updated SingleApplication submodule

.github/workflows/deploy.yml

@@ -16,7 +16,6 @@ jobs:
       QT_VERSION: 6.6.2
       QIF_VERSION: 4.7
       PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
-      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install Qt'
@@ -83,7 +82,6 @@ jobs:
       QIF_VERSION: 4.7
       BUILD_ARCH: 64
       PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
-      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Get sources'
@@ -146,7 +144,6 @@ jobs:
       CC: cc
       CXX: c++
       PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
-      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Setup xcode'
@@ -181,7 +178,7 @@ jobs:
     - name: 'Install go'
       uses: actions/setup-go@v5
       with:
-        go-version: '1.22.1'
+        go-version: '1.20'
         cache: false
 
     - name: 'Setup gomobile'
@@ -238,7 +235,6 @@ jobs:
       QT_VERSION: 6.4.3
       QIF_VERSION: 4.6
       PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
-      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Setup xcode'
@@ -294,70 +290,6 @@ jobs:
         path: deploy/build/client/AmneziaVPN.app
         retention-days: 7
 
-# ------------------------------------------------------
-  Build-MacOS-NE:
-    runs-on: macos-latest
-
-    env:
-      QT_VERSION: 6.4.3
-      QIF_VERSION: 4.6
-      QT_MIRROR: https://mirrors.ocf.berkeley.edu/qt/
-      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
-      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
-
-    steps:
-    - name: 'Setup Xcode'
-      uses: maxim-lobanov/setup-xcode@v1
-      with:
-        xcode-version: '14.3.1'
-
-    - name: 'Install desktop Qt'
-      uses: jurplel/install-qt-action@v3
-      with:
-        version: ${{ env.QT_VERSION }}
-        host: 'mac'
-        target: 'desktop'
-        modules: 'qtremoteobjects qt5compat qtshadertools qtmultimedia'
-        arch: 'clang_64'
-        dir: ${{ runner.temp }}
-        set-env: 'true'
-        extra: '--base ${{ env.QT_MIRROR }}'
-    - name: 'Install Qt Installer Framework ${{ env.QIF_VERSION }}'
-      run: |
-        mkdir -pv ${{ runner.temp }}/Qt/Tools/QtInstallerFramework
-        wget https://qt.amzsvc.com/tools/ifw/${{ env.QIF_VERSION }}.zip
-        unzip ${{ env.QIF_VERSION }}.zip -d ${{ runner.temp }}/Qt/Tools/QtInstallerFramework/
-    - name: 'Install Go'
-      uses: actions/setup-go@v5
-      with:
-        go-version: '1.22.1'
-        cache: false
-
-    - name: 'Get sources'
-      uses: actions/checkout@v4
-      with:
-        submodules: 'true'
-        fetch-depth: 10
-
-    - name: 'Install dependencies'
-      run: pip install jsonschema jinja2
-
-    - name: 'Set execute permissions for deploy script'
-      run: chmod +x deploy/build_macos_ne.sh
-
-    - name: 'Build and deploy macOS NE'
-      run: |
-        export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos/bin"
-        export QIF_BIN_DIR="${{ runner.temp }}/Qt/Tools/QtInstallerFramework/${{ env.QIF_VERSION }}/bin"
-        export QT_MACOS_ROOT_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos"
-        bash deploy/build_macos_ne.sh
-      env:
-        APPSTORE_CONNECT_KEY_ID: ${{ secrets.APPSTORE_CONNECT_KEY_ID }}
-        APPSTORE_CONNECT_ISSUER_ID: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }}
-        APPSTORE_CONNECT_PRIVATE_KEY: ${{ secrets.APPSTORE_CONNECT_PRIVATE_KEY }}
-        MAC_TRUST_CERT_BASE64: ${{ secrets.IOS_TRUST_CERT_BASE64 }}
-        MAC_SIGNING_CERT_BASE64: ${{ secrets.IOS_SIGNING_CERT_BASE64 }}
-        MAC_SIGNING_CERT_PASSWORD: ${{ secrets.IOS_SIGNING_CERT_PASSWORD }}
 # ------------------------------------------------------
 
   Build-Android:
@@ -365,25 +297,24 @@ jobs:
 
     env:
       ANDROID_BUILD_PLATFORM: android-34
-      QT_VERSION: 6.7.2
+      QT_VERSION: 6.6.2
       QT_MODULES: 'qtremoteobjects qt5compat qtimageformats qtshadertools'
       PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
-      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install desktop Qt'
-      uses: jurplel/install-qt-action@v4
+      uses: jurplel/install-qt-action@v3
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
         target: 'desktop'
-        arch: 'linux_gcc_64'
+        arch: 'gcc_64'
         modules: ${{ env.QT_MODULES }}
         dir: ${{ runner.temp }}
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Install android_x86_64 Qt'
-      uses: jurplel/install-qt-action@v4
+      uses: jurplel/install-qt-action@v3
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
@@ -394,7 +325,7 @@ jobs:
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Install android_x86 Qt'
-      uses: jurplel/install-qt-action@v4
+      uses: jurplel/install-qt-action@v3
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
@@ -405,7 +336,7 @@ jobs:
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Install android_armv7 Qt'
-      uses: jurplel/install-qt-action@v4
+      uses: jurplel/install-qt-action@v3
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'
@@ -416,7 +347,7 @@ jobs:
         extra: '--external 7z --base ${{ env.QT_MIRROR }}'
 
     - name: 'Install android_arm64_v8a Qt'
-      uses: jurplel/install-qt-action@v4
+      uses: jurplel/install-qt-action@v3
       with:
         version: ${{ env.QT_VERSION }}
         host: 'linux'

.github/workflows/tag-deploy.yml

@@ -16,7 +16,6 @@ jobs:
       QT_VERSION: 6.4.1
       QIF_VERSION: 4.5
       PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
-      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
 
     steps:
     - name: 'Install desktop Qt'

.gitmodules

@@ -1,7 +1,6 @@
 [submodule "client/3rd/OpenVPNAdapter"]
 	path = client/3rd/OpenVPNAdapter
 	url = https://github.com/amnezia-vpn/OpenVPNAdapter.git
-        branch = macos-dirty-build
 [submodule "client/3rd/qtkeychain"]
 	path = client/3rd/qtkeychain
 	url = https://github.com/frankosterfeld/qtkeychain.git
@@ -11,10 +10,12 @@
 [submodule "client/3rd-prebuilt"]
 	path = client/3rd-prebuilt
 	url = https://github.com/amnezia-vpn/3rd-prebuilt
-        branch = fixbug/mac-network-extension
 [submodule "client/3rd/amneziawg-apple"]
 	path = client/3rd/amneziawg-apple
 	url = https://github.com/amnezia-vpn/amneziawg-apple
 [submodule "client/3rd/QSimpleCrypto"]
 	path = client/3rd/QSimpleCrypto
 	url = https://github.com/amnezia-vpn/QSimpleCrypto.git
+[submodule "client/3rd/SingleApplication"]
+	path = client/3rd/SingleApplication
+	url = git@github.com:itay-grudev/SingleApplication.git

CMakeLists.txt

@@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
 
 set(PROJECT AmneziaVPN)
 
-project(${PROJECT} VERSION 4.8.1.9
+project(${PROJECT} VERSION 4.7.0.0
         DESCRIPTION "AmneziaVPN"
         HOMEPAGE_URL "https://amnezia.org/"
 )
@@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
 set(RELEASE_DATE "${CURRENT_DATE}")
 
 set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
-set(APP_ANDROID_VERSION_CODE 65)
+set(APP_ANDROID_VERSION_CODE 57)
 
 if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
     set(MZ_PLATFORM_NAME "linux")
@@ -26,20 +26,18 @@ elseif(${CMAKE_SYSTEM_NAME} STREQUAL "iOS")
 elseif(${CMAKE_SYSTEM_NAME} STREQUAL "Emscripten")
     set(MZ_PLATFORM_NAME "wasm")
 endif()
-message(STATUS "Platform: ${MZ_PLATFORM_NAME}")
-message(STATUS "Version: ${MACOS_NE}")
+
 set(QT_BUILD_TOOLS_WHEN_CROSS_COMPILING ON)
 set(CMAKE_CXX_STANDARD 17)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
-if((APPLE AND NOT IOS) OR (DEFINED MACOS_NE AND MACOS_NE AND NOT IOS))
+if(APPLE AND NOT IOS)
     set(CMAKE_OSX_ARCHITECTURES "x86_64")
 endif()
 
 add_subdirectory(client)
 
-# Mac OSX with Network Extension don't need service
-if(NOT IOS AND NOT ANDROID AND NOT MACOS_NE)
+if(NOT IOS AND NOT ANDROID)
     add_subdirectory(service)
 
     include(${CMAKE_SOURCE_DIR}/deploy/installer/config.cmake)

README.md

@@ -10,10 +10,10 @@ Amnezia is an open-source VPN client, with a key feature that enables you to dep
 
 <br>
 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_4.7.0.0_x64.exe"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/win.png" width="150" style="max-width: 100%;"></a> 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_4.7.0.0.dmg"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/mac.png" width="150" style="max-width: 100%;"></a> 
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.7.0.0/AmneziaVPN_Linux_4.7.0.0.tar.zip"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/lin.png" width="150" style="max-width: 100%;"></a>
-<a href="https://github.com/amnezia-vpn/amnezia-client/releases/tag/4.7.0.0"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/andr.png" width="150" style="max-width: 100%;"></a>
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_4.6.0.3_x64.exe"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/win.png" width="150" style="max-width: 100%;"></a> 
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_4.6.0.3.dmg"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/mac.png" width="150" style="max-width: 100%;"></a> 
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/download/4.6.0.3/AmneziaVPN_Linux_4.6.0.3.tar.zip"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/lin.png" width="150" style="max-width: 100%;"></a>
+<a href="https://github.com/amnezia-vpn/amnezia-client/releases/tag/4.6.0.3"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/andr.png" width="150" style="max-width: 100%;"></a>
 
 <br>
 

client/CMakeLists.txt

@@ -27,15 +27,11 @@ add_definitions(-DGIT_COMMIT_HASH="${GIT_COMMIT_HASH}")
 add_definitions(-DPROD_AGW_PUBLIC_KEY="$ENV{PROD_AGW_PUBLIC_KEY}")
 add_definitions(-DPROD_PROXY_STORAGE_KEY="$ENV{PROD_PROXY_STORAGE_KEY}")
 
-add_definitions(-DDEV_AGW_PUBLIC_KEY="$ENV{DEV_AGW_PUBLIC_KEY}")
-add_definitions(-DDEV_AGW_ENDPOINT="$ENV{DEV_AGW_ENDPOINT}")
-
-if(IOS OR MACOS_NE)
+if(IOS)
     set(PACKAGES ${PACKAGES} Multimedia)
 endif()
 
-#Macos Network Extension doesn't need Widgets
-if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID))
+if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
     set(PACKAGES ${PACKAGES} Widgets)
 endif()
 
@@ -48,26 +44,20 @@ set(LIBS ${LIBS}
     Qt6::Core5Compat Qt6::Concurrent
 )
 
-if(IOS OR MACOS_NE)
+if(IOS)
     set(LIBS ${LIBS} Qt6::Multimedia)
 endif()
-# message("Client desktop build ", ${MACOS_NE})
-#Macos Network Extension doesn't need Widgets
 
-if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID))
-    message("Run this block when MACOS_NE is not defined or set to FALSE")
+if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
     set(LIBS ${LIBS} Qt6::Widgets)
 endif()
 
 qt_standard_project_setup()
 qt_add_executable(${PROJECT} MANUAL_FINALIZATION)
 
-# TODO error in there
-if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID))
-    message("Run this block when MACOS_NE is not defined or set to FALSE")
+if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
     qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_interface.rep)
     qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_interface.rep)
-    qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_tun2socks.rep)
 endif()
 
 qt6_add_resources(QRC ${QRC} ${CMAKE_CURRENT_LIST_DIR}/resources.qrc)
@@ -102,18 +92,10 @@ qt6_add_resources(QRC ${I18NQRC} ${CMAKE_CURRENT_BINARY_DIR}/translations.qrc)
 # -- i18n end
 
 if(IOS)
-    message("Building for iOS")
     execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/ios/scripts/openvpn.sh args
         WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR})
 endif()
 
-# Build openvpn adapter for MacOS Network Extension
-if(MACOS_NE)
-    message("Building for MacOS Network Extension")
-    execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/macos/scripts/openvpn.sh args
-        WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR})
-endif()
-
 set(IS_CI ${CI})
 if(IS_CI)
     message("Detected CI env")
@@ -128,7 +110,6 @@ include(${CMAKE_CURRENT_LIST_DIR}/cmake/3rdparty.cmake)
 
 include_directories(
     ${CMAKE_CURRENT_LIST_DIR}/../ipc
-    ${CMAKE_CURRENT_LIST_DIR}/../common/logger
     ${CMAKE_CURRENT_LIST_DIR}
     ${CMAKE_CURRENT_BINARY_DIR}
 )
@@ -150,6 +131,7 @@ set(HEADERS ${HEADERS}
     ${CMAKE_CURRENT_LIST_DIR}/protocols/protocols_defs.h
     ${CMAKE_CURRENT_LIST_DIR}/protocols/qml_register_protocols.h
     ${CMAKE_CURRENT_LIST_DIR}/ui/pages.h
+    ${CMAKE_CURRENT_LIST_DIR}/ui/property_helper.h
     ${CMAKE_CURRENT_LIST_DIR}/ui/qautostart.h
     ${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.h
     ${CMAKE_CURRENT_BINARY_DIR}/version.h
@@ -158,7 +140,6 @@ set(HEADERS ${HEADERS}
     ${CMAKE_CURRENT_LIST_DIR}/core/serialization/serialization.h
     ${CMAKE_CURRENT_LIST_DIR}/core/serialization/transfer.h
     ${CMAKE_CURRENT_LIST_DIR}/core/enums/apiEnums.h
-    ${CMAKE_CURRENT_LIST_DIR}/../common/logger/logger.h
 )
 
 # Mozilla headres
@@ -174,24 +155,12 @@ include_directories(mozilla)
 include_directories(mozilla/shared)
 include_directories(mozilla/models)
 
-if(MACOS_NE)
-    message("MACOS_NE is ON")
-    add_definitions(-DQ_OS_IOS)
-    add_definitions(-DMACOS_NE)
-    message("Add macros for MacOS Network Extension")
-else()
-    message("MACOS_NE is OFF")
-endif()
-
-
-if(NOT IOS AND NOT MACOS_NE)
-    message(" Add header for non-IOS and non-MACOS_NE")
+if(NOT IOS)
     set(HEADERS ${HEADERS}
         ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.h
     )
 endif()
 
-
 if(NOT ANDROID)
     set(HEADERS ${HEADERS}
         ${CMAKE_CURRENT_LIST_DIR}/ui/notificationhandler.h
@@ -221,7 +190,6 @@ set(SOURCES ${SOURCES}
     ${CMAKE_CURRENT_LIST_DIR}/core/serialization/trojan.cpp
     ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vmess.cpp
     ${CMAKE_CURRENT_LIST_DIR}/core/serialization/vmess_new.cpp
-    ${CMAKE_CURRENT_LIST_DIR}/../common/logger/logger.cpp
 )
 
 # Mozilla sources
@@ -236,7 +204,7 @@ if(CMAKE_BUILD_TYPE STREQUAL "Debug")
     target_compile_definitions(${PROJECT} PRIVATE "MZ_DEBUG")
 endif()
 
-if(NOT IOS AND NOT MACOS_NE)
+if(NOT IOS)
     set(SOURCES ${SOURCES}
         ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.cpp
     )
@@ -344,11 +312,10 @@ if(LINUX AND NOT ANDROID)
     link_directories(${CMAKE_CURRENT_LIST_DIR}/platforms/linux)
 endif()
 
-# Macos Network Extension doesn't need
-if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID))
-    message("-----> Client desktop build")
+if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
+    message("Client desktop build")
     add_compile_definitions(AMNEZIA_DESKTOP)
-    message("-----> Add AMNEZIA_DESKTOP")
+
     set(HEADERS ${HEADERS}
         ${CMAKE_CURRENT_LIST_DIR}/core/ipcclient.h
         ${CMAKE_CURRENT_LIST_DIR}/core/privileged_process.h
@@ -381,12 +348,9 @@ endif()
 if(IOS)
     include(cmake/ios.cmake)
     include(cmake/ios-arch-fixup.cmake)
-elseif(APPLE AND NOT IOS AND NOT DEFINED MACOS_NE)
-    # include(cmake/osxtools.cmake)
-    include(cmake/macos.cmake)
-elseif(APPLE AND NOT IOS AND MACOS_NE)
+elseif(APPLE AND NOT IOS)
     include(cmake/osxtools.cmake)
-    include(cmake/macos_ne.cmake)
+    include(cmake/macos.cmake)
 endif()
 
 target_link_libraries(${PROJECT} PRIVATE ${LIBS})
@@ -405,7 +369,7 @@ elseif(APPLE AND NOT IOS)
     set(DEPLOY_PLATFORM_PATH "macos")
 endif()
 
-if(NOT IOS AND NOT ANDROID AND NOT MACOS_NE)
+if(NOT IOS AND NOT ANDROID)
     add_custom_command(
         TARGET ${PROJECT} POST_BUILD
         COMMAND ${CMAKE_COMMAND} -E $<IF:$<CONFIG:Debug>,copy_directory,true>
@@ -424,36 +388,4 @@ if(NOT IOS AND NOT ANDROID AND NOT MACOS_NE)
 endif()
 
 target_sources(${PROJECT} PRIVATE ${SOURCES} ${HEADERS} ${RESOURCES} ${QRC} ${I18NQRC})
-if(MACOS_NE)
-    message("Copy MacOS Network Extension files")
-    message("QT_HOST_PATH: $ENV{QT_MACOS_ROOT_DIR}")
-
-    add_custom_command(TARGET ${PROJECT} POST_BUILD
-        COMMAND ${CMAKE_COMMAND} -E make_directory
-                "$<TARGET_BUNDLE_DIR:AmneziaVPN>/Contents/Frameworks"
-        COMMAND ${CMAKE_COMMAND} -E copy_directory
-                "$ENV{QT_MACOS_ROOT_DIR}/lib/QtConcurrent.framework"
-                "$<TARGET_BUNDLE_DIR:AmneziaVPN>/Contents/Frameworks/QtConcurrent.framework"
-        COMMENT "Copying QtConcurrent.framework from QT_MACOS_ROOT_DIR to the bundle's Frameworks directory"
-    )
-
-
-
-    # MacOS specific application deployment
-    add_custom_command(TARGET ${PROJECT} POST_BUILD
-        COMMAND ${QT_BIN_DIR_DETECTED}/macdeployqt $<TARGET_BUNDLE_DIR:AmneziaVPN> -appstore-compliant -qmldir=${CMAKE_CURRENT_SOURCE_DIR}
-    )
-
-    # MacOS specific code signing for Release
-    if(CMAKE_BUILD_TYPE STREQUAL "Release")
-        SET(SIGN_CMD codesign --deep --force --sign 'Apple Distribution: Privacy Technologies OU \(X7UJ388FXK\)' --timestamp --options runtime $<TARGET_BUNDLE_DIR:AmneziaVPN>)
-        message("Manual signing bundle...")
-        message(${SIGN_CMD})
-
-        add_custom_command(TARGET ${PROJECT} POST_BUILD
-            COMMAND ${SIGN_CMD}
-        )
-    endif()
-endif()
-
 qt_finalize_target(${PROJECT})

client/amnezia_application.cpp

@@ -10,8 +10,6 @@
 #include <QTextDocument>
 #include <QTimer>
 #include <QTranslator>
-#include <QLocalSocket>
-#include <QLocalServer>
 
 #include "logger.h"
 #include "ui/models/installedAppsModel.h"
@@ -30,7 +28,13 @@
     #include <AmneziaVPN-Swift.h>
 #endif
 
+#if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
 AmneziaApplication::AmneziaApplication(int &argc, char *argv[]) : AMNEZIA_BASE_CLASS(argc, argv)
+#else
+AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecondary, SingleApplication::Options options, int timeout,
+                                       const QString &userData)
+    : SingleApplication(argc, argv, allowSecondary, options, timeout, userData)
+#endif
 {
     setQuitOnLastWindowClosed(false);
 
