From 938b1c908205fa849ab191adb62d4dae42aff182 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 4 Jan 2023 11:09:38 +0530 Subject: [PATCH 01/37] Xcode: Add new target 'EduVPN-macOS-DeveloperID' As a copy of EduVPN-macOS --- EduVPN.xcodeproj/project.pbxproj | 561 +++++++++++++++++++++++++++++++ 1 file changed, 561 insertions(+) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 9c96e081..495ad6ed 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -122,6 +122,36 @@ 6F885F7C25C1740D00CABF4E /* CredentialsViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F885F7B25C1740D00CABF4E /* CredentialsViewController.swift */; }; 6F8AEE7925E6D508001A603B /* StatusItemConnectionInfoHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */; }; 6F939F3F25C7D02C001887BA /* PasswordEntryViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */; }; + 6F950000296547930090643F /* ServerAPIService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FC27AC724B9550C006FA648 /* ServerAPIService.swift */; }; + 6F950001296547930090643F /* ConnectionViewModel+Localization.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FD5CDA324C678CF00842A74 /* ConnectionViewModel+Localization.swift */; }; + 6F950002296547930090643F /* ConnectionInfoHeaderView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7B643D2502A18C00FB154A /* ConnectionInfoHeaderView.swift */; }; + 6F950003296547930090643F /* UserDefaults+Preferences.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE1D12024D02FC3002D3D0C /* UserDefaults+Preferences.swift */; }; + 6F950004296547930090643F /* Moya+ResponseHandling.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4C01248053D8009932B1 /* Moya+ResponseHandling.swift */; }; + 6F950005296547930090643F /* MainSecureInternetSectionHeaderCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F36A71E24B5A36E00BA8F5E /* MainSecureInternetSectionHeaderCell.swift */; }; + 6F950006296547930090643F /* OpenVPNConfigCredentials.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F885F6F25C14FA500CABF4E /* OpenVPNConfigCredentials.swift */; }; + 6F950008296547930090643F /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 340F956C22B7118C00835D56 /* NetworkExtension.framework */; }; + 6F950009296547930090643F /* AppAuth in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFAB296547930090643F /* AppAuth */; }; + 6F95000A296547930090643F /* PromiseKit in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFB5296547930090643F /* PromiseKit */; }; + 6F95000B296547930090643F /* AppAuthCore in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFAD296547930090643F /* AppAuthCore */; }; + 6F95000C296547930090643F /* ASN1Decoder in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFAE296547930090643F /* ASN1Decoder */; }; + 6F95000D296547930090643F /* Moya in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFB3296547930090643F /* Moya */; }; + 6F95000E296547930090643F /* Sodium in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFB2296547930090643F /* Sodium */; }; + 6F95000F296547930090643F /* WireGuardKit in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFA6296547930090643F /* WireGuardKit */; }; + 6F950010296547930090643F /* TunnelKit in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFA8296547930090643F /* TunnelKit */; }; + 6F950011296547930090643F /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFAA296547930090643F /* TunnelKitOpenVPN */; }; + 6F950012296547930090643F /* Clibsodium in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFB0296547930090643F /* Clibsodium */; }; + 6F950014296547930090643F /* CountryFlags.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 6F36A71C24B454AA00BA8F5E /* CountryFlags.xcassets */; }; + 6F950015296547930090643F /* Common.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 6FEF313324A48FB10026C786 /* Common.xcassets */; }; + 6F950016296547930090643F /* server_list.json in Resources */ = {isa = PBXBuildFile; fileRef = 6F59A58624F51DEB00560155 /* server_list.json */; }; + 6F950017296547930090643F /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = C7DB4C6B248064BC009932B1 /* Main.storyboard */; }; + 6F950018296547930090643F /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = C7DB4C6A248064BC009932B1 /* Assets.xcassets */; }; + 6F950019296547930090643F /* privacy_statement.json in Resources */ = {isa = PBXBuildFile; fileRef = 6FF5524D28551CAC0044BA84 /* privacy_statement.json */; }; + 6F95001A296547930090643F /* organization_list.json in Resources */ = {isa = PBXBuildFile; fileRef = 6F59A58724F51DEB00560155 /* organization_list.json */; }; + 6F95001B296547930090643F /* config.json in Resources */ = {isa = PBXBuildFile; fileRef = C75B2CB42363138200D700EC /* config.json */; }; + 6F95001E296547930090643F /* TunnelExtension-macOS.appex in Embed App Extensions */ = {isa = PBXBuildFile; fileRef = 6F66DACE265E1E4C006974CF /* TunnelExtension-macOS.appex */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; + 6F950020296547930090643F /* LoginItemHelper-macOS.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 342B9C99228ECFDB00C006D7 /* LoginItemHelper-macOS.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; + 6F950022296547930090643F /* OpenSans-Bold.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0E24C2DCA900A9D1D4 /* OpenSans-Bold.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; + 6F950023296547930090643F /* OpenSans-Regular.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 6F95FF94296297E70090643F /* OpenVPNAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */; }; 6F95FF972962988A0090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; 6F95FF982962EF820090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; @@ -132,6 +162,76 @@ 6F95FF9E2962EF9D0090643F /* TunnelKit in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FF9D2962EF9D0090643F /* TunnelKit */; }; 6F95FFA02962EF9D0090643F /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FF9F2962EF9D0090643F /* TunnelKitOpenVPN */; }; 6F95FFA22962EF9D0090643F /* TunnelKitOpenVPNAppExtension in Frameworks */ = {isa = PBXBuildFile; productRef = 6F95FFA12962EF9D0090643F /* TunnelKitOpenVPNAppExtension */; }; + 6F95FFBA296547930090643F /* LoggingService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F3BD00527476FA0005E5CB2 /* LoggingService.swift */; }; + 6F95FFBB296547930090643F /* LanguageMappedString.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FCC5EF324B8579D00C6BC80 /* LanguageMappedString.swift */; }; + 6F95FFBC296547930090643F /* ConnectionInfoHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE1D11A24CD952C002D3D0C /* ConnectionInfoHelper.swift */; }; + 6F95FFBD296547930090643F /* ErrorHandling.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F05E64124D0A6AA008292F6 /* ErrorHandling.swift */; }; + 6F95FFBE296547930090643F /* OAuthExternalUserAgent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F59A58A24F67CE500560155 /* OAuthExternalUserAgent.swift */; }; + 6F95FFBF296547930090643F /* OAuthRedirectHTTPHandler.m in Sources */ = {isa = PBXBuildFile; fileRef = 6F49FAAB263C1A55005DB8D3 /* OAuthRedirectHTTPHandler.m */; }; + 6F95FFC0296547930090643F /* RowCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FEF30FD24A324E40026C786 /* RowCell.swift */; }; + 6F95FFC1296547930090643F /* AppDataRemover.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F5820F726EE036800906397 /* AppDataRemover.swift */; }; + 6F95FFC2296547930090643F /* Log.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FADF83024ADF86600B75E8D /* Log.swift */; }; + 6F95FFC3296547930090643F /* ServerAuthService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FEF313A24A717570026C786 /* ServerAuthService.swift */; }; + 6F95FFC4296547930090643F /* StatusItemConnectionInfoHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */; }; + 6F95FFC5296547930090643F /* ServerAPIv2Handler.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FF8A351267742AA00E1C22C /* ServerAPIv2Handler.swift */; }; + 6F95FFC6296547930090643F /* Shared.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F3073562689B8000083EEEF /* Shared.swift */; }; + 6F95FFC7296547930090643F /* ConnectionViewModel+SupportContact.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F50408C254C33C50071AA66 /* ConnectionViewModel+SupportContact.swift */; }; + 6F95FFC8296547930090643F /* (null) in Sources */ = {isa = PBXBuildFile; }; + 6F95FFC9296547930090643F /* AuthState.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FEF313C24A746AD0026C786 /* AuthState.swift */; }; + 6F95FFCA296547930090643F /* ConnectionViewModel.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B5E247FBEE3009932B1 /* ConnectionViewModel.swift */; }; + 6F95FFCB296547930090643F /* PrivacyStatementConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FF5524828551B4B0044BA84 /* PrivacyStatementConfig.swift */; }; + 6F95FFCC296547930090643F /* Moya+Promise.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4C03248055D6009932B1 /* Moya+Promise.swift */; }; + 6F95FFCD296547930090643F /* ConnectionViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B43247FBDF5009932B1 /* ConnectionViewController.swift */; }; + 6F95FFCE296547930090643F /* CredentialsViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F9CE540261802F10065E4BA /* CredentialsViewController+macOS.swift */; }; + 6F95FFCF296547930090643F /* OpenVPNConfigImportHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE5668C259089800008D0D3 /* OpenVPNConfigImportHelper.swift */; }; + 6F95FFD0296547930090643F /* ConnectionViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F25F8D1269D763F00FA8FAB /* ConnectionViewController+macOS.swift */; }; + 6F95FFD1296547930090643F /* ServerAPIv3Handler.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F50CEB92679E3C4008A38BA /* ServerAPIv3Handler.swift */; }; + 6F95FFD2296547930090643F /* SearchViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F36A79A24B6ED5D00BA8F5E /* SearchViewController+macOS.swift */; }; + 6F95FFD3296547930090643F /* ConnectableInstance.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FADF82C24ADF6C600B75E8D /* ConnectableInstance.swift */; }; + 6F95FFD4296547930090643F /* ServerInfo.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4BCD24803A29009932B1 /* ServerInfo.swift */; }; + 6F95FFD5296547930090643F /* CredentialsViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F885F7B25C1740D00CABF4E /* CredentialsViewController.swift */; }; + 6F95FFD6296547930090643F /* DiscoveryData.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F71FBB7249B54490010D0FE /* DiscoveryData.swift */; }; + 6F95FFD7296547930090643F /* PredefinedProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F6562A225DA64D100ED3ECC /* PredefinedProvider.swift */; }; + 6F95FFD8296547930090643F /* Moya+Extensions.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4BFA24804C1A009932B1 /* Moya+Extensions.swift */; }; + 6F95FFD9296547930090643F /* PersistenceService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FADF82924ADF56F00B75E8D /* PersistenceService.swift */; }; + 6F95FFDA296547930090643F /* ConnectionAttempt.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FA808AE24EBBD1F00E7D924 /* ConnectionAttempt.swift */; }; + 6F95FFDB296547930090643F /* SupportContactTextView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F1A1C0024EE8EDB0040D6A2 /* SupportContactTextView.swift */; }; + 6F95FFDC296547930090643F /* SearchViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B3D247FBDD7009932B1 /* SearchViewController.swift */; }; + 6F95FFDD296547930090643F /* ServerDiscoveryService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FEF30D724A0B8C60026C786 /* ServerDiscoveryService.swift */; }; + 6F95FFDE296547930090643F /* MainViewModel.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B55247FBEC2009932B1 /* MainViewModel.swift */; }; + 6F95FFDF296547930090643F /* ConnectionService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FBFEF0B24C0680800A9D1D4 /* ConnectionService.swift */; }; + 6F95FFE0296547930090643F /* MockConnectionService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F116CAC2534585700C73797 /* MockConnectionService.swift */; }; + 6F95FFE1296547930090643F /* MigrationHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FA8089424E6A75C00E7D924 /* MigrationHelper.swift */; }; + 6F95FFE2296547930090643F /* AddServerViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F54C92C25E033EE00A42C8F /* AddServerViewController+macOS.swift */; }; + 6F95FFE3296547930090643F /* MainViewController+StatusItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F54C9E625E2D6A500A42C8F /* MainViewController+StatusItem.swift */; }; + 6F95FFE4296547930090643F /* SectionHeaderCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FEF30FA24A317C00026C786 /* SectionHeaderCell.swift */; }; + 6F95FFE5296547930090643F /* MainWindowController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F8835EB24FCD481008F15FF /* MainWindowController.swift */; }; + 6F95FFE6296547930090643F /* ServerInfoFetcher.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FADF82624ADF2E600B75E8D /* ServerInfoFetcher.swift */; }; + 6F95FFE7296547930090643F /* ViewModelRow.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FEF30F224A21AFE0026C786 /* ViewModelRow.swift */; }; + 6F95FFE8296547930090643F /* ServerResponse.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FCC5EF524B85D6700C6BC80 /* ServerResponse.swift */; }; + 6F95FFE9296547930090643F /* Environment.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4BB2247FD941009932B1 /* Environment.swift */; }; + 6F95FFEA296547930090643F /* PasswordEntryViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */; }; + 6F95FFEB296547930090643F /* DiscoveryDataFetcher.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F71FBBC249CCE980010D0FE /* DiscoveryDataFetcher.swift */; }; + 6F95FFEC296547930090643F /* Crypto.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FADF82E24ADF85F00B75E8D /* Crypto.swift */; }; + 6F95FFED296547930090643F /* MenuCommandResponding.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F25F8D3269DE3BB00FA8FAB /* MenuCommandResponding.swift */; }; + 6F95FFEE296547930090643F /* eduVPN_2.xcdatamodeld in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4C7524806511009932B1 /* eduVPN_2.xcdatamodeld */; }; + 6F95FFEF296547930090643F /* Config.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4BFC24804C84009932B1 /* Config.swift */; }; + 6F95FFF0296547930090643F /* NavigationController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FCCC576249E25F100F0F5A3 /* NavigationController.swift */; }; + 6F95FFF1296547930090643F /* FileHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4BD224803B98009932B1 /* FileHelper.swift */; }; + 6F95FFF2296547930090643F /* MainViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F36A79C24B6F5BA00BA8F5E /* MainViewController+macOS.swift */; }; + 6F95FFF3296547930090643F /* Multiplatform.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B3A247FBD63009932B1 /* Multiplatform.swift */; }; + 6F95FFF4296547930090643F /* SessionExpiryHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F57338624CD1570008912D4 /* SessionExpiryHelper.swift */; }; + 6F95FFF5296547930090643F /* StatusItemController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7B63EF2500FD7300FB154A /* StatusItemController.swift */; }; + 6F95FFF6296547930090643F /* LaunchAtLoginHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7B63F125022AAE00FB154A /* LaunchAtLoginHelper.swift */; }; + 6F95FFF7296547930090643F /* SearchViewModel.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B58247FBECC009932B1 /* SearchViewModel.swift */; }; + 6F95FFF8296547930090643F /* SignatureHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4BD324803B99009932B1 /* SignatureHelper.swift */; }; + 6F95FFF9296547930090643F /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B6A247FC198009932B1 /* AppDelegate.swift */; }; + 6F95FFFA296547930090643F /* AddServerViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F65629725D9AEB100ED3ECC /* AddServerViewController.swift */; }; + 6F95FFFB296547930090643F /* MainViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B37247FBD52009932B1 /* MainViewController.swift */; }; + 6F95FFFC296547930090643F /* Testing.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7D3BB3E258368F900A37244 /* Testing.swift */; }; + 6F95FFFD296547930090643F /* ServerDisplayInfo.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FD5CDA124C467CB00842A74 /* ServerDisplayInfo.swift */; }; + 6F95FFFE296547930090643F /* PreferencesViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = C7DB4B46247FBE26009932B1 /* PreferencesViewController.swift */; }; + 6F95FFFF296547930090643F /* NotificationService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F85D3BF25F7FD3B00E8B513 /* NotificationService.swift */; }; 6F96BB53252C51090023EB1D /* SearchViewController+iOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F96BB52252C51080023EB1D /* SearchViewController+iOS.swift */; }; 6F9CE541261802F10065E4BA /* CredentialsViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F9CE540261802F10065E4BA /* CredentialsViewController+macOS.swift */; }; 6F9CE54B2618064A0065E4BA /* CredentialsViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F885F7B25C1740D00CABF4E /* CredentialsViewController.swift */; }; @@ -265,6 +365,13 @@ remoteGlobalIDString = 6F6BB638265E58FD0093D4CC; remoteInfo = "WireGuardGoBridge-iOS"; }; + 6F95FFA5296547930090643F /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; + proxyType = 1; + remoteGlobalIDString = 6F66DACD265E1E4C006974CF; + remoteInfo = "WireGuardTunnelExtension-macOS"; + }; C79B63DC258A08FB00C054CC /* PBXContainerItemProxy */ = { isa = PBXContainerItemProxy; containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; @@ -321,6 +428,38 @@ name = "Embed App Extensions"; runOnlyForDeploymentPostprocessing = 0; }; + 6F95001D296547930090643F /* Embed App Extensions */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = ""; + dstSubfolderSpec = 13; + files = ( + 6F95001E296547930090643F /* TunnelExtension-macOS.appex in Embed App Extensions */, + ); + name = "Embed App Extensions"; + runOnlyForDeploymentPostprocessing = 0; + }; + 6F95001F296547930090643F /* CopyFiles */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = Contents/Library/LoginItems; + dstSubfolderSpec = 1; + files = ( + 6F950020296547930090643F /* LoginItemHelper-macOS.app in CopyFiles */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + 6F950021296547930090643F /* CopyFiles */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = Fonts; + dstSubfolderSpec = 7; + files = ( + 6F950022296547930090643F /* OpenSans-Bold.ttf in CopyFiles */, + 6F950023296547930090643F /* OpenSans-Regular.ttf in CopyFiles */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; 6FBFEF1424C2DCC200A9D1D4 /* CopyFiles */ = { isa = PBXCopyFilesBuildPhase; buildActionMask = 2147483647; @@ -416,6 +555,8 @@ 6F885F7B25C1740D00CABF4E /* CredentialsViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CredentialsViewController.swift; sourceTree = ""; }; 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; + 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "EduVPN-macOS-DeveloperID.app"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F950028296547940090643F /* EduVPN-macOS copy-Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; name = "EduVPN-macOS copy-Info.plist"; path = "/Users/roop/Projects/eduVPN/eduVPN-apple/EduVPN-macOS copy-Info.plist"; sourceTree = ""; }; 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OpenVPNAdapterInterface.swift; sourceTree = ""; }; 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = WireGuardAdapterInterface.swift; sourceTree = ""; }; 6F96BB52252C51080023EB1D /* SearchViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SearchViewController+iOS.swift"; sourceTree = ""; }; @@ -603,6 +744,24 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6F950007296547930090643F /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + 6F950008296547930090643F /* NetworkExtension.framework in Frameworks */, + 6F950009296547930090643F /* AppAuth in Frameworks */, + 6F95000A296547930090643F /* PromiseKit in Frameworks */, + 6F95000B296547930090643F /* AppAuthCore in Frameworks */, + 6F95000C296547930090643F /* ASN1Decoder in Frameworks */, + 6F95000D296547930090643F /* Moya in Frameworks */, + 6F95000E296547930090643F /* Sodium in Frameworks */, + 6F95000F296547930090643F /* WireGuardKit in Frameworks */, + 6F950010296547930090643F /* TunnelKit in Frameworks */, + 6F950011296547930090643F /* TunnelKitOpenVPN in Frameworks */, + 6F950012296547930090643F /* Clibsodium in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; C79B63C4258A08C200C054CC /* Frameworks */ = { isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; @@ -680,6 +839,7 @@ 6F66DAD0265E1E4C006974CF /* TunnelExtension */, 4AAC1F771F2D0E3400DD0252 /* Products */, 26B4255A0C7DB00763783EF6 /* Frameworks */, + 6F950028296547940090643F /* EduVPN-macOS copy-Info.plist */, ); sourceTree = ""; }; @@ -695,6 +855,7 @@ C79B63C7258A08C200C054CC /* EduVPN-UITests-macOS.xctest */, 6F66DACE265E1E4C006974CF /* TunnelExtension-macOS.appex */, 6F6BB620265E58BF0093D4CC /* TunnelExtension-iOS.appex */, + 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */, ); name = Products; sourceTree = ""; @@ -1335,6 +1496,42 @@ productReference = 6F750D2124975B9B00AF2C04 /* eduVPN.app */; productType = "com.apple.product-type.application"; }; + 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */ = { + isa = PBXNativeTarget; + buildConfigurationList = 6F950024296547930090643F /* Build configuration list for PBXNativeTarget "EduVPN-macOS-DeveloperID" */; + buildPhases = ( + 6F95FFB7296547930090643F /* Copy Resources */, + 6F95FFB8296547930090643F /* Swiftlint */, + 6F95FFB9296547930090643F /* Sources */, + 6F950007296547930090643F /* Frameworks */, + 6F950013296547930090643F /* Resources */, + 6F95001C296547930090643F /* Set Build Number */, + 6F95001D296547930090643F /* Embed App Extensions */, + 6F95001F296547930090643F /* CopyFiles */, + 6F950021296547930090643F /* CopyFiles */, + ); + buildRules = ( + ); + dependencies = ( + 6F95FFA4296547930090643F /* PBXTargetDependency */, + ); + name = "EduVPN-macOS-DeveloperID"; + packageProductDependencies = ( + 6F95FFA6296547930090643F /* WireGuardKit */, + 6F95FFA8296547930090643F /* TunnelKit */, + 6F95FFAA296547930090643F /* TunnelKitOpenVPN */, + 6F95FFAB296547930090643F /* AppAuth */, + 6F95FFAD296547930090643F /* AppAuthCore */, + 6F95FFAE296547930090643F /* ASN1Decoder */, + 6F95FFB0296547930090643F /* Clibsodium */, + 6F95FFB2296547930090643F /* Sodium */, + 6F95FFB3296547930090643F /* Moya */, + 6F95FFB5296547930090643F /* PromiseKit */, + ); + productName = "EduVPN-macOS"; + productReference = 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */; + productType = "com.apple.product-type.application"; + }; C79B63C6258A08C200C054CC /* EduVPN-UITests-macOS */ = { isa = PBXNativeTarget; buildConfigurationList = C79B63D0258A08C200C054CC /* Build configuration list for PBXNativeTarget "EduVPN-UITests-macOS" */; @@ -1477,6 +1674,7 @@ C7B439492580D0F000FEB2B1 /* EduVPN-UITests-iOS */, C7B439292580CE4D00FEB2B1 /* EduVPN-Tests-iOS */, 4AAC1F891F2D0E3400DD0252 /* EduVPNTests */, + 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */, ); }; /* End PBXProject section */ @@ -1545,6 +1743,21 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6F950013296547930090643F /* Resources */ = { + isa = PBXResourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 6F950014296547930090643F /* CountryFlags.xcassets in Resources */, + 6F950015296547930090643F /* Common.xcassets in Resources */, + 6F950016296547930090643F /* server_list.json in Resources */, + 6F950017296547930090643F /* Main.storyboard in Resources */, + 6F950018296547930090643F /* Assets.xcassets in Resources */, + 6F950019296547930090643F /* privacy_statement.json in Resources */, + 6F95001A296547930090643F /* organization_list.json in Resources */, + 6F95001B296547930090643F /* config.json in Resources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; C79B63C5258A08C200C054CC /* Resources */ = { isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; @@ -1669,6 +1882,60 @@ shellPath = /bin/sh; shellScript = "$SRCROOT/Scripts/set_build_number.sh\n"; }; + 6F95001C296547930090643F /* Set Build Number */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputFileListPaths = ( + ); + inputPaths = ( + ); + name = "Set Build Number"; + outputFileListPaths = ( + ); + outputPaths = ( + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "$SRCROOT/Scripts/set_build_number.sh\n"; + }; + 6F95FFB7296547930090643F /* Copy Resources */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputFileListPaths = ( + ); + inputPaths = ( + ); + name = "Copy Resources"; + outputFileListPaths = ( + ); + outputPaths = ( + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "$PROJECT_DIR/Scripts/copy_resources_macos.sh\n"; + }; + 6F95FFB8296547930090643F /* Swiftlint */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 12; + files = ( + ); + inputFileListPaths = ( + ); + inputPaths = ( + ); + name = Swiftlint; + outputFileListPaths = ( + ); + outputPaths = ( + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "export PATH=${PATH}:/usr/local/bin:/opt/homebrew/bin\nif which swiftlint >/dev/null; then\n swiftlint\nelse\n echo \"warning: SwiftLint not installed (Run: 'brew install swiftlint')\"\nfi\n"; + }; 6FE09C1E268F1EC90049203C /* Set Build Number */ = { isa = PBXShellScriptBuildPhase; buildActionMask = 2147483647; @@ -1774,6 +2041,90 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6F95FFB9296547930090643F /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 6F95FFBA296547930090643F /* LoggingService.swift in Sources */, + 6F95FFBB296547930090643F /* LanguageMappedString.swift in Sources */, + 6F95FFBC296547930090643F /* ConnectionInfoHelper.swift in Sources */, + 6F95FFBD296547930090643F /* ErrorHandling.swift in Sources */, + 6F95FFBE296547930090643F /* OAuthExternalUserAgent.swift in Sources */, + 6F95FFBF296547930090643F /* OAuthRedirectHTTPHandler.m in Sources */, + 6F95FFC0296547930090643F /* RowCell.swift in Sources */, + 6F95FFC1296547930090643F /* AppDataRemover.swift in Sources */, + 6F95FFC2296547930090643F /* Log.swift in Sources */, + 6F95FFC3296547930090643F /* ServerAuthService.swift in Sources */, + 6F95FFC4296547930090643F /* StatusItemConnectionInfoHelper.swift in Sources */, + 6F95FFC5296547930090643F /* ServerAPIv2Handler.swift in Sources */, + 6F95FFC6296547930090643F /* Shared.swift in Sources */, + 6F95FFC7296547930090643F /* ConnectionViewModel+SupportContact.swift in Sources */, + 6F95FFC8296547930090643F /* (null) in Sources */, + 6F95FFC9296547930090643F /* AuthState.swift in Sources */, + 6F95FFCA296547930090643F /* ConnectionViewModel.swift in Sources */, + 6F95FFCB296547930090643F /* PrivacyStatementConfig.swift in Sources */, + 6F95FFCC296547930090643F /* Moya+Promise.swift in Sources */, + 6F95FFCD296547930090643F /* ConnectionViewController.swift in Sources */, + 6F95FFCE296547930090643F /* CredentialsViewController+macOS.swift in Sources */, + 6F95FFCF296547930090643F /* OpenVPNConfigImportHelper.swift in Sources */, + 6F95FFD0296547930090643F /* ConnectionViewController+macOS.swift in Sources */, + 6F95FFD1296547930090643F /* ServerAPIv3Handler.swift in Sources */, + 6F95FFD2296547930090643F /* SearchViewController+macOS.swift in Sources */, + 6F95FFD3296547930090643F /* ConnectableInstance.swift in Sources */, + 6F95FFD4296547930090643F /* ServerInfo.swift in Sources */, + 6F95FFD5296547930090643F /* CredentialsViewController.swift in Sources */, + 6F95FFD6296547930090643F /* DiscoveryData.swift in Sources */, + 6F95FFD7296547930090643F /* PredefinedProvider.swift in Sources */, + 6F95FFD8296547930090643F /* Moya+Extensions.swift in Sources */, + 6F95FFD9296547930090643F /* PersistenceService.swift in Sources */, + 6F95FFDA296547930090643F /* ConnectionAttempt.swift in Sources */, + 6F95FFDB296547930090643F /* SupportContactTextView.swift in Sources */, + 6F95FFDC296547930090643F /* SearchViewController.swift in Sources */, + 6F95FFDD296547930090643F /* ServerDiscoveryService.swift in Sources */, + 6F95FFDE296547930090643F /* MainViewModel.swift in Sources */, + 6F95FFDF296547930090643F /* ConnectionService.swift in Sources */, + 6F95FFE0296547930090643F /* MockConnectionService.swift in Sources */, + 6F95FFE1296547930090643F /* MigrationHelper.swift in Sources */, + 6F95FFE2296547930090643F /* AddServerViewController+macOS.swift in Sources */, + 6F95FFE3296547930090643F /* MainViewController+StatusItem.swift in Sources */, + 6F95FFE4296547930090643F /* SectionHeaderCell.swift in Sources */, + 6F95FFE5296547930090643F /* MainWindowController.swift in Sources */, + 6F95FFE6296547930090643F /* ServerInfoFetcher.swift in Sources */, + 6F95FFE7296547930090643F /* ViewModelRow.swift in Sources */, + 6F95FFE8296547930090643F /* ServerResponse.swift in Sources */, + 6F95FFE9296547930090643F /* Environment.swift in Sources */, + 6F95FFEA296547930090643F /* PasswordEntryViewController.swift in Sources */, + 6F95FFEB296547930090643F /* DiscoveryDataFetcher.swift in Sources */, + 6F95FFEC296547930090643F /* Crypto.swift in Sources */, + 6F95FFED296547930090643F /* MenuCommandResponding.swift in Sources */, + 6F95FFEE296547930090643F /* eduVPN_2.xcdatamodeld in Sources */, + 6F95FFEF296547930090643F /* Config.swift in Sources */, + 6F95FFF0296547930090643F /* NavigationController.swift in Sources */, + 6F95FFF1296547930090643F /* FileHelper.swift in Sources */, + 6F95FFF2296547930090643F /* MainViewController+macOS.swift in Sources */, + 6F95FFF3296547930090643F /* Multiplatform.swift in Sources */, + 6F95FFF4296547930090643F /* SessionExpiryHelper.swift in Sources */, + 6F95FFF5296547930090643F /* StatusItemController.swift in Sources */, + 6F95FFF6296547930090643F /* LaunchAtLoginHelper.swift in Sources */, + 6F95FFF7296547930090643F /* SearchViewModel.swift in Sources */, + 6F95FFF8296547930090643F /* SignatureHelper.swift in Sources */, + 6F95FFF9296547930090643F /* AppDelegate.swift in Sources */, + 6F95FFFA296547930090643F /* AddServerViewController.swift in Sources */, + 6F95FFFB296547930090643F /* MainViewController.swift in Sources */, + 6F95FFFC296547930090643F /* Testing.swift in Sources */, + 6F95FFFD296547930090643F /* ServerDisplayInfo.swift in Sources */, + 6F95FFFE296547930090643F /* PreferencesViewController.swift in Sources */, + 6F95FFFF296547930090643F /* NotificationService.swift in Sources */, + 6F950000296547930090643F /* ServerAPIService.swift in Sources */, + 6F950001296547930090643F /* ConnectionViewModel+Localization.swift in Sources */, + 6F950002296547930090643F /* ConnectionInfoHeaderView.swift in Sources */, + 6F950003296547930090643F /* UserDefaults+Preferences.swift in Sources */, + 6F950004296547930090643F /* Moya+ResponseHandling.swift in Sources */, + 6F950005296547930090643F /* MainSecureInternetSectionHeaderCell.swift in Sources */, + 6F950006296547930090643F /* OpenVPNConfigCredentials.