preparing 1.5.19

[ci skip]

.github/FUNDING.yml

@@ -1,6 +1,6 @@
 # These are supported funding model platforms
 
-github: [overheadhunter] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+github: [cryptomator] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
 patreon: # Replace with a single Patreon username
 open_collective: # Replace with a single Open Collective username
 ko_fi: # Replace with a single Ko-fi username

.github/ISSUE_TEMPLATE/bug.md

@@ -5,14 +5,11 @@ labels: type:bug
 ---
 
 <!--
+Please make sure to:
+- Comply with our code of conduct: https://github.com/cryptomator/cryptomator/blob/develop/.github/CODE_OF_CONDUCT.md
+- Search for existing similar issues first: https://github.com/cryptomator/cryptomator/issues?q=
 
-Do you want to ask a QUESTION? Are you looking for SUPPORT?
-We're happy to help you via our support channels! Please read: https://github.com/cryptomator/cryptomator/blob/develop/SUPPORT.md
-
-By filing an issue, you are expected to comply with our code of conduct: https://github.com/cryptomator/cryptomator/blob/develop/.github/CODE_OF_CONDUCT.md
-
-Of course, we also expect you to search for existing similar issues first! ;) https://github.com/cryptomator/cryptomator/issues?q=
-
+⚠️ IMPORTANT: If you don't stick to this template, the issue will get closed.
 -->
 
 ### Description
@@ -21,9 +18,9 @@ Of course, we also expect you to search for existing similar issues first! ;) ht
 
 ### System Setup
 
-* Operating system and version: [Windows/macOS/Linux + Version]
+* Operating system and version: [Windows/macOS/Linux + Version ( + Desktop Environment, if Linux)]
 * Cryptomator version: [Shown in the settings]
-* Drive: [Dokany/FUSE/WebDAV]
+* Volume type: [Dokany/FUSE/WebDAV, shown in the settings]
 
 ### Steps to Reproduce
 
@@ -48,7 +45,6 @@ Of course, we also expect you to search for existing similar issues first! ;) ht
 [Any additional information, log files, screenshots, configuration, or data that might be necessary to reproduce the issue.]
 
 <!--
-
 If you want to add the log file or screenshots, please add them as attachments. If your log file seems empty and doesn't show any errors, you may enable the debug mode first. Here is how to do that: https://community.cryptomator.org/t/how-do-i-enable-debug-mode/36
 
 Then reproduce the problem to ensure all important information is contained in there. You may use test data or redact sensitive information from the log file.
@@ -57,5 +53,4 @@ Log file location:
 - Windows: %appdata%/Cryptomator
 - macOS: ~/Library/Logs/Cryptomator
 - Linux: ~/.local/share/Cryptomator/logs
-
--->
+-->

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Help & Support
+    url: https://community.cryptomator.org/
+    about: You will find answers in our community forum
+  - name: User Manual
+    url: https://docs.cryptomator.org/
+    about: Read the Cryptomator documentation here

.github/ISSUE_TEMPLATE/feature.md

@@ -5,14 +5,9 @@ labels: type:feature-request
 ---
 
 <!--
-
-Do you want to ask a QUESTION? Are you looking for SUPPORT?
-We're happy to help you via our support channels! Please read: https://github.com/cryptomator/cryptomator/blob/develop/SUPPORT.md
-
-By filing a feature request, you are expected to comply with our code of conduct: https://github.com/cryptomator/cryptomator/blob/develop/.github/CODE_OF_CONDUCT.md
-
-Of course, we also expect you to search for existing similar feature requests first! ;)
-
+Please make sure to:
+- Comply with our code of conduct: https://github.com/cryptomator/cryptomator/blob/develop/.github/CODE_OF_CONDUCT.md
+- Search for existing similar issues first: https://github.com/cryptomator/cryptomator/issues?q=
 -->
 
 ### Summary
@@ -29,4 +24,4 @@ Of course, we also expect you to search for existing similar feature requests fi
 
 ### Additional Context
 
-[Add any other context or screenshots about the feature request here.]
+[Add any other context or screenshots about the feature request here.]

.github/stale.yml

@@ -1,12 +1,14 @@
 # Number of days of inactivity before an issue becomes stale
-daysUntilStale: 90
+daysUntilStale: 180
 # Number of days of inactivity before a stale issue is closed
 daysUntilClose: 30
 # Issues with these labels will never be considered stale
 exemptLabels:
   - type:security-issue # never close automatically
+  - type:feature-request # never close automatically
   - state:awaiting-response # handled by different bot
   - state:blocked
+  - state:confirmed
 # Set to true to ignore issues in a milestone (defaults to false)
 exemptMilestones: true
 # Label to use when marking an issue as stale

.github/workflows/build.yml

@@ -0,0 +1,133 @@
+name: Build
+
+on:
+  [push]
+
+jobs: 
+  build:
+    name: Build and Test
+    runs-on: ubuntu-latest
+    if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-java@v1
+        with:
+          java-version: 16
+      - uses: actions/cache@v1
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - name: Ensure to use tagged version
+        run: mvn versions:set --file main/pom.xml -DnewVersion=${GITHUB_REF##*/} # use shell parameter expansion to strip of 'refs/tags'
+        if: startsWith(github.ref, 'refs/tags/')
+      - name: Build and Test
+        run: mvn -B install --file main/pom.xml -Pcoverage
+      - name: Run Codacy Coverage Reporter
+        if: github.repository == 'cryptomator/cryptomator'
+        run: |
+          curl -o ~/codacy-coverage-reporter.jar https://repo.maven.apache.org/maven2/com/codacy/codacy-coverage-reporter/7.1.0/codacy-coverage-reporter-7.1.0-assembly.jar
+          $JAVA_HOME/bin/java --illegal-access=permit -jar ~/codacy-coverage-reporter.jar report -l Java -r main/commons/target/site/jacoco/jacoco.xml --partial
+          $JAVA_HOME/bin/java --illegal-access=permit -jar ~/codacy-coverage-reporter.jar report -l Java -r main/ui/target/site/jacoco/jacoco.xml --partial
+          $JAVA_HOME/bin/java --illegal-access=permit -jar ~/codacy-coverage-reporter.jar report -l Java -r main/launcher/target/site/jacoco/jacoco.xml --partial
+          $JAVA_HOME/bin/java --illegal-access=permit -jar ~/codacy-coverage-reporter.jar final
+        env:
+          CODACY_PROJECT_TOKEN: ${{ secrets.CODACY_PROJECT_TOKEN }}
+      - name: Assemble buildkit-linux.zip
+        run: mvn -B clean package -DskipTests --file main/pom.xml --resume-from=buildkit -Prelease,linux
+      - name: Upload buildkit-linux.zip
+        uses: actions/upload-artifact@v1
+        with:
+          name: buildkit-linux.zip
+          path: main/buildkit/target/buildkit-linux.zip
+      - name: Assemble buildkit-mac.zip
+        run: mvn -B clean package -DskipTests --file main/pom.xml --resume-from=buildkit -Prelease,mac
+      - name: Upload buildkit-mac.zip
+        uses: actions/upload-artifact@v1
+        with:
+          name: buildkit-mac.zip
+          path: main/buildkit/target/buildkit-mac.zip
+      - name: Assemble buildkit-win.zip
+        run: mvn -B clean package -DskipTests --file main/pom.xml --resume-from=buildkit -Prelease,windows
+      - name: Upload buildkit-win.zip
+        uses: actions/upload-artifact@v1
+        with:
+          name: buildkit-win.zip
+          path: main/buildkit/target/buildkit-win.zip
+          
+  release:
+    name: Draft a Release on GitHub Releases
+    runs-on: ubuntu-latest
+    needs: build
+    if: startsWith(github.ref, 'refs/tags/') && github.repository == 'cryptomator/cryptomator'
+    steps:
+      - name: Download buildkit-linux.zip
+        uses: actions/download-artifact@v1
+        with:
+          name: buildkit-linux.zip
+          path: .
+      - name: Download buildkit-mac.zip
+        uses: actions/download-artifact@v1
+        with:
+          name: buildkit-mac.zip
+          path: .
+      - name: Download buildkit-win.zip
+        uses: actions/download-artifact@v1
+        with:
+          name: buildkit-win.zip
+          path: .
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: ${{ github.ref }}
+          body: |
+            :construction: Work in Progress
+
+            TODO:
+            * [ ] add Linux appimage, zsync file and signature file
+            * [ ] add Windows installer and signature file
+            * [ ] add MacOs disk image and signature file
+
+            ## What's new
+
+            ## Bugfixes
+
+            ## Misc
+
+            ---
+
+            :scroll: A complete list of closed issues is available [here](LINK)
+          draft: true
+          prerelease: false
+      - name: Upload buildkit-linux.zip to GitHub Releases
+        uses: actions/upload-release-asset@v1.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: buildkit-linux.zip
+          asset_name: buildkit-linux.zip
+          asset_content_type: application/zip
+      - name: Upload buildkit-mac.zip to GitHub Releases
+        uses: actions/upload-release-asset@v1.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: buildkit-mac.zip
+          asset_name: buildkit-mac.zip
+          asset_content_type: application/zip
+      - name: Upload buildkit-win.zip to GitHub Releases
+        uses: actions/upload-release-asset@v1.0.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: buildkit-win.zip
+          asset_name: buildkit-win.zip
+          asset_content_type: application/zip

.github/workflows/triageBugs.yml

@@ -0,0 +1,37 @@
+name: Bug Report Triage
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  closeTemplateViolation:
+    name: Validate bug report against issue template
+    runs-on: ubuntu-latest
+    if: contains(github.event.issue.labels.*.name, 'type:bug')
+    steps:
+      - name: Check "Description"
+        if: |
+          !contains(github.event.issue.body, env.MUST_CONTAIN)
+          || contains(toJson(github.event.issue.body), env.MUST_NOT_CONTAIN)
+        run: exit 1
+        env:
+          MUST_CONTAIN: '### Description'
+          MUST_NOT_CONTAIN: '### Description\r\n\r\n[Summarize your problem.]\r\n\r\n### System Setup'
+      - name: Check "Steps to Reproduce"
+        if: |
+          !contains(github.event.issue.body, env.MUST_CONTAIN)
+          || contains(toJson(github.event.issue.body), env.MUST_NOT_CONTAIN)
+        run: exit 1
+        env:
+          MUST_CONTAIN: '### Steps to Reproduce'
+          MUST_NOT_CONTAIN: '### Steps to Reproduce\r\n\r\n1. [First step]\r\n2. [Second step]\r\n3. [and so on…]\r\n\r\n#### Expected Behavior'
+      - name: Close issue if one of the checks failed
+        if: ${{ failure() }}
+        uses: peter-evans/close-issue@v1
+        with:
+          comment: |
+            This bug report did ignore our issue template. 😞
+            Auto-closing this issue, since it is most likely not useful.
+
+            _This decision was made by a bot. If you think the bot is wrong, let us know and we'll reopen this issue._

.gitignore

@@ -18,5 +18,9 @@ pom.xml.versionsBackup
 .idea/**/workspace.xml
 .idea/**/tasks.xml
 .idea/dictionaries
+.idea/compiler.xml
+.idea/encodings.xml
+.idea/jarRepositories.xml
+.idea/uiDesigner.xml
 .idea/**/libraries/
 *.iml

.idea/codeStyles/Project.xml

@@ -9,14 +9,36 @@
     <option name="RIGHT_MARGIN" value="220" />
     <option name="FORMATTER_TAGS_ENABLED" value="true" />
     <JavaCodeStyleSettings>
-      <option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="30" />
+      <option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="999" />
       <option name="NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND" value="10" />
       <option name="PACKAGES_TO_USE_IMPORT_ON_DEMAND">
         <value />
       </option>
+      <option name="IMPORT_LAYOUT_TABLE">
+        <value>
+          <package name="" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="javax" withSubpackages="true" static="false" />
+          <package name="javafx" withSubpackages="true" static="false" />
+          <package name="java" withSubpackages="true" static="false" />
+          <emptyLine />
+          <package name="" withSubpackages="true" static="true" />
+        </value>
+      </option>
       <option name="JD_ALIGN_PARAM_COMMENTS" value="false" />
       <option name="JD_ALIGN_EXCEPTION_COMMENTS" value="false" />
     </JavaCodeStyleSettings>
+    <Properties>
+      <option name="KEEP_BLANK_LINES" value="true" />
+    </Properties>
+    <XML>
+      <option name="XML_ATTRIBUTE_WRAP" value="0" />
+    </XML>
+    <codeStyleSettings language="CSS">
+      <indentOptions>
+        <option name="USE_TAB_CHARACTER" value="true" />
+      </indentOptions>
+    </codeStyleSettings>
     <codeStyleSettings language="Groovy">
       <indentOptions>
         <option name="USE_TAB_CHARACTER" value="true" />
@@ -30,12 +52,17 @@
     <codeStyleSettings language="JAVA">
       <option name="KEEP_LINE_BREAKS" value="false" />
       <option name="BLANK_LINES_AFTER_CLASS_HEADER" value="1" />
+      <option name="BINARY_OPERATION_SIGN_ON_NEXT_LINE" value="true" />
       <option name="KEEP_SIMPLE_BLOCKS_IN_ONE_LINE" value="true" />
       <option name="KEEP_SIMPLE_METHODS_IN_ONE_LINE" value="true" />
       <option name="KEEP_SIMPLE_LAMBDAS_IN_ONE_LINE" value="true" />
+      <option name="ENUM_CONSTANTS_WRAP" value="2" />
       <indentOptions>
         <option name="USE_TAB_CHARACTER" value="true" />
       </indentOptions>
+      <arrangement>
+        <rules />
+      </arrangement>
     </codeStyleSettings>
     <codeStyleSettings language="JSON">
       <indentOptions>

.idea/compiler.xml

@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="CompilerConfiguration">
-    <annotationProcessing>
-      <profile name="Annotation profile for Cryptomator" enabled="true">
-        <sourceOutputDir name="target/generated-sources/annotations" />
-        <sourceTestOutputDir name="target/generated-test-sources/test-annotations" />
-        <outputRelativeToContentRoot value="true" />
-        <processorPath useClasspath="false">
-          <entry name="$MAVEN_REPOSITORY$/com/google/dagger/dagger-compiler/2.22.1/dagger-compiler-2.22.1.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/dagger/dagger/2.22.1/dagger-2.22.1.jar" />
-          <entry name="$MAVEN_REPOSITORY$/javax/inject/javax.inject/1/javax.inject-1.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/dagger/dagger-producers/2.22.1/dagger-producers-2.22.1.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/guava/guava/25.0-jre/guava-25.0-jre.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/code/findbugs/jsr305/1.3.9/jsr305-1.3.9.jar" />
-          <entry name="$MAVEN_REPOSITORY$/org/checkerframework/checker-compat-qual/2.5.3/checker-compat-qual-2.5.3.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/errorprone/error_prone_annotations/2.1.3/error_prone_annotations-2.1.3.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/j2objc/j2objc-annotations/1.1/j2objc-annotations-1.1.jar" />
-          <entry name="$MAVEN_REPOSITORY$/org/codehaus/mojo/animal-sniffer-annotations/1.14/animal-sniffer-annotations-1.14.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/dagger/dagger-spi/2.22.1/dagger-spi-2.22.1.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/squareup/javapoet/1.11.1/javapoet-1.11.1.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/googlejavaformat/google-java-format/1.5/google-java-format-1.5.jar" />
-          <entry name="$MAVEN_REPOSITORY$/com/google/errorprone/javac-shaded/9-dev-r4023-3/javac-shaded-9-dev-r4023-3.jar" />
-          <entry name="$MAVEN_REPOSITORY$/javax/annotation/jsr250-api/1.0/jsr250-api-1.0.jar" />
-        </processorPath>
-        <module name="keychain" />
-        <module name="launcher" />
-        <module name="commons" />
-        <module name="ui" />
-      </profile>
-    </annotationProcessing>
-  </component>
-</project>

.idea/encodings.xml

@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4">
-  <component name="Encoding" addBOMForNewFiles="with NO BOM">
-    <file url="file://$PROJECT_DIR$/main" charset="UTF-8" />
-    <file url="file://$PROJECT_DIR$/main/buildkit" charset="UTF-8" />
-    <file url="file://$PROJECT_DIR$/main/commons" charset="UTF-8" />
-    <file url="file://$PROJECT_DIR$/main/keychain" charset="UTF-8" />
-    <file url="file://$PROJECT_DIR$/main/launcher" charset="UTF-8" />
-    <file url="file://$PROJECT_DIR$/main/ui" charset="UTF-8" />
-  </component>
-</project>

.idea/misc.xml

@@ -8,7 +8,7 @@
       </list>
     </option>
   </component>
-  <component name="ProjectRootManager" version="2" languageLevel="JDK_11" default="false" project-jdk-name="11" project-jdk-type="JavaSDK">
+  <component name="ProjectRootManager" version="2" languageLevel="JDK_16" project-jdk-name="16" project-jdk-type="JavaSDK">
     <output url="file://$PROJECT_DIR$/out" />
   </component>
 </project>

.idea/runConfigurations/Cryptomator_Linux.xml

@@ -2,7 +2,7 @@
   <configuration default="false" name="Cryptomator Linux" type="Application" factoryName="Application">
     <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
     <module name="launcher" />
-    <option name="VM_PARAMETERS" value="-Djdk.gtk.version=2 -Duser.language=en -Dcryptomator.settingsPath=&quot;~/.config/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/.config/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/.local/share/Cryptomator/logs&quot; -Dcryptomator.mountPointsDir=&quot;~/.local/share/Cryptomator/mnt&quot; -Xss20m -Xmx512m" />
+    <option name="VM_PARAMETERS" value="-Djdk.gtk.version=2 -Duser.language=en -Dcryptomator.settingsPath=&quot;~/.config/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/.config/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/.local/share/Cryptomator/logs&quot; -Dcryptomator.mountPointsDir=&quot;~/.local/share/Cryptomator/mnt&quot; -Dcryptomator.showTrayIcon=true -Xss20m -Xmx512m" />
     <method v="2">
       <option name="Make" enabled="true" />
     </method>

.idea/runConfigurations/Cryptomator_Linux_Dev.xml

@@ -0,0 +1,10 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Cryptomator Linux Dev" type="Application" factoryName="Application">
+    <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
+    <module name="launcher" />
+    <option name="VM_PARAMETERS" value="-Djdk.gtk.version=2 -Duser.language=en -Dcryptomator.settingsPath=&quot;~/.config/Cryptomator-Dev/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/.config/Cryptomator-Dev/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/.local/share/Cryptomator-Dev/logs&quot; -Dcryptomator.mountPointsDir=&quot;~/.local/share/Cryptomator-Dev/mnt&quot; -Dcryptomator.showTrayIcon=true -Dfuse.experimental=&quot;true&quot; -Xss20m -Xmx512m" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.idea/runConfigurations/Cryptomator_Windows.xml

@@ -2,7 +2,7 @@
   <configuration default="false" name="Cryptomator Windows" type="Application" factoryName="Application">
     <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
     <module name="launcher" />
-    <option name="VM_PARAMETERS" value="-Duser.language=en -Dcryptomator.settingsPath=&quot;~/AppData/Roaming/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/AppData/Roaming/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/AppData/Roaming/Cryptomator&quot; -Dcryptomator.keychainPath=&quot;~/AppData/Roaming/Cryptomator/keychain.json&quot; -Xss2m -Xmx512m" />
+    <option name="VM_PARAMETERS" value="-Duser.language=en -Dcryptomator.settingsPath=&quot;~/AppData/Roaming/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/AppData/Roaming/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/AppData/Roaming/Cryptomator&quot; -Dcryptomator.keychainPath=&quot;~/AppData/Roaming/Cryptomator/keychain.json&quot; -Dcryptomator.mountPointsDir=&quot;~/Cryptomator&quot; -Dcryptomator.showTrayIcon=true -Xss2m -Xmx512m" />
     <method v="2">
       <option name="Make" enabled="true" />
     </method>

.idea/runConfigurations/Cryptomator_Windows_Dev.xml

@@ -0,0 +1,10 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Cryptomator Windows Dev" type="Application" factoryName="Application">
+    <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
+    <module name="launcher" />
+    <option name="VM_PARAMETERS" value="-Duser.language=en -Dcryptomator.settingsPath=&quot;~/AppData/Roaming/Cryptomator-Dev/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/AppData/Roaming/Cryptomator-Dev/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/AppData/Roaming/Cryptomator-Dev&quot; -Dcryptomator.keychainPath=&quot;~/AppData/Roaming/Cryptomator-Dev/keychain.json&quot; -Dcryptomator.mountPointsDir=&quot;~/Cryptomator-Dev&quot; -Dfuse.experimental=&quot;true&quot; -Dcryptomator.showTrayIcon=true -Xss2m -Xmx512m" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.idea/runConfigurations/Cryptomator_macOS.xml

@@ -1,9 +1,11 @@
 <component name="ProjectRunConfigurationManager">
   <configuration default="false" name="Cryptomator macOS" type="Application" factoryName="Application">
+    <envs>
+      <env name="LD_LIBRARY_PATH" value="/usr/local/lib" />
+    </envs>
     <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
     <module name="launcher" />
-    <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />
-    <option name="VM_PARAMETERS" value="-Duser.language=en -Dcryptomator.settingsPath=&quot;~/Library/Application Support/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/Library/Application Support/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/Library/Logs/Cryptomator&quot; -Dcryptomator.mountPointsDir=&quot;/Volumes/&quot; -Xss2m -Xmx512m -ea" />
+    <option name="VM_PARAMETERS" value="-Duser.language=en -Dcryptomator.settingsPath=&quot;~/Library/Application Support/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/Library/Application Support/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/Library/Logs/Cryptomator&quot; -Dcryptomator.showTrayIcon=true -Xss2m -Xmx512m -ea" />
     <method v="2">
       <option name="Make" enabled="true" />
     </method>

.idea/runConfigurations/Cryptomator_macOS_Dev.xml

@@ -0,0 +1,13 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Cryptomator macOS Dev" type="Application" factoryName="Application">
+    <envs>
+      <env name="LD_LIBRARY_PATH" value="/usr/local/lib" />
+    </envs>
+    <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
+    <module name="launcher" />
+    <option name="VM_PARAMETERS" value="-Duser.language=en -Dcryptomator.settingsPath=&quot;~/Library/Application Support/Cryptomator-Dev/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/Library/Application Support/Cryptomator-Dev/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/Library/Logs/Cryptomator-Dev&quot; -Dcryptomator.showTrayIcon=true -Xss2m -Xmx512m -ea" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.travis-deploy-release.tmpl.json

@@ -1,19 +0,0 @@
-{
-  "package": {
-	"name": "buildkit",
-	"repo": "cryptomator",
-	"subject": "cryptomator"
-  },
-  "version": {
-	"name": "$TRAVIS_TAG",
-	"desc": "Cryptomator version $TRAVIS_TAG",
-	"released": "$TODAY",
-	"vcs_tag": "$TRAVIS_TAG",
-	"gpgSign": true
-  },
-  "files":
-  [
-	{"includePattern": "main/buildkit/target/(buildkit-[a-z]+\\.zip)", "uploadPattern": "/$TRAVIS_TAG/$1"}
-  ],
-  "publish": true
-}

.travis-deploy-snapshot.json

@@ -1,15 +0,0 @@
-{
-  "package": {
-	"name": "buildkit",
-	"repo": "cryptomator",
-	"subject": "cryptomator"
-  },
-  "version": {
-	"name": "snapshot"
-  },
-  "files":
-  [
-	{"includePattern": "main/buildkit/target/(buildkit-[a-z]+\\.zip)", "uploadPattern": "/snapshot/$1", "matrixParams": {"override": 1}}
-  ],
-  "publish": true
-}

.travis.yml

@@ -1,64 +0,0 @@
-dist: xenial
-language: java
-sudo: false
-jdk:
-- openjdk11
-cache:
-  directories:
-  - $HOME/.m2
-env:
-  global:
-    - secure: "HftEaabMmWn5GwKFKksUkOcelc3Mn7xazwAEy+4d4gL1+F8VhID/6DCK7nas+afUymWnxTano8Rv4Ci5MWryNkNkTH+FUPWmF3xWezc3hajSyS7RB92IZ8VPetl4Fo8UI1WwM5apDEaugalPxkIf8a7N+lpG5X/Gpumwzo3Be3w=" # BINTRAY_API_KEY
-    - secure: "oWFgRTVP6lyTa7qVxlvkpm20MtVc3BtmsNXQJS6bfg2A0o/iCQMNx7OD59BaafCLGRKvCcJVESiC8FlSylVMS7CDSyYu0gg70NUiIuHp4NBM5inFWYCy/PdQsCTzr5uvNG+rMFQpMFRaCV0FrfM3tLondcVkhsHL68l93Xoexx4=" # CODACY_PROJECT_TOKEN
-    - secure: "zJxgytA2Ks5Xzv+7kUaUq+EBFNQw9Qec63lcMJVuXVWczjL16nKW1EzzV515ag+OWL46z3lEPForDhufw0VtFnNmaX68jkO0mp01eLrHApc1llN2Y/U8GBXfNNazN4+Kom4H+z/AO+wJr8EsKMMUczCdQ3APgd9uVI0hzXw/Z3M=" # GITHUB_API_KEY
-addons:
-  apt:
-    packages:
-    - haveged
-install:
-- curl -o $HOME/.m2/settings.xml https://gist.githubusercontent.com/cryptobot/cf5fbd909c4782aaeeeb7c7f4a1a43da/raw/e60ee486e34ee0c79f89f947abe2c83b4290c6bb/settings.xml
-- mvn -fmain/pom.xml clean install -DskipTests org.codehaus.mojo:versions-maven-plugin:help dependency:go-offline -Pcoverage,release # "clean install" needed until we can exclude artifacts currently in the reactor, see https://maven.apache.org/plugins/maven-dependency-plugin/go-offline-mojo.html#excludeReactor and https://issues.apache.org/jira/browse/MDEP-568
-script:
-- mvn --update-snapshots -fmain/pom.xml clean test verify -Pcoverage
-after_success:
-- curl -o ~/codacy-coverage-reporter.jar https://oss.sonatype.org/service/local/repositories/releases/content/com/codacy/codacy-coverage-reporter/4.0.2/codacy-coverage-reporter-4.0.2-assembly.jar
-- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar report -l Java -r main/commons/target/site/jacoco/jacoco.xml --partial
-- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar report -l Java -r main/keychain/target/site/jacoco/jacoco.xml --partial
-- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar report -l Java -r main/ui/target/site/jacoco/jacoco.xml --partial
-- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar report -l Java -r main/launcher/target/site/jacoco/jacoco.xml --partial
-- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar final
-before_deploy:
-- |
-  if [[ -n "$TRAVIS_TAG" ]]; then
-    mvn -fmain/pom.xml org.codehaus.mojo:versions-maven-plugin:set -DnewVersion=$TRAVIS_TAG
-  elif [[ $TRAVIS_BRANCH == "develop" ]] && [[ $TRAVIS_PULL_REQUEST == "false" ]]; then
-    mvn -fmain/pom.xml org.codehaus.mojo:versions-maven-plugin:set -DnewVersion=SNAPSHOT-$(echo $TRAVIS_COMMIT | head -c7)
-  fi
-- mvn -fmain/pom.xml clean package -Prelease -DskipTests
-- export TODAY=`date +'%Y-%m-%d'`; envsubst '$TRAVIS_TAG $TODAY' < .travis-deploy-release.tmpl.json > .travis-deploy-release.json
-deploy:
-- provider: bintray # SNAPSHOTS
-  file: .travis-deploy-snapshot.json
-  user: cryptobot
-  key: $BINTRAY_API_KEY
-  skip_cleanup: true
-  on:
-    repo: cryptomator/cryptomator
-    branch: develop
-- provider: bintray # RELEASES
-  file: .travis-deploy-release.json
-  user: cryptobot
-  key: $BINTRAY_API_KEY
-  skip_cleanup: true
-  on:
-    repo: cryptomator/cryptomator
-    tags: true
-- provider: releases
-  api_key: $GITHUB_API_KEY
-  file_glob: true
-  file:
-    - "main/buildkit/target/buildkit-*.zip"
-  skip_cleanup: true
-  on:
-    repo: cryptomator/cryptomator
-    tags: true

