", version.ref = "androidx-core" }
+androidx-appcompat = { module = "androidx.appcompat:appcompat", version.ref = "androidx-appcompat" }
+androidx-camera-core = { module = "androidx.camera:camera-core", version.ref = "androidx-camera" }
+androidx-camera-camera2 = { module = "androidx.camera:camera-camera2", version.ref = "androidx-camera" }
+androidx-camera-lifecycle = { module = "androidx.camera:camera-lifecycle", version.ref = "androidx-camera" }
+androidx-camera-view = { module = "androidx.camera:camera-view", version.ref = "androidx-camera" }
+androidx-security-crypto = { module = "androidx.security:security-crypto-ktx", version.ref = "androidx-security-crypto" }
+kotlinx-coroutines = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-android", version.ref = "kotlinx-coroutines" }
+google-mlkit = { module = "com.google.mlkit:barcode-scanning", version.ref = "google-mlkit" }
+# todo: remove after finish refactoring
+androidx-constraintlayout = { group = "androidx.constraintlayout", name = "constraintlayout", version = "2.1.4" }
+
+[bundles]
+androidx-camera = [
+    "androidx-camera-core",
+    "androidx-camera-lifecycle",
+    "androidx-camera-view",
+    "androidx-camera-camera2"
+]
+
+[plugins]
+android-application = { id = "com.android.application", version.ref = "agp" }
+android-library = { id = "com.android.library", version.ref = "agp" }
+kotlin-android = { id = "org.jetbrains.kotlin.android", version.ref = "kotlin" }

client/android/gradle/plugins/build.gradle.kts

@@ -0,0 +1,25 @@
+plugins {
+    `kotlin-dsl`
+}
+
+repositories {
+    gradlePluginPortal()
+}
+
+kotlin {
+    jvmToolchain(17)
+}
+
+gradlePlugin {
+    plugins {
+        register("settingsGradlePropertyDelegate") {
+            id = "settings-property-delegate"
+            implementationClass = "SettingsPropertyDelegate"
+        }
+
+        register("projectGradlePropertyDelegate") {
+            id = "property-delegate"
+            implementationClass = "ProjectPropertyDelegate"
+        }
+    }
+}

client/android/gradle/plugins/src/main/kotlin/PropertyDelegate.kt

@@ -0,0 +1,49 @@
+import java.io.File
+import java.io.FileInputStream
+import java.io.InputStreamReader
+import java.util.Properties
+import kotlin.properties.ReadOnlyProperty
+import kotlin.reflect.KProperty
+import org.gradle.api.Plugin
+import org.gradle.api.Project
+import org.gradle.api.initialization.Settings
+import org.gradle.api.provider.ProviderFactory
+
+private fun localProperties(rootDir: File) = Properties().apply {
+    val localProperties = File(rootDir, "local.properties")
+    if (localProperties.isFile) {
+        InputStreamReader(FileInputStream(localProperties), Charsets.UTF_8).use {
+            load(it)
+        }
+    }
+}
+
+private class PropertyDelegate(
+    rootDir: File,
+    private val providers: ProviderFactory,
+    private val localProperties: Properties = localProperties(rootDir)
+) : ReadOnlyProperty<Any?, String> {
+    override fun getValue(thisRef: Any?, property: KProperty<*>): String =
+        providers.gradleProperty(property.name).orNull ?: localProperties.getProperty(property.name)
+}
+
+private lateinit var settingsPropertyDelegate: ReadOnlyProperty<Any?, String>
+private lateinit var projectPropertyDelegate: ReadOnlyProperty<Any?, String>
+
+class SettingsPropertyDelegate : Plugin<Settings> {
+    override fun apply(settings: Settings) {
+        settingsPropertyDelegate = PropertyDelegate(settings.rootDir, settings.providers)
+    }
+}
+
+class ProjectPropertyDelegate : Plugin<Project> {
+    override fun apply(project: Project) {
+        projectPropertyDelegate = PropertyDelegate(project.rootDir, project.providers)
+    }
+}
+
+val Settings.gradleProperties: ReadOnlyProperty<Any?, String>
+    get() = settingsPropertyDelegate
+
+val Project.gradleProperties: ReadOnlyProperty<Any?, String>
+    get() = projectPropertyDelegate

client/android/gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.3-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

client/android/gradlew

@@ -1,78 +1,127 @@
-#!/usr/bin/env sh
+#!/bin/sh
+
+#
+# Copyright © 2015-2021 the original authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
 
 ##############################################################################
-##
-##  Gradle start up script for UN*X
-##
+#
+#   Gradle start up script for POSIX generated by Gradle.
+#
+#   Important for running:
+#
+#   (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is
+#       noncompliant, but you have some other compliant shell such as ksh or
+#       bash, then to run this script, type that shell name before the whole
+#       command line, like:
+#
+#           ksh Gradle
+#
+#       Busybox and similar reduced shells will NOT work, because this script
+#       requires all of these POSIX shell features:
+#         * functions;
+#         * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
+#           «${var#prefix}», «${var%suffix}», and «$( cmd )»;
+#         * compound commands having a testable exit status, especially «case»;
+#         * various built-in commands including «command», «set», and «ulimit».
+#
+#   Important for patching:
+#
+#   (2) This script targets any POSIX shell, so it avoids extensions provided
+#       by Bash, Ksh, etc; in particular arrays are avoided.
+#
+#       The "traditional" practice of packing multiple parameters into a
+#       space-separated string is a well documented source of bugs and security
+#       problems, so this is (mostly) avoided, by progressively accumulating
+#       options in "$@", and eventually passing that to Java.
+#
+#       Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS,
+#       and GRADLE_OPTS) rely on word-splitting, this is performed explicitly;
+#       see the in-line comments for details.
+#
+#       There are tweaks for specific operating systems such as AIX, CygWin,
+#       Darwin, MinGW, and NonStop.
+#
+#   (3) This script is generated from the Groovy template
+#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       within the Gradle project.
+#
+#       You can find Gradle at https://github.com/gradle/gradle/.
+#
 ##############################################################################
 
 # Attempt to set APP_HOME
+
 # Resolve links: $0 may be a link
-PRG="$0"
-# Need this for relative symlinks.
-while [ -h "$PRG" ] ; do
-    ls=`ls -ld "$PRG"`
-    link=`expr "$ls" : '.*-> \(.*\)$'`
-    if expr "$link" : '/.*' > /dev/null; then
-        PRG="$link"
-    else
-        PRG=`dirname "$PRG"`"/$link"
-    fi
+app_path=$0
+
+# Need this for daisy-chained symlinks.
+while
+    APP_HOME=${app_path%"${app_path##*/}"}  # leaves a trailing /; empty if no leading path
+    [ -h "$app_path" ]
+do
+    ls=$( ls -ld "$app_path" )
+    link=${ls#*' -> '}
+    case $link in             #(
+      /*)   app_path=$link ;; #(
+      *)    app_path=$APP_HOME$link ;;
+    esac
 done
-SAVED="`pwd`"
-cd "`dirname \"$PRG\"`/" >/dev/null
-APP_HOME="`pwd -P`"
-cd "$SAVED" >/dev/null
 
-APP_NAME="Gradle"
-APP_BASE_NAME=`basename "$0"`
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS=""
+# This is normally unused
+# shellcheck disable=SC2034
+APP_BASE_NAME=${0##*/}
+# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
+APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
-MAX_FD="maximum"
+MAX_FD=maximum
 
 warn () {
     echo "$*"
-}
+} >&2
 
 die () {
     echo
     echo "$*"
     echo
     exit 1
-}
+} >&2
 
 # OS specific support (must be 'true' or 'false').
 cygwin=false
 msys=false
 darwin=false
 nonstop=false
-case "`uname`" in
-  CYGWIN* )
-    cygwin=true
-    ;;
-  Darwin* )
-    darwin=true
-    ;;
-  MINGW* )
-    msys=true
-    ;;
-  NONSTOP* )
-    nonstop=true
-    ;;
+case "$( uname )" in                #(
+  CYGWIN* )         cygwin=true  ;; #(
+  Darwin* )         darwin=true  ;; #(
+  MSYS* | MINGW* )  msys=true    ;; #(
+  NONSTOP* )        nonstop=true ;;
 esac
 
 CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 
+
 # Determine the Java command to use to start the JVM.
 if [ -n "$JAVA_HOME" ] ; then
     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
         # IBM's JDK on AIX uses strange locations for the executables
-        JAVACMD="$JAVA_HOME/jre/sh/java"
+        JAVACMD=$JAVA_HOME/jre/sh/java
     else
-        JAVACMD="$JAVA_HOME/bin/java"
+        JAVACMD=$JAVA_HOME/bin/java
     fi
     if [ ! -x "$JAVACMD" ] ; then
         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
@@ -81,92 +130,120 @@ Please set the JAVA_HOME variable in your environment to match the
 location of your Java installation."
     fi
 else
-    JAVACMD="java"
-    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+    JAVACMD=java
+    if ! command -v java >/dev/null 2>&1
+    then
+        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
 
 Please set the JAVA_HOME variable in your environment to match the
 location of your Java installation."
+    fi
 fi
 
 # Increase the maximum file descriptors if we can.
-if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
-    MAX_FD_LIMIT=`ulimit -H -n`
-    if [ $? -eq 0 ] ; then
-        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
-            MAX_FD="$MAX_FD_LIMIT"
-        fi
-        ulimit -n $MAX_FD
-        if [ $? -ne 0 ] ; then
-            warn "Could not set maximum file descriptor limit: $MAX_FD"
-        fi
-    else
-        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
-    fi
-fi
-
-# For Darwin, add options to specify how the application appears in the dock
-if $darwin; then
-    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
-fi
-
-# For Cygwin, switch paths to Windows format before running java
-if $cygwin ; then
-    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
-    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
-    JAVACMD=`cygpath --unix "$JAVACMD"`
-
-    # We build the pattern for arguments to be converted via cygpath
-    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
-    SEP=""
-    for dir in $ROOTDIRSRAW ; do
-        ROOTDIRS="$ROOTDIRS$SEP$dir"
-        SEP="|"
-    done
-    OURCYGPATTERN="(^($ROOTDIRS))"
-    # Add a user-defined pattern to the cygpath arguments
-    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
-        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
-    fi
-    # Now convert the arguments - kludge to limit ourselves to /bin/sh
-    i=0
-    for arg in "$@" ; do
-        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
-        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
-
-        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
-            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
-        else
-            eval `echo args$i`="\"$arg\""
-        fi
-        i=$((i+1))
-    done
-    case $i in
-        (0) set -- ;;
-        (1) set -- "$args0" ;;
-        (2) set -- "$args0" "$args1" ;;
-        (3) set -- "$args0" "$args1" "$args2" ;;
-        (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
-        (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
-        (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
-        (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
-        (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
-        (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
+if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
+    case $MAX_FD in #(
+      max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        MAX_FD=$( ulimit -H -n ) ||
+            warn "Could not query maximum file descriptor limit"
+    esac
+    case $MAX_FD in  #(
+      '' | soft) :;; #(
+      *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC2039,SC3045
+        ulimit -n "$MAX_FD" ||
+            warn "Could not set maximum file descriptor limit to $MAX_FD"
     esac
 fi
 
-# Escape application args
-save () {
-    for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
-    echo " "
-}
-APP_ARGS=$(save "$@")
+# Collect all arguments for the java command, stacking in reverse order:
+#   * args from the command line
+#   * the main class name
+#   * -classpath
+#   * -D...appname settings
+#   * --module-path (only if needed)
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
 
-# Collect all arguments for the java command, following the shell quoting and substitution rules
-eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if "$cygwin" || "$msys" ; then
+    APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
+    CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" )
 
-# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
-if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
-  cd "$(dirname "$0")"
+    JAVACMD=$( cygpath --unix "$JAVACMD" )
+
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    for arg do
+        if
+            case $arg in                                #(
+              -*)   false ;;                            # don't mess with options #(
+              /?*)  t=${arg#/} t=/${t%%/*}              # looks like a POSIX filepath
+                    [ -e "$t" ] ;;                      #(
+              *)    false ;;
+            esac
+        then
+            arg=$( cygpath --path --ignore --mixed "$arg" )
+        fi
+        # Roll the args list around exactly as many times as the number of
+        # args, so each arg winds up back in the position where it started, but
+        # possibly modified.
+        #
+        # NB: a `for` loop captures its iteration list before it begins, so
+        # changing the positional parameters here affects neither the number of
+        # iterations, nor the values presented in `arg`.
+        shift                   # remove old arg
+        set -- "$@" "$arg"      # push replacement arg
+    done
 fi
 
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
+# Collect all arguments for the java command:
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#     and any embedded shellness will be escaped.
+#   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
+#     treated as '${Hostname}' itself on the command line.
+
+set -- \
+        "-Dorg.gradle.appname=$APP_BASE_NAME" \
+        -classpath "$CLASSPATH" \
+        org.gradle.wrapper.GradleWrapperMain \
+        "$@"
+
+# Stop when "xargs" is not available.
+if ! command -v xargs >/dev/null 2>&1
+then
+    die "xargs is not available"
+fi
+
+# Use "xargs" to parse quoted args.
+#
+# With -n1 it outputs one arg per line, with the quotes and backslashes removed.
+#
+# In Bash we could simply go:
+#
+#   readarray ARGS < <( xargs -n1 <<<"$var" ) &&
+#   set -- "${ARGS[@]}" "$@"
+#
+# but POSIX shell has neither arrays nor command substitution, so instead we
+# post-process each arg (as a line of input to sed) to backslash-escape any
+# character that might be a shell metacharacter, then use eval to reverse
+# that process (while maintaining the separation between arguments), and wrap
+# the whole thing up as a single "set" statement.
+#
+# This will of course break if any of these variables contains a newline or
+# an unmatched quote.
+#
+
+eval "set -- $(
+        printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" |
+        xargs -n1 |
+        sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' |
+        tr '\n' ' '
+    )" '"$@"'
+
 exec "$JAVACMD" "$@"

client/android/gradlew.bat

@@ -1,4 +1,20 @@
-@if "%DEBUG%" == "" @echo off
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
+@if "%DEBUG%"=="" @echo off
 @rem ##########################################################################
 @rem
 @rem  Gradle startup script for Windows
@@ -9,19 +25,23 @@
 if "%OS%"=="Windows_NT" setlocal
 
 set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
+if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
 set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
 @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS=
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
 
 @rem Find java.exe
 if defined JAVA_HOME goto findJavaFromJavaHome
 
 set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
+if %ERRORLEVEL% equ 0 goto execute
 
 echo.
 echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
@@ -35,7 +55,7 @@ goto fail
 set JAVA_HOME=%JAVA_HOME:"=%
 set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 
-if exist "%JAVA_EXE%" goto init
+if exist "%JAVA_EXE%" goto execute
 
 echo.
 echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
@@ -45,38 +65,26 @@ echo location of your Java installation.
 
