Adding network extenstionn, fixing cmake.

Botan cmake changes, cmake APPLE/IOS fixes, wireguard added, Currently removed openvpn implementation, once wireguard is stable then will add openVPN framework.
Current progress is it is generating xcode project using
mkdir build-ios
/Users/shahzainali/Qt/6.4.1/ios/bin/qt-cmake . -B build-ios -GXcode
Need to select team only for Network extension only. select AmneizaVPN to run.
current issue is related to Botan.

client/ios/networkextension/CMakeLists.txt

@@ -0,0 +1,105 @@
+enable_language(Swift)
+
+add_executable(networkextension)
+set_target_properties(networkextension PROPERTIES
+    OUTPUT_NAME "AmneziaVPNNetworkExtension"
+    XCODE_PRODUCT_TYPE com.apple.product-type.app-extension
+    BUNDLE_EXTENSION appex
+    MACOSX_BUNDLE ON
+    MACOSX_BUNDLE_INFO_PLIST ${CMAKE_CURRENT_SOURCE_DIR}/Info.plist.in
+    MACOSX_BUNDLE_BUNDLE_NAME "AmneziaVPNNetworkExtension"
+    MACOSX_BUNDLE_BUNDLE_VERSION "${BUILD_ID}"
+    MACOSX_BUNDLE_COPYRIGHT "MPL-2.0"
+    MACOSX_BUNDLE_GUI_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}.network-extension"
+    MACOSX_BUNDLE_INFO_STRING "MozillaVPNNetworkExtension"
+    MACOSX_BUNDLE_LONG_VERSION_STRING "${CMAKE_PROJECT_VERSION}-${BUILD_ID}"
+    MACOSX_BUNDLE_SHORT_VERSION_STRING "${CMAKE_PROJECT_VERSION}"
+    XCODE_ATTRIBUTE_PRODUCT_BUNDLE_IDENTIFIER "${BUILD_IOS_APP_IDENTIFIER}.network-extension"
+    XCODE_ATTRIBUTE_SWIFT_VERSION "5.0"
+    XCODE_ATTRIBUTE_CLANG_ENABLE_MODULES "YES"
+    XCODE_ATTRIBUTE_SWIFT_OBJC_BRIDGING_HEADER "${CMAKE_CURRENT_SOURCE_DIR}/WireGuardNetworkExtension-Bridging-Header.h"
+    XCODE_ATTRIBUTE_SWIFT_PRECOMPILE_BRIDGING_HEADER "NO"
+    XCODE_ATTRIBUTE_APPLICATION_EXTENSION_API_ONLY "YES"
+    XCODE_ATTRIBUTE_ENABLE_BITCODE "NO"
+    XCODE_ATTRIBUTE_CODE_SIGN_ENTITLEMENTS ${CMAKE_CURRENT_SOURCE_DIR}/AmneziaVPNNetworkExtension.entitlements
+)
+
+find_library(FW_ASSETS_LIBRARY AssetsLibrary)
+find_library(FW_MOBILE_CORE MobileCoreServices)
+find_library(FW_UI_KIT UIKit)
+
+target_link_libraries(networkextension PRIVATE ${FW_ASSETS_LIBRARY})
+target_link_libraries(networkextension PRIVATE ${FW_MOBILE_CORE})
+target_link_libraries(networkextension PRIVATE ${FW_UI_KIT})
+
+target_compile_options(networkextension PRIVATE -DGROUP_ID=\"${BUILD_IOS_GROUP_IDENTIFIER}\")
+target_compile_options(networkextension PRIVATE -DNETWORK_EXTENSION=1)
+
+set(WG_APPLE_SOURCE_DIR ${CMAKE_SOURCE_DIR}/3rd/wireguard-apple/Sources)
+
+target_sources(networkextension PRIVATE
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/WireGuardAdapter.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PacketTunnelSettingsGenerator.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/DNSResolver.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardNetworkExtension/ErrorNotifier.swift
+    ${WG_APPLE_SOURCE_DIR}/Shared/Keychain.swift
+    ${WG_APPLE_SOURCE_DIR}/Shared/Model/TunnelConfiguration+WgQuickConfig.swift
+    ${WG_APPLE_SOURCE_DIR}/Shared/Model/NETunnelProviderProtocol+Extension.swift
+    ${WG_APPLE_SOURCE_DIR}/Shared/Model/String+ArrayConversion.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/TunnelConfiguration.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/IPAddressRange.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/Endpoint.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/DNSServer.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/InterfaceConfiguration.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PeerConfiguration.swift
+    ${WG_APPLE_SOURCE_DIR}/Shared/FileManager+Extension.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKitC/x25519.c
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/Array+ConcurrentMap.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/IPAddress+AddrInfo.swift
+    ${WG_APPLE_SOURCE_DIR}/WireGuardKit/PrivateKey.swift
+    ${CMAKE_SOURCE_DIR}/platforms/ios/iostunnel.swift
+    ${CMAKE_SOURCE_DIR}/platforms/ios/iosglue.mm
+    ${CMAKE_SOURCE_DIR}/platforms/ios/ioslogger.swift
+)
+
+## Build wireguard-go-version.h
+execute_process(
+    COMMAND go list -m golang.zx2c4.com/wireguard
+    WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/3rd/wireguard-apple/Sources/WireGuardKitGo
+    OUTPUT_VARIABLE WG_VERSION_FULL
+)
+string(REGEX REPLACE ".*v\([0-9.]*\).*" "\\1" WG_VERSION_STRING 1.1.1)
+configure_file(${CMAKE_CURRENT_SOURCE_DIR}/wireguard-go-version.h.in
+               ${CMAKE_CURRENT_BINARY_DIR}/wireguard-go-version.h)
+target_sources(networkextension PRIVATE
+    ${CMAKE_CURRENT_BINARY_DIR}/wireguard-go-version.h)
+
+target_include_directories(networkextension PRIVATE ${CMAKE_SOURCE_DIR})
+target_include_directories(networkextension PRIVATE ${CMAKE_CURRENT_BINARY_DIR})
+
+## HACK: Build only the first architecture, this will break universal builds
+## for now, but they are already broken for mobile, which uses the arch to
+## determine iOS vs. simulator builds :)
+if(NOT CMAKE_OSX_ARCHITECTURES)
+    set(OSXARCH arm64)
+else()
+    list(GET CMAKE_OSX_ARCHITECTURES 0 OSXARCH)
+endif()
+
+## Build the wireguard go library
+## TODO: The upstream makefile also makes an attempt to patch the golang runtime
+## to provide the boot-time clock instead of an uptime clock. We should probably
+## make an attempt to do the same, somehow?
+include(${CMAKE_SOURCE_DIR}/src/cmake/golang.cmake)
+if(OSXARCH STREQUAL "x86_64")
+    set(GOARCH amd64)
+else()
+    set(GOARCH ${FIRST_OSX_ARCHITECTURE})
+endif()
+add_go_library(libwg-go ${CMAKE_SOURCE_DIR}/3rd/wireguard-apple/Sources/WireGuardKitGo/api-apple.go
+    GOOS ios
+    GOARCH ${GOARCH}
+    CGO_CFLAGS -arch ${OSXARCH}
+    CGO_LDFLAGS -arch ${OSXARCH}
+)
+target_link_libraries(networkextension PRIVATE libwg-go)