@@ -160,7 +164,7 @@ void AmneziaApplication::init()
     bool enabled = m_settings->isSaveLogs();
 #ifndef Q_OS_ANDROID
     if (enabled) {
-        if (!Logger::init(false)) {
+        if (!Logger::init()) {
             qWarning() << "Initialization of debug subsystem failed";
         }
     }
@@ -176,6 +180,16 @@ void AmneziaApplication::init()
     m_pageController->showOnStartup();
 #endif
 
+        // TODO - fix
+#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
+    if (isPrimary()) {
+        QObject::connect(this, &SingleApplication::instanceStarted, m_pageController.get(), [this]() {
+            qDebug() << "Secondary instance started, showing this window instead";
+            emit m_pageController->raiseMainWindow();
+        });
+    }
+#endif
+
 // Android TextArea clipboard workaround
 // Text from TextArea always has "text/html" mime-type:
 // /qt/6.6.1/Src/qtdeclarative/src/quick/items/qquicktextcontrol.cpp:1865
@@ -280,24 +294,6 @@ bool AmneziaApplication::parseCommands()
     return true;
 }
 
-#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
-void AmneziaApplication::startLocalServer() {
-    const QString serverName("AmneziaVPNInstance");
-    QLocalServer::removeServer(serverName);
-
-    QLocalServer* server = new QLocalServer(this);
-    server->listen(serverName);
-
-    QObject::connect(server, &QLocalServer::newConnection, this, [server, this]() {
-        if (server) {
-            QLocalSocket* clientConnection = server->nextPendingConnection();
-            clientConnection->deleteLater();
-        }
-        emit m_pageController->raiseMainWindow();
-    });
-}
-#endif
-
 QQmlApplicationEngine *AmneziaApplication::qmlEngine() const
 {
     return m_engine;

client/amnezia_application.h

@@ -53,14 +53,22 @@
 #if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
     #define AMNEZIA_BASE_CLASS QGuiApplication
 #else
-    #define AMNEZIA_BASE_CLASS QApplication
+    #include "singleapplication.h"
+    #define AMNEZIA_BASE_CLASS SingleApplication
+    //#define QAPPLICATION_CLASS QGuiApplication
 #endif
 
 class AmneziaApplication : public AMNEZIA_BASE_CLASS
 {
     Q_OBJECT
 public:
+#if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
     AmneziaApplication(int &argc, char *argv[]);
+#else
+    AmneziaApplication(int &argc, char *argv[], bool allowSecondary = false,
+                       SingleApplication::Options options = SingleApplication::User, int timeout = 1000,
+                       const QString &userData = {});
+#endif
     virtual ~AmneziaApplication();
 
     void init();
@@ -70,10 +78,6 @@ public:
     void updateTranslator(const QLocale &locale);
     bool parseCommands();
 
-#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
-    void startLocalServer();
-#endif
-
     QQmlApplicationEngine *qmlEngine() const;
     QNetworkAccessManager *manager() { return m_nam; }
 

client/android/AndroidManifest.xml

@@ -3,6 +3,7 @@
 <manifest
     xmlns:android="http://schemas.android.com/apk/res/android"
     xmlns:tools="http://schemas.android.com/tools"
+    package="org.amnezia.vpn"
     android:versionName="-- %%INSERT_VERSION_NAME%% --"
     android:versionCode="-- %%INSERT_VERSION_CODE%% --"
     android:installLocation="auto">
@@ -45,7 +46,7 @@
             android:configChanges="uiMode|screenSize|smallestScreenSize|screenLayout|orientation|density
                 |fontScale|layoutDirection|locale|keyboard|keyboardHidden|navigation|mcc|mnc"
             android:launchMode="singleInstance"
-            android:windowSoftInputMode="stateUnchanged|adjustResize"
+            android:windowSoftInputMode="adjustResize"
             android:exported="true">
 
             <intent-filter>
@@ -67,6 +68,9 @@
                 android:name="android.app.lib_name"
                 android:value="-- %%INSERT_APP_LIB_NAME%% --" />
 
+            <meta-data
+                android:name="android.app.extract_android_style"
+                android:value="minimal" />
         </activity>
 
         <activity
@@ -84,13 +88,6 @@
             android:exported="false"
             android:theme="@style/Translucent" />
 
-        <activity android:name=".AuthActivity"
-            android:excludeFromRecents="true"
-            android:launchMode="singleTask"
-            android:taskAffinity=""
-            android:exported="false"
-            android:theme="@style/Translucent" />
-
         <activity
             android:name=".ImportConfigActivity"
             android:excludeFromRecents="true"

client/android/awg/src/main/kotlin/Awg.kt

@@ -1,21 +1,81 @@
 package org.amnezia.vpn.protocol.awg
 
 import org.amnezia.vpn.protocol.wireguard.Wireguard
-import org.amnezia.vpn.protocol.wireguard.WireguardConfig
 import org.json.JSONObject
 
+/**
+ *    Config example:
+ *    {
+ *        "protocol": "awg",
+ *        "description": "Server 1",
+ *        "dns1": "1.1.1.1",
+ *        "dns2": "1.0.0.1",
+ *        "hostName": "100.100.100.0",
+ *        "splitTunnelSites": [
+ *        ],
+ *        "splitTunnelType": 0,
+ *        "awg_config_data": {
+ *            "H1": "969537490",
+ *            "H2": "481688153",
+ *            "H3": "2049399200",
+ *            "H4": "52029755",
+ *            "Jc": "3",
+ *            "Jmax": "1000",
+ *            "Jmin": "50",
+ *            "S1": "49",
+ *            "S2": "60",
+ *            "client_ip": "10.8.1.1",
+ *            "hostName": "100.100.100.0",
+ *            "port": 12345,
+ *            "client_pub_key": "clientPublicKeyBase64",
+ *            "client_priv_key": "privateKeyBase64",
+ *            "psk_key": "presharedKeyBase64",
+ *            "server_pub_key": "publicKeyBase64",
+ *            "config": "[Interface]
+ *                       Address = 10.8.1.1/32
+ *                       DNS = 1.1.1.1, 1.0.0.1
+ *                       PrivateKey = privateKeyBase64
+ *                       Jc = 3
+ *                       Jmin = 50
+ *                       Jmax = 1000
+ *                       S1 = 49
+ *                       S2 = 60
+ *                       H1 = 969537490
+ *                       H2 = 481688153
+ *                       H3 = 2049399200
+ *                       H4 = 52029755
+ *
+ *                       [Peer]
+ *                       PublicKey = publicKeyBase64
+ *                       PresharedKey = presharedKeyBase64
+ *                       AllowedIPs = 0.0.0.0/0, ::/0
+ *                       Endpoint = 100.100.100.0:12345
+ *                       PersistentKeepalive = 25
+ *                       "
+ *        }
+ *    }
+ */
+
 class Awg : Wireguard() {
 
     override val ifName: String = "awg0"
 
-    override fun parseConfig(config: JSONObject): WireguardConfig {
-        val configData = config.getJSONObject("awg_config_data")
-        return WireguardConfig.build {
-            setUseProtocolExtension(true)
-            configExtensionParameters(configData)
-            configWireguard(config, configData)
+    override fun parseConfig(config: JSONObject): AwgConfig {
+        val configDataJson = config.getJSONObject("awg_config_data")
+        val configData = parseConfigData(configDataJson.getString("config"))
+        return AwgConfig.build {
+            configWireguard(configData, configDataJson)
             configSplitTunneling(config)
             configAppSplitTunneling(config)
+            configData["Jc"]?.let { setJc(it.toInt()) }
+            configData["Jmin"]?.let { setJmin(it.toInt()) }
+            configData["Jmax"]?.let { setJmax(it.toInt()) }
+            configData["S1"]?.let { setS1(it.toInt()) }
+            configData["S2"]?.let { setS2(it.toInt()) }
+            configData["H1"]?.let { setH1(it.toLong()) }
+            configData["H2"]?.let { setH2(it.toLong()) }
+            configData["H3"]?.let { setH3(it.toLong()) }
+            configData["H4"]?.let { setH4(it.toLong()) }
         }
     }
 }

client/android/awg/src/main/kotlin/AwgConfig.kt

@@ -0,0 +1,108 @@
+package org.amnezia.vpn.protocol.awg
+
+import org.amnezia.vpn.protocol.BadConfigException
+import org.amnezia.vpn.protocol.wireguard.WireguardConfig
+
+class AwgConfig private constructor(
+    wireguardConfigBuilder: WireguardConfig.Builder,
+    val jc: Int,
+    val jmin: Int,
+    val jmax: Int,
+    val s1: Int,
+    val s2: Int,
+    val h1: Long,
+    val h2: Long,
+    val h3: Long,
+    val h4: Long
+) : WireguardConfig(wireguardConfigBuilder) {
+
+    private constructor(builder: Builder) : this(
+        builder,
+        builder.jc,
+        builder.jmin,
+        builder.jmax,
+        builder.s1,
+        builder.s2,
+        builder.h1,
+        builder.h2,
+        builder.h3,
+        builder.h4
+    )
+
+    override fun appendDeviceLine(sb: StringBuilder) = with(sb) {
+        super.appendDeviceLine(this)
+        appendLine("jc=$jc")
+        appendLine("jmin=$jmin")
+        appendLine("jmax=$jmax")
+        appendLine("s1=$s1")
+        appendLine("s2=$s2")
+        appendLine("h1=$h1")
+        appendLine("h2=$h2")
+        appendLine("h3=$h3")
+        appendLine("h4=$h4")
+    }
+
+    class Builder : WireguardConfig.Builder() {
+
+        private var _jc: Int? = null
+        internal var jc: Int
+            get() = _jc ?: throw BadConfigException("AWG: parameter jc is undefined")
+            private set(value) { _jc = value }
+
+        private var _jmin: Int? = null
+        internal var jmin: Int
+            get() = _jmin ?: throw BadConfigException("AWG: parameter jmin is undefined")
+            private set(value) { _jmin = value }
+
+        private var _jmax: Int? = null
+        internal var jmax: Int
+            get() = _jmax ?: throw BadConfigException("AWG: parameter jmax is undefined")
+            private set(value) { _jmax = value }
+
+        private var _s1: Int? = null
+        internal var s1: Int
+            get() = _s1 ?: throw BadConfigException("AWG: parameter s1 is undefined")
+            private set(value) { _s1 = value }
+
+        private var _s2: Int? = null
+        internal var s2: Int
+            get() = _s2 ?: throw BadConfigException("AWG: parameter s2 is undefined")
+            private set(value) { _s2 = value }
+
+        private var _h1: Long? = null
+        internal var h1: Long
+            get() = _h1 ?: throw BadConfigException("AWG: parameter h1 is undefined")
+            private set(value) { _h1 = value }
+
+        private var _h2: Long? = null
+        internal var h2: Long
+            get() = _h2 ?: throw BadConfigException("AWG: parameter h2 is undefined")
+            private set(value) { _h2 = value }
+
+        private var _h3: Long? = null
+        internal var h3: Long
+            get() = _h3 ?: throw BadConfigException("AWG: parameter h3 is undefined")
+            private set(value) { _h3 = value }
+
+        private var _h4: Long? = null
+        internal var h4: Long
+            get() = _h4 ?: throw BadConfigException("AWG: parameter h4 is undefined")
+            private set(value) { _h4 = value }
+
+        fun setJc(jc: Int) = apply { this.jc = jc }
+        fun setJmin(jmin: Int) = apply { this.jmin = jmin }
+        fun setJmax(jmax: Int) = apply { this.jmax = jmax }
+        fun setS1(s1: Int) = apply { this.s1 = s1 }
+        fun setS2(s2: Int) = apply { this.s2 = s2 }
+        fun setH1(h1: Long) = apply { this.h1 = h1 }
+        fun setH2(h2: Long) = apply { this.h2 = h2 }
+        fun setH3(h3: Long) = apply { this.h3 = h3 }
+        fun setH4(h4: Long) = apply { this.h4 = h4 }
+
+        override fun build(): AwgConfig = configBuild().run { AwgConfig(this@Builder) }
+    }
+
+    companion object {
+        inline fun build(block: Builder.() -> Unit): AwgConfig = Builder().apply(block).build()
+    }
+}

client/android/build.gradle

@@ -3,6 +3,3 @@
 // android.bundle.enableUncompressedNativeLibs is deprecated
 // disable adding gradle property android.bundle.enableUncompressedNativeLibs by androiddeployqt
 useLegacyPackaging
-
-// package name for androiddeployqt
-namespace = "org.amnezia.vpn"

client/android/build.gradle.kts

@@ -115,11 +115,9 @@ dependencies {
     implementation(project(":xray"))
     implementation(libs.androidx.core)
     implementation(libs.androidx.activity)
-    implementation(libs.androidx.fragment)
     implementation(libs.kotlinx.coroutines)
     implementation(libs.kotlinx.serialization.protobuf)
     implementation(libs.bundles.androidx.camera)
     implementation(libs.google.mlkit)
     implementation(libs.androidx.datastore)
-    implementation(libs.androidx.biometric)
 }

client/android/cloak/src/main/kotlin/Cloak.kt

@@ -3,15 +3,39 @@ package org.amnezia.vpn.protocol.cloak
 import android.util.Base64
 import net.openvpn.ovpn3.ClientAPI_Config
 import org.amnezia.vpn.protocol.openvpn.OpenVpn
-import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.json.JSONObject
 
-class Cloak : OpenVpn() {
+/**
+ *    Config Example:
+ *    {
+ *     "protocol": "cloak",
+ *     "description": "Server 1",
+ *     "dns1": "1.1.1.1",
+ *     "dns2": "1.0.0.1",
+ *     "hostName": "100.100.100.0",
+ *     "splitTunnelSites": [
+ *     ],
+ *     "splitTunnelType": 0,
+ *     "openvpn_config_data": {
+ *           "config": "openVpnConfig"
+ *     }
+ *     "cloak_config_data": {
+ *          "BrowserSig": "chrome",
+ *          "EncryptionMethod": "aes-gcm",
+ *          "NumConn": 1,
+ *          "ProxyMethod": "openvpn",
+ *          "PublicKey": "PublicKey=",
+ *          "RemoteHost": "100.100.100.0",
+ *          "RemotePort": "443",
+ *          "ServerName": "servername",
+ *          "StreamTimeout": 300,
+ *          "Transport": "direct",
+ *          "UID": "UID="
+ *     }
+ * }
+ */
 
-    override fun internalInit() {
-        super.internalInit()
-        if (!isInitialized) loadSharedLibrary(context, "ck-ovpn-plugin")
-    }
+class Cloak : OpenVpn() {
 
     override fun parseConfig(config: JSONObject): ClientAPI_Config {
         val openVpnConfig = ClientAPI_Config()

client/android/gradle/libs.versions.toml

@@ -1,28 +1,24 @@
 [versions]
-agp = "8.5.2"
-kotlin = "1.9.24"
-androidx-core = "1.13.1"
-androidx-activity = "1.9.1"
-androidx-annotation = "1.8.2"
-androidx-biometric = "1.2.0-alpha05"
-androidx-camera = "1.3.4"
-androidx-fragment = "1.8.2"
+agp = "8.2.0"
+kotlin = "1.9.20"
+androidx-core = "1.12.0"
+androidx-activity = "1.8.1"
+androidx-annotation = "1.7.0"
+androidx-camera = "1.3.0"
 androidx-security-crypto = "1.1.0-alpha06"
-androidx-datastore = "1.1.1"
-kotlinx-coroutines = "1.8.1"
+androidx-datastore = "1.1.0-beta01"
+kotlinx-coroutines = "1.7.3"
 kotlinx-serialization = "1.6.3"
-google-mlkit = "17.3.0"
+google-mlkit = "17.2.0"
 
 [libraries]
 androidx-core = { module = "androidx.core:core-ktx", version.ref = "androidx-core" }
 androidx-activity = { module = "androidx.activity:activity-ktx", version.ref = "androidx-activity" }
 androidx-annotation = { module = "androidx.annotation:annotation", version.ref = "androidx-annotation" }
-androidx-biometric = { module = "androidx.biometric:biometric-ktx", version.ref = "androidx-biometric" }
 androidx-camera-core = { module = "androidx.camera:camera-core", version.ref = "androidx-camera" }
 androidx-camera-camera2 = { module = "androidx.camera:camera-camera2", version.ref = "androidx-camera" }
 androidx-camera-lifecycle = { module = "androidx.camera:camera-lifecycle", version.ref = "androidx-camera" }
 androidx-camera-view = { module = "androidx.camera:camera-view", version.ref = "androidx-camera" }
-androidx-fragment = { module = "androidx.fragment:fragment-ktx", version.ref = "androidx-fragment" }
 androidx-security-crypto = { module = "androidx.security:security-crypto-ktx", version.ref = "androidx-security-crypto" }
 androidx-datastore = { module = "androidx.datastore:datastore-preferences", version.ref = "androidx-datastore" }
 kotlinx-coroutines = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-android", version.ref = "kotlinx-coroutines" }

client/android/gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
+networkTimeout=10000
+validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

client/android/gradlew

@@ -15,8 +15,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-# SPDX-License-Identifier: Apache-2.0
-#
 
 ##############################################################################
 #
@@ -57,7 +55,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -86,8 +84,7 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
-' "$PWD" ) || exit
+APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum

client/android/gradlew.bat

@@ -13,8 +13,6 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 @rem
-@rem SPDX-License-Identifier: Apache-2.0
-@rem
 
 @if "%DEBUG%"=="" @echo off
 @rem ##########################################################################
@@ -45,11 +43,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
 
-echo. 1>&2
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
-echo. 1>&2
-echo Please set the JAVA_HOME variable in your environment to match the 1>&2
-echo location of your Java installation. 1>&2
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
 
 goto fail
 
@@ -59,11 +57,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 
 if exist "%JAVA_EXE%" goto execute
 
-echo. 1>&2
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
-echo. 1>&2
-echo Please set the JAVA_HOME variable in your environment to match the 1>&2
-echo location of your Java installation. 1>&2
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
 
 goto fail
 

client/android/openvpn/src/main/kotlin/org/amnezia/vpn/protocol/openvpn/OpenVpn.kt

@@ -11,12 +11,28 @@ import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
 import org.amnezia.vpn.protocol.VpnStartException
-import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.net.InetNetwork
 import org.amnezia.vpn.util.net.getLocalNetworks
 import org.amnezia.vpn.util.net.parseInetAddress
 import org.json.JSONObject
 
+/**
+ *    Config Example:
+ *    {
+ *     "protocol": "openvpn",
+ *     "description": "Server 1",
+ *     "dns1": "1.1.1.1",
+ *     "dns2": "1.0.0.1",
+ *     "hostName": "100.100.100.0",
+ *     "splitTunnelSites": [
+ *     ],
+ *     "splitTunnelType": 0,
+ *     "openvpn_config_data": {
+ *           "config": "openVpnConfig"
+ *     }
+ * }
+ */
+
 open class OpenVpn : Protocol() {
 
     private var openVpnClient: OpenVpnClient? = null
@@ -35,17 +51,14 @@ open class OpenVpn : Protocol() {
         }
 
     override fun internalInit() {
-        if (!isInitialized) {
-            loadSharedLibrary(context, "ovpn3")
-            loadSharedLibrary(context, "ovpnutil")
-        }
+        if (!isInitialized) loadSharedLibrary(context, "ovpn3")
         if (this::scope.isInitialized) {
             scope.cancel()
         }
         scope = CoroutineScope(Dispatchers.IO)
     }
 
-    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
         val configBuilder = OpenVpnConfig.Builder()
 
         openVpnClient = OpenVpnClient(

client/android/protocolApi/src/main/kotlin/Exceptions.kt

@@ -2,6 +2,7 @@ package org.amnezia.vpn.protocol
 
 sealed class ProtocolException(message: String? = null, cause: Throwable? = null) : Exception(message, cause)
 
+class LoadLibraryException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)
 class BadConfigException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)
 
 class VpnStartException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)

client/android/protocolApi/src/main/kotlin/Protocol.kt

@@ -42,7 +42,7 @@ abstract class Protocol {
 
     protected abstract fun internalInit()
 
-    abstract suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)
+    abstract fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)
 
     abstract fun stopVpn()
 