 goto fail
 
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
 :execute
 @rem Setup the command line
 
 set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
 
+
 @rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
 
 :end
 @rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
+if %ERRORLEVEL% equ 0 goto mainEnd
 
 :fail
 rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
 rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
+set EXIT_CODE=%ERRORLEVEL%
+if %EXIT_CODE% equ 0 set EXIT_CODE=1
+if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
+exit /b %EXIT_CODE%
 
 :mainEnd
 if "%OS%"=="Windows_NT" endlocal

client/android/settings.gradle

@@ -1,21 +0,0 @@
-pluginManagement {
-    repositories {
-        google()
-        mavenCentral()
-        jcenter()
-        gradlePluginPortal()
-        maven { url 'https://jitpack.io' }
-    }
-}
-
-dependencyResolutionManagement {
-    repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
-    repositories {
-        google()
-        mavenCentral()
-        jcenter()
-        maven { url 'https://jitpack.io' }
-    }
-}
-
-include ':shadowsocks'

client/android/settings.gradle.kts

@@ -0,0 +1,58 @@
+import com.android.build.api.dsl.SettingsExtension
+
+pluginManagement {
+    repositories {
+        google()
+        mavenCentral()
+        gradlePluginPortal()
+        // for jsocks todo: remove after finish refactoring
+        maven("https://jitpack.io")
+    }
+
+    includeBuild("./gradle/plugins")
+}
+
+@Suppress("UnstableApiUsage")
+dependencyResolutionManagement {
+    repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
+    repositories {
+        google()
+        mavenCentral()
+        // for jsocks todo: remove after finish refactoring
+        maven("https://jitpack.io")
+    }
+}
+
+includeBuild("./gradle/plugins")
+
+plugins {
+    id("com.android.settings") version "8.1.3"
+    id("settings-property-delegate")
+}
+
+rootProject.name = "AmneziaVPN"
+rootProject.buildFileName = "build.gradle.kts"
+
+include(":shadowsocks")
+
+// get values from gradle or local properties
+val androidBuildToolsVersion: String by gradleProperties
+val androidCompileSdkVersion: String by gradleProperties
+val androidNdkVersion: String by gradleProperties
+val qtMinSdkVersion: String by gradleProperties
+
+// set default values for all modules
+configure<SettingsExtension> {
+    buildToolsVersion = androidBuildToolsVersion
+    compileSdk = androidCompileSdkVersion.substringAfter('-').toInt()
+    minSdk = qtMinSdkVersion.toInt()
+    ndkVersion = androidNdkVersion
+}
+
+// stop Gradle running by androiddeployqt
+gradle.taskGraph.whenReady {
+    if (providers.environmentVariable("ANDROIDDEPLOYQT_RUN").isPresent
+        && !providers.systemProperty("explicitRun").isPresent) {
+        allTasks.forEach { it.enabled = false }
+    }
+}

client/android/shadowsocks/build.gradle

@@ -1,14 +1,17 @@
 apply plugin: 'com.android.library'
 apply plugin: 'kotlin-android'
-apply plugin: 'kotlin-android-extensions'
 apply plugin: 'kotlin-kapt'
+apply plugin: 'kotlin-parcelize'
 //apply plugin: 'com.novoda.bintray-release'
 
 android {
-    compileSdkVersion 30
+    buildFeatures {
+        aidl true
+        androidResources true
+    }
+
     defaultConfig {
-        minSdkVersion 24
-        targetSdkVersion 30
+        namespace "org.amnezia.vpn.shadowsocks.core"
         versionCode 1
         versionName "1.0.0"
 
@@ -30,10 +33,6 @@ android {
     }
 }
 
-androidExtensions {
-    experimental = true
-}
-
 //def lifecycleVersion = '2.0.0'
 def roomVersion = "2.4.3"
 //def preferencexVersion = '1.0.0'
@@ -46,10 +45,9 @@ dependencies {
     implementation "org.jetbrains.kotlinx:kotlinx-coroutines-core:1.3.0"
 
     implementation "androidx.core:core-ktx:1.2.0"
-    implementation "androidx.lifecycle:lifecycle-extensions:2.2.0"
-    implementation "androidx.lifecycle:lifecycle-runtime-ktx:2.4.0"
-    implementation "androidx.lifecycle:lifecycle-livedata-core-ktx:2.4.0"
-    implementation "androidx.lifecycle:lifecycle-viewmodel-ktx:2.2.0"
+    implementation "androidx.lifecycle:lifecycle-runtime-ktx:2.5.1"
+    implementation "androidx.lifecycle:lifecycle-livedata-core-ktx:2.5.1"
+    implementation "androidx.lifecycle:lifecycle-viewmodel-ktx:2.5.1"
     implementation "androidx.room:room-runtime:$roomVersion" // runtime
     implementation "androidx.preference:preference:1.1.0"
     implementation "androidx.work:work-runtime-ktx:2.7.1"

client/android/shadowsocks/src/main/AndroidManifest.xml

@@ -1,6 +1,5 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:tools="http://schemas.android.com/tools"
-    package="org.amnezia.vpn.shadowsocks.core"
     tools:ignore="MissingLeanbackLauncher">
 
     <uses-feature

client/android/shadowsocks/src/main/java/org/amnezia/vpn/shadowsocks/core/VpnRequestActivity.kt

@@ -65,6 +65,7 @@ class VpnRequestActivity : AppCompatActivity() {
             Toast.makeText(this, R.string.vpn_permission_denied, Toast.LENGTH_LONG).show()
         }
         finish()
+        super.onActivityResult(requestCode, resultCode, data)
     }
 
     override fun onDestroy() {

client/android/shadowsocks/src/main/java/org/amnezia/vpn/shadowsocks/core/net/ChannelMonitor.kt

@@ -28,6 +28,7 @@ import kotlinx.coroutines.channels.sendBlocking
 import java.io.IOException
 import java.nio.ByteBuffer
 import java.nio.channels.*
+import kotlinx.coroutines.channels.trySendBlocking
 
 class ChannelMonitor : Thread("ChannelMonitor") {
     private data class Registration(val channel: SelectableChannel,
@@ -52,7 +53,7 @@ class ChannelMonitor : Thread("ChannelMonitor") {
             registerInternal(this, SelectionKey.OP_READ) {
                 val junk = ByteBuffer.allocateDirect(1)
                 while (read(junk) > 0) {
-                    pendingRegistrations.poll()!!.apply {
+                    pendingRegistrations.tryReceive().getOrNull()!!.apply {
                         try {
                             result.complete(registerInternal(channel, ops, listener))
                         } catch (e: Exception) {
@@ -112,7 +113,7 @@ class ChannelMonitor : Thread("ChannelMonitor") {
                 (key.attachment() as (SelectionKey) -> Unit)(key)
             }
         }
-        closeChannel.sendBlocking(Unit)
+        closeChannel.trySendBlocking(Unit)
     }
 
     fun close(scope: CoroutineScope) {

client/android/shadowsocks/src/main/java/org/amnezia/vpn/shadowsocks/core/net/LocalSocketListener.kt

@@ -33,6 +33,7 @@ import kotlinx.coroutines.channels.sendBlocking
 import kotlinx.coroutines.launch
 import java.io.File
 import java.io.IOException
+import kotlinx.coroutines.channels.trySendBlocking
 
 abstract class LocalSocketListener(name: String, socketFile: File) : Thread(name) {
     private val localSocket = LocalSocket().apply {
@@ -60,7 +61,7 @@ abstract class LocalSocketListener(name: String, socketFile: File) : Thread(name
                 }
             }
         }
-        closeChannel.sendBlocking(Unit)
+        closeChannel.trySendBlocking(Unit)
     }
 
     open fun shutdown(scope: CoroutineScope) {

client/android/src/com/wireguard/config/InetEndpoint.java

@@ -31,7 +31,7 @@ public final class InetEndpoint {
   private final boolean isResolved;
   private final Object lock = new Object();
   private final int port;
-  private Instant lastResolution = Instant.EPOCH;
+  private long lastResolution;
   @Nullable private InetEndpoint resolved;
 
   private InetEndpoint(final String host, final boolean isResolved, final int port) {
@@ -89,7 +89,7 @@ public final class InetEndpoint {
       return Optional.of(this);
     synchronized (lock) {
       // TODO(zx2c4): Implement a real timeout mechanism using DNS TTL
-      if (Duration.between(lastResolution, Instant.now()).toMinutes() > 1) {
+      if (System.currentTimeMillis() - lastResolution > 60000L) {
         try {
           // Prefer v4 endpoints over v6 to work around DNS64 and IPv6 NAT issues.
           final InetAddress[] candidates = InetAddress.getAllByName(host);
@@ -101,7 +101,7 @@ public final class InetEndpoint {
             }
           }
           resolved = new InetEndpoint(address.getHostAddress(), true, port);
-          lastResolution = Instant.now();
+          lastResolution = System.currentTimeMillis();
         } catch (final UnknownHostException e) {
           resolved = null;
         }

client/android/src/org/amnezia/vpn/NotificationUtil.kt

@@ -12,6 +12,7 @@ import android.content.Intent
 import android.os.Build
 import android.os.Parcel
 import androidx.core.app.NotificationCompat
+import org.amnezia.vpn.shadowsocks.core.R
 import org.json.JSONObject
 
 object NotificationUtil {
@@ -102,7 +103,7 @@ object NotificationUtil {
         val pendingIntent = PendingIntent.getActivity(service, 0, intent, PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT)
         // Build our notification
         sNotificationBuilder?.let {
-            it.setSmallIcon(org.amnezia.vpn.R.drawable.ic_amnezia_round)
+            it.setSmallIcon(R.drawable.ic_amnezia_round)
                 .setContentTitle(header)
                 .setContentText(message)
                 .setOnlyAlertOnce(true)

client/android/src/org/amnezia/vpn/OpenVPNThreadv3.kt

@@ -83,29 +83,32 @@ class OpenVPNThreadv3(var service: VPNService): ClientAPI_OpenVPNClient(), Runna
         if (jsonVpnConfig.getString("protocol") == "cloak") {
             val cloakConfigJson: JSONObject = jsonVpnConfig.getJSONObject("cloak_config_data")
 
-            if (cloakConfigJson.keySet().contains("NumConn")) {
+            if (cloakConfigJson.has("NumConn")) {
                 cloakConfigJson.put("NumConn", 1)
             }
 
-            if (cloakConfigJson.keySet().contains("ProxyMethod")) {
+            if (cloakConfigJson.has("ProxyMethod")) {
                 cloakConfigJson.put("ProxyMethod", "openvpn")
             }
 
-            if (cloakConfigJson.keySet().contains("port")) {
+            if (cloakConfigJson.has("port")) {
                 val portValue = cloakConfigJson.get("port")
                 cloakConfigJson.remove("port")
                 cloakConfigJson.put("RemotePort", portValue)
             }
 
-            if (cloakConfigJson.keySet().contains("remote")) {
+            if (cloakConfigJson.has("remote")) {
                 val hostValue = cloakConfigJson.get("remote")
                 cloakConfigJson.remove("remote")
                 cloakConfigJson.put("RemoteHost", hostValue)
             }
 
-            val cloakConfig = Base64.getEncoder().encodeToString(
-                jsonVpnConfig.getJSONObject("cloak_config_data").toString().toByteArray()
-            )
+            val cloakConfigData = jsonVpnConfig.getJSONObject("cloak_config_data").toString().toByteArray()
+            val cloakConfig = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
+                Base64.getEncoder().encodeToString(cloakConfigData)
+            } else {
+                android.util.Base64.encodeToString(cloakConfigData, android.util.Base64.DEFAULT)
+            }
 
             resultingConfig.append("\n<cloak>\n")
             resultingConfig.append(cloakConfig)

client/cmake/android.cmake

@@ -1,4 +1,20 @@
 message("Client android ${CMAKE_ANDROID_ARCH_ABI} build")
+
+set(APP_ANDROID_MIN_SDK 24)
+set(ANDROID_PLATFORM "android-${APP_ANDROID_MIN_SDK}" CACHE STRING
+    "The minimum API level supported by the application or library" FORCE)
+
+set_target_properties(${PROJECT} PROPERTIES
+    QT_ANDROID_VERSION_NAME ${CMAKE_PROJECT_VERSION}
+    QT_ANDROID_VERSION_CODE ${APP_ANDROID_VERSION_CODE}
+    QT_ANDROID_MIN_SDK_VERSION ${APP_ANDROID_MIN_SDK}
+    QT_ANDROID_TARGET_SDK_VERSION 34
+    QT_ANDROID_SDK_BUILD_TOOLS_REVISION 34.0.0
+    QT_ANDROID_PACKAGE_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/android
+)
+
+set(QT_ANDROID_MULTI_ABI_FORWARD_VARS "QT_NO_GLOBAL_APK_TARGET_PART_OF_ALL;CMAKE_BUILD_TYPE")
+
 # We need to include qtprivate api's
 # As QAndroidBinder is not yet implemented with a public api
 set(LIBS ${LIBS} Qt6::CorePrivate)
@@ -23,39 +39,6 @@ set(SOURCES ${SOURCES}
     ${CMAKE_CURRENT_SOURCE_DIR}/protocols/android_vpnprotocol.cpp
 )
 
-add_custom_command(
-    TARGET ${PROJECT} POST_BUILD
-    COMMAND ${CMAKE_COMMAND} -E copy
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/AndroidManifest.xml
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/build.gradle
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/gradle/wrapper/gradle-wrapper.jar
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/gradle/wrapper/gradle-wrapper.properties
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/gradlew
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/gradlew.bat
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/gradle.properties
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/res/values/libs.xml
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/res/xml/fileprovider.xml
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/AuthHelper.java
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/IPCContract.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/NotificationUtil.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/OpenVPNThreadv3.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/Prefs.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/VPNLogger.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/VPNService.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/VPNServiceBinder.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/qt/AmneziaApp.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/qt/PackageManagerHelper.java
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/qt/VPNActivity.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/qt/VPNClientBinder.kt
-    ${CMAKE_CURRENT_SOURCE_DIR}/android/src/org/amnezia/vpn/qt/VPNPermissionHelper.kt
-    ${CMAKE_CURRENT_BINARY_DIR}
-)
-
-set_property(TARGET ${PROJECT} PROPERTY
-    QT_ANDROID_PACKAGE_SOURCE_DIR
-    ${CMAKE_CURRENT_SOURCE_DIR}/android
-)
-
 foreach(abi IN ITEMS ${QT_ANDROID_ABIS})
     set_property(TARGET ${PROJECT} PROPERTY QT_ANDROID_EXTRA_LIBS
         ${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/wireguard/android/${abi}/libwg.so

client/configurators/awg_configurator.cpp

@@ -10,10 +10,11 @@ AwgConfigurator::AwgConfigurator(std::shared_ptr<Settings> settings, QObject *pa
 {
 }
 
