The Mullvad VPN client app for desktop and mobile

Overview

Mullvad VPN desktop and mobile app

Welcome to the Mullvad VPN client app. This repository contains all the source code for the desktop and mobile versions of the app. For desktop this includes the system service/daemon (mullvad-daemon), a graphical user interface (GUI) and a command line interface (CLI). The Android app uses the same backing system service for the tunnel and security but has a dedicated frontend in android/. iOS consists of a completely standalone implementation that resides in ios/.

Releases

There are built and signed releases for macOS, Windows, Linux and Android available on our website and on Github. The Android app is also available on Google Play and F-Droid and the iOS version on App Store.

You can find our code signing keys as well as instructions for how to cryptographically verify your download on Mullvad's Open Source page.

Platform/OS support

These are the operating systems and their versions that the app officially supports. It might work on many more versions, but we don't test for those and can't guarantee the quality or security.

OS/Platform Supported versions
Windows 7, 8.1 and 10
macOS The three latest major releases
Linux (Ubuntu) The two newest LTS releases and the two newest non-LTS releases
Linux (Fedora) The versions that are not yet EOL
Linux (Debian) The versions that are not yet EOL
Android The four latest major releases
iOS 13 and newer

On Linux we test using the Gnome desktop environment. The app should, and probably does work in other DEs, but we don't regularly test those.

Features

Here is a table containing the features of the app across platforms. This reflects the current state of latest master, not necessarily any existing release.

Windows Linux macOS Android iOS
OpenVPN
WireGuard
OpenVPN over Shadowsocks
Optional local network access ✓*

* The local network is always accessible on iOS with the current implementation

Security and anonymity

This app is a privacy preserving VPN client. As such it goes to great lengths to stop traffic leaks. And basically all settings default to the more secure/private option. The user has to explicitly allow more loose rules if desired. See the dedicated security document for details on what the app blocks and allows, as well as how it does it.

Checking out the code

This repository contains submodules needed for building the app. However, some of those submodules also have further submodules that are quite large and not needed to build the app. So unless you want the source code for OpenSSL, OpenVPN and a few other projects you should avoid a recursive clone of the repository. Instead clone the repository normally and then get one level of submodules:

git clone https://github.com/mullvad/mullvadvpn-app.git
cd mullvadvpn-app
git submodule update --init

We sign every commit on the master branch as well as our release tags. If you would like to verify your checkout, you can find our developer keys on Mullvad's Open Source page.

Binaries submodule

This repository has a git submodule at dist-assets/binaries. This submodule contains binaries and build scripts for third party code we need to bundle with the app. Such as OpenVPN, Shadowsocks etc.

This submodule conforms to the same integrity/security standards as this repository. Every merge commit should be signed. And this main repository should only ever point to a signed merge commit of the binaries submodule.

See the binaries submodule's README for more details about that repository.

Install toolchains and dependencies

Follow the instructions for your platform, and then the All platforms instructions.

These instructions are probably not complete. If you find something more that needs installing on your platform please submit an issue or a pull request.

Windows

The host has to have the following installed:

  • Microsoft's Build Tools for Visual Studio 2019 (a regular installation of Visual Studio 2019 Community edition works as well).

  • Windows 10 SDK.

  • msbuild.exe available in %PATH%. If you installed Visual Studio Community edition, the binary can be found under:

    C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\MSBuild\Current\Bin\amd64
    
  • bash installed as well as a few base unix utilities, including sed and tail. The environment coming with Git for Windows works fine.

  • gcc for CGo.

Linux

Debian/Ubuntu

# For building the daemon
sudo apt install gcc libdbus-1-dev
# For building the installer
sudo apt install rpm

Fedora/RHEL

# For building the daemon
sudo dnf install dbus-devel
# For building the installer
sudo dnf install rpm-build

Android

These instructions are for building the app for Android under Linux.

Download and install the JDK

sudo apt install zip default-jdk

Download and install the SDK

The SDK should be placed in a separate directory, like for example ~/android or /opt/android. This directory should be exported as the $ANDROID_HOME environment variable.

cd /opt/android     # Or some other directory to place the Android SDK
export ANDROID_HOME=$PWD

wget https://dl.google.com/android/repository/commandlinetools-linux-6609375_latest.zip
unzip commandlinetools-linux-6609375_latest.zip
./tools/bin/sdkmanager "platforms;android-29" "build-tools;29.0.3" "platform-tools"

If sdkmanager fails to find the SDK root path, pass the option --sdk_root=$ANDROID_HOME to the command above.

Download and install the NDK

The NDK should be placed in a separate directory, which can be inside the $ANDROID_HOME or in a completely separate path. The extracted directory must be exported as the $ANDROID_NDK_HOME environment variable.

cd "$ANDROID_HOME"  # Or some other directory to place the Android NDK
wget https://dl.google.com/android/repository/android-ndk-r20b-linux-x86_64.zip
unzip android-ndk-r20b-linux-x86_64.zip

cd android-ndk-r20b
export ANDROID_NDK_HOME="$PWD"

Docker

Docker is required to build wireguard-go for Android. Follow the installation instructions for your distribution.

Configuring Rust

These steps has to be done after you have installed Rust in the section below:

Install the Rust Android target

Some environment variables must be exported so that some Rust dependencies can be cross-compiled correctly:

export NDK_TOOLCHAIN_DIR="$ANDROID_NDK_HOME/toolchains/llvm/prebuilt/linux-x86_64/bin"
export AR_aarch64_linux_android="$NDK_TOOLCHAIN_DIR/aarch64-linux-android-ar"
export AR_armv7_linux_androideabi="$NDK_TOOLCHAIN_DIR/arm-linux-androideabi-ar"
export AR_x86_64_linux_android="$NDK_TOOLCHAIN_DIR/x86_64-linux-android-ar"
export AR_i686_linux_android="$NDK_TOOLCHAIN_DIR/i686-linux-android-ar"
export CC_aarch64_linux_android="$NDK_TOOLCHAIN_DIR/aarch64-linux-android21-clang"
export CC_armv7_linux_androideabi="$NDK_TOOLCHAIN_DIR/armv7a-linux-androideabi21-clang"
export CC_x86_64_linux_android="$NDK_TOOLCHAIN_DIR/x86_64-linux-android21-clang"
export CC_i686_linux_android="$NDK_TOOLCHAIN_DIR/i686-linux-android21-clang"
rustup target add aarch64-linux-android armv7-linux-androideabi i686-linux-android x86_64-linux-android
Set up cargo to use the correct linker and archiver

This block assumes you installed everything under /opt/android, but you can install it wherever you want as long as the ANDROID_HOME variable is set accordingly.

Add to ~/.cargo/config.toml:

[target.aarch64-linux-android]
ar = "/opt/android/android-ndk-r20b/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android-ar"
linker = "/opt/android/android-ndk-r20b/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android21-clang"

[target.armv7-linux-androideabi]
ar = "/opt/android/android-ndk-r20b/toolchains/llvm/prebuilt/linux-x86_64/bin/arm-linux-androideabi-ar"
linker = "/opt/android/android-ndk-r20b/toolchains/llvm/prebuilt/linux-x86_64/bin/armv7a-linux-androideabi21-clang"

[target.x86_64-linux-android]
ar = "/opt/android/android-ndk-r20b/toolchains/llvm/prebuilt/linux-x86_64/bin/x86_64-linux-android-ar"
linker = "/opt/android/android-ndk-r20b/toolchains/llvm/prebuilt/linux-x86_64/bin/x86_64-linux-android21-clang"

[target.i686-linux-android]
ar = "/opt/android/android-ndk-r20b/toolchains/llvm/prebuilt/linux-x86_64/bin/i686-linux-android-ar"
linker = "/opt/android/android-ndk-r20b/toolchains/llvm/prebuilt/linux-x86_64/bin/i686-linux-android21-clang"

Signing key for release APKs (optional)

In order to build release APKs, they need to be signed. First, a signing key must be generated and stored in a keystore file. In the example below, the keystore file will be /home/user/app-keys.jks and will contain a key called release.

keytool -genkey -v -keystore /home/user/app-keys.jks -alias release -keyalg RSA -keysize 4096 -validity 10000

Fill in the requested information to generate the key and the keystore file. Suppose the file was protected by a password keystore-password and the key with a password key-password. This information should then be added to the android/keystore.properties file:

keyAlias = release
keyPassword = key-password
storeFile = /home/user/app-keys.jks
storePassword = keystore-password

All platforms

  1. Make sure to use a recent version of bash. The default version in macOS (3.2.57) isn't supported.

  2. Get the latest stable Rust toolchain via rustup.rs.

  3. This can be skipped for Android builds.

    Get the latest version 14 release of Node.js and the latest version of npm. After installing Node.js the latest version of npm can be installed by running:

    npm install -g npm
    

    macOS

    brew install node

    Linux

    Just download and unpack the node-v14.xxxx.tar.xz tarball and add its bin directory to your PATH.

    Windows

    Download the Node.js installer from the official website.

  4. Install Go (ideally version 1.16) by following the official instructions. Newer versions may work too. Since cgo is being used, make sure to have a C compiler in your path. On Windows mingw's gcc compiler should work. gcc on most Linux distributions should work, and clang for MacOS.

Building and packaging the app

Desktop

The simplest way to build the entire app and generate an installer is to just run the build script. --dev-build is added to skip some release checks and signing of the binaries:

./build.sh --dev-build

This should produce an installer exe, pkg or rpm+deb file in the dist/ directory.

Building this requires at least 1GB of memory.

macOS

By default a universal app is built on macOS. To build specifically for x86_64 or ARM64 add --target x86_64-apple-darwin or --target aarch64-apple-darwin.

Apple ARM64 (aka Apple Silicon)

Due to inability to build the management interface proto files on ARM64 (see this issue) the Apple ARM64 build must be done in 2 stages:

  1. Build management interface proto files on a non-ARM64 platform
  2. Use the built proto files during the main build by setting the MANAGEMENT_INTERFACE_PROTO_BUILD_DIR environment variable to the path the proto files

To build the management interface proto files there is a script (execute it on a non-ARM64 platform):

cd gui/scripts
npm ci
./build-proto.sh

After that copy the files from gui/src/main/management_interface/ and gui/build/src/main/management_interface/ directories into a single directory on your Apple Silicon Mac, and set the value of MANAGEMENT_INTERFACE_PROTO_BUILD_DIR to that directory while running the main build.

Make sure that the version of Go on your Mac is 1.16 (the first version to add support for Apple Silicon) or newer.

Install protobuf by running:

brew install protobuf

When all is done run the main build. Assuming that you copied the proto files into /tmp/management_interface_proto directory, the build command will look as follows:

MANAGEMENT_INTERFACE_PROTO_BUILD_DIR=/tmp/management_interface_proto ./build.sh --dev-build

If you want to build each component individually, or run in development mode, read the following sections.

Android

Running the build-apk.sh script will build the necessary Rust daemon for all supported ABIs and build the final APK:

./build-apk.sh

You may pass a --dev-build to build the Rust daemon and the UI in debug mode and sign the APK with automatically generated debug keys:

./build-apk.sh --dev-build

If the above fails with an error related to compression, try allowing more memory to the JVM:

echo "org.gradle.jvmargs=-Xmx4608M" >> ~/.gradle/gradle.properties
./android/gradlew --stop

Building and running mullvad-daemon on desktop

  1. Firstly, on MacOS and Linux, one should source env.sh to set the default environment variables.

    source env.sh
  2. On Windows, make sure to start bash first (e.g., Git BASH). Then build the C++ libraries:

     ./build_windows_modules.sh --dev-build
  3. Build the system daemon plus the other Rust tools and programs:

    cargo build
  4. Copy the OpenVPN and Shadowsocks binaries, and our plugin for it, to the directory we will use as resource directory. If you want to use any other directory, you would need to copy even more files.

    cp dist-assets/binaries/<platform>/{openvpn, sslocal}[.exe] dist-assets/
    cp target/debug/*talpid_openvpn_plugin* dist-assets/
  5. On Windows, also copy wintun.dll to the build directory:

    cp dist-assets/binaries/x86_64-pc-windows-msvc/wintun.dll target/debug/
  6. On Windows, the daemon must be run as the SYSTEM user. You can use PsExec to launch an elevated bash instance before starting the daemon in it:

    psexec64 -i -s bash.exe
    
  7. Run the daemon with verbose logging (from the root directory of the project):

    sudo MULLVAD_RESOURCE_DIR="./dist-assets" ./target/debug/mullvad-daemon -vv

    Leave out sudo on Windows. The daemon must run as root since it modifies the firewall and sets up virtual network interfaces etc.

Environment variables controlling the execution

  • TALPID_FIREWALL_DEBUG - Helps debugging the firewall. Does different things depending on platform:

    • Linux: Set to "1" to add packet counters to all firewall rules.
    • macOS: Makes rules log the packets they match to the pflog0 interface.
      • Set to "all" to add logging to all rules.
      • Set to "pass" to add logging to rules allowing packets.
      • Set to "drop" to add logging to rules blocking packets.
  • TALPID_FIREWALL_DONT_SET_SRC_VALID_MARK - Forces the daemon to not set src_valid_mark config on Linux. The kernel config option is set because otherwise strict reverse path filtering may prevent relay traffic from reaching the daemon. If rp_filter is set to 1 on the interface that will be receiving relay traffic, and src_valid_mark is not set to 1, the daemon will not be able to receive relay traffic.

  • TALPID_DNS_MODULE - Allows changing the method that will be used for DNS configuration on Linux. By default this is automatically detected, but you can set it to one of the options below to choose a specific method:

    • "static-file": change the /etc/resolv.conf file directly
    • "resolvconf": use the resolvconf program
    • "systemd": use systemd's resolved service through DBus
    • "network-manager": use NetworkManager service through DBus
  • TALPID_FORCE_USERSPACE_WIREGUARD - Forces the daemon to use the userspace implementation of WireGuard on Linux.

  • TALPID_DNS_CACHE_POLICY - On Windows, this changes how DNS is configured:

    • 1: The default. This sets a global list of DNS servers that dnscache will use instead of the servers specified on each interface.
    • 0: Only set DNS servers on the tunnel interface. This will misbehave if local custom DNS servers are used.
  • TALPID_DISABLE_OFFLINE_MONITOR - Forces the daemon to always assume the host is online.

  • MULLVAD_MANAGEMENT_SOCKET_GROUP - On Linux and macOS, this restricts access to the management interface UDS socket to users in the specified group. This means that only users in that group can use the CLI and GUI. By default, everyone has access to the socket.

Setting environment variable

  • On Windows, one can use setx from an elevated shell, like so

    setx TALPID_DISABLE_OFFLINE 1 /m

    For the change to take effect, one must restart the daemon

    sc.exe stop mullvadvpn
    sc.exe start mullvadvpn
  • On Linux, one should edit the systemd unit file via systemctl edit mullvad-daemon.service and edit it like so

    [Service]
    Environment="TALPID_DISABLE_OFFLINE_MONITOR=1"
    

    For the change to take effect, one must restart the daemon

    sudo systemctl restart mullvad-daemon
  • On macOS, one can use launchctl like so

    sudo launchctl setenv TALPID_DISABLE_OFFLINE_MONITOR 1

    For the change to take effect, one must restart the daemon

    launchctl unload -w /Library/LaunchDaemons/net.mullvad.daemon.plist
    launchctl load -w /Library/LaunchDaemons/net.mullvad.daemon.plist

Building and running the desktop Electron GUI app

  1. Go to the gui directory

    cd gui
  2. Install all the JavaScript dependencies by running:

    npm install
  3. Start the GUI in development mode by running:

    npm run develop

If you change any javascript file while the development mode is running it will automatically transpile and reload the file so that the changes are visible almost immediately.

Please note that the GUI needs a running daemon to connect to in order to work. See Building and running mullvad-daemon for instruction on how to do that before starting the GUI.

Supported environment variables

  1. MULLVAD_PATH - Allows changing the path to the folder with the mullvad-problem-report tool when running in development mode. Defaults to: <repo>/target/debug/.

Making a release

When making a real release there are a couple of steps to follow. <VERSION> here will denote the version of the app you are going to release. For example 2018.3-beta1 or 2018.4.

  1. Follow the Install toolchains and dependencies steps if you have not already completed them.

  2. Make sure the CHANGELOG.md is up to date and has all the changes present in this release. Also change the [Unreleased] header into [<VERSION>] - <DATE> and add a new [Unreleased] header at the top. Push this, get it reviewed and merged.

  3. Run ./prepare_release.sh <VERSION>. This will do the following for you:

    1. Check if your repository is in a sane state and the given version has the correct format
    2. Update package.json with the new version and commit that
    3. Add a signed tag to the current commit with the release version in it

    Please verify that the script did the right thing before you push the commit and tag it created.

  4. When building for Windows or macOS, the following environment variables must be set:

    • CSC_LINK - The path to the certificate used for code signing.

      • Windows: A .pfx certificate.
      • macOS: A .p12 certificate file with the Apple application signing keys. This file must contain both the "Developer ID Application" and the "Developer ID Installer" certificates + private keys.
    • CSC_KEY_PASSWORD - The password to the file given in CSC_LINK. If this is not set then build.sh will prompt you for it. If you set it yourself, make sure to define it in such a way that it's not stored in your bash history:

      export HISTCONTROL=ignorespace
      export CSC_KEY_PASSWORD='my secret'
    • macOS only:

      • NOTARIZE_APPLE_ID - The AppleId to use when notarizing the app. Only needed on release builds

      • NOTARIZE_APPLE_ID_PASSWORD - The AppleId password for the account in NOTARIZE_APPLE_ID. Don't use the real AppleId password! Instead create an app specific password and add that to your keyring. See this documentation: https://github.com/electron/electron-notarize#safety-when-using-appleidpassword

        Summary:

        1. Generate app specific password on Apple's AppleId management portal.
        2. Run security add-generic-password -a "<apple_id>" -w <app_specific_password> -s "something_something"
        3. Set NOTARIZE_APPLE_ID_PASSWORD="@keychain:something_something".
  5. Run ./build.sh on each computer/platform where you want to create a release artifact. This will do the following for you:

    1. Update relays.json with the latest relays
    2. Compile and package the app into a distributable artifact for your platform.

    Please pay attention to the output at the end of the script and make sure the version it says it built matches what you want to release.

Running Integration Tests

The integration tests are located in the mullvad-tests crate. It uses a mock OpenVPN binary to test the mullvad-daemon. To run the tests, the mullvad-daemon binary must be built first. Afterwards, the tests should be executed with the integration-tests feature enabled. To simplify this procedure, the integration-tests.sh script can be used to run all integration tests.

Command line tools for Electron GUI app development

  • $ npm run develop - develop app with live-reload enabled
  • $ npm run lint - lint code
  • $ npm run pack:<OS> - prepare app for distribution for your platform. Where <OS> can be linux, mac or win
  • $ npm test - run tests

Tray icon on Linux

The requirements for displaying a tray icon varies between different desktop environments. If the tray icon doesn't appear, try installing one of these packages:

  • libappindicator3-1
  • libappindicator1
  • libappindicator

If you're using GNOME, try installing one of these GNOME Shell extensions:

  • TopIconsFix
  • TopIcons Plus

Repository structure

Electron GUI app and electron-builder packaging assets

  • gui/
    • assets/ - Graphical assets and stylesheets
    • src/
      • main/
        • index.ts - Entry file for the main process
      • renderer/
        • app.tsx - Entry file for the renderer process
        • routes.tsx - Routes configurator
        • transitions.ts - Transition rules between views
      • config.json - App color definitions and URLs to external resources
    • tasks/ - Gulp tasks used to build app and watch for changes during development
      • distribution.js - Configuration for electron-builder
    • test/ - Electron GUI tests
  • dist-assets/ - Icons, binaries and other files used when creating the distributables
    • binaries/ - Git submodule containing binaries bundled with the app. For example the statically linked OpenVPN binary. See the README in the submodule for details
    • linux/ - Scripts and configuration files for the deb and rpm artifacts
    • pkg-scripts/ - Scripts bundled with and executed by the macOS pkg installer
    • windows/ - Windows NSIS installer configuration and assets
    • ca.crt - The Mullvad relay server root CA. Bundled with the app and only OpenVPN relays signed by this CA are trusted

Building, testing and misc

  • build_windows_modules.sh - Compiles the C++ libraries needed on Windows
  • build.sh - Sanity checks the working directory state and then builds release artifacts for the app

Mullvad Daemon

The daemon is implemented in Rust and is implemented in several crates. The main, or top level, crate that builds the final daemon binary is mullvad-daemon which then depend on the others.

In general one can look at the daemon as split into two parts, the crates starting with talpid and the crates starting with mullvad. The talpid crates are supposed to be completely unrelated to Mullvad specific things. A talpid crate is not allowed to know anything about the API through which the daemon fetch Mullvad account details or download VPN server lists for example. The talpid components should be viewed as a generic VPN client with extra privacy and anonymity preserving features. The crates having mullvad in their name on the other hand make use of the talpid components to build a secure and Mullvad specific VPN client.

  • Cargo.toml - Main Rust workspace definition. See this file for which folders here are daemon Rust crates.
  • mullvad-daemon/ - Main Rust crate building the daemon binary.
  • talpid-core/ - Main crate of the VPN client implementation itself. Completely Mullvad agnostic privacy preserving VPN client library.

Vocabulary

Explanations for some common words used in the documentation and code in this repository.

  • App - This entire product (everything in this repository) is the "Mullvad VPN App", or App for short.
    • Daemon - Refers to the mullvad-daemon Rust program. This headless program exposes a management interface that can be used to control the daemon
    • Frontend - Term used for any program or component that connects to the daemon management interface and allows a user to control the daemon.
      • GUI - The Electron + React program that is a graphical frontend for the Mullvad VPN App.
      • CLI - The Rust program named mullvad that is a terminal based frontend for the Mullvad VPN app.

File paths used by Mullvad VPN app

A list of file paths written to and read from by the various components of the Mullvad VPN app

Daemon

On Windows, when a process runs as a system service the variable %LOCALAPPDATA% expands to C:\Windows\system32\config\systemprofile\AppData\Local.

All directory paths are defined in, and fetched from, the mullvad-paths crate.

Settings

The settings directory can be changed by setting the MULLVAD_SETTINGS_DIR environment variable.

Platform Path
Linux /etc/mullvad-vpn/
macOS /etc/mullvad-vpn/
Windows %LOCALAPPDATA%\Mullvad VPN\
Android /data/data/net.mullvad.mullvadvpn/

Logs

The log directory can be changed by setting the MULLVAD_LOG_DIR environment variable.

Platform Path
Linux /var/log/mullvad-vpn/ + systemd
macOS /var/log/mullvad-vpn/
Windows C:\ProgramData\Mullvad VPN\
Android /data/data/net.mullvad.mullvadvpn/

Cache

The cache directory can be changed by setting the MULLVAD_CACHE_DIR environment variable.

Platform Path
Linux /var/cache/mullvad-vpn/
macOS /Library/Caches/mullvad-vpn/
Windows C:\ProgramData\Mullvad VPN\cache
Android /data/data/net.mullvad.mullvadvpn/cache

RPC address file

The full path to the RPC address file can be changed by setting the MULLVAD_RPC_SOCKET_PATH environment variable.

Platform Path
Linux /var/run/mullvad-vpn
macOS /var/run/mullvad-vpn
Windows //./pipe/Mullvad VPN
Android /data/data/net.mullvad.mullvadvpn/rpc-socket

GUI

The GUI has a specific settings file that is configured for each user. The path is set in the gui/packages/desktop/main/gui-settings.ts file.

Platform Path
Linux $XDG_CONFIG_HOME/Mullvad VPN/gui_settings.json
macOS ~/Library/Application Support/Mullvad VPN/gui_settings.json
Windows %LOCALAPPDATA%\Mullvad VPN\gui_settings.json
Android Present in Android's logcat

Icons

Icons such as the logo and menubar icons are automatically generated. The source files are:

Path Usage
graphics/icon.svg The logo icon used for e.g. application icon and in app logo
graphics/icon-mono.svg The logo icon used for the android notification icon
graphics/icon-square.svg Logo icon used to generate the iOS application icon
gui/assets/images/*.svg Icons used to generate iOS icons and used in the desktop app
gui/assets/images/menubar icons/svg/*.svg The frames for the menubar icon

Generate desktop icon by running

gui/scripts/build-logo-icons.sh

Generate android icons

android/generate-pngs.sh

Generate iOS icon and assets

ios/convert-assets.rb --app-icon
ios/convert-assets.rb --import-desktop-assets
ios/convert-assets.rb --additional-assets

Generate desktop menubar icons

gui/scripts/build-menubar-icons.sh

The menubar icons are described futher here.

Locales and translations

Instructions for how to handle locales and translations are found here.

For instructions specific to the Android app, see here.

Audits, pentests and external security reviews

Mullvad has used external pentesting companies to carry out security audits of this VPN app. Read more about them in the audits readme.

License

Copyright (C) 2021 Mullvad VPN AB

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

For the full license agreement, see the LICENSE.md file

The source code for the iOS app is GPL-3 licensed like everything else in this repository. But the distributed app on the Apple App Store is not GPL licensed, it falls under the Apple App Store EULA.

Comments
  • Windows service crate

    Windows service crate

    Checklist for a PR:

    • [ ] Describe the change in CHANGELOG.md. Only applicable if the change has any impact for a user.

    This is the first part of Windows Service support for mullvad-daemon. I imagine that we'll have a service binary that will start/stop mullvad-daemon and communicate with it via RPC. This part is a self-registration that allows to register Windows service or unregister it.

    Currently it's possible by running (with admin privileges):

    target\debug\mullvad-service.exe -install

    or

    target\debug\mullvad-service.exe -remove

    The second part of my work will contain the main and service control function implementations that will allow to actually start/stop mullvad-daemon etc..


    This change is Reviewable

    opened by pronebird 251
  • Windows service integration

    Windows service integration

    Checklist for a PR:

    • [ ] Describe the change in CHANGELOG.md. Only applicable if the change has any impact for a user.

    Baby steps towards a complete windows service implementation of daemon.

    Checklist

    • [X] Self-installation (--register-service)
    • [X] Basic service lifecycle
    • [X] Clean up some CLI routine. Currently cli::get_app is public, need this for match
    • [X] Figure out if we should be accepting daemon configuration via service arguments.

    This change is Reviewable

    opened by pronebird 71
  • Xp login

    Xp login

    Could not find any reasonable solution for tests of the footer visibility when just animating it out of sight, does anyone have any suggestions?

    Also noted that the cursor moves to the end after writing in a selected area, but it seems to be that way now as well so i didn't change anything.

    Put a fix for not being able to use the placeholderTextColor, so this will change the placeholder text color on support as well, but now its according to design i zeplin!

    Checklist for a PR:

    • [ ] Describe the change in CHANGELOG.md. Only applicable if the change has any impact for a user.

    This change is Reviewable

    opened by anderklander 68
  • Windows firewall management

    Windows firewall management

    I've essentially done 3 things:

    • Added wfp submodule.
    • added a build.rs for talpid-core that can build our windows firewall library.
    • added some FFI glue to use said library to manage the firewall.

    This change is Reviewable

    opened by pinkisemils 64
  • Adding a way to pass `--mssfix` parameter to OpenVPN's subprocess.

    Adding a way to pass `--mssfix` parameter to OpenVPN's subprocess.

    I've added some minor changes to the daemon to support optionally passing an extra parameter to the openvpn client that would inform TCP sessions about what their maximum packet sizes should be. The 2 RPCs serve to both set and get the parameters value.

    Do tell me if I should also add this change to the changelog.

    I'm not entirely certain if the best thing to do here isn't going with a more generic way of setting custom arguments. I'm also not certain if validating the MTU size is done in the right place.


    This change is Reviewable

    opened by pinkisemils 61
  • Rpc manager

    Rpc manager

    If this PR is merged, PR #96 must be closed.

    This is an initial attempt at using an IP address to connect to the master API server. It stores the IP in a cache and re-uses it when possible. If the cache is empty, the IP is resolved and stored in the cache.

    This version creates some more helper types increasing the level of abstraction. I also wrote a different version that's simpler and touches slightly less code. I pushed both as PRs so everyone can take a look and see which option is better. It might be better to choose one first then do a more fine-grained review of the code to avoid duplicated effort (sorry about that). After an option is chosen, the other PR must be closed.

    Checklist for a PR:

    • [ ] Describe the change in CHANGELOG.md. Only applicable if the change has any impact for a user.

    This change is Reviewable

    opened by jvff 56
  • Windows: Override and enforce DNS settings

    Windows: Override and enforce DNS settings

    This is work in progress.

    However, it would be great to get some feedback on the overall structure of the code, and the approach used.

    Some of the things that need to be fixed:

    • All the TODOs
    • Pass errorSink to monitoring thread
    • Move generic WMI code into libcommon
    • Serialize settings to be restored and send to windns client ** This will be done continuously from the monitoring thread
    • Implement shelling out to netsh for updating settings on adapters that are offline
    • Extend Reset function to accept serialized settings to be restored

    This change is Reviewable

    opened by mvd-ows 52
  • Add C++ code to manage metrics for network interfaces on Windows.

    Add C++ code to manage metrics for network interfaces on Windows.

    This PR adds winroute which is a C++ project that ensures that a given network interface has the top metric amongst all other network interfaces. I've also improved build_windows_libraries.sh and I've added some FFI code to call into winroute. The metrics are only set if the target intreface's metric isn't set to 1 already.


    This change is Reviewable

    opened by pinkisemils 50
  • Test RPC address file creation on daemon start-up

    Test RPC address file creation on daemon start-up

    This is an early attempt at implementing a test for the RPC address file creation. I originally wanted to test multiple-daemons to see if only the first one would keep running, but I thought it might be better to start with something simpler and gradually complicate it.

    Feedback and suggestions welcome. I wrote this as an integration test, but other ways of testing can be discussed.

    TODO:

    • [ ] Make it cross platform (currently Unix specific);
    • [ ] See if it's possible/desirable to test as administrator.

    Checklist for a PR:

    • [x] Describe the change in CHANGELOG.md. Only applicable if the change has any impact for a user. This is not visible to the user.

    This change is Reviewable

    opened by jvff 48
  • Android setup

    Android setup

    Setup to be able to test on android and moving some stuff to platform.js to be able to run it without importing electron.

    At the moment the android build will fail on the SupportPage for still using electon, so don't expect anything fancy.

    It would be very good if you could help me with testing logging and clipboard, since i dont have macOS and was not able to start the backend at the moment.

    Based on the quit-button-position branch to get style changes.

    Installation instruction draft:

    Android

    Follow the installation instructions for react-native. At the moment hot-loading android and desktop will not work at the same time (due to modules not found when using the app structure), content is copied from app/ to mobile/js/ when the run-android script is run. The andorid project can be either bundled in the apk or run with a packager server, settings for this is found in the build.gradle file in mobile/app/

    The setup-android script installs the node_modules for the mobile project. (or just yarn install in the mobile/ dir)

    yarn setup-android
    

    To run and start logging. Will run on connected physical device or started emulator.

    yarn run-android
    

    This change is Reviewable

    opened by anderklander 47
  • [Feature request] Linux ARM support

    [Feature request] Linux ARM support

    It would be nice to get the Mullvad VPN app and daemon running on ARM platforms. Support for armv7hl and aarch64 would be appreciated!

    This is ideal for using Mullvad as a VPN on DIY NAS systems. Most of these setup have some kind of SBC like a Raspberry Pi or Odroid running an ARM processor.

    feature request 
    opened by DylanVanAssche 45
  • Impossible to add Gamepass games to Split Tunnelling due to permissions

    Impossible to add Gamepass games to Split Tunnelling due to permissions

    Issue report

    Operating system: Windows 11 Pro 22H2

    App version: 2022.5

    Issue description

    It lets you navigate to the Gamepass game folder and .exe, but when trying to open it claims insufficient permissions

    image

    I have found https://github.com/mullvad/mullvadvpn-app/issues/2822, but that mentions Store apps which run under RuntimeBroker.exe and the solution offered is to install from different source so the processes are split and can be added to Mullvad, but the Gamepass games are mostly not like that I just can't click OK when I find the .exe. Hope that makes sense.

    I generally do not mind Mullvad reconnecting twice a day, but not when I'm at the end of 1 hour raid really. I can't really turn vpn off without uninstalling so what are my options here?

    bug Windows Desktop frontend 
    opened by hugalafutro 3
  • Add instrumented tests using mocked api

    Add instrumented tests using mocked api

    This PR primarly aims to add instrumented tests that relied on a mocked backend API. As part of supporting that, the existing instrumented tests and test setup has also been improved.