client/ios/networkextension/Info.plist

@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleExecutable</key>
+	<string>$(EXECUTABLE_NAME)</string>
+
+	<key>CFBundleIdentifier</key>
+	<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
+
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+
+	<key>CFBundleName</key>
+	<string>$(PRODUCT_NAME)</string>
+
+	<key>CFBundlePackageType</key>
+	<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
+
+	<key>CFBundleShortVersionString</key>
+	<string>$(MARKETING_VERSION)</string>
+
+	<key>CFBundleVersion</key>
+	<string>$(CURRENT_PROJECT_VERSION)</string>
+
+	<key>ITSAppUsesNonExemptEncryption</key>
+	<false/>
+
+	<key>LSMinimumSystemVersion</key>
+	<string>$(MACOSX_DEPLOYMENT_TARGET)</string>
+
+	<key>CFBundleDevelopmentRegion</key>
+	<string>$(DEVELOPMENT_LANGUAGE)</string>
+
+	<key>CFBundleDisplayName</key>
+	<string>MozillaVPNNetworkExtension</string>
+
+	<key>NSExtension</key>
+	<dict>
+		<key>NSExtensionPointIdentifier</key>
+		<string>com.apple.networkextension.packet-tunnel</string>
+		<key>NSExtensionPrincipalClass</key>
+		<string>$(PRODUCT_MODULE_NAME).PacketTunnelProvider</string>
+	</dict>
+
+	<key>com.wireguard.ios.app_group_id</key>
+	<string>group.$(APP_ID_IOS)</string>
+
+	<key>com.wireguard.macos.app_group_id</key>
+	<string>$(DEVELOPMENT_TEAM).group.$(APP_ID_MACOS)</string>
+</dict>
+</plist>