-QString AwgConfigurator::genAwgConfig(const ServerCredentials &credentials, DockerContainer container,
-                                      const QJsonObject &containerConfig, QString &clientId, ErrorCode *errorCode)
+QString AwgConfigurator::genAwgConfig(const ServerCredentials &credentials,
+                                                                DockerContainer container,
+                                                                const QJsonObject &containerConfig, ErrorCode *errorCode)
 {
-    QString config = WireguardConfigurator::genWireguardConfig(credentials, container, containerConfig, clientId, errorCode);
+    QString config = WireguardConfigurator::genWireguardConfig(credentials, container, containerConfig, errorCode);
 
     QJsonObject jsonConfig = QJsonDocument::fromJson(config.toUtf8()).object();
     QString awgConfig = jsonConfig.value(config_key::config).toString();

client/configurators/awg_configurator.h

@@ -12,7 +12,7 @@ public:
     AwgConfigurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
 
     QString genAwgConfig(const ServerCredentials &credentials, DockerContainer container,
-                         const QJsonObject &containerConfig, QString &clientId, ErrorCode *errorCode = nullptr);
+                                      const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);
 };
 
 #endif // AWGCONFIGURATOR_H

client/configurators/openvpn_configurator.cpp

@@ -83,7 +83,7 @@ OpenVpnConfigurator::ConnectionData OpenVpnConfigurator::prepareOpenVpnConfig(co
 }
 
 QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentials, DockerContainer container,
-                                              const QJsonObject &containerConfig, QString &clientId, ErrorCode *errorCode)
+                                              const QJsonObject &containerConfig, ErrorCode *errorCode)
 {
     ServerController serverController(m_settings);
     QString config =
@@ -113,8 +113,6 @@ QString OpenVpnConfigurator::genOpenVpnConfig(const ServerCredentials &credentia
     QJsonObject jConfig;
     jConfig[config_key::config] = config;
 
-    clientId = connData.clientId;
-
     return QJsonDocument(jConfig).toJson();
 }
 
@@ -133,13 +131,13 @@ QString OpenVpnConfigurator::processConfigWithLocalSettings(QString jsonConfig)
         config.append("block-ipv6\n");
     }
     if (m_settings->routeMode() == Settings::VpnOnlyForwardSites) {
-
+        
         // no redirect-gateway
     }
     if (m_settings->routeMode() == Settings::VpnAllExceptSites) {
-#ifndef Q_OS_ANDROID
+#ifndef Q_OS_ANDROID    
         config.append("\nredirect-gateway ipv6 !ipv4 bypass-dhcp\n");
-#endif
+#endif       
         // Prevent ipv6 leak
         config.append("ifconfig-ipv6 fd15:53b6:dead::2/64  fd15:53b6:dead::1\n");
         config.append("block-ipv6\n");

client/configurators/openvpn_configurator.h

@@ -24,7 +24,7 @@ public:
     };
 
     QString genOpenVpnConfig(const ServerCredentials &credentials, DockerContainer container,
-        const QJsonObject &containerConfig, QString &clientId, ErrorCode *errorCode = nullptr);
+        const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);
 
     QString processConfigWithLocalSettings(QString jsonConfig);
     QString processConfigWithExportSettings(QString jsonConfig);

client/configurators/vpn_configurator.cpp

@@ -28,11 +28,11 @@ VpnConfigurator::VpnConfigurator(std::shared_ptr<Settings> settings, QObject *pa
 }
 
 QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentials, DockerContainer container,
-                                              const QJsonObject &containerConfig, Proto proto, QString &clientId, ErrorCode *errorCode)
+                                              const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode)
 {
     switch (proto) {
     case Proto::OpenVpn:
-        return openVpnConfigurator->genOpenVpnConfig(credentials, container, containerConfig, clientId, errorCode);
+        return openVpnConfigurator->genOpenVpnConfig(credentials, container, containerConfig, errorCode);
 
     case Proto::ShadowSocks:
         return shadowSocksConfigurator->genShadowSocksConfig(credentials, container, containerConfig, errorCode);
@@ -40,10 +40,10 @@ QString VpnConfigurator::genVpnProtocolConfig(const ServerCredentials &credentia
     case Proto::Cloak: return cloakConfigurator->genCloakConfig(credentials, container, containerConfig, errorCode);
 
     case Proto::WireGuard:
-        return wireguardConfigurator->genWireguardConfig(credentials, container, containerConfig, clientId, errorCode);
+        return wireguardConfigurator->genWireguardConfig(credentials, container, containerConfig, errorCode);
 
     case Proto::Awg:
-        return awgConfigurator->genAwgConfig(credentials, container, containerConfig, clientId, errorCode);
+        return awgConfigurator->genAwgConfig(credentials, container, containerConfig, errorCode);
 
     case Proto::Ikev2: return ikev2Configurator->genIkev2Config(credentials, container, containerConfig, errorCode);
 

client/configurators/vpn_configurator.h

@@ -6,6 +6,7 @@
 #include "configurator_base.h"
 #include "core/defs.h"
 
+
 class OpenVpnConfigurator;
 class ShadowSocksConfigurator;
 class CloakConfigurator;
@@ -15,15 +16,14 @@ class SshConfigurator;
 class AwgConfigurator;
 
 // Retrieve connection settings from server
-class VpnConfigurator : public ConfiguratorBase
+class VpnConfigurator : ConfiguratorBase
 {
     Q_OBJECT
 public:
     explicit VpnConfigurator(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
 
     QString genVpnProtocolConfig(const ServerCredentials &credentials, DockerContainer container,
-                                 const QJsonObject &containerConfig, Proto proto, QString &clientId,
-                                 ErrorCode *errorCode = nullptr);
+        const QJsonObject &containerConfig, Proto proto, ErrorCode *errorCode = nullptr);
 
     QPair<QString, QString> getDnsForConfig(int serverIndex);
     QString &processConfigWithDnsSettings(int serverIndex, DockerContainer container, Proto proto, QString &config);
@@ -32,8 +32,8 @@ public:
     QString &processConfigWithExportSettings(int serverIndex, DockerContainer container, Proto proto, QString &config);
 
     // workaround for containers which is not support normal configuration
-    void updateContainerConfigAfterInstallation(DockerContainer container, QJsonObject &containerConfig,
-                                                const QString &stdOut);
+    void updateContainerConfigAfterInstallation(DockerContainer container,
+        QJsonObject &containerConfig, const QString &stdOut);
 
     std::shared_ptr<OpenVpnConfigurator> openVpnConfigurator;
     std::shared_ptr<ShadowSocksConfigurator> shadowSocksConfigurator;
@@ -42,10 +42,6 @@ public:
     std::shared_ptr<Ikev2Configurator> ikev2Configurator;
     std::shared_ptr<SshConfigurator> sshConfigurator;
     std::shared_ptr<AwgConfigurator> awgConfigurator;
-
-signals:
-    void newVpnConfigCreated(const QString &clientId, const QString &clientName, const DockerContainer container,
-                             ServerCredentials credentials);
 };
 
 #endif // VPN_CONFIGURATOR_H

client/configurators/wireguard_configurator.cpp

@@ -177,7 +177,7 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
 }
 
 QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &credentials, DockerContainer container,
-                                                  const QJsonObject &containerConfig, QString &clientId, ErrorCode *errorCode)
+                                                  const QJsonObject &containerConfig, ErrorCode *errorCode)
 {
     ServerController serverController(m_settings);
     QString scriptData = amnezia::scriptData(m_configTemplate, container);
@@ -205,8 +205,6 @@ QString WireguardConfigurator::genWireguardConfig(const ServerCredentials &crede
     jConfig[config_key::psk_key] = connData.pskKey;
     jConfig[config_key::server_pub_key] = connData.serverPubKey;
 
-    clientId = connData.clientPubKey;
-
     return QJsonDocument(jConfig).toJson();
 }
 

client/configurators/wireguard_configurator.h

@@ -26,7 +26,7 @@ public:
     };
 
     QString genWireguardConfig(const ServerCredentials &credentials, DockerContainer container,
-                               const QJsonObject &containerConfig, QString &clientId, ErrorCode *errorCode = nullptr);
+                               const QJsonObject &containerConfig, ErrorCode *errorCode = nullptr);
 
     QString processConfigWithLocalSettings(QString config);
     QString processConfigWithExportSettings(QString config);

client/core/defs.h

@@ -36,7 +36,7 @@ enum ErrorCode
     ServerPacketManagerError,
 
     // Ssh connection errors
-    SshRequestDeniedError, SshInterruptedError, SshInternalError,
+    SshRequsetDeniedError, SshInterruptedError, SshInternalError,
     SshPrivateKeyError, SshPrivateKeyFormatError, SshTimeoutError,
 
     // Ssh sftp errors
@@ -47,6 +47,7 @@ enum ErrorCode
     SshSftpNoMediaError,
 
     // Local errors
+    FailedToSaveConfigData,
     OpenVpnConfigMissing,
     OpenVpnManagementServerError,
     ConfigMissing,
@@ -66,6 +67,7 @@ enum ErrorCode
 
     // 3rd party utils errors
     OpenSslFailed,
+    OpenVpnExecutableCrashed,
     ShadowSocksExecutableCrashed,
     CloakExecutableCrashed,
 

client/core/errorstrings.cpp

@@ -19,7 +19,7 @@ QString errorString(ErrorCode code){
     case(ServerUserNotInSudo): return QObject::tr("The user does not have permission to use sudo");
 
     // Libssh errors
-    case(SshRequestDeniedError): return QObject::tr("Ssh request was denied");
+    case(SshRequsetDeniedError): return QObject::tr("Ssh request was denied");
     case(SshInterruptedError): return QObject::tr("Ssh request was interrupted");
     case(SshInternalError): return QObject::tr("Ssh internal error");
     case(SshPrivateKeyError): return QObject::tr("Invalid private key or invalid passphrase entered");
@@ -42,6 +42,7 @@ QString errorString(ErrorCode code){
     case(SshSftpNoMediaError): return QObject::tr("Sftp error: No media was in remote drive");
 
     // Local errors
+    case (FailedToSaveConfigData): return QObject::tr("Failed to save config to disk");
     case (OpenVpnConfigMissing): return QObject::tr("OpenVPN config missing");
     case (OpenVpnManagementServerError): return QObject::tr("OpenVPN management server error");
 

client/core/sshclient.cpp

@@ -333,7 +333,7 @@ namespace libssh {
 
         switch (errorCode) {
         case(SSH_NO_ERROR): return ErrorCode::NoError;
-        case(SSH_REQUEST_DENIED): return ErrorCode::SshRequestDeniedError;
+        case(SSH_REQUEST_DENIED): return ErrorCode::SshRequsetDeniedError;
         case(SSH_EINTR): return ErrorCode::SshInterruptedError;
         case(SSH_FATAL): return ErrorCode::SshInternalError;
         default: return ErrorCode::SshInternalError;

client/images/controls/close.svg

@@ -1,6 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<g id="x, &#195;&#151;, close">
-<path id="Vector" d="M18 6L6 18" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path id="Vector_2" d="M6 6L18 18" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</g>
-</svg>

client/images/controls/search.svg

@@ -1,6 +0,0 @@
-<svg width="24" height="24" viewBox="0 0 24 24" fill="none" xmlns="http://www.w3.org/2000/svg">
-<g id="search">
-<path id="Vector" d="M11 19C15.4183 19 19 15.4183 19 11C19 6.58172 15.4183 3 11 3C6.58172 3 3 6.58172 3 11C3 15.4183 6.58172 19 11 19Z" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-<path id="Vector_2" d="M21.0004 20.9984L16.6504 16.6484" stroke="#D7D8DB" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
-</g>
-</svg>

client/resources.qrc

@@ -222,8 +222,5 @@
         <file>server_scripts/awg/configure_container.sh</file>
         <file>server_scripts/awg/run_container.sh</file>
         <file>server_scripts/awg/Dockerfile</file>
-        <file>ui/qml/Pages2/PageShareFullAccess.qml</file>
-        <file>images/controls/close.svg</file>
-        <file>images/controls/search.svg</file>
     </qresource>
 </RCC>

client/server_scripts/check_server_is_busy.sh

@@ -1,6 +1,5 @@
 if which apt-get > /dev/null 2>&1; then LOCK_FILE="/var/lib/dpkg/lock-frontend";\
 elif which dnf > /dev/null 2>&1; then LOCK_FILE="/var/run/dnf.pid";\
 elif which yum > /dev/null 2>&1; then LOCK_FILE="/var/run/yum.pid";\
-elif which pacman > /dev/null 2>&1; then LOCK_FILE="/var/lib/pacman/db.lck";\
 else echo "Packet manager not found"; echo "Internal error"; exit 1; fi;\
-if command -v fuser > /dev/null 2>&1; then sudo fuser $LOCK_FILE 2>/dev/null; else echo "fuser not installed"; fi
+if command -v fuser > /dev/null 2>&1; then sudo fuser $LOCK_FILE 2>/dev/null; else  echo "fuser not installed"; fi

client/server_scripts/install_docker.sh

@@ -1,20 +1,19 @@
-if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); silent_inst="-yq install"; check_pkgs="-yq update"; docker_pkg="docker.io"; dist="debian";\
-elif which dnf > /dev/null 2>&1; then pm=$(which dnf); silent_inst="-yq install"; check_pkgs="-yq check-update"; docker_pkg="docker"; dist="fedora";\
-elif which yum > /dev/null 2>&1; then pm=$(which yum); silent_inst="-y -q install"; check_pkgs="-y -q check-update"; docker_pkg="docker"; dist="centos";\
-elif which pacman > /dev/null 2>&1; then pm=$(which pacman); silent_inst="--noconfirm -S"; check_pkgs="> /dev/null 2>&1"; docker_pkg="docker"; dist="archlinux";\
+if which apt-get > /dev/null 2>&1; then pm=$(which apt-get); docker_pkg="docker.io"; dist="debian";\
+elif which dnf > /dev/null 2>&1; then pm=$(which dnf); docker_pkg="docker"; dist="fedora";\
+elif which yum > /dev/null 2>&1; then pm=$(which yum); docker_pkg="docker"; dist="centos";\
 else echo "Packet manager not found"; exit 1; fi;\
-echo "Dist: $dist, Packet manager: $pm, Install command: $silent_inst, Check pkgs command: $check_pkgs, Docker pkg: $docker_pkg";\
+echo "Dist: $dist, Packet manager: $pm, Docker pkg: $docker_pkg";\
 if [ "$dist" = "debian" ]; then export DEBIAN_FRONTEND=noninteractive; fi;\
-if ! command -v sudo > /dev/null 2>&1; then $pm $check_pkgs; $pm $silent_inst sudo; fi;\
-if ! command -v fuser > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst psmisc; fi;\
-if ! command -v lsof > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst lsof; fi;\
-if ! command -v docker > /dev/null 2>&1; then sudo $pm $check_pkgs; sudo $pm $silent_inst $docker_pkg;\
+if ! command -v sudo > /dev/null 2>&1; then $pm update -yq; $pm install -yq sudo; fi;\
+if ! command -v fuser > /dev/null 2>&1; then sudo $pm install -yq psmisc; fi;\
+if ! command -v lsof > /dev/null 2>&1; then sudo $pm install -yq lsof; fi;\
+if ! command -v docker > /dev/null 2>&1; then sudo $pm update -yq; sudo $pm install -yq $docker_pkg;\
   if [ "$dist" = "fedora" ] || [ "$dist" = "centos" ] || [ "$dist" = "debian" ]; then sudo systemctl enable docker && sudo systemctl start docker; fi;\
 fi;\
 if [ "$dist" = "debian" ]; then \
   docker_service=$(systemctl list-units --full --all | grep docker.service | grep -v inactive | grep -v dead | grep -v failed);\
-  if [ -z "$docker_service" ]; then sudo $pm $check_pkgs; sudo $pm $silent_inst curl $docker_pkg; fi;\
+  if [ -z "$docker_service" ]; then sudo $pm update -yq; sudo $pm install -yq curl $docker_pkg; fi;\
   sleep 3 && sudo systemctl start docker && sleep 3;\
 fi;\
-if ! command -v sudo > /dev/null 2>&1; then echo "Failed to install Docker"; exit 1; fi;\
+if ! command -v sudo > /dev/null 2>&1; then echo "Failed to install Docker";exit 1;fi;\
 docker --version

client/ui/controllers/exportController.cpp

@@ -8,9 +8,7 @@
 #include <QImage>
 #include <QStandardPaths>
 
-#include "configurators/cloak_configurator.h"
 #include "configurators/openvpn_configurator.h"
-#include "configurators/shadowsocks_configurator.h"
 #include "configurators/wireguard_configurator.h"
 #include "core/errorstrings.h"
 #include "systemController.h"
@@ -21,13 +19,11 @@
 
