Do not allow to add loopback/multicast/broadcast ips to split tunnel list

2026-06-30 05:56:08 +03:00 · 2024-06-28 15:25:53 +03:00
174 changed files with 4956 additions and 9462 deletions
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -65,13 +65,6 @@ jobs:
        path: deploy/AppDir
        retention-days: 7

-    - name: 'Upload translations artifact'
-      uses: actions/upload-artifact@v4
-      with:
-        name: AmneziaVPN_translations
-        path: client/translations
-        retention-days: 7
-
 # ------------------------------------------------------

  Build-Windows:
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)

 set(PROJECT AmneziaVPN)

-project(${PROJECT} VERSION 4.6.0.4
+project(${PROJECT} VERSION 4.5.3.0
        DESCRIPTION "AmneziaVPN"
        HOMEPAGE_URL "https://amnezia.org/"
 )
@@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
 set(RELEASE_DATE "${CURRENT_DATE}")

 set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
-set(APP_ANDROID_VERSION_CODE 55)
+set(APP_ANDROID_VERSION_CODE 52)

 if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
    set(MZ_PLATFORM_NAME "linux")
--- a/README.md
+++ b/README.md
@@ -6,42 +6,20 @@

 Amnezia is an open-source VPN client, with a key feature that enables you to deploy your own VPN server on your server.

-![Image](https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/uipic4.png)
-
-<br>
-
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_4.6.0.3_x64.exe"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/win.png" width="150" style="max-width: 100%;"></a> 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_4.6.0.3.dmg"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/mac.png" width="150" style="max-width: 100%;"></a> 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_Linux_4.6.0.3.tar.zip"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/lin.png" width="150" style="max-width: 100%;"></a>
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/tag/4.6.0.3"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/andr.png" width="150" style="max-width: 100%;"></a>
-
-<br>
-
-<a href="https://play.google.com/store/search?q=amnezia+vpn&c=apps"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/play.png" width="150" style="max-width: 100%;"></a>
-<a href="https://apps.apple.com/us/app/amneziavpn/id1600529900"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/apl.png" width="150" style="max-width: 100%;"></a>
-
-
-[All releases](https://github.com/amnezia-vpn/amnezia-client/releases)
-
-<br>
-
-
 ## Features

 - Very easy to use - enter your IP address, SSH login, and password, and Amnezia will automatically install VPN docker containers to your server and connect to the VPN.
- OpenVPN, Shadowsocks, WireGuard, and IKEv2 protocols support.
+- OpenVPN, ShadowSocks, WireGuard, and IKEv2 protocols support.
 - Masking VPN with OpenVPN over Cloak plugin
 - Split tunneling support - add any sites to the client to enable VPN only for them (only for desktops)
 - Windows, MacOS, Linux, Android, iOS releases.

 ## Links

- [https://amnezia.org](https://amnezia.org) - project website  
- [https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
- [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English) 
- [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Telegram support channel (Farsi) 
- [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Telegram support channel (Myanmar)  
- [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)  
+[https://amnezia.org](https://amnezia.org) - project website  
+[https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
+[https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English)  
+[https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)  

 ## Tech

@@ -49,7 +27,7 @@ AmneziaVPN uses several open-source projects to work:

 - [OpenSSL](https://www.openssl.org/)
 - [OpenVPN](https://openvpn.net/)
- [Shadowsocks](https://shadowsocks.org/)
+- [ShadowSocks](https://shadowsocks.org/)
 - [Qt](https://www.qt.io/)
 - [LibSsh](https://libssh.org) - forked from Qt Creator
 - and more...
@@ -66,19 +44,6 @@ git submodule update --init --recursive

 Want to contribute? Welcome!

-### Help with translations
-
-Download the most actual translation files.
-
-Go to ["Actions" tab](https://github.com/amnezia-vpn/amnezia-client/actions?query=is%3Asuccess+branch%3Adev), click on the first line.
-Then scroll down to the "Artifacts" section and download "AmneziaVPN_translations".
-
-Unzip this file.
-Each *.ts file contains strings for one corresponding language.
-
-Translate or correct some strings in one or multiple *.ts files and commit them back to this repository into the ``client/translations`` folder.
-You can do it via a web-interface or any other method you're familiar with.
-
 ### Building sources and deployment

 Check deploy folder for build scripts. 
@@ -87,7 +52,7 @@ Check deploy folder for build scripts.

 1. First, make sure you have [XCode](https://developer.apple.com/xcode/) installed, at least version 14 or higher.

-2. We use QT to generate the XCode project. We need QT version 6.6.2. Install QT for MacOS [here](https://doc.qt.io/qt-6/macos.html) or [QT Online Installer](https://www.qt.io/download-open-source). Required modules:
+2. We use QT to generate the XCode project. We need QT version 6.6.1. Install QT for MacOS [here](https://doc.qt.io/qt-6/macos.html) or [QT Online Installer](https://www.qt.io/download-open-source). Required modules:
   - MacOS
   - iOS
   - Qt 5 Compatibility Module
@@ -177,11 +142,10 @@ GPL v3.0

 ## Donate

-Patreon: [https://www.patreon.com/amneziavpn](https://www.patreon.com/amneziavpn)
-
-USDT BEP20: 0x6abD576765a826f87D1D95183438f9408C901bE4 <br>
-USDT TRC20: TELAitazF1MZGmiNjTcnxDjEiH5oe7LC9d <br>
+Bitcoin: bc1qn9rhsffuxwnhcuuu4qzrwp4upkrq94xnh8r26u  
 XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3  
+payeer.com: P2561305  
+ko-fi.com: [https://ko-fi.com/amnezia_vpn](https://ko-fi.com/amnezia_vpn)  

 ## Acknowledgments

--- a/client/3rd-prebuilt
+++ b/client/3rd-prebuilt
--- a/client/3rd/amneziawg-apple
+++ b/client/3rd/amneziawg-apple
--- a/client/amnezia_application.cpp
+++ b/client/amnezia_application.cpp
@@ -157,7 +157,6 @@ void AmneziaApplication::init()
    connect(this, &AmneziaApplication::translationsUpdated, m_notificationHandler.get(), &NotificationHandler::onTranslationsUpdated);
 #endif

-    m_engine->addImportPath("qrc:/ui/qml/Modules/");
    m_engine->load(url);
    m_systemController->setQmlRoot(m_engine->rootObjects().value(0));

--- a/client/android/AndroidManifest.xml
+++ b/client/android/AndroidManifest.xml
@@ -136,34 +136,8 @@
        </activity>

        <service
-            android:name=".AwgService"
-            android:process=":amneziaAwgService"
-            android:permission="android.permission.BIND_VPN_SERVICE"
-            android:foregroundServiceType="systemExempted"
-            android:exported="false"
-            tools:ignore="ForegroundServicePermission">
-
-            <intent-filter>
-                <action android:name="android.net.VpnService" />
-            </intent-filter>
-        </service>
-
-        <service
-            android:name=".OpenVpnService"
-            android:process=":amneziaOpenVpnService"
-            android:permission="android.permission.BIND_VPN_SERVICE"
-            android:foregroundServiceType="systemExempted"
-            android:exported="false"
-            tools:ignore="ForegroundServicePermission">
-
-            <intent-filter>
-                <action android:name="android.net.VpnService" />
-            </intent-filter>
-        </service>
-
-        <service
-            android:name=".XrayService"
-            android:process=":amneziaXrayService"
+            android:name=".AmneziaVpnService"
+            android:process=":amneziaVpnService"
            android:permission="android.permission.BIND_VPN_SERVICE"
            android:foregroundServiceType="systemExempted"
            android:exported="false"
--- a/client/android/build.gradle.kts
+++ b/client/android/build.gradle.kts
@@ -3,7 +3,6 @@ import com.android.build.gradle.internal.api.BaseVariantOutputImpl
 plugins {
    alias(libs.plugins.android.application)
    alias(libs.plugins.kotlin.android)
-    alias(libs.plugins.kotlin.serialization)
    id("property-delegate")
 }

@@ -69,12 +68,6 @@ android {
            }
            signingConfig = signingConfigs["release"]
        }
-
-        create("fdroid") {
-            initWith(getByName("release"))
-            signingConfig = null
-            matchingFallbacks += "release"
-        }
    }

    splits {
@@ -105,6 +98,7 @@ android {
 }

 dependencies {
+    implementation(fileTree(mapOf("dir" to "libs", "include" to listOf("*.jar", "*.aar"))))
    implementation(project(":qt"))
    implementation(project(":utils"))
    implementation(project(":protocolApi"))
@@ -112,11 +106,9 @@ dependencies {
    implementation(project(":awg"))
    implementation(project(":openvpn"))
    implementation(project(":cloak"))
-    implementation(project(":xray"))
    implementation(libs.androidx.core)
    implementation(libs.androidx.activity)
    implementation(libs.kotlinx.coroutines)
-    implementation(libs.kotlinx.serialization.protobuf)
    implementation(libs.bundles.androidx.camera)
    implementation(libs.google.mlkit)
    implementation(libs.androidx.datastore)
--- a/client/android/gradle/libs.versions.toml
+++ b/client/android/gradle/libs.versions.toml
@@ -8,7 +8,6 @@ androidx-camera = "1.3.0"
 androidx-security-crypto = "1.1.0-alpha06"
 androidx-datastore = "1.1.0-beta01"
 kotlinx-coroutines = "1.7.3"
-kotlinx-serialization = "1.6.3"
 google-mlkit = "17.2.0"

 [libraries]
@@ -22,7 +21,6 @@ androidx-camera-view = { module = "androidx.camera:camera-view", version.ref = "
 androidx-security-crypto = { module = "androidx.security:security-crypto-ktx", version.ref = "androidx-security-crypto" }
 androidx-datastore = { module = "androidx.datastore:datastore-preferences", version.ref = "androidx-datastore" }
 kotlinx-coroutines = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-android", version.ref = "kotlinx-coroutines" }
-kotlinx-serialization-protobuf = { module = "org.jetbrains.kotlinx:kotlinx-serialization-protobuf", version.ref = "kotlinx-serialization" }
 google-mlkit = { module = "com.google.mlkit:barcode-scanning", version.ref = "google-mlkit" }

 [bundles]
@@ -37,4 +35,3 @@ androidx-camera = [
 android-application = { id = "com.android.application", version.ref = "agp" }
 android-library = { id = "com.android.library", version.ref = "agp" }
 kotlin-android = { id = "org.jetbrains.kotlin.android", version.ref = "kotlin" }
-kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin"}
--- a/client/android/openvpn/src/main/kotlin/org/amnezia/vpn/protocol/openvpn/OpenVpn.kt
+++ b/client/android/openvpn/src/main/kotlin/org/amnezia/vpn/protocol/openvpn/OpenVpn.kt
@@ -1,13 +1,15 @@
 package org.amnezia.vpn.protocol.openvpn

+import android.content.Context
 import android.net.VpnService.Builder
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.cancel
+import kotlinx.coroutines.flow.MutableStateFlow
 import kotlinx.coroutines.launch
 import net.openvpn.ovpn3.ClientAPI_Config
 import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.Protocol
+import org.amnezia.vpn.protocol.ProtocolState
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
 import org.amnezia.vpn.protocol.VpnStartException
@@ -35,6 +37,7 @@ import org.json.JSONObject

 open class OpenVpn : Protocol() {

+    private lateinit var context: Context
    private var openVpnClient: OpenVpnClient? = null
    private lateinit var scope: CoroutineScope

@@ -50,11 +53,10 @@ open class OpenVpn : Protocol() {
            return Statistics.EMPTY_STATISTICS
        }

-    override fun internalInit() {
-        if (!isInitialized) loadSharedLibrary(context, "ovpn3")
-        if (this::scope.isInitialized) {
-            scope.cancel()
-        }
+    override fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
+        super.initialize(context, state, onError)
+        loadSharedLibrary(context, "ovpn3")
+        this.context = context
        scope = CoroutineScope(Dispatchers.IO)
    }

--- a/client/android/protocolApi/src/main/kotlin/Protocol.kt
+++ b/client/android/protocolApi/src/main/kotlin/Protocol.kt
@@ -27,21 +27,14 @@ private const val SPLIT_TUNNEL_EXCLUDE = 2
 abstract class Protocol {

    abstract val statistics: Statistics
-    protected lateinit var context: Context
    protected lateinit var state: MutableStateFlow<ProtocolState>
    protected lateinit var onError: (String) -> Unit
-    protected var isInitialized: Boolean = false

-    fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
-        this.context = context
+    open fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
        this.state = state
        this.onError = onError
-        internalInit()
-        isInitialized = true
    }

-    protected abstract fun internalInit()
-
    abstract fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)

    abstract fun stopVpn()
--- a/client/android/qt/build.gradle.kts
+++ b/client/android/qt/build.gradle.kts
@@ -21,5 +21,5 @@ android {
 }

 dependencies {
-    implementation(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar"))))
+    implementation(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar", "*.aar"))))
 }
--- a/client/android/res/mipmap-hdpi/icon.png
+++ b/client/android/res/mipmap-hdpi/icon.png
--- a/client/android/res/mipmap-hdpi/icon_round.png
+++ b/client/android/res/mipmap-hdpi/icon_round.png
--- a/client/android/res/mipmap-ldpi/icon.png
+++ b/client/android/res/mipmap-ldpi/icon.png
--- a/client/android/res/mipmap-ldpi/icon_round.png
+++ b/client/android/res/mipmap-ldpi/icon_round.png
--- a/client/android/res/mipmap-mdpi/icon.png
+++ b/client/android/res/mipmap-mdpi/icon.png
--- a/client/android/res/mipmap-mdpi/icon_round.png
+++ b/client/android/res/mipmap-mdpi/icon_round.png
--- a/client/android/res/mipmap-xhdpi/icon.png
+++ b/client/android/res/mipmap-xhdpi/icon.png
--- a/client/android/res/mipmap-xhdpi/icon_round.png
+++ b/client/android/res/mipmap-xhdpi/icon_round.png
--- a/client/android/res/mipmap-xxhdpi/icon.png
+++ b/client/android/res/mipmap-xxhdpi/icon.png
--- a/client/android/res/mipmap-xxhdpi/icon_round.png
+++ b/client/android/res/mipmap-xxhdpi/icon_round.png
--- a/client/android/res/mipmap-xxxhdpi/icon.png
+++ b/client/android/res/mipmap-xxxhdpi/icon.png
--- a/client/android/res/mipmap-xxxhdpi/icon_round.png
+++ b/client/android/res/mipmap-xxxhdpi/icon_round.png
--- a/client/android/settings.gradle.kts
+++ b/client/android/settings.gradle.kts
@@ -36,8 +36,6 @@ include(":wireguard")
 include(":awg")
 include(":openvpn")
 include(":cloak")
-include(":xray")
-include(":xray:libXray")

 // get values from gradle or local properties
 val androidBuildToolsVersion: String by gradleProperties
--- a/client/android/src/org/amnezia/vpn/AmneziaActivity.kt
+++ b/client/android/src/org/amnezia/vpn/AmneziaActivity.kt
@@ -34,7 +34,6 @@ import kotlinx.coroutines.CompletableDeferred
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.SupervisorJob
-import kotlinx.coroutines.async
 import kotlinx.coroutines.cancel
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.runBlocking
@@ -44,8 +43,6 @@ import org.amnezia.vpn.protocol.getStatus
 import org.amnezia.vpn.qt.QtAndroidController
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
-import org.json.JSONException
-import org.json.JSONObject
 import org.qtproject.qt.android.bindings.QtActivity

 private const val TAG = "AmneziaActivity"
@@ -62,7 +59,6 @@ class AmneziaActivity : QtActivity() {

    private lateinit var mainScope: CoroutineScope
    private val qtInitialized = CompletableDeferred<Unit>()
-    private var vpnProto: VpnProto? = null
    private var isWaitingStatus = true
    private var isServiceConnected = false
    private var isInBoundState = false
@@ -145,7 +141,6 @@ class AmneziaActivity : QtActivity() {
            override fun onBindingDied(name: ComponentName?) {
                Log.w(TAG, "Binding to the ${name?.flattenToString()} unexpectedly died")
                doUnbindService()
-                QtAndroidController.onServiceDisconnected()
                doBindService()
            }
        }
@@ -158,20 +153,15 @@ class AmneziaActivity : QtActivity() {
        super.onCreate(savedInstanceState)
        Log.d(TAG, "Create Amnezia activity: $intent")
        mainScope = CoroutineScope(SupervisorJob() + Dispatchers.Main.immediate)
-        val proto = mainScope.async(Dispatchers.IO) {
-            VpnStateStore.getVpnState().vpnProto
-        }
        vpnServiceMessenger = IpcMessenger(
            "VpnService",
            onDeadObjectException = {
                doUnbindService()
-                QtAndroidController.onServiceDisconnected()
                doBindService()
            }
        )
        registerBroadcastReceivers()
        intent?.let(::processIntent)
-        runBlocking { vpnProto = proto.await() }
    }

    private fun registerBroadcastReceivers() {
@@ -219,18 +209,13 @@ class AmneziaActivity : QtActivity() {
        Log.d(TAG, "Start Amnezia activity")
        mainScope.launch {
            qtInitialized.await()
-            vpnProto?.let { proto ->
-                if (AmneziaVpnService.isRunning(applicationContext, proto.processName)) {
-                    doBindService()
-                }
-            }
+            doBindService()
        }
    }

    override fun onStop() {
        Log.d(TAG, "Stop Amnezia activity")
        doUnbindService()
-        QtAndroidController.onServiceDisconnected()
        super.onStop()
    }

@@ -284,12 +269,10 @@ class AmneziaActivity : QtActivity() {
    @MainThread
    private fun doBindService() {
        Log.d(TAG, "Bind service")
-        vpnProto?.let { proto ->
-            Intent(this, proto.serviceClass).also {
-                bindService(it, serviceConnection, BIND_ABOVE_CLIENT and BIND_AUTO_CREATE)
-            }
-            isInBoundState = true
+        Intent(this, AmneziaVpnService::class.java).also {
+            bindService(it, serviceConnection, BIND_ABOVE_CLIENT and BIND_AUTO_CREATE)
        }
+        isInBoundState = true
    }

    @MainThread
@@ -297,6 +280,7 @@ class AmneziaActivity : QtActivity() {
        if (isInBoundState) {
            Log.d(TAG, "Unbind service")
            isWaitingStatus = true
+            QtAndroidController.onServiceDisconnected()
            isServiceConnected = false
            vpnServiceMessenger.send(Action.UNREGISTER_CLIENT, activityMessenger)
            vpnServiceMessenger.reset()
@@ -381,32 +365,13 @@ class AmneziaActivity : QtActivity() {

    @MainThread
    private fun startVpn(vpnConfig: String) {
-        getVpnProto(vpnConfig)?.let { proto ->
-            Log.d(TAG, "Proto from config: $proto, current proto: $vpnProto")
-            if (isServiceConnected) {
-                if (proto.serviceClass == vpnProto?.serviceClass) {
-                    vpnProto = proto
-                    connectToVpn(vpnConfig)
-                    return
-                }
-                doUnbindService()
-            }
-            vpnProto = proto
+        if (isServiceConnected) {
+            connectToVpn(vpnConfig)
+        } else {
            isWaitingStatus = false
-            startVpnService(vpnConfig, proto)
+            startVpnService(vpnConfig)
            doBindService()
-        } ?: QtAndroidController.onServiceError()
-    }
-
-    private fun getVpnProto(vpnConfig: String): VpnProto? = try {
-        require(vpnConfig.isNotBlank()) { "Blank VPN config" }
-        VpnProto.get(JSONObject(vpnConfig).getString("protocol"))
-    } catch (e: JSONException) {
-        Log.e(TAG, "Invalid VPN config json format: ${e.message}")
-        null
-    } catch (e: IllegalArgumentException) {
-        Log.e(TAG, "Protocol not found: ${e.message}")
-        null
+        }
    }

    private fun connectToVpn(vpnConfig: String) {
@@ -418,15 +383,15 @@ class AmneziaActivity : QtActivity() {
        }
    }

-    private fun startVpnService(vpnConfig: String, proto: VpnProto) {
-        Log.d(TAG, "Start VPN service: $proto")
-        Intent(this, proto.serviceClass).apply {
+    private fun startVpnService(vpnConfig: String) {
+        Log.d(TAG, "Start VPN service")
+        Intent(this, AmneziaVpnService::class.java).apply {
            putExtra(MSG_VPN_CONFIG, vpnConfig)
        }.also {
            try {
                ContextCompat.startForegroundService(this, it)
            } catch (e: SecurityException) {
-                Log.e(TAG, "Failed to start ${proto.serviceClass.simpleName}: $e")
+                Log.e(TAG, "Failed to start AmneziaVpnService: $e")
                QtAndroidController.onServiceError()
            }
        }
--- a/client/android/src/org/amnezia/vpn/AmneziaTileService.kt
+++ b/client/android/src/org/amnezia/vpn/AmneziaTileService.kt
@@ -39,9 +39,6 @@ class AmneziaTileService : TileService() {

    @Volatile
    private var isServiceConnected = false
-
-    @Volatile
-    private var vpnProto: VpnProto? = null
    private var isInBoundState = false
    @Volatile
    private var isVpnConfigExists = false
@@ -97,21 +94,16 @@ class AmneziaTileService : TileService() {

    override fun onStartListening() {
        super.onStartListening()
-        scope.launch {
-            Log.d(TAG, "Start listening")
-            vpnProto = VpnStateStore.getVpnState().vpnProto
-            vpnProto.also { proto ->
-                if (proto != null && AmneziaVpnService.isRunning(applicationContext, proto.processName)) {
-                    Log.d(TAG, "Vpn service is running")
-                    doBindService()
-                } else {
-                    Log.d(TAG, "Vpn service is not running")
-                    isServiceConnected = false
-                    updateVpnState(DISCONNECTED)
-                }
-            }
-            vpnStateListeningJob = launchVpnStateListening()
+        Log.d(TAG, "Start listening")
+        if (AmneziaVpnService.isRunning(applicationContext)) {
+            Log.d(TAG, "Vpn service is running")
+            doBindService()
+        } else {
+            Log.d(TAG, "Vpn service is not running")
+            isServiceConnected = false
+            updateVpnState(DISCONNECTED)
        }
+        vpnStateListeningJob = launchVpnStateListening()
    }

    override fun onStopListening() {
@@ -132,7 +124,7 @@ class AmneziaTileService : TileService() {
    }

    private fun onClickInternal() {
-        if (isVpnConfigExists && vpnProto != null) {
+        if (isVpnConfigExists) {
            Log.d(TAG, "Change VPN state")
            if (qsTile.state == Tile.STATE_INACTIVE) {
                Log.d(TAG, "Start VPN")
@@ -155,12 +147,10 @@ class AmneziaTileService : TileService() {

    private fun doBindService() {
        Log.d(TAG, "Bind service")
-        vpnProto?.let { proto ->
-            Intent(this, proto.serviceClass).also {
-                bindService(it, serviceConnection, BIND_ABOVE_CLIENT)
-            }
-            isInBoundState = true
+        Intent(this, AmneziaVpnService::class.java).also {
+            bindService(it, serviceConnection, BIND_ABOVE_CLIENT)
        }
+        isInBoundState = true
    }

    private fun doUnbindService() {
@@ -190,7 +180,6 @@ class AmneziaTileService : TileService() {
        if (VpnService.prepare(applicationContext) != null) {
            Intent(this, VpnRequestActivity::class.java).apply {
                addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
-                putExtra(EXTRA_PROTOCOL, vpnProto)
            }.also {
                startActivityAndCollapseCompat(it)
            }
@@ -200,16 +189,14 @@ class AmneziaTileService : TileService() {
        }

    private fun startVpnService() {
-        vpnProto?.let { proto ->
-            try {
-                ContextCompat.startForegroundService(
-                    applicationContext,
-                    Intent(this, proto.serviceClass)
-                )
-            } catch (e: SecurityException) {
-                Log.e(TAG, "Failed to start ${proto.serviceClass.simpleName}: $e")
-            }
-        } ?: Log.e(TAG, "Failed to start vpn service: vpnProto is null")
+        try {
+            ContextCompat.startForegroundService(
+                applicationContext,
+                Intent(this, AmneziaVpnService::class.java)
+            )
+        } catch (e: SecurityException) {
+            Log.e(TAG, "Failed to start AmneziaVpnService: $e")
+        }
    }

    private fun connectToVpn() = vpnServiceMessenger.send(Action.CONNECT)
@@ -233,8 +220,11 @@ class AmneziaTileService : TileService() {
        }
    }

-    private fun updateVpnState(state: ProtocolState) =
-        scope.launch { VpnStateStore.store { it.copy(protocolState = state) } }
+    private fun updateVpnState(state: ProtocolState) {
+        scope.launch {
+            VpnStateStore.store { it.copy(protocolState = state) }
+        }
+    }

    private fun launchVpnStateListening() =
        scope.launch { VpnStateStore.dataFlow().collectLatest(::updateTile) }
@@ -242,10 +232,9 @@ class AmneziaTileService : TileService() {
    private fun updateTile(vpnState: VpnState) {
        Log.d(TAG, "Update tile: $vpnState")
        isVpnConfigExists = vpnState.serverName != null
-        vpnProto = vpnState.vpnProto
        val tile = qsTile ?: return
        tile.apply {
-            label = (vpnState.serverName ?: DEFAULT_TILE_LABEL) + (vpnProto?.let { " ${it.label}" } ?: "")
+            label = vpnState.serverName ?: DEFAULT_TILE_LABEL
            when (val protocolState = vpnState.protocolState) {
                CONNECTED -> {
                    state = Tile.STATE_ACTIVE
--- a/client/android/src/org/amnezia/vpn/AmneziaVpnService.kt
+++ b/client/android/src/org/amnezia/vpn/AmneziaVpnService.kt
@@ -1,6 +1,5 @@
 package org.amnezia.vpn

-import android.annotation.SuppressLint
 import android.app.ActivityManager
 import android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND_SERVICE
 import android.app.NotificationManager
@@ -40,6 +39,7 @@ import kotlinx.coroutines.runBlocking
 import kotlinx.coroutines.withTimeout
 import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.LoadLibraryException
+import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
@@ -48,7 +48,11 @@ import org.amnezia.vpn.protocol.ProtocolState.RECONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.UNKNOWN
 import org.amnezia.vpn.protocol.VpnException
 import org.amnezia.vpn.protocol.VpnStartException
+import org.amnezia.vpn.protocol.awg.Awg
+import org.amnezia.vpn.protocol.cloak.Cloak
+import org.amnezia.vpn.protocol.openvpn.OpenVpn
 import org.amnezia.vpn.protocol.putStatus
+import org.amnezia.vpn.protocol.wireguard.Wireguard
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.amnezia.vpn.util.net.NetworkState
@@ -59,7 +63,6 @@ import org.json.JSONObject
 private const val TAG = "AmneziaVpnService"

 const val ACTION_DISCONNECT = "org.amnezia.vpn.action.disconnect"
-const val ACTION_CONNECT = "org.amnezia.vpn.action.connect"

 const val MSG_VPN_CONFIG = "VPN_CONFIG"
 const val MSG_ERROR = "ERROR"
@@ -70,18 +73,19 @@ const val AFTER_PERMISSION_CHECK = "AFTER_PERMISSION_CHECK"
 private const val PREFS_CONFIG_KEY = "LAST_CONF"
 private const val PREFS_SERVER_NAME = "LAST_SERVER_NAME"
 private const val PREFS_SERVER_INDEX = "LAST_SERVER_INDEX"
+private const val PROCESS_NAME = "org.amnezia.vpn:amneziaVpnService"
 // private const val STATISTICS_SENDING_TIMEOUT = 1000L
 private const val TRAFFIC_STATS_UPDATE_TIMEOUT = 1000L
 private const val DISCONNECT_TIMEOUT = 5000L
 private const val STOP_SERVICE_TIMEOUT = 5000L

-@SuppressLint("Registered")
-open class AmneziaVpnService : VpnService() {
+class AmneziaVpnService : VpnService() {

    private lateinit var mainScope: CoroutineScope
    private lateinit var connectionScope: CoroutineScope
    private var isServiceBound = false
-    private var vpnProto: VpnProto? = null
+    private var protocol: Protocol? = null
+    private val protocolCache = mutableMapOf<String, Protocol>()
    private var protocolState = MutableStateFlow(UNKNOWN)
    private var serverName: String? = null
    private var serverIndex: Int = -1
@@ -101,7 +105,7 @@ open class AmneziaVpnService : VpnService() {
    // private var statisticsSendingJob: Job? = null
    private lateinit var networkState: NetworkState
    private lateinit var trafficStats: TrafficStats
-    private var controlReceiver: BroadcastReceiver? = null
+    private var disconnectReceiver: BroadcastReceiver? = null
    private var notificationStateReceiver: BroadcastReceiver? = null
    private var screenOnReceiver: BroadcastReceiver? = null
    private var screenOffReceiver: BroadcastReceiver? = null
@@ -112,6 +116,7 @@ open class AmneziaVpnService : VpnService() {

    private val connectionExceptionHandler = CoroutineExceptionHandler { _, e ->
        protocolState.value = DISCONNECTED
+        protocol = null
        when (e) {
            is IllegalArgumentException,
            is VpnStartException,
@@ -222,8 +227,7 @@ open class AmneziaVpnService : VpnService() {
            connect(intent?.getStringExtra(MSG_VPN_CONFIG))
        }
        ServiceCompat.startForeground(
-            this, NOTIFICATION_ID,
-            serviceNotification.buildNotification(serverName, vpnProto?.label, protocolState.value),
+            this, NOTIFICATION_ID, serviceNotification.buildNotification(serverName, protocolState.value),
            foregroundServiceTypeCompat
        )
        return START_REDELIVER_INTENT
@@ -288,17 +292,9 @@ open class AmneziaVpnService : VpnService() {

    private fun registerBroadcastReceivers() {
        Log.d(TAG, "Register broadcast receivers")
-        controlReceiver = registerBroadcastReceiver(
-            arrayOf(ACTION_CONNECT, ACTION_DISCONNECT), ContextCompat.RECEIVER_NOT_EXPORTED
-        ) {
-            it?.action?.let { action ->
-                Log.d(TAG, "Broadcast request received: $action")
-                when (action) {
-                    ACTION_CONNECT -> connect()
-                    ACTION_DISCONNECT -> disconnect()
-                    else -> Log.w(TAG, "Unknown action received: $action")
-                }
-            }
+        disconnectReceiver = registerBroadcastReceiver(ACTION_DISCONNECT, ContextCompat.RECEIVER_NOT_EXPORTED) {
+            Log.d(TAG, "Broadcast request received: $ACTION_DISCONNECT")
+            disconnect()
        }

        notificationStateReceiver = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
@@ -344,10 +340,10 @@ open class AmneziaVpnService : VpnService() {

    private fun unregisterBroadcastReceivers() {
        Log.d(TAG, "Unregister broadcast receivers")
-        unregisterBroadcastReceiver(controlReceiver)
+        unregisterBroadcastReceiver(disconnectReceiver)
        unregisterBroadcastReceiver(notificationStateReceiver)
        unregisterScreenStateBroadcastReceivers()
-        controlReceiver = null
+        disconnectReceiver = null
        notificationStateReceiver = null
    }

@@ -360,7 +356,7 @@ open class AmneziaVpnService : VpnService() {
            protocolState.drop(1).collect { protocolState ->
                Log.d(TAG, "Protocol state changed: $protocolState")

-                serviceNotification.updateNotification(serverName, vpnProto?.label, protocolState)
+                serviceNotification.updateNotification(serverName, protocolState)

                clientMessengers.send {
                    ServiceEvent.STATUS_CHANGED.packToMessage {
@@ -368,7 +364,7 @@ open class AmneziaVpnService : VpnService() {
                    }
                }

-                VpnStateStore.store { VpnState(protocolState, serverName, serverIndex, vpnProto) }
+                VpnStateStore.store { VpnState(protocolState, serverName, serverIndex) }

                when (protocolState) {
                    CONNECTED -> {
@@ -425,7 +421,7 @@ open class AmneziaVpnService : VpnService() {
    @MainThread
    private fun enableNotification() {
        registerScreenStateBroadcastReceivers()
-        serviceNotification.updateNotification(serverName, vpnProto?.label, protocolState.value)
+        serviceNotification.updateNotification(serverName, protocolState.value)
        launchTrafficStatsUpdate()
    }

@@ -488,6 +484,8 @@ open class AmneziaVpnService : VpnService() {

        Log.d(TAG, "Start VPN connection")

+        protocolState.value = CONNECTING
+
        val config = parseConfigToJson(vpnConfig)
        saveServerData(config)
        if (config == null) {
@@ -496,16 +494,6 @@ open class AmneziaVpnService : VpnService() {
            return
        }

-        try {
-            vpnProto = VpnProto.get(config.getString("protocol"))
-        } catch (e: Exception) {
-            onError("Invalid VPN config: ${e.message}")
-            protocolState.value = DISCONNECTED
-            return
-        }
-
-        protocolState.value = CONNECTING
-
        if (!checkPermission()) {
            protocolState.value = DISCONNECTED
            return
@@ -515,10 +503,8 @@ open class AmneziaVpnService : VpnService() {
            disconnectionJob?.join()
            disconnectionJob = null

-            vpnProto?.protocol?.let { protocol ->
-                protocol.initialize(applicationContext, protocolState, ::onError)
-                protocol.startVpn(config, Builder(), ::protect)
-            }
+            protocol = getProtocol(config.getString("protocol"))
+            protocol?.startVpn(config, Builder(), ::protect)
        }
    }

@@ -534,8 +520,8 @@ open class AmneziaVpnService : VpnService() {
            connectionJob?.join()
            connectionJob = null

-            vpnProto?.protocol?.stopVpn()
-
+            protocol?.stopVpn()
+            protocol = null
            try {
                withTimeout(DISCONNECT_TIMEOUT) {
                    // waiting for disconnect state
@@ -557,10 +543,22 @@ open class AmneziaVpnService : VpnService() {
        protocolState.value = RECONNECTING

        connectionJob = connectionScope.launch {
-            vpnProto?.protocol?.reconnectVpn(Builder())
+            protocol?.reconnectVpn(Builder())
        }
    }

+    @MainThread
+    private fun getProtocol(protocolName: String): Protocol =
+        protocolCache[protocolName]
+            ?: when (protocolName) {
+                "wireguard" -> Wireguard()
+                "awg" -> Awg()
+                "openvpn" -> OpenVpn()
+                "cloak" -> Cloak()
+                else -> throw IllegalArgumentException("Protocol '$protocolName' not found")
+            }.apply { initialize(applicationContext, protocolState, ::onError) }
+                .also { protocolCache[protocolName] = it }
+
    /**
     * Utils methods
     */
@@ -605,7 +603,6 @@ open class AmneziaVpnService : VpnService() {
        if (prepare(applicationContext) != null) {
            Intent(this, VpnRequestActivity::class.java).apply {
                addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
-                putExtra(EXTRA_PROTOCOL, vpnProto)
            }.also {
                startActivity(it)
            }
@@ -615,9 +612,9 @@ open class AmneziaVpnService : VpnService() {
        }

    companion object {
-        fun isRunning(context: Context, processName: String): Boolean =
+        fun isRunning(context: Context): Boolean =
            context.getSystemService<ActivityManager>()!!.runningAppProcesses.any {
-                it.processName == processName && it.importance <= IMPORTANCE_FOREGROUND_SERVICE
+                it.processName == PROCESS_NAME && it.importance <= IMPORTANCE_FOREGROUND_SERVICE
            }
    }
 }
--- a/client/android/src/org/amnezia/vpn/AwgService.kt
+++ b/client/android/src/org/amnezia/vpn/AwgService.kt
@@ -1,3 +0,0 @@
-package org.amnezia.vpn
-
-class AwgService : AmneziaVpnService()
--- a/client/android/src/org/amnezia/vpn/CameraActivity.kt
+++ b/client/android/src/org/amnezia/vpn/CameraActivity.kt
@@ -140,7 +140,7 @@ class CameraActivity : ComponentActivity() {
                            }
                        }
                    }.addOnFailureListener {
-                        Log.e(TAG, "Processing QR code image failed: ${it.message}")
+                        Log.e(TAG, "Processing QR-code image failed: ${it.message}")
                    }.addOnCompleteListener {
                        imageProxy.close()
                    }
--- a/client/android/src/org/amnezia/vpn/OpenVpnService.kt
+++ b/client/android/src/org/amnezia/vpn/OpenVpnService.kt
@@ -1,3 +0,0 @@
-package org.amnezia.vpn
-
-class OpenVpnService : AmneziaVpnService()
--- a/client/android/src/org/amnezia/vpn/ServiceNotification.kt
+++ b/client/android/src/org/amnezia/vpn/ServiceNotification.kt
@@ -59,14 +59,14 @@ class ServiceNotification(private val context: Context) {
        formatSpeedString(rxString, txString)
    }

-    fun buildNotification(serverName: String?, protocol: String?, state: ProtocolState): Notification {
+    fun buildNotification(serverName: String?, state: ProtocolState): Notification {
        val speedString = if (state == CONNECTED) zeroSpeed else null

        Log.d(TAG, "Build notification: $serverName, $state")

        return notificationBuilder
            .setSmallIcon(R.drawable.ic_amnezia_round)
-            .setContentTitle((serverName ?: "AmneziaVPN") + (protocol?.let { " $it" } ?: ""))
+            .setContentTitle(serverName ?: "AmneziaVPN")
            .setContentText(context.getString(state))
            .setSubText(speedString)
            .setWhen(System.currentTimeMillis())
@@ -96,10 +96,10 @@ class ServiceNotification(private val context: Context) {
    }

    @SuppressLint("MissingPermission")
-    fun updateNotification(serverName: String?, protocol: String?, state: ProtocolState) {
+    fun updateNotification(serverName: String?, state: ProtocolState) {
        if (context.isNotificationPermissionGranted()) {
            Log.d(TAG, "Update notification: $serverName, $state")
-            notificationManager.notify(NOTIFICATION_ID, buildNotification(serverName, protocol, state))
+            notificationManager.notify(NOTIFICATION_ID, buildNotification(serverName, state))
        }
    }

@@ -125,7 +125,7 @@ class ServiceNotification(private val context: Context) {
                        context,
                        DISCONNECT_REQUEST_CODE,
                        Intent(ACTION_DISCONNECT).apply {
-                            setPackage(context.packageName)
+                            setPackage("org.amnezia.vpn")
                        },
                        PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT
                    )
@@ -135,12 +135,10 @@ class ServiceNotification(private val context: Context) {
            DISCONNECTED -> {
                Action(
                    0, context.getString(R.string.connect),
-                    PendingIntent.getBroadcast(
+                    createServicePendingIntent(
                        context,
                        CONNECT_REQUEST_CODE,
-                        Intent(ACTION_CONNECT).apply {
-                            setPackage(context.packageName)
-                        },
+                        Intent(context, AmneziaVpnService::class.java),
                        PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT
                    )
                )
@@ -150,6 +148,13 @@ class ServiceNotification(private val context: Context) {
        }
    }

+    private val createServicePendingIntent: (Context, Int, Intent, Int) -> PendingIntent =
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
+            PendingIntent::getForegroundService
+        } else {
+            PendingIntent::getService
+        }
+
    companion object {
        fun createNotificationChannel(context: Context) {
            with(NotificationManagerCompat.from(context)) {
--- a/client/android/src/org/amnezia/vpn/VpnProto.kt
+++ b/client/android/src/org/amnezia/vpn/VpnProto.kt
@@ -1,75 +0,0 @@
-package org.amnezia.vpn
-
-import org.amnezia.vpn.protocol.Protocol
-import org.amnezia.vpn.protocol.awg.Awg
-import org.amnezia.vpn.protocol.cloak.Cloak
-import org.amnezia.vpn.protocol.openvpn.OpenVpn
-import org.amnezia.vpn.protocol.wireguard.Wireguard
-import org.amnezia.vpn.protocol.xray.Xray
-
-enum class VpnProto(
-    val label: String,
-    val processName: String,
-    val serviceClass: Class<out AmneziaVpnService>
-) {
-    WIREGUARD(
-        "WireGuard",
-        "org.amnezia.vpn:amneziaAwgService",
-        AwgService::class.java
-    ) {
-        override fun createProtocol(): Protocol = Wireguard()
-    },
-
-    AWG(
-        "AmneziaWG",
-        "org.amnezia.vpn:amneziaAwgService",
-        AwgService::class.java
-    ) {
-        override fun createProtocol(): Protocol = Awg()
-    },
-
-    OPENVPN(
-        "OpenVPN",
-        "org.amnezia.vpn:amneziaOpenVpnService",
-        OpenVpnService::class.java
-    ) {
-        override fun createProtocol(): Protocol = OpenVpn()
-    },
-
-    CLOAK(
-        "Cloak",
-        "org.amnezia.vpn:amneziaOpenVpnService",
-        OpenVpnService::class.java
-    ) {
-        override fun createProtocol(): Protocol = Cloak()
-    },
-
-    XRAY(
-        "XRay",
-        "org.amnezia.vpn:amneziaXrayService",
-        XrayService::class.java
-    ) {
-        override fun createProtocol(): Protocol = Xray.instance
-    },
-
-    SSXRAY(
-        "SSXRay",
-        "org.amnezia.vpn:amneziaXrayService",
-        XrayService::class.java
-    ) {
-        override fun createProtocol(): Protocol = Xray.instance
-    };
-
-    private var _protocol: Protocol? = null
-    val protocol: Protocol
-        get() {
-            if (_protocol == null) _protocol = createProtocol()
-            return _protocol ?: throw AssertionError("Set to null by another thread")
-        }
-
-    protected abstract fun createProtocol(): Protocol
-
-    companion object {
-        fun get(protocolName: String): VpnProto = VpnProto.valueOf(protocolName.uppercase())
-    }
-}
--- a/client/android/src/org/amnezia/vpn/VpnRequestActivity.kt
+++ b/client/android/src/org/amnezia/vpn/VpnRequestActivity.kt
@@ -7,7 +7,6 @@ import android.content.Intent
 import android.content.res.Configuration.UI_MODE_NIGHT_MASK
 import android.content.res.Configuration.UI_MODE_NIGHT_YES
 import android.net.VpnService
-import android.os.Build
 import android.os.Bundle
 import android.provider.Settings
 import android.widget.Toast
@@ -19,11 +18,9 @@ import androidx.core.content.getSystemService
 import org.amnezia.vpn.util.Log

 private const val TAG = "VpnRequestActivity"
-const val EXTRA_PROTOCOL = "PROTOCOL"

 class VpnRequestActivity : ComponentActivity() {

-    private var vpnProto: VpnProto? = null
    private var userPresentReceiver: BroadcastReceiver? = null
    private val requestLauncher =
        registerForActivityResult(StartActivityForResult(), ::checkRequestResult)
@@ -31,12 +28,6 @@ class VpnRequestActivity : ComponentActivity() {
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        Log.d(TAG, "Start request activity")
-        vpnProto = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
-            intent.extras?.getSerializable(EXTRA_PROTOCOL, VpnProto::class.java)
-        } else {
-            @Suppress("DEPRECATION")
-            intent.extras?.getSerializable(EXTRA_PROTOCOL) as VpnProto
-        }
        val requestIntent = VpnService.prepare(applicationContext)
        if (requestIntent != null) {
            if (getSystemService<KeyguardManager>()!!.isKeyguardLocked) {
@@ -75,18 +66,10 @@ class VpnRequestActivity : ComponentActivity() {

    private fun onPermissionGranted() {
        Toast.makeText(this, resources.getString(R.string.vpnGranted), Toast.LENGTH_LONG).show()
-        vpnProto?.let { proto ->
-            Intent(applicationContext, proto.serviceClass).apply {
-                putExtra(AFTER_PERMISSION_CHECK, true)
-            }.also {
-                ContextCompat.startForegroundService(this, it)
-            }
-        } ?: run {
-            Intent(this, AmneziaActivity::class.java).apply {
-                addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
-            }.also {
-                startActivity(it)
-            }
+        Intent(applicationContext, AmneziaVpnService::class.java).apply {
+            putExtra(AFTER_PERMISSION_CHECK, true)
+        }.also {
+            ContextCompat.startForegroundService(this, it)
        }
    }

--- a/client/android/src/org/amnezia/vpn/VpnState.kt
+++ b/client/android/src/org/amnezia/vpn/VpnState.kt
@@ -1,22 +1,19 @@
 package org.amnezia.vpn

 import android.app.Application
-import androidx.datastore.core.CorruptionException
 import androidx.datastore.core.MultiProcessDataStoreFactory
 import androidx.datastore.core.Serializer
-import androidx.datastore.core.handlers.ReplaceFileCorruptionHandler
 import androidx.datastore.dataStoreFile
+import java.io.ByteArrayInputStream
+import java.io.ByteArrayOutputStream
 import java.io.InputStream
+import java.io.ObjectInputStream
+import java.io.ObjectOutputStream
 import java.io.OutputStream
+import java.io.Serializable
+import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.flow.Flow
-import kotlinx.coroutines.flow.catch
-import kotlinx.coroutines.flow.firstOrNull
-import kotlinx.serialization.ExperimentalSerializationApi
-import kotlinx.serialization.Serializable
-import kotlinx.serialization.SerializationException
-import kotlinx.serialization.decodeFromByteArray
-import kotlinx.serialization.encodeToByteArray
-import kotlinx.serialization.protobuf.ProtoBuf
+import kotlinx.coroutines.withContext
 import org.amnezia.vpn.protocol.ProtocolState
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.util.Log
@@ -24,14 +21,13 @@ import org.amnezia.vpn.util.Log
 private const val TAG = "VpnState"
 private const val STORE_FILE_NAME = "vpnState"

-@Serializable
 data class VpnState(
    val protocolState: ProtocolState,
    val serverName: String? = null,
-    val serverIndex: Int = -1,
-    val vpnProto: VpnProto? = null
-) {
+    val serverIndex: Int = -1
+) : Serializable {
    companion object {
+        private const val serialVersionUID: Long = -1760654961004181606
        val defaultState: VpnState = VpnState(DISCONNECTED)
    }
 }
@@ -41,11 +37,7 @@ object VpnStateStore {

    private val dataStore = MultiProcessDataStoreFactory.create(
        serializer = VpnStateSerializer(),
-        produceFile = { app.dataStoreFile(STORE_FILE_NAME) },
-        corruptionHandler = ReplaceFileCorruptionHandler { e ->
-            Log.e(TAG, "VpnState DataStore corrupted: $e")
-            VpnState.defaultState
-        }
+        produceFile = { app.dataStoreFile(STORE_FILE_NAME) }
    )

    fun init(app: Application) {
@@ -53,36 +45,36 @@ object VpnStateStore {
        this.app = app
    }

-    fun dataFlow(): Flow<VpnState> = dataStore.data.catch { e ->
-        Log.e(TAG, "Failed to read VpnState from store: ${e.message}")
-        emit(VpnState.defaultState)
-    }
-
-    suspend fun getVpnState(): VpnState = dataFlow().firstOrNull() ?: VpnState.defaultState
+    fun dataFlow(): Flow<VpnState> = dataStore.data

    suspend fun store(f: (vpnState: VpnState) -> VpnState) {
        try {
            dataStore.updateData(f)
-        } catch (e: Exception) {
+        } catch (e : Exception) {
            Log.e(TAG, "Failed to store VpnState: $e")
-            Log.w(TAG, "Remove DataStore file")
-            app.dataStoreFile(STORE_FILE_NAME).delete()
        }
    }
 }

-@OptIn(ExperimentalSerializationApi::class)
 private class VpnStateSerializer : Serializer<VpnState> {
    override val defaultValue: VpnState = VpnState.defaultState

-    override suspend fun readFrom(input: InputStream): VpnState = try {
-        ProtoBuf.decodeFromByteArray<VpnState>(input.readBytes())
-    } catch (e: SerializationException) {
-        Log.e(TAG, "Failed to deserialize data: $e")
-        throw CorruptionException("Failed to deserialize data", e)
+    override suspend fun readFrom(input: InputStream): VpnState {
+        return withContext(Dispatchers.IO) {
+            val bios = ByteArrayInputStream(input.readBytes())
+            ObjectInputStream(bios).use {
+                it.readObject() as VpnState
+            }
+        }
    }

-    @Suppress("BlockingMethodInNonBlockingContext")
-    override suspend fun writeTo(t: VpnState, output: OutputStream) =
-        output.write(ProtoBuf.encodeToByteArray(t))
+    override suspend fun writeTo(t: VpnState, output: OutputStream) {
+        withContext(Dispatchers.IO) {
+            val baos = ByteArrayOutputStream()
+            ObjectOutputStream(baos).use {
+                it.writeObject(t)
+            }
+            output.write(baos.toByteArray())
+        }
+    }
 }
--- a/client/android/src/org/amnezia/vpn/XrayService.kt
+++ b/client/android/src/org/amnezia/vpn/XrayService.kt
@@ -1,3 +0,0 @@
-package org.amnezia.vpn
-
-class XrayService : AmneziaVpnService()
--- a/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/Wireguard.kt
+++ b/client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/Wireguard.kt
@@ -1,9 +1,12 @@
 package org.amnezia.vpn.protocol.wireguard

+import android.content.Context
 import android.net.VpnService.Builder
 import java.util.TreeMap
+import kotlinx.coroutines.flow.MutableStateFlow
 import org.amnezia.awg.GoBackend
 import org.amnezia.vpn.protocol.Protocol
+import org.amnezia.vpn.protocol.ProtocolState
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
@@ -75,8 +78,9 @@ open class Wireguard : Protocol() {
            }
        }

-    override fun internalInit() {
-        if (!isInitialized) loadSharedLibrary(context, "wg-go")
+    override fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
+        super.initialize(context, state, onError)
+        loadSharedLibrary(context, "wg-go")
    }

    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
--- a/client/android/xray/build.gradle.kts
+++ b/client/android/xray/build.gradle.kts
@@ -1,19 +0,0 @@
-plugins {
-    id(libs.plugins.android.library.get().pluginId)
-    id(libs.plugins.kotlin.android.get().pluginId)
-}
-
-kotlin {
-    jvmToolchain(17)
-}
-
-android {
-    namespace = "org.amnezia.vpn.protocol.xray"
-}
-
-dependencies {
-    compileOnly(project(":utils"))
-    compileOnly(project(":protocolApi"))
-    implementation(project(":xray:libXray"))
-    implementation(libs.kotlinx.coroutines)
-}
--- a/client/android/xray/libXray/build.gradle.kts
+++ b/client/android/xray/libXray/build.gradle.kts
@@ -1,6 +0,0 @@
-@file:Suppress("UnstableApiUsage")
-
-configurations {
-    maybeCreate("default")
-}
-artifacts.add("default", file("libxray.aar"))
--- a/client/android/xray/src/main/kotlin/Xray.kt
+++ b/client/android/xray/src/main/kotlin/Xray.kt
@@ -1,239 +0,0 @@
-package org.amnezia.vpn.protocol.xray
-
-import android.content.Context
-import android.net.VpnService.Builder
-import java.io.File
-import java.io.IOException
-import go.Seq
-import org.amnezia.vpn.protocol.BadConfigException
-import org.amnezia.vpn.protocol.Protocol
-import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
-import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
-import org.amnezia.vpn.protocol.Statistics
-import org.amnezia.vpn.protocol.VpnStartException
-import org.amnezia.vpn.protocol.xray.libXray.DialerController
-import org.amnezia.vpn.protocol.xray.libXray.LibXray
-import org.amnezia.vpn.protocol.xray.libXray.Logger
-import org.amnezia.vpn.protocol.xray.libXray.Tun2SocksConfig
-import org.amnezia.vpn.util.Log
-import org.amnezia.vpn.util.net.InetNetwork
-import org.amnezia.vpn.util.net.parseInetAddress
-import org.json.JSONObject
-
-/**
- *    Config example:
- * {
- *     "appSplitTunnelType": 0,
- *     "config_version": 0,
- *     "description": "Server 1",
- *     "dns1": "1.1.1.1",
- *     "dns2": "1.0.0.1",
- *     "hostName": "100.100.100.0",
- *     "protocol": "xray",
- *     "splitTunnelApps": [],
- *     "splitTunnelSites": [],
- *     "splitTunnelType": 0,
- *     "xray_config_data": {
- *         "inbounds": [
- *             {
- *                 "listen": "127.0.0.1",
- *                 "port": 8080,
- *                 "protocol": "socks",
- *                 "settings": {
- *                     "udp": true
- *                 }
- *             }
- *         ],
- *         "log": {
- *             "loglevel": "error"
- *         },
- *         "outbounds": [
- *             {
- *                 "protocol": "vless",
- *                 "settings": {
- *                     "vnext": [
- *                         {
- *                             "address": "100.100.100.0",
- *                             "port": 443,
- *                             "users": [
- *                                 {
- *                                     "encryption": "none",
- *                                     "flow": "xtls-rprx-vision",
- *                                     "id": "id"
- *                                 }
- *                             ]
- *                         }
- *                     ]
- *                 },
- *                 "streamSettings": {
- *                     "network": "tcp",
- *                     "realitySettings": {
- *                         "fingerprint": "chrome",
- *                         "publicKey": "publicKey",
- *                         "serverName": "google.com",
- *                         "shortId": "id",
- *                         "spiderX": ""
- *                     },
- *                     "security": "reality"
- *                 }
- *             }
- *         ]
- *     }
- * }
- *
- */
-
-private const val TAG = "Xray"
-private const val LIBXRAY_TAG = "libXray"
-
-class Xray : Protocol() {
-
-    private var isRunning: Boolean = false
-    override val statistics: Statistics = Statistics.EMPTY_STATISTICS
-
-    override fun internalInit() {
-        Seq.setContext(context)
-        if (!isInitialized) {
-            LibXray.initLogger(object : Logger {
-                override fun warning(s: String) = Log.w(LIBXRAY_TAG, s)
-
-                override fun error(s: String) = Log.e(LIBXRAY_TAG, s)
-
-                override fun write(msg: ByteArray): Long {
-                    Log.w(LIBXRAY_TAG, String(msg))
-                    return msg.size.toLong()
-                }
-            }).isNotNullOrBlank { err ->
-                Log.w(TAG, "Failed to initialize logger: $err")
-            }
-        }
-    }
-
-    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
-        if (isRunning) {
-            Log.w(TAG, "XRay already running")
-            return
-        }
-
-        val xrayJsonConfig = config.optJSONObject("xray_config_data")
-            ?: config.optJSONObject("ssxray_config_data")
-            ?: throw BadConfigException("config_data not found")
-        val xrayConfig = parseConfig(config, xrayJsonConfig)
-
-        (xrayJsonConfig.optJSONObject("log") ?: JSONObject().also { xrayJsonConfig.put("log", it) })
-            .put("loglevel", "warning")
-            .put("access", "none") // disable access log
-
-        start(xrayConfig, xrayJsonConfig.toString(), vpnBuilder, protect)
-        state.value = CONNECTED
-        isRunning = true
-    }
-
-    private fun parseConfig(config: JSONObject, xrayJsonConfig: JSONObject): XrayConfig {
-        return XrayConfig.build {
-            addAddress(XrayConfig.DEFAULT_IPV4_ADDRESS)
-
-            config.optString("dns1").let {
-                if (it.isNotBlank()) addDnsServer(parseInetAddress(it))
-            }
-
-            config.optString("dns2").let {
-                if (it.isNotBlank()) addDnsServer(parseInetAddress(it))
-            }
-
-            addRoute(InetNetwork("0.0.0.0", 0))
-            addRoute(InetNetwork("2000::0", 3))
-            config.getString("hostName").let {
-                excludeRoute(InetNetwork(it, 32))
-            }
-
-            config.optString("mtu").let {
-                if (it.isNotBlank()) setMtu(it.toInt())
-            }
-
-            val socksConfig = xrayJsonConfig.getJSONArray("inbounds")[0] as JSONObject
-            socksConfig.getInt("port").let { setSocksPort(it) }
-
-            configSplitTunneling(config)
-            configAppSplitTunneling(config)
-        }
-    }
-
-    private fun start(config: XrayConfig, configJson: String, vpnBuilder: Builder, protect: (Int) -> Boolean) {
-        buildVpnInterface(config, vpnBuilder)
-
-        DialerController { protect(it.toInt()) }.also {
-            LibXray.registerDialerController(it).isNotNullOrBlank { err ->
-                throw VpnStartException("Failed to register dialer controller: $err")
-            }
-            LibXray.registerListenerController(it).isNotNullOrBlank { err ->
-                throw VpnStartException("Failed to register listener controller: $err")
-            }
-        }
-
-        vpnBuilder.establish().use { tunFd ->
-            if (tunFd == null) {
-                throw VpnStartException("Create VPN interface: permission not granted or revoked")
-            }
-            Log.d(TAG, "Run tun2Socks")
-            runTun2Socks(config, tunFd.detachFd())
-
-            Log.d(TAG, "Run XRay")
-            Log.i(TAG, "xray ${LibXray.xrayVersion()}")
-            val assetsPath = context.getDir("assets", Context.MODE_PRIVATE).absolutePath
-            LibXray.initXray(assetsPath)
-            val geoDir = File(assetsPath, "geo").absolutePath
-            val configPath = File(context.cacheDir, "config.json")
-            Log.d(TAG, "xray.location.asset: $geoDir")
-            Log.d(TAG, "config: $configPath")
-            try {
-                configPath.writeText(configJson)
-            } catch (e: IOException) {
-                LibXray.stopTun2Socks()
-                throw VpnStartException("Failed to write xray config: ${e.message}")
-            }
-            LibXray.runXray(geoDir, configPath.absolutePath, config.maxMemory).isNotNullOrBlank { err ->
-                LibXray.stopTun2Socks()
-                throw VpnStartException("Failed to start xray: $err")
-            }
-        }
-    }
-
-    override fun stopVpn() {
-        LibXray.stopXray().isNotNullOrBlank { err ->
-            Log.e(TAG, "Failed to stop XRay: $err")
-        }
-        LibXray.stopTun2Socks().isNotNullOrBlank { err ->
-            Log.e(TAG, "Failed to stop tun2Socks: $err")
-        }
-
-        isRunning = false
-        state.value = DISCONNECTED
-    }
-
-    override fun reconnectVpn(vpnBuilder: Builder) {
-        state.value = CONNECTED
-    }
-
-    private fun runTun2Socks(config: XrayConfig, fd: Int) {
-        val tun2SocksConfig = Tun2SocksConfig().apply {
-            mtu = config.mtu.toLong()
-            proxy = "socks5://127.0.0.1:${config.socksPort}"
-            device = "fd://$fd"
-            logLevel = "warning"
-        }
-        LibXray.startTun2Socks(tun2SocksConfig, fd.toLong()).isNotNullOrBlank { err ->
-            throw VpnStartException("Failed to start tun2socks: $err")
-        }
-    }
-
-    companion object {
-        val instance: Xray by lazy { Xray() }
-    }
-}
-
-private fun String?.isNotNullOrBlank(block: (String) -> Unit) {
-    if (!this.isNullOrBlank()) {
-        block(this)
-    }
-}
--- a/client/android/xray/src/main/kotlin/XrayConfig.kt
+++ b/client/android/xray/src/main/kotlin/XrayConfig.kt
@@ -1,42 +0,0 @@
-package org.amnezia.vpn.protocol.xray
-
-import org.amnezia.vpn.protocol.ProtocolConfig
-import org.amnezia.vpn.util.net.InetNetwork
-
-private const val XRAY_DEFAULT_MTU = 1500
-private const val XRAY_DEFAULT_MAX_MEMORY: Long = 50 shl 20 // 50 MB
-
-class XrayConfig protected constructor(
-    protocolConfigBuilder: ProtocolConfig.Builder,
-    val socksPort: Int,
-    val maxMemory: Long,
-) : ProtocolConfig(protocolConfigBuilder) {
-
-    protected constructor(builder: Builder) : this(
-        builder,
-        builder.socksPort,
-        builder.maxMemory
-    )
-
-    class Builder : ProtocolConfig.Builder(false) {
-        internal var socksPort: Int = 0
-            private set
-
-        internal var maxMemory: Long = XRAY_DEFAULT_MAX_MEMORY
-            private set
-
-        override var mtu: Int = XRAY_DEFAULT_MTU
-
-        fun setSocksPort(port: Int) = apply { socksPort = port }
-
-        fun setMaxMemory(maxMemory: Long) = apply { this.maxMemory = maxMemory }
-
-        override fun build(): XrayConfig = configBuild().run { XrayConfig(this@Builder) }
-    }
-
-    companion object {
-        internal val DEFAULT_IPV4_ADDRESS: InetNetwork = InetNetwork("10.0.42.2", 30)
-
-        inline fun build(block: Builder.() -> Unit): XrayConfig = Builder().apply(block).build()
-    }
-}
--- a/client/cmake/android.cmake
+++ b/client/cmake/android.cmake
@@ -52,6 +52,3 @@ foreach(abi IN ITEMS ${QT_ANDROID_ABIS})
        ${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/libssh/android/${abi}/libssh.so
    )
 endforeach()
-
-file(COPY ${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/xray/android/libxray.aar
-        DESTINATION ${CMAKE_CURRENT_SOURCE_DIR}/android/xray/libXray)
--- a/client/containers/containers_defs.cpp
+++ b/client/containers/containers_defs.cpp
@@ -90,7 +90,7 @@ QMap<DockerContainer, QString> ContainerProps::containerHumanNames()
 {
    return { { DockerContainer::None, "Not installed" },
             { DockerContainer::OpenVpn, "OpenVPN" },
-             { DockerContainer::ShadowSocks, "OpenVPN over SS" },
+             { DockerContainer::ShadowSocks, "ShadowSocks" },
             { DockerContainer::Cloak, "OpenVPN over Cloak" },
             { DockerContainer::WireGuard, "WireGuard" },
             { DockerContainer::Awg, "AmneziaWG" },
@@ -99,8 +99,8 @@ QMap<DockerContainer, QString> ContainerProps::containerHumanNames()
             { DockerContainer::SSXray, "ShadowSocks"},

             { DockerContainer::TorWebSite, QObject::tr("Website in Tor network") },
-             { DockerContainer::Dns, QObject::tr("AmneziaDNS") },
-             { DockerContainer::Sftp, QObject::tr("SFTP file sharing service") },
+             { DockerContainer::Dns, QObject::tr("Amnezia DNS") },
+             { DockerContainer::Sftp, QObject::tr("Sftp file sharing service") },
             { DockerContainer::Socks5Proxy, QObject::tr("SOCKS5 proxy server") } };
 }

@@ -110,7 +110,7 @@ QMap<DockerContainer, QString> ContainerProps::containerDescriptions()
               QObject::tr("OpenVPN is the most popular VPN protocol, with flexible configuration options. It uses its "
                           "own security protocol with SSL/TLS for key exchange.") },
             { DockerContainer::ShadowSocks,
-               QObject::tr("Shadowsocks - masks VPN traffic, making it similar to normal web traffic, but it "
+               QObject::tr("ShadowSocks - masks VPN traffic, making it similar to normal web traffic, but it "
                           "may be recognized by analysis systems in some highly censored regions.") },
             { DockerContainer::Cloak,
               QObject::tr("OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against "
@@ -127,7 +127,7 @@ QMap<DockerContainer, QString> ContainerProps::containerDescriptions()
               QObject::tr("XRay with REALITY - Suitable for countries with the highest level of internet censorship. "
                           "Traffic masking as web traffic at the TLS level, and protection against detection by active probing methods.") },
             { DockerContainer::Ipsec,
-               QObject::tr("IKEv2/IPsec -  Modern stable protocol, a bit faster than others, restores connection after "
+               QObject::tr("IKEv2 -  Modern stable protocol, a bit faster than others, restores connection after "
                           "signal loss. It has native support on the latest versions of Android and iOS.") },

             { DockerContainer::TorWebSite, QObject::tr("Deploy a WordPress site on the Tor network in two clicks.") },
@@ -164,6 +164,7 @@ QMap<DockerContainer, QString> ContainerProps::containerDetailedDescriptions()
                      "However, certain traffic analysis systems might still detect a Shadowsocks connection. "
                      "Due to limited support in Amnezia, it's recommended to use AmneziaWG protocol.\n\n"
                      "* Available in the AmneziaVPN only on desktop platforms\n"
+                      "* Normal power consumption on mobile devices\n\n"
                      "* Configurable encryption protocol\n"
                      "* Detectable by some DPI systems\n"
                      "* Works over TCP network protocol.") },
@@ -285,9 +286,8 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
    case DockerContainer::WireGuard: return true;
    case DockerContainer::OpenVpn: return true;
    case DockerContainer::Awg: return true;
-    case DockerContainer::Xray: return true;
-    case DockerContainer::Cloak: return true;
-    case DockerContainer::SSXray: return true;
+    case DockerContainer::Cloak:
+        return true;
        //    case DockerContainer::ShadowSocks: return true;
    default: return false;
    }
@@ -305,8 +305,6 @@ bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
    case DockerContainer::ShadowSocks: return false;
    case DockerContainer::Awg: return true;
    case DockerContainer::Cloak: return true;
-    case DockerContainer::Xray: return true;
-    case DockerContainer::SSXray: return true;
    default: return false;
    }

@@ -390,18 +388,3 @@ QJsonObject ContainerProps::getProtocolConfigFromContainer(const Proto protocol,

    return QJsonDocument::fromJson(protocolConfigString.toUtf8()).object();
 }
-
-int ContainerProps::installPageOrder(DockerContainer container)
-{
-    switch (container) {
-    case DockerContainer::OpenVpn: return 4;
-    case DockerContainer::Cloak: return 5;
-    case DockerContainer::ShadowSocks: return 6;
-    case DockerContainer::WireGuard: return 2;
-    case DockerContainer::Awg: return 1;
-    case DockerContainer::Xray: return 3;
-    case DockerContainer::Ipsec: return 7;
-    case DockerContainer::SSXray: return 8;
-    default: return 0;
-    }
-}
--- a/client/containers/containers_defs.h
+++ b/client/containers/containers_defs.h
@@ -72,8 +72,6 @@ namespace amnezia
        static bool isShareable(amnezia::DockerContainer container);

        static QJsonObject getProtocolConfigFromContainer(const amnezia::Proto protocol, const QJsonObject &containerConfig);
-
-        static int installPageOrder(amnezia::DockerContainer container);
    };

    static void declareQmlContainerEnum()
--- a/client/core/controllers/serverController.cpp
+++ b/client/core/controllers/serverController.cpp
@@ -106,7 +106,7 @@ ErrorCode ServerController::runContainerScript(const ServerCredentials &credenti
    if (e)
        return e;

-    QString runner = QString("sudo docker exec -i $CONTAINER_NAME %2 %1 ").arg(fileName, (container == DockerContainer::Socks5Proxy ? "sh" : "bash"));
+    QString runner = QString("sudo docker exec -i $CONTAINER_NAME sh %1 ").arg(fileName);
    e = runScript(credentials, replaceVars(runner, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);

    QString remover = QString("sudo docker exec -i $CONTAINER_NAME rm %1 ").arg(fileName);
--- a/client/core/errorstrings.cpp
+++ b/client/core/errorstrings.cpp
@@ -9,7 +9,7 @@ QString errorString(ErrorCode code) {

    // General error codes
    case(ErrorCode::NoError): errorMessage = QObject::tr("No error"); break;
-    case(ErrorCode::UnknownError): errorMessage = QObject::tr("Unknown error"); break;
+    case(ErrorCode::UnknownError): errorMessage = QObject::tr("Unknown Error"); break;
    case(ErrorCode::NotImplementedError): errorMessage = QObject::tr("Function not implemented"); break;
    case(ErrorCode::AmneziaServiceNotRunning): errorMessage = QObject::tr("Background service is not running"); break;

@@ -23,15 +23,15 @@ QString errorString(ErrorCode code) {
    case(ErrorCode::ServerPacketManagerError): errorMessage = QObject::tr("Server error: Packet manager error"); break;

    // Libssh errors
-    case(ErrorCode::SshRequestDeniedError): errorMessage = QObject::tr("SSH request was denied"); break;
-    case(ErrorCode::SshInterruptedError): errorMessage = QObject::tr("SSH request was interrupted"); break;
-    case(ErrorCode::SshInternalError): errorMessage = QObject::tr("SSH internal error"); break;
+    case(ErrorCode::SshRequestDeniedError): errorMessage = QObject::tr("Ssh request was denied"); break;
+    case(ErrorCode::SshInterruptedError): errorMessage = QObject::tr("Ssh request was interrupted"); break;
+    case(ErrorCode::SshInternalError): errorMessage = QObject::tr("Ssh internal error"); break;
    case(ErrorCode::SshPrivateKeyError): errorMessage = QObject::tr("Invalid private key or invalid passphrase entered"); break;
    case(ErrorCode::SshPrivateKeyFormatError): errorMessage = QObject::tr("The selected private key format is not supported, use openssh ED25519 key types or PEM key types"); break;
    case(ErrorCode::SshTimeoutError): errorMessage = QObject::tr("Timeout connecting to server"); break;

    // Ssh scp errors
-    case(ErrorCode::SshScpFailureError): errorMessage = QObject::tr("SCP error: Generic failure"); break;
+    case(ErrorCode::SshScpFailureError): errorMessage = QObject::tr("Scp error: Generic failure"); break;

    // Local errors
    case (ErrorCode::OpenVpnConfigMissing): errorMessage = QObject::tr("OpenVPN config missing"); break;
@@ -39,7 +39,7 @@ QString errorString(ErrorCode code) {

    // Distro errors
    case (ErrorCode::OpenVpnExecutableMissing): errorMessage = QObject::tr("OpenVPN executable missing"); break;
-    case (ErrorCode::ShadowSocksExecutableMissing): errorMessage = QObject::tr("Shadowsocks (ss-local) executable missing"); break;
+    case (ErrorCode::ShadowSocksExecutableMissing): errorMessage = QObject::tr("ShadowSocks (ss-local) executable missing"); break;
    case (ErrorCode::CloakExecutableMissing): errorMessage = QObject::tr("Cloak (ck-client) executable missing"); break;
    case (ErrorCode::AmneziaServiceConnectionFailed): errorMessage = QObject::tr("Amnezia helper service error"); break;
    case (ErrorCode::OpenSslFailed): errorMessage = QObject::tr("OpenSSL failed"); break;
--- a/client/fonts/Lato-Black.ttf
+++ b/client/fonts/Lato-Black.ttf
--- a/client/fonts/Lato-BlackItalic.ttf
+++ b/client/fonts/Lato-BlackItalic.ttf
--- a/client/fonts/Lato-Bold.ttf
+++ b/client/fonts/Lato-Bold.ttf
--- a/client/fonts/Lato-BoldItalic.ttf
+++ b/client/fonts/Lato-BoldItalic.ttf
--- a/client/fonts/Lato-Hairline.ttf
+++ b/client/fonts/Lato-Hairline.ttf
--- a/client/fonts/Lato-HairlineItalic.ttf
+++ b/client/fonts/Lato-HairlineItalic.ttf
--- a/client/fonts/Lato-Heavy.ttf
+++ b/client/fonts/Lato-Heavy.ttf
--- a/client/fonts/Lato-HeavyItalic.ttf
+++ b/client/fonts/Lato-HeavyItalic.ttf
--- a/client/fonts/Lato-Italic.ttf
+++ b/client/fonts/Lato-Italic.ttf
--- a/client/fonts/Lato-Light.ttf
+++ b/client/fonts/Lato-Light.ttf
--- a/client/fonts/Lato-LightItalic.ttf
+++ b/client/fonts/Lato-LightItalic.ttf
--- a/client/fonts/Lato-Medium.ttf
+++ b/client/fonts/Lato-Medium.ttf
--- a/client/fonts/Lato-MediumItalic.ttf
+++ b/client/fonts/Lato-MediumItalic.ttf
--- a/client/fonts/Lato-Regular.ttf
+++ b/client/fonts/Lato-Regular.ttf
--- a/client/fonts/Lato-Semibold.ttf
+++ b/client/fonts/Lato-Semibold.ttf
--- a/client/fonts/Lato-SemiboldItalic.ttf
+++ b/client/fonts/Lato-SemiboldItalic.ttf
--- a/client/fonts/Lato-Thin.ttf
+++ b/client/fonts/Lato-Thin.ttf
--- a/client/fonts/Lato-ThinItalic.ttf
+++ b/client/fonts/Lato-ThinItalic.ttf
--- a/client/ios/networkextension/CMakeLists.txt
+++ b/client/ios/networkextension/CMakeLists.txt
@@ -50,12 +50,10 @@ set_target_properties("networkextension" PROPERTIES
 find_library(FW_ASSETS_LIBRARY AssetsLibrary)
 find_library(FW_MOBILE_CORE MobileCoreServices)
 find_library(FW_UI_KIT UIKit)
-find_library(FW_LIBRESOLV libresolv.9.tbd)

 target_link_libraries(networkextension PRIVATE ${FW_ASSETS_LIBRARY})
 target_link_libraries(networkextension PRIVATE ${FW_MOBILE_CORE})
 target_link_libraries(networkextension PRIVATE ${FW_UI_KIT})
-target_link_libraries(networkextension PRIVATE ${FW_LIBRESOLV})

 target_compile_options(networkextension PRIVATE -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\")
 target_compile_options(networkextension PRIVATE -DNETWORK_EXTENSION=1)
@@ -82,16 +80,13 @@ target_sources(networkextension PRIVATE
    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/Array+ConcurrentMap.swift
    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/IPAddress+AddrInfo.swift
    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PrivateKey.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/HevSocksTunnel.swift
    ${CLIENT_ROOT_DIR}/platforms/ios/NELogController.swift
    ${CLIENT_ROOT_DIR}/platforms/ios/Log.swift
    ${CLIENT_ROOT_DIR}/platforms/ios/LogRecord.swift
    ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider.swift
    ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+WireGuard.swift
    ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+OpenVPN.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+Xray.swift
    ${CLIENT_ROOT_DIR}/platforms/ios/WGConfig.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/XrayConfig.swift
    ${CLIENT_ROOT_DIR}/platforms/ios/iosglue.mm
 )

@@ -119,5 +114,3 @@ target_include_directories(networkextension PRIVATE ${CLIENT_ROOT_DIR})
 target_include_directories(networkextension PRIVATE ${CMAKE_CURRENT_BINARY_DIR})

 target_link_libraries(networkextension PRIVATE ${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/wireguard/ios/arm64/libwg-go.a)
-
-target_link_libraries(networkextension PRIVATE ${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/xray/HevSocks5Tunnel.xcframework)
--- a/client/logger.cpp
+++ b/client/logger.cpp
@@ -33,10 +33,6 @@ void debugMessageHandler(QtMsgType type, const QMessageLogContext& context, cons
    }

    // Skip annoying messages from Qt
-    if (msg.contains("OpenType support missing for")) {
-        return;
-    }
-
    if (msg.startsWith("Unknown property") || msg.startsWith("Could not create pixmap") || msg.startsWith("Populating font") || msg.startsWith("stale focus object")) {
        return;
    }
--- a/client/platforms/ios/HevSocksTunnel.swift
+++ b/client/platforms/ios/HevSocksTunnel.swift
@@ -1,73 +0,0 @@
-import HevSocks5Tunnel
-
-public enum Socks5Tunnel {
-
-    private static var tunnelFileDescriptor: Int32? {
-        var ctlInfo = ctl_info()
-        withUnsafeMutablePointer(to: &ctlInfo.ctl_name) {
-            $0.withMemoryRebound(to: CChar.self, capacity: MemoryLayout.size(ofValue: $0.pointee)) {
-                _ = strcpy($0, "com.apple.net.utun_control")
-            }
-        }
-        for fd: Int32 in 0...1024 {
-            var addr = sockaddr_ctl()
-            var ret: Int32 = -1
-            var len = socklen_t(MemoryLayout.size(ofValue: addr))
-            withUnsafeMutablePointer(to: &addr) {
-                $0.withMemoryRebound(to: sockaddr.self, capacity: 1) {
-                    ret = getpeername(fd, $0, &len)
-                }
-            }
-            if ret != 0 || addr.sc_family != AF_SYSTEM {
-                continue
-            }
-            if ctlInfo.ctl_id == 0 {
-                ret = ioctl(fd, CTLIOCGINFO, &ctlInfo)
-                if ret != 0 {
-                    continue
-                }
-            }
-            if addr.sc_id == ctlInfo.ctl_id {
-                return fd
-            }
-        }
-        return nil
-    }
-
-    private static var interfaceName: String? {
-        guard let tunnelFileDescriptor = self.tunnelFileDescriptor else {
-            return nil
-        }
-        var buffer = [UInt8](repeating: 0, count: Int(IFNAMSIZ))
-        return buffer.withUnsafeMutableBufferPointer { mutableBufferPointer in
-            guard let baseAddress = mutableBufferPointer.baseAddress else {
-                return nil
-            }
-            var ifnameSize = socklen_t(IFNAMSIZ)
-            let result = getsockopt(
-                tunnelFileDescriptor,
-                2 /* SYSPROTO_CONTROL */,
-                2 /* UTUN_OPT_IFNAME */,
-                baseAddress,
-                &ifnameSize
-            )
-            if result == 0 {
-                return String(cString: baseAddress)
-            } else {
-                return nil
-            }
-        }
-    }
-
-    @discardableResult
-    public static func run(withConfig filePath: String) -> Int32 {
-        guard let fileDescriptor = self.tunnelFileDescriptor else {
-            fatalError("Get tunnel file descriptor failed.")
-        }
-        return hev_socks5_tunnel_main(filePath.cString(using: .utf8), fileDescriptor)
-    }
-
-    public static func quit() {
-        hev_socks5_tunnel_quit()
-    }
-}
--- a/client/platforms/ios/NELogController.swift
+++ b/client/platforms/ios/NELogController.swift
@@ -13,10 +13,6 @@ public func ovpnLog(_ type: OSLogType, title: String = "", message: String) {
    neLog(type, title: "OVPN: \(title)", message: message)
 }

-public func xrayLog(_ type: OSLogType, title: String = "", message: String) {
-    neLog(type, title: "XRAY: \(title)", message: message)
-}
-
 public func neLog(_ type: OSLogType, title: String = "", message: String) {
    Log.log(type, title: "NE: \(title)", message: message)
 }
--- a/client/platforms/ios/PacketTunnelProvider+Xray.swift
+++ b/client/platforms/ios/PacketTunnelProvider+Xray.swift
@@ -1,187 +0,0 @@
-import Foundation
-import NetworkExtension
-import WireGuardKitGo
-
-enum XrayErrors: Error {
-    case noXrayConfig
-    case xrayConfigIsWrong
-    case cantSaveXrayConfig
-    case cantParseListenAndPort
-    case cantSaveHevSocksConfig
-}
-
-extension Constants {
-    static let cachesDirectory: URL = {
-        if let cachesDirectoryURL = FileManager.default.urls(for: .cachesDirectory,
-                                                             in: .userDomainMask).first {
-            return cachesDirectoryURL
-        } else {
-            fatalError("Unable to retrieve caches directory.")
-        }
-    }()
-}
-
-extension PacketTunnelProvider {
-    func startXray(completionHandler: @escaping (Error?) -> Void) {
-
-        // Xray configuration
-        guard let protocolConfiguration = self.protocolConfiguration as? NETunnelProviderProtocol,
-              let providerConfiguration = protocolConfiguration.providerConfiguration,
-              let configData = providerConfiguration[Constants.xrayConfigKey] as? Data else {
-            xrayLog(.error, message: "Can't get xray configuration")
-            completionHandler(XrayErrors.noXrayConfig)
-            return
-        }
-
-        // Tunnel settings
-        let ipv6Enabled = false
-        let hideVPNIcon = false
-
-        let settings = NEPacketTunnelNetworkSettings(tunnelRemoteAddress: "254.1.1.1")
-        settings.mtu = 9000
-
-        settings.ipv4Settings = {
-            let settings = NEIPv4Settings(addresses: ["198.18.0.1"], subnetMasks: ["255.255.0.0"])
-            settings.includedRoutes = [NEIPv4Route.default()]
-            return settings
-        }()
-
-        settings.ipv6Settings = {
-            guard ipv6Enabled else {
-                return nil
-            }
-            let settings = NEIPv6Settings(addresses: ["fd6e:a81b:704f:1211::1"], networkPrefixLengths: [64])
-            settings.includedRoutes = [NEIPv6Route.default()]
-            if hideVPNIcon {
-                settings.excludedRoutes = [NEIPv6Route(destinationAddress: "::", networkPrefixLength: 128)]
-            }
-            return settings
-        }()
-
-        do {
-            let xrayConfig = try JSONDecoder().decode(XrayConfig.self,
-                                                      from: configData)
-
-            var dnsArray = [String]()
-            if let dns1 = xrayConfig.dns1 {
-                dnsArray.append(dns1)
-            }
-            if let dns2 = xrayConfig.dns2 {
-                dnsArray.append(dns2)
-            }
-
-            settings.dnsSettings = !dnsArray.isEmpty
-            ? NEDNSSettings(servers: dnsArray)
-            : NEDNSSettings(servers: ["1.1.1.1"])
-
-            let xrayConfigData = xrayConfig.config.data(using: .utf8)
-
-            guard let xrayConfigData else {
-                xrayLog(.error, message: "Can't encode config to data")
-                completionHandler(XrayErrors.xrayConfigIsWrong)
-                return
-            }
-
-            let jsonDict = try JSONSerialization.jsonObject(with: xrayConfigData,
-                                                            options: []) as? [String: Any]
-
-            guard var jsonDict else {
-                xrayLog(.error, message: "Can't parse address and port for hevSocks")
-                completionHandler(XrayErrors.cantParseListenAndPort)
-                return
-            }
-
-            let port = 10808
-            let address = "::1"
-
-            if var inboundsArray = jsonDict["inbounds"] as? [[String: Any]], !inboundsArray.isEmpty {
-                inboundsArray[0]["port"] = port
-                inboundsArray[0]["listen"] = address
-                jsonDict["inbounds"] = inboundsArray
-            }
-
-            let updatedData = try JSONSerialization.data(withJSONObject: jsonDict, options: [])
-
-            setTunnelNetworkSettings(settings) { [weak self] error in
-                if let error {
-                    completionHandler(error)
-                    return
-                }
-
-                // Launch xray
-                self?.setupAndStartXray(configData: updatedData) { xrayError in
-                    if let xrayError {
-                        completionHandler(xrayError)
-                        return
-                    }
-
-                    // Launch hevSocks
-                    self?.setupAndRunTun2socks(configData: updatedData,
-                                               address: address,
-                                               port: port,
-                                               completionHandler: completionHandler)
-                }
-            }
-        } catch {
-            completionHandler(error)
-            return
-        }
-    }
-
-    func stopXray(completionHandler: () -> Void) {
-        Socks5Tunnel.quit()
-        LibXrayStopXray()
-        completionHandler()
-    }
-
-    private func setupAndStartXray(configData: Data,
-                                   completionHandler: @escaping (Error?) -> Void) {
-        let path = Constants.cachesDirectory.appendingPathComponent("config.json", isDirectory: false).path
-        guard FileManager.default.createFile(atPath: path, contents: configData) else {
-            xrayLog(.error, message: "Can't save xray configuration")
-            completionHandler(XrayErrors.cantSaveXrayConfig)
-            return
-        }
-
-        LibXrayRunXray(nil,
-                       path,
-                       Int64.max)
-
-        completionHandler(nil)
-        xrayLog(.info, message: "Xray started")
-    }
-
-    private func setupAndRunTun2socks(configData: Data,
-                                      address: String,
-                                      port: Int,
-                                      completionHandler: @escaping (Error?) -> Void) {
-        let config = """
-        tunnel:
-          mtu: 9000
-        socks5:
-          port: \(port)
-          address: \(address)
-          udp: 'udp'
-        misc:
-          task-stack-size: 20480
-          connect-timeout: 5000
-          read-write-timeout: 60000
-          log-file: stderr
-          log-level: error
-          limit-nofile: 65535
-        """
-
-        let configurationFilePath = Constants.cachesDirectory.appendingPathComponent("config.yml", isDirectory: false).path
-        guard FileManager.default.createFile(atPath: configurationFilePath, contents: config.data(using: .utf8)!) else {
-            xrayLog(.info, message: "Cant save hevSocks configuration")
-            completionHandler(XrayErrors.cantSaveHevSocksConfig)
-            return
-        }
-
-        DispatchQueue.global().async {
-            xrayLog(.info, message: "Hev socks started")
-            completionHandler(nil)
-            Socks5Tunnel.run(withConfig: configurationFilePath)
-        }
-    }
-}
--- a/client/platforms/ios/PacketTunnelProvider.swift
+++ b/client/platforms/ios/PacketTunnelProvider.swift
@@ -5,8 +5,7 @@ import Darwin
 import OpenVPNAdapter

 enum TunnelProtoType: String {
-  case wireguard, openvpn, xray
-
+  case wireguard, openvpn
 }

 struct Constants {
@@ -14,7 +13,6 @@ struct Constants {
  static let processQueueName = "org.amnezia.process-packets"
  static let kActivationAttemptId = "activationAttemptId"
  static let ovpnConfigKey = "ovpn"
-  static let xrayConfigKey = "xray"
  static let wireGuardConfigKey = "wireguard"
  static let loggerTag = "NET"
  
@@ -93,8 +91,6 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
                protoType = .openvpn
            } else if (providerConfiguration?[Constants.wireGuardConfigKey] as? Data) != nil {
                protoType = .wireguard
-            } else if (providerConfiguration?[Constants.xrayConfigKey] as? Data) != nil {
-                protoType = .xray
            }
        }

@@ -111,9 +107,6 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
                           completionHandler: completionHandler)
        case .openvpn:
            startOpenVPN(completionHandler: completionHandler)
-        case .xray:
-            startXray(completionHandler: completionHandler)
-
        }
    }

@@ -131,8 +124,6 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
        case .openvpn:
            stopOpenVPN(with: reason,
                        completionHandler: completionHandler)
-        case .xray:
-            stopXray(completionHandler: completionHandler)
        }
    }
  
@@ -147,8 +138,6 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
            handleWireguardStatusMessage(messageData, completionHandler: completionHandler)
        case .openvpn:
            handleOpenVPNStatusMessage(messageData, completionHandler: completionHandler)
-        case .xray:
-            break;
        }
    }
  
--- a/client/platforms/ios/WGConfig.swift
+++ b/client/platforms/ios/WGConfig.swift
@@ -13,7 +13,7 @@ struct WGConfig: Decodable {
  let clientIP: String
  let clientPrivateKey: String
  let serverPublicKey: String
-  let presharedKey: String?
+  let presharedKey: String
  var allowedIPs: [String]
  var persistentKeepAlive: String
  let splitTunnelType: Int
@@ -65,7 +65,7 @@ struct WGConfig: Decodable {
    \(settings)
    [Peer]
    PublicKey = \(serverPublicKey)
-    \(presharedKey == nil ? "" : "PresharedKey = \(presharedKey!)")
+    PresharedKey = \(presharedKey)
    AllowedIPs = \(allowedIPs.joined(separator: ", "))
    Endpoint = \(hostName):\(port)
    PersistentKeepalive = \(persistentKeepAlive)
--- a/client/platforms/ios/XrayConfig.swift
+++ b/client/platforms/ios/XrayConfig.swift
@@ -1,7 +0,0 @@
-import Foundation
-
-struct XrayConfig: Decodable {
-    let dns1: String?
-    let dns2: String?
-    let config: String
-}
--- a/client/platforms/ios/ios_controller.h
+++ b/client/platforms/ios/ios_controller.h
@@ -72,12 +72,9 @@ private:
    bool setupCloak();
    bool setupWireGuard();
    bool setupAwg();
-    bool setupXray();
-    bool setupSSXray();

    bool startOpenVPN(const QString &config);
    bool startWireGuard(const QString &jsonConfig);
-    bool startXray(const QString &jsonConfig);

    void startTunnel();

--- a/client/platforms/ios/ios_controller.mm
+++ b/client/platforms/ios/ios_controller.mm
@@ -216,12 +216,6 @@ bool IosController::connectVpn(amnezia::Proto proto, const QJsonObject& configur
    if (proto == amnezia::Proto::Awg) {
        return setupAwg();
    }
-    if (proto == amnezia::Proto::Xray) {
-        return setupXray();
-    }
-    if (proto == amnezia::Proto::SSXray) {
-        return setupSSXray();
-    }

    return false;
 }
@@ -507,42 +501,6 @@ bool IosController::setupWireGuard()
    return startWireGuard(wgConfigDocStr);
 }

-bool IosController::setupXray()
-{
-    QJsonObject config = m_rawConfig[ProtocolProps::key_proto_config_data(amnezia::Proto::Xray)].toObject();
-    QJsonDocument xrayConfigDoc(config);
-
-    QString xrayConfigStr(xrayConfigDoc.toJson(QJsonDocument::Compact));
-
-    QJsonObject finalConfig;
-    finalConfig.insert(config_key::dns1, m_rawConfig[config_key::dns1].toString());
-    finalConfig.insert(config_key::dns2, m_rawConfig[config_key::dns2].toString());
-    finalConfig.insert(config_key::config, xrayConfigStr);
-
-    QJsonDocument finalConfigDoc(finalConfig);
-    QString finalConfigStr(finalConfigDoc.toJson(QJsonDocument::Compact));
-
-    return startXray(finalConfigStr);
-}
-
-bool IosController::setupSSXray()
-{
-    QJsonObject config = m_rawConfig[ProtocolProps::key_proto_config_data(amnezia::Proto::SSXray)].toObject();
-    QJsonDocument ssXrayConfigDoc(config);
-
-    QString ssXrayConfigStr(ssXrayConfigDoc.toJson(QJsonDocument::Compact));
-
-    QJsonObject finalConfig;
-    finalConfig.insert(config_key::dns1, m_rawConfig[config_key::dns1]);
-    finalConfig.insert(config_key::dns2, m_rawConfig[config_key::dns2]);
-    finalConfig.insert(config_key::config, ssXrayConfigStr);
-
-    QJsonDocument finalConfigDoc(finalConfig);
-    QString finalConfigStr(finalConfigDoc.toJson(QJsonDocument::Compact));
-
-    return startXray(finalConfigStr);
-}
-
 bool IosController::setupAwg()
 {
    QJsonObject config = m_rawConfig[ProtocolProps::key_proto_config_data(amnezia::Proto::Awg)].toObject();
@@ -632,20 +590,6 @@ bool IosController::startWireGuard(const QString &config)
    startTunnel();
 }

-bool IosController::startXray(const QString &config)
-{
-    qDebug() << "IosController::startXray";
-
-    NETunnelProviderProtocol *tunnelProtocol = [[NETunnelProviderProtocol alloc] init];
-    tunnelProtocol.providerBundleIdentifier = [NSString stringWithUTF8String:VPN_NE_BUNDLEID];
-    tunnelProtocol.providerConfiguration = @{@"xray": [[NSString stringWithUTF8String:config.toStdString().c_str()] dataUsingEncoding:NSUTF8StringEncoding]};
-    tunnelProtocol.serverAddress = m_serverAddress;
-
-    m_currentTunnel.protocolConfiguration = tunnelProtocol;
-
-    startTunnel();
-}
-
 void IosController::startTunnel()
 {
    NSString *protocolName = @"Unknown";
--- a/client/platforms/linux/daemon/wireguardutilslinux.cpp
+++ b/client/platforms/linux/daemon/wireguardutilslinux.cpp
@@ -139,7 +139,7 @@ bool WireguardUtilsLinux::addInterface(const InterfaceConfig& config) {
        if (config.m_killSwitchEnabled) {
            FirewallParams params { };
            params.dnsServers.append(config.m_dnsServer);
-            if (config.m_allowedIPAddressRanges.contains(IPAddress("0.0.0.0/0"))) {
+            if (config.m_allowedIPAddressRanges.at(0).toString() == "0.0.0.0/0"){
                params.blockAll = true;
                if (config.m_excludedAddresses.size()) {
                    params.allowNets = true;
--- a/client/platforms/macos/daemon/wireguardutilsmacos.cpp
+++ b/client/platforms/macos/daemon/wireguardutilsmacos.cpp
@@ -137,8 +137,7 @@ bool WireguardUtilsMacos::addInterface(const InterfaceConfig& config) {
      if (config.m_killSwitchEnabled) {
        FirewallParams params { };
        params.dnsServers.append(config.m_dnsServer);
-
-        if (config.m_allowedIPAddressRanges.contains(IPAddress("0.0.0.0/0"))) {
+        if (config.m_allowedIPAddressRanges.at(0).toString() == "0.0.0.0/0"){
          params.blockAll = true;
          if (config.m_excludedAddresses.size()) {
            params.allowNets = true;
--- a/client/protocols/ikev2_vpn_protocol_windows.cpp
+++ b/client/protocols/ikev2_vpn_protocol_windows.cpp
@@ -10,7 +10,6 @@
 #include "ikev2_vpn_protocol_windows.h"
 #include "utilities.h"

-
 static Ikev2Protocol* self = nullptr;
 static std::mutex rasDialFuncMutex;

@@ -81,10 +80,10 @@ void Ikev2Protocol::newConnectionStateEventReceived(UINT unMsg, tagRASCONNSTATE
    case RASCS_AuthNotify:
        //qDebug()<<__FUNCTION__ << __LINE__;
        if (dwError != 0) {
-            qDebug() << "have error" << dwError;
+            //qDebug() << "have error" << dwError;
            setConnectionState(Vpn::ConnectionState::Disconnected);
        } else {
-            qDebug() << "RASCS_AuthNotify but no error" << dwError;
+            //qDebug() << "RASCS_AuthNotify but no error" << dwError;
        }
        break;
    case RASCS_AuthRetry:
@@ -180,13 +179,11 @@ ErrorCode Ikev2Protocol::start()
    QByteArray cert = QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8());
    setConnectionState(Vpn::ConnectionState::Connecting);

-    QTemporaryFile * certFile = new QTemporaryFile;
-    certFile->setAutoRemove(false);
-    certFile->open();
-    QString m_filename = certFile->fileName();
-    certFile->write(cert);
-    certFile->close();
-    delete certFile;
+    QTemporaryFile certFile;
+    certFile.setAutoRemove(false);
+    certFile.open();
+    certFile.write(cert);
+    certFile.close();

    {
        auto certInstallProcess = IpcClient::CreatePrivilegedProcess();
@@ -196,19 +193,19 @@ ErrorCode Ikev2Protocol::start()
            return ErrorCode::AmneziaServiceConnectionFailed;
        }

-        certInstallProcess->waitForSource();
+        certInstallProcess->waitForSource(1000);
        if (!certInstallProcess->isInitialized()) {
            qWarning() << "IpcProcess replica is not connected!";
            setLastError(ErrorCode::AmneziaServiceConnectionFailed);
            return ErrorCode::AmneziaServiceConnectionFailed;
        }
        certInstallProcess->setProgram(PermittedProcess::CertUtil);
-
-        QStringList arguments({"-f", "-importpfx", "-p", m_config[config_key::password].toString(),
-            QDir::toNativeSeparators(m_filename), "NoExport"
-        });
-
+        QStringList arguments({"-f" , "-importpfx",
+                               "-p", m_config[config_key::password].toString(),
+                               certFile.fileName(), "NoExport"
+                              });
        certInstallProcess->setArguments(arguments);
+
        certInstallProcess->start();
    }
    // /*
@@ -222,40 +219,40 @@ ErrorCode Ikev2Protocol::start()
    }

    {
-     {
-      if ( !create_new_vpn(tunnelName(), m_config[config_key::hostName].toString())){
-                                                                                    qDebug() <<"Can't create the VPN connect";
-}
-}
-}
-
-{
-    QProcess adapterConfigProcess;
-    adapterConfigProcess.setProgram("powershell");
-    QString arguments = QString("-command \"Set-VpnConnectionIPsecConfiguration\" "
-                                "-ConnectionName '%1' "
-                                "-AuthenticationTransformConstants GCMAES128 "
-                                "-CipherTransformConstants GCMAES128 "
-                                "-EncryptionMethod AES256 "
-                                "-IntegrityCheckMethod SHA256 "
-                                "-PfsGroup None "
-                                "-DHGroup Group14 "
-                                "-PassThru -Force\"")
-                            .arg(tunnelName());
-
-    adapterConfigProcess.setNativeArguments(arguments);
-
-    adapterConfigProcess.start();
-    adapterConfigProcess.waitForFinished(5000);
-}
-//*/
-{
-    if (!connect_to_vpn(tunnelName())) {
-        qDebug()<<"We can't connect to VPN";
+        {
+            if ( !create_new_vpn(tunnelName(), m_config[config_key::hostName].toString())){
+                qDebug() <<"Can't create the VPN connect";
+            }
+        }
    }
-}
-//setConnectionState(Connecting);
-return ErrorCode::NoError;
+
+    {
+        auto adapterConfigProcess = new QProcess;
+
+        adapterConfigProcess->setProgram("powershell");
+        QString arguments = QString("-command \"Set-VpnConnectionIPsecConfiguration\" "
+                                    "-ConnectionName '%1' "
+                                    "-AuthenticationTransformConstants GCMAES128 "
+                                    "-CipherTransformConstants GCMAES128 "
+                                    "-EncryptionMethod AES256 "
+                                    "-IntegrityCheckMethod SHA256 "
+                                    "-PfsGroup None "
+                                    "-DHGroup Group14 "
+                                    "-PassThru -Force\"")
+                .arg(tunnelName());
+        adapterConfigProcess->setNativeArguments(arguments);
+
+        adapterConfigProcess->start();
+        adapterConfigProcess->waitForFinished(5000);
+    }
+    //*/
+    {
+        if (!connect_to_vpn(tunnelName())) {
+            qDebug()<<"We can't connect to VPN";
+        }
+    }
+    //setConnectionState(Connecting);
+    return ErrorCode::NoError;
 }
 //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 bool Ikev2Protocol::create_new_vpn(const QString & vpn_name,
@@ -302,7 +299,6 @@ bool Ikev2Protocol::connect_to_vpn(const QString & vpn_name){
    auto ret = RasDial(NULL, NULL, &RasDialParams, 0,
                       &RasDialFuncCallback,
                       &hRasConn);
-
    if (ret == ERROR_SUCCESS){
        return true;
    }
--- a/client/protocols/protocols_defs.cpp
+++ b/client/protocols/protocols_defs.cpp
@@ -77,7 +77,7 @@ QMap<amnezia::Proto, QString> ProtocolProps::protocolHumanNames()

             { Proto::TorWebSite, "Website in Tor network" },
             { Proto::Dns, "DNS Service" },
-             { Proto::Sftp, QObject::tr("SFTP service") },
+             { Proto::Sftp, QObject::tr("Sftp service") },
             { Proto::Socks5Proxy, QObject::tr("SOCKS5 proxy server") } };
 }

--- a/client/resources.qrc
+++ b/client/resources.qrc
@@ -11,6 +11,16 @@
        <file>images/tray/default.png</file>
        <file>images/tray/error.png</file>
        <file>images/arrow_left.png</file>
+        <file>fonts/Lato-Black.ttf</file>
+        <file>fonts/Lato-BlackItalic.ttf</file>
+        <file>fonts/Lato-Bold.ttf</file>
+        <file>fonts/Lato-BoldItalic.ttf</file>
+        <file>fonts/Lato-Italic.ttf</file>
+        <file>fonts/Lato-Light.ttf</file>
+        <file>fonts/Lato-LightItalic.ttf</file>
+        <file>fonts/Lato-Regular.ttf</file>
+        <file>fonts/Lato-Thin.ttf</file>
+        <file>fonts/Lato-ThinItalic.ttf</file>
        <file>images/AmneziaVPN.png</file>
        <file>images/share.png</file>
        <file>server_scripts/remove_container.sh</file>
@@ -85,6 +95,7 @@
        <file>server_scripts/check_user_in_sudo.sh</file>
        <file>ui/qml/Controls2/BasicButtonType.qml</file>
        <file>ui/qml/Controls2/TextFieldWithHeaderType.qml</file>
+        <file>fonts/pt-root-ui_vf.ttf</file>
        <file>ui/qml/Controls2/LabelWithButtonType.qml</file>
        <file>images/controls/arrow-right.svg</file>
        <file>images/controls/chevron-right.svg</file>
@@ -228,9 +239,6 @@
        <file>images/controls/alert-circle.svg</file>
        <file>images/controls/file-check-2.svg</file>
        <file>ui/qml/Controls2/WarningType.qml</file>
-        <file>fonts/pt-root-ui_vf.ttf</file>
-        <file>ui/qml/Modules/Style/qmldir</file>
-        <file>ui/qml/Modules/Style/AmneziaStyle.qml</file>
        <file>ui/qml/Pages2/PageServiceSocksProxySettings.qml</file>
        <file>server_scripts/socks5_proxy/run_container.sh</file>
        <file>server_scripts/socks5_proxy/Dockerfile</file>
--- a/client/settings.cpp
+++ b/client/settings.cpp
@@ -9,6 +9,18 @@
 #include "containers/containers_defs.h"
 #include "logger.h"

+namespace {
+
+// true if invalid address or ip matches either of localhost/multicast/broadcast
+bool isIpAddressReserved(const QString &ipStr)
+{
+  QHostAddress ip(ipStr);
+
+  return ip.isLoopback() || ip.isMulticast() || ip.isBroadcast();
+}
+
+}
+
 const char Settings::cloudFlareNs1[] = "1.1.1.1";
 const char Settings::cloudFlareNs2[] = "1.0.0.1";

@@ -272,6 +284,11 @@ bool Settings::addVpnSite(RouteMode mode, const QString &site, const QString &ip
    if (sites.contains(site) && ip.isEmpty())
        return false;

+    if (isIpAddressReserved(site))
+    {
+        return false;
+    }
+
    sites.insert(site, ip);
    setVpnSites(mode, sites);
    return true;
@@ -284,6 +301,11 @@ void Settings::addVpnSites(RouteMode mode, const QMap<QString, QString> &sites)
        const QString &site = i.key();
        const QString &ip = i.value();

+        if (isIpAddressReserved(site))
+        {
+            continue;
+        }
+
        if (allSites.contains(site) && allSites.value(site) == ip)
            continue;

--- a/client/translations/amneziavpn_ar_EG.ts
+++ b/client/translations/amneziavpn_ar_EG.ts
--- a/client/translations/amneziavpn_fa_IR.ts
+++ b/client/translations/amneziavpn_fa_IR.ts
--- a/client/translations/amneziavpn_hi_IN.ts
+++ b/client/translations/amneziavpn_hi_IN.ts
--- a/client/translations/amneziavpn_my_MM.ts
+++ b/client/translations/amneziavpn_my_MM.ts
--- a/client/translations/amneziavpn_ru_RU.ts
+++ b/client/translations/amneziavpn_ru_RU.ts
--- a/client/translations/amneziavpn_uk_UA.ts
+++ b/client/translations/amneziavpn_uk_UA.ts
--- a/client/translations/amneziavpn_ur_PK.ts
+++ b/client/translations/amneziavpn_ur_PK.ts
--- a/client/translations/amneziavpn_zh_CN.ts
+++ b/client/translations/amneziavpn_zh_CN.ts
--- a/client/ui/controllers/connectionController.cpp
+++ b/client/ui/controllers/connectionController.cpp
@@ -123,7 +123,7 @@ void ConnectionController::onConnectionStateChanged(Vpn::ConnectionState state)
 void ConnectionController::onCurrentContainerUpdated()
 {
    if (m_isConnected || m_isConnectionInProgress) {
-        emit reconnectWithUpdatedContainer(tr("Settings updated successfully, reconnnection..."));
+        emit reconnectWithUpdatedContainer(tr("Settings updated successfully, Reconnnection..."));
        openConnection();
    } else {
        emit reconnectWithUpdatedContainer(tr("Settings updated successfully"));
--- a/client/ui/controllers/sitesController.cpp
+++ b/client/ui/controllers/sitesController.cpp
@@ -35,7 +35,12 @@ void SitesController::addSite(QString hostname)
    }

    const auto &processSite = [this](const QString &hostname, const QString &ip) {
-        m_sitesModel->addSite(hostname, ip);
+        bool isAdded = m_sitesModel->addSite(hostname, ip);
+
+        if (!isAdded)
+        {
+          return false;
+        }

        if (!ip.isEmpty()) {
            QMetaObject::invokeMethod(m_vpnConnection.get(), "addRoutes", Qt::QueuedConnection,
@@ -45,6 +50,8 @@ void SitesController::addSite(QString hostname)
                                      Q_ARG(QStringList, QStringList() << hostname));
        }
        QMetaObject::invokeMethod(m_vpnConnection.get(), "flushDns", Qt::QueuedConnection);
+
+        return true;
    };

    const auto &resolveCallback = [this, processSite](const QHostInfo &hostInfo) {
@@ -57,14 +64,20 @@ void SitesController::addSite(QString hostname)
        }
    };

+    bool isSiteAdded = false;
    if (NetworkUtilities::ipAddressWithSubnetRegExp().exactMatch(hostname)) {
-        processSite(hostname, "");
+        isSiteAdded = processSite(hostname, "");
    } else {
-        processSite(hostname, "");
+        isSiteAdded = processSite(hostname, "");
        QHostInfo::lookupHost(hostname, this, resolveCallback);
    }

-    emit finished(tr("New site added: %1").arg(hostname));
+    if (isSiteAdded) {
+        emit finished(tr("New site added: %1").arg(hostname));
+    } else
+    {
+        emit finished(tr("Invalid address or ip matches either of localhost/multicast/broadcast: %1").arg(hostname));
+    }
 }

 void SitesController::removeSite(int index)
--- a/client/ui/models/containers_model.cpp
+++ b/client/ui/models/containers_model.cpp
@@ -41,7 +41,6 @@ QVariant ContainersModel::data(const QModelIndex &index, int role) const
    case IsCurrentlyProcessedRole: return container == static_cast<DockerContainer>(m_processedContainerIndex);
    case IsSupportedRole: return ContainerProps::isSupportedByCurrentPlatform(container);
    case IsShareableRole: return ContainerProps::isShareable(container);
-    case InstallPageOrderRole: return ContainerProps::installPageOrder(container);
    }

    return QVariant();
@@ -113,7 +112,5 @@ QHash<int, QByteArray> ContainersModel::roleNames() const
    roles[IsCurrentlyProcessedRole] = "isCurrentlyProcessed";
    roles[IsSupportedRole] = "isSupported";
    roles[IsShareableRole] = "isShareable";
-
-    roles[InstallPageOrderRole] = "installPageOrder";
    return roles;
 }
--- a/client/ui/models/containers_model.h
+++ b/client/ui/models/containers_model.h
@@ -31,9 +31,7 @@ public:
        IsCurrentlyProcessedRole,
        IsDefaultRole,
        IsSupportedRole,
-        IsShareableRole,
-
-        InstallPageOrderRole
+        IsShareableRole
    };

    int rowCount(const QModelIndex &parent = QModelIndex()) const override;
--- a/client/ui/models/languageModel.cpp
+++ b/client/ui/models/languageModel.cpp
@@ -92,9 +92,9 @@ int LanguageModel::getCurrentLanguageIndex()

 int LanguageModel::getLineHeightAppend()
 {
-    auto language = static_cast<LanguageSettings::AvailableLanguageEnum>(getCurrentLanguageIndex());
-    switch (language) {
-    case LanguageSettings::AvailableLanguageEnum::Burmese: return 10; break;
+    int langIndex = getCurrentLanguageIndex();
+    switch (langIndex) {
+    case 5: return 10; break; // Burmese
    default: return 0; break;
    }
 }
--- a/client/ui/qml/Components/ConnectButton.qml
+++ b/client/ui/qml/Components/ConnectButton.qml
@@ -6,14 +6,13 @@ import Qt5Compat.GraphicalEffects

 import ConnectionState 1.0
 import PageEnum 1.0
-import Style 1.0

 Button {
    id: root

-    property string defaultButtonColor: AmneziaStyle.color.white
-    property string progressButtonColor: AmneziaStyle.color.white
-    property string connectedButtonColor: AmneziaStyle.color.orange
+    property string defaultButtonColor: "#D7D8DB"
+    property string progressButtonColor: "#D7D8DB"
+    property string connectedButtonColor: "#FBB26A"

    implicitWidth: 190
    implicitHeight: 190
@@ -50,13 +49,13 @@ Button {
                verticalOffset: 0
                radius: 10
                samples: 25
-                color: root.activeFocus ? AmneziaStyle.color.white : AmneziaStyle.color.orange
+                color: root.activeFocus ? "#D7D8DB" : "#FBB26A"
                source: backgroundCircle
            }

            ShapePath {
-                fillColor: AmneziaStyle.color.transparent
-                strokeColor: AmneziaStyle.color.white
+                fillColor: "transparent"
+                strokeColor: "#D7D8DB"
                strokeWidth: root.activeFocus ? 1 : 0
                capStyle: ShapePath.RoundCap

@@ -71,10 +70,10 @@ Button {
            }

            ShapePath {
-                fillColor: AmneziaStyle.color.transparent
+                fillColor: "transparent"
                strokeColor: {
                    if (ConnectionController.isConnectionInProgress) {
-                        return AmneziaStyle.color.connectionInProgress
+                        return "#261E1A"
                    } else if (ConnectionController.isConnected) {
                        return connectedButtonColor
                    } else {
@@ -114,8 +113,8 @@ Button {
            visible: ConnectionController.isConnectionInProgress

            ShapePath {
-                fillColor: AmneziaStyle.color.transparent
-                strokeColor: AmneziaStyle.color.white
+                fillColor: "transparent"
+                strokeColor: "#D7D8DB"
                strokeWidth: 3
                capStyle: ShapePath.RoundCap

--- a/client/ui/qml/Components/HomeSplitTunnelingDrawer.qml
+++ b/client/ui/qml/Components/HomeSplitTunnelingDrawer.qml
@@ -14,7 +14,7 @@ DrawerType2 {
    property bool isAppSplitTinnelingEnabled: Qt.platform.os === "windows" || Qt.platform.os === "android"

    anchors.fill: parent
-    expandedHeight: parent.height * 0.9
+    expandedHeight: parent.height * 0.7

    expandedContent: ColumnLayout {
        id: content
--- a/client/ui/qml/Components/InstalledAppsDrawer.qml
+++ b/client/ui/qml/Components/InstalledAppsDrawer.qml
@@ -8,7 +8,6 @@ import "../Controls2/TextTypes"
 import SortFilterProxyModel 0.2

 import InstalledAppsModel 1.0
-import Style 1.0

 DrawerType2 {
    id: root
@@ -134,7 +133,7 @@ DrawerType2 {
            anchors.rightMargin: 16
            anchors.leftMargin: 16

-            backgroundColor: AmneziaStyle.color.greyDark
+            backgroundColor: "#2C2D30"

            textFieldPlaceholderText: qsTr("application name")
        }
--- a/client/ui/qml/Components/QuestionDrawer.qml
+++ b/client/ui/qml/Components/QuestionDrawer.qml
@@ -2,8 +2,6 @@ import QtQuick
 import QtQuick.Controls
 import QtQuick.Layouts

-import Style 1.0
-
 import "../Controls2"
 import "../Controls2/TextTypes"

@@ -88,11 +86,11 @@ DrawerType2 {
            Layout.rightMargin: 16
            Layout.leftMargin: 16

-            defaultColor: AmneziaStyle.color.transparent
-            hoveredColor: AmneziaStyle.color.blackHovered
-            pressedColor: AmneziaStyle.color.blackPressed
-            disabledColor: AmneziaStyle.color.grey
-            textColor: AmneziaStyle.color.white
+            defaultColor: "transparent"
+            hoveredColor: Qt.rgba(1, 1, 1, 0.08)
+            pressedColor: Qt.rgba(1, 1, 1, 0.12)
+            disabledColor: "#878B91"
+            textColor: "#D7D8DB"
            borderWidth: 1

            text: noButtonText
--- a/client/ui/qml/Components/SelectLanguageDrawer.qml
+++ b/client/ui/qml/Components/SelectLanguageDrawer.qml
@@ -2,8 +2,6 @@ import QtQuick
 import QtQuick.Controls
 import QtQuick.Layouts

-import Style 1.0
-
 import "../Controls2"
 import "../Controls2/TextTypes"
 import "../Config"
@@ -147,8 +145,8 @@ DrawerType2 {
                                indicator: Rectangle {
                                    width: parent.width - 1
                                    height: parent.height
-                                    color: radioButton.hovered ? AmneziaStyle.color.greyDark : AmneziaStyle.color.blackLight
-                                    border.color: radioButton.focus ? AmneziaStyle.color.white : AmneziaStyle.color.transparent
+                                    color: radioButton.hovered ? "#2C2D30" : "#1C1D21"
+                                    border.color: radioButton.focus ? "#D7D8DB" : "transparent"
                                    border.width: radioButton.focus ? 1 : 0

                                    Behavior on color {
--- a/client/ui/qml/Components/SettingsContainersListView.qml
+++ b/client/ui/qml/Components/SettingsContainersListView.qml
@@ -93,11 +93,20 @@ ListView {
                            PageController.goToPage(PageEnum.PageProtocolRaw)
                            break
                        }
+                        case ContainerEnum.Sftp: {
+                            SftpConfigModel.updateModel(config)
+                            PageController.goToPage(PageEnum.PageServiceSftpSettings)
+                            break
+                        }
+                        case ContainerEnum.TorWebSite: {
+                            PageController.goToPage(PageEnum.PageServiceTorWebsiteSettings)
+                            break
+                        }
                        case ContainerEnum.Dns: {
                            PageController.goToPage(PageEnum.PageServiceDnsSettings)
                            break
                        }
-                        default: {
+                        default: { // go to the settings page of the container with multiple protocols
                            ProtocolsModel.updateModel(config)
                            PageController.goToPage(PageEnum.PageSettingsServerProtocol)
                        }
--- a/client/ui/qml/Components/ShareConnectionDrawer.qml
+++ b/client/ui/qml/Components/ShareConnectionDrawer.qml
@@ -9,7 +9,6 @@ import SortFilterProxyModel 0.2

 import PageEnum 1.0
 import ContainerProps 1.0
-import Style 1.0

 import "./"
 import "../Controls2"
@@ -112,11 +111,11 @@ DrawerType2 {
                    Layout.fillWidth: true
                    Layout.topMargin: 8

-                    defaultColor: AmneziaStyle.color.transparent
-                    hoveredColor: AmneziaStyle.color.blackHovered
-                    pressedColor: AmneziaStyle.color.blackPressed
-                    disabledColor: AmneziaStyle.color.grey
-                    textColor: AmneziaStyle.color.white
+                    defaultColor: "transparent"
+                    hoveredColor: Qt.rgba(1, 1, 1, 0.08)
+                    pressedColor: Qt.rgba(1, 1, 1, 0.12)
+                    disabledColor: "#878B91"
+                    textColor: "#D7D8DB"
                    borderWidth: 1

                    text: qsTr("Copy")
@@ -135,11 +134,11 @@ DrawerType2 {

                    visible: false

-                    defaultColor: AmneziaStyle.color.transparent
-                    hoveredColor: AmneziaStyle.color.blackHovered
-                    pressedColor: AmneziaStyle.color.blackPressed
-                    disabledColor: AmneziaStyle.color.grey
-                    textColor: AmneziaStyle.color.white
+                    defaultColor: "transparent"
+                    hoveredColor: Qt.rgba(1, 1, 1, 0.08)
+                    pressedColor: Qt.rgba(1, 1, 1, 0.12)
+                    disabledColor: "#878B91"
+                    textColor: "#D7D8DB"
                    borderWidth: 1

                    text: qsTr("Copy config string")
@@ -154,11 +153,11 @@ DrawerType2 {
                    Layout.fillWidth: true
                    Layout.topMargin: 24

-                    defaultColor: AmneziaStyle.color.transparent
-                    hoveredColor: AmneziaStyle.color.blackHovered
-                    pressedColor: AmneziaStyle.color.blackPressed
-                    disabledColor: AmneziaStyle.color.grey
-                    textColor: AmneziaStyle.color.white
+                    defaultColor: "transparent"
+                    hoveredColor: Qt.rgba(1, 1, 1, 0.08)
+                    pressedColor: Qt.rgba(1, 1, 1, 0.12)
+                    disabledColor: "#878B91"
+                    textColor: "#D7D8DB"
                    borderWidth: 1

                    text: qsTr("Show connection settings")
@@ -282,9 +281,9 @@ DrawerType2 {
                                    readOnly: true
                                    activeFocusOnTab: false

-                                    color: AmneziaStyle.color.white
-                                    selectionColor:  AmneziaStyle.color.brown
-                                    selectedTextColor: AmneziaStyle.color.white
+                                    color: "#D7D8DB"
+                                    selectionColor:  "#633303"
+                                    selectedTextColor: "#D7D8DB"

                                    font.pixelSize: 16
                                    font.weight: Font.Medium
@@ -295,7 +294,7 @@ DrawerType2 {
                                    wrapMode: Text.Wrap

                                    background: Rectangle {
-                                        color: AmneziaStyle.color.transparent
+                                        color: "transparent"
                                    }
                                }
                            }
--- a/Show More
+++ b/Show More