diff --git a/client/macos/app/Info.plist.in b/client/macos/app/Info.plist.in
new file mode 100644
index 00000000..1c9ad48e
--- /dev/null
+++ b/client/macos/app/Info.plist.in
@@ -0,0 +1,172 @@
+
+
+
+
+ CFBundleAllowMixedLocalizations
+
+ CFBundleDevelopmentRegion
+ en
+ CFBundleDisplayName
+ ${QT_INTERNAL_DOLLAR_VAR}{PRODUCT_NAME}
+ CFBundleExecutable
+ ${MACOSX_BUNDLE_EXECUTABLE_NAME}
+ CFBundleIdentifier
+ ${MACOSX_BUNDLE_GUI_IDENTIFIER}
+ CFBundleInfoDictionaryVersion
+ 6.0
+ CFBundleName
+ ${MACOSX_BUNDLE_BUNDLE_NAME}
+ CFBundlePackageType
+ APPL
+ CFBundleShortVersionString
+ ${MACOSX_BUNDLE_SHORT_VERSION_STRING}
+ CFBundleVersion
+ ${MACOSX_BUNDLE_BUNDLE_VERSION}
+ NSHumanReadableCopyright
+ ${MACOSX_BUNDLE_COPYRIGHT}
+ ITSAppUsesNonExemptEncryption
+
+ LSApplicationCategoryType
+ public.app-category.utilities
+
+ LSMinimumSystemVersion
+ ${MACOSX_DEPLOYMENT_TARGET}
+ LSSupportsOpeningDocumentsInPlace
+
+ com.wireguard.ios.app_group_id
+ group.org.amnezia.AmneziaVPN
+ NSCameraUsageDescription
+ Amnezia VPN needs access to the camera for reading QR-codes.
+ NSAppTransportSecurity
+
+ NSAllowsArbitraryLoads
+
+ NSAllowsLocalNetworking
+
+
+ CFBundleIcons
+
+ UTImportedTypeDeclarations
+
+
+ UTTypeConformsTo
+
+ public.data
+
+ UTTypeDescription
+ Amnezia VPN config
+ UTTypeIconFiles
+
+ UTTypeIdentifier
+ org.amnezia.AmneziaVPN.amnezia-config
+ UTTypeTagSpecification
+
+ public.filename-extension
+
+ vpn
+
+ public.mime-type
+
+ text/plain
+
+
+
+
+ UTTypeConformsTo
+
+ public.data
+
+ UTTypeDescription
+ WireGuard config
+ UTTypeIconFiles
+
+ UTTypeIdentifier
+ org.amnezia.AmneziaVPN.wireguard-config
+ UTTypeTagSpecification
+
+ public.filename-extension
+
+ conf
+ cfg
+
+ public.mime-type
+
+ text/plain
+
+
+
+
+ UTTypeConformsTo
+
+ public.data
+
+ UTTypeDescription
+ OpenVPN config
+ UTTypeIconFiles
+
+ UTTypeIdentifier
+ org.amnezia.AmneziaVPN.openvpn-config
+ UTTypeTagSpecification
+
+ public.filename-extension
+
+ ovpn
+
+ public.mime-type
+
+ text/plain
+
+
+
+
+ UTTypeConformsTo
+
+ public.data
+
+ UTTypeDescription
+ AmneziaVPN backup file
+ UTTypeIconFiles
+
+ UTTypeIdentifier
+ org.amnezia.AmneziaVPN.backup-config
+ UTTypeTagSpecification
+
+ public.filename-extension
+
+ backup
+
+ public.mime-type
+
+ text/plain
+
+
+
+
+ CFBundleDocumentTypes
+
+
+ CFBundleTypeName
+ Amnezia VPN config
+ LSHandlerRank
+ Alternate
+ LSItemContentTypes
+
+ org.amnezia.AmneziaVPN.amnezia-config
+ org.amnezia.AmneziaVPN.wireguard-config
+ org.amnezia.AmneziaVPN.openvpn-config
+ org.amnezia.AmneziaVPN.backup-config
+
+
+
+ NSExtensions
+
+
+ NSExtensionPointIdentifier
+ com.apple.networkextension.packet-tunnel
+ NSExtensionPrincipalClass
+ $(PRODUCT_MODULE_NAME).PacketTunnelProvider
+
+
+
+
+
diff --git a/client/macos/app/app.entitlements b/client/macos/app/app.entitlements
index 1eaae6ec..d4d7195f 100644
--- a/client/macos/app/app.entitlements
+++ b/client/macos/app/app.entitlements
@@ -2,34 +2,40 @@
- com.apple.application-identifier
- $(DEVELOPMENT_TEAM).$(APP_ID_MACOS)
-
+ com.apple.developer.networking.custom-protocol
+
com.apple.developer.networking.networkextension
+ app-proxy-provider
packet-tunnel-provider
+ dns-settings
+ relay
+ content-filter-provider
+ dns-proxy
-
+ com.apple.developer.system-extension.install
+
+ com.apple.developer.networking.vpn.api
+
+ allow-vpn
+
+ com.apple.security.app-sandbox
+
+ com.apple.security.application-groups
+
+ group.org.amnezia.AmneziaVPN
+
+ com.apple.security.files.user-selected.read-only
+
+ com.apple.security.files.user-selected.read-write
+
+ com.apple.security.network.client
+
+ com.apple.security.network.server
+
keychain-access-groups
$(DEVELOPMENT_TEAM).*
-
- com.apple.developer.team-identifier
- $(DEVELOPMENT_TEAM)
-
- com.apple.security.app-sandbox
-
-