    This change is Reviewable

    Android 
    opened by albin-mullvad 0
  • Wireguard Blocking Internet: Unable to apply firewall rules. Try updating your kernel

    Wireguard Blocking Internet: Unable to apply firewall rules. Try updating your kernel

    Issue report

    Operating system: Fedora 36 , Fedora 35

    App version: 2022.5

    Issue description

    When there is a network outage, and mullvad is connected using the wireguard protocol, after about a minute of so it errors out with Unable to apply firewall rules. Try updating your kernel

    This state exists even after the connection comes back, and is only fixed by manually disconnecting and reconnecting. After which it works fine.

    Errors in Logs:

    Error: Failed to apply firewall policy for connecting state
    Caused by: Unable to translate network interface name "wg-mullvad" into index
    Caused by: Failed to get index for interface wg-mullvad
    Caused by: No such device (os error 19)
    

    After the error running ifconfig -a shows that the wg-mullvad interface has disappeared.

    Issue only occurs with wireguard and openvpn works fine in the same situation.

    bug Linux 
    opened by ItsABlackScreen 4
  • Can't connect or split tunnel parsec

    Can't connect or split tunnel parsec

    Windows 11 22h2

    Mullvad 2022.5

    Issue description

    When I am connected with Mullvad I can't connect at all via Parsec from outside. I tried split tunneling but that didn't work either. Only disconnecting let's me connect.

    opened by TheRealDadbeard 4
  • Version change popup

    Version change popup

    1. Add changes.txt.
    2. Update GUI by introducing some views and handlers.
      1. Introduce ChangeLogTableCellView, ChangeLogContentView, ChangeLogViewController.
      2. Introduce ChangeLogUIHandler.
      3. Add FormSheet handlers.
      4. Introduce FormSheetConfiguration.
    3. Introduce ChangeLog.
    4. Introduce ReadChangesOperation.
    5. Introduce ProcessEnvironment+Extension.

    This change is Reviewable

    opened by sajacl 0
  • VPN app tries to access credentials store on Linux

    VPN app tries to access credentials store on Linux

    Issue report

    Operating system: Manjaro Linux, kernel: 5.15.81-1-MANJARO. KDE: 5.26.4

    App version: 2022.5

    Issue description

    As soon as I disconnect VPN or switch location, system prompts me to unlock my password manager, KWallet, currently. And it doesn't provide app name, as some apps, like Chrome does.

    image

    bug Linux 
    opened by Mart-Bogdan 3
Releases(android/2022.3)
  • android/2022.3(Nov 14, 2022)

  • android/2022.2(Oct 18, 2022)

    This release is for Android only. Here's a list of the changes since last stable release android/2022.1:

    Added

    Android

    • Add device management to the Android app. This simplifies knowing which device is which and adds the option to log other devices out when the account already has five devices.

    Changed

    Android

    • Lowered default MTU to 1280 on Android.
    • Disable app icon badge for tunnel state notification/status.

    Removed

    Android

    • Remove WireGuard view as it's no longer needed with the new way of managing devices.

    Fixed

    Android

    • Fix unused dependencies loaded in the service/tile DI graph.
    • Fix missing IPC message unregistration causing multiple copies of some messages to be received.
    • Fix quick settings tile being unresponsive and causing crashes on some devices.
    • Fix quick settings tile not working when the device is locked. It will now prompt the user to unlock the device before attempting to toggle the tunnel state.
    • Fix crash when clicking in-app URL notifications.
    • Fix tunnel info expansion state not remembered during pause and resume.
    • Fix disabled login button on login failure. Instead, the login button will now still be enabled on login failures to let the user re-attempt the login.

    Security

    Android

    • Prevent location request responses from being received outside the tunnel when in the connected state.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.2.apk(29.56 MB)
    MullvadVPN-2022.2.apk.asc(833 bytes)
  • 2022.5(Oct 14, 2022)

    This release is for desktop only.

    Here is a list of all changes since last stable release 2022.4.

    Added

    • Add obfuscation settings under "WireGuard settings".
    • Add custom option to WireGuard port selector.

    Windows

    • The default VPN protocol is slowly being changed from OpenVPN to WireGuard. The app fetches the ratio between the protocols from the API.

    Linux

    • GUI: Add electron flags to run Wayland native if in a compositor/desktop known to work well
    • Add ARM64 (aarch64) builds. This is the first release with Linux ARM support.

    Changed

    • Reject invalid WireGuard ports in the CLI.
    • Reorganize settings into more logical categories.
    • Upgrade wireguard-go to 20220703234212 (Windows: v0.5.3).
    • Prune bridges far away from the selected relay.
    • Stay connected when desktop app is killed or crashes. The only situation where the app now disconnects on quit is when the user presses the quit button.
    • Update Electron from 18.0.3 to 19.0.13.
    • Expand allowed range of multicast destinations to include all of 239.0.0.0/8 (administratively scoped addresses), when local network sharing is enabled.
    • Default to selecting Sweden as the entry location when using WireGuard multihop. Previously, a random location was used.
    • Experimental: Upgrade the support for quantum-resistant WireGuard tunnels to a newer protocol.

    Windows

    • Remove dependency on ipconfig.exe. Call DnsFlushResolverCache to flush the DNS cache.
    • Upgrade Wintun to 0.14.1.

    Linux

    • The daemon binary and systemd unit file will now be placed in /usr/bin/ and /usr/lib/systemd/system respectively, to aid with starting the system service on systems where /opt isn't mounted during early boot.

    Fixed

    • Connect to TCP endpoints over IPv6 if IPv6 is enabled for WireGuard.
    • Fix udp2tcp not working when quantum-resistant tunnels are enabled.
    • Quit app gracefully if renderer process is killed or crashes.
    • Enable reconnect in blocked state in desktop app.
    • Fix error handling during device removal in the desktop app.
    • Enable interface settings when app is logged out
    • Fix 'mullvad status -v' to include the port of the endpoint when connecting over TCP.
    • Check whether the device is valid when reconnecting from the error state.
    • Stop reconnecting when the account has run out of time.

    Windows

    • Only use the most recent list of apps to split when resuming from hibernation/sleep if applying it was successful.
    • Don't fail install if the device tree contains nameless callout driver devices.

    Linux

    • Don't prevent early boot service from running if logging to a file fails.
    • Fix app crashing immediately when using some icon themes.

    Security

    • When the system service is being shut down and the target state is secured, maintain the blocking firewall rules. Unless it's possible to deduce that the system isn't shutting down and the system service is being stopped by the user intentionally. This is to prevent leaks that might occur during system shutdown. Fixes 2022 Mullvad app audit issue item MUL22-02.

    Windows

    • Upgrade win-split-tunnel driver to version 1.2.2.0. Fixes incomplete validation of input buffers that could result in out-of-bounds reads. Fixes 2022 Mullvad app audit issue item MUL22-01.

    Linux

    • Added traffic blocking during early boot, before the daemon starts, to prevent leaks in the case that the system service starts after a networking daemon has already configured a network interface.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.5.exe(82.95 MB)
    MullvadVPN-2022.5.exe.asc(833 bytes)
    MullvadVPN-2022.5.pkg(179.96 MB)
    MullvadVPN-2022.5.pkg.asc(833 bytes)
    MullvadVPN-2022.5_aarch64.rpm(64.40 MB)
    MullvadVPN-2022.5_aarch64.rpm.asc(833 bytes)
    MullvadVPN-2022.5_amd64.deb(69.59 MB)
    MullvadVPN-2022.5_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.5_arm64.deb(65.63 MB)
    MullvadVPN-2022.5_arm64.deb.asc(833 bytes)
    MullvadVPN-2022.5_x86_64.rpm(68.12 MB)
    MullvadVPN-2022.5_x86_64.rpm.asc(833 bytes)
  • 2022.5-beta1(Sep 26, 2022)

    Added

    • Add obfuscation settings under "WireGuard settings".

    Windows

    • The default VPN protocol is slowly being changed from OpenVPN to WireGuard. The app fetches the ratio between the protocols from the API.

    Linux

    • GUI: Add electron flags to run Wayland native if in a compositor/desktop known to work well
    • Add support for Linux ARM64. No installers are produced yet. But the source code can now be built for ARM64.

    Changed

    • Reject invalid WireGuard ports in the CLI.
    • Reorganize settings into more logical categories.
    • Upgrade wireguard-go to 20220703234212 (Windows: v0.5.3).
    • Prune bridges far away from the selected relay.
    • Stay connected when desktop app is killed or crashes. The only situation where the app now disconnects on quit is when the user presses the quit button.
    • Update Electron from 18.0.3 to 19.0.13.
    • Expand allowed range of multicast destinations to include all of 239.0.0.0/8 (administratively scoped addresses), when local network sharing is enabled.
    • Default to selecting Sweden as the entry location when using WireGuard multihop. Previously, a random location was used.

    Windows

    • Remove dependency on ipconfig.exe. Call DnsFlushResolverCache to flush the DNS cache.
    • Upgrade Wintun to 0.14.1.

    Linux

    • The daemon binary and systemd unit file will now be placed in /usr/bin/ and /usr/lib/systemd/system respectively, to aid with starting the system service on systems where /opt isn't mounted during early boot.

    Fixed

    • Connect to TCP endpoints over IPv6 if IPv6 is enabled for WireGuard.
    • Fix udp2tcp not working when quantum-resistant tunnels are enabled.
    • Quit app gracefully if renderer process is killed or crashes.
    • Enable reconnect in blocked state in desktop app.
    • Fix error handling during device removal in the desktop app.
    • Enable interface settings when app is logged out
    • Fix 'mullvad status -v' to include the port of the endpoint when connecting over TCP.
    • Check whether the device is valid when reconnecting from the error state.
    • Stop reconnecting when the account has run out of time.

    Windows

    • Only use the most recent list of apps to split when resuming from hibernation/sleep if applying it was successful.
    • Don't fail install if the device tree contains nameless callout driver devices.

    Security

    • When the system service is being shut down and the target state is secured, maintain the blocking firewall rules. Unless it's possible to deduce that the system isn't shutting down and the system service is being stopped by the user intentionally. This is to prevent leaks that might occur during system shutdown. Fixes 2022 Mullvad app audit issue item MUL22-02.

    Windows

    • Upgrade win-split-tunnel driver to version 1.2.2.0. Fixes incomplete validation of input buffers that could result in out-of-bounds reads. Fixes 2022 Mullvad app audit issue item MUL22-01.