3RD PARTY LICENSES/AGPLv3.txt

@@ -1,661 +0,0 @@
-                    GNU AFFERO GENERAL PUBLIC LICENSE
-                       Version 3, 19 November 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-                            Preamble
-
-  The GNU Affero General Public License is a free, copyleft license for
-software and other kinds of works, specifically designed to ensure
-cooperation with the community in the case of network server software.
-
-  The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works.  By contrast,
-our General Public Licenses are intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
-  Developers that use our General Public Licenses protect your rights
-with two steps: (1) assert copyright on the software, and (2) offer
-you this License which gives you legal permission to copy, distribute
-and/or modify the software.
-
-  A secondary benefit of defending all users' freedom is that
-improvements made in alternate versions of the program, if they
-receive widespread use, become available for other developers to
-incorporate.  Many developers of free software are heartened and
-encouraged by the resulting cooperation.  However, in the case of
-software used on network servers, this result may fail to come about.
-The GNU General Public License permits making a modified version and
-letting the public access it on a server without ever releasing its
-source code to the public.
-
-  The GNU Affero General Public License is designed specifically to
-ensure that, in such cases, the modified source code becomes available
-to the community.  It requires the operator of a network server to
-provide the source code of the modified version running there to the
-users of that server.  Therefore, public use of a modified version, on
-a publicly accessible server, gives the public access to the source
-code of the modified version.
-
-  An older license, called the Affero General Public License and
-published by Affero, was designed to accomplish similar goals.  This is
-a different license, not a version of the Affero GPL, but Affero has
-released a new version of the Affero GPL which permits relicensing under
-this license.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                       TERMS AND CONDITIONS
-
-  0. Definitions.
-
-  "This License" refers to version 3 of the GNU Affero General Public License.
-
-  "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
-  "The Program" refers to any copyrightable work licensed under this
-License.  Each licensee is addressed as "you".  "Licensees" and
-"recipients" may be individuals or organizations.
-
-  To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy.  The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
-  A "covered work" means either the unmodified Program or a work based
-on the Program.
-
-  To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy.  Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
-  To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies.  Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
-  An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License.  If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
-  1. Source Code.
-
-  The "source code" for a work means the preferred form of the work
-for making modifications to it.  "Object code" means any non-source
-form of a work.
-
-  A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
-  The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form.  A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
-  The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities.  However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work.  For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
-  The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
-  The Corresponding Source for a work in source code form is that
-same work.
-
-  2. Basic Permissions.
-
-  All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work.  This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
-  You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force.  You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright.  Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
-  Conveying under any other circumstances is permitted solely under
-the conditions stated below.  Sublicensing is not allowed; section 10
-makes it unnecessary.
-
-  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
-  No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
-  When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
-  4. Conveying Verbatim Copies.
-
-  You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
-  You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
-  5. Conveying Modified Source Versions.
-
-  You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
-    a) The work must carry prominent notices stating that you modified
-    it, and giving a relevant date.
-
-    b) The work must carry prominent notices stating that it is
-    released under this License and any conditions added under section
-    7.  This requirement modifies the requirement in section 4 to
-    "keep intact all notices".
-
-    c) You must license the entire work, as a whole, under this
-    License to anyone who comes into possession of a copy.  This
-    License will therefore apply, along with any applicable section 7
-    additional terms, to the whole of the work, and all its parts,
-    regardless of how they are packaged.  This License gives no
-    permission to license the work in any other way, but it does not
-    invalidate such permission if you have separately received it.
-
-    d) If the work has interactive user interfaces, each must display
-    Appropriate Legal Notices; however, if the Program has interactive
-    interfaces that do not display Appropriate Legal Notices, your
-    work need not make them do so.
-
-  A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit.  Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
-  6. Conveying Non-Source Forms.
-
-  You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
-    a) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by the
-    Corresponding Source fixed on a durable physical medium
-    customarily used for software interchange.
-
-    b) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by a
-    written offer, valid for at least three years and valid for as
-    long as you offer spare parts or customer support for that product
-    model, to give anyone who possesses the object code either (1) a
-    copy of the Corresponding Source for all the software in the
-    product that is covered by this License, on a durable physical
-    medium customarily used for software interchange, for a price no
-    more than your reasonable cost of physically performing this
-    conveying of source, or (2) access to copy the
-    Corresponding Source from a network server at no charge.
-
-    c) Convey individual copies of the object code with a copy of the
-    written offer to provide the Corresponding Source.  This
-    alternative is allowed only occasionally and noncommercially, and
-    only if you received the object code with such an offer, in accord
-    with subsection 6b.
-
-    d) Convey the object code by offering access from a designated
-    place (gratis or for a charge), and offer equivalent access to the
-    Corresponding Source in the same way through the same place at no
-    further charge.  You need not require recipients to copy the
-    Corresponding Source along with the object code.  If the place to
-    copy the object code is a network server, the Corresponding Source
-    may be on a different server (operated by you or a third party)
-    that supports equivalent copying facilities, provided you maintain
-    clear directions next to the object code saying where to find the
-    Corresponding Source.  Regardless of what server hosts the
-    Corresponding Source, you remain obligated to ensure that it is
-    available for as long as needed to satisfy these requirements.
-
-    e) Convey the object code using peer-to-peer transmission, provided
-    you inform other peers where the object code and Corresponding
-    Source of the work are being offered to the general public at no
-    charge under subsection 6d.
-
-  A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
-  A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling.  In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage.  For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product.  A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
-  "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source.  The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
-  If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information.  But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
-  The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed.  Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
-  Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
-  7. Additional Terms.
-
-  "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law.  If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
-  When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it.  (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.)  You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
-  Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
-    a) Disclaiming warranty or limiting liability differently from the
-    terms of sections 15 and 16 of this License; or
-
-    b) Requiring preservation of specified reasonable legal notices or
-    author attributions in that material or in the Appropriate Legal
-    Notices displayed by works containing it; or
-
-    c) Prohibiting misrepresentation of the origin of that material, or
-    requiring that modified versions of such material be marked in
-    reasonable ways as different from the original version; or
-
-    d) Limiting the use for publicity purposes of names of licensors or
-    authors of the material; or
-
-    e) Declining to grant rights under trademark law for use of some
-    trade names, trademarks, or service marks; or
-
-    f) Requiring indemnification of licensors and authors of that
-    material by anyone who conveys the material (or modified versions of
-    it) with contractual assumptions of liability to the recipient, for
-    any liability that these contractual assumptions directly impose on
-    those licensors and authors.
-
-  All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10.  If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term.  If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
-  If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
-  Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
-  8. Termination.
-
-  You may not propagate or modify a covered work except as expressly
-provided under this License.  Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
-  However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
-  Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
-  Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
-  9. Acceptance Not Required for Having Copies.
-
-  You are not required to accept this License in order to receive or
-run a copy of the Program.  Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance.  However,
-nothing other than this License grants you permission to propagate or
-modify any covered work.  These actions infringe copyright if you do
-not accept this License.  Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
-  10. Automatic Licensing of Downstream Recipients.
-
-  Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License.  You are not responsible
-for enforcing compliance by third parties with this License.
-
-  An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations.  If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
-  You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License.  For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
-  11. Patents.
-
-  A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based.  The
-work thus licensed is called the contributor's "contributor version".
-
-  A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version.  For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
-  Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
-  In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement).  To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
-  If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients.  "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
-  If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
-  A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License.  You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
-  Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
-  12. No Surrender of Others' Freedom.
-
-  If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all.  For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
-  13. Remote Network Interaction; Use with the GNU General Public License.
-
-  Notwithstanding any other provision of this License, if you modify the
-Program, your modified version must prominently offer all users
-interacting with it remotely through a computer network (if your version
-supports such interaction) an opportunity to receive the Corresponding
-Source of your version by providing access to the Corresponding Source
-from a network server at no charge, through some standard or customary
-means of facilitating copying of software.  This Corresponding Source
-shall include the Corresponding Source for any work covered by version 3
-of the GNU General Public License that is incorporated pursuant to the
-following paragraph.
-
-  Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU General Public License into a single
-combined work, and to convey the resulting work.  The terms of this
-License will continue to apply to the part which is the covered work,
-but the work with which it is combined will remain governed by version
-3 of the GNU General Public License.
-
-  14. Revised Versions of this License.
-
-  The Free Software Foundation may publish revised and/or new versions of
-the GNU Affero General Public License from time to time.  Such new versions
-will be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-  Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU Affero General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation.  If the Program does not specify a version number of the
-GNU Affero General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
-  If the Program specifies that a proxy can decide which future
-versions of the GNU Affero General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
-  Later license versions may give you additional or different
-permissions.  However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
-  15. Disclaimer of Warranty.
-
-  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. Limitation of Liability.
-
-  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
-  17. Interpretation of Sections 15 and 16.
-
-  If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the program's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Affero General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Affero General Public License for more details.
-
-    You should have received a copy of the GNU Affero General Public License
-    along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-Also add information on how to contact you by electronic and paper mail.
-
-  If your software can interact with users remotely through a computer
-network, you should also make sure that it provides a way for users to
-get its source.  For example, if your program is a web application, its
-interface could display a "Source" link that leads users to an archive
-of the code.  There are many ways you could offer source, and different
-solutions will be better for different programs; see section 13 for the
-specific requirements.
-
-  You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU AGPL, see
-<http://www.gnu.org/licenses/>.

3RD PARTY LICENSES/Apache-2.0.txt

@@ -1,202 +0,0 @@
-
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.

3RD PARTY LICENSES/LGPLv2.1.txt

@@ -1,502 +0,0 @@
-                  GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 2.1, February 1999
-
- Copyright (C) 1991, 1999 Free Software Foundation, Inc.
- 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-[This is the first released version of the Lesser GPL.  It also counts
- as the successor of the GNU Library Public License, version 2, hence
- the version number 2.1.]
-
-                            Preamble
-
-  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
-Licenses are intended to guarantee your freedom to share and change
-free software--to make sure the software is free for all its users.
-
-  This license, the Lesser General Public License, applies to some
-specially designated software packages--typically libraries--of the
-Free Software Foundation and other authors who decide to use it.  You
-can use it too, but we suggest you first think carefully about whether
-this license or the ordinary General Public License is the better
-strategy to use in any particular case, based on the explanations below.
-
-  When we speak of free software, we are referring to freedom of use,
-not price.  Our General Public Licenses are designed to make sure that
-you have the freedom to distribute copies of free software (and charge
-for this service if you wish); that you receive source code or can get
-it if you want it; that you can change the software and use pieces of
-it in new free programs; and that you are informed that you can do
-these things.
-
-  To protect your rights, we need to make restrictions that forbid
-distributors to deny you these rights or to ask you to surrender these
-rights.  These restrictions translate to certain responsibilities for
-you if you distribute copies of the library or if you modify it.
-
-  For example, if you distribute copies of the library, whether gratis
-or for a fee, you must give the recipients all the rights that we gave
-you.  You must make sure that they, too, receive or can get the source
-code.  If you link other code with the library, you must provide
-complete object files to the recipients, so that they can relink them
-with the library after making changes to the library and recompiling
-it.  And you must show them these terms so they know their rights.
-
-  We protect your rights with a two-step method: (1) we copyright the
-library, and (2) we offer you this license, which gives you legal
-permission to copy, distribute and/or modify the library.
-
-  To protect each distributor, we want to make it very clear that
-there is no warranty for the free library.  Also, if the library is
-modified by someone else and passed on, the recipients should know
-that what they have is not the original version, so that the original
-author's reputation will not be affected by problems that might be
-introduced by others.
-
-  Finally, software patents pose a constant threat to the existence of
-any free program.  We wish to make sure that a company cannot
-effectively restrict the users of a free program by obtaining a
-restrictive license from a patent holder.  Therefore, we insist that
-any patent license obtained for a version of the library must be
-consistent with the full freedom of use specified in this license.
-
-  Most GNU software, including some libraries, is covered by the
-ordinary GNU General Public License.  This license, the GNU Lesser
-General Public License, applies to certain designated libraries, and
-is quite different from the ordinary General Public License.  We use
-this license for certain libraries in order to permit linking those
-libraries into non-free programs.
-
-  When a program is linked with a library, whether statically or using
-a shared library, the combination of the two is legally speaking a
-combined work, a derivative of the original library.  The ordinary
-General Public License therefore permits such linking only if the
-entire combination fits its criteria of freedom.  The Lesser General
-Public License permits more lax criteria for linking other code with
-the library.
-
-  We call this license the "Lesser" General Public License because it
-does Less to protect the user's freedom than the ordinary General
-Public License.  It also provides other free software developers Less
-of an advantage over competing non-free programs.  These disadvantages
-are the reason we use the ordinary General Public License for many
-libraries.  However, the Lesser license provides advantages in certain
-special circumstances.
-
-  For example, on rare occasions, there may be a special need to
-encourage the widest possible use of a certain library, so that it becomes
-a de-facto standard.  To achieve this, non-free programs must be
-allowed to use the library.  A more frequent case is that a free
-library does the same job as widely used non-free libraries.  In this
-case, there is little to gain by limiting the free library to free
-software only, so we use the Lesser General Public License.
-
-  In other cases, permission to use a particular library in non-free
-programs enables a greater number of people to use a large body of
-free software.  For example, permission to use the GNU C Library in
-non-free programs enables many more people to use the whole GNU
-operating system, as well as its variant, the GNU/Linux operating
-system.
-
-  Although the Lesser General Public License is Less protective of the
-users' freedom, it does ensure that the user of a program that is
-linked with the Library has the freedom and the wherewithal to run
-that program using a modified version of the Library.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.  Pay close attention to the difference between a
-"work based on the library" and a "work that uses the library".  The
-former contains code derived from the library, whereas the latter must
-be combined with the library in order to run.
-
-                  GNU LESSER GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
-  0. This License Agreement applies to any software library or other
-program which contains a notice placed by the copyright holder or
-other authorized party saying it may be distributed under the terms of
-this Lesser General Public License (also called "this License").
-Each licensee is addressed as "you".
-
-  A "library" means a collection of software functions and/or data
-prepared so as to be conveniently linked with application programs
-(which use some of those functions and data) to form executables.
-
-  The "Library", below, refers to any such software library or work
-which has been distributed under these terms.  A "work based on the
-Library" means either the Library or any derivative work under
-copyright law: that is to say, a work containing the Library or a
-portion of it, either verbatim or with modifications and/or translated
-straightforwardly into another language.  (Hereinafter, translation is
-included without limitation in the term "modification".)
-
-  "Source code" for a work means the preferred form of the work for
-making modifications to it.  For a library, complete source code means
-all the source code for all modules it contains, plus any associated
-interface definition files, plus the scripts used to control compilation
-and installation of the library.
-
-  Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
-running a program using the Library is not restricted, and output from
-such a program is covered only if its contents constitute a work based
-on the Library (independent of the use of the Library in a tool for
-writing it).  Whether that is true depends on what the Library does
-and what the program that uses the Library does.
-
-  1. You may copy and distribute verbatim copies of the Library's
-complete source code as you receive it, in any medium, provided that
-you conspicuously and appropriately publish on each copy an
-appropriate copyright notice and disclaimer of warranty; keep intact
-all the notices that refer to this License and to the absence of any
-warranty; and distribute a copy of this License along with the
-Library.
-
-  You may charge a fee for the physical act of transferring a copy,
-and you may at your option offer warranty protection in exchange for a
-fee.
-
-  2. You may modify your copy or copies of the Library or any portion
-of it, thus forming a work based on the Library, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
-    a) The modified work must itself be a software library.
-
-    b) You must cause the files modified to carry prominent notices
-    stating that you changed the files and the date of any change.
-
-    c) You must cause the whole of the work to be licensed at no
-    charge to all third parties under the terms of this License.
-
-    d) If a facility in the modified Library refers to a function or a
-    table of data to be supplied by an application program that uses
-    the facility, other than as an argument passed when the facility
-    is invoked, then you must make a good faith effort to ensure that,
-    in the event an application does not supply such function or
-    table, the facility still operates, and performs whatever part of
-    its purpose remains meaningful.
-
-    (For example, a function in a library to compute square roots has
-    a purpose that is entirely well-defined independent of the
-    application.  Therefore, Subsection 2d requires that any
-    application-supplied function or table used by this function must
-    be optional: if the application does not supply it, the square
-    root function must still compute square roots.)
-
-These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Library,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
-on the Library, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote
-it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Library.
-
-In addition, mere aggregation of another work not based on the Library
-with the Library (or with a work based on the Library) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
-  3. You may opt to apply the terms of the ordinary GNU General Public
-License instead of this License to a given copy of the Library.  To do
-this, you must alter all the notices that refer to this License, so
-that they refer to the ordinary GNU General Public License, version 2,
-instead of to this License.  (If a newer version than version 2 of the
-ordinary GNU General Public License has appeared, then you can specify
-that version instead if you wish.)  Do not make any other change in
-these notices.
-
-  Once this change is made in a given copy, it is irreversible for
-that copy, so the ordinary GNU General Public License applies to all
-subsequent copies and derivative works made from that copy.
-
-  This option is useful when you wish to copy part of the code of
-the Library into a program that is not a library.
-
-  4. You may copy and distribute the Library (or a portion or
-derivative of it, under Section 2) in object code or executable form
-under the terms of Sections 1 and 2 above provided that you accompany
-it with the complete corresponding machine-readable source code, which
-must be distributed under the terms of Sections 1 and 2 above on a
-medium customarily used for software interchange.
-
-  If distribution of object code is made by offering access to copy
-from a designated place, then offering equivalent access to copy the
-source code from the same place satisfies the requirement to
-distribute the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
-  5. A program that contains no derivative of any portion of the
-Library, but is designed to work with the Library by being compiled or
-linked with it, is called a "work that uses the Library".  Such a
-work, in isolation, is not a derivative work of the Library, and
-therefore falls outside the scope of this License.
-
-  However, linking a "work that uses the Library" with the Library
-creates an executable that is a derivative of the Library (because it
-contains portions of the Library), rather than a "work that uses the
-library".  The executable is therefore covered by this License.
-Section 6 states terms for distribution of such executables.
-
-  When a "work that uses the Library" uses material from a header file
-that is part of the Library, the object code for the work may be a
-derivative work of the Library even though the source code is not.
-Whether this is true is especially significant if the work can be
-linked without the Library, or if the work is itself a library.  The
-threshold for this to be true is not precisely defined by law.
-
-  If such an object file uses only numerical parameters, data
-structure layouts and accessors, and small macros and small inline
-functions (ten lines or less in length), then the use of the object
-file is unrestricted, regardless of whether it is legally a derivative
-work.  (Executables containing this object code plus portions of the
-Library will still fall under Section 6.)
-
-  Otherwise, if the work is a derivative of the Library, you may
-distribute the object code for the work under the terms of Section 6.
-Any executables containing that work also fall under Section 6,
-whether or not they are linked directly with the Library itself.
-
-  6. As an exception to the Sections above, you may also combine or
-link a "work that uses the Library" with the Library to produce a
-work containing portions of the Library, and distribute that work
-under terms of your choice, provided that the terms permit
-modification of the work for the customer's own use and reverse
-engineering for debugging such modifications.
-
-  You must give prominent notice with each copy of the work that the
-Library is used in it and that the Library and its use are covered by
-this License.  You must supply a copy of this License.  If the work
-during execution displays copyright notices, you must include the
-copyright notice for the Library among them, as well as a reference
-directing the user to the copy of this License.  Also, you must do one
-of these things:
-
-    a) Accompany the work with the complete corresponding
-    machine-readable source code for the Library including whatever
-    changes were used in the work (which must be distributed under
-    Sections 1 and 2 above); and, if the work is an executable linked
-    with the Library, with the complete machine-readable "work that
-    uses the Library", as object code and/or source code, so that the
-    user can modify the Library and then relink to produce a modified
-    executable containing the modified Library.  (It is understood
-    that the user who changes the contents of definitions files in the
-    Library will not necessarily be able to recompile the application
-    to use the modified definitions.)
-
-    b) Use a suitable shared library mechanism for linking with the
-    Library.  A suitable mechanism is one that (1) uses at run time a
-    copy of the library already present on the user's computer system,
-    rather than copying library functions into the executable, and (2)
-    will operate properly with a modified version of the library, if
-    the user installs one, as long as the modified version is
-    interface-compatible with the version that the work was made with.
-
-    c) Accompany the work with a written offer, valid for at
-    least three years, to give the same user the materials
-    specified in Subsection 6a, above, for a charge no more
-    than the cost of performing this distribution.
-
-    d) If distribution of the work is made by offering access to copy
-    from a designated place, offer equivalent access to copy the above
-    specified materials from the same place.
-
-    e) Verify that the user has already received a copy of these
-    materials or that you have already sent this user a copy.
-
-  For an executable, the required form of the "work that uses the
-Library" must include any data and utility programs needed for
-reproducing the executable from it.  However, as a special exception,
-the materials to be distributed need not include anything that is
-normally distributed (in either source or binary form) with the major
-components (compiler, kernel, and so on) of the operating system on
-which the executable runs, unless that component itself accompanies
-the executable.
-
-  It may happen that this requirement contradicts the license
-restrictions of other proprietary libraries that do not normally
-accompany the operating system.  Such a contradiction means you cannot
-use both them and the Library together in an executable that you
-distribute.
-
-  7. You may place library facilities that are a work based on the
-Library side-by-side in a single library together with other library
-facilities not covered by this License, and distribute such a combined
-library, provided that the separate distribution of the work based on
-the Library and of the other library facilities is otherwise
-permitted, and provided that you do these two things:
-
-    a) Accompany the combined library with a copy of the same work
-    based on the Library, uncombined with any other library
-    facilities.  This must be distributed under the terms of the
-    Sections above.
-
-    b) Give prominent notice with the combined library of the fact
-    that part of it is a work based on the Library, and explaining
-    where to find the accompanying uncombined form of the same work.
-
-  8. You may not copy, modify, sublicense, link with, or distribute
-the Library except as expressly provided under this License.  Any
-attempt otherwise to copy, modify, sublicense, link with, or
-distribute the Library is void, and will automatically terminate your
-rights under this License.  However, parties who have received copies,
-or rights, from you under this License will not have their licenses
-terminated so long as such parties remain in full compliance.
-
-  9. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
-distribute the Library or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Library (or any work based on the
-Library), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Library or works based on it.
-
-  10. Each time you redistribute the Library (or any work based on the
-Library), the recipient automatically receives a license from the
-original licensor to copy, distribute, link with or modify the Library
-subject to these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties with
-this License.
-
-  11. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Library at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Library by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Library.
-
-If any portion of this section is held invalid or unenforceable under any
-particular circumstance, the balance of the section is intended to apply,
-and the section as a whole is intended to apply in other circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system which is
-implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
-  12. If the distribution and/or use of the Library is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Library under this License may add
-an explicit geographical distribution limitation excluding those countries,
-so that distribution is permitted only in or among countries not thus
-excluded.  In such case, this License incorporates the limitation as if
-written in the body of this License.
-
-  13. The Free Software Foundation may publish revised and/or new
-versions of the Lesser General Public License from time to time.
-Such new versions will be similar in spirit to the present version,
-but may differ in detail to address new problems or concerns.
-
-Each version is given a distinguishing version number.  If the Library
-specifies a version number of this License which applies to it and
-"any later version", you have the option of following the terms and
-conditions either of that version or of any later version published by
-the Free Software Foundation.  If the Library does not specify a
-license version number, you may choose any version ever published by
-the Free Software Foundation.
-
-  14. If you wish to incorporate parts of the Library into other free
-programs whose distribution conditions are incompatible with these,
-write to the author to ask for permission.  For software which is
-copyrighted by the Free Software Foundation, write to the Free
-Software Foundation; we sometimes make exceptions for this.  Our
-decision will be guided by the two goals of preserving the free status
-of all derivatives of our free software and of promoting the sharing
-and reuse of software generally.
-
-                            NO WARRANTY
-
-  15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
-WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
-EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
-OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
-KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
-LIBRARY IS WITH YOU.  SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
-THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
-WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
-AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
-FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
-CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
-LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
-RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
-FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
-SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGES.
-
-                     END OF TERMS AND CONDITIONS
-
-           How to Apply These Terms to Your New Libraries
-
-  If you develop a new library, and you want it to be of the greatest
-possible use to the public, we recommend making it free software that
-everyone can redistribute and change.  You can do so by permitting
-redistribution under these terms (or, alternatively, under the terms of the
-ordinary General Public License).
-
-  To apply these terms, attach the following notices to the library.  It is
-safest to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least the
-"copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the library's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This library is free software; you can redistribute it and/or
-    modify it under the terms of the GNU Lesser General Public
-    License as published by the Free Software Foundation; either
-    version 2.1 of the License, or (at your option) any later version.
-
-    This library is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-    Lesser General Public License for more details.
-
-    You should have received a copy of the GNU Lesser General Public
-    License along with this library; if not, write to the Free Software
-    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-
-Also add information on how to contact you by electronic and paper mail.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the library, if
-necessary.  Here is a sample; alter the names:
-
-  Yoyodyne, Inc., hereby disclaims all copyright interest in the
-  library `Frob' (a library for tweaking knobs) written by James Random Hacker.
-
-  <signature of Ty Coon>, 1 April 1990
-  Ty Coon, President of Vice
-
-That's all there is to it!

3RD PARTY LICENSES/MIT-X11.txt

@@ -1,21 +0,0 @@
-The MIT License (MIT)
-
-Copyright (c) <year> <copyright holders>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.

3RD PARTY LICENSES/Modified BSD.txt

@@ -1,27 +0,0 @@
-Copyright (c) [year], [fullname]
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this
-  list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-
-* Neither the name of [project] nor the names of its
-  contributors may be used to endorse or promote products derived from
-  this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

3RD PARTY LICENSES/Simplified BSD.txt

@@ -1,23 +0,0 @@
-Copyright (c) [year], [fullname]
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this
-  list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

3RD PARTY LICENSES/_NOTICE.md

@@ -1,88 +0,0 @@
-# Third party softwares
-Cryptomator uses third party libraries and fonts that may be licensed under different licenses.
-
-## AquaFX
-The ProgressIndicator in ui/src/main/resource/css/mac_theme.css contains code from the AquaFX project.
-
-Copyright Claudine Zillmann (http://aquafx-project.com/)
-
-Licensed under the accompanying Modified BSD license file.
-
-## Apache Commons + Apache HttpComponents + Jackrabbit WebDAV Library
-Copyright The Apache Software Foundation
-
-Licensed under the Apache License, Version 2.0
-
-### Commons Codec
-
-src/test/org/apache/commons/codec/language/DoubleMetaphoneTest.java contains test data
-from http://aspell.net/test/orig/batch0.tab. Copyright (C) 2002 Kevin Atkinson (kevina@gnu.org)
-
-### Commons Lang
-
-This product includes software from the Spring Framework,
-under the Apache License 2.0 (see: StringUtils.containsWhitespace())
-
-### Jackrabbit WebDAV Library
-
-Based on source code originally developed by
-Day Software (http://www.day.com/).
-
-## CryptoLib + CryptoFS
-Copyright 2016, 2017 Skymatic UG (haftungsbeschränkt)
-
-Licensed under the GNU Affero General Public License, Version 3
-
-## Dagger 2
-Copyright 2014 Google, Inc.
-Copyright 2012 Square, Inc.
-
-Licensed under the Apache License, Version 2.0
-
-## EasyBind
-Copyright (c) 2014, TomasMikula
-
-Licensed under the accompanying simplified BSD license.
-
-
-## GSON + Guava
-Copyright Google, Inc.
-
-Licensed under the Apache License, Version 2.0
-
-## Jetty
-Copyright 1995-2017 Mort Bay Consulting Pty Ltd.
-
-The UnixCrypt.java code implements the one way cryptography used by
-Unix systems for simple password protection.  Copyright 1996 Aki Yoshida,
-modified April 2001  by Iris Van den Broeke, Daniel Deville.
-Permission to use, copy, modify and distribute UnixCrypt
-for non-commercial or commercial purposes and without fee is
-granted provided that the copyright notice appears in all copies.
-
-Licensed under the Apache License, Version 2.0
-
-
-## Logback
-Copyright (C) 1999-2017, QOS.ch. All rights reserved.
-
-Licensed under the GNU Lesser General Public License, Version 2.1
-
-## SIV-Mode
-Copyright (c) Sebastian Stenzel
-
-Licensed under the MIT / X11 License
-
-## SLF4J
-Copyright (c) 2004-2017 QOS.ch
-
-Licensed under the MIT / X11 License
-
-
-# Other third party assets
-Non-software work included in Cryptomator
-
-## Ionicons
-Copyright (c) 2016 Drifty (http://drifty.com/)
-
-ionicons.ttf Licensed under the accompanying MIT license

README.md

@@ -1,8 +1,8 @@
 [![cryptomator](cryptomator.png)](https://cryptomator.org/)
 
-[![Build Status](https://travis-ci.org/cryptomator/cryptomator.svg?branch=master)](https://travis-ci.org/cryptomator/cryptomator)
+[![Build](https://github.com/cryptomator/cryptomator/workflows/Build/badge.svg)](https://github.com/cryptomator/cryptomator/actions?query=workflow%3ABuild)
 [![Known Vulnerabilities](https://snyk.io/test/github/cryptomator/cryptomator/badge.svg?targetFile=main%2Fpom.xml)](https://snyk.io/test/github/cryptomator/cryptomator?targetFile=main%2Fpom.xml)
-[![Codacy Badge](https://api.codacy.com/project/badge/Grade/2a0adf3cec6a4143b91035d3924178f1)](https://www.codacy.com/app/cryptomator/cryptomator?utm_source=github.com&utm_medium=referral&utm_content=cryptomator/cryptomator&utm_campaign=Badge_Grade)
+[![Codacy Badge](https://app.codacy.com/project/badge/Grade/2a0adf3cec6a4143b91035d3924178f1)](https://www.codacy.com/gh/cryptomator/cryptomator/dashboard)
 [![Twitter](https://img.shields.io/badge/twitter-@Cryptomator-blue.svg?style=flat)](http://twitter.com/Cryptomator)
 [![Crowdin](https://badges.crowdin.net/cryptomator/localized.svg)](https://translate.cryptomator.org/)
 [![Latest Release](https://img.shields.io/github/release/cryptomator/cryptomator.svg)](https://github.com/cryptomator/cryptomator/releases/latest)
@@ -15,9 +15,28 @@ Cryptomator is provided free of charge as an open-source project despite the hig
 - [One-time or recurring donation via Cryptomator's website.](https://cryptomator.org/#donate)
 - [Become a sponsor via Cryptomator's sponsors website.](https://cryptomator.org/sponsors/)
 
+### Gold Sponsors
+
+<table>
+  <tbody>
+    <tr>
+      <td><a href="https://www.gee-whiz.de/"><img src="https://cryptomator.org/img/sponsors/geewhiz.svg" alt="gee-whiz" height="80"></a></td>
+      <td><a href="https://proxy-hub.com/"><img src="https://cryptomator.org/img/sponsors/proxyhub.svg" alt="Proxy-Hub" height="80"></a></td>
+    </tr>
+  </tbody>
+</table>
+
 ### Silver Sponsors
 
-[![TheBestVPN](https://cryptomator.org/img/sponsors/thebestvpn.png)](https://thebestvpn.com/)
+<table>
+  <tbody>
+    <tr>
+      <td><a href="https://thebestvpn.com/"><img src="https://cryptomator.org/img/sponsors/thebestvpn@2x.png" alt="TheBestVPN" height="64"></a></td>
+    </tr>
+  </tbody>
+</table>
+
+- [Jameson Lopp](https://www.lopp.net/)
 
 ---
 
@@ -29,7 +48,7 @@ Download native binaries of Cryptomator on [cryptomator.org](https://cryptomator
 
 ## Features
 
-- Works with Dropbox, Google Drive, OneDrive, ownCloud, Nextcloud and any other cloud storage service which synchronizes with a local directory
+- Works with Dropbox, Google Drive, OneDrive, MEGA, pCloud, ownCloud, Nextcloud and any other cloud storage service which synchronizes with a local directory
 - Open Source means: No backdoors, control is better than trust
 - Client-side: No accounts, no data shared with any online service
 - Totally transparent: Just work on the virtual drive as if it were a USB flash drive
@@ -37,7 +56,7 @@ Download native binaries of Cryptomator on [cryptomator.org](https://cryptomator
 - File names get encrypted
 - Folder structure gets obfuscated
 - Use as many vaults in your Dropbox as you want, each having individual passwords
-- One thousand commits for the security of your data!! :tada:
+- Two thousand commits for the security of your data!! :tada:
 
 ### Privacy
 
@@ -55,13 +74,13 @@ Download native binaries of Cryptomator on [cryptomator.org](https://cryptomator
 
 ### Security Architecture
 
-For more information on the security details visit [cryptomator.org](https://cryptomator.org/architecture/).
+For more information on the security details visit [cryptomator.org](https://docs.cryptomator.org/en/latest/security/architecture/).
 
