Copyright (c) 2023 Proton AG
This repository holds the Proton VPN Windows app. For a detailed build information see BUILD. For licensing information see COPYING. For contribution policy see CONTRIBUTING.
The Proton VPN Windows app is intended for every Proton VPN service user, paid or free and supports all functionalities available to authenticated users (user signup instead happens on the web site).
You can download the latest stable release, either on Proton VPN official website or directly on the official GitHub repository.
The app consists of these interacting parts:
The Proton VPN GUI app is installed into "C:\Program Files\Proton\VPN\
Proton VPN GUI app starts Proton VPN Service when launched and stops the service when closed.
App logs are saved to "%LOCALAPPDATA%\ProtonVPN\Logs" directory.
The Proton VPN build using Debug configuration optionally loads its configuration from file "ProtonVPN.config" in the app directory. This file is not deployed during install. If the configuration file doesn't exist or contains not valid values the app tries to save default configuration used in the app.
To monitor Http traffic of Proton VPN GUI app using Fiddler or another tool, you might need to disable TLS certificate pinning. To disable TLS certificate pinning the configuration file with empty "TlsPinningConfig" value should be provided:
...
"TlsPinningConfig": {}
...The Windows service "ProtonVPN Service" is installed into
"C:\Program Files\Proton\VPN\
During installation, the service is configured to be started and stopped by the unprivileged interactive users.
Service executable supports installation and uninstallation of service. Passing "install" on command line to "ProtonVPNService.exe" installs the service, passing "uninstall" - uninstalls. This installation method doesn't configure service security settings.
Service is responsible for interaction with OpenVPN, managing Windows firewall and Split Tunnel driver.
Service logs are saved to "%ALLUSERSPROFILE%\ProtonVPN\Logs" directory.
The Proton VPN uses OpenVPN for maintaining a VPN tunnel. The new OpenVPN process is started on each connect to a VPN and closed on disconnect. Communication with the OpenVPN process is maintained through TCP management interface.
OpenVPN is installed into "C:\Program Files\Proton\VPN\
The OpenVPN is built from official source by applying a patch to support Proton VPN specific TAP adapter. See win-openvpn repository.
TAP adapter "TAP-ProtonVPN Windows Adapter V9" is used by the OpenVPN.
The TAP adapter is built from official source by applying a patch to have Proton VPN specific name and identification. See win-tap-adapter repository.
The kernel-mode driver "ProtonVPN Callout Driver" is used for redirecting socket bindings when Split Tunnel is enabled and preventing DNS leak by sending SERVFAIL response packet for DNS requests which were made from other interfaces than Proton VPN uses.
The driver is installed as a system service. It is started when connecting to VPN and stopped when disconnecting by Proton VPN Service.
The main repository folder contains the .NET Visual Studio solution of the Proton VPN Windows app named ProtonVPN.
Contains continuous integration scripts.
It contains NuGet packages of the ProtonVPN solution.
This folder contains Advanced Installer setup project files, resources included in the installer, and built installer files. Subfolders contain:
This folder contains Visual Studio solution projects.
This folder contains Visual Studio project build output. This folder can be safely deleted as it's content is recreated by building the solution.
This folder contains GIT submodule of ProtonMail SRP library.
This folder contains test projects of the ProtonVPN solution.
Proton VPN Windows app is created using C# and C++ programming languages, WPF and MVVM technologies. The Visual Studio solution consists of a series of projects:
Solution folder "Test" contains test projects.