chore: bump version (#1701 )

fix: fixed awg 1.5 fields processing for ios (#1700 )
chore: minor fixes (#1616 )
2025-07-08 15:11:45 +08:00 · 2025-07-08 15:06:52 +08:00 · 2025-07-08 14:25:03 +08:00 · 2025-07-07 12:03:25 +08:00 · 2025-07-07 10:44:35 +08:00 · 2025-07-07 10:42:25 +08:00
870 changed files with 77789 additions and 18667 deletions
--- a/.clang-format
+++ b/.clang-format
@ -0,0 +1,39 @@
 BasedOnStyle: WebKit
 AccessModifierOffset: '-4'
 AlignAfterOpenBracket: Align
 AlignConsecutiveMacros: 'true'
 AlignTrailingComments: 'true'
 AllowAllArgumentsOnNextLine: 'true'
 AllowAllParametersOfDeclarationOnNextLine: 'true'
 AllowShortBlocksOnASingleLine: 'false'
 AllowShortCaseLabelsOnASingleLine: 'true'
 AllowShortEnumsOnASingleLine: 'false'
 AllowShortFunctionsOnASingleLine: None
 AlwaysBreakTemplateDeclarations: 'No'
 BreakBeforeBinaryOperators: NonAssignment
 BreakBeforeBraces: Custom
 BraceWrapping:
    AfterClass: true
    AfterControlStatement: false
    AfterEnum: false
    AfterFunction: true
    AfterNamespace: true
    AfterObjCDeclaration: false
    AfterStruct: true
    AfterUnion: false
    BeforeCatch: false
    BeforeElse: false
    IndentBraces: false
 BreakConstructorInitializers: BeforeColon
 ColumnLimit: '120'
 CommentPragmas: '"^!|^:"'
 ConstructorInitializerAllOnOneLineOrOnePerLine: 'true'
 ConstructorInitializerIndentWidth: '4'
 ContinuationIndentWidth: '8'
 IndentPPDirectives: BeforeHash
 NamespaceIndentation: All
 PenaltyExcessCharacter: '10'
 PointerAlignment: Right
 SortIncludes: 'true'
 SpaceAfterTemplateKeyword: 'false'
 Standard: Auto
--- a/.clang-format-ignore
+++ b/.clang-format-ignore
@ -0,0 +1,20 @@
 /client/3rd
 /client/3rd-prebuild
 /client/android
 /client/cmake
 /client/core/serialization
 /client/daemon
 /client/fonts
 /client/images
 /client/ios
 /client/mozilla
 /client/platforms/dummy
 /client/platforms/linux
 /client/platforms/macos
 /client/platforms/windows
 /client/server_scripts
 /client/translations
 /deploy
 /docs
 /metadata
 /service/src
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@ -10,12 +10,18 @@ env:
 jobs:
  Build-Linux-Ubuntu:
-    name: 'Build-Linux-Ubuntu'
+    runs-on: ubuntu-22.04
    runs-on: ubuntu-20.04
    env:
      QT_VERSION: 6.6.2
      QIF_VERSION: 4.7
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
      DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }}
      DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }}
      FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }}
      PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }}
    steps:
    - name: 'Install Qt'
@ -65,16 +71,29 @@ jobs:
        path: deploy/AppDir
        retention-days: 7
    - name: 'Upload translations artifact'
      uses: actions/upload-artifact@v4
      with:
        name: AmneziaVPN_translations
        path: client/translations
        retention-days: 7
 # ------------------------------------------------------
  Build-Windows:
    name: Build-Windows
    runs-on: windows-latest
    env:
      QT_VERSION: 6.6.2
      QIF_VERSION: 4.7
      BUILD_ARCH: 64
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
      DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }}
      DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }}
      FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }}
      PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }}
    steps:
    - name: 'Get sources'
@ -130,13 +149,19 @@ jobs:
 # ------------------------------------------------------
  Build-iOS:
    name: 'Build-iOS'
    runs-on: macos-13
    env:
      QT_VERSION: 6.6.2
      CC: cc
      CXX: c++
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
      DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }}
      DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }}
      FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }}
      PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }}
    steps:
    - name: 'Setup xcode'
@ -171,7 +196,7 @@ jobs:
    - name: 'Install go'
      uses: actions/setup-go@v5
      with:
-        go-version: '1.20'
+        go-version: '1.24'
        cache: false
    - name: 'Setup gomobile'
@ -198,7 +223,11 @@ jobs:
        export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/ios/bin"
        export QT_MACOS_ROOT_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos"
        export PATH=$PATH:~/go/bin
-        sh deploy/build_ios.sh
+        sh deploy/build_ios.sh | \
          sed -e '/-Xcc -DPROD_AGW_PUBLIC_KEY/,/-Xcc/ { /-Xcc/!d; }' -e '/-Xcc -DPROD_AGW_PUBLIC_KEY/d' | \
          sed -e '/-Xcc -DDEV_AGW_PUBLIC_KEY/,/-Xcc/ { /-Xcc/!d; }' -e '/-Xcc -DDEV_AGW_PUBLIC_KEY/d' | \
          sed -e '/-DPROD_AGW_PUBLIC_KEY/,/-D/ { /-D/!d; }' -e '/-DPROD_AGW_PUBLIC_KEY/d' | \
          sed -e '/-DDEV_AGW_PUBLIC_KEY/,/-D/ { /-D/!d; }' -e '/-DDEV_AGW_PUBLIC_KEY/d'
      env:
        IOS_TRUST_CERT_BASE64: ${{ secrets.IOS_TRUST_CERT_BASE64 }}
        IOS_SIGNING_CERT_BASE64: ${{ secrets.IOS_SIGNING_CERT_BASE64 }}
@ -220,20 +249,88 @@ jobs:
 # ------------------------------------------------------
-  Build-MacOS:
+  Build-MacOS-old:
    name: 'Build-MacOS'
    runs-on: macos-latest
    env:
      # Keep compat with MacOS 10.15 aka Catalina by Qt 6.4
      QT_VERSION: 6.4.3
-      QIF_VERSION: 4.6
+      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
      DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }}
      DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }}
      FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }}
      PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }}
    steps:
    - name: 'Setup xcode'
      uses: maxim-lobanov/setup-xcode@v1
      with:
-        xcode-version: '13.4'
+        xcode-version: '15.4.0'
    - name: 'Install Qt'
      uses: jurplel/install-qt-action@v3
      with:
        version: ${{ env.QT_VERSION }}
        host: 'mac'
        target: 'desktop'
        arch: 'clang_64'
        modules: 'qtremoteobjects qt5compat qtshadertools'
        dir: ${{ runner.temp }}
        setup-python: 'true'
        set-env: 'true'
        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
    - name: 'Get sources'
      uses: actions/checkout@v4
      with:
        submodules: 'true'
        fetch-depth: 10
    - name: 'Setup ccache'
      uses: hendrikmuhs/ccache-action@v1.2
    - name: 'Build project'
      run: |
        export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos/bin"
        bash deploy/build_macos.sh
    - name: 'Upload installer artifact'
      uses: actions/upload-artifact@v4
      with:
        name: AmneziaVPN_MacOS_old_installer
        path: deploy/build/pkg/AmneziaVPN.pkg
        retention-days: 7
    - name: 'Upload unpacked artifact'
      uses: actions/upload-artifact@v4
      with:
        name: AmneziaVPN_MacOS_old_unpacked
        path: deploy/build/client/AmneziaVPN.app
        retention-days: 7
 # ------------------------------------------------------
  Build-MacOS:
    runs-on: macos-latest
    env:
      QT_VERSION: 6.8.0
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
      DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }}
      DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }}
      FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }}
      PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }}
    steps:
    - name: 'Setup xcode'
      uses: maxim-lobanov/setup-xcode@v1
      with:
        xcode-version: '15.4.0'
    - name: 'Install Qt'
      uses: jurplel/install-qt-action@v3
@ -248,11 +345,6 @@ jobs:
        set-env: 'true'
        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
    - name: 'Install Qt Installer Framework ${{ env.QIF_VERSION }}'
      run: |
        mkdir -pv ${{ runner.temp }}/Qt/Tools/QtInstallerFramework
        wget https://qt.amzsvc.com/tools/ifw/${{ env.QIF_VERSION }}.zip
        unzip ${{ env.QIF_VERSION }}.zip -d ${{ runner.temp }}/Qt/Tools/QtInstallerFramework/
    - name: 'Get sources'
      uses: actions/checkout@v4
@ -266,14 +358,13 @@ jobs:
    - name: 'Build project'
      run: |
        export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos/bin"
        export QIF_BIN_DIR="${{ runner.temp }}/Qt/Tools/QtInstallerFramework/${{ env.QIF_VERSION }}/bin"
        bash deploy/build_macos.sh
    - name: 'Upload installer artifact'
      uses: actions/upload-artifact@v4
      with:
        name: AmneziaVPN_MacOS_installer
-        path: AmneziaVPN.dmg
+        path: deploy/build/pkg/AmneziaVPN.pkg
        retention-days: 7
    - name: 'Upload unpacked artifact'
@ -286,28 +377,35 @@ jobs:
 # ------------------------------------------------------
  Build-Android:
    name: 'Build-Android'
    runs-on: ubuntu-latest
    env:
      ANDROID_BUILD_PLATFORM: android-34
-      QT_VERSION: 6.6.2
+      QT_VERSION: 6.7.3
      QT_MODULES: 'qtremoteobjects qt5compat qtimageformats qtshadertools'
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
      DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }}
      DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }}
      FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }}
      PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }}
    steps:
    - name: 'Install desktop Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
        target: 'desktop'
-        arch: 'gcc_64'
+        arch: 'linux_gcc_64'
        modules: ${{ env.QT_MODULES }}
        dir: ${{ runner.temp }}
-        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
+        py7zrversion: '==0.22.*'
        extra: '--base ${{ env.QT_MIRROR }}'
    - name: 'Install android_x86_64 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
@ -315,10 +413,11 @@ jobs:
        arch: 'android_x86_64'
        modules: ${{ env.QT_MODULES }}
        dir: ${{ runner.temp }}
-        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
+        py7zrversion: '==0.22.*'
        extra: '--base ${{ env.QT_MIRROR }}'
    - name: 'Install android_x86 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
@ -326,10 +425,11 @@ jobs:
        arch: 'android_x86'
        modules: ${{ env.QT_MODULES }}
        dir: ${{ runner.temp }}
-        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
+        py7zrversion: '==0.22.*'
        extra: '--base ${{ env.QT_MIRROR }}'
    - name: 'Install android_armv7 Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
@ -337,10 +437,11 @@ jobs:
        arch: 'android_armv7'
        modules: ${{ env.QT_MODULES }}
        dir: ${{ runner.temp }}
-        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
+        py7zrversion: '==0.22.*'
        extra: '--base ${{ env.QT_MIRROR }}'
    - name: 'Install android_arm64_v8a Qt'
-      uses: jurplel/install-qt-action@v3
+      uses: jurplel/install-qt-action@v4
      with:
        version: ${{ env.QT_VERSION }}
        host: 'linux'
@ -348,7 +449,8 @@ jobs:
        arch: 'android_arm64_v8a'
        modules: ${{ env.QT_MODULES }}
        dir: ${{ runner.temp }}
-        extra: '--external 7z --base ${{ env.QT_MIRROR }}'
+        py7zrversion: '==0.22.*'
        extra: '--base ${{ env.QT_MIRROR }}'
    - name: 'Grant execute permission for qt-cmake'
      shell: bash
@ -432,3 +534,21 @@ jobs:
        path: deploy/build/AmneziaVPN-release.aab
        compression-level: 0
        retention-days: 7
  Extra:
    runs-on: ubuntu-latest
    steps:
      - name: Search a corresponding PR
        uses: octokit/request-action@v2.x
        id: pull_request
        with:
          route: GET /repos/${{ github.repository }}/pulls
          head: ${{ github.repository_owner }}:${{ github.ref_name }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Add PR link to build summary
        if: ${{ fromJSON(steps.pull_request.outputs.data)[0].number != '' }}
        run: | 
          echo "Pull request:" >> $GITHUB_STEP_SUMMARY
          echo "[[#${{ fromJSON(steps.pull_request.outputs.data)[0].number }}] ${{ fromJSON(steps.pull_request.outputs.data)[0].title }}](${{ fromJSON(steps.pull_request.outputs.data)[0].html_url }})" >> $GITHUB_STEP_SUMMARY
--- a/.github/workflows/tag-deploy.yml
+++ b/.github/workflows/tag-deploy.yml
@ -15,6 +15,13 @@ jobs:
    env:
      QT_VERSION: 6.4.1
      QIF_VERSION: 4.5
      PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
      PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
      DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
      DEV_AGW_ENDPOINT: ${{ secrets.DEV_AGW_ENDPOINT }}
      DEV_S3_ENDPOINT: ${{ secrets.DEV_S3_ENDPOINT }}
      FREE_V2_ENDPOINT: ${{ secrets.FREE_V2_ENDPOINT }}
      PREM_V1_ENDPOINT: ${{ secrets.PREM_V1_ENDPOINT }}
    steps:
    - name: 'Install desktop Qt'
--- a/.github/workflows/tag-upload.yml
+++ b/.github/workflows/tag-upload.yml
@ -1,64 +1,41 @@
 name: 'Upload a new version'
 on:
-  push:
+  workflow_dispatch:
-    tags:
+    inputs:
-    - '[0-9]+.[0-9]+.[0-9]+.[0-9]+'
+      RELEASE_VERSION:
        description: 'Release version (e.g. 1.2.3.4)'
        required: true
        type: string
 jobs:
-  upload:
+  Upload-S3:
    runs-on: ubuntu-latest
    name: upload
    steps:
-      - name: Checkout CMakeLists.txt
+      - name: Checkout
        uses: actions/checkout@v4
        with:
-          ref: ${{ github.ref_name }}
+          ref: ${{ inputs.RELEASE_VERSION }}
          sparse-checkout: |
            CMakeLists.txt
            deploy/deploy_s3.sh
          sparse-checkout-cone-mode: false
      - name: Verify git tag
        run: |
-          GIT_TAG=${{ github.ref_name }}
+          TAG_NAME=${{ inputs.RELEASE_VERSION }}
          CMAKE_TAG=$(grep 'project.*VERSION' CMakeLists.txt | sed -E 's/.* ([0-9]+.[0-9]+.[0-9]+.[0-9]+)$/\1/')
-
+          if [[ "$TAG_NAME" == "$CMAKE_TAG" ]]; then
-          if [[ "$GIT_TAG" == "$CMAKE_TAG" ]]; then
+            echo "Git tag ($TAG_NAME) matches CMakeLists.txt version ($CMAKE_TAG)."
            echo "Git tag ($GIT_TAG) and version in CMakeLists.txt ($CMAKE_TAG) are the same. Continuing..."
          else
-            echo "Git tag ($GIT_TAG) and version in CMakeLists.txt ($CMAKE_TAG) are not the same! Cancelling..."
+            echo "::error::Mismatch: Git tag ($TAG_NAME) != CMakeLists.txt version ($CMAKE_TAG). Exiting with error..."
            exit 1
          fi
-      - name: Download artifacts from the "${{ github.ref_name }}" tag
+      - name: Setup Rclone
-        uses: robinraju/release-downloader@v1.8
+        uses: AnimMouse/setup-rclone@v1
        with:
-          tag: ${{ github.ref_name }}
+          rclone_config: ${{ secrets.RCLONE_CONFIG }}
          fileName: "AmneziaVPN_(Linux_|)${{ github.ref_name }}*"
          out-file-path: ${{ github.ref_name }}
-      - name: Upload beta version
+      - name: Send dist to S3
-        uses: jakejarvis/s3-sync-action@master
+        run: bash deploy/deploy_s3.sh ${{ inputs.RELEASE_VERSION }}
        if: contains(github.event.base_ref, 'dev')
        with:
          args: --include "AmneziaVPN*" --delete
        env:
          AWS_S3_BUCKET: updates
          AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_R2_SECRET_ACCESS_KEY }}
          AWS_S3_ENDPOINT: https://${{ vars.CF_ACCOUNT_ID }}.r2.cloudflarestorage.com
          SOURCE_DIR: ${{ github.ref_name }}
          DEST_DIR: beta/${{ github.ref_name }}
      - name: Upload stable version
        uses: jakejarvis/s3-sync-action@master
        if: contains(github.event.base_ref, 'master')
        with:
          args: --include "AmneziaVPN*" --delete
        env:
          AWS_S3_BUCKET: updates
          AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_R2_SECRET_ACCESS_KEY }}
          AWS_S3_ENDPOINT: https://${{ vars.CF_ACCOUNT_ID }}.r2.cloudflarestorage.com
          SOURCE_DIR: ${{ github.ref_name }}
          DEST_DIR: stable/${{ github.ref_name }}
--- a/.gitignore
+++ b/.gitignore
@ -134,3 +134,7 @@ out/
 # CMake files
 CMakeFiles/
 ios-ne-build.sh
 macos-ne-build.sh
 macos-signed-build.sh
--- a/.gitmodules
+++ b/.gitmodules
@ -1,6 +1,3 @@
 [submodule "client/3rd/OpenVPNAdapter"]
 	path = client/3rd/OpenVPNAdapter
 	url = https://github.com/amnezia-vpn/OpenVPNAdapter.git
 [submodule "client/3rd/qtkeychain"]
 	path = client/3rd/qtkeychain
 	url = https://github.com/frankosterfeld/qtkeychain.git
@ -10,6 +7,10 @@
 [submodule "client/3rd-prebuilt"]
 	path = client/3rd-prebuilt
 	url = https://github.com/amnezia-vpn/3rd-prebuilt
 	branch = feature/special-handshake
 [submodule "client/3rd/amneziawg-apple"]
 	path = client/3rd/amneziawg-apple
 	url = https://github.com/amnezia-vpn/amneziawg-apple
 [submodule "client/3rd/QSimpleCrypto"]
 	path = client/3rd/QSimpleCrypto
 	url = https://github.com/amnezia-vpn/QSimpleCrypto.git
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -2,7 +2,7 @@ cmake_minimum_required(VERSION 3.25.0 FATAL_ERROR)
 set(PROJECT AmneziaVPN)
-project(${PROJECT} VERSION 4.5.2.0
+project(${PROJECT} VERSION 4.8.8.1
        DESCRIPTION "AmneziaVPN"
        HOMEPAGE_URL "https://amnezia.org/"
 )
@ -11,7 +11,7 @@ string(TIMESTAMP CURRENT_DATE "%Y-%m-%d")
 set(RELEASE_DATE "${CURRENT_DATE}")
 set(APP_MAJOR_VERSION ${CMAKE_PROJECT_VERSION_MAJOR}.${CMAKE_PROJECT_VERSION_MINOR}.${CMAKE_PROJECT_VERSION_PATCH})
-set(APP_ANDROID_VERSION_CODE 51)
+set(APP_ANDROID_VERSION_CODE 2087)
 if(${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
    set(MZ_PLATFORM_NAME "linux")
--- a/README.md
+++ b/README.md
@ -1,25 +1,51 @@
 # Amnezia VPN
-## _The best client for self-hosted VPN_
+
 ### _The best client for self-hosted VPN_
 [![Build Status](https://github.com/amnezia-vpn/amnezia-client/actions/workflows/deploy.yml/badge.svg?branch=dev)](https://github.com/amnezia-vpn/amnezia-client/actions/workflows/deploy.yml?query=branch:dev)
 [![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/amnezia-vpn/amnezia-client)
-Amnezia is an open-source VPN client, with a key feature that enables you to deploy your own VPN server on your server.
+### [English]([https://github.com/amnezia-vpn/amnezia-client/blob/dev/README_RU.md](https://github.com/amnezia-vpn/amnezia-client/tree/dev?tab=readme-ov-file#)) | [Русский](https://github.com/amnezia-vpn/amnezia-client/blob/dev/README_RU.md)
 [Amnezia](https://amnezia.org) is an open-source VPN client, with a key feature that enables you to deploy your own VPN server on your server.
 [![Image](https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/uipic4.png)](https://amnezia.org)
 ### [Website](https://amnezia.org) | [Alt website link](https://storage.googleapis.com/amnezia/amnezia.org) | [Documentation](https://docs.amnezia.org) | [Troubleshooting](https://docs.amnezia.org/troubleshooting)
 > [!TIP]
 > If the [Amnezia website](https://amnezia.org) is blocked in your region, you can use an [Alternative website link](https://storage.googleapis.com/amnezia/amnezia.org ).
 <a href="https://amnezia.org/downloads"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/download-website.svg" width="150" style="max-width: 100%; margin-right: 10px"></a>
 <a href="https://storage.googleapis.com/amnezia/q9p19109"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/download-alt.svg" width="150" style="max-width: 100%;"></a>
 [All releases](https://github.com/amnezia-vpn/amnezia-client/releases)
 <br/>
 <a href="https://www.testiny.io"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/testiny.png" height="28px"></a>
 ## Features
- Very easy to use - enter your IP address, SSH login, and password, and Amnezia will automatically install VPN docker containers to your server and connect to the VPN.
+- Very easy to use - enter your IP address, SSH login, password and Amnezia will automatically install VPN docker containers to your server and connect to the VPN.
- OpenVPN, ShadowSocks, WireGuard, and IKEv2 protocols support.
+- Classic VPN-protocols: OpenVPN, WireGuard and IKEv2 protocols.
- Masking VPN with OpenVPN over Cloak plugin
+- Protocols with traffic Masking (Obfuscation): OpenVPN over [Cloak](https://github.com/cbeuw/Cloak) plugin, Shadowsocks (OpenVPN over Shadowsocks), [AmneziaWG](https://docs.amnezia.org/documentation/amnezia-wg/) and XRay.
- Split tunneling support - add any sites to the client to enable VPN only for them (only for desktops)
+- Split tunneling support - add any sites to the client to enable VPN only for them or add Apps (only for Android and Desktop).
 - Windows, MacOS, Linux, Android, iOS releases.
 - Support for AmneziaWG protocol configuration on [Keenetic beta firmware](https://docs.keenetic.com/ua/air/kn-1611/en/6319-latest-development-release.html#UUID-186c4108-5afd-c10b-f38a-cdff6c17fab3_section-idm33192196168192-improved).
 ## Links
-[https://amnezia.org](https://amnezia.org) - project website  
+- [https://amnezia.org](https://amnezia.org) - Project website | [Alternative link (mirror)](https://storage.googleapis.com/kldscp/amnezia.org)
-[https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
+- [https://docs.amnezia.org](https://docs.amnezia.org) - Documentation
-[https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English)  
+- [https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
-[https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)  
+- [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Telegram support channel (English) 
 - [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Telegram support channel (Farsi) 
 - [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Telegram support channel (Myanmar)  
 - [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Telegram support channel (Russian)
 - [https://vpnpay.io/en/amnezia-premium/](https://vpnpay.io/en/amnezia-premium/) - Amnezia Premium
 ## Tech
@ -27,7 +53,7 @@ AmneziaVPN uses several open-source projects to work:
 - [OpenSSL](https://www.openssl.org/)
 - [OpenVPN](https://openvpn.net/)
- [ShadowSocks](https://shadowsocks.org/)
+- [Shadowsocks](https://shadowsocks.org/)
 - [Qt](https://www.qt.io/)
 - [LibSsh](https://libssh.org) - forked from Qt Creator
 - and more...
@ -44,6 +70,19 @@ git submodule update --init --recursive
 Want to contribute? Welcome!
 ### Help with translations
 Download the most actual translation files.
 Go to ["Actions" tab](https://github.com/amnezia-vpn/amnezia-client/actions?query=is%3Asuccess+branch%3Adev), click on the first line.
 Then scroll down to the "Artifacts" section and download "AmneziaVPN_translations".
 Unzip this file.
 Each *.ts file contains strings for one corresponding language.
 Translate or correct some strings in one or multiple *.ts files and commit them back to this repository into the ``client/translations`` folder.
 You can do it via a web-interface or any other method you're familiar with.
 ### Building sources and deployment
 Check deploy folder for build scripts. 
@ -52,7 +91,7 @@ Check deploy folder for build scripts.
 1. First, make sure you have [XCode](https://developer.apple.com/xcode/) installed, at least version 14 or higher.
-2. We use QT to generate the XCode project. We need QT version 6.6.1. Install QT for MacOS [here](https://doc.qt.io/qt-6/macos.html) or [QT Online Installer](https://www.qt.io/download-open-source). Required modules:
+2. We use QT to generate the XCode project. We need QT version 6.6.2. Install QT for MacOS [here](https://doc.qt.io/qt-6/macos.html) or [QT Online Installer](https://www.qt.io/download-open-source). Required modules:
   - MacOS
   - iOS
   - Qt 5 Compatibility Module
@ -119,9 +158,11 @@ The Android app has the following requirements:
 * Android platform SDK 33
 * CMake 3.25.0
-After you have installed QT, QT Creator, and Android Studio, you need to configure QT Creator correctly. Click in the top menu bar on `QT Creator` -> `Preferences` -> `Devices` and select the tab `Android`. 
+After you have installed QT, QT Creator, and Android Studio, you need to configure QT Creator correctly.
-    * set path to JDK 11
+
-    * set path to Android SDK ($ANDROID_HOME)
+- Click in the top menu bar on `QT Creator` -> `Preferences` -> `Devices` and select the tab `Android`.
 - Set path to JDK 11
 - Set path to Android SDK (`$ANDROID_HOME`)
 In case you get errors regarding missing SDK or 'SDK manager not running', you cannot fix them by correcting the paths. If you have some spare GBs on your disk, you can let QT Creator install all requirements by choosing an empty folder for `Android SDK location` and clicking on `Set Up SDK`. Be aware: This will install a second Android SDK and NDK on your machine! 
 Double-check that the right CMake version is configured:  Click on `QT Creator` -> `Preferences` and click on the side menu on `Kits`. Under the center content view's `Kits` tab, you'll find an entry for `CMake Tool`. If the default selected CMake version is lower than 3.25.0, install on your system CMake >= 3.25.0 and choose `System CMake at <path>` from the drop-down list. If this entry is missing, you either have not installed CMake yet or QT Creator hasn't found the path to it. In that case, click in the preferences window on the side menu item `CMake`, then on the tab `Tools` in the center content view, and finally on the button `Add` to set the path to your installed CMake. 
@ -142,11 +183,13 @@ GPL v3.0
 ## Donate
-Bitcoin: bc1qn9rhsffuxwnhcuuu4qzrwp4upkrq94xnh8r26u  
+Patreon: [https://www.patreon.com/amneziavpn](https://www.patreon.com/amneziavpn)
 XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3  
 payeer.com: P2561305  
 ko-fi.com: [https://ko-fi.com/amnezia_vpn](https://ko-fi.com/amnezia_vpn)  
 Bitcoin: bc1qmhtgcf9637rl3kqyy22r2a8wa8laka4t9rx2mf <br>
 USDT BEP20: 0x6abD576765a826f87D1D95183438f9408C901bE4 <br>
 USDT TRC20: TELAitazF1MZGmiNjTcnxDjEiH5oe7LC9d <br>
 XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3 <br> 
 TON: UQDpU1CyKRmg7L8mNScKk9FRc2SlESuI7N-Hby4nX-CcVmns
 ## Acknowledgments
 This project is tested with BrowserStack.
--- a/README_RU.md
+++ b/README_RU.md
@ -0,0 +1,181 @@
 # Amnezia VPN
 ### _Лучший клиент для создания VPN на собственном сервере_
 [![Build Status](https://github.com/amnezia-vpn/amnezia-client/actions/workflows/deploy.yml/badge.svg?branch=dev)](https://github.com/amnezia-vpn/amnezia-client/actions/workflows/deploy.yml?query=branch:dev)
 [![Gitpod ready-to-code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/amnezia-vpn/amnezia-client)
 ### [English](https://github.com/amnezia-vpn/amnezia-client/blob/dev/README.md) | Русский
 [AmneziaVPN](https://amnezia.org) — это open source VPN-клиент, ключевая особенность которого заключается в возможности развернуть собственный VPN на вашем сервере.
 [![Image](https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/uipic4.png)](https://amnezia.org)
 ### [Сайт](https://amnezia.org) | [Зеркало сайта](https://storage.googleapis.com/amnezia/amnezia.org) | [Документация](https://docs.amnezia.org) | [Решение проблем](https://docs.amnezia.org/troubleshooting)
 > [!TIP]
 > Если [сайт Amnezia](https://amnezia.org) заблокирован в вашем регионе, вы можете воспользоваться [ссылкой на зеркало](https://storage.googleapis.com/amnezia/amnezia.org).
 <a href="https://storage.googleapis.com/amnezia/q9p19109"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/download-website-ru.svg" width="150" style="max-width: 100%; margin-right: 10px"></a>
 [Все релизы](https://github.com/amnezia-vpn/amnezia-client/releases)
 <br/>
 <a href="https://www.testiny.io"><img src="https://github.com/amnezia-vpn/amnezia-client/blob/dev/metadata/img-readme/testiny.png" height="28px"></a>
 ## Особенности
 - Простой в использовании — введите IP-адрес, SSH-логин и пароль, и Amnezia автоматически установит VPN-контейнеры Docker на ваш сервер и подключится к VPN.
 - Классические VPN-протоколы: OpenVPN, WireGuard и IKEv2.
 - Протоколы с маскировкой трафика (обфускацией): OpenVPN с плагином [Cloak](https://github.com/cbeuw/Cloak), Shadowsocks (OpenVPN over Shadowsocks), [AmneziaWG](https://docs.amnezia.org/documentation/amnezia-wg/) and XRay.
 - Поддержка Split Tunneling — добавляйте любые сайты или приложения в список, чтобы включить VPN только для них.
 - Поддерживает платформы: Windows, macOS, Linux, Android, iOS.
 - Поддержка конфигурации протокола AmneziaWG на [бета-прошивке Keenetic](https://docs.keenetic.com/ua/air/kn-1611/en/6319-latest-development-release.html#UUID-186c4108-5afd-c10b-f38a-cdff6c17fab3_section-idm33192196168192-improved).
 ## Ссылки
 - [https://amnezia.org](https://amnezia.org) - Веб-сайт проекта | [Альтернативная ссылка (зеркало)](https://storage.googleapis.com/kldscp/amnezia.org)
 - [https://docs.amnezia.org](https://docs.amnezia.org) - Документация
 - [https://www.reddit.com/r/AmneziaVPN](https://www.reddit.com/r/AmneziaVPN) - Reddit  
 - [https://t.me/amnezia_vpn_en](https://t.me/amnezia_vpn_en) - Канал поддержки в Telegram (Английский)
 - [https://t.me/amnezia_vpn_ir](https://t.me/amnezia_vpn_ir) - Канал поддержки в Telegram (Фарси)
 - [https://t.me/amnezia_vpn_mm](https://t.me/amnezia_vpn_mm) - Канал поддержки в Telegram (Мьянма) 
 - [https://t.me/amnezia_vpn](https://t.me/amnezia_vpn) - Канал поддержки в Telegram  (Русский)
 - [https://vpnpay.io/en/amnezia-premium/](https://vpnpay.io/en/amnezia-premium/) - Amnezia Premium | [Зеркало](https://storage.googleapis.com/kldscp/vpnpay.io/ru/amnezia-premium\)
 ## Технологии
 AmneziaVPN использует несколько проектов с открытым исходным кодом:
 - [OpenSSL](https://www.openssl.org/)
 - [OpenVPN](https://openvpn.net/)
 - [Shadowsocks](https://shadowsocks.org/)
 - [Qt](https://www.qt.io/)
 - [LibSsh](https://libssh.org)
 - и другие...
 ## Проверка исходного кода
 После клонирования репозитория обязательно загрузите все подмодули.
 ```bash
 git submodule update --init --recursive
 ```
 ## Разработка
 Хотите внести свой вклад? Добро пожаловать!
 ### Помощь с переводами
 Загрузите самые актуальные файлы перевода.
 Перейдите на [вкладку "Actions"](https://github.com/amnezia-vpn/amnezia-client/actions?query=is%3Asuccess+branch%3Adev), нажмите на первую строку. Затем прокрутите вниз до раздела "Artifacts" и скачайте "AmneziaVPN_translations".
 Распакуйте этот файл. Каждый файл с расширением *.ts содержит строки для соответствующего языка.
 Переведите или исправьте строки в одном или нескольких файлах *.ts и загрузите их обратно в этот репозиторий в папку ``client/translations``. Это можно сделать через веб-интерфейс или любым другим знакомым вам способом.
 ### Сборка исходного кода и деплой
 Проверьте папку deploy для скриптов сборки.
 ### Как собрать iOS-приложение из исходного кода на MacOS
 1. Убедитесь, что у вас установлен Xcode версии 14 или выше.
 2. Для генерации проекта Xcode используется QT. Требуется версия QT 6.6.2. Установите QT для MacOS здесь или через QT Online Installer. Необходимые модули:
 - MacOS
 - iOS
 - Модуль совместимости с Qt 5
 - Qt Shader Tools
 - Дополнительные библиотеки:
 - Qt Image Formats
 - Qt Multimedia
 - Qt Remote Objects
 3. Установите CMake, если это необходимо. Рекомендуемая версия — 3.25. Скачать CMake можно здесь.
 4. Установите Go версии >= v1.16. Если Go ещё не установлен, скачайте его с  [официального сайта](https://golang.org/dl/) или используйте Homebrew. Установите gomobile:
 ```bash
 export PATH=$PATH:~/go/bin
 go install golang.org/x/mobile/cmd/gomobile@latest
 gomobile init
 ```
 5. Соберите проект:
 ```bash
 export QT_BIN_DIR="<PATH-TO-QT-FOLDER>/Qt/<QT-VERSION>/ios/bin"
 export QT_MACOS_ROOT_DIR="<PATH-TO-QT-FOLDER>/Qt/<QT-VERSION>/macos"
 export QT_IOS_BIN=$QT_BIN_DIR
 export PATH=$PATH:~/go/bin
 mkdir build-ios
 $QT_IOS_BIN/qt-cmake . -B build-ios -GXcode -DQT_HOST_PATH=$QT_MACOS_ROOT_DIR
 ```
 Замените <PATH-TO-QT-FOLDER> и <QT-VERSION> на ваши значения.
 Если появляется ошибка gomobile: command not found, убедитесь, что PATH настроен на папку bin, где установлен gomobile:
 ```bash
 export PATH=$(PATH):/path/to/GOPATH/bin
 ```
 6. Откройте проект в Xcode. Теперь вы можете тестировать, архивировать или публиковать приложение.
 Если сборка завершится с ошибкой:
 ```
 make: *** 
 [$(PROJECTDIR)/client/build/AmneziaVPN.build/Debug-iphoneos/wireguard-go-bridge/goroot/.prepared] 
 Error 1
 ```
 Добавьте пользовательскую переменную PATH в настройки сборки для целей AmneziaVPN и WireGuardNetworkExtension с ключом `PATH` и значением `${PATH}/path/to/bin/folder/with/go/executable`, e.g. `${PATH}:/usr/local/go/bin`.
 Если ошибка повторяется на Mac с M1, установите версию CMake для архитектуры ARM:
 ```
 arch -arm64 brew install cmake
 ```
 При первой попытке сборка может завершиться с ошибкой source files not found. Это происходит из-за параллельной компиляции зависимостей в XCode. Просто перезапустите сборку.
 ## Как собрать Android-приложение
 Сборка тестировалась на MacOS. Требования:
 - JDK 11
 - Android SDK 33
 - CMake 3.25.0
 Установите QT, QT Creator и Android Studio.
 Настройте QT Creator:
 - В меню QT Creator перейдите в  `QT Creator` -> `Preferences` -> `Devices` ->`Android`.
 - Укажите путь к JDK 11.
 - Укажите путь к Android SDK (`$ANDROID_HOME`)
 Если вы сталкиваетесь с ошибками, связанными с отсутствием SDK или сообщением «SDK manager not running», их нельзя исправить просто корректировкой путей. Если у вас есть несколько свободных гигабайт на диске, вы можете позволить Qt Creator установить все необходимые компоненты, выбрав пустую папку для расположения Android SDK и нажав кнопку **Set Up SDK**. Учтите: это установит второй Android SDK и NDK на вашем компьютере!
 Убедитесь, что настроена правильная версия CMake: перейдите в **Qt Creator -> Preferences** и в боковом меню выберите пункт **Kits**. В центральной части окна, на вкладке **Kits**, найдите запись для инструмента **CMake Tool**. Если выбранная по умолчанию версия CMake ниже 3.25.0, установите на свою систему CMake версии 3.25.0 или выше, а затем выберите опцию **System CMake at <путь>** из выпадающего списка. Если этот пункт отсутствует, это может означать, что вы еще не установили CMake, или Qt Creator не смог найти путь к нему. В таком случае в окне **Preferences** перейдите в боковое меню **CMake**, затем во вкладку **Tools** в центральной части окна и нажмите кнопку **Add**, чтобы указать путь к установленному CMake.
 Убедитесь, что для вашего проекта выбрана Android Platform SDK 33: в главном окне на боковой панели выберите пункт **Projects**, и слева вы увидите раздел **Build & Run**, показывающий различные целевые Android-платформы. Вы можете выбрать любую из них, так как настройка проекта Amnezia VPN разработана таким образом, чтобы все Android-цели могли быть собраны. Перейдите в подраздел **Build** и прокрутите центральную часть окна до раздела **Build Steps**. Нажмите **Details** в заголовке **Build Android APK** (кнопка **Details** может быть скрыта, если окно Qt Creator не запущено в полноэкранном режиме!). Вот здесь выберите **android-33** в качестве Android Build Platform SDK.
 ### Разработка Android-компонентов
 После сборки QT Creator копирует проект в отдельную папку, например, `build-amnezia-client-Android_Qt_<version>_Clang_<architecture>-<BuildType>`. Для разработки Android-компонентов откройте сгенерированный проект в Android Studio, указав папку `build-amnezia-client-Android_Qt_<version>_Clang_<architecture>-<BuildType>/client/android-build` в качестве корневой.
 Изменения в сгенерированном проекте нужно вручную перенести в репозиторий. После этого можно коммитить изменения.
 Если возникают проблемы со сборкой в QT Creator после работы в Android Studio, выполните команду `./gradlew clean` в корневой папке сгенерированного проекта (`<path>/client/android-build/.`).
 ## Лицензия
 GPL v3.0
 ## Донаты
 Patreon: [https://www.patreon.com/amneziavpn](https://www.patreon.com/amneziavpn)
 Bitcoin: bc1qmhtgcf9637rl3kqyy22r2a8wa8laka4t9rx2mf <br>
 USDT BEP20: 0x6abD576765a826f87D1D95183438f9408C901bE4 <br>
 USDT TRC20: TELAitazF1MZGmiNjTcnxDjEiH5oe7LC9d <br>
 XMR: 48spms39jt1L2L5vyw2RQW6CXD6odUd4jFu19GZcDyKKQV9U88wsJVjSbL4CfRys37jVMdoaWVPSvezCQPhHXUW5UKLqUp3 <br> 
 TON: UQDpU1CyKRmg7L8mNScKk9FRc2SlESuI7N-Hby4nX-CcVmns
 ## Благодарности
 Этот проект тестируется с помощью BrowserStack.
 Мы выражаем благодарность [BrowserStack](https://www.browserstack.com) за поддержку нашего проекта.