 ## Building
 
 ### Dependencies
 
-* JDK 11 (we recommend to use the latest version)
+* JDK 16 (e.g. adoptopenjdk)
 * Maven 3
 * Optional: OS-dependent build tools for native packaging (see [Windows](https://github.com/cryptomator/cryptomator-win), [OS X](https://github.com/cryptomator/cryptomator-osx), [Linux](https://github.com/cryptomator/builder-containers))
 
@@ -69,7 +88,9 @@ For more information on the security details visit [cryptomator.org](https://cry
 
 ```
 cd main
-mvn clean install -Prelease
+mvn clean install -Prelease,windows
+# or mvn clean install -Prelease,mac
+# or mvn clean install -Prelease,linux
 ```
 
 This will build all the jars and bundle them together with their OS-specific dependencies under `main/buildkit/target`. This can now be used to build native packages.

main/buildkit/assembly-linux.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<assembly xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/ASSEMBLY/2.0.0"
 		  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
 	<id>tarball</id>
 	<includeBaseDirectory>false</includeBaseDirectory>
@@ -14,13 +14,6 @@
 			</includes>
 			<outputDirectory>libs</outputDirectory>
 		</fileSet>
-		<fileSet>
-			<directory>target/</directory>
-			<includes>
-				<include>ffi-version.txt</include>
-			</includes>
-			<outputDirectory>libs</outputDirectory>
-		</fileSet>
 		<fileSet>
 			<directory>target/</directory>
 			<includes>
@@ -43,12 +36,5 @@
 			</includes>
 			<outputDirectory>libs</outputDirectory>
 		</fileSet>
-		<fileSet>
-			<directory>target/linux-libs</directory>
-			<includes>
-				<include>*.jar</include>
-			</includes>
-			<outputDirectory>libs</outputDirectory>
-		</fileSet>
 	</fileSets>
 </assembly>

main/buildkit/assembly-mac.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<assembly xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/ASSEMBLY/2.0.0"
 		  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
 	<id>tarball</id>
 	<includeBaseDirectory>false</includeBaseDirectory>
@@ -14,13 +14,6 @@
 			</includes>
 			<outputDirectory>libs</outputDirectory>
 		</fileSet>
-		<fileSet>
-			<directory>target/</directory>
-			<includes>
-				<include>ffi-version.txt</include>
-			</includes>
-			<outputDirectory>libs</outputDirectory>
-		</fileSet>
 		<fileSet>
 			<directory>target/</directory>
 			<includes>
@@ -43,12 +36,5 @@
 			</includes>
 			<outputDirectory>libs</outputDirectory>
 		</fileSet>
-		<fileSet>
-			<directory>target/mac-libs</directory>
-			<includes>
-				<include>*.jar</include>
-			</includes>
-			<outputDirectory>libs</outputDirectory>
-		</fileSet>
 	</fileSets>
 </assembly>

main/buildkit/assembly-win.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<assembly xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/ASSEMBLY/2.0.0"
 		  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
 	<id>tarball</id>
 	<includeBaseDirectory>false</includeBaseDirectory>
@@ -14,13 +14,6 @@
 			</includes>
 			<outputDirectory>libs</outputDirectory>
 		</fileSet>
-		<fileSet>
-			<directory>target/</directory>
-			<includes>
-				<include>ffi-version.txt</include>
-			</includes>
-			<outputDirectory>libs</outputDirectory>
-		</fileSet>
 		<fileSet>
 			<directory>target/</directory>
 			<includes>
@@ -43,12 +36,5 @@
 			</includes>
 			<outputDirectory>libs</outputDirectory>
 		</fileSet>
-		<fileSet>
-			<directory>target/win-libs</directory>
-			<includes>
-				<include>*.jar</include>
-			</includes>
-			<outputDirectory>libs</outputDirectory>
-		</fileSet>
 	</fileSets>
 </assembly>

main/buildkit/pom.xml

@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 	<parent>
 		<groupId>org.cryptomator</groupId>
 		<artifactId>main</artifactId>
-		<version>1.5.0-alpha2</version>
+		<version>1.5.19</version>
 	</parent>
 	<artifactId>buildkit</artifactId>
 	<packaging>pom</packaging>
@@ -24,7 +24,6 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-resources-plugin</artifactId>
-				<version>3.1.0</version>
 				<executions>
 					<execution>
 						<id>copy-resources</id>
@@ -55,8 +54,8 @@
 
 			<!-- copy libraries to target/libs/: -->
 			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-dependency-plugin</artifactId>
-				<version>3.1.1</version>
 				<executions>
 					<execution>
 						<id>copy-libs</id>
@@ -65,110 +64,153 @@
 							<goal>copy-dependencies</goal>
 						</goals>
 						<configuration>
+							<includeScope>runtime</includeScope>
 							<outputDirectory>${project.build.directory}/libs</outputDirectory>
 							<excludeClassifiers>linux,mac,win</excludeClassifiers>
-							<excludeArtifactIds>dbus-java,secret-service,hkdf,java-utils</excludeArtifactIds>
-						</configuration>
-					</execution>
-					<execution>
-						<id>copy-linux-libs</id>
-						<phase>prepare-package</phase>
-						<goals>
-							<goal>copy-dependencies</goal>
-						</goals>
-						<configuration>
-							<outputDirectory>${project.build.directory}/linux-libs</outputDirectory>
-							<includeGroupIds>org.openjfx</includeGroupIds>
-							<classifier>linux</classifier>
-						</configuration>
-					</execution>
-					<execution>
-						<id>copy-linux-secret-service</id>
-						<phase>prepare-package</phase>
-						<goals>
-							<goal>copy-dependencies</goal>
-						</goals>
-						<configuration>
-							<outputDirectory>${project.build.directory}/linux-libs</outputDirectory>
-							<includeArtifactIds>dbus-java,secret-service,hkdf,java-utils</includeArtifactIds>
-						</configuration>
-					</execution>
-					<execution>
-						<id>copy-mac-libs</id>
-						<phase>prepare-package</phase>
-						<goals>
-							<goal>copy-dependencies</goal>
-						</goals>
-						<configuration>
-							<outputDirectory>${project.build.directory}/mac-libs</outputDirectory>
-							<includeGroupIds>org.openjfx</includeGroupIds>
-							<classifier>mac</classifier>
-						</configuration>
-					</execution>
-					<execution>
-						<id>copy-win-libs</id>
-						<phase>prepare-package</phase>
-						<goals>
-							<goal>copy-dependencies</goal>
-						</goals>
-						<configuration>
-							<outputDirectory>${project.build.directory}/win-libs</outputDirectory>
-							<includeGroupIds>org.openjfx</includeGroupIds>
-							<classifier>win</classifier>
-						</configuration>
-					</execution>
-				</executions>
-			</plugin>
-
-			<!-- create buildkit.zip: -->
-			<plugin>
-				<artifactId>maven-assembly-plugin</artifactId>
-				<version>3.1.1</version>
-				<executions>
-					<execution>
-						<id>assemble-linux</id>
-						<phase>package</phase>
-						<goals>
-							<goal>single</goal>
-						</goals>
-						<configuration>
-							<descriptors>
-								<descriptor>assembly-linux.xml</descriptor>
-							</descriptors>
-							<appendAssemblyId>false</appendAssemblyId>
-							<finalName>buildkit-linux</finalName>
-						</configuration>
-					</execution>
-					<execution>
-						<id>assemble-mac</id>
-						<phase>package</phase>
-						<goals>
-							<goal>single</goal>
-						</goals>
-						<configuration>
-							<descriptors>
-								<descriptor>assembly-mac.xml</descriptor>
-							</descriptors>
-							<appendAssemblyId>false</appendAssemblyId>
-							<finalName>buildkit-mac</finalName>
-						</configuration>
-					</execution>
-					<execution>
-						<id>assemble-win</id>
-						<phase>package</phase>
-						<goals>
-							<goal>single</goal>
-						</goals>
-						<configuration>
-							<descriptors>
-								<descriptor>assembly-win.xml</descriptor>
-							</descriptors>
-							<appendAssemblyId>false</appendAssemblyId>
-							<finalName>buildkit-win</finalName>
 						</configuration>
 					</execution>
 				</executions>
 			</plugin>
 		</plugins>
 	</build>
+
+	<profiles>
+		<profile>
+			<id>linux</id>
+			<build>
+				<plugins>
+					<plugin>
+						<groupId>org.apache.maven.plugins</groupId>
+						<artifactId>maven-assembly-plugin</artifactId>
+						<executions>
+							<execution>
+								<id>assemble-linux</id>
+								<phase>package</phase>
+								<goals>
+									<goal>single</goal>
+								</goals>
+								<configuration>
+									<descriptors>
+										<descriptor>assembly-linux.xml</descriptor>
+									</descriptors>
+									<appendAssemblyId>false</appendAssemblyId>
+									<finalName>buildkit-linux</finalName>
+								</configuration>
+							</execution>
+						</executions>
+					</plugin>
+					<plugin>
+						<groupId>org.apache.maven.plugins</groupId>
+						<artifactId>maven-dependency-plugin</artifactId>
+						<executions>
+							<execution>
+								<id>copy-linux-libs</id>
+								<phase>prepare-package</phase>
+								<goals>
+									<goal>copy-dependencies</goal>
+								</goals>
+								<configuration>
+									<outputDirectory>${project.build.directory}/libs</outputDirectory>
+									<includeGroupIds>org.openjfx</includeGroupIds>
+									<classifier>linux</classifier>
+								</configuration>
+							</execution>
+						</executions>
+					</plugin>
+				</plugins>
+			</build>
+		</profile>
+
+		<profile>
+			<id>mac</id>
+			<build>
+				<plugins>
+					<plugin>
+						<groupId>org.apache.maven.plugins</groupId>
+						<artifactId>maven-assembly-plugin</artifactId>
+						<executions>
+							<execution>
+								<id>assemble-mac</id>
+								<phase>package</phase>
+								<goals>
+									<goal>single</goal>
+								</goals>
+								<configuration>
+									<descriptors>
+										<descriptor>assembly-mac.xml</descriptor>
+									</descriptors>
+									<appendAssemblyId>false</appendAssemblyId>
+									<finalName>buildkit-mac</finalName>
+								</configuration>
+							</execution>
+						</executions>
+					</plugin>
+					<plugin>
+						<groupId>org.apache.maven.plugins</groupId>
+						<artifactId>maven-dependency-plugin</artifactId>
+						<executions>
+							<execution>
+								<id>copy-mac-libs</id>
+								<phase>prepare-package</phase>
+								<goals>
+									<goal>copy-dependencies</goal>
+								</goals>
+								<configuration>
+									<outputDirectory>${project.build.directory}/libs</outputDirectory>
+									<includeGroupIds>org.openjfx</includeGroupIds>
+									<classifier>mac</classifier>
+								</configuration>
+							</execution>
+						</executions>
+					</plugin>
+				</plugins>
+			</build>
+		</profile>
+
+		<profile>
+			<id>windows</id>
+			<build>
+				<plugins>
+					<plugin>
+						<groupId>org.apache.maven.plugins</groupId>
+						<artifactId>maven-assembly-plugin</artifactId>
+						<executions>
+							<execution>
+								<id>assemble-win</id>
+								<phase>package</phase>
+								<goals>
+									<goal>single</goal>
+								</goals>
+								<configuration>
+									<descriptors>
+										<descriptor>assembly-win.xml</descriptor>
+									</descriptors>
+									<appendAssemblyId>false</appendAssemblyId>
+									<finalName>buildkit-win</finalName>
+								</configuration>
+							</execution>
+						</executions>
+					</plugin>
+					<plugin>
+						<groupId>org.apache.maven.plugins</groupId>
+						<artifactId>maven-dependency-plugin</artifactId>
+						<executions>
+							<execution>
+								<id>copy-win-libs</id>
+								<phase>prepare-package</phase>
+								<goals>
+									<goal>copy-dependencies</goal>
+								</goals>
+								<configuration>
+									<outputDirectory>${project.build.directory}/libs</outputDirectory>
+									<includeGroupIds>org.openjfx</includeGroupIds>
+									<classifier>win</classifier>
+								</configuration>
+							</execution>
+						</executions>
+					</plugin>
+				</plugins>
+			</build>
+		</profile>
+	</profiles>
 </project>

main/buildkit/src/main/resources/ffi-version.txt

@@ -1 +0,0 @@
-${cryptomator.jni.version}

main/buildkit/src/main/resources/launcher-linux.sh

@@ -1,4 +1,5 @@
 #!/bin/sh
+cd $(dirname $0)
 java \
 	-cp "libs/*" \
 	-Dcryptomator.settingsPath="~/.config/Cryptomator/settings.json" \
@@ -6,6 +7,6 @@ java \
 	-Dcryptomator.logDir="~/.local/share/Cryptomator/logs" \
 	-Dcryptomator.mountPointsDir="~/.local/share/Cryptomator/mnt" \
 	-Djdk.gtk.version=2 \
-	-Xss20m \
+	-Xss2m \
 	-Xmx512m \
-	org.cryptomator.launcher.Cryptomator
+	org.cryptomator.launcher.Cryptomator

main/buildkit/src/main/resources/launcher-mac.sh

@@ -1,4 +1,5 @@
 #!/bin/sh
+cd $(dirname $0)
 java \
 	-cp "libs/*" \
 	-Dcryptomator.settingsPath="~/Library/Application Support/Cryptomator/settings.json" \

main/buildkit/src/main/resources/launcher-win.bat

@@ -4,6 +4,7 @@ java ^
 	-Dcryptomator.settingsPath="~/AppData/Roaming/Cryptomator/settings.json" ^
 	-Dcryptomator.ipcPortPath="~/AppData/Roaming/Cryptomator/ipcPort.bin" ^
 	-Dcryptomator.logDir="~/AppData/Roaming/Cryptomator" ^
+	-Dcryptomator.mountPointsDir="~/Cryptomator" ^
 	-Dcryptomator.keychainPath="~/AppData/Roaming/Cryptomator/keychain.json" ^
 	-Xss20m ^
 	-Xmx512m ^

main/commons/pom.xml

@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 	<parent>
 		<groupId>org.cryptomator</groupId>
 		<artifactId>main</artifactId>
-		<version>1.5.0-alpha2</version>
+		<version>1.5.19</version>
 	</parent>
 	<artifactId>commons</artifactId>
 	<name>Cryptomator Commons</name>
@@ -29,7 +29,7 @@
 		</dependency>
 		<dependency>
 			<groupId>org.cryptomator</groupId>
-			<artifactId>jni</artifactId>
+			<artifactId>integrations-api</artifactId>
 		</dependency>
 
 		<!-- JavaFx -->
@@ -44,10 +44,16 @@
 
 		<!-- EasyBind -->
 		<dependency>
-			<groupId>org.fxmisc.easybind</groupId>
+			<groupId>com.tobiasdiez</groupId>
 			<artifactId>easybind</artifactId>
 		</dependency>
 
+		<!-- JWT -->
+		<dependency>
+			<groupId>com.auth0</groupId>
+			<artifactId>java-jwt</artifactId>
+		</dependency>
+
 		<!-- Google -->
 		<dependency>
 			<groupId>com.google.guava</groupId>

main/commons/src/main/java/org/cryptomator/common/CommonsModule.java

@@ -5,35 +5,55 @@
  *******************************************************************************/
 package org.cryptomator.common;
 
-import dagger.Binds;
+import com.tobiasdiez.easybind.EasyBind;
 import dagger.Module;
 import dagger.Provides;
-import javafx.beans.binding.Binding;
-import javafx.beans.binding.Bindings;
-import javafx.collections.ObservableList;
 import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.keychain.KeychainModule;
 import org.cryptomator.common.settings.Settings;
 import org.cryptomator.common.settings.SettingsProvider;
 import org.cryptomator.common.vaults.Vault;
 import org.cryptomator.common.vaults.VaultComponent;
 import org.cryptomator.common.vaults.VaultListManager;
 import org.cryptomator.frontend.webdav.WebDavServer;
-import org.fxmisc.easybind.EasyBind;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import javax.inject.Named;
 import javax.inject.Singleton;
+import javafx.beans.binding.Binding;
+import javafx.beans.binding.Bindings;
+import javafx.collections.ObservableList;
 import java.net.InetSocketAddress;
 import java.util.Comparator;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.SynchronousQueue;
+import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicInteger;
-import java.util.function.Consumer;
 
-@Module(subcomponents = {VaultComponent.class})
+@Module(subcomponents = {VaultComponent.class}, includes = {KeychainModule.class})
 public abstract class CommonsModule {
 
-	private static final int NUM_SCHEDULER_THREADS = 4;
+	private static final Logger LOG = LoggerFactory.getLogger(CommonsModule.class);
+	private static final int NUM_SCHEDULER_THREADS = 2;
+	private static final int NUM_CORE_BG_THREADS = 6;
+	private static final long BG_THREAD_KEEPALIVE_SECONDS = 60l;
+
+	@Provides
+	@Singleton
+	@Named("licensePublicKey")
+	static String provideLicensePublicKey() {
+		// in PEM format without the dash-escaped begin/end lines
+		return """
+				MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB7NfnqiZbg2KTmoflmZ71PbXru7oW\
+				fmnV2yv3eDjlDfGruBrqz9TtXBZV/eYWt31xu1osIqaT12lKBvZ511aaAkIBeOEV\
+				gwcBIlJr6kUw7NKzeJt7r2rrsOyQoOG2nWc/Of/NBqA3mIZRHk5Aq1YupFdD26QE\
+				r0DzRyj4ixPIt38CQB8=\
+				""";
+	}
 
 	@Provides
 	@Singleton
@@ -56,21 +76,41 @@ public abstract class CommonsModule {
 
 	@Provides
 	@Singleton
-	static ScheduledExecutorService provideScheduledExecutorService(@Named("shutdownTaskScheduler") Consumer<Runnable> shutdownTaskScheduler) {
+	static ScheduledExecutorService provideScheduledExecutorService(ShutdownHook shutdownHook) {
 		final AtomicInteger threadNumber = new AtomicInteger(1);
 		ScheduledExecutorService executorService = Executors.newScheduledThreadPool(NUM_SCHEDULER_THREADS, r -> {
+			String name = String.format("App Scheduled Executor %02d", threadNumber.getAndIncrement());
 			Thread t = new Thread(r);
-			t.setName("Background Thread " + threadNumber.getAndIncrement());
+			t.setName(name);
+			t.setUncaughtExceptionHandler(CommonsModule::handleUncaughtExceptionInBackgroundThread);
 			t.setDaemon(true);
+			LOG.debug("Starting {}", t.getName());
 			return t;
 		});
-		shutdownTaskScheduler.accept(executorService::shutdown);
+		shutdownHook.runOnShutdown(executorService::shutdown);
 		return executorService;
 	}
 
-	@Binds
+	@Provides
 	@Singleton
-	abstract ExecutorService bindExecutorService(ScheduledExecutorService executor);
+	static ExecutorService provideExecutorService(ShutdownHook shutdownHook) {
+		final AtomicInteger threadNumber = new AtomicInteger(1);
+		ExecutorService executorService = new ThreadPoolExecutor(NUM_CORE_BG_THREADS, Integer.MAX_VALUE, BG_THREAD_KEEPALIVE_SECONDS, TimeUnit.SECONDS, new SynchronousQueue<>(), r -> {
+			String name = String.format("App Background Thread %03d", threadNumber.getAndIncrement());
+			Thread t = new Thread(r);
+			t.setName(name);
+			t.setUncaughtExceptionHandler(CommonsModule::handleUncaughtExceptionInBackgroundThread);
+			t.setDaemon(true);
+			LOG.debug("Starting {}", t.getName());
+			return t;
+		});
+		shutdownHook.runOnShutdown(executorService::shutdown);
+		return executorService;
+	}
+
+	private static void handleUncaughtExceptionInBackgroundThread(Thread thread, Throwable throwable) {
+		LOG.error("Uncaught exception in " + thread.getName(), throwable);
+	}
 
 	@Provides
 	@Singleton

main/commons/src/main/java/org/cryptomator/common/Constants.java

@@ -0,0 +1,7 @@
+package org.cryptomator.common;
+
+public interface Constants {
+
+	String MASTERKEY_FILENAME = "masterkey.cryptomator";
+
+}

main/commons/src/main/java/org/cryptomator/common/Environment.java

@@ -21,13 +21,13 @@ import java.util.stream.StreamSupport;
 public class Environment {
 
 	private static final Logger LOG = LoggerFactory.getLogger(Environment.class);
-	private static final String USER_HOME = System.getProperty("user.home");
 	private static final Path RELATIVE_HOME_DIR = Paths.get("~");
-	private static final Path ABSOLUTE_HOME_DIR = Paths.get(USER_HOME);
 	private static final char PATH_LIST_SEP = ':';
+	private static final int DEFAULT_MIN_PW_LENGTH = 8;
 
 	@Inject
 	public Environment() {
+		LOG.debug("user.home: {}", System.getProperty("user.home"));
 		LOG.debug("java.library.path: {}", System.getProperty("java.library.path"));
 		LOG.debug("user.language: {}", System.getProperty("user.language"));
 		LOG.debug("user.region: {}", System.getProperty("user.region"));
@@ -37,6 +37,10 @@ public class Environment {
 		LOG.debug("cryptomator.keychainPath: {}", System.getProperty("cryptomator.keychainPath"));
 		LOG.debug("cryptomator.logDir: {}", System.getProperty("cryptomator.logDir"));
 		LOG.debug("cryptomator.mountPointsDir: {}", System.getProperty("cryptomator.mountPointsDir"));
+		LOG.debug("cryptomator.minPwLength: {}", System.getProperty("cryptomator.minPwLength"));
+		LOG.debug("cryptomator.buildNumber: {}", System.getProperty("cryptomator.buildNumber"));
+		LOG.debug("cryptomator.showTrayIcon: {}", System.getProperty("cryptomator.showTrayIcon"));
+		LOG.debug("fuse.experimental: {}", Boolean.getBoolean("fuse.experimental"));
 	}
 
 	public boolean useCustomLogbackConfig() {
@@ -63,11 +67,42 @@ public class Environment {
 		return getPath("cryptomator.mountPointsDir").map(this::replaceHomeDir);
 	}
 
+	public Optional<String> getBuildNumber() {
+		return Optional.ofNullable(System.getProperty("cryptomator.buildNumber"));
+	}
+
+	public int getMinPwLength() {
+		return getInt("cryptomator.minPwLength", DEFAULT_MIN_PW_LENGTH);
+	}
+
+	public boolean showTrayIcon() {
+		return Boolean.getBoolean("cryptomator.showTrayIcon");
+	}
+
+	@Deprecated // TODO: remove as soon as custom mount path works properly on Win+Fuse
+	public boolean useExperimentalFuse() {
+		return Boolean.getBoolean("fuse.experimental");
+	}
+
+	private int getInt(String propertyName, int defaultValue) {
+		String value = System.getProperty(propertyName);
+		try {
+			return Integer.parseInt(value);
+		} catch (NumberFormatException e) { // includes "null" values
+			return defaultValue;
+		}
+	}
+
 	private Optional<Path> getPath(String propertyName) {
 		String value = System.getProperty(propertyName);
 		return Optional.ofNullable(value).map(Paths::get);
 	}
 
+	// visible for testing
+	Path getHomeDir() {
+		return getPath("user.home").orElseThrow();
+	}
+
 	// visible for testing
 	Stream<Path> getPaths(String propertyName) {
 		Stream<String> rawSettingsPaths = getRawList(propertyName, PATH_LIST_SEP);
@@ -76,7 +111,7 @@ public class Environment {
 
 	private Path replaceHomeDir(Path path) {
 		if (path.startsWith(RELATIVE_HOME_DIR)) {
-			return ABSOLUTE_HOME_DIR.resolve(RELATIVE_HOME_DIR.relativize(path));
+			return getHomeDir().resolve(RELATIVE_HOME_DIR.relativize(path));
 		} else {
 			return path;
 		}
@@ -92,5 +127,4 @@ public class Environment {
 			return StreamSupport.stream(spliter, false);
 		}
 	}
-
 }

main/commons/src/main/java/org/cryptomator/common/JniModule.java

@@ -1,32 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2019 Skymatic GmbH.
- * All rights reserved. This program and the accompanying materials
- * are made available under the terms of the accompanying LICENSE file.
- *******************************************************************************/
-package org.cryptomator.common;
-
-import dagger.Module;
-import dagger.Provides;
-import org.cryptomator.jni.JniFunctions;
-import org.cryptomator.jni.MacFunctions;
-import org.cryptomator.jni.WinFunctions;
-
-import javax.inject.Singleton;
-import java.util.Optional;
-
-@Module
-public class JniModule {
-
-	@Provides
-	@Singleton
-	Optional<MacFunctions> provideOptionalMacFunctions() {
-		return JniFunctions.macFunctions();
-	}
-
-	@Provides
-	@Singleton
-	Optional<WinFunctions> provideOptionalWinFunctions() {
-		return JniFunctions.winFunctions();
-	}
-
-}

main/commons/src/main/java/org/cryptomator/common/LazyInitializer.java

@@ -1,79 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2017 Skymatic UG (haftungsbeschränkt).
- * All rights reserved. This program and the accompanying materials
- * are made available under the terms of the accompanying LICENSE file.
- *******************************************************************************/
-package org.cryptomator.common;
-
-import java.util.concurrent.atomic.AtomicReference;
-import java.util.function.Supplier;
-import java.util.function.UnaryOperator;
-
-import com.google.common.base.Throwables;
-
-public final class LazyInitializer {
-
-	private LazyInitializer() {
-	}
-
-	/**
-	 * Same as {@link #initializeLazily(AtomicReference, SupplierThrowingException, Class)} except that no checked exception may be thrown by the factory function.
-	 * 
-	 * @param <T> Type of the value
-	 * @param reference A reference to a maybe not yet initialized value.
-	 * @param factory A factory providing a value for the reference, if it doesn't exist yet. The factory may be invoked multiple times, but only one result will survive.
-	 * @return The initialized value
-	 */
-	public static <T> T initializeLazily(AtomicReference<T> reference, Supplier<T> factory) {
-		SupplierThrowingException<T, RuntimeException> factoryThrowingRuntimeExceptions = () -> factory.get();
-		return initializeLazily(reference, factoryThrowingRuntimeExceptions, RuntimeException.class);
-	}
-
-	/**
-	 * Threadsafe lazy initialization pattern as proposed on http://stackoverflow.com/a/30247202/4014509
-	 * 
-	 * @param <T> Type of the value
-	 * @param <E> Type of the any expected exception that may occur during initialization
-	 * @param reference A reference to a maybe not yet initialized value.
-	 * @param factory A factory providing a value for the reference, if it doesn't exist yet. The factory may be invoked multiple times, but only one result will survive.
-	 * @param exceptionType Expected exception type.
-	 * @return The initialized value
-	 * @throws E Exception thrown by the factory function.
-	 */
-	public static <T, E extends Exception> T initializeLazily(AtomicReference<T> reference, SupplierThrowingException<T, E> factory, Class<E> exceptionType) throws E {
-		final T existing = reference.get();
-		if (existing != null) {
-			return existing;
-		} else {
-			try {
-				return reference.updateAndGet(invokeFactoryIfNull(factory));
-			} catch (InitializationException e) {
-				Throwables.throwIfUnchecked(e.getCause());
-				Throwables.throwIfInstanceOf(e.getCause(), exceptionType);
-				throw e;
-			}
-		}
-	}
-
-	private static <T, E extends Exception> UnaryOperator<T> invokeFactoryIfNull(SupplierThrowingException<T, E> factory) throws InitializationException {
-		return currentValue -> {
-			if (currentValue == null) {
-				try {
-					return factory.get();
-				} catch (Exception e) {
-					throw new InitializationException(e);
-				}
-			} else {
-				return currentValue;
-			}
-		};
-	}
-
-	private static class InitializationException extends RuntimeException {
-
-		public InitializationException(Throwable cause) {
-			super(cause);
-		}
-
-	}
-}

main/commons/src/main/java/org/cryptomator/common/LicenseChecker.java

@@ -0,0 +1,56 @@
+package org.cryptomator.common;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.JWTVerificationException;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import com.auth0.jwt.interfaces.JWTVerifier;
+import com.google.common.io.BaseEncoding;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.inject.Singleton;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Optional;
+
+@Singleton
+class LicenseChecker {
+
+	private final JWTVerifier verifier;
+
+	@Inject
+	public LicenseChecker(@Named("licensePublicKey") String pemEncodedPublicKey) {
+		Algorithm algorithm = Algorithm.ECDSA512(decodePublicKey(pemEncodedPublicKey), null);
+		this.verifier = JWT.require(algorithm).build();
+	}
+
+	private static ECPublicKey decodePublicKey(String pemEncodedPublicKey) {
+		try {
+			byte[] keyBytes = BaseEncoding.base64().decode(pemEncodedPublicKey);
+			PublicKey key = KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(keyBytes));
+			if (key instanceof ECPublicKey k) {
+				return k;
+			} else {
+				throw new IllegalStateException("Key not an EC public key.");
+			}
+		} catch (InvalidKeySpecException e) {
+			throw new IllegalArgumentException("Invalid license public key", e);
+		} catch (NoSuchAlgorithmException e) {
+			throw new IllegalStateException(e);
+		}
+	}
+
+	public Optional<DecodedJWT> check(String licenseKey) {
+		try {
+			return Optional.of(verifier.verify(licenseKey));
+		} catch (JWTVerificationException exception) {
+			return Optional.empty();
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/LicenseHolder.java

@@ -0,0 +1,79 @@
+package org.cryptomator.common;
+
+import com.auth0.jwt.interfaces.DecodedJWT;
+import org.cryptomator.common.settings.Settings;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.BooleanBinding;
+import javafx.beans.binding.StringBinding;
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.SimpleObjectProperty;
+import java.util.Optional;
+
+@Singleton
+public class LicenseHolder {
+
+	private final Settings settings;
+	private final LicenseChecker licenseChecker;
+	private final ObjectProperty<DecodedJWT> validJwtClaims;
+	private final StringBinding licenseSubject;
+	private final BooleanBinding validLicenseProperty;
+
+	@Inject
+	public LicenseHolder(LicenseChecker licenseChecker, Settings settings) {
+		this.settings = settings;
+		this.licenseChecker = licenseChecker;
+		this.validJwtClaims = new SimpleObjectProperty<>();
+		this.licenseSubject = Bindings.createStringBinding(this::getLicenseSubject, validJwtClaims);
+		this.validLicenseProperty = validJwtClaims.isNotNull();
+
+		Optional<DecodedJWT> claims = licenseChecker.check(settings.licenseKey().get());
+		validJwtClaims.set(claims.orElse(null));
+	}
+
+	public boolean validateAndStoreLicense(String licenseKey) {
+		Optional<DecodedJWT> claims = licenseChecker.check(licenseKey);
+		validJwtClaims.set(claims.orElse(null));
+		if (claims.isPresent()) {
+			settings.licenseKey().set(licenseKey);
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+	/* Observable Properties */
+
+	public Optional<String> getLicenseKey() {
+		DecodedJWT claims = validJwtClaims.get();
+		if (claims != null) {
+			return Optional.of(claims.getToken());
+		} else {
+			return Optional.empty();
+		}
+	}
+
+	public StringBinding licenseSubjectProperty() {
+		return licenseSubject;
+	}
+
+	public String getLicenseSubject() {
+		DecodedJWT claims = validJwtClaims.get();
+		if (claims != null) {
+			return claims.getSubject();
+		} else {
+			return null;
+		}
+	}
+
+	public BooleanBinding validLicenseProperty() {
+		return validLicenseProperty;
+	}
+
+	public boolean isValidLicense() {
+		return validLicenseProperty.get();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/Optionals.java

@@ -1,28 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2017 Skymatic UG (haftungsbeschränkt).
- * All rights reserved. This program and the accompanying materials
- * are made available under the terms of the accompanying LICENSE file.
- *******************************************************************************/
-package org.cryptomator.common;
-
-import java.util.Optional;
-import java.util.function.Function;
-
-public final class Optionals {
-
-	private Optionals() {
-	}
-
-	/**
-	 * Returns a function that is equivalent to the input function but immediately gets the value of the returned optional when invoked.
-	 * 
-	 * @param <T> the type of the input to the function
-	 * @param <R> the type of the result of the function
-	 * @param function An {@code Optional}-bearing input function {@code Function<Foo, Optional<Bar>>}
-	 * @return A {@code Function<Foo, Bar>}, that may throw a NoSuchElementException, if the original function returns an empty optional.
-	 */
-	public static <T, R> Function<T, R> unwrap(Function<T, Optional<R>> function) {
-		return t -> function.apply(t).get();
-	}
-
-}

main/commons/src/main/java/org/cryptomator/common/SemVerComparator.java

@@ -8,10 +8,10 @@
  *******************************************************************************/
 package org.cryptomator.common;
 
