Is this repo still being maintained? #64
Comments
|
Hey @ElmoTheWizard Yes, all repos are being maintained, although it should be noted that we are currently working a new and improved multi-platform client which will support Wireguard and should not be fully dependent on NetworkManager nor keyring backends (as currently we're tied to Gnome-keyring and KWallet). Thus it should allow even more distros to use our official client without having hard dependencies baked in. Either way, we'll be releasing a couple new features for the current client in the coming weeks, stay tuned :) PS: Please don't close this issue, as other might find this useful. |
|
@calexandru2018 let distributions get an early preview if possible, so we can adapt our packages 😄 |
|
@calexandru2018 Any updates on this upcoming multi-platform release? Any way we can test it yet? |
This sounds good. Can we track this new version somewhere? Is it open source? |
Four months later and these updates are nowhere to be seen. Are we ever getting Wireguard support? It's over a year since Wireguard support was added for other platforms, whereas Linux users are left waiting with no ETAs or updates in sight. |
|
Will the new client still depend on systemd? |
|
hopefully this new client brings an flatpak or appimage, many people hate installing stuff from terminal |
Flatpaks are terrible for applications with system level integration. I don't think any sort of permission setup will allow it to work. |
|
make the new repo public. I've been waiting for months and I honestly don't care if it's broken. I just need to see something |
|
It's a shame the linux client is basically useless...there is no offficial/easy way to run at boot and I tried lots of stuff. And with this thread i know this client won't have any future...so probably better for me to cancel my protonvpn and switch to another provider that is more linux friendly ! |
|
@Nottt I'm using the Wireguard configurations until the new client is released publicly. It works well enough for now, but the lack of news from the dev team concerns me about how long I'm going to be stuck with this workaround. |
|
Hi, when the new version is available, can you please post info it here? I watched this topic :-) |
mullvad has a great linux client |
|
iVPN has a good linux client as well, and has working UPnP from my experience (for some reason Mullvad did not port forward correctly, even after setting a port online.) Can't believe it's taking so long for a non-jank linux client, and they are not giving status updates either; Proton looking a little corporate from where I sit, and not in a good way. |
|
Seven month's later, still no wireguard support. |
|
Hey, @calexandru2018
It is a real pain to wait without knowing roughly when they are planned to be done. |
|
Hey @jbas23 I'll copy/paste what I've wrote on another ticket:
At this current point we have some of the sub-packages written, and we're working mostly in refining (quality and reliability) some of them and at the same time re-writing the apps. |
|
Why not make the project public? Even if it's far from stable, it will make people stop asking about the progress of the new client. |
Can you make the client public? Then the open-source community can actually help it go faster. Unless, of course, you made no progress at all. |
It's great to hear that some progress is being made. I'm sure everybody would appreciate little updates like this one from time to time. We are anxiously waiting for a new Proton VPN client. The current one is practically unusable, not to mention missing several features. I appreciate what you guys are doing and understand that it is a lot of work to build a new client. But it's not easy waiting (with no updates or ETAs) when I am paying for an Unlimited account. |
|
Thank you all for the feedback. About releasing it public while still in development, it's tricky, mainly due to the fact the we don't want the client to be usable by anyone while it's in pre-alpha, given that certain things are still not in place to assure that connections are reliable and secure. On another note, we'll soon start working on a roadmap definition for the Linux client, and then we'll be able to share it with everybody. |
@calexandru2018 Thanks for the update. I have an idea: make the client connect to a separate testing server that doesn't allow access to the Internet and the only site you can visit is something like "test.invalid" which resolves to a Proton-controlled server. That way, no matter how insecure the connection is, it won't put anyone at risk or at a false sense of security and the open-source community can help the development go faster. |
I understand not wanting to open up a pre-alpha or even alpha build to the public. As a privacy/security focused VPN, I think that it would be irresponsible if people could use a half-finished product. Thanks! We would greatly appreciate a roadmaps and something to look forward to |
@orange-tin I understand that, but why not publish it with a test server as said above? That way there's no risk and a great reward for both Proton and its users. |
How the heck did you snag @Anynomous:matrix.org? |
This is an amazing update team! Like really! If I may offer one suggestion. It would be GREAT if the content team could update the Port Forwarding site that the settings app links out to to account for the Pre-Release. While the steps remain largely the same what it does not tell us is whether or not we need to make the requisite edits to the config in the same way we did before and/or if there are changes to the config you set on your Reddit post. |
And it’s AWESOME! |
|
I tried out the version from 11th July 2023 on Arch Linux. Seems to work just fine! I noticed that everytime I connect, a new "pvpn-killswitch-ipv6" profile is being added. The previous existing one will not be removed. Also on ~/.cert/nm-openvpn it inflates the folder with new keyfiles everytime I connect. This behavior was also present on the current stable version. |
Yep, me too and fixed it by doing this Well from what i see the app hard coded the certificate, so what I'm thinking is 'why not put it into a file so all the connection could just refer to that file?' Then i created a patch where the app will write the cert into a file located in More edit: But your first problem doesn't happen to me, so i don't know what's wrong with it. |
Thanks so much guys for really keeping in touch with the Linux community and responding to our needs. It makes such a huge difference and generates such good will. :) |
|
@calexandru2018 Thank you for all the updates, it's restored my faith in ProtonVPN and is going to be so helpful. |
The lack of a kill-switch is something that is holding me back as well on some uses of the client, well if I am being honest, IPv6 lacking forever has been a point of contention as well but I digress. @calexandru2018 what does the roadmap look like for kill-switch and dare I ask, IPv6? |
|
Glad to see the recent developments for the new client. When can we expect wireguard support? Seems like it should be high on the priority list. Also where can we view the source code? The about page says it is licensed with the GPLv3 so according to my knowledge we need to have access to the source code right? |
