github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(apple/macos): Use System Extension packaging mode for macOS Network Extension (#7344)

Browse Source 
To allow macOS users to rollback, it would be helpful to distribute a
standalone macOS app, similar to how we distribute the GUI client.

The first step in this process is to refactor the macOS client to use a
System Extension -based Network Extension rather than an App Extension
based one. This offers us the flexibility to distribute the macOS client
outside the Mac App Store in addition to via the store.

For this PR I focused on making the minimal set of changes necessary to
support this change. This PR intentionally doesn't update the CI
pipeline to notarize and attach a standalone bundle that will run ad-hoc
on other Macs. That will come in a subsequent PR.

One thing to note about System Extensions is that they're slightly more
finicky when it comes to getting the signing and packaging right. Thus,
the README.md is updated to account for the gotchas involved in
developing System Extensions locally.

Related: #7071.
This commit is contained in:
Jamil
2024-12-03 21:34:25 -08:00
committed by GitHub
parent 15e75f80ba
commit bd3f912542
14 changed files with 393 additions and 233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

345
swift/apple/Firezone.xcodeproj/project.pbxproj
View File

@@ -8,56 +8,42 @@
/* Begin PBXBuildFile section */
05CF1CF1290B1CEE00CF4755 /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 05D3BB1628FDBD8A00BC3727 /* NetworkExtension.framework */; };
05CF1CF9290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS.appex in Embed Foundation Extensions */ = {isa = PBXBuildFile; fileRef = 05CF1CF0290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS.appex */; platformFilter = ios; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; };
05CF1D04290B1DCD00CF4755 /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 05D3BB1628FDBD8A00BC3727 /* NetworkExtension.framework */; platformFilters = (macos, ); };
05CF1D0C290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS.appex in Embed Foundation Extensions */ = {isa = PBXBuildFile; fileRef = 05CF1D03290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS.appex */; platformFilters = (macos, ); settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; };
05CF1D16290B1FE700CF4755 /* PacketTunnelProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = 05833DFA28F73B070008FAB0 /* PacketTunnelProvider.swift */; };
05CF1D17290B1FE700CF4755 /* PacketTunnelProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = 05833DFA28F73B070008FAB0 /* PacketTunnelProvider.swift */; };
05D3BB2128FDE9C000BC3727 /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 05D3BB1628FDBD8A00BC3727 /* NetworkExtension.framework */; };
6FE454F62A5BFB93006549B1 /* Adapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE454EA2A5BFABA006549B1 /* Adapter.swift */; };
6FE454F72A5BFB93006549B1 /* Adapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE454EA2A5BFABA006549B1 /* Adapter.swift */; };
6FE455092A5D110D006549B1 /* CallbackHandler.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE455082A5D110D006549B1 /* CallbackHandler.swift */; };
6FE4550A2A5D110D006549B1 /* CallbackHandler.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE455082A5D110D006549B1 /* CallbackHandler.swift */; };
6FE4550C2A5D111E006549B1 /* SwiftBridgeCore.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE4550B2A5D111D006549B1 /* SwiftBridgeCore.swift */; };
6FE4550D2A5D111E006549B1 /* SwiftBridgeCore.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE4550B2A5D111D006549B1 /* SwiftBridgeCore.swift */; };
6FE4550F2A5D112C006549B1 /* connlib-client-apple.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE4550E2A5D112C006549B1 /* connlib-client-apple.swift */; };
6FE455102A5D112C006549B1 /* connlib-client-apple.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE4550E2A5D112C006549B1 /* connlib-client-apple.swift */; };
6FE93AFB2A738D7E002D278A /* NetworkSettings.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE93AFA2A738D7E002D278A /* NetworkSettings.swift */; };
6FE93AFC2A738D7E002D278A /* NetworkSettings.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE93AFA2A738D7E002D278A /* NetworkSettings.swift */; };
6FFECD5C2AD6998400E00273 /* SystemConfiguration.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 6FFECD5B2AD6998400E00273 /* SystemConfiguration.framework */; };
794C38152970A2660029F38F /* FirezoneKit in Frameworks */ = {isa = PBXBuildFile; productRef = 794C38142970A2660029F38F /* FirezoneKit */; };
794C38172970A26A0029F38F /* FirezoneKit in Frameworks */ = {isa = PBXBuildFile; productRef = 794C38162970A26A0029F38F /* FirezoneKit */; };
79756C6629704A7A0018E2D5 /* FirezoneKit in Frameworks */ = {isa = PBXBuildFile; productRef = 79756C6529704A7A0018E2D5 /* FirezoneKit */; };
8D5047F52CE6AA1E009802E9 /* libresolv.9.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 8D5047F32CE6AA1E009802E9 /* libresolv.9.tbd */; };
8D5047F62CE6AA1E009802E9 /* libresolv.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 8D5047F42CE6AA1E009802E9 /* libresolv.tbd */; };
8D5047F82CE6AA22009802E9 /* FirezoneKit in Frameworks */ = {isa = PBXBuildFile; productRef = 8D5047F72CE6AA22009802E9 /* FirezoneKit */; };
8D5047FA2CE6AA2E009802E9 /* SystemConfiguration.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 8D5047F92CE6AA2E009802E9 /* SystemConfiguration.framework */; };
8D5047FB2CE6AA37009802E9 /* FirezoneNetworkExtension-Bridging-Header.h in Sources */ = {isa = PBXBuildFile; fileRef = 6FE455112A5D13A2006549B1 /* FirezoneNetworkExtension-Bridging-Header.h */; };
8D5047FC2CE6AA47009802E9 /* CallbackHandler.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE455082A5D110D006549B1 /* CallbackHandler.swift */; };
8D5047FD2CE6AA47009802E9 /* connlib-client-apple.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE4550E2A5D112C006549B1 /* connlib-client-apple.swift */; };
8D5047FE2CE6AA54009802E9 /* PacketTunnelProvider.swift in Sources */ = {isa = PBXBuildFile; fileRef = 05833DFA28F73B070008FAB0 /* PacketTunnelProvider.swift */; };
8D5047FF2CE6AA54009802E9 /* Adapter.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE454EA2A5BFABA006549B1 /* Adapter.swift */; };
8D5048002CE6AA60009802E9 /* SystemConfigurationResolvers.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8D6939312BA2521A00AF4396 /* SystemConfigurationResolvers.swift */; };
8D5048012CE6AA60009802E9 /* NetworkSettings.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE93AFA2A738D7E002D278A /* NetworkSettings.swift */; };
8D5048042CE6B0AE009802E9 /* SwiftBridgeCore.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6FE4550B2A5D111D006549B1 /* SwiftBridgeCore.swift */; };
8D69392C2BA24FE600AF4396 /* BindResolvers.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8D69392B2BA24FE600AF4396 /* BindResolvers.swift */; };
8D6939322BA2521A00AF4396 /* SystemConfigurationResolvers.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8D6939312BA2521A00AF4396 /* SystemConfigurationResolvers.swift */; };
8DA12C332BB7DA04007D91EB /* PrivacyInfo.xcprivacy in Resources */ = {isa = PBXBuildFile; fileRef = 8DA12C322BB7DA04007D91EB /* PrivacyInfo.xcprivacy */; };
8DA12C342BB7DA04007D91EB /* PrivacyInfo.xcprivacy in Resources */ = {isa = PBXBuildFile; fileRef = 8DA12C322BB7DA04007D91EB /* PrivacyInfo.xcprivacy */; };
8DC08BCB2B296C4500675F46 /* libresolv.9.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 8DC08BCA2B296C4500675F46 /* libresolv.9.tbd */; };
8DC08BCD2B296C5900675F46 /* libresolv.9.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 8DC08BCC2B296C5900675F46 /* libresolv.9.tbd */; };