 ExportController::ExportController(const QSharedPointer<ServersModel> &serversModel,
                                    const QSharedPointer<ContainersModel> &containersModel,
-                                   const QSharedPointer<ClientManagementModel> &clientManagementModel,
                                    const std::shared_ptr<Settings> &settings,
                                    const std::shared_ptr<VpnConfigurator> &configurator, QObject *parent)
     : QObject(parent),
       m_serversModel(serversModel),
       m_containersModel(containersModel),
-      m_clientManagementModel(clientManagementModel),
       m_settings(settings),
       m_configurator(configurator)
 {
@@ -79,12 +75,13 @@ void ExportController::generateFullAccessConfigAndroid()
 }
 #endif
 
-void ExportController::generateConnectionConfig(const QString &clientName)
+void ExportController::generateConnectionConfig()
 {
     clearPreviousConfig();
 
     int serverIndex = m_serversModel->getCurrentlyProcessedServerIndex();
-    ServerCredentials credentials = m_serversModel->getCurrentlyProcessedServerCredentials();
+    ServerCredentials credentials =
+            qvariant_cast<ServerCredentials>(m_serversModel->data(serverIndex, ServersModel::Roles::CredentialsRole));
 
     DockerContainer container = static_cast<DockerContainer>(m_containersModel->getCurrentlyProcessedContainerIndex());
     QModelIndex containerModelIndex = m_containersModel->index(container);
@@ -96,25 +93,17 @@ void ExportController::generateConnectionConfig(const QString &clientName)
     for (Proto protocol : ContainerProps::protocolsForContainer(container)) {
         QJsonObject protocolConfig = m_settings->protocolConfig(serverIndex, container, protocol);
 
-        QString clientId;
-        QString vpnConfig = m_configurator->genVpnProtocolConfig(credentials, container, containerConfig, protocol,
-                                                                 clientId, &errorCode);
+        QString vpnConfig =
+                m_configurator->genVpnProtocolConfig(credentials, container, containerConfig, protocol, &errorCode);
         if (errorCode) {
             emit exportErrorOccurred(errorString(errorCode));
             return;
         }
         protocolConfig.insert(config_key::last_config, vpnConfig);
         containerConfig.insert(ProtocolProps::protoToString(protocol), protocolConfig);
-        if (protocol == Proto::OpenVpn || protocol == Proto::Awg || protocol == Proto::WireGuard) {
-            errorCode = m_clientManagementModel->appendClient(clientId, clientName, container, credentials);
-            if (errorCode) {
-                emit exportErrorOccurred(errorString(errorCode));
-                return;
-            }
-        }
     }
 
-    QJsonObject config = m_settings->server(serverIndex); // todo change to servers_model
+    QJsonObject config = m_settings->server(serverIndex);
     if (!errorCode) {
         config.remove(config_key::userName);
         config.remove(config_key::password);
@@ -137,127 +126,7 @@ void ExportController::generateConnectionConfig(const QString &clientName)
     emit exportConfigChanged();
 }
 
-void ExportController::generateOpenVpnConfig(const QString &clientName)
-{
-    clearPreviousConfig();
-
-    int serverIndex = m_serversModel->getCurrentlyProcessedServerIndex();
-    ServerCredentials credentials = m_serversModel->getCurrentlyProcessedServerCredentials();
-
-    DockerContainer container = static_cast<DockerContainer>(m_containersModel->getCurrentlyProcessedContainerIndex());
-    QModelIndex containerModelIndex = m_containersModel->index(container);
-    QJsonObject containerConfig =
-            qvariant_cast<QJsonObject>(m_containersModel->data(containerModelIndex, ContainersModel::Roles::ConfigRole));
-    containerConfig.insert(config_key::container, ContainerProps::containerToString(container));
-
-    ErrorCode errorCode = ErrorCode::NoError;
-    QString clientId;
-    QString config = m_configurator->openVpnConfigurator->genOpenVpnConfig(credentials, container, containerConfig,
-                                                                           clientId, &errorCode);
-    if (errorCode) {
-        emit exportErrorOccurred(errorString(errorCode));
-        return;
-    }
-    config = m_configurator->processConfigWithExportSettings(serverIndex, container, Proto::OpenVpn, config);
-
-    auto configJson = QJsonDocument::fromJson(config.toUtf8()).object();
-    QStringList lines = configJson.value(config_key::config).toString().replace("\r", "").split("\n");
-    for (const QString &line : lines) {
-        m_config.append(line + "\n");
-    }
-
-    m_qrCodes = generateQrCodeImageSeries(m_config.toUtf8());
-
-    errorCode = m_clientManagementModel->appendClient(clientId, clientName, container, credentials);
-    if (errorCode) {
-        emit exportErrorOccurred(errorString(errorCode));
-        return;
-    }
-
-    emit exportConfigChanged();
-}
-
-void ExportController::generateWireGuardConfig(const QString &clientName)
-{
-    clearPreviousConfig();
-
-    int serverIndex = m_serversModel->getCurrentlyProcessedServerIndex();
-    ServerCredentials credentials = m_serversModel->getCurrentlyProcessedServerCredentials();
-
-    DockerContainer container = static_cast<DockerContainer>(m_containersModel->getCurrentlyProcessedContainerIndex());
-    QModelIndex containerModelIndex = m_containersModel->index(container);
-    QJsonObject containerConfig =
-            qvariant_cast<QJsonObject>(m_containersModel->data(containerModelIndex, ContainersModel::Roles::ConfigRole));
-    containerConfig.insert(config_key::container, ContainerProps::containerToString(container));
-
-    QString clientId;
-    ErrorCode errorCode = ErrorCode::NoError;
-    QString config = m_configurator->wireguardConfigurator->genWireguardConfig(credentials, container, containerConfig,
-                                                                               clientId, &errorCode);
-    if (errorCode) {
-        emit exportErrorOccurred(errorString(errorCode));
-        return;
-    }
-    config = m_configurator->processConfigWithExportSettings(serverIndex, container, Proto::WireGuard, config);
-
-    auto configJson = QJsonDocument::fromJson(config.toUtf8()).object();
-    QStringList lines = configJson.value(config_key::config).toString().replace("\r", "").split("\n");
-    for (const QString &line : lines) {
-        m_config.append(line + "\n");
-    }
-
-    qrcodegen::QrCode qr = qrcodegen::QrCode::encodeText(m_config.toUtf8(), qrcodegen::QrCode::Ecc::LOW);
-    m_qrCodes << svgToBase64(QString::fromStdString(toSvgString(qr, 1)));
-
-    errorCode = m_clientManagementModel->appendClient(clientId, clientName, container, credentials);
-    if (errorCode) {
-        emit exportErrorOccurred(errorString(errorCode));
-        return;
-    }
-
-    emit exportConfigChanged();
-}
-
-void ExportController::generateShadowSocksConfig()
-{
-    clearPreviousConfig();
-
-    int serverIndex = m_serversModel->getCurrentlyProcessedServerIndex();
-    ServerCredentials credentials =
-            qvariant_cast<ServerCredentials>(m_serversModel->data(serverIndex, ServersModel::Roles::CredentialsRole));
-
-    DockerContainer container = static_cast<DockerContainer>(m_containersModel->getCurrentlyProcessedContainerIndex());
-    QModelIndex containerModelIndex = m_containersModel->index(container);
-    QJsonObject containerConfig =
-            qvariant_cast<QJsonObject>(m_containersModel->data(containerModelIndex, ContainersModel::Roles::ConfigRole));
-    containerConfig.insert(config_key::container, ContainerProps::containerToString(container));
-
-    ErrorCode errorCode = ErrorCode::NoError;
-    QString config = m_configurator->shadowSocksConfigurator->genShadowSocksConfig(credentials, container,
-                                                                                   containerConfig, &errorCode);
-
-    config = m_configurator->processConfigWithExportSettings(serverIndex, container, Proto::ShadowSocks, config);
-    QJsonObject configJson = QJsonDocument::fromJson(config.toUtf8()).object();
-
-    QStringList lines = QString(QJsonDocument(configJson).toJson()).replace("\r", "").split("\n");
-    for (const QString &line : lines) {
-        m_config.append(line + "\n");
-    }
-
-    m_nativeConfigString =
-            QString("%1:%2@%3:%4")
-                    .arg(configJson.value("method").toString(), configJson.value("password").toString(),
-                         configJson.value("server").toString(), configJson.value("server_port").toString());
-
-    m_nativeConfigString = "ss://" + m_nativeConfigString.toUtf8().toBase64();
-
-    qrcodegen::QrCode qr = qrcodegen::QrCode::encodeText(m_nativeConfigString.toUtf8(), qrcodegen::QrCode::Ecc::LOW);
-    m_qrCodes << svgToBase64(QString::fromStdString(toSvgString(qr, 1)));
-
-    emit exportConfigChanged();
-}
-
-void ExportController::generateCloakConfig()
+void ExportController::generateOpenVpnConfig()
 {
     clearPreviousConfig();
 
@@ -273,19 +142,47 @@ void ExportController::generateCloakConfig()
 
     ErrorCode errorCode = ErrorCode::NoError;
     QString config =
-            m_configurator->cloakConfigurator->genCloakConfig(credentials, container, containerConfig, &errorCode);
-
+            m_configurator->openVpnConfigurator->genOpenVpnConfig(credentials, container, containerConfig, &errorCode);
     if (errorCode) {
         emit exportErrorOccurred(errorString(errorCode));
         return;
     }
-    config = m_configurator->processConfigWithExportSettings(serverIndex, container, Proto::Cloak, config);
-    QJsonObject configJson = QJsonDocument::fromJson(config.toUtf8()).object();
+    config = m_configurator->processConfigWithExportSettings(serverIndex, container, Proto::OpenVpn, config);
 
-    configJson.remove(config_key::transport_proto);
-    configJson.insert("ProxyMethod", "shadowsocks");
+    auto configJson = QJsonDocument::fromJson(config.toUtf8()).object();
+    QStringList lines = configJson.value(config_key::config).toString().replace("\r", "").split("\n");
+    for (const QString &line : lines) {
+        m_config.append(line + "\n");
+    }
 
-    QStringList lines = QString(QJsonDocument(configJson).toJson()).replace("\r", "").split("\n");
+    emit exportConfigChanged();
+}
+
+void ExportController::generateWireGuardConfig()
+{
+    clearPreviousConfig();
+
+    int serverIndex = m_serversModel->getCurrentlyProcessedServerIndex();
+    ServerCredentials credentials =
+            qvariant_cast<ServerCredentials>(m_serversModel->data(serverIndex, ServersModel::Roles::CredentialsRole));
+
+    DockerContainer container = static_cast<DockerContainer>(m_containersModel->getCurrentlyProcessedContainerIndex());
+    QModelIndex containerModelIndex = m_containersModel->index(container);
+    QJsonObject containerConfig =
+            qvariant_cast<QJsonObject>(m_containersModel->data(containerModelIndex, ContainersModel::Roles::ConfigRole));
+    containerConfig.insert(config_key::container, ContainerProps::containerToString(container));
+
+    ErrorCode errorCode = ErrorCode::NoError;
+    QString config = m_configurator->wireguardConfigurator->genWireguardConfig(credentials, container, containerConfig,
+                                                                               &errorCode);
+    if (errorCode) {
+        emit exportErrorOccurred(errorString(errorCode));
+        return;
+    }
+    config = m_configurator->processConfigWithExportSettings(serverIndex, container, Proto::WireGuard, config);
+
+    auto configJson = QJsonDocument::fromJson(config.toUtf8()).object();
+    QStringList lines = configJson.value(config_key::config).toString().replace("\r", "").split("\n");
     for (const QString &line : lines) {
         m_config.append(line + "\n");
     }
@@ -298,11 +195,6 @@ QString ExportController::getConfig()
     return m_config;
 }
 
-QString ExportController::getNativeConfigString()
-{
-    return m_nativeConfigString;
-}
-
 QList<QString> ExportController::getQrCodes()
 {
     return m_qrCodes;
@@ -313,30 +205,6 @@ void ExportController::exportConfig(const QString &fileName)
     SystemController::saveFile(fileName, m_config);
 }
 
-void ExportController::updateClientManagementModel(const DockerContainer container, ServerCredentials credentials)
-{
-    ErrorCode errorCode = m_clientManagementModel->updateModel(container, credentials);
-    if (errorCode != ErrorCode::NoError) {
-        emit exportErrorOccurred(errorString(errorCode));
-    }
-}
-
-void ExportController::revokeConfig(const int row, const DockerContainer container, ServerCredentials credentials)
-{
-    ErrorCode errorCode = m_clientManagementModel->revokeClient(row, container, credentials);
-    if (errorCode != ErrorCode::NoError) {
-        emit exportErrorOccurred(errorString(errorCode));
-    }
-}
-
-void ExportController::renameClient(const int row, const QString &clientName, const DockerContainer container, ServerCredentials credentials)
-{
-    ErrorCode errorCode = m_clientManagementModel->renameClient(row, clientName, container, credentials);
-    if (errorCode != ErrorCode::NoError) {
-        emit exportErrorOccurred(errorString(errorCode));
-    }
-}
-
 QList<QString> ExportController::generateQrCodeImageSeries(const QByteArray &data)
 {
     double k = 850;
@@ -351,7 +219,7 @@ QList<QString> ExportController::generateQrCodeImageSeries(const QByteArray &dat
         QByteArray ba = chunk.toBase64(QByteArray::Base64UrlEncoding | QByteArray::OmitTrailingEquals);
 
         qrcodegen::QrCode qr = qrcodegen::QrCode::encodeText(ba, qrcodegen::QrCode::Ecc::LOW);
-        QString svg = QString::fromStdString(toSvgString(qr, 1));
+        QString svg = QString::fromStdString(toSvgString(qr, 0));
         chunks.append(svgToBase64(svg));
     }
 