client/ios/networkextension/Info.plist.in

@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>en</string>
+	<key>CFBundleExecutable</key>
+	<string>${MACOSX_BUNDLE_EXECUTABLE_NAME}</string>
+
+	<key>CFBundleIdentifier</key>
+	<string>${MACOSX_BUNDLE_GUI_IDENTIFIER}</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>${MACOSX_BUNDLE_BUNDLE_NAME}</string>
+	<key>CFBundlePackageType</key>
+	<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
+	<key>CFBundleShortVersionString</key>
+	<string>${MACOSX_BUNDLE_SHORT_VERSION_STRING}</string>
+	<key>CFBundleVersion</key>
+	<string>${MACOSX_BUNDLE_BUNDLE_VERSION}</string>
+
+	<key>ITSAppUsesNonExemptEncryption</key>
+	<false/>
+
+	<key>LSMinimumSystemVersion</key>
+	<string>${CMAKE_OSX_DEPLOYMENT_TARGET}</string>
+
+	<key>CFBundleDisplayName</key>
+	<string>${MACOSX_BUNDLE_INFO_STRING}</string>
+
+	<key>NSExtension</key>
+	<dict>
+		<key>NSExtensionPointIdentifier</key>
+		<string>com.apple.networkextension.packet-tunnel</string>
+		<key>NSExtensionPrincipalClass</key>
+		<string>$(PRODUCT_MODULE_NAME).PacketTunnelProvider</string>
+	</dict>
+
+	<key>com.wireguard.ios.app_group_id</key>
+	<string>group.${BUILD_IOS_APP_IDENTIFIER}</string>
+
+	<key>com.wireguard.macos.app_group_id</key>
+	<string>${BUILD_VPN_DEVELOPMENT_TEAM}.group.${BUILD_OSX_APP_IDENTIFIER}</string>
+</dict>
+</plist>

client/ios/networkextension/WireGuardNetworkExtension-Bridging-Header.h

@@ -0,0 +1,21 @@
+#include "wireguard-go-version.h"
+#include "3rd/wireguard-apple/Sources/WireGuardKitGo/wireguard.h"
+#include "3rd/wireguard-apple/Sources/WireGuardKitC/WireGuardKitC.h"
+
+#include <stdbool.h>
+#include <stdint.h>
+
+#define WG_KEY_LEN (32)
+#define WG_KEY_LEN_BASE64 (45)
+#define WG_KEY_LEN_HEX (65)
+
+void key_to_base64(char base64[WG_KEY_LEN_BASE64],
+                   const uint8_t key[WG_KEY_LEN]);
+bool key_from_base64(uint8_t key[WG_KEY_LEN], const char* base64);
+
+void key_to_hex(char hex[WG_KEY_LEN_HEX], const uint8_t key[WG_KEY_LEN]);
+bool key_from_hex(uint8_t key[WG_KEY_LEN], const char* hex);
+
+bool key_eq(const uint8_t key1[WG_KEY_LEN], const uint8_t key2[WG_KEY_LEN]);
+
+void write_msg_to_log(const char* tag, const char* msg);

client/ios/networkextension/wireguard-go-version.h.in

@@ -0,0 +1,3 @@
+#ifndef WIREGUARD_GO_VERSION
+#define WIREGUARD_GO_VERSION "@WG_VERSION_STRING@"
+#endif // WIREGUARD_GO_VERSION