--- a/client/3rd-prebuilt
+++ b/client/3rd-prebuilt
@ -1 +1 @@
-Subproject commit c969f28b84f8343cdae0b5f39cfd876f8a1e01cb
+Subproject commit 840b7b070e6ac8b90dda2fac6e98859b23727c0c
--- a/client/3rd/OpenVPNAdapter
+++ b/client/3rd/OpenVPNAdapter
@ -1 +0,0 @@
 Subproject commit 7c821a8d5c1ad5ad94e0763b4f25a875b5a6fe1b
--- a/client/3rd/QJsonStruct/.gitignore
+++ b/client/3rd/QJsonStruct/.gitignore
@ -0,0 +1,2 @@
 *.user
 build/
--- a/client/3rd/QJsonStruct/CMakeLists.txt
+++ b/client/3rd/QJsonStruct/CMakeLists.txt
@ -0,0 +1,19 @@
 cmake_minimum_required(VERSION 3.5)
 project(QJsonStruct LANGUAGES CXX)
 set(CMAKE_INCLUDE_CURRENT_DIR ON)
 set(CMAKE_AUTOMOC ON)
 set(CMAKE_AUTORCC ON)
 set(CMAKE_CXX_STANDARD 17)
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 option(BUILD_TESTING ON)
 include(QJsonStruct.cmake)
 find_package(Qt5 COMPONENTS Core REQUIRED)
 if(BUILD_TESTING)
    include(CTest)
    add_subdirectory(test)
 endif()
--- a/client/3rd/QJsonStruct/LICENSE
+++ b/client/3rd/QJsonStruct/LICENSE
@ -0,0 +1,21 @@
 MIT License
 Copyright (c) 2020 Qv2ray Workgroup
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:
 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
--- a/client/3rd/QJsonStruct/QJsonIO.hpp
+++ b/client/3rd/QJsonStruct/QJsonIO.hpp
@ -0,0 +1,190 @@
 #pragma once
 #include <QJsonArray>
 #include <QJsonObject>
 #include <QJsonValue>
 #include <QList>
 #include <tuple>
 enum class QJsonIOPathType
 {
    JSONIO_MODE_ARRAY,
    JSONIO_MODE_OBJECT
 };
 typedef QPair<QString, QJsonIOPathType> QJsonIONodeType;
 struct QJsonIOPath : QList<QJsonIONodeType>
 {
    template<typename type1, typename type2, typename... types>
    QJsonIOPath(const type1 t1, const type2 t2, const types... ts)
    {
        AppendPath(t1);
        AppendPath(t2);
        (AppendPath(ts), ...);
    }
    void AppendPath(size_t index)
    {
        append({ QString::number(index), QJsonIOPathType::JSONIO_MODE_ARRAY });
    }
    void AppendPath(const QString &key)
    {
        append({ key, QJsonIOPathType::JSONIO_MODE_OBJECT });
    }
    template<typename t>
    QJsonIOPath &operator<<(const t &str)
    {
        AppendPath(str);
        return *this;
    }
    template<typename t>
    QJsonIOPath &operator+=(const t &val)
    {
        AppendPath(val);
        return *this;
    }
    QJsonIOPath &operator<<(const QJsonIOPath &other)
    {
        for (const auto &x : other)
            this->append(x);
        return *this;
    }
    template<typename t>
    QJsonIOPath &operator<<(const t &val) const
    {
        auto _new = *this;
        return _new << val;
    }
    template<typename t>
    QJsonIOPath operator+(const t &val) const
    {
        auto _new = *this;
        return _new << val;
    }
    QJsonIOPath operator+(const QJsonIOPath &other) const
    {
        auto _new = *this;
        for (const auto &x : other)
            _new.append(x);
        return _new;
    }
 };
 class QJsonIO
 {
  public:
    const static inline QJsonValue Null = QJsonValue::Null;
    const static inline QJsonValue Undefined = QJsonValue::Undefined;
    template<typename current_key_type, typename... t_other_types>
    static QJsonValue GetValue(const QJsonValue &parent, const current_key_type &current, const t_other_types &...other)
    {
        if constexpr (sizeof...(t_other_types) == 0)
            if constexpr (std::is_integral_v<current_key_type>)
                return parent.toArray()[current];
            else
                return parent.toObject()[current];
        else if constexpr (std::is_integral_v<current_key_type>)
            return GetValue(parent.toArray()[current], other...);
        else
            return GetValue(parent.toObject()[current], other...);
    }
    template<typename... key_types_t>
    static QJsonValue GetValue(QJsonValue value, const std::tuple<key_types_t...> &keys, const QJsonValue &defaultValue = Undefined)
    {
        std::apply([&](auto &&...args) { ((value = value[args]), ...); }, keys);
        return value.isUndefined() ? defaultValue : value;
    }
    template<typename parent_type, typename t_value_type, typename current_key_type, typename... t_other_key_types>
    static void SetValue(parent_type &parent, const t_value_type &val, const current_key_type &current, const t_other_key_types &...other)
    {
        // If current parent is an array, increase its size to fit the "key"
        if constexpr (std::is_integral_v<current_key_type>)
            for (auto i = parent.size(); i <= current; i++)
                parent.insert(i, {});
        // If the t_other_key_types has nothing....
        // Means we have reached the end of recursion.
        if constexpr (sizeof...(t_other_key_types) == 0)
            parent[current] = val;
        else if constexpr (std::is_integral_v<typename std::tuple_element_t<0, std::tuple<t_other_key_types...>>>)
        {
            // Means we still have many keys
            // So this element is an array.
            auto _array = parent[current].toArray();
            SetValue(_array, val, other...);
            parent[current] = _array;
        }
        else
        {
            auto _object = parent[current].toObject();
            SetValue(_object, val, other...);
            parent[current] = _object;
        }
    }
    static QJsonValue GetValue(const QJsonValue &parent, const QJsonIOPath &path, const QJsonValue &defaultValue = QJsonIO::Undefined)
    {
        QJsonValue val = parent;
        for (const auto &[k, t] : path)
        {
            if (t == QJsonIOPathType::JSONIO_MODE_ARRAY)
                val = val.toArray()[k.toInt()];
            else
                val = val.toObject()[k];
        }
        return val.isUndefined() ? defaultValue : val;
    }
    template<typename parent_type, typename value_type>
    static void SetValue(parent_type &parent, const value_type &t, const QJsonIOPath &path)
    {
        QList<std::tuple<QString, QJsonIOPathType, QJsonValue>> _stack;
        QJsonValue lastNode = parent;
        for (const auto &[key, type] : path)
        {
            _stack.prepend({ key, type, lastNode });
            if (type == QJsonIOPathType::JSONIO_MODE_ARRAY)
                lastNode = lastNode.toArray().at(key.toInt());
            else
                lastNode = lastNode.toObject()[key];
        }
        lastNode = t;
        for (const auto &[key, type, node] : _stack)
        {
            if (type == QJsonIOPathType::JSONIO_MODE_ARRAY)
            {
                const auto index = key.toInt();
                auto nodeArray = node.toArray();
                for (auto i = nodeArray.size(); i <= index; i++)
                    nodeArray.insert(i, {});
                nodeArray[index] = lastNode;
                lastNode = nodeArray;
            }
            else
            {
                auto nodeObject = node.toObject();
                nodeObject[key] = lastNode;
                lastNode = nodeObject;
            }
        }
        if constexpr (std::is_same_v<parent_type, QJsonObject>)
            parent = lastNode.toObject();
        else if constexpr (std::is_same_v<parent_type, QJsonArray>)
            parent = lastNode.toArray();
        else
            Q_UNREACHABLE();
    }
 };
--- a/client/3rd/QJsonStruct/QJsonStruct.cmake
+++ b/client/3rd/QJsonStruct/QJsonStruct.cmake
@ -0,0 +1,5 @@
 include_directories(${CMAKE_CURRENT_LIST_DIR})
 set(QJSONSTRUCT_SOURCES
    ${CMAKE_CURRENT_LIST_DIR}/QJsonStruct.hpp
    ${CMAKE_CURRENT_LIST_DIR}/QJsonIO.hpp)
--- a/client/3rd/QJsonStruct/QJsonStruct.hpp
+++ b/client/3rd/QJsonStruct/QJsonStruct.hpp
@ -0,0 +1,215 @@
 #pragma once
 #include "macroexpansion.hpp"
 #ifndef _X
    #include <QJsonArray>
    #include <QJsonObject>
    #include <QList>
    #include <QVariant>
 #endif
 /// macro to define an operator==
 #define ___JSONSTRUCT_DEFAULT_COMPARE_IMPL(x) (this->x == ___another___instance__.x) &&
 #define JSONSTRUCT_COMPARE(CLASS, ...)                                                                                                               \
    bool operator==(const CLASS &___another___instance__) const                                                                                      \
    {                                                                                                                                                \
        return FOR_EACH(___JSONSTRUCT_DEFAULT_COMPARE_IMPL, __VA_ARGS__) true;                                                                       \
    }
 // ============================================================================================
 // Load JSON IMPL
 #define ___DESERIALIZE_FROM_JSON_CONVERT_B_FUNC_IMPL(name) name::loadJson(___json_object_);
 #define ___DESERIALIZE_FROM_JSON_CONVERT_A_FUNC(name) ___DESERIALIZE_FROM_JSON_CONVERT_F_FUNC(name)
 #define ___DESERIALIZE_FROM_JSON_CONVERT_B_FUNC(...) FOREACH_CALL_FUNC_3(___DESERIALIZE_FROM_JSON_CONVERT_B_FUNC_IMPL, __VA_ARGS__)
 #define ___DESERIALIZE_FROM_JSON_CONVERT_F_FUNC(name)                                                                                                \
    if (___json_object_.toObject().contains(#name))                                                                                                  \
    {                                                                                                                                                \
        JsonStructHelper::Deserialize(this->name, ___json_object_.toObject()[#name]);                                                                \
    }                                                                                                                                                \
    else                                                                                                                                             \
    {                                                                                                                                                \
        this->name = ___qjsonstruct_default_check.name;                                                                                              \
    }
 // ============================================================================================
 // To JSON IMPL
 #define ___SERIALIZE_TO_JSON_CONVERT_F_FUNC(name)                                                                                                    \
    if (!(___qjsonstruct_default_check.name == this->name))                                                                                          \
    {                                                                                                                                                \
        ___json_object_.insert(#name, JsonStructHelper::Serialize(name));                                                                            \
    }
 #define ___SERIALIZE_TO_JSON_CONVERT_A_FUNC(name) ___json_object_.insert(#name, JsonStructHelper::Serialize(name));
 #define ___SERIALIZE_TO_JSON_CONVERT_B_FUNC_IMPL(name) JsonStructHelper::MergeJson(___json_object_, name::toJson());
 #define ___SERIALIZE_TO_JSON_CONVERT_B_FUNC(...) FOREACH_CALL_FUNC_3(___SERIALIZE_TO_JSON_CONVERT_B_FUNC_IMPL, __VA_ARGS__)
 // ============================================================================================
 // Load JSON Wrapper
 #define ___DESERIALIZE_FROM_JSON_CONVERT_FUNC_DECL_A(...) FOREACH_CALL_FUNC_2(___DESERIALIZE_FROM_JSON_CONVERT_A_FUNC, __VA_ARGS__)
 #define ___DESERIALIZE_FROM_JSON_CONVERT_FUNC_DECL_F(...) FOREACH_CALL_FUNC_2(___DESERIALIZE_FROM_JSON_CONVERT_F_FUNC, __VA_ARGS__)
 #define ___DESERIALIZE_FROM_JSON_CONVERT_FUNC_DECL_B(...) FOREACH_CALL_FUNC_2(___DESERIALIZE_FROM_JSON_CONVERT_B_FUNC, __VA_ARGS__)
 #define ___DESERIALIZE_FROM_JSON_EXTRACT_B_F(name_option) ___DESERIALIZE_FROM_JSON_CONVERT_FUNC_DECL_##name_option
 // ============================================================================================
 // To JSON Wrapper
 #define ___SERIALIZE_TO_JSON_CONVERT_FUNC_DECL_A(...) FOREACH_CALL_FUNC_2(___SERIALIZE_TO_JSON_CONVERT_A_FUNC, __VA_ARGS__)
 #define ___SERIALIZE_TO_JSON_CONVERT_FUNC_DECL_F(...) FOREACH_CALL_FUNC_2(___SERIALIZE_TO_JSON_CONVERT_F_FUNC, __VA_ARGS__)
 #define ___SERIALIZE_TO_JSON_CONVERT_FUNC_DECL_B(...) FOREACH_CALL_FUNC_2(___SERIALIZE_TO_JSON_CONVERT_B_FUNC, __VA_ARGS__)
 #define ___SERIALIZE_TO_JSON_EXTRACT_B_F(name_option) ___SERIALIZE_TO_JSON_CONVERT_FUNC_DECL_##name_option
 // ============================================================================================
 #define JSONSTRUCT_REGISTER_NOCOPYMOVE(___class_type_, ...)                                                                                          \
    void loadJson(const QJsonValue &___json_object_)                                                                                                 \
    {                                                                                                                                                \
        ___class_type_ ___qjsonstruct_default_check;                                                                                                 \
        FOREACH_CALL_FUNC(___DESERIALIZE_FROM_JSON_EXTRACT_B_F, __VA_ARGS__);                                                                        \
    }                                                                                                                                                \
    [[nodiscard]] const QJsonObject toJson() const                                                                                                   \
    {                                                                                                                                                \
        ___class_type_ ___qjsonstruct_default_check;                                                                                                 \
        QJsonObject ___json_object_;                                                                                                                 \
        FOREACH_CALL_FUNC(___SERIALIZE_TO_JSON_EXTRACT_B_F, __VA_ARGS__);                                                                            \
        return ___json_object_;                                                                                                                      \
    }
 #define JSONSTRUCT_REGISTER(___class_type_, ...)                                                                                                     \
    JSONSTRUCT_REGISTER_NOCOPYMOVE(___class_type_, __VA_ARGS__);                                                                                     \
    [[nodiscard]] static auto fromJson(const QJsonValue &___json_object_)                                                                            \
    {                                                                                                                                                \
        ___class_type_ _t;                                                                                                                           \
        _t.loadJson(___json_object_);                                                                                                                \
        return _t;                                                                                                                                   \
    }
 #define ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(type, convert_func)                                                                                \
    static void Deserialize(type &t, const QJsonValue &d)                                                                                            \
    {                                                                                                                                                \
        t = d.convert_func;                                                                                                                          \
    }
 class JsonStructHelper
 {
  public:
    static void MergeJson(QJsonObject &mergeTo, const QJsonObject &mergeIn)
    {
        for (const auto &key : mergeIn.keys())
            mergeTo[key] = mergeIn.value(key);
    }
    //
    template<typename T>
    static void Deserialize(T &t, const QJsonValue &d)
    {
        if constexpr (std::is_enum_v<T>)
            t = (T) d.toInt();
        else if constexpr (std::is_same_v<T, QJsonObject>)
            t = d.toObject();
        else if constexpr (std::is_same_v<T, QJsonArray>)
            t = d.toArray();
        else
            t.loadJson(d);
    }
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(QString, toString());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(QChar, toVariant().toChar());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(std::string, toString().toStdString());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(std::wstring, toString().toStdWString());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(bool, toBool());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(double, toDouble());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(float, toVariant().toFloat());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(int, toInt());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(long, toVariant().toLongLong());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(long long, toVariant().toLongLong());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(unsigned int, toVariant().toUInt());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(unsigned long, toVariant().toULongLong());
    ___DECL_JSON_STRUCT_LOAD_SIMPLE_TYPE_FUNC(unsigned long long, toVariant().toULongLong());
    template<typename T>
    static void Deserialize(QList<T> &t, const QJsonValue &d)
    {
        t.clear();
        for (const auto &val : d.toArray())
        {
            T data;
            Deserialize(data, val);
            t.push_back(data);
        }
    }
    template<typename TKey, typename TValue>
    static void Deserialize(QMap<TKey, TValue> &t, const QJsonValue &d)
    {
        t.clear();
        const auto &jsonObject = d.toObject();
        TKey keyVal;
        TValue valueVal;
        for (const auto &key : jsonObject.keys())
        {
            Deserialize(keyVal, key);
            Deserialize(valueVal, jsonObject.value(key));
            t.insert(keyVal, valueVal);
        }
    }
    // =========================== Store Json Data ===========================
    template<typename T>
    static QJsonValue Serialize(const T &t)
    {
        if constexpr (std::is_enum_v<T>)
            return (int) t;
        else if constexpr (std::is_same_v<T, QJsonObject> || std::is_same_v<T, QJsonArray>)
            return t;
        else
            return t.toJson();
    }
 #define pure_func(x) (x)
 #define ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(type)                                                                                             \
    static QJsonValue Serialize(const type &t)                                                                                                       \
    {                                                                                                                                                \
        return QJsonValue(t);                                                                                                                        \
    }
    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(int);
    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(bool);
    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(QJsonArray);
    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(QJsonObject);
    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(QString);
    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(long long);
    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(float);
    ___DECL_JSON_STRUCT_STORE_SIMPLE_TYPE_FUNC(double);
 #define ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(type, func)                                                                                      \
    static QJsonValue Serialize(const type &t)                                                                                                       \
    {                                                                                                                                                \
        return QJsonValue::fromVariant(func);                                                                                                        \
    }
    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(std::string, QString::fromStdString(t))
    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(std::wstring, QString::fromStdWString(t))
    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(long, QVariant::fromValue<long>(t))
    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(unsigned int, QVariant::fromValue<unsigned int>(t))
    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(unsigned long, QVariant::fromValue<unsigned long>(t))
    ___DECL_JSON_STRUCT_STORE_VARIANT_TYPE_FUNC(unsigned long long, QVariant::fromValue<unsigned long long>(t))
    template<typename TValue>
    static QJsonValue Serialize(const QMap<QString, TValue> &t)
    {
        QJsonObject mapObject;
        for (const auto &key : t.keys())
        {
            auto valueVal = Serialize(t.value(key));
            mapObject.insert(key, valueVal);
        }
        return mapObject;
    }
    template<typename T>
    static QJsonValue Serialize(const QList<T> &t)
    {
        QJsonArray listObject;
        for (const auto &item : t)
        {
            listObject.push_back(Serialize(item));
        }
        return listObject;
    }
 };
--- a/client/3rd/QJsonStruct/macroexpansion.hpp
+++ b/client/3rd/QJsonStruct/macroexpansion.hpp
@ -0,0 +1,74 @@
 #pragma once
 #define CONCATENATE1(arg1, arg2) CONCATENATE2(arg1, arg2)
 #define CONCATENATE2(arg1, arg2) arg1##arg2
 #define CONCATENATE(x, y) x##y
 #define EXPAND(...) __VA_ARGS__
 #define FOR_EACH_1(what, x, ...) what(x)
 #define FOR_EACH_2(what, x, ...) what(x) EXPAND(FOR_EACH_1(what, __VA_ARGS__))
 #define FOR_EACH_3(what, x, ...) what(x) EXPAND(FOR_EACH_2(what, __VA_ARGS__))
 #define FOR_EACH_4(what, x, ...) what(x) EXPAND(FOR_EACH_3(what, __VA_ARGS__))
 #define FOR_EACH_5(what, x, ...) what(x) EXPAND(FOR_EACH_4(what, __VA_ARGS__))
 #define FOR_EACH_6(what, x, ...) what(x) EXPAND(FOR_EACH_5(what, __VA_ARGS__))
 #define FOR_EACH_7(what, x, ...) what(x) EXPAND(FOR_EACH_6(what, __VA_ARGS__))
 #define FOR_EACH_8(what, x, ...) what(x) EXPAND(FOR_EACH_7(what, __VA_ARGS__))
 #define FOR_EACH_9(what, x, ...) what(x) EXPAND(FOR_EACH_8(what, __VA_ARGS__))
 #define FOR_EACH_10(what, x, ...) what(x) EXPAND(FOR_EACH_9(what, __VA_ARGS__))
 #define FOR_EACH_11(what, x, ...) what(x) EXPAND(FOR_EACH_10(what, __VA_ARGS__))
 #define FOR_EACH_12(what, x, ...) what(x) EXPAND(FOR_EACH_11(what, __VA_ARGS__))
 #define FOR_EACH_13(what, x, ...) what(x) EXPAND(FOR_EACH_12(what, __VA_ARGS__))
 #define FOR_EACH_14(what, x, ...) what(x) EXPAND(FOR_EACH_13(what, __VA_ARGS__))
 #define FOR_EACH_15(what, x, ...) what(x) EXPAND(FOR_EACH_14(what, __VA_ARGS__))
 #define FOR_EACH_16(what, x, ...) what(x) EXPAND(FOR_EACH_15(what, __VA_ARGS__))
 #define FOR_EACH_NARG(...) FOR_EACH_NARG_(__VA_ARGS__, FOR_EACH_RSEQ_N())
 #define FOR_EACH_NARG_(...) EXPAND(FOR_EACH_ARG_N(__VA_ARGS__))
 #define FOR_EACH_ARG_N(_1, _2, _3, _4, _5, _6, _7, _8, _9, _10, _11, _12, _13, _14, _15, _16, N, ...) N
 #define FOR_EACH_RSEQ_N() 16, 15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0
 #define FOR_EACH_(N, what, ...) EXPAND(CONCATENATE(FOR_EACH_, N)(what, __VA_ARGS__))
 #define FOR_EACH(what, ...) FOR_EACH_(FOR_EACH_NARG(__VA_ARGS__), what, __VA_ARGS__)
 #define FOREACH_CALL_FUNC(func, ...) FOR_EACH(func, __VA_ARGS__)
 // Bad hack ==========================================================================================================================
 #define _2X_FOR_EACH_1(what, x, ...) what(x)
 #define _2X_FOR_EACH_2(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_1(what, __VA_ARGS__))
 #define _2X_FOR_EACH_3(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_2(what, __VA_ARGS__))
 #define _2X_FOR_EACH_4(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_3(what, __VA_ARGS__))
 #define _2X_FOR_EACH_5(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_4(what, __VA_ARGS__))
 #define _2X_FOR_EACH_6(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_5(what, __VA_ARGS__))
 #define _2X_FOR_EACH_7(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_6(what, __VA_ARGS__))
 #define _2X_FOR_EACH_8(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_7(what, __VA_ARGS__))
 #define _2X_FOR_EACH_9(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_8(what, __VA_ARGS__))
 #define _2X_FOR_EACH_10(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_9(what, __VA_ARGS__))
 #define _2X_FOR_EACH_11(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_10(what, __VA_ARGS__))
 #define _2X_FOR_EACH_12(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_11(what, __VA_ARGS__))
 #define _2X_FOR_EACH_13(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_12(what, __VA_ARGS__))
 #define _2X_FOR_EACH_14(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_13(what, __VA_ARGS__))
 #define _2X_FOR_EACH_15(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_14(what, __VA_ARGS__))
 #define _2X_FOR_EACH_16(what, x, ...) what(x) EXPAND(_2X_FOR_EACH_15(what, __VA_ARGS__))
 #define _2X_FOR_EACH_(N, what, ...) EXPAND(CONCATENATE(_2X_FOR_EACH_, N)(what, __VA_ARGS__))
 #define _2X_FOR_EACH(what, ...) _2X_FOR_EACH_(FOR_EACH_NARG(__VA_ARGS__), what, __VA_ARGS__)
 #define FOREACH_CALL_FUNC_2(func, ...) _2X_FOR_EACH(func, __VA_ARGS__)
 // Bad hack ==========================================================================================================================
 #define _3X_FOR_EACH_1(what, x, ...) what(x)
 #define _3X_FOR_EACH_2(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_1(what, __VA_ARGS__))
 #define _3X_FOR_EACH_3(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_2(what, __VA_ARGS__))
 #define _3X_FOR_EACH_4(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_3(what, __VA_ARGS__))
 #define _3X_FOR_EACH_5(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_4(what, __VA_ARGS__))
 #define _3X_FOR_EACH_6(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_5(what, __VA_ARGS__))
 #define _3X_FOR_EACH_7(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_6(what, __VA_ARGS__))
 #define _3X_FOR_EACH_8(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_7(what, __VA_ARGS__))
 #define _3X_FOR_EACH_9(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_8(what, __VA_ARGS__))
 #define _3X_FOR_EACH_10(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_9(what, __VA_ARGS__))
 #define _3X_FOR_EACH_11(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_10(what, __VA_ARGS__))
 #define _3X_FOR_EACH_12(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_11(what, __VA_ARGS__))
 #define _3X_FOR_EACH_13(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_12(what, __VA_ARGS__))
 #define _3X_FOR_EACH_14(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_13(what, __VA_ARGS__))
 #define _3X_FOR_EACH_15(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_14(what, __VA_ARGS__))
 #define _3X_FOR_EACH_16(what, x, ...) what(x) EXPAND(_3X_FOR_EACH_15(what, __VA_ARGS__))
 #define _3X_FOR_EACH_(N, what, ...) EXPAND(CONCATENATE(_3X_FOR_EACH_, N)(what, __VA_ARGS__))
 #define _3X_FOR_EACH(what, ...) _3X_FOR_EACH_(FOR_EACH_NARG(__VA_ARGS__), what, __VA_ARGS__)
 #define FOREACH_CALL_FUNC_3(func, ...) _3X_FOR_EACH(func, __VA_ARGS__)
--- a/client/3rd/QJsonStruct/test/CMakeLists.txt
+++ b/client/3rd/QJsonStruct/test/CMakeLists.txt
@ -0,0 +1,16 @@
 function(QJSONSTRUCT_ADD_TEST TEST_NAME TEST_SOURCE)
    add_executable(${TEST_NAME} ${TEST_SOURCE} catch.hpp ${QJSONSTRUCT_SOURCES})
    target_include_directories(${TEST_NAME}
        PRIVATE
        $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>
        )
    target_link_libraries(
        ${TEST_NAME}
        PRIVATE
        Qt::Core
        )
    add_test(NAME QJSONSTRUCT_TEST_${TEST_NAME} COMMAND $<TARGET_FILE:${TEST_NAME}> -s)
 endfunction()
 QJSONSTRUCT_ADD_TEST(serialization serialize/main.cpp)
 #QJSONSTRUCT_ADD_TEST(serialize_strings serialize/strings.cpp)
--- a/client/3rd/QJsonStruct/test/TestIO.hpp
+++ b/client/3rd/QJsonStruct/test/TestIO.hpp
@ -0,0 +1,45 @@
 #pragma once
 #include "QJsonStruct.hpp"
 #ifndef _X
    #include <QList>
    #include <QString>
    #include <QStringList>
 #endif
 struct BaseStruct
 {
    QString baseStr;
    int o;
    JSONSTRUCT_REGISTER(BaseStruct, F(baseStr, o))
 };
 struct BaseStruct2
 {
    QString baseStr2;
    int o2;
    JSONSTRUCT_REGISTER(BaseStruct, F(baseStr2, o2))
 };
 struct TestInnerStruct
    : BaseStruct
    , BaseStruct2
 {
    QJsonObject jobj;
    QJsonArray jarray;
    QString str;
    JSONSTRUCT_REGISTER(TestInnerStruct, B(BaseStruct, BaseStruct2), F(str, jobj, jarray))
 };
 struct JsonIOTest
 {
    QString str;
    QList<int> listOfNumber;
    QList<bool> listOfBool;
    QList<QString> listOfString;
    QList<QList<QString>> listOfListOfString;
    QMap<QString, QString> map;
    TestInnerStruct inner;
    JSONSTRUCT_REGISTER(JsonIOTest, F(str, listOfNumber, listOfBool, listOfString, listOfListOfString, map, inner));
    JsonIOTest(){};
 };
--- a/client/3rd/QJsonStruct/test/TestOut.hpp
+++ b/client/3rd/QJsonStruct/test/TestOut.hpp
@ -0,0 +1,19 @@
 #pragma once
 #include "QJsonStruct.hpp"
 struct SubData
 {
    QString subString;
    JSONSTRUCT_REGISTER_TOJSON(subString)
 };
 struct ToJsonOnlyData
 {
    QString x;
    int y;
    int z;
    QList<int> ints;
    SubData sub;
    QMap<QString, SubData> subs;
    JSONSTRUCT_REGISTER_TOJSON(x, y, z, sub, ints, subs)
 };
--- a/client/3rd/QJsonStruct/test/catch.hpp
+++ b/client/3rd/QJsonStruct/test/catch.hpp
--- a/client/3rd/QJsonStruct/test/main.cpp
+++ b/client/3rd/QJsonStruct/test/main.cpp
@ -0,0 +1,70 @@
 #include "QJsonIO.hpp"
 #include "QJsonStruct.hpp"
 #include "TestIO.hpp"
 #include "TestOut.hpp"
 #include <QCoreApplication>
 #include <QJsonDocument>
 #include <iostream>
 int main(int argc, char *argv[])
 {
    Q_UNUSED(argc)
    Q_UNUSED(argv)
    {
        ToJsonOnlyData data;
        data.x = "1string";
        data.y = 2;
        data.ints << 0;
        data.ints << 100;
        data.ints << 900;
        data.sub.subString = "subs";
        data.subs["subs-1"] = { "subs1-data" };
        data.subs["subs-2"] = { "subs2-data" };
        data.subs["subs-3"] = { "subs3-data" };
        data.z = 3;
        auto x = data.toJson();
        std::cout << QJsonDocument(x).toJson().toStdString() << std::endl;
    }
    //
    {
        auto f = JsonIOTest::fromJson( //
            QJsonObject{
                { "inner", QJsonObject{ { "str", "innerString" },                                 //
                                        { "jobj", QJsonObject{ { "key", "value" } } },            //
                                        { "jarray", QJsonArray{ "array0", "array1", "array2" } }, //
                                        { "baseStr", "baseInnerString" } } },                     //
                { "str", "data1" },                                                               //
                { "map", QJsonObject{ { "mapStr", "mapData" } } },                                //
                { "listOfString", QJsonArray{ "1", "2", "3", "4", "5" } },                        //
                { "listOfNumber", QJsonArray{ 1, 2, 3, 4, 5 } },                                  //
                { "listOfBool", QJsonArray{ true, false, false, true, true } },                   //
                { "listOfListOfString", QJsonArray{ QJsonArray{ "1" },                            //
                                                    QJsonArray{ "1", "2" },                       //
                                                    QJsonArray{ "1", "2", "3" },                  //
                                                    QJsonArray{ "1", "2", "3", "4" },             //
                                                    QJsonArray{ "1", "2", "3", "4", "5" } } },    //
            });
        auto x = f.toJson();
        std::cout << QJsonDocument(x).toJson().toStdString() << std::endl;
    }
    {
        QJsonObject obj{
            { "inner", QJsonObject{ { "str", "innerString" }, { "baseStr", "baseInnerString" } } }, //
            { "str", "data1" },                                                                     //
            { "map", QJsonObject{ { "mapStr", "mapData" } } },                                      //
            { "listOfString", QJsonArray{ "1", "2", "3", "4", "5" } },                              //
            { "listOfNumber", QJsonArray{ 1, 2, 3, 4, 5 } },                                        //
            { "listOfBool", QJsonArray{ true, false, false, true, true } },                         //
            { "listOfListOfString", QJsonArray{ QJsonArray{ "1" },                                  //
                                                QJsonArray{ "1", "2" },                             //
                                                QJsonArray{ "1", "2", "3" },                        //
                                                QJsonArray{ "1", "2", "3", "4" },                   //
                                                QJsonArray{ "1", "2", "3", "4", "5" } } },          //
        };
        auto y = QJsonIO::GetValue(obj, std::tuple{ "listOfListOfString", 2 });
        y.toObject();
    }
    return 0;
 }
--- a/client/3rd/QJsonStruct/test/serialize/main.cpp
+++ b/client/3rd/QJsonStruct/test/serialize/main.cpp
@ -0,0 +1,181 @@
 #include "QJsonStruct.hpp"
 #define CATCH_CONFIG_MAIN
 #include "catch.hpp"
 const static inline auto INT_TEST_MAX = std::numeric_limits<int>::max() - 1;
 const static inline auto INT_TEST_MIN = -(std::numeric_limits<int>::min() + 1);
 #define SINGLE_ELEMENT_CLASS_DECL(CLASS, TYPE, field, defaultvalue, existance)                                                                       \
    class CLASS                                                                                                                                      \
    {                                                                                                                                                \
      public:                                                                                                                                        \
        TYPE field = defaultvalue;                                                                                                                   \
        JSONSTRUCT_REGISTER(CLASS, existance(field));                                                                                                \
    };
 // SINGLE_ELEMENT_REQUIRE( CLASS_NAME , TYPE , FIELD , DEFAULT_VALUE , SET VALUE , CHECK VALUE )
 #define SINGLE_ELEMENT_REQUIRE(CLASS, TYPE, field, defaultvalue, value, checkvalue, existance)                                                       \
    SINGLE_ELEMENT_CLASS_DECL(CLASS, TYPE, field, defaultvalue, existance);                                                                          \
    CLASS CLASS##_class;                                                                                                                             \
    CLASS##_class.field = value;                                                                                                                     \
    REQUIRE(CLASS##_class.toJson()[#field] == checkvalue);
 using namespace std;
 SCENARIO("Test Serialization", "[Serialize]")
 {
    GIVEN("Single Element")
    {
        const static QList<QString> defaultList{ "entry 1", "entry 2" };
        const static QMap<QString, QString> defaultMap{ { "key1", "value1" }, { "key2", "value2" } };
        typedef QMap<QString, QString> QStringQStringMap;
        WHEN("Serialize a single element")
        {
            const static QStringQStringMap setValueMap{ { "newkey1", "newvalue1" } };
            const static QJsonObject setValueJson{ { "newkey1", QJsonValue{ "newvalue1" } } };
            SINGLE_ELEMENT_REQUIRE(QStringTest_Empty, QString, a, "empty", "", "", F);
            SINGLE_ELEMENT_REQUIRE(QStringTest, QString, a, "empty", "Some QString", "Some QString", F);
            SINGLE_ELEMENT_REQUIRE(QStringTest_WithQoutes, QString, a, "empty", "\"", "\"", F);
            SINGLE_ELEMENT_REQUIRE(QStringTest_zint, int, a, -10, 0, 0, F);
            SINGLE_ELEMENT_REQUIRE(QStringTest_nint, int, a, -10, 1, 1, F);
            SINGLE_ELEMENT_REQUIRE(QStringTest_pint, int, a, -10, -1, -1, F);
            SINGLE_ELEMENT_REQUIRE(QStringTest_pmint, int, a, -1, INT_TEST_MAX, INT_TEST_MAX, F);
            SINGLE_ELEMENT_REQUIRE(QStringTest_zmint, int, a, -1, INT_TEST_MIN, INT_TEST_MIN, F);
            SINGLE_ELEMENT_REQUIRE(QStringTest_zuint, uint, a, -10, 0, 0, F);
            SINGLE_ELEMENT_REQUIRE(QStringTest_puint, uint, a, -10, 1, 1, F);
            SINGLE_ELEMENT_REQUIRE(BoolTest_True, bool, a, false, true, true, F);
            SINGLE_ELEMENT_REQUIRE(BoolTest_False, bool, a, true, false, false, F);
            SINGLE_ELEMENT_REQUIRE(StdStringTest, string, a, "def", "std::string _test", "std::string _test", F);
            SINGLE_ELEMENT_REQUIRE(QListTest, QList<QString>, a, defaultList, { "newEntry" }, QJsonArray{ "newEntry" }, F);
            SINGLE_ELEMENT_REQUIRE(QMapTest, QStringQStringMap, a, defaultMap, {}, QJsonObject{}, F);
            SINGLE_ELEMENT_REQUIRE(QMapValueTest, QStringQStringMap, a, defaultMap, setValueMap, setValueJson, F);
        }
        WHEN("Serialize a default value")
        {
            SINGLE_ELEMENT_REQUIRE(DefaultQString, QString, a, "defaultvalue", "defaultvalue", QJsonValue::Undefined, F);
            SINGLE_ELEMENT_REQUIRE(DefaultInteger, int, a, 12345, 12345, QJsonValue::Undefined, F);
            SINGLE_ELEMENT_REQUIRE(DefaultList, QList<QString>, a, defaultList, defaultList, QJsonValue::Undefined, F);
            SINGLE_ELEMENT_REQUIRE(DefaultMap, QStringQStringMap, a, defaultMap, defaultMap, QJsonValue::Undefined, F);
        }
        WHEN("Serialize a force existance default value")
        {
            const static QJsonArray defaultListJson{ "entry 1", "entry 2" };
            const static QJsonObject defaultMapJson{ { "key1", "value1" }, { "key2", "value2" } };
            SINGLE_ELEMENT_REQUIRE(DefaultQString, QString, a, "defaultvalue", "defaultvalue", "defaultvalue", A);
            SINGLE_ELEMENT_REQUIRE(DefaultInteger, int, a, 12345, 12345, 12345, A);
            SINGLE_ELEMENT_REQUIRE(DefaultList, QList<QString>, a, defaultList, defaultList, defaultListJson, A);
            SINGLE_ELEMENT_REQUIRE(DefaultMap, QStringQStringMap, a, defaultMap, defaultMap, defaultMapJson, A);
        }
    }
    GIVEN("Multiple Simple Elements")
    {
        WHEN("Can Omit Default Value")
        {
            class MultipleNonDefaultElementTestClass
            {
              public:
                QString astring;
                int integer = 0;
                double adouble = 0.0;
                QList<QString> myList;
                JSONSTRUCT_REGISTER(MultipleNonDefaultElementTestClass, F(astring, integer, adouble, myList))
            };
            MultipleNonDefaultElementTestClass instance;
            const auto json = instance.toJson();
            REQUIRE(json["astring"] == QJsonValue::Undefined);
            REQUIRE(json["integer"] == QJsonValue::Undefined);
            REQUIRE(json["adouble"] == QJsonValue::Undefined);
            REQUIRE(json["myList"] == QJsonValue::Undefined);
        }
        WHEN("Forcing Existance")
        {
            class MultipleNonDefaultExistanceElementTestClass
            {
              public:
                QString astring;
                int integer = 0;
                double adouble = 0.0;
                QList<QString> myList;
                JSONSTRUCT_REGISTER(MultipleNonDefaultExistanceElementTestClass, A(astring, integer, adouble, myList))
            };
            MultipleNonDefaultExistanceElementTestClass instance;
            const auto json = instance.toJson();
            REQUIRE(json["astring"] == "");
            REQUIRE(json["integer"] == 0);
            REQUIRE(json["adouble"] == 0.0);
            REQUIRE(json["myList"] == QJsonArray{});
        }
    }
    GIVEN("Nested Elements")
    {
        WHEN("Can Omit Default Value")
        {
            class Parent
            {
                class NestedChild
                {
                    class NestedChild2
                    {
                      public:
                        int childChildInt = 13579;
                        JSONSTRUCT_COMPARE(NestedChild2, childChildInt)
                        JSONSTRUCT_REGISTER(NestedChild2, F(childChildInt))
                    };
                  public:
                    int childInt = 54321;
                    QString childQString = "A QString";
                    NestedChild2 anotherChild;
                    JSONSTRUCT_COMPARE(NestedChild, childInt, childQString, anotherChild)
                    JSONSTRUCT_REGISTER(NestedChild, F(childInt, childQString, anotherChild))
                };
              public:
                int parentInt = 12345;
                NestedChild child;
                JSONSTRUCT_REGISTER(Parent, F(parentInt, child))
            };
            WHEN("Omitted whole child element")
            {
                Parent parent;
                const auto json = parent.toJson();
                REQUIRE(json["parentInt"] == QJsonValue::Undefined);
                REQUIRE(json["child"] == QJsonValue::Undefined);
            }
            WHEN("Omitted one element in the child")
            {
                const auto childJson = QJsonObject{ { "childInt", 1314 } };
                Parent parent;
                parent.child.childInt = 1314;
                const auto json = parent.toJson();
                REQUIRE(json["parentInt"] == QJsonValue::Undefined);
                REQUIRE(json["child"] == childJson);
                REQUIRE(json["child"]["childInt"] == 1314);
                REQUIRE(json["child"]["childQString"] == QJsonValue::Undefined);
                REQUIRE(json["child"]["child"]["anotherChild"] == QJsonValue::Undefined);
            }
            WHEN("Omitted one element in the child child")
            {
                Parent parent;
                parent.child.childInt = 1314;
                parent.child.anotherChild.childChildInt = 97531;
                const auto json = parent.toJson();
                REQUIRE(json["parentInt"] == QJsonValue::Undefined);
                REQUIRE(json["child"]["childInt"] == 1314);
                REQUIRE(json["child"]["childQString"] == QJsonValue::Undefined);
                const QJsonObject childChild{ { "childChildInt", 97531 } };
                REQUIRE(json["child"]["anotherChild"] == childChild);
                REQUIRE(json["child"]["anotherChild"]["childChildInt"] == 97531);
            }
        }
    }
 }
--- a/client/3rd/QSimpleCrypto
+++ b/client/3rd/QSimpleCrypto
@ -0,0 +1 @@
 Subproject commit c99b33f0e08b7206116ddff85c22d3b97ce1e79d
--- a/client/3rd/QSimpleCrypto/QSimpleCrypto.cmake
+++ b/client/3rd/QSimpleCrypto/QSimpleCrypto.cmake
@ -1,20 +0,0 @@
 include_directories(${CMAKE_CURRENT_LIST_DIR})
 set(HEADERS ${HEADERS}
    ${CMAKE_CURRENT_LIST_DIR}/include/QAead.h
    ${CMAKE_CURRENT_LIST_DIR}/include/QBlockCipher.h
    ${CMAKE_CURRENT_LIST_DIR}/include/QCryptoError.h
    ${CMAKE_CURRENT_LIST_DIR}/include/QRsa.h
    ${CMAKE_CURRENT_LIST_DIR}/include/QSimpleCrypto_global.h
    ${CMAKE_CURRENT_LIST_DIR}/include/QX509.h
    ${CMAKE_CURRENT_LIST_DIR}/include/QX509Store.h
 )
 set(SOURCES ${SOURCES}
    ${CMAKE_CURRENT_LIST_DIR}/sources/QAead.cpp
    ${CMAKE_CURRENT_LIST_DIR}/sources/QBlockCipher.cpp
    ${CMAKE_CURRENT_LIST_DIR}/sources/QCryptoError.cpp
    ${CMAKE_CURRENT_LIST_DIR}/sources/QRsa.cpp
    ${CMAKE_CURRENT_LIST_DIR}/sources/QX509.cpp
    ${CMAKE_CURRENT_LIST_DIR}/sources/QX509Store.cpp
 )
--- a/client/3rd/QSimpleCrypto/QSimpleCrypto.pri
+++ b/client/3rd/QSimpleCrypto/QSimpleCrypto.pri
@ -1,18 +0,0 @@
 INCLUDEPATH  += $$PWD
 HEADERS += \
    $$PWD/include/QAead.h \
    $$PWD/include/QBlockCipher.h \
    $$PWD/include/QCryptoError.h \
    $$PWD/include/QRsa.h \
    $$PWD/include/QSimpleCrypto_global.h \
    $$PWD/include/QX509.h \
    $$PWD/include/QX509Store.h
 SOURCES += \
    $$PWD/sources/QAead.cpp \
    $$PWD/sources/QBlockCipher.cpp \
    $$PWD/sources/QCryptoError.cpp \
    $$PWD/sources/QRsa.cpp \
    $$PWD/sources/QX509.cpp \
    $$PWD/sources/QX509Store.cpp
--- a/client/3rd/QSimpleCrypto/include/QAead.h
+++ b/client/3rd/QSimpleCrypto/include/QAead.h
@ -1,87 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #ifndef QAEAD_H
 #define QAEAD_H
 #include "QSimpleCrypto_global.h"
 #include <QObject>
 #include <memory>
 #include <openssl/aes.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include "QCryptoError.h"
 // clang-format off
 namespace QSimpleCrypto
 {
    class QSIMPLECRYPTO_EXPORT QAead {
    public:
        QAead();
        ///
        /// \brief encryptAesGcm - Function encrypts data with Gcm algorithm.