#64 (comment) - per a post from @calexandru2018 way back when, the source code will be closed source for the time being. #64 (comment) - there is also a note here about having it open during its initial testing phase. Of note thought is the licensed GPLv3 note on the about page. I am assuming that you mean the About on the new client which of course reads as: I am pleased with the attention to ProtonVPN team has made and I've begun to champion them once more but based on the nearly 1.5 year nightmare it took to get to this point, I intend to make sure they continue with transparency. I'll give @calexandru2018 and the ProtonVPN team about a week to respond on this matter and I will watch the changelog and code for changes that are not announced. I'm still surly over the Terms and Conditions change that happened. It was after I officially filed my case so it was hard to not see the change as a slight against customers who seek compensation for breach of Terms on Proton's end. Thankfully my case is valid and will proceed. Keep an eye out on the client and know that you can file a compliant for breaching the GPLv3 license on their website at: https://www.gnu.org/licenses/gpl-violation.html but be sure to look for the things below first. As @calexandru2018 said, the python base for the project means that it is available but in consulting a friend and member of the Free Software Foundation, I was told: Hey dude, so about the developer's statement that "since it's Python one can easily inspect the code, thus it will never be completely closed source as Windows applications" - it's a bit of a gray area when it comes to the GPL. Let me explain: The GNU GPL requires that the source code is included in the distribution or there's a written offer for the source code with just binary distributions. Now, Python code isn't usually compiled into a binary format like Windows applications, so it's definitely more open and inspectable. However, that doesn't automatically make it compliant with GPL. For full GPL compliance, the source code needs to be properly delivered to the users. This includes all modules, scripts, and related files needed to run the program, not just an opportunity to inspect it. If ProtonVPN isn't providing the full source code in a way that aligns with these stipulations, they might indeed be at odds with the GPL. But this is a nuanced issue and could use a thorough legal review. My advice? Get in touch with James. He might suggest you to file an inquiry with us or another organization like the Software Freedom Conservancy. So to me its kinda the old adage regarding privacy and personally identifiable information in things like GDPR, PIPEDA/CPPA, etc. which says that information when requested, has to be made available in a format that the average consumer can both access and understand, not just Python wizards on Linux. Ha-ha! I have reached out to the ProtonVPN team and my case has been escalated for response to what I assume will be the legal and product teams. I will keep everyone updated. |
|
I did find the source code, but I do not see a copy of the license. It would be great for the code to be on a public repository though, so anyone can easier submit issues or possibly contribute. This is in the spirit of free software and I'm sure it can at least slightly speed up the development time, and I don't see how this would negatively effect business in any way. For a company that advertises the open source nature so much, just having the source code in your filesystem isn't good enough. I do give props to how much your small team has accomplished over this time period though. Consistency through different operating systems is still a big problem. I'm hoping the Linux team expands in general, especially including Drive. A native Linux app for Drive would be amazing. Once Wireguard support gets added to the new VPN app, I will probably subscribe to Proton Unlimited. |
From the Proton Team directly in Reddit. I am still waiting for the official word back from my escalated ticket. Rest assured if it is determined that there should be more transparency after the response from the legal and product team, I will submit the violation report myself to the bodies mentioned in my original post. |
This is also holding me back as well, and the fact that it sometimes pollute my |
No reply from either end of their team so I'll be filing my report tomorrow or Tuesday having reached out to them today. This is unfortunate as I believe transparency to be so important and I've been impressed with the team thus far. I'd love if someone could take a look at it and ensure the letter I drafted honours the https://www.gnu.org/licenses/gpl-3.0.en.html and properly references the sections that are worrying. Given the way these violation reviews work, I have to reach out to the copyright holders of each component as well, so a second look would be a good idea. Essentially, it boils down to potential violations as such: GPL Section 6, GPL Section 1, GPL Section 3. |
|
Hi @kazin-kharizma, releasing the source code has always been a cornerstone of Proton’s approach and this Linux version is no different. In the last period we have all been busy putting the finishing touches to the project before the beta, which will take place in September. You can expect then to see the code on GitHub and our first release with kill switch 🙂 |
I'm confused as to why you're doing this - this is written in Python code so the source code is contained in the package. I don't believe Proton did any minifying or just gave us the But even if this does violate GPL (I don't know it very well so I'm not sure), what are you hoping to gain from this? They finally made a Linux version of their VPN, it's at least source-available (and I highly doubt they're going to track down and DMCA hypothetical forks, so it's basically GPL), and they're planning to repost (for a lack of a better word) it on GitHub soon. ...on a more light note, this issue (not necessarily with this comment, but earlier ones) might make a good github-drama candidate :) |
This is all that I needed to hear. :) |
I'm sure it would make for great github-drama and by all means post it. If holding the firms, tech giants, organisations, governments to the standard consumers and citizens are promised and deserve is dramatic, then I welcome the association. For too long, apathy and resignation have allowed people to be stomped on and their privacy stripped away, not to mention erosion of rights on the government end of things. So you keep up your memes and your external validation my friend, I have real matters to attend to. Proton failed in its obligation to keep the Linux community updated for years, in more ways than one and a review of my posts will show that I have gone from criticising that approach to even applauding them. I was the first person to post about the Linux alpha on Reddit and with great excitement! Heck, it was before Proton even got to it. I don't require your approval and so I continue to give praise where it is due and concern when called for. More should do the same and not simply accept their lot. Now lets drop this matter and move forward. |
|
@kazin-kharizma ...by saying it would make a good github-drama post, I didn't mean that it was unwarranted, just that it was conflict. Sorry if I implied that. And I certainly agree with you on most points - I was as frustrated as you with the awful client.