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; C79B63C3258A08C200C054CC /* Sources */ = { isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; @@ -1980,6 +2331,11 @@ target = 6F6BB638265E58FD0093D4CC /* WireGuardGoBridge-iOS */; targetProxy = 6F6BB65D265E59340093D4CC /* PBXContainerItemProxy */; }; + 6F95FFA4296547930090643F /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = 6F66DACD265E1E4C006974CF /* TunnelExtension-macOS */; + targetProxy = 6F95FFA5296547930090643F /* PBXContainerItemProxy */; + }; C79B63DD258A08FB00C054CC /* PBXTargetDependency */ = { isa = PBXTargetDependency; target = 6F750C2C24975A4300AF2C04 /* EduVPN-macOS */; @@ -2618,6 +2974,96 @@ }; name = Release; }; + 6F950025296547930090643F /* Debug */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = C75B2CB72363138200D700EC /* Development-macOS.xcconfig */; + buildSettings = { + ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN.entitlements; + CODE_SIGN_IDENTITY = "Mac Developer"; + CODE_SIGN_STYLE = Automatic; + COMBINE_HIDPI_IMAGES = YES; + DEBUG_INFORMATION_FORMAT = dwarf; + ENABLE_HARDENED_RUNTIME = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + INFOPLIST_FILE = "EduVPN-macOS copy-Info.plist"; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/../Frameworks", + ); + MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; + MTL_FAST_MATH = YES; + OTHER_LDFLAGS = ( + "$(inherited)", + "-l\"resolv\"", + "-framework", + "\"CFNetwork\"", + "-framework", + "\"Foundation\"", + "-framework", + "\"NetworkExtension\"", + "-weak_framework", + "\"CryptoKit\"", + ); + PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID)"; + PRODUCT_NAME = "$(TARGET_NAME)"; + PROVISIONING_PROFILE_SPECIFIER = ""; + SDKROOT = macosx; + SWIFT_OBJC_BRIDGING_HEADER = "EduVPN/EduVPN-macOS-Bridging-Header.h"; + SWIFT_OPTIMIZATION_LEVEL = "-Onone"; + SWIFT_VERSION = 5.0; + }; + name = Debug; + }; + 6F950026296547930090643F /* Release */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = C75B2CB92363138200D700EC /* Release-macOS.xcconfig */; + buildSettings = { + ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_ENABLE_MODULES = YES; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN.entitlements; + CODE_SIGN_IDENTITY = "Mac Developer"; + CODE_SIGN_STYLE = Automatic; + COMBINE_HIDPI_IMAGES = YES; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + ENABLE_HARDENED_RUNTIME = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + INFOPLIST_FILE = "EduVPN-macOS copy-Info.plist"; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/../Frameworks", + ); + MTL_FAST_MATH = YES; + OTHER_LDFLAGS = ( + "$(inherited)", + "-l\"resolv\"", + "-framework", + "\"CFNetwork\"", + "-framework", + "\"Foundation\"", + "-framework", + "\"NetworkExtension\"", + "-weak_framework", + "\"CryptoKit\"", + ); + PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID)"; + PRODUCT_NAME = "$(TARGET_NAME)"; + PROVISIONING_PROFILE_SPECIFIER = ""; + SDKROOT = macosx; + SWIFT_OBJC_BRIDGING_HEADER = "EduVPN/EduVPN-macOS-Bridging-Header.h"; + SWIFT_VERSION = 5.0; + }; + name = Release; + }; C79B63CE258A08C200C054CC /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { @@ -2873,6 +3319,15 @@ defaultConfigurationIsVisible = 0; defaultConfigurationName = Release; }; + 6F950024296547930090643F /* Build configuration list for PBXNativeTarget "EduVPN-macOS-DeveloperID" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 6F950025296547930090643F /* Debug */, + 6F950026296547930090643F /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; C79B63D0258A08C200C054CC /* Build configuration list for PBXNativeTarget "EduVPN-UITests-macOS" */ = { isa = XCConfigurationList; buildConfigurations = ( @@ -2911,6 +3366,62 @@ revision = 10da5cfdef362889b438cfbeff867a74e6d717fd; }; }; + 6F95FFA7296547930090643F /* XCRemoteSwiftPackageReference "wireguard-apple" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://git.zx2c4.com/wireguard-apple/"; + requirement = { + kind = revision; + revision = 10da5cfdef362889b438cfbeff867a74e6d717fd; + }; + }; + 6F95FFA9296547930090643F /* XCRemoteSwiftPackageReference "tunnelkit" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/eduvpn/tunnelkit.git"; + requirement = { + kind = revision; + revision = ddb080576489835ea1061e6679d30e1a20f9cf6f; + }; + }; + 6F95FFAC296547930090643F /* XCRemoteSwiftPackageReference "AppAuth-iOS" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/openid/AppAuth-iOS.git"; + requirement = { + kind = revision; + revision = 33660c271c961f8ce1084cc13f2ea8195e864f7d; + }; + }; + 6F95FFAF296547930090643F /* XCRemoteSwiftPackageReference "ASN1Decoder" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/filom/ASN1Decoder.git"; + requirement = { + kind = revision; + revision = 65953a42a0f039f53c73e48fd88c02809f7db607; + }; + }; + 6F95FFB1296547930090643F /* XCRemoteSwiftPackageReference "swift-sodium" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/jedisct1/swift-sodium"; + requirement = { + kind = revision; + revision = 4f9164a0a2c9a6a7ff53a2833d54a5c79c957342; + }; + }; + 6F95FFB4296547930090643F /* XCRemoteSwiftPackageReference "Moya" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/Moya/Moya.git"; + requirement = { + kind = revision; + revision = 9b906860e3c3c09032879465c471e6375829593f; + }; + }; + 6F95FFB6296547930090643F /* XCRemoteSwiftPackageReference "PromiseKit" */ = { + isa = XCRemoteSwiftPackageReference; + repositoryURL = "https://github.com/mxcl/PromiseKit"; + requirement = { + kind = revision; + revision = cfea84ff08fae26c0ccd4fdcc0fb3c577bcb5e2c; + }; + }; 6FC0638F27B0F0DC00AE25D9 /* XCRemoteSwiftPackageReference "tunnelkit" */ = { isa = XCRemoteSwiftPackageReference; repositoryURL = "https://github.com/eduvpn/tunnelkit.git"; @@ -3017,6 +3528,56 @@ package = 6FC0638F27B0F0DC00AE25D9 /* XCRemoteSwiftPackageReference "tunnelkit" */; productName = TunnelKitOpenVPNAppExtension; }; + 6F95FFA6296547930090643F /* WireGuardKit */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFA7296547930090643F /* XCRemoteSwiftPackageReference "wireguard-apple" */; + productName = WireGuardKit; + }; + 6F95FFA8296547930090643F /* TunnelKit */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFA9296547930090643F /* XCRemoteSwiftPackageReference "tunnelkit" */; + productName = TunnelKit; + }; + 6F95FFAA296547930090643F /* TunnelKitOpenVPN */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFA9296547930090643F /* XCRemoteSwiftPackageReference "tunnelkit" */; + productName = TunnelKitOpenVPN; + }; + 6F95FFAB296547930090643F /* AppAuth */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFAC296547930090643F /* XCRemoteSwiftPackageReference "AppAuth-iOS" */; + productName = AppAuth; + }; + 6F95FFAD296547930090643F /* AppAuthCore */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFAC296547930090643F /* XCRemoteSwiftPackageReference "AppAuth-iOS" */; + productName = AppAuthCore; + }; + 6F95FFAE296547930090643F /* ASN1Decoder */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFAF296547930090643F /* XCRemoteSwiftPackageReference "ASN1Decoder" */; + productName = ASN1Decoder; + }; + 6F95FFB0296547930090643F /* Clibsodium */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFB1296547930090643F /* XCRemoteSwiftPackageReference "swift-sodium" */; + productName = Clibsodium; + }; + 6F95FFB2296547930090643F /* Sodium */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFB1296547930090643F /* XCRemoteSwiftPackageReference "swift-sodium" */; + productName = Sodium; + }; + 6F95FFB3296547930090643F /* Moya */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFB4296547930090643F /* XCRemoteSwiftPackageReference "Moya" */; + productName = Moya; + }; + 6F95FFB5296547930090643F /* PromiseKit */ = { + isa = XCSwiftPackageProductDependency; + package = 6F95FFB6296547930090643F /* XCRemoteSwiftPackageReference "PromiseKit" */; + productName = PromiseKit; + }; 6FC0639027B0F0DC00AE25D9 /* TunnelKit */ = { isa = XCSwiftPackageProductDependency; package = 6FC0638F27B0F0DC00AE25D9 /* XCRemoteSwiftPackageReference "tunnelkit" */; From d1562273723e7509a0827cd4c167de998064a35d Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Thu, 5 Jan 2023 10:08:22 +0530 Subject: [PATCH 02/37] Xcode: Add the System Extension target We set it up in Xcode and then edit the project file to updates paths and names. --- EduVPN.xcodeproj/project.pbxproj | 228 +++++++++++++++++- .../Mac/SystemExtension/Info.plist | 14 ++ .../TunnelSystemExtension.entitlements | 25 ++ .../Mac/SystemExtension/main.swift | 15 ++ .../PacketTunnelProvider.swift | 37 +++ 5 files changed, 313 insertions(+), 6 deletions(-) create mode 100644 TunnelExtension/Mac/SystemExtension/Info.plist create mode 100644 TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements create mode 100644 TunnelExtension/Mac/SystemExtension/main.swift create mode 100644 TunnelSystemExtension-macOS/PacketTunnelProvider.swift diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 495ad6ed..50953945 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -64,6 +64,10 @@ 6F59A58824F51DEB00560155 /* server_list.json in Resources */ = {isa = PBXBuildFile; fileRef = 6F59A58624F51DEB00560155 /* server_list.json */; }; 6F59A58924F51DEB00560155 /* organization_list.json in Resources */ = {isa = PBXBuildFile; fileRef = 6F59A58724F51DEB00560155 /* organization_list.json */; }; 6F59A58B24F67CE500560155 /* OAuthExternalUserAgent.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F59A58A24F67CE500560155 /* OAuthExternalUserAgent.swift */; }; + 6F5CF7672966CCD600C310EB /* WireGuardKit in Frameworks */ = {isa = PBXBuildFile; productRef = 6F5CF7662966CCD600C310EB /* WireGuardKit */; }; + 6F5CF7692966CCD600C310EB /* TunnelKit in Frameworks */ = {isa = PBXBuildFile; productRef = 6F5CF7682966CCD600C310EB /* TunnelKit */; }; + 6F5CF76B2966CCD600C310EB /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 6F5CF76A2966CCD600C310EB /* TunnelKitOpenVPN */; }; + 6F5CF76D2966CCD600C310EB /* TunnelKitOpenVPNAppExtension in Frameworks */ = {isa = PBXBuildFile; productRef = 6F5CF76C2966CCD600C310EB /* TunnelKitOpenVPNAppExtension */; }; 6F5E6C322522E72F000225C0 /* SectionHeaderCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FEF30FA24A317C00026C786 /* SectionHeaderCell.swift */; }; 6F5E6C342522E897000225C0 /* MigrationHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FA8089424E6A75C00E7D924 /* MigrationHelper.swift */; }; 6F5E6C352522E8A0000225C0 /* Log.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FADF83024ADF86600B75E8D /* Log.swift */; }; @@ -152,6 +156,10 @@ 6F950020296547930090643F /* LoginItemHelper-macOS.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 342B9C99228ECFDB00C006D7 /* LoginItemHelper-macOS.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F950022296547930090643F /* OpenSans-Bold.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0E24C2DCA900A9D1D4 /* OpenSans-Bold.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 6F950023296547930090643F /* OpenSans-Regular.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; + 6F95002E296689810090643F /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 340F956C22B7118C00835D56 /* NetworkExtension.framework */; }; + 6F950031296689810090643F /* PacketTunnelProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F950030296689810090643F /* PacketTunnelProvider.swift */; }; + 6F950033296689810090643F /* main.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F950032296689810090643F /* main.swift */; }; + 6F950038296689810090643F /* TunnelSystemExtension.systemextension in Embed System Extensions */ = {isa = PBXBuildFile; fileRef = 6F95002D296689810090643F /* TunnelSystemExtension.systemextension */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F95FF94296297E70090643F /* OpenVPNAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */; }; 6F95FF972962988A0090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; 6F95FF982962EF820090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; @@ -365,6 +373,13 @@ remoteGlobalIDString = 6F6BB638265E58FD0093D4CC; remoteInfo = "WireGuardGoBridge-iOS"; }; + 6F950036296689810090643F /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; + proxyType = 1; + remoteGlobalIDString = 6F95002C296689810090643F; + remoteInfo = "TunnelSystemExtension-macOS"; + }; 6F95FFA5296547930090643F /* PBXContainerItemProxy */ = { isa = PBXContainerItemProxy; containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; @@ -460,6 +475,17 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6F950039296689810090643F /* Embed System Extensions */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = "$(SYSTEM_EXTENSIONS_FOLDER_PATH)"; + dstSubfolderSpec = 16; + files = ( + 6F950038296689810090643F /* TunnelSystemExtension.systemextension in Embed System Extensions */, + ); + name = "Embed System Extensions"; + runOnlyForDeploymentPostprocessing = 0; + }; 6FBFEF1424C2DCC200A9D1D4 /* CopyFiles */ = { isa = PBXCopyFilesBuildPhase; buildActionMask = 2147483647; @@ -545,7 +571,7 @@ 6F71FBB7249B54490010D0FE /* DiscoveryData.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = DiscoveryData.swift; sourceTree = ""; }; 6F71FBBC249CCE980010D0FE /* DiscoveryDataFetcher.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = DiscoveryDataFetcher.swift; sourceTree = ""; }; 6F750C9624975A4300AF2C04 /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F750D2124975B9B00AF2C04 /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; name = eduVPN.app; path = .app; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F750D2124975B9B00AF2C04 /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; 6F7B63EF2500FD7300FB154A /* StatusItemController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = StatusItemController.swift; sourceTree = ""; }; 6F7B63F125022AAE00FB154A /* LaunchAtLoginHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LaunchAtLoginHelper.swift; sourceTree = ""; }; 6F7B643D2502A18C00FB154A /* ConnectionInfoHeaderView.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ConnectionInfoHeaderView.swift; sourceTree = ""; }; @@ -556,7 +582,11 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "EduVPN-macOS-DeveloperID.app"; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F950028296547940090643F /* EduVPN-macOS copy-Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; name = "EduVPN-macOS copy-Info.plist"; path = "/Users/roop/Projects/eduVPN/eduVPN-apple/EduVPN-macOS copy-Info.plist"; sourceTree = ""; }; + 6F95002D296689810090643F /* TunnelSystemExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelSystemExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F950030296689810090643F /* PacketTunnelProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelProvider.swift; sourceTree = ""; }; + 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; + 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; + 6F950035296689810090643F /* TunnelSystemExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelSystemExtension.entitlements; sourceTree = ""; }; 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OpenVPNAdapterInterface.swift; sourceTree = ""; }; 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = WireGuardAdapterInterface.swift; sourceTree = ""; }; 6F96BB52252C51080023EB1D /* SearchViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SearchViewController+iOS.swift"; sourceTree = ""; }; @@ -762,6 +792,18 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6F95002A296689810090643F /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + 6F5CF76D2966CCD600C310EB /* TunnelKitOpenVPNAppExtension in Frameworks */, + 6F5CF76B2966CCD600C310EB /* TunnelKitOpenVPN in Frameworks */, + 6F5CF7692966CCD600C310EB /* TunnelKit in Frameworks */, + 6F5CF7672966CCD600C310EB /* WireGuardKit in Frameworks */, + 6F95002E296689810090643F /* NetworkExtension.framework in Frameworks */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; C79B63C4258A08C200C054CC /* Frameworks */ = { isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; @@ -837,9 +879,9 @@ C79B63C8258A08C200C054CC /* EduVPN-UITests-macOS */, C75B2CA62363122900D700EC /* Scripts */, 6F66DAD0265E1E4C006974CF /* TunnelExtension */, + 6F95002F296689810090643F /* TunnelSystemExtension-macOS */, 4AAC1F771F2D0E3400DD0252 /* Products */, 26B4255A0C7DB00763783EF6 /* Frameworks */, - 6F950028296547940090643F /* EduVPN-macOS copy-Info.plist */, ); sourceTree = ""; }; @@ -856,6 +898,7 @@ 6F66DACE265E1E4C006974CF /* TunnelExtension-macOS.appex */, 6F6BB620265E58BF0093D4CC /* TunnelExtension-iOS.appex */, 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */, + 6F95002D296689810090643F /* TunnelSystemExtension.systemextension */, ); name = Products; sourceTree = ""; @@ -1030,6 +1073,24 @@ path = TunnelExtension; sourceTree = ""; }; + 6F95002F296689810090643F /* TunnelSystemExtension-macOS */ = { + isa = PBXGroup; + children = ( + 6F950030296689810090643F /* PacketTunnelProvider.swift */, + ); + path = "TunnelSystemExtension-macOS"; + sourceTree = ""; + }; + 6F95003D29668A060090643F /* SystemExtension */ = { + isa = PBXGroup; + children = ( + 6F950032296689810090643F /* main.swift */, + 6F950034296689810090643F /* Info.plist */, + 6F950035296689810090643F /* TunnelSystemExtension.entitlements */, + ); + path = SystemExtension; + sourceTree = ""; + }; 6F95FF922962919E0090643F /* OpenVPN */ = { isa = PBXGroup; children = ( @@ -1061,6 +1122,7 @@ 6FE062FD266E3699003FF2F8 /* Mac */ = { isa = PBXGroup; children = ( + 6F95003D29668A060090643F /* SystemExtension */, 6F66DAD3265E1E4D006974CF /* Info.plist */, 6F66DAD4265E1E4D006974CF /* TunnelExtension.entitlements */, ); @@ -1496,6 +1558,29 @@ productReference = 6F750D2124975B9B00AF2C04 /* eduVPN.app */; productType = "com.apple.product-type.application"; }; + 6F95002C296689810090643F /* TunnelSystemExtension-macOS */ = { + isa = PBXNativeTarget; + buildConfigurationList = 6F95003C296689810090643F /* Build configuration list for PBXNativeTarget "TunnelSystemExtension-macOS" */; + buildPhases = ( + 6F950029296689810090643F /* Sources */, + 6F95002A296689810090643F /* Frameworks */, + 6F95002B296689810090643F /* Resources */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = "TunnelSystemExtension-macOS"; + packageProductDependencies = ( + 6F5CF7662966CCD600C310EB /* WireGuardKit */, + 6F5CF7682966CCD600C310EB /* TunnelKit */, + 6F5CF76A2966CCD600C310EB /* TunnelKitOpenVPN */, + 6F5CF76C2966CCD600C310EB /* TunnelKitOpenVPNAppExtension */, + ); + productName = "TunnelSystemExtension-macOS"; + productReference = 6F95002D296689810090643F /* TunnelSystemExtension.systemextension */; + productType = "com.apple.product-type.system-extension"; + }; 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */ = { isa = PBXNativeTarget; buildConfigurationList = 6F950024296547930090643F /* Build configuration list for PBXNativeTarget "EduVPN-macOS-DeveloperID" */; @@ -1509,11 +1594,13 @@ 6F95001D296547930090643F /* Embed App Extensions */, 6F95001F296547930090643F /* CopyFiles */, 6F950021296547930090643F /* CopyFiles */, + 6F950039296689810090643F /* Embed System Extensions */, ); buildRules = ( ); dependencies = ( 6F95FFA4296547930090643F /* PBXTargetDependency */, + 6F950037296689810090643F /* PBXTargetDependency */, ); name = "EduVPN-macOS-DeveloperID"; packageProductDependencies = ( @@ -1592,7 +1679,7 @@ 4AAC1F6E1F2D0E3400DD0252 /* Project object */ = { isa = PBXProject; attributes = { - LastSwiftUpdateCheck = 1220; + LastSwiftUpdateCheck = 1340; LastUpgradeCheck = 1150; ORGANIZATIONNAME = SURFNet; TargetAttributes = { @@ -1624,6 +1711,9 @@ 6F750CBD24975B9B00AF2C04 = { ProvisioningStyle = Automatic; }; + 6F95002C296689810090643F = { + CreatedOnToolsVersion = 13.4.1; + }; C79B63C6258A08C200C054CC = { CreatedOnToolsVersion = 12.2; ProvisioningStyle = Automatic; @@ -1675,6 +1765,7 @@ C7B439292580CE4D00FEB2B1 /* EduVPN-Tests-iOS */, 4AAC1F891F2D0E3400DD0252 /* EduVPNTests */, 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */, + 6F95002C296689810090643F /* TunnelSystemExtension-macOS */, ); }; /* End PBXProject section */ @@ -1758,6 +1849,13 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6F95002B296689810090643F /* Resources */ = { + isa = PBXResourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; C79B63C5258A08C200C054CC /* Resources */ = { isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; @@ -2041,6 +2139,15 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6F950029296689810090643F /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 6F950033296689810090643F /* main.swift in Sources */, + 6F950031296689810090643F /* PacketTunnelProvider.swift in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; 6F95FFB9296547930090643F /* Sources */ = { isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; @@ -2331,6 +2438,11 @@ target = 6F6BB638265E58FD0093D4CC /* WireGuardGoBridge-iOS */; targetProxy = 6F6BB65D265E59340093D4CC /* PBXContainerItemProxy */; }; + 6F950037296689810090643F /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = 6F95002C296689810090643F /* TunnelSystemExtension-macOS */; + targetProxy = 6F950036296689810090643F /* PBXContainerItemProxy */; + }; 6F95FFA4296547930090643F /* PBXTargetDependency */ = { isa = PBXTargetDependency; target = 6F66DACD265E1E4C006974CF /* TunnelExtension-macOS */; @@ -2991,7 +3103,7 @@ DEBUG_INFORMATION_FORMAT = dwarf; ENABLE_HARDENED_RUNTIME = YES; GCC_C_LANGUAGE_STANDARD = gnu11; - INFOPLIST_FILE = "EduVPN-macOS copy-Info.plist"; + INFOPLIST_FILE = "$(SRCROOT)/EduVPN/Resources/Mac/Info.plist"; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/../Frameworks", @@ -3037,7 +3149,7 @@ DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; ENABLE_HARDENED_RUNTIME = YES; GCC_C_LANGUAGE_STANDARD = gnu11; - INFOPLIST_FILE = "EduVPN-macOS copy-Info.plist"; + INFOPLIST_FILE = "$(SRCROOT)/EduVPN/Resources/Mac/Info.plist"; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/../Frameworks", @@ -3064,6 +3176,81 @@ }; name = Release; }; + 6F95003A296689810090643F /* Debug */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = 6F66DB7B265E5096006974CF /* Development-macOS-TunnelExtension.xcconfig */; + buildSettings = { + CLANG_CXX_LANGUAGE_STANDARD = "gnu++17"; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements; + CODE_SIGN_IDENTITY = "Mac Developer"; + CODE_SIGN_STYLE = Automatic; + CURRENT_PROJECT_VERSION = 1; + DEBUG_INFORMATION_FORMAT = dwarf; + ENABLE_HARDENED_RUNTIME = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GENERATE_INFOPLIST_FILE = YES; + INFOPLIST_FILE = TunnelExtension/Mac/SystemExtension/Info.plist; + INFOPLIST_KEY_CFBundleDisplayName = "TunnelSystemExtension-macOS"; + INFOPLIST_KEY_NSHumanReadableCopyright = "Copyright © 2023 The Commons Conservancy. All rights reserved."; + INFOPLIST_KEY_NSSystemExtensionUsageDescription = "System Extension that implements the tunnel"; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/../Frameworks", + "@executable_path/../../../../Frameworks", + ); + MACOSX_DEPLOYMENT_TARGET = 10.15; + MARKETING_VERSION = "$(APP_MARKETING_VERSION)"; + MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; + MTL_FAST_MATH = YES; + PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).TunnelSystemExtension"; + PRODUCT_NAME = "$(APP_ID).TunnelSystemExtension"; + SDKROOT = macosx; + SKIP_INSTALL = YES; + SWIFT_EMIT_LOC_STRINGS = YES; + SWIFT_VERSION = 5.0; + }; + name = Debug; + }; + 6F95003B296689810090643F /* Release */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = 6F66DB7C265E5096006974CF /* Release-macOS-TunnelExtension.xcconfig */; + buildSettings = { + CLANG_CXX_LANGUAGE_STANDARD = "gnu++17"; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements; + CODE_SIGN_IDENTITY = "Mac Developer"; + CODE_SIGN_STYLE = Automatic; + CURRENT_PROJECT_VERSION = 1; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + ENABLE_HARDENED_RUNTIME = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + GENERATE_INFOPLIST_FILE = YES; + INFOPLIST_FILE = TunnelExtension/Mac/SystemExtension/Info.plist; + INFOPLIST_KEY_CFBundleDisplayName = "TunnelSystemExtension-macOS"; + INFOPLIST_KEY_NSHumanReadableCopyright = "Copyright © 2023 The Commons Conservancy. All rights reserved."; + INFOPLIST_KEY_NSSystemExtensionUsageDescription = "System Extension that implements the tunnel"; + LD_RUNPATH_SEARCH_PATHS = ( + "$(inherited)", + "@executable_path/../Frameworks", + "@executable_path/../../../../Frameworks", + ); + MACOSX_DEPLOYMENT_TARGET = 10.15; + MARKETING_VERSION = "$(APP_MARKETING_VERSION)"; + MTL_FAST_MATH = YES; + PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).TunnelSystemExtension"; + PRODUCT_NAME = "$(APP_ID).TunnelSystemExtension"; + SDKROOT = macosx; + SKIP_INSTALL = YES; + SWIFT_EMIT_LOC_STRINGS = YES; + SWIFT_VERSION = 5.0; + }; + name = Release; + }; C79B63CE258A08C200C054CC /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { @@ -3328,6 +3515,15 @@ defaultConfigurationIsVisible = 0; defaultConfigurationName = Release; }; + 6F95003C296689810090643F /* Build configuration list for PBXNativeTarget "TunnelSystemExtension-macOS" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 6F95003A296689810090643F /* Debug */, + 6F95003B296689810090643F /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; C79B63D0258A08C200C054CC /* Build configuration list for PBXNativeTarget "EduVPN-UITests-macOS" */ = { isa = XCConfigurationList; buildConfigurations = ( @@ -3493,6 +3689,26 @@ package = 6FC0638F27B0F0DC00AE25D9 /* XCRemoteSwiftPackageReference "tunnelkit" */; productName = TunnelKitOpenVPNAppExtension; }; + 6F5CF7662966CCD600C310EB /* WireGuardKit */ = { + isa = XCSwiftPackageProductDependency; + package = 6F0CF434264E8AAF00E90529 /* XCRemoteSwiftPackageReference "wireguard-apple" */; + productName = WireGuardKit; + }; + 6F5CF7682966CCD600C310EB /* TunnelKit */ = { + isa = XCSwiftPackageProductDependency; + package = 6FC0638F27B0F0DC00AE25D9 /* XCRemoteSwiftPackageReference "tunnelkit" */; + productName = TunnelKit; + }; + 6F5CF76A2966CCD600C310EB /* TunnelKitOpenVPN */ = { + isa = XCSwiftPackageProductDependency; + package = 6FC0638F27B0F0DC00AE25D9 /* XCRemoteSwiftPackageReference "tunnelkit" */; + productName = TunnelKitOpenVPN; + }; + 6F5CF76C2966CCD600C310EB /* TunnelKitOpenVPNAppExtension */ = { + isa = XCSwiftPackageProductDependency; + package = 6FC0638F27B0F0DC00AE25D9 /* XCRemoteSwiftPackageReference "tunnelkit" */; + productName = TunnelKitOpenVPNAppExtension; + }; 6F66DB13265E1F5C006974CF /* WireGuardKit */ = { isa = XCSwiftPackageProductDependency; package = 6F0CF434264E8AAF00E90529 /* XCRemoteSwiftPackageReference "wireguard-apple" */; diff --git a/TunnelExtension/Mac/SystemExtension/Info.plist b/TunnelExtension/Mac/SystemExtension/Info.plist new file mode 100644 index 00000000..2f6e7f37 --- /dev/null +++ b/TunnelExtension/Mac/SystemExtension/Info.plist @@ -0,0 +1,14 @@ + + + + + NetworkExtension + + NEProviderClasses + + com.apple.networkextension.packet-tunnel + $(PRODUCT_MODULE_NAME).PacketTunnelProvider + + + + diff --git a/TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements b/TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements new file mode 100644 index 00000000..e65652a3 --- /dev/null +++ b/TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements @@ -0,0 +1,25 @@ + + + + + com.apple.developer.networking.networkextension + + packet-tunnel-provider + + com.apple.security.app-sandbox + + com.apple.security.network.client + + com.apple.security.network.server + + com.apple.security.application-groups + + $(TeamIdentifierPrefix)$(GROUP_ID) + + keychain-access-groups + + $(TeamIdentifierPrefix)$(GROUP_ID) + + + + diff --git a/TunnelExtension/Mac/SystemExtension/main.swift b/TunnelExtension/Mac/SystemExtension/main.swift new file mode 100644 index 00000000..17aa97f6 --- /dev/null +++ b/TunnelExtension/Mac/SystemExtension/main.swift @@ -0,0 +1,15 @@ +// +// main.swift +// TunnelSystemExtension-macOS +// +// Copyright © 2023 The Commons Conservancy. All rights reserved. +// + +import Foundation +import NetworkExtension + +autoreleasepool { + NEProvider.startSystemExtensionMode() +} + +dispatchMain() diff --git a/TunnelSystemExtension-macOS/PacketTunnelProvider.swift b/TunnelSystemExtension-macOS/PacketTunnelProvider.swift new file mode 100644 index 00000000..61a0f6df --- /dev/null +++ b/TunnelSystemExtension-macOS/PacketTunnelProvider.swift @@ -0,0 +1,37 @@ +// +// PacketTunnelProvider.swift +// TunnelSystemExtension-macOS +// +// Created by Roopesh Chander S on 05/01/23. +// Copyright © 2023 SURFNet. All rights reserved. +// + +import NetworkExtension + +class PacketTunnelProvider: NEPacketTunnelProvider { + + override func startTunnel(options: [String : NSObject]?, completionHandler: @escaping (Error?) -> Void) { + // Add code here to start the process of connecting the tunnel. + } + + override func stopTunnel(with reason: NEProviderStopReason, completionHandler: @escaping () -> Void) { + // Add code here to start the process of stopping the tunnel. + completionHandler() + } + + override func handleAppMessage(_ messageData: Data, completionHandler: ((Data?) -> Void)?) { + // Add code here to handle the message. + if let handler = completionHandler { + handler(messageData) + } + } + + override func sleep(completionHandler: @escaping () -> Void) { + // Add code here to get ready to sleep. + completionHandler() + } + + override func wake() { + // Add code here to wake up. + } +} From 1cd3057ff8be182b14b2468bb703ff1dc69dc9aa Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Fri, 6 Jan 2023 05:25:52 +0530 Subject: [PATCH 03/37] Xcode: Setup the System Extension for building We set it up in Xcode and then edit the project file to remove references to the expanded APP_ID --- EduVPN.xcodeproj/project.pbxproj | 69 ++++++++++++++++---------------- 1 file changed, 35 insertions(+), 34 deletions(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 50953945..3fa6ff20 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -68,6 +68,14 @@ 6F5CF7692966CCD600C310EB /* TunnelKit in Frameworks */ = {isa = PBXBuildFile; productRef = 6F5CF7682966CCD600C310EB /* TunnelKit */; }; 6F5CF76B2966CCD600C310EB /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 6F5CF76A2966CCD600C310EB /* TunnelKitOpenVPN */; }; 6F5CF76D2966CCD600C310EB /* TunnelKitOpenVPNAppExtension in Frameworks */ = {isa = PBXBuildFile; productRef = 6F5CF76C2966CCD600C310EB /* TunnelKitOpenVPNAppExtension */; }; + 6F5CF76E2967990600C310EB /* Shared.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F3073562689B8000083EEEF /* Shared.swift */; }; + 6F5CF76F2967992200C310EB /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; + 6F5CF7702967992200C310EB /* TunnelConfiguration+WgQuickConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FFC4064266E392000835B43 /* TunnelConfiguration+WgQuickConfig.swift */; }; + 6F5CF7712967992300C310EB /* TunnelConfiguration+UapiConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F30735D2689E0530083EEEF /* TunnelConfiguration+UapiConfig.swift */; }; + 6F5CF7722967992300C310EB /* String+ArrayConversion.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FFC4088266F51D200835B43 /* String+ArrayConversion.swift */; }; + 6F5CF7732967992300C310EB /* OpenVPNAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */; }; + 6F5CF7742967992300C310EB /* PacketTunnelProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F66DAD1265E1E4C006974CF /* PacketTunnelProvider.swift */; }; + 6F5CF77729679C5400C310EB /* Logger.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F21F40926899B7A00C157E1 /* Logger.swift */; }; 6F5E6C322522E72F000225C0 /* SectionHeaderCell.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FEF30FA24A317C00026C786 /* SectionHeaderCell.swift */; }; 6F5E6C342522E897000225C0 /* MigrationHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FA8089424E6A75C00E7D924 /* MigrationHelper.swift */; }; 6F5E6C352522E8A0000225C0 /* Log.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FADF83024ADF86600B75E8D /* Log.swift */; }; @@ -152,14 +160,12 @@ 6F950019296547930090643F /* privacy_statement.json in Resources */ = {isa = PBXBuildFile; fileRef = 6FF5524D28551CAC0044BA84 /* privacy_statement.json */; }; 6F95001A296547930090643F /* organization_list.json in Resources */ = {isa = PBXBuildFile; fileRef = 6F59A58724F51DEB00560155 /* organization_list.json */; }; 6F95001B296547930090643F /* config.json in Resources */ = {isa = PBXBuildFile; fileRef = C75B2CB42363138200D700EC /* config.json */; }; - 6F95001E296547930090643F /* TunnelExtension-macOS.appex in Embed App Extensions */ = {isa = PBXBuildFile; fileRef = 6F66DACE265E1E4C006974CF /* TunnelExtension-macOS.appex */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F950020296547930090643F /* LoginItemHelper-macOS.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 342B9C99228ECFDB00C006D7 /* LoginItemHelper-macOS.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F950022296547930090643F /* OpenSans-Bold.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0E24C2DCA900A9D1D4 /* OpenSans-Bold.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 6F950023296547930090643F /* OpenSans-Regular.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 6F95002E296689810090643F /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 340F956C22B7118C00835D56 /* NetworkExtension.framework */; }; - 6F950031296689810090643F /* PacketTunnelProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F950030296689810090643F /* PacketTunnelProvider.swift */; }; 6F950033296689810090643F /* main.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F950032296689810090643F /* main.swift */; }; - 6F950038296689810090643F /* TunnelSystemExtension.systemextension in Embed System Extensions */ = {isa = PBXBuildFile; fileRef = 6F95002D296689810090643F /* TunnelSystemExtension.systemextension */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; + 6F950038296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension in Embed System Extensions */ = {isa = PBXBuildFile; fileRef = 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F95FF94296297E70090643F /* OpenVPNAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */; }; 6F95FF972962988A0090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; 6F95FF982962EF820090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; @@ -345,6 +351,13 @@ /* End PBXBuildFile section */ /* Begin PBXContainerItemProxy section */ + 6F5CF77529679AB100C310EB /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; + proxyType = 1; + remoteGlobalIDString = 6F66DAEF265E1E9D006974CF; + remoteInfo = "WireGuardGoBridge-macOS"; + }; 6F66DAD5265E1E4D006974CF /* PBXContainerItemProxy */ = { isa = PBXContainerItemProxy; containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; @@ -380,13 +393,6 @@ remoteGlobalIDString = 6F95002C296689810090643F; remoteInfo = "TunnelSystemExtension-macOS"; }; - 6F95FFA5296547930090643F /* PBXContainerItemProxy */ = { - isa = PBXContainerItemProxy; - containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; - proxyType = 1; - remoteGlobalIDString = 6F66DACD265E1E4C006974CF; - remoteInfo = "WireGuardTunnelExtension-macOS"; - }; C79B63DC258A08FB00C054CC /* PBXContainerItemProxy */ = { isa = PBXContainerItemProxy; containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; @@ -443,17 +449,6 @@ name = "Embed App Extensions"; runOnlyForDeploymentPostprocessing = 0; }; - 6F95001D296547930090643F /* Embed App Extensions */ = { - isa = PBXCopyFilesBuildPhase; - buildActionMask = 2147483647; - dstPath = ""; - dstSubfolderSpec = 13; - files = ( - 6F95001E296547930090643F /* TunnelExtension-macOS.appex in Embed App Extensions */, - ); - name = "Embed App Extensions"; - runOnlyForDeploymentPostprocessing = 0; - }; 6F95001F296547930090643F /* CopyFiles */ = { isa = PBXCopyFilesBuildPhase; buildActionMask = 2147483647; @@ -481,7 +476,7 @@ dstPath = "$(SYSTEM_EXTENSIONS_FOLDER_PATH)"; dstSubfolderSpec = 16; files = ( - 6F950038296689810090643F /* TunnelSystemExtension.systemextension in Embed System Extensions */, + 6F950038296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension in Embed System Extensions */, ); name = "Embed System Extensions"; runOnlyForDeploymentPostprocessing = 0; @@ -582,7 +577,7 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "EduVPN-macOS-DeveloperID.app"; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* TunnelSystemExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelSystemExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; name = "$(APP_ID).TunnelSystemExtension.systemextension"; path = "net.roopc.eduVPN-macOS-DeveloperId.TunnelSystemExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950030296689810090643F /* PacketTunnelProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelProvider.swift; sourceTree = ""; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; @@ -898,7 +893,7 @@ 6F66DACE265E1E4C006974CF /* TunnelExtension-macOS.appex */, 6F6BB620265E58BF0093D4CC /* TunnelExtension-iOS.appex */, 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */, - 6F95002D296689810090643F /* TunnelSystemExtension.systemextension */, + 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */, ); name = Products; sourceTree = ""; @@ -1569,6 +1564,7 @@ buildRules = ( ); dependencies = ( + 6F5CF77629679AB100C310EB /* PBXTargetDependency */, ); name = "TunnelSystemExtension-macOS"; packageProductDependencies = ( @@ -1578,7 +1574,7 @@ 6F5CF76C2966CCD600C310EB /* TunnelKitOpenVPNAppExtension */, ); productName = "TunnelSystemExtension-macOS"; - productReference = 6F95002D296689810090643F /* TunnelSystemExtension.systemextension */; + productReference = 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */; productType = "com.apple.product-type.system-extension"; }; 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */ = { @@ -1591,15 +1587,13 @@ 6F950007296547930090643F /* Frameworks */, 6F950013296547930090643F /* Resources */, 6F95001C296547930090643F /* Set Build Number */, - 6F95001D296547930090643F /* Embed App Extensions */, + 6F950039296689810090643F /* Embed System Extensions */, 6F95001F296547930090643F /* CopyFiles */, 6F950021296547930090643F /* CopyFiles */, - 6F950039296689810090643F /* Embed System Extensions */, ); buildRules = ( ); dependencies = ( - 6F95FFA4296547930090643F /* PBXTargetDependency */, 6F950037296689810090643F /* PBXTargetDependency */, ); name = "EduVPN-macOS-DeveloperID"; @@ -2143,8 +2137,15 @@ isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( + 6F5CF77729679C5400C310EB /* Logger.swift in Sources */, + 6F5CF76E2967990600C310EB /* Shared.swift in Sources */, + 6F5CF76F2967992200C310EB /* WireGuardAdapterInterface.swift in Sources */, + 6F5CF7702967992200C310EB /* TunnelConfiguration+WgQuickConfig.swift in Sources */, + 6F5CF7712967992300C310EB /* TunnelConfiguration+UapiConfig.swift in Sources */, + 6F5CF7722967992300C310EB /* String+ArrayConversion.swift in Sources */, + 6F5CF7732967992300C310EB /* OpenVPNAdapterInterface.swift in Sources */, + 6F5CF7742967992300C310EB /* PacketTunnelProvider.swift in Sources */, 6F950033296689810090643F /* main.swift in Sources */, - 6F950031296689810090643F /* PacketTunnelProvider.swift in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -2418,6 +2419,11 @@ /* End PBXSourcesBuildPhase section */ /* Begin PBXTargetDependency section */ + 6F5CF77629679AB100C310EB /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = 6F66DAEF265E1E9D006974CF /* WireGuardGoBridge-macOS */; + targetProxy = 6F5CF77529679AB100C310EB /* PBXContainerItemProxy */; + }; 6F66DAD6265E1E4D006974CF /* PBXTargetDependency */ = { isa = PBXTargetDependency; target = 6F66DACD265E1E4C006974CF /* TunnelExtension-macOS */; @@ -2443,11 +2449,6 @@ target = 6F95002C296689810090643F /* TunnelSystemExtension-macOS */; targetProxy = 6F950036296689810090643F /* PBXContainerItemProxy */; }; - 6F95FFA4296547930090643F /* PBXTargetDependency */ = { - isa = PBXTargetDependency; - target = 6F66DACD265E1E4C006974CF /* TunnelExtension-macOS */; - targetProxy = 6F95FFA5296547930090643F /* PBXContainerItemProxy */; - }; C79B63DD258A08FB00C054CC /* PBXTargetDependency */ = { isa = PBXTargetDependency; target = 6F750C2C24975A4300AF2C04 /* EduVPN-macOS */; From 687838716359472675d31d10b6d239ce4867cd79 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Fri, 6 Jan 2023 05:35:36 +0530 Subject: [PATCH 04/37] Xcode: Rearrange targets --- EduVPN.xcodeproj/project.pbxproj | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 3fa6ff20..86a20a1a 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -1750,16 +1750,16 @@ 6F750C2C24975A4300AF2C04 /* EduVPN-macOS */, 6F66DACD265E1E4C006974CF /* TunnelExtension-macOS */, 6F66DAEF265E1E9D006974CF /* WireGuardGoBridge-macOS */, - C79B63C6258A08C200C054CC /* EduVPN-UITests-macOS */, + 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */, + 6F95002C296689810090643F /* TunnelSystemExtension-macOS */, 342B9C98228ECFDB00C006D7 /* LoginItemHelper-macOS */, + C79B63C6258A08C200C054CC /* EduVPN-UITests-macOS */, 6F750CBD24975B9B00AF2C04 /* EduVPN-iOS */, 6F6BB61F265E58BF0093D4CC /* TunnelExtension-iOS */, 6F6BB638265E58FD0093D4CC /* WireGuardGoBridge-iOS */, C7B439492580D0F000FEB2B1 /* EduVPN-UITests-iOS */, C7B439292580CE4D00FEB2B1 /* EduVPN-Tests-iOS */, 4AAC1F891F2D0E3400DD0252 /* EduVPNTests */, - 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */, - 6F95002C296689810090643F /* TunnelSystemExtension-macOS */, ); }; /* End PBXProject section */ From a38c8eb8a35c33f18570f92dba0e4865614e20c8 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Tue, 10 Jan 2023 13:15:11 +0530 Subject: [PATCH 05/37] Setup a separate entitlements file for the DeveloperID app --- EduVPN.xcodeproj/project.pbxproj | 4 +-- .../Mac/eduVPN_DeveloperID.entitlements | 26 +++++++++++++++++++ 2 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 86a20a1a..17794f91 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -3097,7 +3097,7 @@ CLANG_ENABLE_MODULES = YES; CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN.entitlements; + CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements; CODE_SIGN_IDENTITY = "Mac Developer"; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; @@ -3143,7 +3143,7 @@ CLANG_ENABLE_MODULES = YES; CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN.entitlements; + CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements; CODE_SIGN_IDENTITY = "Mac Developer"; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; diff --git a/EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements b/EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements new file mode 100644 index 00000000..70660e86 --- /dev/null +++ b/EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements @@ -0,0 +1,26 @@ + + + + + com.apple.developer.networking.networkextension + + packet-tunnel-provider + + com.apple.security.app-sandbox + + com.apple.security.application-groups + + $(TeamIdentifierPrefix)$(GROUP_ID) + + com.apple.security.files.user-selected.read-only + + com.apple.security.network.client + + com.apple.security.network.server + + keychain-access-groups + + $(TeamIdentifierPrefix)$(GROUP_ID) + + + From 5e5d4028b1754739d9c52345ae4f57f939f99c74 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Tue, 10 Jan 2023 13:15:55 +0530 Subject: [PATCH 06/37] Add System Extensions capability to Developer ID app --- EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements | 2 ++ 1 file changed, 2 insertions(+) diff --git a/EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements b/EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements index 70660e86..5f94bd52 100644 --- a/EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements +++ b/EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements @@ -6,6 +6,8 @@ packet-tunnel-provider + com.apple.developer.system-extension.install + com.apple.security.app-sandbox com.apple.security.application-groups From be9ab61d0eeec12a55668021bf6f10dfb007c826 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Tue, 10 Jan 2023 13:37:59 +0530 Subject: [PATCH 07/37] NavigationController: Show privacy statement only for App Store --- EduVPN/Shims/NavigationController.swift | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/EduVPN/Shims/NavigationController.swift b/EduVPN/Shims/NavigationController.swift index e1d51171..923dacaa 100644 --- a/EduVPN/Shims/NavigationController.swift +++ b/EduVPN/Shims/NavigationController.swift @@ -59,7 +59,11 @@ class NavigationController: NSViewController { } override func viewDidAppear() { + #if DEVELOPER_ID_DISTRIBUTION + #else + // Show disclaimer only for the app distributed through the Mac App Store showDisclaimerIfNotAcceptedYet() + #endif } @IBAction func toolbarPreferencesClicked(_ sender: Any) { From 8b3021c31e44bd321544f90636f34937c16de402 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 11 Jan 2023 12:02:03 +0530 Subject: [PATCH 08/37] Xcode project: Fix product name for Developer ID app --- EduVPN.xcodeproj/project.pbxproj | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 17794f91..c6346265 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -3124,7 +3124,7 @@ "\"CryptoKit\"", ); PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID)"; - PRODUCT_NAME = "$(TARGET_NAME)"; + PRODUCT_NAME = "$(APP_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; SDKROOT = macosx; SWIFT_OBJC_BRIDGING_HEADER = "EduVPN/EduVPN-macOS-Bridging-Header.h"; @@ -3169,7 +3169,7 @@ "\"CryptoKit\"", ); PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID)"; - PRODUCT_NAME = "$(TARGET_NAME)"; + PRODUCT_NAME = "$(APP_NAME)"; PROVISIONING_PROFILE_SPECIFIER = ""; SDKROOT = macosx; SWIFT_OBJC_BRIDGING_HEADER = "EduVPN/EduVPN-macOS-Bridging-Header.h"; From e765cb4057e6869a8a30352079a36dd3d23c06e4 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Thu, 12 Jan 2023 10:23:18 +0530 Subject: [PATCH 09/37] Add SystemExtensionHelper --- EduVPN.xcodeproj/project.pbxproj | 14 +- .../Helpers/Mac/SystemExtensionHelper.swift | 138 ++++++++++++++++++ 2 files changed, 148 insertions(+), 4 deletions(-) create mode 100644 EduVPN/Helpers/Mac/SystemExtensionHelper.swift diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index c6346265..30d28d66 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -265,6 +265,8 @@ 6FC063A327B0F52900AE25D9 /* TunnelKit in Frameworks */ = {isa = PBXBuildFile; productRef = 6FC063A227B0F52900AE25D9 /* TunnelKit */; }; 6FC063A527B0F52900AE25D9 /* TunnelKitOpenVPN in Frameworks */ = {isa = PBXBuildFile; productRef = 6FC063A427B0F52900AE25D9 /* TunnelKitOpenVPN */; }; 6FC27AC824B9550D006FA648 /* ServerAPIService.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FC27AC724B9550C006FA648 /* ServerAPIService.swift */; }; + 6FCA844F296E9190006DD80E /* SystemExtensionHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FCA844E296E9190006DD80E /* SystemExtensionHelper.swift */; }; + 6FCA8450296E9190006DD80E /* SystemExtensionHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FCA844E296E9190006DD80E /* SystemExtensionHelper.swift */; }; 6FCC5EF424B8579D00C6BC80 /* LanguageMappedString.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FCC5EF324B8579D00C6BC80 /* LanguageMappedString.swift */; }; 6FCC5EF624B85D6700C6BC80 /* ServerResponse.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FCC5EF524B85D6700C6BC80 /* ServerResponse.swift */; }; 6FCCC577249E25F100F0F5A3 /* NavigationController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FCCC576249E25F100F0F5A3 /* NavigationController.swift */; }; @@ -576,8 +578,8 @@ 6F885F7B25C1740D00CABF4E /* CredentialsViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = CredentialsViewController.swift; sourceTree = ""; }; 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; - 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "EduVPN-macOS-DeveloperID.app"; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; name = "$(APP_ID).TunnelSystemExtension.systemextension"; path = "net.roopc.eduVPN-macOS-DeveloperId.TunnelSystemExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F950027296547930090643F /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelSystemExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950030296689810090643F /* PacketTunnelProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelProvider.swift; sourceTree = ""; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; @@ -598,6 +600,7 @@ 6FBFEF0E24C2DCA900A9D1D4 /* OpenSans-Bold.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "OpenSans-Bold.ttf"; sourceTree = ""; }; 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "OpenSans-Regular.ttf"; sourceTree = ""; }; 6FC27AC724B9550C006FA648 /* ServerAPIService.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ServerAPIService.swift; sourceTree = ""; }; + 6FCA844E296E9190006DD80E /* SystemExtensionHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = SystemExtensionHelper.swift; path = SystemExtensionHelper.swift; sourceTree = ""; }; 6FCC5EF324B8579D00C6BC80 /* LanguageMappedString.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LanguageMappedString.swift; sourceTree = ""; }; 6FCC5EF524B85D6700C6BC80 /* ServerResponse.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ServerResponse.swift; sourceTree = ""; }; 6FCCC576249E25F100F0F5A3 /* NavigationController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = NavigationController.swift; sourceTree = ""; }; @@ -892,7 +895,7 @@ C79B63C7258A08C200C054CC /* EduVPN-UITests-macOS.xctest */, 6F66DACE265E1E4C006974CF /* TunnelExtension-macOS.appex */, 6F6BB620265E58BF0093D4CC /* TunnelExtension-iOS.appex */, - 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */, + 6F950027296547930090643F /* eduVPN.app */, 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */, ); name = Products; @@ -980,6 +983,7 @@ 6F5820F726EE036800906397 /* AppDataRemover.swift */, 6F49FAAA263C1A55005DB8D3 /* OAuthRedirectHTTPHandler.h */, 6F49FAAB263C1A55005DB8D3 /* OAuthRedirectHTTPHandler.m */, + 6FCA844E296E9190006DD80E /* SystemExtensionHelper.swift */, ); path = Mac; sourceTree = ""; @@ -1610,7 +1614,7 @@ 6F95FFB5296547930090643F /* PromiseKit */, ); productName = "EduVPN-macOS"; - productReference = 6F950027296547930090643F /* EduVPN-macOS-DeveloperID.app */; + productReference = 6F950027296547930090643F /* eduVPN.app */; productType = "com.apple.product-type.application"; }; C79B63C6258A08C200C054CC /* EduVPN-UITests-macOS */ = { @@ -2187,6 +2191,7 @@ 6F95FFD9296547930090643F /* PersistenceService.swift in Sources */, 6F95FFDA296547930090643F /* ConnectionAttempt.swift in Sources */, 6F95FFDB296547930090643F /* SupportContactTextView.swift in Sources */, + 6FCA8450296E9190006DD80E /* SystemExtensionHelper.swift in Sources */, 6F95FFDC296547930090643F /* SearchViewController.swift in Sources */, 6F95FFDD296547930090643F /* ServerDiscoveryService.swift in Sources */, 6F95FFDE296547930090643F /* MainViewModel.swift in Sources */, @@ -2297,6 +2302,7 @@ 6FADF82B24ADF57000B75E8D /* PersistenceService.swift in Sources */, 6FA808AF24EBBD1F00E7D924 /* ConnectionAttempt.swift in Sources */, 6F1A1C0124EE8EDB0040D6A2 /* SupportContactTextView.swift in Sources */, + 6FCA844F296E9190006DD80E /* SystemExtensionHelper.swift in Sources */, C7DB4B9D247FC23D009932B1 /* SearchViewController.swift in Sources */, 6FEF30D824A0B8C60026C786 /* ServerDiscoveryService.swift in Sources */, C7DB4BA1247FC243009932B1 /* MainViewModel.swift in Sources */, diff --git a/EduVPN/Helpers/Mac/SystemExtensionHelper.swift b/EduVPN/Helpers/Mac/SystemExtensionHelper.swift new file mode 100644 index 00000000..5c0bc8c1 --- /dev/null +++ b/EduVPN/Helpers/Mac/SystemExtensionHelper.swift @@ -0,0 +1,138 @@ +// +// SystemExtensionHelper.swift +// EduVPN +// + +#if DEVELOPER_ID_DISTRIBUTION + +import Foundation +import SystemExtensions + +enum SystemExtensionHelperError: String, Error { + case rebootRequiredError = "Reboot required" + case unknownError = "Unknown error" +} + +class SystemExtensionHelper: NSObject { + var alertAskingToEnableSystemExtensions: NSAlert? + + func beginSystemExtensionInstallation() { + NSLog("beginSystemExtensionInstallation") + guard let appId = Bundle.main.bundleIdentifier else { fatalError("missing bundle id") } + let tunnelExtensionBundleId = "\(appId).TunnelSystemExtension" + let request = OSSystemExtensionRequest.activationRequest( + forExtensionWithIdentifier: tunnelExtensionBundleId, + queue: DispatchQueue.main) + request.delegate = self + OSSystemExtensionManager.shared.submitRequest(request) + } +} + +extension SystemExtensionHelper: OSSystemExtensionRequestDelegate { + func request(_ request: OSSystemExtensionRequest, actionForReplacingExtension existing: OSSystemExtensionProperties, withExtension ext: OSSystemExtensionProperties) -> OSSystemExtensionRequest.ReplacementAction { + NSLog("System Extension: Replacing \(existing.bundleShortVersion) with \(ext.bundleShortVersion)") + return .replace + } + + func requestNeedsUserApproval(_ request: OSSystemExtensionRequest) { + NSLog("System Extension: Needs user approval") + showAlertAskingToEnableSystemExtensions() + } + + func request(_ request: OSSystemExtensionRequest, didFinishWithResult result: OSSystemExtensionRequest.Result) { + if result == .completed { + NSLog("System Extension: Loading complete") + hideAlertAskingToEnableSystemExtensions() + } else if result == .willCompleteAfterReboot { + NSLog("System Extension: Loading requires reboot") + showAlertSayingSystemExtensionsIsDisabled(error: SystemExtensionHelperError.rebootRequiredError) + } else { + NSLog("System Extension: OSSystemExtensionRequest code = \(result.rawValue)") + showAlertSayingSystemExtensionsIsDisabled(error: SystemExtensionHelperError.unknownError) + } + } + + func request(_ request: OSSystemExtensionRequest, didFailWithError error: Error) { + NSLog("System Extension: Error: \(error)") + showAlertSayingSystemExtensionsIsDisabled(error: error) + } +} + +private extension SystemExtensionHelper { + func showAlertAskingToEnableSystemExtensions() { + let alert = NSAlert() + alert.alertStyle = .critical + + alert.messageText = NSLocalizedString( + "Allow application to load system software", + comment: "macOS alert title on attempt to install System Extension") + alert.informativeText = String( + format: NSLocalizedString( + "This application can work only after you enable it to install System Extensions.