        /// \param data - Data that will be encrypted.
        /// \param key - AES key.
        /// \param iv - Initialization vector.
        /// \param tag - Authorization tag.
        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm().
        /// \return Returns encrypted data or "", if error happened.
        ///
        QByteArray encryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_gcm());
        ///
        /// \brief decryptAesGcm - Function decrypts data with Gcm algorithm.
        /// \param data - Data that will be decrypted
        /// \param key - AES key
        /// \param iv - Initialization vector
        /// \param tag - Authorization tag
        /// \param aad - Additional authenticated data. Must be nullptr, if not used
        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm()
        /// \return Returns decrypted data or "", if error happened.
        ///
        QByteArray decryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_gcm());
        ///
        /// \brief encryptAesCcm - Function encrypts data with Ccm algorithm.
        /// \param data - Data that will be encrypted.
        /// \param key - AES key.
        /// \param iv - Initialization vector.
        /// \param tag - Authorization tag.
        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
        /// \return Returns encrypted data or "", if error happened.
        ///
        QByteArray encryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_ccm());
        ///
        /// \brief decryptAesCcm - Function decrypts data with Ccm algorithm.
        /// \param data - Data that will be decrypted.
        /// \param key - AES key.
        /// \param iv - Initialization vector.
        /// \param tag - Authorization tag.
        /// \param aad - Additional authenticated data. Must be nullptr, if not used.
        /// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
        /// \return Returns decrypted data or "", if error happened.
        ///
        QByteArray decryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad = "", const EVP_CIPHER* cipher = EVP_aes_256_ccm());
        ///
        /// \brief error - Error handler class.
        ///
        QCryptoError error;
    };
 } // namespace QSimpleCrypto
 #endif // QAEAD_H
--- a/client/3rd/QSimpleCrypto/include/QBlockCipher.h
+++ b/client/3rd/QSimpleCrypto/include/QBlockCipher.h
@ -1,84 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #ifndef QBLOCKCIPHER_H
 #define QBLOCKCIPHER_H
 #include "QSimpleCrypto_global.h"
 #include <QObject>
 #include <memory>
 #include <openssl/aes.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include "QCryptoError.h"
 // clang-format off
 namespace QSimpleCrypto
 {
    class QSIMPLECRYPTO_EXPORT QBlockCipher {
    #define Aes128Rounds 10
    #define Aes192Rounds 12
    #define Aes256Rounds 14
    public:
        QBlockCipher();
        ///
        /// \brief generateRandomBytes - Function generates random bytes by size.
        /// \param size - Size of generated bytes.
        /// \return Returns random bytes.
        ///
        QByteArray generateRandomBytes(const int& size);
        QByteArray generateSecureRandomBytes(const int& size);
        ///
        /// \brief encryptAesBlockCipher - Function encrypts data with Aes Block Cipher algorithm.
        /// \param data - Data that will be encrypted.
        /// \param key - AES key.
        /// \param iv - Initialization vector.
        /// \param password - Encryption password.
        /// \param salt - Random delta.
        /// \param rounds - Transformation rounds.
        /// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
        /// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
        /// \return Returns decrypted data or "", if error happened.
        ///
        QByteArray encryptAesBlockCipher(QByteArray data, QByteArray key,
            QByteArray iv = "", const int& rounds = Aes256Rounds,
            const EVP_CIPHER* cipher = EVP_aes_256_cbc(), const EVP_MD* md = EVP_sha512());
        ///
        /// \brief decryptAesBlockCipher - Function decrypts data with Aes Block Cipher algorithm.
        /// \param data - Data that will be decrypted.
        /// \param key - AES key.
        /// \param iv - Initialization vector.
        /// \param password - Decryption password.
        /// \param salt - Random delta.
        /// \param rounds - Transformation rounds.
        /// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
        /// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
        /// \return Returns decrypted data or "", if error happened.
        ///
        QByteArray decryptAesBlockCipher(QByteArray data, QByteArray key,
            QByteArray iv = "", const int& rounds = Aes256Rounds,
            const EVP_CIPHER* cipher = EVP_aes_256_cbc(), const EVP_MD* md = EVP_sha512());
        ///
        /// \brief error - Error handler class.
        ///
        QCryptoError error;
    };
 } // namespace QSimpleCrypto
 #endif // QBLOCKCIPHER_H
--- a/client/3rd/QSimpleCrypto/include/QCryptoError.h
+++ b/client/3rd/QSimpleCrypto/include/QCryptoError.h
@ -1,45 +0,0 @@
 #ifndef QCRYPTOERROR_H
 #define QCRYPTOERROR_H
 #include <QObject>
 #include "QSimpleCrypto_global.h"
 /// TODO: Add Special error code for each error.
 // clang-format off
 namespace QSimpleCrypto
 {
    class QSIMPLECRYPTO_EXPORT QCryptoError : public QObject {
        Q_OBJECT
    public:
        explicit QCryptoError(QObject* parent = nullptr);
        ///
        /// \brief setError - Sets error information
        /// \param errorCode - Error code.
        /// \param errorSummary - Error summary.
        ///
        inline void setError(const quint8 errorCode, const QString& errorSummary)
        {
            m_currentErrorCode = errorCode;
            m_errorSummary = errorSummary;
        }
        ///
        /// \brief lastError - Returns last error.
        /// \return Returns eror ID and error Text.
        ///
        inline QPair<quint8, QString> lastError() const
        {
            return QPair<quint8, QString>(m_currentErrorCode, m_errorSummary);
        }
    private:
        quint8 m_currentErrorCode;
        QString m_errorSummary;
    };
 }
 #endif // QCRYPTOERROR_H
--- a/client/3rd/QSimpleCrypto/include/QRsa.h
+++ b/client/3rd/QSimpleCrypto/include/QRsa.h
@ -1,104 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #ifndef QRSA_H
 #define QRSA_H
 #include "QSimpleCrypto_global.h"
 #include <QFile>
 #include <QObject>
 #include <memory>
 #include <openssl/err.h>
 #include <openssl/pem.h>
 #include <openssl/rsa.h>
 #include "QCryptoError.h"
 // clang-format off
 namespace QSimpleCrypto
 {
    class QSIMPLECRYPTO_EXPORT QRsa {
    #define PublicEncrypt 0
    #define PrivateEncrypt 1
    #define PublicDecrypt 2
    #define PrivateDecrypt 3
    public:
        QRsa();
        ///
        /// \brief generateRsaKeys - Function generate Rsa Keys and returns them in OpenSSL structure.
        /// \param bits - RSA key size.
        /// \param rsaBigNumber - The exponent is an odd number, typically 3, 17 or 65537.
        /// \return Returns 'OpenSSL RSA structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'RSA_free()' to avoid memory leak.
        ///
        RSA* generateRsaKeys(const int& bits, const int& rsaBigNumber);
        ///
        /// \brief savePublicKey - Saves to file RSA public key.
        /// \param rsa - OpenSSL RSA structure.
        /// \param publicKeyFileName - Public key file name.
        ///
        void savePublicKey(RSA *rsa, const QByteArray& publicKeyFileName);
        ///
        /// \brief savePrivateKey - Saves to file RSA private key.
        /// \param rsa - OpenSSL RSA structure.
        /// \param privateKeyFileName - Private key file name.
        /// \param password - Private key password.
        /// \param cipher - Can be used with 'OpenSSL EVP_CIPHER' (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
        ///
        void savePrivateKey(RSA* rsa, const QByteArray& privateKeyFileName, QByteArray password = "", const EVP_CIPHER* cipher = nullptr);
        ///
        /// \brief getPublicKeyFromFile - Gets RSA public key from a file.
        /// \param filePath - File path to public key file.
        /// \return Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
        ///
        EVP_PKEY* getPublicKeyFromFile(const QByteArray& filePath);
        ///
        /// \brief getPrivateKeyFromFile - Gets RSA private key from a file.
        /// \param filePath - File path to private key file.
        /// \param password - Private key password.
        /// \return - Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
        ///
        EVP_PKEY* getPrivateKeyFromFile(const QByteArray& filePath, const QByteArray& password = "");
        ///
        /// \brief encrypt - Encrypt data with RSA algorithm.
        /// \param plaintext - Text that must be encrypted.
        /// \param rsa - OpenSSL RSA structure.
        /// \param encryptType - Public or private encrypt type. (PUBLIC_ENCRYPT, PRIVATE_ENCRYPT).
        /// \param padding - OpenSSL RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
        /// \return Returns encrypted data or "", if error happened.
        ///
        QByteArray encrypt(QByteArray plainText, RSA* rsa, const int& encryptType = PublicEncrypt, const int& padding = RSA_PKCS1_PADDING);
        ///
        /// \brief decrypt - Decrypt data with RSA algorithm.
        /// \param cipherText - Text that must be decrypted.
        /// \param rsa - OpenSSL RSA structure.
        /// \param decryptType - Public or private type. (PUBLIC_DECRYPT, PRIVATE_DECRYPT).
        /// \param padding  - RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
        /// \return - Returns decrypted data or "", if error happened.
        ///
        QByteArray decrypt(QByteArray cipherText, RSA* rsa, const int& decryptType = PrivateDecrypt, const int& padding = RSA_PKCS1_PADDING);
        ///
        /// \brief error - Error handler class.
        ///
        QCryptoError error;
    };
 } // namespace QSimpleCrypto
 #endif // QRSA_H
--- a/client/3rd/QSimpleCrypto/include/QSimpleCrypto_global.h
+++ b/client/3rd/QSimpleCrypto/include/QSimpleCrypto_global.h
@ -1,9 +0,0 @@
 #ifndef QSIMPLECRYPTO_GLOBAL_H
 #define QSIMPLECRYPTO_GLOBAL_H
 #include <QtCore/qglobal.h>
 #include <stdexcept>
 #define QSIMPLECRYPTO_EXPORT
 #endif // QSIMPLECRYPTO_GLOBAL_H
--- a/client/3rd/QSimpleCrypto/include/QX509.h
+++ b/client/3rd/QSimpleCrypto/include/QX509.h
@ -1,87 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #ifndef QX509_H
 #define QX509_H
 #include "QSimpleCrypto_global.h"
 #include <QMap>
 #include <QObject>
 #include <memory>
 #include <openssl/bio.h>
 #include <openssl/err.h>
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 #include <openssl/x509_vfy.h>
 #include "QCryptoError.h"
 // clang-format off
 namespace QSimpleCrypto
 {
    class QSIMPLECRYPTO_EXPORT QX509 {
    #define oneYear 31536000L
    #define x509LastVersion 2
    public:
        QX509();
        ///
        /// \brief loadCertificateFromFile - Function load X509 from file and returns OpenSSL structure.
        /// \param fileName - File path to certificate.
        /// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
        ///
        X509* loadCertificateFromFile(const QByteArray& fileName);
        ///
        /// \brief signCertificate - Function signs X509 certificate and returns signed X509 OpenSSL structure.
        /// \param endCertificate - Certificate that will be signed
        /// \param caCertificate - CA certificate that will sign end certificate
        /// \param caPrivateKey - CA certificate private key
        /// \param fileName - With that name certificate will be saved. Leave "", if don't need to save it
        /// \return Returns OpenSSL X509 structure or nullptr, if error happened.
        ///
        X509* signCertificate(X509* endCertificate, X509* caCertificate, EVP_PKEY* caPrivateKey, const QByteArray& fileName = "");
        ///
        /// \brief verifyCertificate - Function verifies X509 certificate and returns verified X509 OpenSSL structure.
        /// \param x509 - OpenSSL X509. That certificate will be verified.
        /// \param store - Trusted certificate must be added to X509_Store with 'addCertificateToStore(X509_STORE* ctx, X509* x509)'.
        /// \return Returns OpenSSL X509 structure or nullptr, if error happened
        ///
        X509* verifyCertificate(X509* x509, X509_STORE* store);
        ///
        /// \brief generateSelfSignedCertificate - Function generatesand returns  self signed X509.
        /// \param rsa - OpenSSL RSA.
        /// \param additionalData - Certificate information.
        /// \param certificateFileName - With that name certificate will be saved. Leave "", if don't need to save it.
        /// \param md - OpenSSL EVP_MD structure. Example: EVP_sha512().
        /// \param serialNumber - X509 certificate serial number.
        /// \param version - X509 certificate version.
        /// \param notBefore - X509 start date.
        /// \param notAfter - X509 end date.
        /// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
        ///
        X509* generateSelfSignedCertificate(RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
            const QByteArray& certificateFileName = "", const EVP_MD* md = EVP_sha512(),
            const long& serialNumber = 1, const long& version = x509LastVersion,
            const long& notBefore = 0, const long& notAfter = oneYear);
        ///
        /// \brief error - Error handler class.
        ///
        QCryptoError error;
    };
 } // namespace QSimpleCrypto
 #endif // QX509_H
--- a/client/3rd/QSimpleCrypto/include/QX509Store.h
+++ b/client/3rd/QSimpleCrypto/include/QX509Store.h
@ -1,120 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #ifndef QX509STORE_H
 #define QX509STORE_H
 #include "QSimpleCrypto_global.h"
 #include <QDir>
 #include <QFile>
 #include <QFileInfo>
 #include <memory>
 #include <openssl/err.h>
 #include <openssl/x509_vfy.h>
 #include <openssl/x509v3.h>
 #include "QCryptoError.h"
 // clang-format off
 namespace QSimpleCrypto
 {
    class QSIMPLECRYPTO_EXPORT QX509Store {
    public:
        QX509Store();
        ///
        /// \brief addCertificateToStore
        /// \param store - OpenSSL X509_STORE.
        /// \param x509 - OpenSSL X509.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool addCertificateToStore(X509_STORE* store, X509* x509);
        ///
        /// \brief addLookup
        /// \param store - OpenSSL X509_STORE.
        /// \param method - OpenSSL X509_LOOKUP_METHOD. Example: X509_LOOKUP_file.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool addLookup(X509_STORE* store, X509_LOOKUP_METHOD* method);
        ///
        /// \brief setCertificateDepth
        /// \param store - OpenSSL X509_STORE.
        /// \param depth - That is the maximum number of untrusted CA certificates that can appear in a chain. Example: 0.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool setDepth(X509_STORE* store, const int& depth);
        ///
        /// \brief setFlag
        /// \param store - OpenSSL X509_STORE.
        /// \param flag - The verification flags consists of zero or more of the following flags ored together. Example: X509_V_FLAG_CRL_CHECK.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool setFlag(X509_STORE* store, const unsigned long& flag);
        ///
        /// \brief setFlag
        /// \param store - OpenSSL X509_STORE.
        /// \param purpose - Verification purpose in param to purpose. Example: X509_PURPOSE_ANY.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool setPurpose(X509_STORE* store, const int& purpose);
        ///
        /// \brief setTrust
        /// \param store - OpenSSL X509_STORE.
        /// \param trust - Trust Level. Example: X509_TRUST_SSL_SERVER.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool setTrust(X509_STORE* store, const int& trust);
        ///
        /// \brief setDefaultPaths
        /// \param store - OpenSSL X509_STORE.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool setDefaultPaths(X509_STORE* store);
        ///
        /// \brief loadLocations
        /// \param store - OpenSSL X509_STORE.
        /// \param fileName - File name. Example: "caCertificate.pem".
        /// \param dirPath - Path to file. Example: "path/To/File".
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool loadLocations(X509_STORE* store, const QByteArray& fileName, const QByteArray& dirPath);
        ///
        /// \brief loadLocations
        /// \param store - OpenSSL X509_STORE.
        /// \param file - Qt QFile that will be loaded.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool loadLocations(X509_STORE* store, const QFile& file);
        ///
        /// \brief loadLocations
        /// \param store - OpenSSL X509_STORE.
        /// \param fileInfo - Qt QFileInfo.
        /// \return Returns 'true' on success and 'false', if error happened.
        ///
        bool loadLocations(X509_STORE* store, const QFileInfo& fileInfo);
        ///
        /// \brief error - Error handler class.
        ///
        QCryptoError error;
    };
 }
 #endif // QX509STORE_H
--- a/client/3rd/QSimpleCrypto/sources/QAead.cpp
+++ b/client/3rd/QSimpleCrypto/sources/QAead.cpp
@ -1,364 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #include "include/QAead.h"
 QSimpleCrypto::QAead::QAead()
 {
 }
 ///
 /// \brief QSimpleCrypto::QAEAD::encryptAesGcm - Function encrypts data with Gcm algorithm.
 /// \param data - Data that will be encrypted.
 /// \param key - AES key.
 /// \param iv - Initialization vector.
 /// \param tag - Authorization tag.
 /// \param aad - Additional authenticated data. Must be nullptr, if not used.
 /// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm().
 /// \return Returns encrypted data or "", if error happened.
 ///
 QByteArray QSimpleCrypto::QAead::encryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
 {
    try {
        /* Initialize EVP_CIPHER_CTX */
        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
        if (encryptionCipher == nullptr) {
            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set data length */
        int plainTextLength = data.size();
        int cipherTextLength = 0;
        /* Initialize cipherText. Here encrypted data will be stored */
        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[plainTextLength]() };
        if (cipherText == nullptr) {
            throw std::runtime_error("Couldn't allocate memory for 'ciphertext'.");
        }
        /* Initialize encryption operation. */
        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set IV length if default 12 bytes (96 bits) is not appropriate */
        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_GCM_SET_IVLEN, iv.length(), nullptr)) {
            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
 //        /* Check if aad need to be used */
 //        if (aad.length() > 0) {
 //            /* Provide any AAD data. This can be called zero or more times as required */
 //            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
 //                throw std::runtime_error("Couldn't provide aad data. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
 //            }
 //        }
        /*
         * Provide the message to be encrypted, and obtain the encrypted output.
         * EVP_EncryptUpdate can be called multiple times if necessary
        */
        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), plainTextLength)) {
            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /*
         * Finalize the encryption. Normally cipher text bytes may be written at
         * this stage, but this does not occur in GCM mode
        */
        if (!EVP_EncryptFinal_ex(encryptionCipher.get(), cipherText.get(), &plainTextLength)) {
            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
 //        /* Get tag */
 //        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_GCM_GET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
 //            throw std::runtime_error("Couldn't get tag. EVP_CIPHER_CTX_ctrl(. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
 //        }
        /* Finilize data to be readable with qt */
        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength);
        return encryptedData;
    } catch (std::exception& exception) {
        QSimpleCrypto::QAead::error.setError(1, exception.what());
        return QByteArray();
    } catch (...) {
        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
        return QByteArray();
    }
    return QByteArray();
 }
 ///
 /// \brief QSimpleCrypto::QAEAD::decryptAesGcm - Function decrypts data with Gcm algorithm.
 /// \param data - Data that will be decrypted
 /// \param key - AES key
 /// \param iv - Initialization vector
 /// \param tag - Authorization tag
 /// \param aad - Additional authenticated data. Must be nullptr, if not used
 /// \param cipher - Can be used with OpenSSL EVP_CIPHER (gcm) - 128, 192, 256. Example: EVP_aes_256_gcm()
 /// \return Returns decrypted data or "", if error happened.
 ///
 QByteArray QSimpleCrypto::QAead::decryptAesGcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
 {
    try {
        /* Initialize EVP_CIPHER_CTX */
        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
        if (decryptionCipher.get() == nullptr) {
            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set data length */
        int cipherTextLength = data.size();
        int plainTextLength = 0;
        /* Initialize plainText. Here decrypted data will be stored */
        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherTextLength]() };
        if (plainText == nullptr) {
            throw std::runtime_error("Couldn't allocate memory for 'plaintext'.");
        }
        /* Initialize decryption operation. */
        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_GCM_SET_IVLEN, iv.length(), nullptr)) {
            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
 //        /* Check if aad need to be used */
 //        if (aad.length() > 0) {
 //            /* Provide any AAD data. This can be called zero or more times as required */
 //            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
 //                throw std::runtime_error("Couldn't provide aad data. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
 //            }
 //        }
        /*
         * Provide the message to be decrypted, and obtain the plain text output.
         * EVP_DecryptUpdate can be called multiple times if necessary
        */
        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), cipherTextLength)) {
            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
 //        /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
 //        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_GCM_SET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
 //            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
 //        }
        /*
         * Finalize the decryption. A positive return value indicates success,
         * anything else is a failure - the plain text is not trustworthy.
        */
        if (!EVP_DecryptFinal_ex(decryptionCipher.get(), plainText.get(), &cipherTextLength)) {
            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Finilize data to be readable with qt */
        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength);
        return decryptedData;
    } catch (std::exception& exception) {
        QSimpleCrypto::QAead::error.setError(1, exception.what());
        return QByteArray();
    } catch (...) {
        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
        return QByteArray();
    }
    return QByteArray();
 }
 ///
 /// \brief QSimpleCrypto::QAEAD::encryptAesCcm - Function encrypts data with Ccm algorithm.
 /// \param data - Data that will be encrypted.
 /// \param key - AES key.
 /// \param iv - Initialization vector.
 /// \param tag - Authorization tag.
 /// \param aad - Additional authenticated data. Must be nullptr, if not used.
 /// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
 /// \return Returns encrypted data or "", if error happened.
 ///
 QByteArray QSimpleCrypto::QAead::encryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
 {
    try {
        /* Initialize EVP_CIPHER_CTX */
        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
        if (encryptionCipher == nullptr) {
            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set data length */
        int plainTextLength = data.size();
        int cipherTextLength = 0;
        /* Initialize cipherText. Here encrypted data will be stored */
        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[plainTextLength]() };
        if (cipherText.get() == nullptr) {
            throw std::runtime_error("Couldn't allocate memory for 'ciphertext'.");
        }
        /* Initialize encryption operation. */
        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set IV length if default 12 bytes (96 bits) is not appropriate */
        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_SET_IVLEN, iv.length(), nullptr)) {
            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set tag length */
        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_SET_TAG, tag->length(), nullptr)) {
            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Check if aad need to be used */
        if (aad.length() > 0) {
            /* Provide the total plain text length */
            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, nullptr, plainTextLength)) {
                throw std::runtime_error("Couldn't provide total plaintext length. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
            /* Provide any AAD data. This can be called zero or more times as required */
            if (!EVP_EncryptUpdate(encryptionCipher.get(), nullptr, &cipherTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
                throw std::runtime_error("Couldn't provide aad data. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
        }
        /*
         * Provide the message to be encrypted, and obtain the encrypted output.
         * EVP_EncryptUpdate can be called multiple times if necessary
        */
        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), plainTextLength)) {
            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /*
         * Finalize the encryption. Normally ciphertext bytes may be written at
         * this stage, but this does not occur in GCM mode
        */
        if (!EVP_EncryptFinal_ex(encryptionCipher.get(), cipherText.get(), &plainTextLength)) {
            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Get tag */
        if (!EVP_CIPHER_CTX_ctrl(encryptionCipher.get(), EVP_CTRL_CCM_GET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
            throw std::runtime_error("Couldn't get tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Finilize data to be readable with qt */
        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength);
        return encryptedData;
    } catch (std::exception& exception) {
        QSimpleCrypto::QAead::error.setError(1, exception.what());
        return QByteArray();
    } catch (...) {
        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
        return QByteArray();
    }
    return QByteArray();
 }
 ///
 /// \brief QSimpleCrypto::QAEAD::decryptAesCcm - Function decrypts data with Ccm algorithm.
 /// \param data - Data that will be decrypted.
 /// \param key - AES key.
 /// \param iv - Initialization vector.
 /// \param tag - Authorization tag.
 /// \param aad - Additional authenticated data. Must be nullptr, if not used.
 /// \param cipher - Can be used with OpenSSL EVP_CIPHER (ccm) - 128, 192, 256. Example: EVP_aes_256_ccm().
 /// \return Returns decrypted data or "", if error happened.
 ///
 QByteArray QSimpleCrypto::QAead::decryptAesCcm(QByteArray data, QByteArray key, QByteArray iv, QByteArray* tag, QByteArray aad, const EVP_CIPHER* cipher)
 {
    try {
        /* Initialize EVP_CIPHER_CTX */
        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
        if (decryptionCipher.get() == nullptr) {
            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set data length */
        int cipherTextLength = data.size();
        int plainTextLength = 0;
        /* Initialize plainText. Here decrypted data will be stored */
        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherTextLength]() };
        if (plainText == nullptr) {
            throw std::runtime_error("Couldn't allocate memory for 'plaintext'.");
        }
        /* Initialize decryption operation. */
        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, reinterpret_cast<unsigned char*>(key.data()), reinterpret_cast<unsigned char*>(iv.data()))) {
            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_CCM_SET_IVLEN, iv.length(), nullptr)) {
            throw std::runtime_error("Couldn't set IV length. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
        if (!EVP_CIPHER_CTX_ctrl(decryptionCipher.get(), EVP_CTRL_CCM_SET_TAG, tag->length(), reinterpret_cast<unsigned char*>(tag->data()))) {
            throw std::runtime_error("Coldn't set tag. EVP_CIPHER_CTX_ctrl(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Check if aad need to be used */
        if (aad.length() > 0) {
            /* Provide the total ciphertext length */
            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, nullptr, cipherTextLength)) {
                throw std::runtime_error("Couldn't provide total plaintext length. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
            /* Provide any AAD data. This can be called zero or more times as required */
            if (!EVP_DecryptUpdate(decryptionCipher.get(), nullptr, &plainTextLength, reinterpret_cast<unsigned char*>(aad.data()), aad.length())) {
                throw std::runtime_error("Couldn't provide aad data. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
        }
        /*
         * Provide the message to be decrypted, and obtain the plaintext output.
         * EVP_DecryptUpdate can be called multiple times if necessary
        */
        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), cipherTextLength)) {
            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /*
         * Finalize the decryption. A positive return value indicates success,
         * anything else is a failure - the plaintext is not trustworthy.
        */
        if (!EVP_DecryptFinal_ex(decryptionCipher.get(), plainText.get(), &cipherTextLength)) {
            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Finilize data to be readable with qt */
        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength);
        return decryptedData;
    } catch (std::exception& exception) {
        QSimpleCrypto::QAead::error.setError(1, exception.what());
        return QByteArray();
    } catch (...) {
        QSimpleCrypto::QAead::error.setError(2, "Unknown error!");
        return QByteArray();
    }
    return QByteArray();
 }
--- a/client/3rd/QSimpleCrypto/sources/QBlockCipher.cpp
+++ b/client/3rd/QSimpleCrypto/sources/QBlockCipher.cpp
@ -1,193 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #include "include/QBlockCipher.h"
 QSimpleCrypto::QBlockCipher::QBlockCipher()
 {
 }
 ///
 /// \brief QSimpleCrypto::QBlockCipher::generateRandomBytes - Function generates random bytes by size.
 /// \param size - Size of generated bytes.
 /// \return Returns random bytes.
 ///
 QByteArray QSimpleCrypto::QBlockCipher::generateRandomBytes(const int& size)
 {
    unsigned char arr[sizeof(size)];
    RAND_bytes(arr, sizeof(size));
    QByteArray buffer = QByteArray(reinterpret_cast<char*>(arr), size);
    return buffer;
 }
 QByteArray QSimpleCrypto::QBlockCipher::generateSecureRandomBytes(const int &size)
 {
    unsigned char arr[sizeof(size)];
    RAND_priv_bytes(arr, sizeof(size));
    QByteArray buffer = QByteArray(reinterpret_cast<char*>(arr), size);
    return buffer;
 }
 ///
 /// \brief QSimpleCrypto::QBlockCipher::encryptAesBlockCipher - Function encrypts data with Aes Block Cipher algorithm.
 /// \param data - Data that will be encrypted.
 /// \param key - AES key.
 /// \param iv - Initialization vector.
 /// \param password - Encryption password.
 /// \param salt - Random delta.
 /// \param rounds - Transformation rounds.
 /// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
 /// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
 /// \return Returns decrypted data or "", if error happened.
 ///
 QByteArray QSimpleCrypto::QBlockCipher::encryptAesBlockCipher(QByteArray data, QByteArray key,
    QByteArray iv,
    const int& rounds, const EVP_CIPHER* cipher, const EVP_MD* md)
 {
    try {
        /* Initialize EVP_CIPHER_CTX */
        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> encryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
        if (encryptionCipher == nullptr) {
            throw std::runtime_error("Couldn't initialize \'encryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Reinterpret values for multi use */
        unsigned char* m_key = reinterpret_cast<unsigned char*>(key.data());
        unsigned char* m_iv = reinterpret_cast<unsigned char*>(iv.data());
        /* Set data length */
        int cipherTextLength(data.size() + AES_BLOCK_SIZE);
        int finalLength = 0;
        /* Initialize cipcherText. Here encrypted data will be stored */
        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[cipherTextLength]() };
        if (cipherText == nullptr) {
            throw std::runtime_error("Couldn't allocate memory for 'cipherText'.");
        }
        // Bug here
 //        /* Start encryption with password based encryption routine */
 //        if (!EVP_BytesToKey(cipher, md, reinterpret_cast<unsigned char*>(salt.data()), reinterpret_cast<unsigned char*>(password.data()), password.length(), rounds, m_key, m_iv)) {
 //            throw std::runtime_error("Couldn't start encryption routine. EVP_BytesToKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
 //        }
        /* Initialize encryption operation. */
        if (!EVP_EncryptInit_ex(encryptionCipher.get(), cipher, nullptr, m_key, m_iv)) {
            throw std::runtime_error("Couldn't initialize encryption operation. EVP_EncryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /*
         * Provide the message to be encrypted, and obtain the encrypted output.
         * EVP_EncryptUpdate can be called multiple times if necessary
        */
        if (!EVP_EncryptUpdate(encryptionCipher.get(), cipherText.get(), &cipherTextLength, reinterpret_cast<const unsigned char*>(data.data()), data.size())) {
            throw std::runtime_error("Couldn't provide message to be encrypted. EVP_EncryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Finalize the encryption. Normally ciphertext bytes may be written at this stage */
        if (!EVP_EncryptFinal(encryptionCipher.get(), cipherText.get() + cipherTextLength, &finalLength)) {
            throw std::runtime_error("Couldn't finalize encryption. EVP_EncryptFinal(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Finilize data to be readable with qt */
        QByteArray encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), cipherTextLength + finalLength);
        return encryptedData;
    } catch (std::exception& exception) {
        QSimpleCrypto::QBlockCipher::error.setError(1, exception.what());
        return QByteArray();
    } catch (...) {
        QSimpleCrypto::QBlockCipher::error.setError(2, "Unknown error!");
        return QByteArray();
    }
    return QByteArray();
 }
 ///
 /// \brief QSimpleCrypto::QBlockCipher::encryptAesBlockCipher - Function decrypts data with Aes Block Cipher algorithm.
 /// \param data - Data that will be decrypted.
 /// \param key - AES key.
 /// \param iv - Initialization vector.
 /// \param password - Decryption password.
 /// \param salt - Random delta.
 /// \param rounds - Transformation rounds.
 /// \param chiper - Can be used with OpenSSL EVP_CIPHER (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
 /// \param md - Hash algroitm (OpenSSL EVP_MD). Example: EVP_sha512().
 /// \return Returns decrypted data or "", if error happened.
 ///
 QByteArray QSimpleCrypto::QBlockCipher::decryptAesBlockCipher(QByteArray data, QByteArray key,
    QByteArray iv,
    const int& rounds, const EVP_CIPHER* cipher, const EVP_MD* md)
 {
    try {
        /* Initialize EVP_CIPHER_CTX */
        std::unique_ptr<EVP_CIPHER_CTX, void (*)(EVP_CIPHER_CTX*)> decryptionCipher { EVP_CIPHER_CTX_new(), EVP_CIPHER_CTX_free };
        if (decryptionCipher == nullptr) {
            throw std::runtime_error("Couldn't initialize \'decryptionCipher\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Reinterpret values for multi use */
        unsigned char* m_key = reinterpret_cast<unsigned char*>(key.data());
        unsigned char* m_iv = reinterpret_cast<unsigned char*>(iv.data());
        /* Set data length */
        int plainTextLength(data.size());
        int finalLength = 0;
        /* Initialize plainText. Here decrypted data will be stored */
        std::unique_ptr<unsigned char[]> plainText { new unsigned char[plainTextLength + AES_BLOCK_SIZE]() };
        if (plainText == nullptr) {
            throw std::runtime_error("Couldn't allocate memory for \'plainText\'. EVP_CIPHER_CTX_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        // Bug here
 //        /* Start encryption with password based encryption routine */
 //        if (!EVP_BytesToKey(cipher, md, reinterpret_cast<const unsigned char*>(salt.data()), reinterpret_cast<const unsigned char*>(password.data()), password.length(), rounds, m_key, m_iv)) {
 //            throw std::runtime_error("Couldn't start decryption routine. EVP_BytesToKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
 //        }
        /* Initialize decryption operation. */
        if (!EVP_DecryptInit_ex(decryptionCipher.get(), cipher, nullptr, m_key, m_iv)) {
            throw std::runtime_error("Couldn't initialize decryption operation. EVP_DecryptInit_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /*
         * Provide the message to be decrypted, and obtain the plaintext output.
         * EVP_DecryptUpdate can be called multiple times if necessary
        */
        if (!EVP_DecryptUpdate(decryptionCipher.get(), plainText.get(), &plainTextLength, reinterpret_cast<const unsigned char*>(data.data()), data.size())) {
            throw std::runtime_error("Couldn't provide message to be decrypted. EVP_DecryptUpdate(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /*
         * Finalize the decryption. A positive return value indicates success,
         * anything else is a failure - the plaintext is not trustworthy.
        */
        if (!EVP_DecryptFinal(decryptionCipher.get(), plainText.get() + plainTextLength, &finalLength)) {
            throw std::runtime_error("Couldn't finalize decryption. EVP_DecryptFinal. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Finilize data to be readable with qt */
        QByteArray decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()), plainTextLength + finalLength);
        return decryptedData;
    } catch (std::exception& exception) {
        QSimpleCrypto::QBlockCipher::error.setError(1, exception.what());
        return QByteArray(exception.what());
    } catch (...) {
        QSimpleCrypto::QBlockCipher::error.setError(2, "Unknown error!");
        return QByteArray();
    }
    return QByteArray();
 }
--- a/client/3rd/QSimpleCrypto/sources/QCryptoError.cpp
+++ b/client/3rd/QSimpleCrypto/sources/QCryptoError.cpp
@ -1,6 +0,0 @@
 #include "include/QCryptoError.h"
 QSimpleCrypto::QCryptoError::QCryptoError(QObject* parent)
    : QObject(parent)
 {
 }
--- a/client/3rd/QSimpleCrypto/sources/QRsa.cpp
+++ b/client/3rd/QSimpleCrypto/sources/QRsa.cpp
@ -1,274 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #include "include/QRsa.h"
 QSimpleCrypto::QRsa::QRsa()
 {
 }
 ///
 /// \brief QSimpleCrypto::QRSA::generateRsaKeys - Function generate Rsa Keys and returns them in OpenSSL structure.
 /// \param bits - RSA key size.
 /// \param rsaBigNumber - The exponent is an odd number, typically 3, 17 or 65537.
 /// \return Returns 'OpenSSL RSA structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'RSA_free()' to avoid memory leak.
 ///
 RSA* QSimpleCrypto::QRsa::generateRsaKeys(const int& bits, const int& rsaBigNumber)
 {
    try {
        /* Initialize big number */
        std::unique_ptr<BIGNUM, void (*)(BIGNUM*)> bigNumber { BN_new(), BN_free };
        if (bigNumber == nullptr) {
            throw std::runtime_error("Couldn't initialize \'bigNumber\'. BN_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            return nullptr;
        }
        /* Set big number */
        if (!BN_set_word(bigNumber.get(), rsaBigNumber)) {
            throw std::runtime_error("Couldn't set bigNumber. BN_set_word(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Initialize RSA */
        RSA* rsa = nullptr;
        if (!(rsa = RSA_new())) {
            throw std::runtime_error("Couldn't initialize x509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Generate key pair and store it in RSA */
        if (!RSA_generate_key_ex(rsa, bits, bigNumber.get(), nullptr)) {
            throw std::runtime_error("Couldn't generate RSA. RSA_generate_key_ex(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        return rsa;
    } catch (std::exception& exception) {
        QSimpleCrypto::QRsa::error.setError(1, exception.what());
        return nullptr;
    } catch (...) {
        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
        return nullptr;
    }
 }
 ///
 /// \brief QSimpleCrypto::QRSA::savePublicKey - Saves to file RSA public key.