@@ -371,6 +239,5 @@ int ExportController::getQrCodesCount()
 void ExportController::clearPreviousConfig()
 {
     m_config.clear();
-    m_nativeConfigString.clear();
     m_qrCodes.clear();
 }

client/ui/controllers/exportController.h

@@ -6,7 +6,6 @@
 #include "configurators/vpn_configurator.h"
 #include "ui/models/containers_model.h"
 #include "ui/models/servers_model.h"
-#include "ui/models/clientManagementModel.h"
 #ifdef Q_OS_ANDROID
     #include "platforms/android/authResultReceiver.h"
 #endif
@@ -17,36 +16,27 @@ class ExportController : public QObject
 public:
     explicit ExportController(const QSharedPointer<ServersModel> &serversModel,
                               const QSharedPointer<ContainersModel> &containersModel,
-                              const QSharedPointer<ClientManagementModel> &clientManagementModel,
                               const std::shared_ptr<Settings> &settings,
                               const std::shared_ptr<VpnConfigurator> &configurator, QObject *parent = nullptr);
 
     Q_PROPERTY(QList<QString> qrCodes READ getQrCodes NOTIFY exportConfigChanged)
     Q_PROPERTY(int qrCodesCount READ getQrCodesCount NOTIFY exportConfigChanged)
     Q_PROPERTY(QString config READ getConfig NOTIFY exportConfigChanged)
-    Q_PROPERTY(QString nativeConfigString READ getNativeConfigString NOTIFY exportConfigChanged)
 
 public slots:
     void generateFullAccessConfig();
 #if defined(Q_OS_ANDROID)
     void generateFullAccessConfigAndroid();
 #endif
-    void generateConnectionConfig(const QString &clientName);
-    void generateOpenVpnConfig(const QString &clientName);
-    void generateWireGuardConfig(const QString &clientName);
-    void generateShadowSocksConfig();
-    void generateCloakConfig();
+    void generateConnectionConfig();
+    void generateOpenVpnConfig();
+    void generateWireGuardConfig();
 
     QString getConfig();
-    QString getNativeConfigString();
     QList<QString> getQrCodes();
 
     void exportConfig(const QString &fileName);
 
-    void updateClientManagementModel(const DockerContainer container, ServerCredentials credentials);
-    void revokeConfig(const int row, const DockerContainer container, ServerCredentials credentials);
-    void renameClient(const int row, const QString &clientName, const DockerContainer container, ServerCredentials credentials);
-
 signals:
     void generateConfig(int type);
     void exportErrorOccurred(const QString &errorMessage);
@@ -65,12 +55,10 @@ private:
 
     QSharedPointer<ServersModel> m_serversModel;
     QSharedPointer<ContainersModel> m_containersModel;
-    QSharedPointer<ClientManagementModel> m_clientManagementModel;
     std::shared_ptr<Settings> m_settings;
     std::shared_ptr<VpnConfigurator> m_configurator;
 
     QString m_config;
-    QString m_nativeConfigString;
     QList<QString> m_qrCodes;
 
 #ifdef Q_OS_ANDROID

client/ui/controllers/pageController.h

@@ -51,9 +51,7 @@ namespace PageLoader
         PageProtocolWireGuardSettings,
         PageProtocolAwgSettings,
         PageProtocolIKev2Settings,
-        PageProtocolRaw,
-
-        PageShareFullAccess
+        PageProtocolRaw
     };
     Q_ENUM_NS(PageEnum)
 

client/ui/models/clientManagementModel.cpp

@@ -1,373 +1,104 @@
 #include "clientManagementModel.h"
 
-#include <QJsonDocument>
 #include <QJsonObject>
 
-#include "core/servercontroller.h"
-#include "logger.h"
-
-namespace
+ClientManagementModel::ClientManagementModel(QObject *parent) : QAbstractListModel(parent)
 {
-    Logger logger("ClientManagementModel");
 
-    namespace configKey {
-        constexpr char clientId[] = "clientId";
-        constexpr char clientName[] = "clientName";
-        constexpr char container[] = "container";
-        constexpr char userData[] = "userData";
-    }
 }
 
-ClientManagementModel::ClientManagementModel(std::shared_ptr<Settings> settings, QObject *parent)
-    : m_settings(settings), QAbstractListModel(parent)
+void ClientManagementModel::clearData()
 {
+    beginResetModel();
+    m_content.clear();
+    endResetModel();
+}
+
+void ClientManagementModel::setContent(const QVector<QVariant> &data)
+{
+    beginResetModel();
+    m_content = data;
+    endResetModel();
+}
+
+QJsonObject ClientManagementModel::getContent(amnezia::Proto protocol)
+{
+    QJsonObject clientsTable;
+    for (const auto &item : m_content) {
+        if (protocol == amnezia::Proto::OpenVpn) {
+            clientsTable[item.toJsonObject()["openvpnCertId"].toString()] = item.toJsonObject();
+        } else if (protocol == amnezia::Proto::WireGuard) {
+            clientsTable[item.toJsonObject()["wireguardPublicKey"].toString()] = item.toJsonObject();
+        }
+    }
+    return clientsTable;
 }
 
 int ClientManagementModel::rowCount(const QModelIndex &parent) const
 {
     Q_UNUSED(parent);
-    return static_cast<int>(m_clientsTable.size());
+    return static_cast<int>(m_content.size());
 }
 
 QVariant ClientManagementModel::data(const QModelIndex &index, int role) const
 {
-    if (!index.isValid() || index.row() < 0 || index.row() >= static_cast<int>(m_clientsTable.size())) {
+    if (!index.isValid() || index.row() < 0
+            || index.row() >= static_cast<int>(m_content.size())) {
         return QVariant();
     }
 
-    auto client = m_clientsTable.at(index.row()).toObject();
-    auto userData = client.value(configKey::userData).toObject();
-
-    switch (role) {
-    case ClientNameRole: return userData.value(configKey::clientName).toString();
+    if (role == NameRole) {
+        return m_content[index.row()].toJsonObject()["clientName"].toString();
+    } else if (role == OpenVpnCertIdRole) {
+        return m_content[index.row()].toJsonObject()["openvpnCertId"].toString();
+    } else if (role == OpenVpnCertDataRole) {
+        return m_content[index.row()].toJsonObject()["openvpnCertData"].toString();
+    } else if (role == WireGuardPublicKey) {
+        return m_content[index.row()].toJsonObject()["wireguardPublicKey"].toString();
     }
 
     return QVariant();
 }
 
-ErrorCode ClientManagementModel::updateModel(DockerContainer container, ServerCredentials credentials)
+void ClientManagementModel::setData(const QModelIndex &index, QVariant data, int role)
 {
-    beginResetModel();
-    m_clientsTable = QJsonArray();
-
-    ServerController serverController(m_settings);
-
-    ErrorCode error = ErrorCode::NoError;
-
-    const QString clientsTableFile =
-            QString("/opt/amnezia/%1/clientsTable").arg(ContainerProps::containerTypeToString(container));
-    const QByteArray clientsTableString =
-            serverController.getTextFileFromContainer(container, credentials, clientsTableFile, &error);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to get the clientsTable file from the server";
-        endResetModel();
-        return error;
+    if (!index.isValid() || index.row() < 0
+            || index.row() >= static_cast<int>(m_content.size())) {
+        return;
     }
 
-    m_clientsTable = QJsonDocument::fromJson(clientsTableString).array();
-
-    if (m_clientsTable.isEmpty()) {
-        int count = 0;
-
-        if (container == DockerContainer::OpenVpn || container == DockerContainer::ShadowSocks
-            || container == DockerContainer::Cloak) {
-            error = getOpenVpnClients(serverController, container, credentials, count);
-        } else if (container == DockerContainer::WireGuard || container == DockerContainer::Awg) {
-            error = getWireGuardClients(serverController, container, credentials, count);
-        }
-        if (error != ErrorCode::NoError) {
-            endResetModel();
-            return error;
-        }
-
-        const QByteArray newClientsTableString = QJsonDocument(m_clientsTable).toJson();
-        if (clientsTableString != newClientsTableString) {
-            error = serverController.uploadTextFileToContainer(container, credentials, newClientsTableString,
-                                                               clientsTableFile);
-            if (error != ErrorCode::NoError) {
-                logger.error() << "Failed to upload the clientsTable file to the server";
-            }
-        }
+    auto client = m_content[index.row()].toJsonObject();
+    if (role == NameRole) {
+        client["clientName"] = data.toString();
+    } else if (role == OpenVpnCertIdRole) {
+        client["openvpnCertId"] = data.toString();
+    } else if (role == OpenVpnCertDataRole) {
+        client["openvpnCertData"] = data.toString();
+    } else if (role == WireGuardPublicKey) {
+        client["wireguardPublicKey"] = data.toString();
+    } else {
+        return;
+    }
+    if (m_content[index.row()] != client) {
+        m_content[index.row()] = client;
+        emit dataChanged(index, index);
     }
-
-    endResetModel();
-    return error;
 }
 
-ErrorCode ClientManagementModel::getOpenVpnClients(ServerController &serverController, DockerContainer container, ServerCredentials credentials, int &count)
+bool ClientManagementModel::removeRows(int row)
 {
-    ErrorCode error = ErrorCode::NoError;
-    QString stdOut;
-    auto cbReadStdOut = [&](const QString &data, libssh::Client &) {
-        stdOut += data + "\n";
-        return ErrorCode::NoError;
-    };
-
-    const QString getOpenVpnClientsList =
-            "sudo docker exec -i $CONTAINER_NAME bash -c 'ls /opt/amnezia/openvpn/pki/issued'";
-    QString script = serverController.replaceVars(getOpenVpnClientsList,
-                                                  serverController.genVarsForScript(credentials, container));
-    error = serverController.runScript(credentials, script, cbReadStdOut);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to retrieve the list of issued certificates on the server";
-        return error;
-    }
-
-    if (!stdOut.isEmpty()) {
-        QStringList certsIds = stdOut.split("\n", Qt::SkipEmptyParts);
-        certsIds.removeAll("AmneziaReq.crt");
-
-        for (auto &openvpnCertId : certsIds) {
-            openvpnCertId.replace(".crt", "");
-            if (!isClientExists(openvpnCertId)) {
-                QJsonObject client;
-                client[configKey::clientId] = openvpnCertId;
-
-                QJsonObject userData;
-                userData[configKey::clientName] = QString("Client %1").arg(count);
-                client[configKey::userData] = userData;
-
-                m_clientsTable.push_back(client);
-
-                count++;
-            }
-        }
-    }
-    return error;
-}
-
-ErrorCode ClientManagementModel::getWireGuardClients(ServerController &serverController, DockerContainer container, ServerCredentials credentials, int &count)
-{
-    ErrorCode error = ErrorCode::NoError;
-
-    const QString wireGuardConfigFile =
-            QString("opt/amnezia/%1/wg0.conf").arg(container == DockerContainer::WireGuard ? "wireguard" : "awg");
-    const QString wireguardConfigString =
-            serverController.getTextFileFromContainer(container, credentials, wireGuardConfigFile, &error);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to get the wg conf file from the server";
-        return error;
-    }
-
-    auto configLines = wireguardConfigString.split("\n", Qt::SkipEmptyParts);
-    QStringList wireguardKeys;
-    for (const auto &line : configLines) {
-        auto configPair = line.split(" = ", Qt::SkipEmptyParts);
-        if (configPair.front() == "PublicKey") {
-            wireguardKeys.push_back(configPair.back());
-        }
-    }
-
-    for (auto &wireguardKey : wireguardKeys) {
-        if (!isClientExists(wireguardKey)) {
-            QJsonObject client;
-            client[configKey::clientId] = wireguardKey;
-
-            QJsonObject userData;
-            userData[configKey::clientName] = QString("Client %1").arg(count);
-            client[configKey::userData] = userData;
-
-            m_clientsTable.push_back(client);
-
-            count++;
-        }
-    }
-    return error;
-}
-
-bool ClientManagementModel::isClientExists(const QString &clientId)
-{
-    for (const QJsonValue &value : qAsConst(m_clientsTable)) {
-        if (value.isObject()) {
-            QJsonObject obj = value.toObject();
-            if (obj.contains(configKey::clientId) && obj[configKey::clientId].toString() == clientId) {
-                return true;
-            }
-        }
-    }
-    return false;
-}
-
-ErrorCode ClientManagementModel::appendClient(const QString &clientId, const QString &clientName,
-                                              const DockerContainer container, ServerCredentials credentials)
-{
-    ErrorCode error;
-
-    error = updateModel(container, credentials);
-    if (error != ErrorCode::NoError) {
-        return error;
-    }
-
-    for (int i = 0; i < m_clientsTable.size(); i++) {
-        if (m_clientsTable.at(i).toObject().value(configKey::clientId) == clientId) {
-            return renameClient(i, clientName, container, credentials);
-        }
-    }
-
-    beginResetModel();
-    QJsonObject client;
-    client[configKey::clientId] = clientId;
-
-    QJsonObject userData;
-    userData[configKey::clientName] = clientName;
-    client[configKey::userData] = userData;
-    m_clientsTable.push_back(client);
-    endResetModel();
-
-    const QByteArray clientsTableString = QJsonDocument(m_clientsTable).toJson();
-
-    ServerController serverController(m_settings);
-    const QString clientsTableFile =
-            QString("/opt/amnezia/%1/clientsTable").arg(ContainerProps::containerTypeToString(container));
-
-    error = serverController.uploadTextFileToContainer(container, credentials, clientsTableString, clientsTableFile);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to upload the clientsTable file to the server";
-    }
-
-    return error;
-}
-
-ErrorCode ClientManagementModel::renameClient(const int row, const QString &clientName, const DockerContainer container,
-                                              ServerCredentials credentials)
-{
-    auto client = m_clientsTable.at(row).toObject();
-    auto userData = client[configKey::userData].toObject();
-    userData[configKey::clientName] = clientName;
-    client[configKey::userData] = userData;
-
-    m_clientsTable.replace(row, client);
-    emit dataChanged(index(row, 0), index(row, 0));
-
-    const QByteArray clientsTableString = QJsonDocument(m_clientsTable).toJson();
-
-    ServerController serverController(m_settings);
-    const QString clientsTableFile =
-            QString("/opt/amnezia/%1/clientsTable").arg(ContainerProps::containerTypeToString(container));
-
-    ErrorCode error =
-            serverController.uploadTextFileToContainer(container, credentials, clientsTableString, clientsTableFile);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to upload the clientsTable file to the server";
-    }
-
-    return error;
-}
-
-ErrorCode ClientManagementModel::revokeClient(const int row, const DockerContainer container,
-                                              ServerCredentials credentials)
-{
-    if (container == DockerContainer::OpenVpn || container == DockerContainer::ShadowSocks
-        || container == DockerContainer::Cloak) {
-        return revokeOpenVpn(row, container, credentials);
-    } else if (container == DockerContainer::WireGuard || container == DockerContainer::Awg) {
-        return revokeWireGuard(row, container, credentials);
-    }
-    return ErrorCode::NoError;
-}
-
-ErrorCode ClientManagementModel::revokeOpenVpn(const int row, const DockerContainer container,
-                                               ServerCredentials credentials)
-{
-    auto client = m_clientsTable.at(row).toObject();
-    QString clientId = client.value(configKey::clientId).toString();
-
-    const QString getOpenVpnCertData = QString("sudo docker exec -i $CONTAINER_NAME bash -c '"
-                                               "cd /opt/amnezia/openvpn ;\\"
-                                               "easyrsa revoke %1 ;\\"
-                                               "easyrsa gen-crl ;\\"
-                                               "cp pki/crl.pem .'")
-                                               .arg(clientId);
-
-    ServerController serverController(m_settings);
-    const QString script =
-            serverController.replaceVars(getOpenVpnCertData, serverController.genVarsForScript(credentials, container));
-    ErrorCode error = serverController.runScript(credentials, script);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to revoke the certificate";
-        return error;
-    }
-
     beginRemoveRows(QModelIndex(), row, row);
-    m_clientsTable.removeAt(row);
+    m_content.removeAt(row);
     endRemoveRows();
-
-    const QByteArray clientsTableString = QJsonDocument(m_clientsTable).toJson();
-
-    const QString clientsTableFile =
-            QString("/opt/amnezia/%1/clientsTable").arg(ContainerProps::containerTypeToString(container));
-    error = serverController.uploadTextFileToContainer(container, credentials, clientsTableString, clientsTableFile);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to upload the clientsTable file to the server";
-        return error;
-    }
-
-    return ErrorCode::NoError;
-}
-
-ErrorCode ClientManagementModel::revokeWireGuard(const int row, const DockerContainer container,
-                                                 ServerCredentials credentials)
-{
-    ErrorCode error;
-    ServerController serverController(m_settings);
-
-    const QString wireGuardConfigFile =
-            QString("/opt/amnezia/%1/wg0.conf").arg(container == DockerContainer::WireGuard ? "wireguard" : "awg");
-    const QString wireguardConfigString =
-            serverController.getTextFileFromContainer(container, credentials, wireGuardConfigFile, &error);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to get the wg conf file from the server";
-        return error;
-    }
-
-    auto client = m_clientsTable.at(row).toObject();
-    QString clientId = client.value(configKey::clientId).toString();
-
-    auto configSections = wireguardConfigString.split("[", Qt::SkipEmptyParts);
-    for (auto &section : configSections) {
-        if (section.contains(clientId)) {
-            configSections.removeOne(section);
-            break;
-        }
-    }
-    QString newWireGuardConfig = configSections.join("[");
-    newWireGuardConfig.insert(0, "[");
-    error = serverController.uploadTextFileToContainer(container, credentials, newWireGuardConfig, wireGuardConfigFile);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to upload the wg conf file to the server";
-        return error;
-    }
-
-    beginRemoveRows(QModelIndex(), row, row);
-    m_clientsTable.removeAt(row);
-    endRemoveRows();
-
-    const QByteArray clientsTableString = QJsonDocument(m_clientsTable).toJson();
-
-    const QString clientsTableFile =
-            QString("/opt/amnezia/%1/clientsTable").arg(ContainerProps::containerTypeToString(container));
-    error = serverController.uploadTextFileToContainer(container, credentials, clientsTableString, clientsTableFile);
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to upload the clientsTable file to the server";
-        return error;
-    }
-
-    const QString script = "sudo docker exec -i $CONTAINER_NAME bash -c 'wg syncconf wg0 <(wg-quick strip %1)'";
-    error = serverController.runScript(
-            credentials,
-            serverController.replaceVars(script.arg(wireGuardConfigFile),
-                                         serverController.genVarsForScript(credentials, container)));
-    if (error != ErrorCode::NoError) {
-        logger.error() << "Failed to execute the command 'wg syncconf' on the server";
-        return error;
-    }
-
-    return ErrorCode::NoError;
+    return true;
 }
 