8DC08BD22B297B7B00675F46 /* libresolv.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 8DC08BD12B297B7B00675F46 /* libresolv.tbd */; };
8DC08BD42B297B8200675F46 /* libresolv.tbd in Frameworks */ = {isa = PBXBuildFile; fileRef = 8DC08BD32B297B8200675F46 /* libresolv.tbd */; };
8DC08BD62B297DA400675F46 /* FirezoneNetworkExtension-Bridging-Header.h in Sources */ = {isa = PBXBuildFile; fileRef = 6FE455112A5D13A2006549B1 /* FirezoneNetworkExtension-Bridging-Header.h */; };
8DC08BD72B297DB400675F46 /* FirezoneNetworkExtension-Bridging-Header.h in Sources */ = {isa = PBXBuildFile; fileRef = 6FE455112A5D13A2006549B1 /* FirezoneNetworkExtension-Bridging-Header.h */; };
8DC1699D2CFF77D1006801B5 /* dev.firezone.firezone.network-extension.appex in Embed Foundation Extensions */ = {isa = PBXBuildFile; fileRef = 05CF1CF0290B1CEE00CF4755 /* dev.firezone.firezone.network-extension.appex */; platformFilter = ios; settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; };
8DC169A02CFF77D1006801B5 /* dev.firezone.firezone.network-extension.systemextension in Embed System Extensions */ = {isa = PBXBuildFile; fileRef = 8D5047E32CE6A8F4009802E9 /* dev.firezone.firezone.network-extension.systemextension */; platformFilters = (macos, ); settings = {ATTRIBUTES = (RemoveHeadersOnCopy, ); }; };
8DC9FB852CF5A738001BCE6A /* NetworkExtension.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 05D3BB1628FDBD8A00BC3727 /* NetworkExtension.framework */; };
8DCC021D28D512AC007E12D2 /* FirezoneApp.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8DCC021C28D512AC007E12D2 /* FirezoneApp.swift */; };
8DCC022628D512AE007E12D2 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 8DCC022528D512AE007E12D2 /* Assets.xcassets */; };
8DCC022A28D512AE007E12D2 /* Preview Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 8DCC022928D512AE007E12D2 /* Preview Assets.xcassets */; };
8DE452A82CE6C194004CEDF9 /* main.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8D5047E82CE6A8F4009802E9 /* main.swift */; };
/* End PBXBuildFile section */
/* Begin PBXContainerItemProxy section */
05CF1CF7290B1CEE00CF4755 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 8DCC021128D512AC007E12D2 /* Project object */;
proxyType = 1;
remoteGlobalIDString = 05CF1CEF290B1CEE00CF4755;
remoteInfo = FirezoneNetworkExtensioniOS;
};
05CF1D0A290B1DCD00CF4755 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 8DCC021128D512AC007E12D2 /* Project object */;
proxyType = 1;
remoteGlobalIDString = 05CF1D02290B1DCD00CF4755;
remoteInfo = FirezoneNetworkExtensionmacOS;
};
6F3E231B2A5DC0DB00737CF1 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 8DCC021128D512AC007E12D2 /* Project object */;
@@ -65,34 +51,48 @@
remoteGlobalIDString = 6FE454BC2A5BC5F3006549B1;
remoteInfo = "Build Connlib";
};
6F3E231D2A5DC0DF00737CF1 /* PBXContainerItemProxy */ = {
8D5048022CE6AA75009802E9 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 8DCC021128D512AC007E12D2 /* Project object */;
proxyType = 1;
remoteGlobalIDString = 6FE454BC2A5BC5F3006549B1;
remoteInfo = "Build Connlib";
};
8DC1699E2CFF77D1006801B5 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 8DCC021128D512AC007E12D2 /* Project object */;
proxyType = 1;
remoteGlobalIDString = 05CF1CEF290B1CEE00CF4755;
remoteInfo = FirezoneNetworkExtensioniOS;
};
8DC169A12CFF77D1006801B5 /* PBXContainerItemProxy */ = {
isa = PBXContainerItemProxy;
containerPortal = 8DCC021128D512AC007E12D2 /* Project object */;
proxyType = 1;
remoteGlobalIDString = 8D5047E22CE6A8F4009802E9;
remoteInfo = FirezoneNetworkExtensionmacOS;
};
/* End PBXContainerItemProxy section */
/* Begin PBXCopyFilesBuildPhase section */
0556189428EF883500DF9E3C /* Embed Foundation Extensions */ = {
8DC169A32CFF77D1006801B5 /* Embed Foundation Extensions */ = {
isa = PBXCopyFilesBuildPhase;
buildActionMask = 2147483647;
dstPath = "";
dstSubfolderSpec = 13;
files = (
05CF1CF9290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS.appex in Embed Foundation Extensions */,
05CF1D0C290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS.appex in Embed Foundation Extensions */,
8DC1699D2CFF77D1006801B5 /* dev.firezone.firezone.network-extension.appex in Embed Foundation Extensions */,
);
name = "Embed Foundation Extensions";
runOnlyForDeploymentPostprocessing = 0;
};
05CF1C8A290B11A500CF4755 /* Embed System Extensions */ = {
8DC169A42CFF77D1006801B5 /* Embed System Extensions */ = {
isa = PBXCopyFilesBuildPhase;
buildActionMask = 2147483647;
dstPath = "$(SYSTEM_EXTENSIONS_FOLDER_PATH)";
dstSubfolderSpec = 16;
files = (
8DC169A02CFF77D1006801B5 /* dev.firezone.firezone.network-extension.systemextension in Embed System Extensions */,
);
name = "Embed System Extensions";
runOnlyForDeploymentPostprocessing = 0;
@@ -101,12 +101,8 @@
/* Begin PBXFileReference section */
05833DFA28F73B070008FAB0 /* PacketTunnelProvider.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PacketTunnelProvider.swift; sourceTree = "<group>"; };
05B6467B292C36140014A4D4 /* AuthenticationServiceStub.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AuthenticationServiceStub.swift; sourceTree = "<group>"; };
05CF1C39290995DA00CF4755 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
05CF1CDE290B1A9000CF4755 /* FirezoneNetworkExtension_macOS.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = FirezoneNetworkExtension_macOS.entitlements; sourceTree = "<group>"; };
05CF1CF0290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS.appex */ = {isa = PBXFileReference; explicitFileType = "wrapper.app-extension"; includeInIndex = 0; path = FirezoneNetworkExtensioniOS.appex; sourceTree = BUILT_PRODUCTS_DIR; };
05CF1CF6290B1CEE00CF4755 /* FirezoneNetworkExtension_iOS.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = FirezoneNetworkExtension_iOS.entitlements; sourceTree = "<group>"; };
05CF1D03290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS.appex */ = {isa = PBXFileReference; explicitFileType = "wrapper.app-extension"; includeInIndex = 0; path = FirezoneNetworkExtensionmacOS.appex; sourceTree = BUILT_PRODUCTS_DIR; };
05CF1CF0290B1CEE00CF4755 /* dev.firezone.firezone.network-extension.appex */ = {isa = PBXFileReference; explicitFileType = "wrapper.app-extension"; includeInIndex = 0; path = "dev.firezone.firezone.network-extension.appex"; sourceTree = BUILT_PRODUCTS_DIR; };
05CF1CF6290B1CEE00CF4755 /* FirezoneNetworkExtension.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = FirezoneNetworkExtension.entitlements; sourceTree = "<group>"; };
05D3BB1628FDBD8A00BC3727 /* NetworkExtension.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = NetworkExtension.framework; path = System/Library/Frameworks/NetworkExtension.framework; sourceTree = SDKROOT; };
6FE454EA2A5BFABA006549B1 /* Adapter.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Adapter.swift; sourceTree = "<group>"; };
6FE455082A5D110D006549B1 /* CallbackHandler.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = CallbackHandler.swift; sourceTree = "<group>"; };
@@ -115,6 +111,14 @@
6FE455112A5D13A2006549B1 /* FirezoneNetworkExtension-Bridging-Header.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "FirezoneNetworkExtension-Bridging-Header.h"; sourceTree = "<group>"; };
6FE93AFA2A738D7E002D278A /* NetworkSettings.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = NetworkSettings.swift; sourceTree = "<group>"; };
6FFECD5B2AD6998400E00273 /* SystemConfiguration.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = SystemConfiguration.framework; path = System/Library/Frameworks/SystemConfiguration.framework; sourceTree = SDKROOT; };