@@ -158,6 +158,60 @@ abstract class Protocol {
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q)
             vpnBuilder.setMetered(false)
     }
+
+    companion object {
+        private fun extractLibrary(context: Context, libraryName: String, destination: File): Boolean {
+            Log.d(TAG, "Extracting library: $libraryName")
+            val apks = hashSetOf<String>()
+            context.applicationInfo.run {
+                sourceDir?.let { apks += it }
+                splitSourceDirs?.let { apks += it }
+            }
+            for (abi in Build.SUPPORTED_ABIS) {
+                for (apk in apks) {
+                    ZipFile(File(apk), ZipFile.OPEN_READ).use { zipFile ->
+                        val mappedName = System.mapLibraryName(libraryName)
+                        val libraryZipPath = listOf("lib", abi, mappedName).joinToString(File.separator)
+                        val zipEntry = zipFile.getEntry(libraryZipPath)
+                        zipEntry?.let {
+                            Log.d(TAG, "Extracting apk:/$libraryZipPath to ${destination.absolutePath}")
+                            FileOutputStream(destination).use { outStream ->
+                                zipFile.getInputStream(zipEntry).use { inStream ->
+                                    inStream.copyTo(outStream, 32 * 1024)
+                                    outStream.fd.sync()
+                                }
+                            }
+                        }
+                        return true
+                    }
+                }
+            }
+            return false
+        }
+
+        @SuppressLint("UnsafeDynamicallyLoadedCode")
+        fun loadSharedLibrary(context: Context, libraryName: String) {
+            Log.d(TAG, "Loading library: $libraryName")
+            try {
+                System.loadLibrary(libraryName)
+                return
+            } catch (_: UnsatisfiedLinkError) {
+                Log.d(TAG, "Failed to load library, try to extract it from apk")
+            }
+            var tempFile: File? = null
+            try {
+                tempFile = File.createTempFile("lib", ".so", context.codeCacheDir)
+                if (extractLibrary(context, libraryName, tempFile)) {
+                    System.load(tempFile.absolutePath)
+                    return
+                }
+            } catch (e: Exception) {
+                throw LoadLibraryException("Failed to load library apk: $libraryName", e)
+            } finally {
+                tempFile?.delete()
+            }
+        }
+    }
 }
 
 private fun VpnService.Builder.addAddress(addr: InetNetwork) = addAddress(addr.address, addr.mask)

client/android/qt/build.gradle.kts

@@ -21,5 +21,5 @@ android {
 }
 
 dependencies {
-    api(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar"))))
+    implementation(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar"))))
 }

client/android/res/values/libs.xml

@@ -3,6 +3,7 @@
     <!-- DO NOT EDIT THIS: This file is populated automatically by the deployment tool. -->
 
     <array name="bundled_libs">
+        <!-- %%INSERT_EXTRA_LIBS%% -->
     </array>
 
     <array name="qt_libs">

client/android/res/values/styles.xml

@@ -1,9 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <resources>
-    <color name="black">#FF0E0E11</color>
     <style name="NoActionBar">
-        <item name="android:windowBackground">@color/black</item>
-        <item name="android:colorBackground">@color/black</item>
         <item name="android:windowActionBar">false</item>
         <item name="android:windowNoTitle">true</item>
     </style>

client/android/settings.gradle.kts

@@ -22,7 +22,7 @@ dependencyResolutionManagement {
 includeBuild("./gradle/plugins")
 
 plugins {
-    id("com.android.settings") version "8.5.2"
+    id("com.android.settings") version "8.2.0"
     id("settings-property-delegate")
 }
 

client/android/src/org/amnezia/vpn/AmneziaActivity.kt

@@ -43,7 +43,6 @@ import kotlinx.coroutines.withContext
 import org.amnezia.vpn.protocol.getStatistics
 import org.amnezia.vpn.protocol.getStatus
 import org.amnezia.vpn.qt.QtAndroidController
-import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.json.JSONException
@@ -159,11 +158,6 @@ class AmneziaActivity : QtActivity() {
     override fun onCreate(savedInstanceState: Bundle?) {
         super.onCreate(savedInstanceState)
         Log.d(TAG, "Create Amnezia activity: $intent")
-        loadLibs()
-        window.apply {
-            addFlags(LayoutParams.FLAG_DRAWS_SYSTEM_BAR_BACKGROUNDS)
-            statusBarColor = getColor(R.color.black)
-        }
         mainScope = CoroutineScope(SupervisorJob() + Dispatchers.Main.immediate)
         val proto = mainScope.async(Dispatchers.IO) {
             VpnStateStore.getVpnState().vpnProto
@@ -181,17 +175,6 @@ class AmneziaActivity : QtActivity() {
         runBlocking { vpnProto = proto.await() }
     }
 
-    private fun loadLibs() {
-        listOf(
-            "rsapss",
-            "crypto_3",
-            "ssl_3",
-            "ssh"
-        ).forEach {
-            loadSharedLibrary(this.applicationContext, it)
-        }
-    }
-
     private fun registerBroadcastReceivers() {
         notificationStateReceiver = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
             registerBroadcastReceiver(
@@ -627,14 +610,6 @@ class AmneziaActivity : QtActivity() {
         }
     }
 
-    @Suppress("unused")
-    fun setNavigationBarColor(color: Int) {
-        Log.v(TAG, "Change navigation bar color: ${"#%08X".format(color)}")
-        mainScope.launch {
-            window.navigationBarColor = color
-        }
-    }
-
     @Suppress("unused")
     fun minimizeApp() {
         Log.v(TAG, "Minimize application")
@@ -709,17 +684,6 @@ class AmneziaActivity : QtActivity() {
             .show()
     }
 
-    @Suppress("unused")
-    fun requestAuthentication() {
-        Log.v(TAG, "Request authentication")
-        mainScope.launch {
-            qtInitialized.await()
-            Intent(this@AmneziaActivity, AuthActivity::class.java).also {
-                startActivity(it)
-            }
-        }
-    }
-
     /**
      * Utils methods
      */

client/android/src/org/amnezia/vpn/AmneziaVpnService.kt

@@ -22,7 +22,6 @@ import androidx.annotation.MainThread
 import androidx.core.app.ServiceCompat
 import androidx.core.content.ContextCompat
 import androidx.core.content.getSystemService
-import java.net.UnknownHostException
 import java.util.concurrent.ConcurrentHashMap
 import kotlin.LazyThreadSafetyMode.NONE
 import kotlinx.coroutines.CoroutineExceptionHandler
@@ -32,7 +31,6 @@ import kotlinx.coroutines.Job
 import kotlinx.coroutines.SupervisorJob
 import kotlinx.coroutines.TimeoutCancellationException
 import kotlinx.coroutines.cancel
-import kotlinx.coroutines.cancelAndJoin
 import kotlinx.coroutines.delay
 import kotlinx.coroutines.flow.MutableStateFlow
 import kotlinx.coroutines.flow.drop
@@ -41,6 +39,7 @@ import kotlinx.coroutines.launch
 import kotlinx.coroutines.runBlocking
 import kotlinx.coroutines.withTimeout
 import org.amnezia.vpn.protocol.BadConfigException
+import org.amnezia.vpn.protocol.LoadLibraryException
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
@@ -50,7 +49,6 @@ import org.amnezia.vpn.protocol.ProtocolState.UNKNOWN
 import org.amnezia.vpn.protocol.VpnException
 import org.amnezia.vpn.protocol.VpnStartException
 import org.amnezia.vpn.protocol.putStatus
-import org.amnezia.vpn.util.LoadLibraryException
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.amnezia.vpn.util.net.NetworkState
@@ -113,10 +111,6 @@ open class AmneziaVpnService : VpnService() {
         get() = clientMessengers.any { it.value.name == ACTIVITY_MESSENGER_NAME }
 
     private val connectionExceptionHandler = CoroutineExceptionHandler { _, e ->
-        connectionJob?.cancel()
-        connectionJob = null
-        disconnectionJob?.cancel()
-        disconnectionJob = null
         protocolState.value = DISCONNECTED
         when (e) {
             is IllegalArgumentException,
@@ -128,8 +122,6 @@ open class AmneziaVpnService : VpnService() {
 
             is LoadLibraryException -> onError("${e.message}. Caused: ${e.cause?.message}")
 
-            is UnknownHostException -> onError("Unknown host")
-
             else -> throw e
         }
     }
@@ -539,7 +531,7 @@ open class AmneziaVpnService : VpnService() {
         protocolState.value = DISCONNECTING
 
         disconnectionJob = connectionScope.launch {
-            connectionJob?.cancelAndJoin()
+            connectionJob?.join()
             connectionJob = null
 
             vpnProto?.protocol?.stopVpn()

client/android/src/org/amnezia/vpn/AuthActivity.kt

@@ -1,97 +0,0 @@
-package org.amnezia.vpn
-
-import android.os.Build
-import android.os.Bundle
-import androidx.biometric.BiometricManager
-import androidx.biometric.BiometricManager.Authenticators.BIOMETRIC_STRONG
-import androidx.biometric.BiometricManager.Authenticators.DEVICE_CREDENTIAL
-import androidx.biometric.BiometricPrompt
-import androidx.biometric.BiometricPrompt.AuthenticationResult
-import androidx.core.content.ContextCompat
-import androidx.fragment.app.FragmentActivity
-import org.amnezia.vpn.qt.QtAndroidController
-import org.amnezia.vpn.util.Log
-
-private const val TAG = "AuthActivity"
-
-private const val AUTHENTICATORS = BIOMETRIC_STRONG or DEVICE_CREDENTIAL
-
-class AuthActivity : FragmentActivity() {
-
-    override fun onCreate(savedInstanceState: Bundle?) {
-        super.onCreate(savedInstanceState)
-
-        val biometricManager = BiometricManager.from(applicationContext)
-        when (biometricManager.canAuthenticate(AUTHENTICATORS)) {
-            BiometricManager.BIOMETRIC_SUCCESS -> {
-                showBiometricPrompt(biometricManager)
-                return
-            }
-
-            BiometricManager.BIOMETRIC_STATUS_UNKNOWN -> {
-                Log.w(TAG, "Unknown biometric status")
-                showBiometricPrompt(biometricManager)
-                return
-            }
-
-            BiometricManager.BIOMETRIC_ERROR_UNSUPPORTED -> {
-                Log.e(TAG, "The specified options are incompatible with the current Android " +
-                    "version ${Build.VERSION.SDK_INT}")
-            }
-
-            BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE -> {
-                Log.w(TAG, "The hardware is unavailable")
-            }
-
-            BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED -> {
-                Log.w(TAG, "No biometric or device credential is enrolled")
-            }
-
-            BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE -> {
-                Log.w(TAG, "There is no suitable hardware")
-            }
-
-            BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED -> {
-                Log.w(TAG, "A security vulnerability has been discovered with one or " +
-                    "more hardware sensors")
-            }
-        }
-        QtAndroidController.onAuthResult(true)
-        finish()
-    }
-
-    private fun showBiometricPrompt(biometricManager: BiometricManager) {
-        val executor = ContextCompat.getMainExecutor(applicationContext)
-        val biometricPrompt = BiometricPrompt(this, executor,
-            object : BiometricPrompt.AuthenticationCallback() {
-                override fun onAuthenticationSucceeded(result: AuthenticationResult) {
-                    super.onAuthenticationSucceeded(result)
-                    Log.d(TAG, "Authentication succeeded")
-                    QtAndroidController.onAuthResult(true)
-                    finish()
-                }
-
-                override fun onAuthenticationFailed() {
-                    super.onAuthenticationFailed()
-                    Log.w(TAG, "Authentication failed")
-                }
-
-                override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
-                    super.onAuthenticationError(errorCode, errString)
-                    Log.e(TAG, "Authentication error $errorCode: $errString")
-                    QtAndroidController.onAuthResult(false)
-                    finish()
-                }
-            })
-
-
-
-        val promptInfo = BiometricPrompt.PromptInfo.Builder()
-            .setAllowedAuthenticators(AUTHENTICATORS)
-            .setTitle("AmneziaVPN")
-            .setSubtitle(biometricManager.getStrings(AUTHENTICATORS)?.promptMessage)
-            .build()
-
-        biometricPrompt.authenticate(promptInfo)
-    }
-}

client/android/src/org/amnezia/vpn/AuthHelper.java

@@ -0,0 +1,24 @@
+package org.amnezia.vpn;
+
+import android.content.Context;
+import android.app.KeyguardManager;
+import android.content.Intent;
+import org.qtproject.qt.android.bindings.QtActivity;
+
+
+import static android.content.Context.KEYGUARD_SERVICE;
+
+public class AuthHelper extends QtActivity {
+
+   static final String TAG = "AuthHelper";
+  
+   public static Intent getAuthIntent(Context context) {
+   	KeyguardManager mKeyguardManager = (KeyguardManager)context.getSystemService(KEYGUARD_SERVICE);
+   	if (mKeyguardManager.isDeviceSecure()) {
+                return mKeyguardManager.createConfirmDeviceCredentialIntent(null, null);
+        } else {
+        	return null;
+        }     
+   }
+   
+}

client/android/src/org/amnezia/vpn/ImportConfigActivity.kt

@@ -33,10 +33,10 @@ class ImportConfigActivity : ComponentActivity() {
         intent?.let(::readConfig)
     }
 
-    override fun onNewIntent(intent: Intent) {
+    override fun onNewIntent(intent: Intent?) {
         super.onNewIntent(intent)
         Log.d(TAG, "onNewIntent: $intent")
-        intent.let(::readConfig)
+        intent?.let(::readConfig)
     }
 
     private fun readConfig(intent: Intent) {

client/android/src/org/amnezia/vpn/qt/QtAndroidController.kt

@@ -25,7 +25,5 @@ object QtAndroidController {
 
     external fun onConfigImported(data: String)
 
-    external fun onAuthResult(result: Boolean)
-
     external fun decodeQrCode(data: String): Boolean
 }

client/android/utils/src/main/kotlin/JsonExt.kt

@@ -1,9 +0,0 @@
-package org.amnezia.vpn.util
-
-import org.json.JSONArray
-import org.json.JSONObject
-
-inline fun <reified T> JSONArray.asSequence(): Sequence<T> =
-    (0..<length()).asSequence().map { get(it) as T }
-
-fun JSONObject.optStringOrNull(name: String) = optString(name).ifEmpty { null }

client/android/utils/src/main/kotlin/LibraryLoader.kt

@@ -1,66 +0,0 @@
-package org.amnezia.vpn.util
-
-import android.annotation.SuppressLint
-import android.content.Context
-import android.os.Build
-import java.io.File
-import java.io.FileOutputStream
-import java.util.zip.ZipFile
-
-private const val TAG = "LibraryLoader"
-
-object LibraryLoader {
-    private fun extractLibrary(context: Context, libraryName: String, destination: File): Boolean {
-        Log.d(TAG, "Extracting library: $libraryName")
-        val apks = hashSetOf<String>()
-        context.applicationInfo.run {
-            sourceDir?.let { apks += it }
-            splitSourceDirs?.let { apks += it }
-        }
-        for (abi in Build.SUPPORTED_ABIS) {
-            for (apk in apks) {
-                ZipFile(File(apk), ZipFile.OPEN_READ).use { zipFile ->
-                    val mappedName = System.mapLibraryName(libraryName)
-                    val libraryZipPath = listOf("lib", abi, mappedName).joinToString(File.separator)
-                    val zipEntry = zipFile.getEntry(libraryZipPath)
-                    zipEntry?.let {
-                        Log.d(TAG, "Extracting apk:/$libraryZipPath to ${destination.absolutePath}")
-                        FileOutputStream(destination).use { outStream ->
-                            zipFile.getInputStream(zipEntry).use { inStream ->
-                                inStream.copyTo(outStream, 32 * 1024)
-                                outStream.fd.sync()
-                            }
-                        }
-                    }
-                    return true
-                }
-            }
-        }
-        return false
-    }
-
-    @SuppressLint("UnsafeDynamicallyLoadedCode")
-    fun loadSharedLibrary(context: Context, libraryName: String) {
-        Log.d(TAG, "Loading library: $libraryName")
-        try {
-            System.loadLibrary(libraryName)
-            return
-        } catch (_: UnsatisfiedLinkError) {
-            Log.d(TAG, "Failed to load library, try to extract it from apk")
-        }
-        var tempFile: File? = null
-        try {
-            tempFile = File.createTempFile("lib", ".so", context.codeCacheDir)
-            if (extractLibrary(context, libraryName, tempFile)) {
-                System.load(tempFile.absolutePath)
-                return
-            }
-        } catch (e: Exception) {
-            throw LoadLibraryException("Failed to load library apk: $libraryName", e)
-        } finally {
-            tempFile?.delete()
-        }
-    }
-}
-
-class LoadLibraryException(message: String? = null, cause: Throwable? = null) : Exception(message, cause)

client/android/utils/src/main/kotlin/net/NetworkState.kt

@@ -88,7 +88,7 @@ class NetworkState(
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.S) {
             connectivityManager.registerBestMatchingNetworkCallback(networkRequest, networkCallback, handler)
         } else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
-            val numberAttempts = 300
+            val numberAttempts = 3
             var attemptCount = 0
             while(true) {
                 try {

client/android/utils/src/main/kotlin/net/NetworkUtils.kt

@@ -35,7 +35,7 @@ fun getLocalNetworks(context: Context, ipv6: Boolean): List<InetNetwork> {
     return emptyList()
 }
 
-fun parseInetAddress(address: String): InetAddress = InetAddress.getByName(address)
+fun parseInetAddress(address: String): InetAddress = parseNumericAddressCompat(address)
 
 private val parseNumericAddressCompat: (String) -> InetAddress =
     if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
@@ -60,7 +60,7 @@ private val parseNumericAddressCompat: (String) -> InetAddress =
 internal fun convertIpv6ToCanonicalForm(ipv6: String): String = ipv6
     .replace("((?:(?:^|:)0+\\b){2,}):?(?!\\S*\\b\\1:0+\\b)(\\S*)".toRegex(), "::$2")
 
-val InetAddress.ip: String
+internal val InetAddress.ip: String
     get() = if (this is Inet4Address) {
         hostAddress!!
     } else {

client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/Wireguard.kt

@@ -1,26 +1,54 @@
 package org.amnezia.vpn.protocol.wireguard
 
 import android.net.VpnService.Builder
-import java.io.IOException
-import java.util.Locale
-import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.delay
-import kotlinx.coroutines.withContext
+import java.util.TreeMap
 import org.amnezia.awg.GoBackend
 import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
 import org.amnezia.vpn.protocol.VpnStartException
-import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.Log
-import org.amnezia.vpn.util.asSequence
 import org.amnezia.vpn.util.net.InetEndpoint
 import org.amnezia.vpn.util.net.InetNetwork
 import org.amnezia.vpn.util.net.parseInetAddress
-import org.amnezia.vpn.util.optStringOrNull
 import org.json.JSONObject
 
+/**
+ *    Config example:
+ *    {
+ *        "protocol": "wireguard",
+ *        "description": "Server 1",
+ *        "dns1": "1.1.1.1",
+ *        "dns2": "1.0.0.1",
+ *        "hostName": "100.100.100.0",
+ *        "splitTunnelSites": [
+ *        ],
+ *        "splitTunnelType": 0,
+ *        "wireguard_config_data": {
+ *            "client_ip": "10.8.1.1",
+ *            "hostName": "100.100.100.0",
+ *            "port": 12345,
+ *            "client_pub_key": "clientPublicKeyBase64",
+ *            "client_priv_key": "privateKeyBase64",
+ *            "psk_key": "presharedKeyBase64",
+ *            "server_pub_key": "publicKeyBase64",
+ *            "config": "[Interface]
+ *                       Address = 10.8.1.1/32
+ *                       DNS = 1.1.1.1, 1.0.0.1
+ *                       PrivateKey = privateKeyBase64
+ *
+ *                       [Peer]
+ *                       PublicKey = publicKeyBase64
+ *                       PresharedKey = presharedKeyBase64
+ *                       AllowedIPs = 0.0.0.0/0, ::/0
+ *                       Endpoint = 100.100.100.0:12345
+ *                       PersistentKeepalive = 25
+ *                       "
+ *        }
+ *    }
+ */
+
 private const val TAG = "Wireguard"
 
 open class Wireguard : Protocol() {
@@ -51,105 +79,67 @@ open class Wireguard : Protocol() {
         if (!isInitialized) loadSharedLibrary(context, "wg-go")
     }
 
-    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
         val wireguardConfig = parseConfig(config)
-        val startTime = System.currentTimeMillis()
         start(wireguardConfig, vpnBuilder, protect)
-        waitForConnection(startTime)
         state.value = CONNECTED
     }
 