-import java.util.Comparator;
-
 import org.apache.commons.lang3.StringUtils;
 
+import java.util.Comparator;
+
 /**
  * Compares version strings according to <a href="http://semver.org/spec/v2.0.0.html">SemVer 2.0.0</a>.
  */

main/commons/src/main/java/org/cryptomator/common/ShutdownHook.java

@@ -0,0 +1,96 @@
+/*******************************************************************************
+ * Copyright (c) 2017 Skymatic UG (haftungsbeschränkt).
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the accompanying LICENSE file.
+ *******************************************************************************/
+package org.cryptomator.common;
+
+import com.google.common.util.concurrent.Runnables;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import java.util.Queue;
+import java.util.concurrent.PriorityBlockingQueue;
+
+@Singleton
+public class ShutdownHook extends Thread {
+
+	private static final int PRIO_VERY_LAST = Integer.MIN_VALUE;
+	public static final int PRIO_LAST = PRIO_VERY_LAST + 1;
+	public static final int PRIO_DEFAULT = 0;
+	public static final int PRIO_FIRST = Integer.MAX_VALUE;
+	private static final Logger LOG = LoggerFactory.getLogger(ShutdownHook.class);
+	private static final OrderedTask POISON = new OrderedTask(PRIO_VERY_LAST, Runnables.doNothing());
+	private final Queue<OrderedTask> tasks = new PriorityBlockingQueue<>();
+
+	@Inject
+	ShutdownHook() {
+		super(null, null, "ShutdownTasks", 0);
+		Runtime.getRuntime().addShutdownHook(this);
+		LOG.debug("Registered shutdown hook.");
+	}
+
+	@Override
+	public void run() {
+		LOG.debug("Running graceful shutdown tasks...");
+		tasks.add(POISON);
+		Runnable task;
+		while ((task = tasks.remove()) != POISON) {
+			try {
+				task.run();
+			} catch (RuntimeException e) {
+				LOG.error("Exception while shutting down.", e);
+			}
+		}
+	}
+
+	/**
+	 * Schedules a task to be run during shutdown with default order
+	 *
+	 * @param task The task to be scheduled
+	 */
+	public void runOnShutdown(Runnable task) {
+		runOnShutdown(PRIO_DEFAULT, task);
+	}
+
+	/**
+	 * Schedules a task to be run with the given priority
+	 *
+	 * @param priority Tasks with high priority will be run before task with lower priority
+	 * @param task The task to be scheduled
+	 */
+	public void runOnShutdown(int priority, Runnable task) {
+		tasks.add(new OrderedTask(priority, task));
+	}
+
+	private static class OrderedTask implements Comparable<OrderedTask>, Runnable {
+
+		private final int priority;
+		private final Runnable task;
+
+		public OrderedTask(int priority, Runnable task) {
+			this.priority = priority;
+			this.task = task;
+		}
+
+		@Override
+		public int compareTo(OrderedTask other) {
+			// overflow-safe signum impl:
+			if (this.priority > other.priority) {
+				return -1; // higher prio -> this before other
+			} else if (this.priority < other.priority) {
+				return +1; // lower prio -> other before this
+			} else {
+				return 0; // same prio
+			}
+		}
+
+		@Override
+		public void run() {
+			task.run();
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/keychain/KeychainManager.java

@@ -0,0 +1,131 @@
+package org.cryptomator.common.keychain;
+
+import com.google.common.cache.CacheBuilder;
+import com.google.common.cache.CacheLoader;
+import com.google.common.cache.LoadingCache;
+import org.cryptomator.integrations.keychain.KeychainAccessException;
+import org.cryptomator.integrations.keychain.KeychainAccessProvider;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import javafx.application.Platform;
+import javafx.beans.binding.ObjectExpression;
+import javafx.beans.property.BooleanProperty;
+import javafx.beans.property.ReadOnlyBooleanProperty;
+import javafx.beans.property.SimpleBooleanProperty;
+import java.util.Arrays;
+
+@Singleton
+public class KeychainManager implements KeychainAccessProvider {
+
+	private final ObjectExpression<KeychainAccessProvider> keychain;
+	private final LoadingCache<String, BooleanProperty> passphraseStoredProperties;
+
+	@Inject
+	KeychainManager(ObjectExpression<KeychainAccessProvider> selectedKeychain) {
+		this.keychain = selectedKeychain;
+		this.passphraseStoredProperties = CacheBuilder.newBuilder() //
+				.weakValues() //
+				.build(CacheLoader.from(this::createStoredPassphraseProperty));
+		keychain.addListener(ignored -> passphraseStoredProperties.invalidateAll());
+	}
+
+	private KeychainAccessProvider getKeychainOrFail() throws KeychainAccessException {
+		var result = keychain.getValue();
+		if (result == null) {
+			throw new NoKeychainAccessProviderException();
+		}
+		return result;
+	}
+
+	@Override
+	public void storePassphrase(String key, CharSequence passphrase) throws KeychainAccessException {
+		getKeychainOrFail().storePassphrase(key, passphrase);
+		setPassphraseStored(key, true);
+	}
+
+	@Override
+	public char[] loadPassphrase(String key) throws KeychainAccessException {
+		char[] passphrase = getKeychainOrFail().loadPassphrase(key);
+		setPassphraseStored(key, passphrase != null);
+		return passphrase;
+	}
+
+	@Override
+	public void deletePassphrase(String key) throws KeychainAccessException {
+		getKeychainOrFail().deletePassphrase(key);
+		setPassphraseStored(key, false);
+	}
+
+	@Override
+	public void changePassphrase(String key, CharSequence passphrase) throws KeychainAccessException {
+		getKeychainOrFail().changePassphrase(key, passphrase);
+		setPassphraseStored(key, true);
+	}
+
+	@Override
+	public boolean isSupported() {
+		return keychain.getValue() != null;
+	}
+
+	@Override
+	public boolean isLocked() {
+		return keychain.getValue() == null || keychain.get().isLocked();
+	}
+
+	/**
+	 * Checks if the keychain knows a passphrase for the given key.
+	 * <p>
+	 * Expensive operation. If possible, use {@link #getPassphraseStoredProperty(String)} instead.
+	 *
+	 * @param key The key to look up
+	 * @return <code>true</code> if a password for <code>key</code> is stored.
+	 * @throws KeychainAccessException
+	 */
+	public boolean isPassphraseStored(String key) throws KeychainAccessException {
+		char[] storedPw = null;
+		try {
+			storedPw = getKeychainOrFail().loadPassphrase(key);
+			return storedPw != null;
+		} finally {
+			if (storedPw != null) {
+				Arrays.fill(storedPw, ' ');
+			}
+		}
+	}
+
+	private void setPassphraseStored(String key, boolean value) {
+		BooleanProperty property = passphraseStoredProperties.getIfPresent(key);
+		if (property != null) {
+			if (Platform.isFxApplicationThread()) {
+				property.set(value);
+			} else {
+				Platform.runLater(() -> property.set(value));
+			}
+		}
+	}
+
+	/**
+	 * Returns an observable property for use in the UI that tells whether a passphrase is stored for the given key.
+	 * <p>
+	 * Assuming that this process is the only process modifying Cryptomator-related items in the system keychain, this
+	 * property stays in memory in an attempt to avoid unnecessary calls to the system keychain. Note that due to this
+	 * fact the value stored in the returned property is not 100% reliable. Code defensively!
+	 *
+	 * @param key The key to look up
+	 * @return An observable property which is <code>true</code> when it almost certain that a password for <code>key</code> is stored.
+	 * @see #isPassphraseStored(String)
+	 */
+	public ReadOnlyBooleanProperty getPassphraseStoredProperty(String key) {
+		return passphraseStoredProperties.getUnchecked(key);
+	}
+
+	private BooleanProperty createStoredPassphraseProperty(String key) {
+		try {
+			return new SimpleBooleanProperty(isPassphraseStored(key));
+		} catch (KeychainAccessException e) {
+			return new SimpleBooleanProperty(false);
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/keychain/KeychainModule.java

@@ -0,0 +1,44 @@
+package org.cryptomator.common.keychain;
+
+import dagger.Module;
+import dagger.Provides;
+import org.cryptomator.common.settings.Settings;
+import org.cryptomator.integrations.keychain.KeychainAccessProvider;
+
+import javax.inject.Singleton;
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.ObjectExpression;
+import java.util.ServiceLoader;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+@Module
+public class KeychainModule {
+
+	@Provides
+	@Singleton
+	static Set<ServiceLoader.Provider<KeychainAccessProvider>> provideAvailableKeychainAccessProviderFactories() {
+		return ServiceLoader.load(KeychainAccessProvider.class).stream().collect(Collectors.toUnmodifiableSet());
+	}
+
+	@Provides
+	@Singleton
+	static Set<KeychainAccessProvider> provideSupportedKeychainAccessProviders(Set<ServiceLoader.Provider<KeychainAccessProvider>> availableFactories) {
+		return availableFactories.stream() //
+				.map(ServiceLoader.Provider::get) //
+				.filter(KeychainAccessProvider::isSupported) //
+				.collect(Collectors.toUnmodifiableSet());
+	}
+
+	@Provides
+	@Singleton
+	static ObjectExpression<KeychainAccessProvider> provideKeychainAccessProvider(Settings settings, Set<KeychainAccessProvider> providers) {
+		return Bindings.createObjectBinding(() -> {
+			var selectedProviderClass = settings.keychainBackend().get().getProviderClass();
+			var selectedProvider = providers.stream().filter(provider -> provider.getClass().getName().equals(selectedProviderClass)).findAny();
+			var fallbackProvider = providers.stream().findAny().orElse(null);
+			return selectedProvider.orElse(fallbackProvider);
+		}, settings.keychainBackend());
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/keychain/NoKeychainAccessProviderException.java

@@ -0,0 +1,13 @@
+package org.cryptomator.common.keychain;
+
+import org.cryptomator.integrations.keychain.KeychainAccessException;
+
+/**
+ * Thrown by {@link KeychainManager} if attempted to access a keychain despite no supported keychain access provider being available.
+ */
+public class NoKeychainAccessProviderException extends KeychainAccessException {
+
+	public NoKeychainAccessProviderException() {
+		super("Did not find any supported keychain access provider.");
+	}
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/AvailableDriveLetterChooser.java

@@ -0,0 +1,29 @@
+package org.cryptomator.common.mountpoint;
+
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.vaults.Volume;
+import org.cryptomator.common.vaults.WindowsDriveLetters;
+
+import javax.inject.Inject;
+import java.nio.file.Path;
+import java.util.Optional;
+
+class AvailableDriveLetterChooser implements MountPointChooser {
+
+	private final WindowsDriveLetters windowsDriveLetters;
+
+	@Inject
+	public AvailableDriveLetterChooser(WindowsDriveLetters windowsDriveLetters) {
+		this.windowsDriveLetters = windowsDriveLetters;
+	}
+
+	@Override
+	public boolean isApplicable(Volume caller) {
+		return SystemUtils.IS_OS_WINDOWS;
+	}
+
+	@Override
+	public Optional<Path> chooseMountPoint(Volume caller) {
+		return this.windowsDriveLetters.getAvailableDriveLetterPath();
+	}
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/CustomDriveLetterChooser.java

@@ -0,0 +1,30 @@
+package org.cryptomator.common.mountpoint;
+
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.vaults.Volume;
+
+import javax.inject.Inject;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.Optional;
+
+class CustomDriveLetterChooser implements MountPointChooser {
+
+	private final VaultSettings vaultSettings;
+
+	@Inject
+	public CustomDriveLetterChooser(VaultSettings vaultSettings) {
+		this.vaultSettings = vaultSettings;
+	}
+
+	@Override
+	public boolean isApplicable(Volume caller) {
+		return SystemUtils.IS_OS_WINDOWS;
+	}
+
+	@Override
+	public Optional<Path> chooseMountPoint(Volume caller) {
+		return this.vaultSettings.getWinDriveLetter().map(letter -> letter.charAt(0) + ":\\").map(Paths::get);
+	}
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/CustomMountPointChooser.java

@@ -0,0 +1,95 @@
+package org.cryptomator.common.mountpoint;
+
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.Environment;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.settings.VolumeImpl;
+import org.cryptomator.common.vaults.Volume;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.nio.file.DirectoryNotEmptyException;
+import java.nio.file.DirectoryStream;
+import java.nio.file.FileAlreadyExistsException;
+import java.nio.file.Files;
+import java.nio.file.LinkOption;
+import java.nio.file.NotDirectoryException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.Optional;
+
+class CustomMountPointChooser implements MountPointChooser {
+
+	private static final Logger LOG = LoggerFactory.getLogger(CustomMountPointChooser.class);
+
+	private final VaultSettings vaultSettings;
+	private final Environment environment;
+
+	@Inject
+	public CustomMountPointChooser(VaultSettings vaultSettings, Environment environment) {
+		this.vaultSettings = vaultSettings;
+		this.environment = environment;
+	}
+
+	@Override
+	public boolean isApplicable(Volume caller) {
+		//Disable if useExperimentalFuse is required (Win + Fuse), but set to false
+		return caller.getImplementationType() != VolumeImpl.FUSE || !SystemUtils.IS_OS_WINDOWS || environment.useExperimentalFuse();
+	}
+
+	@Override
+	public Optional<Path> chooseMountPoint(Volume caller) {
+		//VaultSettings#getCustomMountPath already checks whether the saved custom mountpoint should be used
+		return this.vaultSettings.getCustomMountPath().map(Paths::get);
+	}
+
+	@Override
+	public boolean prepare(Volume caller, Path mountPoint) throws InvalidMountPointException {
+		switch (caller.getMountPointRequirement()) {
+			case PARENT_NO_MOUNT_POINT -> prepareParentNoMountPoint(mountPoint);
+			case EMPTY_MOUNT_POINT -> prepareEmptyMountPoint(mountPoint);
+			case NONE -> {
+				//Requirement "NONE" doesn't make any sense here.
+				//No need to prepare/verify a Mountpoint without requiring one...
+				throw new InvalidMountPointException(new IllegalStateException("Illegal MountPointRequirement"));
+			}
+			default -> {
+				//Currently the case for "PARENT_OPT_MOUNT_POINT"
+				throw new InvalidMountPointException(new IllegalStateException("Not implemented"));
+			}
+		}
+		LOG.debug("Successfully checked custom mount point: {}", mountPoint);
+		return false;
+	}
+
+	private void prepareParentNoMountPoint(Path mountPoint) throws InvalidMountPointException {
+		//This the case on Windows when using FUSE
+		//See https://github.com/billziss-gh/winfsp/issues/320
+		Path parent = mountPoint.getParent();
+		if (!Files.isDirectory(parent)) {
+			throw new InvalidMountPointException(new NotDirectoryException(parent.toString()));
+		}
+		//We must use #notExists() here because notExists =/= !exists (see docs)
+		if (!Files.notExists(mountPoint, LinkOption.NOFOLLOW_LINKS)) {
+			//File exists OR can't be determined
+			throw new InvalidMountPointException(new FileAlreadyExistsException(mountPoint.toString()));
+		}
+	}
+
+	private void prepareEmptyMountPoint(Path mountPoint) throws InvalidMountPointException {
+		//This is the case for Windows when using Dokany and for Linux and Mac
+		if (!Files.isDirectory(mountPoint)) {
+			throw new InvalidMountPointException(new NotDirectoryException(mountPoint.toString()));
+		}
+		try (DirectoryStream<Path> ds = Files.newDirectoryStream(mountPoint)) {
+			if (ds.iterator().hasNext()) {
+				throw new InvalidMountPointException(new DirectoryNotEmptyException(mountPoint.toString()));
+			}
+		} catch (IOException exception) {
+			throw new InvalidMountPointException("IOException while checking folder content", exception);
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/InvalidMountPointException.java

@@ -0,0 +1,16 @@
+package org.cryptomator.common.mountpoint;
+
+public class InvalidMountPointException extends Exception {
+
+	public InvalidMountPointException(String message) {
+		super(message);
+	}
+
+	public InvalidMountPointException(Throwable cause) {
+		super(cause);
+	}
+
+	public InvalidMountPointException(String message, Throwable cause) {
+		super(message, cause);
+	}
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/MacVolumeMountChooser.java

@@ -0,0 +1,42 @@
+package org.cryptomator.common.mountpoint;
+
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.vaults.Volume;
+
+import javax.inject.Inject;
+import java.nio.file.Path;
+import java.util.Optional;
+
+class MacVolumeMountChooser implements MountPointChooser {
+
+	private static final Path VOLUME_PATH = Path.of("/Volumes");
+
+	private final VaultSettings vaultSettings;
+	private final MountPointHelper helper;
+
+	@Inject
+	public MacVolumeMountChooser(VaultSettings vaultSettings, MountPointHelper helper) {
+		this.vaultSettings = vaultSettings;
+		this.helper = helper;
+	}
+
+	@Override
+	public boolean isApplicable(Volume caller) {
+		return SystemUtils.IS_OS_MAC;
+	}
+
+	@Override
+	public Optional<Path> chooseMountPoint(Volume caller) {
+		return Optional.of(helper.chooseTemporaryMountPoint(vaultSettings, VOLUME_PATH));
+	}
+
+	@Override
+	public boolean prepare(Volume caller, Path mountPoint) {
+		// https://github.com/osxfuse/osxfuse/issues/306#issuecomment-245114592:
+		// In order to allow non-admin users to mount FUSE volumes in `/Volumes`,
+		// starting with version 3.5.0, FUSE will create non-existent mount points automatically.
+		// Therefore we don't need to prepare anything.
+		return false;
+	}
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/MountPointChooser.java

@@ -0,0 +1,138 @@
+package org.cryptomator.common.mountpoint;
+
+import com.google.common.base.Preconditions;
+import org.cryptomator.common.vaults.Volume;
+
+import java.nio.file.Path;
+import java.util.Optional;
+import java.util.SortedSet;
+
+/**
+ * Base interface for the Mountpoint-Choosing-Operation that results in the choice and
+ * preparation of a mountpoint or an exception otherwise.<br>
+ * <p>All <i>MountPointChoosers (MPCs)</i> need to implement this class and must be added to
+ * the pool of possible MPCs by the {@link MountPointChooserModule MountPointChooserModule.}
+ * The MountPointChooserModule will sort them according to their {@link #getPriority() priority.}
+ * The priority must be defined by the developer to reflect a useful execution order.<br>
+ * A specific priority <b>must not</b> be assigned to more than one MPC at a time;
+ * the result of having two MPCs with equal priority is undefined.
+ *
+ * <p>MPCs are executed by a {@link Volume} in ascending order of their priority
+ * (smaller priorities are tried first) to find and prepare a suitable mountpoint for the volume.
+ * The volume has access to a {@link SortedSet} of MPCs in this specific order,
+ * that is provided by the Module. The Set contains all available Choosers, even if they
+ * are not {@link #isApplicable(Volume) applicable} for the Vault/Volume. The Volume must
+ * check whether a MPC is applicable by invoking {@code #isApplicable(Volume)} on it
+ * <i>before</i> calling {@code #chooseMountPoint(Volume)}.
+ *
+ * <p>At execution of a MPC {@link #chooseMountPoint(Volume)} is called to choose a mountpoint
+ * according to the MPC's <i>strategy.</i> The <i>strategy</i> can involve reading configs,
+ * searching the filesystem, processing user-input or similar operations.
+ * If {@code #chooseMountPoint(Volume)} returns a non-null path (everything but
+ * {@linkplain Optional#empty()}) the MPC's {@link #prepare(Volume, Path)} method is called and the
+ * MountPoint is verified and/or prepared. In this case <i>no other MPC's will be called for
+ * this volume, even if {@code #prepare(Volume, Path)} fails.</i>
+ *
+ * <p>If {@code #chooseMountPoint(Volume)} yields no result, the next MPC is executed
+ * <i>without</i> first calling the {@code #prepare(Volume, Path)} method of the current MPC.
+ * This is repeated until<br>
+ * <ul>
+ *     <li><b>either</b> a mountpoint is returned by {@code #chooseMountPoint(Volume)}
+ *     and {@code #prepare(Volume, Path)} succeeds or fails, ending the entire operation</li>
+ *     <li><b>or</b> no MPC remains and an {@link InvalidMountPointException} is thrown.</li>
+ * </ul>
+ * If the {@code #prepare(Volume, Path)} method of a MPC fails, the entire
+ * Mountpoint-Choosing-Operation is aborted and the method should do all necessary cleanup
+ * before throwing the exception.
+ * If the preparation succeeds {@link #cleanup(Volume, Path)} can be used after unmount to do any
+ * remaining cleanup.
+ */
+public interface MountPointChooser {
+
+	/**
+	 * Called by the {@link Volume} to determine whether this MountPointChooser is
+	 * applicable for mounting the Vault/Volume, especially with regard to the
+	 * current system configuration and particularities of the Volume type.
+	 *
+	 * <p>Developers should override this method to check for system configurations
+	 * that are unsuitable for this MPC.
+	 *
+	 * @param caller The Volume that is calling the method to determine applicability of the MPC
+	 * @return a boolean flag; true if applicable, else false.
+	 * @see #chooseMountPoint(Volume)
+	 */
+	boolean isApplicable(Volume caller);
+
+	/**
+	 * Called by a {@link Volume} to choose a mountpoint according to the
+	 * MountPointChoosers strategy.
+	 *
+	 * <p>This method must only be called for MPCs that were deemed
+	 * {@link #isApplicable(Volume) applicable} by the {@link Volume Volume.}
+	 * Developers should override this method to find or extract a mountpoint for
+	 * the volume <b>without</b> preparing it. Preparation should be done by
+	 * {@link #prepare(Volume, Path)} instead.
+	 * Exceptions in this method should be handled gracefully and result in returning
+	 * {@link Optional#empty()} instead of throwing an exception.
+	 *
+	 * @param caller The Volume that is calling the method to choose a mountpoint
+	 * @return the chosen path or {@link Optional#empty()} if an exception occurred
+	 * or no mountpoint could be found.
+	 * @see #isApplicable(Volume)
+	 * @see #prepare(Volume, Path)
+	 */
+	Optional<Path> chooseMountPoint(Volume caller);
+
+	/**
+	 * Called by a {@link Volume} to prepare and/or verify the chosen mountpoint.<br>
+	 * This method is only called if the {@link #chooseMountPoint(Volume)} method
+	 * of the same MountPointChooser returned a path.
+	 *
+	 * <p>Developers should override this method to prepare the mountpoint for
+	 * the volume and check for any obstacles that could hinder the mount operation.
+	 * The mountpoint is deemed "prepared" if it can be used to mount a volume
+	 * without any further filesystem actions or user interaction. If this is not possible,
+	 * this method should fail. In other words: This method should not return without
+	 * either failing or finalizing the preparation of the mountpoint.
+	 * Generally speaking exceptions should be wrapped as
+	 * {@link InvalidMountPointException} to allow efficient handling by the caller.
+	 *
+	 * <p>Often the preparation of a mountpoint involves creating files or others
+	 * actions that require cleaning up after the volume is unmounted.
+	 * In this case developers should override the {@link #cleanup(Volume, Path)}
+	 * method and return {@code true} to the volume to indicate that the
+	 * {@code #cleanup} method of this MPC should be called after unmount.
+	 *
+	 * <p><b>Please note:</b> If this method fails the entire
+	 * Mountpoint-Choosing-Operation is aborted without calling
+	 * {@link #cleanup(Volume, Path)} or any other MPCs. Therefore this method should
+	 * do all necessary cleanup before throwing the exception.
+	 *
+	 * @param caller The Volume that is calling the method to prepare a mountpoint
+	 * @param mountPoint the mountpoint chosen by {@link #chooseMountPoint(Volume)}
+	 * @return a boolean flag; true if cleanup is needed, false otherwise
+	 * @throws InvalidMountPointException if the preparation fails
+	 * @see #chooseMountPoint(Volume)
+	 * @see #cleanup(Volume, Path)
+	 */
+	default boolean prepare(Volume caller, Path mountPoint) throws InvalidMountPointException {
+		return false; //NO-OP
+	}
+
+	/**
+	 * Called by a {@link Volume} to do any cleanup needed after unmount.
+	 *
+	 * <p>This method is only called if the {@link #prepare(Volume, Path)} method
+	 * of the same MountPointChooser returned {@code true}. Typically developers want to
+	 * delete any files created prior to mount or do similar tasks.<br>
+	 * Exceptions in this method should be handled gracefully.
+	 *
+	 * @param caller The Volume that is calling the method to cleanup the prepared mountpoint
+	 * @param mountPoint the mountpoint that was prepared by {@link #prepare(Volume, Path)}
+	 * @see #prepare(Volume, Path)
+	 */
+	default void cleanup(Volume caller, Path mountPoint) {
+		//NO-OP
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/MountPointChooserModule.java

@@ -0,0 +1,62 @@
+package org.cryptomator.common.mountpoint;
+
+import com.google.common.collect.Iterables;
+import dagger.Binds;
+import dagger.Module;
+import dagger.Provides;
+import dagger.multibindings.IntKey;
+import dagger.multibindings.IntoMap;
+import org.cryptomator.common.vaults.PerVault;
+
+import javax.inject.Named;
+import java.util.Map;
+import java.util.SortedMap;
+import java.util.TreeMap;
+
+/**
+ * Dagger-Module for {@link MountPointChooser MountPointChoosers.}<br>
+ * See there for additional information.
+ *
+ * @see MountPointChooser
+ */
+@Module
+public abstract class MountPointChooserModule {
+
+	@Binds
+	@IntoMap
+	@IntKey(0)
+	@PerVault
+	public abstract MountPointChooser bindCustomMountPointChooser(CustomMountPointChooser chooser);
+
+	@Binds
+	@IntoMap
+	@IntKey(100)
+	@PerVault
+	public abstract MountPointChooser bindCustomDriveLetterChooser(CustomDriveLetterChooser chooser);
+
+	@Binds
+	@IntoMap
+	@IntKey(101)
+	@PerVault
+	public abstract MountPointChooser bindMacVolumeMountChooser(MacVolumeMountChooser chooser);
+
+	@Binds
+	@IntoMap
+	@IntKey(200)
+	@PerVault
+	public abstract MountPointChooser bindAvailableDriveLetterChooser(AvailableDriveLetterChooser chooser);
+
+	@Binds
+	@IntoMap
+	@IntKey(999)
+	@PerVault
+	public abstract MountPointChooser bindTemporaryMountPointChooser(TemporaryMountPointChooser chooser);
+
+	@Provides
+	@PerVault
+	@Named("orderedMountPointChoosers")
+	public static Iterable<MountPointChooser> provideOrderedMountPointChoosers(Map<Integer, MountPointChooser> choosers) {
+		SortedMap<Integer, MountPointChooser> sortedChoosers = new TreeMap<>(choosers);
+		return Iterables.unmodifiableIterable(sortedChoosers.values());
+	}
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/MountPointHelper.java

@@ -0,0 +1,120 @@
+package org.cryptomator.common.mountpoint;
+
+import org.cryptomator.common.Environment;
+import org.cryptomator.common.settings.VaultSettings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.DirectoryNotEmptyException;
+import java.nio.file.Files;
+import java.nio.file.LinkOption;
+import java.nio.file.Path;
+import java.nio.file.attribute.BasicFileAttributes;
+import java.util.Optional;
+
+@Singleton
+class MountPointHelper {
+
+	public static Logger LOG = LoggerFactory.getLogger(MountPointHelper.class);
+	private static final int MAX_TMPMOUNTPOINT_CREATION_RETRIES = 10;
+
+	private final Optional<Path> tmpMountPointDir;
+	private volatile boolean unmountDebrisCleared = false;
+
+	@Inject
+	public MountPointHelper(Environment env) {
+		this.tmpMountPointDir = env.getMountPointsDir();
+	}
+
+	public Path chooseTemporaryMountPoint(VaultSettings vaultSettings, Path parentDir) {
+		String basename = vaultSettings.mountName().get();
+		//regular
+		Path mountPoint = parentDir.resolve(basename);
+		if (Files.notExists(mountPoint)) {
+			return mountPoint;
+		}
+		//with id
+		mountPoint = parentDir.resolve(basename + " (" + vaultSettings.getId() + ")");
+		if (Files.notExists(mountPoint)) {
+			return mountPoint;
+		}
+		//with id and count
+		for (int i = 1; i < MAX_TMPMOUNTPOINT_CREATION_RETRIES; i++) {
+			mountPoint = parentDir.resolve(basename + "_(" + vaultSettings.getId() + ")_" + i);
+			if (Files.notExists(mountPoint)) {
+				return mountPoint;
+			}
+		}
+		LOG.error("Failed to find feasible mountpoint at {}{}{}_x. Giving up after {} attempts.", parentDir, File.separator, basename, MAX_TMPMOUNTPOINT_CREATION_RETRIES);
+		return null;
+	}
+
+	public synchronized void clearIrregularUnmountDebrisIfNeeded() {
+		if (unmountDebrisCleared || tmpMountPointDir.isEmpty()) {
+			return; // nothing to do
+		}
+		if (Files.exists(tmpMountPointDir.get(), LinkOption.NOFOLLOW_LINKS)) {
+			clearIrregularUnmountDebris(tmpMountPointDir.get());
+		}
+		unmountDebrisCleared = true;
+	}
+
+	private void clearIrregularUnmountDebris(Path dirContainingMountPoints) {
+		IOException cleanupFailed = new IOException("Cleanup failed");
+
+		try {
+			LOG.debug("Performing cleanup of mountpoint dir {}.", dirContainingMountPoints);
+			for (Path p : Files.newDirectoryStream(dirContainingMountPoints)) {
+				try {
+					var attr = Files.readAttributes(p, BasicFileAttributes.class, LinkOption.NOFOLLOW_LINKS);
+					if (attr.isOther() && attr.isDirectory()) { // yes, this is possible with windows junction points -.-
+						Files.delete(p);
+					} else if (attr.isDirectory()) {
+						deleteEmptyDir(p);
+					} else if (attr.isSymbolicLink()) {
+						deleteDeadLink(p);
+					} else {
+						LOG.debug("Found non-directory element in mountpoint dir: {}", p);
+					}
+				} catch (IOException e) {
+					cleanupFailed.addSuppressed(e);
+				}
+			}
+
+			if (cleanupFailed.getSuppressed().length > 0) {
+				throw cleanupFailed;
+			}
+		} catch (IOException e) {
+			LOG.warn("Unable to perform cleanup of mountpoint dir {}.", dirContainingMountPoints, e);
+		} finally {
+			unmountDebrisCleared = true;
+		}
+	}
+
+	private void deleteEmptyDir(Path dir) throws IOException {
+		assert Files.isDirectory(dir, LinkOption.NOFOLLOW_LINKS);
+		try {
+			ensureIsEmpty(dir);
+			Files.delete(dir); // attempt to delete dir non-recursively (will fail, if there are contents)
+		} catch (DirectoryNotEmptyException e) {
+			LOG.info("Found non-empty directory in mountpoint dir: {}", dir);
+		}
+	}
+
+	private void deleteDeadLink(Path symlink) throws IOException {
+		assert Files.isSymbolicLink(symlink);
+		if (Files.notExists(symlink)) { // following link: target does not exist
+			Files.delete(symlink);
+		}
+	}
+
+	private void ensureIsEmpty(Path dir) throws IOException {
+		if (Files.newDirectoryStream(dir).iterator().hasNext()) {
+			throw new DirectoryNotEmptyException(dir.toString());
+		}
+	}
+}

main/commons/src/main/java/org/cryptomator/common/mountpoint/TemporaryMountPointChooser.java

@@ -0,0 +1,87 @@
+package org.cryptomator.common.mountpoint;
+
+import org.cryptomator.common.Environment;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.vaults.Volume;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.util.Optional;
+
+class TemporaryMountPointChooser implements MountPointChooser {
+
+	private static final Logger LOG = LoggerFactory.getLogger(TemporaryMountPointChooser.class);
+
+	private final VaultSettings vaultSettings;
+	private final Environment environment;
+	private final MountPointHelper helper;
+
+	@Inject
+	public TemporaryMountPointChooser(VaultSettings vaultSettings, Environment environment, MountPointHelper helper) {
+		this.vaultSettings = vaultSettings;
+		this.environment = environment;
+		this.helper = helper;
+	}
+
+	@Override
+	public boolean isApplicable(Volume caller) {
+		if (this.environment.getMountPointsDir().isEmpty()) {
+			LOG.warn("\"cryptomator.mountPointsDir\" is not set to a valid path!");
+			return false;
+		}
+		return true;
+	}
+
+	@Override
+	public Optional<Path> chooseMountPoint(Volume caller) {
+		assert environment.getMountPointsDir().isPresent();
+		//clean leftovers of not-regularly unmounted vaults
+		//see https://github.com/cryptomator/cryptomator/issues/1013 and https://github.com/cryptomator/cryptomator/issues/1061
+		helper.clearIrregularUnmountDebrisIfNeeded();
+		return this.environment.getMountPointsDir().map(dir -> this.helper.chooseTemporaryMountPoint(this.vaultSettings, dir));
+	}
+
+	@Override
+	public boolean prepare(Volume caller, Path mountPoint) throws InvalidMountPointException {
+		try {
+			switch (caller.getMountPointRequirement()) {
+				case PARENT_NO_MOUNT_POINT -> {
+					Files.createDirectories(mountPoint.getParent());
+					LOG.debug("Successfully created folder for mount point: {}", mountPoint);
+					return false;
+				}
+				case EMPTY_MOUNT_POINT -> {
+					Files.createDirectories(mountPoint);
+					LOG.debug("Successfully created mount point: {}", mountPoint);
+					return true;
+				}
+				case NONE -> {
+					//Requirement "NONE" doesn't make any sense here.
+					//No need to prepare/verify a Mountpoint without requiring one...
+					throw new InvalidMountPointException(new IllegalStateException("Illegal MountPointRequirement"));
+				}
+				default -> {
+					//Currently the case for "PARENT_OPT_MOUNT_POINT"
+					throw new InvalidMountPointException(new IllegalStateException("Not implemented"));
+				}
+			}
+		} catch (IOException exception) {
+			throw new InvalidMountPointException("IOException while preparing mountpoint", exception);
+		}
+	}
+
+	@Override
+	public void cleanup(Volume caller, Path mountPoint) {
+		try {
+			Files.delete(mountPoint);
+			LOG.debug("Successfully deleted mount point: {}", mountPoint);
+		} catch (IOException e) {
+			LOG.warn("Could not delete mount point: {}", e.getMessage());
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/settings/KeychainBackend.java

@@ -0,0 +1,19 @@
+package org.cryptomator.common.settings;
+
+public enum KeychainBackend {
+	GNOME("org.cryptomator.linux.keychain.SecretServiceKeychainAccess"),
+	KDE("org.cryptomator.linux.keychain.KDEWalletKeychainAccess"),
+	MAC_SYSTEM_KEYCHAIN("org.cryptomator.macos.keychain.MacSystemKeychainAccess"),
+	WIN_SYSTEM_KEYCHAIN("org.cryptomator.windows.keychain.WindowsProtectedKeychainAccess");
+
+	private final String providerClass;
+
+	KeychainBackend(String providerClass) {
+		this.providerClass = providerClass;
+	}
+
+	public String getProviderClass() {
+		return providerClass;
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/settings/Settings.java

@@ -8,6 +8,9 @@
  ******************************************************************************/
 package org.cryptomator.common.settings;
 
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.Environment;
+
 import javafx.beans.Observable;
 import javafx.beans.property.BooleanProperty;
 import javafx.beans.property.IntegerProperty;
@@ -15,9 +18,11 @@ import javafx.beans.property.ObjectProperty;
 import javafx.beans.property.SimpleBooleanProperty;
 import javafx.beans.property.SimpleIntegerProperty;
 import javafx.beans.property.SimpleObjectProperty;
+import javafx.beans.property.SimpleStringProperty;
+import javafx.beans.property.StringProperty;
 import javafx.collections.FXCollections;
 import javafx.collections.ObservableList;
-
+import javafx.geometry.NodeOrientation;
 import java.util.function.Consumer;
 
 public class Settings {
@@ -30,9 +35,13 @@ public class Settings {
 	public static final int DEFAULT_PORT = 42427;
 	public static final int DEFAULT_NUM_TRAY_NOTIFICATIONS = 3;
 	public static final WebDavUrlScheme DEFAULT_GVFS_SCHEME = WebDavUrlScheme.DAV;
-	public static final UiTheme DEFAULT_THEME = UiTheme.LIGHT;
 	public static final boolean DEFAULT_DEBUG_MODE = false;
-	public static final VolumeImpl DEFAULT_PREFERRED_VOLUME_IMPL = System.getProperty("os.name").toLowerCase().contains("windows") ? VolumeImpl.DOKANY : VolumeImpl.FUSE;
+	public static final VolumeImpl DEFAULT_PREFERRED_VOLUME_IMPL = SystemUtils.IS_OS_WINDOWS ? VolumeImpl.DOKANY : VolumeImpl.FUSE;
+	public static final UiTheme DEFAULT_THEME = UiTheme.LIGHT;
+	public static final KeychainBackend DEFAULT_KEYCHAIN_BACKEND = SystemUtils.IS_OS_WINDOWS ? KeychainBackend.WIN_SYSTEM_KEYCHAIN : SystemUtils.IS_OS_MAC ? KeychainBackend.MAC_SYSTEM_KEYCHAIN : KeychainBackend.GNOME;
+	public static final NodeOrientation DEFAULT_USER_INTERFACE_ORIENTATION = NodeOrientation.LEFT_TO_RIGHT;
+	public static final String DEFAULT_LICENSE_KEY = "";
+	public static final boolean DEFAULT_SHOW_MINIMIZE_BUTTON = false;
 
 	private final ObservableList<VaultSettings> directories = FXCollections.observableArrayList(VaultSettings::observables);
 	private final BooleanProperty askedForUpdateCheck = new SimpleBooleanProperty(DEFAULT_ASKED_FOR_UPDATE_CHECK);
@@ -44,13 +53,20 @@ public class Settings {
 	private final BooleanProperty debugMode = new SimpleBooleanProperty(DEFAULT_DEBUG_MODE);
 	private final ObjectProperty<VolumeImpl> preferredVolumeImpl = new SimpleObjectProperty<>(DEFAULT_PREFERRED_VOLUME_IMPL);
 	private final ObjectProperty<UiTheme> theme = new SimpleObjectProperty<>(DEFAULT_THEME);
+	private final ObjectProperty<KeychainBackend> keychainBackend = new SimpleObjectProperty<>(DEFAULT_KEYCHAIN_BACKEND);
+	private final ObjectProperty<NodeOrientation> userInterfaceOrientation = new SimpleObjectProperty<>(DEFAULT_USER_INTERFACE_ORIENTATION);
+	private final StringProperty licenseKey = new SimpleStringProperty(DEFAULT_LICENSE_KEY);
+	private final BooleanProperty showMinimizeButton = new SimpleBooleanProperty(DEFAULT_SHOW_MINIMIZE_BUTTON);
+	private final BooleanProperty showTrayIcon;
 
 	private Consumer<Settings> saveCmd;
 
 	/**
 	 * Package-private constructor; use {@link SettingsProvider}.
 	 */
-	Settings() {
+	Settings(Environment env) {
+		this.showTrayIcon = new SimpleBooleanProperty(env.showTrayIcon());
+
 		directories.addListener(this::somethingChanged);
 		askedForUpdateCheck.addListener(this::somethingChanged);
 		checkForUpdates.addListener(this::somethingChanged);
@@ -61,12 +77,17 @@ public class Settings {
 		debugMode.addListener(this::somethingChanged);
 		preferredVolumeImpl.addListener(this::somethingChanged);
 		theme.addListener(this::somethingChanged);
+		keychainBackend.addListener(this::somethingChanged);
+		userInterfaceOrientation.addListener(this::somethingChanged);
+		licenseKey.addListener(this::somethingChanged);
+		showMinimizeButton.addListener(this::somethingChanged);
+		showTrayIcon.addListener(this::somethingChanged);
 	}
 
 	void setSaveCmd(Consumer<Settings> saveCmd) {
 		this.saveCmd = saveCmd;
 	}
-	
+
 	private void somethingChanged(@SuppressWarnings("unused") Observable observable) {
 		this.save();
 	}
@@ -90,7 +111,7 @@ public class Settings {
 	public BooleanProperty checkForUpdates() {
 		return checkForUpdates;
 	}
-	
+
 	public BooleanProperty startHidden() {
 		return startHidden;
 	}
@@ -118,4 +139,22 @@ public class Settings {
 	public ObjectProperty<UiTheme> theme() {
 		return theme;
 	}
+
+	public ObjectProperty<KeychainBackend> keychainBackend() { return keychainBackend; }
+
+	public ObjectProperty<NodeOrientation> userInterfaceOrientation() {
+		return userInterfaceOrientation;
+	}
+
+	public StringProperty licenseKey() {
+		return licenseKey;
+	}
+
+	public BooleanProperty showMinimizeButton() {
+		return showMinimizeButton;
+	}
+
+	public BooleanProperty showTrayIcon() {
+		return showTrayIcon;
+	}
 }

main/commons/src/main/java/org/cryptomator/common/settings/SettingsJsonAdapter.java

@@ -9,18 +9,29 @@ import com.google.gson.TypeAdapter;
 import com.google.gson.stream.JsonReader;
 import com.google.gson.stream.JsonToken;
 import com.google.gson.stream.JsonWriter;
+import org.cryptomator.common.Environment;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import javafx.geometry.NodeOrientation;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
 
+@Singleton
 public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 
 	private static final Logger LOG = LoggerFactory.getLogger(SettingsJsonAdapter.class);
 
 	private final VaultSettingsJsonAdapter vaultSettingsJsonAdapter = new VaultSettingsJsonAdapter();
+	private final Environment env;
+
+	@Inject
+	public SettingsJsonAdapter(Environment env) {
+		this.env = env;
+	}
 
 	@Override
 	public void write(JsonWriter out, Settings value) throws IOException {
@@ -36,6 +47,11 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 		out.name("debugMode").value(value.debugMode().get());
 		out.name("preferredVolumeImpl").value(value.preferredVolumeImpl().get().name());
 		out.name("theme").value(value.theme().get().name());
+		out.name("uiOrientation").value(value.userInterfaceOrientation().get().name());
+		out.name("keychainBackend").value(value.keychainBackend().get().name());
+		out.name("licenseKey").value(value.licenseKey().get());
+		out.name("showMinimizeButton").value(value.showMinimizeButton().get());
+		out.name("showTrayIcon").value(value.showTrayIcon().get());
 		out.endObject();
 	}
 
@@ -49,46 +65,31 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 
 	@Override
 	public Settings read(JsonReader in) throws IOException {
-		Settings settings = new Settings();
+		Settings settings = new Settings(env);
 
 		in.beginObject();
 		while (in.hasNext()) {
 			String name = in.nextName();
 			switch (name) {
-				case "directories":
-					settings.getDirectories().addAll(readVaultSettingsArray(in));
-					break;
-				case "askedForUpdateCheck":
-					settings.askedForUpdateCheck().set(in.nextBoolean());
-					break;
-				case "checkForUpdatesEnabled":
-					settings.checkForUpdates().set(in.nextBoolean());
-					break;
-				case "startHidden":
-					settings.startHidden().set(in.nextBoolean());
-					break;
-				case "port":
-					settings.port().set(in.nextInt());
-					break;
-				case "numTrayNotifications":
-					settings.numTrayNotifications().set(in.nextInt());
-					break;
-				case "preferredGvfsScheme":
-					settings.preferredGvfsScheme().set(parseWebDavUrlSchemePrefix(in.nextString()));
-					break;
-				case "debugMode":
-					settings.debugMode().set(in.nextBoolean());
-					break;
-				case "preferredVolumeImpl":
-					settings.preferredVolumeImpl().set(parsePreferredVolumeImplName(in.nextString()));
-					break;
-				case "theme":
-					settings.theme().set(parseUiTheme(in.nextString()));
-					break;
-				default:
+				case "directories" -> settings.getDirectories().addAll(readVaultSettingsArray(in));
+				case "askedForUpdateCheck" -> settings.askedForUpdateCheck().set(in.nextBoolean());
+				case "checkForUpdatesEnabled" -> settings.checkForUpdates().set(in.nextBoolean());
+				case "startHidden" -> settings.startHidden().set(in.nextBoolean());
+				case "port" -> settings.port().set(in.nextInt());
+				case "numTrayNotifications" -> settings.numTrayNotifications().set(in.nextInt());
+				case "preferredGvfsScheme" -> settings.preferredGvfsScheme().set(parseWebDavUrlSchemePrefix(in.nextString()));
+				case "debugMode" -> settings.debugMode().set(in.nextBoolean());
+				case "preferredVolumeImpl" -> settings.preferredVolumeImpl().set(parsePreferredVolumeImplName(in.nextString()));
+				case "theme" -> settings.theme().set(parseUiTheme(in.nextString()));
+				case "uiOrientation" -> settings.userInterfaceOrientation().set(parseUiOrientation(in.nextString()));
+				case "keychainBackend" -> settings.keychainBackend().set(parseKeychainBackend(in.nextString()));
+				case "licenseKey" -> settings.licenseKey().set(in.nextString());
+				case "showMinimizeButton" -> settings.showMinimizeButton().set(in.nextBoolean());
+				case "showTrayIcon" -> settings.showTrayIcon().set(in.nextBoolean());
+				default -> {
 					LOG.warn("Unsupported vault setting found in JSON: " + name);
 					in.skipValue();
-					break;
+				}
 			}
 		}
 		in.endObject();
@@ -109,7 +110,7 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 		try {
 			return WebDavUrlScheme.valueOf(webDavUrlSchemeName.toUpperCase());
 		} catch (IllegalArgumentException e) {
-			LOG.warn("Invalid volume type {}. Defaulting to {}.", webDavUrlSchemeName, Settings.DEFAULT_GVFS_SCHEME);
+			LOG.warn("Invalid WebDAV url scheme {}. Defaulting to {}.", webDavUrlSchemeName, Settings.DEFAULT_GVFS_SCHEME);
 			return Settings.DEFAULT_GVFS_SCHEME;
 		}
 	}
@@ -118,11 +119,29 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 		try {
 			return UiTheme.valueOf(uiThemeName.toUpperCase());
 		} catch (IllegalArgumentException e) {
-			LOG.warn("Invalid volume type {}. Defaulting to {}.", uiThemeName, Settings.DEFAULT_THEME);
+			LOG.warn("Invalid ui theme {}. Defaulting to {}.", uiThemeName, Settings.DEFAULT_THEME);
 			return Settings.DEFAULT_THEME;
 		}
 	}
 
+	private KeychainBackend parseKeychainBackend(String backendName) {
+		try {
+			return KeychainBackend.valueOf(backendName.toUpperCase());
+		} catch (IllegalArgumentException e) {
+			LOG.warn("Invalid keychain backend {}. Defaulting to {}.", backendName, Settings.DEFAULT_KEYCHAIN_BACKEND);
+			return Settings.DEFAULT_KEYCHAIN_BACKEND;
+		}
+	}
+
+	private NodeOrientation parseUiOrientation(String uiOrientationName) {
+		try {
+			return NodeOrientation.valueOf(uiOrientationName.toUpperCase());
+		} catch (IllegalArgumentException e) {
+			LOG.warn("Invalid ui orientation {}. Defaulting to {}.", uiOrientationName, Settings.DEFAULT_USER_INTERFACE_ORIENTATION);
+			return Settings.DEFAULT_USER_INTERFACE_ORIENTATION;
+		}
+	}
+
 	private List<VaultSettings> readVaultSettingsArray(JsonReader in) throws IOException {
 		List<VaultSettings> result = new ArrayList<>();
 		in.beginArray();
@@ -132,5 +151,4 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 		in.endArray();
 		return result;
 	}
-
 }

main/commons/src/main/java/org/cryptomator/common/settings/SettingsProvider.java

@@ -8,11 +8,13 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
+import com.google.common.base.Suppliers;
 import com.google.gson.Gson;
 import com.google.gson.GsonBuilder;
+import com.google.gson.JsonElement;
 import com.google.gson.JsonParseException;
+import com.google.gson.JsonParser;
 import org.cryptomator.common.Environment;
-import org.cryptomator.common.LazyInitializer;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -32,7 +34,6 @@ import java.nio.file.Path;
 import java.nio.file.StandardCopyOption;
 import java.nio.file.StandardOpenOption;
 import java.util.Optional;
-import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.ScheduledFuture;
 import java.util.concurrent.TimeUnit;
@@ -46,16 +47,18 @@ public class SettingsProvider implements Supplier<Settings> {
 	private static final Logger LOG = LoggerFactory.getLogger(SettingsProvider.class);
 	private static final long SAVE_DELAY_MS = 1000;
 
-	private final ScheduledExecutorService saveScheduler = Executors.newSingleThreadScheduledExecutor();
 	private final AtomicReference<ScheduledFuture<?>> scheduledSaveCmd = new AtomicReference<>();
-	private final AtomicReference<Settings> settings = new AtomicReference<>();
-	private final SettingsJsonAdapter settingsJsonAdapter = new SettingsJsonAdapter();
+	private final Supplier<Settings> settings = Suppliers.memoize(this::load);
+	private final SettingsJsonAdapter settingsJsonAdapter;
 	private final Environment env;
+	private final ScheduledExecutorService scheduler;
 	private final Gson gson;
 
 	@Inject
-	public SettingsProvider(Environment env) {
+	public SettingsProvider(SettingsJsonAdapter settingsJsonAdapter, Environment env, ScheduledExecutorService scheduler) {
+		this.settingsJsonAdapter = settingsJsonAdapter;
 		this.env = env;
+		this.scheduler = scheduler;
 		this.gson = new GsonBuilder() //
 				.setPrettyPrinting().setLenient().disableHtmlEscaping() //
 				.registerTypeAdapter(Settings.class, settingsJsonAdapter) //
@@ -64,11 +67,11 @@ public class SettingsProvider implements Supplier<Settings> {
 
 	@Override
 	public Settings get() {
-		return LazyInitializer.initializeLazily(settings, this::load);
+		return settings.get();
 	}
 
 	private Settings load() {
-		Settings settings = env.getSettingsPath().flatMap(this::tryLoad).findFirst().orElse(new Settings());
+		Settings settings = env.getSettingsPath().flatMap(this::tryLoad).findFirst().orElse(new Settings(env));
 		settings.setSaveCmd(this::scheduleSave);
 		return settings;
 	}
@@ -77,15 +80,18 @@ public class SettingsProvider implements Supplier<Settings> {
 		LOG.debug("Attempting to load settings from {}", path);
 		try (InputStream in = Files.newInputStream(path, StandardOpenOption.READ); //
 			 Reader reader = new InputStreamReader(in, StandardCharsets.UTF_8)) {
-			Settings settings = gson.fromJson(reader, Settings.class);
-			if (settings == null) {
-				throw new IOException("Unexpected EOF");
+			JsonElement json = JsonParser.parseReader(reader);
+			if (json.isJsonObject()) {
+				Settings settings = gson.fromJson(json, Settings.class);
+				LOG.info("Settings loaded from {}", path);
+				return Stream.of(settings);
+			} else {
+				LOG.warn("Invalid json file {}", path);
+				return Stream.empty();
 			}
-			LOG.info("Settings loaded from {}", path);
-			return Stream.of(settings);
 		} catch (NoSuchFileException e) {
 			return Stream.empty();
-		} catch (IOException e) {
+		} catch (IOException | JsonParseException e) {
 			LOG.warn("Exception while loading settings from " + path, e);
 			return Stream.empty();
 		}
@@ -98,7 +104,7 @@ public class SettingsProvider implements Supplier<Settings> {
 		final Optional<Path> settingsPath = env.getSettingsPath().findFirst(); // alway save to preferred (first) path
 		settingsPath.ifPresent(path -> {
 			Runnable saveCommand = () -> this.save(settings, path);
-			ScheduledFuture<?> scheduledTask = saveScheduler.schedule(saveCommand, SAVE_DELAY_MS, TimeUnit.MILLISECONDS);
+			ScheduledFuture<?> scheduledTask = scheduler.schedule(saveCommand, SAVE_DELAY_MS, TimeUnit.MILLISECONDS);
 			ScheduledFuture<?> previouslyScheduledTask = scheduledSaveCmd.getAndSet(scheduledTask);
 			if (previouslyScheduledTask != null) {
 				previouslyScheduledTask.cancel(false);

main/commons/src/main/java/org/cryptomator/common/settings/UiTheme.java

@@ -1,11 +1,21 @@
 package org.cryptomator.common.settings;
 
-public enum UiTheme {
-	LIGHT("Light"),
-	DARK("Dark");
-	// CUSTOM("Custom (%s)");
+import org.apache.commons.lang3.SystemUtils;
 
-	private String displayName;
+public enum UiTheme {
+	LIGHT("preferences.general.theme.light"), //
+	DARK("preferences.general.theme.dark"), //
+	AUTOMATIC("preferences.general.theme.automatic");
+
+	public static UiTheme[] applicableValues() {
+		if (SystemUtils.IS_OS_MAC || SystemUtils.IS_OS_WINDOWS) {
+			return values();
+		} else {
+			return new UiTheme[]{LIGHT, DARK};
+		}
+	}
+
+	private final String displayName;
 
 	UiTheme(String displayName) {
 		this.displayName = displayName;

main/commons/src/main/java/org/cryptomator/common/settings/VaultSettings.java

@@ -5,31 +5,30 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
+import com.google.common.base.CharMatcher;
 import com.google.common.base.Strings;
 import com.google.common.io.BaseEncoding;
+
 import javafx.beans.Observable;
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.StringBinding;
 import javafx.beans.property.BooleanProperty;
+import javafx.beans.property.IntegerProperty;
 import javafx.beans.property.ObjectProperty;
 import javafx.beans.property.SimpleBooleanProperty;
+import javafx.beans.property.SimpleIntegerProperty;
 import javafx.beans.property.SimpleObjectProperty;
 import javafx.beans.property.SimpleStringProperty;
 import javafx.beans.property.StringProperty;
-import org.apache.commons.lang3.StringUtils;
-import org.fxmisc.easybind.EasyBind;
-
-import java.nio.ByteBuffer;
-import java.nio.charset.StandardCharsets;
 import java.nio.file.Path;
-import java.util.Base64;
-import java.util.List;
 import java.util.Objects;
 import java.util.Optional;
 import java.util.Random;
-import java.util.UUID;
+import java.util.Set;
+import java.util.stream.Collectors;
 
 /**
  * The settings specific to a single vault.
- * TODO: Change the name of individualMountPath and its derivatives to customMountPath
  */
 public class VaultSettings {
 
@@ -38,34 +37,33 @@ public class VaultSettings {
 	public static final boolean DEFAULT_USES_INDIVIDUAL_MOUNTPATH = false;
 	public static final boolean DEFAULT_USES_READONLY_MODE = false;
 	public static final String DEFAULT_MOUNT_FLAGS = "";
-	
-	private static final Random RNG = new Random(); 
+	public static final int DEFAULT_FILENAME_LENGTH_LIMIT = -1;
+	public static final WhenUnlocked DEFAULT_ACTION_AFTER_UNLOCK = WhenUnlocked.ASK;
+
+	private static final Random RNG = new Random();
 
 	private final String id;
 	private final ObjectProperty<Path> path = new SimpleObjectProperty();
-	private final StringProperty mountName = new SimpleStringProperty();
+	private final StringProperty displayName = new SimpleStringProperty();
 	private final StringProperty winDriveLetter = new SimpleStringProperty();
 	private final BooleanProperty unlockAfterStartup = new SimpleBooleanProperty(DEFAULT_UNLOCK_AFTER_STARTUP);
 	private final BooleanProperty revealAfterMount = new SimpleBooleanProperty(DEFAULT_REAVEAL_AFTER_MOUNT);
-	private final BooleanProperty usesIndividualMountPath = new SimpleBooleanProperty(DEFAULT_USES_INDIVIDUAL_MOUNTPATH);
-	private final StringProperty individualMountPath = new SimpleStringProperty();
+	private final BooleanProperty useCustomMountPath = new SimpleBooleanProperty(DEFAULT_USES_INDIVIDUAL_MOUNTPATH);
+	private final StringProperty customMountPath = new SimpleStringProperty();
 	private final BooleanProperty usesReadOnlyMode = new SimpleBooleanProperty(DEFAULT_USES_READONLY_MODE);
 	private final StringProperty mountFlags = new SimpleStringProperty(DEFAULT_MOUNT_FLAGS);
+	private final IntegerProperty filenameLengthLimit = new SimpleIntegerProperty(DEFAULT_FILENAME_LENGTH_LIMIT);
+	private final ObjectProperty<WhenUnlocked> actionAfterUnlock = new SimpleObjectProperty<>(DEFAULT_ACTION_AFTER_UNLOCK);
+
+	private final StringBinding mountName;
 
 	public VaultSettings(String id) {
 		this.id = Objects.requireNonNull(id);
-
-		EasyBind.subscribe(path, this::deriveMountNameFromPath);
+		this.mountName = Bindings.createStringBinding(this::normalizeDisplayName, displayName);
 	}
 
 	Observable[] observables() {
-		return new Observable[]{path, mountName, winDriveLetter, unlockAfterStartup, revealAfterMount, usesIndividualMountPath, individualMountPath, usesReadOnlyMode, mountFlags};
-	}
-
-	private void deriveMountNameFromPath(Path path) {
-		if (path != null && StringUtils.isBlank(mountName.get())) {
-			mountName.set(normalizeMountName(path.getFileName().toString()));
-		}
+		return new Observable[]{path, displayName, winDriveLetter, unlockAfterStartup, revealAfterMount, useCustomMountPath, customMountPath, usesReadOnlyMode, mountFlags, filenameLengthLimit, actionAfterUnlock};
 	}
 
 	public static VaultSettings withRandomId() {
@@ -78,23 +76,18 @@ public class VaultSettings {
 		return BaseEncoding.base64Url().encode(randomBytes);
 	}
 
-	public static String normalizeMountName(String mountName) {
-		String normalizedMountName = StringUtils.stripAccents(mountName);
-		StringBuilder builder = new StringBuilder();
-		for (char c : normalizedMountName.toCharArray()) {
-			if (Character.isWhitespace(c)) {
-				if (builder.length() == 0 || builder.charAt(builder.length() - 1) != '_') {
-					builder.append('_');
-				}
-			} else if (c < 127 && Character.isLetterOrDigit(c)) {
-				builder.append(c);
-			} else {
-				if (builder.length() == 0 || builder.charAt(builder.length() - 1) != '_') {
-					builder.append('_');
-				}
-			}
+	//visible for testing
+	String normalizeDisplayName() {
+		var original = displayName.getValueSafe();
+		if (original.isBlank() || ".".equals(original) || "..".equals(original)) {
+			return "_";
 		}
-		return builder.toString();
+
+		// replace whitespaces (tabs, linebreaks, ...) by simple space (0x20)
+		var withoutFancyWhitespaces = CharMatcher.whitespace().collapseFrom(original, ' ');
+
+		// replace control chars as well as chars that aren't allowed in file names on standard file systems by underscore
+		return CharMatcher.anyOf("<>:\"/\\|?*").or(CharMatcher.javaIsoControl()).collapseFrom(withoutFancyWhitespaces, '_');
 	}
 
 	/* Getter/Setter */
@@ -107,7 +100,11 @@ public class VaultSettings {
 		return path;
 	}
 
-	public StringProperty mountName() {
+	public StringProperty displayName() {
+		return displayName;
+	}
+
+	public StringBinding mountName() {
 		return mountName;
 	}
 
@@ -115,6 +112,14 @@ public class VaultSettings {
 		return winDriveLetter;
 	}
 
+	public Optional<String> getWinDriveLetter() {
+		String current = this.winDriveLetter.get();
+		if (!Strings.isNullOrEmpty(current)) {
+			return Optional.of(current);
+		}
+		return Optional.empty();
+	}
+
 	public BooleanProperty unlockAfterStartup() {
 		return unlockAfterStartup;
 	}
@@ -123,17 +128,17 @@ public class VaultSettings {
 		return revealAfterMount;
 	}
 
-	public BooleanProperty usesIndividualMountPath() {
-		return usesIndividualMountPath;
+	public BooleanProperty useCustomMountPath() {
+		return useCustomMountPath;
 	}
 
-	public StringProperty individualMountPath() {
-		return individualMountPath;
+	public StringProperty customMountPath() {
+		return customMountPath;
 	}
 
-	public Optional<String> getIndividualMountPath() {
-		if (usesIndividualMountPath.get()) {
-			return Optional.ofNullable(Strings.emptyToNull(individualMountPath.get()));
+	public Optional<String> getCustomMountPath() {
+		if (useCustomMountPath.get()) {
+			return Optional.ofNullable(Strings.emptyToNull(customMountPath.get()));
 		} else {
 			return Optional.empty();
 		}
@@ -147,6 +152,18 @@ public class VaultSettings {
 		return mountFlags;
 	}
 
+	public IntegerProperty filenameLengthLimit() {
+		return filenameLengthLimit;
+	}
+
+	public ObjectProperty<WhenUnlocked> actionAfterUnlock() {
+		return actionAfterUnlock;
+	}
+
+	public WhenUnlocked getActionAfterUnlock() {
+		return actionAfterUnlock.get();
+	}
+
 	/* Hashcode/Equals */
 
 	@Override
@@ -156,8 +173,7 @@ public class VaultSettings {
 
 	@Override
 	public boolean equals(Object obj) {
-		if (obj instanceof VaultSettings && obj.getClass().equals(this.getClass())) {
-			VaultSettings other = (VaultSettings) obj;
+		if (obj instanceof VaultSettings other && obj.getClass().equals(this.getClass())) {
 			return Objects.equals(this.id, other.id);
 		} else {
 			return false;

main/commons/src/main/java/org/cryptomator/common/settings/VaultSettingsJsonAdapter.java