- com.apple.security.application-groups
-
- $(DEVELOPMENT_TEAM).$(GROUP_ID_MACOS)
-
-
- com.apple.security.network.client
-
-
- com.apple.security.network.server
-
diff --git a/client/macos/app/main.entitlements b/client/macos/app/main.entitlements
new file mode 100644
index 00000000..6581632f
--- /dev/null
+++ b/client/macos/app/main.entitlements
@@ -0,0 +1,22 @@
+
+
+
+
+ com.apple.developer.networking.networkextension
+
+ packet-tunnel-provider
+
+ com.apple.security.application-groups
+
+ group.org.amnezia.AmneziaVPN
+
+ com.apple.security.files.user-selected.read-write
+
+ keychain-access-groups
+
+ $(AppIdentifierPrefix)group.org.amnezia.AmneziaVPN
+
+ com.apple.security.app-sandbox
+
+
+
diff --git a/client/macos/networkextension/AmneziaVPNNetworkExtension.entitlements b/client/macos/networkextension/AmneziaVPNNetworkExtension.entitlements
index b4f08784..7e2b2072 100644
--- a/client/macos/networkextension/AmneziaVPNNetworkExtension.entitlements
+++ b/client/macos/networkextension/AmneziaVPNNetworkExtension.entitlements
@@ -2,41 +2,30 @@
- com.apple.application-identifier
- $(DEVELOPMENT_TEAM).$(NETEXT_ID_MACOS)
-
+ com.apple.developer.networking.custom-protocol
+
com.apple.developer.networking.networkextension
+ dns-settings
+ relay
packet-tunnel-provider
+ content-filter-provider
+ dns-proxy
+ app-proxy-provider
-
- keychain-access-groups
+ com.apple.developer.networking.vpn.api
- $(DEVELOPMENT_TEAM).*
+ allow-vpn
-
- com.apple.developer.team-identifier
- $(DEVELOPMENT_TEAM)
-
- com.apple.developer.system-extension.install
-
-
com.apple.security.app-sandbox
-
com.apple.security.application-groups
- $(DEVELOPMENT_TEAM).$(GROUP_ID_MACOS)
+ group.org.amnezia.AmneziaVPN
-
com.apple.security.network.client
-
com.apple.security.network.server
- com.apple.security.app-sandbox
-
- com.apple.private.network.socket-delegate
-
diff --git a/client/macos/networkextension/Info.plist b/client/macos/networkextension/Info.plist.in
similarity index 63%
rename from client/macos/networkextension/Info.plist
rename to client/macos/networkextension/Info.plist.in
index 96d82459..fa307001 100644
--- a/client/macos/networkextension/Info.plist
+++ b/client/macos/networkextension/Info.plist.in
@@ -3,27 +3,32 @@
CFBundleDevelopmentRegion
- $(DEVELOPMENT_LANGUAGE)
- CFBundleDisplayName
- AmneziaVPNNetworkExtension
+ en
CFBundleExecutable
- $(EXECUTABLE_NAME)
+ AmneziaVPNNetworkExtension
+
CFBundleIdentifier
- $(PRODUCT_BUNDLE_IDENTIFIER)
+ org.amnezia.AmneziaVPN.network-extension
CFBundleInfoDictionaryVersion
6.0
CFBundleName
- $(PRODUCT_NAME)
+ AmneziaVPNNetworkExtension
CFBundlePackageType
$(PRODUCT_BUNDLE_PACKAGE_TYPE)
CFBundleShortVersionString
- $(MARKETING_VERSION)
+ ${APPLE_PROJECT_VERSION}
CFBundleVersion
- $(CURRENT_PROJECT_VERSION)
+ ${CMAKE_PROJECT_VERSION_TWEAK}
+
ITSAppUsesNonExemptEncryption
+
LSMinimumSystemVersion
- $(MACOSX_DEPLOYMENT_TARGET)
+ ${CMAKE_OSX_DEPLOYMENT_TARGET}
+
+ CFBundleDisplayName
+ AmneziaVPNNetworkExtension
+
NSExtension
NSExtensionPointIdentifier
@@ -31,5 +36,11 @@
NSExtensionPrincipalClass
$(PRODUCT_MODULE_NAME).PacketTunnelProvider
+
+ com.wireguard.ios.app_group_id
+ group.org.amnezia.AmneziaVPN
+
+ com.wireguard.macos.app_group_id
+ ${BUILD_VPN_DEVELOPMENT_TEAM}.group.org.amnezia.AmneziaVPN
diff --git a/client/macos/networkextension/PrivacyInfo.xcprivacy b/client/macos/networkextension/PrivacyInfo.xcprivacy
new file mode 100644
index 00000000..380e0b7b
--- /dev/null
+++ b/client/macos/networkextension/PrivacyInfo.xcprivacy
@@ -0,0 +1,25 @@
+
+
+
+
+ NSPrivacyAccessedAPITypes
+
+
+ NSPrivacyAccessedAPIType
+ NSPrivacyAccessedAPICategoryUserDefaults
+ NSPrivacyAccessedAPITypeReasons
+
+ 1C8F.1
+
+
+
+ NSPrivacyAccessedAPIType
+ NSPrivacyAccessedAPICategoryFileTimestamp
+ NSPrivacyAccessedAPITypeReasons
+
+ C617.1
+
+
+
+
+