\n\nOpen Security Settings (Settings > Privacy & Security > Security), look for a message saying that system software from \"%@\" was blocked, and click on \"Allow\" next to that.", + comment: "macOS alert text on attempt to install System Extension"), + Config.shared.appName) + let openSettingsButton = alert.addButton(withTitle: NSLocalizedString( + "Open Settings", + comment: "macOS alert button on attempt to install System Extension")) + openSettingsButton.target = self + openSettingsButton.action = #selector(openSecurityPreferencesPane) + + alert.addButton(withTitle: NSLocalizedString("Quit", comment: "")) + + alertAskingToEnableSystemExtensions = alert + + if let window = NSApp.windows.first { + alert.beginSheetModal(for: window) { result in + if case .alertSecondButtonReturn = result { + NSApp.terminate(self) + } + } + } + } + + @objc func openSecurityPreferencesPane() { + if let url = URL(string: "x-apple.systempreferences:com.apple.preference.security?Security") { + NSWorkspace.shared.open(url) + } + } + + func hideAlertAskingToEnableSystemExtensions() { + if let alert = alertAskingToEnableSystemExtensions, + let window = NSApp.windows.first { + window.endSheet(alert.window) + } + } + + func showAlertSayingSystemExtensionsIsDisabled(error: Error) { + + hideAlertAskingToEnableSystemExtensions() + + let alert = NSAlert() + alert.alertStyle = .critical + + alert.messageText = NSLocalizedString( + "Failed to install System Extension", + comment: "macOS alert title on failure to install System Extension") + alert.informativeText = String( + format: NSLocalizedString( + "Unable to install System Extension.\n\nError: %@", + comment: "macOS alert text on failure to install System Extension"), + error.localizedDescription) + alert.addButton(withTitle: NSLocalizedString( + "Try Again", + comment: "macOS alert button on attempt to install System Extension")) + alert.addButton(withTitle: NSLocalizedString("Quit", comment: "")) + + if let window = NSApp.windows.first { + alert.beginSheetModal(for: window) { [weak self] result in + if case .alertFirstButtonReturn = result { + self?.beginSystemExtensionInstallation() + } else if case .alertSecondButtonReturn = result { + NSApp.terminate(self) + } + } + } + } +} + +#endif From a4618c7b274e727a9e3b9c8b140762cde32e0192 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Thu, 12 Jan 2023 10:28:28 +0530 Subject: [PATCH 10/37] AppDelegate: Use SystemExtensionHelper --- EduVPN/AppDelegate.swift | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/EduVPN/AppDelegate.swift b/EduVPN/AppDelegate.swift index e75f129e..9478ec17 100644 --- a/EduVPN/AppDelegate.swift +++ b/EduVPN/AppDelegate.swift @@ -41,6 +41,10 @@ class AppDelegate: NSObject, NSApplicationDelegate { var statusItemController: StatusItemController? var mainViewController: MainViewController? + #if DEVELOPER_ID_DISTRIBUTION + var systemExtensionHelper: SystemExtensionHelper? + #endif + func applicationWillFinishLaunching(_ notification: Notification) { if UserDefaults.standard.showInDock { NSApp.setActivationPolicy(.regular) @@ -86,6 +90,12 @@ class AppDelegate: NSObject, NSApplicationDelegate { } self.mainWindow = window + +#if DEVELOPER_ID_DISTRIBUTION + let systemExtensionHelper = SystemExtensionHelper() + systemExtensionHelper.beginSystemExtensionInstallation() + self.systemExtensionHelper = systemExtensionHelper +#endif } private static func replaceAppNameInMenuItems(in menu: NSMenu?) { From 96829475815e28bae1e6ed794f1274979c58ab31 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Thu, 12 Jan 2023 10:52:33 +0530 Subject: [PATCH 11/37] Set -DDEVELOPER_ID_DISTRIBUTION using xcconfig --- Config/Mac/Development-macOS-DeveloperID.xcconfig | 12 ++++++++++++ Config/Mac/Release-macOS-DeveloperID.xcconfig | 12 ++++++++++++ EduVPN.xcodeproj/project.pbxproj | 8 ++++++-- 3 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 Config/Mac/Development-macOS-DeveloperID.xcconfig create mode 100644 Config/Mac/Release-macOS-DeveloperID.xcconfig diff --git a/Config/Mac/Development-macOS-DeveloperID.xcconfig b/Config/Mac/Development-macOS-DeveloperID.xcconfig new file mode 100644 index 00000000..5a3acbd9 --- /dev/null +++ b/Config/Mac/Development-macOS-DeveloperID.xcconfig @@ -0,0 +1,12 @@ +// +// Development.xcconfig +// eduVPN +// + +// Configuration settings file format documentation can be found at: +// https://help.apple.com/xcode/#/dev745c5c974 + +#include "Developer-macOS.xcconfig" +#include "AppVersion-macOS.xcconfig" + +SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEVELOPER_ID_DISTRIBUTION diff --git a/Config/Mac/Release-macOS-DeveloperID.xcconfig b/Config/Mac/Release-macOS-DeveloperID.xcconfig new file mode 100644 index 00000000..dc8d8713 --- /dev/null +++ b/Config/Mac/Release-macOS-DeveloperID.xcconfig @@ -0,0 +1,12 @@ +// +// Release.xcconfig +// eduVPN +// + +// Configuration settings file format documentation can be found at: +// https://help.apple.com/xcode/#/dev745c5c974 + +#include "Developer-macOS.xcconfig" +#include "AppVersion-macOS.xcconfig" + +SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEVELOPER_ID_DISTRIBUTION diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 30d28d66..709e618e 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -601,6 +601,8 @@ 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "OpenSans-Regular.ttf"; sourceTree = ""; }; 6FC27AC724B9550C006FA648 /* ServerAPIService.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ServerAPIService.swift; sourceTree = ""; }; 6FCA844E296E9190006DD80E /* SystemExtensionHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = SystemExtensionHelper.swift; path = SystemExtensionHelper.swift; sourceTree = ""; }; + 6FCA8451296FCFEB006DD80E /* Release-macOS-DeveloperID.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; name = "Release-macOS-DeveloperID.xcconfig"; path = "Release-macOS-DeveloperID.xcconfig"; sourceTree = ""; }; + 6FCA8452296FCFEB006DD80E /* Development-macOS-DeveloperID.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; name = "Development-macOS-DeveloperID.xcconfig"; path = "Development-macOS-DeveloperID.xcconfig"; sourceTree = ""; }; 6FCC5EF324B8579D00C6BC80 /* LanguageMappedString.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LanguageMappedString.swift; sourceTree = ""; }; 6FCC5EF524B85D6700C6BC80 /* ServerResponse.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ServerResponse.swift; sourceTree = ""; }; 6FCCC576249E25F100F0F5A3 /* NavigationController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = NavigationController.swift; sourceTree = ""; }; @@ -1043,9 +1045,11 @@ C75B2CB72363138200D700EC /* Development-macOS.xcconfig */, 6F66DB7B265E5096006974CF /* Development-macOS-TunnelExtension.xcconfig */, C730CD6223746B4900C21AF9 /* Development-macOS-LoginItemHelper.xcconfig */, + 6FCA8452296FCFEB006DD80E /* Development-macOS-DeveloperID.xcconfig */, C75B2CB92363138200D700EC /* Release-macOS.xcconfig */, 6F66DB7C265E5096006974CF /* Release-macOS-TunnelExtension.xcconfig */, C730CD6323746B4900C21AF9 /* Release-macOS-LoginItemHelper.xcconfig */, + 6FCA8451296FCFEB006DD80E /* Release-macOS-DeveloperID.xcconfig */, C75B2CBF2363138200D700EC /* AppVersion-macOS.xcconfig */, ); path = Mac; @@ -3095,7 +3099,7 @@ }; 6F950025296547930090643F /* Debug */ = { isa = XCBuildConfiguration; - baseConfigurationReference = C75B2CB72363138200D700EC /* Development-macOS.xcconfig */; + baseConfigurationReference = 6FCA8452296FCFEB006DD80E /* Development-macOS-DeveloperID.xcconfig */; buildSettings = { ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; @@ -3141,7 +3145,7 @@ }; 6F950026296547930090643F /* Release */ = { isa = XCBuildConfiguration; - baseConfigurationReference = C75B2CB92363138200D700EC /* Release-macOS.xcconfig */; + baseConfigurationReference = 6FCA8451296FCFEB006DD80E /* Release-macOS-DeveloperID.xcconfig */; buildSettings = { ALWAYS_EMBED_SWIFT_STANDARD_LIBRARIES = YES; ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; From 9f8c3462135f4c98b8d2a72b2aa556ffcff7a2d3 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Fri, 13 Jan 2023 10:03:09 +0530 Subject: [PATCH 12/37] Rename TunnelSystemExtension to TunnelExtension --- EduVPN.xcodeproj/project.pbxproj | 26 +++++++++---------- .../Helpers/Mac/SystemExtensionHelper.swift | 2 +- ...itlements => TunnelExtension.entitlements} | 0 3 files changed, 14 insertions(+), 14 deletions(-) rename TunnelExtension/Mac/SystemExtension/{TunnelSystemExtension.entitlements => TunnelExtension.entitlements} (100%) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 709e618e..99fa51e4 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -165,7 +165,7 @@ 6F950023296547930090643F /* OpenSans-Regular.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 6F95002E296689810090643F /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 340F956C22B7118C00835D56 /* NetworkExtension.framework */; }; 6F950033296689810090643F /* main.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F950032296689810090643F /* main.swift */; }; - 6F950038296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension in Embed System Extensions */ = {isa = PBXBuildFile; fileRef = 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; + 6F950038296689810090643F /* $(APP_ID).TunnelExtension.systemextension in Embed System Extensions */ = {isa = PBXBuildFile; fileRef = 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F95FF94296297E70090643F /* OpenVPNAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */; }; 6F95FF972962988A0090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; 6F95FF982962EF820090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; @@ -478,7 +478,7 @@ dstPath = "$(SYSTEM_EXTENSIONS_FOLDER_PATH)"; dstSubfolderSpec = 16; files = ( - 6F950038296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension in Embed System Extensions */, + 6F950038296689810090643F /* $(APP_ID).TunnelExtension.systemextension in Embed System Extensions */, ); name = "Embed System Extensions"; runOnlyForDeploymentPostprocessing = 0; @@ -579,11 +579,11 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelSystemExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950030296689810090643F /* PacketTunnelProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelProvider.swift; sourceTree = ""; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; - 6F950035296689810090643F /* TunnelSystemExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelSystemExtension.entitlements; sourceTree = ""; }; + 6F950035296689810090643F /* TunnelExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension.entitlements; sourceTree = ""; }; 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = OpenVPNAdapterInterface.swift; sourceTree = ""; }; 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = WireGuardAdapterInterface.swift; sourceTree = ""; }; 6F96BB52252C51080023EB1D /* SearchViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SearchViewController+iOS.swift"; sourceTree = ""; }; @@ -898,7 +898,7 @@ 6F66DACE265E1E4C006974CF /* TunnelExtension-macOS.appex */, 6F6BB620265E58BF0093D4CC /* TunnelExtension-iOS.appex */, 6F950027296547930090643F /* eduVPN.app */, - 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */, + 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */, ); name = Products; sourceTree = ""; @@ -1089,7 +1089,7 @@ children = ( 6F950032296689810090643F /* main.swift */, 6F950034296689810090643F /* Info.plist */, - 6F950035296689810090643F /* TunnelSystemExtension.entitlements */, + 6F950035296689810090643F /* TunnelExtension.entitlements */, ); path = SystemExtension; sourceTree = ""; @@ -1582,7 +1582,7 @@ 6F5CF76C2966CCD600C310EB /* TunnelKitOpenVPNAppExtension */, ); productName = "TunnelSystemExtension-macOS"; - productReference = 6F95002D296689810090643F /* $(APP_ID).TunnelSystemExtension.systemextension */; + productReference = 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */; productType = "com.apple.product-type.system-extension"; }; 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */ = { @@ -3195,7 +3195,7 @@ CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements; + CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements; CODE_SIGN_IDENTITY = "Mac Developer"; CODE_SIGN_STYLE = Automatic; CURRENT_PROJECT_VERSION = 1; @@ -3216,8 +3216,8 @@ MARKETING_VERSION = "$(APP_MARKETING_VERSION)"; MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; MTL_FAST_MATH = YES; - PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).TunnelSystemExtension"; - PRODUCT_NAME = "$(APP_ID).TunnelSystemExtension"; + PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).TunnelExtension"; + PRODUCT_NAME = "$(APP_ID).TunnelExtension"; SDKROOT = macosx; SKIP_INSTALL = YES; SWIFT_EMIT_LOC_STRINGS = YES; @@ -3233,7 +3233,7 @@ CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements; + CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements; CODE_SIGN_IDENTITY = "Mac Developer"; CODE_SIGN_STYLE = Automatic; CURRENT_PROJECT_VERSION = 1; @@ -3253,8 +3253,8 @@ MACOSX_DEPLOYMENT_TARGET = 10.15; MARKETING_VERSION = "$(APP_MARKETING_VERSION)"; MTL_FAST_MATH = YES; - PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).TunnelSystemExtension"; - PRODUCT_NAME = "$(APP_ID).TunnelSystemExtension"; + PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).TunnelExtension"; + PRODUCT_NAME = "$(APP_ID).TunnelExtension"; SDKROOT = macosx; SKIP_INSTALL = YES; SWIFT_EMIT_LOC_STRINGS = YES; diff --git a/EduVPN/Helpers/Mac/SystemExtensionHelper.swift b/EduVPN/Helpers/Mac/SystemExtensionHelper.swift index 5c0bc8c1..6f1163dc 100644 --- a/EduVPN/Helpers/Mac/SystemExtensionHelper.swift +++ b/EduVPN/Helpers/Mac/SystemExtensionHelper.swift @@ -19,7 +19,7 @@ class SystemExtensionHelper: NSObject { func beginSystemExtensionInstallation() { NSLog("beginSystemExtensionInstallation") guard let appId = Bundle.main.bundleIdentifier else { fatalError("missing bundle id") } - let tunnelExtensionBundleId = "\(appId).TunnelSystemExtension" + let tunnelExtensionBundleId = "\(appId).TunnelExtension" let request = OSSystemExtensionRequest.activationRequest( forExtensionWithIdentifier: tunnelExtensionBundleId, queue: DispatchQueue.main) diff --git a/TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements b/TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements similarity index 100% rename from TunnelExtension/Mac/SystemExtension/TunnelSystemExtension.entitlements rename to TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements From 5852ff891e8992ef729b9d2b7f5995d08f22b44b Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Fri, 13 Jan 2023 10:11:55 +0530 Subject: [PATCH 13/37] SystemExtensionHelper: Fix alert on System Extension error --- EduVPN/Helpers/Mac/SystemExtensionHelper.swift | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/EduVPN/Helpers/Mac/SystemExtensionHelper.swift b/EduVPN/Helpers/Mac/SystemExtensionHelper.swift index 6f1163dc..f20670b5 100644 --- a/EduVPN/Helpers/Mac/SystemExtensionHelper.swift +++ b/EduVPN/Helpers/Mac/SystemExtensionHelper.swift @@ -45,16 +45,16 @@ extension SystemExtensionHelper: OSSystemExtensionRequestDelegate { hideAlertAskingToEnableSystemExtensions() } else if result == .willCompleteAfterReboot { NSLog("System Extension: Loading requires reboot") - showAlertSayingSystemExtensionsIsDisabled(error: SystemExtensionHelperError.rebootRequiredError) + showAlertOnSystemExtensionError(error: SystemExtensionHelperError.rebootRequiredError) } else { NSLog("System Extension: OSSystemExtensionRequest code = \(result.rawValue)") - showAlertSayingSystemExtensionsIsDisabled(error: SystemExtensionHelperError.unknownError) + showAlertOnSystemExtensionError(error: SystemExtensionHelperError.unknownError) } } func request(_ request: OSSystemExtensionRequest, didFailWithError error: Error) { NSLog("System Extension: Error: \(error)") - showAlertSayingSystemExtensionsIsDisabled(error: error) + showAlertOnSystemExtensionError(error: error) } } @@ -103,7 +103,7 @@ private extension SystemExtensionHelper { } } - func showAlertSayingSystemExtensionsIsDisabled(error: Error) { + func showAlertOnSystemExtensionError(error: Error) { hideAlertAskingToEnableSystemExtensions() @@ -111,11 +111,11 @@ private extension SystemExtensionHelper { alert.alertStyle = .critical alert.messageText = NSLocalizedString( - "Failed to install System Extension", + "Error installing System Extension", comment: "macOS alert title on failure to install System Extension") alert.informativeText = String( format: NSLocalizedString( - "Unable to install System Extension.\n\nError: %@", + "Unable to install System Extension.\nError: %@", comment: "macOS alert text on failure to install System Extension"), error.localizedDescription) alert.addButton(withTitle: NSLocalizedString( From 343bba8da4a25517c838656ed4b81da549c708af Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Fri, 13 Jan 2023 10:22:05 +0530 Subject: [PATCH 14/37] Remove unused files from project --- EduVPN.xcodeproj/project.pbxproj | 18 ++------- .../PacketTunnelProvider.swift | 37 ------------------- 2 files changed, 4 insertions(+), 51 deletions(-) delete mode 100644 TunnelSystemExtension-macOS/PacketTunnelProvider.swift diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 99fa51e4..e00ac350 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -579,8 +579,7 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F950030296689810090643F /* PacketTunnelProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelProvider.swift; sourceTree = ""; }; + 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; name = "$(APP_ID).TunnelExtension.systemextension"; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 6F950035296689810090643F /* TunnelExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension.entitlements; sourceTree = ""; }; @@ -600,9 +599,9 @@ 6FBFEF0E24C2DCA900A9D1D4 /* OpenSans-Bold.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "OpenSans-Bold.ttf"; sourceTree = ""; }; 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = "OpenSans-Regular.ttf"; sourceTree = ""; }; 6FC27AC724B9550C006FA648 /* ServerAPIService.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ServerAPIService.swift; sourceTree = ""; }; - 6FCA844E296E9190006DD80E /* SystemExtensionHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; name = SystemExtensionHelper.swift; path = SystemExtensionHelper.swift; sourceTree = ""; }; - 6FCA8451296FCFEB006DD80E /* Release-macOS-DeveloperID.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; name = "Release-macOS-DeveloperID.xcconfig"; path = "Release-macOS-DeveloperID.xcconfig"; sourceTree = ""; }; - 6FCA8452296FCFEB006DD80E /* Development-macOS-DeveloperID.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; name = "Development-macOS-DeveloperID.xcconfig"; path = "Development-macOS-DeveloperID.xcconfig"; sourceTree = ""; }; + 6FCA844E296E9190006DD80E /* SystemExtensionHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SystemExtensionHelper.swift; sourceTree = ""; }; + 6FCA8451296FCFEB006DD80E /* Release-macOS-DeveloperID.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = "Release-macOS-DeveloperID.xcconfig"; sourceTree = ""; }; + 6FCA8452296FCFEB006DD80E /* Development-macOS-DeveloperID.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = "Development-macOS-DeveloperID.xcconfig"; sourceTree = ""; }; 6FCC5EF324B8579D00C6BC80 /* LanguageMappedString.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LanguageMappedString.swift; sourceTree = ""; }; 6FCC5EF524B85D6700C6BC80 /* ServerResponse.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ServerResponse.swift; sourceTree = ""; }; 6FCCC576249E25F100F0F5A3 /* NavigationController.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = NavigationController.swift; sourceTree = ""; }; @@ -879,7 +878,6 @@ C79B63C8258A08C200C054CC /* EduVPN-UITests-macOS */, C75B2CA62363122900D700EC /* Scripts */, 6F66DAD0265E1E4C006974CF /* TunnelExtension */, - 6F95002F296689810090643F /* TunnelSystemExtension-macOS */, 4AAC1F771F2D0E3400DD0252 /* Products */, 26B4255A0C7DB00763783EF6 /* Frameworks */, ); @@ -1076,14 +1074,6 @@ path = TunnelExtension; sourceTree = ""; }; - 6F95002F296689810090643F /* TunnelSystemExtension-macOS */ = { - isa = PBXGroup; - children = ( - 6F950030296689810090643F /* PacketTunnelProvider.swift */, - ); - path = "TunnelSystemExtension-macOS"; - sourceTree = ""; - }; 6F95003D29668A060090643F /* SystemExtension */ = { isa = PBXGroup; children = ( diff --git a/TunnelSystemExtension-macOS/PacketTunnelProvider.swift b/TunnelSystemExtension-macOS/PacketTunnelProvider.swift deleted file mode 100644 index 61a0f6df..00000000 --- a/TunnelSystemExtension-macOS/PacketTunnelProvider.swift +++ /dev/null @@ -1,37 +0,0 @@ -// -// PacketTunnelProvider.swift -// TunnelSystemExtension-macOS -// -// Created by Roopesh Chander S on 05/01/23. -// Copyright © 2023 SURFNet. All rights reserved. -// - -import NetworkExtension - -class PacketTunnelProvider: NEPacketTunnelProvider { - - override func startTunnel(options: [String : NSObject]?, completionHandler: @escaping (Error?) -> Void) { - // Add code here to start the process of connecting the tunnel. - } - - override func stopTunnel(with reason: NEProviderStopReason, completionHandler: @escaping () -> Void) { - // Add code here to start the process of stopping the tunnel. - completionHandler() - } - - override func handleAppMessage(_ messageData: Data, completionHandler: ((Data?) -> Void)?) { - // Add code here to handle the message. - if let handler = completionHandler { - handler(messageData) - } - } - - override func sleep(completionHandler: @escaping () -> Void) { - // Add code here to get ready to sleep. - completionHandler() - } - - override func wake() { - // Add code here to wake up. - } -} From 6bfd82c7cdee66e87577bf8e9ef527fd4e6a1195 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Fri, 13 Jan 2023 10:24:32 +0530 Subject: [PATCH 15/37] Move App Extension's Info.plist and entitlements to a separate directory --- EduVPN.xcodeproj/project.pbxproj | 22 +++++++++++++------ .../Mac/{ => AppExtension}/Info.plist | 0 .../TunnelExtension.entitlements | 0 .../TunnelExtension.entitlements | 1 - 4 files changed, 15 insertions(+), 8 deletions(-) rename TunnelExtension/Mac/{ => AppExtension}/Info.plist (100%) rename TunnelExtension/Mac/{ => AppExtension}/TunnelExtension.entitlements (100%) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index e00ac350..2681f07c 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -579,7 +579,7 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; name = "$(APP_ID).TunnelExtension.systemextension"; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; name = "$(APP_ID).TunnelExtension.systemextension"; path = "net.roopc.eduVPN-macOS-DeveloperId.TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 6F950035296689810090643F /* TunnelExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension.entitlements; sourceTree = ""; }; @@ -1103,6 +1103,15 @@ path = WireGuard; sourceTree = ""; }; + 6FAD277C29711B3300577685 /* AppExtension */ = { + isa = PBXGroup; + children = ( + 6F66DAD3265E1E4D006974CF /* Info.plist */, + 6F66DAD4265E1E4D006974CF /* TunnelExtension.entitlements */, + ); + path = AppExtension; + sourceTree = ""; + }; 6FBFEF0D24C2DC8C00A9D1D4 /* Fonts */ = { isa = PBXGroup; children = ( @@ -1115,9 +1124,8 @@ 6FE062FD266E3699003FF2F8 /* Mac */ = { isa = PBXGroup; children = ( + 6FAD277C29711B3300577685 /* AppExtension */, 6F95003D29668A060090643F /* SystemExtension */, - 6F66DAD3265E1E4D006974CF /* Info.plist */, - 6F66DAD4265E1E4D006974CF /* TunnelExtension.entitlements */, ); path = Mac; sourceTree = ""; @@ -2725,13 +2733,13 @@ CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/TunnelExtension.entitlements; + CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/AppExtension/TunnelExtension.entitlements; CODE_SIGN_IDENTITY = "Mac Developer"; CODE_SIGN_STYLE = Automatic; DEBUG_INFORMATION_FORMAT = dwarf; ENABLE_HARDENED_RUNTIME = YES; GCC_C_LANGUAGE_STANDARD = gnu11; - INFOPLIST_FILE = TunnelExtension/Mac/Info.plist; + INFOPLIST_FILE = TunnelExtension/Mac/AppExtension/Info.plist; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/../Frameworks", @@ -2756,13 +2764,13 @@ CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/TunnelExtension.entitlements; + CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/AppExtension/TunnelExtension.entitlements; CODE_SIGN_IDENTITY = "Mac Developer"; CODE_SIGN_STYLE = Automatic; DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; ENABLE_HARDENED_RUNTIME = YES; GCC_C_LANGUAGE_STANDARD = gnu11; - INFOPLIST_FILE = TunnelExtension/Mac/Info.plist; + INFOPLIST_FILE = TunnelExtension/Mac/AppExtension/Info.plist; LD_RUNPATH_SEARCH_PATHS = ( "$(inherited)", "@executable_path/../Frameworks", diff --git a/TunnelExtension/Mac/Info.plist b/TunnelExtension/Mac/AppExtension/Info.plist similarity index 100% rename from TunnelExtension/Mac/Info.plist rename to TunnelExtension/Mac/AppExtension/Info.plist diff --git a/TunnelExtension/Mac/TunnelExtension.entitlements b/TunnelExtension/Mac/AppExtension/TunnelExtension.entitlements similarity index 100% rename from TunnelExtension/Mac/TunnelExtension.entitlements rename to TunnelExtension/Mac/AppExtension/TunnelExtension.entitlements diff --git a/TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements b/TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements index e65652a3..0c5e1d8c 100644 --- a/TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements +++ b/TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements @@ -20,6 +20,5 @@ $(TeamIdentifierPrefix)$(GROUP_ID) - From c5780c74684adbba36176a0f94affef2cd9ee5d6 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Fri, 13 Jan 2023 17:17:58 +0530 Subject: [PATCH 16/37] SystemExtensionHelper: Import Cocoa --- EduVPN/Helpers/Mac/SystemExtensionHelper.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/EduVPN/Helpers/Mac/SystemExtensionHelper.swift b/EduVPN/Helpers/Mac/SystemExtensionHelper.swift index f20670b5..8756f3f8 100644 --- a/EduVPN/Helpers/Mac/SystemExtensionHelper.swift +++ b/EduVPN/Helpers/Mac/SystemExtensionHelper.swift @@ -5,7 +5,7 @@ #if DEVELOPER_ID_DISTRIBUTION -import Foundation +import Cocoa import SystemExtensions enum SystemExtensionHelperError: String, Error { From b01e54ff135f0d96e69c446d7cf9b188c099a06c Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 18 Jan 2023 11:10:30 +0530 Subject: [PATCH 17/37] Xcode: Rename tunnel extension target for Developer ID --- EduVPN.xcodeproj/project.pbxproj | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 2681f07c..ceaf2d32 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -579,7 +579,7 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; name = "$(APP_ID).TunnelExtension.systemextension"; path = "net.roopc.eduVPN-macOS-DeveloperId.TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 6F950035296689810090643F /* TunnelExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension.entitlements; sourceTree = ""; }; @@ -1559,9 +1559,9 @@ productReference = 6F750D2124975B9B00AF2C04 /* eduVPN.app */; productType = "com.apple.product-type.application"; }; - 6F95002C296689810090643F /* TunnelSystemExtension-macOS */ = { + 6F95002C296689810090643F /* TunnelExtension-macOS-DeveloperID */ = { isa = PBXNativeTarget; - buildConfigurationList = 6F95003C296689810090643F /* Build configuration list for PBXNativeTarget "TunnelSystemExtension-macOS" */; + buildConfigurationList = 6F95003C296689810090643F /* Build configuration list for PBXNativeTarget "TunnelExtension-macOS-DeveloperID" */; buildPhases = ( 6F950029296689810090643F /* Sources */, 6F95002A296689810090643F /* Frameworks */, @@ -1572,7 +1572,7 @@ dependencies = ( 6F5CF77629679AB100C310EB /* PBXTargetDependency */, ); - name = "TunnelSystemExtension-macOS"; + name = "TunnelExtension-macOS-DeveloperID"; packageProductDependencies = ( 6F5CF7662966CCD600C310EB /* WireGuardKit */, 6F5CF7682966CCD600C310EB /* TunnelKit */, @@ -1757,7 +1757,7 @@ 6F66DACD265E1E4C006974CF /* TunnelExtension-macOS */, 6F66DAEF265E1E9D006974CF /* WireGuardGoBridge-macOS */, 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */, - 6F95002C296689810090643F /* TunnelSystemExtension-macOS */, + 6F95002C296689810090643F /* TunnelExtension-macOS-DeveloperID */, 342B9C98228ECFDB00C006D7 /* LoginItemHelper-macOS */, C79B63C6258A08C200C054CC /* EduVPN-UITests-macOS */, 6F750CBD24975B9B00AF2C04 /* EduVPN-iOS */, @@ -2454,7 +2454,7 @@ }; 6F950037296689810090643F /* PBXTargetDependency */ = { isa = PBXTargetDependency; - target = 6F95002C296689810090643F /* TunnelSystemExtension-macOS */; + target = 6F95002C296689810090643F /* TunnelExtension-macOS-DeveloperID */; targetProxy = 6F950036296689810090643F /* PBXContainerItemProxy */; }; C79B63DD258A08FB00C054CC /* PBXTargetDependency */ = { @@ -3524,7 +3524,7 @@ defaultConfigurationIsVisible = 0; defaultConfigurationName = Release; }; - 6F95003C296689810090643F /* Build configuration list for PBXNativeTarget "TunnelSystemExtension-macOS" */ = { + 6F95003C296689810090643F /* Build configuration list for PBXNativeTarget "TunnelExtension-macOS-DeveloperID" */ = { isa = XCConfigurationList; buildConfigurations = ( 6F95003A296689810090643F /* Debug */, From c53cdd66de69c28fc29102a843a8050fb4cd9363 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 18 Jan 2023 11:23:40 +0530 Subject: [PATCH 18/37] Create a LoginItemHelper-macOS-DeveloperID target --- EduVPN.xcodeproj/project.pbxproj | 130 ++++++++++++++++++++++++++++++- 1 file changed, 129 insertions(+), 1 deletion(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index ceaf2d32..4d0020d9 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -250,6 +250,10 @@ 6F9CE541261802F10065E4BA /* CredentialsViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F9CE540261802F10065E4BA /* CredentialsViewController+macOS.swift */; }; 6F9CE54B2618064A0065E4BA /* CredentialsViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F885F7B25C1740D00CABF4E /* CredentialsViewController.swift */; }; 6F9CE560261807000065E4BA /* CredentialsViewController+iOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F9CE555261806A90065E4BA /* CredentialsViewController+iOS.swift */; }; + 6FA517F82977BDE90030468D /* AppDelegate.m in Sources */ = {isa = PBXBuildFile; fileRef = 342B9CB2228ED01400C006D7 /* AppDelegate.m */; }; + 6FA517F92977BDE90030468D /* main.m in Sources */ = {isa = PBXBuildFile; fileRef = 342B9CAF228ED01400C006D7 /* main.m */; }; + 6FA517FC2977BDE90030468D /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 342B9CB9228ED02E00C006D7 /* Main.storyboard */; }; + 6FA517FD2977BDE90030468D /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 342B9CB0228ED01400C006D7 /* Assets.xcassets */; }; 6FA8089524E6A75D00E7D924 /* MigrationHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FA8089424E6A75C00E7D924 /* MigrationHelper.swift */; }; 6FA808AF24EBBD1F00E7D924 /* ConnectionAttempt.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FA808AE24EBBD1F00E7D924 /* ConnectionAttempt.swift */; }; 6FADF82724ADF2E600B75E8D /* ServerInfoFetcher.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FADF82624ADF2E600B75E8D /* ServerInfoFetcher.swift */; }; @@ -579,7 +583,7 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; name = "$(APP_ID).TunnelExtension.systemextension"; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 6F950035296689810090643F /* TunnelExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension.entitlements; sourceTree = ""; }; @@ -588,6 +592,7 @@ 6F96BB52252C51080023EB1D /* SearchViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SearchViewController+iOS.swift"; sourceTree = ""; }; 6F9CE540261802F10065E4BA /* CredentialsViewController+macOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CredentialsViewController+macOS.swift"; sourceTree = ""; }; 6F9CE555261806A90065E4BA /* CredentialsViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CredentialsViewController+iOS.swift"; sourceTree = ""; }; + 6FA518022977BDE90030468D /* LoginItemHelper.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "LoginItemHelper.app"; sourceTree = BUILT_PRODUCTS_DIR; }; 6FA8089424E6A75C00E7D924 /* MigrationHelper.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MigrationHelper.swift; sourceTree = ""; }; 6FA808AE24EBBD1F00E7D924 /* ConnectionAttempt.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ConnectionAttempt.swift; sourceTree = ""; }; 6FADF82624ADF2E600B75E8D /* ServerInfoFetcher.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ServerInfoFetcher.swift; sourceTree = ""; }; @@ -803,6 +808,13 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6FA517FA2977BDE90030468D /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; C79B63C4258A08C200C054CC /* Frameworks */ = { isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; @@ -897,6 +909,7 @@ 6F6BB620265E58BF0093D4CC /* TunnelExtension-iOS.appex */, 6F950027296547930090643F /* eduVPN.app */, 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */, + 6FA518022977BDE90030468D /* LoginItemHelper.app */, ); name = Products; sourceTree = ""; @@ -1619,6 +1632,24 @@ productReference = 6F950027296547930090643F /* eduVPN.app */; productType = "com.apple.product-type.application"; }; + 6FA517F62977BDE90030468D /* LoginItemHelper-macOS-DeveloperID */ = { + isa = PBXNativeTarget; + buildConfigurationList = 6FA517FF2977BDE90030468D /* Build configuration list for PBXNativeTarget "LoginItemHelper-macOS-DeveloperID" */; + buildPhases = ( + 6FA517F72977BDE90030468D /* Sources */, + 6FA517FA2977BDE90030468D /* Frameworks */, + 6FA517FB2977BDE90030468D /* Resources */, + 6FA517FE2977BDE90030468D /* Set Build Number */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = "LoginItemHelper-macOS-DeveloperID"; + productName = "LoginItemHelper-macOS"; + productReference = 6FA518022977BDE90030468D /* LoginItemHelper.app */; + productType = "com.apple.product-type.application"; + }; C79B63C6258A08C200C054CC /* EduVPN-UITests-macOS */ = { isa = PBXNativeTarget; buildConfigurationList = C79B63D0258A08C200C054CC /* Build configuration list for PBXNativeTarget "EduVPN-UITests-macOS" */; @@ -1758,6 +1789,7 @@ 6F66DAEF265E1E9D006974CF /* WireGuardGoBridge-macOS */, 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */, 6F95002C296689810090643F /* TunnelExtension-macOS-DeveloperID */, + 6FA517F62977BDE90030468D /* LoginItemHelper-macOS-DeveloperID */, 342B9C98228ECFDB00C006D7 /* LoginItemHelper-macOS */, C79B63C6258A08C200C054CC /* EduVPN-UITests-macOS */, 6F750CBD24975B9B00AF2C04 /* EduVPN-iOS */, @@ -1856,6 +1888,15 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6FA517FB2977BDE90030468D /* Resources */ = { + isa = PBXResourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 6FA517FC2977BDE90030468D /* Main.storyboard in Resources */, + 6FA517FD2977BDE90030468D /* Assets.xcassets in Resources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; C79B63C5258A08C200C054CC /* Resources */ = { isa = PBXResourcesBuildPhase; buildActionMask = 2147483647; @@ -2034,6 +2075,24 @@ shellPath = /bin/sh; shellScript = "export PATH=${PATH}:/usr/local/bin:/opt/homebrew/bin\nif which swiftlint >/dev/null; then\n swiftlint\nelse\n echo \"warning: SwiftLint not installed (Run: 'brew install swiftlint')\"\nfi\n"; }; + 6FA517FE2977BDE90030468D /* Set Build Number */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputFileListPaths = ( + ); + inputPaths = ( + ); + name = "Set Build Number"; + outputFileListPaths = ( + ); + outputPaths = ( + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "$SRCROOT/Scripts/set_build_number.sh\n"; + }; 6FE09C1E268F1EC90049203C /* Set Build Number */ = { isa = PBXShellScriptBuildPhase; buildActionMask = 2147483647; @@ -2240,6 +2299,15 @@ ); runOnlyForDeploymentPostprocessing = 0; }; + 6FA517F72977BDE90030468D /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 6FA517F82977BDE90030468D /* AppDelegate.m in Sources */, + 6FA517F92977BDE90030468D /* main.m in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; C79B63C3258A08C200C054CC /* Sources */ = { isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; @@ -3260,6 +3328,57 @@ }; name = Release; }; + 6FA518002977BDE90030468D /* Debug */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = C730CD6223746B4900C21AF9 /* Development-macOS-LoginItemHelper.xcconfig */; + buildSettings = { + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CODE_SIGN_ENTITLEMENTS = "LoginItemHelper-macOS/LoginItemHelper.entitlements"; + CODE_SIGN_IDENTITY = "Mac Developer"; + CODE_SIGN_STYLE = Automatic; + COMBINE_HIDPI_IMAGES = YES; + DEBUG_INFORMATION_FORMAT = dwarf; + ENABLE_HARDENED_RUNTIME = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + INFOPLIST_FILE = "LoginItemHelper-macOS/Info.plist"; + MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; + MTL_FAST_MATH = YES; + PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).LoginItemHelper"; + PRODUCT_NAME = "LoginItemHelper"; + PROVISIONING_PROFILE_SPECIFIER = ""; + SDKROOT = macosx; + SKIP_INSTALL = YES; + }; + name = Debug; + }; + 6FA518012977BDE90030468D /* Release */ = { + isa = XCBuildConfiguration; + baseConfigurationReference = C730CD6323746B4900C21AF9 /* Release-macOS-LoginItemHelper.xcconfig */; + buildSettings = { + ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; + CLANG_ENABLE_OBJC_WEAK = YES; + CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; + CODE_SIGN_ENTITLEMENTS = "LoginItemHelper-macOS/LoginItemHelper.entitlements"; + CODE_SIGN_IDENTITY = "Mac Developer"; + CODE_SIGN_STYLE = Automatic; + COMBINE_HIDPI_IMAGES = YES; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + ENABLE_HARDENED_RUNTIME = YES; + GCC_C_LANGUAGE_STANDARD = gnu11; + INFOPLIST_FILE = "LoginItemHelper-macOS/Info.plist"; + MTL_FAST_MATH = YES; + PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).LoginItemHelper"; + PRODUCT_NAME = "LoginItemHelper"; + PROVISIONING_PROFILE_SPECIFIER = ""; + SDKROOT = macosx; + SKIP_INSTALL = YES; + }; + name = Release; + }; C79B63CE258A08C200C054CC /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { @@ -3533,6 +3652,15 @@ defaultConfigurationIsVisible = 0; defaultConfigurationName = Release; }; + 6FA517FF2977BDE90030468D /* Build configuration list for PBXNativeTarget "LoginItemHelper-macOS-DeveloperID" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 6FA518002977BDE90030468D /* Debug */, + 6FA518012977BDE90030468D /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; C79B63D0258A08C200C054CC /* Build configuration list for PBXNativeTarget "EduVPN-UITests-macOS" */ = { isa = XCConfigurationList; buildConfigurations = ( From 649cf9af20be202b5e0574aadc3a87cee7ec5b88 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 18 Jan 2023 11:25:01 +0530 Subject: [PATCH 19/37] Xcode: Reorder targets --- EduVPN.xcodeproj/project.pbxproj | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 4d0020d9..941f8bf3 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -592,7 +592,7 @@ 6F96BB52252C51080023EB1D /* SearchViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "SearchViewController+iOS.swift"; sourceTree = ""; }; 6F9CE540261802F10065E4BA /* CredentialsViewController+macOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CredentialsViewController+macOS.swift"; sourceTree = ""; }; 6F9CE555261806A90065E4BA /* CredentialsViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CredentialsViewController+iOS.swift"; sourceTree = ""; }; - 6FA518022977BDE90030468D /* LoginItemHelper.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "LoginItemHelper.app"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6FA518022977BDE90030468D /* LoginItemHelper.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = LoginItemHelper.app; sourceTree = BUILT_PRODUCTS_DIR; }; 6FA8089424E6A75C00E7D924 /* MigrationHelper.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MigrationHelper.swift; sourceTree = ""; }; 6FA808AE24EBBD1F00E7D924 /* ConnectionAttempt.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ConnectionAttempt.swift; sourceTree = ""; }; 6FADF82624ADF2E600B75E8D /* ServerInfoFetcher.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ServerInfoFetcher.swift; sourceTree = ""; }; @@ -1787,10 +1787,10 @@ 6F750C2C24975A4300AF2C04 /* EduVPN-macOS */, 6F66DACD265E1E4C006974CF /* TunnelExtension-macOS */, 6F66DAEF265E1E9D006974CF /* WireGuardGoBridge-macOS */, + 342B9C98228ECFDB00C006D7 /* LoginItemHelper-macOS */, 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */, 6F95002C296689810090643F /* TunnelExtension-macOS-DeveloperID */, 6FA517F62977BDE90030468D /* LoginItemHelper-macOS-DeveloperID */, - 342B9C98228ECFDB00C006D7 /* LoginItemHelper-macOS */, C79B63C6258A08C200C054CC /* EduVPN-UITests-macOS */, 6F750CBD24975B9B00AF2C04 /* EduVPN-iOS */, 6F6BB61F265E58BF0093D4CC /* TunnelExtension-iOS */, @@ -3347,7 +3347,7 @@ MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; MTL_FAST_MATH = YES; PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).LoginItemHelper"; - PRODUCT_NAME = "LoginItemHelper"; + PRODUCT_NAME = LoginItemHelper; PROVISIONING_PROFILE_SPECIFIER = ""; SDKROOT = macosx; SKIP_INSTALL = YES; @@ -3372,7 +3372,7 @@ INFOPLIST_FILE = "LoginItemHelper-macOS/Info.plist"; MTL_FAST_MATH = YES; PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).LoginItemHelper"; - PRODUCT_NAME = "LoginItemHelper"; + PRODUCT_NAME = LoginItemHelper; PROVISIONING_PROFILE_SPECIFIER = ""; SDKROOT = macosx; SKIP_INSTALL = YES; From 39a5bed63098ce523335cb0a58ca14b10581f4d5 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 18 Jan 2023 11:28:20 +0530 Subject: [PATCH 20/37] Xcode project: Simplify LoginItemHelper product name --- EduVPN.xcodeproj/project.pbxproj | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 941f8bf3..263a6273 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -121,7 +121,7 @@ 6F71FBBE249CCE9E0010D0FE /* DiscoveryDataFetcher.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F71FBBC249CCE980010D0FE /* DiscoveryDataFetcher.swift */; }; 6F750C8524975A4300AF2C04 /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 340F956C22B7118C00835D56 /* NetworkExtension.framework */; }; 6F750C8924975A4300AF2C04 /* config.json in Resources */ = {isa = PBXBuildFile; fileRef = C75B2CB42363138200D700EC /* config.json */; }; - 6F750C9224975A4300AF2C04 /* LoginItemHelper-macOS.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 342B9C99228ECFDB00C006D7 /* LoginItemHelper-macOS.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; + 6F750C9224975A4300AF2C04 /* LoginItemHelper.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 342B9C99228ECFDB00C006D7 /* LoginItemHelper.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F750D1124975B9B00AF2C04 /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4ABFF78820C71E7200638480 /* NetworkExtension.framework */; }; 6F7B63F02500FD7300FB154A /* StatusItemController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7B63EF2500FD7300FB154A /* StatusItemController.swift */; }; 6F7B63F225022AAE00FB154A /* LaunchAtLoginHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F7B63F125022AAE00FB154A /* LaunchAtLoginHelper.swift */; }; @@ -160,7 +160,7 @@ 6F950019296547930090643F /* privacy_statement.json in Resources */ = {isa = PBXBuildFile; fileRef = 6FF5524D28551CAC0044BA84 /* privacy_statement.json */; }; 6F95001A296547930090643F /* organization_list.json in Resources */ = {isa = PBXBuildFile; fileRef = 6F59A58724F51DEB00560155 /* organization_list.json */; }; 6F95001B296547930090643F /* config.json in Resources */ = {isa = PBXBuildFile; fileRef = C75B2CB42363138200D700EC /* config.json */; }; - 6F950020296547930090643F /* LoginItemHelper-macOS.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 342B9C99228ECFDB00C006D7 /* LoginItemHelper-macOS.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; + 6F950020296547930090643F /* LoginItemHelper.app in CopyFiles */ = {isa = PBXBuildFile; fileRef = 342B9C99228ECFDB00C006D7 /* LoginItemHelper.app */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F950022296547930090643F /* OpenSans-Bold.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0E24C2DCA900A9D1D4 /* OpenSans-Bold.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 6F950023296547930090643F /* OpenSans-Regular.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 6F95002E296689810090643F /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 340F956C22B7118C00835D56 /* NetworkExtension.framework */; }; @@ -440,7 +440,7 @@ dstPath = Contents/Library/LoginItems; dstSubfolderSpec = 1; files = ( - 6F750C9224975A4300AF2C04 /* LoginItemHelper-macOS.app in CopyFiles */, + 6F750C9224975A4300AF2C04 /* LoginItemHelper.app in CopyFiles */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -461,7 +461,7 @@ dstPath = Contents/Library/LoginItems; dstSubfolderSpec = 1; files = ( - 6F950020296547930090643F /* LoginItemHelper-macOS.app in CopyFiles */, + 6F950020296547930090643F /* LoginItemHelper.app in CopyFiles */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -504,7 +504,7 @@ 340F956C22B7118C00835D56 /* NetworkExtension.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = NetworkExtension.framework; path = Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/System/Library/Frameworks/NetworkExtension.framework; sourceTree = DEVELOPER_DIR; }; 342B9C91228ECBB200C006D7 /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/System/Library/Frameworks/Foundation.framework; sourceTree = DEVELOPER_DIR; }; 342B9C93228ECBB600C006D7 /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/System/Library/Frameworks/Security.framework; sourceTree = DEVELOPER_DIR; }; - 342B9C99228ECFDB00C006D7 /* LoginItemHelper-macOS.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "LoginItemHelper-macOS.app"; sourceTree = BUILT_PRODUCTS_DIR; }; + 342B9C99228ECFDB00C006D7 /* LoginItemHelper.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "LoginItemHelper.app"; sourceTree = BUILT_PRODUCTS_DIR; }; 342B9CAD228ED01300C006D7 /* LoginItemHelper.entitlements */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.entitlements; path = LoginItemHelper.entitlements; sourceTree = ""; }; 342B9CAE228ED01400C006D7 /* AppDelegate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AppDelegate.h; sourceTree = ""; }; 342B9CAF228ED01400C006D7 /* main.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = ""; }; @@ -899,7 +899,7 @@ isa = PBXGroup; children = ( 4AAC1F8A1F2D0E3400DD0252 /* EduVPNTests.xctest */, - 342B9C99228ECFDB00C006D7 /* LoginItemHelper-macOS.app */, + 342B9C99228ECFDB00C006D7 /* LoginItemHelper.app */, 6F750C9624975A4300AF2C04 /* eduVPN.app */, 6F750D2124975B9B00AF2C04 /* eduVPN.app */, C7B4392A2580CE4D00FEB2B1 /* EduVPN-Tests-iOS.xctest */, @@ -1429,7 +1429,7 @@ ); name = "LoginItemHelper-macOS"; productName = "LoginItemHelper-macOS"; - productReference = 342B9C99228ECFDB00C006D7 /* LoginItemHelper-macOS.app */; + productReference = 342B9C99228ECFDB00C006D7 /* LoginItemHelper.app */; productType = "com.apple.product-type.application"; }; 4AAC1F891F2D0E3400DD0252 /* EduVPNTests */ = { @@ -2597,7 +2597,7 @@ MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; MTL_FAST_MATH = YES; PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).LoginItemHelper"; - PRODUCT_NAME = "$(TARGET_NAME)"; + PRODUCT_NAME = "LoginItemHelper"; PROVISIONING_PROFILE_SPECIFIER = ""; SDKROOT = macosx; SKIP_INSTALL = YES; @@ -2622,7 +2622,7 @@ INFOPLIST_FILE = "LoginItemHelper-macOS/Info.plist"; MTL_FAST_MATH = YES; PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).LoginItemHelper"; - PRODUCT_NAME = "$(TARGET_NAME)"; + PRODUCT_NAME = "LoginItemHelper"; PROVISIONING_PROFILE_SPECIFIER = ""; SDKROOT = macosx; SKIP_INSTALL = YES; From e0f9c6b224d88dc29df6939bced4d0c3c8f1d9a6 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 18 Jan 2023 11:31:58 +0530 Subject: [PATCH 21/37] Xcode: Add LoginItemHelper as a dependency --- EduVPN.xcodeproj/project.pbxproj | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 263a6273..19e55fe7 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -399,6 +399,20 @@ remoteGlobalIDString = 6F95002C296689810090643F; remoteInfo = "TunnelSystemExtension-macOS"; }; + 6FA518042977C25D0030468D /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; + proxyType = 1; + remoteGlobalIDString = 342B9C98228ECFDB00C006D7; + remoteInfo = "LoginItemHelper-macOS"; + }; + 6FA518062977C2660030468D /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; + proxyType = 1; + remoteGlobalIDString = 6FA517F62977BDE90030468D; + remoteInfo = "LoginItemHelper-macOS-DeveloperID"; + }; C79B63DC258A08FB00C054CC /* PBXContainerItemProxy */ = { isa = PBXContainerItemProxy; containerPortal = 4AAC1F6E1F2D0E3400DD0252 /* Project object */; @@ -504,7 +518,7 @@ 340F956C22B7118C00835D56 /* NetworkExtension.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = NetworkExtension.framework; path = Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/System/Library/Frameworks/NetworkExtension.framework; sourceTree = DEVELOPER_DIR; }; 342B9C91228ECBB200C006D7 /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/System/Library/Frameworks/Foundation.framework; sourceTree = DEVELOPER_DIR; }; 342B9C93228ECBB600C006D7 /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/System/Library/Frameworks/Security.framework; sourceTree = DEVELOPER_DIR; }; - 342B9C99228ECFDB00C006D7 /* LoginItemHelper.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "LoginItemHelper.app"; sourceTree = BUILT_PRODUCTS_DIR; }; + 342B9C99228ECFDB00C006D7 /* LoginItemHelper.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = LoginItemHelper.app; sourceTree = BUILT_PRODUCTS_DIR; }; 342B9CAD228ED01300C006D7 /* LoginItemHelper.entitlements */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.entitlements; path = LoginItemHelper.entitlements; sourceTree = ""; }; 342B9CAE228ED01400C006D7 /* AppDelegate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AppDelegate.h; sourceTree = ""; }; 342B9CAF228ED01400C006D7 /* main.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = main.m; sourceTree = ""; }; @@ -1520,6 +1534,7 @@ ); dependencies = ( 6F66DAD6265E1E4D006974CF /* PBXTargetDependency */, + 6FA518052977C25D0030468D /* PBXTargetDependency */, ); name = "EduVPN-macOS"; packageProductDependencies = ( @@ -1614,6 +1629,7 @@ ); dependencies = ( 6F950037296689810090643F /* PBXTargetDependency */, + 6FA518072977C2660030468D /* PBXTargetDependency */, ); name = "EduVPN-macOS-DeveloperID"; packageProductDependencies = ( @@ -2525,6 +2541,16 @@ target = 6F95002C296689810090643F /* TunnelExtension-macOS-DeveloperID */; targetProxy = 6F950036296689810090643F /* PBXContainerItemProxy */; }; + 6FA518052977C25D0030468D /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = 342B9C98228ECFDB00C006D7 /* LoginItemHelper-macOS */; + targetProxy = 6FA518042977C25D0030468D /* PBXContainerItemProxy */; + }; + 6FA518072977C2660030468D /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = 6FA517F62977BDE90030468D /* LoginItemHelper-macOS-DeveloperID */; + targetProxy = 6FA518062977C2660030468D /* PBXContainerItemProxy */; + }; C79B63DD258A08FB00C054CC /* PBXTargetDependency */ = { isa = PBXTargetDependency; target = 6F750C2C24975A4300AF2C04 /* EduVPN-macOS */; @@ -2597,7 +2623,7 @@ MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE; MTL_FAST_MATH = YES; PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).LoginItemHelper"; - PRODUCT_NAME = "LoginItemHelper"; + PRODUCT_NAME = LoginItemHelper; PROVISIONING_PROFILE_SPECIFIER = ""; SDKROOT = macosx; SKIP_INSTALL = YES; @@ -2622,7 +2648,7 @@ INFOPLIST_FILE = "LoginItemHelper-macOS/Info.plist"; MTL_FAST_MATH = YES; PRODUCT_BUNDLE_IDENTIFIER = "$(APP_ID).LoginItemHelper"; - PRODUCT_NAME = "LoginItemHelper"; + PRODUCT_NAME = LoginItemHelper; PROVISIONING_PROFILE_SPECIFIER = ""; SDKROOT = macosx; SKIP_INSTALL = YES; From 312f065935f173e9fda2bf457066e7b06e7ece62 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 18 Jan 2023 11:48:05 +0530 Subject: [PATCH 22/37] Xcode project: Use separate entitlements for Developer ID Release builds Because when building for Developer ID release, we need to use the entitlement values with a "-systemextension" suffix. --- EduVPN.xcodeproj/project.pbxproj | 6 ++-- .../eduVPN_DeveloperID_Release.entitlements | 28 +++++++++++++++++++ .../TunnelExtension_Release.entitlements | 24 ++++++++++++++++ 3 files changed, 56 insertions(+), 2 deletions(-) create mode 100644 EduVPN/Resources/Mac/eduVPN_DeveloperID_Release.entitlements create mode 100644 TunnelExtension/Mac/SystemExtension/TunnelExtension_Release.entitlements diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 19e55fe7..6bc9b90c 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -607,6 +607,7 @@ 6F9CE540261802F10065E4BA /* CredentialsViewController+macOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CredentialsViewController+macOS.swift"; sourceTree = ""; }; 6F9CE555261806A90065E4BA /* CredentialsViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "CredentialsViewController+iOS.swift"; sourceTree = ""; }; 6FA518022977BDE90030468D /* LoginItemHelper.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = LoginItemHelper.app; sourceTree = BUILT_PRODUCTS_DIR; }; + 6FA518082977C6580030468D /* TunnelExtension_Release.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension_Release.entitlements; sourceTree = ""; }; 6FA8089424E6A75C00E7D924 /* MigrationHelper.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = MigrationHelper.swift; sourceTree = ""; }; 6FA808AE24EBBD1F00E7D924 /* ConnectionAttempt.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = ConnectionAttempt.swift; sourceTree = ""; }; 6FADF82624ADF2E600B75E8D /* ServerInfoFetcher.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ServerInfoFetcher.swift; sourceTree = ""; }; @@ -1107,6 +1108,7 @@ 6F950032296689810090643F /* main.swift */, 6F950034296689810090643F /* Info.plist */, 6F950035296689810090643F /* TunnelExtension.entitlements */, + 6FA518082977C6580030468D /* TunnelExtension_Release.entitlements */, ); path = SystemExtension; sourceTree = ""; @@ -3245,7 +3247,7 @@ CLANG_ENABLE_MODULES = YES; CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN_DeveloperID.entitlements; + CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN_DeveloperID_Release.entitlements; CODE_SIGN_IDENTITY = "Mac Developer"; CODE_SIGN_STYLE = Automatic; COMBINE_HIDPI_IMAGES = YES; @@ -3325,7 +3327,7 @@ CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; - CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelExtension.entitlements; + CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelExtension_Release.entitlements; CODE_SIGN_IDENTITY = "Mac Developer"; CODE_SIGN_STYLE = Automatic; CURRENT_PROJECT_VERSION = 1; diff --git a/EduVPN/Resources/Mac/eduVPN_DeveloperID_Release.entitlements b/EduVPN/Resources/Mac/eduVPN_DeveloperID_Release.entitlements new file mode 100644 index 00000000..96a1597e --- /dev/null +++ b/EduVPN/Resources/Mac/eduVPN_DeveloperID_Release.entitlements @@ -0,0 +1,28 @@ + + + + + com.apple.developer.networking.networkextension + + packet-tunnel-provider-systemextension + + com.apple.developer.system-extension.install + + com.apple.security.app-sandbox + + com.apple.security.application-groups + + $(TeamIdentifierPrefix)$(GROUP_ID) + + com.apple.security.files.user-selected.read-only + + com.apple.security.network.client + + com.apple.security.network.server + + keychain-access-groups + + $(TeamIdentifierPrefix)$(GROUP_ID) + + + diff --git a/TunnelExtension/Mac/SystemExtension/TunnelExtension_Release.entitlements b/TunnelExtension/Mac/SystemExtension/TunnelExtension_Release.entitlements new file mode 100644 index 00000000..e559f653 --- /dev/null +++ b/TunnelExtension/Mac/SystemExtension/TunnelExtension_Release.entitlements @@ -0,0 +1,24 @@ + + + + + com.apple.developer.networking.networkextension + + packet-tunnel-provider-systemextension + + com.apple.security.app-sandbox + + com.apple.security.network.client + + com.apple.security.network.server + + com.apple.security.application-groups + + $(TeamIdentifierPrefix)$(GROUP_ID) + + keychain-access-groups + + $(TeamIdentifierPrefix)$(GROUP_ID) + + + From 623fd1b72d4a38db188ed4c1880910898aa7f510 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 18 Jan 2023 11:51:35 +0530 Subject: [PATCH 23/37] Xcode project: Use manual code signing for Developer ID Release builds For the "-macOS-DeveloperID" targets (app, tunnel, and loginitemhelper), for release configuration, under Build Settings: - Change "Code Signing Style" to "Manual" - Change "Code Signing Identity" to "Developer ID Application" --- EduVPN.xcodeproj/project.pbxproj | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 6bc9b90c..405ff581 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -597,7 +597,7 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; name = "$(APP_ID).TunnelExtension.systemextension"; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 6F950035296689810090643F /* TunnelExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension.entitlements; sourceTree = ""; }; @@ -3248,8 +3248,8 @@ CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; CODE_SIGN_ENTITLEMENTS = EduVPN/Resources/Mac/eduVPN_DeveloperID_Release.entitlements; - CODE_SIGN_IDENTITY = "Mac Developer"; - CODE_SIGN_STYLE = Automatic; + CODE_SIGN_IDENTITY = "Developer ID Application"; + CODE_SIGN_STYLE = Manual; COMBINE_HIDPI_IMAGES = YES; DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; ENABLE_HARDENED_RUNTIME = YES; @@ -3328,8 +3328,8 @@ CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; CODE_SIGN_ENTITLEMENTS = TunnelExtension/Mac/SystemExtension/TunnelExtension_Release.entitlements; - CODE_SIGN_IDENTITY = "Mac Developer"; - CODE_SIGN_STYLE = Automatic; + CODE_SIGN_IDENTITY = "Developer ID Application"; + CODE_SIGN_STYLE = Manual; CURRENT_PROJECT_VERSION = 1; DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; ENABLE_HARDENED_RUNTIME = YES; @@ -3391,8 +3391,8 @@ CLANG_ENABLE_OBJC_WEAK = YES; CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE; CODE_SIGN_ENTITLEMENTS = "LoginItemHelper-macOS/LoginItemHelper.entitlements"; - CODE_SIGN_IDENTITY = "Mac Developer"; - CODE_SIGN_STYLE = Automatic; + CODE_SIGN_IDENTITY = "Developer ID Application"; + CODE_SIGN_STYLE = Manual; COMBINE_HIDPI_IMAGES = YES; DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; ENABLE_HARDENED_RUNTIME = YES; From f181f1f5f91d36b7540e00a5d817bdaf5b11d408 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Thu, 19 Jan 2023 15:02:37 +0530 Subject: [PATCH 24/37] Add create_eduvpn_installer_macos.sh script To help create the macOS installer package for a Developer ID release. --- Scripts/create_eduvpn_installer_macos.sh | 114 +++++++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100755 Scripts/create_eduvpn_installer_macos.sh diff --git a/Scripts/create_eduvpn_installer_macos.sh b/Scripts/create_eduvpn_installer_macos.sh new file mode 100755 index 00000000..7ad61850 --- /dev/null +++ b/Scripts/create_eduvpn_installer_macos.sh @@ -0,0 +1,114 @@ +#!/usr/bin/env bash + +# This script is to help create the macOS installation package for distribtuing +# the macOS app outside of the Mac App Store, using Developer ID Distribution +# +# For eduVPN, run: +# Scripts/create_eduvpn_installer_macos.sh -n eduvpn -u -p +# +# For Let's Connect, run: +# Scripts/create_eduvpn_installer_macos.sh -n letsconnect -u -p +# +# If you've enabled 2FA for your Apple ID, you will need to get an app-specific password +# from appleid.apple.com and pass that as the argument for the -p switch. + +APP_VERSION="3.0.6" +MIN_MACOS_VERSION="10.15.0" + +EDUVPN_APP_NAME="eduVPN" +EDUVPN_APP_ID="org.eduvpn.app" +EDUVPN_DEVELOPMENT_TEAM="ZYJ4TZX4UU" +EDUVPN_INSTALLER_CERTIFICATE_CN="Developer ID Installer: SURF B.V. (ZYJ4TZX4UU)" + +LETSCONNECT_APP_NAME="Let’s Connect!" +LETSCONNECT_APP_ID="com.commonscaretakers.letsconnect.mac" +LETSCONNECT_DEVELOPMENT_TEAM="D9T87NF4Q7" +LETSCONNECT_INSTALLER_CERTIFICATE_CN="Developer ID Installer: Commons Caretakers b.v. (D9T87NF4Q7)" + +usage() { echo "Usage: $0 -n -u -p " 1>&2; exit 1; } + +while getopts ":n:u:p:" o; do + case "${o}" in + n) + n=${OPTARG} + ((n == "eduvpn" || n == "letsconnect")) || usage + ;; + u) + u=${OPTARG} + ;; + p) + p=${OPTARG} + ;; + *) + usage + ;; + esac +done + +if [ -z "${n}" ] || [ -z "${u}" ] || [ -z "${p}" ]; then + usage +fi + +case "${n}" in + eduvpn) + APP_NAME=${EDUVPN_APP_NAME} + APP_ID=${EDUVPN_APP_ID} + DEVELOPMENT_TEAM=${EDUVPN_DEVELOPMENT_TEAM} + CERTIFICATE_CN=${EDUVPN_INSTALLER_CERTIFICATE_CN} + ;; + letsconnect) + APP_NAME=${LETSCONNECT_APP_NAME} + APP_ID=${LETSCONNECT_APP_ID} + DEVELOPMENT_TEAM=${LETSCONNECT_DEVELOPMENT_TEAM} + CERTIFICATE_CN=${LETSCONNECT_INSTALLER_CERTIFICATE_CN} + ;; +esac + +echo "Creating installation package with:" +echo " APP_NAME = ${APP_NAME}" +echo " APP_ID = ${APP_ID}" +echo " DEVELOPMENT_TEAM = ${DEVELOPMENT_TEAM}" +echo " CERTIFICATE_CN=${CERTIFICATE_CN}" + +echo "" +echo "Checking app..." +if [ -f "${APP_NAME}.app" ]; then + spctl -vvv --assess -t exec "${APP_NAME}.app" 2>&1 | tee /tmp/spctl_app.log + if grep -q accepted /tmp/spctl_app.log; then + echo "App \"${APP_NAME}.app\" appears to be notarized." + else + echo "Error: App \"${APP_NAME}.app\" is not notarized. Not creating installer." 1>&2; exit 1; + fi + rm -rf /tmp/spctl_app.log +else + echo "Error: App \"${APP_NAME}.app\" not found. Not creating installer." 1>&2; exit 1; +fi + +echo "" +echo "Creating installer package..." +pkgbuild --root "\"${APP_NAME}.app\"" --identifier ${APP_ID} --version ${APP_VERSION} --install-location "\"/Applications/${APP_NAME}.app\"" --min-os-version ${MIN_MACOS_VERSION} --sign "\"${CERTIFICATE_CN}\"" ./${n}_${APP_VERSION}.pkg + +echo "" +echo "Notarizing installer package..." +xcrun notarytool submit ./${n}_${APP_VERSION}.pkg --apple-id "${u}" --password "${p}" --team-id ${DEVELOPMENT_TEAM} --wait + +echo "" +echo "Adding notarization information to package..." +xcrun stapler staple ./${n}_${APP_VERSION}.pkg + +echo "Checking installer package..." +if [ -f "./${n}_${APP_VERSION}.pkg" ]; then + spctl -vvv --assess -t install "./${n}_${APP_VERSION}.pkg" 2>&1 | tee /tmp/spctl_installer.log + if grep -q accepted /tmp/spctl_installer.log; then + echo "Looks good." + else + echo "Error: \"./${n}_${APP_VERSION}.pkg\" is not notarized." 1>&2; exit 1; + fi + rm -rf /tmp/spctl_installer.log +else + echo "Error: \"./${n}_${APP_VERSION}.pkg\" is not found." 1>&2; exit 1; +fi + +echo "" +echo "Notarized installation package is at: ./${n}_${APP_VERSION}.pkg" + From 79658ff73fa63ac5f0bb2ad9d5dee3a90595ae5a Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Thu, 19 Jan 2023 15:04:20 +0530 Subject: [PATCH 25/37] Add DEVELOPER_ID.md --- DEVELOPER_ID.md | 280 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 280 insertions(+) create mode 100644 DEVELOPER_ID.md diff --git a/DEVELOPER_ID.md b/DEVELOPER_ID.md new file mode 100644 index 00000000..d5f157c6 --- /dev/null +++ b/DEVELOPER_ID.md @@ -0,0 +1,280 @@ +# Developer ID Distribution for Mac + +The macOS app can be distributed outside of the App Store using Developer ID +distribution. + +These targets are used for the Developer ID version of the app: + + - **EduVPN-macOS-DeveloperID** + + The container app. On launch, installs the System Extension, if required. + + - **TunnelExtension-macOS-DeveloperID** + + The tunnel extension, bundled as a System Extension. + + - **LoginItemHelper-macOS-DeveloperID** + + The helper app that launches the app on login. + +## Pre-requisites + +SwiftLint and Go need to be installed. The build setup looks for these in the paths that HomeBrew installs into. + +To install, run: +~~~ +brew install swiftlint go +~~~ + +Go version 1.16 is required. + +## Building + +### eduVPN + +To build the app, run: +``` +$ cp Config/Mac/config-eduvpn_new_discovery.json Config/Mac/config.json +$ cp Config/Mac/privacy_statement-eduvpn.json Config/Mac/privacy_statement.json +$ cp Config/Mac/Developer-macOS.xcconfig.eduvpn-template Config/Mac/Developer-macOS.xcconfig +$ vim Config/Mac/Developer-macOS.xcconfig # Edit as reqd. +``` + +Then, open `EduVPN.xcworkspace` in Xcode and build the 'EduVPN-macOS-DeveloperID' target. + +### Let's Connect + +To build the app, run: +``` +$ cp Config/Mac/config-letsconnect_new_discovery.json Config/Mac/config.json +$ cp Config/Mac/privacy_statement-letsconnect.json Config/Mac/privacy_statement.json +$ cp Config/Mac/Developer-macOS.xcconfig.letsconnect-template Config/Mac/Developer-macOS.xcconfig +$ vim Config/Mac/Developer-macOS.xcconfig # Edit as reqd. +``` + +Then, open `EduVPN.xcworkspace` in Xcode and build the 'EduVPN-macOS-DeveloperID' target. + +## Distribution + +This section describes how to create the installation package file (.pkg) that +can be distributed to end users. + +### One-time Set-up + +Before starting on creating a Developer ID release, we need to create some +Certificates, Identifiers, and Provisioning Profiles in the [Apple Developer +Account website][]. + +[Apple Developer Account website]: https://developer.apple.com/account/ + +#### Certificates + +We need to create the certificates we will use to sign the executables and +installers that we want to distribute. + + 1. Developer ID Application Certificate + + - Click on _Certificates_, then on _+_ to add a certificate. Choose _Developer ID Application_. + - Choose _G2 Sub-CA_ profile + - Create a Certificate Signing Request on your Mac as specified in the page and upload it + - _Download_ the created certificate + - Open "Keychain Access.app", choose the default keychain, and drag the downloaded certificate file to install it in the default keychain + - In the Keychain Access app window, double-click on the installed certificate to view it -- note down the expiry date somewhere + + 2. Developer ID Installer Certificate + + - Click on _Certificates_, then on _+_ to add a certificate. Choose _Developer ID Installer_. + - Choose _G2 Sub-CA_ profile + - Create a Certificate Signing Request on your Mac as specified in the page and upload it + - _Download_ the certificate + - Open "Keychain Access.app", choose the default keychain, and drag the downloaded certificate file to install it + - In the Keychain Access app, double-click on the installed certificate to view it -- note down expiry date somewhere + + +Developer ID Application Certificates and Developer ID Installer Certificates +are valid for 5 years from when they were created. + +The application should be signed when the Developer ID Application +Certificate is valid -- the installed application will continue to run after the +Developer ID Application certificate expires. + +The installer will stop working after the Developer ID Installer Certificate +expires. + +#### Identifiers + +We need to create explicit bundle ids for the bundles we need to distribute, +and declare what capabilities they should be allowed to have. + + 1. App + + - Click on _Identifiers_, choose _App IDs_, click on _Continue_ + - Select _App_ type, click on _Continue_ + - Enter a _Bundle ID_, say "com.example.app" + - Ensure _Explicit_ is checked next to the Bundle ID + - Enter a _Description_ (you can use spaces instead of special characters) + - Under _Capabilities_, choose _Network Extensions_ and _System Extension_ + - Click on _Continue_, then _Register_ + + 2. Tunnel Extension + + - Click on _Identifiers_, choose _App IDs_, click on _Continue_ + - Select _App_ type, click on _Continue_ + - Enter _Bundle ID_ with a "TunnelExtension" suffix, say "com.example.app.TunnelExtension" + - Ensure _Explicit_ is checked next to the Bundle ID + - Enter a _Description_ (you can use spaces instead of special characters) + - Under _Capabilities_, choose _Network Extensions_ + - Click on _Continue_, then _Register_ + + 3. Login Item Helper + + - Click on _Identifiers_, choose _App IDs_, click on _Continue_ + - Select _App_ type, click on _Continue_ + - Enter _Bundle ID_ with a "LoginItemHelper" suffix, say "com.example.app.LoginItemHelper" + - Ensure _Explicit_ is checked next to the Bundle ID + - Enter a _Description_ (you can use spaces instead of special characters) + - Don't tick anything under _Capabilities_ + - Click on _Continue_, then _Register_ + +#### Profiles + +For each bundle id we created, we need to create a provisioning profile that +ties the bundle id to a Developer ID Application Certificate. + + 1. App + + - Click on _Profiles_, then on _+_ to add a profile, choose _Developer ID_ under _Distribution_, then click on _Continue_ + - Ensure Profile Type is _Mac_, choose the _App ID_ created earlier (you can type to search), and click on _Continue_ + - Choose the _Developer ID Application_ certificate created earlier (you will have to choose by expiry date), click on _Continue_ + - Enter a _Provisioning Profile Name_, say "eduVPN Developer ID App 01 Jan 2023" + - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_dev_id_app.provisionprofile"). + + 2. Tunnel Extension + + - Click on _Profiles_, then on _+_ to add a profile, choose _Developer ID_ under _Distribution_, then click on _Continue_ + - Ensure Profile Type is _Mac_, choose the _Bundle ID_ with a "TunnelExtension" suffix created earlier (you can type to search), and click on _Continue_ + - Choose the _Developer ID Application_ certificate created earlier (you will have to choose by expiry date), click on _Continue_ + - Enter a _Provisioning Profile Name_, say "eduVPN Developer ID Tunnel Extension 01 Jan 2023" + - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_dev_id_tunnelextension.provisionprofile"). + + 3. Tunnel Extension + + - Click on _Profiles_, then on _+_ to add a profile, choose _Developer ID_ under _Distribution_, then click on _Continue_ + - Ensure Profile Type is _Mac_, choose the _Bundle ID_ with a "LoginItemHelper" suffix created earlier (you can type to search), and click on _Continue_ + - Choose the _Developer ID Application_ certificate created earlier (you will have to choose by expiry date), click on _Continue_ + - Enter a _Provisioning Profile Name_, say "eduVPN Developer ID Login Item Helper 01 Jan 2023" + - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_dev_id_loginitemhelper.provisionprofile"). + +The provisioning profiles are valid for 18 years from the time they are +generated. The installed app will stop working when the provisioning profile +expires. + +### Making a Release + + 1. In Xcode, open the Projects and Targets pane + + - Open the project in Xcode + - In the Project Navigator (keyboard shortcut: Cmd+1), select "EduVPN" at the top left + + 2. Setup app's provisioing profile + + - Select the _EduVPN-macOS-DeveloperID_ target + - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab + - Ensure _Automatically manage signing_ is not checked + - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_app.provisionprofile"), or choose an already imported profile. + + 3. Setup tunnel extension's provisioning profile + + - Select the _TunnelExtension-macOS-DeveloperID_ target + - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab + - Ensure _Automatically manage signing_ is not checked + - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_tunnelextension.provisionprofile"), or choose an already imported profile. + + 4. Setup login item helper's provisioning profile + + - Select the _LoginItemHelper-macOS-DeveloperID_ target + - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab + - Ensure _Automatically manage signing_ is not checked + - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_loginitemhelper.provisionprofile"), or choose an already imported profile. + + 5. Create the archive + + - At the top of the window, select _EduVPN-macOS-DeveloperID_ > _My Mac_ + - In the Xcode menu, choose _Product_ > _Clean Build Folder_ + - In the Xcode menu, choose _Product_ > _Archive_ + - Once the archive is created, Xcode will open its Organizer window, with the created archive selected + + 6. Create the notarized app bundle + + - Ensure that the created archive is selected in the Organizer window + - Click on _Distribute App_ + - Select _Developer ID_, click _Next_ + - Select _Upload_, click _Next_ + - Set the _Distribution certificate_ as the _Developer ID Application Certificate_ we created + - Choose the appropriate provisioning profiles for the app, tunnel extension, and login item helper. You will see the already imported profiles in the dropdown menu. Click _Next_. + - Click _Upload_. Wait for Apple to notarize it (it generally takes less than 5 mins, but can take a maximum of 15 mins). + - Export the notarized app bundle + - If the "Distribute App" modal window (that you used to upload the app for notarization) is still open, click on _Export_ to export the app. Else, select the archive in the Organizer window (status should be "Ready to Distribute"), and click on _Export Notarized App_ in the right-side inspector pane. + - Save the app bundle somewhere (say "dev_id_release/eduVPN.app") + + 7. Create the installer package + + - Edit the installer creation script + + Ensure that the variables at the top are all correct. + + ~~~ + vim Scripts/create_eduvpn_installer_macos.sh + ~~~ + + - Run the installer creation script + + `cd` to the directory containing the notarized app file. + + ~~ + cd dev_id_release + ~~ + + <username> should be the Apple ID that controls the developer + account for this app. + + <password> should be the password for that Apple ID. If 2FA is + enabled for this Apple ID, you will need to generate an app-specific password + at [appleid.apple.com](https://appleid.apple.com) (Sign In > App-specific + Passwords) and specify that password. + + - For eduVPN: + + ~~~ + bash Scripts/create_eduvpn_installer_macos.sh -n eduvpn -u -p + ~~~ + + - For Let's Connect: + + ~~~ + bash Scripts/create_eduvpn_installer_macos.sh -n letsconnect -u -p + ~~~ + + The notarized installer package will be created in the same directory. + +## Development + +To work on the Developer ID / System Extension installation part of the app in +Xcode conveniently (for e.g. to launch the app from Xcode), we should: + + - Disable System Integrity Protection (SIP) + + In macOS Recovery mode, launch Terminal.app, and run `csrutil disable`. + + If possible, you can install macOS on a separate partition or external disk + and disable SIP on that macOS installation, so that your primary macOS + installation remains SIP-protected. + + - Enable System Extension developer-mode + + Run `systemextensionsctl developer on` + +The `systemextensionsctl` command can be useful during development: + + - `systemextensionsctl list` shows the installation status of the System Extension + - `systemextensionsctl reset` uninstalls all System Extensions From 0fdb451c861f5d4ca45b70eb60404a334f7d398c Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Tue, 24 Jan 2023 09:14:45 +0530 Subject: [PATCH 26/37] Better logging through os_log --- EduVPN/Services/LoggingService.swift | 7 ++++++- Shared/Logger.swift | 14 +++++++++++++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/EduVPN/Services/LoggingService.swift b/EduVPN/Services/LoggingService.swift index 506e2647..8d13390a 100644 --- a/EduVPN/Services/LoggingService.swift +++ b/EduVPN/Services/LoggingService.swift @@ -6,6 +6,7 @@ import Foundation import NetworkExtension import PromiseKit +import OSLog class LoggingService { @@ -30,6 +31,7 @@ class LoggingService { private var tunnelLogStarter = "Tunnel:" private let connectionService: ConnectionService + private let oslog: OSLog init(connectionService: ConnectionService) { self.connectionService = connectionService @@ -37,13 +39,16 @@ class LoggingService { let dateFormatter = DateFormatter() dateFormatter.dateFormat = "yyyy-MM-dd HH:mm:ss.SSS" self.dateFormatter = dateFormatter + + var appBundleId = Bundle.main.bundleIdentifier ?? "UnknownBundleId" + oslog = OSLog(subsystem: appBundleId, category: "App") } func appLog(_ message: String, printToConsole: Bool = true) { let timestamp = dateFormatter.string(from: Date()) let line = "\(timestamp) \(message)" if printToConsole { - NSLog(message) + os_log("%{public}@", log: oslog, type: .info, message) } if logLines.count >= maxLogLines { logLines.removeFirst() diff --git a/Shared/Logger.swift b/Shared/Logger.swift index 7a5756db..368400cd 100644 --- a/Shared/Logger.swift +++ b/Shared/Logger.swift @@ -5,6 +5,7 @@ // Copyright © 2021 The Commons Conservancy. All rights reserved. import Foundation +import OSLog class Logger { let maxLinesInMemory = 1000 @@ -13,6 +14,7 @@ class Logger { private(set) var lines: [String] private let dateFormatter: DateFormatter + private let oslog: OSLog init(appGroup: String, logSeparator: String, isStartedByApp: Bool, logFileName: String) { let parentURL = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: appGroup) @@ -43,6 +45,16 @@ class Logger { dateFormatter = DateFormatter() dateFormatter.dateFormat = "yyyy-MM-dd HH:mm:ss.SSS" + + var bundleIdComponents = (Bundle.main.bundleIdentifier ?? "UnknownBundleId").split(separator: ".") + if bundleIdComponents.last == "TunnelExtension" { + bundleIdComponents.removeLast() + let appBundleId = String(bundleIdComponents.joined(separator: ".")) + oslog = OSLog(subsystem: appBundleId, category: "Tunnel") + } else { + let appBundleId = String(bundleIdComponents.joined(separator: ".")) + oslog = OSLog(subsystem: appBundleId, category: "App") + } } private static func indexOfTrailingAppLog(in lines: [String], appSeparator: String, otherSeparators: [String]) -> Int? { @@ -61,7 +73,7 @@ class Logger { func log(_ message: String) { let timestamp = dateFormatter.string(from: Date()) let line = "\(timestamp) \(message)" - NSLog("\(line)\n") + os_log("%{public}@", log: oslog, type: .info, message) if lines.count >= maxLinesInMemory { lines.removeFirst() } From 010df81fb8e4bb880b7ab55f39c01209c1bc6587 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Tue, 24 Jan 2023 12:10:06 +0530 Subject: [PATCH 27/37] Xcode: Fix xcconfigs -TunnelExtension and -LoginItemHelper xcconfigs were just duplicates. --- ...Development-macOS-LoginItemHelper.xcconfig | 10 ----- ...Development-macOS-TunnelExtension.xcconfig | 10 ----- .../Release-macOS-LoginItemHelper.xcconfig | 10 ----- .../Release-macOS-TunnelExtension.xcconfig | 10 ----- EduVPN.xcodeproj/project.pbxproj | 38 ++++++++----------- 5 files changed, 15 insertions(+), 63 deletions(-) delete mode 100644 Config/Mac/Development-macOS-LoginItemHelper.xcconfig delete mode 100644 Config/Mac/Development-macOS-TunnelExtension.xcconfig delete mode 100644 Config/Mac/Release-macOS-LoginItemHelper.xcconfig delete mode 100644 Config/Mac/Release-macOS-TunnelExtension.xcconfig diff --git a/Config/Mac/Development-macOS-LoginItemHelper.xcconfig b/Config/Mac/Development-macOS-LoginItemHelper.xcconfig deleted file mode 100644 index 95126cae..00000000 --- a/Config/Mac/Development-macOS-LoginItemHelper.xcconfig +++ /dev/null @@ -1,10 +0,0 @@ -// -// Development.xcconfig -// eduVPN -// - -// Configuration settings file format documentation can be found at: -// https://help.apple.com/xcode/#/dev745c5c974 - -#include "Developer-macOS.xcconfig" -#include "AppVersion-macOS.xcconfig" diff --git a/Config/Mac/Development-macOS-TunnelExtension.xcconfig b/Config/Mac/Development-macOS-TunnelExtension.xcconfig deleted file mode 100644 index 63a5c5b6..00000000 --- a/Config/Mac/Development-macOS-TunnelExtension.xcconfig +++ /dev/null @@ -1,10 +0,0 @@ -// -// Development-macOS-TunnelExtension.xcconfig -// eduVPN -// - -// Configuration settings file format documentation can be found at: -// https://help.apple.com/xcode/#/dev745c5c974 - -#include "Developer-macOS.xcconfig" -#include "AppVersion-macOS.xcconfig" diff --git a/Config/Mac/Release-macOS-LoginItemHelper.xcconfig b/Config/Mac/Release-macOS-LoginItemHelper.xcconfig deleted file mode 100644 index db80aa9a..00000000 --- a/Config/Mac/Release-macOS-LoginItemHelper.xcconfig +++ /dev/null @@ -1,10 +0,0 @@ -// -// Release.xcconfig -// eduVPN -// - -// Configuration settings file format documentation can be found at: -// https://help.apple.com/xcode/#/dev745c5c974 - -#include "Developer-macOS.xcconfig" -#include "AppVersion-macOS.xcconfig" diff --git a/Config/Mac/Release-macOS-TunnelExtension.xcconfig b/Config/Mac/Release-macOS-TunnelExtension.xcconfig deleted file mode 100644 index 7811a804..00000000 --- a/Config/Mac/Release-macOS-TunnelExtension.xcconfig +++ /dev/null @@ -1,10 +0,0 @@ -// -// Release-macOS-TunnelExtension.xcconfig -// eduVPN -// - -// Configuration settings file format documentation can be found at: -// https://help.apple.com/xcode/#/dev745c5c974 - -#include "Developer-macOS.xcconfig" -#include "AppVersion-macOS.xcconfig" diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 405ff581..88605627 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -165,7 +165,7 @@ 6F950023296547930090643F /* OpenSans-Regular.ttf in CopyFiles */ = {isa = PBXBuildFile; fileRef = 6FBFEF0F24C2DCA900A9D1D4 /* OpenSans-Regular.ttf */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; }; 6F95002E296689810090643F /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 340F956C22B7118C00835D56 /* NetworkExtension.framework */; }; 6F950033296689810090643F /* main.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F950032296689810090643F /* main.swift */; }; - 6F950038296689810090643F /* $(APP_ID).TunnelExtension.systemextension in Embed System Extensions */ = {isa = PBXBuildFile; fileRef = 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; + 6F950038296689810090643F /* net.roopc.eduVPN-mac-developerid.TunnelExtension.systemextension in Embed System Extensions */ = {isa = PBXBuildFile; fileRef = 6F95002D296689810090643F /* net.roopc.eduVPN-mac-developerid.TunnelExtension.systemextension */; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; }; 6F95FF94296297E70090643F /* OpenVPNAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF93296297E70090643F /* OpenVPNAdapterInterface.swift */; }; 6F95FF972962988A0090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; 6F95FF982962EF820090643F /* WireGuardAdapterInterface.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F95FF962962988A0090643F /* WireGuardAdapterInterface.swift */; }; @@ -496,7 +496,7 @@ dstPath = "$(SYSTEM_EXTENSIONS_FOLDER_PATH)"; dstSubfolderSpec = 16; files = ( - 6F950038296689810090643F /* $(APP_ID).TunnelExtension.systemextension in Embed System Extensions */, + 6F950038296689810090643F /* net.roopc.eduVPN-mac-developerid.TunnelExtension.systemextension in Embed System Extensions */, ); name = "Embed System Extensions"; runOnlyForDeploymentPostprocessing = 0; @@ -577,8 +577,6 @@ 6F66DAD1265E1E4C006974CF /* PacketTunnelProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelProvider.swift; sourceTree = ""; }; 6F66DAD3265E1E4D006974CF /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 6F66DAD4265E1E4D006974CF /* TunnelExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension.entitlements; sourceTree = ""; }; - 6F66DB7B265E5096006974CF /* Development-macOS-TunnelExtension.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = "Development-macOS-TunnelExtension.xcconfig"; sourceTree = ""; }; - 6F66DB7C265E5096006974CF /* Release-macOS-TunnelExtension.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = "Release-macOS-TunnelExtension.xcconfig"; sourceTree = ""; }; 6F66DB7D265E50BB006974CF /* Release-TunnelExtension.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = "Release-TunnelExtension.xcconfig"; sourceTree = ""; }; 6F66DB7E265E50BB006974CF /* Development-TunnelExtension.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = "Development-TunnelExtension.xcconfig"; sourceTree = ""; }; 6F6BB620265E58BF0093D4CC /* TunnelExtension-iOS.appex */ = {isa = PBXFileReference; explicitFileType = "wrapper.app-extension"; includeInIndex = 0; path = "TunnelExtension-iOS.appex"; sourceTree = BUILT_PRODUCTS_DIR; }; @@ -597,7 +595,7 @@ 6F8AEE7825E6D507001A603B /* StatusItemConnectionInfoHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = StatusItemConnectionInfoHelper.swift; sourceTree = ""; }; 6F939F3E25C7D02C001887BA /* PasswordEntryViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PasswordEntryViewController.swift; sourceTree = ""; }; 6F950027296547930090643F /* eduVPN.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = eduVPN.app; sourceTree = BUILT_PRODUCTS_DIR; }; - 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "$(APP_ID).TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; + 6F95002D296689810090643F /* net.roopc.eduVPN-mac-developerid.TunnelExtension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "net.roopc.eduVPN-mac-developerid.TunnelExtension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; }; 6F950032296689810090643F /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = ""; }; 6F950034296689810090643F /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = ""; }; 6F950035296689810090643F /* TunnelExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = TunnelExtension.entitlements; sourceTree = ""; }; @@ -649,8 +647,6 @@ 6FFC4088266F51D200835B43 /* String+ArrayConversion.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "String+ArrayConversion.swift"; sourceTree = ""; }; 6FFD421C254977240093533C /* SettingsViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SettingsViewController.swift; sourceTree = ""; }; C7230D8A2363248900B9C691 /* copy_resources_macos.sh */ = {isa = PBXFileReference; lastKnownFileType = text.script.sh; path = copy_resources_macos.sh; sourceTree = ""; }; - C730CD6223746B4900C21AF9 /* Development-macOS-LoginItemHelper.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = "Development-macOS-LoginItemHelper.xcconfig"; sourceTree = ""; }; - C730CD6323746B4900C21AF9 /* Release-macOS-LoginItemHelper.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = "Release-macOS-LoginItemHelper.xcconfig"; sourceTree = ""; }; C75B2CA3236311D100D700EC /* CODE_OF_CONDUCT.md */ = {isa = PBXFileReference; lastKnownFileType = net.daringfireball.markdown; path = CODE_OF_CONDUCT.md; sourceTree = ""; }; C75B2CA4236311D100D700EC /* CHANGES.md */ = {isa = PBXFileReference; lastKnownFileType = net.daringfireball.markdown; path = CHANGES.md; sourceTree = ""; }; C75B2CA5236311D100D700EC /* README.md */ = {isa = PBXFileReference; lastKnownFileType = net.daringfireball.markdown; path = README.md; sourceTree = ""; }; @@ -923,7 +919,7 @@ 6F66DACE265E1E4C006974CF /* TunnelExtension-macOS.appex */, 6F6BB620265E58BF0093D4CC /* TunnelExtension-iOS.appex */, 6F950027296547930090643F /* eduVPN.app */, - 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */, + 6F95002D296689810090643F /* net.roopc.eduVPN-mac-developerid.TunnelExtension.systemextension */, 6FA518022977BDE90030468D /* LoginItemHelper.app */, ); name = Products; @@ -1069,12 +1065,8 @@ C75B2CB22363138200D700EC /* Developer-macOS.xcconfig.johan-template */, 4AC84CAD236B6E2000932B89 /* Developer-macOS.xcconfig.appforce1-template */, C75B2CB72363138200D700EC /* Development-macOS.xcconfig */, - 6F66DB7B265E5096006974CF /* Development-macOS-TunnelExtension.xcconfig */, - C730CD6223746B4900C21AF9 /* Development-macOS-LoginItemHelper.xcconfig */, 6FCA8452296FCFEB006DD80E /* Development-macOS-DeveloperID.xcconfig */, C75B2CB92363138200D700EC /* Release-macOS.xcconfig */, - 6F66DB7C265E5096006974CF /* Release-macOS-TunnelExtension.xcconfig */, - C730CD6323746B4900C21AF9 /* Release-macOS-LoginItemHelper.xcconfig */, 6FCA8451296FCFEB006DD80E /* Release-macOS-DeveloperID.xcconfig */, C75B2CBF2363138200D700EC /* AppVersion-macOS.xcconfig */, ); @@ -1610,7 +1602,7 @@ 6F5CF76C2966CCD600C310EB /* TunnelKitOpenVPNAppExtension */, ); productName = "TunnelSystemExtension-macOS"; - productReference = 6F95002D296689810090643F /* $(APP_ID).TunnelExtension.systemextension */; + productReference = 6F95002D296689810090643F /* net.roopc.eduVPN-mac-developerid.TunnelExtension.systemextension */; productType = "com.apple.product-type.system-extension"; }; 6F95FFA3296547930090643F /* EduVPN-macOS-DeveloperID */ = { @@ -2608,7 +2600,7 @@ /* Begin XCBuildConfiguration section */ 342B9CAB228ECFDD00C006D7 /* Debug */ = { isa = XCBuildConfiguration; - baseConfigurationReference = C730CD6223746B4900C21AF9 /* Development-macOS-LoginItemHelper.xcconfig */; + baseConfigurationReference = C75B2CB72363138200D700EC /* Development-macOS.xcconfig */; buildSettings = { ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; @@ -2634,7 +2626,7 @@ }; 342B9CAC228ECFDD00C006D7 /* Release */ = { isa = XCBuildConfiguration; - baseConfigurationReference = C730CD6323746B4900C21AF9 /* Release-macOS-LoginItemHelper.xcconfig */; + baseConfigurationReference = C75B2CB92363138200D700EC /* Release-macOS.xcconfig */; buildSettings = { ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; @@ -2823,7 +2815,7 @@ }; 6F66DAD8265E1E4D006974CF /* Debug */ = { isa = XCBuildConfiguration; - baseConfigurationReference = 6F66DB7B265E5096006974CF /* Development-macOS-TunnelExtension.xcconfig */; + baseConfigurationReference = C75B2CB72363138200D700EC /* Development-macOS.xcconfig */; buildSettings = { CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; CLANG_ENABLE_OBJC_WEAK = YES; @@ -2854,7 +2846,7 @@ }; 6F66DAD9265E1E4D006974CF /* Release */ = { isa = XCBuildConfiguration; - baseConfigurationReference = 6F66DB7C265E5096006974CF /* Release-macOS-TunnelExtension.xcconfig */; + baseConfigurationReference = C75B2CB92363138200D700EC /* Release-macOS.xcconfig */; buildSettings = { CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; CLANG_ENABLE_OBJC_WEAK = YES; @@ -2924,7 +2916,7 @@ }; 6F6BB62A265E58BF0093D4CC /* Debug */ = { isa = XCBuildConfiguration; - baseConfigurationReference = 6F66DB7E265E50BB006974CF /* Development-TunnelExtension.xcconfig */; + baseConfigurationReference = 4ABCCBE421E527B50020CB6D /* Development.xcconfig */; buildSettings = { APPLICATION_EXTENSION_API_ONLY = YES; CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; @@ -2957,7 +2949,7 @@ }; 6F6BB62B265E58BF0093D4CC /* Release */ = { isa = XCBuildConfiguration; - baseConfigurationReference = 6F66DB7D265E50BB006974CF /* Release-TunnelExtension.xcconfig */; + baseConfigurationReference = 4ABCCBE321E527A40020CB6D /* Release.xcconfig */; buildSettings = { APPLICATION_EXTENSION_API_ONLY = YES; CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; @@ -3283,7 +3275,7 @@ }; 6F95003A296689810090643F /* Debug */ = { isa = XCBuildConfiguration; - baseConfigurationReference = 6F66DB7B265E5096006974CF /* Development-macOS-TunnelExtension.xcconfig */; + baseConfigurationReference = 6FCA8452296FCFEB006DD80E /* Development-macOS-DeveloperID.xcconfig */; buildSettings = { CLANG_CXX_LANGUAGE_STANDARD = "gnu++17"; CLANG_ENABLE_OBJC_WEAK = YES; @@ -3321,7 +3313,7 @@ }; 6F95003B296689810090643F /* Release */ = { isa = XCBuildConfiguration; - baseConfigurationReference = 6F66DB7C265E5096006974CF /* Release-macOS-TunnelExtension.xcconfig */; + baseConfigurationReference = 6FCA8451296FCFEB006DD80E /* Release-macOS-DeveloperID.xcconfig */; buildSettings = { CLANG_CXX_LANGUAGE_STANDARD = "gnu++17"; CLANG_ENABLE_OBJC_WEAK = YES; @@ -3358,7 +3350,7 @@ }; 6FA518002977BDE90030468D /* Debug */ = { isa = XCBuildConfiguration; - baseConfigurationReference = C730CD6223746B4900C21AF9 /* Development-macOS-LoginItemHelper.xcconfig */; + baseConfigurationReference = 6FCA8452296FCFEB006DD80E /* Development-macOS-DeveloperID.xcconfig */; buildSettings = { ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; @@ -3384,7 +3376,7 @@ }; 6FA518012977BDE90030468D /* Release */ = { isa = XCBuildConfiguration; - baseConfigurationReference = C730CD6323746B4900C21AF9 /* Release-macOS-LoginItemHelper.xcconfig */; + baseConfigurationReference = 6FCA8451296FCFEB006DD80E /* Release-macOS-DeveloperID.xcconfig */; buildSettings = { ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon; CLANG_CXX_LANGUAGE_STANDARD = "gnu++14"; From bbc0319bc274dd20c26158bb7451a2a1357cc75c Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Tue, 24 Jan 2023 12:14:02 +0530 Subject: [PATCH 28/37] Tunnel: Remove the exit() hack for the System Extension --- TunnelExtension/PacketTunnelProvider.swift | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/TunnelExtension/PacketTunnelProvider.swift b/TunnelExtension/PacketTunnelProvider.swift index 0b8b1306..3f2279e5 100644 --- a/TunnelExtension/PacketTunnelProvider.swift +++ b/TunnelExtension/PacketTunnelProvider.swift @@ -134,9 +134,13 @@ class PacketTunnelProvider: NEPacketTunnelProvider { completionHandler() #if os(macOS) + #if DEVELOPER_ID_DISTRIBUTION + // The System Extension can live on after the tunnel stops + #else // HACK: We have to kill the tunnel process ourselves because of a macOS bug exit(0) #endif + #endif } } From b716f4a2747ca312bd622000d8a31a795432ae6f Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Sat, 28 Jan 2023 16:01:38 +0530 Subject: [PATCH 29/37] For Dev ID Distribution, show a help view instead of the log We don't have a shared location between the app and the system extension to write the log, so we instead rely on the OS-provided unified logging. So when the user clicks on "View Log", we show a view that shows how to access the log using Console.app or log show. --- EduVPN.xcodeproj/project.pbxproj | 6 + .../Mac/LogViewHelpViewController.swift | 68 +++++ .../Mac/PreferencesViewController.swift | 5 + .../Resources/Mac/Base.lproj/Main.storyboard | 265 +++++++++++++++++- EduVPN/Services/Environment.swift | 5 + EduVPN/Shims/NavigationController.swift | 6 + 6 files changed, 346 insertions(+), 9 deletions(-) create mode 100644 EduVPN/Controllers/Mac/LogViewHelpViewController.swift diff --git a/EduVPN.xcodeproj/project.pbxproj b/EduVPN.xcodeproj/project.pbxproj index 88605627..0895a323 100644 --- a/EduVPN.xcodeproj/project.pbxproj +++ b/EduVPN.xcodeproj/project.pbxproj @@ -59,6 +59,8 @@ 6F54C92D25E033EE00A42C8F /* AddServerViewController+macOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F54C92C25E033EE00A42C8F /* AddServerViewController+macOS.swift */; }; 6F54C93825E0359200A42C8F /* AddServerViewController+iOS.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F54C93725E0359200A42C8F /* AddServerViewController+iOS.swift */; }; 6F54C9E725E2D6A500A42C8F /* MainViewController+StatusItem.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F54C9E625E2D6A500A42C8F /* MainViewController+StatusItem.swift */; }; + 6F56439D2983690B00A514DF /* LogViewHelpViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F56439C2983690B00A514DF /* LogViewHelpViewController.swift */; }; + 6F56439E2983690B00A514DF /* LogViewHelpViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F56439C2983690B00A514DF /* LogViewHelpViewController.swift */; }; 6F57338724CD1570008912D4 /* SessionExpiryHelper.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F57338624CD1570008912D4 /* SessionExpiryHelper.swift */; }; 6F5820F826EE036800906397 /* AppDataRemover.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F5820F726EE036800906397 /* AppDataRemover.swift */; }; 6F59A58824F51DEB00560155 /* server_list.json in Resources */ = {isa = PBXBuildFile; fileRef = 6F59A58624F51DEB00560155 /* server_list.json */; }; @@ -563,6 +565,7 @@ 6F54C92C25E033EE00A42C8F /* AddServerViewController+macOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "AddServerViewController+macOS.swift"; sourceTree = ""; }; 6F54C93725E0359200A42C8F /* AddServerViewController+iOS.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "AddServerViewController+iOS.swift"; sourceTree = ""; }; 6F54C9E625E2D6A500A42C8F /* MainViewController+StatusItem.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "MainViewController+StatusItem.swift"; sourceTree = ""; }; + 6F56439C2983690B00A514DF /* LogViewHelpViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = LogViewHelpViewController.swift; sourceTree = ""; }; 6F57338624CD1570008912D4 /* SessionExpiryHelper.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = SessionExpiryHelper.swift; sourceTree = ""; }; 6F5820F726EE036800906397 /* AppDataRemover.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AppDataRemover.swift; sourceTree = ""; }; 6F59A58624F51DEB00560155 /* server_list.json */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.json; path = server_list.json; sourceTree = ""; }; @@ -966,6 +969,7 @@ 6F9CE540261802F10065E4BA /* CredentialsViewController+macOS.swift */, 6F25F8D1269D763F00FA8FAB /* ConnectionViewController+macOS.swift */, 6F25F8D3269DE3BB00FA8FAB /* MenuCommandResponding.swift */, + 6F56439C2983690B00A514DF /* LogViewHelpViewController.swift */, ); path = Mac; sourceTree = ""; @@ -2286,6 +2290,7 @@ 6F95FFF0296547930090643F /* NavigationController.swift in Sources */, 6F95FFF1296547930090643F /* FileHelper.swift in Sources */, 6F95FFF2296547930090643F /* MainViewController+macOS.swift in Sources */, + 6F56439E2983690B00A514DF /* LogViewHelpViewController.swift in Sources */, 6F95FFF3296547930090643F /* Multiplatform.swift in Sources */, 6F95FFF4296547930090643F /* SessionExpiryHelper.swift in Sources */, 6F95FFF5296547930090643F /* StatusItemController.swift in Sources */, @@ -2406,6 +2411,7 @@ 6FCCC577249E25F100F0F5A3 /* NavigationController.swift in Sources */, C7DB4BD424803B99009932B1 /* FileHelper.swift in Sources */, 6F36A79D24B6F5BA00BA8F5E /* MainViewController+macOS.swift in Sources */, + 6F56439D2983690B00A514DF /* LogViewHelpViewController.swift in Sources */, C7DB4B9B247FC23D009932B1 /* Multiplatform.swift in Sources */, 6F57338724CD1570008912D4 /* SessionExpiryHelper.swift in Sources */, 6F7B63F02500FD7300FB154A /* StatusItemController.swift in Sources */, diff --git a/EduVPN/Controllers/Mac/LogViewHelpViewController.swift b/EduVPN/Controllers/Mac/LogViewHelpViewController.swift new file mode 100644 index 00000000..d4ecd3ab --- /dev/null +++ b/EduVPN/Controllers/Mac/LogViewHelpViewController.swift @@ -0,0 +1,68 @@ +// +// LogViewHelpViewController.swift +// EduVPN +// +// Created by Roopesh Chander on 27/01/23. +// Copyright © 2023 SURFNet. All rights reserved. +// + +import Foundation +import AppKit + +class LogViewHelpViewController: ViewController, ParametrizedViewController { + + struct Parameters { + let environment: Environment + } + + private var parameters: Parameters! + + @IBOutlet weak var subsystemLabel: NSTextField! + @IBOutlet weak var logShowCommandLabel: NSTextField! + @IBOutlet weak var logStreamCommandLabel: NSTextField! + + var subsystem: String = "" + var logShowCommand: String = "" + var logStreamCommand: String = "" + + func initializeParameters(_ parameters: Parameters) { + guard self.parameters == nil else { + fatalError("Can't initialize parameters twice") + } + self.parameters = parameters + } + + override func viewDidLoad() { + let appId = Bundle.main.bundleIdentifier ?? Config.shared.clientId + + self.subsystem = appId + self.logShowCommand = "log show --info --predicate 'subsystem == \"\(appId)\"'" + self.logStreamCommand = "log stream --info --predicate 'subsystem == \"\(appId)\"'" + + self.subsystemLabel.text = self.subsystem + self.logShowCommandLabel.text = self.logShowCommand + self.logStreamCommandLabel.text = self.logStreamCommand + } + + @IBAction func subsystemCopyClicked(_ sender: Any) { + setClipboard(text: self.subsystem) + } + + @IBAction func logShowCommandCopyClicked(_ sender: Any) { + setClipboard(text: self.logShowCommand) + } + + @IBAction func logStreamCommandCopyClicked(_ sender: Any) { + setClipboard(text: self.logStreamCommand) + } + + @IBAction func doneClicked(_ sender: Any) { + self.presentingViewController?.dismiss(self) + } + + private func setClipboard(text: String) { + let pasteBoard = NSPasteboard.general + pasteBoard.clearContents() + pasteBoard.writeObjects([text as NSString]) + } +} diff --git a/EduVPN/Controllers/Mac/PreferencesViewController.swift b/EduVPN/Controllers/Mac/PreferencesViewController.swift index 67272d47..0c00fb96 100644 --- a/EduVPN/Controllers/Mac/PreferencesViewController.swift +++ b/EduVPN/Controllers/Mac/PreferencesViewController.swift @@ -106,6 +106,10 @@ class PreferencesViewController: ViewController, ParametrizedViewController { } @IBAction func viewLogClicked(_ sender: Any) { + #if DEVELOPER_ID_DISTRIBUTION + self.presentingViewController?.dismiss(self) + parameters.environment.navigationController?.presentLogViewHelp() + #else let loggingService = parameters.environment.loggingService firstly { loggingService.getLog() @@ -114,6 +118,7 @@ class PreferencesViewController: ViewController, ParametrizedViewController { }.catch { error in self.parameters.environment.navigationController?.showAlert(for: error) } + #endif } @IBAction func resetAppClicked(_ sender: Any) { diff --git a/EduVPN/Resources/Mac/Base.lproj/Main.storyboard b/EduVPN/Resources/Mac/Base.lproj/Main.storyboard index 4743256e..685d3689 100644 --- a/EduVPN/Resources/Mac/Base.lproj/Main.storyboard +++ b/EduVPN/Resources/Mac/Base.lproj/Main.storyboard @@ -584,13 +584,13 @@ Gw - + - + - + @@ -819,11 +819,11 @@ Gw - + - + @@ -831,7 +831,7 @@ Gw - + @@ -845,12 +845,12 @@ Gw - + - + - + @@ -1880,6 +1880,253 @@ Gw + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Press return. Then click on the "⌄" next to "ANY" and change the property to "Subsystem". Ensure the criteria is "Contains" or "Equals". Ensure that 'App menu > Action > Include Info Messages' is checked. Then click on "Start Streaming" if required. + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/EduVPN/Services/Environment.swift b/EduVPN/Services/Environment.swift index 0468cf26..bce5d199 100644 --- a/EduVPN/Services/Environment.swift +++ b/EduVPN/Services/Environment.swift @@ -100,6 +100,11 @@ class Environment { configName: configName, userName: userName, initialPassword: initialPassword) return instantiate(PasswordEntryViewController.self, identifier: "PasswordEntry", parameters: parameters) } + + func instantiateLogViewHelpViewController() -> LogViewHelpViewController { + let parameters = LogViewHelpViewController.Parameters(environment: self) + return instantiate(LogViewHelpViewController.self, identifier: "LogViewHelp", parameters: parameters) + } #endif #if os(iOS) diff --git a/EduVPN/Shims/NavigationController.swift b/EduVPN/Shims/NavigationController.swift index 923dacaa..28779560 100644 --- a/EduVPN/Shims/NavigationController.swift +++ b/EduVPN/Shims/NavigationController.swift @@ -145,6 +145,12 @@ extension NavigationController { presentedPreferencesVC = preferencesVC presentAsSheet(preferencesVC) } + + func presentLogViewHelp() { + guard let environment = environment else { return } + let logViewHelpVC = environment.instantiateLogViewHelpViewController() + presentAsSheet(logViewHelpVC) + } } extension NavigationController { From 149a6aef526e06743faf76f2c87b5bbbcc961589 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Sat, 28 Jan 2023 16:32:06 +0530 Subject: [PATCH 30/37] Update DEVELOPER_ID.md --- DEVELOPER_ID.md | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/DEVELOPER_ID.md b/DEVELOPER_ID.md index d5f157c6..d00fe2ed 100644 --- a/DEVELOPER_ID.md +++ b/DEVELOPER_ID.md @@ -235,10 +235,10 @@ expires. cd dev_id_release ~~ - <username> should be the Apple ID that controls the developer + <username> should be the Apple ID that controls the developer account for this app. - <password> should be the password for that Apple ID. If 2FA is + <password> should be the password for that Apple ID. If 2FA is enabled for this Apple ID, you will need to generate an app-specific password at [appleid.apple.com](https://appleid.apple.com) (Sign In > App-specific Passwords) and specify that password. @@ -277,4 +277,10 @@ Xcode conveniently (for e.g. to launch the app from Xcode), we should: The `systemextensionsctl` command can be useful during development: - `systemextensionsctl list` shows the installation status of the System Extension - - `systemextensionsctl reset` uninstalls all System Extensions + - `systemextensionsctl reset` uninstalls all System Extensions. If you want to uninstall our system extension, you should remove the VPN config from Settings > Network before doing that. + +## Known Issues + + - If the System Extension is uninstalled while the VPN config in Network Settings is intact, then the tunnel doesn't get started anymore. To fix it, quit the eduVPN / Let's Connect app, remove the VPN config from Network Settings, uninstall the System Extension, and restart the Mac. + + Users are not expected to run `systemextensionsctl` commands, so this is acceptable. From db4a4dd3b31e938589b1a9288304c07274fa8ca7 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Sun, 29 Jan 2023 11:11:16 +0530 Subject: [PATCH 31/37] Pass password directly to the System Extension In case of an App Extension, there's a shared Keychain we can use to pass the password through. In case of a System Extension, we don't have a shared Keychain, so we just pass it directly. --- EduVPN/Services/ConnectionService.swift | 19 ++++++---- Shared/Shared.swift | 1 + .../OpenVPN/OpenVPNAdapterInterface.swift | 36 +++++++++++++------ TunnelExtension/PacketTunnelProvider.swift | 13 +++++-- 4 files changed, 51 insertions(+), 18 deletions(-) diff --git a/EduVPN/Services/ConnectionService.swift b/EduVPN/Services/ConnectionService.swift index 73e8a5d3..6ea1ca41 100644 --- a/EduVPN/Services/ConnectionService.swift +++ b/EduVPN/Services/ConnectionService.swift @@ -420,12 +420,6 @@ private extension ConnectionService { } return "\(firstRemote.address):\(firstRemote.proto.port)" }() - if let credentials = credentials { - let keychain = Keychain(group: appGroup) - let passwordReference = try keychain.set(password: credentials.password, for: credentials.userName, context: tunnelExtensionBundleId) - protocolConfiguration.username = credentials.userName - protocolConfiguration.passwordReference = passwordReference - } protocolConfiguration.providerConfiguration = [ ProviderConfigurationKeys.vpnProtocol.rawValue: VPNProtocol.openVPN.rawValue, ProviderConfigurationKeys.tunnelKitOpenVPNProviderConfig.rawValue: providerConfigJson, @@ -434,6 +428,19 @@ private extension ConnectionService { protocolConfiguration.connectionAttemptId = connectionAttemptId + if let credentials = credentials { + protocolConfiguration.username = credentials.userName +#if DEVELOPER_ID_DISTRIBUTION + // We can't share the Keychain with the System Extension, so we pass the password directly + protocolConfiguration.providerConfiguration?[ProviderConfigurationKeys.password.rawValue] = credentials.password +#else + // We use pass the password to the App Extension through the Keychain + let keychain = Keychain(group: appGroup) + let passwordReference = try keychain.set(password: credentials.password, for: credentials.userName, context: tunnelExtensionBundleId) + protocolConfiguration.passwordReference = passwordReference +#endif + } + #if os(macOS) protocolConfiguration.shouldPreventAutomaticConnections = shouldPreventAutomaticConnections #elseif os(iOS) diff --git a/Shared/Shared.swift b/Shared/Shared.swift index 3170a636..c62103fc 100644 --- a/Shared/Shared.swift +++ b/Shared/Shared.swift @@ -73,6 +73,7 @@ enum ProviderConfigurationKeys: String { case appGroup #if os(macOS) case shouldPreventAutomaticConnections // Bool as NSNumber + case password #endif } diff --git a/TunnelExtension/OpenVPN/OpenVPNAdapterInterface.swift b/TunnelExtension/OpenVPN/OpenVPNAdapterInterface.swift index c9a43031..7415b655 100644 --- a/TunnelExtension/OpenVPN/OpenVPNAdapterInterface.swift +++ b/TunnelExtension/OpenVPN/OpenVPNAdapterInterface.swift @@ -16,6 +16,21 @@ import SwiftyBeaver class OpenVPNAdapterInterface: TunnelAdapterInterface { + enum Credentials { + case plaintextPassword(String, String) + case keychainReference(String, Data) + + func openVPNCredentials() throws -> OpenVPN.Credentials? { + switch self { + case .plaintextPassword(let username, let password): + return OpenVPN.Credentials(username, password) + case .keychainReference(let username, let keychainReference): + let password = try Keychain.password(forReference: keychainReference) + return OpenVPN.Credentials(username, password) + } + } + } + class LoggerDestination: BaseDestination { private let logger: Logger @@ -40,23 +55,24 @@ class OpenVPNAdapterInterface: TunnelAdapterInterface { private var adapter: OpenVPNAdapter? - convenience init?