 QHash<int, QByteArray> ClientManagementModel::roleNames() const
 {
     QHash<int, QByteArray> roles;
-    roles[ClientNameRole] = "clientName";
+    roles[NameRole] = "clientName";
+    roles[OpenVpnCertIdRole] = "openvpnCertId";
+    roles[OpenVpnCertDataRole] = "openvpnCertData";
+    roles[WireGuardPublicKey] = "wireguardPublicKey";
     return roles;
 }

client/ui/models/clientManagementModel.h

@@ -2,48 +2,36 @@
 #define CLIENTMANAGEMENTMODEL_H
 
 #include <QAbstractListModel>
-#include <QJsonArray>
 
-#include "core/servercontroller.h"
-#include "settings.h"
+#include "protocols/protocols_defs.h"
 
 class ClientManagementModel : public QAbstractListModel
 {
     Q_OBJECT
 
 public:
-    enum Roles {
-        ClientNameRole = Qt::UserRole + 1,
+    enum ClientRoles {
+        NameRole = Qt::UserRole + 1,
+        OpenVpnCertIdRole,
+        OpenVpnCertDataRole,
+        WireGuardPublicKey,
     };
 
-    ClientManagementModel(std::shared_ptr<Settings> settings, QObject *parent = nullptr);
+    ClientManagementModel(QObject *parent = nullptr);
 
+    void clearData();
+    void setContent(const QVector<QVariant> &data);
+    QJsonObject getContent(amnezia::Proto protocol);
     int rowCount(const QModelIndex &parent = QModelIndex()) const override;
     QVariant data(const QModelIndex &index, int role = Qt::DisplayRole) const override;
-
-public slots:
-    ErrorCode updateModel(DockerContainer container, ServerCredentials credentials);
-    ErrorCode appendClient(const QString &clientId, const QString &clientName, const DockerContainer container,
-                           ServerCredentials credentials);
-    ErrorCode renameClient(const int row, const QString &userName, const DockerContainer container,
-                           ServerCredentials credentials);
-    ErrorCode revokeClient(const int index, const DockerContainer container, ServerCredentials credentials);
+    void setData(const QModelIndex &index, QVariant data, int role = Qt::DisplayRole);
+    bool removeRows(int row);
 
 protected:
     QHash<int, QByteArray> roleNames() const override;
 
 private:
-    bool isClientExists(const QString &clientId);
-
-    ErrorCode revokeOpenVpn(const int row, const DockerContainer container, ServerCredentials credentials);
-    ErrorCode revokeWireGuard(const int row, const DockerContainer container, ServerCredentials credentials);
-
-    ErrorCode getOpenVpnClients(ServerController &serverController, DockerContainer container, ServerCredentials credentials, int &count);
-    ErrorCode getWireGuardClients(ServerController &serverController, DockerContainer container, ServerCredentials credentials, int &count);
-
-    QJsonArray m_clientsTable;
-
-    std::shared_ptr<Settings> m_settings;
+    QVector<QVariant> m_content;
 };
 
 #endif // CLIENTMANAGEMENTMODEL_H

client/ui/models/servers_model.cpp

@@ -145,11 +145,6 @@ QString ServersModel::getCurrentlyProcessedServerHostName()
     return qvariant_cast<QString>(data(m_currentlyProcessedServerIndex, HostNameRole));
 }
 
-const ServerCredentials ServersModel::getCurrentlyProcessedServerCredentials()
-{
-    return serverCredentials(m_currentlyProcessedServerIndex);
-}
-
 bool ServersModel::isDefaultServerCurrentlyProcessed()
 {
     return m_defaultServerIndex == m_currentlyProcessedServerIndex;

client/ui/models/servers_model.h

@@ -53,7 +53,6 @@ public slots:
     int getCurrentlyProcessedServerIndex();
 
     QString getCurrentlyProcessedServerHostName();
-    const ServerCredentials getCurrentlyProcessedServerCredentials();
 
     void addServer(const QJsonObject &server);
     void removeServer();

client/ui/qml/Components/ShareConnectionDrawer.qml

@@ -112,30 +112,6 @@ DrawerType {
                     }
                 }
 
-                BasicButtonType {
-                    Layout.fillWidth: true
-                    Layout.topMargin: 8
-
-                    visible: nativeConfigString.text !== ""
-
-                    defaultColor: "transparent"
-                    hoveredColor: Qt.rgba(1, 1, 1, 0.08)
-                    pressedColor: Qt.rgba(1, 1, 1, 0.12)
-                    disabledColor: "#878B91"
-                    textColor: "#D7D8DB"
-                    borderWidth: 1
-
-                    text: qsTr("Copy config string")
-                    imageSource: "qrc:/images/controls/copy.svg"
-
-                    onClicked: {
-                        nativeConfigString.selectAll()
-                        nativeConfigString.copy()
-                        nativeConfigString.select(0, 0)
-                        PageController.showNotificationMessage(qsTr("Copied"))
-                    }
-                }
-
                 BasicButtonType {
                     Layout.fillWidth: true
                     Layout.topMargin: 24
@@ -194,12 +170,6 @@ DrawerType {
                             }
 
                             TextField {
-                                id: nativeConfigString
-                                visible: false
-                                text: ExportController.nativeConfigString
-                            }
-
-                            TextArea {
                                 id: configText
 
                                 Layout.fillWidth: true
@@ -243,6 +213,7 @@ DrawerType {
 
                     Image {
                         anchors.fill: parent
+                        anchors.margins: 2
                         smooth: false
 
                         source: ExportController.qrCodesCount ? ExportController.qrCodes[0] : ""

client/ui/qml/Controls2/SwitcherType.qml

@@ -87,7 +87,6 @@ Switch {
         id: content
 
         anchors.verticalCenter: parent.verticalCenter
-        anchors.left: parent.left
 
         ListItemTitleType {
             Layout.fillWidth: true

client/ui/qml/Pages2/PageSetupWizardCredentials.qml

@@ -54,7 +54,7 @@ PageType {
                     regularExpression: InstallController.ipAddressPortRegExp()
                 }
 
-                onFocusChanged: {
+                onTextFieldTextChanged: {
                     textField.text = textField.text.replace(/^\s+|\s+$/g, '');
                 }
             }
@@ -81,10 +81,6 @@ PageType {
                 clickedFunc: function() {
                     hidePassword = !hidePassword
                 }
-
-                onFocusChanged: {
-                    textField.text = textField.text.replace(/^\s+|\s+$/g, '');
-                }
             }
 
             BasicButtonType {
@@ -94,7 +90,6 @@ PageType {
                 text: qsTr("Continue")
 
                 onClicked: function() {
-                    forceActiveFocus()
                     if (!isCredentialsFilled()) {
                         return
                     }
@@ -117,7 +112,8 @@ PageType {
                 Layout.fillWidth: true
                 Layout.topMargin: 12
 
-                text: qsTr("All data you enter will remain strictly confidential and will not be shared or disclosed to the Amnezia or any third parties")
+                text: qsTr("All data you enter will remain strictly confidential
+and will not be shared or disclosed to the Amnezia or any third parties")
             }
         }
     }

client/ui/qml/Pages2/PageSetupWizardViewConfig.qml

@@ -24,7 +24,7 @@ PageType {
         }
 
         function onImportFinished() {
-            if (!ConnectionController.isConnected) {
+            if (ConnectionController.isConnected) {
                 ServersModel.setDefaultServerIndex(ServersModel.getServersCount() - 1);
             }
 

client/ui/qml/Pages2/PageShare.qml

@@ -18,28 +18,15 @@ PageType {
 
     enum ConfigType {
         AmneziaConnection,
+        AmneziaFullAccess,
         OpenVpn,
-        WireGuard,
-        ShadowSocks,
-        Cloak
-    }
-
-    signal revokeConfig(int index)
-    onRevokeConfig: function(index) {
-        PageController.showBusyIndicator(true)
-        ExportController.revokeConfig(index,
-                                      ContainersModel.getCurrentlyProcessedContainerIndex(),
-                                      ServersModel.getCurrentlyProcessedServerCredentials())
-        PageController.showBusyIndicator(false)
+        WireGuard
     }
 
     Connections {
         target: ExportController
 
         function onGenerateConfig(type) {
-            shareConnectionDrawer.headerText = qsTr("Connection to ") + serverSelector.text
-            shareConnectionDrawer.configContentHeaderText = qsTr("File with connection settings to ") + serverSelector.text
-
             shareConnectionDrawer.needCloseButton = false
 
             shareConnectionDrawer.open()
@@ -47,34 +34,28 @@ PageType {
             PageController.showBusyIndicator(true)
 
             switch (type) {
-            case PageShare.ConfigType.AmneziaConnection: ExportController.generateConnectionConfig(clientNameTextField.textFieldText); break;
+            case PageShare.ConfigType.AmneziaConnection: ExportController.generateConnectionConfig(); break;
+            case PageShare.ConfigType.AmneziaFullAccess: {
+                if (Qt.platform.os === "android") {
+                    ExportController.generateFullAccessConfigAndroid();
+                } else {
+                    ExportController.generateFullAccessConfig();
+                }
+                break;
+            }
             case PageShare.ConfigType.OpenVpn: {
-                ExportController.generateOpenVpnConfig(clientNameTextField.textFieldText)
+                ExportController.generateOpenVpnConfig();
                 shareConnectionDrawer.configCaption = qsTr("Save OpenVPN config")
                 shareConnectionDrawer.configExtension = ".ovpn"
                 shareConnectionDrawer.configFileName = "amnezia_for_openvpn"
-                break
+                break;
             }
             case PageShare.ConfigType.WireGuard: {
-                ExportController.generateWireGuardConfig(clientNameTextField.textFieldText)
+                ExportController.generateWireGuardConfig();
                 shareConnectionDrawer.configCaption = qsTr("Save WireGuard config")
                 shareConnectionDrawer.configExtension = ".conf"
                 shareConnectionDrawer.configFileName = "amnezia_for_wireguard"
-                break
-            }
-            case PageShare.ConfigType.ShadowSocks: {
-                ExportController.generateShadowSocksConfig()
-                shareConnectionDrawer.configCaption = qsTr("Save ShadowSocks config")
-                shareConnectionDrawer.configExtension = ".json"
-                shareConnectionDrawer.configFileName = "amnezia_for_shadowsocks"
-                break
-            }
-            case PageShare.ConfigType.Cloak: {
-                ExportController.generateCloakConfig()
-                shareConnectionDrawer.configCaption = qsTr("Save Cloak config")
-                shareConnectionDrawer.configExtension = ".json"
-                shareConnectionDrawer.configFileName = "amnezia_for_cloak"
-                break
+                break;
             }
             }
 