Agreed, this is the last post about it. Thank you, Proton, for finally making this new client. |
You’ve been a champ in responding the way that you did @Anonymous941, taking it in stride. We have a Linux client that is surpassing all expectations and a confirmation that the repo will be posted upon transitioning to beta in September, plus kill-switch. Way to go Proton team! And thank you @jacopom and @calexandru2018 for keeping this thread aware. |
|
@calexandru2018 In the code i see that the app used Let's say i connect to SG#69 "Servers": [
{
"EntryIP": "37.19.201.130",
"ExitIP": "37.19.201.131",
"Domain": "node-sg-14.protonvpn.net",
"ID": "Kk6z1U6Pml59hTTBT2eBhsrmZNfwCj4XndRWXIbn3Z0pKIfLHA8mFsGfKK07RzjLm3VUfEXVb205ll4-NR8a8Q==",
"Label": "6",
"X25519PublicKey": "rKXFNhvVY+l4GE0STa1u3Yn/2hptVI6Dms/brS341zg=",
"Generation": 0,
"Status": 1,
"ServicesDown": 0,
"ServicesDownReason": null
}
],With And if i it's not appended (turned off), i will get random exit IP assigned for my connection: $ curl http://ip.me
37.19.201.135My other question would be, what kind of kill switch implementation would Proton use? In Proton previous linux app i see that you guys were using NetworkManager to block it, which work by creating a dummy connection with low route-metric value so the connection would go there (by priority) instead of leaking to the internet. But this could leave some kind of fake sense of security as application (e.g. Torrent app) could be manually assigned to use specific interface, and render the kill switch useless. I know this could be prevented if we use iptables or nftable based rule, but we need Example: $ ping -I <interface> <some_ip>
.... (Ping goes successfully, ignoring the KS)Example: (With IP Tables based rule to block connection) $ ping -I <interface> <some_ip>
.... (Failed, or rejected, KS can't be ignored)And if Proton would still go with the NM way, i would be happy if user were warned (inside the app) about the possibility of an app explicitly using certain interface to connect to the internet which may ignore the KS. |
And it is for this very reason that I do what I do with my pushes for transparency. I may not be a skilled developer, a learning one at best but I think its these kinds of convos, my own and yours that push for accountability. While I am sure that Proton has every intention to deliver the best product possible, that doesn't mean we stop asking questions like this. @Zylquinal you are the one who has been using the pre-release alpha with Arch Linux, yes? Great work on that btw if so. I have directed many a person to your repo who use Arch. |
|
Thank you for the release of Here is some example that's also happening in new update: Then we bypass the killswitch just by explicitly using certain device: I do know it's kinda hard to block it unless we are using firewall, which need elevated permission to run. That's why i think it's better if the app also explicitly warn the user of any possibility that certain apps could possibly bypass this restriction when they're using the kill switch, since not everyone knows that such possibility exist. |
|
@calexandru2018 Thank you for adding the kill switch! Can you also add a permanent kill switch option, so when I'm disconnected, it won't leak my real IP? |
@Zylquinal not my experience on Ubuntu: $ ping -I wlp58s0 1.1.1.1
PING 1.1.1.1 (1.1.1.1) from 192.168.101.52 wlp58s0: 56(84) bytes of data.
^C
--- 1.1.1.1 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 9211ms |
It's working for me on Arch: |
|
Maybe you need to reinstall it, or install ufw? Or it only works on Debian-based systems for some reason? |
It doesn't use ufw, and if it use one the app need Okay, so i just installed clean Ubuntu 22.04.3 for the test, and here's the result Here you would see specifying interface still works, and you would also see the difference in latency when using the VPN interface and not using it. |
|
@calexandru2018 On all of my computers, I'm having an issue where after each reboot I have to sign in again. Do you mind looking into that? |
and others
The last commit was 3 months ago, while the windows app was updated 13 days ago.
The text was updated successfully, but these errors were encountered: