From 332588a70514d3fd78aa7a2b89c5eb0efeb61dfd Mon Sep 17 00:00:00 2001 From: Yaroslav Yashin Date: Mon, 17 Feb 2025 14:46:20 +0100 Subject: [PATCH] Cmake related changes --- .github/workflows/deploy.yml | 81 ++++++++++ CMakeLists.txt | 12 +- client/CMakeLists.txt | 36 +++-- client/cmake/3rdparty.cmake | 12 +- client/cmake/ios.cmake | 16 +- client/cmake/macos.cmake | 2 + client/cmake/macos_ne.cmake | 158 +++++++++++++++++++ client/cmake/sources.cmake | 6 +- client/ios/networkextension/CMakeLists.txt | 16 +- client/macos/networkextension/CMakeLists.txt | 138 ++++++++++++++++ client/ui/controllers/pageController.cpp | 2 +- deploy/build_ios.sh | 2 +- deploy/build_macos_ne.sh | 123 +++++++++++++++ service/CMakeLists.txt | 2 +- 14 files changed, 580 insertions(+), 26 deletions(-) create mode 100644 client/cmake/macos_ne.cmake create mode 100644 client/macos/networkextension/CMakeLists.txt create mode 100755 deploy/build_macos_ne.sh diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 35e740b0..66052691 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -310,6 +310,87 @@ jobs: path: deploy/build/client/AmneziaVPN.app retention-days: 7 +# ------------------------------------------------------ + Build-MacOS-NE: + runs-on: macos-latest + + env: + QT_VERSION: 6.8.0 + QIF_VERSION: 4.6 + QT_MIRROR: https://mirrors.ocf.berkeley.edu/qt/ + PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }} + PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }} + DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }} + DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }} + DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }} + + steps: + - name: 'Setup Xcode' + uses: maxim-lobanov/setup-xcode@v1 + with: + xcode-version: '16.1' + + - name: 'Install desktop Qt' + uses: jurplel/install-qt-action@v3 + with: + version: ${{ env.QT_VERSION }} + host: 'mac' + target: 'desktop' + modules: 'qtremoteobjects qt5compat qtshadertools qtmultimedia qtimageformats' + arch: 'clang_64' + dir: ${{ runner.temp }} + set-env: 'true' + extra: '--base ${{ env.QT_MIRROR }}' + - name: 'Install Qt Installer Framework ${{ env.QIF_VERSION }}' + run: | + mkdir -pv ${{ runner.temp }}/Qt/Tools/QtInstallerFramework + wget https://qt.amzsvc.com/tools/ifw/${{ env.QIF_VERSION }}.zip + unzip ${{ env.QIF_VERSION }}.zip -d ${{ runner.temp }}/Qt/Tools/QtInstallerFramework/ + - name: 'Install Go' + uses: actions/setup-go@v5 + with: + go-version: '1.22.1' + cache: false + + - name: 'Get sources' + uses: actions/checkout@v4 + with: + submodules: 'true' + fetch-depth: 10 + + - name: 'Install dependencies' + run: pip install jsonschema jinja2 + + - name: 'Set execute permissions for deploy script' + run: chmod +x deploy/build_macos_ne.sh + + - name: 'Build and deploy macOS NE' + run: | + set -o pipefail + export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos/bin" + export QT_MACOS_ROOT_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos" + bash deploy/build_macos_ne.sh | \ + sed -e '/-Xcc -DPROD_AGW_PUBLIC_KEY/,/-Xcc/ { /-Xcc/!d; }' -e '/-Xcc -DPROD_AGW_PUBLIC_KEY/d' | \ + sed -e '/-Xcc -DDEV_AGW_PUBLIC_KEY/,/-Xcc/ { /-Xcc/!d; }' -e '/-Xcc -DDEV_AGW_PUBLIC_KEY/d' | \ + sed -e '/-DPROD_AGW_PUBLIC_KEY/,/-D/ { /-D/!d; }' -e '/-DPROD_AGW_PUBLIC_KEY/d' | \ + sed -e '/-DDEV_AGW_PUBLIC_KEY/,/-D/ { /-D/!d; }' -e '/-DDEV_AGW_PUBLIC_KEY/d' + + env: + MAC_TRUST_CERT_BASE64: ${{ secrets.MAC_TRUST_CERT_BASE64 }} + MAC_SIGNING_CERT_BASE64: ${{ secrets.MAC_SIGNING_CERT_BASE64 }} + MAC_SIGNING_CERT_PASSWORD: ${{ secrets.MAC_SIGNING_CERT_PASSWORD }} + MAC_APP_PROVISIONING_PROFILE: ${{ secrets.MAC_APP_PROVISIONING_PROFILE }} + MAC_NE_PROVISIONING_PROFILE: ${{ secrets.MAC_NE_PROVISIONING_PROFILE }} + APPSTORE_CONNECT_KEY_ID: ${{ secrets.APPSTORE_CONNECT_KEY_ID }} + APPSTORE_CONNECT_ISSUER_ID: ${{ secrets.APPSTORE_CONNECT_ISSUER_ID }} + APPSTORE_CONNECT_PRIVATE_KEY: ${{ secrets.APPSTORE_CONNECT_PRIVATE_KEY }} + - name: 'Upload macOS .app and dSYMs to artifacts' + uses: actions/upload-artifact@v4 + with: + name: macos app & dsyms + path: | + ${{ github.workspace }}/AmneziaVPN.app + retention-days: 7 # ------------------------------------------------------ Build-Android: diff --git a/CMakeLists.txt b/CMakeLists.txt index 4692f28f..d9412834 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -31,13 +31,19 @@ set(QT_BUILD_TOOLS_WHEN_CROSS_COMPILING ON) set(CMAKE_CXX_STANDARD 17) set(CMAKE_CXX_STANDARD_REQUIRED ON) -if(APPLE AND NOT IOS) - set(CMAKE_OSX_ARCHITECTURES "x86_64") +if(APPLE) + if(IOS) + set(CMAKE_OSX_ARCHITECTURES "arm64") + elseif(MACOS_NE) + set(CMAKE_OSX_ARCHITECTURES "arm64;x86_64") + else() + set(CMAKE_OSX_ARCHITECTURES "x86_64") + endif() endif() add_subdirectory(client) -if(NOT IOS AND NOT ANDROID) +if(NOT IOS AND NOT ANDROID AND NOT MACOS_NE) add_subdirectory(service) include(${CMAKE_SOURCE_DIR}/deploy/installer/config.cmake) diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt index b3f775a0..28d0d17d 100644 --- a/client/CMakeLists.txt +++ b/client/CMakeLists.txt @@ -3,7 +3,6 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR) set(PROJECT AmneziaVPN) project(${PROJECT}) - set_property(GLOBAL PROPERTY USE_FOLDERS ON) set_property(GLOBAL PROPERTY AUTOGEN_TARGETS_FOLDER "Autogen") set_property(GLOBAL PROPERTY AUTOMOC_TARGETS_FOLDER "Autogen") @@ -31,7 +30,10 @@ add_definitions(-DDEV_AGW_PUBLIC_KEY="$ENV{DEV_AGW_PUBLIC_KEY}") add_definitions(-DDEV_AGW_ENDPOINT="$ENV{DEV_AGW_ENDPOINT}") add_definitions(-DDEV_S3_ENDPOINT="$ENV{DEV_S3_ENDPOINT}") -if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) +add_definitions(-DPROD_PROXY_STORAGE_KEY="$ENV{PROD_PROXY_STORAGE_KEY}") + +add_definitions(-DPROD_PROXY_STORAGE_KEY="$ENV{PROD_PROXY_STORAGE_KEY}") +if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID)) set(PACKAGES ${PACKAGES} Widgets) endif() @@ -44,14 +46,14 @@ set(LIBS ${LIBS} Qt6::Core5Compat Qt6::Concurrent ) -if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) +if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID)) set(LIBS ${LIBS} Qt6::Widgets) endif() qt_standard_project_setup() qt_add_executable(${PROJECT} MANUAL_FINALIZATION) -if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) +if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID)) qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_interface.rep) qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_interface.rep) qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_tun2socks.rep) @@ -107,6 +109,15 @@ include_directories( ${CMAKE_CURRENT_BINARY_DIR} ) +if(MACOS_NE) + message("MACOS_NE is ON") + add_definitions(-DQ_OS_MAC) + add_definitions(-DMACOS_NE) + message("Add macros for MacOS Network Extension") +else() + message("MACOS_NE is OFF") +endif() + include_directories(mozilla) include_directories(mozilla/shared) include_directories(mozilla/models) @@ -136,7 +147,7 @@ if(WIN32) endif() if(APPLE) - cmake_policy(SET CMP0099 OLD) + cmake_policy(SET CMP0099 NEW) cmake_policy(SET CMP0114 NEW) if(NOT BUILD_OSX_APP_IDENTIFIER) @@ -155,7 +166,6 @@ if(APPLE) set(CMAKE_XCODE_GENERATE_SCHEME FALSE) set(CMAKE_XCODE_ATTRIBUTE_DEVELOPMENT_TEAM ${BUILD_VPN_DEVELOPMENT_TEAM}) set(CMAKE_XCODE_ATTRIBUTE_GROUP_ID_IOS ${BUILD_IOS_GROUP_IDENTIFIER}) - endif() if(LINUX AND NOT ANDROID) @@ -163,8 +173,7 @@ if(LINUX AND NOT ANDROID) link_directories(${CMAKE_CURRENT_LIST_DIR}/platforms/linux) endif() -if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) - message("Client desktop build") +if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID)) add_compile_definitions(AMNEZIA_DESKTOP) endif() @@ -175,7 +184,9 @@ endif() if(IOS) include(cmake/ios.cmake) include(cmake/ios-arch-fixup.cmake) -elseif(APPLE AND NOT IOS) +elseif(APPLE AND MACOS_NE) + include(cmake/macos_ne.cmake) +elseif(APPLE) include(cmake/osxtools.cmake) include(cmake/macos.cmake) endif() @@ -196,7 +207,7 @@ elseif(APPLE AND NOT IOS) set(DEPLOY_PLATFORM_PATH "macos") endif() -if(NOT IOS AND NOT ANDROID) +if(NOT IOS AND NOT ANDROID AND NOT MACOS_NE) add_custom_command( TARGET ${PROJECT} POST_BUILD COMMAND ${CMAKE_COMMAND} -E $,copy_directory,true> @@ -211,8 +222,11 @@ if(NOT IOS AND NOT ANDROID) $ COMMAND_EXPAND_LISTS ) - endif() target_sources(${PROJECT} PRIVATE ${SOURCES} ${HEADERS} ${RESOURCES} ${QRC} ${I18NQRC}) qt_finalize_target(${PROJECT}) + +if(APPLE) + set_target_properties(${PROJECT} PROPERTIES XCODE_ATTRIBUTE_OTHER_CODE_SIGN_FLAGS "--deep") +endif() diff --git a/client/cmake/3rdparty.cmake b/client/cmake/3rdparty.cmake index 2b5036c5..6c372614 100644 --- a/client/cmake/3rdparty.cmake +++ b/client/cmake/3rdparty.cmake @@ -27,9 +27,15 @@ if(WIN32) set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/windows/win32/libcrypto.lib") endif() elseif(APPLE AND NOT IOS) - set(LIBSSH_LIB_PATH "${LIBSSH_ROOT_DIR}/macos/x86_64/libssh.a") - set(ZLIB_LIB_PATH "${LIBSSH_ROOT_DIR}/macos/x86_64/libz.a") - set(LIBSSH_INCLUDE_DIR "${LIBSSH_ROOT_DIR}/macos/x86_64") + if(MACOS_NE) + set(LIBSSH_LIB_PATH "${LIBSSH_ROOT_DIR}/macos/universal2/libssh.a") + set(ZLIB_LIB_PATH "${LIBSSH_ROOT_DIR}/macos/universal2/libz.a") + set(LIBSSH_INCLUDE_DIR "${LIBSSH_ROOT_DIR}/macos/universal2") + else() + set(LIBSSH_LIB_PATH "${LIBSSH_ROOT_DIR}/macos/x86_64/libssh.a") + set(ZLIB_LIB_PATH "${LIBSSH_ROOT_DIR}/macos/x86_64/libz.a") + set(LIBSSH_INCLUDE_DIR "${LIBSSH_ROOT_DIR}/macos/x86_64") + endif() set(OPENSSL_INCLUDE_DIR "${OPENSSL_ROOT_DIR}/macos/include") set(OPENSSL_LIB_SSL_PATH "${OPENSSL_ROOT_DIR}/macos/lib/libssl.a") set(OPENSSL_LIB_CRYPTO_PATH "${OPENSSL_ROOT_DIR}/macos/lib/libcrypto.a") diff --git a/client/cmake/ios.cmake b/client/cmake/ios.cmake index 58192237..cb66924f 100644 --- a/client/cmake/ios.cmake +++ b/client/cmake/ios.cmake @@ -76,8 +76,22 @@ set_target_properties(${PROJECT} PROPERTIES XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/Frameworks" XCODE_EMBED_APP_EXTENSIONS networkextension - XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic ) + +if(DEFINED DEPLOY) + set_target_properties(${PROJECT} PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution" + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development" + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "match AppStore org.amnezia.AmneziaVPN" + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "match Development org.amnezia.AmneziaVPN" + ) +else() + set_target_properties(${PROJECT} PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic + ) +endif() + set_target_properties(${PROJECT} PROPERTIES XCODE_ATTRIBUTE_SWIFT_VERSION "5.0" XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES" diff --git a/client/cmake/macos.cmake b/client/cmake/macos.cmake index 7b7cd381..3cf605ae 100644 --- a/client/cmake/macos.cmake +++ b/client/cmake/macos.cmake @@ -31,6 +31,8 @@ set(SOURCES ${SOURCES} ${CMAKE_CURRENT_SOURCE_DIR}/ui/macos_util.mm ) + + set(ICON_FILE ${CMAKE_CURRENT_SOURCE_DIR}/images/app.icns) set(MACOSX_BUNDLE_ICON_FILE app.icns) set_source_files_properties(${ICON_FILE} PROPERTIES MACOSX_PACKAGE_LOCATION Resources) diff --git a/client/cmake/macos_ne.cmake b/client/cmake/macos_ne.cmake new file mode 100644 index 00000000..74458165 --- /dev/null +++ b/client/cmake/macos_ne.cmake @@ -0,0 +1,158 @@ +message("Client ==> MacOS NE build") + +set_target_properties(${PROJECT} PROPERTIES MACOSX_BUNDLE TRUE) +set(CMAKE_OSX_DEPLOYMENT_TARGET 10.15) + +set(APPLE_PROJECT_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH}) + +enable_language(OBJC) +enable_language(Swift) + +find_package(Qt6 REQUIRED COMPONENTS ShaderTools) +set(LIBS ${LIBS} Qt6::ShaderTools) + +find_library(FW_AUTHENTICATIONSERVICES AuthenticationServices) +find_library(FW_AVFOUNDATION AVFoundation) +find_library(FW_FOUNDATION Foundation) +find_library(FW_STOREKIT StoreKit) +find_library(FW_USERNOTIFICATIONS UserNotifications) +find_library(FW_NETWORKEXTENSION NetworkExtension) + +set(LIBS ${LIBS} + ${FW_AUTHENTICATIONSERVICES} + ${FW_AVFOUNDATION} + ${FW_FOUNDATION} + ${FW_STOREKIT} + ${FW_USERNOTIFICATIONS} + ${FW_NETWORKEXTENSION} +) + + +set(HEADERS ${HEADERS} + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.h + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller_wrapper.h + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosnotificationhandler.h + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate.h + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate-C-Interface.h +) +set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.h PROPERTIES OBJECTIVE_CPP_HEADER TRUE) + + +set(SOURCES ${SOURCES} + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller.mm + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/ios_controller_wrapper.mm + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosnotificationhandler.mm + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/iosglue.mm + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QRCodeReaderBase.mm + ${CMAKE_CURRENT_SOURCE_DIR}/platforms/ios/QtAppDelegate.mm +) + +set(ICON_FILE ${CMAKE_CURRENT_SOURCE_DIR}/images/app.icns) +set(MACOSX_BUNDLE_ICON_FILE app.icns) +set_source_files_properties(${ICON_FILE} PROPERTIES MACOSX_PACKAGE_LOCATION Resources) +set(SOURCES ${SOURCES} ${ICON_FILE}) + + +target_include_directories(${PROJECT} PRIVATE ${Qt6Gui_PRIVATE_INCLUDE_DIRS}) + + +set_target_properties(${PROJECT} PROPERTIES + XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION + MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Info.plist.in + MACOSX_BUNDLE_ICON_FILE "AppIcon" + MACOSX_BUNDLE_INFO_STRING "AmneziaVPN" + MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPN" + MACOSX_BUNDLE_BUNDLE_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}" + MACOSX_BUNDLE_LONG_VERSION_STRING "${APPLE_PROJECT_VERSION}-${CMAKE_PROJECT_VERSION_TWEAK}" + MACOSX_BUNDLE_SHORT_VERSION_STRING "${APPLE_PROJECT_VERSION}" + XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}" + XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS "${CMAKE_CURRENT_SOURCE_DIR}/macos/app/app.entitlements" + XCODE_ATTRIBUTE_MARKETING_VERSION "${APPLE_PROJECT_VERSION}" + XCODE_ATTRIBUTE_CURRENT_PROJECT_VERSION "${CMAKE_PROJECT_VERSION_TWEAK}" + XCODE_ATTRIBUTE_PRODUCT_NAME "AmneziaVPN" + XCODE_ATTRIBUTE_BUNDLE_INFO_STRING "AmneziaVPN" + XCODE_GENERATE_SCHEME TRUE + XCODE_ATTRIBUTE_ENABLE_BITCODE "NO" + XCODE_ATTRIBUTE_ASSETCATALOG_COMPILER_APPICON_NAME "AppIcon" + XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2" + XCODE_EMBED_FRAMEWORKS_CODE_SIGN_ON_COPY "NO" + XCODE_EMBED_FRAMEWORKS_REMOVE_HEADERS_ON_COPY "YES" + XCODE_ATTRIBUTE_MACOSX_DEPLOYMENT_TARGET "11.0" + + XCODE_LINK_BUILD_PHASE_MODE KNOWN_LOCATION + XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../Frameworks" + XCODE_EMBED_APP_EXTENSIONS networkextension +) + +if(DEPLOY) + set_target_properties(${PROJECT} PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution" + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development" + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "org.amnezia.AmneziaVPN-macOS-NE" + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "org.amnezia.AmneziaVPN-macOS-NE" + ) +else() + set_target_properties(${PROJECT} PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic + ) +endif() + +set_target_properties(${PROJECT} PROPERTIES + XCODE_ATTRIBUTE_SWIFT_VERSION "5.0" + XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES" + XCODE_ATTRIBUTE_SWIFT_PRECOMPILE_BRIDGING_HEADER "NO" + XCODE_ATTRIBUTE_SWIFT_OBJC_INTERFACE_HEADER_NAME "AmneziaVPN-Swift.h" + XCODE_ATTRIBUTE_SWIFT_OBJC_INTEROP_MODE "objcxx" +) +set_target_properties(${PROJECT} PROPERTIES + XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK" +) +target_include_directories(${PROJECT} PRIVATE ${CMAKE_CURRENT_LIST_DIR}) +target_compile_options(${PROJECT} PRIVATE + -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\" + -DVPN_NE_BUNDLEID=\"${BUILD_IOS_APP_IDENTIFIER}.network-extension\" +) + +set(WG_APPLE_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/3rd/amneziawg-apple/Sources) + +target_sources(${PROJECT} PRIVATE + ${WG_APPLE_SOURCE_DIR}/WireGuardKitC/x25519.c + ${CLIENT_ROOT_DIR}/platforms/ios/LogController.swift + ${CLIENT_ROOT_DIR}/platforms/ios/Log.swift + ${CLIENT_ROOT_DIR}/platforms/ios/LogRecord.swift + ${CLIENT_ROOT_DIR}/platforms/ios/ScreenProtection.swift + ${CLIENT_ROOT_DIR}/platforms/ios/VPNCController.swift +) + +target_sources(${PROJECT} PRIVATE + ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Images.xcassets + ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/PrivacyInfo.xcprivacy +) + +set_property(TARGET ${PROJECT} APPEND PROPERTY RESOURCE + ${CMAKE_CURRENT_SOURCE_DIR}/macos/app/Images.xcassets + ${CMAKE_CURRENT_SOURCE_DIR}/ios/app/PrivacyInfo.xcprivacy +) + +add_subdirectory(macos/networkextension) +add_dependencies(${PROJECT} networkextension) + +get_target_property(QtCore_location Qt6::Core LOCATION) +message("QtCore_location") +message(${QtCore_location}) + +get_filename_component(QT_BIN_DIR_DETECTED "${QtCore_location}/../../../../../bin" ABSOLUTE) + +set_property(TARGET ${PROJECT} PROPERTY XCODE_EMBED_FRAMEWORKS + "${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/apple/OpenVPNAdapter-macos/OpenVPNAdapter.framework" +) + +set(CMAKE_XCODE_ATTRIBUTE_FRAMEWORK_SEARCH_PATHS ${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/apple/OpenVPNAdapter-macos) +target_link_libraries("networkextension" PRIVATE "${CMAKE_CURRENT_SOURCE_DIR}/3rd-prebuilt/3rd-prebuilt/openvpn/apple/OpenVPNAdapter-macos/OpenVPNAdapter.framework") + +add_custom_command(TARGET ${PROJECT} POST_BUILD + COMMAND ${CMAKE_COMMAND} -E make_directory + $/Contents/Frameworks + COMMAND ${QT_BIN_DIR_DETECTED}/macdeployqt $ -appstore-compliant -qmldir=${CMAKE_CURRENT_SOURCE_DIR} +) diff --git a/client/cmake/sources.cmake b/client/cmake/sources.cmake index c3af531a..02e0498f 100644 --- a/client/cmake/sources.cmake +++ b/client/cmake/sources.cmake @@ -39,7 +39,7 @@ set(HEADERS ${HEADERS} ${CLIENT_ROOT_DIR}/mozilla/localsocketcontroller.h ) -if(NOT IOS) +if(NOT IOS AND NOT MACOS_NE) set(HEADERS ${HEADERS} ${CLIENT_ROOT_DIR}/platforms/ios/QRCodeReaderBase.h ) @@ -89,7 +89,7 @@ set(SOURCES ${SOURCES} ${CLIENT_ROOT_DIR}/mozilla/localsocketcontroller.cpp ) -if(NOT IOS) +if(NOT IOS AND NOT MACOS_NE) set(SOURCES ${SOURCES} ${CLIENT_ROOT_DIR}/platforms/ios/QRCodeReaderBase.cpp ) @@ -161,7 +161,7 @@ if(WIN32) ) endif() -if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID)) +if(WIN32 OR (APPLE AND NOT IOS AND NOT MACOS_NE) OR (LINUX AND NOT ANDROID)) message("Client desktop build") add_compile_definitions(AMNEZIA_DESKTOP) diff --git a/client/ios/networkextension/CMakeLists.txt b/client/ios/networkextension/CMakeLists.txt index dde03b3b..329bf3bc 100644 --- a/client/ios/networkextension/CMakeLists.txt +++ b/client/ios/networkextension/CMakeLists.txt @@ -26,10 +26,22 @@ set_target_properties(networkextension PROPERTIES XCODE_ATTRIBUTE_TARGETED_DEVICE_FAMILY "1,2" XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../../Frameworks" - - XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic ) +if(DEPLOY) + set_target_properties(networkextension PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution" + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development" + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "match AppStore org.amnezia.AmneziaVPN.network-extension" + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "match Development org.amnezia.AmneziaVPN.network-extension" + ) +else() + set_target_properties(networkextension PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic + ) +endif() + set_target_properties(networkextension PROPERTIES XCODE_ATTRIBUTE_SWIFT_VERSION "5.0" XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES" diff --git a/client/macos/networkextension/CMakeLists.txt b/client/macos/networkextension/CMakeLists.txt new file mode 100644 index 00000000..6375dbfc --- /dev/null +++ b/client/macos/networkextension/CMakeLists.txt @@ -0,0 +1,138 @@ +enable_language(Swift) +message("Client message >> macos build >> networkextension") +set(CLIENT_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/../..) + +add_executable(networkextension) + +message("executable_path is: @executable_path/../../Frameworks") +set_target_properties(networkextension PROPERTIES + XCODE_PRODUCT_TYPE com.apple.product-type.app-extension + BUNDLE_EXTENSION appex + + MACOSX_BUNDLE_SHORT_VERSION_STRING "${APPLE_PROJECT_VERSION}" + MACOSX_BUNDLE_INFO_STRING "AmneziaVPNNetworkExtension" + MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPNNetworkExtension" + XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}.network-extension" + XCODE_ATTRIBUTE_PRODUCT_BUNDLE_NAME "${BUILD_IOS_APP_IDENTIFIER}.network-extension" + XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS ${CMAKE_CURRENT_SOURCE_DIR}/AmneziaVPNNetworkExtension.entitlements + XCODE_ATTRIBUTE_MARKETING_VERSION "${APP_MAJOR_VERSION}" + XCODE_ATTRIBUTE_CURRENT_PROJECT_VERSION "${BUILD_ID}" + XCODE_ATTRIBUTE_PRODUCT_NAME "AmneziaVPNNetworkExtension" + + XCODE_ATTRIBUTE_APPLICATION_EXTENSION_API_ONLY "YES" + XCODE_ATTRIBUTE_ENABLE_BITCODE "NO" + XCODE_ATTRIBUTE_MACOSX_DEPLOYMENT_TARGET "11.0" + + XCODE_ATTRIBUTE_INFOPLIST_FILE ${CMAKE_CURRENT_SOURCE_DIR}/Info.plist.in + XCODE_ATTRIBUTE_LD_RUNPATH_SEARCH_PATHS "@executable_path/../../../../Frameworks @loader_path/../../../../Frameworks" +) + +if(DEPLOY) + message("DEPLOY is ON") + set_target_properties(networkextension PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY "Apple Distribution" + XCODE_ATTRIBUTE_CODE_SIGN_IDENTITY[variant=Debug] "Apple Development" + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Manual + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER "org.amnezia.AmneziaVPN.macOS-NE.network-extension" + XCODE_ATTRIBUTE_PROVISIONING_PROFILE_SPECIFIER[variant=Debug] "org.amnezia.AmneziaVPN.macOS-NE.network-extension" + ) +else() + set_target_properties(networkextension PROPERTIES + XCODE_ATTRIBUTE_CODE_SIGN_STYLE Automatic + ) +endif() + +set_target_properties(networkextension PROPERTIES + XCODE_ATTRIBUTE_SWIFT_VERSION "5.0" + XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES" + XCODE_ATTRIBUTE_SWIFT_OBJC_BRIDGING_HEADER "${CMAKE_CURRENT_SOURCE_DIR}/WireGuardNetworkExtension-Bridging-Header.h" + XCODE_ATTRIBUTE_SWIFT_OPTIMIZATION_LEVEL "-Onone" + XCODE_ATTRIBUTE_SWIFT_PRECOMPILE_BRIDGING_HEADER "NO" +) + +set_target_properties("networkextension" PROPERTIES + XCODE_ATTRIBUTE_DEVELOPMENT_TEAM "X7UJ388FXK" +) + +find_library(FW_ASSETS_LIBRARY AssetsLibrary) +find_library(FW_MOBILE_CORE MobileCoreServices) +find_library(FW_UI_KIT UIKit) +find_library(FW_LIBRESOLV libresolv.9.tbd) + + +# Set the root directory +set(CLIENT_ROOT_DIR ${CMAKE_CURRENT_LIST_DIR}/../..) + +target_link_libraries(networkextension PRIVATE ${FW_LIBRESOLV}) + +target_compile_options(networkextension PRIVATE -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\") +target_compile_options(networkextension PRIVATE -DNETWORK_EXTENSION=1) + +set(WG_APPLE_SOURCE_DIR ${CLIENT_ROOT_DIR}/3rd/amneziawg-apple/Sources) + +message("WG_APPLE_SOURCE_DIR is: ${WG_APPLE_SOURCE_DIR}") +message("CLIENT_ROOT_DIR is: ${CLIENT_ROOT_DIR}") + +target_sources(networkextension PRIVATE + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/WireGuardAdapter.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PacketTunnelSettingsGenerator.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/DNSResolver.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardNetworkExtension/ErrorNotifier.swift + ${WG_APPLE_SOURCE_DIR}/Shared/Keychain.swift + ${WG_APPLE_SOURCE_DIR}/Shared/Model/TunnelConfiguration+WgQuickConfig.swift + ${WG_APPLE_SOURCE_DIR}/Shared/Model/NETunnelProviderProtocol+Extension.swift + ${WG_APPLE_SOURCE_DIR}/Shared/Model/String+ArrayConversion.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/TunnelConfiguration.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/IPAddressRange.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/Endpoint.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/DNSServer.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/InterfaceConfiguration.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PeerConfiguration.swift + ${WG_APPLE_SOURCE_DIR}/Shared/FileManager+Extension.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKitC/x25519.c + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/Array+ConcurrentMap.