 /// \param rsa - OpenSSL RSA structure.
 /// \param publicKeyFileName - Public key file name.
 ///
 void QSimpleCrypto::QRsa::savePublicKey(RSA* rsa, const QByteArray& publicKeyFileName)
 {
    try {
        /* Initialize BIO */
        std::unique_ptr<BIO, void (*)(BIO*)> bioPublicKey { BIO_new_file(publicKeyFileName.data(), "w+"), BIO_free_all };
        if (bioPublicKey == nullptr) {
            throw std::runtime_error("Couldn't initialize \'bioPublicKey\'. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Write public key on file */
        if (!PEM_write_bio_RSA_PUBKEY(bioPublicKey.get(), rsa)) {
            throw std::runtime_error("Couldn't save public key. PEM_write_bio_RSAPublicKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
    } catch (std::exception& exception) {
        QSimpleCrypto::QRsa::error.setError(1, exception.what());
        return;
    } catch (...) {
        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
        return;
    }
 }
 ///
 /// \brief QSimpleCrypto::QRSA::savePrivateKey - Saves to file RSA private key.
 /// \param rsa - OpenSSL RSA structure.
 /// \param privateKeyFileName - Private key file name.
 /// \param password - Private key password.
 /// \param cipher - Can be used with 'OpenSSL EVP_CIPHER' (ecb, cbc, cfb, ofb, ctr) - 128, 192, 256. Example: EVP_aes_256_cbc().
 ///
 void QSimpleCrypto::QRsa::savePrivateKey(RSA* rsa, const QByteArray& privateKeyFileName, QByteArray password, const EVP_CIPHER* cipher)
 {
    try {
        /* Initialize BIO */
        std::unique_ptr<BIO, void (*)(BIO*)> bioPrivateKey { BIO_new_file(privateKeyFileName.data(), "w+"), BIO_free_all };
        if (bioPrivateKey == nullptr) {
            throw std::runtime_error("Couldn't initialize bioPrivateKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Write private key to file */
        if (!PEM_write_bio_RSAPrivateKey(bioPrivateKey.get(), rsa, cipher, reinterpret_cast<unsigned char*>(password.data()), password.size(), nullptr, nullptr)) {
            throw std::runtime_error("Couldn't save private key. PEM_write_bio_RSAPrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
    } catch (std::exception& exception) {
        QSimpleCrypto::QRsa::error.setError(1, exception.what());
        return;
    } catch (...) {
        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
        return;
    }
 }
 ///
 /// \brief QSimpleCrypto::QRSA::getPublicKeyFromFile - Gets RSA public key from a file.
 /// \param filePath - File path to public key file.
 /// \return Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
 ///
 EVP_PKEY* QSimpleCrypto::QRsa::getPublicKeyFromFile(const QByteArray& filePath)
 {
    try {
        /* Initialize BIO */
        std::unique_ptr<BIO, void (*)(BIO*)> bioPublicKey { BIO_new_file(filePath.data(), "r"), BIO_free_all };
        if (bioPublicKey == nullptr) {
            throw std::runtime_error("Couldn't initialize bioPublicKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Initialize EVP_PKEY */
        EVP_PKEY* keyStore = nullptr;
        if (!(keyStore = EVP_PKEY_new())) {
            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Write private key to file */
        if (!PEM_read_bio_PUBKEY(bioPublicKey.get(), &keyStore, nullptr, nullptr)) {
            throw std::runtime_error("Couldn't read private key. PEM_read_bio_PrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        return keyStore;
    } catch (std::exception& exception) {
        QSimpleCrypto::QRsa::error.setError(1, exception.what());
        return nullptr;
    } catch (...) {
        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
        return nullptr;
    }
 }
 ///
 /// \brief QSimpleCrypto::QRSA::getPrivateKeyFromFile - Gets RSA private key from a file.
 /// \param filePath - File path to private key file.
 /// \param password - Private key password.
 /// \return - Returns 'OpenSSL EVP_PKEY structure' or 'nullptr', if error happened. Returned value must be cleaned up with 'EVP_PKEY_free()' to avoid memory leak.
 ///
 EVP_PKEY* QSimpleCrypto::QRsa::getPrivateKeyFromFile(const QByteArray& filePath, const QByteArray& password)
 {
    try {
        /* Initialize BIO */
        std::unique_ptr<BIO, void (*)(BIO*)> bioPrivateKey { BIO_new_file(filePath.data(), "r"), BIO_free_all };
        if (bioPrivateKey == nullptr) {
            throw std::runtime_error("Couldn't initialize bioPrivateKey. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Initialize EVP_PKEY */
        EVP_PKEY* keyStore = nullptr;
        if (!(keyStore = EVP_PKEY_new())) {
            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Write private key to file */
        if (!PEM_read_bio_PrivateKey(bioPrivateKey.get(), &keyStore, nullptr, (void*)password.data())) {
            throw std::runtime_error("Couldn't read private key. PEM_read_bio_PrivateKey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        return keyStore;
    } catch (std::exception& exception) {
        QSimpleCrypto::QRsa::error.setError(1, exception.what());
        return nullptr;
    } catch (...) {
        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
        return nullptr;
    }
 }
 ///
 /// \brief QSimpleCrypto::QRSA::encrypt - Encrypt data with RSA algorithm.
 /// \param plaintext - Text that must be encrypted.
 /// \param rsa - OpenSSL RSA structure.
 /// \param encryptType - Public or private encrypt type. (PUBLIC_ENCRYPT, PRIVATE_ENCRYPT).
 /// \param padding - OpenSSL RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
 /// \return Returns encrypted data or "", if error happened.
 ///
 QByteArray QSimpleCrypto::QRsa::encrypt(QByteArray plainText, RSA* rsa, const int& encryptType, const int& padding)
 {
    try {
        /* Initialize array. Here encrypted data will be saved */
        std::unique_ptr<unsigned char[]> cipherText { new unsigned char[RSA_size(rsa)]() };
        if (cipherText == nullptr) {
            throw std::runtime_error("Couldn't allocate memory for 'cipherText'.");
        }
        /* Result of encryption operation */
        short int result = 0;
        /* Execute encryption operation */
        if (encryptType == PublicDecrypt) {
            result = RSA_public_encrypt(plainText.size(), reinterpret_cast<unsigned char*>(plainText.data()), cipherText.get(), rsa, padding);
        } else if (encryptType == PrivateDecrypt) {
            result = RSA_private_encrypt(plainText.size(), reinterpret_cast<unsigned char*>(plainText.data()), cipherText.get(), rsa, padding);
        }
        /* Check for result */
        if (result <= -1) {
            throw std::runtime_error("Couldn't encrypt data. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Get encrypted data */
        const QByteArray& encryptedData = QByteArray(reinterpret_cast<char*>(cipherText.get()), RSA_size(rsa));
        return encryptedData;
    } catch (std::exception& exception) {
        QSimpleCrypto::QRsa::error.setError(1, exception.what());
        return "";
    } catch (...) {
        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
        return "";
    }
 }
 ///
 /// \brief QSimpleCrypto::QRSA::decrypt - Decrypt data with RSA algorithm.
 /// \param cipherText - Text that must be decrypted.
 /// \param rsa - OpenSSL RSA structure.
 /// \param decryptType - Public or private type. (PUBLIC_DECRYPT, PRIVATE_DECRYPT).
 /// \param padding  - RSA padding can be used with: 'RSA_PKCS1_PADDING', 'RSA_NO_PADDING' and etc.
 /// \return - Returns decrypted data or "", if error happened.
 ///
 QByteArray QSimpleCrypto::QRsa::decrypt(QByteArray cipherText, RSA* rsa, const int& decryptType, const int& padding)
 {
    try {
        /* Initialize array. Here decrypted data will be saved */
        std::unique_ptr<unsigned char[]> plainText { new unsigned char[cipherText.size()]() };
        if (plainText == nullptr) {
            throw std::runtime_error("Couldn't allocate memory for 'plainText'.");
        }
        /* Result of decryption operation */
        short int result = 0;
        /* Execute decryption operation */
        if (decryptType == PublicDecrypt) {
            result = RSA_public_decrypt(RSA_size(rsa), reinterpret_cast<unsigned char*>(cipherText.data()), plainText.get(), rsa, padding);
        } else if (decryptType == PrivateDecrypt) {
            result = RSA_private_decrypt(RSA_size(rsa), reinterpret_cast<unsigned char*>(cipherText.data()), plainText.get(), rsa, padding);
        }
        /* Check for result */
        if (result <= -1) {
            throw std::runtime_error("Couldn't decrypt data. Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Get decrypted data */
        const QByteArray& decryptedData = QByteArray(reinterpret_cast<char*>(plainText.get()));
        return decryptedData;
    } catch (std::exception& exception) {
        QSimpleCrypto::QRsa::error.setError(1, exception.what());
        return "";
    } catch (...) {
        QSimpleCrypto::QRsa::error.setError(2, "Unknown error!");
        return "";
    }
 }
--- a/client/3rd/QSimpleCrypto/sources/QX509.cpp
+++ b/client/3rd/QSimpleCrypto/sources/QX509.cpp
@ -1,234 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #include "include/QX509.h"
 QSimpleCrypto::QX509::QX509()
 {
 }
 ///
 /// \brief QSimpleCrypto::QX509::loadCertificateFromFile - Function load X509 from file and returns OpenSSL structure.
 /// \param fileName - File path to certificate.
 /// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
 ///
 X509* QSimpleCrypto::QX509::loadCertificateFromFile(const QByteArray& fileName)
 {
    try {
        /* Initialize X509 */
        X509* x509 = nullptr;
        if (!(x509 = X509_new())) {
            throw std::runtime_error("Couldn't initialize X509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Initialize BIO */
        std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(fileName.data(), "r+"), BIO_free_all };
        if (certFile == nullptr) {
            throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Read file */
        if (!PEM_read_bio_X509(certFile.get(), &x509, nullptr, nullptr)) {
            throw std::runtime_error("Couldn't read certificate file from disk. PEM_read_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        return x509;
    } catch (std::exception& exception) {
        QSimpleCrypto::QX509::error.setError(1, exception.what());
        return nullptr;
    } catch (...) {
        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
        return nullptr;
    }
 }
 ///
 /// \brief QSimpleCrypto::QX509::signCertificate - Function signs X509 certificate and returns signed X509 OpenSSL structure.
 /// \param endCertificate - Certificate that will be signed
 /// \param caCertificate - CA certificate that will sign end certificate
 /// \param caPrivateKey - CA certificate private key
 /// \param fileName - With that name certificate will be saved. Leave "", if don't need to save it
 /// \return Returns OpenSSL X509 structure or nullptr, if error happened.
 ///
 X509* QSimpleCrypto::QX509::signCertificate(X509* endCertificate, X509* caCertificate, EVP_PKEY* caPrivateKey, const QByteArray& fileName)
 {
    try {
        /* Set issuer to CA's subject. */
        if (!X509_set_issuer_name(endCertificate, X509_get_subject_name(caCertificate))) {
            throw std::runtime_error("Couldn't set issuer name for X509. X509_set_issuer_name(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Sign the certificate with key. */
        if (!X509_sign(endCertificate, caPrivateKey, EVP_sha256())) {
            throw std::runtime_error("Couldn't sign X509. X509_sign(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Write certificate file on disk. If needed */
        if (!fileName.isEmpty()) {
            /* Initialize BIO */
            std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(fileName.data(), "w+"), BIO_free_all };
            if (certFile == nullptr) {
                throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
            /* Write file on disk */
            if (!PEM_write_bio_X509(certFile.get(), endCertificate)) {
                throw std::runtime_error("Couldn't write certificate file on disk. PEM_write_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
        }
        return endCertificate;
    } catch (std::exception& exception) {
        QSimpleCrypto::QX509::error.setError(1, exception.what());
        return nullptr;
    } catch (...) {
        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
        return nullptr;
    }
 }
 ///
 /// \brief QSimpleCrypto::QX509::verifyCertificate - Function verifies X509 certificate and returns verified X509 OpenSSL structure.
 /// \param x509 - OpenSSL X509. That certificate will be verified.
 /// \param store - Trusted certificate must be added to X509_Store with 'addCertificateToStore(X509_STORE* ctx, X509* x509)'.
 /// \return Returns OpenSSL X509 structure or nullptr, if error happened
 ///
 X509* QSimpleCrypto::QX509::verifyCertificate(X509* x509, X509_STORE* store)
 {
    try {
        /* Initialize X509_STORE_CTX */
        std::unique_ptr<X509_STORE_CTX, void (*)(X509_STORE_CTX*)> ctx { X509_STORE_CTX_new(), X509_STORE_CTX_free };
        if (ctx == nullptr) {
            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set up CTX for a subsequent verification operation */
        if (!X509_STORE_CTX_init(ctx.get(), store, x509, nullptr)) {
            throw std::runtime_error("Couldn't initialize X509_STORE_CTX. X509_STORE_CTX_init(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Verify X509 */
        if (!X509_verify_cert(ctx.get())) {
            throw std::runtime_error("Couldn't verify cert. X509_verify_cert(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        return x509;
    } catch (std::exception& exception) {
        QSimpleCrypto::QX509::error.setError(1, exception.what());
        return nullptr;
    } catch (...) {
        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
        return nullptr;
    }
 }
 ///
 /// \brief QSimpleCrypto::QX509::generateSelfSignedCertificate - Function generatesand returns  self signed X509.
 /// \param rsa - OpenSSL RSA.
 /// \param additionalData - Certificate information.
 /// \param certificateFileName - With that name certificate will be saved. Leave "", if don't need to save it.
 /// \param md - OpenSSL EVP_MD structure. Example: EVP_sha512().
 /// \param serialNumber - X509 certificate serial number.
 /// \param version - X509 certificate version.
 /// \param notBefore - X509 start date.
 /// \param notAfter - X509 end date.
 /// \return Returns OpenSSL X509 structure or nullptr, if error happened. Returned value must be cleaned up with 'X509_free' to avoid memory leak.
 ///
 X509* QSimpleCrypto::QX509::generateSelfSignedCertificate(RSA* rsa, const QMap<QByteArray, QByteArray>& additionalData,
    const QByteArray& certificateFileName, const EVP_MD* md,
    const long& serialNumber, const long& version,
    const long& notBefore, const long& notAfter)
 {
    try {
        /* Initialize X509 */
        X509* x509 = nullptr;
        if (!(x509 = X509_new())) {
            throw std::runtime_error("Couldn't initialize X509. X509_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Initialize EVP_PKEY */
        std::unique_ptr<EVP_PKEY, void (*)(EVP_PKEY*)> keyStore { EVP_PKEY_new(), EVP_PKEY_free };
        if (keyStore == nullptr) {
            throw std::runtime_error("Couldn't initialize keyStore. EVP_PKEY_new(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Sign rsa key */
        if (!EVP_PKEY_assign_RSA(keyStore.get(), rsa)) {
            throw std::runtime_error("Couldn't assign rsa. EVP_PKEY_assign_RSA(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set certificate serial number. */
        if (!ASN1_INTEGER_set(X509_get_serialNumber(x509), serialNumber)) {
            throw std::runtime_error("Couldn't set serial number. ASN1_INTEGER_set(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set certificate version */
        if (!X509_set_version(x509, version)) {
            throw std::runtime_error("Couldn't set version. X509_set_version(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Set certificate creation and expiration date */
        X509_gmtime_adj(X509_get_notBefore(x509), notBefore);
        X509_gmtime_adj(X509_get_notAfter(x509), notAfter);
        /* Set certificate public key */
        if (!X509_set_pubkey(x509, keyStore.get())) {
            throw std::runtime_error("Couldn't set public key. X509_set_pubkey(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Initialize X509_NAME */
        X509_NAME* x509Name = X509_get_subject_name(x509);
        if (x509Name == nullptr) {
            throw std::runtime_error("Couldn't initialize X509_NAME. X509_NAME(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Add additional data to certificate */
        QMapIterator<QByteArray, QByteArray> certificateInformationList(additionalData);
        while (certificateInformationList.hasNext()) {
            /* Read next item in list */
            certificateInformationList.next();
            /* Set additional data */
            if (!X509_NAME_add_entry_by_txt(x509Name, certificateInformationList.key().data(), MBSTRING_UTF8, reinterpret_cast<const unsigned char*>(certificateInformationList.value().data()), -1, -1, 0)) {
                throw std::runtime_error("Couldn't set additional information. X509_NAME_add_entry_by_txt(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
        }
        /* Set certificate info */
        if (!X509_set_issuer_name(x509, x509Name)) {
            throw std::runtime_error("Couldn't set issuer name. X509_set_issuer_name(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Sign certificate */
        if (!X509_sign(x509, keyStore.get(), md)) {
            throw std::runtime_error("Couldn't sign X509. X509_sign(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        }
        /* Write certificate file on disk. If needed */
        if (!certificateFileName.isEmpty()) {
            /* Initialize BIO */
            std::unique_ptr<BIO, void (*)(BIO*)> certFile { BIO_new_file(certificateFileName.data(), "w+"), BIO_free_all };
            if (certFile == nullptr) {
                throw std::runtime_error("Couldn't initialize certFile. BIO_new_file(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
            /* Write file on disk */
            if (!PEM_write_bio_X509(certFile.get(), x509)) {
                throw std::runtime_error("Couldn't write certificate file on disk. PEM_write_bio_X509(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
            }
        }
        return x509;
    } catch (std::exception& exception) {
        QSimpleCrypto::QX509::error.setError(1, exception.what());
        return nullptr;
    } catch (...) {
        QSimpleCrypto::QX509::error.setError(2, "Unknown error!");
        return nullptr;
    }
 }
--- a/client/3rd/QSimpleCrypto/sources/QX509Store.cpp
+++ b/client/3rd/QSimpleCrypto/sources/QX509Store.cpp
@ -1,176 +0,0 @@
 /**
 * Copyright 2021 BrutalWizard (https://github.com/bru74lw1z4rd). All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License"). You may not use
 * this file except in compliance with the License. You can obtain a copy
 * in the file LICENSE in the source distribution
 **/
 #include "include/QX509Store.h"
 QSimpleCrypto::QX509Store::QX509Store()
 {
 }
 ///
 /// \brief QSimpleCrypto::QX509::addCertificateToStore
 /// \param store - OpenSSL X509_STORE.
 /// \param x509 - OpenSSL X509.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::addCertificateToStore(X509_STORE* store, X509* x509)
 {
    if (!X509_STORE_add_cert(store, x509)) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't add certificate to X509_STORE. X509_STORE_add_cert(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::addLookup
 /// \param store - OpenSSL X509_STORE.
 /// \param method - OpenSSL X509_LOOKUP_METHOD. Example: X509_LOOKUP_file.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::addLookup(X509_STORE* store, X509_LOOKUP_METHOD* method)
 {
    if (!X509_STORE_add_lookup(store, method)) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't add lookup to X509_STORE. X509_STORE_add_lookup(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::setCertificateDepth
 /// \param store - OpenSSL X509_STORE.
 /// \param depth - That is the maximum number of untrusted CA certificates that can appear in a chain. Example: 0.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::setDepth(X509_STORE* store, const int& depth)
 {
    if (!X509_STORE_set_depth(store, depth)) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set depth for X509_STORE. X509_STORE_set_depth(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::setFlag
 /// \param store - OpenSSL X509_STORE.
 /// \param flag - The verification flags consists of zero or more of the following flags ored together. Example: X509_V_FLAG_CRL_CHECK.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::setFlag(X509_STORE* store, const unsigned long& flag)
 {
    if (!X509_STORE_set_flags(store, flag)) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set flag for X509_STORE. X509_STORE_set_flags(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::setFlag
 /// \param store - OpenSSL X509_STORE.
 /// \param purpose - Verification purpose in param to purpose. Example: X509_PURPOSE_ANY.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::setPurpose(X509_STORE* store, const int& purpose)
 {
    if (!X509_STORE_set_purpose(store, purpose)) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set purpose for X509_STORE. X509_STORE_set_purpose(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::setTrust
 /// \param store - OpenSSL X509_STORE.
 /// \param trust - Trust Level. Example: X509_TRUST_SSL_SERVER.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::setTrust(X509_STORE* store, const int& trust)
 {
    if (!X509_STORE_set_trust(store, trust)) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set trust for X509_STORE. X509_STORE_set_trust(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::setDefaultPaths
 /// \param store - OpenSSL X509_STORE.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::setDefaultPaths(X509_STORE* store)
 {
    if (!X509_STORE_set_default_paths(store)) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't set default paths for X509_STORE. X509_STORE_set_default_paths(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::loadLocations
 /// \param store - OpenSSL X509_STORE.
 /// \param fileName - File name. Example: "caCertificate.pem".
 /// \param dirPath - Path to file. Example: "path/To/File".
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QByteArray& fileName, const QByteArray& dirPath)
 {
    if (!X509_STORE_load_locations(store, fileName, dirPath)) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::loadLocations
 /// \param store - OpenSSL X509_STORE.
 /// \param file - Qt QFile that will be loaded.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QFile& file)
 {
    /* Initialize QFileInfo to read information about file */
    QFileInfo info(file);
    if (!X509_STORE_load_locations(store, info.fileName().toLocal8Bit(), info.absoluteDir().path().toLocal8Bit())) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
 ///
 /// \brief QSimpleCrypto::QX509Store::loadLocations
 /// \param store - OpenSSL X509_STORE.
 /// \param fileInfo - Qt QFileInfo.
 /// \return Returns 'true' on success and 'false', if error happened.
 ///
 bool QSimpleCrypto::QX509Store::loadLocations(X509_STORE* store, const QFileInfo& fileInfo)
 {
    if (!X509_STORE_load_locations(store, fileInfo.fileName().toLocal8Bit(), fileInfo.absoluteDir().path().toLocal8Bit())) {
        QSimpleCrypto::QX509Store::error.setError(1, "Couldn't load locations for X509_STORE. X509_STORE_load_locations(). Error: " + QByteArray(ERR_error_string(ERR_get_error(), nullptr)));
        return false;
    }
    return true;
 }
--- a/client/3rd/SingleApplication/singleapplication.cmake
+++ b/client/3rd/SingleApplication/singleapplication.cmake
@ -1,25 +0,0 @@
 include_directories(${CMAKE_CURRENT_LIST_DIR})
 find_package(Qt6 REQUIRED COMPONENTS 
    Core Network
 )
 set(LIBS ${LIBS} Qt6::Core Qt6::Network)
 set(HEADERS ${HEADERS}
    ${CMAKE_CURRENT_LIST_DIR}/singleapplication.h 
    ${CMAKE_CURRENT_LIST_DIR}/singleapplication_p.h
 )
 set(SOURCES ${SOURCES}
    ${CMAKE_CURRENT_LIST_DIR}/singleapplication.cpp 
    ${CMAKE_CURRENT_LIST_DIR}/singleapplication_p.cpp
 )
 if(WIN32)
    if(MSVC)
        set(LIBS ${LIBS} Advapi32.lib)
    elseif ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU")
        set(LIBS ${LIBS} advapi32)
    endif()    
 endif()
--- a/client/3rd/SingleApplication/singleapplication.cpp
+++ b/client/3rd/SingleApplication/singleapplication.cpp
@ -1,274 +0,0 @@
 // The MIT License (MIT)
 //
 // Copyright (c) Itay Grudev 2015 - 2020
 //
 // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to deal
 // in the Software without restriction, including without limitation the rights
 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 // copies of the Software, and to permit persons to whom the Software is
 // furnished to do so, subject to the following conditions:
 //
 // The above copyright notice and this permission notice shall be included in
 // all copies or substantial portions of the Software.
 //
 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 // THE SOFTWARE.
 #include <QtCore/QElapsedTimer>
 #include <QtCore/QByteArray>
 #include <QtCore/QSharedMemory>
 #include "singleapplication.h"
 #include "singleapplication_p.h"
 /**
 * @brief Constructor. Checks and fires up LocalServer or closes the program
 * if another instance already exists
 * @param argc
 * @param argv
 * @param allowSecondary Whether to enable secondary instance support
 * @param options Optional flags to toggle specific behaviour
 * @param timeout Maximum time blocking functions are allowed during app load
 */
 SingleApplication::SingleApplication( int &argc, char *argv[], bool allowSecondary, Options options, int timeout, const QString &userData )
    : app_t( argc, argv ), d_ptr( new SingleApplicationPrivate( this ) )
 {
    Q_D( SingleApplication );
 #if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
    // On Android and iOS since the library is not supported fallback to
    // standard QApplication behaviour by simply returning at this point.
    qWarning() << "SingleApplication is not supported on Android and iOS systems.";
    return;
 #endif
    // Store the current mode of the program
    d->options = options;
    // Add any unique user data
    if ( ! userData.isEmpty() )
        d->addAppData( userData );
    // Generating an application ID used for identifying the shared memory
    // block and QLocalServer
    d->genBlockServerName();
    // To mitigate QSharedMemory issues with large amount of processes
    // attempting to attach at the same time
    SingleApplicationPrivate::randomSleep();
 #ifdef Q_OS_UNIX
    // By explicitly attaching it and then deleting it we make sure that the
    // memory is deleted even after the process has crashed on Unix.
    d->memory = new QSharedMemory( d->blockServerName );
    d->memory->attach();
    delete d->memory;
 #endif
    // Guarantee thread safe behaviour with a shared memory block.
    d->memory = new QSharedMemory( d->blockServerName );
    // Create a shared memory block
    if( d->memory->create( sizeof( InstancesInfo ) )){
        // Initialize the shared memory block
        if( ! d->memory->lock() ){
          qCritical() << "SingleApplication: Unable to lock memory block after create.";
          abortSafely();
        }
        d->initializeMemoryBlock();
    } else {
        if( d->memory->error() == QSharedMemory::AlreadyExists ){
          // Attempt to attach to the memory segment
          if( ! d->memory->attach() ){
              qCritical() << "SingleApplication: Unable to attach to shared memory block.";
              abortSafely();
          }
          if( ! d->memory->lock() ){
            qCritical() << "SingleApplication: Unable to lock memory block after attach.";
            abortSafely();
          }
        } else {
          qCritical() << "SingleApplication: Unable to create block.";
          abortSafely();
        }
    }
    auto *inst = static_cast<InstancesInfo*>( d->memory->data() );
    QElapsedTimer time;
    time.start();
    // Make sure the shared memory block is initialised and in consistent state
    while( true ){
      // If the shared memory block's checksum is valid continue
      if( d->blockChecksum() == inst->checksum ) break;
      // If more than 5s have elapsed, assume the primary instance crashed and
      // assume it's position
      if( time.elapsed() > 5000 ){
          qWarning() << "SingleApplication: Shared memory block has been in an inconsistent state from more than 5s. Assuming primary instance failure.";
          d->initializeMemoryBlock();
      }
      // Otherwise wait for a random period and try again. The random sleep here
      // limits the probability of a collision between two racing apps and
      // allows the app to initialise faster
      if( ! d->memory->unlock() ){
        qDebug() << "SingleApplication: Unable to unlock memory for random wait.";
        qDebug() << d->memory->errorString();
      }
      SingleApplicationPrivate::randomSleep();
      if( ! d->memory->lock() ){
        qCritical() << "SingleApplication: Unable to lock memory after random wait.";
        abortSafely();
      }
    }
    if( inst->primary == false ){
        d->startPrimary();
        if( ! d->memory->unlock() ){
          qDebug() << "SingleApplication: Unable to unlock memory after primary start.";
          qDebug() << d->memory->errorString();
        }
        return;
    }
    // Check if another instance can be started
    if( allowSecondary ){
        d->startSecondary();
        if( d->options & Mode::SecondaryNotification ){
            d->connectToPrimary( timeout, SingleApplicationPrivate::SecondaryInstance );
        }
        if( ! d->memory->unlock() ){
          qDebug() << "SingleApplication: Unable to unlock memory after secondary start.";
          qDebug() << d->memory->errorString();
        }
        return;
    }
    if( ! d->memory->unlock() ){
      qDebug() << "SingleApplication: Unable to unlock memory at end of execution.";
      qDebug() << d->memory->errorString();
    }
    d->connectToPrimary( timeout, SingleApplicationPrivate::NewInstance );
    delete d;
    ::exit( EXIT_SUCCESS );
 }
 SingleApplication::~SingleApplication()
 {
    Q_D( SingleApplication );
    delete d;
 }
 /**
 * Checks if the current application instance is primary.
 * @return Returns true if the instance is primary, false otherwise.
 */
 bool SingleApplication::isPrimary() const
 {
    Q_D( const SingleApplication );
    return d->server != nullptr;
 }
 /**
 * Checks if the current application instance is secondary.
 * @return Returns true if the instance is secondary, false otherwise.
 */
 bool SingleApplication::isSecondary() const
 {
    Q_D( const SingleApplication );
    return d->server == nullptr;
 }
 /**
 * Allows you to identify an instance by returning unique consecutive instance
 * ids. It is reset when the first (primary) instance of your app starts and
 * only incremented afterwards.
 * @return Returns a unique instance id.
 */
 quint32 SingleApplication::instanceId() const
 {
    Q_D( const SingleApplication );
    return d->instanceNumber;
 }
 /**
 * Returns the OS PID (Process Identifier) of the process running the primary
 * instance. Especially useful when SingleApplication is coupled with OS.
 * specific APIs.
 * @return Returns the primary instance PID.
 */
 qint64 SingleApplication::primaryPid() const
 {
    Q_D( const SingleApplication );
    return d->primaryPid();
 }
 /**
 * Returns the username the primary instance is running as.
 * @return Returns the username the primary instance is running as.
 */
 QString SingleApplication::primaryUser() const
 {
    Q_D( const SingleApplication );
    return d->primaryUser();
 }
 /**
 * Returns the username the current instance is running as.
 * @return Returns the username the current instance is running as.
 */
 QString SingleApplication::currentUser() const
 {
    return SingleApplicationPrivate::getUsername();
 }
 /**
 * Sends message to the Primary Instance.
 * @param message The message to send.
 * @param timeout the maximum timeout in milliseconds for blocking functions.
 * @return true if the message was sent successfuly, false otherwise.
 */
 bool SingleApplication::sendMessage( const QByteArray &message, int timeout )
 {
    Q_D( SingleApplication );
    // Nobody to connect to
    if( isPrimary() ) return false;
    // Make sure the socket is connected
    if( ! d->connectToPrimary( timeout,  SingleApplicationPrivate::Reconnect ) )
      return false;
    d->socket->write( message );
    bool dataWritten = d->socket->waitForBytesWritten( timeout );
    d->socket->flush();
    return dataWritten;
 }
 /**
 * Cleans up the shared memory block and exits with a failure.
 * This function halts program execution.
 */
 void SingleApplication::abortSafely()
 {
    Q_D( SingleApplication );
    qCritical() << "SingleApplication: " << d->memory->error() << d->memory->errorString();
    delete d;
    ::exit( EXIT_FAILURE );
 }
 QStringList SingleApplication::userData() const
 {
    Q_D( const SingleApplication );
    return d->appData();
 }
--- a/client/3rd/SingleApplication/singleapplication.h
+++ b/client/3rd/SingleApplication/singleapplication.h
@ -1,154 +0,0 @@
 // The MIT License (MIT)
 //
 // Copyright (c) Itay Grudev 2015 - 2018
 //
 // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to deal
 // in the Software without restriction, including without limitation the rights
 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 // copies of the Software, and to permit persons to whom the Software is
 // furnished to do so, subject to the following conditions:
 //
 // The above copyright notice and this permission notice shall be included in
 // all copies or substantial portions of the Software.
 //
 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 // THE SOFTWARE.
 #ifndef SINGLE_APPLICATION_H
 #define SINGLE_APPLICATION_H
 #include <QtCore/QtGlobal>
 #include <QtNetwork/QLocalSocket>
 #ifndef QAPPLICATION_CLASS
  #define QAPPLICATION_CLASS QApplication
 #endif
 #include QT_STRINGIFY(QAPPLICATION_CLASS)
 class SingleApplicationPrivate;
 /**
 * @brief The SingleApplication class handles multiple instances of the same
 * Application
 * @see QCoreApplication
 */
 class SingleApplication : public QAPPLICATION_CLASS
 {
    Q_OBJECT
    using app_t = QAPPLICATION_CLASS;
 public:
    /**
     * @brief Mode of operation of SingleApplication.
     * Whether the block should be user-wide or system-wide and whether the
     * primary instance should be notified when a secondary instance had been
     * started.
     * @note Operating system can restrict the shared memory blocks to the same
     * user, in which case the User/System modes will have no effect and the
     * block will be user wide.
     * @enum
     */
    enum Mode {
        User                    = 1 << 0,
        System                  = 1 << 1,
        SecondaryNotification   = 1 << 2,
        ExcludeAppVersion       = 1 << 3,
        ExcludeAppPath          = 1 << 4
    };
    Q_DECLARE_FLAGS(Options, Mode)
    /**
     * @brief Intitializes a SingleApplication instance with argc command line
     * arguments in argv
     * @arg {int &} argc - Number of arguments in argv
     * @arg {const char *[]} argv - Supplied command line arguments
     * @arg {bool} allowSecondary - Whether to start the instance as secondary
     * if there is already a primary instance.
     * @arg {Mode} mode - Whether for the SingleApplication block to be applied
     * User wide or System wide.
     * @arg {int} timeout - Timeout to wait in milliseconds.
     * @note argc and argv may be changed as Qt removes arguments that it
     * recognizes
     * @note Mode::SecondaryNotification only works if set on both the primary
     * instance and the secondary instance.
     * @note The timeout is just a hint for the maximum time of blocking
     * operations. It does not guarantee that the SingleApplication
     * initialisation will be completed in given time, though is a good hint.
     * Usually 4*timeout would be the worst case (fail) scenario.
     * @see See the corresponding QAPPLICATION_CLASS constructor for reference
     */
    explicit SingleApplication( int &argc, char *argv[], bool allowSecondary = false, Options options = Mode::User, int timeout = 1000, const QString &userData = {} );
    ~SingleApplication() override;
    /**
     * @brief Returns if the instance is the primary instance
     * @returns {bool}
     */
    bool isPrimary() const;
    /**
     * @brief Returns if the instance is a secondary instance
     * @returns {bool}
     */
    bool isSecondary() const;
    /**
     * @brief Returns a unique identifier for the current instance
     * @returns {qint32}
     */
    quint32 instanceId() const;
    /**
     * @brief Returns the process ID (PID) of the primary instance
     * @returns {qint64}
     */
    qint64 primaryPid() const;
    /**
     * @brief Returns the username of the user running the primary instance
     * @returns {QString}
     */
    QString primaryUser() const;
    /**
     * @brief Returns the username of the current user
     * @returns {QString}
     */
    QString currentUser() const;
    /**
     * @brief Sends a message to the primary instance. Returns true on success.
     * @param {int} timeout - Timeout for connecting
     * @returns {bool}
     * @note sendMessage() will return false if invoked from the primary
     * instance.
     */
    bool sendMessage( const QByteArray &message, int timeout = 100 );
    /**
     * @brief Get the set user data.
     * @returns {QStringList}
     */
    QStringList userData() const;
 Q_SIGNALS:
    void instanceStarted();
    void receivedMessage( quint32 instanceId, QByteArray message );
 private:
    SingleApplicationPrivate *d_ptr;
    Q_DECLARE_PRIVATE(SingleApplication)
    void abortSafely();
 };
 Q_DECLARE_OPERATORS_FOR_FLAGS(SingleApplication::Options)
 #endif // SINGLE_APPLICATION_H
--- a/client/3rd/SingleApplication/singleapplication.pri
+++ b/client/3rd/SingleApplication/singleapplication.pri
@ -1,15 +0,0 @@
 QT += core network
 CONFIG += c++11
 HEADERS +=  \
    $$PWD/singleapplication.h \
    $$PWD/singleapplication_p.h
 SOURCES += $$PWD/singleapplication.cpp \
    $$PWD/singleapplication_p.cpp
 INCLUDEPATH += $$PWD
 win32 {
    msvc:LIBS += Advapi32.lib
    gcc:LIBS += -ladvapi32
 }
--- a/client/3rd/SingleApplication/singleapplication_p.cpp
+++ b/client/3rd/SingleApplication/singleapplication_p.cpp
@ -1,486 +0,0 @@
 // The MIT License (MIT)
 //
 // Copyright (c) Itay Grudev 2015 - 2020
 //
 // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to deal
 // in the Software without restriction, including without limitation the rights
 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 // copies of the Software, and to permit persons to whom the Software is
 // furnished to do so, subject to the following conditions:
 //
 // The above copyright notice and this permission notice shall be included in
 // all copies or substantial portions of the Software.
 //
 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 // THE SOFTWARE.
 //
 //  W A R N I N G !!!
 //  -----------------
 //
 // This file is not part of the SingleApplication API. It is used purely as an
 // implementation detail. This header file may change from version to
 // version without notice, or may even be removed.