@@ -21,82 +21,85 @@ class VaultSettingsJsonAdapter {
 		out.beginObject();
 		out.name("id").value(value.getId());
 		out.name("path").value(value.path().get().toString());
-		out.name("mountName").value(value.mountName().get());
+		out.name("displayName").value(value.displayName().get());
 		out.name("winDriveLetter").value(value.winDriveLetter().get());
 		out.name("unlockAfterStartup").value(value.unlockAfterStartup().get());
 		out.name("revealAfterMount").value(value.revealAfterMount().get());
-		out.name("usesIndividualMountPath").value(value.usesIndividualMountPath().get());
-		out.name("individualMountPath").value(value.individualMountPath().get());
+		out.name("useCustomMountPath").value(value.useCustomMountPath().get());
+		out.name("customMountPath").value(value.customMountPath().get());
 		out.name("usesReadOnlyMode").value(value.usesReadOnlyMode().get());
 		out.name("mountFlags").value(value.mountFlags().get());
+		out.name("filenameLengthLimit").value(value.filenameLengthLimit().get());
+		out.name("actionAfterUnlock").value(value.actionAfterUnlock().get().name());
 		out.endObject();
 	}
 
 	public VaultSettings read(JsonReader in) throws IOException {
 		String id = null;
 		String path = null;
-		String mountName = null;
-		String individualMountPath = null;
+		String mountName = null; //see https://github.com/cryptomator/cryptomator/pull/1318
+		String displayName = null;
+		String customMountPath = null;
 		String winDriveLetter = null;
 		boolean unlockAfterStartup = VaultSettings.DEFAULT_UNLOCK_AFTER_STARTUP;
 		boolean revealAfterMount = VaultSettings.DEFAULT_REAVEAL_AFTER_MOUNT;
-		boolean usesIndividualMountPath = VaultSettings.DEFAULT_USES_INDIVIDUAL_MOUNTPATH;
+		boolean useCustomMountPath = VaultSettings.DEFAULT_USES_INDIVIDUAL_MOUNTPATH;
 		boolean usesReadOnlyMode = VaultSettings.DEFAULT_USES_READONLY_MODE;
 		String mountFlags = VaultSettings.DEFAULT_MOUNT_FLAGS;
+		int filenameLengthLimit = VaultSettings.DEFAULT_FILENAME_LENGTH_LIMIT;
+		WhenUnlocked actionAfterUnlock = VaultSettings.DEFAULT_ACTION_AFTER_UNLOCK;
 
 		in.beginObject();
 		while (in.hasNext()) {
 			String name = in.nextName();
 			switch (name) {
-				case "id":
-					id = in.nextString();
-					break;
-				case "path":
-					path = in.nextString();
-					break;
-				case "mountName":
-					mountName = in.nextString();
-					break;
-				case "winDriveLetter":
-					winDriveLetter = in.nextString();
-					break;
-				case "unlockAfterStartup":
-					unlockAfterStartup = in.nextBoolean();
-					break;
-				case "revealAfterMount":
-					revealAfterMount = in.nextBoolean();
-					break;
-				case "usesIndividualMountPath":
-					usesIndividualMountPath = in.nextBoolean();
-					break;
-				case "individualMountPath":
-					individualMountPath = in.nextString();
-					break;
-				case "usesReadOnlyMode":
-					usesReadOnlyMode = in.nextBoolean();
-					break;
-				case "mountFlags":
-					mountFlags = in.nextString();
-					break;
-				default:
+				case "id" -> id = in.nextString();
+				case "path" -> path = in.nextString();
+				case "mountName" -> mountName = in.nextString(); //see https://github.com/cryptomator/cryptomator/pull/1318
+				case "displayName" -> displayName = in.nextString();
+				case "winDriveLetter" -> winDriveLetter = in.nextString();
+				case "unlockAfterStartup" -> unlockAfterStartup = in.nextBoolean();
+				case "revealAfterMount" -> revealAfterMount = in.nextBoolean();
+				case "usesIndividualMountPath", "useCustomMountPath" -> useCustomMountPath = in.nextBoolean();
+				case "individualMountPath", "customMountPath" -> customMountPath = in.nextString();
+				case "usesReadOnlyMode" -> usesReadOnlyMode = in.nextBoolean();
+				case "mountFlags" -> mountFlags = in.nextString();
+				case "filenameLengthLimit" -> filenameLengthLimit = in.nextInt();
+				case "actionAfterUnlock" -> actionAfterUnlock = parseActionAfterUnlock(in.nextString());
+				default -> {
 					LOG.warn("Unsupported vault setting found in JSON: " + name);
 					in.skipValue();
-					break;
+				}
 			}
 		}
 		in.endObject();
 
 		VaultSettings vaultSettings = (id == null) ? VaultSettings.withRandomId() : new VaultSettings(id);
-		vaultSettings.mountName().set(mountName);
+		if (displayName != null) { //see https://github.com/cryptomator/cryptomator/pull/1318
+			vaultSettings.displayName().set(displayName);
+		} else {
+			vaultSettings.displayName().set(mountName);
+		}
 		vaultSettings.path().set(Paths.get(path));
 		vaultSettings.winDriveLetter().set(winDriveLetter);
 		vaultSettings.unlockAfterStartup().set(unlockAfterStartup);
 		vaultSettings.revealAfterMount().set(revealAfterMount);
-		vaultSettings.usesIndividualMountPath().set(usesIndividualMountPath);
-		vaultSettings.individualMountPath().set(individualMountPath);
+		vaultSettings.useCustomMountPath().set(useCustomMountPath);
+		vaultSettings.customMountPath().set(customMountPath);
 		vaultSettings.usesReadOnlyMode().set(usesReadOnlyMode);
 		vaultSettings.mountFlags().set(mountFlags);
+		vaultSettings.filenameLengthLimit().set(filenameLengthLimit);
+		vaultSettings.actionAfterUnlock().set(actionAfterUnlock);
 		return vaultSettings;
 	}
 
+	private WhenUnlocked parseActionAfterUnlock(String actionAfterUnlockName) {
+		try {
+			return WhenUnlocked.valueOf(actionAfterUnlockName.toUpperCase());
+		} catch (IllegalArgumentException e) {
+			LOG.warn("Invalid action after unlock {}. Defaulting to {}.", actionAfterUnlockName, VaultSettings.DEFAULT_ACTION_AFTER_UNLOCK);
+			return VaultSettings.DEFAULT_ACTION_AFTER_UNLOCK;
+		}
+	}
+
 }

main/commons/src/main/java/org/cryptomator/common/settings/VolumeImpl.java

@@ -1,7 +1,5 @@
 package org.cryptomator.common.settings;
 
-import java.util.Arrays;
-
 public enum VolumeImpl {
 	WEBDAV("WebDAV"),
 	FUSE("FUSE"),
@@ -17,18 +15,4 @@ public enum VolumeImpl {
 		return displayName;
 	}
 
-	/**
-	 * Finds a VolumeImpl by display name.
-	 *
-	 * @param displayName Display name of the VolumeImpl
-	 * @return VolumeImpl with the given <code>displayName</code>.
-	 * @throws IllegalArgumentException if not volumeImpl with the given <code>displayName</code> was found.
-	 */
-	public static VolumeImpl forDisplayName(String displayName) throws IllegalArgumentException {
-		return Arrays.stream(values()) //
-				.filter(impl -> impl.displayName.equals(displayName)) //
-				.findAny() //
-				.orElseThrow(IllegalArgumentException::new);
-	}
-
 }

main/commons/src/main/java/org/cryptomator/common/settings/WebDavUrlScheme.java

@@ -1,7 +1,5 @@
 package org.cryptomator.common.settings;
 
-import java.util.Arrays;
-
 public enum WebDavUrlScheme {
 	DAV("dav", "dav:// (Gnome, Nautilus, ...)"),
 	WEBDAV("webdav", "webdav:// (KDE, Dolphin, ...)");
@@ -9,7 +7,8 @@ public enum WebDavUrlScheme {
 	private final String prefix;
 	private final String displayName;
 
-	WebDavUrlScheme(String prefix, String displayName) {this.prefix = prefix;
+	WebDavUrlScheme(String prefix, String displayName) {
+		this.prefix = prefix;
 		this.displayName = displayName;
 	}
 
@@ -20,18 +19,4 @@ public enum WebDavUrlScheme {
 	public String getDisplayName() {
 		return displayName;
 	}
-
-	/**
-	 * Finds a WebDavUrlScheme by prefix.
-	 *
-	 * @param prefix Prefix of the WebDavUrlScheme
-	 * @return WebDavUrlScheme with the given <code>prefix</code>.
-	 * @throws IllegalArgumentException if not WebDavUrlScheme with the given <code>prefix</code> was found.
-	 */
-	public static WebDavUrlScheme forPrefix(String prefix) throws IllegalArgumentException {
-		return Arrays.stream(values()) //
-				.filter(impl -> impl.prefix.equals(prefix)) //
-				.findAny() //
-				.orElseThrow(IllegalArgumentException::new);
-	}
 }

main/commons/src/main/java/org/cryptomator/common/settings/WhenUnlocked.java

@@ -0,0 +1,17 @@
+package org.cryptomator.common.settings;
+
+public enum WhenUnlocked {
+	IGNORE("vaultOptions.general.actionAfterUnlock.ignore"),
+	REVEAL("vaultOptions.general.actionAfterUnlock.reveal"),
+	ASK("vaultOptions.general.actionAfterUnlock.ask");
+
+	private String displayName;
+
+	WhenUnlocked(String displayName) {
+		this.displayName = displayName;
+	}
+
+	public String getDisplayName() {
+		return displayName;
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/AbstractVolume.java

@@ -0,0 +1,46 @@
+package org.cryptomator.common.vaults;
+
+import com.google.common.collect.Iterables;
+import org.cryptomator.common.mountpoint.InvalidMountPointException;
+import org.cryptomator.common.mountpoint.MountPointChooser;
+
+import java.nio.file.Path;
+import java.util.Optional;
+
+public abstract class AbstractVolume implements Volume {
+
+	private final Iterable<MountPointChooser> choosers;
+
+	protected Path mountPoint;
+	private boolean cleanupRequired;
+	private MountPointChooser usedChooser;
+
+	public AbstractVolume(Iterable<MountPointChooser> choosers) {
+		this.choosers = choosers;
+	}
+
+	protected Path determineMountPoint() throws InvalidMountPointException {
+		var applicableChoosers = Iterables.filter(choosers, c -> c.isApplicable(this));
+		for (var chooser : applicableChoosers) {
+			Optional<Path> chosenPath = chooser.chooseMountPoint(this);
+			if (chosenPath.isEmpty()) { // chooser couldn't find a feasible mountpoint
+				continue;
+			}
+			this.cleanupRequired = chooser.prepare(this, chosenPath.get());
+			this.usedChooser = chooser;
+			return chosenPath.get();
+		}
+		throw new InvalidMountPointException(String.format("No feasible MountPoint found by choosers: %s", applicableChoosers));
+	}
+
+	protected void cleanupMountPoint() {
+		if (this.cleanupRequired) {
+			this.usedChooser.cleanup(this, this.mountPoint);
+		}
+	}
+
+	@Override
+	public Optional<Path> getMountPoint() {
+		return Optional.ofNullable(mountPoint);
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/DefaultMountFlags.java

@@ -10,4 +10,5 @@ import static java.lang.annotation.RetentionPolicy.RUNTIME;
 @Documented
 @Retention(RUNTIME)
 public @interface DefaultMountFlags {
+
 }

main/commons/src/main/java/org/cryptomator/common/vaults/DokanyVolume.java

@@ -1,42 +1,82 @@
 package org.cryptomator.common.vaults;
 
-import com.google.common.base.Strings;
+import org.cryptomator.common.mountpoint.InvalidMountPointException;
+import org.cryptomator.common.mountpoint.MountPointChooser;
 import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.settings.VolumeImpl;
 import org.cryptomator.cryptofs.CryptoFileSystem;
+import org.cryptomator.frontend.dokany.DokanyMountFailedException;
 import org.cryptomator.frontend.dokany.Mount;
 import org.cryptomator.frontend.dokany.MountFactory;
-import org.cryptomator.frontend.dokany.MountFailedException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.inject.Inject;
-import java.io.IOException;
-import java.nio.file.DirectoryNotEmptyException;
-import java.nio.file.DirectoryStream;
-import java.nio.file.Files;
-import java.nio.file.NotDirectoryException;
-import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.Optional;
-import java.util.concurrent.ExecutorService;
+import javax.inject.Named;
+import java.util.function.Consumer;
 
-public class DokanyVolume implements Volume {
+public class DokanyVolume extends AbstractVolume {
 
 	private static final Logger LOG = LoggerFactory.getLogger(DokanyVolume.class);
 
-	private static final String FS_TYPE_NAME = "Cryptomator File System";
+	private static final String FS_TYPE_NAME = "CryptomatorFS";
 
 	private final VaultSettings vaultSettings;
-	private final MountFactory mountFactory;
-	private final WindowsDriveLetters windowsDriveLetters;
+
 	private Mount mount;
-	private Path mountPoint;
 
 	@Inject
-	public DokanyVolume(VaultSettings vaultSettings, ExecutorService executorService, WindowsDriveLetters windowsDriveLetters) {
+	public DokanyVolume(VaultSettings vaultSettings, @Named("orderedMountPointChoosers") Iterable<MountPointChooser> choosers) {
+		super(choosers);
 		this.vaultSettings = vaultSettings;
-		this.mountFactory = new MountFactory(executorService);
-		this.windowsDriveLetters = windowsDriveLetters;
+	}
+
+	@Override
+	public VolumeImpl getImplementationType() {
+		return VolumeImpl.DOKANY;
+	}
+
+	@Override
+	public void mount(CryptoFileSystem fs, String mountFlags, Consumer<Throwable> onExitAction) throws InvalidMountPointException, VolumeException {
+		this.mountPoint = determineMountPoint();
+		try {
+			this.mount = MountFactory.mount(fs.getPath("/"), mountPoint, vaultSettings.mountName().get(), FS_TYPE_NAME, mountFlags.strip(), onExitAction);
+		} catch (DokanyMountFailedException e) {
+			if (vaultSettings.getCustomMountPath().isPresent()) {
+				LOG.warn("Failed to mount vault into {}. Is this directory currently accessed by another process (e.g. Windows Explorer)?", mountPoint);
+			}
+			throw new VolumeException("Unable to mount Filesystem", e);
+		}
+	}
+
+	@Override
+	public void reveal(Revealer revealer) throws VolumeException {
+		try {
+			mount.reveal(revealer::reveal);
+		} catch (Exception e) {
+			throw new VolumeException(e);
+		}
+	}
+
+	@Override
+	public void unmount() throws VolumeException {
+		try {
+			mount.unmount();
+		} catch (IllegalStateException e) {
+			throw new VolumeException("Unmount Failed.", e);
+		}
+		cleanupMountPoint();
+	}
+
+	@Override
+	public void unmountForced() {
+		mount.unmountForced();
+		cleanupMountPoint();
+	}
+
+	@Override
+	public boolean supportsForcedUnmount() {
+		return true;
 	}
 
 	@Override
@@ -45,64 +85,8 @@ public class DokanyVolume implements Volume {
 	}
 
 	@Override
-	public void mount(CryptoFileSystem fs, String mountFlags) throws VolumeException, IOException {
-		this.mountPoint = determineMountPoint();
-		String mountName = vaultSettings.mountName().get();
-		try {
-			this.mount = mountFactory.mount(fs.getPath("/"), mountPoint, mountName, FS_TYPE_NAME, mountFlags.strip());
-		} catch (MountFailedException e) {
-			if (vaultSettings.getIndividualMountPath().isPresent()) {
-				LOG.warn("Failed to mount vault into {}. Is this directory currently accessed by another process (e.g. Windows Explorer)?", mountPoint);
-			}
-			throw new VolumeException("Unable to mount Filesystem", e);
-		}
-	}
-
-	private Path determineMountPoint() throws VolumeException, IOException {
-		Optional<String> optionalCustomMountPoint = vaultSettings.getIndividualMountPath();
-		if (optionalCustomMountPoint.isPresent()) {
-			Path customMountPoint = Paths.get(optionalCustomMountPoint.get());
-			checkProvidedMountPoint(customMountPoint);
-			return customMountPoint;
-		} else if (!Strings.isNullOrEmpty(vaultSettings.winDriveLetter().get())) {
-			return Path.of(vaultSettings.winDriveLetter().get().charAt(0) + ":\\");
-		} else {
-			//auto assign drive letter
-			if (!windowsDriveLetters.getAvailableDriveLetters().isEmpty()) {
-				return windowsDriveLetters.getAvailableDriveLetters().iterator().next();
-			} else {
-				throw new VolumeException("No free drive letter available.");
-			}
-		}
-	}
-
-	private void checkProvidedMountPoint(Path mountPoint) throws IOException {
-		if (!Files.isDirectory(mountPoint)) {
-			throw new NotDirectoryException(mountPoint.toString());
-		}
-		try (DirectoryStream<Path> ds = Files.newDirectoryStream(mountPoint)) {
-			if (ds.iterator().hasNext()) {
-				throw new DirectoryNotEmptyException(mountPoint.toString());
-			}
-		}
-	}
-
-	@Override
-	public void reveal() throws VolumeException {
-		boolean success = mount.reveal();
-		if (!success) {
-			throw new VolumeException("Reveal failed.");
-		}
-	}
-
-	@Override
-	public void unmount() {
-		mount.close();
-	}
-
-	@Override
-	public Optional<Path> getMountPoint() {
-		return Optional.ofNullable(mountPoint);
+	public MountPointRequirement getMountPointRequirement() {
+		return MountPointRequirement.EMPTY_MOUNT_POINT;
 	}
 
 	public static boolean isSupportedStatic() {

main/commons/src/main/java/org/cryptomator/common/vaults/FuseVolume.java

@@ -1,12 +1,13 @@
 package org.cryptomator.common.vaults;
 
-import com.google.common.base.Splitter;
+import com.google.common.collect.Iterators;
 import org.apache.commons.lang3.SystemUtils;
-import org.cryptomator.common.Environment;
-import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.mountpoint.InvalidMountPointException;
+import org.cryptomator.common.mountpoint.MountPointChooser;
+import org.cryptomator.common.settings.VolumeImpl;
 import org.cryptomator.cryptofs.CryptoFileSystem;
-import org.cryptomator.frontend.fuse.mount.CommandFailedException;
 import org.cryptomator.frontend.fuse.mount.EnvironmentVariables;
+import org.cryptomator.frontend.fuse.mount.FuseMountException;
 import org.cryptomator.frontend.fuse.mount.FuseMountFactory;
 import org.cryptomator.frontend.fuse.mount.FuseNotSupportedException;
 import org.cryptomator.frontend.fuse.mount.Mount;
@@ -15,109 +16,68 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.inject.Inject;
-import java.io.IOException;
-import java.nio.file.DirectoryNotEmptyException;
-import java.nio.file.DirectoryStream;
-import java.nio.file.Files;
-import java.nio.file.NotDirectoryException;
+import javax.inject.Named;
 import java.nio.file.Path;
-import java.nio.file.Paths;
-import java.util.Optional;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.function.Consumer;
+import java.util.regex.Pattern;
 
-public class FuseVolume implements Volume {
+public class FuseVolume extends AbstractVolume {
 
 	private static final Logger LOG = LoggerFactory.getLogger(FuseVolume.class);
-	private static final int MAX_TMPMOUNTPOINT_CREATION_RETRIES = 10;
-	private static final boolean IS_MAC = System.getProperty("os.name").toLowerCase().contains("mac");
+	private static final Pattern NON_WHITESPACE_OR_QUOTED = Pattern.compile("[^\\s\"']+|\"([^\"]*)\"|'([^']*)'"); // Thanks to https://stackoverflow.com/a/366532
 
-	private final VaultSettings vaultSettings;
-	private final Environment environment;
-
-	private Mount fuseMnt;
-	private Path mountPoint;
-	private boolean createdTemporaryMountPoint;
+	private Mount mount;
 
 	@Inject
-	public FuseVolume(VaultSettings vaultSettings, Environment environment) {
-		this.vaultSettings = vaultSettings;
-		this.environment = environment;
+	public FuseVolume(@Named("orderedMountPointChoosers") Iterable<MountPointChooser> choosers) {
+		super(choosers);
 	}
 
 	@Override
-	public void mount(CryptoFileSystem fs, String mountFlags) throws IOException, FuseNotSupportedException, VolumeException {
-		Optional<String> optionalCustomMountPoint = vaultSettings.getIndividualMountPath();
-		if (optionalCustomMountPoint.isPresent()) {
-			Path customMountPoint = Paths.get(optionalCustomMountPoint.get());
-			checkProvidedMountPoint(customMountPoint);
-			this.mountPoint = customMountPoint;
-			LOG.debug("Successfully checked custom mount point: {}", mountPoint);
-		} else {
-			this.mountPoint = prepareTemporaryMountPoint();
-			LOG.debug("Successfully created mount point: {}", mountPoint);
-		}
-		mount(fs.getPath("/"), mountFlags);
+	public void mount(CryptoFileSystem fs, String mountFlags, Consumer<Throwable> onExitAction) throws InvalidMountPointException, VolumeException {
+		this.mountPoint = determineMountPoint();
+		mount(fs.getPath("/"), mountFlags, onExitAction);
 	}
 
-	private void checkProvidedMountPoint(Path mountPoint) throws IOException {
-		if (!Files.isDirectory(mountPoint)) {
-			throw new NotDirectoryException(mountPoint.toString());
-		}
-		try (DirectoryStream<Path> ds = Files.newDirectoryStream(mountPoint)) {
-			if (ds.iterator().hasNext()) {
-				throw new DirectoryNotEmptyException(mountPoint.toString());
-			}
-		}
-	}
-
-	private Path prepareTemporaryMountPoint() throws IOException, VolumeException {
-		Path mountPoint = chooseNonExistingTemporaryMountPoint();
-		// https://github.com/osxfuse/osxfuse/issues/306#issuecomment-245114592:
-		// In order to allow non-admin users to mount FUSE volumes in `/Volumes`,
-		// starting with version 3.5.0, FUSE will create non-existent mount points automatically.
-		if (IS_MAC && mountPoint.getParent().equals(Paths.get("/Volumes"))) {
-			return mountPoint;
-		} else {
-			Files.createDirectories(mountPoint);
-			this.createdTemporaryMountPoint = true;
-			return mountPoint;
-		}
-	}
-
-	private Path chooseNonExistingTemporaryMountPoint() throws VolumeException {
-		Path parent = environment.getMountPointsDir().orElseThrow();
-		String basename = vaultSettings.getId();
-		for (int i = 0; i < MAX_TMPMOUNTPOINT_CREATION_RETRIES; i++) {
-			Path mountPoint = parent.resolve(basename + "_" + i);
-			if (Files.notExists(mountPoint)) {
-				return mountPoint;
-			}
-		}
-		LOG.error("Failed to find feasible mountpoint at {}/{}_x. Giving up after {} attempts.", parent, basename, MAX_TMPMOUNTPOINT_CREATION_RETRIES);
-		throw new VolumeException("Did not find feasible mount point.");
-	}
-
-	private void mount(Path root, String mountFlags) throws VolumeException {
+	private void mount(Path root, String mountFlags, Consumer<Throwable> onExitAction) throws VolumeException {
 		try {
 			Mounter mounter = FuseMountFactory.getMounter();
 			EnvironmentVariables envVars = EnvironmentVariables.create() //
-					.withFlags(splitFlags(mountFlags)).withMountPoint(mountPoint) //
+					.withFlags(splitFlags(mountFlags)) //
+					.withMountPoint(mountPoint) //
+					.withFileNameTranscoder(mounter.defaultFileNameTranscoder()) //
 					.build();
-			this.fuseMnt = mounter.mount(root, envVars);
-		} catch (CommandFailedException e) {
+			this.mount = mounter.mount(root, envVars, onExitAction);
+		} catch ( FuseMountException | FuseNotSupportedException e) {
 			throw new VolumeException("Unable to mount Filesystem", e);
 		}
 	}
 
 	private String[] splitFlags(String str) {
-		return Splitter.on(' ').splitToList(str).toArray(String[]::new);
+		List<String> flags = new ArrayList<>();
+		var matches = Iterators.peekingIterator(NON_WHITESPACE_OR_QUOTED.matcher(str).results().iterator());
+		while (matches.hasNext()) {
+			String flag = matches.next().group();
+			// check if flag is missing its argument:
+			if (flag.endsWith("=") && matches.hasNext() && matches.peek().group(1) != null) { // next is "double quoted"
+				// next is "double quoted" and flag is missing its argument
+				flag += matches.next().group(1);
+			} else if (flag.endsWith("=") && matches.hasNext() && matches.peek().group(2) != null) {
+				// next is 'single quoted' and flag is missing its argument
+				flag += matches.next().group(2);
+			}
+			flags.add(flag);
+		}
+		return flags.toArray(String[]::new);
 	}
 
 	@Override
-	public void reveal() throws VolumeException {
+	public void reveal(Revealer revealer) throws VolumeException {
 		try {
-			fuseMnt.revealInFileManager();
-		} catch (CommandFailedException e) {
-			LOG.debug("Revealing the vault in file manger failed: " + e.getMessage());
+			mount.reveal(revealer::reveal);
+		} catch (Exception e) {
 			throw new VolumeException(e);
 		}
 	}
@@ -130,34 +90,21 @@ public class FuseVolume implements Volume {
 	@Override
 	public synchronized void unmountForced() throws VolumeException {
 		try {
-			fuseMnt.unmountForced();
-			fuseMnt.close();
-		} catch (CommandFailedException e) {
+			mount.unmountForced();
+		} catch (FuseMountException e) {
 			throw new VolumeException(e);
 		}
-		cleanupTemporaryMountPoint();
+		cleanupMountPoint();
 	}
 
 	@Override
 	public synchronized void unmount() throws VolumeException {
 		try {
-			fuseMnt.unmount();
-			fuseMnt.close();
-		} catch (CommandFailedException e) {
+			mount.unmount();
+		} catch (FuseMountException e) {
 			throw new VolumeException(e);
 		}
-		cleanupTemporaryMountPoint();
-	}
-
-	private void cleanupTemporaryMountPoint() {
-		if (createdTemporaryMountPoint) {
-			try {
-				Files.delete(mountPoint);
-				LOG.debug("Successfully deleted mount point: {}", mountPoint);
-			} catch (IOException e) {
-				LOG.warn("Could not delete mount point: {}", e.getMessage());
-			}
-		}
+		cleanupMountPoint();
 	}
 
 	@Override
@@ -166,12 +113,17 @@ public class FuseVolume implements Volume {
 	}
 
 	@Override
-	public Optional<Path> getMountPoint() {
-		return Optional.ofNullable(mountPoint);
+	public VolumeImpl getImplementationType() {
+		return VolumeImpl.FUSE;
+	}
+
+	@Override
+	public MountPointRequirement getMountPointRequirement() {
+		return SystemUtils.IS_OS_WINDOWS ? MountPointRequirement.PARENT_NO_MOUNT_POINT : MountPointRequirement.EMPTY_MOUNT_POINT;
 	}
 
 	public static boolean isSupportedStatic() {
-		return (SystemUtils.IS_OS_MAC_OSX || SystemUtils.IS_OS_LINUX) && FuseMountFactory.isFuseSupported();
+		return FuseMountFactory.isFuseSupported();
 	}
 
 }

main/commons/src/main/java/org/cryptomator/common/vaults/LockNotCompletedException.java

@@ -0,0 +1,12 @@
+package org.cryptomator.common.vaults;
+
+public class LockNotCompletedException extends Exception {
+
+	public LockNotCompletedException(String reason) {
+		super(reason);
+	}
+
+	public LockNotCompletedException(Throwable cause) {
+		super(cause);
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/MountPointRequirement.java

@@ -0,0 +1,28 @@
+package org.cryptomator.common.vaults;
+
+/**
+ * Enumeration used to indicate the requirements for mounting a vault
+ * using a specific {@link Volume VolumeProvider}, e.g. {@link FuseVolume}.
+ */
+public enum MountPointRequirement {
+
+	/**
+	 * No Mountpoint on the local filesystem required. (e.g. WebDAV)
+	 */
+	NONE,
+
+	/**
+	 * A parent folder is required, but the actual Mountpoint must not exist.
+	 */
+	PARENT_NO_MOUNT_POINT,
+
+	/**
+	 * A parent folder is required, but the actual Mountpoint may exist.
+	 */
+	PARENT_OPT_MOUNT_POINT,
+
+	/**
+	 * The actual Mountpoint must exist and must be empty.
+	 */
+	EMPTY_MOUNT_POINT;
+}

main/commons/src/main/java/org/cryptomator/common/vaults/PerVault.java

@@ -8,6 +8,6 @@ import java.lang.annotation.RetentionPolicy;
 @Scope
 @Documented
 @Retention(RetentionPolicy.RUNTIME)
-@interface PerVault {
+public @interface PerVault {
 
 }

main/commons/src/main/java/org/cryptomator/common/vaults/Vault.java

@@ -9,121 +9,129 @@
 package org.cryptomator.common.vaults;
 
 import com.google.common.base.Strings;
-import javafx.beans.Observable;
-import javafx.beans.binding.Binding;
-import javafx.beans.binding.Bindings;
-import javafx.beans.binding.BooleanBinding;
-import javafx.beans.binding.ObjectBinding;
-import javafx.beans.binding.StringBinding;
-import javafx.beans.property.ObjectProperty;
-import javafx.beans.property.SimpleObjectProperty;
-import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.SystemUtils;
-import org.cryptomator.common.LazyInitializer;
+import org.cryptomator.common.mountpoint.InvalidMountPointException;
 import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.vaults.Volume.VolumeException;
 import org.cryptomator.cryptofs.CryptoFileSystem;
 import org.cryptomator.cryptofs.CryptoFileSystemProperties;
 import org.cryptomator.cryptofs.CryptoFileSystemProperties.FileSystemFlags;
 import org.cryptomator.cryptofs.CryptoFileSystemProvider;
+import org.cryptomator.cryptofs.common.Constants;
+import org.cryptomator.cryptofs.common.FileSystemCapabilityChecker;
 import org.cryptomator.cryptolib.api.CryptoException;
 import org.cryptomator.cryptolib.api.InvalidPassphraseException;
-import org.fxmisc.easybind.EasyBind;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.inject.Inject;
+import javax.inject.Named;
 import javax.inject.Provider;
+import javafx.beans.Observable;
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.BooleanBinding;
+import javafx.beans.binding.StringBinding;
+import javafx.beans.property.BooleanProperty;
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.SimpleBooleanProperty;
 import java.io.IOException;
-import java.nio.file.FileAlreadyExistsException;
-import java.nio.file.Files;
 import java.nio.file.NoSuchFileException;
-import java.nio.file.NotDirectoryException;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-import java.util.ArrayList;
 import java.util.EnumSet;
-import java.util.List;
 import java.util.Objects;
+import java.util.Optional;
 import java.util.Set;
+import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicReference;
-import java.util.function.Predicate;
+
+import static org.cryptomator.common.Constants.MASTERKEY_FILENAME;
 