    Linux

    • Added traffic blocking during early boot, before the daemon starts, to prevent leaks in the case that the system service starts after a networking daemon has already configured a network interface.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.5-beta1.exe(82.92 MB)
    MullvadVPN-2022.5-beta1.exe.asc(833 bytes)
    MullvadVPN-2022.5-beta1.pkg(179.97 MB)
    MullvadVPN-2022.5-beta1.pkg.asc(833 bytes)
    MullvadVPN-2022.5-beta1_amd64.deb(69.57 MB)
    MullvadVPN-2022.5-beta1_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.5-beta1_x86_64.rpm(68.14 MB)
    MullvadVPN-2022.5-beta1_x86_64.rpm.asc(833 bytes)
  • android/2022.2-beta2(Sep 9, 2022)

    Changed

    Android

    • Refresh device data when opening the account view to ensure the local data is up-to-date and that the device hasn't been revoked.
    • Disable settings button during login.

    Fixed

    Android

    • Fix crash sometimes occurring during account creation.
    • Fix tunnel info expansion state not remembered during pause and resume.
    • Fix crash during some view transitions.
    • Fix disabled login button on login failure. Instead, the login button will now still be enabled on login failures to let the user re-attempt the login.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.2-beta2.apk(29.51 MB)
    MullvadVPN-2022.2-beta2.apk.asc(833 bytes)
  • 2022.4(Aug 19, 2022)

    Added

    Windows

    • Windows daemon now looks up the MTU on the default interface and uses this MTU instead of the default 1500. The 1500 is still the fallback if this for some reason fails. This may stop fragmentation.

    Fixed

    Linux

    • Fix issue where MTU could not be manually set in the app.
    • Lower the max MTU from the automatic MTU detection down to 1380, which was the hardcoded default before the automatic detection was implemented. This solves issues where the physical interface MTU was set higher than it could actually transport.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.4.exe(83.03 MB)
    MullvadVPN-2022.4.exe.asc(833 bytes)
    MullvadVPN-2022.4.pkg(184.73 MB)
    MullvadVPN-2022.4.pkg.asc(833 bytes)
    MullvadVPN-2022.4_amd64.deb(69.12 MB)
    MullvadVPN-2022.4_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.4_x86_64.rpm(68.23 MB)
    MullvadVPN-2022.4_x86_64.rpm.asc(833 bytes)
  • android/2022.2-beta1(Aug 11, 2022)

    Added

    Android

    • Add device management to the Android app. This simplifies knowing which device is which and adds the option to log other devices out when the account already has five devices.

    Changed

    Android

    • Lowered default MTU to 1280 on Android.
    • Disable app icon badge for tunnel state notification/status.

    Removed

    Android

    • Remove WireGuard view as it's no longer needed with the new way of managing devices.

    Fixed

    Android

    • Fix unused dependencies loaded in the service/tile DI graph.
    • Fix missing IPC message unregistration causing multiple copies of some messages to be received.
    • Fix quick settings tile being unresponsive and causing crashes on some devices.
    • Fix quick settings tile not working when the device is locked. It will now prompt the user to unlock the device before attempting to toggle the tunnel state.
    • Fix crash when clicking in-app URL notifications.

    Security

    Android

    • Prevent location request responses from being received outside the tunnel when in the connected state.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.2-beta1.apk(29.41 MB)
    MullvadVPN-2022.2-beta1.apk.asc(833 bytes)
  • 2022.3-beta3(Jul 28, 2022)

    Fixed

    • Fix showing incompatible relay filtering options in desktop app. The filtering options are now dependent on the other filters.

    Windows

    • Fix app occasionally getting stuck in the offline state after being suspended.

    Linux

    • Fixed incompatibility with newer kernel versions (5.19 and up).

    Security

    Windows

    • Fix potential leak window when stopping the service and auto-connect is enabled and always require VPN is disabled. When stopped, usually due to a reboot, the daemon would disconnect before entering a blocking state.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.3-beta3.exe(83.02 MB)
    MullvadVPN-2022.3-beta3.exe.asc(833 bytes)
    MullvadVPN-2022.3-beta3.pkg(184.72 MB)
    MullvadVPN-2022.3-beta3.pkg.asc(833 bytes)
    MullvadVPN-2022.3-beta3_amd64.deb(69.18 MB)
    MullvadVPN-2022.3-beta3_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.3-beta3_x86_64.rpm(68.25 MB)
    MullvadVPN-2022.3-beta3_x86_64.rpm.asc(833 bytes)
  • 2022.3-beta2(Jun 29, 2022)

    This release is a small bugfix release that only affects Windows. Linux and macOS has no changes at all in this release, compared to 2022.3-beta1.

    Fixed

    Windows

    • Fix DNS issue on non-English Windows installations. Don't parse the output of ipconfig.exe to determine if the tool succeeded.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.3-beta2.exe(83.02 MB)
    MullvadVPN-2022.3-beta2.exe.asc(833 bytes)
    MullvadVPN-2022.3-beta2.pkg(184.54 MB)
    MullvadVPN-2022.3-beta2.pkg.asc(833 bytes)
    MullvadVPN-2022.3-beta2_amd64.deb(69.25 MB)
    MullvadVPN-2022.3-beta2_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.3-beta2_x86_64.rpm(68.32 MB)
    MullvadVPN-2022.3-beta2_x86_64.rpm.asc(833 bytes)
  • 2022.3-beta1(Jun 27, 2022)

    Added

    • Add option to filter relays by ownership in the desktop apps.
    • Experimental: Add support for quantum-resistant PSK exchange to the CLI.

    Linux

    • Automatically attempt to detect and set the correct MTU for Wireguard tunnels.

    Windows

    • Add CLI command for listing excluded processes.

    Removed

    Linux

    • Remove upstart init configuration files

    Fixed

    • Display consistent colors regardless of monitor color profile on desktop.
    • Fix time added view displayed due to incorrect local clock.

    Windows

    • Be more scrupulous about removing temporary files used by the installer and uninstaller.
    • Fix issue where local name resolution fails. This requires users to ensure that non-tunnel interfaces are configured correctly to use local custom DNS.
    • Configure DNS correctly when the DNS client service is disabled or not responding.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.3-beta1.exe(83.02 MB)
    MullvadVPN-2022.3-beta1.exe.asc(833 bytes)
    MullvadVPN-2022.3-beta1.pkg(184.50 MB)
    MullvadVPN-2022.3-beta1.pkg.asc(833 bytes)
    MullvadVPN-2022.3-beta1_amd64.deb(69.25 MB)
    MullvadVPN-2022.3-beta1_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.3-beta1_x86_64.rpm(68.33 MB)
    MullvadVPN-2022.3-beta1_x86_64.rpm.asc(833 bytes)
  • 2022.2(Jun 13, 2022)

    This release is for desktop only.

    Here is a list of all changes since last stable release 2022.1.

    Added

    • Extend DNS blocking with the following new categories: "Adult content" and "gambling".
    • Obfuscate traffic to the Mullvad API using bridges if it cannot be reached directly.
    • Add device management to desktop app. This simplifies knowing which device is which and adds the option to log out other devices when there are already 5 connected when logging in.
    • Add tray icon tooltip with connection info in desktop app.
    • Add relay and bridge constraints for restricting relay selection to rented or Mullvad-owned relays. Allows filtering servers by ownership in the CLI.
    • Include creation timestamp for devices in the CLI.

    Windows

    • Detect mounting and dismounting of volumes, such as VeraCrypt volumes or USB drives, and exclude paths from the tunnel correctly when these occur. This sometimes only works when the GUI frontend is running.
    • Add toggle for split tunneling state.

    Changed

    • Update settings format to v6.
    • Move WireGuard TCP obfuscation settings into mullvad obfuscation command in CLI.
    • Decrease the size of fonts, some icons and other design elements in the desktop app. This makes it possible to fit more into the same area and makes text easier to read.
    • Don't block the tunnel state machine while starting the tunnel monitor. This also means that the machine will not transition directly from the disconnected to the disconnecting state if an error occurs.
    • Change behavior of escape key in the desktop app. It now navigates backwards one step instead of to the main view. To navigate back to the main view Shift+Escape can be used.
    • Update Electron from 16.0.4 to 18.0.3.
    • Randomize bridge selection with a bias in favor of close bridges.
    • Make login field keep previous value when submitting an incorrect account number in desktop app.
    • Decrease the time it takes to connect to WireGuard relays by sending an ICMP packet immediately.
    • Pause API interactions when the daemon has not been used for 3 days.
    • Simplified output of mullvad status command.
    • List devices on an account sorted by creation date, oldest to newest, instead of alphabetically.

    Fixed

    • Fix the sometimes incorrect time added text after adding time to the account.
    • Fix scrollbar no longer responsive and usable when covered by other elements.
    • Improve tunnel bypass for the API sometimes not working in the connecting state.
    • Fix resource leak caused by location check.
    • Fix issue where sockets didn't close after disconnecting from WireGuard servers over TCP by updating udp-over-tcp to 0.2.
    • Parse old account history formats correctly when they are empty.
    • Use suspend-aware timers for relay list updates and version checks on all platforms.
    • Don't attempt to use bridges when using OpenVPN over UDP and bridge mode is set to auto.
    • Use the entry endpoint when the relay selector fails to find a relay using the preferred constraints and the tunnel protocol is "any". Previously, the entry endpoint was ignored in this case.
    • Fix logout failing if the API cannot be reached in the GUI.

    Windows

    • Fix "Open Mullvad VPN" tray context menu item not working after toggling unpinned window setting.
    • Fix apps not always visible in split tunneling view after browsing for an app and then removing it from the excluded applications.
    • Fix navigation resetting to main view when toggling the unpinned window setting.
    • Log splitting event reason correctly.

    macOS

    • Fix thrashing due to DNS config monitoring.

    Security

    Windows

    • Update split tunnel driver to 1.2.1.0. This fixes potential DNS leaks seen when excluding at least one application.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.2.exe(82.89 MB)
    MullvadVPN-2022.2.exe.asc(833 bytes)
    MullvadVPN-2022.2.pkg(184.08 MB)
    MullvadVPN-2022.2.pkg.asc(833 bytes)
    MullvadVPN-2022.2_amd64.deb(69.08 MB)
    MullvadVPN-2022.2_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.2_x86_64.rpm(68.19 MB)
    MullvadVPN-2022.2_x86_64.rpm.asc(833 bytes)
  • 2022.2-beta2(Jun 10, 2022)

  • 2022.2-beta1(May 16, 2022)

    Added

    • Extend DNS blocking with the following new categories: "Adult content" and "gambling".
    • Obfuscate traffic to the Mullvad API using bridges if it cannot be reached directly.
    • Add device management to desktop app. This simplifies knowing which device is which and adds the option to log out other devices when there are already 5 connected when logging in.
    • Add tray icon tooltip with connection info in desktop app.
    • Add relay and bridge constraints for restricting relay selection to rented or Mullvad-owned relays.

    Windows

    • Detect mounting and dismounting of volumes, such as VeraCrypt volumes or USB drives, and exclude paths from the tunnel correctly when these occur. This sometimes only works when the GUI frontend is running.
    • Add toggle for split tunneling state.

    Changed

    • Update settings format to v6.
    • Move WireGuard TCP obfuscation settings into mullvad obfuscation command in CLI.
    • Decrease the size of fonts, some icons and other design elements in the desktop app. This makes it possible to fit more into the same area and makes text easier to read.
    • Don't block the tunnel state machine while starting the tunnel monitor. This also means that the machine will not transition directly from the disconnected to the disconnecting state if an error occurs.
    • Change behavior of escape key in the desktop app. It now navigates backwards one step instead of to the main view. To navigate back to the main view Shift+Escape can be used.
    • Update Electron from 16.0.4 to 18.0.3.
    • Randomize bridge selection with a bias in favor of close bridges.
    • Make login field keep previous value when submitting an incorrect account number in desktop app.
    • Decrease the time it takes to connect to WireGuard relays by sending an ICMP packet immediately.
    • Pause API interactions when the daemon has not been used for 3 days.
    • Simplified output of mullvad status command.

    Fixed

    • Fix the sometimes incorrect time added text after adding time to the account.
    • Fix scrollbar no longer responsive and usable when covered by other elements.
    • Improve tunnel bypass for the API sometimes not working in the connecting state.
    • Fix resource leak caused by location check.
    • Fix issue where sockets didn't close after disconnecting from WireGuard servers over TCP by updating udp-over-tcp to 0.2.
    • Parse old account history formats correctly when they are empty.
    • Use suspend-aware timers for relay list updates and version checks on all platforms.
    • Don't attempt to use bridges when using OpenVPN over UDP and bridge mode is set to auto.
    • Use the entry endpoint when the relay selector fails to find a relay using the preferred constraints and the tunnel protocol is "any". Previously, the entry endpoint was ignored in this case.

    Windows

    • Fix "Open Mullvad VPN" tray context menu item not working after toggling unpinned window setting.
    • Fix apps not always visible in split tunneling view after browsing for an app and then removing it from the excluded applications.
    • Fix navigation resetting to main view when toggling the unpinned window setting.
    • Log splitting event reason correctly.

    macOS

    • Fix thrashing due to DNS config monitoring.

    Security

    Windows

    • Update split tunnel driver to 1.2.1.0. This fixes potential DNS leaks seen when excluding at least one application.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.2-beta1.exe(83.03 MB)
    MullvadVPN-2022.2-beta1.exe.asc(833 bytes)
    MullvadVPN-2022.2-beta1.pkg(183.82 MB)
    MullvadVPN-2022.2-beta1.pkg.asc(833 bytes)
    MullvadVPN-2022.2-beta1_amd64.deb(69.06 MB)
    MullvadVPN-2022.2-beta1_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.2-beta1_x86_64.rpm(68.19 MB)
    MullvadVPN-2022.2-beta1_x86_64.rpm.asc(833 bytes)
  • 2022.1(Mar 1, 2022)

    This release is for desktop only.

    Here is a list of all changes since last stable release 2021.6.

    Added

    • Add information about the always on kill switch in the desktop app.
    • Add WireGuard multihop setting and entry location selection to desktop app.
    • Add malware blocking to the desktop app. Implemented via DNS on the relays.
    • Add changes dialog which will include the most notable changes in each new version.
    • Show warning message when blocking internet while logged out, and make it possible to unblock the connection from the login view.

    Changed

    • Keep unspecified constraints unchanged in the CLI when providing specific tunnel constraints instead of setting them to default values.
    • Obscure account number in account view and add button for copying instead of copying when text is pressed.
    • Disable logging of translation errors in production. This will among other things prevent error messages from translating the country in the disconnected state.
    • Update Electron from 15.0.0 to 16.0.4.
    • Gradually increase the WireGuard connectivity check timeout, lowering the timeout for the first few attempts.
    • Stop preferring OpenVPN when bridge mode is enabled.
    • CLI command for setting a specific server by hostname is no longer case sensitive. Example: mullvad relay set hostname SE9-WIREGUARD should now work.
    • Update the default Shadowsocks password to mullvad and cipher to aes-256-gcm in the CLI when using it to configure a custom Shadowsocks bridge. The Mullvad bridges recently changed these parameters on port 443 (which is the default port).

    Windows

    • Update wireguard-nt to 0.10.1.
    • Make wireguard-nt the default driver for WireGuard. This is used instead of wireguard-go and Wintun.
    • Increase firewall transaction timeout from 2 to 5 seconds to lower the chance of errors when setting the firewall policy.
    • Update split tunnel driver to 1.2.0.0. Notably, this driver release allows firewall filters added by other software to block excluded apps.

    Removed

    Windows

    • Drop support for pre-Windows 10 systems.

    Fixed

    • Always kill sslocal if the tunnel monitor fails to start when using bridges.
    • Show relay location constraint correctly in the CLI when it is set to any.
    • Prevent gRPC from trying to run the app-daemon IPC communication through a HTTP proxy when the environment variable http_proxy is set. This caused the app to fail to connect to the daemon.
    • Disable built-in DNS resolver in Electron. Prevents Electron from establishing connections to DNS servers set in system network preferences.
    • Fix tray context menu showing or executing wrong actions, using wrong language or in other ways not update properly.
    • Prevent settings file being truncated before being read. This caused the daemon to read an empty settings file, restore to default settings and log out.
    • Improve performance for automatically scrolling text in desktop app.
    • Increase availability of the API by allowing to issue requests to the API when connecting to the relay even if account data might be invalid.

    macOS

    • Resolve issues with the app blocking internet connectivity after sleep or when connecting to new wireless networks.
    • Fix issue where the app would get stuck in offline state after a reboot or a reinstall by using route monitor instead of relying on SCNetworkReachability API to infer whether the host is offline.

    Windows

    • Fix app size after changing display scale.
    • Fix daemon not starting if all excluded app paths reside on non-existent/unmounted volumes.
    • Remove tray icon of current running app version when upgrading.
    • Allow Mullvad wireguard-nt tunnels to work simultaneously with other wg-nt tunnels.
    • Fix notifications on Windows not showing if window is unpinned and hidden.
    • Wait for IP interfaces to arrive before trying to configure them when using wireguard-nt.
    • Fix panic that occurs in the split tunnel monitor when a path consisting only of a prefix, such as "C:", is excluded using the CLI.

    Linux

    • Remove auto-launch file, GUI settings and other files created by the app in user directories, when uninstalling/purging.

    Security

    • Restrict which applications are allowed to communicate with the API while in a blocking state. This prevents malicious scripts on websites from trying to do so. On Windows, only mullvad-problem-report.exe and mullvad-daemon.exe executables are allowed to reach the API, whereas on Linux and macOS only root processes are able to reach the API.
    • Enable "Always require VPN" by default if the settings cannot be parsed. This reduces the number of errors that lead to the daemon unexpectedly starting into non-blocking mode.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.1.exe(80.50 MB)
    MullvadVPN-2022.1.exe.asc(833 bytes)
    MullvadVPN-2022.1.pkg(195.17 MB)
    MullvadVPN-2022.1.pkg.asc(833 bytes)
    MullvadVPN-2022.1_amd64.deb(79.61 MB)
    MullvadVPN-2022.1_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.1_x86_64.rpm(77.42 MB)
    MullvadVPN-2022.1_x86_64.rpm.asc(833 bytes)
  • android/2022.1(Mar 1, 2022)

    This release is for Android only.

    Here is a list of all changes since last stable release 2021.1.

    Added

    Android

    • Add toggle for Split tunneling view to be able to show system apps
    • Add support of adaptive icons (available only from Android 8).

    Changed

    • Gradually increase the WireGuard connectivity check timeout, lowering the timeout for the first few attempts.

    Android

    • Improve stability by running the UI and the tunnel management logic in separate processes.
    • Remove dialog warning that only custom local DNS servers are supported, since public custom DNS servers are now supported.
    • Drop support for Android 7/7.1 (Android 8/API level 26 or later is now required).
    • Change so that swiping the notification no longer kills the service since that isn't a common way of handling the lifecycle in Android. Instead rely on the following mechanisms to kill the service:
      • Swiping to remove app from the Recents/Overview screen.
      • Android Background Execution Limits.
      • The System Settings way of killing apps ("Force Stop").
    • Change Quick Settings tile label to reflect the action of clicking the tile. Also add a subtitle on supported Android versions (Q and above) to reflect the state.
    • Hide the tunnel state notification from the lock screen.

    Fixed

    Android

    • Fix banner sometimes incorrectly showing (e.g. "BLOCKING INTERNET").
    • Fix tunnel state notification sometimes re-appearing after being dismissed.
    • Fix invalid URLs. Rely on browser locale rather than app/system language.
    • Automatically disable custom DNS when no servers have been added.
    • Fix issue where erasing wireguard MTU value did not clear its setting.
    • Fix initial state of Split tunneling excluded apps list. Previously it was not notified the daemon properly after initialization.
    • Fix UI sometimes not updating correctly while no split screen or after having a dialog from another app appear on top.
    • Fix request to connect from notification or quick-settings tile not connecting if VPN permission isn't granted to the app. The app will now show the UI to ask for the permission and correctly connect after it is granted.
    • Fix quick-settings tile sometimes showing the wrong tunnel state.
    • Fix TV-only apps not appearing in the Split Tunneling screen.
    • Fix status bar having the wrong color after logging out.
    • Fix app sometimes crashing during startup on Android TVs.
    • Fix app crash caused by quick settings tile.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.1.apk(22.27 MB)
    MullvadVPN-2022.1.apk.asc(833 bytes)
  • 2022.1-beta2(Feb 22, 2022)

    Added

    • Show warning message when blocking internet while logged out, and make it possible to unblock the connection from the login view.

    Fixed

    • Prevent settings file being truncated before being read. This caused the daemon to read an empty settings file, restore to default settings and log out.
    • Improve performance for automatically scrolling text in desktop app.
    • Increase availability of the API by allowing to issue requests to the API when connecting to the relay even if account data might be invalid.

    Security

    • Enable "Always require VPN" by default if the settings cannot be parsed. This reduces the number of errors that lead to the daemon unexpectedly starting into non-blocking mode.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.1-beta2.exe(80.86 MB)
    MullvadVPN-2022.1-beta2.exe.asc(833 bytes)
    MullvadVPN-2022.1-beta2.pkg(196.12 MB)
    MullvadVPN-2022.1-beta2.pkg.asc(833 bytes)
    MullvadVPN-2022.1-beta2_amd64.deb(79.74 MB)
    MullvadVPN-2022.1-beta2_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.1-beta2_x86_64.rpm(77.54 MB)
    MullvadVPN-2022.1-beta2_x86_64.rpm.asc(833 bytes)
  • 2022.1-beta1(Feb 14, 2022)

    Added

    • Add information about the always on kill switch in the desktop app.
    • Add WireGuard multihop setting and entry location selection to desktop app.
    • Add malware blocking to the desktop app. Implemented via DNS on the relays.
    • Add changes dialog which will include the most notable changes in each new version.

    Changed

    • Keep unspecified constraints unchanged in the CLI when providing specific tunnel constraints instead of setting them to default values.
    • Obscure account number in account view and add button for copying instead of copying when text is pressed.
    • Disable logging of translation errors in production. This will among other things prevent error messages from translating the country in the disconnected state.
    • Update Electron from 15.0.0 to 16.0.4.
    • Gradually increase the WireGuard connectivity check timeout, lowering the timeout for the first few attempts.
    • Stop preferring OpenVPN when bridge mode is enabled.
    • CLI command for setting a specific server by hostname is no longer case sensitive. Example: mullvad relay set hostname SE9-WIREGUARD should now work.
    • Update the default Shadowsocks password to mullvad and cipher to aes-256-gcm in the CLI when using it to configure a custom Shadowsocks bridge. The Mullvad bridges recently changed these parameters on port 443 (which is the default port).

    Windows

    • Update wireguard-nt to 0.10.1.
    • Make wireguard-nt the default driver for WireGuard. This is used instead of wireguard-go and Wintun.
    • Increase firewall transaction timeout from 2 to 5 seconds to lower the chance of errors when setting the firewall policy.
    • Update split tunnel driver to 1.2.0.0. Notably, this driver release allows firewall filters added by other software to block excluded apps.

    Removed

    Windows

    • Drop support for pre-Windows 10 systems.

    Fixed

    • Always kill sslocal if the tunnel monitor fails to start when using bridges.
    • Show relay location constraint correctly in the CLI when it is set to any.
    • Prevent gRPC from trying to run the app-daemon IPC communication through a HTTP proxy when the environment variable http_proxy is set. This caused the app to fail to connect to the daemon.
    • Disable built-in DNS resolver in Electron. Prevents Electron from establishing connections to DNS servers set in system network preferences.
    • Fix tray context menu showing or executing wrong actions, using wrong language or in other ways not update properly.

    macOS

    • Resolve issues with the app blocking internet connectivity after sleep or when connecting to new wireless networks.
    • Fix issue where the app would get stuck in offline state after a reboot or a reinstall by using route monitor instead of relying on SCNetworkReachability API to infer whether the host is offline.

    Windows

    • Fix app size after changing display scale.
    • Fix daemon not starting if all excluded app paths reside on non-existent/unmounted volumes.
    • Remove tray icon of current running app version when upgrading.
    • Allow Mullvad wireguard-nt tunnels to work simultaneously with other wg-nt tunnels.
    • Fix notifications on Windows not showing if window is unpinned and hidden.
    • Wait for IP interfaces to arrive before trying to configure them when using wireguard-nt.
    • Fix panic that occurs in the split tunnel monitor when a path consisting only of a prefix, such as "C:", is excluded using the CLI.

    Linux

    • Remove auto-launch file, GUI settings and other files created by the app in user directories, when uninstalling/purging.

    Security

    • Restrict which applications are allowed to communicate with the API while in a blocking state. This prevents malicious scripts on websites from trying to do so. On Windows, only mullvad-problem-report.exe and mullvad-daemon.exe executables are allowed to reach the API, whereas on Linux and macOS only root processes are able to reach the API.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.1-beta1.exe(80.85 MB)
    MullvadVPN-2022.1-beta1.exe.asc(833 bytes)
    MullvadVPN-2022.1-beta1.pkg(196.10 MB)
    MullvadVPN-2022.1-beta1.pkg.asc(833 bytes)
    MullvadVPN-2022.1-beta1_amd64.deb(79.73 MB)
    MullvadVPN-2022.1-beta1_amd64.deb.asc(833 bytes)
    MullvadVPN-2022.1-beta1_x86_64.rpm(77.53 MB)
    MullvadVPN-2022.1-beta1_x86_64.rpm.asc(833 bytes)
  • android/2022.1-beta3(Feb 8, 2022)

  • android/2022.1-beta2(Jan 27, 2022)

  • android/2022.1-beta1(Jan 26, 2022)

    Added

    Android

    • Add toggle for Split tunneling view to be able to show system apps
    • Add support of adaptive icons (available only from Android 8).

    Changed

    • Gradually increase the WireGuard connectivity check timeout, lowering the timeout for the first few attempts.

    Android

    • Improve stability by running the UI and the tunnel management logic in separate processes.
    • Remove dialog warning that only custom local DNS servers are supported, since public custom DNS servers are now supported.
    • Drop support for Android 7/7.1 (Android 8/API level 26 or later is now required).
    • Change so that swiping the notification no longer kills the service since that isn't a common way of handling the lifecycle in Android. Instead rely on the following mechanisms to kill the service:
      • Swiping to remove app from the Recents/Overview screen.
      • Android Background Execution Limits.
      • The System Settings way of killing apps ("Force Stop").
    • Change Quick Settings tile label to reflect the action of clicking the tile. Also add a subtitle on supported Android versions (Q and above) to reflect the state.
    • Hide the tunnel state notification from the lock screen.

    Fixed

    Android

    • Fix banner sometimes incorrectly showing (e.g. "BLOCKING INTERNET").
    • Fix tunnel state notification sometimes re-appearing after being dismissed.
    • Fix invalid URLs. Rely on browser locale rather than app/system language.
    • Automatically disable custom DNS when no servers have been added.
    • Fix issue where erasing wireguard MTU value did not clear its setting.
    • Fix initial state of Split tunneling excluded apps list. Previously it was not notified the daemon properly after initialization.
    • Fix UI sometimes not updating correctly while no split screen or after having a dialog from another app appear on top.
    • Fix request to connect from notification or quick-settings tile not connecting if VPN permission isn't granted to the app. The app will now show the UI to ask for the permission and correctly connect after it is granted.
    • Fix quick-settings tile sometimes showing the wrong tunnel state.
    • Fix TV-only apps not appearing in the Split Tunneling screen.
    • Fix status bar having the wrong color after logging out.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2022.1-beta1.apk(22.76 MB)
    MullvadVPN-2022.1-beta1.apk.asc(833 bytes)
  • 2021.6(Nov 18, 2021)

    Except the below, this is identical to 2021.6-beta1, see that change log for all changes since last stable release.

    Fixed

    • Fix the font for Russian. Issue introduced in 2021.6-beta1. Bundle a version of Source Sans Pro containing Cyrillic.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2021.6.exe(90.31 MB)
    MullvadVPN-2021.6.exe.asc(833 bytes)
    MullvadVPN-2021.6.pkg(200.14 MB)
    MullvadVPN-2021.6.pkg.asc(833 bytes)
    MullvadVPN-2021.6_amd64.deb(82.51 MB)
    MullvadVPN-2021.6_amd64.deb.asc(833 bytes)
    MullvadVPN-2021.6_x86_64.rpm(80.35 MB)
    MullvadVPN-2021.6_x86_64.rpm.asc(833 bytes)
  • 2021.6-beta1(Nov 3, 2021)

    Added

    Windows

    • Add black monochromatic tray icon for Windows when using light color for tray.

    Changed

    • Update Electron from 11.4.9 to 15.0.0.
    • Revamp main view with blurred background behind semi-transparent buttons and switch to correct font for logo. Also a slightly less bold font in other parts of the app.

    Android

    • Drop support for Android 7/7.1 (Android 8/API level 26 or later is now required).

    Removed

    • Remove the old Let's encrypt root certificate from the API REST client. Only bundle and use the latest certificate.

    Fixed

    • Fix desktop app showing a future date for when WireGuard key was generated.
    • Fix desktop app split tunneling view to not overflow on very long application names.
    • Prevent API requests from being made prior to the tunnel state machine being set up. Rarely, failed requests could result in a deadlock.
    • Fix segmentation fault when closing app (the GUI).

    Windows

    • Fix detection of Windows 11. Problem reports will now correctly report Windows 11 instead of Windows 10.
    • Fix race condition in split tunneling initialization. Listen to route changes before reading out the default route.
    • Fix bug in split tunneling code that could make the kernel driver and mullvad-daemon out of sync around which programs should be excluded when the driver took longer to respond.
    • Use route-based offline monitoring. Fixes issues where the daemon falsely entered the offline state, for example when using virtual switches in Hyper-V.
    • Improve repositioning of app window after connecting/disconnecting external monitor.

    Android

    • Fix reconnect on app resume. Don't reconnect the tunnel every time the app is opened.
    • Fix invalid URLs. Rely on browser locale rather than app/system language.

    macOS

    • Prevent app from showing when dragging tray icon on macOS.
    • Move window after dragging tray icon to new position.

    Linux

    • Greatly simplify behavior around custom DNS when using systemd-resolved, by not setting DNS config on interfaces other than our tunnel interface.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2021.6-beta1.exe(90.26 MB)
    MullvadVPN-2021.6-beta1.exe.asc(833 bytes)
    MullvadVPN-2021.6-beta1.pkg(200.02 MB)
    MullvadVPN-2021.6-beta1.pkg.asc(833 bytes)
    MullvadVPN-2021.6-beta1_amd64.deb(82.47 MB)
    MullvadVPN-2021.6-beta1_amd64.deb.asc(833 bytes)
    MullvadVPN-2021.6-beta1_x86_64.rpm(80.27 MB)
    MullvadVPN-2021.6-beta1_x86_64.rpm.asc(833 bytes)
  • 2021.5-beta1(Oct 12, 2021)

    Added

    • Added possibility to filter locations by provider in the desktop app.
    • Add ability to use WireGuard over TCP towards all relays via the desktop CLI. However, this service is not yet available on all relays. At the time of writing, this only works towards se6-wireguard, se9-wireguard and se17-wireguard.
    • Add GUI environment variable MULLVAD_DISABLE_UPDATE_NOTIFICATION. If set to 1, GUI notification will be disabled when an update is available. This is not intended to be set by normal users.
    • Add setting for changing between IPv4 and IPv6 for the connection to WireGuard servers on desktop.

    Android

    • Added toggle for Split tunneling view to be able to show system apps

    Windows

    • Resolve symbolic links and junctions for excluded apps.
    • Add opt-in support for NT kernel WireGuard driver. It can be enabled in the CLI. Should give better performance. Especially over Wi-Fi.

    Changed

    • Only use the account history file to store the last used account.
    • Update the out of time-view and new account-view to make it more user friendly.
    • Change the app update notification when the suggested version is a beta, to include that it's a beta.
    • Upgrade OpenVPN from 2.5.1 to 2.5.3.
    • Update Electron from 11.2.3 to 11.4.9.
    • Move OpenVPN and WireGuard settings in the advanced settings view into separate settings views.
    • Return to main view in desktop app after being hidden/closed for two minutes.

    Linux

    • Always send DNS requests inside the tunnel for excluded processes when using public custom DNS.

    Windows

    • Upgrade Wintun from 0.10.4 to 0.13.
    • Reduce tunnel setup time for OpenVPN by disabling DAD.