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/IPAddress+AddrInfo.swift + ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PrivateKey.swift + ${CLIENT_ROOT_DIR}/platforms/ios/HevSocksTunnel.swift + ${CLIENT_ROOT_DIR}/platforms/ios/NELogController.swift + ${CLIENT_ROOT_DIR}/platforms/ios/Log.swift + ${CLIENT_ROOT_DIR}/platforms/ios/LogRecord.swift + ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider.swift + ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+WireGuard.swift + ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+OpenVPN.swift + ${CLIENT_ROOT_DIR}/platforms/ios/PacketTunnelProvider+Xray.swift + ${CLIENT_ROOT_DIR}/platforms/ios/WGConfig.swift + ${CLIENT_ROOT_DIR}/platforms/ios/iosglue.mm + ${CLIENT_ROOT_DIR}/platforms/ios/XrayConfig.swift +) + +target_sources(networkextension PRIVATE + ${CMAKE_CURRENT_SOURCE_DIR}/PrivacyInfo.xcprivacy +) + +set_property(TARGET networkextension APPEND PROPERTY RESOURCE + ${CMAKE_CURRENT_SOURCE_DIR}/PrivacyInfo.xcprivacy +) + +## Build wireguard-go-version.h +execute_process( + COMMAND go list -m golang.zx2c4.com/wireguard + WORKING_DIRECTORY ${CLIENT_ROOT_DIR}/3rd/wireguard-apple/Sources/WireGuardKitGo + OUTPUT_VARIABLE WG_VERSION_FULL +) +string(REGEX REPLACE ".*v\([0-9.]*\).*" "\\1" WG_VERSION_STRING 1.1.1) +configure_file(${CMAKE_CURRENT_SOURCE_DIR}/wireguard-go-version.h.in + ${CMAKE_CURRENT_BINARY_DIR}/wireguard-go-version.h) +target_sources(networkextension PRIVATE + ${CMAKE_CURRENT_BINARY_DIR}/wireguard-go-version.h) + +target_include_directories(networkextension PRIVATE ${CLIENT_ROOT_DIR}) +target_include_directories(networkextension PRIVATE ${CMAKE_CURRENT_BINARY_DIR}) + +target_link_libraries(networkextension PRIVATE ${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/wireguard/macos/universal2/libwg-go.a) + +message(${CLIENT_ROOT_DIR}) +message(${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/xray/HevSocks5Tunnel.xcframework/macos-arm64_x86_64/libhev-socks5-tunnel.a) +target_link_libraries(networkextension PRIVATE ${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/xray/HevSocks5Tunnel.xcframework/macos-arm64_x86_64/libhev-socks5-tunnel.a) + +target_include_directories(networkextension PRIVATE ${CLIENT_ROOT_DIR}/3rd-prebuilt/3rd-prebuilt/xray/HevSocks5Tunnel.xcframework/macos-arm64_x86_64/Headers) diff --git a/client/ui/controllers/pageController.cpp b/client/ui/controllers/pageController.cpp index d515df49..12dc5e01 100644 --- a/client/ui/controllers/pageController.cpp +++ b/client/ui/controllers/pageController.cpp @@ -24,7 +24,7 @@ PageController::PageController(const QSharedPointer &serversModel, AndroidController::instance()->setNavigationBarColor(initialPageNavigationBarColor); #endif -#if defined Q_OS_MACX +#if defined Q_OS_MACX and !defined MACOS_NE connect(this, &PageController::raiseMainWindow, []() { setDockIconVisible(true); }); connect(this, &PageController::hideMainWindow, []() { setDockIconVisible(false); }); #endif diff --git a/deploy/build_ios.sh b/deploy/build_ios.sh index 5dc11ff1..7619e146 100755 --- a/deploy/build_ios.sh +++ b/deploy/build_ios.sh @@ -32,7 +32,7 @@ cmake --version clang -v # Generate XCodeProj -$QT_BIN_DIR/qt-cmake . -B $BUILD_DIR -GXcode -DQT_HOST_PATH=$QT_MACOS_ROOT_DIR +$QT_BIN_DIR/qt-cmake . -B $BUILD_DIR -GXcode -DQT_HOST_PATH=$QT_MACOS_ROOT_DIR -DDEPLOY=ON KEYCHAIN=amnezia.build.ios.keychain KEYCHAIN_FILE=$HOME/Library/Keychains/${KEYCHAIN}-db diff --git a/deploy/build_macos_ne.sh b/deploy/build_macos_ne.sh new file mode 100755 index 00000000..e42949b2 --- /dev/null +++ b/deploy/build_macos_ne.sh @@ -0,0 +1,123 @@ +#!