-    private suspend fun waitForConnection(startTime: Long) {
-        Log.d(TAG, "Waiting for connection")
-        withContext(Dispatchers.IO) {
-            val time = String.format(Locale.ROOT,"%.3f", startTime / 1000.0)
-            try {
-                delay(1000)
-                var log = getLogcat(time)
-                Log.d(TAG, "First waiting log: $log")
-                // check that there is a connection log,
-                // to avoid infinite connection
-                if (!log.contains("Attaching to interface")) {
-                    Log.w(TAG, "Logs do not contain a connection log")
-                    return@withContext
-                }
-                while (!log.contains("Received handshake response")) {
-                    delay(1000)
-                    log = getLogcat(time)
-                }
-            } catch (e: IOException) {
-                Log.e(TAG, "Failed to get logcat: $e")
-            }
-        }
-    }
-
-    private fun getLogcat(time: String): String =
-        ProcessBuilder("logcat", "--buffer=main", "--format=raw", "*:S AmneziaWG/awg0", "-t", time)
-            .redirectErrorStream(true)
-            .start()
-            .inputStream.reader().readText()
-
     protected open fun parseConfig(config: JSONObject): WireguardConfig {
-        val configData = config.getJSONObject("wireguard_config_data")
+        val configDataJson = config.getJSONObject("wireguard_config_data")
+        val configData = parseConfigData(configDataJson.getString("config"))
         return WireguardConfig.build {
-            configWireguard(config, configData)
+            configWireguard(configData, configDataJson)
             configSplitTunneling(config)
             configAppSplitTunneling(config)
         }
     }
 
-    protected fun WireguardConfig.Builder.configWireguard(config: JSONObject, configData: JSONObject) {
-        configData.getString("client_ip").split(",").map { address ->
+    protected fun WireguardConfig.Builder.configWireguard(configData: Map<String, String>, configDataJson: JSONObject) {
+        configData["Address"]?.split(",")?.map { address ->
             InetNetwork.parse(address.trim())
-        }.forEach(::addAddress)
+        }?.forEach(::addAddress)
 
-        config.optStringOrNull("dns1")?.let { dns ->
-            addDnsServer(parseInetAddress(dns.trim()))
-        }
-
-        config.optStringOrNull("dns2")?.let { dns ->
-            addDnsServer(parseInetAddress(dns.trim()))
-        }
+        configData["DNS"]?.split(",")?.map { dns ->
+            parseInetAddress(dns.trim())
+        }?.forEach(::addDnsServer)
 
         val defRoutes = hashSetOf(
             InetNetwork("0.0.0.0", 0),
             InetNetwork("::", 0)
         )
         val routes = hashSetOf<InetNetwork>()
-        configData.getJSONArray("allowed_ips").asSequence<String>().map { route ->
+        configData["AllowedIPs"]?.split(",")?.map { route ->
             InetNetwork.parse(route.trim())
-        }.forEach(routes::add)
+        }?.forEach(routes::add)
         // if the allowed IPs list contains at least one non-default route, disable global split tunneling
         if (routes.any { it !in defRoutes }) disableSplitTunneling()
         addRoutes(routes)
 
-        configData.optStringOrNull("mtu")?.let { setMtu(it.toInt()) }
-
-        val host = configData.getString("hostName").let { parseInetAddress(it.trim()) }
-        val port = configData.getInt("port")
-        setEndpoint(InetEndpoint(host, port))
-
-        if (configData.optBoolean("isObfuscationEnabled")) {
-            setUseProtocolExtension(true)
-            configExtensionParameters(configData)
+        configDataJson.optString("mtu").let { mtu ->
+            if (mtu.isNotEmpty()) {
+                setMtu(mtu.toInt())
+            } else {
+                configData["MTU"]?.let { setMtu(it.toInt()) }
+            }
         }
 
-        configData.optStringOrNull("persistent_keep_alive")?.let { setPersistentKeepalive(it.toInt()) }
-        configData.getString("client_priv_key").let { setPrivateKeyHex(it.base64ToHex()) }
-        configData.getString("server_pub_key").let { setPublicKeyHex(it.base64ToHex()) }
-        configData.optStringOrNull("psk_key")?.let { setPreSharedKeyHex(it.base64ToHex()) }
+        configData["Endpoint"]?.let { setEndpoint(InetEndpoint.parse(it)) }
+        configData["PersistentKeepalive"]?.let { setPersistentKeepalive(it.toInt()) }
+        configData["PrivateKey"]?.let { setPrivateKeyHex(it.base64ToHex()) }
+        configData["PublicKey"]?.let { setPublicKeyHex(it.base64ToHex()) }
+        configData["PresharedKey"]?.let { setPreSharedKeyHex(it.base64ToHex()) }
     }
 
-    protected fun WireguardConfig.Builder.configExtensionParameters(configData: JSONObject) {
-        configData.optStringOrNull("Jc")?.let { setJc(it.toInt()) }
-        configData.optStringOrNull("Jmin")?.let { setJmin(it.toInt()) }
-        configData.optStringOrNull("Jmax")?.let { setJmax(it.toInt()) }
-        configData.optStringOrNull("S1")?.let { setS1(it.toInt()) }
-        configData.optStringOrNull("S2")?.let { setS2(it.toInt()) }
-        configData.optStringOrNull("H1")?.let { setH1(it.toLong()) }
-        configData.optStringOrNull("H2")?.let { setH2(it.toLong()) }
-        configData.optStringOrNull("H3")?.let { setH3(it.toLong()) }
-        configData.optStringOrNull("H4")?.let { setH4(it.toLong()) }
+    protected fun parseConfigData(data: String): Map<String, String> {
+        val parsedData = TreeMap<String, String>(String.CASE_INSENSITIVE_ORDER)
+        data.lineSequence()
+            .filter { it.isNotEmpty() && !it.startsWith('[') }
+            .forEach { line ->
+                val attr = line.split("=", limit = 2)
+                parsedData[attr.first().trim()] = attr.last().trim()
+            }
+        return parsedData
     }
 
     private fun start(config: WireguardConfig, vpnBuilder: Builder, protect: (Int) -> Boolean) {

client/android/wireguard/src/main/kotlin/org/amnezia/vpn/protocol/wireguard/WireguardConfig.kt

@@ -1,7 +1,6 @@
 package org.amnezia.vpn.protocol.wireguard
 
 import android.util.Base64
-import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.ProtocolConfig
 import org.amnezia.vpn.util.net.InetEndpoint
 
@@ -13,17 +12,7 @@ open class WireguardConfig protected constructor(
     val persistentKeepalive: Int,
     val publicKeyHex: String,
     val preSharedKeyHex: String?,
-    val privateKeyHex: String,
-    val useProtocolExtension: Boolean,
-    val jc: Int?,
-    val jmin: Int?,
-    val jmax: Int?,
-    val s1: Int?,
-    val s2: Int?,
-    val h1: Long?,
-    val h2: Long?,
-    val h3: Long?,
-    val h4: Long?
+    val privateKeyHex: String
 ) : ProtocolConfig(protocolConfigBuilder) {
 
     protected constructor(builder: Builder) : this(
@@ -32,17 +21,7 @@ open class WireguardConfig protected constructor(
         builder.persistentKeepalive,
         builder.publicKeyHex,
         builder.preSharedKeyHex,
-        builder.privateKeyHex,
-        builder.useProtocolExtension,
-        builder.jc,
-        builder.jmin,
-        builder.jmax,
-        builder.s1,
-        builder.s2,
-        builder.h1,
-        builder.h2,
-        builder.h3,
-        builder.h4
+        builder.privateKeyHex
     )
 
     fun toWgUserspaceString(): String = with(StringBuilder()) {
@@ -54,30 +33,6 @@ open class WireguardConfig protected constructor(
 
     open fun appendDeviceLine(sb: StringBuilder) = with(sb) {
         appendLine("private_key=$privateKeyHex")
-        if (useProtocolExtension) {
-            validateProtocolExtensionParameters()
-            appendLine("jc=$jc")
-            appendLine("jmin=$jmin")
-            appendLine("jmax=$jmax")
-            appendLine("s1=$s1")
-            appendLine("s2=$s2")
-            appendLine("h1=$h1")
-            appendLine("h2=$h2")
-            appendLine("h3=$h3")
-            appendLine("h4=$h4")
-        }
-    }
-
-    private fun validateProtocolExtensionParameters() {
-        if (jc == null) throw BadConfigException("Parameter jc is undefined")
-        if (jmin == null) throw BadConfigException("Parameter jmin is undefined")
-        if (jmax == null) throw BadConfigException("Parameter jmax is undefined")
-        if (s1 == null) throw BadConfigException("Parameter s1 is undefined")
-        if (s2 == null) throw BadConfigException("Parameter s2 is undefined")
-        if (h1 == null) throw BadConfigException("Parameter h1 is undefined")
-        if (h2 == null) throw BadConfigException("Parameter h2 is undefined")
-        if (h3 == null) throw BadConfigException("Parameter h3 is undefined")
-        if (h4 == null) throw BadConfigException("Parameter h4 is undefined")
     }
 
     open fun appendPeerLine(sb: StringBuilder) = with(sb) {
@@ -110,18 +65,6 @@ open class WireguardConfig protected constructor(
 
         override var mtu: Int = WIREGUARD_DEFAULT_MTU
 
-        internal var useProtocolExtension: Boolean = false
-
-        internal var jc: Int? = null
-        internal var jmin: Int? = null
-        internal var jmax: Int? = null
-        internal var s1: Int? = null
-        internal var s2: Int? = null
-        internal var h1: Long? = null
-        internal var h2: Long? = null
-        internal var h3: Long? = null
-        internal var h4: Long? = null
-
         fun setEndpoint(endpoint: InetEndpoint) = apply { this.endpoint = endpoint }
 
         fun setPersistentKeepalive(persistentKeepalive: Int) = apply { this.persistentKeepalive = persistentKeepalive }
@@ -132,18 +75,6 @@ open class WireguardConfig protected constructor(
 
         fun setPrivateKeyHex(privateKeyHex: String) = apply { this.privateKeyHex = privateKeyHex }
 
-        fun setUseProtocolExtension(useProtocolExtension: Boolean) = apply { this.useProtocolExtension = useProtocolExtension }
-
-        fun setJc(jc: Int) = apply { this.jc = jc }
-        fun setJmin(jmin: Int) = apply { this.jmin = jmin }
-        fun setJmax(jmax: Int) = apply { this.jmax = jmax }
-        fun setS1(s1: Int) = apply { this.s1 = s1 }
-        fun setS2(s2: Int) = apply { this.s2 = s2 }
-        fun setH1(h1: Long) = apply { this.h1 = h1 }
-        fun setH2(h2: Long) = apply { this.h2 = h2 }
-        fun setH3(h3: Long) = apply { this.h3 = h3 }
-        fun setH4(h4: Long) = apply { this.h4 = h4 }
-
         override fun build(): WireguardConfig = configBuild().run { WireguardConfig(this@Builder) }
     }
 

client/android/xray/src/main/kotlin/Xray.kt

@@ -17,10 +17,72 @@ import org.amnezia.vpn.protocol.xray.libXray.Logger
 import org.amnezia.vpn.protocol.xray.libXray.Tun2SocksConfig
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.net.InetNetwork
-import org.amnezia.vpn.util.net.ip
 import org.amnezia.vpn.util.net.parseInetAddress
 import org.json.JSONObject
 
+/**
+ *    Config example:
+ * {
+ *     "appSplitTunnelType": 0,
+ *     "config_version": 0,
+ *     "description": "Server 1",
+ *     "dns1": "1.1.1.1",
+ *     "dns2": "1.0.0.1",
+ *     "hostName": "100.100.100.0",
+ *     "protocol": "xray",
+ *     "splitTunnelApps": [],
+ *     "splitTunnelSites": [],
+ *     "splitTunnelType": 0,
+ *     "xray_config_data": {
+ *         "inbounds": [
+ *             {
+ *                 "listen": "127.0.0.1",
+ *                 "port": 8080,
+ *                 "protocol": "socks",
+ *                 "settings": {
+ *                     "udp": true
+ *                 }
+ *             }
+ *         ],
+ *         "log": {
+ *             "loglevel": "error"
+ *         },
+ *         "outbounds": [
+ *             {
+ *                 "protocol": "vless",
+ *                 "settings": {
+ *                     "vnext": [
+ *                         {
+ *                             "address": "100.100.100.0",
+ *                             "port": 443,
+ *                             "users": [
+ *                                 {
+ *                                     "encryption": "none",
+ *                                     "flow": "xtls-rprx-vision",
+ *                                     "id": "id"
+ *                                 }
+ *                             ]
+ *                         }
+ *                     ]
+ *                 },
+ *                 "streamSettings": {
+ *                     "network": "tcp",
+ *                     "realitySettings": {
+ *                         "fingerprint": "chrome",
+ *                         "publicKey": "publicKey",
+ *                         "serverName": "google.com",
+ *                         "shortId": "id",
+ *                         "spiderX": ""
+ *                     },
+ *                     "security": "reality"
+ *                 }
+ *             }
+ *         ]
+ *     }
+ * }
+ *
+ */
+
 private const val TAG = "Xray"
 private const val LIBXRAY_TAG = "libXray"
 
@@ -47,7 +109,7 @@ class Xray : Protocol() {
         }
     }
 
-    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
         if (isRunning) {
             Log.w(TAG, "XRay already running")
             return
@@ -62,15 +124,7 @@ class Xray : Protocol() {
             .put("loglevel", "warning")
             .put("access", "none") // disable access log
 
-        var xrayJsonConfigString = xrayJsonConfig.toString()
-        config.getString("hostName").let { hostName ->
-            val ipAddress = parseInetAddress(hostName).ip
-            if (hostName != ipAddress) {
-                xrayJsonConfigString = xrayJsonConfigString.replace(hostName, ipAddress)
-            }
-        }
-
-        start(xrayConfig, xrayJsonConfigString, vpnBuilder, protect)
+        start(xrayConfig, xrayJsonConfig.toString(), vpnBuilder, protect)
         state.value = CONNECTED
         isRunning = true
     }

client/cmake/3rdparty.cmake

@@ -2,6 +2,13 @@ set(CLIENT_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/..)
 
 set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_LIST_DIR}/Modules;${CMAKE_MODULE_PATH}")
 
+if(NOT IOS AND NOT ANDROID)
+    message(${QT_DEFAULT_MAJOR_VERSION})
+    set(QAPPLICATION_CLASS QGuiApplication)
+    add_subdirectory(${CLIENT_ROOT_DIR}/3rd/SingleApplication)
+    set(LIBS ${LIBS} SingleApplication::SingleApplication)
+endif()
+
 add_subdirectory(${CLIENT_ROOT_DIR}/3rd/SortFilterProxyModel)
 set(LIBS ${LIBS} SortFilterProxyModel)
 include(${CLIENT_ROOT_DIR}/cmake/QSimpleCrypto.cmake)

client/cmake/android.cmake

@@ -27,6 +27,7 @@ link_directories(${CMAKE_CURRENT_SOURCE_DIR}/platforms/android)
 set(HEADERS ${HEADERS}
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_controller.h
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_utils.h
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/authResultReceiver.h
     ${CMAKE_CURRENT_SOURCE_DIR}/protocols/android_vpnprotocol.h
     ${CMAKE_CURRENT_SOURCE_DIR}/core/installedAppsImageProvider.h
 )
@@ -34,6 +35,7 @@ set(HEADERS ${HEADERS}
 set(SOURCES ${SOURCES}
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_controller.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/android_utils.cpp
+    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/android/authResultReceiver.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/protocols/android_vpnprotocol.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/core/installedAppsImageProvider.cpp
 )

client/cmake/macos_ne.cmake

@@ -1,181 +0,0 @@
-message("Client ==> MacOS NE build")
-
-set_target_properties(${PROJECT} PROPERTIES MACOSX_BUNDLE TRUE)
-set(CMAKE_OSX_ARCHITECTURES "x86_64" CACHE INTERNAL "" FORCE)
-set(CMAKE_OSX_DEPLOYMENT_TARGET 10.15)
-
-set(APPLE_PROJECT_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
-
-
-enable_language(OBJC)
-# enable_language(OBJCXX)
-enable_language(Swift)
-
-find_package(Qt6 REQUIRED COMPONENTS ShaderTools)
-set(LIBS ${LIBS} Qt6::ShaderTools)
-
-find_library(FW_AUTHENTICATIONSERVICES AuthenticationServices)
-#find_library(FW_UIKIT UIKit)
-find_library(FW_AVFOUNDATION AVFoundation)
-find_library(FW_FOUNDATION Foundation)
-find_library(FW_STOREKIT StoreKit)
-find_library(FW_USERNOTIFICATIONS UserNotifications)
-find_library(FW_NETWORKEXTENSION NetworkExtension)
-
-set(LIBS ${LIBS}
-    ${FW_AUTHENTICATIONSERVICES}
-#    ${FW_UIKIT}
-    ${FW_AVFOUNDATION}
-    ${FW_FOUNDATION}
-    ${FW_STOREKIT}
-    ${FW_USERNOTIFICATIONS}
-    ${FW_NETWORKEXTENSION}
-)
-
-
-set(HEADERS ${HEADERS}
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.h
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller_wrapper.h
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosnotificationhandler.h
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate.h
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate-C-Interface.h
-)
-set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.h PROPERTIES OBJECTIVE_CPP_HEADER TRUE)
-
-
-set(SOURCES ${SOURCES}
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.mm
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller_wrapper.mm
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosnotificationhandler.mm
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosglue.mm
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QRCodeReaderBase.mm
-    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate.mm
-)
-
-set(ICON_FILE ${CMAKE_CURRENT_SOURCE_DIR}/images/app.icns)
-set(MACOSX_BUNDLE_ICON_FILE app.icns)
-set_source_files_properties(${ICON_FILE} PROPERTIES MACOSX_PACKAGE_LOCATION Resources)
-set(SOURCES ${SOURCES} ${ICON_FILE})
-
-# set(HEADERS ${HEADERS}
-#     ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.h
-# )
-
-# set(SOURCES ${SOURCES}
-#     ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.mm
-# )
-
-
-target_include_directories(${PROJECT} PRIVATE ${Qt6Gui_PRIVATE_INCLUDE_DIRS})
-
-
-set_target_properties(${PROJECT} PROPERTIES
-    XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
-    MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Info.plist.in
-    #MACOSX_BUNDLE_ICON_FILE "AppIcon"
-    MACOSX_BUNDLE_INFO_STRING "AmneziaVPN"
-    MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPN"
-    MACOSX_BUNDLE_BUNDLE_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
-    MACOSX_BUNDLE_LONG_VERSION_STRING "${APPLE_PROJECT_VERSION}-${CMAKE_PROJECT_VERSION_TWEAK}"
-    MACOSX_BUNDLE_SHORT_VERSION_STRING "${APPLE_PROJECT_VERSION}"
-    XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}"
-    XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_SOURCE_DIR}/macos/app/main.entitlements"
-    XCODE_ATTRIBUTE_MARKETING_VERSION "${APPLE_PROJECT_VERSION}"
-    XCODE_ATTRIBUTE_CURRENT_PROJECT_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}"
-    XCODE_ATTRIBUTE_PRODUCT_NAME "AmneziaVPN"
-    XCODE_ATTRIBUTE_BUNDLE_INFO_STRING "AmneziaVPN"
-    XCODE_GENERATE_SCHEME TRUE
-    XCODE_ATTRIBUTE_ENABLE_BITCODE "NO"
-    #XCODE_ATTRIBUTE_ASSETCATALOG_COMPILER_APPICON_NAME "AppIcon"
-    XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2"
-    XCODE_EMBED_FRAMEWORKS_CODE_SIGN_ON_COPY "NO"
-    XCODE_EMBED_FRAMEWORKS_REMOVE_HEADERS_ON_COPY "YES"
-
-    XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION
-    XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../Frameworks"
-    XCODE_EMBED_APP_EXTENSIONS networkextension
-
-    XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic
-    # XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual
-
-    # XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution: Privacy Technologies OU (X7UJ388FXK)"
-    # XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
-
-
-    # XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "Mac AppStore AmneziaVPN"
-    # XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "Mac AppStore AmneziaVPN"
-
-)
-set_target_properties(${PROJECT} PROPERTIES
-    XCODE_ATTRIBUTE_SWIFT_VERSION "5.0"
-    XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES"
-    XCODE_ATTRIBUTE_SWIFT_PRECOMPILE_BRIDGING_HEADER "NO"
-    XCODE_ATTRIBUTE_SWIFT_OBJC_INTERFACE_HEADER_NAME "AmneziaVPN-Swift.h"
-    XCODE_ATTRIBUTE_SWIFT_OBJC_INTEROP_MODE "objcxx"
-)
-set_target_properties(${PROJECT} PROPERTIES
-    XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
-)
-target_include_directories(${PROJECT} PRIVATE ${CMAKE_CURRENT_LIST_DIR})
-target_compile_options(${PROJECT} PRIVATE
-    -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\"
-    -DVPN_NE_BUNDLEID=\"${BUILD_IOS_APP_IDENTIFIER}.network-extension\"
-)
-
-set(WG_APPLE_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/3rd/amneziawg-apple/Sources)
-
-target_sources(${PROJECT} PRIVATE
-#    ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosvpnprotocol.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKitC/x25519.c
-    ${CLIENT_ROOT_DIR}/platforms/ios/LogController.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/Log.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/LogRecord.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/ScreenProtection.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/VPNCController.swift
-)
-
-target_sources(${PROJECT} PRIVATE
-    #${CMAKE_CURRENT_SOURCE_DIR}/macos_ne/app/AmneziaVPNLaunchScreen.storyboard
-    ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Media.xcassets
-    ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/PrivacyInfo.xcprivacy
-)
-
-set_property(TARGET ${PROJECT} APPEND PROPERTY RESOURCE
-    #${CMAKE_CURRENT_SOURCE_DIR}/macos/app/AmneziaVPNLaunchScreen.storyboard
-    ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Media.xcassets
-    ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/PrivacyInfo.xcprivacy
-)
-
-add_subdirectory(macos/networkextension)
-add_dependencies(${PROJECT} networkextension)
-
-# set_property(TARGET ${PROJECT} PROPERTY XCODE_EMBED_FRAMEWORKS
-#     "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos/OpenVPNAdapter.framework"
-# )
-
-
-
-# set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos)
-# target_link_libraries("networkextension" PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}/3rd/OpenVPNAdapter/build/Release-iphoneos/OpenVPNAdapter.framework")
-
-get_target_property(QtCore_location Qt6::Core LOCATION)
-message("QtCore_location")
-message(${QtCore_location})
-
-get_filename_component(QT_BIN_DIR_DETECTED "${QtCore_location}/../../../../../bin" ABSOLUTE)
-
-
-# add_custom_command(TARGET ${PROJECT} POST_BUILD
-#     COMMAND ${QT_BIN_DIR_DETECTED}/macdeployqt $<TARGET_BUNDLE_DIR:AmneziaVPN> -appstore-compliant -qmldir=${CMAKE_CURRENT_SOURCE_DIR}
-# )
-
-# if(CMAKE_BUILD_TYPE STREQUAL "Release")
-#     SET(SIGN_CMD codesign --deep --force --sign 'Apple Distribution: Privacy Technologies OU \(X7UJ388FXK\)' --timestamp --options runtime $<TARGET_BUNDLE_DIR:AmneziaVPN>)
-#     message("Manual signing bundle...")
-#     message(${SIGN_CMD})
-
-
-#     add_custom_command(TARGET ${PROJECT} POST_BUILD
-#         COMMAND ${SIGN_CMD}
-#     )
-# endif()