    Fixed

    • Fix link to download page not always using the beta URL when it should.
    • Fix deadlock that may occur when the API cannot be reached while entering the connecting state.
    • Fix bug causing desktop app to log in if account number field was filled when removing account history.
    • Fix lack of account expiry updates when using the app in unpinned mode and improve updating of account expiry overall.
    • Fix incorrect WireGuard relay filtering when exit and entry locations overlap.
    • Fix wrong translations when switching to/from unpinned window after changing language in the desktop app.
    • Fix in-app notification button not working for some notifications.
    • Fix incorrectly positioned navigation bar title when navigating back to a scrolled down view.
    • Fix connectivity check for WireGuard multihop when the exit hop is down.
    • Fix incorrect location and connection status while disconnecting and incorrect location in the beginning while connecting in the desktop app.
    • Improve responsiveness of the controls and status text in the main view in the desktop app.
    • Read macOS scrollbar visibility settings to decide wheter or not the scrollbars should hide when not scrolling.
    • Fix IPv6 connections to WireGuard servers by not dropping select neighbor advertisements and solicitations.

    Linux

    • Make offline monitor aware of routing table changes.
    • Assign local DNS servers to more appropriate interfaces when using systemd-resolved.
    • Disable DNS over TLS for tunnel's DNS config when using systemd-resolved.
    • Fix DNS when combining a static resolv.conf with ad blocking DNS.
    • Check connectivity correctly on IPv6-only networks.

    Windows

    • Fix failure to restart the daemon when resuming from "fast startup" hibernation.
    • Fix OpenVPN not responding to shutdown signals when they are sent early on, causing it to close after 30 seconds.
    • Disable notification actions for persistent notifications since they were called when pressing close.
    • Remove deleted network devices from consideration in the offline monitor. Previously, the offline monitor may have falsely reported the machine to be online due to a race condition.
    • Recover firewall state correctly when restarting the service after a crash. This would fail when paths were excluded.
    • Fix daemon not starting when a path is excluded on a drive that has since been removed.
    • Prefer WireGuard if the constraints preclude OpenVPN and the tunnel protocol is "auto", instead of failing due to "no matching relays".
    • Retry tunnel device creation multiple times to work around issues early after boot or hibernation.

    Android

    • Fix erasing wireguard MTU value in some scenarious.
    • Fix initial state of Split tunneling excluded apps list. Previously it was not notified the daemon properly after initialization.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2021.5-beta1.exe(84.98 MB)
    MullvadVPN-2021.5-beta1.exe.asc(833 bytes)
    MullvadVPN-2021.5-beta1.pkg(192.82 MB)
    MullvadVPN-2021.5-beta1.pkg.asc(833 bytes)
    MullvadVPN-2021.5-beta1_amd64.deb(67.55 MB)
    MullvadVPN-2021.5-beta1_amd64.deb.asc(833 bytes)
    MullvadVPN-2021.5-beta1_x86_64.rpm(66.13 MB)
    MullvadVPN-2021.5-beta1_x86_64.rpm.asc(833 bytes)
  • 2021.4-beta1(Jun 9, 2021)

    This release is for desktop only.

    Added

    • When MULLVAD_MANAGEMENT_SOCKET_GROUP is set, only allow the specified group to access the management interface UDS socket. This means that only users in that group can use the CLI and GUI.
    • Support WireGuard over TCP for custom VPN relays in the CLI. (Our relays don't support this yet).
    • Make app native on Apple Silicon.
    • Support WireGuard multihop using an entry endpoint constraint in the CLI.
    • Add Ad and tracker blocking to the desktop app. Implemented via DNS on the relays.

    Windows

    • Add split tunneling as a beta feature. Allows excluding some applications from the VPN tunnel.

    Android

    • Added support of adaptive icons (available only from Android 8).

    Changed

    • Upgrade OpenVPN from 2.5.0 to 2.5.1.
    • Replace CLI command mullvad custom-dns with the new command mullvad dns.
    • Upgrade wireguard-go to 20210521230051 (Windows: v0.3.14)

    Linux

    • Only allow packets with the mark set to 0x6d6f6c65 to communicate with the relay server. Previously, bridges were expected to run as root instead.
    • Use an ICMP socket instead of relying on a ping binary in $PATH to establish if a tunnel is working.

    Android

    • Improve stability by running the UI and the tunnel management logic in separate processes.
    • Remove dialog warning that only custom local DNS servers are supported, since public custom DNS servers are now supported.

    macOS

    • Update shape of macOS icon to be in line with Apple's guidelines.

    Fixed

    • Fix relay selection failing to pick a WireGuard relay when no tunnel protocol is specified.
    • Fix time left not always being translated in desktop app settings.
    • Fix API address cache to use the supplied ports instead of always using port 443.
    • Do not try to parse an empty account history.

    Windows

    • Prevent tray icons from being extracted to %TEMP% directory.
    • Fix failure to create Wintun adapter due to a residual network interface by upgrading Wintun to 0.10.4.
    • Wait indefinitely for IP interfaces to attach to the tunnel device to prevent early timeouts, and errors setting interface metrics.
    • Prevent Microsoft Store from dropping packets in WireGuard tunnels.

    Linux

    • Fix find mullvad-vpn.desktop in XDG_DATA_DIRS instead of using hardcoded path.

    MacOS

    • Set correct permissions for daemon's launch file in installer.
    • Fix downgrades on macOS silently keeping previous version.
    • Fix other menubar context menus not always closing when opening app on macOS 11.

    Android

    • Fix UI sometimes not updating correctly while no split screen or after having a dialog from another app appear on top.
    • Fix request to connect from notification or quick-settings tile not connecting if VPN permission isn't granted to the app. The app will now show the UI to ask for the permission and correctly connect after it is granted.
    • Fix quick-settings tile sometimes showing the wrong tunnel state.
    • Fix TV-only apps not appearing in the Split Tunneling screen.

    Security

    Linux

    • Drop packets being forwarded unless they are approved by the same rules as incoming or outgoing traffic.
    Source code(tar.gz)
    Source code(zip)
    MullvadVPN-2021.4-beta1.exe(84.07 MB)
    MullvadVPN-2021.4-beta1.exe.asc(833 bytes)
    MullvadVPN-2021.4-beta1.pkg(192.08 MB)
    MullvadVPN-2021.4-beta1.pkg.asc(833 bytes)
    MullvadVPN-2021.4-beta1_amd64.deb(67.02 MB)
    MullvadVPN-2021.4-beta1_amd64.deb.asc(833 bytes)
    MullvadVPN-2021.4-beta1_x86_64.rpm(65.68 MB)
    MullvadVPN-2021.4-beta1_x86_64.rpm.asc(833 bytes)
  • android/2021.1(May 4, 2021)

Owner
Mullvad VPN
Privacy is a universal right
Mullvad VPN
[Open Source] Blockchain Decentralized Lightweight VPN in Rust

[Open Source] Blockchain Decentralized Lightweight VPN in Rust DCVPN_Rust (Decentralized VPN in Rust) is an open-source initiative started by @anandgo

Anand Gokul 29 Jun 2, 2023
MyCitadel Wallet app for Linux, Windows & MacOS desktop made with GTK+

MyCitadel Desktop Bitcoin, Lightning and RGB wallet MyCitadel is a wallet for bitcoin, digital assets and bitcoin finance (#BiFi) smart contracts. It

My Citadel 88 Jan 2, 2023
Private payments for mobile devices.

MobileCoin Fog This is the README file for MobileCoin Fog. Note to Developers MobileCoin Fog is a prototype. Expect substantial changes before and aft

MobileCoin Foundation 36 May 6, 2022
Private payments for mobile devices.

Testing your first payment Please see TESTNET.md for instructions on participating in the TestNet! Sending your first payment Please see MAINNET.md fo

MobileCoin Foundation 1.1k Dec 30, 2022
Radix Babylon vanity address finder allowing easy import into Radix mobile Wallet.

Rad Vanity address finder for Radix Babylon which you can import directly into your Radix Wallet using QR scanner using Import from a Legacy Wallet fe

Alexander Cyon 6 Nov 13, 2023
An API and test-app that exposes zcash functionality for app consumption

Zingolib This repo provides both a library for zingoproxyclient and zingo-mobile, as well as an included cli application to interact with zcashd via l

ZingoLabs 5 Dec 15, 2022
An open source desktop wallet for nano and banano with end-to-end encrypted, on chain messaging using the dagchat protocol.

An open source wallet with end-to-end encrypted, on chain messaging for nano and banano using the dagchat protocol.

derfarctor 22 Nov 6, 2022
An application for creating encrypted vaults for the GNOME desktop.

Vaults An application for creating encrypted vaults for the GNOME desktop. It currently uses gocryptfs and CryFS for encryption. Please always keep a

Martin Pobaschnig 51 Dec 17, 2022
A desktop application for defending your home network 💪

Desktop Defender Setup Guide Welcome to the setup guide for Desktop Defender. Follow the steps below to configure and start using the application. Ins

null 5 Apr 30, 2024
NFT & Marketplace Contracts with royalties and fungible token support. Sample React app included.

NFT Market Reference Implementation A PoC backbone for NFT Marketplaces on NEAR Protocol. Reference Changelog Changelog Progress: basic purchase of NF

NEAR App Examples 156 Apr 28, 2022
All the data an IC app needs to make seamless experiences, accessible directly on the IC. DAB is an open internet service for NFT, Token, Canister, and Dapp registries.

DAB ?? Overview An Internet Computer open internet service for data. All the data an IC app needs to make a seamless experience, accessible directly o

Psychedelic 58 Oct 6, 2022
Enigma Core library. The domain: Trusted and Untrusted App in Rust.

Enigma Core library Service Master Develop CI Badge Pure Rust Enclave && Untrusted in Rust. Core is part of the Enigma node software stack. The Core c

SCRT Labs 89 Sep 14, 2022
Trustworthy encrypted command line authenticator app compatible with multiple backups.

cotp - command line totp authenticator I believe that security is of paramount importance, especially in this digital world. I created cotp because I

Reply 71 Dec 30, 2022
A simple frontend web app in the seed.rs Rust framework.

Seed Quickstart Basic Rust-only template for your new Seed app. 1. Create a new project You can use cargo generate to use this template. $ cargo gener

null 0 Dec 24, 2021
Flashcards: A spaced repetition app designed around org files.

Flashcards Since it's easy to create notes in org-mode and difficult to create flashcards, this app tries to ease the process of making cards! For you

Shailesh Mishra 5 Jun 10, 2022
A demo app covering building an eBPF load-balancer in Rust

eBPF Rust UDP LoadBalancer Demo This is an example of creating a UDP load-balancer in Rust as an eXpress Data Path (XDP) type eBPF program using the a

Shane Utt 17 Jan 5, 2023
This program patches the WeMod app to think you're a pro subscriber

WeMod Pro Unlocker This program patches the WeMod app to think you're a pro subscriber. ⚠️ DISCLAIMER: Eventhough I don't think it is likely, WeMod co

Bennett 23 Jan 6, 2023
The backend for the Cougar Scouting App for 1403 FRC team.

Welcome to Cougar Scouting App Backend! Before you use any code in this repo Please credit us in your repo and credits in your app This code is a work

null 4 Feb 20, 2023
Notabena, the pure Rust open-source note-taking app.

Notabena About Notabena is the free and open source note-taking app, written in pure Rust. Features These are our current planned features. (Most feat

Mart Zielman 7 Jun 22, 2023