8D1D405C2CFF6F5200E669F9 /* Firezone.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = Firezone.entitlements; sourceTree = "<group>"; };
8D1D405D2CFF6F5D00E669F9 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
8D1D40602CFF6F7400E669F9 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
8D5047E32CE6A8F4009802E9 /* dev.firezone.firezone.network-extension.systemextension */ = {isa = PBXFileReference; explicitFileType = "wrapper.system-extension"; includeInIndex = 0; path = "dev.firezone.firezone.network-extension.systemextension"; sourceTree = BUILT_PRODUCTS_DIR; };
8D5047E82CE6A8F4009802E9 /* main.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = main.swift; sourceTree = "<group>"; };
8D5047F32CE6AA1E009802E9 /* libresolv.9.tbd */ = {isa = PBXFileReference; lastKnownFileType = "sourcecode.text-based-dylib-definition"; name = libresolv.9.tbd; path = Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS18.1.sdk/usr/lib/libresolv.9.tbd; sourceTree = DEVELOPER_DIR; };
8D5047F42CE6AA1E009802E9 /* libresolv.tbd */ = {isa = PBXFileReference; lastKnownFileType = "sourcecode.text-based-dylib-definition"; name = libresolv.tbd; path = Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS18.1.sdk/usr/lib/libresolv.tbd; sourceTree = DEVELOPER_DIR; };
8D5047F92CE6AA2E009802E9 /* SystemConfiguration.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = SystemConfiguration.framework; path = Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS18.1.sdk/System/Library/Frameworks/SystemConfiguration.framework; sourceTree = DEVELOPER_DIR; };
8D69392B2BA24FE600AF4396 /* BindResolvers.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = BindResolvers.swift; sourceTree = "<group>"; };
8D6939312BA2521A00AF4396 /* SystemConfigurationResolvers.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = SystemConfigurationResolvers.swift; sourceTree = "<group>"; };
8DA12C322BB7DA04007D91EB /* PrivacyInfo.xcprivacy */ = {isa = PBXFileReference; lastKnownFileType = text.xml; path = PrivacyInfo.xcprivacy; sourceTree = "<group>"; };
@@ -125,7 +129,6 @@
8DCC021928D512AC007E12D2 /* Firezone.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = Firezone.app; sourceTree = BUILT_PRODUCTS_DIR; };
8DCC021C28D512AC007E12D2 /* FirezoneApp.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FirezoneApp.swift; sourceTree = "<group>"; };
8DCC022528D512AE007E12D2 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = "<group>"; };
8DCC022728D512AE007E12D2 /* Firezone.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = Firezone.entitlements; sourceTree = "<group>"; };
8DCC022928D512AE007E12D2 /* Preview Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = "Preview Assets.xcassets"; sourceTree = "<group>"; };
8DD2C4C3297B37BA00F984BF /* FirezoneKit */ = {isa = PBXFileReference; lastKnownFileType = wrapper; path = FirezoneKit; sourceTree = "<group>"; };
8DDD0E8B2ADC6657001FA7E9 /* config.xcconfig */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xcconfig; name = config.xcconfig; path = xcconfig/config.xcconfig; sourceTree = "<group>"; };
@@ -143,15 +146,15 @@
);
runOnlyForDeploymentPostprocessing = 0;
};
05CF1D00290B1DCD00CF4755 /* Frameworks */ = {
8D5047E02CE6A8F4009802E9 /* Frameworks */ = {
isa = PBXFrameworksBuildPhase;
buildActionMask = 2147483647;
files = (
8DC08BD22B297B7B00675F46 /* libresolv.tbd in Frameworks */,
8DC08BCD2B296C5900675F46 /* libresolv.9.tbd in Frameworks */,
794C38172970A26A0029F38F /* FirezoneKit in Frameworks */,
05CF1D04290B1DCD00CF4755 /* NetworkExtension.framework in Frameworks */,
6FFECD5C2AD6998400E00273 /* SystemConfiguration.framework in Frameworks */,
8D5047F52CE6AA1E009802E9 /* libresolv.9.tbd in Frameworks */,
8D5047F62CE6AA1E009802E9 /* libresolv.tbd in Frameworks */,
8D5047F82CE6AA22009802E9 /* FirezoneKit in Frameworks */,
8DC9FB852CF5A738001BCE6A /* NetworkExtension.framework in Frameworks */,
8D5047FA2CE6AA2E009802E9 /* SystemConfiguration.framework in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -167,21 +170,14 @@
/* End PBXFrameworksBuildPhase section */
/* Begin PBXGroup section */
0580451B29385C150080D1F0 /* Recovered References */ = {
isa = PBXGroup;
children = (
05B6467B292C36140014A4D4 /* AuthenticationServiceStub.swift */,
);
name = "Recovered References";
sourceTree = "<group>";
};
05833DF928F73B070008FAB0 /* FirezoneNetworkExtension */ = {
isa = PBXGroup;
children = (
8D1D40602CFF6F7400E669F9 /* Info.plist */,
8D6939312BA2521A00AF4396 /* SystemConfigurationResolvers.swift */,
8D69392B2BA24FE600AF4396 /* BindResolvers.swift */,
05CF1CF6290B1CEE00CF4755 /* FirezoneNetworkExtension_iOS.entitlements */,
05CF1CDE290B1A9000CF4755 /* FirezoneNetworkExtension_macOS.entitlements */,
05CF1CF6290B1CEE00CF4755 /* FirezoneNetworkExtension.entitlements */,
8D5047E82CE6A8F4009802E9 /* main.swift */,
05833DFA28F73B070008FAB0 /* PacketTunnelProvider.swift */,
6FE454EA2A5BFABA006549B1 /* Adapter.swift */,
6FE93AFA2A738D7E002D278A /* NetworkSettings.swift */,
@@ -204,10 +200,13 @@
8D3F90C328D64FAD00980124 /* Frameworks */ = {
isa = PBXGroup;
children = (
8D5047F92CE6AA2E009802E9 /* SystemConfiguration.framework */,
8DC08BD12B297B7B00675F46 /* libresolv.tbd */,
8DC08BD32B297B8200675F46 /* libresolv.tbd */,
8D5047F42CE6AA1E009802E9 /* libresolv.tbd */,
8DC08BCA2B296C4500675F46 /* libresolv.9.tbd */,
8DC08BCC2B296C5900675F46 /* libresolv.9.tbd */,
8D5047F32CE6AA1E009802E9 /* libresolv.9.tbd */,
6FFECD5B2AD6998400E00273 /* SystemConfiguration.framework */,
05D3BB1628FDBD8A00BC3727 /* NetworkExtension.framework */,
);
@@ -223,7 +222,6 @@
05833DF928F73B070008FAB0 /* FirezoneNetworkExtension */,
8DCC021A28D512AC007E12D2 /* Products */,
8D3F90C328D64FAD00980124 /* Frameworks */,
0580451B29385C150080D1F0 /* Recovered References */,
);
sourceTree = "<group>";
};
@@ -231,8 +229,8 @@
isa = PBXGroup;
children = (
8DCC021928D512AC007E12D2 /* Firezone.app */,
05CF1CF0290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS.appex */,
05CF1D03290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS.appex */,
05CF1CF0290B1CEE00CF4755 /* dev.firezone.firezone.network-extension.appex */,
8D5047E32CE6A8F4009802E9 /* dev.firezone.firezone.network-extension.systemextension */,
);
name = Products;
sourceTree = "<group>";
@@ -240,11 +238,11 @@
8DCC021B28D512AC007E12D2 /* Firezone */ = {
isa = PBXGroup;
children = (
8D1D405C2CFF6F5200E669F9 /* Firezone.entitlements */,
8D1D405D2CFF6F5D00E669F9 /* Info.plist */,
8DDD0E8B2ADC6657001FA7E9 /* config.xcconfig */,
05E1505F28FF398000170F82 /* Application */,
8DCC022528D512AE007E12D2 /* Assets.xcassets */,
8DCC022728D512AE007E12D2 /* Firezone.entitlements */,
05CF1C39290995DA00CF4755 /* Info.plist */,
8DCC022828D512AE007E12D2 /* Preview Content */,
);
path = Firezone;
@@ -305,30 +303,30 @@
794C38142970A2660029F38F /* FirezoneKit */,
);
productName = FirezoneNetworkExtensioniOS;
productReference = 05CF1CF0290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS.appex */;
productReference = 05CF1CF0290B1CEE00CF4755 /* dev.firezone.firezone.network-extension.appex */;
productType = "com.apple.product-type.app-extension";
};
05CF1D02290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS */ = {
8D5047E22CE6A8F4009802E9 /* FirezoneNetworkExtensionmacOS */ = {
isa = PBXNativeTarget;
buildConfigurationList = 05CF1D0D290B1DCD00CF4755 /* Build configuration list for PBXNativeTarget "FirezoneNetworkExtensionmacOS" */;
buildConfigurationList = 8D5047F02CE6A8F4009802E9 /* Build configuration list for PBXNativeTarget "FirezoneNetworkExtensionmacOS" */;
buildPhases = (
6F3E23192A5D823500737CF1 /* Copy Connlib Headers and Swift Files */,
05CF1CFF290B1DCD00CF4755 /* Sources */,