client/cmake/osxtools.cmake

@@ -76,7 +76,7 @@ function(osx_bundle_assetcatalog TARGET)
     )
 
     ## Patch the asset catalog into the target bundle.
-    if(NOT IOS AND NOT MACOS_NE)
+    if(NOT IOS)
         set(XCASSETS_RESOURCE_DIR "Resources")
     endif()
     add_custom_command(TARGET ${TARGET} POST_BUILD
@@ -141,7 +141,6 @@ function(osx_codesign_target TARGET)
         endif()
 
         foreach(FILE ${CODESIGN_FILES})
-            message(STATUS "Signing ${TARGET}: ${FILE}")
             add_custom_command(TARGET ${TARGET} POST_BUILD VERBATIM
                 COMMAND ${COMMENT_ECHO_COMMAND} "Signing ${TARGET}: ${FILE}"
                 COMMAND ${CODESIGN_BIN} ${CODESIGN_ARGS} ${FILE}

client/configurators/ssh_configurator.cpp

@@ -102,9 +102,7 @@ QProcessEnvironment SshConfigurator::prepareEnv()
     pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "\\cygwin;");
     pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "\\openvpn;");
 #elif defined(Q_OS_MACX)
-#if !defined(MACOS_NE)
     pathEnvVar.prepend(QDir::toNativeSeparators(QApplication::applicationDirPath()) + "/Contents/MacOS");
-#endif
 #endif
 
     env.insert("PATH", pathEnvVar);

client/configurators/wireguard_configurator.cpp

@@ -95,18 +95,6 @@ WireguardConfigurator::ConnectionData WireguardConfigurator::prepareWireguardCon
         stdOut.replace("/32", "");
         QStringList ips = stdOut.split("\n", Qt::SkipEmptyParts);
 
-        // remove extra IPs from each line for case when user manually edited the wg0.conf
-        // and added there more IPs for route his itnernal networks, like:
-        //     ...
-        //     AllowedIPs = 10.8.1.6/32, 192.168.1.0/24, 192.168.2.0/24, ...
-        //     ...
-        // without this code - next IP would be 1 if last item in 'ips' has format above
-        QStringList vpnIps;
-        for (const auto &ip : ips) {
-          vpnIps.append(ip.split(",", Qt::SkipEmptyParts).first().trimmed());
-        }
-        ips = vpnIps;
-
         // Calc next IP address
         if (ips.isEmpty()) {
             nextIpNumber = "2";
@@ -199,10 +187,6 @@ QString WireguardConfigurator::createConfig(const ServerCredentials &credentials
     jConfig[config_key::server_pub_key] = connData.serverPubKey;
     jConfig[config_key::mtu] = wireguarConfig.value(config_key::mtu).toString(protocols::wireguard::defaultMtu);
 
-    jConfig[config_key::persistent_keep_alive] = "25";
-    QJsonArray allowedIps { "0.0.0.0/0", "::/0" };
-    jConfig[config_key::allowed_ips] = allowedIps;
-
     jConfig[config_key::clientId] = connData.clientPubKey;
 
     return QJsonDocument(jConfig).toJson();

client/core/controllers/apiController.cpp

@@ -9,8 +9,8 @@
 #include "QRsa.h"
 
 #include "amnezia_application.h"
-#include "configurators/wireguard_configurator.h"
 #include "core/enums/apiEnums.h"
+#include "configurators/wireguard_configurator.h"
 #include "version.h"
 
 namespace
@@ -42,7 +42,7 @@ namespace
         constexpr char keyPayload[] = "key_payload";
     }
 
-    const QStringList proxyStorageUrl = { "" };
+    const QStringList proxyStorageUrl = {""};
 
     ErrorCode checkErrors(const QList<QSslError> &sslErrors, QNetworkReply *reply)
     {
@@ -65,8 +65,7 @@ namespace
     }
 }
 
-ApiController::ApiController(const QString &gatewayEndpoint, bool isDevEnvironment, QObject *parent)
-    : QObject(parent), m_gatewayEndpoint(gatewayEndpoint), m_isDevEnvironment(isDevEnvironment)
+ApiController::ApiController(const QString &gatewayEndpoint, QObject *parent) : QObject(parent), m_gatewayEndpoint(gatewayEndpoint)
 {
 }
 
@@ -144,7 +143,7 @@ QStringList ApiController::getProxyUrls()
 
     QEventLoop wait;
     QList<QSslError> sslErrors;
-    QNetworkReply *reply;
+    QNetworkReply* reply;
 
     for (const auto &proxyStorageUrl : proxyStorageUrl) {
         request.setUrl(proxyStorageUrl);
@@ -282,7 +281,7 @@ ErrorCode ApiController::getServicesList(QByteArray &responseBody)
 
     request.setUrl(QString("%1v1/services").arg(m_gatewayEndpoint));
 
-    QNetworkReply *reply;
+    QNetworkReply* reply;
     reply = amnApp->manager()->get(request);
 
     QEventLoop wait;
@@ -301,8 +300,7 @@ ErrorCode ApiController::getServicesList(QByteArray &responseBody)
             QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
             connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
             wait.exec();
-            if (reply->error() != QNetworkReply::NetworkError::TimeoutError
-                && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
+            if (reply->error() != QNetworkReply::NetworkError::TimeoutError && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
                 break;
             }
             reply->deleteLater();
@@ -357,9 +355,9 @@ ErrorCode ApiController::getConfigForService(const QString &installationUuid, co
 
         EVP_PKEY *publicKey = nullptr;
         try {
-            QByteArray rsaKey = m_isDevEnvironment ? DEV_AGW_PUBLIC_KEY : PROD_AGW_PUBLIC_KEY;
+            QByteArray key = PROD_AGW_PUBLIC_KEY;
             QSimpleCrypto::QRsa rsa;
-            publicKey = rsa.getPublicKeyFromByteArray(rsaKey);
+            publicKey = rsa.getPublicKeyFromByteArray(key);
         } catch (...) {
             qCritical() << "error loading public key from environment variables";
             return ErrorCode::ApiMissingAgwPublicKey;
@@ -377,7 +375,7 @@ ErrorCode ApiController::getConfigForService(const QString &installationUuid, co
     requestBody[configKey::keyPayload] = QString(encryptedKeyPayload.toBase64());
     requestBody[configKey::apiPayload] = QString(encryptedApiPayload.toBase64());
 
-    QNetworkReply *reply = manager.post(request, QJsonDocument(requestBody).toJson());
+    QNetworkReply* reply = manager.post(request, QJsonDocument(requestBody).toJson());
 
     QEventLoop wait;
     connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
@@ -397,8 +395,7 @@ ErrorCode ApiController::getConfigForService(const QString &installationUuid, co
             QObject::connect(reply, &QNetworkReply::finished, &wait, &QEventLoop::quit);
             connect(reply, &QNetworkReply::sslErrors, [this, &sslErrors](const QList<QSslError> &errors) { sslErrors = errors; });
             wait.exec();
-            if (reply->error() != QNetworkReply::NetworkError::TimeoutError
-                && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
+            if (reply->error() != QNetworkReply::NetworkError::TimeoutError && reply->error() != QNetworkReply::NetworkError::OperationCanceledError) {
                 break;
             }
             reply->deleteLater();

client/core/controllers/apiController.h

@@ -14,7 +14,7 @@ class ApiController : public QObject
     Q_OBJECT
 
 public:
-    explicit ApiController(const QString &gatewayEndpoint, bool isDevEnvironment, QObject *parent = nullptr);
+    explicit ApiController(const QString &gatewayEndpoint, QObject *parent = nullptr);
 
 public slots:
     void updateServerConfigFromApi(const QString &installationUuid, const int serverIndex, QJsonObject serverConfig);
@@ -44,7 +44,6 @@ private:
 
     QString m_gatewayEndpoint;
     QStringList m_proxyUrls;
-    bool m_isDevEnvironment = false;
 };
 
 #endif // APICONTROLLER_H

client/core/controllers/serverController.cpp

@@ -83,6 +83,7 @@ ErrorCode ServerController::runScript(const ServerCredentials &credentials, QStr
         }
 
         qDebug().noquote() << lineToExec;
+        Logger::appendSshLog("Run command:" + lineToExec);
 
         error = m_sshClient.executeCommand(lineToExec, cbReadStdOut, cbReadStdErr);
         if (error != ErrorCode::NoError) {
@@ -99,13 +100,13 @@ ErrorCode ServerController::runContainerScript(const ServerCredentials &credenti
                                                const std::function<ErrorCode(const QString &, libssh::Client &)> &cbReadStdErr)
 {
     QString fileName = "/opt/amnezia/" + Utils::getRandomString(16) + ".sh";
+    Logger::appendSshLog("Run container script for " + ContainerProps::containerToString(container) + ":\n" + script);
 
     ErrorCode e = uploadTextFileToContainer(container, credentials, script, fileName);
     if (e)
         return e;
 
-    QString runner =
-            QString("sudo docker exec -i $CONTAINER_NAME %2 %1 ").arg(fileName, (container == DockerContainer::Socks5Proxy ? "sh" : "bash"));
+    QString runner = QString("sudo docker exec -i $CONTAINER_NAME %2 %1 ").arg(fileName, (container == DockerContainer::Socks5Proxy ? "sh" : "bash"));
     e = runScript(credentials, replaceVars(runner, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);
 
     QString remover = QString("sudo docker exec -i $CONTAINER_NAME rm %1 ").arg(fileName);
@@ -425,7 +426,7 @@ ErrorCode ServerController::buildContainerWorker(const ServerCredentials &creden
     if (errorCode)
         return errorCode;
 
-    errorCode = uploadFileToHost(credentials, amnezia::scriptData(ProtocolScriptType::dockerfile, container).toUtf8(), dockerFilePath);
+    errorCode = uploadFileToHost(credentials, amnezia::scriptData(ProtocolScriptType::dockerfile, container).toUtf8(),dockerFilePath);
 
     if (errorCode)
         return errorCode;
@@ -436,10 +437,9 @@ ErrorCode ServerController::buildContainerWorker(const ServerCredentials &creden
         return ErrorCode::NoError;
     };
 
-    errorCode =
-            runScript(credentials,
-                      replaceVars(amnezia::scriptData(SharedScriptType::build_container), genVarsForScript(credentials, container, config)),
-                      cbReadStdOut);
+    errorCode = runScript(credentials,
+                  replaceVars(amnezia::scriptData(SharedScriptType::build_container), genVarsForScript(credentials, container, config)),
+                  cbReadStdOut);
     if (errorCode)
         return errorCode;
 
@@ -621,15 +621,13 @@ ServerController::Vars ServerController::genVarsForScript(const ServerCredential
 
     // Socks5 proxy vars
     vars.append({ { "$SOCKS5_PROXY_PORT", socks5ProxyConfig.value(config_key::port).toString(protocols::socks5Proxy::defaultPort) } });
-    auto username = socks5ProxyConfig.value(config_key::userName).toString();
+    auto username =  socks5ProxyConfig.value(config_key:: userName).toString();
     auto password = socks5ProxyConfig.value(config_key::password).toString();
     QString socks5user = (!username.isEmpty() && !password.isEmpty()) ? QString("users %1:CL:%2").arg(username, password) : "";
-    vars.append({ { "$SOCKS5_USER", socks5user } });
-    vars.append({ { "$SOCKS5_AUTH_TYPE", socks5user.isEmpty() ? "none" : "strong" } });
+    vars.append({ { "$SOCKS5_USER",  socks5user } });
+    vars.append({ { "$SOCKS5_AUTH_TYPE",  socks5user.isEmpty() ? "none" : "strong" } });
 
-    QString serverIp = (container != DockerContainer::Awg && container != DockerContainer::WireGuard && container != DockerContainer::Xray)
-            ? NetworkUtilities::getIPAddress(credentials.hostName)
-            : credentials.hostName;
+    QString serverIp = NetworkUtilities::getIPAddress(credentials.hostName);
     if (!serverIp.isEmpty()) {
         vars.append({ { "$SERVER_IP_ADDRESS", serverIp } });
     } else {
@@ -715,8 +713,7 @@ ErrorCode ServerController::isServerPortBusy(const ServerCredentials &credential
         udpProtoScript.append("' | grep -i udp");
         tcpProtoScript.append(" | grep LISTEN");
 
-        ErrorCode errorCode =
-                runScript(credentials, replaceVars(tcpProtoScript, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);
+        ErrorCode errorCode = runScript(credentials, replaceVars(tcpProtoScript, genVarsForScript(credentials, container)), cbReadStdOut, cbReadStdErr);
         if (errorCode != ErrorCode::NoError) {
             return errorCode;
         }

client/core/controllers/vpnConfigurationController.cpp

@@ -100,13 +100,7 @@ QJsonObject VpnConfigurationsController::createVpnConfiguration(const QPair<QStr
         protocolConfigString = configurator->processConfigWithLocalSettings(dns, isApiConfig, protocolConfigString);
 
         QJsonObject vpnConfigData = QJsonDocument::fromJson(protocolConfigString.toUtf8()).object();
-        if (container == DockerContainer::Awg || container == DockerContainer::WireGuard) {
-            // add mtu for old configs
-            if (vpnConfigData[config_key::mtu].toString().isEmpty()) {
-                vpnConfigData[config_key::mtu] = container == DockerContainer::Awg ? protocols::awg::defaultMtu : protocols::wireguard::defaultMtu;
-            }
-        }
-
+        vpnConfigData = QJsonDocument::fromJson(protocolConfigString.toUtf8()).object();
         vpnConfiguration.insert(ProtocolProps::key_proto_config_data(proto), vpnConfigData);
     }
 

client/core/ipcclient.cpp

@@ -29,12 +29,6 @@ QSharedPointer<IpcInterfaceReplica> IpcClient::Interface()
     return Instance()->m_ipcClient;
 }
 
-QSharedPointer<IpcProcessTun2SocksReplica> IpcClient::InterfaceTun2Socks()
-{
-    if (!Instance()) return nullptr;
-    return Instance()->m_Tun2SocksClient;
-}
-
 bool IpcClient::init(IpcClient *instance)
 {
     m_instance = instance;
@@ -50,12 +44,6 @@ bool IpcClient::init(IpcClient *instance)
             qWarning() << "IpcClient replica is not connected!";
         }
 
-        Instance()->m_Tun2SocksClient.reset(Instance()->m_ClientNode.acquire<IpcProcessTun2SocksReplica>());
-        Instance()->m_Tun2SocksClient->waitForSource(1000);
-
-        if (!Instance()->m_Tun2SocksClient->isReplicaValid()) {
-            qWarning() << "IpcClient::m_Tun2SocksClient replica is not connected!";
-        }
     });
 
     connect(Instance()->m_localSocket, &QLocalSocket::disconnected, [instance](){
@@ -63,16 +51,16 @@ bool IpcClient::init(IpcClient *instance)
     });
 
     Instance()->m_localSocket->connectToServer(amnezia::getIpcServiceUrl());
+
     Instance()->m_localSocket->waitForConnected();
 
     if (!Instance()->m_ipcClient) {
         qDebug() << "IpcClient::init failed";
         return false;
     }
-
     qDebug() << "IpcClient::init succeed";
 
-    return (Instance()->m_ipcClient->isReplicaValid() && Instance()->m_Tun2SocksClient->isReplicaValid());
+    return Instance()->m_ipcClient->isReplicaValid();
 }
 
 QSharedPointer<PrivilegedProcess> IpcClient::CreatePrivilegedProcess()

client/core/ipcclient.h

@@ -6,7 +6,6 @@
 
 #include "ipc.h"
 #include "rep_ipc_interface_replica.h"
-#include "rep_ipc_process_tun2socks_replica.h"
 
 #include "privileged_process.h"
 
@@ -19,7 +18,6 @@ public:
    static IpcClient *Instance();
    static bool init(IpcClient *instance);
    static QSharedPointer<IpcInterfaceReplica> Interface();
-   static QSharedPointer<IpcProcessTun2SocksReplica> InterfaceTun2Socks();
    static QSharedPointer<PrivilegedProcess> CreatePrivilegedProcess();
 
    bool isSocketConnected() const;
@@ -30,11 +28,8 @@ private:
     ~IpcClient() override;
 
     QRemoteObjectNode m_ClientNode;
-    QRemoteObjectNode m_Tun2SocksNode;
     QSharedPointer<IpcInterfaceReplica> m_ipcClient;
     QPointer<QLocalSocket> m_localSocket;
-    QPointer<QLocalSocket> m_tun2socksSocket;
-    QSharedPointer<IpcProcessTun2SocksReplica> m_Tun2SocksClient;
 
     struct ProcessDescriptor {
         ProcessDescriptor () {

client/core/networkUtilities.cpp

@@ -109,10 +109,7 @@ QStringList NetworkUtilities::summarizeRoutes(const QStringList &ips, const QStr
 