/bin/bash +echo "Build script for macOS Network Extension started ..." + +set -o errexit -o nounset + +while getopts n flag +do + case "${flag}" in + n) NOTARIZE_APP=1;; + esac +done + +# Hold on to current directory +PROJECT_DIR=$(pwd) +DEPLOY_DIR=$PROJECT_DIR/deploy + +mkdir -p $DEPLOY_DIR/build-macos +BUILD_DIR=$DEPLOY_DIR/build-macos + +echo "Project dir: ${PROJECT_DIR}" +echo "Build dir: ${BUILD_DIR}" + +APP_NAME=AmneziaVPN +APP_FILENAME=$APP_NAME.app +APP_DOMAIN=org.amneziavpn.package +PLIST_NAME=$APP_NAME.plist + +OUT_APP_DIR=$BUILD_DIR/client +BUNDLE_DIR=$OUT_APP_DIR/$APP_FILENAME + +PREBUILT_DEPLOY_DATA_DIR=$PROJECT_DIR/deploy/data/deploy-prebuilt/macos +DEPLOY_DATA_DIR=$PROJECT_DIR/deploy/data/macos + +INSTALLER_DATA_DIR=$BUILD_DIR/installer/packages/$APP_DOMAIN/data +INSTALLER_BUNDLE_DIR=$BUILD_DIR/installer/$APP_FILENAME +DMG_FILENAME=$PROJECT_DIR/${APP_NAME}.dmg + +echo "Import certificate" + +TRUST_CERT_CER=$BUILD_DIR/trust-cert.cer +SIGNING_CERT_P12=$BUILD_DIR/signing-cert.p12 + +echo $MAC_TRUST_CERT_BASE64 | base64 --decode > $TRUST_CERT_CER +echo $MAC_SIGNING_CERT_BASE64 | base64 --decode > $SIGNING_CERT_P12 + +shasum -a 256 $TRUST_CERT_CER +shasum -a 256 $SIGNING_CERT_P12 +KEYCHAIN_PASS=$MAC_SIGNING_CERT_PASSWORD + +# Keychain setup +KEYCHAIN=amnezia.build.macos.keychain +TEMP_PASS=tmp_pass +KEYCHAIN_FILE=$HOME/Library/Keychains/$KEYCHAIN-db + +security create-keychain -p $TEMP_PASS $KEYCHAIN || true +security default-keychain -s $KEYCHAIN +security unlock-keychain -p $TEMP_PASS $KEYCHAIN + +security default-keychain +security list-keychains + +# Import certificates into keychain +security import $TRUST_CERT_CER -k $KEYCHAIN -P "" -T /usr/bin/codesign || true +security import $SIGNING_CERT_P12 -k $KEYCHAIN -P $MAC_SIGNING_CERT_PASSWORD -T /usr/bin/codesign || true + +# Configure keychain settings +security set-key-partition-list -S apple-tool:,apple: -k $TEMP_PASS $KEYCHAIN +security find-identity -p codesigning + +# Setup provisioning profiles for main app and NE +echo "Setting up provisioning profiles..." + +# Copy provisioning prifiles +mkdir -p "$HOME/Library/MobileDevice/Provisioning Profiles/" + +echo $MAC_APP_PROVISIONING_PROFILE | base64 --decode > ~/Library/MobileDevice/Provisioning\ Profiles/app.mobileprovision +echo $MAC_NE_PROVISIONING_PROFILE | base64 --decode > ~/Library/MobileDevice/Provisioning\ Profiles/ne.mobileprovision + +shasum -a 256 ~/Library/MobileDevice/Provisioning\ Profiles/app.mobileprovision +shasum -a 256 ~/Library/MobileDevice/Provisioning\ Profiles/ne.mobileprovision + +profile_uuid=`grep UUID -A1 -a ~/Library/MobileDevice/Provisioning\ Profiles/app.mobileprovision | grep -io "[-A-F0-9]\{36\}"` +echo $profile_uuid +profile_ne_uuid=`grep UUID -A1 -a ~/Library/MobileDevice/Provisioning\ Profiles/ne.mobileprovision | grep -io "[-A-F0-9]\{36\}"` +echo $profile_ne_uuid + +mv ~/Library/MobileDevice/Provisioning\ Profiles/app.mobileprovision ~/Library/MobileDevice/Provisioning\ Profiles/$profile_uuid.mobileprovision +mv ~/Library/MobileDevice/Provisioning\ Profiles/ne.mobileprovision ~/Library/MobileDevice/Provisioning\ Profiles/$profile_ne_uuid.mobileprovision + +# setup environment +QT_MACOS_BIN=$QT_BIN_DIR +export PATH=$PATH:~/go/bin +echo "QT_BIN_DIR: $QT_BIN_DIR" + + +# Build the Network Extension app +echo "Building MAC Network Extension App..." +mkdir -p build-macos + +$QT_MACOS_BIN/qt-cmake . -B build-macos -GXcode -DQT_HOST_PATH=$QT_MACOS_ROOT_DIR -DMACOS_NE=TRUE -DCMAKE_BUILD_TYPE=Release -DDEPLOY=ON + +# Build and run tests here + +echo "____________________________________" +echo "............Deploying..............." +echo "____________________________________" +echo "Deploying MAC Network Extension App..." + +echo "xcode build" +xcodebuild \ +"OTHER_CODE_SIGN_FLAGS=--keychain '$KEYCHAIN_FILE'" \ +OTHER_CODE_SIGN_FLAGS=--deep \ +-configuration Release \ +-scheme AmneziaVPN \ +-destination "platform=macOS" \ +-project $PROJECT_DIR/build-macos/AmneziaVPN.xcodeproj + + +# Restore keychain to default +echo "Restoring default keychain..." +security default-keychain -s "/Users/runner/Library/Keychains/login.keychain-db" + +echo "Build and signing process completed successfully!" \ No newline at end of file diff --git a/service/CMakeLists.txt b/service/CMakeLists.txt index f05dbb23..02a21631 100644 --- a/service/CMakeLists.txt +++ b/service/CMakeLists.txt @@ -6,6 +6,6 @@ project(${PROJECT}) set(CMAKE_CXX_STANDARD 20) set(CMAKE_CXX_STANDARD_REQUIRED ON) -if(NOT IOS AND NOT ANDROID) +if(NOT IOS AND NOT ANDROID AND NOT MACOS_NE) add_subdirectory(server) endif()