@@ -92,7 +73,8 @@ PageType {
         }
     }
 
-    property bool isSearchBarVisible: false
+    property string fullConfigServerSelectorText
+    property string connectionServerSelectorText
     property bool showContent: false
     property bool shareButtonEnabled: true
     property list<QtObject> connectionTypesModel: [
@@ -114,16 +96,6 @@ PageType {
         property string name: qsTr("WireGuard native format")
         property var type: PageShare.ConfigType.WireGuard
     }
-    QtObject {
-        id: shadowSocksConnectionFormat
-        property string name: qsTr("ShadowSocks native format")
-        property var type: PageShare.ConfigType.ShadowSocks
-    }
-    QtObject {
-        id: cloakConnectionFormat
-        property string name: qsTr("Cloak native format")
-        property var type: PageShare.ConfigType.Cloak
-    }
 
     FlickableType {
         anchors.top: parent.top
@@ -147,51 +119,6 @@ PageType {
                 Layout.topMargin: 24
 
                 headerText: qsTr("Share VPN Access")
-
-                actionButtonImage: "qrc:/images/controls/more-vertical.svg"
-                actionButtonFunction: function() {
-                    shareFullAccessDrawer.open()
-                }
-
-                DrawerType {
-                    id: shareFullAccessDrawer
-
-                    width: root.width
-                    height: root.height * 0.45
-
-
-                    ColumnLayout {
-                        anchors.top: parent.top
-                        anchors.left: parent.left
-                        anchors.right: parent.right
-                        anchors.topMargin: 16
-
-                        spacing: 0
-
-                        Header2Type {
-                            Layout.fillWidth: true
-                            Layout.bottomMargin: 16
-                            Layout.leftMargin: 16
-                            Layout.rightMargin: 16
-
-                            headerText: qsTr("Share full access to the server and VPN")
-                            descriptionText: qsTr("Use for your own devices, or share with those you trust to manage the server.")
-                        }
-
-
-                        LabelWithButtonType {
-                            Layout.fillWidth: true
-
-                            text: qsTr("Share")
-                            rightImageSource: "qrc:/images/controls/chevron-right.svg"
-
-                            clickedFunction: function() {
-                                PageController.goToPage(PageEnum.PageShareFullAccess)
-                                shareFullAccessDrawer.close()
-                            }
-                        }
-                    }
-                }
             }
 
             Rectangle {
@@ -220,21 +147,20 @@ PageType {
 
                         onClicked: {
                             accessTypeSelector.currentIndex = 0
+                            serverSelector.text = root.connectionServerSelectorText
                         }
                     }
 
                     HorizontalRadioButton {
-                        checked: accessTypeSelector.currentIndex === 1
+                        checked: root.currentIndex === 1
 
                         implicitWidth: (root.width - 32) / 2
-                        text: qsTr("Users")
+                        text: qsTr("Full access")
 
                         onClicked: {
                             accessTypeSelector.currentIndex = 1
-                            PageController.showBusyIndicator(true)
-                            ExportController.updateClientManagementModel(ContainersModel.getCurrentlyProcessedContainerIndex(),
-                                                                         ServersModel.getCurrentlyProcessedServerCredentials())
-                            PageController.showBusyIndicator(false)
+                            serverSelector.text = root.fullConfigServerSelectorText
+                            root.shareButtonEnabled = true
                         }
                     }
                 }
@@ -245,30 +171,16 @@ PageType {
                 Layout.topMargin: 24
                 Layout.bottomMargin: 24
 
-                visible: accessTypeSelector.currentIndex === 0
-
-                text: qsTr("Share VPN access without the ability to manage the server")
+                text: accessTypeSelector.currentIndex === 0 ? qsTr("Share VPN access without the ability to manage the server") :
+                                                              qsTr("Share access to server management. The user with whom you share full access to the server will be able to add and remove any protocols and services to the server, as well as change settings.")
                 color: "#878B91"
             }
 
-            TextFieldWithHeaderType {
-                id: clientNameTextField
-                Layout.fillWidth: true
-                Layout.topMargin: 16
-
-                visible: accessTypeSelector.currentIndex === 0
-
-                headerText: qsTr("User name")
-                textFieldText: "New client"
-
-                checkEmptyText: true
-            }
-
             DropDownType {
                 id: serverSelector
 
                 signal severSelectorIndexChanged
-                property int currentIndex: -1
+                property int currentIndex: 0
 
                 Layout.fillWidth: true
                 Layout.topMargin: 16
@@ -295,6 +207,8 @@ PageType {
                         ]
                     }
 
+                    currentIndex: 0
+
                     clickedFunction: function() {
                         handler()
 
@@ -303,17 +217,22 @@ PageType {
                             serverSelector.severSelectorIndexChanged()
                         }
 
+                        if (accessTypeSelector.currentIndex !== 0) {
+                            shareConnectionDrawer.headerText = qsTr("Accessing ") + serverSelector.text
+                            shareConnectionDrawer.configContentHeaderText = qsTr("File with accessing settings to ") + serverSelector.text
+                        }
                         serverSelector.menuVisible = false
                     }
 
                     Component.onCompleted: {
-                        serverSelectorListView.currentIndex = ServersModel.isDefaultServerHasWriteAccess() ?
-                                    proxyServersModel.mapFromSource(ServersModel.defaultIndex) : 0
-                        serverSelectorListView.triggerCurrentItem()
+                        handler()
+                        serverSelector.severSelectorIndexChanged()
                     }
 
                     function handler() {
                         serverSelector.text = selectedText
+                        root.fullConfigServerSelectorText = selectedText
+                        root.connectionServerSelectorText = selectedText
                         ServersModel.currentlyProcessedIndex = proxyServersModel.mapToSource(currentIndex)
                     }
                 }
@@ -322,6 +241,8 @@ PageType {
             DropDownType {
                 id: protocolSelector
 
+                visible: accessTypeSelector.currentIndex === 0
+
                 Layout.fillWidth: true
                 Layout.topMargin: 16
 
@@ -354,18 +275,22 @@ PageType {
                     currentIndex: 0
 
                     clickedFunction: function() {
-                        protocolSelectorListView.currentItem.y
-
                         handler()
 
                         protocolSelector.menuVisible = false
                     }
 
+                    Component.onCompleted: {
+                        if (accessTypeSelector.currentIndex === 0) {
+                            handler()
+                        }
+                    }
+
                     Connections {
                         target: serverSelector
 
                         function onSeverSelectorIndexChanged() {
-                            protocolSelectorListView.currentIndex = proxyContainersModel.mapFromSource(ContainersModel.getDefaultContainer())
+                            protocolSelectorListView.currentIndex = 0
                             protocolSelectorListView.triggerCurrentItem()
                         }
                     }
@@ -379,17 +304,13 @@ PageType {
                         }
 
                         protocolSelector.text = selectedText
+                        root.connectionServerSelectorText = serverSelector.text
 
+                        shareConnectionDrawer.headerText = qsTr("Connection to ") + serverSelector.text
+                        shareConnectionDrawer.configContentHeaderText = qsTr("File with connection settings to ") + serverSelector.text
                         ContainersModel.setCurrentlyProcessedContainerIndex(proxyContainersModel.mapToSource(currentIndex))
 
                         fillConnectionTypeModel()
-
-                        if (accessTypeSelector.currentIndex === 1) {
-                            PageController.showBusyIndicator(true)
-                            ExportController.updateClientManagementModel(ContainersModel.getCurrentlyProcessedContainerIndex(),
-                                                                         ServersModel.getCurrentlyProcessedServerCredentials())
-                            PageController.showBusyIndicator(false)
-                        }
                     }
 
                     function fillConnectionTypeModel() {
@@ -401,13 +322,6 @@ PageType {
                             root.connectionTypesModel.push(openVpnConnectionFormat)
                         } else if (index === ContainerProps.containerFromString("amnezia-wireguard")) {
                             root.connectionTypesModel.push(wireGuardConnectionFormat)
-                        } else if (index === ContainerProps.containerFromString("amnezia-shadowsocks")) {
-                            root.connectionTypesModel.push(openVpnConnectionFormat)
-                            root.connectionTypesModel.push(shadowSocksConnectionFormat)
-                        } else if (index === ContainerProps.containerFromString("amnezia-openvpn-cloak")) {
-                            root.connectionTypesModel.push(openVpnConnectionFormat)
-                            root.connectionTypesModel.push(shadowSocksConnectionFormat)
-                            root.connectionTypesModel.push(cloakConnectionFormat)
                         }
                     }
                 }
@@ -464,235 +378,18 @@ PageType {
                 Layout.topMargin: 40
 
                 enabled: shareButtonEnabled
-                visible: accessTypeSelector.currentIndex === 0
 
                 text: qsTr("Share")
                 imageSource: "qrc:/images/controls/share-2.svg"
 
                 onClicked: {
-                    ExportController.generateConfig(root.connectionTypesModel[exportTypeSelector.currentIndex].type)
-                }
-            }
-
-            Header2Type {
-                Layout.fillWidth: true
-                Layout.topMargin: 24
-                Layout.bottomMargin: 16
-
-                visible: accessTypeSelector.currentIndex === 1 && !root.isSearchBarVisible
-
-                headerText: qsTr("Users")
-                actionButtonImage: "qrc:/images/controls/search.svg"
-                actionButtonFunction: function() {
-                    root.isSearchBarVisible = true
-                }
-            }
-
-            RowLayout {
-                Layout.topMargin: 24
-                Layout.bottomMargin: 16
-                visible: accessTypeSelector.currentIndex === 1 && root.isSearchBarVisible
-
-                TextFieldWithHeaderType {
-                    id: searchTextField
-                    Layout.fillWidth: true
-
-                    textFieldPlaceholderText: qsTr("Search")
-                }
-
-                ImageButtonType {
-                    image: "qrc:/images/controls/close.svg"
-                    imageColor: "#D7D8DB"
-
-                    onClicked: function() {
-                        root.isSearchBarVisible = false
-                        searchTextField.textFieldText = ""
+                    if (accessTypeSelector.currentIndex === 0) {
+                        ExportController.generateConfig(root.connectionTypesModel[exportTypeSelector.currentIndex].type)
+                    } else {
+                        ExportController.generateConfig(PageShare.ConfigType.AmneziaFullAccess)
                     }
                 }
             }
-
-            ListView {
-                id: clientsListView
-                Layout.fillWidth: true
-                Layout.preferredHeight: childrenRect.height
-
-                visible: accessTypeSelector.currentIndex === 1
-
-                model: SortFilterProxyModel {
-                    id: proxyClientManagementModel
-                    sourceModel: ClientManagementModel
-                    filters: RegExpFilter {
-                        roleName: "clientName"
-                        pattern: ".*" + searchTextField.textFieldText + ".*"
-                        caseSensitivity: Qt.CaseInsensitive
-                    }
-                }
-
-                clip: true
-                interactive: false
-
-                delegate: Item {
-                    implicitWidth: clientsListView.width
-                    implicitHeight: delegateContent.implicitHeight
-
-                    ColumnLayout {
-                        id: delegateContent
-
-                        anchors.top: parent.top
-                        anchors.left: parent.left
-                        anchors.right: parent.right
-
-                        anchors.rightMargin: -16
-                        anchors.leftMargin: -16
-
-                        LabelWithButtonType {
-                            Layout.fillWidth: true
-
-                            text: clientName
-                            rightImageSource: "qrc:/images/controls/chevron-right.svg"
-
-                            clickedFunction: function() {
-                                clientInfoDrawer.open()
-                            }
-                        }
-
-                        DividerType {}
-
-                        DrawerType {
-                            id: clientInfoDrawer
-
-                            width: root.width
-                            height: root.height * 0.5
-
-                            ColumnLayout {
-                                anchors.top: parent.top
-                                anchors.left: parent.left
-                                anchors.right: parent.right
-                                anchors.topMargin: 16
-                                anchors.leftMargin: 16
-                                anchors.rightMargin: 16
-
-                                spacing: 8
-
-                                Header2Type {
-                                    Layout.fillWidth: true
-                                    Layout.bottomMargin: 24
-
-                                    headerText: clientName
-                                    descriptionText: serverSelector.text
-                                }
-
-                                BasicButtonType {
-                                    Layout.fillWidth: true
-                                    Layout.topMargin: 24
-
-                                    defaultColor: "transparent"
-                                    hoveredColor: Qt.rgba(1, 1, 1, 0.08)
-                                    pressedColor: Qt.rgba(1, 1, 1, 0.12)
-                                    disabledColor: "#878B91"
-                                    textColor: "#D7D8DB"
-                                    borderWidth: 1
-
-                                    text: qsTr("Rename")
-
-                                    onClicked: function() {
-                                        clientNameEditDrawer.open()
-                                    }
-
-                                    DrawerType {
-                                        id: clientNameEditDrawer
-
-                                        width: root.width
-                                        height: root.height * 0.35
-
-                                        onVisibleChanged: {
-                                            if (clientNameEditDrawer.visible) {
-                                                clientNameEditor.textField.forceActiveFocus()
-                                            }
-                                        }
-
-                                        ColumnLayout {
-                                            anchors.top: parent.top
-                                            anchors.left: parent.left
-                                            anchors.right: parent.right
-                                            anchors.topMargin: 16
-                                            anchors.leftMargin: 16
-                                            anchors.rightMargin: 16
-
-                                            TextFieldWithHeaderType {
-                                                id: clientNameEditor
-                                                Layout.fillWidth: true
-                                                headerText: qsTr("Client name")
-                                                textFieldText: clientName
-                                                textField.maximumLength: 30
-                                            }
-
-                                            BasicButtonType {
-                                                Layout.fillWidth: true
-
-                                                text: qsTr("Save")
-
-                                                onClicked: {
-                                                    if (clientNameEditor.textFieldText !== clientName) {
-                                                        PageController.showBusyIndicator(true)
-                                                        ExportController.renameClient(index,
-                                                                                      clientNameEditor.textFieldText,
-                                                                                      ContainersModel.getCurrentlyProcessedContainerIndex(),
-                                                                                      ServersModel.getCurrentlyProcessedServerCredentials())
-                                                        PageController.showBusyIndicator(false)
-                                                        clientNameEditDrawer.close()
-                                                    }
-                                                }
-                                            }
-                                        }
-                                    }
-                                }
-
-                                BasicButtonType {
-                                    Layout.fillWidth: true
-
-                                    defaultColor: "transparent"
-                                    hoveredColor: Qt.rgba(1, 1, 1, 0.08)
-                                    pressedColor: Qt.rgba(1, 1, 1, 0.12)
-                                    disabledColor: "#878B91"
-                                    textColor: "#D7D8DB"
-                                    borderWidth: 1
-
-                                    text: qsTr("Revoke")
-
-                                    onClicked: function() {
-                                        questionDrawer.headerText = qsTr("Revoke the config for a user - ") + clientName + "?"
-                                        questionDrawer.descriptionText = qsTr("The user will no longer be able to connect to your server.")
-                                        questionDrawer.yesButtonText = qsTr("Continue")
-                                        questionDrawer.noButtonText = qsTr("Cancel")
-
-                                        questionDrawer.yesButtonFunction = function() {
-                                            questionDrawer.close()
-                                            clientInfoDrawer.close()
-                                            root.revokeConfig(index)
-                                        }
-                                        questionDrawer.noButtonFunction = function() {
-                                            questionDrawer.close()
-                                        }
-                                        questionDrawer.open()
-                                    }
-                                }
-                            }
-                        }
-                    }
-                }
-            }
-
-            QuestionDrawer {
-                id: questionDrawer
-            }
-        }
-    }
-    MouseArea {
-        anchors.fill: parent
-        onPressed: function(mouse) {
-            forceActiveFocus()
-            mouse.accepted = false
         }
     }
 }