(tunnelKitConfigJson: Data, username: String?, passwordReference: Data?, logger: Logger) { + convenience init?(tunnelKitConfigJson: Data, credentials: Credentials?, logger: Logger) { guard let providerConfig = try? JSONDecoder().decode(OpenVPN.ProviderConfiguration.self, from: tunnelKitConfigJson) else { logger.log("Unable to decode provider config JSON") return nil } - let credentials: OpenVPN.Credentials? - if let username = username, let passwordReference = passwordReference { - guard let password = try? Keychain.password(forReference: passwordReference) else { + + var openVPNCredentials: OpenVPN.Credentials? = nil + do { + openVPNCredentials = try credentials?.openVPNCredentials() + } catch { + if case KeychainError.notFound = error { logger.log("Unable to access password from keychain using password reference") - credentials = nil - return nil + } else { + logger.log("Error getting OpenVPN credentials: \(error)") } - credentials = OpenVPN.Credentials(username, password) - } else { - credentials = nil } - self.init(configuration: providerConfig, credentials: credentials, logger: logger) + + self.init(configuration: providerConfig, credentials: openVPNCredentials, logger: logger) } init(configuration: OpenVPN.ProviderConfiguration, credentials: OpenVPN.Credentials?, logger: Logger) { diff --git a/TunnelExtension/PacketTunnelProvider.swift b/TunnelExtension/PacketTunnelProvider.swift index 3f2279e5..65d6a7a4 100644 --- a/TunnelExtension/PacketTunnelProvider.swift +++ b/TunnelExtension/PacketTunnelProvider.swift @@ -98,9 +98,18 @@ class PacketTunnelProvider: NEPacketTunnelProvider { completionHandler(PacketTunnelProviderError.savedProtocolConfigurationIsInvalid) return } + + var credentials: OpenVPNAdapterInterface.Credentials? = nil + if let username = protocolConfiguration.username { + if let passwordReference = protocolConfiguration.passwordReference { + credentials = OpenVPNAdapterInterface.Credentials.keychainReference(username, passwordReference) + } else if let password = providerConfiguration[ProviderConfigurationKeys.password.rawValue] as? String { + credentials = OpenVPNAdapterInterface.Credentials.plaintextPassword(username, password) + } + } + guard let openVPNAdapterInterface = OpenVPNAdapterInterface(tunnelKitConfigJson: tunnelKitConfigJson, - username: protocolConfiguration.username, - passwordReference: protocolConfiguration.passwordReference, + credentials: credentials, logger: logger) else { logger.log("Cannot create OpenVPNAdapterInterface") completionHandler(PacketTunnelProviderError.savedProtocolConfigurationIsInvalid) From f4b5b8308ded045966191099d5b1a19f50935dba Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Sun, 29 Jan 2023 14:21:02 +0530 Subject: [PATCH 32/37] macOS: Mention it's a Developer ID version in the About panel --- EduVPN/AppDelegate.swift | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/EduVPN/AppDelegate.swift b/EduVPN/AppDelegate.swift index 9478ec17..5c5001b7 100644 --- a/EduVPN/AppDelegate.swift +++ b/EduVPN/AppDelegate.swift @@ -271,7 +271,7 @@ extension AppDelegate { @IBAction func showAboutPanel(_ sender: Any?) { NSApp.activate(ignoringOtherApps: true) NSApp.orderFrontStandardAboutPanel(options: [ - .credits: sourceRepositoryLinkMessage + .credits: creditsMessage ]) } @@ -416,14 +416,24 @@ extension AppDelegate: NSMenuItemValidation { extension AppDelegate { var sourceRepositoryLink: String { "https://github.com/eduvpn/apple" } - var sourceRepositoryLinkMessage: NSAttributedString { + var creditsMessage: NSAttributedString { let url = URL(string: sourceRepositoryLink)! // swiftlint:disable:this force_unwrapping let font = NSFont.systemFont(ofSize: 10, weight: .light) - let string = NSMutableAttributedString( + let string = NSMutableAttributedString() +#if DEVELOPER_ID_DISTRIBUTION + let developerIDString = NSAttributedString( + string: NSLocalizedString( + "(Developer ID Version)\n", + comment: "macOS about panel message"), + attributes: [.font: font]) + string.append(developerIDString) +#endif + let sourceCodeString = NSMutableAttributedString( string: NSLocalizedString( "For source code and licenses, please see: ", comment: "macOS about panel message"), attributes: [.font: font]) + string.append(sourceCodeString) let linkedString = NSAttributedString( string: sourceRepositoryLink, attributes: [.link: url, .font: font]) From 50069fc81d10ee1545a87682db3bf083668e8fc2 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Sun, 29 Jan 2023 16:05:47 +0530 Subject: [PATCH 33/37] Update DEVELOPER_ID.md --- DEVELOPER_ID.md | 139 ++++++++++++++++++++++++++++++------------------ 1 file changed, 87 insertions(+), 52 deletions(-) diff --git a/DEVELOPER_ID.md b/DEVELOPER_ID.md index d00fe2ed..af6e0df4 100644 --- a/DEVELOPER_ID.md +++ b/DEVELOPER_ID.md @@ -28,11 +28,11 @@ brew install swiftlint go Go version 1.16 is required. -## Building +## Setting up Config Files ### eduVPN -To build the app, run: +Before building the app, run: ``` $ cp Config/Mac/config-eduvpn_new_discovery.json Config/Mac/config.json $ cp Config/Mac/privacy_statement-eduvpn.json Config/Mac/privacy_statement.json @@ -40,11 +40,11 @@ $ cp Config/Mac/Developer-macOS.xcconfig.eduvpn-template Config/Mac/Developer-ma $ vim Config/Mac/Developer-macOS.xcconfig # Edit as reqd. ``` -Then, open `EduVPN.xcworkspace` in Xcode and build the 'EduVPN-macOS-DeveloperID' target. +Then, we can open `EduVPN.xcworkspace` in Xcode and build the 'EduVPN-macOS-DeveloperID' target. ### Let's Connect -To build the app, run: +Before building the app, run: ``` $ cp Config/Mac/config-letsconnect_new_discovery.json Config/Mac/config.json $ cp Config/Mac/privacy_statement-letsconnect.json Config/Mac/privacy_statement.json @@ -52,7 +52,7 @@ $ cp Config/Mac/Developer-macOS.xcconfig.letsconnect-template Config/Mac/Develop $ vim Config/Mac/Developer-macOS.xcconfig # Edit as reqd. ``` -Then, open `EduVPN.xcworkspace` in Xcode and build the 'EduVPN-macOS-DeveloperID' target. +Then, we can open `EduVPN.xcworkspace` in Xcode and build the 'EduVPN-macOS-DeveloperID' target. ## Distribution @@ -75,21 +75,22 @@ installers that we want to distribute. 1. Developer ID Application Certificate - Click on _Certificates_, then on _+_ to add a certificate. Choose _Developer ID Application_. - - Choose _G2 Sub-CA_ profile + - Choose the latest applicable _Profile Type_ (currently _G2 Sub-CA_) - Create a Certificate Signing Request on your Mac as specified in the page and upload it - _Download_ the created certificate - Open "Keychain Access.app", choose the default keychain, and drag the downloaded certificate file to install it in the default keychain - - In the Keychain Access app window, double-click on the installed certificate to view it -- note down the expiry date somewhere + - In the Keychain Access app window, double-click on the installed certificate to view it + - Make a note of the expiry date -- we'll need that later 2. Developer ID Installer Certificate - Click on _Certificates_, then on _+_ to add a certificate. Choose _Developer ID Installer_. - - Choose _G2 Sub-CA_ profile + - Choose the latest applicable _Profile Type_ (currently _G2 Sub-CA_) - Create a Certificate Signing Request on your Mac as specified in the page and upload it - _Download_ the certificate - Open "Keychain Access.app", choose the default keychain, and drag the downloaded certificate file to install it - - In the Keychain Access app, double-click on the installed certificate to view it -- note down expiry date somewhere - + - In the Keychain Access app, double-click on the installed certificate to view it + - Make a note of the expiry date and the Common Name -- we'll need these later Developer ID Application Certificates and Developer ID Installer Certificates are valid for 5 years from when they were created. @@ -108,34 +109,43 @@ and declare what capabilities they should be allowed to have. 1. App - - Click on _Identifiers_, choose _App IDs_, click on _Continue_ + - Click on _Identifiers_, then on _+_ to add an identifier, choose _App IDs_, click on _Continue_ - Select _App_ type, click on _Continue_ - - Enter a _Bundle ID_, say "com.example.app" - - Ensure _Explicit_ is checked next to the Bundle ID + - Enter the _Bundle ID_ used as `APP_ID` in Config/Mac/Developer-macOS.xcconfig, say "com.example.app" + - Ensure _Explicit_ is checked next to _Bundle ID_ - Enter a _Description_ (you can use spaces instead of special characters) - Under _Capabilities_, choose _Network Extensions_ and _System Extension_ - Click on _Continue_, then _Register_ 2. Tunnel Extension - - Click on _Identifiers_, choose _App IDs_, click on _Continue_ + - Click on _Identifiers_, then on _+_ to add an identifier, choose _App IDs_, click on _Continue_ - Select _App_ type, click on _Continue_ - - Enter _Bundle ID_ with a "TunnelExtension" suffix, say "com.example.app.TunnelExtension" - - Ensure _Explicit_ is checked next to the Bundle ID + - Enter the _Bundle ID_ as `APP_ID` with a "TunnelExtension" suffix, say "com.example.app.TunnelExtension" + - Ensure _Explicit_ is checked next to _Bundle ID_ - Enter a _Description_ (you can use spaces instead of special characters) - Under _Capabilities_, choose _Network Extensions_ - Click on _Continue_, then _Register_ 3. Login Item Helper - - Click on _Identifiers_, choose _App IDs_, click on _Continue_ + - Click on _Identifiers_, then on _+_ to add an identifier, choose _App IDs_, click on _Continue_ - Select _App_ type, click on _Continue_ - - Enter _Bundle ID_ with a "LoginItemHelper" suffix, say "com.example.app.LoginItemHelper" - - Ensure _Explicit_ is checked next to the Bundle ID + - Enter the _Bundle ID_ as `APP_ID` with a "LoginItemHelper" suffix, say "com.example.app.LoginItemHelper" + - Ensure _Explicit_ is checked next to _Bundle ID_ - Enter a _Description_ (you can use spaces instead of special characters) - Don't tick anything under _Capabilities_ - Click on _Continue_, then _Register_ + +Sometimes, you might get an error saying: + +> An App ID with Identifier 'identifier' is not available. Please enter a different string. + +This happens if the identifier is already registered. Xcode might have +registered it on our behalf -- in that case, check if the already registered +identifier has the required capabilities. + #### Profiles For each bundle id we created, we need to create a provisioning profile that @@ -147,23 +157,23 @@ ties the bundle id to a Developer ID Application Certificate. - Ensure Profile Type is _Mac_, choose the _App ID_ created earlier (you can type to search), and click on _Continue_ - Choose the _Developer ID Application_ certificate created earlier (you will have to choose by expiry date), click on _Continue_ - Enter a _Provisioning Profile Name_, say "eduVPN Developer ID App 01 Jan 2023" - - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_dev_id_app.provisionprofile"). + - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_Developer_ID_App_01_Jan_2023.provisionprofile"). 2. Tunnel Extension - Click on _Profiles_, then on _+_ to add a profile, choose _Developer ID_ under _Distribution_, then click on _Continue_ - Ensure Profile Type is _Mac_, choose the _Bundle ID_ with a "TunnelExtension" suffix created earlier (you can type to search), and click on _Continue_ - Choose the _Developer ID Application_ certificate created earlier (you will have to choose by expiry date), click on _Continue_ - - Enter a _Provisioning Profile Name_, say "eduVPN Developer ID Tunnel Extension 01 Jan 2023" - - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_dev_id_tunnelextension.provisionprofile"). + - Enter a _Provisioning Profile Name_, say "eduVPN Developer ID Tunnel 01 Jan 2023" + - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_Developer_ID_Tunnel_01_Jan_2023.provisionprofile"). 3. Tunnel Extension - Click on _Profiles_, then on _+_ to add a profile, choose _Developer ID_ under _Distribution_, then click on _Continue_ - Ensure Profile Type is _Mac_, choose the _Bundle ID_ with a "LoginItemHelper" suffix created earlier (you can type to search), and click on _Continue_ - Choose the _Developer ID Application_ certificate created earlier (you will have to choose by expiry date), click on _Continue_ - - Enter a _Provisioning Profile Name_, say "eduVPN Developer ID Login Item Helper 01 Jan 2023" - - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_dev_id_loginitemhelper.provisionprofile"). + - Enter a _Provisioning Profile Name_, say "eduVPN Developer ID LoginItemHelper 01 Jan 2023" + - Click on _Generate_, then on _Download_. Save the file somewhere (say "eduVPN_Developer_ID_LoginItemHelper_01_Jan_2023.provisionprofile"). The provisioning profiles are valid for 18 years from the time they are generated. The installed app will stop working when the provisioning profile @@ -171,40 +181,46 @@ expires. ### Making a Release - 1. In Xcode, open the Projects and Targets pane + 1. Open `EduVPN.xcworkspace` in Xcode. The following instructions are made for Xcode 14. + + 2. In Xcode, open the Projects and Targets pane - Open the project in Xcode - In the Project Navigator (keyboard shortcut: Cmd+1), select "EduVPN" at the top left - 2. Setup app's provisioing profile + 3. Import provisioning profiles into Xcode + + - Setup app's provisioning profile + + - Select the _EduVPN-macOS-DeveloperID_ target + - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab + - Ensure _Automatically manage signing_ is not checked + - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_app.provisionprofile"), or choose an already imported profile. - - Select the _EduVPN-macOS-DeveloperID_ target - - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab - - Ensure _Automatically manage signing_ is not checked - - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_app.provisionprofile"), or choose an already imported profile. + - Setup tunnel extension's provisioning profile - 3. Setup tunnel extension's provisioning profile + - Select the _TunnelExtension-macOS-DeveloperID_ target + - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab + - Ensure _Automatically manage signing_ is not checked + - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_tunnelextension.provisionprofile"), or choose an already imported profile. - - Select the _TunnelExtension-macOS-DeveloperID_ target - - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab - - Ensure _Automatically manage signing_ is not checked - - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_tunnelextension.provisionprofile"), or choose an already imported profile. + - Setup login item helper's provisioning profile - 4. Setup login item helper's provisioning profile + - Select the _LoginItemHelper-macOS-DeveloperID_ target + - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab + - Ensure _Automatically manage signing_ is not checked + - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_loginitemhelper.provisionprofile"), or choose an already imported profile. - - Select the _LoginItemHelper-macOS-DeveloperID_ target - - Select the _Signing & Capabilities_ tab, and under that, the _Release_ tab - - Ensure _Automatically manage signing_ is not checked - - Under _macOS_, choose a _Provisioning Profile_. You can use _Import Profile..._ to import the downloaded profile (say "eduVPN_dev_id_loginitemhelper.provisionprofile"), or choose an already imported profile. + Xcode keeps the imported provisioning profiles at `~/Library/MobileDevice/Provisioning Profiles`. In case you want to clear out all imported profiles and start over, you can quit Xcode, delete everything in that location, and open Xcode again. - 5. Create the archive + 6. Create the archive - - At the top of the window, select _EduVPN-macOS-DeveloperID_ > _My Mac_ + - In the middle of the top of the Xcode window, select _EduVPN-macOS-DeveloperID_ > _My Mac_ - In the Xcode menu, choose _Product_ > _Clean Build Folder_ - - In the Xcode menu, choose _Product_ > _Archive_ + - In the Xcode menu, choose _Product_ > _Archive_ (Ignore the popup "ad" about Xcode Cloud) - Once the archive is created, Xcode will open its Organizer window, with the created archive selected - 6. Create the notarized app bundle + 7. Create the notarized app bundle - Ensure that the created archive is selected in the Organizer window - Click on _Distribute App_ @@ -217,16 +233,22 @@ expires. - If the "Distribute App" modal window (that you used to upload the app for notarization) is still open, click on _Export_ to export the app. Else, select the archive in the Organizer window (status should be "Ready to Distribute"), and click on _Export Notarized App_ in the right-side inspector pane. - Save the app bundle somewhere (say "dev_id_release/eduVPN.app") - 7. Create the installer package + 8. Create the installer package - Edit the installer creation script - Ensure that the variables at the top are all correct. - ~~~ vim Scripts/create_eduvpn_installer_macos.sh ~~~ + Ensure that the variables at the top are all correct: + - APP_VERSION: The app version + - MIN_MACOS_VERSION: The min macOS version + - EDUVPN_APP_NAME / LETSCONNECT_APP_NAME: The app name -- the name used for the dot-app file + - EDUVPN_APP_ID / LETSCONNECT_APP_ID: The app id + - EDUVPN_DEVELOPMENT_TEAM / LETSCONNECT_DEVELOPMENT_TEAM: The development team that controls the app distribution + - EDUVPN_INSTALLER_CERTIFICATE_CN / LETSCONNECT_INSTALLER_CERTIFICATE_CN: The Common Name of the Developer ID Installer Certificates installed in the Keychain + - Run the installer creation script `cd` to the directory containing the notarized app file. @@ -235,28 +257,41 @@ expires. cd dev_id_release ~~ - <username> should be the Apple ID that controls the developer + <username> should be the Apple ID that controls the developer account for this app. - <password> should be the password for that Apple ID. If 2FA is + <password> should be the password for that Apple ID. If 2FA is enabled for this Apple ID, you will need to generate an app-specific password at [appleid.apple.com](https://appleid.apple.com) (Sign In > App-specific - Passwords) and specify that password. + Passwords > + > <enter some name>) and specify that password. - For eduVPN: ~~~ - bash Scripts/create_eduvpn_installer_macos.sh -n eduvpn -u -p + bash path-to-source-code/Scripts/create_eduvpn_installer_macos.sh -n eduvpn -u -p ~~~ - For Let's Connect: ~~~ - bash Scripts/create_eduvpn_installer_macos.sh -n letsconnect -u -p + bash path-to-source-code/Scripts/create_eduvpn_installer_macos.sh -n letsconnect -u -p ~~~ The notarized installer package will be created in the same directory. + The script requires a working internet connection to work, and can take + a few minutes to complete. + + 9. Try installing from the installer package + + If you already have the app in /Applications installed through the Mac App Store, you should remove that. + + You can install the package by double-clicking on the package file from Finder, or using the `installer` command: + + ~~~ + sudo installer -verbose -target "/Volumes/Macintosh HD" -pkg + ~~~ + ## Development To work on the Developer ID / System Extension installation part of the app in From 198d68c94f91c7554e497cc942a4ef6181a5e522 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Mon, 30 Jan 2023 11:24:20 +0530 Subject: [PATCH 34/37] Scripts: Fix create_eduvpn_installer_macos.sh --- Scripts/create_eduvpn_installer_macos.sh | 77 +++++++++++++++++------- 1 file changed, 56 insertions(+), 21 deletions(-) diff --git a/Scripts/create_eduvpn_installer_macos.sh b/Scripts/create_eduvpn_installer_macos.sh index 7ad61850..34f7238a 100755 --- a/Scripts/create_eduvpn_installer_macos.sh +++ b/Scripts/create_eduvpn_installer_macos.sh @@ -16,12 +16,12 @@ APP_VERSION="3.0.6" MIN_MACOS_VERSION="10.15.0" EDUVPN_APP_NAME="eduVPN" -EDUVPN_APP_ID="org.eduvpn.app" +EDUVPN_APP_ID="org.eduvpn.app.mac-dev-id" EDUVPN_DEVELOPMENT_TEAM="ZYJ4TZX4UU" EDUVPN_INSTALLER_CERTIFICATE_CN="Developer ID Installer: SURF B.V. (ZYJ4TZX4UU)" -LETSCONNECT_APP_NAME="Let’s Connect!" -LETSCONNECT_APP_ID="com.commonscaretakers.letsconnect.mac" +LETSCONNECT_APP_NAME='Let’s Connect!' +LETSCONNECT_APP_ID="com.commonscaretakers.letsconnect.mac-dev-id" LETSCONNECT_DEVELOPMENT_TEAM="D9T87NF4Q7" LETSCONNECT_INSTALLER_CERTIFICATE_CN="Developer ID Installer: Commons Caretakers b.v. (D9T87NF4Q7)" @@ -70,45 +70,80 @@ echo " APP_ID = ${APP_ID}" echo " DEVELOPMENT_TEAM = ${DEVELOPMENT_TEAM}" echo " CERTIFICATE_CN=${CERTIFICATE_CN}" + +APP_FILENAME="${APP_NAME}.app" + echo "" -echo "Checking app..." -if [ -f "${APP_NAME}.app" ]; then - spctl -vvv --assess -t exec "${APP_NAME}.app" 2>&1 | tee /tmp/spctl_app.log +echo -n "-> Checking app \"${APP_FILENAME}\"..." +date "+ (at %H:%M:%S)" + +if [ -e "${APP_FILENAME}" ]; then + spctl -vvv --assess -t exec "${APP_FILENAME}" 2>&1 | tee /tmp/spctl_app.log if grep -q accepted /tmp/spctl_app.log; then - echo "App \"${APP_NAME}.app\" appears to be notarized." + echo "App \"${APP_FILENAME}\" appears to be notarized." else - echo "Error: App \"${APP_NAME}.app\" is not notarized. Not creating installer." 1>&2; exit 1; + echo "Error: App \"${APP_FILENAME}\" is not notarized. Not creating installer." 1>&2; exit 1; fi rm -rf /tmp/spctl_app.log else - echo "Error: App \"${APP_NAME}.app\" not found. Not creating installer." 1>&2; exit 1; + echo "Error: App \"${APP_FILENAME}\" not found. Not creating installer." 1>&2; exit 1; fi +PACKAGE_FILENAME="./${n}_${APP_VERSION}.pkg" echo "" -echo "Creating installer package..." -pkgbuild --root "\"${APP_NAME}.app\"" --identifier ${APP_ID} --version ${APP_VERSION} --install-location "\"/Applications/${APP_NAME}.app\"" --min-os-version ${MIN_MACOS_VERSION} --sign "\"${CERTIFICATE_CN}\"" ./${n}_${APP_VERSION}.pkg +echo -n "-> Creating installer package \"${PACKAGE_FILENAME}\"..." +date "+ (at %H:%M:%S)" + +pkgbuild --root "${APP_FILENAME}" --identifier ${APP_ID} --version ${APP_VERSION} --install-location "/Applications/${APP_NAME}.app" --min-os-version ${MIN_MACOS_VERSION} --sign "${CERTIFICATE_CN}" ${PACKAGE_FILENAME} + +if [ $? -ne 0 ]; then + exit 1 +fi + +echo "" +echo -n "-> Notarizing installer package \"${PACKAGE_FILENAME}\"..." +date "+ (at %H:%M:%S)" + +xcrun notarytool submit ${PACKAGE_FILENAME} --apple-id "${u}" --password "${p}" --team-id ${DEVELOPMENT_TEAM} --wait + +if [ $? -ne 0 ]; then + exit 1 +fi echo "" -echo "Notarizing installer package..." -xcrun notarytool submit ./${n}_${APP_VERSION}.pkg --apple-id "${u}" --password "${p}" --team-id ${DEVELOPMENT_TEAM} --wait +echo -n "-> Adding notarization information to package \"${PACKAGE_FILENAME}\"..." +date "+ (at %H:%M:%S)" + +xcrun stapler staple ${PACKAGE_FILENAME} + +if [ $? -ne 0 ]; then + exit 1 +fi echo "" -echo "Adding notarization information to package..." -xcrun stapler staple ./${n}_${APP_VERSION}.pkg +echo -n "-> Checking installer package \"${PACKAGE_FILENAME}\"..." +date "+ (at %H:%M:%S)" -echo "Checking installer package..." -if [ -f "./${n}_${APP_VERSION}.pkg" ]; then - spctl -vvv --assess -t install "./${n}_${APP_VERSION}.pkg" 2>&1 | tee /tmp/spctl_installer.log +if [ -e "${PACKAGE_FILENAME}" ]; then + spctl -vvv --assess -t install "${PACKAGE_FILENAME}" 2>&1 | tee /tmp/spctl_installer.log if grep -q accepted /tmp/spctl_installer.log; then echo "Looks good." else - echo "Error: \"./${n}_${APP_VERSION}.pkg\" is not notarized." 1>&2; exit 1; + echo "Error: \"${PACKAGE_FILENAME}\" is not notarized." 1>&2; exit 1; fi rm -rf /tmp/spctl_installer.log else - echo "Error: \"./${n}_${APP_VERSION}.pkg\" is not found." 1>&2; exit 1; + echo "Error: \"${PACKAGE_FILENAME}\" is not found." 1>&2; exit 1; fi +if [ $? -ne 0 ]; then + exit 1 +fi + +echo "" +echo -n "-> Done" +date "+ (at %H:%M:%S)" + echo "" -echo "Notarized installation package is at: ./${n}_${APP_VERSION}.pkg" +echo "Notarized installation package is at: \"${PACKAGE_FILENAME}\"" From 9da10ee0519de5bd5055f74cf7d420bab9f40317 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Mon, 30 Jan 2023 11:33:14 +0530 Subject: [PATCH 35/37] Update copyright year --- EduVPN/Resources/Mac/Info.plist | 2 +- LoginItemHelper-macOS/Info.plist | 2 +- README.md | 2 +- TunnelExtension/Mac/AppExtension/Info.plist | 2 +- TunnelExtension/iOS/Info.plist | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/EduVPN/Resources/Mac/Info.plist b/EduVPN/Resources/Mac/Info.plist index f5cc37f7..91987e9f 100644 --- a/EduVPN/Resources/Mac/Info.plist +++ b/EduVPN/Resources/Mac/Info.plist @@ -25,7 +25,7 @@ LSMinimumSystemVersion $(MACOSX_DEPLOYMENT_TARGET) NSHumanReadableCopyright - Copyright © 2017-2021 The Commons Conservancy. All rights reserved. + Copyright © 2017-2023 The Commons Conservancy. All rights reserved. NSMainStoryboardFile Main NSPrincipalClass diff --git a/LoginItemHelper-macOS/Info.plist b/LoginItemHelper-macOS/Info.plist index 90d2b336..eacb8fe2 100644 --- a/LoginItemHelper-macOS/Info.plist +++ b/LoginItemHelper-macOS/Info.plist @@ -27,7 +27,7 @@ LSMinimumSystemVersion $(MACOSX_DEPLOYMENT_TARGET) NSHumanReadableCopyright - Copyright © 2017-2021 Commons Conservancy. + Copyright © 2017-2023 Commons Conservancy. NSMainStoryboardFile Main NSPrincipalClass diff --git a/README.md b/README.md index 2b7968b1..553eed1a 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ The app contains a [Network Tunneling Protocol Client](https://developer.apple.c ## License -Copyright (c) 2020-2021 The Commons Conservancy. All rights reserved. +Copyright (c) 2020-2023 The Commons Conservancy. All rights reserved. ### Part I diff --git a/TunnelExtension/Mac/AppExtension/Info.plist b/TunnelExtension/Mac/AppExtension/Info.plist index b5acc9b8..be52de08 100644 --- a/TunnelExtension/Mac/AppExtension/Info.plist +++ b/TunnelExtension/Mac/AppExtension/Info.plist @@ -30,6 +30,6 @@ $(PRODUCT_MODULE_NAME).PacketTunnelProvider NSHumanReadableCopyright - Copyright © 2017-2021 Commons Conservancy. + Copyright © 2017-2023 Commons Conservancy. diff --git a/TunnelExtension/iOS/Info.plist b/TunnelExtension/iOS/Info.plist index 3ac199ab..3b3dce60 100644 --- a/TunnelExtension/iOS/Info.plist +++ b/TunnelExtension/iOS/Info.plist @@ -28,6 +28,6 @@ $(PRODUCT_MODULE_NAME).PacketTunnelProvider NSHumanReadableCopyright - Copyright © 2017-2021 Commons Conservancy. + Copyright © 2017-2023 Commons Conservancy. From 99a1aed697b443c4c7014d7feb8aec0eabd6ddb9 Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Mon, 30 Jan 2023 12:38:33 +0530 Subject: [PATCH 36/37] Fix build for iOS --- Shared/Shared.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Shared/Shared.swift b/Shared/Shared.swift index c62103fc..6f4afb7d 100644 --- a/Shared/Shared.swift +++ b/Shared/Shared.swift @@ -71,9 +71,9 @@ enum ProviderConfigurationKeys: String { case wireGuardConfig // wg-quick format case tunnelKitOpenVPNProviderConfig // json format case appGroup + case password #if os(macOS) case shouldPreventAutomaticConnections // Bool as NSNumber - case password #endif } From 0f320fd55b7fafcf106f0d2d7c9346cd87058dfd Mon Sep 17 00:00:00 2001 From: Roopesh Chander Date: Wed, 15 Feb 2023 20:17:39 +0530 Subject: [PATCH 37/37] Update DEVELOPER_ID.md --- DEVELOPER_ID.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/DEVELOPER_ID.md b/DEVELOPER_ID.md index af6e0df4..cf99de0f 100644 --- a/DEVELOPER_ID.md +++ b/DEVELOPER_ID.md @@ -220,6 +220,9 @@ expires. - In the Xcode menu, choose _Product_ > _Archive_ (Ignore the popup "ad" about Xcode Cloud) - Once the archive is created, Xcode will open its Organizer window, with the created archive selected + In case you see build errors like "Missing package product", please do "File > Packages > Reset Package Caches", and + then try archiving. + 7. Create the notarized app bundle - Ensure that the created archive is selected in the Organizer window