 QString NetworkUtilities::getIPAddress(const QString &host)
 {
-    QHostAddress address(host);
-    if (QAbstractSocket::IPv4Protocol == address.protocol()) {
-        return host;
-    } else if (QAbstractSocket::IPv6Protocol == address.protocol()) {
+    if (ipAddressRegExp().match(host).hasMatch()) {
         return host;
     }
 

client/logger.cpp

@@ -4,18 +4,18 @@
 #include <QDebug>
 #include <QDesktopServices>
 #include <QDir>
-#include <QJsonDocument>
 #include <QMetaEnum>
+#include <QJsonDocument>
 #include <QStandardPaths>
 #include <QUrl>
 
 #include <iostream>
 
-#include "utilities.h"
 #include "version.h"
+#include "utilities.h"
 
 #ifdef AMNEZIA_DESKTOP
-    #include <core/ipcclient.h>
+#include <core/ipcclient.h>
 #endif
 
 #ifdef Q_OS_IOS
@@ -25,9 +25,8 @@
 QFile Logger::m_file;
 QTextStream Logger::m_textStream;
 QString Logger::m_logFileName = QString("%1.log").arg(APPLICATION_NAME);
-QString Logger::m_serviceLogFileName = QString("%1.log").arg(SERVICE_NAME);
 
-void debugMessageHandler(QtMsgType type, const QMessageLogContext &context, const QString &msg)
+void debugMessageHandler(QtMsgType type, const QMessageLogContext& context, const QString& msg)
 {
     if (msg.simplified().isEmpty()) {
         return;
@@ -38,12 +37,12 @@ void debugMessageHandler(QtMsgType type, const QMessageLogContext &context, cons
         return;
     }
 
-    if (msg.startsWith("Unknown property") || msg.startsWith("Could not create pixmap") || msg.startsWith("Populating font")
-        || msg.startsWith("stale focus object")) {
+    if (msg.startsWith("Unknown property") || msg.startsWith("Could not create pixmap") || msg.startsWith("Populating font") || msg.startsWith("stale focus object")) {
         return;
     }
 
     Logger::m_textStream << qFormatLogMessage(type, context, msg) << Qt::endl << Qt::flush;
+    Logger::appendAllLog(qFormatLogMessage(type, context, msg));
 
     std::cout << qFormatLogMessage(type, context, msg).toStdString() << std::endl << std::flush;
 }
@@ -54,24 +53,36 @@ Logger &Logger::Instance()
     return s;
 }
 
-bool Logger::init(bool isServiceLogger)
+void Logger::appendSshLog(const QString &log)
 {
-    QString path = isServiceLogger ? systemLogDir() : userLogsDir();
-    QString logFileName = isServiceLogger ? m_serviceLogFileName : m_logFileName ;
+    QString dt = QDateTime::currentDateTime().toString();
+    Instance().m_sshLog.append(dt + ": " + log + "\n");
+    emit Instance().sshLogChanged(Instance().sshLog());
+}
+
+void Logger::appendAllLog(const QString &log)
+{
+    Instance().m_allLog.append(log + "\n");
+    emit Instance().allLogChanged(Instance().allLog());
+}
+
+bool Logger::init()
+{
+    qSetMessagePattern("%{time yyyy-MM-dd hh:mm:ss} %{type} %{message}");
+
+    QString path = userLogsDir();
     QDir appDir(path);
     if (!appDir.mkpath(path)) {
         return false;
     }
 
-    m_file.setFileName(appDir.filePath(logFileName));
+    m_file.setFileName(appDir.filePath(m_logFileName));
     if (!m_file.open(QIODevice::Append)) {
-        qWarning() << "Cannot open log file:" << logFileName;
+        qWarning() << "Cannot open log file:" << m_logFileName;
         return false;
     }
-
     m_file.setTextModeEnabled(true);
     m_textStream.setDevice(&m_file);
-    qSetMessagePattern("%{time yyyy-MM-dd hh:mm:ss} %{type} %{message}");
 
 #if !defined(QT_DEBUG) || defined(Q_OS_IOS)
     qInstallMessageHandler(debugMessageHandler);
@@ -88,8 +99,7 @@ void Logger::deInit()
     m_file.close();
 }
 
-bool Logger::setServiceLogsEnabled(bool enabled)
-{
+bool Logger::setServiceLogsEnabled(bool enabled) {
 #ifdef AMNEZIA_DESKTOP
     IpcClient *m_IpcClient = new IpcClient;
 
@@ -102,7 +112,8 @@ bool Logger::setServiceLogsEnabled(bool enabled)
 
     if (m_IpcClient->Interface()) {
         m_IpcClient->Interface()->setLogsEnabled(enabled);
-    } else {
+    }
+    else {
         qWarning() << "Error occurred setting up service logs";
         return false;
     }
@@ -116,32 +127,11 @@ QString Logger::userLogsDir()
     return QStandardPaths::writableLocation(QStandardPaths::AppDataLocation) + "/log";
 }
 
-QString Logger::systemLogDir()
-{
-#ifdef Q_OS_WIN
-    QStringList locationList = QStandardPaths::standardLocations(QStandardPaths::GenericDataLocation);
-    QString primaryLocation = "ProgramData";
-    foreach (const QString &location, locationList) {
-        if (location.contains(primaryLocation)) {
-            return QString("%1/%2/log").arg(location).arg(APPLICATION_NAME);
-        }
-    }
-    return QString();
-#else
-    return QString("/var/log/%1").arg(APPLICATION_NAME);
-#endif
-}
-
 QString Logger::userLogsFilePath()
 {
     return userLogsDir() + QDir::separator() + m_logFileName;
 }
 
-QString Logger::serviceLogsFilePath()
-{
-    return systemLogDir() + QDir::separator() + m_serviceLogFileName;
-}
-
 QString Logger::getLogFile()
 {
     m_file.flush();
@@ -149,32 +139,18 @@ QString Logger::getLogFile()
 
     file.open(QIODevice::ReadOnly);
     QString qtLog = file.readAll();
-
+    
 #ifdef Q_OS_IOS
     return QString().fromStdString(AmneziaVPN::swiftUpdateLogData(qtLog.toStdString()));
 #else
     return qtLog;
 #endif
+
 }
 
-QString Logger::getServiceLogFile()
+bool Logger::openLogsFolder()
 {
-    m_file.flush();
-    QFile file(serviceLogsFilePath());
-
-    file.open(QIODevice::ReadOnly);
-    QString qtLog = file.readAll();
-
-#ifdef Q_OS_IOS
-    return QString().fromStdString(AmneziaVPN::swiftUpdateLogData(qtLog.toStdString()));
-#else
-    return qtLog;
-#endif
-}
-
-bool Logger::openLogsFolder(bool isServiceLogger)
-{
-    QString path = isServiceLogger ? systemLogDir() : userLogsDir();
+    QString path = userLogsDir();
 #ifdef Q_OS_WIN
     path = "file:///" + path;
 #endif
@@ -185,23 +161,38 @@ bool Logger::openLogsFolder(bool isServiceLogger)
     return true;
 }
 
-void Logger::clearLogs(bool isServiceLogger)
+bool Logger::openServiceLogsFolder()
+{
+    QString path = Utils::systemLogPath();
+#ifdef Q_OS_WIN
+    path = "file:///" + path;
+#endif
+    QDesktopServices::openUrl(QUrl::fromLocalFile(path));
+    return true;
+}
+
+QString Logger::appLogFileNamePath()
+{
+    return m_file.fileName();
+}
+
+void Logger::clearLogs()
 {
     bool isLogActive = m_file.isOpen();
     m_file.close();
 
-    QFile file(isServiceLogger ? serviceLogsFilePath() : userLogsFilePath());
+    QFile file(userLogsFilePath());
 
     file.open(QIODevice::WriteOnly | QIODevice::Truncate);
     file.resize(0);
     file.close();
-
+    
 #ifdef Q_OS_IOS
     AmneziaVPN::swiftDeleteLog();
 #endif
-
+    
     if (isLogActive) {
-        init(isServiceLogger);
+        init();
     }
 }
 
@@ -219,7 +210,8 @@ void Logger::clearServiceLogs()
 
     if (m_IpcClient->Interface()) {
         m_IpcClient->Interface()->clearLogs();
-    } else {
+    }
+    else {
         qWarning() << "Error occurred cleaning up service logs";
     }
 #endif
@@ -227,41 +219,26 @@ void Logger::clearServiceLogs()
 
 void Logger::cleanUp()
 {
-    clearLogs(false);
+    clearLogs();
     QDir dir(QStandardPaths::writableLocation(QStandardPaths::AppDataLocation));
     dir.removeRecursively();
 
-    clearLogs(true);
+    clearServiceLogs();
 }
 
-Logger::Log::Log(Logger *logger, LogLevel logLevel) : m_logger(logger), m_logLevel(logLevel), m_data(new Data())
-{
-}
+Logger::Log::Log(Logger* logger, LogLevel logLevel)
+    : m_logger(logger), m_logLevel(logLevel), m_data(new Data()) {}
 
-Logger::Log::~Log()
-{
+Logger::Log::~Log() {
     qDebug() << "Amnezia" << m_logger->className() << m_data->m_buffer.trimmed();
     delete m_data;
 }
 
-Logger::Log Logger::error()
-{
-    return Log(this, LogLevel::Error);
-}
-Logger::Log Logger::warning()
-{
-    return Log(this, LogLevel::Warning);
-}
-Logger::Log Logger::info()
-{
-    return Log(this, LogLevel::Info);
-}
-Logger::Log Logger::debug()
-{
-    return Log(this, LogLevel::Debug);
-}
-QString Logger::sensitive(const QString &input)
-{
+Logger::Log Logger::error() { return Log(this, LogLevel::Error); }
+Logger::Log Logger::warning() { return Log(this, LogLevel::Warning); }
+Logger::Log Logger::info() { return Log(this, LogLevel::Info); }
+Logger::Log Logger::debug() { return Log(this, LogLevel::Debug); }
+QString Logger::sensitive(const QString& input) {
 #ifdef Q_DEBUG
     return input;
 #else
@@ -270,51 +247,48 @@ QString Logger::sensitive(const QString &input)
 #endif
 }
 
-#define CREATE_LOG_OP_REF(x)                                                                                                               \
-    Logger::Log &Logger::Log::operator<<(x t)                                                                                              \
-    {                                                                                                                                      \
-        m_data->m_ts << t << ' ';                                                                                                          \
-        return *this;                                                                                                                      \
-    }
+
+#define CREATE_LOG_OP_REF(x)                  \
+Logger::Log& Logger::Log::operator<<(x t) {   \
+    m_data->m_ts << t << ' ';                 \
+    return *this;                             \
+}
 
 CREATE_LOG_OP_REF(uint64_t);
-CREATE_LOG_OP_REF(const char *);
-CREATE_LOG_OP_REF(const QString &);
-CREATE_LOG_OP_REF(const QByteArray &);
-CREATE_LOG_OP_REF(const void *);
+CREATE_LOG_OP_REF(const char*);
+CREATE_LOG_OP_REF(const QString&);
+CREATE_LOG_OP_REF(const QByteArray&);
+CREATE_LOG_OP_REF(const void*);
 
 #undef CREATE_LOG_OP_REF
 
-Logger::Log &Logger::Log::operator<<(const QStringList &t)
-{
+Logger::Log& Logger::Log::operator<<(const QStringList& t) {
     m_data->m_ts << '[' << t.join(",") << ']' << ' ';
     return *this;
 }
 
-Logger::Log &Logger::Log::operator<<(const QJsonObject &t)
-{
+Logger::Log& Logger::Log::operator<<(const QJsonObject& t) {
     m_data->m_ts << QJsonDocument(t).toJson(QJsonDocument::Indented) << ' ';
     return *this;
 }
 
-Logger::Log &Logger::Log::operator<<(QTextStreamFunction t)
-{
+Logger::Log& Logger::Log::operator<<(QTextStreamFunction t) {
     m_data->m_ts << t;
     return *this;
 }
 
-void Logger::Log::addMetaEnum(quint64 value, const QMetaObject *meta, const char *name)
-{
+void Logger::Log::addMetaEnum(quint64 value, const QMetaObject* meta,
+                              const char* name) {
     QMetaEnum me = meta->enumerator(meta->indexOfEnumerator(name));
 
     QString out;
     QTextStream ts(&out);
 
-    if (const char *scope = me.scope()) {
+    if (const char* scope = me.scope()) {
         ts << scope << "::";
     }
 
-    const char *key = me.valueToKey(static_cast<int>(value));
+    const char* key = me.valueToKey(static_cast<int>(value));
     const bool scoped = me.isScoped();
     if (scoped || !key) {
         ts << me.enumName() << (!key ? "(" : "::");

client/logger.h

@@ -0,0 +1,107 @@
+#ifndef LOGGER_H
+#define LOGGER_H
+
+#include <QDebug>
+#include <QDir>
+#include <QFile>
+#include <QString>
+#include <QTextStream>
+
+#include "ui/property_helper.h"
+
+#include "mozilla/shared/loglevel.h"
+
+class Logger : public QObject
+{
+    Q_OBJECT
+    AUTO_PROPERTY(QString, sshLog)
+    AUTO_PROPERTY(QString, allLog)
+
+public:
+    static Logger& Instance();
+
+    static void appendSshLog(const QString &log);
+    static void appendAllLog(const QString &log);
+
+
+    static bool init();
+    static void deInit();
+    static bool setServiceLogsEnabled(bool enabled);
+    static bool openLogsFolder();
+    static bool openServiceLogsFolder();
+    static QString appLogFileNamePath();
+    static void clearLogs();
+    static void clearServiceLogs();
+    static void cleanUp();
+
+    static QString userLogsFilePath();
+    static QString getLogFile();
+
+    // compat with Mozilla logger
+    Logger(const QString &className) { m_className = className; }
+    const QString& className() const { return m_className; }
+
+    class Log {
+    public:
+        Log(Logger* logger, LogLevel level);
+        ~Log();
+
+        Log& operator<<(uint64_t t);
+        Log& operator<<(const char* t);
+        Log& operator<<(const QString& t);
+        Log& operator<<(const QStringList& t);
+        Log& operator<<(const QByteArray& t);
+        Log& operator<<(const QJsonObject& t);
+        Log& operator<<(QTextStreamFunction t);
+        Log& operator<<(const void* t);
+
+        // Q_ENUM
+        template <typename T>
+        typename std::enable_if<QtPrivate::IsQEnumHelper<T>::Value, Log&>::type
+        operator<<(T t) {
+            const QMetaObject* meta = qt_getEnumMetaObject(t);
+            const char* name = qt_getEnumName(t);
+            addMetaEnum(typename QFlags<T>::Int(t), meta, name);
+            return *this;
+        }
+
+    private:
+        void addMetaEnum(quint64 value, const QMetaObject* meta, const char* name);
+
+        Logger* m_logger;
+        LogLevel m_logLevel;
+
+        struct Data {
+            Data() : m_ts(&m_buffer, QIODevice::WriteOnly) {}
+
+            QString m_buffer;
+            QTextStream m_ts;
+        };
+
+        Data* m_data;
+    };
+
+    Log error();
+    Log warning();
+    Log info();
+    Log debug();
+    QString sensitive(const QString& input);
+
+private:
+    Logger() {}
+    Logger(Logger const &) = delete;
+    Logger& operator= (Logger const&) = delete;
+
+    static QString userLogsDir();
+
+    static QFile m_file;
+    static QTextStream m_textStream;
+    static QString m_logFileName;
+
+    friend void debugMessageHandler(QtMsgType type, const QMessageLogContext& context, const QString& msg);
+
+    // compat with Mozilla logger
+    QString m_className;
+};
+
+#endif // LOGGER_H

client/macos/app/AmneziaVPNLaunchScreen.storyboard

@@ -1,43 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<document type="com.apple.InterfaceBuilder3.CocoaTouch.Storyboard.XIB" version="3.0" toolsVersion="17506" targetRuntime="iOS.CocoaTouch" propertyAccessControl="none" useAutolayout="YES" launchScreen="YES" useTraitCollections="YES" useSafeAreas="YES" colorMatched="YES" initialViewController="01J-lp-oVM">
-    <device id="ipad12_9rounded" orientation="portrait" layout="fullscreen" appearance="light"/>
-    <dependencies>
-        <deployment identifier="iOS"/>
-        <plugIn identifier="com.apple.InterfaceBuilder.IBCocoaTouchPlugin" version="17505"/>
-        <capability name="Safe area layout guides" minToolsVersion="9.0"/>
-        <capability name="documents saved in the Xcode 8 format" minToolsVersion="8.0"/>
-    </dependencies>
-    <scenes>
-        <!--View Controller-->
-        <scene sceneID="EHf-IW-A2E">
-            <objects>
-                <viewController id="01J-lp-oVM" sceneMemberID="viewController">
-                    <view key="view" contentMode="scaleToFill" id="gZ9-gc-3t5">
-                        <rect key="frame" x="0.0" y="0.0" width="1024" height="1366"/>
-                        <autoresizingMask key="autoresizingMask" flexibleMaxX="YES" flexibleMaxY="YES"/>
-                        <subviews>
-                            <imageView clipsSubviews="YES" userInteractionEnabled="NO" contentMode="scaleAspectFit" horizontalHuggingPriority="251" verticalHuggingPriority="251" image="launch.png" translatesAutoresizingMaskIntoConstraints="NO" id="q5g-aV-39U">
-                                <rect key="frame" x="467" y="638" width="90" height="90"/>
-                                <constraints>
-                                    <constraint firstAttribute="width" constant="90" id="VFp-nz-h8O"/>
-                                    <constraint firstAttribute="height" constant="90" id="ZUg-Ud-mgE"/>
-                                </constraints>
-                            </imageView>
-                        </subviews>
-                        <viewLayoutGuide key="safeArea" id="Whf-X3-AA4"/>
-                        <color key="backgroundColor" white="0.0" alpha="1" colorSpace="custom" customColorSpace="genericGamma22GrayColorSpace"/>
-                        <constraints>
-                            <constraint firstItem="q5g-aV-39U" firstAttribute="centerX" secondItem="gZ9-gc-3t5" secondAttribute="centerX" id="Ayw-bo-LVF"/>
-                            <constraint firstItem="q5g-aV-39U" firstAttribute="centerY" secondItem="gZ9-gc-3t5" secondAttribute="centerY" id="YHd-Kc-J0u"/>
-                        </constraints>
-                    </view>
-                </viewController>
-                <placeholder placeholderIdentifier="IBFirstResponder" id="iYj-Kq-Ea1" userLabel="First Responder" sceneMemberID="firstResponder"/>
-            </objects>
-            <point key="canvasLocation" x="53" y="375"/>
-        </scene>
-    </scenes>
-    <resources>
-        <image name="launch.png" width="1024" height="1024"/>
-    </resources>
-</document>