 @PerVault
 public class Vault {
-	
+
 	private static final Logger LOG = LoggerFactory.getLogger(Vault.class);
-	private static final String MASTERKEY_FILENAME = "masterkey.cryptomator"; // TODO: deduplicate constant declared in multiple classes
 	private static final Path HOME_DIR = Paths.get(SystemUtils.USER_HOME);
 
 	private final VaultSettings vaultSettings;
 	private final Provider<Volume> volumeProvider;
 	private final StringBinding defaultMountFlags;
 	private final AtomicReference<CryptoFileSystem> cryptoFileSystem;
-	private final ObjectProperty<VaultState> state;
+	private final VaultState state;
+	private final ObjectProperty<Exception> lastKnownException;
 	private final VaultStats stats;
-	private final StringBinding displayableName;
+	private final StringBinding displayName;
 	private final StringBinding displayablePath;
 	private final BooleanBinding locked;
 	private final BooleanBinding processing;
 	private final BooleanBinding unlocked;
+	private final BooleanBinding missing;
 	private final BooleanBinding needsMigration;
-	private final ObjectBinding<Path> accessPoint;
+	private final BooleanBinding unknownError;
+	private final StringBinding accessPoint;
+	private final BooleanBinding accessPointPresent;
+	private final BooleanProperty showingStats;
 
 	private volatile Volume volume;
 
 	@Inject
-	Vault(VaultSettings vaultSettings, Provider<Volume> volumeProvider, @DefaultMountFlags StringBinding defaultMountFlags, AtomicReference<CryptoFileSystem> cryptoFileSystem, ObjectProperty<VaultState> state, VaultStats stats) {
+	Vault(VaultSettings vaultSettings, Provider<Volume> volumeProvider, @DefaultMountFlags StringBinding defaultMountFlags, AtomicReference<CryptoFileSystem> cryptoFileSystem, VaultState state, @Named("lastKnownException") ObjectProperty<Exception> lastKnownException, VaultStats stats) {
 		this.vaultSettings = vaultSettings;
 		this.volumeProvider = volumeProvider;
 		this.defaultMountFlags = defaultMountFlags;
 		this.cryptoFileSystem = cryptoFileSystem;
 		this.state = state;
+		this.lastKnownException = lastKnownException;
 		this.stats = stats;
-		this.displayableName = Bindings.createStringBinding(this::getDisplayableName, vaultSettings.path());
+		this.displayName = Bindings.createStringBinding(this::getDisplayName, vaultSettings.displayName());
 		this.displayablePath = Bindings.createStringBinding(this::getDisplayablePath, vaultSettings.path());
 		this.locked = Bindings.createBooleanBinding(this::isLocked, state);
 		this.processing = Bindings.createBooleanBinding(this::isProcessing, state);
 		this.unlocked = Bindings.createBooleanBinding(this::isUnlocked, state);
+		this.missing = Bindings.createBooleanBinding(this::isMissing, state);
 		this.needsMigration = Bindings.createBooleanBinding(this::isNeedsMigration, state);
-		this.accessPoint = Bindings.createObjectBinding(this::getAccessPoint, state);
+		this.unknownError = Bindings.createBooleanBinding(this::isUnknownError, state);
+		this.accessPoint = Bindings.createStringBinding(this::getAccessPoint, state);
+		this.accessPointPresent = this.accessPoint.isNotEmpty();
+		this.showingStats = new SimpleBooleanProperty(false);
 	}
 
 	// ******************************************************************************
 	// Commands
 	// ********************************************************************************/
 
-	private CryptoFileSystem getCryptoFileSystem(CharSequence passphrase) throws NoSuchFileException, IOException, InvalidPassphraseException, CryptoException {
-		return LazyInitializer.initializeLazily(cryptoFileSystem, () -> unlockCryptoFileSystem(passphrase), IOException.class);
-	}
-
-	private CryptoFileSystem unlockCryptoFileSystem(CharSequence passphrase) throws NoSuchFileException, IOException, InvalidPassphraseException, CryptoException {
+	private CryptoFileSystem createCryptoFileSystem(CharSequence passphrase) throws NoSuchFileException, IOException, InvalidPassphraseException, CryptoException {
 		Set<FileSystemFlags> flags = EnumSet.noneOf(FileSystemFlags.class);
 		if (vaultSettings.usesReadOnlyMode().get()) {
 			flags.add(FileSystemFlags.READONLY);
 		}
+
+		int usedFilenameLengthLimit;
+		var fileSystemCapabilityChecker = new FileSystemCapabilityChecker();
+		if (flags.contains(FileSystemFlags.READONLY)) {
+			usedFilenameLengthLimit = Constants.MAX_CIPHERTEXT_NAME_LENGTH;
+		} else if (vaultSettings.filenameLengthLimit().get() == -1) {
+			LOG.debug("Determining file name length limitations...");
+			usedFilenameLengthLimit = fileSystemCapabilityChecker.determineSupportedFileNameLength(getPath());
+			vaultSettings.filenameLengthLimit().set(usedFilenameLengthLimit);
+			LOG.info("Storing file name length limit of {}", usedFilenameLengthLimit);
+		} else {
+			usedFilenameLengthLimit = vaultSettings.filenameLengthLimit().get();
+		}
+
+		assert usedFilenameLengthLimit > 0;
 		CryptoFileSystemProperties fsProps = CryptoFileSystemProperties.cryptoFileSystemProperties() //
 				.withPassphrase(passphrase) //
 				.withFlags(flags) //
 				.withMasterkeyFilename(MASTERKEY_FILENAME) //
+				.withMaxPathLength(vaultSettings.filenameLengthLimit().get() + Constants.MAX_ADDITIONAL_PATH_LENGTH) //
+				.withMaxNameLength(usedFilenameLengthLimit) //
 				.build();
 		return CryptoFileSystemProvider.newFileSystem(getPath(), fsProps);
 	}
 
-	public synchronized void unlock(CharSequence passphrase) throws CryptoException, IOException, Volume.VolumeException {
-		if (vaultSettings.usesIndividualMountPath().get() && Strings.isNullOrEmpty(vaultSettings.individualMountPath().get())) {
-			throw new NotDirectoryException("");
-		}
-		CryptoFileSystem fs = getCryptoFileSystem(passphrase);
-		volume = volumeProvider.get();
-		volume.mount(fs, getEffectiveMountFlags());
-	}
-
-	public synchronized void lock(boolean forced) throws Volume.VolumeException {
-		if (forced && volume.supportsForcedUnmount()) {
-			volume.unmountForced();
-		} else {
-			volume.unmount();
-		}
+	private void destroyCryptoFileSystem() {
+		LOG.trace("Trying to close associated CryptoFS...");
 		CryptoFileSystem fs = cryptoFileSystem.getAndSet(null);
 		if (fs != null) {
 			try {
@@ -134,24 +142,77 @@ public class Vault {
 		}
 	}
 
-	public void reveal() throws Volume.VolumeException {
-		volume.reveal();
+	public synchronized void unlock(CharSequence passphrase) throws CryptoException, IOException, VolumeException, InvalidMountPointException {
+		if (cryptoFileSystem.get() == null) {
+			CryptoFileSystem fs = createCryptoFileSystem(passphrase);
+			cryptoFileSystem.set(fs);
+			try {
+				volume = volumeProvider.get();
+				volume.mount(fs, getEffectiveMountFlags(), this::lockOnVolumeExit);
+			} catch (Exception e) {
+				destroyCryptoFileSystem();
+				throw e;
+			}
+		} else {
+			throw new IllegalStateException("Already unlocked.");
+		}
+	}
+
+	private void lockOnVolumeExit(Throwable t) {
+		LOG.info("Unmounted vault '{}'", getDisplayName());
+		destroyCryptoFileSystem();
+		state.set(VaultState.Value.LOCKED);
+		if (t != null) {
+			LOG.warn("Unexpected unmount and lock of vault " + getDisplayName(), t);
+		}
+	}
+
+	public synchronized void lock(boolean forced) throws VolumeException, LockNotCompletedException {
+		//initiate unmount
+		if (forced && volume.supportsForcedUnmount()) {
+			volume.unmountForced();
+		} else {
+			volume.unmount();
+		}
+
+		//wait for lockOnVolumeExit to be executed
+		try {
+			boolean locked = state.awaitState(VaultState.Value.LOCKED, 3000, TimeUnit.MILLISECONDS);
+			if (!locked) {
+				throw new LockNotCompletedException("Locking of vault " + this.getDisplayName() + " still in progress.");
+			}
+		} catch (InterruptedException e) {
+			Thread.currentThread().interrupt();
+			throw new LockNotCompletedException(e);
+		}
+	}
+
+	public void reveal(Volume.Revealer vaultRevealer) throws VolumeException {
+		volume.reveal(vaultRevealer);
 	}
 
 	// ******************************************************************************
 	// Observable Properties
 	// *******************************************************************************
 
-	public ObjectProperty<VaultState> stateProperty() {
+	public VaultState stateProperty() {
 		return state;
 	}
 
-	public VaultState getState() {
-		return state.get();
+	public VaultState.Value getState() {
+		return state.getValue();
 	}
 
-	public void setState(VaultState value) {
-		state.setValue(value);
+	public ObjectProperty<Exception> lastKnownExceptionProperty() {
+		return lastKnownException;
+	}
+
+	public Exception getLastKnownException() {
+		return lastKnownException.get();
+	}
+
+	public void setLastKnownException(Exception e) {
+		lastKnownException.setValue(e);
 	}
 
 	public BooleanBinding lockedProperty() {
@@ -159,7 +220,7 @@ public class Vault {
 	}
 
 	public boolean isLocked() {
-		return state.get() == VaultState.LOCKED;
+		return state.get() == VaultState.Value.LOCKED;
 	}
 
 	public BooleanBinding processingProperty() {
@@ -167,7 +228,7 @@ public class Vault {
 	}
 
 	public boolean isProcessing() {
-		return state.get() == VaultState.PROCESSING;
+		return state.get() == VaultState.Value.PROCESSING;
 	}
 
 	public BooleanBinding unlockedProperty() {
@@ -175,39 +236,62 @@ public class Vault {
 	}
 
 	public boolean isUnlocked() {
-		return state.get() == VaultState.UNLOCKED;
+		return state.get() == VaultState.Value.UNLOCKED;
 	}
-	
+
+	public BooleanBinding missingProperty() {
+		return missing;
+	}
+
+	public boolean isMissing() {
+		return state.get() == VaultState.Value.MISSING;
+	}
+
 	public BooleanBinding needsMigrationProperty() {
 		return needsMigration;
 	}
-	
+
 	public boolean isNeedsMigration() {
-		return state.get() == VaultState.NEEDS_MIGRATION;
+		return state.get() == VaultState.Value.NEEDS_MIGRATION;
 	}
 
-	public StringBinding displayableNameProperty() {
-		return displayableName;
+	public BooleanBinding unknownErrorProperty() {
+		return unknownError;
 	}
 
-	public String getDisplayableName() {
-		Path p = vaultSettings.path().get();
-		return p.getFileName().toString();
+	public boolean isUnknownError() {
+		return state.get() == VaultState.Value.ERROR;
 	}
 
-	public ObjectBinding<Path> accessPointProperty() {
+	public StringBinding displayNameProperty() {
+		return displayName;
+	}
+
+	public String getDisplayName() {
+		return vaultSettings.displayName().get();
+	}
+
+	public StringBinding accessPointProperty() {
 		return accessPoint;
 	}
 
-	public Path getAccessPoint() {
-		if (state.get() == VaultState.UNLOCKED) {
+	public String getAccessPoint() {
+		if (state.getValue() == VaultState.Value.UNLOCKED) {
 			assert volume != null;
-			return volume.getMountPoint().orElse(Path.of(""));
+			return volume.getMountPoint().orElse(Path.of("")).toString();
 		} else {
-			return Path.of("");
+			return "";
 		}
 	}
 
+	public BooleanBinding accessPointPresentProperty() {
+		return accessPointPresent;
+	}
+
+	public boolean isAccessPointPresent() {
+		return accessPointPresent.get();
+	}
+
 	public StringBinding displayablePathProperty() {
 		return displayablePath;
 	}
@@ -223,6 +307,15 @@ public class Vault {
 		}
 	}
 
+	public BooleanProperty showingStatsProperty() {
+		return showingStats;
+	}
+
+	public boolean isShowingStats() {
+		return accessPointPresent.get();
+	}
+
+
 	// ******************************************************************************
 	// Getter/Setter
 	// *******************************************************************************/
@@ -272,6 +365,10 @@ public class Vault {
 		return vaultSettings.getId();
 	}
 
+	public Optional<Volume> getVolume() {
+		return Optional.ofNullable(this.volume);
+	}
+
 	// ******************************************************************************
 	// Hashcode / Equals
 	// *******************************************************************************/
@@ -283,8 +380,7 @@ public class Vault {
 
 	@Override
 	public boolean equals(Object obj) {
-		if (obj instanceof Vault && obj.getClass().equals(this.getClass())) {
-			final Vault other = (Vault) obj;
+		if (obj instanceof Vault other && obj.getClass().equals(this.getClass())) {
 			return Objects.equals(this.vaultSettings, other.vaultSettings);
 		} else {
 			return false;

main/commons/src/main/java/org/cryptomator/common/vaults/VaultComponent.java

@@ -6,12 +6,15 @@
 package org.cryptomator.common.vaults;
 
 import dagger.BindsInstance;
+import dagger.Subcomponent;
+import org.cryptomator.common.mountpoint.MountPointChooserModule;
 import org.cryptomator.common.settings.VaultSettings;
 
-import dagger.Subcomponent;
+import javax.annotation.Nullable;
+import javax.inject.Named;
 
 @PerVault
-@Subcomponent(modules = {VaultModule.class})
+@Subcomponent(modules = {VaultModule.class, MountPointChooserModule.class})
 public interface VaultComponent {
 
 	Vault vault();
@@ -23,7 +26,10 @@ public interface VaultComponent {
 		Builder vaultSettings(VaultSettings vaultSettings);
 
 		@BindsInstance
-		Builder initialVaultState(VaultState vaultState);
+		Builder initialVaultState(VaultState.Value vaultState);
+
+		@BindsInstance
+		Builder initialErrorCause(@Nullable @Named("lastKnownException") Exception initialErrorCause);
 
 		VaultComponent build();
 	}

main/commons/src/main/java/org/cryptomator/common/vaults/VaultListChangeListener.java

@@ -1,9 +1,9 @@
 package org.cryptomator.common.vaults;
 
+import org.cryptomator.common.settings.VaultSettings;
+
 import javafx.collections.ListChangeListener;
 import javafx.collections.ObservableList;
-import org.cryptomator.common.settings.VaultSettings;
-
 import java.util.List;
 import java.util.stream.Collectors;
 
@@ -20,12 +20,12 @@ class VaultListChangeListener implements ListChangeListener<Vault> {
 
 	@Override
 	public void onChanged(Change<? extends Vault> c) {
-		while(c.next()) {
+		while (c.next()) {
 			if (c.wasAdded()) {
-				List<VaultSettings> addedSettings = c.getAddedSubList().stream().map(Vault::getVaultSettings).collect(Collectors.toList());
+				List<VaultSettings> addedSettings = c.getAddedSubList().stream().map(Vault::getVaultSettings).toList();
 				vaultSettingsList.addAll(c.getFrom(), addedSettings);
 			} else if (c.wasRemoved()) {
-				List<VaultSettings> removedSettings = c.getRemoved().stream().map(Vault::getVaultSettings).collect(Collectors.toList());
+				List<VaultSettings> removedSettings = c.getRemoved().stream().map(Vault::getVaultSettings).toList();
 				vaultSettingsList.removeAll(removedSettings);
 			}
 		}

main/commons/src/main/java/org/cryptomator/common/vaults/VaultListManager.java

@@ -8,35 +8,41 @@
  *******************************************************************************/
 package org.cryptomator.common.vaults;
 
-import javafx.collections.FXCollections;
-import javafx.collections.ObservableList;
 import org.cryptomator.common.settings.Settings;
 import org.cryptomator.common.settings.VaultSettings;
 import org.cryptomator.cryptofs.CryptoFileSystemProvider;
 import org.cryptomator.cryptofs.migration.Migrators;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import javax.inject.Inject;
 import javax.inject.Singleton;
+import javafx.collections.FXCollections;
+import javafx.collections.ObservableList;
 import java.io.IOException;
 import java.nio.file.NoSuchFileException;
 import java.nio.file.Path;
 import java.util.Collection;
 import java.util.Optional;
-import java.util.stream.Collectors;
+import java.util.ResourceBundle;
+
+import static org.cryptomator.common.Constants.MASTERKEY_FILENAME;
 
 @Singleton
 public class VaultListManager {
-	
-	private static final String MASTERKEY_FILENAME = "masterkey.cryptomator"; // TODO: deduplicate constant declared in multiple classes
+
+	private static final Logger LOG = LoggerFactory.getLogger(VaultListManager.class);
 
 	private final VaultComponent.Builder vaultComponentBuilder;
 	private final ObservableList<Vault> vaultList;
+	private final String defaultVaultName;
 
 	@Inject
-	public VaultListManager(VaultComponent.Builder vaultComponentBuilder, Settings settings) {
+	public VaultListManager(VaultComponent.Builder vaultComponentBuilder, ResourceBundle resourceBundle, Settings settings) {
 		this.vaultComponentBuilder = vaultComponentBuilder;
+		this.defaultVaultName = resourceBundle.getString("defaults.vault.vaultName");
 		this.vaultList = FXCollections.observableArrayList(Vault::observables);
-		
+
 		addAll(settings.getDirectories());
 		vaultList.addListener(new VaultListChangeListener(settings.getDirectories()));
 	}
@@ -46,47 +52,84 @@ public class VaultListManager {
 	}
 
 	public Vault add(Path pathToVault) throws NoSuchFileException {
-		if (!CryptoFileSystemProvider.containsVault(pathToVault, MASTERKEY_FILENAME)) {
-			throw new NoSuchFileException(pathToVault.toString(), null, "Not a vault directory");
+		Path normalizedPathToVault = pathToVault.normalize().toAbsolutePath();
+		if (!CryptoFileSystemProvider.containsVault(normalizedPathToVault, MASTERKEY_FILENAME)) {
+			throw new NoSuchFileException(normalizedPathToVault.toString(), null, "Not a vault directory");
 		}
-		Optional<Vault> alreadyExistingVault = get(pathToVault);
+		Optional<Vault> alreadyExistingVault = get(normalizedPathToVault);
 		if (alreadyExistingVault.isPresent()) {
 			return alreadyExistingVault.get();
 		} else {
-			VaultSettings vaultSettings = VaultSettings.withRandomId();
-			vaultSettings.path().set(pathToVault);
-			Vault newVault = create(vaultSettings);
+			Vault newVault = create(newVaultSettings(normalizedPathToVault));
 			vaultList.add(newVault);
 			return newVault;
 		}
 	}
-	
+
+	private VaultSettings newVaultSettings(Path path) {
+		VaultSettings vaultSettings = VaultSettings.withRandomId();
+		vaultSettings.path().set(path);
+		if (path.getFileName() != null) {
+			vaultSettings.displayName().set(path.getFileName().toString());
+		} else {
+			vaultSettings.displayName().set(defaultVaultName);
+		}
+		return vaultSettings;
+	}
+
 	private void addAll(Collection<VaultSettings> vaultSettings) {
-		Collection<Vault> vaults = vaultSettings.stream().map(this::create).collect(Collectors.toList());
+		Collection<Vault> vaults = vaultSettings.stream().map(this::create).toList();
 		vaultList.addAll(vaults);
 	}
-	
+
 	private Optional<Vault> get(Path vaultPath) {
-		return vaultList.stream().filter(v -> v.getPath().equals(vaultPath)).findAny();
+		assert vaultPath.isAbsolute();
+		assert vaultPath.normalize().equals(vaultPath);
+		return vaultList.stream() //
+				.filter(v -> vaultPath.equals(v.getPath())) //
+				.findAny();
 	}
 
 	private Vault create(VaultSettings vaultSettings) {
-		VaultState vaultState = determineVaultState(vaultSettings.path().get());
-		VaultComponent comp = vaultComponentBuilder.vaultSettings(vaultSettings).initialVaultState(vaultState).build();
-		return comp.vault();
+		VaultComponent.Builder compBuilder = vaultComponentBuilder.vaultSettings(vaultSettings);
+		try {
+			VaultState.Value vaultState = determineVaultState(vaultSettings.path().get());
+			compBuilder.initialVaultState(vaultState);
+		} catch (IOException e) {
+			LOG.warn("Failed to determine vault state for " + vaultSettings.path().get(), e);
+			compBuilder.initialVaultState(VaultState.Value.ERROR);
+			compBuilder.initialErrorCause(e);
+		}
+		return compBuilder.build().vault();
 	}
 
-	private VaultState determineVaultState(Path pathToVault) {
-		try {
-			if (!CryptoFileSystemProvider.containsVault(pathToVault, MASTERKEY_FILENAME)) {
-				return VaultState.MISSING;
-			} else if (Migrators.get().needsMigration(pathToVault, MASTERKEY_FILENAME)) {
-				return VaultState.NEEDS_MIGRATION;
-			} else {
-				return VaultState.LOCKED;
+	public static VaultState.Value redetermineVaultState(Vault vault) {
+		VaultState state = vault.stateProperty();
+		VaultState.Value previousState = state.getValue();
+		return switch (previousState) {
+			case LOCKED, NEEDS_MIGRATION, MISSING -> {
+				try {
+					VaultState.Value determinedState = determineVaultState(vault.getPath());
+					state.set(determinedState);
+					yield determinedState;
+				} catch (IOException e) {
+					LOG.warn("Failed to determine vault state for " + vault.getPath(), e);
+					state.set(VaultState.Value.ERROR);
+					vault.setLastKnownException(e);
+					yield VaultState.Value.ERROR;
+				}
 			}
-		} catch (IOException e) {
-			return VaultState.ERROR;
+			case ERROR, UNLOCKED, PROCESSING -> previousState;
+		};
+	}
+
+	private static VaultState.Value determineVaultState(Path pathToVault) throws IOException {
+		if (!CryptoFileSystemProvider.containsVault(pathToVault, MASTERKEY_FILENAME)) {
+			return VaultState.Value.MISSING;
+		} else if (Migrators.get().needsMigration(pathToVault, MASTERKEY_FILENAME)) {
+			return VaultState.Value.NEEDS_MIGRATION;
+		} else {
+			return VaultState.Value.LOCKED;
 		}
 	}
 

main/commons/src/main/java/org/cryptomator/common/vaults/VaultModule.java

@@ -7,14 +7,6 @@ package org.cryptomator.common.vaults;
 
 import dagger.Module;
 import dagger.Provides;
-import javafx.beans.binding.Bindings;
-import javafx.beans.binding.StringBinding;
-import javafx.beans.property.BooleanProperty;
-import javafx.beans.property.ObjectProperty;
-import javafx.beans.property.ReadOnlyBooleanProperty;
-import javafx.beans.property.ReadOnlyStringProperty;
-import javafx.beans.property.SimpleObjectProperty;
-import javafx.beans.property.StringProperty;
 import org.apache.commons.lang3.SystemUtils;
 import org.cryptomator.common.settings.Settings;
 import org.cryptomator.common.settings.VaultSettings;
@@ -23,6 +15,14 @@ import org.cryptomator.cryptofs.CryptoFileSystem;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.annotation.Nullable;
+import javax.inject.Named;
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.StringBinding;
+import javafx.beans.property.BooleanProperty;
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.ReadOnlyBooleanProperty;
+import javafx.beans.property.SimpleObjectProperty;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
@@ -41,11 +41,13 @@ public class VaultModule {
 	}
 
 	@Provides
+	@Named("lastKnownException")
 	@PerVault
-	public ObjectProperty<VaultState> provideVaultState(VaultState initialState) {
-		return new SimpleObjectProperty<>(initialState);
+	public ObjectProperty<Exception> provideLastKnownException(@Named("lastKnownException") @Nullable Exception initialErrorCause) {
+		return new SimpleObjectProperty<>(initialErrorCause);
 	}
 
+
 	@Provides
 	public Volume provideVolume(Settings settings, WebDavVolume webDavVolume, FuseVolume fuseVolume, DokanyVolume dokanyVolume) {
 		VolumeImpl preferredImpl = settings.preferredVolumeImpl().get();
@@ -67,7 +69,7 @@ public class VaultModule {
 	@DefaultMountFlags
 	public StringBinding provideDefaultMountFlags(Settings settings, VaultSettings vaultSettings) {
 		ObjectProperty<VolumeImpl> preferredVolumeImpl = settings.preferredVolumeImpl();
-		StringProperty mountName = vaultSettings.mountName();
+		StringBinding mountName = vaultSettings.mountName();
 		BooleanProperty readOnly = vaultSettings.usesReadOnlyMode();
 
 		return Bindings.createStringBinding(() -> {
@@ -76,6 +78,8 @@ public class VaultModule {
 				return getMacFuseDefaultMountFlags(mountName, readOnly);
 			} else if (v == VolumeImpl.FUSE && SystemUtils.IS_OS_LINUX) {
 				return getLinuxFuseDefaultMountFlags(readOnly);
+			} else if (v == VolumeImpl.FUSE && SystemUtils.IS_OS_WINDOWS) {
+				return getWindowsFuseDefaultMountFlags(mountName, readOnly);
 			} else if (v == VolumeImpl.DOKANY && SystemUtils.IS_OS_WINDOWS) {
 				return getDokanyDefaultMountFlags(readOnly);
 			} else {
@@ -85,13 +89,13 @@ public class VaultModule {
 	}
 
 	// see: https://github.com/osxfuse/osxfuse/wiki/Mount-options
-	private String getMacFuseDefaultMountFlags(ReadOnlyStringProperty mountName, ReadOnlyBooleanProperty readOnly) {
+	private String getMacFuseDefaultMountFlags(StringBinding mountName, ReadOnlyBooleanProperty readOnly) {
 		assert SystemUtils.IS_OS_MAC_OSX;
 		StringBuilder flags = new StringBuilder();
 		if (readOnly.get()) {
 			flags.append(" -ordonly");
 		}
-		flags.append(" -ovolname=").append(mountName.get());
+		flags.append(" -ovolname=").append('"').append(mountName.get()).append('"');
 		flags.append(" -oatomic_o_trunc");
 		flags.append(" -oauto_xattr");
 		flags.append(" -oauto_cache");
@@ -134,6 +138,28 @@ public class VaultModule {
 		return flags.toString().strip();
 	}
 
+	// see https://github.com/billziss-gh/winfsp/blob/5d0b10d0b643652c00ebb4704dc2bb28e7244973/src/dll/fuse/fuse_main.c#L53-L62 for syntax guide
+	// see https://github.com/billziss-gh/winfsp/blob/5d0b10d0b643652c00ebb4704dc2bb28e7244973/src/dll/fuse/fuse.c#L295-L319 for options (-o <...>)
+	// see https://github.com/billziss-gh/winfsp/wiki/Frequently-Asked-Questions/5ba00e4be4f5e938eaae6ef1500b331de12dee77 (FUSE 4.) on why the given defaults were choosen
+	private String getWindowsFuseDefaultMountFlags(StringBinding mountName, ReadOnlyBooleanProperty readOnly) {
+		assert SystemUtils.IS_OS_WINDOWS;
+		StringBuilder flags = new StringBuilder();
+
+		//WinFSP has no explicit "readonly"-option, nut not setting the group/user-id has the same effect, tho.
+		//So for the time being not setting them is the way to go...
+		//See: https://github.com/billziss-gh/winfsp/issues/319
+		if (!readOnly.get()) {
+			flags.append(" -ouid=-1");
+			flags.append(" -ogid=11");
+		}
+		flags.append(" -ovolname=").append('"').append(mountName.get()).append('"');
+		//Dokany requires this option to be set, WinFSP doesn't seem to share this peculiarity,
+		//but the option exists. Let's keep this here in case we need it.
+//		flags.append(" -oThreadCount=").append(5);
+
+		return flags.toString().strip();
+	}
+
 	// see https://github.com/cryptomator/dokany-nio-adapter/blob/develop/src/main/java/org/cryptomator/frontend/dokany/MountUtil.java#L30-L34
 	private String getDokanyDefaultMountFlags(ReadOnlyBooleanProperty readOnly) {
 		assert SystemUtils.IS_OS_WINDOWS;

main/commons/src/main/java/org/cryptomator/common/vaults/VaultState.java

@@ -1,34 +1,141 @@
 package org.cryptomator.common.vaults;
 
-public enum VaultState {
-	/**
-	 * No vault found at the provided path 
-	 */
-	MISSING,
+import com.google.common.base.Preconditions;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javafx.application.Platform;
+import javafx.beans.value.ObservableObjectValue;
+import javafx.beans.value.ObservableValueBase;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicReference;
+import java.util.concurrent.locks.Condition;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReentrantLock;
+
+@PerVault
+public class VaultState extends ObservableValueBase<VaultState.Value> implements ObservableObjectValue<VaultState.Value> {
+
+	private static final Logger LOG = LoggerFactory.getLogger(VaultState.class);
+
+	public enum Value {
+		/**
+		 * No vault found at the provided path
+		 */
+		MISSING,
+
+		/**
+		 * Vault requires migration to a newer vault format
+		 */
+		NEEDS_MIGRATION,
+
+		/**
+		 * Vault ready to be unlocked
+		 */
+		LOCKED,
+
+		/**
+		 * Vault in transition between two other states
+		 */
+		PROCESSING,
+
+		/**
+		 * Vault is unlocked
+		 */
+		UNLOCKED,
+
+		/**
+		 * Unknown state due to preceeding unrecoverable exceptions.
+		 */
+		ERROR;
+	}
+
+	private final AtomicReference<Value> value;
+	private final Lock lock = new ReentrantLock();
+	private final Condition valueChanged = lock.newCondition();
+
+	@Inject
+	public VaultState(VaultState.Value initialValue) {
+		this.value = new AtomicReference<>(initialValue);
+	}
+
+	@Override
+	public Value get() {
+		return getValue();
+	}
+
+	@Override
+	public Value getValue() {
+		return value.get();
+	}
 
 	/**
-	 * Vault requires migration to a newer vault format
+	 * Transitions from <code>fromState</code> to <code>toState</code>.
+	 *
+	 * @param fromState Previous state
+	 * @param toState New state
+	 * @return <code>true</code> if successful
 	 */
-	NEEDS_MIGRATION,
+	public boolean transition(Value fromState, Value toState) {
+		Preconditions.checkArgument(fromState != toState, "fromState must be different than toState");
+		boolean success = value.compareAndSet(fromState, toState);
+		if (success) {
+			fireValueChangedEvent();
+		} else {
+			LOG.debug("Failed transiting into state {}: Expected state was not{}.", fromState, toState);
+		}
+		return success;
+	}
+
+	public void set(Value newState) {
+		var oldState = value.getAndSet(newState);
+		if (oldState != newState) {
+			fireValueChangedEvent();
+		}
+	}
 