05CF1D00290B1DCD00CF4755 /* Frameworks */,
05CF1D01290B1DCD00CF4755 /* Resources */,
8D5048072CE6B243009802E9 /* Copy Connlib Headers and Swift Files */,
8D5047DF2CE6A8F4009802E9 /* Sources */,
8D5047E02CE6A8F4009802E9 /* Frameworks */,
8D5047E12CE6A8F4009802E9 /* Resources */,
);
buildRules = (
);
dependencies = (
6F3E231E2A5DC0DF00737CF1 /* PBXTargetDependency */,
8D5048032CE6AA75009802E9 /* PBXTargetDependency */,
);
name = FirezoneNetworkExtensionmacOS;
packageProductDependencies = (
794C38162970A26A0029F38F /* FirezoneKit */,
8D5047F72CE6AA22009802E9 /* FirezoneKit */,
);
productName = FirezoneNetworkExtensionmacOS;
productReference = 05CF1D03290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS.appex */;
productType = "com.apple.product-type.app-extension";
productName = FirezoneNetworkExtensionStandalonemacOS;
productReference = 8D5047E32CE6A8F4009802E9 /* dev.firezone.firezone.network-extension.systemextension */;
productType = "com.apple.product-type.system-extension";
};
8DCC021828D512AC007E12D2 /* Firezone */ = {
isa = PBXNativeTarget;
@@ -338,14 +336,14 @@
8DCC021528D512AC007E12D2 /* Sources */,
8DCC021628D512AC007E12D2 /* Frameworks */,
8DCC021728D512AC007E12D2 /* Resources */,
0556189428EF883500DF9E3C /* Embed Foundation Extensions */,
05CF1C8A290B11A500CF4755 /* Embed System Extensions */,
8DC169A32CFF77D1006801B5 /* Embed Foundation Extensions */,
8DC169A42CFF77D1006801B5 /* Embed System Extensions */,
);
buildRules = (
);
dependencies = (
05CF1CF8290B1CEE00CF4755 /* PBXTargetDependency */,
05CF1D0B290B1DCD00CF4755 /* PBXTargetDependency */,
8DC1699F2CFF77D1006801B5 /* PBXTargetDependency */,
8DC169A22CFF77D1006801B5 /* PBXTargetDependency */,
);
name = Firezone;
packageProductDependencies = (
@@ -362,20 +360,19 @@
isa = PBXProject;
attributes = {
BuildIndependentTargetsInParallel = 1;
LastSwiftUpdateCheck = 1400;
LastUpgradeCheck = 1430;
LastSwiftUpdateCheck = 1610;
LastUpgradeCheck = 1610;
TargetAttributes = {
05CF1CEF290B1CEE00CF4755 = {
CreatedOnToolsVersion = 14.0.1;
LastSwiftMigration = 1430;
};
05CF1D02290B1DCD00CF4755 = {
CreatedOnToolsVersion = 14.0.1;
LastSwiftMigration = 1430;
};
6FE454BC2A5BC5F3006549B1 = {
CreatedOnToolsVersion = 14.3;
};
8D5047E22CE6A8F4009802E9 = {
CreatedOnToolsVersion = 16.1;
};
8DCC021828D512AC007E12D2 = {
CreatedOnToolsVersion = 14.0;
LastSwiftMigration = 1400;
@@ -399,7 +396,7 @@
targets = (
8DCC021828D512AC007E12D2 /* Firezone */,
05CF1CEF290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS */,
05CF1D02290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS */,
8D5047E22CE6A8F4009802E9 /* FirezoneNetworkExtensionmacOS */,
6FE454BC2A5BC5F3006549B1 /* Build Connlib */,
);
};
@@ -414,11 +411,10 @@
);
runOnlyForDeploymentPostprocessing = 0;
};
05CF1D01290B1DCD00CF4755 /* Resources */ = {
8D5047E12CE6A8F4009802E9 /* Resources */ = {
isa = PBXResourcesBuildPhase;
buildActionMask = 2147483647;
files = (
8DA12C342BB7DA04007D91EB /* PrivacyInfo.xcprivacy in Resources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -434,7 +430,7 @@
/* End PBXResourcesBuildPhase section */
/* Begin PBXShellScriptBuildPhase section */
6F3E23192A5D823500737CF1 /* Copy Connlib Headers and Swift Files */ = {
6F3E231A2A5D830D00737CF1 /* Copy Connlib Headers and Swift Files */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
@@ -454,7 +450,7 @@
shellScript = "# Type a script or drag a script file from your workspace to insert its path.\n./copy_generated_connlib_files.sh\n";
showEnvVarsInLog = 0;
};
6F3E231A2A5D830D00737CF1 /* Copy Connlib Headers and Swift Files */ = {
8D5048072CE6B243009802E9 /* Copy Connlib Headers and Swift Files */ = {
isa = PBXShellScriptBuildPhase;
buildActionMask = 2147483647;
files = (
@@ -511,18 +507,19 @@
);
runOnlyForDeploymentPostprocessing = 0;
};
05CF1CFF290B1DCD00CF4755 /* Sources */ = {
8D5047DF2CE6A8F4009802E9 /* Sources */ = {
isa = PBXSourcesBuildPhase;
buildActionMask = 2147483647;
files = (
8DC08BD62B297DA400675F46 /* FirezoneNetworkExtension-Bridging-Header.h in Sources */,
6FE4550A2A5D110D006549B1 /* CallbackHandler.swift in Sources */,
6FE455102A5D112C006549B1 /* connlib-client-apple.swift in Sources */,
05CF1D16290B1FE700CF4755 /* PacketTunnelProvider.swift in Sources */,
6FE454F72A5BFB93006549B1 /* Adapter.swift in Sources */,
6FE4550D2A5D111E006549B1 /* SwiftBridgeCore.swift in Sources */,
6FE93AFC2A738D7E002D278A /* NetworkSettings.swift in Sources */,
8D6939322BA2521A00AF4396 /* SystemConfigurationResolvers.swift in Sources */,
8DE452A82CE6C194004CEDF9 /* main.swift in Sources */,
8D5047FB2CE6AA37009802E9 /* FirezoneNetworkExtension-Bridging-Header.h in Sources */,
8D5048042CE6B0AE009802E9 /* SwiftBridgeCore.swift in Sources */,
8D5047FD2CE6AA47009802E9 /* connlib-client-apple.swift in Sources */,
8D5047FC2CE6AA47009802E9 /* CallbackHandler.swift in Sources */,
8D5047FE2CE6AA54009802E9 /* PacketTunnelProvider.swift in Sources */,
8D5048002CE6AA60009802E9 /* SystemConfigurationResolvers.swift in Sources */,
8D5048012CE6AA60009802E9 /* NetworkSettings.swift in Sources */,
8D5047FF2CE6AA54009802E9 /* Adapter.swift in Sources */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -537,29 +534,29 @@
/* End PBXSourcesBuildPhase section */
/* Begin PBXTargetDependency section */
05CF1CF8290B1CEE00CF4755 /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
platformFilter = ios;
target = 05CF1CEF290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS */;
targetProxy = 05CF1CF7290B1CEE00CF4755 /* PBXContainerItemProxy */;
};
05CF1D0B290B1DCD00CF4755 /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
platformFilters = (
macos,
);
target = 05CF1D02290B1DCD00CF4755 /* FirezoneNetworkExtensionmacOS */;
targetProxy = 05CF1D0A290B1DCD00CF4755 /* PBXContainerItemProxy */;
};
6F3E231C2A5DC0DB00737CF1 /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
target = 6FE454BC2A5BC5F3006549B1 /* Build Connlib */;
targetProxy = 6F3E231B2A5DC0DB00737CF1 /* PBXContainerItemProxy */;
};
6F3E231E2A5DC0DF00737CF1 /* PBXTargetDependency */ = {
8D5048032CE6AA75009802E9 /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
target = 6FE454BC2A5BC5F3006549B1 /* Build Connlib */;
targetProxy = 6F3E231D2A5DC0DF00737CF1 /* PBXContainerItemProxy */;
targetProxy = 8D5048022CE6AA75009802E9 /* PBXContainerItemProxy */;
};
8DC1699F2CFF77D1006801B5 /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
platformFilter = ios;
target = 05CF1CEF290B1CEE00CF4755 /* FirezoneNetworkExtensioniOS */;
targetProxy = 8DC1699E2CFF77D1006801B5 /* PBXContainerItemProxy */;
};
8DC169A22CFF77D1006801B5 /* PBXTargetDependency */ = {
isa = PBXTargetDependency;
platformFilters = (
macos,
);
target = 8D5047E22CE6A8F4009802E9 /* FirezoneNetworkExtensionmacOS */;
targetProxy = 8DC169A12CFF77D1006801B5 /* PBXContainerItemProxy */;
};
/* End PBXTargetDependency section */
@@ -568,7 +565,7 @@
isa = XCBuildConfiguration;
buildSettings = {
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = FirezoneNetworkExtension/FirezoneNetworkExtension_iOS.entitlements;
CODE_SIGN_ENTITLEMENTS = FirezoneNetworkExtension/FirezoneNetworkExtension.entitlements;
CODE_SIGN_IDENTITY = "$(inherited)";
CODE_SIGN_STYLE = "$(inherited)";
CURRENT_PROJECT_VERSION = 0;
@@ -578,6 +575,7 @@
INFOPLIST_FILE = FirezoneNetworkExtension/Info.plist;
INFOPLIST_KEY_CFBundleDisplayName = FirezoneNetworkExtension;
INFOPLIST_KEY_NSHumanReadableCopyright = "";
INFOPLIST_KEY_NSSystemExtensionUsageDescription = "Firezone tunnel service";
LD_RUNPATH_SEARCH_PATHS = (
"$(inherited)",
"@executable_path/Frameworks",
@@ -588,8 +586,8 @@
MARKETING_VERSION = 1.3.10;
ONLY_ACTIVE_ARCH = YES;
OTHER_LDFLAGS = "-lconnlib";
PRODUCT_BUNDLE_IDENTIFIER = "$(inherited).debug.network-extension";
PRODUCT_NAME = "$(TARGET_NAME)";
PRODUCT_BUNDLE_IDENTIFIER = "$(inherited).network-extension";
PRODUCT_NAME = "$(PRODUCT_BUNDLE_IDENTIFIER)";
PROVISIONING_PROFILE_SPECIFIER = "";
"PROVISIONING_PROFILE_SPECIFIER[sdk=iphoneos*]" = "$(IOS_NE_PROVISIONING_PROFILE_IDENTIFIER)";
SDKROOT = iphoneos;
@@ -610,7 +608,7 @@
isa = XCBuildConfiguration;
buildSettings = {
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = FirezoneNetworkExtension/FirezoneNetworkExtension_iOS.entitlements;
CODE_SIGN_ENTITLEMENTS = FirezoneNetworkExtension/FirezoneNetworkExtension.entitlements;
CODE_SIGN_IDENTITY = "$(inherited)";
CODE_SIGN_STYLE = "$(inherited)";
CURRENT_PROJECT_VERSION = 0;
@@ -620,6 +618,7 @@
INFOPLIST_FILE = FirezoneNetworkExtension/Info.plist;
INFOPLIST_KEY_CFBundleDisplayName = FirezoneNetworkExtension;
INFOPLIST_KEY_NSHumanReadableCopyright = "";
INFOPLIST_KEY_NSSystemExtensionUsageDescription = "Firezone tunnel service";
LD_RUNPATH_SEARCH_PATHS = (
"$(inherited)",
"@executable_path/Frameworks",
@@ -630,7 +629,7 @@
MARKETING_VERSION = 1.3.10;
OTHER_LDFLAGS = "-lconnlib";
PRODUCT_BUNDLE_IDENTIFIER = "$(inherited).network-extension";
PRODUCT_NAME = "$(TARGET_NAME)";
PRODUCT_NAME = "$(PRODUCT_BUNDLE_IDENTIFIER)";
PROVISIONING_PROFILE_SPECIFIER = "";
"PROVISIONING_PROFILE_SPECIFIER[sdk=iphoneos*]" = "$(IOS_NE_PROVISIONING_PROFILE_IDENTIFIER)";
SDKROOT = iphoneos;
@@ -647,15 +646,40 @@
};
name = Release;
};
05CF1D0E290B1DCD00CF4755 /* Debug */ = {
6FE454BE2A5BC5F3006549B1 /* Debug */ = {
isa = XCBuildConfiguration;
buildSettings = {
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = FirezoneNetworkExtension/FirezoneNetworkExtension_macOS.entitlements;
CODE_SIGN_STYLE = "$(inherited)";
DEBUGGING_SYMBOLS = YES;
DEBUG_INFORMATION_FORMAT = dwarf;
ENABLE_USER_SCRIPT_SANDBOXING = NO;
GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
GCC_OPTIMIZATION_LEVEL = 0;
OTHER_CFLAGS = "";
OTHER_LDFLAGS = "";
PRODUCT_NAME = "$(TARGET_NAME)";
};
name = Debug;
};
6FE454BF2A5BC5F3006549B1 /* Release */ = {
isa = XCBuildConfiguration;
buildSettings = {
CODE_SIGN_STYLE = "$(inherited)";
DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
ENABLE_USER_SCRIPT_SANDBOXING = NO;
OTHER_CFLAGS = "";
OTHER_LDFLAGS = "";
PRODUCT_NAME = "$(PRODUCT_BUNDLE_IDENTIFIER)";
};
name = Release;
};
8D5047F12CE6A8F4009802E9 /* Debug */ = {
isa = XCBuildConfiguration;
buildSettings = {
CODE_SIGN_ENTITLEMENTS = FirezoneNetworkExtension/FirezoneNetworkExtension.entitlements;
CODE_SIGN_IDENTITY = "$(inherited)";
CODE_SIGN_STYLE = "$(inherited)";
CURRENT_PROJECT_VERSION = 0;
DEAD_CODE_STRIPPING = YES;
DEVELOPMENT_TEAM = "$(inherited)";
ENABLE_HARDENED_RUNTIME = YES;
GENERATE_INFOPLIST_FILE = YES;
@@ -673,28 +697,23 @@
"LIBRARY_SEARCH_PATHS[arch=x86_64]" = "$(CONNLIB_TARGET_DIR)/x86_64-apple-darwin/debug";
MARKETING_VERSION = 1.3.10;
OTHER_LDFLAGS = "-lconnlib";
PRODUCT_BUNDLE_IDENTIFIER = "$(inherited).debug.network-extension";
PRODUCT_NAME = "$(TARGET_NAME)";
PRODUCT_BUNDLE_IDENTIFIER = "$(inherited).network-extension";
PRODUCT_NAME = "$(PRODUCT_BUNDLE_IDENTIFIER)";
PROVISIONING_PROFILE_SPECIFIER = "";
"PROVISIONING_PROFILE_SPECIFIER[sdk=macosx*]" = "$(MACOS_NE_PROVISIONING_PROFILE_IDENTIFIER)";
SDKROOT = macosx;
SKIP_INSTALL = YES;
SUPPORTED_PLATFORMS = macosx;
SWIFT_EMIT_LOC_STRINGS = YES;
SWIFT_OBJC_BRIDGING_HEADER = "FirezoneNetworkExtension/FirezoneNetworkExtension-Bridging-Header.h";
SWIFT_OBJC_INTERFACE_HEADER_NAME = "";
SWIFT_OPTIMIZATION_LEVEL = "-Onone";
SWIFT_VERSION = 5.0;
TVOS_DEPLOYMENT_TARGET = "";
WATCHOS_DEPLOYMENT_TARGET = "";
};
name = Debug;
};
05CF1D0F290B1DCD00CF4755 /* Release */ = {
8D5047F22CE6A8F4009802E9 /* Release */ = {
isa = XCBuildConfiguration;
buildSettings = {
CLANG_ENABLE_MODULES = YES;
CODE_SIGN_ENTITLEMENTS = FirezoneNetworkExtension/FirezoneNetworkExtension_macOS.entitlements;
CODE_SIGN_ENTITLEMENTS = FirezoneNetworkExtension/FirezoneNetworkExtension.entitlements;
CODE_SIGN_IDENTITY = "$(inherited)";
CODE_SIGN_STYLE = "$(inherited)";
CURRENT_PROJECT_VERSION = 0;
@@ -717,7 +736,7 @@
MARKETING_VERSION = 1.3.10;
OTHER_LDFLAGS = "-lconnlib";
PRODUCT_BUNDLE_IDENTIFIER = "$(inherited).network-extension";
PRODUCT_NAME = "$(TARGET_NAME)";
PRODUCT_NAME = "$(PRODUCT_BUNDLE_IDENTIFIER)";
PROVISIONING_PROFILE_SPECIFIER = "";
"PROVISIONING_PROFILE_SPECIFIER[sdk=macosx*]" = "$(MACOS_NE_PROVISIONING_PROFILE_IDENTIFIER)";
SDKROOT = macosx;
@@ -725,35 +744,7 @@
SUPPORTED_PLATFORMS = macosx;
SWIFT_EMIT_LOC_STRINGS = YES;
SWIFT_OBJC_BRIDGING_HEADER = "FirezoneNetworkExtension/FirezoneNetworkExtension-Bridging-Header.h";
SWIFT_OBJC_INTERFACE_HEADER_NAME = "";
SWIFT_VERSION = 5.0;
TVOS_DEPLOYMENT_TARGET = "";
WATCHOS_DEPLOYMENT_TARGET = "";
};
name = Release;
};
6FE454BE2A5BC5F3006549B1 /* Debug */ = {
isa = XCBuildConfiguration;
buildSettings = {
CODE_SIGN_STYLE = Automatic;
DEBUGGING_SYMBOLS = YES;
DEBUG_INFORMATION_FORMAT = dwarf;
GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
GCC_OPTIMIZATION_LEVEL = 0;
OTHER_CFLAGS = "";
OTHER_LDFLAGS = "";
PRODUCT_NAME = "$(TARGET_NAME)";
};
name = Debug;
};
6FE454BF2A5BC5F3006549B1 /* Release */ = {
isa = XCBuildConfiguration;
buildSettings = {
CODE_SIGN_STYLE = Automatic;
DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
OTHER_CFLAGS = "";
OTHER_LDFLAGS = "";
PRODUCT_NAME = "$(TARGET_NAME)";
};
name = Release;
};
@@ -811,8 +802,8 @@
GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
GCC_WARN_UNUSED_FUNCTION = YES;
GCC_WARN_UNUSED_VARIABLE = YES;
IPHONEOS_DEPLOYMENT_TARGET = 15.0;
MACOSX_DEPLOYMENT_TARGET = 12.0;
IPHONEOS_DEPLOYMENT_TARGET = 15.6;
MACOSX_DEPLOYMENT_TARGET = 12.4;
MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE;
MTL_FAST_MATH = YES;
ONLY_ACTIVE_ARCH = YES;
@@ -870,8 +861,8 @@
GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
GCC_WARN_UNUSED_FUNCTION = YES;
GCC_WARN_UNUSED_VARIABLE = YES;
IPHONEOS_DEPLOYMENT_TARGET = 15.0;
MACOSX_DEPLOYMENT_TARGET = 12.0;
IPHONEOS_DEPLOYMENT_TARGET = 15.6;
MACOSX_DEPLOYMENT_TARGET = 12.4;
MTL_ENABLE_DEBUG_INFO = NO;
MTL_FAST_MATH = YES;
SUPPORTED_PLATFORMS = "macosx iphoneos";
@@ -991,15 +982,6 @@
defaultConfigurationIsVisible = 0;
defaultConfigurationName = Release;
};
05CF1D0D290B1DCD00CF4755 /* Build configuration list for PBXNativeTarget "FirezoneNetworkExtensionmacOS" */ = {
isa = XCConfigurationList;
buildConfigurations = (
05CF1D0E290B1DCD00CF4755 /* Debug */,
05CF1D0F290B1DCD00CF4755 /* Release */,
);
defaultConfigurationIsVisible = 0;
defaultConfigurationName = Release;
};
6FE454BD2A5BC5F3006549B1 /* Build configuration list for PBXLegacyTarget "Build Connlib" */ = {
isa = XCConfigurationList;
buildConfigurations = (
@@ -1009,6 +991,15 @@
defaultConfigurationIsVisible = 0;
defaultConfigurationName = Release;
};
8D5047F02CE6A8F4009802E9 /* Build configuration list for PBXNativeTarget "FirezoneNetworkExtensionmacOS" */ = {
isa = XCConfigurationList;
buildConfigurations = (
8D5047F12CE6A8F4009802E9 /* Debug */,
8D5047F22CE6A8F4009802E9 /* Release */,
);
defaultConfigurationIsVisible = 0;
defaultConfigurationName = Release;
};
8DCC021428D512AC007E12D2 /* Build configuration list for PBXProject "Firezone" */ = {
isa = XCConfigurationList;
buildConfigurations = (
@@ -1034,11 +1025,11 @@
isa = XCSwiftPackageProductDependency;
productName = FirezoneKit;
};
794C38162970A26A0029F38F /* FirezoneKit */ = {
79756C6529704A7A0018E2D5 /* FirezoneKit */ = {
isa = XCSwiftPackageProductDependency;
productName = FirezoneKit;
};
79756C6529704A7A0018E2D5 /* FirezoneKit */ = {
8D5047F72CE6AA22009802E9 /* FirezoneKit */ = {
isa = XCSwiftPackageProductDependency;
productName = FirezoneKit;
};

67
swift/apple/Firezone.xcodeproj/xcshareddata/xcschemes/FirezoneNetworkExtensionmacOS.xcscheme Normal file
View File

@@ -0,0 +1,67 @@
<?xml version="1.0" encoding="UTF-8"?>
<Scheme
LastUpgradeVersion = "1610"
version = "1.7">
<BuildAction
parallelizeBuildables = "YES"
buildImplicitDependencies = "YES"
buildArchitectures = "Automatic">
<BuildActionEntries>
<BuildActionEntry
buildForTesting = "YES"
buildForRunning = "YES"
buildForProfiling = "YES"
buildForArchiving = "YES"
buildForAnalyzing = "YES">
<BuildableReference
BuildableIdentifier = "primary"
BlueprintIdentifier = "8D5047E22CE6A8F4009802E9"
BuildableName = "dev.firezone.firezone.network-extension.systemextension"
BlueprintName = "FirezoneNetworkExtensionmacOS"
ReferencedContainer = "container:Firezone.xcodeproj">
</BuildableReference>
</BuildActionEntry>
</BuildActionEntries>
</BuildAction>
<TestAction
buildConfiguration = "Debug"
selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
shouldUseLaunchSchemeArgsEnv = "YES"
shouldAutocreateTestPlan = "YES">
</TestAction>
<LaunchAction
buildConfiguration = "Debug"
selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
launchStyle = "0"
useCustomWorkingDirectory = "NO"
ignoresPersistentStateOnLaunch = "NO"
debugDocumentVersioning = "YES"
debugServiceExtension = "internal"
allowLocationSimulation = "YES">
</LaunchAction>
<ProfileAction
buildConfiguration = "Release"
shouldUseLaunchSchemeArgsEnv = "YES"
savedToolIdentifier = ""
useCustomWorkingDirectory = "NO"
debugDocumentVersioning = "YES">
<MacroExpansion>
<BuildableReference
BuildableIdentifier = "primary"
BlueprintIdentifier = "8D5047E22CE6A8F4009802E9"
BuildableName = "dev.firezone.firezone.network-extension.systemextension"
BlueprintName = "FirezoneNetworkExtensionmacOS"
ReferencedContainer = "container:Firezone.xcodeproj">
</BuildableReference>
</MacroExpansion>
</ProfileAction>
<AnalyzeAction
buildConfiguration = "Debug">
</AnalyzeAction>
<ArchiveAction
buildConfiguration = "Release"
revealArchiveInOrganizer = "YES">
</ArchiveAction>
</Scheme>

4
swift/apple/Firezone/ExportOptions.plist
View File

@@ -7,10 +7,10 @@
<key>provisioningProfiles</key>
<dict>
<key>dev.firezone.firezone</key>
<string>9aafa0f8-4b68-49c8-b023-0d4576142e1f</string>
<string>07102026-065f-4cc0-800b-5f8595c50ce8</string>
<key>dev.firezone.firezone.network-extension</key>
<string>49b53dcc-efaf-4171-9f3b-ca8c46e41069</string>
<string>c6feb05e-063a-4429-8563-57c1d2755067</string>
</dict>
</dict>
</plist>

2
swift/apple/Firezone/Firezone.entitlements
View File

@@ -12,6 +12,8 @@
<array>
<string>$(APP_GROUP_ID)</string>
</array>
<key>com.apple.developer.system-extension.install</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.network.client</key>

2
swift/apple/Firezone/xcconfig/debug.xcconfig
View File

@@ -1,6 +1,6 @@
// Apple Developer account-specific configuration
DEVELOPMENT_TEAM = 47R2M6779T
PRODUCT_BUNDLE_IDENTIFIER = dev.firezone.firezone
APP_GROUP_ID[sdk=macosx*] = 47R2M6779T.group.dev.firezone.firezone
APP_GROUP_ID[sdk=macosx*] = 47R2M6779T.dev.firezone.firezone
APP_GROUP_ID[sdk=iphoneos*] = group.dev.firezone.firezone
CODE_SIGN_STYLE = Automatic

10
swift/apple/Firezone/xcconfig/release.xcconfig
View File

@@ -1,11 +1,11 @@
// Apple Developer account-specific configuration
DEVELOPMENT_TEAM = 47R2M6779T
PRODUCT_BUNDLE_IDENTIFIER = dev.firezone.firezone
APP_GROUP_ID[sdk=macosx*] = 47R2M6779T.group.dev.firezone.firezone
APP_GROUP_ID[sdk=macosx*] = 47R2M6779T.dev.firezone.firezone
APP_GROUP_ID[sdk=iphoneos*] = group.dev.firezone.firezone
CODE_SIGN_STYLE = Manual
CODE_SIGN_IDENTITY = Apple Distribution: Firezone, Inc. (47R2M6779T)
IOS_APP_PROVISIONING_PROFILE_IDENTIFIER = 9aafa0f8-4b68-49c8-b023-0d4576142e1f
MACOS_APP_PROVISIONING_PROFILE_IDENTIFIER = 5a382464-185f-456c-8e21-da43c920f958
IOS_NE_PROVISIONING_PROFILE_IDENTIFIER = 49b53dcc-efaf-4171-9f3b-ca8c46e41069
MACOS_NE_PROVISIONING_PROFILE_IDENTIFIER = b79986e4-4b54-43b3-9634-724e4a98ed64
IOS_APP_PROVISIONING_PROFILE_IDENTIFIER = 07102026-065f-4cc0-800b-5f8595c50ce8
MACOS_APP_PROVISIONING_PROFILE_IDENTIFIER = 9933ad98-3698-4782-ba8c-7e2da4c9835a
IOS_NE_PROVISIONING_PROFILE_IDENTIFIER = c6feb05e-063a-4429-8563-57c1d2755067
MACOS_NE_PROVISIONING_PROFILE_IDENTIFIER = 789f5daf-bc9a-49fd-befd-bcfc88dd97a1

59
swift/apple/FirezoneKit/Sources/FirezoneKit/Managers/SystemExtensionManager.swift Normal file
View File

@@ -0,0 +1,59 @@
//
// SystemExtensionManager.swift
// (c) 2024 Firezone, Inc.
// LICENSE: Apache-2.0
//
#if os(macOS)
import SystemExtensions
enum SystemExtensionError: Error {
case UnexpectedResult(result: OSSystemExtensionRequest.Result)
case NeedsUserApproval
}
public class SystemExtensionManager: NSObject, OSSystemExtensionRequestDelegate {
private var completionHandler: ((Error?) -> Void)?
public func installSystemExtension(
identifier: String?,
completionHandler: @escaping (Error?) -> Void
) {
guard let identifier = identifier else { return }
self.completionHandler = completionHandler
let request = OSSystemExtensionRequest.activationRequest(forExtensionWithIdentifier: identifier, queue: .main)
request.delegate = self
// Install extension
OSSystemExtensionManager.shared.submitRequest(request)
}
// MARK: - OSSystemExtensionRequestDelegate
public func request(_ request: OSSystemExtensionRequest, didFinishWithResult result: OSSystemExtensionRequest.Result) {
guard result == .completed else {
completionHandler?(SystemExtensionError.UnexpectedResult(result: result))
return
}
// Success
completionHandler?(nil)
}
public func request(_ request: OSSystemExtensionRequest, didFailWithError error: Error) {
completionHandler?(error)
}
public func requestNeedsUserApproval(_ request: OSSystemExtensionRequest) {
completionHandler?(SystemExtensionError.NeedsUserApproval)
// TODO: Inform the user to approve the system extension in System Preferences > Security & Privacy.
}
public func request(_ request: OSSystemExtensionRequest, actionForReplacingExtension existing: OSSystemExtensionProperties, withExtension ext: OSSystemExtensionProperties) -> OSSystemExtensionRequest.ReplacementAction {
return .replace
}
}
#endif

39
swift/apple/FirezoneKit/Sources/FirezoneKit/Managers/TunnelManager.swift
View File

@@ -93,18 +93,12 @@ public class TunnelManager {
// Encoder used to send messages to the tunnel
private let encoder = PropertyListEncoder()
// Use separate bundle IDs for release and debug.
// Helps with testing releases and dev builds on the same Mac.
#if DEBUG
private let bundleIdentifier = Bundle.main.bundleIdentifier.map {
"\($0).debug.network-extension"
}
#if os(macOS)
private let systemExtensionManager = SystemExtensionManager()
#endif
private let bundleDescription = "Firezone (Debug)"
#else
private let bundleIdentifier = Bundle.main.bundleIdentifier.map { "\($0).network-extension" }
private let bundleDescription = "Firezone"
#endif
private let bundleIdentifier = "\(Bundle.main.bundleIdentifier!).network-extension"
private let bundleDescription = "Firezone"
init() {
manager = nil
@@ -236,6 +230,29 @@ public class TunnelManager {
options = ["token": token as NSObject]
}
#if os(macOS)
// On macOS we use System Extensions, and we need to wait for them to be activated
// before we can continue starting the tunnel. Otherwise, the tunnel will come up,
// but then be killed immediately after since the system will reap its process as
// the system extension is moved in place. This is more of an issue in development
// where the system will replace the extension on each call to this API, ignoring the
// version check that typically prevents extensions from being reactivated if they have the
// same marketing version.
systemExtensionManager.installSystemExtension(identifier: bundleIdentifier) { error in
if let error = error {
Log.app.error("\(#function): Installing system extension failed! \(error.localizedDescription)")
return
}
self.startTunnel(options: options)
}
#else
startTunnel(options: options)
#endif
}
func startTunnel(options: [String: NSObject]?) {
do {
try session().startTunnel(options: options)
} catch {

0
swift/apple/FirezoneNetworkExtension/FirezoneNetworkExtension_iOS.entitlements → swift/apple/FirezoneNetworkExtension/FirezoneNetworkExtension.entitlements
View File

20
swift/apple/FirezoneNetworkExtension/FirezoneNetworkExtension_macOS.entitlements
View File

@@ -1,20 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider</string>
</array>
<key>com.apple.security.application-groups</key>
<array>
<string>$(APP_GROUP_ID)</string>
</array>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.network.server</key>
<true/>
</dict>
</plist>

12
swift/apple/FirezoneNetworkExtension/Info.plist
View File

@@ -11,5 +11,17 @@
</dict>
<key>AppGroupIdentifier</key>
<string>$(APP_GROUP_ID)</string>
<key>NetworkExtension</key>
<dict>
<key>NEMachServiceName</key>
<string>$(APP_GROUP_ID)</string>
<key>NEProviderClasses</key>
<dict>
<key>com.apple.networkextension.packet-tunnel</key>
<string>$(PRODUCT_MODULE_NAME).PacketTunnelProvider</string>
</dict>
</dict>
<key>NSSystemExtensionUsageDescription</key>
<string>The Firezone System Extension is required for Firezone to function properly.</string>
</dict>
</plist>

16
swift/apple/FirezoneNetworkExtension/main.swift Normal file
View File

@@ -0,0 +1,16 @@
//
// main.swift
// (c) 2024 Firezone, Inc.
// LICENSE: Apache-2.0
//
import Foundation
import FirezoneKit
import NetworkExtension
// Entrypoint for the macOS app
autoreleasepool {
NEProvider.startSystemExtensionMode()
}
dispatchMain()

48
swift/apple/README.md
View File

@@ -6,23 +6,35 @@ Firezone clients for macOS and iOS.
1. Rust: `curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh`
1. Request your Firezone email added to our Apple Developer Account
1. Open Xcode, go to Settings -> Account and log in. Click "Download manual
profiles" button.
1. Install signing keys from 1password "Engineering" vault.
1. Open Xcode, go to Settings -> Account and log in.
Automatic signing has been disabled because it doesn't easily work with our
CI/CD pipeline.
If you're working on the macOS client, you'll need to disable SIP and enable
system extension development mode:
1. Follow [these instructions](https://developer.apple.com/documentation/security/disabling-and-enabling-system-integrity-protection) to disable SIP.
1. After that's complete, turn on system extension development mode:
```bash
systemextensionsctl developer on
```
This will prevent macOS from blocking the Network Extension from loading due to notarization or filepath restrictions.
**Be sure to re-enable SIP to test the app in a production-like environment.**
You may consider using a macOS VM (such as Parallels Desktop) to develop the macOS client, as it's easier to
disable SIP, take snapshots, and muck around with your system configuration without risking your main machine.
## Building
1. Set up Rust to cross-compile for iOS:
1. Add required Rust targets:
Ensure you've activated the correct toolchain version for your local
environment with `rustup default <toolchain>` (find this from
`/rust/rust-toolchain.toml` file), then run:
```
rustup target add aarch64-apple-ios
rustup target add aarch64-apple-ios aarch64-apple-darwin x86_64-apple-darwin
```
1. Clone this repo:
@@ -37,12 +49,14 @@ CI/CD pipeline.
cd swift/apple
```
1. Copy an appropriate xcconfig and edit as necessary:
1. Copy an appropriate xcconfig:
```bash
cp Firezone/xcconfig/debug.xcconfig Firezone/xcconfig/config.xcconfig
vim Firezone/xcconfig/config.xcconfig
```
If building for Development, the debug.xcconfig should work out-of-the-box.
```bash
cp Firezone/xcconfig/debug.xcconfig Firezone/xcconfig/config.xcconfig
vim Firezone/xcconfig/config.xcconfig
```
1. Open project in Xcode:
@@ -50,21 +64,23 @@ CI/CD pipeline.
open Firezone.xcodeproj
```
1. Build the Firezone target
1. Build and run the `Firezone` target.
## Debugging
[This Network Extension debugging guide](https://developer.apple.com/forums/thread/725805)
is a great resource to use as a starting point.
### Debugging on ios simulator
### Debugging on iOS simulator
Network Extensions
[can't be debugged](https://developer.apple.com/forums/thread/101663) in the iOS
simulator, so you'll need a physical iOS device or Mac to debug.
simulator, so you'll need a physical iOS device to develop the iOS build on.
### NetworkExtension not loading (macOS)
If the tunnel fails to come up after signing in, it can be for a large number of reasons. Here are some of the more common ones:
Try clearing your LaunchAgent db:
```bash
@@ -118,7 +134,7 @@ cd swift/apple
### Wiping connlib log directory
```
rm -rf $HOME/Library/Group\ Containers/47R2M6779T.group.dev.firezone.firezone/Library/Caches/logs/connlib
rm -rf $HOME/Library/Group\ Containers/47R2M6779T.dev.firezone.firezone/Library/Caches/logs/connlib
```
### Clearing the Keychain item

2
website/src/app/kb/administer/logs/readme.mdx
View File

@@ -14,7 +14,7 @@ by advanced users and admins.
| Component | Log directory |
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------------- |
| macOS Client | `~/Library/Group Containers/47R2M6779T.group.dev.firezone.firezone/Library/Caches/logs` |
| macOS Client | `~/Library/Group Containers/47R2M6779T.dev.firezone.firezone/Library/Caches/logs` |
| iOS Client | N/A |
| Android/ChromeOS Client | `/data/data/dev.firezone.android/caches/logs` |
| Linux Client | Set by the user via the `LOG_DIR` environment variable, otherwise STDOUT |