client/macos/app/Info.plist.in

@@ -1,178 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>CFBundleAllowMixedLocalizations</key>
-	<true/>
-	<key>CFBundleDevelopmentRegion</key>
-	<string>en</string>
-	<key>CFBundleDisplayName</key>
-	<string>${QT_INTERNAL_DOLLAR_VAR}{PRODUCT_NAME}</string>
-	<key>CFBundleExecutable</key>
-	<string>${MACOSX_BUNDLE_EXECUTABLE_NAME}</string>
-	<key>CFBundleIdentifier</key>
-	<string>${MACOSX_BUNDLE_GUI_IDENTIFIER}</string>
-	<key>CFBundleInfoDictionaryVersion</key>
-	<string>6.0</string>
-	<key>CFBundleName</key>
-	<string>${MACOSX_BUNDLE_BUNDLE_NAME}</string>
-	<key>CFBundlePackageType</key>
-	<string>APPL</string>
-	<key>CFBundleShortVersionString</key>
-	<string>${MACOSX_BUNDLE_SHORT_VERSION_STRING}</string>
-	<key>CFBundleVersion</key>
-	<string>${MACOSX_BUNDLE_BUNDLE_VERSION}</string>
-	<key>NSHumanReadableCopyright</key>
-	<string>${MACOSX_BUNDLE_COPYRIGHT}</string>
-	<key>ITSAppUsesNonExemptEncryption</key>
-	<false/>
-	<key>LSRequiresIPhoneOS</key>
-	<true/>
-	<key>LSSupportsOpeningDocumentsInPlace</key>
-	<true/>
-	<key>UILaunchStoryboardName</key>
-	<string>AmneziaVPNLaunchScreen</string>
-	<key>UIRequiredDeviceCapabilities</key>
-	<array/>
-	<key>UIRequiresFullScreen</key>
-	<true/>
-	<key>UISupportedInterfaceOrientations</key>
-	<array>
-		<string>UIInterfaceOrientationPortraitUpsideDown</string>
-		<string>UIInterfaceOrientationPortrait</string>
-	</array>
-	<key>UISupportedInterfaceOrientations~ipad</key>
-	<array/>
-	<key>UIUserInterfaceStyle</key>
-	<string>Light</string>
-	<key>com.wireguard.ios.app_group_id</key>
-	<string>group.org.amnezia.AmneziaVPN</string>
-	<key>UIViewControllerBasedStatusBarAppearance</key>
-	<true/>
-	<key>NSCameraUsageDescription</key>
-	<string>Amnezia VPN needs access to the camera for reading QR-codes.</string>
-	<key>NSAppTransportSecurity</key>
-	<dict>
-		<key>NSAllowsArbitraryLoads</key>
-		<false/>
-		<key>NSAllowsLocalNetworking</key>
-		<true/>
-	</dict>
-	<key>CFBundleIcons</key>
-        <dict/>
-        <key>CFBundleIcons~ipad</key>
-        <dict/>
-	<key>UTImportedTypeDeclarations</key>
-	<array>
-		<dict>
-			<key>UTTypeConformsTo</key>
-			<array>
-				<string>public.data</string>
-			</array>
-			<key>UTTypeDescription</key>
-			<string>Amnezia VPN config</string>
-			<key>UTTypeIconFiles</key>
-			<array/>
-			<key>UTTypeIdentifier</key>
-			<string>org.amnezia.AmneziaVPN.amnezia-config</string>
-			<key>UTTypeTagSpecification</key>
-			<dict>
-				<key>public.filename-extension</key>
-				<array>
-					<string>vpn</string>
-				</array>
-				<key>public.mime-type</key>
-				<array>
-					<string>text/plain</string>
-				</array>
-			</dict>
-		</dict>
-                <dict>
-                        <key>UTTypeConformsTo</key>
-                        <array>
-                                <string>public.data</string>
-                        </array>
-                        <key>UTTypeDescription</key>
-                        <string>WireGuard config</string>
-                        <key>UTTypeIconFiles</key>
-                        <array/>
-                        <key>UTTypeIdentifier</key>
-                        <string>org.amnezia.AmneziaVPN.wireguard-config</string>
-                        <key>UTTypeTagSpecification</key>
-                        <dict>
-                                <key>public.filename-extension</key>
-                                <array>
-                                        <string>conf</string>
-                                        <string>cfg</string>
-                                </array>
-                                <key>public.mime-type</key>
-                                <array>
-                                        <string>text/plain</string>
-                                </array>
-                        </dict>
-                </dict>
-                <dict>
-                        <key>UTTypeConformsTo</key>
-                        <array>
-                                <string>public.data</string>
-                        </array>
-                        <key>UTTypeDescription</key>
-                        <string>OpenVPN config</string>
-                        <key>UTTypeIconFiles</key>
-                        <array/>
-                        <key>UTTypeIdentifier</key>
-                        <string>org.amnezia.AmneziaVPN.openvpn-config</string>
-                        <key>UTTypeTagSpecification</key>
-                        <dict>
-                                <key>public.filename-extension</key>
-                                <array>
-                                        <string>ovpn</string>
-                                </array>
-                                <key>public.mime-type</key>
-                                <array>
-                                        <string>text/plain</string>
-                                </array>
-                        </dict>
-                </dict>
-                <dict>
-                        <key>UTTypeConformsTo</key>
-                        <array>
-                                <string>public.data</string>
-                        </array>
-                        <key>UTTypeDescription</key>
-                        <string>AmneziaVPN backup file</string>
-                        <key>UTTypeIconFiles</key>
-                        <array/>
-                        <key>UTTypeIdentifier</key>
-                        <string>org.amnezia.AmneziaVPN.backup-config</string>
-                        <key>UTTypeTagSpecification</key>
-                        <dict>
-                                <key>public.filename-extension</key>
-                                <array>
-                                        <string>backup</string>
-                                </array>
-                                <key>public.mime-type</key>
-                                <array>
-                                        <string>text/plain</string>
-                                </array>
-                        </dict>
-                </dict>
-	</array>
-        <key>CFBundleDocumentTypes</key>
-        <array>
-                <dict>
-                        <key>CFBundleTypeName</key>
-                        <string>Amnezia VPN config</string>
-                        <key>LSHandlerRank</key>
-                        <string>Alternate</string>
-                        <key>LSItemContentTypes</key>
-                        <array>
-                                <string>org.amnezia.AmneziaVPN.amnezia-config</string>
-                                <string>org.amnezia.AmneziaVPN.wireguard-config</string>
-                                <string>org.amnezia.AmneziaVPN.openvpn-config</string>
-                                <string>org.amnezia.AmneziaVPN.backup-config</string>
-                        </array>
-                </dict>
-        </array>
-</dict>
-</plist>

client/macos/app/Media.xcassets/AppIcon.appiconset/Contents.json

@@ -1,290 +0,0 @@
-{
-  "images" : [
-    {
-      "filename" : "40.png",
-      "idiom" : "iphone",
-      "scale" : "2x",
-      "size" : "20x20"
-    },
-    {
-      "filename" : "60.png",
-      "idiom" : "iphone",
-      "scale" : "3x",
-      "size" : "20x20"
-    },
-    {
-      "filename" : "29.png",
-      "idiom" : "iphone",
-      "scale" : "1x",
-      "size" : "29x29"
-    },
-    {
-      "filename" : "58.png",
-      "idiom" : "iphone",
-      "scale" : "2x",
-      "size" : "29x29"
-    },
-    {
-      "filename" : "87.png",
-      "idiom" : "iphone",
-      "scale" : "3x",
-      "size" : "29x29"
-    },
-    {
-      "filename" : "80.png",
-      "idiom" : "iphone",
-      "scale" : "2x",
-      "size" : "40x40"
-    },
-    {
-      "filename" : "120.png",
-      "idiom" : "iphone",
-      "scale" : "3x",
-      "size" : "40x40"
-    },
-    {
-      "filename" : "57.png",
-      "idiom" : "iphone",
-      "scale" : "1x",
-      "size" : "57x57"
-    },
-    {
-      "filename" : "114.png",
-      "idiom" : "iphone",
-      "scale" : "2x",
-      "size" : "57x57"
-    },
-    {
-      "filename" : "120.png",
-      "idiom" : "iphone",
-      "scale" : "2x",
-      "size" : "60x60"
-    },
-    {
-      "filename" : "180.png",
-      "idiom" : "iphone",
-      "scale" : "3x",
-      "size" : "60x60"
-    },
-    {
-      "filename" : "20.png",
-      "idiom" : "ipad",
-      "scale" : "1x",
-      "size" : "20x20"
-    },
-    {
-      "filename" : "40.png",
-      "idiom" : "ipad",
-      "scale" : "2x",
-      "size" : "20x20"
-    },
-    {
-      "filename" : "29.png",
-      "idiom" : "ipad",
-      "scale" : "1x",
-      "size" : "29x29"
-    },
-    {
-      "filename" : "58.png",
-      "idiom" : "ipad",
-      "scale" : "2x",
-      "size" : "29x29"
-    },
-    {
-      "filename" : "40.png",
-      "idiom" : "ipad",
-      "scale" : "1x",
-      "size" : "40x40"
-    },
-    {
-      "filename" : "80.png",
-      "idiom" : "ipad",
-      "scale" : "2x",
-      "size" : "40x40"
-    },
-    {
-      "filename" : "50.png",
-      "idiom" : "ipad",
-      "scale" : "1x",
-      "size" : "50x50"
-    },
-    {
-      "filename" : "100.png",
-      "idiom" : "ipad",
-      "scale" : "2x",
-      "size" : "50x50"
-    },
-    {
-      "filename" : "72.png",
-      "idiom" : "ipad",
-      "scale" : "1x",
-      "size" : "72x72"
-    },
-    {
-      "filename" : "144.png",
-      "idiom" : "ipad",
-      "scale" : "2x",
-      "size" : "72x72"
-    },
-    {
-      "filename" : "76.png",
-      "idiom" : "ipad",
-      "scale" : "1x",
-      "size" : "76x76"
-    },
-    {
-      "filename" : "152.png",
-      "idiom" : "ipad",
-      "scale" : "2x",
-      "size" : "76x76"
-    },
-    {
-      "filename" : "167.png",
-      "idiom" : "ipad",
-      "scale" : "2x",
-      "size" : "83.5x83.5"
-    },
-    {
-      "filename" : "1024.png",
-      "idiom" : "ios-marketing",
-      "scale" : "1x",
-      "size" : "1024x1024"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "notificationCenter",
-      "scale" : "2x",
-      "size" : "24x24",
-      "subtype" : "38mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "notificationCenter",
-      "scale" : "2x",
-      "size" : "27.5x27.5",
-      "subtype" : "42mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "companionSettings",
-      "scale" : "2x",
-      "size" : "29x29"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "companionSettings",
-      "scale" : "3x",
-      "size" : "29x29"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "notificationCenter",
-      "scale" : "2x",
-      "size" : "33x33",
-      "subtype" : "45mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "appLauncher",
-      "scale" : "2x",
-      "size" : "40x40",
-      "subtype" : "38mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "appLauncher",
-      "scale" : "2x",
-      "size" : "44x44",
-      "subtype" : "40mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "appLauncher",
-      "scale" : "2x",
-      "size" : "46x46",
-      "subtype" : "41mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "appLauncher",
-      "scale" : "2x",
-      "size" : "50x50",
-      "subtype" : "44mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "appLauncher",
-      "scale" : "2x",
-      "size" : "51x51",
-      "subtype" : "45mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "appLauncher",
-      "scale" : "2x",
-      "size" : "54x54",
-      "subtype" : "49mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "quickLook",
-      "scale" : "2x",
-      "size" : "86x86",
-      "subtype" : "38mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "quickLook",
-      "scale" : "2x",
-      "size" : "98x98",
-      "subtype" : "42mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "quickLook",
-      "scale" : "2x",
-      "size" : "108x108",
-      "subtype" : "44mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "quickLook",
-      "scale" : "2x",
-      "size" : "117x117",
-      "subtype" : "45mm"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "quickLook",
-      "scale" : "2x",
-      "size" : "129x129",
-      "subtype" : "49mm"
-    },
-    {
-      "idiom" : "watch-marketing",
-      "scale" : "1x",
-      "size" : "1024x1024"
-    },
-    {
-      "idiom" : "car",
-      "scale" : "2x",
-      "size" : "60"
-    },
-    {
-      "idiom" : "car",
-      "scale" : "3x",
-      "size" : "60"
-    },
-    {
-      "idiom" : "watch",
-      "role" : "longLook",
-      "scale" : "2x",
-      "size" : "44x44",
-      "subtype" : "42mm"
-    }
-  ],
-  "info" : {
-    "author" : "xcode",
-    "version" : 1
-  }
-}

client/macos/app/Media.xcassets/Contents.json

@@ -1,6 +0,0 @@
-{
-  "info" : {
-    "author" : "xcode",
-    "version" : 1
-  }
-}

client/macos/app/PrivacyInfo.xcprivacy

@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>NSPrivacyAccessedAPITypes</key>
-	<array>
-		<dict>
-			<key>NSPrivacyAccessedAPIType</key>
-			<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
-			<key>NSPrivacyAccessedAPITypeReasons</key>
-			<array>
-				<string>C617.1</string>
-			</array>
-		</dict>
-		<dict>
-			<key>NSPrivacyAccessedAPIType</key>
-			<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
-			<key>NSPrivacyAccessedAPITypeReasons</key>
-			<array>
-				<string>1C8F.1</string>
-			</array>
-		</dict>
-		<dict>
-			<key>NSPrivacyAccessedAPIType</key>
-			<string>NSPrivacyAccessedAPICategorySystemBootTime</string>
-			<key>NSPrivacyAccessedAPITypeReasons</key>
-			<array>
-				<string>35F9.1</string>
-			</array>
-		</dict>
-	</array>
-</dict>
-</plist>

client/macos/app/main.entitlements

@@ -1,20 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>com.apple.developer.networking.networkextension</key>
-	<array>
-		<string>packet-tunnel-provider</string>
-	</array>
-	<key>com.apple.security.application-groups</key>
-	<array>
-		<string>group.org.amnezia.AmneziaVPN</string>
-	</array>
-	<key>com.apple.security.files.user-selected.read-write</key>
-	<true/>
-	<key>keychain-access-groups</key>
-	<array>
-		<string>$(AppIdentifierPrefix)group.org.amnezia.AmneziaVPN</string>
-	</array>
-</dict>
-</plist>

client/macos/networkextension/AmneziaVPNNetworkExtension.entitlements

@@ -3,26 +3,40 @@
 <plist version="1.0">
 <dict>
 	<key>com.apple.application-identifier</key>
-	<string>X7UJ388FXK.org.amnezia.AmneziaVPN.network-extension</string>
+	<string>$(DEVELOPMENT_TEAM).$(NETEXT_ID_MACOS)</string>
+
 	<key>com.apple.developer.networking.networkextension</key>
 	<array>
 		<string>packet-tunnel-provider</string>
 	</array>
-	<key>com.apple.developer.team-identifier</key>
-	<string>X7UJ388FXK</string>
-	<key>com.apple.security.app-sandbox</key>
-	<true/>
-	<key>com.apple.security.application-groups</key>
-	<array>
-		<string>group.org.amnezia.AmneziaVPN</string>
-	</array>
-	<key>com.apple.security.network.client</key>
-	<true/>
-	<key>com.apple.security.network.server</key>
-	<true/>
+
 	<key>keychain-access-groups</key>
 	<array>
-		<string>$(AppIdentifierPrefix)org.amnezia.AmneziaVPN.network-extension</string>
+		<string>$(DEVELOPMENT_TEAM).*</string>
 	</array>
+
+	<key>com.apple.developer.team-identifier</key>
+	<string>$(DEVELOPMENT_TEAM)</string>
+
+	<key>com.apple.developer.system-extension.install</key>
+	<true/>
+
+	<key>com.apple.security.app-sandbox</key>
+	<true/>
+
+	<key>com.apple.security.application-groups</key>
+	<array>
+		<string>$(DEVELOPMENT_TEAM).$(GROUP_ID_MACOS)</string>
+	</array>
+
+	<key>com.apple.security.network.client</key>
+	<true/>
+
+	<key>com.apple.security.network.server</key>
+	<true/>
+	<key>com.apple.security.app-sandbox</key>
+	<true/>
+	<key>com.apple.private.network.socket-delegate</key>
+	<true/>
 </dict>
 </plist>

client/macos/networkextension/CMakeLists.txt

@@ -1,207 +0,0 @@
-enable_language(Swift)
-message("Client message >> macos build >> networkextension")
-set(CLIENT_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/../..)
-
-add_executable(networkextension)
-
-configure_file(
-    ${CMAKE_CURRENT_LIST_DIR}/Info.plist.in
-    ${CMAKE_CURRENT_BINARY_DIR}/Info.plist
-)
-
-if(MACOS_NE)
-    message("MACOS_NE is ON")
-    add_definitions(-DQ_OS_IOS)
-    add_definitions(-DMACOS_NE)
-    message("Add macros for MacOS Network Extension")
-else()
-    message("MACOS_NE is OFF")
-endif()
-
-set_target_properties(networkextension PROPERTIES
-    XCODE_PRODUCT_TYPE com.apple.product-type.app-extension
-    BUNDLE_EXTENSION appex
-
-    #MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_BINARY_DIR}/Info.plist
-
-    MACOSX_BUNDLE_SHORT_VERSION_STRING "${APPLE_PROJECT_VERSION}"
-
-    XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}.network-extension"
-    XCODE_ATTRIBUTE_PRODUCT_BUNDLE_NAME "${BUILD_IOS_APP_IDENTIFIER}.network-extension"
-    XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS ${CMAKE_CURRENT_SOURCE_DIR}/AmneziaVPNNetworkExtension.entitlements
-    XCODE_ATTRIBUTE_MARKETING_VERSION "${APP_MAJOR_VERSION}"
-    XCODE_ATTRIBUTE_CURRENT_PROJECT_VERSION "${BUILD_ID}"
-    XCODE_ATTRIBUTE_PRODUCT_NAME "AmneziaVPNNetworkExtension"
-
-    XCODE_ATTRIBUTE_APPLICATION_EXTENSION_API_ONLY "YES"
-    XCODE_ATTRIBUTE_ENABLE_BITCODE "NO"
-    XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2"
-
-    XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../../Frameworks"
-
-    XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic
-    # #XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual
-
-    # #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution: Privacy Technologies OU (X7UJ388FXK)"
-    # #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
-
-
-    # #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "Mac AppStore AmneziaVPN.network-extension"
-    # #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "Mac AppStore AmneziaVPN.network-extension"
-
-    XCODE_ATTRIBUTE_INFOPLIST_FILE "${CMAKE_CURRENT_BINARY_DIR}/Info.plist"
-    XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../../../../Frameworks @loader_path/../../../../Frameworks"
-)
-
-if(CMAKE_BUILD_TYPE STREQUAL "Debug")
-    set_target_properties(networkextension PROPERTIES
-        XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic
-    )
-endif()
-
-if(CMAKE_BUILD_TYPE STREQUAL "Release")
-    set_target_properties(networkextension PROPERTIES
-        XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic
-        #XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual
-
-        #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution: Privacy Technologies OU (X7UJ388FXK)"
-        #XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development"
-
-
-        #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "Mac AppStore AmneziaVPN.network-extension"
-        #XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "Mac AppStore AmneziaVPN.network-extension"
-    )
-endif()
-
-
-set_target_properties(networkextension PROPERTIES
-    XCODE_ATTRIBUTE_SWIFT_VERSION "5.0"
-    XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES"
-    XCODE_ATTRIBUTE_SWIFT_OBJC_BRIDGING_HEADER "${CMAKE_CURRENT_SOURCE_DIR}/WireGuardNetworkExtension-Bridging-Header.h"
-    XCODE_ATTRIBUTE_SWIFT_OPTIMIZATION_LEVEL "-Onone"
-    XCODE_ATTRIBUTE_SWIFT_PRECOMPILE_BRIDGING_HEADER "NO"
-)
-
-set_target_properties("networkextension" PROPERTIES
-    XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK"
-)
-
-find_library(FW_ASSETS_LIBRARY AssetsLibrary)
-find_library(FW_MOBILE_CORE MobileCoreServices)
-find_library(FW_UI_KIT UIKit)
-find_library(FW_LIBRESOLV libresolv.9.tbd)
-
-# set(OpenVPNAdapter_DIR "${CLIENT_ROOT_DIR}/3rd/")
-
-# find_library(OPENVPN_ADAPTER_LIBRARY OpenVPNAdapter PATHS ${OpenVPNAdapter_DIR})
-# target_link_libraries(networkextension PRIVATE ${OPENVPN_ADAPTER_LIBRARY})
-
-# add_custom_command(TARGET networkextension PRE_BUILD
-#     COMMAND ${CMAKE_COMMAND} -E make_directory $<TARGET_FILE_DIR:networkextension>/../Frameworks
-# )
-
-
-# add_custom_command(TARGET networkextension POST_BUILD
-#     COMMAND ${CMAKE_COMMAND} -E echo "Copying ${OPENVPN_ADAPTER_LIBRARY} to $<TARGET_FILE_DIR:networkextension>/../Frameworks/"
-#     COMMAND ${CMAKE_COMMAND} -E copy_if_different
-#     ${OPENVPN_ADAPTER_LIBRARY}
-#     $<TARGET_FILE_DIR:networkextension>/../Frameworks/
-#     COMMAND ${CMAKE_COMMAND} -E echo "Copy complete"
-# )
-
-
-
-
-# Set the root directory
-set(CLIENT_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/../..)
-
-# Embedding the framework using CLIENT_ROOT_DIR
-set_property(TARGET networkextension PROPERTY XCODE_EMBED_FRAMEWORKS
-    "${CLIENT_ROOT_DIR}/3rd/OpenVPNAdapter/build/Release-macos/OpenVPNAdapter.framework"
-)
-
-# Setting the framework search paths using CLIENT_ROOT_DIR
-set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS "${CLIENT_ROOT_DIR}/3rd/OpenVPNAdapter/build/Release-macos")
-
-# Linking the framework using CLIENT_ROOT_DIR
-target_link_libraries("networkextension" PRIVATE "${CLIENT_ROOT_DIR}/3rd/OpenVPNAdapter/build/Release-macos/OpenVPNAdapter.framework")
-
-
-
-#target_link_libraries(networkextension PRIVATE ${FW_ASSETS_LIBRARY})
-#target_link_libraries(networkextension PRIVATE ${FW_MOBILE_CORE})
-#target_link_libraries(networkextension PRIVATE ${FW_UI_KIT})
-target_link_libraries(networkextension PRIVATE ${FW_LIBRESOLV})
-
-target_compile_options(networkextension PRIVATE -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\")
-target_compile_options(networkextension PRIVATE -DNETWORK_EXTENSION=1)
-
-set(WG_APPLE_SOURCE_DIR ${CLIENT_ROOT_DIR}/3rd/amneziawg-apple/Sources)
-
-message("WG_APPLE_SOURCE_DIR is: ${WG_APPLE_SOURCE_DIR}")
-message("CLIENT_ROOT_DIR is: ${CLIENT_ROOT_DIR}")
-
-target_sources(networkextension PRIVATE
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/WireGuardAdapter.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PacketTunnelSettingsGenerator.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/DNSResolver.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardNetworkExtension/ErrorNotifier.swift
-    ${WG_APPLE_SOURCE_DIR}/Shared/Keychain.swift
-    ${WG_APPLE_SOURCE_DIR}/Shared/Model/TunnelConfiguration+WgQuickConfig.swift
-    ${WG_APPLE_SOURCE_DIR}/Shared/Model/NETunnelProviderProtocol+Extension.swift
-    ${WG_APPLE_SOURCE_DIR}/Shared/Model/String+ArrayConversion.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/TunnelConfiguration.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/IPAddressRange.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/Endpoint.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/DNSServer.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/InterfaceConfiguration.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PeerConfiguration.swift
-    ${WG_APPLE_SOURCE_DIR}/Shared/FileManager+Extension.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKitC/x25519.c
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/Array+ConcurrentMap.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/IPAddress+AddrInfo.swift
-    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PrivateKey.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/HevSocksTunnel.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/NELogController.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/Log.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/LogRecord.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+WireGuard.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+OpenVPN.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+Xray.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/WGConfig.swift
-    ${CLIENT_ROOT_DIR}/platforms/ios/iosglue.mm
-)
-
-target_sources(networkextension PRIVATE
-    ${CMAKE_CURRENT_SOURCE_DIR}/PrivacyInfo.xcprivacy
-)
-
-set_property(TARGET networkextension APPEND PROPERTY RESOURCE
-    ${CMAKE_CURRENT_SOURCE_DIR}/PrivacyInfo.xcprivacy
-)
-
-## Build wireguard-go-version.h
-execute_process(
-    COMMAND go list -m golang.zx2c4.com/wireguard
-    WORKING_DIRECTORY ${CLIENT_ROOT_DIR}/3rd/wireguard-apple/Sources/WireGuardKitGo
-    OUTPUT_VARIABLE WG_VERSION_FULL
-)
-string(REGEX REPLACE ".*v\([0-9.]*\).*" "\\1" WG_VERSION_STRING 1.1.1)
-configure_file(${CMAKE_CURRENT_SOURCE_DIR}/wireguard-go-version.h.in
-               ${CMAKE_CURRENT_BINARY_DIR}/wireguard-go-version.h)
-target_sources(networkextension PRIVATE
-    ${CMAKE_CURRENT_BINARY_DIR}/wireguard-go-version.h)
-
-target_include_directories(networkextension PRIVATE ${CLIENT_ROOT_DIR})
-target_include_directories(networkextension PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
-
-target_link_libraries(networkextension PRIVATE ${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/wireguard/macos/x86_64/libwg-go.a)
-
-# Print the root directory for debugging purposes
-message("---------")
-message(${CLIENT_ROOT_DIR})
-message(${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/xray/HevSocks5Tunnel.xcframework/macos-arm64_x86_64/libhev-socks5-tunnel.a)
-target_link_libraries("networkextension" PRIVATE "${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/xray/HevSocks5Tunnel.xcframework/macos-arm64_x86_64/libhev-socks5-tunnel.a")
-
-target_include_directories(networkextension PRIVATE ${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/xray/HevSocks5Tunnel.xcframework/macos-arm64_x86_64/Headers)