client/ui/qml/Pages2/PageShareFullAccess.qml

@@ -1,155 +0,0 @@
-import QtQuick
-import QtQuick.Controls
-import QtQuick.Layouts
-import QtQuick.Dialogs
-
-import SortFilterProxyModel 0.2
-
-import PageEnum 1.0
-import ContainerProps 1.0
-
-import "./"
-import "../Controls2"
-import "../Controls2/TextTypes"
-import "../Components"
-
-PageType {
-    id: root
-
-    BackButtonType {
-        id: backButton
-
-        anchors.top: parent.top
-        anchors.left: parent.left
-        anchors.right: parent.right
-        anchors.topMargin: 20
-    }
-
-    FlickableType {
-        anchors.top: backButton.bottom
-        anchors.bottom: parent.bottom
-        contentHeight: content.height
-
-        ColumnLayout {
-            id: content
-
-            anchors.top: parent.top
-            anchors.left: parent.left
-            anchors.right: parent.right
-
-            anchors.rightMargin: 16
-            anchors.leftMargin: 16
-
-            spacing: 0
-
-            HeaderType {
-                Layout.fillWidth: true
-                Layout.topMargin: 24
-
-                headerText: qsTr("Full access to the server and VPN")
-            }
-
-            ParagraphTextType {
-                Layout.fillWidth: true
-                Layout.topMargin: 24
-                Layout.bottomMargin: 24
-
-                text: qsTr("We recommend that you use full access to the server only for your own additional devices.\n") +
-                      qsTr("If you share full access with other people, they can remove and add protocols and services to the server, which will cause the VPN to work incorrectly for all users. ")
-                color: "#878B91"
-            }
-
-            DropDownType {
-                id: serverSelector
-
-                signal severSelectorIndexChanged
-                property int currentIndex: 0
-
-                Layout.fillWidth: true
-                Layout.topMargin: 16
-
-                drawerHeight: 0.4375
-
-                descriptionText: qsTr("Server")
-                headerText: qsTr("Server")
-
-                listView: ListViewWithRadioButtonType {
-                    id: serverSelectorListView
-
-                    rootWidth: root.width
-                    imageSource: "qrc:/images/controls/check.svg"
-
-                    model: SortFilterProxyModel {
-                        id: proxyServersModel
-                        sourceModel: ServersModel
-                        filters: [
-                            ValueFilter {
-                                roleName: "hasWriteAccess"
-                                value: true
-                            }
-                        ]
-                    }
-
-                    currentIndex: 0
-
-                    clickedFunction: function() {
-                        handler()
-
-                        if (serverSelector.currentIndex !== serverSelectorListView.currentIndex) {
-                            serverSelector.currentIndex = serverSelectorListView.currentIndex
-                        }
-
-                        shareConnectionDrawer.headerText = qsTr("Accessing ") + serverSelector.text
-                        shareConnectionDrawer.configContentHeaderText = qsTr("File with accessing settings to ") + serverSelector.text
-                        serverSelector.menuVisible = false
-                    }
-
-                    Component.onCompleted: {
-                        handler()
-                    }
-
-                    function handler() {
-                        serverSelector.text = selectedText
-                        ServersModel.currentlyProcessedIndex = proxyServersModel.mapToSource(currentIndex)
-                    }
-                }
-            }
-
-            BasicButtonType {
-                Layout.fillWidth: true
-                Layout.topMargin: 40
-
-                text: qsTr("Share")
-                imageSource: "qrc:/images/controls/share-2.svg"
-
-                onClicked: function() {
-                    shareConnectionDrawer.headerText = qsTr("Connection to ") + serverSelector.text
-                    shareConnectionDrawer.configContentHeaderText = qsTr("File with connection settings to ") + serverSelector.text
-
-                    shareConnectionDrawer.needCloseButton = false
-
-                    shareConnectionDrawer.open()
-                    shareConnectionDrawer.contentVisible = false
-                    PageController.showBusyIndicator(true)
-
-                    if (Qt.platform.os === "android") {
-                        ExportController.generateFullAccessConfigAndroid();
-                    } else {
-                        ExportController.generateFullAccessConfig();
-                    }
-
-                    PageController.showBusyIndicator(false)
-
-                    shareConnectionDrawer.needCloseButton = true
-                    PageController.showTopCloseButton(true)
-
-                    shareConnectionDrawer.contentVisible = true
-                }
-            }
-
-            ShareConnectionDrawer {
-                id: shareConnectionDrawer
-            }
-        }
-    }
-}

client/vpnconnection.cpp

@@ -227,15 +227,12 @@ QString VpnConnection::createVpnConfigurationForProto(int serverIndex, const Ser
         configData = lastVpnConfig.value(proto);
         configData = m_configurator->processConfigWithLocalSettings(serverIndex, container, proto, configData);
     } else {
-        QString clientId;
-        configData = m_configurator->genVpnProtocolConfig(credentials, container, containerConfig, proto, clientId, errorCode);
+        configData = m_configurator->genVpnProtocolConfig(credentials, container, containerConfig, proto, errorCode);
 
         if (errorCode && *errorCode) {
             return "";
         }
 
-        emit m_configurator->newVpnConfigCreated(clientId, "unnamed client", container, credentials);
-
         QString configDataBeforeLocalProcessing = configData;
 
         configData = m_configurator->processConfigWithLocalSettings(serverIndex, container, proto, configData);
@@ -326,7 +323,7 @@ void VpnConnection::connectToVpn(int serverIndex, const ServerCredentials &crede
     ErrorCode e = ErrorCode::NoError;
 
     m_vpnConfiguration = createVpnConfiguration(serverIndex, credentials, container, containerConfig, &e);
-
+    emit newVpnConfigurationCreated();
     if (e) {
         emit connectionStateChanged(Vpn::ConnectionState::Error);
         return;

client/vpnconnection.h

@@ -79,6 +79,8 @@ signals:
 
     void serviceIsNotReady();
 
+    void newVpnConfigurationCreated();
+
 protected slots:
     void onBytesChanged(quint64 receivedBytes, quint64 sentBytes);
     void onConnectionStateChanged(Vpn::ConnectionState state);

deploy/build_android.sh

@@ -12,13 +12,14 @@ Usage:
 Build AmneziaVPN android client. By default, a signed Android App Bundle (AAB) is built.
 
 Options:
- -d, --debug                Build debug version
- -a, --apk <abi>            Build APK for the specified ABI
-                            Available ABIs: 'x86', 'x86_64', 'armeabi-v7a', 'arm64-v8a'
- -p, --platform <platform>  The SDK platform used for building the Java code of the application
-                            By default, the latest available platform is used
- -m, --move                 Move the build result to the root of the build directory
- -h, --help                 Display this help
+ -d, --debug                      Build debug version
+ -a, --apk (<abi_list> | all)     Build APKs for the specified ABIs or for all available ABIs
+                                  Available ABIs: 'x86', 'x86_64', 'armeabi-v7a', 'arm64-v8a'
+                                  <abi_list> - list of ABIs delimited by ';'
+ -b, --build-platform <platform>  The SDK platform used for building the Java code of the application
+                                  By default, the latest available platform is used
+ -m, --move                       Move the build result to the root of the build directory
+ -h, --help                       Display this help
 
 EOT
 }
@@ -26,21 +27,25 @@ EOT
 BUILD_TYPE="release"
 AAB=1
 
-opts=$(getopt -l debug,apk:,platform:,move,help -o "da:p:mh" -- "$@")
+opts=$(getopt -l debug,apk:,build-platform:,move,help -o "da:b:mh" -- "$@")
 eval set -- "$opts"
 while true; do
   case "$1" in
     -d | --debug) BUILD_TYPE="debug"; shift;;
-    -a | --apk) ABI=$2; unset AAB; shift 2;;
-    -p | --platform) ANDROID_PLATFORM=$2; shift 2;;
+    -a | --apk) ABIS=$2; unset AAB; shift 2;;
+    -b | --build-platform) ANDROID_BUILD_PLATFORM=$2; shift 2;;
     -m | --move) MOVE_RESULT=1; shift;;
     -h | --help) usage; exit 0;;
     --) shift; break;;
   esac
 done
 
-if [[ -v ABI && ! "$ABI" =~ ^(x86|x86_64|armeabi-v7a|arm64-v8a)$ ]]; then
-  echo "The 'abi' option must be one of ['x86', 'x86_64', 'armeabi-v7a', 'arm64-v8a'], but is '$ABI'"
+# Validate ABIS parameter
+if [[ -v ABIS && \
+    ! "$ABIS" = "all" && \
+    ! "$ABIS" =~ ^((x86|x86_64|armeabi-v7a|arm64-v8a);)*(x86|x86_64|armeabi-v7a|arm64-v8a)$ ]]; then
+  echo "The 'apk' option must be a list of ['x86', 'x86_64', 'armeabi-v7a', 'arm64-v8a']" \
+       "delimited by ';' or 'all', but is '$ABIS'"
   exit 1
 fi
 
@@ -56,13 +61,19 @@ OUT_APP_DIR=$BUILD_DIR/client
 echo "Project dir: $PROJECT_DIR"
 echo "Build dir: $BUILD_DIR"
 
-if [ -v AAB ]; then
+# Determine path to qt bin folder with qt-cmake
+if [[ -v AAB || "$ABIS" = "all" ]]; then
   qt_bin_dir_suffix="x86_64"
 else
-  case $ABI in
+  if [[ $ABIS = *";"* ]]; then
+    oneOf=$(echo $ABIS | cut -d';' -f 1)
+  else
+    oneOf=$ABIS
+  fi
+  case $oneOf in
     "armeabi-v7a") qt_bin_dir_suffix="armv7";;
     "arm64-v8a") qt_bin_dir_suffix="arm64_v8a";;
-    *) qt_bin_dir_suffix=$ABI;;
+    *) qt_bin_dir_suffix=$oneOf;;
   esac
 fi
 # get real path
@@ -79,10 +90,10 @@ echo "Using Android NDK in $ANDROID_NDK_ROOT"
 # Run qt-cmake to configure build
 qt_cmake_opts=()
 
-if [ -v AAB ]; then
+if [[ -v AAB || "$ABIS" = "all" ]]; then
   qt_cmake_opts+=(-DQT_ANDROID_BUILD_ALL_ABIS=ON)
 else
-  qt_cmake_opts+=(-DQT_ANDROID_ABIS="$ABI")
+  qt_cmake_opts+=(-DQT_ANDROID_ABIS="$ABIS")
 fi
 
 # QT_NO_GLOBAL_APK_TARGET_PART_OF_ALL=ON - Skip building apks as part of the default 'ALL' target
@@ -95,7 +106,7 @@ $QT_BIN_DIR/qt-cmake -S $PROJECT_DIR -B $BUILD_DIR \
 # Build app
 cmake --build $BUILD_DIR --config $BUILD_TYPE
 
-# Build and package APK or AAB. If this is a release, then additionally sign the result.
+# Build and package APK or AAB
 echo "Building APK/AAB..."
 
 deployqt_opts=()
@@ -104,32 +115,52 @@ if [ -v AAB ]; then
   deployqt_opts+=(--aab)
 fi
 
-if [ -v ANDROID_PLATFORM ]; then
-  deployqt_opts+=(--android-platform "$ANDROID_PLATFORM")
+if [ -v ANDROID_BUILD_PLATFORM ]; then
+  deployqt_opts+=(--android-platform "$ANDROID_BUILD_PLATFORM")
 fi
 
 if [ "$BUILD_TYPE" = "release" ]; then
-  deployqt_opts+=(--release --sign)
+  deployqt_opts+=(--release)
 fi
 
+# for gradle to skip all tasks when it is executed by androiddeployqt
+# gradle is started later explicitly
+export ANDROIDDEPLOYQT_RUN=1
+
 $QT_HOST_PATH/bin/androiddeployqt \
   --input $OUT_APP_DIR/android-AmneziaVPN-deployment-settings.json \
   --output $OUT_APP_DIR/android-build \
-  --gradle \
   "${deployqt_opts[@]}"
 
+# run gradle
+gradle_opts=()
+
+if [ -v AAB ]; then
+  gradle_opts+=(bundle"${BUILD_TYPE^}")
+else
+  gradle_opts+=(assemble"${BUILD_TYPE^}")
+fi
+
+$OUT_APP_DIR/android-build/gradlew \
+  --project-dir $OUT_APP_DIR/android-build \
+  -DexplicitRun=1 \
+  "${gradle_opts[@]}"
+
 if [[ -v CI || -v MOVE_RESULT ]]; then
   echo "Moving APK/AAB..."
   if [ -v AAB ]; then
-    mv -u $OUT_APP_DIR/android-build/build/outputs/bundle/$BUILD_TYPE/android-build-$BUILD_TYPE.aab \
-       $PROJECT_DIR/deploy/build/AmneziaVPN-$BUILD_TYPE.aab
+    mv -u $OUT_APP_DIR/android-build/build/outputs/bundle/$BUILD_TYPE/AmneziaVPN-$BUILD_TYPE.aab \
+       $PROJECT_DIR/deploy/build/
   else
-    if [ "$BUILD_TYPE" = "release" ]; then
-      build_suffix="release-signed"
-    else
-      build_suffix=$BUILD_TYPE
+    if [ "$ABIS" = "all" ]; then
+      ABIS="x86;x86_64;armeabi-v7a;arm64-v8a"
     fi
-    mv -u $OUT_APP_DIR/android-build/build/outputs/apk/$BUILD_TYPE/android-build-$build_suffix.apk \
-       $PROJECT_DIR/deploy/build/AmneziaVPN-$ABI-$build_suffix.apk
+
+    IFS=';' read -r -a abi_array <<< "$ABIS"
+    for ABI in "${abi_array[@]}"
+    do
+      mv -u $OUT_APP_DIR/android-build/build/outputs/apk/$BUILD_TYPE/AmneziaVPN-$ABI-$BUILD_TYPE.apk \
+       $PROJECT_DIR/deploy/build/
+    done
   fi
 fi