 //
 #include <cstdlib>
 #include <cstddef>
 #include <QtCore/QDir>
 #include <QtCore/QThread>
 #include <QtCore/QByteArray>
 #include <QtCore/QDataStream>
 #include <QtCore/QElapsedTimer>
 #include <QtCore/QCryptographicHash>
 #include <QtNetwork/QLocalServer>
 #include <QtNetwork/QLocalSocket>
 #if QT_VERSION >= QT_VERSION_CHECK(5, 10, 0)
 #include <QtCore/QRandomGenerator>
 #else
 #include <QtCore/QDateTime>
 #endif
 #include "singleapplication.h"
 #include "singleapplication_p.h"
 #ifdef Q_OS_UNIX
    #include <unistd.h>
    #include <sys/types.h>
    #include <pwd.h>
 #endif
 #ifdef Q_OS_WIN
    #ifndef NOMINMAX
        #define NOMINMAX 1
    #endif
    #include <windows.h>
    #include <lmcons.h>
 #endif
 SingleApplicationPrivate::SingleApplicationPrivate( SingleApplication *q_ptr )
    : q_ptr( q_ptr )
 {
    server = nullptr;
    socket = nullptr;
    memory = nullptr;
    instanceNumber = 0;
 }
 SingleApplicationPrivate::~SingleApplicationPrivate()
 {
    if( socket != nullptr ){
        socket->close();
        delete socket;
    }
    if( memory != nullptr ){
        memory->lock();
        auto *inst = static_cast<InstancesInfo*>(memory->data());
        if( server != nullptr ){
            server->close();
            delete server;
            inst->primary = false;
            inst->primaryPid = -1;
            inst->primaryUser[0] =  '\0';
            inst->checksum = blockChecksum();
        }
        memory->unlock();
        delete memory;
    }
 }
 QString SingleApplicationPrivate::getUsername()
 {
 #ifdef Q_OS_WIN
      wchar_t username[UNLEN + 1];
      // Specifies size of the buffer on input
      DWORD usernameLength = UNLEN + 1;
      if( GetUserNameW( username, &usernameLength ) )
          return QString::fromWCharArray( username );
 #if QT_VERSION < QT_VERSION_CHECK(5, 10, 0)
      return QString::fromLocal8Bit( qgetenv( "USERNAME" ) );
 #else
      return qEnvironmentVariable( "USERNAME" );
 #endif
 #endif
 #ifdef Q_OS_UNIX
      QString username;
      uid_t uid = geteuid();
      struct passwd *pw = getpwuid( uid );
      if( pw )
          username = QString::fromLocal8Bit( pw->pw_name );
      if ( username.isEmpty() ){
 #if QT_VERSION < QT_VERSION_CHECK(5, 10, 0)
          username = QString::fromLocal8Bit( qgetenv( "USER" ) );
 #else
          username = qEnvironmentVariable( "USER" );
 #endif
      }
      return username;
 #endif
 }
 void SingleApplicationPrivate::genBlockServerName()
 {
    QCryptographicHash appData( QCryptographicHash::Sha256 );
    appData.addData( "SingleApplication", 17 );
    appData.addData( SingleApplication::app_t::applicationName().toUtf8() );
    appData.addData( SingleApplication::app_t::organizationName().toUtf8() );
    appData.addData( SingleApplication::app_t::organizationDomain().toUtf8() );
    if ( ! appDataList.isEmpty() )
        appData.addData( appDataList.join( "" ).toUtf8() );
    if( ! (options & SingleApplication::Mode::ExcludeAppVersion) ){
        appData.addData( SingleApplication::app_t::applicationVersion().toUtf8() );
    }
    if( ! (options & SingleApplication::Mode::ExcludeAppPath) ){
 #ifdef Q_OS_WIN
        appData.addData( SingleApplication::app_t::applicationFilePath().toLower().toUtf8() );
 #else
        appData.addData( SingleApplication::app_t::applicationFilePath().toUtf8() );
 #endif
    }
    // User level block requires a user specific data in the hash
    if( options & SingleApplication::Mode::User ){
        appData.addData( getUsername().toUtf8() );
    }
    // Replace the backslash in RFC 2045 Base64 [a-zA-Z0-9+/=] to comply with
    // server naming requirements.
    blockServerName = appData.result().toBase64().replace("/", "_");
 }
 void SingleApplicationPrivate::initializeMemoryBlock() const
 {
    auto *inst = static_cast<InstancesInfo*>( memory->data() );
    inst->primary = false;
    inst->secondary = 0;
    inst->primaryPid = -1;
    inst->primaryUser[0] =  '\0';
    inst->checksum = blockChecksum();
 }
 void SingleApplicationPrivate::startPrimary()
 {
    // Reset the number of connections
    auto *inst = static_cast <InstancesInfo*>( memory->data() );
    inst->primary = true;
    inst->primaryPid = QCoreApplication::applicationPid();
    qstrncpy( inst->primaryUser, getUsername().toUtf8().data(), sizeof(inst->primaryUser) );
    inst->checksum = blockChecksum();
    instanceNumber = 0;
    // Successful creation means that no main process exists
    // So we start a QLocalServer to listen for connections
    QLocalServer::removeServer( blockServerName );
    server = new QLocalServer();
    // Restrict access to the socket according to the
    // SingleApplication::Mode::User flag on User level or no restrictions
    if( options & SingleApplication::Mode::User ){
        server->setSocketOptions( QLocalServer::UserAccessOption );
    } else {
        server->setSocketOptions( QLocalServer::WorldAccessOption );
    }
    server->listen( blockServerName );
    QObject::connect(
        server,
        &QLocalServer::newConnection,
        this,
        &SingleApplicationPrivate::slotConnectionEstablished
    );
 }
 void SingleApplicationPrivate::startSecondary()
 {
  auto *inst = static_cast <InstancesInfo*>( memory->data() );
  inst->secondary += 1;
  inst->checksum = blockChecksum();
  instanceNumber = inst->secondary;
 }
 bool SingleApplicationPrivate::connectToPrimary( int msecs, ConnectionType connectionType )
 {
    QElapsedTimer time;
    time.start();
    // Connect to the Local Server of the Primary Instance if not already
    // connected.
    if( socket == nullptr ){
        socket = new QLocalSocket();
    }
    if( socket->state() == QLocalSocket::ConnectedState ) return true;
    if( socket->state() != QLocalSocket::ConnectedState ){
        while( true ){
            randomSleep();
          if( socket->state() != QLocalSocket::ConnectingState )
            socket->connectToServer( blockServerName );
          if( socket->state() == QLocalSocket::ConnectingState ){
              socket->waitForConnected( static_cast<int>(msecs - time.elapsed()) );
          }
          // If connected break out of the loop
          if( socket->state() == QLocalSocket::ConnectedState ) break;
          // If elapsed time since start is longer than the method timeout return
          if( time.elapsed() >= msecs ) return false;
        }
    }
    // Initialisation message according to the SingleApplication protocol
    QByteArray initMsg;
    QDataStream writeStream(&initMsg, QIODevice::WriteOnly);
 #if (QT_VERSION >= QT_VERSION_CHECK(5, 6, 0))
    writeStream.setVersion(QDataStream::Qt_5_6);
 #endif
    writeStream << blockServerName.toLatin1();
    writeStream << static_cast<quint8>(connectionType);
    writeStream << instanceNumber;
 #if QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)
    quint16 checksum = qChecksum(QByteArray(initMsg, static_cast<quint32>(initMsg.length())));
 #else
    quint16 checksum = qChecksum(initMsg.constData(), static_cast<quint32>(initMsg.length()));
 #endif
    writeStream << checksum;
    // The header indicates the message length that follows
    QByteArray header;
    QDataStream headerStream(&header, QIODevice::WriteOnly);
 #if (QT_VERSION >= QT_VERSION_CHECK(5, 6, 0))
    headerStream.setVersion(QDataStream::Qt_5_6);
 #endif
    headerStream << static_cast <quint64>( initMsg.length() );
    socket->write( header );
    socket->write( initMsg );
    bool result = socket->waitForBytesWritten( static_cast<int>(msecs - time.elapsed()) );
    socket->flush();
    return result;
 }
 quint16 SingleApplicationPrivate::blockChecksum() const
 {
 #if QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)
    quint16 checksum = qChecksum(QByteArray(static_cast<const char*>(memory->constData()), offsetof(InstancesInfo, checksum)));
 #else
    quint16 checksum = qChecksum(static_cast<const char*>(memory->constData()), offsetof(InstancesInfo, checksum));
 #endif
    return checksum;
 }
 qint64 SingleApplicationPrivate::primaryPid() const
 {
    qint64 pid;
    memory->lock();
    auto *inst = static_cast<InstancesInfo*>( memory->data() );
    pid = inst->primaryPid;
    memory->unlock();
    return pid;
 }
 QString SingleApplicationPrivate::primaryUser() const
 {
    QByteArray username;
    memory->lock();
    auto *inst = static_cast<InstancesInfo*>( memory->data() );
    username = inst->primaryUser;
    memory->unlock();
    return QString::fromUtf8( username );
 }
 /**
 * @brief Executed when a connection has been made to the LocalServer
 */
 void SingleApplicationPrivate::slotConnectionEstablished()
 {
    QLocalSocket *nextConnSocket = server->nextPendingConnection();
    connectionMap.insert(nextConnSocket, ConnectionInfo());
    QObject::connect(nextConnSocket, &QLocalSocket::aboutToClose,
        [nextConnSocket, this](){
            auto &info = connectionMap[nextConnSocket];
            Q_EMIT this->slotClientConnectionClosed( nextConnSocket, info.instanceId );
        }
    );
    QObject::connect(nextConnSocket, &QLocalSocket::disconnected, nextConnSocket, &QLocalSocket::deleteLater);
    QObject::connect(nextConnSocket, &QLocalSocket::destroyed,
        [nextConnSocket, this](){
            connectionMap.remove(nextConnSocket);
        }
    );
    QObject::connect(nextConnSocket, &QLocalSocket::readyRead,
        [nextConnSocket, this](){
            auto &info = connectionMap[nextConnSocket];
            switch(info.stage){
            case StageHeader:
                readInitMessageHeader(nextConnSocket);
                break;
            case StageBody:
                readInitMessageBody(nextConnSocket);
                break;
            case StageConnected:
                Q_EMIT this->slotDataAvailable( nextConnSocket, info.instanceId );
                break;
            default:
                break;
            };
        }
    );
 }
 void SingleApplicationPrivate::readInitMessageHeader( QLocalSocket *sock )
 {
    if (!connectionMap.contains( sock )){
        return;
    }
    if( sock->bytesAvailable() < ( qint64 )sizeof( quint64 ) ){
        return;
    }
    QDataStream headerStream( sock );
 #if (QT_VERSION >= QT_VERSION_CHECK(5, 6, 0))
    headerStream.setVersion( QDataStream::Qt_5_6 );
 #endif
    // Read the header to know the message length
    quint64 msgLen = 0;
    headerStream >> msgLen;
    ConnectionInfo &info = connectionMap[sock];
    info.stage = StageBody;
    info.msgLen = msgLen;
    if ( sock->bytesAvailable() >= (qint64) msgLen ){
        readInitMessageBody( sock );
    }
 }
 void SingleApplicationPrivate::readInitMessageBody( QLocalSocket *sock )
 {
    Q_Q(SingleApplication);
    if (!connectionMap.contains( sock )){
        return;
    }
    ConnectionInfo &info = connectionMap[sock];
    if( sock->bytesAvailable() < ( qint64 )info.msgLen ){
        return;
    }
    // Read the message body
    QByteArray msgBytes = sock->read(info.msgLen);
    QDataStream readStream(msgBytes);
 #if (QT_VERSION >= QT_VERSION_CHECK(5, 6, 0))
    readStream.setVersion( QDataStream::Qt_5_6 );
 #endif
    // server name
    QByteArray latin1Name;
    readStream >> latin1Name;
    // connection type
    ConnectionType connectionType = InvalidConnection;
    quint8 connTypeVal = InvalidConnection;
    readStream >> connTypeVal;
    connectionType = static_cast <ConnectionType>( connTypeVal );
    // instance id
    quint32 instanceId = 0;
    readStream >> instanceId;
    // checksum
    quint16 msgChecksum = 0;
    readStream >> msgChecksum;
 #if QT_VERSION >= QT_VERSION_CHECK(6, 0, 0)
    const quint16 actualChecksum = qChecksum(QByteArray(msgBytes, static_cast<quint32>(msgBytes.length() - sizeof(quint16))));
 #else
    const quint16 actualChecksum = qChecksum(msgBytes.constData(), static_cast<quint32>(msgBytes.length() - sizeof(quint16)));
 #endif
    bool isValid = readStream.status() == QDataStream::Ok &&
                   QLatin1String(latin1Name) == blockServerName &&
                   msgChecksum == actualChecksum;
    if( !isValid ){
        sock->close();
        return;
    }
    info.instanceId = instanceId;
    info.stage = StageConnected;
    if( connectionType == NewInstance ||
        ( connectionType == SecondaryInstance &&
          options & SingleApplication::Mode::SecondaryNotification ) )
    {
        Q_EMIT q->instanceStarted();
    }
    if (sock->bytesAvailable() > 0){
        Q_EMIT this->slotDataAvailable( sock, instanceId );
    }
 }
 void SingleApplicationPrivate::slotDataAvailable( QLocalSocket *dataSocket, quint32 instanceId )
 {
    Q_Q(SingleApplication);
    Q_EMIT q->receivedMessage( instanceId, dataSocket->readAll() );
 }
 void SingleApplicationPrivate::slotClientConnectionClosed( QLocalSocket *closedSocket, quint32 instanceId )
 {
    if( closedSocket->bytesAvailable() > 0 )
        Q_EMIT slotDataAvailable( closedSocket, instanceId  );
 }
 void SingleApplicationPrivate::randomSleep()
 {
 #if QT_VERSION >= QT_VERSION_CHECK( 5, 10, 0 )
    QThread::msleep( QRandomGenerator::global()->bounded( 8u, 18u ));
 #else
    qsrand( QDateTime::currentMSecsSinceEpoch() % std::numeric_limits<uint>::max() );
    QThread::msleep( 8 + static_cast <unsigned long>( static_cast <float>( qrand() ) / RAND_MAX * 10 ));
 #endif
 }
 void SingleApplicationPrivate::addAppData(const QString &data)
 {
    appDataList.push_back(data);
 }
 QStringList SingleApplicationPrivate::appData() const
 {
    return appDataList;
 }
--- a/client/3rd/SingleApplication/singleapplication_p.h
+++ b/client/3rd/SingleApplication/singleapplication_p.h
@ -1,104 +0,0 @@
 // The MIT License (MIT)
 //
 // Copyright (c) Itay Grudev 2015 - 2020
 //
 // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to deal
 // in the Software without restriction, including without limitation the rights
 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 // copies of the Software, and to permit persons to whom the Software is
 // furnished to do so, subject to the following conditions:
 //
 // The above copyright notice and this permission notice shall be included in
 // all copies or substantial portions of the Software.
 //
 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 // THE SOFTWARE.
 //
 //  W A R N I N G !!!
 //  -----------------
 //
 // This file is not part of the SingleApplication API. It is used purely as an
 // implementation detail. This header file may change from version to
 // version without notice, or may even be removed.
 //
 #ifndef SINGLEAPPLICATION_P_H
 #define SINGLEAPPLICATION_P_H
 #include <QtCore/QSharedMemory>
 #include <QtNetwork/QLocalServer>
 #include <QtNetwork/QLocalSocket>
 #include "singleapplication.h"
 struct InstancesInfo {
    bool primary;
    quint32 secondary;
    qint64 primaryPid;
    char primaryUser[128];
    quint16 checksum; // Must be the last field
 };
 struct ConnectionInfo {
    qint64 msgLen = 0;
    quint32 instanceId = 0;
    quint8 stage = 0;
 };
 class SingleApplicationPrivate : public QObject {
 Q_OBJECT
 public:
    enum ConnectionType : quint8 {
        InvalidConnection = 0,
        NewInstance = 1,
        SecondaryInstance = 2,
        Reconnect = 3
    };
    enum ConnectionStage : quint8 {
        StageHeader = 0,
        StageBody = 1,
        StageConnected = 2,
    };
    Q_DECLARE_PUBLIC(SingleApplication)
    SingleApplicationPrivate( SingleApplication *q_ptr );
    ~SingleApplicationPrivate() override;
    static QString getUsername();
    void genBlockServerName();
    void initializeMemoryBlock() const;
    void startPrimary();
    void startSecondary();
    bool connectToPrimary( int msecs, ConnectionType connectionType );
    quint16 blockChecksum() const;
    qint64 primaryPid() const;
    QString primaryUser() const;
    void readInitMessageHeader(QLocalSocket *socket);
    void readInitMessageBody(QLocalSocket *socket);
    static void randomSleep();
    void addAppData(const QString &data);
    QStringList appData() const;
    SingleApplication *q_ptr;
    QSharedMemory *memory;
    QLocalSocket *socket;
    QLocalServer *server;
    quint32 instanceNumber;
    QString blockServerName;
    SingleApplication::Options options;
    QMap<QLocalSocket*, ConnectionInfo> connectionMap;
    QStringList appDataList;
 public Q_SLOTS:
    void slotConnectionEstablished();
    void slotDataAvailable( QLocalSocket*, quint32 );
    void slotClientConnectionClosed( QLocalSocket*, quint32 );
 };
 #endif // SINGLEAPPLICATION_P_H
--- a/client/3rd/amneziawg-apple
+++ b/client/3rd/amneziawg-apple
@ -1 +1 @@
-Subproject commit 0829e99ea9f4508fd1d4742546b62145d17587bb
+Subproject commit 811af0a83b3faeade89a9093a588595666d32066
--- a/client/3rd/qtkeychain
+++ b/client/3rd/qtkeychain
@ -1 +1 @@
-Subproject commit 74776e2a3e2d98d19943e0968901c5b5e04cc1bd
+Subproject commit 7460df6a978669290de5b56c2d98b199b61c3f88
--- a/client/CMakeLists.txt
+++ b/client/CMakeLists.txt
@ -24,9 +24,15 @@ execute_process(
 add_definitions(-DGIT_COMMIT_HASH="${GIT_COMMIT_HASH}")
-if(IOS)
+add_definitions(-DPROD_AGW_PUBLIC_KEY="$ENV{PROD_AGW_PUBLIC_KEY}")
-    set(PACKAGES ${PACKAGES} Multimedia)
+add_definitions(-DPROD_S3_ENDPOINT="$ENV{PROD_S3_ENDPOINT}")
-endif()
+
 add_definitions(-DDEV_AGW_PUBLIC_KEY="$ENV{DEV_AGW_PUBLIC_KEY}")
 add_definitions(-DDEV_AGW_ENDPOINT="$ENV{DEV_AGW_ENDPOINT}")
 add_definitions(-DDEV_S3_ENDPOINT="$ENV{DEV_S3_ENDPOINT}")
 add_definitions(-DFREE_V2_ENDPOINT="$ENV{FREE_V2_ENDPOINT}")
 add_definitions(-DPREM_V1_ENDPOINT="$ENV{PREM_V1_ENDPOINT}")
 if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
    set(PACKAGES ${PACKAGES} Widgets)
@ -41,10 +47,6 @@ set(LIBS ${LIBS}
    Qt6::Core5Compat Qt6::Concurrent
 )
 if(IOS)
    set(LIBS ${LIBS} Qt6::Multimedia)
 endif()
 if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
    set(LIBS ${LIBS} Qt6::Widgets)
 endif()
@ -55,6 +57,7 @@ qt_add_executable(${PROJECT} MANUAL_FINALIZATION)
 if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
    qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_interface.rep)
    qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_interface.rep)
    qt_add_repc_replicas(${PROJECT} ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc_process_tun2socks.rep)
 endif()
 qt6_add_resources(QRC ${QRC} ${CMAKE_CURRENT_LIST_DIR}/resources.qrc)
@ -69,6 +72,8 @@ set(AMNEZIAVPN_TS_FILES
    ${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_ar_EG.ts
    ${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_my_MM.ts
    ${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_uk_UA.ts
    ${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_ur_PK.ts
    ${CMAKE_CURRENT_LIST_DIR}/translations/amneziavpn_hi_IN.ts
 )
 file(GLOB_RECURSE AMNEZIAVPN_TS_SOURCES *.qrc *.cpp *.h *.ui)
@ -86,11 +91,6 @@ configure_file(${CMAKE_CURRENT_LIST_DIR}/translations/translations.qrc.in ${CMAK
 qt6_add_resources(QRC ${I18NQRC} ${CMAKE_CURRENT_BINARY_DIR}/translations.qrc)
 # -- i18n end
 if(IOS)
    execute_process(COMMAND bash ${CMAKE_CURRENT_LIST_DIR}/ios/scripts/openvpn.sh args
        WORKING_DIRECTORY ${CMAKE_CURRENT_LIST_DIR})
 endif()
 set(IS_CI ${CI})
 if(IS_CI)
    message("Detected CI env")
@ -100,154 +100,32 @@ if(IS_CI)
    endif()
 endif()
 include(${CMAKE_CURRENT_LIST_DIR}/cmake/3rdparty.cmake)
 include(${CMAKE_CURRENT_LIST_DIR}/cmake/sources.cmake)
 include_directories(
    ${CMAKE_CURRENT_LIST_DIR}/../ipc
    ${CMAKE_CURRENT_LIST_DIR}/../common/logger
    ${CMAKE_CURRENT_LIST_DIR}
    ${CMAKE_CURRENT_BINARY_DIR}
 )
 configure_file(${CMAKE_CURRENT_LIST_DIR}/../version.h.in ${CMAKE_CURRENT_BINARY_DIR}/version.h)
 set(HEADERS ${HEADERS}
    ${CMAKE_CURRENT_LIST_DIR}/migrations.h
    ${CMAKE_CURRENT_LIST_DIR}/../ipc/ipc.h
    ${CMAKE_CURRENT_LIST_DIR}/amnezia_application.h
    ${CMAKE_CURRENT_LIST_DIR}/containers/containers_defs.h
    ${CMAKE_CURRENT_LIST_DIR}/core/defs.h
    ${CMAKE_CURRENT_LIST_DIR}/core/errorstrings.h
    ${CMAKE_CURRENT_LIST_DIR}/core/scripts_registry.h
    ${CMAKE_CURRENT_LIST_DIR}/core/server_defs.h
    ${CMAKE_CURRENT_LIST_DIR}/core/controllers/apiController.h
    ${CMAKE_CURRENT_LIST_DIR}/core/controllers/serverController.h
    ${CMAKE_CURRENT_LIST_DIR}/core/controllers/vpnConfigurationController.h
    ${CMAKE_CURRENT_LIST_DIR}/protocols/protocols_defs.h
    ${CMAKE_CURRENT_LIST_DIR}/protocols/qml_register_protocols.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/notificationhandler.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/pages.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/property_helper.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/qautostart.h
    ${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.h
    ${CMAKE_CURRENT_BINARY_DIR}/version.h
    ${CMAKE_CURRENT_LIST_DIR}/core/sshclient.h
    ${CMAKE_CURRENT_LIST_DIR}/core/networkUtilities.h
 )
 # Mozilla headres
 set(HEADERS ${HEADERS}
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/models/server.h
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/shared/ipaddress.h
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/shared/leakdetector.h
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/controllerimpl.h
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/localsocketcontroller.h
 )
 include_directories(mozilla)
 include_directories(mozilla/shared)
 include_directories(mozilla/models)
-if(NOT IOS)
+configure_file(${CMAKE_CURRENT_LIST_DIR}/../version.h.in ${CMAKE_CURRENT_BINARY_DIR}/version.h)
    set(HEADERS ${HEADERS}
        ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/MobileUtils.h
        ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.h
    )
 endif()
 set(SOURCES ${SOURCES}
    ${CMAKE_CURRENT_LIST_DIR}/migrations.cpp
    ${CMAKE_CURRENT_LIST_DIR}/amnezia_application.cpp
    ${CMAKE_CURRENT_LIST_DIR}/containers/containers_defs.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/errorstrings.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/scripts_registry.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/server_defs.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/controllers/apiController.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/controllers/serverController.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/controllers/vpnConfigurationController.cpp
    ${CMAKE_CURRENT_LIST_DIR}/protocols/protocols_defs.cpp
    ${CMAKE_CURRENT_LIST_DIR}/ui/notificationhandler.cpp
    ${CMAKE_CURRENT_LIST_DIR}/ui/qautostart.cpp
    ${CMAKE_CURRENT_LIST_DIR}/protocols/vpnprotocol.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/sshclient.cpp
    ${CMAKE_CURRENT_LIST_DIR}/core/networkUtilities.cpp
 )
 # Mozilla sources
 set(SOURCES ${SOURCES}
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/models/server.cpp
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/shared/ipaddress.cpp
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/shared/leakdetector.cpp
    ${CMAKE_CURRENT_LIST_DIR}/mozilla/localsocketcontroller.cpp
 )
 if(CMAKE_BUILD_TYPE STREQUAL "Debug")
    target_compile_definitions(${PROJECT} PRIVATE "MZ_DEBUG")
 endif()
 if(NOT IOS)
    set(SOURCES ${SOURCES}
        ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/MobileUtils.cpp
        ${CMAKE_CURRENT_LIST_DIR}/platforms/ios/QRCodeReaderBase.cpp
    )
 endif()
 file(GLOB COMMON_FILES_H CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/*.h)
 file(GLOB COMMON_FILES_CPP CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/*.cpp)
 file(GLOB_RECURSE PAGE_LOGIC_H CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/ui/pages_logic/*.h)
 file(GLOB_RECURSE PAGE_LOGIC_CPP CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/ui/pages_logic/*.cpp)
 file(GLOB CONFIGURATORS_H CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/configurators/*.h)
 file(GLOB CONFIGURATORS_CPP CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/configurators/*.cpp)
 file(GLOB UI_MODELS_H CONFIGURE_DEPENDS
    ${CMAKE_CURRENT_LIST_DIR}/ui/models/*.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/models/protocols/*.h
    ${CMAKE_CURRENT_LIST_DIR}/ui/models/services/*.h
 )
 file(GLOB UI_MODELS_CPP CONFIGURE_DEPENDS
    ${CMAKE_CURRENT_LIST_DIR}/ui/models/*.cpp
    ${CMAKE_CURRENT_LIST_DIR}/ui/models/protocols/*.cpp
    ${CMAKE_CURRENT_LIST_DIR}/ui/models/services/*.cpp
 )
 file(GLOB UI_CONTROLLERS_H CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/ui/controllers/*.h)
 file(GLOB UI_CONTROLLERS_CPP CONFIGURE_DEPENDS ${CMAKE_CURRENT_LIST_DIR}/ui/controllers/*.cpp)
 set(HEADERS ${HEADERS}
    ${COMMON_FILES_H}
    ${PAGE_LOGIC_H}
    ${CONFIGURATORS_H}
    ${UI_MODELS_H}
    ${UI_CONTROLLERS_H}
 )
 set(SOURCES ${SOURCES}
    ${COMMON_FILES_CPP}
    ${PAGE_LOGIC_CPP}
    ${CONFIGURATORS_CPP}
    ${UI_MODELS_CPP}
    ${UI_CONTROLLERS_CPP}
 )
 if(WIN32)
    configure_file(
        ${CMAKE_CURRENT_LIST_DIR}/platforms/windows/amneziavpn.rc.in
        ${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc
    )
    set(HEADERS ${HEADERS}
        ${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_windows.h
    )
    set(SOURCES ${SOURCES}
        ${CMAKE_CURRENT_LIST_DIR}/protocols/ikev2_vpn_protocol_windows.cpp
    )
    set(RESOURCES ${RESOURCES}
        ${CMAKE_CURRENT_BINARY_DIR}/amneziavpn.rc
    )
    set(LIBS ${LIBS}
        user32
        rasapi32
@ -291,30 +169,6 @@ endif()
 if(WIN32 OR (APPLE AND NOT IOS) OR (LINUX AND NOT ANDROID))
    message("Client desktop build")
    add_compile_definitions(AMNEZIA_DESKTOP)
    set(HEADERS ${HEADERS}
        ${CMAKE_CURRENT_LIST_DIR}/core/ipcclient.h
        ${CMAKE_CURRENT_LIST_DIR}/core/privileged_process.h
        ${CMAKE_CURRENT_LIST_DIR}/ui/systemtray_notificationhandler.h
        ${CMAKE_CURRENT_LIST_DIR}/protocols/openvpnprotocol.h
        ${CMAKE_CURRENT_LIST_DIR}/protocols/openvpnovercloakprotocol.h
        ${CMAKE_CURRENT_LIST_DIR}/protocols/shadowsocksvpnprotocol.h
        ${CMAKE_CURRENT_LIST_DIR}/protocols/wireguardprotocol.h
        ${CMAKE_CURRENT_LIST_DIR}/protocols/xrayprotocol.h
        ${CMAKE_CURRENT_LIST_DIR}/protocols/awgprotocol.h
    )
    set(SOURCES ${SOURCES}
        ${CMAKE_CURRENT_LIST_DIR}/core/ipcclient.cpp
        ${CMAKE_CURRENT_LIST_DIR}/core/privileged_process.cpp
        ${CMAKE_CURRENT_LIST_DIR}/ui/systemtray_notificationhandler.cpp
        ${CMAKE_CURRENT_LIST_DIR}/protocols/openvpnprotocol.cpp
        ${CMAKE_CURRENT_LIST_DIR}/protocols/openvpnovercloakprotocol.cpp
        ${CMAKE_CURRENT_LIST_DIR}/protocols/shadowsocksvpnprotocol.cpp
        ${CMAKE_CURRENT_LIST_DIR}/protocols/wireguardprotocol.cpp
        ${CMAKE_CURRENT_LIST_DIR}/protocols/xrayprotocol.cpp
        ${CMAKE_CURRENT_LIST_DIR}/protocols/awgprotocol.cpp
    )
 endif()
 if(ANDROID)
--- a/client/amnezia_application.cpp
+++ b/client/amnezia_application.cpp
@ -2,39 +2,27 @@
 #include <QClipboard>
 #include <QFontDatabase>
 #include <QLocalServer>
 #include <QLocalSocket>
 #include <QMimeData>
 #include <QQuickItem>
 #include <QQuickStyle>
 #include <QResource>
 #include <QStandardPaths>
 #include <QTextDocument>
 #include <QTimer>
 #include <QTranslator>
 #include <QQuickItem>
 #include "logger.h"
 #include "ui/controllers/pageController.h"
 #include "ui/models/installedAppsModel.h"
 #include "version.h"
 #include "platforms/ios/QRCodeReaderBase.h"
 #if defined(Q_OS_ANDROID)
    #include "core/installedAppsImageProvider.h"
    #include "platforms/android/android_controller.h"
 #endif
 #include "protocols/qml_register_protocols.h"
 #if defined(Q_OS_IOS)
    #include "platforms/ios/ios_controller.h"
    #include <AmneziaVPN-Swift.h>
 #endif
 #if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
 AmneziaApplication::AmneziaApplication(int &argc, char *argv[]) : AMNEZIA_BASE_CLASS(argc, argv)
 #else
 AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecondary, SingleApplication::Options options, int timeout,
                                       const QString &userData)
    : SingleApplication(argc, argv, allowSecondary, options, timeout, userData)
 #endif
 {
    setQuitOnLastWindowClosed(false);
@ -55,6 +43,7 @@ AmneziaApplication::AmneziaApplication(int &argc, char *argv[], bool allowSecond
 #endif
    m_settings = std::shared_ptr<Settings>(new Settings);
    m_nam = new QNetworkAccessManager(this);
 }
 AmneziaApplication::~AmneziaApplication()
@ -87,101 +76,30 @@ void AmneziaApplication::init()
    m_vpnConnection->moveToThread(&m_vpnConnectionThread);
    m_vpnConnectionThread.start();
-    initModels();
+    m_coreController.reset(new CoreController(m_vpnConnection, m_settings, m_engine));
    loadTranslator();
    initControllers();
 #ifdef Q_OS_ANDROID
    if (!AndroidController::initLogging()) {
        qFatal("Android logging initialization failed");
    }
    AndroidController::instance()->setSaveLogs(m_settings->isSaveLogs());
    connect(m_settings.get(), &Settings::saveLogsChanged, AndroidController::instance(), &AndroidController::setSaveLogs);
    AndroidController::instance()->setScreenshotsEnabled(m_settings->isScreenshotsEnabled());
    connect(m_settings.get(), &Settings::screenshotsEnabledChanged, AndroidController::instance(), &AndroidController::setScreenshotsEnabled);
    connect(m_settings.get(), &Settings::serverRemoved, AndroidController::instance(), &AndroidController::resetLastServer);
    connect(m_settings.get(), &Settings::settingsCleared, []() { AndroidController::instance()->resetLastServer(-1); });
    connect(AndroidController::instance(), &AndroidController::initConnectionState, this, [this](Vpn::ConnectionState state) {
        m_connectionController->onConnectionStateChanged(state);
        if (m_vpnConnection)
            m_vpnConnection->restoreConnection();
    });
    if (!AndroidController::instance()->initialize()) {
        qFatal("Android controller initialization failed");
    }
    connect(AndroidController::instance(), &AndroidController::importConfigFromOutside, [this](QString data) {
        m_pageController->replaceStartPage();
        m_importController->extractConfigFromData(data);
        m_pageController->goToPageViewConfig();
    });
    m_engine->addImageProvider(QLatin1String("installedAppImage"), new InstalledAppsImageProvider);
 #endif
 #ifdef Q_OS_IOS
    IosController::Instance()->initialize();
    connect(IosController::Instance(), &IosController::importConfigFromOutside, [this](QString data) {
        m_pageController->replaceStartPage();
        m_importController->extractConfigFromData(data);
        m_pageController->goToPageViewConfig();
    });
    connect(IosController::Instance(), &IosController::importBackupFromOutside, [this](QString filePath) {
        m_pageController->replaceStartPage();
        m_pageController->goToPageSettingsBackup();
        m_settingsController->importBackupFromOutside(filePath);
    });
    QTimer::singleShot(0, this, [this]() { AmneziaVPN::toggleScreenshots(m_settings->isScreenshotsEnabled()); });
    connect(m_settings.get(), &Settings::screenshotsEnabledChanged, [](bool enabled) { AmneziaVPN::toggleScreenshots(enabled); });
 #endif
    m_notificationHandler.reset(NotificationHandler::create(nullptr));
    connect(m_vpnConnection.get(), &VpnConnection::connectionStateChanged, m_notificationHandler.get(),
            &NotificationHandler::setConnectionState);
    connect(m_notificationHandler.get(), &NotificationHandler::raiseRequested, m_pageController.get(), &PageController::raiseMainWindow);
    connect(m_notificationHandler.get(), &NotificationHandler::connectRequested, m_connectionController.get(),
            &ConnectionController::openConnection);
    connect(m_notificationHandler.get(), &NotificationHandler::disconnectRequested, m_connectionController.get(),
            &ConnectionController::closeConnection);
    connect(this, &AmneziaApplication::translationsUpdated, m_notificationHandler.get(), &NotificationHandler::onTranslationsUpdated);
    m_engine->addImportPath("qrc:/ui/qml/Modules/");
    m_engine->load(url);
    m_systemController->setQmlRoot(m_engine->rootObjects().value(0));
    m_coreController->setQmlRoot();
    bool enabled = m_settings->isSaveLogs();
 #ifndef Q_OS_ANDROID
-    if (m_settings->isSaveLogs()) {
+    if (enabled) {
-        if (!Logger::init()) {
+        if (!Logger::init(false)) {
            qWarning() << "Initialization of debug subsystem failed";
        }
    }
 #endif
    Logger::setServiceLogsEnabled(enabled);
-#ifdef Q_OS_WIN
+#ifdef Q_OS_WIN //TODO
    if (m_parser.isSet("a"))
-        m_pageController->showOnStartup();
+        m_coreController->pageController()->showOnStartup();
    else
-        emit m_pageController->raiseMainWindow();
+        emit m_coreController->pageController()->raiseMainWindow();
 #else
-    m_pageController->showOnStartup();
+    m_coreController->pageController()->showOnStartup();
 #endif
        // TODO - fix
 #if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
    if (isPrimary()) {
        QObject::connect(this, &SingleApplication::instanceStarted, m_pageController.get(), [this]() {
            qDebug() << "Secondary instance started, showing this window instead";
            emit m_pageController->raiseMainWindow();
        });
    }
 #endif
 // Android TextArea clipboard workaround
@ -238,33 +156,6 @@ void AmneziaApplication::loadFonts()
    QFontDatabase::addApplicationFont(":/fonts/pt-root-ui_vf.ttf");
 }
 void AmneziaApplication::loadTranslator()
 {
    auto locale = m_settings->getAppLanguage();
    m_translator.reset(new QTranslator());
    updateTranslator(locale);
 }
 void AmneziaApplication::updateTranslator(const QLocale &locale)
 {
    if (!m_translator->isEmpty()) {
        QCoreApplication::removeTranslator(m_translator.get());
    }
    QString strFileName = QString(":/translations/amneziavpn") + QLatin1String("_") + locale.name() + ".qm";
    if (m_translator->load(strFileName)) {
        if (QCoreApplication::installTranslator(m_translator.get())) {
            m_settings->setAppLanguage(locale);
        }
    } else {
        m_settings->setAppLanguage(QLocale::English);
    }
    m_engine->retranslate();
    emit translationsUpdated();
 }
 bool AmneziaApplication::parseCommands()
 {
    m_parser.setApplicationDescription(APPLICATION_NAME);
@ -288,119 +179,36 @@ bool AmneziaApplication::parseCommands()
    return true;
 }
 #if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
 void AmneziaApplication::startLocalServer()
 {
    const QString serverName("AmneziaVPNInstance");
    QLocalServer::removeServer(serverName);
    QLocalServer *server = new QLocalServer(this);
    server->listen(serverName);
    QObject::connect(server, &QLocalServer::newConnection, this, [server, this]() {
        if (server) {
            QLocalSocket *clientConnection = server->nextPendingConnection();
            clientConnection->deleteLater();
        }
        emit m_coreController->pageController()->raiseMainWindow(); //TODO
    });
 }
 #endif
 QQmlApplicationEngine *AmneziaApplication::qmlEngine() const
 {
    return m_engine;
 }
-void AmneziaApplication::initModels()
+QNetworkAccessManager *AmneziaApplication::networkManager()
 {
-    m_containersModel.reset(new ContainersModel(this));
+    return m_nam;
    m_engine->rootContext()->setContextProperty("ContainersModel", m_containersModel.get());
    m_defaultServerContainersModel.reset(new ContainersModel(this));
    m_engine->rootContext()->setContextProperty("DefaultServerContainersModel", m_defaultServerContainersModel.get());
    m_serversModel.reset(new ServersModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("ServersModel", m_serversModel.get());
    connect(m_serversModel.get(), &ServersModel::containersUpdated, m_containersModel.get(), &ContainersModel::updateModel);
    connect(m_serversModel.get(), &ServersModel::defaultServerContainersUpdated, m_defaultServerContainersModel.get(),
            &ContainersModel::updateModel);
    m_serversModel->resetModel();
    m_languageModel.reset(new LanguageModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("LanguageModel", m_languageModel.get());
    connect(m_languageModel.get(), &LanguageModel::updateTranslations, this, &AmneziaApplication::updateTranslator);
    connect(this, &AmneziaApplication::translationsUpdated, m_languageModel.get(), &LanguageModel::translationsUpdated);
    m_sitesModel.reset(new SitesModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("SitesModel", m_sitesModel.get());
    m_appSplitTunnelingModel.reset(new AppSplitTunnelingModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("AppSplitTunnelingModel", m_appSplitTunnelingModel.get());
    m_protocolsModel.reset(new ProtocolsModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("ProtocolsModel", m_protocolsModel.get());
    m_openVpnConfigModel.reset(new OpenVpnConfigModel(this));
    m_engine->rootContext()->setContextProperty("OpenVpnConfigModel", m_openVpnConfigModel.get());
    m_shadowSocksConfigModel.reset(new ShadowSocksConfigModel(this));
    m_engine->rootContext()->setContextProperty("ShadowSocksConfigModel", m_shadowSocksConfigModel.get());
    m_cloakConfigModel.reset(new CloakConfigModel(this));
    m_engine->rootContext()->setContextProperty("CloakConfigModel", m_cloakConfigModel.get());
    m_wireGuardConfigModel.reset(new WireGuardConfigModel(this));
    m_engine->rootContext()->setContextProperty("WireGuardConfigModel", m_wireGuardConfigModel.get());
    m_awgConfigModel.reset(new AwgConfigModel(this));
    m_engine->rootContext()->setContextProperty("AwgConfigModel", m_awgConfigModel.get());
    m_xrayConfigModel.reset(new XrayConfigModel(this));
    m_engine->rootContext()->setContextProperty("XrayConfigModel", m_xrayConfigModel.get());
 #ifdef Q_OS_WINDOWS
    m_ikev2ConfigModel.reset(new Ikev2ConfigModel(this));
    m_engine->rootContext()->setContextProperty("Ikev2ConfigModel", m_ikev2ConfigModel.get());
 #endif
    m_sftpConfigModel.reset(new SftpConfigModel(this));
    m_engine->rootContext()->setContextProperty("SftpConfigModel", m_sftpConfigModel.get());
    m_clientManagementModel.reset(new ClientManagementModel(m_settings, this));
    m_engine->rootContext()->setContextProperty("ClientManagementModel", m_clientManagementModel.get());
    connect(m_clientManagementModel.get(), &ClientManagementModel::adminConfigRevoked, m_serversModel.get(),
            &ServersModel::clearCachedProfile);
 }
-void AmneziaApplication::initControllers()
+QClipboard *AmneziaApplication::getClipboard()
 {
-    m_connectionController.reset(
+    return this->clipboard();
            new ConnectionController(m_serversModel, m_containersModel, m_clientManagementModel, m_vpnConnection, m_settings));
    m_engine->rootContext()->setContextProperty("ConnectionController", m_connectionController.get());
    connect(m_connectionController.get(), &ConnectionController::connectionErrorOccurred, this, [this](const QString &errorMessage) {
        emit m_pageController->showErrorMessage(errorMessage);
        emit m_vpnConnection->connectionStateChanged(Vpn::ConnectionState::Disconnected);
    });
    connect(m_connectionController.get(), &ConnectionController::connectButtonClicked, m_connectionController.get(),
            &ConnectionController::toggleConnection, Qt::QueuedConnection);
    connect(this, &AmneziaApplication::translationsUpdated, m_connectionController.get(), &ConnectionController::onTranslationsUpdated);
    m_pageController.reset(new PageController(m_serversModel, m_settings));
    m_engine->rootContext()->setContextProperty("PageController", m_pageController.get());
    m_installController.reset(new InstallController(m_serversModel, m_containersModel, m_protocolsModel, m_clientManagementModel, m_settings));
    m_engine->rootContext()->setContextProperty("InstallController", m_installController.get());
    connect(m_installController.get(), &InstallController::passphraseRequestStarted, m_pageController.get(),
            &PageController::showPassphraseRequestDrawer);
    connect(m_pageController.get(), &PageController::passphraseRequestDrawerClosed, m_installController.get(),
            &InstallController::setEncryptedPassphrase);
    connect(m_installController.get(), &InstallController::currentContainerUpdated, m_connectionController.get(),
            &ConnectionController::onCurrentContainerUpdated);
    m_importController.reset(new ImportController(m_serversModel, m_containersModel, m_settings));
    m_engine->rootContext()->setContextProperty("ImportController", m_importController.get());
    m_exportController.reset(new ExportController(m_serversModel, m_containersModel, m_clientManagementModel, m_settings));
    m_engine->rootContext()->setContextProperty("ExportController", m_exportController.get());
    m_settingsController.reset(
            new SettingsController(m_serversModel, m_containersModel, m_languageModel, m_sitesModel, m_appSplitTunnelingModel, m_settings));
    m_engine->rootContext()->setContextProperty("SettingsController", m_settingsController.get());
    if (m_settingsController->isAutoConnectEnabled() && m_serversModel->getDefaultServerIndex() >= 0) {
        QTimer::singleShot(1000, this, [this]() { m_connectionController->openConnection(); });
    }
    connect(m_settingsController.get(), &SettingsController::amneziaDnsToggled, m_serversModel.get(), &ServersModel::toggleAmneziaDns);
    m_sitesController.reset(new SitesController(m_settings, m_vpnConnection, m_sitesModel));
    m_engine->rootContext()->setContextProperty("SitesController", m_sitesController.get());
    m_appSplitTunnelingController.reset(new AppSplitTunnelingController(m_settings, m_appSplitTunnelingModel));
    m_engine->rootContext()->setContextProperty("AppSplitTunnelingController", m_appSplitTunnelingController.get());
    m_systemController.reset(new SystemController(m_settings));
    m_engine->rootContext()->setContextProperty("SystemController", m_systemController.get());
 }
--- a/client/amnezia_application.h
+++ b/client/amnezia_application.h
@ -2,6 +2,7 @@
 #define AMNEZIA_APPLICATION_H
 #include <QCommandLineParser>
 #include <QNetworkAccessManager>
 #include <QQmlApplicationEngine>
 #include <QQmlContext>
 #include <QThread>
@ -10,120 +11,55 @@
 #else
    #include <QApplication>
 #endif
 #include <QClipboard>
 #include "core/controllers/coreController.h"
 #include "settings.h"
 #include "vpnconnection.h"
 #include "ui/controllers/connectionController.h"
 #include "ui/controllers/exportController.h"
 #include "ui/controllers/importController.h"
 #include "ui/controllers/installController.h"
 #include "ui/controllers/pageController.h"
 #include "ui/controllers/settingsController.h"
 #include "ui/controllers/sitesController.h"
 #include "ui/controllers/systemController.h"
 #include "ui/controllers/appSplitTunnelingController.h"
 #include "ui/models/containers_model.h"
 #include "ui/models/languageModel.h"
 #include "ui/models/protocols/cloakConfigModel.h"
 #include "ui/notificationhandler.h"
 #ifdef Q_OS_WINDOWS
    #include "ui/models/protocols/ikev2ConfigModel.h"
 #endif
 #include "ui/models/protocols/awgConfigModel.h"
 #include "ui/models/protocols/openvpnConfigModel.h"
 #include "ui/models/protocols/shadowsocksConfigModel.h"
 #include "ui/models/protocols/wireguardConfigModel.h"
 #include "ui/models/protocols/xrayConfigModel.h"
 #include "ui/models/protocols_model.h"
 #include "ui/models/servers_model.h"
 #include "ui/models/services/sftpConfigModel.h"
 #include "ui/models/sites_model.h"
 #include "ui/models/clientManagementModel.h"
 #include "ui/models/appSplitTunnelingModel.h"
 #define amnApp (static_cast<AmneziaApplication *>(QCoreApplication::instance()))
 #if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
    #define AMNEZIA_BASE_CLASS QGuiApplication
 #else
-    #define AMNEZIA_BASE_CLASS SingleApplication
+    #define AMNEZIA_BASE_CLASS QApplication
    #define QAPPLICATION_CLASS QApplication
    #include "singleapplication.h"
 #endif
 class AmneziaApplication : public AMNEZIA_BASE_CLASS
 {
    Q_OBJECT
 public:
 #if defined(Q_OS_ANDROID) || defined(Q_OS_IOS)
    AmneziaApplication(int &argc, char *argv[]);
 #else
    AmneziaApplication(int &argc, char *argv[], bool allowSecondary = false,
                       SingleApplication::Options options = SingleApplication::User, int timeout = 1000,
                       const QString &userData = {});
 #endif
    virtual ~AmneziaApplication();
    void init();
    void registerTypes();
    void loadFonts();
    void loadTranslator();
    void updateTranslator(const QLocale &locale);
    bool parseCommands();
-    QQmlApplicationEngine *qmlEngine() const;
+#if !defined(Q_OS_ANDROID) && !defined(Q_OS_IOS)
    void startLocalServer();
 #endif
-signals:
+    QQmlApplicationEngine *qmlEngine() const;
-    void translationsUpdated();
+    QNetworkAccessManager *networkManager();
    QClipboard *getClipboard();
 private:
    void initModels();
    void initControllers();
    QQmlApplicationEngine *m_engine {};
    std::shared_ptr<Settings> m_settings;
    QScopedPointer<CoreController> m_coreController;
    QSharedPointer<ContainerProps> m_containerProps;
    QSharedPointer<ProtocolProps> m_protocolProps;
    QSharedPointer<QTranslator> m_translator;
    QCommandLineParser m_parser;
    QSharedPointer<ContainersModel> m_containersModel;
    QSharedPointer<ContainersModel> m_defaultServerContainersModel;
    QSharedPointer<ServersModel> m_serversModel;
    QSharedPointer<LanguageModel> m_languageModel;
    QSharedPointer<ProtocolsModel> m_protocolsModel;
    QSharedPointer<SitesModel> m_sitesModel;
    QSharedPointer<AppSplitTunnelingModel> m_appSplitTunnelingModel;
    QSharedPointer<ClientManagementModel> m_clientManagementModel;
    QScopedPointer<OpenVpnConfigModel> m_openVpnConfigModel;
    QScopedPointer<ShadowSocksConfigModel> m_shadowSocksConfigModel;
    QScopedPointer<CloakConfigModel> m_cloakConfigModel;
    QScopedPointer<XrayConfigModel> m_xrayConfigModel;    
    QScopedPointer<WireGuardConfigModel> m_wireGuardConfigModel;
    QScopedPointer<AwgConfigModel> m_awgConfigModel;
 #ifdef Q_OS_WINDOWS
    QScopedPointer<Ikev2ConfigModel> m_ikev2ConfigModel;
 #endif
    QScopedPointer<SftpConfigModel> m_sftpConfigModel;
    QSharedPointer<VpnConnection> m_vpnConnection;
    QThread m_vpnConnectionThread;
    QScopedPointer<NotificationHandler> m_notificationHandler;
-    QScopedPointer<ConnectionController> m_connectionController;
+    QNetworkAccessManager *m_nam;
    QScopedPointer<PageController> m_pageController;
    QScopedPointer<InstallController> m_installController;
    QScopedPointer<ImportController> m_importController;
    QScopedPointer<ExportController> m_exportController;
    QScopedPointer<SettingsController> m_settingsController;
    QScopedPointer<SitesController> m_sitesController;
    QScopedPointer<SystemController> m_systemController;
    QScopedPointer<AppSplitTunnelingController> m_appSplitTunnelingController;
 };
 #endif // AMNEZIA_APPLICATION_H
--- a/client/android/AndroidManifest.xml
+++ b/client/android/AndroidManifest.xml
@ -3,7 +3,6 @@
 <manifest
    xmlns:android="http://schemas.android.com/apk/res/android"
    xmlns:tools="http://schemas.android.com/tools"
    package="org.amnezia.vpn"
    android:versionName="-- %%INSERT_VERSION_NAME%% --"
    android:versionCode="-- %%INSERT_VERSION_CODE%% --"
    android:installLocation="auto">
@ -11,6 +10,9 @@
    <uses-feature android:name="android.hardware.camera" android:required="false" />
    <uses-feature android:name="android.hardware.camera.any" android:required="false" />
    <uses-feature android:name="android.hardware.camera.autofocus" android:required="false" />
    <!-- for TV -->
    <uses-feature android:name="android.software.leanback" android:required="false" />
    <uses-feature android:name="android.hardware.touchscreen" android:required="false" />
    <!-- The following comment will be replaced upon deployment with default features based on the dependencies
    of the application. Remove the comment if you do not require these default features. -->
@ -18,7 +20,7 @@
    <uses-permission android:name="android.permission.INTERNET" />
    <!-- To request network state -->
-    <uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" android:maxSdkVersion="30" />
+    <uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
    <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" android:maxSdkVersion="28" />
    <uses-permission android:name="android.permission.CAMERA" />
    <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
@ -31,9 +33,11 @@
        android:label="-- %%INSERT_APP_NAME%% --"
        android:icon="@mipmap/icon"
        android:roundIcon="@mipmap/icon_round"
        android:banner="@mipmap/ic_banner"
        android:theme="@style/NoActionBar"
        android:fullBackupContent="@xml/backup_content"
        android:dataExtractionRules="@xml/data_extraction_rules"
        android:hasFragileUserData="false"
        tools:targetApi="s">
        <activity
@ -41,12 +45,13 @@
            android:configChanges="uiMode|screenSize|smallestScreenSize|screenLayout|orientation|density
                |fontScale|layoutDirection|locale|keyboard|keyboardHidden|navigation|mcc|mnc"
            android:launchMode="singleInstance"
-            android:windowSoftInputMode="adjustResize"
+            android:windowSoftInputMode="stateUnchanged|adjustResize"
            android:exported="true">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />
                <category android:name="android.intent.category.LAUNCHER" />
                <category android:name="android.intent.category.LEANBACK_LAUNCHER" />
            </intent-filter>
            <intent-filter>
@ -62,9 +67,6 @@
                android:name="android.app.lib_name"
                android:value="-- %%INSERT_APP_LIB_NAME%% --" />
            <meta-data
                android:name="android.app.extract_android_style"
                android:value="minimal" />
        </activity>
        <activity
@ -82,6 +84,20 @@
            android:exported="false"
            android:theme="@style/Translucent" />
        <activity android:name=".AuthActivity"
            android:excludeFromRecents="true"
            android:launchMode="singleTask"
            android:taskAffinity=""
            android:exported="false"
            android:theme="@style/Translucent" />
        <activity android:name=".TvFilePicker"
            android:excludeFromRecents="true"
            android:launchMode="singleTask"
            android:taskAffinity=""
            android:exported="false"
            android:theme="@style/Translucent" />
        <activity
            android:name=".ImportConfigActivity"
            android:excludeFromRecents="true"
@ -136,8 +152,34 @@
        </activity>
        <service
-            android:name=".AmneziaVpnService"
+            android:name=".AwgService"
-            android:process=":amneziaVpnService"
+            android:process=":amneziaAwgService"
            android:permission="android.permission.BIND_VPN_SERVICE"
            android:foregroundServiceType="systemExempted"
            android:exported="false"
            tools:ignore="ForegroundServicePermission">
            <intent-filter>
                <action android:name="android.net.VpnService" />
            </intent-filter>
        </service>
        <service
            android:name=".OpenVpnService"
            android:process=":amneziaOpenVpnService"
            android:permission="android.permission.BIND_VPN_SERVICE"
            android:foregroundServiceType="systemExempted"
            android:exported="false"
            tools:ignore="ForegroundServicePermission">
            <intent-filter>
                <action android:name="android.net.VpnService" />
            </intent-filter>
        </service>
        <service
            android:name=".XrayService"
            android:process=":amneziaXrayService"
            android:permission="android.permission.BIND_VPN_SERVICE"
            android:foregroundServiceType="systemExempted"
            android:exported="false"
--- a/client/android/awg/src/main/kotlin/Awg.kt
+++ b/client/android/awg/src/main/kotlin/Awg.kt
@ -1,81 +1,21 @@
 package org.amnezia.vpn.protocol.awg
 import org.amnezia.vpn.protocol.wireguard.Wireguard
 import org.amnezia.vpn.protocol.wireguard.WireguardConfig
 import org.json.JSONObject
 /**
 *    Config example:
 *    {
 *        "protocol": "awg",
 *        "description": "Server 1",
 *        "dns1": "1.1.1.1",
 *        "dns2": "1.0.0.1",
 *        "hostName": "100.100.100.0",
 *        "splitTunnelSites": [
 *        ],
 *        "splitTunnelType": 0,
 *        "awg_config_data": {
 *            "H1": "969537490",
 *            "H2": "481688153",
 *            "H3": "2049399200",
 *            "H4": "52029755",
 *            "Jc": "3",
 *            "Jmax": "1000",
 *            "Jmin": "50",
 *            "S1": "49",
 *            "S2": "60",
 *            "client_ip": "10.8.1.1",
 *            "hostName": "100.100.100.0",
 *            "port": 12345,
 *            "client_pub_key": "clientPublicKeyBase64",
 *            "client_priv_key": "privateKeyBase64",
 *            "psk_key": "presharedKeyBase64",
 *            "server_pub_key": "publicKeyBase64",
 *            "config": "[Interface]
 *                       Address = 10.8.1.1/32
 *                       DNS = 1.1.1.1, 1.0.0.1
 *                       PrivateKey = privateKeyBase64
 *                       Jc = 3
 *                       Jmin = 50
 *                       Jmax = 1000
 *                       S1 = 49
 *                       S2 = 60
 *                       H1 = 969537490
 *                       H2 = 481688153
 *                       H3 = 2049399200
 *                       H4 = 52029755
 *
 *                       [Peer]
 *                       PublicKey = publicKeyBase64
 *                       PresharedKey = presharedKeyBase64
 *                       AllowedIPs = 0.0.0.0/0, ::/0
 *                       Endpoint = 100.100.100.0:12345
 *                       PersistentKeepalive = 25
 *                       "
 *        }
 *    }
 */
 class Awg : Wireguard() {
    override val ifName: String = "awg0"
-    override fun parseConfig(config: JSONObject): AwgConfig {
+    override fun parseConfig(config: JSONObject): WireguardConfig {
-        val configDataJson = config.getJSONObject("awg_config_data")
+        val configData = config.getJSONObject("awg_config_data")
-        val configData = parseConfigData(configDataJson.getString("config"))
+        return WireguardConfig.build {
-        return AwgConfig.build {
+            setUseProtocolExtension(true)
-            configWireguard(configData, configDataJson)
+            configExtensionParameters(configData)
            configWireguard(config, configData)
            configSplitTunneling(config)
            configAppSplitTunneling(config)
            configData["Jc"]?.let { setJc(it.toInt()) }
            configData["Jmin"]?.let { setJmin(it.toInt()) }
            configData["Jmax"]?.let { setJmax(it.toInt()) }
            configData["S1"]?.let { setS1(it.toInt()) }
            configData["S2"]?.let { setS2(it.toInt()) }
            configData["H1"]?.let { setH1(it.toLong()) }
            configData["H2"]?.let { setH2(it.toLong()) }
            configData["H3"]?.let { setH3(it.toLong()) }
            configData["H4"]?.let { setH4(it.toLong()) }
        }
    }
 }
--- a/client/android/awg/src/main/kotlin/AwgConfig.kt
+++ b/client/android/awg/src/main/kotlin/AwgConfig.kt
@ -1,108 +0,0 @@
 package org.amnezia.vpn.protocol.awg
 import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.wireguard.WireguardConfig
 class AwgConfig private constructor(
    wireguardConfigBuilder: WireguardConfig.Builder,
    val jc: Int,
    val jmin: Int,
    val jmax: Int,
    val s1: Int,
    val s2: Int,
    val h1: Long,
    val h2: Long,
    val h3: Long,
    val h4: Long
 ) : WireguardConfig(wireguardConfigBuilder) {
    private constructor(builder: Builder) : this(
        builder,
        builder.jc,
        builder.jmin,
        builder.jmax,
        builder.s1,
        builder.s2,
        builder.h1,
        builder.h2,
        builder.h3,
        builder.h4
    )
    override fun appendDeviceLine(sb: StringBuilder) = with(sb) {
        super.appendDeviceLine(this)
        appendLine("jc=$jc")
        appendLine("jmin=$jmin")
        appendLine("jmax=$jmax")
        appendLine("s1=$s1")
        appendLine("s2=$s2")
        appendLine("h1=$h1")
        appendLine("h2=$h2")
        appendLine("h3=$h3")
        appendLine("h4=$h4")
    }
    class Builder : WireguardConfig.Builder() {
        private var _jc: Int? = null
        internal var jc: Int
            get() = _jc ?: throw BadConfigException("AWG: parameter jc is undefined")
            private set(value) { _jc = value }
        private var _jmin: Int? = null
        internal var jmin: Int
            get() = _jmin ?: throw BadConfigException("AWG: parameter jmin is undefined")
            private set(value) { _jmin = value }
        private var _jmax: Int? = null
        internal var jmax: Int
            get() = _jmax ?: throw BadConfigException("AWG: parameter jmax is undefined")
            private set(value) { _jmax = value }
        private var _s1: Int? = null
        internal var s1: Int
            get() = _s1 ?: throw BadConfigException("AWG: parameter s1 is undefined")
            private set(value) { _s1 = value }
        private var _s2: Int? = null
        internal var s2: Int
            get() = _s2 ?: throw BadConfigException("AWG: parameter s2 is undefined")
            private set(value) { _s2 = value }
        private var _h1: Long? = null
        internal var h1: Long
            get() = _h1 ?: throw BadConfigException("AWG: parameter h1 is undefined")
            private set(value) { _h1 = value }
        private var _h2: Long? = null
        internal var h2: Long
            get() = _h2 ?: throw BadConfigException("AWG: parameter h2 is undefined")
            private set(value) { _h2 = value }
        private var _h3: Long? = null
        internal var h3: Long
            get() = _h3 ?: throw BadConfigException("AWG: parameter h3 is undefined")
            private set(value) { _h3 = value }
        private var _h4: Long? = null
        internal var h4: Long
            get() = _h4 ?: throw BadConfigException("AWG: parameter h4 is undefined")
            private set(value) { _h4 = value }
        fun setJc(jc: Int) = apply { this.jc = jc }
        fun setJmin(jmin: Int) = apply { this.jmin = jmin }
        fun setJmax(jmax: Int) = apply { this.jmax = jmax }
        fun setS1(s1: Int) = apply { this.s1 = s1 }
        fun setS2(s2: Int) = apply { this.s2 = s2 }
        fun setH1(h1: Long) = apply { this.h1 = h1 }
        fun setH2(h2: Long) = apply { this.h2 = h2 }
        fun setH3(h3: Long) = apply { this.h3 = h3 }
        fun setH4(h4: Long) = apply { this.h4 = h4 }
        override fun build(): AwgConfig = configBuild().run { AwgConfig(this@Builder) }
    }
    companion object {
        inline fun build(block: Builder.() -> Unit): AwgConfig = Builder().apply(block).build()
    }
 }
--- a/client/android/build.gradle
+++ b/client/android/build.gradle
@ -3,3 +3,6 @@
 // android.bundle.enableUncompressedNativeLibs is deprecated
 // disable adding gradle property android.bundle.enableUncompressedNativeLibs by androiddeployqt
 useLegacyPackaging
 // package name for androiddeployqt
 namespace = "org.amnezia.vpn"
--- a/client/android/build.gradle.kts
+++ b/client/android/build.gradle.kts
@ -3,6 +3,7 @@ import com.android.build.gradle.internal.api.BaseVariantOutputImpl
 plugins {
    alias(libs.plugins.android.application)
    alias(libs.plugins.kotlin.android)
    alias(libs.plugins.kotlin.serialization)
    id("property-delegate")
 }
@ -68,6 +69,12 @@ android {
            }
            signingConfig = signingConfigs["release"]
        }
        create("fdroid") {
            initWith(getByName("release"))
            signingConfig = null
            matchingFallbacks += "release"
        }
    }
    splits {
@ -98,7 +105,6 @@ android {
 }
 dependencies {
    implementation(fileTree(mapOf("dir" to "libs", "include" to listOf("*.jar", "*.aar"))))
    implementation(project(":qt"))
    implementation(project(":utils"))
    implementation(project(":protocolApi"))
@ -106,10 +112,14 @@ dependencies {
    implementation(project(":awg"))
    implementation(project(":openvpn"))
    implementation(project(":cloak"))
    implementation(project(":xray"))
    implementation(libs.androidx.core)
    implementation(libs.androidx.activity)
    implementation(libs.androidx.fragment)
    implementation(libs.kotlinx.coroutines)
    implementation(libs.kotlinx.serialization.protobuf)
    implementation(libs.bundles.androidx.camera)
    implementation(libs.google.mlkit)
    implementation(libs.androidx.datastore)
    implementation(libs.androidx.biometric)
 }
--- a/client/android/cloak/src/main/kotlin/Cloak.kt
+++ b/client/android/cloak/src/main/kotlin/Cloak.kt
@ -3,43 +3,16 @@ package org.amnezia.vpn.protocol.cloak
 import android.util.Base64
 import net.openvpn.ovpn3.ClientAPI_Config
 import org.amnezia.vpn.protocol.openvpn.OpenVpn
-import org.amnezia.vpn.protocol.openvpn.OpenVpnConfig
+import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.net.InetNetwork
 import org.amnezia.vpn.util.net.parseInetAddress
 import org.json.JSONObject
 /**
 *    Config Example:
 *    {
 *     "protocol": "cloak",
 *     "description": "Server 1",
 *     "dns1": "1.1.1.1",
 *     "dns2": "1.0.0.1",
 *     "hostName": "100.100.100.0",
 *     "splitTunnelSites": [
 *     ],
 *     "splitTunnelType": 0,
 *     "openvpn_config_data": {
 *           "config": "openVpnConfig"
 *     }
 *     "cloak_config_data": {
 *          "BrowserSig": "chrome",
 *          "EncryptionMethod": "aes-gcm",
 *          "NumConn": 1,
 *          "ProxyMethod": "openvpn",
 *          "PublicKey": "PublicKey=",
 *          "RemoteHost": "100.100.100.0",
 *          "RemotePort": "443",
 *          "ServerName": "servername",
 *          "StreamTimeout": 300,
 *          "Transport": "direct",
 *          "UID": "UID="
 *     }
 * }
 */
 class Cloak : OpenVpn() {
    override fun internalInit() {
        super.internalInit()
        if (!isInitialized) loadSharedLibrary(context, "ck-ovpn-plugin")
    }
    override fun parseConfig(config: JSONObject): ClientAPI_Config {
        val openVpnConfig = ClientAPI_Config()
@ -54,13 +27,6 @@ class Cloak : OpenVpn() {
        return openVpnConfig
    }
    override fun configPluggableTransport(configBuilder: OpenVpnConfig.Builder, config: JSONObject) {
        // exclude remote server ip from vpn routes
        val remoteServer = config.getString("hostName")
        val remoteServerAddress = InetNetwork(parseInetAddress(remoteServer))
        configBuilder.excludeRoute(remoteServerAddress)
    }
    private fun checkCloakJson(cloakConfigJson: JSONObject): JSONObject {
        cloakConfigJson.put("NumConn", 1)
        cloakConfigJson.put("ProxyMethod", "openvpn")
--- a/client/android/gradle.properties
+++ b/client/android/gradle.properties
@ -33,7 +33,7 @@ android.library.defaults.buildfeatures.androidresources=false
 # For development copy and set local values for these parameters in local.properties
 #androidCompileSdkVersion=android-34
 #androidBuildToolsVersion=34.0.0
-#qtMinSdkVersion=24
+#qtMinSdkVersion=26
 #qtTargetSdkVersion=34
 #androidNdkVersion=26.1.10909125
 #qtTargetAbiList=x86_64
--- a/client/android/gradle/libs.versions.toml
+++ b/client/android/gradle/libs.versions.toml
@ -1,26 +1,32 @@
 [versions]
-agp = "8.2.0"
+agp = "8.5.2"
-kotlin = "1.9.20"
+kotlin = "1.9.24"
-androidx-core = "1.12.0"
+androidx-core = "1.13.1"
-androidx-activity = "1.8.1"
+androidx-activity = "1.9.1"
-androidx-annotation = "1.7.0"
+androidx-annotation = "1.8.2"
-androidx-camera = "1.3.0"
+androidx-biometric = "1.2.0-alpha05"
 androidx-camera = "1.3.4"
 androidx-fragment = "1.8.2"
 androidx-security-crypto = "1.1.0-alpha06"
-androidx-datastore = "1.1.0-beta01"
+androidx-datastore = "1.1.1"
-kotlinx-coroutines = "1.7.3"
+kotlinx-coroutines = "1.8.1"
-google-mlkit = "17.2.0"
+kotlinx-serialization = "1.6.3"
 google-mlkit = "17.3.0"
 [libraries]
 androidx-core = { module = "androidx.core:core-ktx", version.ref = "androidx-core" }
 androidx-activity = { module = "androidx.activity:activity-ktx", version.ref = "androidx-activity" }
 androidx-annotation = { module = "androidx.annotation:annotation", version.ref = "androidx-annotation" }
 androidx-biometric = { module = "androidx.biometric:biometric-ktx", version.ref = "androidx-biometric" }
 androidx-camera-core = { module = "androidx.camera:camera-core", version.ref = "androidx-camera" }
 androidx-camera-camera2 = { module = "androidx.camera:camera-camera2", version.ref = "androidx-camera" }
 androidx-camera-lifecycle = { module = "androidx.camera:camera-lifecycle", version.ref = "androidx-camera" }
 androidx-camera-view = { module = "androidx.camera:camera-view", version.ref = "androidx-camera" }
 androidx-fragment = { module = "androidx.fragment:fragment-ktx", version.ref = "androidx-fragment" }
 androidx-security-crypto = { module = "androidx.security:security-crypto-ktx", version.ref = "androidx-security-crypto" }
 androidx-datastore = { module = "androidx.datastore:datastore-preferences", version.ref = "androidx-datastore" }
 kotlinx-coroutines = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-android", version.ref = "kotlinx-coroutines" }
 kotlinx-serialization-protobuf = { module = "org.jetbrains.kotlinx:kotlinx-serialization-protobuf", version.ref = "kotlinx-serialization" }
 google-mlkit = { module = "com.google.mlkit:barcode-scanning", version.ref = "google-mlkit" }
 [bundles]
@ -35,3 +41,4 @@ androidx-camera = [
 android-application = { id = "com.android.application", version.ref = "agp" }
 android-library = { id = "com.android.library", version.ref = "agp" }
 kotlin-android = { id = "org.jetbrains.kotlin.android", version.ref = "kotlin" }
 kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin"}
--- a/client/android/gradle/wrapper/gradle-wrapper.jar
+++ b/client/android/gradle/wrapper/gradle-wrapper.jar
--- a/client/android/gradle/wrapper/gradle-wrapper.properties
+++ b/client/android/gradle/wrapper/gradle-wrapper.properties
@ -1,7 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
--- a/client/android/gradlew
+++ b/client/android/gradlew
@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
 ##############################################################################
 #
@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@ -84,7 +86,8 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
 ' "$PWD" ) || exit
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
--- a/client/android/gradlew.bat
+++ b/client/android/gradlew.bat
@ -13,6 +13,8 @@
@rem See the License for the specific language governing permissions and
@rem limitations under the License.
@rem
@rem SPDX-License-Identifier: Apache-2.0
@rem
@if "%DEBUG%"=="" @echo off
@rem ##########################################################################
@ -43,11 +45,11 @@ set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
 if %ERRORLEVEL% equ 0 goto execute
-echo.
+echo. 1>&2
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2
-echo.
+echo. 1>&2
-echo Please set the JAVA_HOME variable in your environment to match the
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
-echo location of your Java installation.
+echo location of your Java installation. 1>&2
 goto fail
@ -57,11 +59,11 @@ set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 if exist "%JAVA_EXE%" goto execute
-echo.
+echo. 1>&2
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2
-echo.
+echo. 1>&2
-echo Please set the JAVA_HOME variable in your environment to match the
+echo Please set the JAVA_HOME variable in your environment to match the 1>&2
-echo location of your Java installation.
+echo location of your Java installation. 1>&2
 goto fail
--- a/client/android/openvpn/src/main/kotlin/org/amnezia/vpn/protocol/openvpn/OpenVpn.kt
+++ b/client/android/openvpn/src/main/kotlin/org/amnezia/vpn/protocol/openvpn/OpenVpn.kt
@ -1,41 +1,24 @@
 package org.amnezia.vpn.protocol.openvpn
 import android.content.Context
 import android.net.VpnService.Builder
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
-import kotlinx.coroutines.flow.MutableStateFlow
+import kotlinx.coroutines.cancel
 import kotlinx.coroutines.launch
 import net.openvpn.ovpn3.ClientAPI_Config
 import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.Statistics
 import org.amnezia.vpn.protocol.VpnStartException
 import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.net.InetNetwork
 import org.amnezia.vpn.util.net.getLocalNetworks
 import org.amnezia.vpn.util.net.parseInetAddress
 import org.json.JSONObject
 /**
 *    Config Example:
 *    {
 *     "protocol": "openvpn",
 *     "description": "Server 1",
 *     "dns1": "1.1.1.1",
 *     "dns2": "1.0.0.1",
 *     "hostName": "100.100.100.0",
 *     "splitTunnelSites": [
 *     ],
 *     "splitTunnelType": 0,
 *     "openvpn_config_data": {
 *           "config": "openVpnConfig"
 *     }
 * }
 */
 open class OpenVpn : Protocol() {
    private lateinit var context: Context
    private var openVpnClient: OpenVpnClient? = null
    private lateinit var scope: CoroutineScope
@ -51,14 +34,18 @@ open class OpenVpn : Protocol() {
            return Statistics.EMPTY_STATISTICS
        }
-    override fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
+    override fun internalInit() {
-        super.initialize(context, state, onError)
+        if (!isInitialized) {
            loadSharedLibrary(context, "ovpn3")
-        this.context = context
+            loadSharedLibrary(context, "ovpnutil")
        }
        if (this::scope.isInitialized) {
            scope.cancel()
        }
        scope = CoroutineScope(Dispatchers.IO)
    }
-    override fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
+    override suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean) {
        val configBuilder = OpenVpnConfig.Builder()
        openVpnClient = OpenVpnClient(
@ -77,6 +64,12 @@ open class OpenVpn : Protocol() {
                if (evalConfig.error) {
                    throw BadConfigException("OpenVPN config parse error: ${evalConfig.message}")
                }
                // exclude remote server ip from vpn routes
                val remoteServer = config.getString("hostName")
                val remoteServerAddress = InetNetwork(parseInetAddress(remoteServer))
                configBuilder.excludeRoute(remoteServerAddress)
                configPluggableTransport(configBuilder, config)
                configBuilder.configSplitTunneling(config)
                configBuilder.configAppSplitTunneling(config)
--- a/client/android/protocolApi/src/main/kotlin/Exceptions.kt
+++ b/client/android/protocolApi/src/main/kotlin/Exceptions.kt
@ -2,7 +2,6 @@ package org.amnezia.vpn.protocol
 sealed class ProtocolException(message: String? = null, cause: Throwable? = null) : Exception(message, cause)
 class LoadLibraryException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)
 class BadConfigException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)
 class VpnStartException(message: String? = null, cause: Throwable? = null) : ProtocolException(message, cause)
--- a/client/android/protocolApi/src/main/kotlin/Protocol.kt
+++ b/client/android/protocolApi/src/main/kotlin/Protocol.kt
@ -1,6 +1,5 @@
 package org.amnezia.vpn.protocol
 import android.annotation.SuppressLint
 import android.content.Context
 import android.net.IpPrefix
 import android.net.VpnService
@ -8,9 +7,6 @@ import android.net.VpnService.Builder
 import android.os.Build
 import android.system.OsConstants
 import androidx.annotation.RequiresApi
 import java.io.File
 import java.io.FileOutputStream
 import java.util.zip.ZipFile
 import kotlinx.coroutines.flow.MutableStateFlow
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.net.InetNetwork
@ -27,15 +23,22 @@ private const val SPLIT_TUNNEL_EXCLUDE = 2
 abstract class Protocol {
    abstract val statistics: Statistics
    protected lateinit var context: Context
    protected lateinit var state: MutableStateFlow<ProtocolState>
    protected lateinit var onError: (String) -> Unit
    protected var isInitialized: Boolean = false
-    open fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
+    fun initialize(context: Context, state: MutableStateFlow<ProtocolState>, onError: (String) -> Unit) {
        this.context = context
        this.state = state
        this.onError = onError
        internalInit()
        isInitialized = true
    }
-    abstract fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)
+    protected abstract fun internalInit()
    abstract suspend fun startVpn(config: JSONObject, vpnBuilder: Builder, protect: (Int) -> Boolean)
    abstract fun stopVpn()
@ -105,25 +108,27 @@ abstract class Protocol {
            vpnBuilder.addSearchDomain(it)
        }
-        for (addr in config.routes) {
+        for ((inetNetwork, include) in config.routes) {
-            Log.d(TAG, "addRoute: $addr")
+            if (include) {
-            vpnBuilder.addRoute(addr)
+                Log.d(TAG, "addRoute: $inetNetwork")
-        }
+                vpnBuilder.addRoute(inetNetwork)
-
+            } else {
                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
-            for (addr in config.excludedRoutes) {
+                    Log.d(TAG, "excludeRoute: $inetNetwork")
-                Log.d(TAG, "excludeRoute: $addr")
+                    vpnBuilder.excludeRoute(inetNetwork)
-                vpnBuilder.excludeRoute(addr)
+                } else {
                    Log.e(TAG, "Trying to exclude route $inetNetwork on old Android")
                }
            }
        }
        for (app in config.includedApplications) {
-            Log.d(TAG, "addAllowedApplication: $app")
+            Log.d(TAG, "addAllowedApplication")
            vpnBuilder.addAllowedApplication(app)
        }
        for (app in config.excludedApplications) {
-            Log.d(TAG, "addDisallowedApplication: $app")
+            Log.d(TAG, "addDisallowedApplication")
            vpnBuilder.addDisallowedApplication(app)
        }
@ -149,60 +154,6 @@ abstract class Protocol {
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q)
            vpnBuilder.setMetered(false)
    }
    companion object {
        private fun extractLibrary(context: Context, libraryName: String, destination: File): Boolean {
            Log.d(TAG, "Extracting library: $libraryName")
            val apks = hashSetOf<String>()
            context.applicationInfo.run {
                sourceDir?.let { apks += it }
                splitSourceDirs?.let { apks += it }
            }
            for (abi in Build.SUPPORTED_ABIS) {
                for (apk in apks) {
                    ZipFile(File(apk), ZipFile.OPEN_READ).use { zipFile ->
                        val mappedName = System.mapLibraryName(libraryName)
                        val libraryZipPath = listOf("lib", abi, mappedName).joinToString(File.separator)
                        val zipEntry = zipFile.getEntry(libraryZipPath)
                        zipEntry?.let {
                            Log.d(TAG, "Extracting apk:/$libraryZipPath to ${destination.absolutePath}")
                            FileOutputStream(destination).use { outStream ->
                                zipFile.getInputStream(zipEntry).use { inStream ->
                                    inStream.copyTo(outStream, 32 * 1024)
                                    outStream.fd.sync()
                                }
                            }
                        }
                        return true
                    }
                }
            }
            return false
        }
        @SuppressLint("UnsafeDynamicallyLoadedCode")
        fun loadSharedLibrary(context: Context, libraryName: String) {
            Log.d(TAG, "Loading library: $libraryName")
            try {
                System.loadLibrary(libraryName)
                return
            } catch (_: UnsatisfiedLinkError) {
                Log.d(TAG, "Failed to load library, try to extract it from apk")
            }
            var tempFile: File? = null
            try {
                tempFile = File.createTempFile("lib", ".so", context.codeCacheDir)
                if (extractLibrary(context, libraryName, tempFile)) {
                    System.load(tempFile.absolutePath)
                    return
                }
            } catch (e: Exception) {
                throw LoadLibraryException("Failed to load library apk: $libraryName", e)
            } finally {
                tempFile?.delete()
            }
        }
    }
 }
 private fun VpnService.Builder.addAddress(addr: InetNetwork) = addAddress(addr.address, addr.mask)
--- a/client/android/protocolApi/src/main/kotlin/ProtocolConfig.kt
+++ b/client/android/protocolApi/src/main/kotlin/ProtocolConfig.kt
@ -12,8 +12,7 @@ open class ProtocolConfig protected constructor(
    val addresses: Set<InetNetwork>,
    val dnsServers: Set<InetAddress>,
    val searchDomain: String?,
-    val routes: Set<InetNetwork>,
+    val routes: Set<Route>,
    val excludedRoutes: Set<InetNetwork>,
    val includedAddresses: Set<InetNetwork>,
    val excludedAddresses: Set<InetNetwork>,
    val includedApplications: Set<String>,
@ -29,7 +28,6 @@ open class ProtocolConfig protected constructor(
        builder.dnsServers,
        builder.searchDomain,
        builder.routes,
        builder.excludedRoutes,
        builder.includedAddresses,
        builder.excludedAddresses,
        builder.includedApplications,
@ -43,8 +41,7 @@ open class ProtocolConfig protected constructor(
    open class Builder(blockingMode: Boolean) {
        internal val addresses: MutableSet<InetNetwork> = hashSetOf()
        internal val dnsServers: MutableSet<InetAddress> = hashSetOf()
-        internal val routes: MutableSet<InetNetwork> = hashSetOf()
+        internal val routes: MutableSet<Route> = mutableSetOf()
        internal val excludedRoutes: MutableSet<InetNetwork> = hashSetOf()
        internal val includedAddresses: MutableSet<InetNetwork> = hashSetOf()
        internal val excludedAddresses: MutableSet<InetNetwork> = hashSetOf()
        internal val includedApplications: MutableSet<String> = hashSetOf()
@ -77,13 +74,21 @@ open class ProtocolConfig protected constructor(
        fun setSearchDomain(domain: String) = apply { this.searchDomain = domain }
-        fun addRoute(route: InetNetwork) = apply { this.routes += route }
+        fun addRoute(route: InetNetwork) = apply { this.routes += Route(route, true) }
-        fun addRoutes(routes: Collection<InetNetwork>) = apply { this.routes += routes }
+        fun addRoutes(routes: Collection<InetNetwork>) = apply { this.routes += routes.map { Route(it, true) } }
-        fun removeRoute(route: InetNetwork) = apply { this.routes.remove(route) }
+
        fun excludeRoute(route: InetNetwork) = apply { this.routes += Route(route, false) }
        fun excludeRoutes(routes: Collection<InetNetwork>) = apply { this.routes += routes.map { Route(it, false) } }
        fun removeRoute(route: InetNetwork) = apply { this.routes.removeIf { it.inetNetwork == route } }
        fun clearRoutes() = apply { this.routes.clear() }
-        fun excludeRoute(route: InetNetwork) = apply { this.excludedRoutes += route }
+        fun prependRoutes(block: Builder.() -> Unit) = apply {
-        fun excludeRoutes(routes: Collection<InetNetwork>) = apply { this.excludedRoutes += routes }
+            val savedRoutes = mutableListOf<Route>().apply { addAll(routes) }
            routes.clear()
            block()
            routes.addAll(savedRoutes)
        }
        fun includeAddress(addr: InetNetwork) = apply { this.includedAddresses += addr }
        fun includeAddresses(addresses: Collection<InetNetwork>) = apply { this.includedAddresses += addresses }
@ -117,37 +122,46 @@ open class ProtocolConfig protected constructor(
                // remove default routes, if any
                removeRoute(InetNetwork("0.0.0.0", 0))
                removeRoute(InetNetwork("::", 0))
-                if (Build.VERSION.SDK_INT < Build.VERSION_CODES.TIRAMISU) {
+                removeRoute(InetNetwork("2000::", 3))
-                    // for older versions of Android, add the default route to the excluded routes
+                prependRoutes {
                    // to correctly build the excluded subnets list later
                    excludeRoute(InetNetwork("0.0.0.0", 0))
                }
                    addRoutes(includedAddresses)
            } else if (excludedAddresses.isNotEmpty()) {
                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
                    // default routes are required for split tunneling in newer versions of Android
                    addRoute(InetNetwork("0.0.0.0", 0))
                    addRoute(InetNetwork("::", 0))
                }
            } else if (excludedAddresses.isNotEmpty()) {
                prependRoutes {
                    addRoute(InetNetwork("0.0.0.0", 0))
                    addRoute(InetNetwork("2000::", 3))
                    excludeRoutes(excludedAddresses)
                }
            }
        }
-        private fun processExcludedRoutes() {
+        private fun processRoutes() {
-            if (Build.VERSION.SDK_INT < Build.VERSION_CODES.TIRAMISU && excludedRoutes.isNotEmpty()) {
+            // replace ::/0 as it may cause LAN connection issues
-                // todo: rewrite, taking into account the current routes
+            val ipv6DefaultRoute = InetNetwork("::", 0)
            if (routes.removeIf { it.include && it.inetNetwork == ipv6DefaultRoute }) {
                prependRoutes {
                    addRoute(InetNetwork("2000::", 3))
                }
            }
            // for older versions of Android, build a list of subnets without excluded routes
            // and add them to routes
            if (Build.VERSION.SDK_INT < Build.VERSION_CODES.TIRAMISU && routes.any { !it.include }) {
                val ipRangeSet = IpRangeSet()
-                ipRangeSet.remove(IpRange("127.0.0.0", 8))
+                routes.forEach {
-                excludedRoutes.forEach {
+                    if (it.include) ipRangeSet.add(IpRange(it.inetNetwork))
-                    ipRangeSet.remove(IpRange(it))
+                    else ipRangeSet.remove(IpRange(it.inetNetwork))
                }
-                // remove default routes, if any
+                ipRangeSet.remove(IpRange("127.0.0.0", 8))
-                removeRoute(InetNetwork("0.0.0.0", 0))
+                ipRangeSet.remove(IpRange("::1", 128))
-                removeRoute(InetNetwork("::", 0))
+                routes.clear()
                ipRangeSet.subnets().forEach(::addRoute)
-                addRoute(InetNetwork("2000::", 3))
+            }
            // filter ipv4 and ipv6 loopback addresses
            val ipv6Loopback = InetNetwork("::1", 128)
            routes.removeIf {
                it.include &&
                    if (it.inetNetwork.isIpv4) it.inetNetwork.address.address[0] == 127.toByte()
                    else it.inetNetwork == ipv6Loopback
            }
        }
@ -165,7 +179,7 @@ open class ProtocolConfig protected constructor(
        protected fun configBuild() {
            processSplitTunneling()
-            processExcludedRoutes()
+            processRoutes()
            validate()
        }
@ -177,3 +191,5 @@ open class ProtocolConfig protected constructor(
            Builder(blockingMode).apply(block).build()
    }
 }
 data class Route(val inetNetwork: InetNetwork, val include: Boolean)
--- a/client/android/qt/build.gradle.kts
+++ b/client/android/qt/build.gradle.kts
@ -21,5 +21,5 @@ android {
 }
 dependencies {
-    implementation(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar", "*.aar"))))
+    api(fileTree(mapOf("dir" to "../libs", "include" to listOf("*.jar"))))
 }
--- a/client/android/res/mipmap-hdpi/ic_banner.png
+++ b/client/android/res/mipmap-hdpi/ic_banner.png
--- a/client/android/res/mipmap-hdpi/icon.png
+++ b/client/android/res/mipmap-hdpi/icon.png
--- a/client/android/res/mipmap-hdpi/icon_round.png
+++ b/client/android/res/mipmap-hdpi/icon_round.png
--- a/client/android/res/mipmap-ldpi/icon.png
+++ b/client/android/res/mipmap-ldpi/icon.png
--- a/client/android/res/mipmap-ldpi/icon_round.png
+++ b/client/android/res/mipmap-ldpi/icon_round.png
--- a/client/android/res/mipmap-mdpi/ic_banner.png
+++ b/client/android/res/mipmap-mdpi/ic_banner.png
--- a/client/android/res/mipmap-mdpi/icon.png
+++ b/client/android/res/mipmap-mdpi/icon.png
--- a/client/android/res/mipmap-mdpi/icon_round.png
+++ b/client/android/res/mipmap-mdpi/icon_round.png
--- a/client/android/res/mipmap-xhdpi/ic_banner.png
+++ b/client/android/res/mipmap-xhdpi/ic_banner.png
--- a/client/android/res/mipmap-xhdpi/icon.png
+++ b/client/android/res/mipmap-xhdpi/icon.png
--- a/client/android/res/mipmap-xhdpi/icon_round.png
+++ b/client/android/res/mipmap-xhdpi/icon_round.png
--- a/client/android/res/mipmap-xxhdpi/icon.png
+++ b/client/android/res/mipmap-xxhdpi/icon.png
--- a/client/android/res/mipmap-xxhdpi/icon_round.png
+++ b/client/android/res/mipmap-xxhdpi/icon_round.png
--- a/client/android/res/mipmap-xxxhdpi/icon.png
+++ b/client/android/res/mipmap-xxxhdpi/icon.png
--- a/client/android/res/mipmap-xxxhdpi/icon_round.png
+++ b/client/android/res/mipmap-xxxhdpi/icon_round.png
--- a/client/android/res/values-ru/strings.xml
+++ b/client/android/res/values-ru/strings.xml
@ -1,12 +1,28 @@
 <?xml version='1.0' encoding='utf-8'?>
 <resources>
-    <string name="connecting">Подключение</string>
+    <string name="disconnected">Не подключено</string>
-    <string name="disconnecting">Отключение</string>
+    <string name="connected">Подключено</string>
-    <string name="cancel">Отмена</string>
+    <string name="connecting">Подключение…</string>
    <string name="disconnecting">Отключение…</string>
    <string name="reconnecting">Переподключение…</string>
    <string name="connect">Подключиться</string>
    <string name="disconnect">Отключиться</string>
    <string name="ok">ОК</string>
    <string name="cancel">Отмена</string>
    <string name="yes">Да</string>
    <string name="no">Нет</string>
    <string name="vpnGranted">VPN-подключение разрешено</string>
    <string name="vpnDenied">VPN-подключение запрещено</string>
    <string name="vpnSetupFailed">Ошибка настройки VPN</string>
    <string name="vpnSetupFailedMessage">Чтобы подключиться к AmneziaVPN необходимо:\n\n- Разрешить приложению подключаться к сети VPN\n- Отключить функцию \"Постоянная VPN\" для всех остальных VPN-приложений в системных настройках VPN</string>
    <string name="openVpnSettings">Открыть настройки VPN</string>
    <string name="notificationChannelDescription">Уведомления сервиса AmneziaVPN</string>
    <string name="notificationDialogTitle">Сервис AmneziaVPN</string>
    <string name="notificationDialogMessage">Показывать статус VPN в строке состояния?</string>
    <string name="notificationSettingsDialogTitle">Настройки уведомлений</string>
    <string name="notificationSettingsDialogMessage">Для показа уведомлений необходимо включить уведомления в системных настройках</string>
    <string name="openNotificationSettings">Открыть настройки уведомлений</string>
    <string name="tvNoFileBrowser">Пожалуйста, установите приложение для просмотра файлов</string>
 </resources>
--- a/client/android/res/values/libs.xml
+++ b/client/android/res/values/libs.xml
@ -3,7 +3,6 @@
    <!-- DO NOT EDIT THIS: This file is populated automatically by the deployment tool. -->
    <array name="bundled_libs">
        <!-- %%INSERT_EXTRA_LIBS%% -->
    </array>
    <array name="qt_libs">
--- a/client/android/res/values/strings.xml
+++ b/client/android/res/values/strings.xml
@ -1,12 +1,28 @@
 <?xml version='1.0' encoding='utf-8'?>
 <resources>
-    <string name="connecting">Connecting</string>
+    <string name="disconnected">Not connected</string>
-    <string name="disconnecting">Disconnecting</string>
+    <string name="connected">Connected</string>
-    <string name="cancel">Cancel</string>
+    <string name="connecting">Connecting…</string>
    <string name="disconnecting">Disconnecting…</string>
    <string name="reconnecting">Reconnecting…</string>
    <string name="connect">Connect</string>
    <string name="disconnect">Disconnect</string>
    <string name="ok">OK</string>
    <string name="cancel">Cancel</string>
    <string name="yes">Yes</string>
    <string name="no">No</string>
    <string name="vpnGranted">VPN permission granted</string>
    <string name="vpnDenied">VPN permission denied</string>
    <string name="vpnSetupFailed">VPN setup error</string>
    <string name="vpnSetupFailedMessage">To connect to AmneziaVPN, please do the following:\n\n- Allow the app to set up a VPN connection\n- Disable Always-on VPN for any other VPN app in the VPN system settings</string>
    <string name="openVpnSettings">Open VPN settings</string>
    <string name="notificationChannelDescription">AmneziaVPN service notification</string>
    <string name="notificationDialogTitle">AmneziaVPN service</string>
    <string name="notificationDialogMessage">Show the VPN state in the status bar?</string>
    <string name="notificationSettingsDialogTitle">Notification settings</string>
    <string name="notificationSettingsDialogMessage">To show notifications, you must enable notifications in the system settings</string>
    <string name="openNotificationSettings">Open notification settings</string>
    <string name="tvNoFileBrowser">Please install a file management utility to browse files</string>
 </resources>
--- a/client/android/res/values/styles.xml
+++ b/client/android/res/values/styles.xml
@ -1,6 +1,9 @@
 <?xml version="1.0" encoding="utf-8"?>
 <resources>
    <color name="black">#FF0E0E11</color>
    <style name="NoActionBar">
        <item name="android:windowBackground">@color/black</item>
        <item name="android:colorBackground">@color/black</item>
        <item name="android:windowActionBar">false</item>
        <item name="android:windowNoTitle">true</item>
    </style>
--- a/client/android/settings.gradle.kts
+++ b/client/android/settings.gradle.kts
@ -22,7 +22,7 @@ dependencyResolutionManagement {
 includeBuild("./gradle/plugins")
 plugins {
-    id("com.android.settings") version "8.2.0"
+    id("com.android.settings") version "8.5.2"
    id("settings-property-delegate")
 }
@ -36,6 +36,8 @@ include(":wireguard")
 include(":awg")
 include(":openvpn")
 include(":cloak")
 include(":xray")
 include(":xray:libXray")
 // get values from gradle or local properties
 val androidBuildToolsVersion: String by gradleProperties
--- a/client/android/src/org/amnezia/vpn/AmneziaActivity.kt
+++ b/client/android/src/org/amnezia/vpn/AmneziaActivity.kt
@ -1,6 +1,11 @@
 package org.amnezia.vpn
 import android.Manifest
 import android.annotation.SuppressLint
 import android.app.AlertDialog
 import android.app.NotificationManager
 import android.content.ActivityNotFoundException
 import android.content.BroadcastReceiver
 import android.content.ComponentName
 import android.content.Intent
 import android.content.Intent.EXTRA_MIME_TYPES
@ -10,26 +15,36 @@ import android.content.pm.PackageManager
 import android.graphics.Bitmap
 import android.net.Uri
 import android.net.VpnService
 import android.os.Build
 import android.os.Bundle
 import android.os.Handler
 import android.os.IBinder
 import android.os.Looper
 import android.os.Message
 import android.os.Messenger
 import android.os.ParcelFileDescriptor
 import android.os.SystemClock
 import android.provider.OpenableColumns
 import android.provider.Settings
 import android.view.MotionEvent
 import android.view.View
 import android.view.ViewGroup
 import android.view.WindowManager.LayoutParams
 import android.webkit.MimeTypeMap
 import android.widget.Toast
 import androidx.annotation.MainThread
 import androidx.annotation.RequiresApi
 import androidx.core.content.ContextCompat
 import java.io.IOException
 import kotlin.LazyThreadSafetyMode.NONE
 import kotlin.coroutines.CoroutineContext
 import kotlin.text.RegexOption.IGNORE_CASE
 import AppListProvider
 import kotlinx.coroutines.CompletableDeferred
 import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.SupervisorJob
 import kotlinx.coroutines.async
 import kotlinx.coroutines.cancel
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.runBlocking
@ -37,7 +52,11 @@ import kotlinx.coroutines.withContext
 import org.amnezia.vpn.protocol.getStatistics
 import org.amnezia.vpn.protocol.getStatus
 import org.amnezia.vpn.qt.QtAndroidController
 import org.amnezia.vpn.util.LibraryLoader.loadSharedLibrary
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.json.JSONException
 import org.json.JSONObject
 import org.qtproject.qt.android.bindings.QtActivity
 private const val TAG = "AmneziaActivity"
@ -46,16 +65,24 @@ const val ACTIVITY_MESSENGER_NAME = "Activity"
 private const val CHECK_VPN_PERMISSION_ACTION_CODE = 1
 private const val CREATE_FILE_ACTION_CODE = 2
 private const val OPEN_FILE_ACTION_CODE = 3
 private const val CHECK_NOTIFICATION_PERMISSION_ACTION_CODE = 4
 private const val PREFS_NOTIFICATION_PERMISSION_ASKED = "NOTIFICATION_PERMISSION_ASKED"
 class AmneziaActivity : QtActivity() {
    private lateinit var mainScope: CoroutineScope
    private val qtInitialized = CompletableDeferred<Unit>()
    private var vpnProto: VpnProto? = null
    private var isWaitingStatus = true
    private var isServiceConnected = false
    private var isInBoundState = false
    private var notificationStateReceiver: BroadcastReceiver? = null
    private lateinit var vpnServiceMessenger: IpcMessenger
-    private var tmpFileContentToSave: String = ""
+    private var pfd: ParcelFileDescriptor? = null
    private val actionResultHandlers = mutableMapOf<Int, ActivityResultHandler>()
    private val permissionRequestHandlers = mutableMapOf<Int, PermissionRequestHandler>()
    private val vpnServiceEventHandler: Handler by lazy(NONE) {
        object : Handler(Looper.getMainLooper()) {
@ -130,35 +157,74 @@ class AmneziaActivity : QtActivity() {
            override fun onBindingDied(name: ComponentName?) {
                Log.w(TAG, "Binding to the ${name?.flattenToString()} unexpectedly died")
                doUnbindService()
                QtAndroidController.onServiceDisconnected()
                doBindService()
            }
        }
    }
    private data class CheckVpnPermissionCallbacks(val onSuccess: () -> Unit, val onFail: () -> Unit)
    private var checkVpnPermissionCallbacks: CheckVpnPermissionCallbacks? = null
    /**
     * Activity overloaded methods
     */
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
-        Log.d(TAG, "Create Amnezia activity: $intent")
+        Log.d(TAG, "Create Amnezia activity")
        loadLibs()
        window.apply {
            addFlags(LayoutParams.FLAG_DRAWS_SYSTEM_BAR_BACKGROUNDS)
            statusBarColor = getColor(R.color.black)
        }
        mainScope = CoroutineScope(SupervisorJob() + Dispatchers.Main.immediate)
        val proto = mainScope.async(Dispatchers.IO) {
            VpnStateStore.getVpnState().vpnProto
        }
        vpnServiceMessenger = IpcMessenger(
            "VpnService",
            onDeadObjectException = {
                doUnbindService()
                QtAndroidController.onServiceDisconnected()
                doBindService()
            }
        )
        registerBroadcastReceivers()
        intent?.let(::processIntent)
        runBlocking { vpnProto = proto.await() }
    }
    private fun loadLibs() {
        listOf(
            "rsapss",
            "crypto_3",
            "ssl_3",
            "ssh"
        ).forEach {
            loadSharedLibrary(this.applicationContext, it)
        }
    }
    private fun registerBroadcastReceivers() {
        notificationStateReceiver = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
            registerBroadcastReceiver(
                arrayOf(
                    NotificationManager.ACTION_NOTIFICATION_CHANNEL_BLOCK_STATE_CHANGED,
                    NotificationManager.ACTION_APP_BLOCK_STATE_CHANGED
                )
            ) {
                Log.v(
                    TAG, "Notification state changed: ${it?.action}, blocked = " +
                        "${it?.getBooleanExtra(NotificationManager.EXTRA_BLOCKED_STATE, false)}"
                )
                mainScope.launch {
                    qtInitialized.await()
                    QtAndroidController.onNotificationStateChanged()
                }
            }
        } else null
    }
    override fun onNewIntent(intent: Intent?) {
        super.onNewIntent(intent)
-        Log.d(TAG, "onNewIntent: $intent")
+        Log.v(TAG, "onNewIntent: $intent")
        intent?.let(::processIntent)
    }
@ -181,62 +247,66 @@ class AmneziaActivity : QtActivity() {
        Log.d(TAG, "Start Amnezia activity")
        mainScope.launch {
            qtInitialized.await()
            vpnProto?.let { proto ->
                if (AmneziaVpnService.isRunning(applicationContext, proto.processName)) {
                    doBindService()
                }
            }
        }
    }
    override fun onStop() {
        Log.d(TAG, "Stop Amnezia activity")
        doUnbindService()
        mainScope.launch {
            qtInitialized.await()
            QtAndroidController.onServiceDisconnected()
        }
        super.onStop()
    }
    override fun onDestroy() {
        Log.d(TAG, "Destroy Amnezia activity")
        unregisterBroadcastReceiver(notificationStateReceiver)
        notificationStateReceiver = null
        mainScope.cancel()
        super.onDestroy()
    }
    override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
-        when (requestCode) {
+        Log.d(TAG, "Process activity result, code: ${actionCodeToString(requestCode)}, " +
-            CREATE_FILE_ACTION_CODE -> {
+                "resultCode: $resultCode, data: $data")
        actionResultHandlers[requestCode]?.let { handler ->
            when (resultCode) {
-                    RESULT_OK -> {
+                RESULT_OK -> handler.onSuccess(data)
-                        data?.data?.let { uri ->
+                else -> handler.onFail(data)
                            alterDocument(uri)
                        }
                    }
            }
            handler.onAny(data)
            actionResultHandlers.remove(requestCode)
        } ?: super.onActivityResult(requestCode, resultCode, data)
    }
-            OPEN_FILE_ACTION_CODE -> {
+    private fun startActivityForResult(intent: Intent, requestCode: Int, handler: ActivityResultHandler) {
-                when (resultCode) {
+        actionResultHandlers[requestCode] = handler
-                    RESULT_OK -> data?.data?.toString() ?: ""
+        startActivityForResult(intent, requestCode)
                    else -> ""
                }.let { uri ->
                    QtAndroidController.onFileOpened(uri)
                }
    }
-            CHECK_VPN_PERMISSION_ACTION_CODE -> {
+    override fun onRequestPermissionsResult(requestCode: Int, permissions: Array<out String>, grantResults: IntArray) {
-                when (resultCode) {
+        Log.d(TAG, "Process permission result, code: ${actionCodeToString(requestCode)}, " +
-                    RESULT_OK -> {
+                "permissions: ${permissions.contentToString()}, results: ${grantResults.contentToString()}")
-                        Log.d(TAG, "Vpn permission granted")
+        permissionRequestHandlers[requestCode]?.let { handler ->
-                        Toast.makeText(this, resources.getText(R.string.vpnGranted), Toast.LENGTH_LONG).show()
+            if (grantResults.isNotEmpty()) {
-                        checkVpnPermissionCallbacks?.run { onSuccess() }
+                if (grantResults[0] == PackageManager.PERMISSION_GRANTED) handler.onSuccess()
                else handler.onFail()
            }
            handler.onAny()
            permissionRequestHandlers.remove(requestCode)
        } ?: super.onRequestPermissionsResult(requestCode, permissions, grantResults)
    }
-                    else -> {
+    private fun requestPermission(permission: String, requestCode: Int, handler: PermissionRequestHandler) {
-                        Log.w(TAG, "Vpn permission denied, resultCode: $resultCode")
+        permissionRequestHandlers[requestCode] = handler
-                        showOnVpnPermissionRejectDialog()
+        requestPermissions(arrayOf(permission), requestCode)
                        checkVpnPermissionCallbacks?.run { onFail() }
                    }
                }
                checkVpnPermissionCallbacks = null
            }
            else -> super.onActivityResult(requestCode, resultCode, data)
        }
    }
    /**
@ -245,18 +315,19 @@ class AmneziaActivity : QtActivity() {
    @MainThread
    private fun doBindService() {
        Log.d(TAG, "Bind service")
-        Intent(this, AmneziaVpnService::class.java).also {
+        vpnProto?.let { proto ->
            Intent(this, proto.serviceClass).also {
                bindService(it, serviceConnection, BIND_ABOVE_CLIENT and BIND_AUTO_CREATE)
            }
            isInBoundState = true
        }
    }
    @MainThread
    private fun doUnbindService() {
        if (isInBoundState) {
            Log.d(TAG, "Unbind service")
            isWaitingStatus = true
            QtAndroidController.onServiceDisconnected()
            isServiceConnected = false
            vpnServiceMessenger.send(Action.UNREGISTER_CLIENT, activityMessenger)
            vpnServiceMessenger.reset()
@ -268,22 +339,26 @@ class AmneziaActivity : QtActivity() {
    /**
     * Methods of starting and stopping VpnService
     */
    private fun checkVpnPermissionAndStart(vpnConfig: String) {
        checkVpnPermission(
            onSuccess = { startVpn(vpnConfig) },
            onFail = QtAndroidController::onVpnPermissionRejected
        )
    }
    @MainThread
-    private fun checkVpnPermission(onSuccess: () -> Unit, onFail: () -> Unit) {
+    private fun checkVpnPermission(onPermissionGranted: () -> Unit) {
        Log.d(TAG, "Check VPN permission")
-        VpnService.prepare(applicationContext)?.let {
+        VpnService.prepare(applicationContext)?.let { intent ->
-            checkVpnPermissionCallbacks = CheckVpnPermissionCallbacks(onSuccess, onFail)
+            startActivityForResult(intent, CHECK_VPN_PERMISSION_ACTION_CODE, ActivityResultHandler(
-            startActivityForResult(it, CHECK_VPN_PERMISSION_ACTION_CODE)
+                onSuccess = {
-            return
+                    Log.d(TAG, "Vpn permission granted")
                    Toast.makeText(this@AmneziaActivity, resources.getText(R.string.vpnGranted), Toast.LENGTH_LONG).show()
                    onPermissionGranted()
                },
                onFail = {
                    Log.w(TAG, "Vpn permission denied")
                    showOnVpnPermissionRejectDialog()
                    mainScope.launch {
                        qtInitialized.await()
                        QtAndroidController.onVpnPermissionRejected()
                    }
-        onSuccess()
+                }
            ))
        } ?: onPermissionGranted()
    }
    private fun showOnVpnPermissionRejectDialog() {
@ -297,15 +372,72 @@ class AmneziaActivity : QtActivity() {
            .show()
    }
    private fun checkNotificationPermission(onChecked: () -> Unit) {
        Log.d(TAG, "Check notification permission")
        if (
            !isNotificationPermissionGranted() &&
            !Prefs.load<Boolean>(PREFS_NOTIFICATION_PERMISSION_ASKED)
        ) {
            showNotificationPermissionDialog(onChecked)
        } else {
            onChecked()
        }
    }
    @RequiresApi(Build.VERSION_CODES.TIRAMISU)
    private fun showNotificationPermissionDialog(onChecked: () -> Unit) {
        AlertDialog.Builder(this)
            .setTitle(R.string.notificationDialogTitle)
            .setMessage(R.string.notificationDialogMessage)
            .setNegativeButton(R.string.no) { _, _ ->
                Prefs.save(PREFS_NOTIFICATION_PERMISSION_ASKED, true)
                onChecked()
            }
            .setPositiveButton(R.string.yes) { _, _ ->
                val saveAsked: () -> Unit = {
                    Prefs.save(PREFS_NOTIFICATION_PERMISSION_ASKED, true)
                }
                requestPermission(
                    Manifest.permission.POST_NOTIFICATIONS,
                    CHECK_NOTIFICATION_PERMISSION_ACTION_CODE,
                    PermissionRequestHandler(
                        onSuccess = saveAsked,
                        onFail = saveAsked,
                        onAny = onChecked
                    )
                )
            }
            .show()
    }
    @MainThread
    private fun startVpn(vpnConfig: String) {
        getVpnProto(vpnConfig)?.let { proto ->
            Log.v(TAG, "Proto from config: $proto, current proto: $vpnProto")
            if (isServiceConnected) {
                if (proto.serviceClass == vpnProto?.serviceClass) {
                    vpnProto = proto
                    connectToVpn(vpnConfig)
-        } else {
+                    return
            isWaitingStatus = false
            startVpnService(vpnConfig)
            doBindService()
                }
                doUnbindService()
            }
            vpnProto = proto
            isWaitingStatus = false
            startVpnService(vpnConfig, proto)
            doBindService()
        } ?: QtAndroidController.onServiceError()
    }
    private fun getVpnProto(vpnConfig: String): VpnProto? = try {
        require(vpnConfig.isNotBlank()) { "Blank VPN config" }
        VpnProto.get(JSONObject(vpnConfig).getString("protocol"))
    } catch (e: JSONException) {
        Log.e(TAG, "Invalid VPN config json format: ${e.message}")
        null
    } catch (e: IllegalArgumentException) {
        Log.e(TAG, "Protocol not found: ${e.message}")
        null
    }
    private fun connectToVpn(vpnConfig: String) {
@ -317,33 +449,26 @@ class AmneziaActivity : QtActivity() {
        }
    }
-    private fun startVpnService(vpnConfig: String) {
+    private fun startVpnService(vpnConfig: String, proto: VpnProto) {
-        Log.d(TAG, "Start VPN service")
+        Log.d(TAG, "Start VPN service: $proto")
-        Intent(this, AmneziaVpnService::class.java).apply {
+        Intent(this, proto.serviceClass).apply {
            putExtra(MSG_VPN_CONFIG, vpnConfig)
        }.also {
            try {
                ContextCompat.startForegroundService(this, it)
            } catch (e: SecurityException) {
                Log.e(TAG, "Failed to start ${proto.serviceClass.simpleName}: $e")
                QtAndroidController.onServiceError()
            }
        }
    }
    @MainThread
    private fun disconnectFromVpn() {
        Log.d(TAG, "Disconnect from VPN")
        vpnServiceMessenger.send(Action.DISCONNECT)
    }
    // saving file
    private fun alterDocument(uri: Uri) {
        try {
            contentResolver.openOutputStream(uri)?.use { os ->
                os.bufferedWriter().use { it.write(tmpFileContentToSave) }
            }
        } catch (e: IOException) {
            e.printStackTrace()
        }
        tmpFileContentToSave = ""
    }
    /**
     * Methods called by Qt
     */
@ -357,7 +482,11 @@ class AmneziaActivity : QtActivity() {
    fun start(vpnConfig: String) {
        Log.v(TAG, "Start VPN")
        mainScope.launch {
-            checkVpnPermissionAndStart(vpnConfig)
+            checkVpnPermission {
                checkNotificationPermission {
                    startVpn(vpnConfig)
                }
            }
        }
    }
@ -389,14 +518,30 @@ class AmneziaActivity : QtActivity() {
    fun saveFile(fileName: String, data: String) {
        Log.d(TAG, "Save file $fileName")
        mainScope.launch {
            tmpFileContentToSave = data
            Intent(Intent.ACTION_CREATE_DOCUMENT).apply {
                addCategory(Intent.CATEGORY_OPENABLE)
                type = "text/*"
                putExtra(Intent.EXTRA_TITLE, fileName)
            }.also {
-                startActivityForResult(it, CREATE_FILE_ACTION_CODE)
+                try {
                    startActivityForResult(it, CREATE_FILE_ACTION_CODE, ActivityResultHandler(
                        onSuccess = {
                            it?.data?.let { uri ->
                                Log.v(TAG, "Save file to $uri")
                                try {
                                    contentResolver.openOutputStream(uri)?.use { os ->
                                        os.bufferedWriter().use { it.write(data) }
                                    }
                                } catch (e: IOException) {
                                    Log.e(TAG, "Failed to save file $uri: $e")
                                    // todo: send error to Qt
                                }
                            }
                        }
                    ))
                } catch (_: ActivityNotFoundException) {
                    Toast.makeText(this@AmneziaActivity, "Unsupported", Toast.LENGTH_LONG).show()
                }
            }
        }
    }
@ -404,7 +549,8 @@ class AmneziaActivity : QtActivity() {
    @Suppress("unused")
    fun openFile(filter: String?) {
        Log.v(TAG, "Open file with filter: $filter")
-
+        mainScope.launch {
            val intent = if (!isOnTv()) {
                val mimeTypes = if (!filter.isNullOrEmpty()) {
                    val extensionRegex = "\\*\\.([a-z0-9]+)".toRegex(IGNORE_CASE)
                    val mime = MimeTypeMap.getSingleton()
@ -430,19 +576,96 @@ class AmneziaActivity : QtActivity() {
                            else -> type = "*/*"
                        }
                    }
-        }.also {
+                }
-            startActivityForResult(it, OPEN_FILE_ACTION_CODE)
+            } else {
                Intent(this@AmneziaActivity, TvFilePicker::class.java)
            }
            try {
                startActivityForResult(intent, OPEN_FILE_ACTION_CODE, ActivityResultHandler(
                    onAny = {
                        if (isOnTv() && it?.hasExtra("activityNotFound") == true) {
                            showNoFileBrowserAlertDialog()
                        }
                        val uri = it?.data?.apply {
                            grantUriPermission(packageName, this, Intent.FLAG_GRANT_READ_URI_PERMISSION)
                        }?.toString() ?: ""
                        Log.v(TAG, "Open file: $uri")
                        mainScope.launch {
                            qtInitialized.await()
                            QtAndroidController.onFileOpened(uri)
                        }
                    }
                ))
            } catch (_: ActivityNotFoundException) {
                showNoFileBrowserAlertDialog()
                mainScope.launch {
                    qtInitialized.await()
                    QtAndroidController.onFileOpened("")
                }
            }
        }
    }
    private fun showNoFileBrowserAlertDialog() {
        AlertDialog.Builder(this)
            .setMessage(R.string.tvNoFileBrowser)
            .setCancelable(false)
            .setPositiveButton(android.R.string.ok) { _, _ ->
                try {
                    startActivity(Intent(Intent.ACTION_VIEW, Uri.parse("market://webstoreredirect")))
                } catch (_: Throwable) {}
            }
            .show()
    }
    @Suppress("unused")
    fun getFd(fileName: String): Int {
        Log.v(TAG, "Get fd for $fileName")
        return blockingCall {
            try {
                pfd = contentResolver.openFileDescriptor(Uri.parse(fileName), "r")
                pfd?.fd ?: -1
            } catch (e: Exception) {
                Log.e(TAG, "Failed to get fd: $e")
                -1
            }
        }
    }
    @Suppress("unused")
-    fun setNotificationText(title: String, message: String, timerSec: Int) {
+    fun closeFd() {
-        Log.v(TAG, "Set notification text")
+        Log.v(TAG, "Close fd")
        mainScope.launch {
            pfd?.close()
            pfd = null
        }
    }
    @Suppress("unused")
    fun getFileName(uri: String): String {
        Log.v(TAG, "Get file name for uri: $uri")
        return blockingCall {
            try {
                contentResolver.query(Uri.parse(uri), arrayOf(OpenableColumns.DISPLAY_NAME), null, null, null)?.use { cursor ->
                    if (cursor.moveToFirst() && !cursor.isNull(0)) {
                        return@blockingCall cursor.getString(0) ?: ""
                    }
                }
            } catch (e: Exception) {
                Log.e(TAG, "Failed to get file name: $e")
            }
            ""
        }
    }
    @Suppress("unused")
    @SuppressLint("UnsupportedChromeOsCameraSystemFeature")
    fun isCameraPresent(): Boolean = applicationContext.packageManager.hasSystemFeature(PackageManager.FEATURE_CAMERA)
    @Suppress("unused")
    fun isOnTv(): Boolean = applicationContext.packageManager.hasSystemFeature(PackageManager.FEATURE_LEANBACK)
    @Suppress("unused")
    fun startQrCodeReader() {
        Log.v(TAG, "Start camera")
@ -453,7 +676,7 @@ class AmneziaActivity : QtActivity() {
    @Suppress("unused")
    fun setSaveLogs(enabled: Boolean) {
-        Log.d(TAG, "Set save logs: $enabled")
+        Log.v(TAG, "Set save logs: $enabled")
        mainScope.launch {
            Log.saveLogs = enabled
            vpnServiceMessenger.send {
@ -473,8 +696,10 @@ class AmneziaActivity : QtActivity() {
    @Suppress("unused")
    fun clearLogs() {
        Log.v(TAG, "Clear logs")
        mainScope.launch {
            Log.clearLogs()
        }
    }
    @Suppress("unused")
    fun setScreenshotsEnabled(enabled: Boolean) {
@ -485,6 +710,14 @@ class AmneziaActivity : QtActivity() {
        }
    }
    @Suppress("unused")
    fun setNavigationBarColor(color: Int) {
        Log.v(TAG, "Change navigation bar color: ${"#%08X".format(color)}")
        mainScope.launch {
            window.navigationBarColor = color
        }
    }
    @Suppress("unused")
    fun minimizeApp() {
        Log.v(TAG, "Minimize application")
@ -509,7 +742,202 @@ class AmneziaActivity : QtActivity() {
    @Suppress("unused")
    fun getAppIcon(packageName: String, width: Int, height: Int): Bitmap {
-        Log.v(TAG, "Get app icon: $packageName")
+        Log.v(TAG, "Get app icon")
        return AppListProvider.getAppIcon(packageManager, packageName, width, height)
    }
    @Suppress("unused")
    fun isNotificationPermissionGranted(): Boolean = applicationContext.isNotificationPermissionGranted()
    @Suppress("unused")
    fun requestNotificationPermission() {
        val shouldShowPreRequest = shouldShowRequestPermissionRationale(Manifest.permission.POST_NOTIFICATIONS)
        requestPermission(
            Manifest.permission.POST_NOTIFICATIONS,
            CHECK_NOTIFICATION_PERMISSION_ACTION_CODE,
            PermissionRequestHandler(
                onSuccess = {
                    mainScope.launch {
                        Prefs.save(PREFS_NOTIFICATION_PERMISSION_ASKED, true)
                        vpnServiceMessenger.send(Action.NOTIFICATION_PERMISSION_GRANTED)
                        qtInitialized.await()
                        QtAndroidController.onNotificationStateChanged()
                    }
                },
                onFail = {
                    if (!Prefs.load<Boolean>(PREFS_NOTIFICATION_PERMISSION_ASKED)) {
                        Prefs.save(PREFS_NOTIFICATION_PERMISSION_ASKED, true)
                    } else {
                        val shouldShowPostRequest =
                            shouldShowRequestPermissionRationale(Manifest.permission.POST_NOTIFICATIONS)
                        if (!shouldShowPreRequest && !shouldShowPostRequest) {
                            showNotificationSettingsDialog()
                        }
                    }
                }
            )
        )
    }
    private fun showNotificationSettingsDialog() {
        AlertDialog.Builder(this)
            .setTitle(R.string.notificationSettingsDialogTitle)
            .setMessage(R.string.notificationSettingsDialogMessage)
            .setNegativeButton(R.string.cancel) { _, _ -> }
            .setPositiveButton(R.string.openNotificationSettings) { _, _ ->
                startActivity(Intent(Settings.ACTION_APP_NOTIFICATION_SETTINGS).apply {
                    putExtra(Settings.EXTRA_APP_PACKAGE, packageName)
                })
            }
            .show()
    }
    @Suppress("unused")
    fun requestAuthentication() {
        Log.v(TAG, "Request authentication")
        mainScope.launch {
            qtInitialized.await()
            Intent(this@AmneziaActivity, AuthActivity::class.java).also {
                startActivity(it)
            }
        }
    }
    // method to workaround Qt's problem with calling the keyboard on TVs
    @Suppress("unused")
    fun sendTouch(x: Float, y: Float) {
        Log.v(TAG, "Send touch: $x, $y")
        blockingCall {
            findQtWindow(window.decorView)?.let {
                Log.v(TAG, "Send touch to $it")
                it.dispatchTouchEvent(createEvent(x, y, SystemClock.uptimeMillis(), MotionEvent.ACTION_DOWN))
                it.dispatchTouchEvent(createEvent(x, y, SystemClock.uptimeMillis(), MotionEvent.ACTION_UP))
            }
        }
    }
    private fun findQtWindow(view: View): View? {
        Log.v(TAG, "findQtWindow: process $view")
        if (view::class.simpleName == "QtWindow") return view
        else if (view is ViewGroup) {
            for (i in 0 until view.childCount) {
                val result = findQtWindow(view.getChildAt(i))
                if (result != null) return result
            }
            return null
        } else return null
    }
    private fun createEvent(x: Float, y: Float, eventTime: Long, action: Int): MotionEvent =
        MotionEvent.obtain(
            eventTime,
            eventTime,
            action,
            1,
            arrayOf(MotionEvent.PointerProperties().apply {
                id = 0
                toolType = MotionEvent.TOOL_TYPE_FINGER
            }),
            arrayOf(MotionEvent.PointerCoords().apply {
                this.x = x
                this.y = y
                pressure = 1f
                size = 1f
            }),
            0, 0, 1.0f, 1.0f, 0, 0, 0,0
        )
    // workaround for a bug in Qt that causes the mouse click event not to be handled
    // also disable right-click, as it causes the application to crash
    private var lastButtonState = 0
    private fun MotionEvent.fixCopy(): MotionEvent = MotionEvent.obtain(
        downTime,
        eventTime,
        action,
        pointerCount,
        (0 until pointerCount).map { i ->
            MotionEvent.PointerProperties().apply {
                getPointerProperties(i, this)
            }
        }.toTypedArray(),
        (0 until pointerCount).map { i ->
            MotionEvent.PointerCoords().apply {
                getPointerCoords(i, this)
            }
        }.toTypedArray(),
        metaState,
        MotionEvent.BUTTON_PRIMARY,
        xPrecision,
        yPrecision,
        deviceId,
        edgeFlags,
        source,
        flags
    )
    private fun handleMouseEvent(ev: MotionEvent, superDispatch: (MotionEvent?) -> Boolean): Boolean {
        when (ev.action) {
            MotionEvent.ACTION_DOWN -> {
                lastButtonState = ev.buttonState
                if (ev.buttonState == MotionEvent.BUTTON_SECONDARY) return true
            }
            MotionEvent.ACTION_UP -> {
                when (lastButtonState) {
                    MotionEvent.BUTTON_SECONDARY -> return true
                    MotionEvent.BUTTON_PRIMARY -> {
                        val modEvent = ev.fixCopy()
                        return superDispatch(modEvent).apply { modEvent.recycle() }
                    }
                }
            }
        }
        return superDispatch(ev)
    }
    override fun dispatchTouchEvent(ev: MotionEvent?): Boolean {
        Log.v(TAG, "dispatchTouch: $ev")
        if (ev != null && ev.getToolType(0) == MotionEvent.TOOL_TYPE_MOUSE) {
            return handleMouseEvent(ev) { super.dispatchTouchEvent(it) }
        }
        return super.dispatchTouchEvent(ev)
    }
    override fun dispatchTrackballEvent(ev: MotionEvent?): Boolean {
        ev?.let { return handleMouseEvent(ev) { super.dispatchTrackballEvent(it) }}
        return super.dispatchTrackballEvent(ev)
    }
    /**
     * Utils methods
     */
    private fun <T> blockingCall(
        context: CoroutineContext = Dispatchers.Main.immediate,
        block: suspend () -> T
    ) = runBlocking {
        mainScope.async(context) { block() }.await()
    }
    companion object {
        private fun actionCodeToString(actionCode: Int): String =
            when (actionCode) {
                CHECK_VPN_PERMISSION_ACTION_CODE -> "CHECK_VPN_PERMISSION"
                CREATE_FILE_ACTION_CODE -> "CREATE_FILE"
                OPEN_FILE_ACTION_CODE -> "OPEN_FILE"
                CHECK_NOTIFICATION_PERMISSION_ACTION_CODE -> "CHECK_NOTIFICATION_PERMISSION"
                else -> actionCode.toString()
            }
    }
 }
 private class ActivityResultHandler(
    val onSuccess: (data: Intent?) -> Unit = {},
    val onFail: (data: Intent?) -> Unit = {},
    val onAny: (data: Intent?) -> Unit = {}
 )
 private class PermissionRequestHandler(
    val onSuccess: () -> Unit = {},
    val onFail: () -> Unit = {},
    val onAny: () -> Unit = {}
 )
--- a/client/android/src/org/amnezia/vpn/AmneziaApplication.kt
+++ b/client/android/src/org/amnezia/vpn/AmneziaApplication.kt
@ -3,14 +3,11 @@ package org.amnezia.vpn
 import androidx.camera.camera2.Camera2Config
 import androidx.camera.core.CameraSelector
 import androidx.camera.core.CameraXConfig
 import androidx.core.app.NotificationChannelCompat.Builder
 import androidx.core.app.NotificationManagerCompat
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.qtproject.qt.android.bindings.QtApplication
 private const val TAG = "AmneziaApplication"
 const val NOTIFICATION_CHANNEL_ID: String = "org.amnezia.vpn.notification"
 class AmneziaApplication : QtApplication(), CameraXConfig.Provider {
@ -20,7 +17,7 @@ class AmneziaApplication : QtApplication(), CameraXConfig.Provider {
        Log.init(this)
        VpnStateStore.init(this)
        Log.d(TAG, "Create Amnezia application")
-        createNotificationChannel()
+        ServiceNotification.createNotificationChannel(this)
    }
    override fun getCameraXConfig(): CameraXConfig = CameraXConfig.Builder
@ -28,14 +25,4 @@ class AmneziaApplication : QtApplication(), CameraXConfig.Provider {
        .setMinimumLoggingLevel(android.util.Log.ERROR)
        .setAvailableCamerasLimiter(CameraSelector.DEFAULT_BACK_CAMERA)
        .build()
    private fun createNotificationChannel() {
        NotificationManagerCompat.from(this).createNotificationChannel(
            Builder(NOTIFICATION_CHANNEL_ID, NotificationManagerCompat.IMPORTANCE_LOW)
                .setName("AmneziaVPN")
                .setDescription("AmneziaVPN service notification")
                .setShowBadge(false)
                .build()
        )
    }
 }
--- a/client/android/src/org/amnezia/vpn/AmneziaContext.kt
+++ b/client/android/src/org/amnezia/vpn/AmneziaContext.kt
@ -0,0 +1,56 @@
 package org.amnezia.vpn
 import android.content.BroadcastReceiver
 import android.content.Context
 import android.content.Intent
 import android.content.IntentFilter
 import androidx.core.content.ContextCompat
 import androidx.core.content.ContextCompat.RegisterReceiverFlags
 import org.amnezia.vpn.protocol.ProtocolState
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.RECONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.UNKNOWN
 fun Context.getString(state: ProtocolState): String =
    getString(
        when (state) {
            DISCONNECTED, UNKNOWN -> R.string.disconnected
            CONNECTED -> R.string.connected
            CONNECTING -> R.string.connecting
            DISCONNECTING -> R.string.disconnecting
            RECONNECTING -> R.string.reconnecting
        }
    )
 fun Context.registerBroadcastReceiver(
    action: String,
    @RegisterReceiverFlags flags: Int = ContextCompat.RECEIVER_EXPORTED,
    onReceive: (Intent?) -> Unit
 ): BroadcastReceiver = registerBroadcastReceiver(arrayOf(action), flags, onReceive)
 fun Context.registerBroadcastReceiver(
    actions: Array<String>,
    @RegisterReceiverFlags flags: Int = ContextCompat.RECEIVER_EXPORTED,
    onReceive: (Intent?) -> Unit
 ): BroadcastReceiver =
    object : BroadcastReceiver() {
        override fun onReceive(context: Context?, intent: Intent?) {
            onReceive(intent)
        }
    }.also {
        ContextCompat.registerReceiver(
            this,
            it,
            IntentFilter().apply {
                actions.forEach(::addAction)
            },
            flags
        )
    }
 fun Context.unregisterBroadcastReceiver(receiver: BroadcastReceiver?) {
    receiver?.let { this.unregisterReceiver(it) }
 }
--- a/client/android/src/org/amnezia/vpn/AmneziaTileService.kt
+++ b/client/android/src/org/amnezia/vpn/AmneziaTileService.kt
@ -39,6 +39,9 @@ class AmneziaTileService : TileService() {
    @Volatile
    private var isServiceConnected = false
    @Volatile
    private var vpnProto: VpnProto? = null
    private var isInBoundState = false
    @Volatile
    private var isVpnConfigExists = false
@ -94,8 +97,11 @@ class AmneziaTileService : TileService() {
    override fun onStartListening() {
        super.onStartListening()
        scope.launch {
            Log.d(TAG, "Start listening")
-        if (AmneziaVpnService.isRunning(applicationContext)) {
+            vpnProto = VpnStateStore.getVpnState().vpnProto
            vpnProto.also { proto ->
                if (proto != null && AmneziaVpnService.isRunning(applicationContext, proto.processName)) {
                    Log.d(TAG, "Vpn service is running")
                    doBindService()
                } else {
@ -103,8 +109,10 @@ class AmneziaTileService : TileService() {
                    isServiceConnected = false
                    updateVpnState(DISCONNECTED)
                }
            }
            vpnStateListeningJob = launchVpnStateListening()
        }
    }
    override fun onStopListening() {
        Log.d(TAG, "Stop listening")
@ -124,7 +132,7 @@ class AmneziaTileService : TileService() {
    }
    private fun onClickInternal() {
-        if (isVpnConfigExists) {
+        if (isVpnConfigExists && vpnProto != null) {
            Log.d(TAG, "Change VPN state")
            if (qsTile.state == Tile.STATE_INACTIVE) {
                Log.d(TAG, "Start VPN")
@ -147,11 +155,13 @@ class AmneziaTileService : TileService() {
    private fun doBindService() {
        Log.d(TAG, "Bind service")
-        Intent(this, AmneziaVpnService::class.java).also {
+        vpnProto?.let { proto ->
            Intent(this, proto.serviceClass).also {
                bindService(it, serviceConnection, BIND_ABOVE_CLIENT)
            }
            isInBoundState = true
        }
    }
    private fun doUnbindService() {
        if (isInBoundState) {
@ -180,6 +190,7 @@ class AmneziaTileService : TileService() {
        if (VpnService.prepare(applicationContext) != null) {
            Intent(this, VpnRequestActivity::class.java).apply {
                addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
                putExtra(EXTRA_PROTOCOL, vpnProto)
            }.also {
                startActivityAndCollapseCompat(it)
            }
@ -188,11 +199,18 @@ class AmneziaTileService : TileService() {
            true
        }
-    private fun startVpnService() =
+    private fun startVpnService() {
        vpnProto?.let { proto ->
            try {
                ContextCompat.startForegroundService(
                    applicationContext,
-            Intent(this, AmneziaVpnService::class.java)
+                    Intent(this, proto.serviceClass)
                )
            } catch (e: SecurityException) {
                Log.e(TAG, "Failed to start ${proto.serviceClass.simpleName}: $e")
            }
        } ?: Log.e(TAG, "Failed to start vpn service: vpnProto is null")
    }
    private fun connectToVpn() = vpnServiceMessenger.send(Action.CONNECT)
@ -215,11 +233,8 @@ class AmneziaTileService : TileService() {
        }
    }
-    private fun updateVpnState(state: ProtocolState) {
+    private fun updateVpnState(state: ProtocolState) =
-        scope.launch {
+        scope.launch { VpnStateStore.store { it.copy(protocolState = state) } }
            VpnStateStore.store { it.copy(protocolState = state) }
        }
    }
    private fun launchVpnStateListening() =
        scope.launch { VpnStateStore.dataFlow().collectLatest(::updateTile) }
@ -227,10 +242,11 @@ class AmneziaTileService : TileService() {
    private fun updateTile(vpnState: VpnState) {
        Log.d(TAG, "Update tile: $vpnState")
        isVpnConfigExists = vpnState.serverName != null
        vpnProto = vpnState.vpnProto
        val tile = qsTile ?: return
        tile.apply {
-            label = vpnState.serverName ?: DEFAULT_TILE_LABEL
+            label = (vpnState.serverName ?: DEFAULT_TILE_LABEL) + (vpnProto?.let { " ${it.label}" } ?: "")
-            when (vpnState.protocolState) {
+            when (val protocolState = vpnState.protocolState) {
                CONNECTED -> {
                    state = Tile.STATE_ACTIVE
                    subtitleCompat = null
@ -241,14 +257,9 @@ class AmneziaTileService : TileService() {
                    subtitleCompat = null
                }
-                CONNECTING, RECONNECTING -> {
+                CONNECTING, DISCONNECTING, RECONNECTING -> {
                    state = Tile.STATE_UNAVAILABLE
-                    subtitleCompat = resources.getString(R.string.connecting)
+                    subtitleCompat = getString(protocolState)
                }
                DISCONNECTING -> {
                    state = Tile.STATE_UNAVAILABLE
                    subtitleCompat = resources.getString(R.string.disconnecting)
                }
            }
            updateTile()
--- a/client/android/src/org/amnezia/vpn/AmneziaVpnService.kt
+++ b/client/android/src/org/amnezia/vpn/AmneziaVpnService.kt
@ -1,9 +1,10 @@
 package org.amnezia.vpn
 import android.annotation.SuppressLint
 import android.app.ActivityManager
 import android.app.ActivityManager.RunningAppProcessInfo.IMPORTANCE_FOREGROUND_SERVICE
-import android.app.Notification
+import android.app.NotificationManager
-import android.app.PendingIntent
+import android.content.BroadcastReceiver
 import android.content.Context
 import android.content.Intent
 import android.content.pm.ServiceInfo.FOREGROUND_SERVICE_TYPE_MANIFEST
@ -15,10 +16,13 @@ import android.os.IBinder
 import android.os.Looper
 import android.os.Message
 import android.os.Messenger
 import android.os.PowerManager
 import android.os.Process
 import androidx.annotation.MainThread
 import androidx.core.app.NotificationCompat
 import androidx.core.app.ServiceCompat
 import androidx.core.content.ContextCompat
 import androidx.core.content.getSystemService
 import java.net.UnknownHostException
 import java.util.concurrent.ConcurrentHashMap
 import kotlin.LazyThreadSafetyMode.NONE
 import kotlinx.coroutines.CoroutineExceptionHandler
@ -28,6 +32,7 @@ import kotlinx.coroutines.Job
 import kotlinx.coroutines.SupervisorJob
 import kotlinx.coroutines.TimeoutCancellationException
 import kotlinx.coroutines.cancel
 import kotlinx.coroutines.cancelAndJoin
 import kotlinx.coroutines.delay
 import kotlinx.coroutines.flow.MutableStateFlow
 import kotlinx.coroutines.flow.drop
@ -36,8 +41,6 @@ import kotlinx.coroutines.launch
 import kotlinx.coroutines.runBlocking
 import kotlinx.coroutines.withTimeout
 import org.amnezia.vpn.protocol.BadConfigException
 import org.amnezia.vpn.protocol.LoadLibraryException
 import org.amnezia.vpn.protocol.Protocol
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTED
 import org.amnezia.vpn.protocol.ProtocolState.CONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.DISCONNECTED
@ -46,19 +49,20 @@ import org.amnezia.vpn.protocol.ProtocolState.RECONNECTING
 import org.amnezia.vpn.protocol.ProtocolState.UNKNOWN
 import org.amnezia.vpn.protocol.VpnException
 import org.amnezia.vpn.protocol.VpnStartException
 import org.amnezia.vpn.protocol.awg.Awg
 import org.amnezia.vpn.protocol.cloak.Cloak
 import org.amnezia.vpn.protocol.openvpn.OpenVpn
 import org.amnezia.vpn.protocol.putStatus
-import org.amnezia.vpn.protocol.wireguard.Wireguard
+import org.amnezia.vpn.util.LoadLibraryException
 import org.amnezia.vpn.util.Log
 import org.amnezia.vpn.util.Prefs
 import org.amnezia.vpn.util.net.NetworkState
 import org.amnezia.vpn.util.net.TrafficStats
 import org.json.JSONException
 import org.json.JSONObject
 private const val TAG = "AmneziaVpnService"
 const val ACTION_DISCONNECT = "org.amnezia.vpn.action.disconnect"
 const val ACTION_CONNECT = "org.amnezia.vpn.action.connect"
 const val MSG_VPN_CONFIG = "VPN_CONFIG"
 const val MSG_ERROR = "ERROR"
 const val MSG_SAVE_LOGS = "SAVE_LOGS"
@ -68,19 +72,18 @@ const val AFTER_PERMISSION_CHECK = "AFTER_PERMISSION_CHECK"
 private const val PREFS_CONFIG_KEY = "LAST_CONF"
 private const val PREFS_SERVER_NAME = "LAST_SERVER_NAME"
 private const val PREFS_SERVER_INDEX = "LAST_SERVER_INDEX"
-private const val PROCESS_NAME = "org.amnezia.vpn:amneziaVpnService"
+// private const val STATISTICS_SENDING_TIMEOUT = 1000L
-private const val NOTIFICATION_ID = 1337
+private const val TRAFFIC_STATS_UPDATE_TIMEOUT = 1000L
 private const val STATISTICS_SENDING_TIMEOUT = 1000L
 private const val DISCONNECT_TIMEOUT = 5000L
 private const val STOP_SERVICE_TIMEOUT = 5000L
-class AmneziaVpnService : VpnService() {
+@SuppressLint("Registered")
 open class AmneziaVpnService : VpnService() {
    private lateinit var mainScope: CoroutineScope
    private lateinit var connectionScope: CoroutineScope
    private var isServiceBound = false
-    private var protocol: Protocol? = null
+    private var vpnProto: VpnProto? = null
    private val protocolCache = mutableMapOf<String, Protocol>()
    private var protocolState = MutableStateFlow(UNKNOWN)
    private var serverName: String? = null
    private var serverIndex: Int = -1
@ -96,16 +99,25 @@ class AmneziaVpnService : VpnService() {
    private var connectionJob: Job? = null
    private var disconnectionJob: Job? = null
-    private var statisticsSendingJob: Job? = null
+    private var trafficStatsUpdateJob: Job? = null
    // private var statisticsSendingJob: Job? = null
    private lateinit var networkState: NetworkState
    private lateinit var trafficStats: TrafficStats
    private var controlReceiver: BroadcastReceiver? = null
    private var notificationStateReceiver: BroadcastReceiver? = null
    private var screenOnReceiver: BroadcastReceiver? = null
    private var screenOffReceiver: BroadcastReceiver? = null
    private val clientMessengers = ConcurrentHashMap<Messenger, IpcMessenger>()
    private val isActivityConnected
        get() = clientMessengers.any { it.value.name == ACTIVITY_MESSENGER_NAME }
    private val connectionExceptionHandler = CoroutineExceptionHandler { _, e ->
        connectionJob?.cancel()
        connectionJob = null
        disconnectionJob?.cancel()
        disconnectionJob = null
        protocolState.value = DISCONNECTED
        protocol = null
        when (e) {
            is IllegalArgumentException,
            is VpnStartException,
@ -116,6 +128,8 @@ class AmneziaVpnService : VpnService() {
            is LoadLibraryException -> onError("${e.message}. Caused: ${e.cause?.message}")
            is UnknownHostException -> onError("Unknown host")
            else -> throw e
        }
    }
@ -131,13 +145,13 @@ class AmneziaVpnService : VpnService() {
                        val messenger = IpcMessenger(msg.replyTo, clientName)
                        clientMessengers[msg.replyTo] = messenger
                        Log.d(TAG, "Messenger client '$clientName' was registered")
-                        if (clientName == ACTIVITY_MESSENGER_NAME && isConnected) launchSendingStatistics()
+                        // if (clientName == ACTIVITY_MESSENGER_NAME && isConnected) launchSendingStatistics()
                    }
                    Action.UNREGISTER_CLIENT -> {
                        clientMessengers.remove(msg.replyTo)?.let {
                            Log.d(TAG, "Messenger client '${it.name}' was unregistered")
-                            if (it.name == ACTIVITY_MESSENGER_NAME) stopSendingStatistics()
+                            // if (it.name == ACTIVITY_MESSENGER_NAME) stopSendingStatistics()
                        }
                    }
@ -159,6 +173,10 @@ class AmneziaVpnService : VpnService() {
                        }
                    }
                    Action.NOTIFICATION_PERMISSION_GRANTED -> {
                        enableNotification()
                    }
                    Action.SET_SAVE_LOGS -> {
                        Log.saveLogs = msg.data.getBoolean(MSG_SAVE_LOGS)
                    }
@ -181,25 +199,7 @@ class AmneziaVpnService : VpnService() {
            else -> 0
        }
-    private val notification: Notification by lazy(NONE) {
+    private val serviceNotification: ServiceNotification by lazy(NONE) { ServiceNotification(this) }
        NotificationCompat.Builder(this, NOTIFICATION_CHANNEL_ID)
            .setSmallIcon(R.drawable.ic_amnezia_round)
            .setShowWhen(false)
            .setContentIntent(
                PendingIntent.getActivity(
                    this,
                    0,
                    Intent(this, AmneziaActivity::class.java),
                    PendingIntent.FLAG_IMMUTABLE or PendingIntent.FLAG_UPDATE_CURRENT
                )
            )
            .setOngoing(true)
            .setPriority(NotificationCompat.PRIORITY_LOW)
            .setCategory(NotificationCompat.CATEGORY_SERVICE)
            .setVisibility(NotificationCompat.VISIBILITY_PUBLIC)
            .setForegroundServiceBehavior(NotificationCompat.FOREGROUND_SERVICE_IMMEDIATE)
            .build()
    }
    /**
     * Service overloaded methods
@ -212,6 +212,8 @@ class AmneziaVpnService : VpnService() {
        loadServerData()
        launchProtocolStateHandler()
        networkState = NetworkState(this, ::reconnect)
        trafficStats = TrafficStats()
        registerBroadcastReceivers()
    }
    override fun onStartCommand(intent: Intent?, flags: Int, startId: Int): Int {
@ -227,7 +229,11 @@ class AmneziaVpnService : VpnService() {
            Log.d(TAG, "Start service")
            connect(intent?.getStringExtra(MSG_VPN_CONFIG))
        }
-        ServiceCompat.startForeground(this, NOTIFICATION_ID, notification, foregroundServiceTypeCompat)
+        ServiceCompat.startForeground(
            this, NOTIFICATION_ID,
            serviceNotification.buildNotification(serverName, vpnProto?.label, protocolState.value),
            foregroundServiceTypeCompat
        )
        return START_REDELIVER_INTENT
    }
@ -267,6 +273,7 @@ class AmneziaVpnService : VpnService() {
    override fun onDestroy() {
        Log.d(TAG, "Destroy service")
        unregisterBroadcastReceivers()
        runBlocking {
            disconnect()
            disconnectionJob?.join()
@ -287,6 +294,71 @@ class AmneziaVpnService : VpnService() {
        stopSelf()
    }
    private fun registerBroadcastReceivers() {
        Log.d(TAG, "Register broadcast receivers")
        controlReceiver = registerBroadcastReceiver(
            arrayOf(ACTION_CONNECT, ACTION_DISCONNECT), ContextCompat.RECEIVER_NOT_EXPORTED
        ) {
            it?.action?.let { action ->
                Log.v(TAG, "Broadcast request received: $action")
                when (action) {
                    ACTION_CONNECT -> connect()
                    ACTION_DISCONNECT -> disconnect()
                    else -> Log.w(TAG, "Unknown action received: $action")
                }
            }
        }
        notificationStateReceiver = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
            registerBroadcastReceiver(
                arrayOf(
                    NotificationManager.ACTION_NOTIFICATION_CHANNEL_BLOCK_STATE_CHANGED,
                    NotificationManager.ACTION_APP_BLOCK_STATE_CHANGED
                )
            ) {
                val state = it?.getBooleanExtra(NotificationManager.EXTRA_BLOCKED_STATE, false)
                Log.v(TAG, "Notification state changed: ${it?.action}, blocked = $state")
                if (state == false) {
                    enableNotification()
                } else {
                    disableNotification()
                }
            }
        } else null
        registerScreenStateBroadcastReceivers()
    }
    private fun registerScreenStateBroadcastReceivers() {
        if (serviceNotification.isNotificationEnabled()) {
            Log.d(TAG, "Register screen state broadcast receivers")
            screenOnReceiver = registerBroadcastReceiver(Intent.ACTION_SCREEN_ON) {
                if (isConnected && serviceNotification.isNotificationEnabled()) startTrafficStatsUpdateJob()
            }
            screenOffReceiver = registerBroadcastReceiver(Intent.ACTION_SCREEN_OFF) {
                stopTrafficStatsUpdateJob()
            }
        }
    }
    private fun unregisterScreenStateBroadcastReceivers() {
        Log.d(TAG, "Unregister screen state broadcast receivers")
        unregisterBroadcastReceiver(screenOnReceiver)
        unregisterBroadcastReceiver(screenOffReceiver)
        screenOnReceiver = null
        screenOffReceiver = null
    }
    private fun unregisterBroadcastReceivers() {
        Log.d(TAG, "Unregister broadcast receivers")
        unregisterBroadcastReceiver(controlReceiver)
        unregisterBroadcastReceiver(notificationStateReceiver)
        unregisterScreenStateBroadcastReceivers()
        controlReceiver = null
        notificationStateReceiver = null
    }
    /**
     * Methods responsible for processing VPN connection
     */
@ -295,29 +367,8 @@ class AmneziaVpnService : VpnService() {
            // drop first default UNKNOWN state
            protocolState.drop(1).collect { protocolState ->
                Log.d(TAG, "Protocol state changed: $protocolState")
                when (protocolState) {
                    CONNECTED -> {
                        networkState.bindNetworkListener()
                        if (isActivityConnected) launchSendingStatistics()
                    }
-                    DISCONNECTED -> {
+                serviceNotification.updateNotification(serverName, vpnProto?.label, protocolState)
                        networkState.unbindNetworkListener()
                        stopSendingStatistics()
                        if (!isServiceBound) stopService()
                    }
                    DISCONNECTING -> {
                        networkState.unbindNetworkListener()
                        stopSendingStatistics()
                    }
                    RECONNECTING -> {
                        stopSendingStatistics()
                    }
                    CONNECTING, UNKNOWN -> {}
                }
                clientMessengers.send {
                    ServiceEvent.STATUS_CHANGED.packToMessage {
@ -325,14 +376,42 @@ class AmneziaVpnService : VpnService() {
                    }
                }
-                VpnStateStore.store { VpnState(protocolState, serverName, serverIndex) }
+                VpnStateStore.store { VpnState(protocolState, serverName, serverIndex, vpnProto) }
                when (protocolState) {
                    CONNECTED -> {
                        networkState.bindNetworkListener()
                        // if (isActivityConnected) launchSendingStatistics()
                        launchTrafficStatsUpdate()
                    }
                    DISCONNECTED -> {
                        networkState.unbindNetworkListener()
                        stopTrafficStatsUpdateJob()
                        // stopSendingStatistics()
                        if (!isServiceBound) stopService()
                    }
                    DISCONNECTING -> {
                        networkState.unbindNetworkListener()
                        stopTrafficStatsUpdateJob()
                        // stopSendingStatistics()
                    }
                    RECONNECTING -> {
                        stopTrafficStatsUpdateJob()
                        // stopSendingStatistics()
                    }
                    CONNECTING, UNKNOWN -> {}
                }
            }
        }
    }
-    @MainThread
+/*  @MainThread
    private fun launchSendingStatistics() {
-        /* if (isServiceBound && isConnected) {
+        if (isServiceBound && isConnected) {
            statisticsSendingJob = mainScope.launch {
                while (true) {
                    clientMessenger.send {
@ -343,12 +422,62 @@ class AmneziaVpnService : VpnService() {
                    delay(STATISTICS_SENDING_TIMEOUT)
                }
            }
-        } */
+        }
    }
    @MainThread
    private fun stopSendingStatistics() {
        statisticsSendingJob?.cancel()
    } */
    @MainThread
    private fun enableNotification() {
        registerScreenStateBroadcastReceivers()
        serviceNotification.updateNotification(serverName, vpnProto?.label, protocolState.value)
        launchTrafficStatsUpdate()
    }
    @MainThread
    private fun disableNotification() {
        unregisterScreenStateBroadcastReceivers()
        stopTrafficStatsUpdateJob()
    }
    @MainThread
    private fun launchTrafficStatsUpdate() {
        stopTrafficStatsUpdateJob()
        if (isConnected &&
            serviceNotification.isNotificationEnabled() &&
            getSystemService<PowerManager>()?.isInteractive != false
        ) {
            Log.v(TAG, "Launch traffic stats update")
            trafficStats.reset()
            startTrafficStatsUpdateJob()
        }
    }
    @MainThread
    private fun startTrafficStatsUpdateJob() {
        if (trafficStatsUpdateJob == null && trafficStats.isSupported()) {
            Log.d(TAG, "Start traffic stats update")
            trafficStatsUpdateJob = mainScope.launch {
                while (true) {
                    trafficStats.getSpeed().let { speed ->
                        if (isConnected) {
                            serviceNotification.updateSpeed(speed)
                        }
                    }
                    delay(TRAFFIC_STATS_UPDATE_TIMEOUT)
                }
            }
        }
    }
    @MainThread
    private fun stopTrafficStatsUpdateJob() {
        Log.d(TAG, "Stop traffic stats update")
        trafficStatsUpdateJob?.cancel()
        trafficStatsUpdateJob = null
    }
    @MainThread
@ -367,8 +496,6 @@ class AmneziaVpnService : VpnService() {
        Log.d(TAG, "Start VPN connection")
        protocolState.value = CONNECTING
        val config = parseConfigToJson(vpnConfig)
        saveServerData(config)
        if (config == null) {
@ -377,6 +504,16 @@ class AmneziaVpnService : VpnService() {
            return
        }
        try {
            vpnProto = VpnProto.get(config.getString("protocol"))
        } catch (e: Exception) {
            onError("Invalid VPN config: ${e.message}")
            protocolState.value = DISCONNECTED
            return
        }
        protocolState.value = CONNECTING
        if (!checkPermission()) {
            protocolState.value = DISCONNECTED
            return
@ -386,8 +523,10 @@ class AmneziaVpnService : VpnService() {
            disconnectionJob?.join()
            disconnectionJob = null
-            protocol = getProtocol(config.getString("protocol"))
+            vpnProto?.protocol?.let { protocol ->
-            protocol?.startVpn(config, Builder(), ::protect)
+                protocol.initialize(applicationContext, protocolState, ::onError)
                protocol.startVpn(config, Builder(), ::protect)
            }
        }
    }
@ -400,11 +539,11 @@ class AmneziaVpnService : VpnService() {
        protocolState.value = DISCONNECTING
        disconnectionJob = connectionScope.launch {
-            connectionJob?.join()
+            connectionJob?.cancelAndJoin()
            connectionJob = null
-            protocol?.stopVpn()
+            vpnProto?.protocol?.stopVpn()
-            protocol = null
+
            try {
                withTimeout(DISCONNECT_TIMEOUT) {
                    // waiting for disconnect state
@ -426,22 +565,10 @@ class AmneziaVpnService : VpnService() {
        protocolState.value = RECONNECTING
        connectionJob = connectionScope.launch {
-            protocol?.reconnectVpn(Builder())
+            vpnProto?.protocol?.reconnectVpn(Builder())
        }
    }
    @MainThread
    private fun getProtocol(protocolName: String): Protocol =
        protocolCache[protocolName]
            ?: when (protocolName) {
                "wireguard" -> Wireguard()
                "awg" -> Awg()
                "openvpn" -> OpenVpn()
                "cloak" -> Cloak()
                else -> throw IllegalArgumentException("Protocol '$protocolName' not found")
            }.apply { initialize(applicationContext, protocolState, ::onError) }
                .also { protocolCache[protocolName] = it }
    /**
     * Utils methods
     */
@ -471,6 +598,7 @@ class AmneziaVpnService : VpnService() {
    private fun saveServerData(config: JSONObject?) {
        serverName = config?.opt("description") as String?
        serverIndex = config?.opt("serverIndex") as Int? ?: -1
        Log.d(TAG, "Save server data: ($serverIndex, $serverName)")
        Prefs.save(PREFS_SERVER_NAME, serverName)
        Prefs.save(PREFS_SERVER_INDEX, serverIndex)
    }
@ -478,12 +606,14 @@ class AmneziaVpnService : VpnService() {
    private fun loadServerData() {
        serverName = Prefs.load<String>(PREFS_SERVER_NAME).ifBlank { null }
        if (serverName != null) serverIndex = Prefs.load(PREFS_SERVER_INDEX)
        Log.d(TAG, "Load server data: ($serverIndex, $serverName)")
    }
    private fun checkPermission(): Boolean =
        if (prepare(applicationContext) != null) {
            Intent(this, VpnRequestActivity::class.java).apply {
                addFlags(Intent.FLAG_ACTIVITY_NEW_TASK)
                putExtra(EXTRA_PROTOCOL, vpnProto)
            }.also {
                startActivity(it)
            }
@ -493,10 +623,9 @@ class AmneziaVpnService : VpnService() {
        }
    companion object {
-        fun isRunning(context: Context): Boolean =
+        fun isRunning(context: Context, processName: String): Boolean =
-            (context.getSystemService(ACTIVITY_SERVICE) as ActivityManager)
+            context.getSystemService<ActivityManager>()!!.runningAppProcesses.any {
-                .runningAppProcesses.any {
+                it.processName == processName && it.importance <= IMPORTANCE_FOREGROUND_SERVICE
                    it.processName == PROCESS_NAME && it.importance <= IMPORTANCE_FOREGROUND_SERVICE
            }
    }
 }
--- a/client/android/src/org/amnezia/vpn/AuthActivity.kt
+++ b/client/android/src/org/amnezia/vpn/AuthActivity.kt
@ -0,0 +1,97 @@
 package org.amnezia.vpn
 import android.os.Build
 import android.os.Bundle
 import androidx.biometric.BiometricManager
 import androidx.biometric.BiometricManager.Authenticators.BIOMETRIC_STRONG
 import androidx.biometric.BiometricManager.Authenticators.DEVICE_CREDENTIAL
 import androidx.biometric.BiometricPrompt
 import androidx.biometric.BiometricPrompt.AuthenticationResult
 import androidx.core.content.ContextCompat
 import androidx.fragment.app.FragmentActivity
 import org.amnezia.vpn.qt.QtAndroidController
 import org.amnezia.vpn.util.Log
 private const val TAG = "AuthActivity"
 private const val AUTHENTICATORS = BIOMETRIC_STRONG or DEVICE_CREDENTIAL
 class AuthActivity : FragmentActivity() {
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        val biometricManager = BiometricManager.from(applicationContext)
        when (biometricManager.canAuthenticate(AUTHENTICATORS)) {
            BiometricManager.BIOMETRIC_SUCCESS -> {
                showBiometricPrompt(biometricManager)
                return
            }
            BiometricManager.BIOMETRIC_STATUS_UNKNOWN -> {
                Log.w(TAG, "Unknown biometric status")
                showBiometricPrompt(biometricManager)
                return
            }
            BiometricManager.BIOMETRIC_ERROR_UNSUPPORTED -> {
                Log.e(TAG, "The specified options are incompatible with the current Android " +
                    "version ${Build.VERSION.SDK_INT}")
            }
            BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE -> {
                Log.w(TAG, "The hardware is unavailable")
            }
            BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED -> {
                Log.w(TAG, "No biometric or device credential is enrolled")
            }
            BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE -> {
                Log.w(TAG, "There is no suitable hardware")
            }
            BiometricManager.BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED -> {
                Log.w(TAG, "A security vulnerability has been discovered with one or " +
                    "more hardware sensors")
            }
        }
        QtAndroidController.onAuthResult(true)
        finish()
    }
    private fun showBiometricPrompt(biometricManager: BiometricManager) {
        val executor = ContextCompat.getMainExecutor(applicationContext)
        val biometricPrompt = BiometricPrompt(this, executor,
            object : BiometricPrompt.AuthenticationCallback() {
                override fun onAuthenticationSucceeded(result: AuthenticationResult) {
                    super.onAuthenticationSucceeded(result)
                    Log.v(TAG, "Authentication succeeded")
                    QtAndroidController.onAuthResult(true)
                    finish()
                }
                override fun onAuthenticationFailed() {
                    super.onAuthenticationFailed()
                    Log.w(TAG, "Authentication failed")
                }
                override fun onAuthenticationError(errorCode: Int, errString: CharSequence) {
                    super.onAuthenticationError(errorCode, errString)
                    Log.e(TAG, "Authentication error $errorCode: $errString")
                    QtAndroidController.onAuthResult(false)
                    finish()
                }
            })
        val promptInfo = BiometricPrompt.PromptInfo.Builder()
            .setAllowedAuthenticators(AUTHENTICATORS)
            .setTitle("AmneziaVPN")
            .setSubtitle(biometricManager.getStrings(AUTHENTICATORS)?.promptMessage)
            .build()
        biometricPrompt.authenticate(promptInfo)
    }
 }
--- a/client/android/src/org/amnezia/vpn/AuthHelper.java
+++ b/client/android/src/org/amnezia/vpn/AuthHelper.java
@ -1,24 +0,0 @@
 package org.amnezia.vpn;
 import android.content.Context;
 import android.app.KeyguardManager;
 import android.content.Intent;
 import org.qtproject.qt.android.bindings.QtActivity;
 import static android.content.Context.KEYGUARD_SERVICE;
 public class AuthHelper extends QtActivity {
   static final String TAG = "AuthHelper";
   public static Intent getAuthIntent(Context context) {
   	KeyguardManager mKeyguardManager = (KeyguardManager)context.getSystemService(KEYGUARD_SERVICE);
   	if (mKeyguardManager.isDeviceSecure()) {
                return mKeyguardManager.createConfirmDeviceCredentialIntent(null, null);
        } else {
        	return null;
        }     
   }
 }
--- a/client/android/src/org/amnezia/vpn/AwgService.kt
+++ b/client/android/src/org/amnezia/vpn/AwgService.kt
@ -0,0 +1,3 @@
 package org.amnezia.vpn
 class AwgService : AmneziaVpnService()
--- a/client/android/src/org/amnezia/vpn/CameraActivity.kt
+++ b/client/android/src/org/amnezia/vpn/CameraActivity.kt
@ -140,7 +140,7 @@ class CameraActivity : ComponentActivity() {
                            }
                        }
                    }.addOnFailureListener {
-                        Log.e(TAG, "Processing QR-code image failed: ${it.message}")
+                        Log.e(TAG, "Processing QR code image failed: ${it.message}")
                    }.addOnCompleteListener {
                        imageProxy.close()
                    }
--- a/client/android/src/org/amnezia/vpn/ImportConfigActivity.kt
+++ b/client/android/src/org/amnezia/vpn/ImportConfigActivity.kt
@ -29,20 +29,20 @@ class ImportConfigActivity : ComponentActivity() {
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
-        Log.d(TAG, "Create Import Config Activity: $intent")
+        Log.v(TAG, "Create Import Config Activity: $intent")
        intent?.let(::readConfig)
    }
-    override fun onNewIntent(intent: Intent?) {
+    override fun onNewIntent(intent: Intent) {
        super.onNewIntent(intent)
-        Log.d(TAG, "onNewIntent: $intent")
+        Log.v(TAG, "onNewIntent: $intent")
-        intent?.let(::readConfig)
+        intent.let(::readConfig)
    }
    private fun readConfig(intent: Intent) {
        when (intent.action) {
            ACTION_SEND -> {
-                Log.d(TAG, "Process SEND action, type: ${intent.type}")
+                Log.v(TAG, "Process SEND action, type: ${intent.type}")
                when (intent.type) {
                    "application/octet-stream" -> {
                        intent.getUriCompat()?.let { uri ->
@ -60,7 +60,7 @@ class ImportConfigActivity : ComponentActivity() {
            }
            ACTION_VIEW -> {
-                Log.d(TAG, "Process VIEW action, scheme: ${intent.scheme}")
+                Log.v(TAG, "Process VIEW action, scheme: ${intent.scheme}")
                when (intent.scheme) {
                    "file", "content" -> {
                        intent.data?.let { uri ->
--- a/client/android/src/org/amnezia/vpn/IpcMessage.kt
+++ b/client/android/src/org/amnezia/vpn/IpcMessage.kt
@ -32,6 +32,7 @@ enum class Action : IpcMessage {
    CONNECT,
    DISCONNECT,
    REQUEST_STATUS,
    NOTIFICATION_PERMISSION_GRANTED,
    SET_SAVE_LOGS
 }
--- a/Show more
+++ b/Show more
		`@ -1 +1 @@`
			`Subproject commit c969f28b84f8343cdae0b5f39cfd876f8a1e01cb`				`Subproject commit 840b7b070e6ac8b90dda2fac6e98859b23727c0c`
		`@ -1 +0,0 @@`
			`Subproject commit 7c821a8d5c1ad5ad94e0763b4f25a875b5a6fe1b`
		`@ -0,0 +1 @@`
							`Subproject commit c99b33f0e08b7206116ddff85c22d3b97ce1e79d`
		`@ -1 +1 @@`
			`Subproject commit 0829e99ea9f4508fd1d4742546b62145d17587bb`				`Subproject commit 811af0a83b3faeade89a9093a588595666d32066`
		`@ -1 +1 @@`
			`Subproject commit 74776e2a3e2d98d19943e0968901c5b5e04cc1bd`				`Subproject commit 7460df6a978669290de5b56c2d98b199b61c3f88`
		`@ -0,0 +1,3 @@`
							`package org.amnezia.vpn`

							`class AwgService : AmneziaVpnService()`