client/macos/networkextension/Info.plist

@@ -3,32 +3,27 @@
 <plist version="1.0">
 <dict>
 	<key>CFBundleDevelopmentRegion</key>
-	<string>en</string>
-	<key>CFBundleExecutable</key>
+	<string>$(DEVELOPMENT_LANGUAGE)</string>
+	<key>CFBundleDisplayName</key>
 	<string>AmneziaVPNNetworkExtension</string>
-
+	<key>CFBundleExecutable</key>
+	<string>$(EXECUTABLE_NAME)</string>
 	<key>CFBundleIdentifier</key>
-	<string>${BUILD_IOS_APP_IDENTIFIER}.network-extension</string>
+	<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
 	<key>CFBundleInfoDictionaryVersion</key>
 	<string>6.0</string>
 	<key>CFBundleName</key>
-	<string>AmneziaVPNNetworkExtension</string>
+	<string>$(PRODUCT_NAME)</string>
 	<key>CFBundlePackageType</key>
 	<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
 	<key>CFBundleShortVersionString</key>
-	<string>${APPLE_PROJECT_VERSION}</string>
+	<string>$(MARKETING_VERSION)</string>
 	<key>CFBundleVersion</key>
-	<string>${CMAKE_PROJECT_VERSION_TWEAK}</string>
-
+	<string>$(CURRENT_PROJECT_VERSION)</string>
 	<key>ITSAppUsesNonExemptEncryption</key>
 	<false/>
-
 	<key>LSMinimumSystemVersion</key>
-	<string>${CMAKE_OSX_DEPLOYMENT_TARGET}</string>
-
-	<key>CFBundleDisplayName</key>
-	<string>AmneziaVPNNetworkExtension</string>
-
+	<string>$(MACOSX_DEPLOYMENT_TARGET)</string>
 	<key>NSExtension</key>
 	<dict>
 		<key>NSExtensionPointIdentifier</key>
@@ -36,11 +31,5 @@
 		<key>NSExtensionPrincipalClass</key>
 		<string>$(PRODUCT_MODULE_NAME).PacketTunnelProvider</string>
 	</dict>
-
-	<key>com.wireguard.ios.app_group_id</key>
-	<string>group.org.amnezia.AmneziaVPN</string>
-
-	<key>com.wireguard.macos.app_group_id</key>
-	<string>${BUILD_VPN_DEVELOPMENT_TEAM}.group.org.amnezia.AmneziaVPN</string>
 </dict>
 </plist>

client/macos/networkextension/PrivacyInfo.xcprivacy

@@ -1,25 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>NSPrivacyAccessedAPITypes</key>
-	<array>
-		<dict>
-			<key>NSPrivacyAccessedAPIType</key>
-			<string>NSPrivacyAccessedAPICategoryUserDefaults</string>
-			<key>NSPrivacyAccessedAPITypeReasons</key>
-			<array>
-				<string>1C8F.1</string>
-			</array>
-		</dict>
-		<dict>
-			<key>NSPrivacyAccessedAPIType</key>
-			<string>NSPrivacyAccessedAPICategoryFileTimestamp</string>
-			<key>NSPrivacyAccessedAPITypeReasons</key>
-			<array>
-				<string>C617.1</string>
-			</array>
-		</dict>
-	</array>
-</dict>
-</plist>

client/macos/networkextension/WireGuardNetworkExtension-Bridging-Header.h

@@ -1,6 +1,10 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "macos/gobridge/wireguard.h"
 #include "wireguard-go-version.h"
-#include "3rd/amneziawg-apple/Sources/WireGuardKitGo/wireguard.h"
-#include "3rd/amneziawg-apple/Sources/WireGuardKitC/WireGuardKitC.h"
+#include "3rd/awg-apple/Sources/WireGuardKitC/WireGuardKitC.h"
 
 #include <stdbool.h>
 #include <stdint.h>
@@ -19,8 +23,3 @@ bool key_from_hex(uint8_t key[WG_KEY_LEN], const char* hex);
 bool key_eq(const uint8_t key1[WG_KEY_LEN], const uint8_t key2[WG_KEY_LEN]);
 
 void write_msg_to_log(const char* tag, const char* msg);
-
-// Khai báo hàm C để Swift có thể sử dụng
-void hev_socks5_tunnel_quit(void);
-// Updated function definition in C
-int hev_socks5_tunnel_main(const char* configFile, int fd);

client/macos/networkextension/wireguard-go-version.h.in

@@ -1,3 +0,0 @@
-#ifndef WIREGUARD_GO_VERSION
-#define WIREGUARD_GO_VERSION "@WG_VERSION_STRING@"
-#endif // WIREGUARD_GO_VERSION

client/macos/scripts/clangwrap.sh

@@ -1,19 +0,0 @@
-#!/bin/sh
-
-# go/clangwrap_macos.sh
-
-# Lấy đường dẫn SDK cho macOS
-SDK_PATH=`xcrun --sdk macosx --show-sdk-path`
-
-# Tìm đường dẫn đến `clang` cho macOS
-CLANG=`xcrun --sdk macosx --find clang`
-
-# Xác định kiến trúc máy dựa trên biến GOARCH
-if [ "$GOARCH" == "amd64" ]; then
-    CARCH="x86_64"
-elif [ "$GOARCH" == "arm64" ]; then
-    CARCH="arm64"
-fi
-
-# Thực thi `clang` với các tùy chọn cụ thể cho macOS
-exec $CLANG -arch $CARCH -isysroot $SDK_PATH -mmacosx-version-min=10.15 "$@"

client/macos/scripts/openvpn.sh

@@ -1,39 +0,0 @@
-#!/bin/bash
-
-XCODEBUILD="/usr/bin/xcodebuild"
-WORKINGDIR=`pwd`
-PATCH="/usr/bin/patch"
-
-echo "Building OpenVPNAdapter for macOS Network Extension (MacNE)..."
-
-# Copy the Project-MacNE.xcconfig settings to amnezia.xcconfig
-cat $WORKINGDIR/3rd/OpenVPNAdapter/Configuration/Project-MacNE.xcconfig > $WORKINGDIR/3rd/OpenVPNAdapter/Configuration/amnezia.xcconfig
-
-# Append macOS-specific build directory configurations to amnezia.xcconfig
-cat << EOF >> $WORKINGDIR/3rd/OpenVPNAdapter/Configuration/amnezia.xcconfig
-PROJECT_TEMP_DIR = $WORKINGDIR/3rd/OpenVPNAdapter/build/OpenVPNAdapter.build
-CONFIGURATION_BUILD_DIR = $WORKINGDIR/3rd/OpenVPNAdapter/build/Release-macos
-BUILT_PRODUCTS_DIR = $WORKINGDIR/3rd/OpenVPNAdapter/build/Release-macos
-EOF
-
-# Exclude UIKit, include Cocoa for macOS
-# echo "OTHER_LDFLAGS = -framework Cocoa" >> $WORKINGDIR/3rd/OpenVPNAdapter/Configuration/amnezia.xcconfig
-
-# Fetch the current macOS SDK version dynamically
-MACOSX_SDK=$(xcrun --sdk macosx --show-sdk-path | sed -E 's/.*MacOSX([0-9]+\.[0-9]+)\.sdk/\1/')
-
-echo "Using macOS SDK version: $MACOSX_SDK"
-
-cd 3rd/OpenVPNAdapter
-
-# Build for macOS using the correct SDK and destination
-if $XCODEBUILD -scheme OpenVPNAdapter -configuration Release -xcconfig Configuration/amnezia.xcconfig -sdk macosx$MACOSX_SDK -destination 'generic/platform=macOS' -project OpenVPNAdapter.xcodeproj ; then
-  echo "OpenVPNAdapter built successfully for macOS Network Extension (MacNE)"
-else
-  echo "OpenVPNAdapter macOS Network Extension (MacNE) build failed..."
-fi
-
-# Remove CodeSignature if needed for macOS
-rm -rf ./build/Release-macos/OpenVPNAdapter.framework/Versions/A/_CodeSignature
-
-cd ../../

client/main.cpp

@@ -15,24 +15,13 @@
     #include "platforms/ios/QtAppDelegate-C-Interface.h"
 #endif
 
-#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
-bool isAnotherInstanceRunning()
-{
-    QLocalSocket socket;
-    socket.connectToServer("AmneziaVPNInstance");
-    if (socket.waitForConnected(500)) {
-        qWarning() << "AmneziaVPN is already running";
-        return true;
-    }
-    return false;
-}
-#endif
-
 int main(int argc, char *argv[])
 {
     Migrations migrationsManager;
     migrationsManager.doMigrations();
 
+    QGuiApplication::setAttribute(Qt::AA_EnableHighDpiScaling, true);
+
 #ifdef Q_OS_WIN
     AllowSetForegroundWindow(ASFW_ANY);
 #endif
@@ -43,14 +32,16 @@ int main(int argc, char *argv[])
     qputenv("ANDROID_OPENSSL_SUFFIX", "_3");
 #endif
 
+#if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
     AmneziaApplication app(argc, argv);
+#else
+    AmneziaApplication app(argc, argv, true,
+                           SingleApplication::Mode::User | SingleApplication::Mode::SecondaryNotification);
 
-#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
-    if (isAnotherInstanceRunning()) {
+    if (!app.isPrimary()) {
         QTimer::singleShot(1000, &app, [&]() { app.quit(); });
         return app.exec();
     }
-    app.startLocalServer();
 #endif
 
 // Allow to raise app window if secondary instance launched

client/mozilla/localsocketcontroller.cpp

@@ -149,7 +149,7 @@ void LocalSocketController::activate(const QJsonObject &rawConfig) {
   QJsonArray jsAllowedIPAddesses;
 
   QJsonArray plainAllowedIP = wgConfig.value(amnezia::config_key::allowed_ips).toArray();
-  QJsonArray defaultAllowedIP = { "0.0.0.0/0", "::/0" };
+  QJsonArray defaultAllowedIP = QJsonArray::fromStringList(QString("0.0.0.0/0, ::/0").split(","));
 
   if (plainAllowedIP != defaultAllowedIP && !plainAllowedIP.isEmpty()) {
     // Use AllowedIP list from WG config because of higher priority

client/platforms/android/android_controller.cpp

@@ -98,7 +98,6 @@ bool AndroidController::initialize()
         {"onStatisticsUpdate", "(JJ)V", reinterpret_cast<void *>(onStatisticsUpdate)},
         {"onFileOpened", "(Ljava/lang/String;)V", reinterpret_cast<void *>(onFileOpened)},
         {"onConfigImported", "(Ljava/lang/String;)V", reinterpret_cast<void *>(onConfigImported)},
-        {"onAuthResult", "(Z)V", reinterpret_cast<void *>(onAuthResult)},
         {"decodeQrCode", "(Ljava/lang/String;)Z", reinterpret_cast<bool *>(decodeQrCode)}
     };
 
@@ -211,11 +210,6 @@ void AndroidController::setScreenshotsEnabled(bool enabled)
     callActivityMethod("setScreenshotsEnabled", "(Z)V", enabled);
 }
 
-void AndroidController::setNavigationBarColor(unsigned int color)
-{
-    callActivityMethod("setNavigationBarColor", "(I)V", color);
-}
-
 void AndroidController::minimizeApp()
 {
     callActivityMethod("minimizeApp", "()V");
@@ -271,22 +265,6 @@ void AndroidController::requestNotificationPermission()
     callActivityMethod("requestNotificationPermission", "()V");
 }
 
-bool AndroidController::requestAuthentication()
-{
-    QEventLoop wait;
-    bool result;
-    connect(this, &AndroidController::authenticationResult, this,
-            [&result, &wait](const bool &authResult){
-                qDebug() << "Android authentication result:" << authResult;
-                result = authResult;
-                wait.quit();
-            },
-            static_cast<Qt::ConnectionType>(Qt::QueuedConnection | Qt::SingleShotConnection));
-    callActivityMethod("requestAuthentication", "()V");
-    wait.exec();
-    return result;
-}
-
 // Moving log processing to the Android side
 jclass AndroidController::log;
 jmethodID AndroidController::logDebug;
@@ -484,14 +462,6 @@ void AndroidController::onConfigImported(JNIEnv *env, jobject thiz, jstring data
     emit AndroidController::instance()->configImported(AndroidUtils::convertJString(env, data));
 }
 
-// static
-void AndroidController::onAuthResult(JNIEnv *env, jobject thiz, jboolean result)
-{
-    Q_UNUSED(thiz);
-
-    emit AndroidController::instance()->authenticationResult(result);
-}
-
 // static
 bool AndroidController::decodeQrCode(JNIEnv *env, jobject thiz, jstring data)
 {

client/platforms/android/android_controller.h

@@ -41,13 +41,11 @@ public:
     void exportLogsFile(const QString &fileName);
     void clearLogs();
     void setScreenshotsEnabled(bool enabled);
-    void setNavigationBarColor(unsigned int color);
     void minimizeApp();
     QJsonArray getAppList();
     QPixmap getAppIcon(const QString &package, QSize *size, const QSize &requestedSize);
     bool isNotificationPermissionGranted();
     void requestNotificationPermission();
-    bool requestAuthentication();
 
     static bool initLogging();
     static void messageHandler(QtMsgType type, const QMessageLogContext &context, const QString &message);
@@ -65,7 +63,6 @@ signals:
     void configImported(QString config);
     void importConfigFromOutside(QString config);
     void initConnectionState(Vpn::ConnectionState state);
-    void authenticationResult(bool result);
 
 private:
     bool isWaitingStatus = true;
@@ -92,7 +89,6 @@ private:
     static void onStatisticsUpdate(JNIEnv *env, jobject thiz, jlong rxBytes, jlong txBytes);
     static void onConfigImported(JNIEnv *env, jobject thiz, jstring data);
     static void onFileOpened(JNIEnv *env, jobject thiz, jstring uri);
-    static void onAuthResult(JNIEnv *env, jobject thiz, jboolean result);
     static bool decodeQrCode(JNIEnv *env, jobject thiz, jstring data);
 
     template <typename Ret, typename ...Args>

client/platforms/android/authResultReceiver.cpp

@@ -0,0 +1,16 @@
+#include "authResultReceiver.h"
+
+AuthResultReceiver::AuthResultReceiver(QSharedPointer<AuthResultNotifier> &notifier) : m_notifier(notifier)
+{
+}
+
+void AuthResultReceiver::handleActivityResult(int receiverRequestCode, int resultCode, const QJniObject &data)
+{
+    qDebug() << "receiverRequestCode" << receiverRequestCode << "resultCode" << resultCode;
+
+    if (resultCode == -1) { // ResultOK
+        emit m_notifier->authSuccessful();
+    } else {
+        emit m_notifier->authFailed();
+    }
+}

client/platforms/android/authResultReceiver.h

@@ -0,0 +1,32 @@
+#ifndef AUTHRESULTRECEIVER_H
+#define AUTHRESULTRECEIVER_H
+
+#include <QJniObject>
+
+#include <private/qandroidextras_p.h>
+
+class AuthResultNotifier : public QObject
+{
+    Q_OBJECT
+
+public:
+    AuthResultNotifier(QObject *parent = nullptr) : QObject(parent) {};
+
+signals:
+    void authFailed();
+    void authSuccessful();
+};
+
+/* Auth result handler for Android */
+class AuthResultReceiver final : public QAndroidActivityResultReceiver
+{
+public:
+    AuthResultReceiver(QSharedPointer<AuthResultNotifier> &notifier);
+
+    void handleActivityResult(int receiverRequestCode, int resultCode, const QJniObject &data) override;
+
+private:
+    QSharedPointer<AuthResultNotifier> m_notifier;
+};
+
+#endif // AUTHRESULTRECEIVER_H

client/platforms/ios/PacketTunnelProvider+OpenVPN.swift

@@ -47,7 +47,7 @@ extension PacketTunnelProvider {
         let configuration = OpenVPNConfiguration()
         configuration.fileContent = ovpnConfiguration
         if str.contains("cloak") {
-//            configuration.setPTCloak()
+            configuration.setPTCloak()
         }
 
         let evaluation: OpenVPNConfigurationEvaluation?