 	/**
-	 * Vault ready to be unlocked
+	 * Waits for the specified time, until the desired state is reached.
+	 *
+	 * @param desiredState what state to wait for
+	 * @param time the maximum time to wait
+	 * @param unit the time unit of the {@code time} argument
+	 * @return {@code false} if the waiting time detectably elapsed before reaching {@code desiredState}
+	 * @throws InterruptedException if the current thread is interrupted
 	 */
-	LOCKED,
+	public boolean awaitState(Value desiredState, long time, TimeUnit unit) throws InterruptedException {
+		lock.lock();
+		try {
+			long remaining = TimeUnit.NANOSECONDS.convert(time, unit);
+			while (value.get() != desiredState) {
+				if (remaining <= 0L) {
+					return false;
+				}
+				remaining = valueChanged.awaitNanos(remaining);
+			}
+			return true;
+		} finally {
+			lock.unlock();
+		}
+	}
 
-	/**
-	 * Vault in transition between two other states
-	 */
-	PROCESSING,
-
-	/**
-	 * Vault is unlocked
-	 */
-	UNLOCKED,
-
-	/**
-	 * Unknown state due to preceeding unrecoverable exceptions.
-	 */
-	ERROR;
+	private void signal() {
+		lock.lock();
+		try {
+			valueChanged.signalAll();
+		} finally {
+			lock.unlock();
+		}
+	}
 
+	@Override
+	protected void fireValueChangedEvent() {
+		signal();
+		if (Platform.isFxApplicationThread()) {
+			super.fireValueChangedEvent();
+		} else {
+			Platform.runLater(super::fireValueChangedEvent);
+		}
+	}
 }

main/commons/src/main/java/org/cryptomator/common/vaults/VaultStats.java

@@ -1,19 +1,21 @@
 package org.cryptomator.common.vaults;
 
-import javafx.application.Platform;
-import javafx.beans.Observable;
-import javafx.beans.property.LongProperty;
-import javafx.beans.property.ObjectProperty;
-import javafx.beans.property.SimpleLongProperty;
-import javafx.concurrent.ScheduledService;
-import javafx.concurrent.Task;
-import javafx.util.Duration;
 import org.cryptomator.cryptofs.CryptoFileSystem;
 import org.cryptomator.cryptofs.CryptoFileSystemStats;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.inject.Inject;
+import javafx.application.Platform;
+import javafx.beans.Observable;
+import javafx.beans.property.DoubleProperty;
+import javafx.beans.property.LongProperty;
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.SimpleDoubleProperty;
+import javafx.beans.property.SimpleLongProperty;
+import javafx.concurrent.ScheduledService;
+import javafx.concurrent.Task;
+import javafx.util.Duration;
 import java.util.Optional;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.atomic.AtomicReference;
@@ -24,13 +26,22 @@ public class VaultStats {
 	private static final Logger LOG = LoggerFactory.getLogger(VaultStats.class);
 
 	private final AtomicReference<CryptoFileSystem> fs;
-	private final ObjectProperty<VaultState> state;
+	private final VaultState state;
 	private final ScheduledService<Optional<CryptoFileSystemStats>> updateService;
 	private final LongProperty bytesPerSecondRead = new SimpleLongProperty();
 	private final LongProperty bytesPerSecondWritten = new SimpleLongProperty();
+	private final LongProperty bytesPerSecondEncrypted = new SimpleLongProperty();
+	private final LongProperty bytesPerSecondDecrypted = new SimpleLongProperty();
+	private final DoubleProperty cacheHitRate = new SimpleDoubleProperty();
+	private final LongProperty toalBytesRead = new SimpleLongProperty();
+	private final LongProperty toalBytesWritten = new SimpleLongProperty();
+	private final LongProperty totalBytesEncrypted = new SimpleLongProperty();
+	private final LongProperty totalBytesDecrypted = new SimpleLongProperty();
+	private final LongProperty filesRead = new SimpleLongProperty();
+	private final LongProperty filesWritten = new SimpleLongProperty();
 
 	@Inject
-	VaultStats(AtomicReference<CryptoFileSystem> fs, ObjectProperty<VaultState> state, ExecutorService executor) {
+	VaultStats(AtomicReference<CryptoFileSystem> fs, VaultState state, ExecutorService executor) {
 		this.fs = fs;
 		this.state = state;
 		this.updateService = new UpdateStatsService();
@@ -41,27 +52,48 @@ public class VaultStats {
 	}
 
 	private void vaultStateChanged(@SuppressWarnings("unused") Observable observable) {
-		switch (state.get()) {
-			case UNLOCKED:
-				assert fs.get() != null;
-				LOG.debug("start recording stats");
-				updateService.restart();
-				break;
-			default:
-				LOG.debug("stop recording stats");
-				updateService.cancel();
-				break;
+		if (VaultState.Value.UNLOCKED == state.get()) {
+			assert fs.get() != null;
+			LOG.debug("start recording stats");
+			Platform.runLater(() -> updateService.restart());
+		} else {
+			LOG.debug("stop recording stats");
+			Platform.runLater(() -> updateService.cancel());
 		}
 	}
 
 	private void updateStats(Optional<CryptoFileSystemStats> stats) {
 		assert Platform.isFxApplicationThread();
-		bytesPerSecondRead.set(stats.map(CryptoFileSystemStats::pollBytesRead).orElse(0l));
-		bytesPerSecondWritten.set(stats.map(CryptoFileSystemStats::pollBytesWritten).orElse(0l));
+		bytesPerSecondRead.set(stats.map(CryptoFileSystemStats::pollBytesRead).orElse(0L));
+		bytesPerSecondWritten.set(stats.map(CryptoFileSystemStats::pollBytesWritten).orElse(0L));
+		cacheHitRate.set(stats.map(this::getCacheHitRate).orElse(0.0));
+		bytesPerSecondDecrypted.set(stats.map(CryptoFileSystemStats::pollBytesDecrypted).orElse(0L));
+		bytesPerSecondEncrypted.set(stats.map(CryptoFileSystemStats::pollBytesEncrypted).orElse(0L));
+		toalBytesRead.set(stats.map(CryptoFileSystemStats::pollTotalBytesRead).orElse(0L));
+		toalBytesWritten.set(stats.map(CryptoFileSystemStats::pollTotalBytesWritten).orElse(0L));
+		totalBytesEncrypted.set(stats.map(CryptoFileSystemStats::pollTotalBytesEncrypted).orElse(0L));
+		totalBytesDecrypted.set(stats.map(CryptoFileSystemStats::pollTotalBytesDecrypted).orElse(0L));
+		filesRead.set(stats.map(CryptoFileSystemStats::pollAmountOfAccessesRead).orElse(0L));
+		filesWritten.set(stats.map(CryptoFileSystemStats::pollAmountOfAccessesWritten).orElse(0L));
+
+	}
+
+	private double getCacheHitRate(CryptoFileSystemStats stats) {
+		long accesses = stats.pollChunkCacheAccesses();
+		long hits = stats.pollChunkCacheHits();
+		if (accesses == 0) {
+			return 0.0;
+		} else {
+			return hits / (double) accesses;
+		}
 	}
 
 	private class UpdateStatsService extends ScheduledService<Optional<CryptoFileSystemStats>> {
 
+		private UpdateStatsService() {
+			setOnFailed(event -> LOG.error("Error in UpdateStateService.", getException()));
+		}
+
 		@Override
 		protected Task<Optional<CryptoFileSystemStats>> createTask() {
 			return new Task<>() {
@@ -97,4 +129,50 @@ public class VaultStats {
 	public long getBytesPerSecondWritten() {
 		return bytesPerSecondWritten.get();
 	}
+
+	public LongProperty bytesPerSecondEncryptedProperty() {
+		return bytesPerSecondEncrypted;
+	}
+
+	public long getBytesPerSecondEnrypted() {
+		return bytesPerSecondEncrypted.get();
+	}
+
+	public LongProperty bytesPerSecondDecryptedProperty() {
+		return bytesPerSecondDecrypted;
+	}
+
+	public long getBytesPerSecondDecrypted() {
+		return bytesPerSecondDecrypted.get();
+	}
+
+	public DoubleProperty cacheHitRateProperty() { return cacheHitRate; }
+
+	public double getCacheHitRate() {
+		return cacheHitRate.get();
+	}
+
+	public LongProperty toalBytesReadProperty() {return toalBytesRead;}
+
+	public long getTotalBytesRead() { return toalBytesRead.get();}
+
+	public LongProperty toalBytesWrittenProperty() {return toalBytesWritten;}
+
+	public long getTotalBytesWritten() { return toalBytesWritten.get();}
+
+	public LongProperty totalBytesEncryptedProperty() {return totalBytesEncrypted;}
+
+	public long getTotalBytesEncrypted() { return totalBytesEncrypted.get();}
+
+	public LongProperty totalBytesDecryptedProperty() {return totalBytesDecrypted;}
+
+	public long getTotalBytesDecrypted() { return totalBytesDecrypted.get();}
+
+	public LongProperty filesRead() { return filesRead;}
+
+	public long getFilesRead() { return filesRead.get();}
+
+	public LongProperty filesWritten() {return filesWritten;}
+
+	public long getFilesWritten() {return filesWritten.get();}
 }

main/commons/src/main/java/org/cryptomator/common/vaults/Volume.java

@@ -1,11 +1,14 @@
 package org.cryptomator.common.vaults;
 
+import org.cryptomator.common.mountpoint.InvalidMountPointException;
 import org.cryptomator.common.settings.VolumeImpl;
 import org.cryptomator.cryptofs.CryptoFileSystem;
 
 import java.io.IOException;
 import java.nio.file.Path;
 import java.util.Optional;
+import java.util.concurrent.CompletionStage;
+import java.util.function.Consumer;
 import java.util.stream.Stream;
 
 /**
@@ -20,18 +23,35 @@ public interface Volume {
 	 */
 	boolean isSupported();
 
+	/**
+	 * Gets the coresponding enum type of the {@link VolumeImpl volume implementation ("VolumeImpl")} that is implemented by this Volume.
+	 *
+	 * @return the type of implementation as defined by the {@link VolumeImpl VolumeImpl enum}
+	 */
+	VolumeImpl getImplementationType();
+
 	/**
 	 * @param fs
 	 * @throws IOException
 	 */
-	void mount(CryptoFileSystem fs, String mountFlags) throws IOException, VolumeException;
+	void mount(CryptoFileSystem fs, String mountFlags, Consumer<Throwable> onExitAction) throws IOException, VolumeException, InvalidMountPointException;
 
-	void reveal() throws VolumeException;
+	/**
+	 * Reveals the mounted volume.
+	 * <p>
+	 * The given {@code revealer} might be used to do it, but not necessarily.
+	 *
+	 * @param revealer An object capable of revealing the location of the mounted vault to view the content (e.g. in the default file browser).
+	 * @throws VolumeException
+	 */
+	void reveal(Revealer revealer) throws VolumeException;
 
 	void unmount() throws VolumeException;
 
 	Optional<Path> getMountPoint();
 
+	MountPointRequirement getMountPointRequirement();
+
 	// optional forced unmounting:
 
 	default boolean supportsForcedUnmount() {
@@ -43,17 +63,10 @@ public interface Volume {
 	}
 
 	static VolumeImpl[] getCurrentSupportedAdapters() {
-		return Stream.of(VolumeImpl.values()).filter(impl -> {
-			switch (impl) {
-				case WEBDAV:
-					return WebDavVolume.isSupportedStatic();
-				case DOKANY:
-					return DokanyVolume.isSupportedStatic();
-				case FUSE:
-					return FuseVolume.isSupportedStatic();
-				default:
-					return false;//throw new IllegalStateException("Adapter not implemented.");
-			}
+		return Stream.of(VolumeImpl.values()).filter(impl -> switch (impl) {
+			case WEBDAV -> WebDavVolume.isSupportedStatic();
+			case DOKANY -> DokanyVolume.isSupportedStatic();
+			case FUSE -> FuseVolume.isSupportedStatic();
 		}).toArray(VolumeImpl[]::new);
 	}
 
@@ -76,4 +89,14 @@ public interface Volume {
 
 	}
 
+	/**
+	 * Hides and unifies the different Revealer implementations in the different nio-adapters.
+	 */
+	@FunctionalInterface
+	interface Revealer {
+
+		void reveal(Path p) throws VolumeException;
+
+	}
+
 }

main/commons/src/main/java/org/cryptomator/common/vaults/WebDavVolume.java

@@ -1,8 +1,10 @@
 package org.cryptomator.common.vaults;
 
 
+import com.google.common.base.CharMatcher;
 import org.cryptomator.common.settings.Settings;
 import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.settings.VolumeImpl;
 import org.cryptomator.cryptofs.CryptoFileSystem;
 import org.cryptomator.frontend.webdav.WebDavServer;
 import org.cryptomator.frontend.webdav.mount.MountParams;
@@ -15,6 +17,8 @@ import java.net.InetAddress;
 import java.net.UnknownHostException;
 import java.nio.file.Path;
 import java.util.Optional;
+import java.util.function.Consumer;
+import java.util.function.Supplier;
 
 public class WebDavVolume implements Volume {
 
@@ -23,55 +27,71 @@ public class WebDavVolume implements Volume {
 	private final Provider<WebDavServer> serverProvider;
 	private final VaultSettings vaultSettings;
 	private final Settings settings;
+	private final WindowsDriveLetters windowsDriveLetters;
 
 	private WebDavServer server;
 	private WebDavServletController servlet;
 	private Mounter.Mount mount;
-	private Path mountPoint;
+	private Consumer<Throwable> onExitAction;
 
 	@Inject
-	public WebDavVolume(Provider<WebDavServer> serverProvider, VaultSettings vaultSettings, Settings settings) {
+	public WebDavVolume(Provider<WebDavServer> serverProvider, VaultSettings vaultSettings, Settings settings, WindowsDriveLetters windowsDriveLetters) {
 		this.serverProvider = serverProvider;
 		this.vaultSettings = vaultSettings;
 		this.settings = settings;
+		this.windowsDriveLetters = windowsDriveLetters;
 	}
 
 	@Override
-	public void mount(CryptoFileSystem fs, String mountFlags) throws VolumeException {
+	public void mount(CryptoFileSystem fs, String mountFlags, Consumer<Throwable> onExitAction) throws VolumeException {
+		startServlet(fs);
+		mountServlet();
+		this.onExitAction = onExitAction;
+	}
+
+	private void startServlet(CryptoFileSystem fs) {
 		if (server == null) {
 			server = serverProvider.get();
 		}
 		if (!server.isRunning()) {
 			server.start();
 		}
-		servlet = server.createWebDavServlet(fs.getPath("/"), vaultSettings.getId() + "/" + vaultSettings.mountName().get());
+		CharMatcher acceptable = CharMatcher.inRange('0', '9').or(CharMatcher.inRange('A', 'Z')).or(CharMatcher.inRange('a', 'z'));
+		String urlConformMountName = acceptable.negate().collapseFrom(vaultSettings.mountName().get(), '_');
+		servlet = server.createWebDavServlet(fs.getPath("/"), vaultSettings.getId() + "/" + urlConformMountName);
 		servlet.start();
-		mount();
 	}
 
-	private void mount() throws VolumeException {
+	private void mountServlet() throws VolumeException {
 		if (servlet == null) {
 			throw new IllegalStateException("Mounting requires unlocked WebDAV servlet.");
 		}
+
+		//on windows, prevent an automatic drive letter selection in the upstream library. Either we choose already a specifc one or there is no free.
+		Supplier<String> driveLetterSupplier;
+		if (System.getProperty("os.name").toLowerCase().contains("windows") && vaultSettings.winDriveLetter().isEmpty().get()) {
+			driveLetterSupplier = () -> windowsDriveLetters.getAvailableDriveLetter().orElse(null);
+		} else {
+			driveLetterSupplier = () -> vaultSettings.winDriveLetter().get();
+		}
+
 		MountParams mountParams = MountParams.create() //
-				.withWindowsDriveLetter(vaultSettings.winDriveLetter().get()) //
+				.withWindowsDriveLetter(driveLetterSupplier.get()) //
 				.withPreferredGvfsScheme(settings.preferredGvfsScheme().get().getPrefix())//
 				.withWebdavHostname(getLocalhostAliasOrNull()) //
 				.build();
 		try {
 			this.mount = servlet.mount(mountParams); // might block this thread for a while
 		} catch (Mounter.CommandFailedException e) {
-			e.printStackTrace();
 			throw new VolumeException(e);
 		}
 	}
 
 	@Override
-	public void reveal() throws VolumeException {
+	public void reveal(Revealer revealer) throws VolumeException {
 		try {
-			mount.reveal();
-		} catch (Mounter.CommandFailedException e) {
-			e.printStackTrace();
+			mount.reveal(revealer::reveal);
+		} catch (Exception e) {
 			throw new VolumeException(e);
 		}
 	}
@@ -84,6 +104,7 @@ public class WebDavVolume implements Volume {
 			throw new VolumeException(e);
 		}
 		cleanup();
+		onExitAction.accept(null);
 	}
 
 	@Override
@@ -94,11 +115,17 @@ public class WebDavVolume implements Volume {
 			throw new VolumeException(e);
 		}
 		cleanup();
+		onExitAction.accept(null);
 	}
 
 	@Override
 	public Optional<Path> getMountPoint() {
-		return Optional.ofNullable(mountPoint);
+		return mount.getMountPoint();
+	}
+
+	@Override
+	public MountPointRequirement getMountPointRequirement() {
+		return MountPointRequirement.NONE;
 	}
 
 	private String getLocalhostAliasOrNull() {
@@ -126,6 +153,11 @@ public class WebDavVolume implements Volume {
 		return WebDavVolume.isSupportedStatic();
 	}
 
+	@Override
+	public VolumeImpl getImplementationType() {
+		return VolumeImpl.WEBDAV;
+	}
+
 	@Override
 	public boolean supportsForcedUnmount() {
 		return mount != null && mount.forced().isPresent();

main/commons/src/main/java/org/cryptomator/common/vaults/WindowsDriveLetters.java

@@ -5,16 +5,16 @@
  *******************************************************************************/
 package org.cryptomator.common.vaults;
 
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Sets;
 import org.apache.commons.lang3.SystemUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import javax.inject.Inject;
 import javax.inject.Singleton;
 import java.nio.file.FileSystems;
 import java.nio.file.Path;
+import java.util.Optional;
 import java.util.Set;
-import java.util.function.Predicate;
 import java.util.stream.Collectors;
 import java.util.stream.IntStream;
 import java.util.stream.StreamSupport;
@@ -22,12 +22,11 @@ import java.util.stream.StreamSupport;
 @Singleton
 public final class WindowsDriveLetters {
 
-	private static final Logger LOG = LoggerFactory.getLogger(WindowsDriveLetters.class);
-	private static final Set<Path> D_TO_Z;
+	private static final Set<String> C_TO_Z;
 
 	static {
-		try (IntStream stream = IntStream.rangeClosed('D', 'Z')) {
-			D_TO_Z = stream.mapToObj(i -> Path.of(((char) i)+":\\")).collect(Collectors.toSet());
+		try (IntStream stream = IntStream.rangeClosed('C', 'Z')) {
+			C_TO_Z = stream.mapToObj(i -> String.valueOf((char) i)).collect(ImmutableSet.toImmutableSet());
 		}
 	}
 
@@ -35,20 +34,32 @@ public final class WindowsDriveLetters {
 	public WindowsDriveLetters() {
 	}
 
-	public Set<Path> getOccupiedDriveLetters() {
+	public Set<String> getAllDriveLetters() {
+		return C_TO_Z;
+	}
+
+	public Set<String> getOccupiedDriveLetters() {
 		if (!SystemUtils.IS_OS_WINDOWS) {
-			LOG.warn("Attempted to get occupied drive letters on non-Windows machine.");
 			return Set.of();
 		} else {
 			Iterable<Path> rootDirs = FileSystems.getDefault().getRootDirectories();
-			return StreamSupport.stream(rootDirs.spliterator(), false).collect(Collectors.toSet());
+			return StreamSupport.stream(rootDirs.spliterator(), false).map(p -> p.toString().substring(0, 1)).collect(Collectors.toSet());
 		}
 	}
 
-	public Set<Path> getAvailableDriveLetters() {
-		Set<Path> occupiedDriveLetters = getOccupiedDriveLetters();
-		Predicate<Path> isOccupiedDriveLetter = occupiedDriveLetters::contains;
-		return D_TO_Z.stream().filter(isOccupiedDriveLetter.negate()).collect(Collectors.toSet());
+	public Set<String> getAvailableDriveLetters() {
+		return Sets.difference(getAllDriveLetters(), getOccupiedDriveLetters());
 	}
 
+	public Optional<String> getAvailableDriveLetter() {
+		return getAvailableDriveLetters().stream().findFirst();
+	}
+
+	public Optional<Path> getAvailableDriveLetterPath() {
+		return getAvailableDriveLetter().map(this::toPath);
+	}
+
+	public Path toPath(String driveLetter) {
+		return Path.of(driveLetter + ":\\");
+	}
 }

main/commons/src/test/java/org/cryptomator/common/EnvironmentTest.java

@@ -8,6 +8,7 @@ import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
+import org.mockito.Mockito;
 
 import java.nio.file.Path;
 import java.nio.file.Paths;
@@ -20,14 +21,10 @@ class EnvironmentTest {
 
 	private Environment env;
 
-	@BeforeAll
-	static void init() {
-		System.setProperty("user.home", "/home/testuser");
-	}
-
 	@BeforeEach
-	void initEach() {
-		env = new Environment();
+	void init() {
+		env = Mockito.spy(new Environment());
+		Mockito.when(env.getHomeDir()).thenReturn(Path.of("/home/testuser"));
 	}
 
 	@Test
@@ -35,9 +32,9 @@ class EnvironmentTest {
 	public void testSettingsPath() {
 		System.setProperty("cryptomator.settingsPath", "~/.config/Cryptomator/settings.json:~/.Cryptomator/settings.json");
 
-		List<Path> result = env.getSettingsPath().collect(Collectors.toList());
+		List<Path> result = env.getSettingsPath().toList();
 		MatcherAssert.assertThat(result, Matchers.hasSize(2));
-		MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/.config/Cryptomator/settings.json"),
+		MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/.config/Cryptomator/settings.json"), //
 				Paths.get("/home/testuser/.Cryptomator/settings.json")));
 	}
 
@@ -46,9 +43,9 @@ class EnvironmentTest {
 	public void testIpcPortPath() {
 		System.setProperty("cryptomator.ipcPortPath", "~/.config/Cryptomator/ipcPort.bin:~/.Cryptomator/ipcPort.bin");
 
-		List<Path> result = env.getIpcPortPath().collect(Collectors.toList());
+		List<Path> result = env.getIpcPortPath().toList();
 		MatcherAssert.assertThat(result, Matchers.hasSize(2));
-		MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/.config/Cryptomator/ipcPort.bin"),
+		MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/.config/Cryptomator/ipcPort.bin"), //
 				Paths.get("/home/testuser/.Cryptomator/ipcPort.bin")));
 	}
 
@@ -57,7 +54,7 @@ class EnvironmentTest {
 	public void testKeychainPath() {
 		System.setProperty("cryptomator.keychainPath", "~/AppData/Roaming/Cryptomator/keychain.json");
 
-		List<Path> result = env.getKeychainPath().collect(Collectors.toList());
+		List<Path> result = env.getKeychainPath().toList();
 		MatcherAssert.assertThat(result, Matchers.hasSize(1));
 		MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/AppData/Roaming/Cryptomator/keychain.json")));
 	}
@@ -91,7 +88,7 @@ class EnvironmentTest {
 		@DisplayName("test.path.property=")
 		public void testEmptyList() {
 			System.setProperty("test.path.property", "");
-			List<Path> result = env.getPaths("test.path.property").collect(Collectors.toList());
+			List<Path> result = env.getPaths("test.path.property").toList();
 
 			MatcherAssert.assertThat(result, Matchers.hasSize(0));
 		}
@@ -100,7 +97,7 @@ class EnvironmentTest {
 		@DisplayName("test.path.property=/foo/bar/test")
 		public void testSingleAbsolutePath() {
 			System.setProperty("test.path.property", "/foo/bar/test");
-			List<Path> result = env.getPaths("test.path.property").collect(Collectors.toList());
+			List<Path> result = env.getPaths("test.path.property").toList();
 
 			MatcherAssert.assertThat(result, Matchers.hasSize(1));
 			MatcherAssert.assertThat(result, Matchers.hasItem(Paths.get("/foo/bar/test")));
@@ -110,7 +107,7 @@ class EnvironmentTest {
 		@DisplayName("test.path.property=~/test")
 		public void testSingleHomeRelativePath() {
 			System.setProperty("test.path.property", "~/test");
-			List<Path> result = env.getPaths("test.path.property").collect(Collectors.toList());
+			List<Path> result = env.getPaths("test.path.property").toList();
 
 			MatcherAssert.assertThat(result, Matchers.hasSize(1));
 			MatcherAssert.assertThat(result, Matchers.hasItem(Paths.get("/home/testuser/test")));
@@ -120,11 +117,11 @@ class EnvironmentTest {
 		@DisplayName("test.path.property=~/test:~/test2:/foo/bar/test")
 		public void testMultiplePaths() {
 			System.setProperty("test.path.property", "~/test:~/test2:/foo/bar/test");
-			List<Path> result = env.getPaths("test.path.property").collect(Collectors.toList());
+			List<Path> result = env.getPaths("test.path.property").toList();
 
 			MatcherAssert.assertThat(result, Matchers.hasSize(3));
-			MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/test"),
-					Paths.get("/home/testuser/test2"),
+			MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/test"), //
+					Paths.get("/home/testuser/test2"), //
 					Paths.get("/foo/bar/test")));
 		}
 

main/commons/src/test/java/org/cryptomator/common/LicenseCheckerTest.java

@@ -0,0 +1,63 @@
+package org.cryptomator.common;
+
+import com.auth0.jwt.interfaces.DecodedJWT;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import java.util.Optional;
+
+class LicenseCheckerTest {
+
+	private static final String PUBLIC_KEY = """
+			MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBgc4HZz+/fBbC7lmEww0AO3NK9wVZ\
+			PDZ0VEnsaUFLEYpTzb90nITtJUcPUbvOsdZIZ1Q8fnbquAYgxXL5UgHMoywAib47\
+			6MkyyYgPk0BXZq3mq4zImTRNuaU9slj9TVJ3ScT3L1bXwVuPJDzpr5GOFpaj+WwM\
+			Al8G7CqwoJOsW7Kddns=\
+			""";
+
+	private LicenseChecker licenseChecker;
+
+	@BeforeEach
+	public void setup() {
+		licenseChecker = new LicenseChecker(PUBLIC_KEY);
+	}
+
+	@Test
+	public void testCheckValidLicense() {
+		String license = "eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6InhaRGZacHJ5NFA5dlpQWnlHMmZOQlJqLTdMejVvbVZkbTd0SG9DZ1NOZlkifQ.eyJzdWIiOiJjcnlwdG9ib3RAZXhhbXBsZS5jb20iLCJpYXQiOjE1MTYyMzkwMjJ9.AQaBIKQdNCxmRJi2wLOcbagTgi39WhdWwgdpKTYSPicg-aPr_tst_RjmnqMemx3cBe0Blr4nEbj_lAtSKHz_i61fAUyI1xCIAZYbK9Q3ICHIHQl3AiuCpBwFl-k81OB4QDYiKpEc9gLN5dhW_VymJMsgOvyiC0UjC91f2AM7s46byDNj";
+
+		Optional<DecodedJWT> decoded = licenseChecker.check(license);
+
+		Assertions.assertTrue(decoded.isPresent());
+		Assertions.assertEquals("cryptobot@example.com", decoded.get().getSubject());
+	}
+
+	@Test
+	public void testCheckInvalidLicenseHeader() {
+		String license = "EyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6InhaRGZacHJ5NFA5dlpQWnlHMmZOQlJqLTdMejVvbVZkbTd0SG9DZ1NOZlkifQ.eyJzdWIiOiJjcnlwdG9ib3RAZXhhbXBsZS5jb20iLCJpYXQiOjE1MTYyMzkwMjJ9.AQaBIKQdNCxmRJi2wLOcbagTgi39WhdWwgdpKTYSPicg-aPr_tst_RjmnqMemx3cBe0Blr4nEbj_lAtSKHz_i61fAUyI1xCIAZYbK9Q3ICHIHQl3AiuCpBwFl-k81OB4QDYiKpEc9gLN5dhW_VymJMsgOvyiC0UjC91f2AM7s46byDNj";
+
+		Optional<DecodedJWT> decoded = licenseChecker.check(license);
+
+		Assertions.assertFalse(decoded.isPresent());
+	}
+
+	@Test
+	public void testCheckInvalidLicensePayload() {
+		String license = "eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6InhaRGZacHJ5NFA5dlpQWnlHMmZOQlJqLTdMejVvbVZkbTd0SG9DZ1NOZlkifQ.EyJzdWIiOiJjcnlwdG9ib3RAZXhhbXBsZS5jb20iLCJpYXQiOjE1MTYyMzkwMjJ9.AQaBIKQdNCxmRJi2wLOcbagTgi39WhdWwgdpKTYSPicg-aPr_tst_RjmnqMemx3cBe0Blr4nEbj_lAtSKHz_i61fAUyI1xCIAZYbK9Q3ICHIHQl3AiuCpBwFl-k81OB4QDYiKpEc9gLN5dhW_VymJMsgOvyiC0UjC91f2AM7s46byDNj";
+
+		Optional<DecodedJWT> decoded = licenseChecker.check(license);
+
+		Assertions.assertFalse(decoded.isPresent());
+	}
+
+	@Test
+	public void testCheckInvalidLicenseSignature() {
+		String license = "eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6InhaRGZacHJ5NFA5dlpQWnlHMmZOQlJqLTdMejVvbVZkbTd0SG9DZ1NOZlkifQ.eyJzdWIiOiJjcnlwdG9ib3RAZXhhbXBsZS5jb20iLCJpYXQiOjE1MTYyMzkwMjJ9.aQaBIKQdNCxmRJi2wLOcbagTgi39WhdWwgdpKTYSPicg-aPr_tst_RjmnqMemx3cBe0Blr4nEbj_lAtSKHz_i61fAUyI1xCIAZYbK9Q3ICHIHQl3AiuCpBwFl-k81OB4QDYiKpEc9gLN5dhW_VymJMsgOvyiC0UjC91f2AM7s46byDNj";
+
+		Optional<DecodedJWT> decoded = licenseChecker.check(license);
+
+		Assertions.assertFalse(decoded.isPresent());
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/keychain/KeychainManagerTest.java

@@ -0,0 +1,58 @@
+package org.cryptomator.common.keychain;
+
+
+import org.cryptomator.integrations.keychain.KeychainAccessException;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+
+import javafx.application.Platform;
+import javafx.beans.property.ReadOnlyBooleanProperty;
+import javafx.beans.property.SimpleObjectProperty;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+
+
+public class KeychainManagerTest {
+
+	@Test
+	public void testStoreAndLoad() throws KeychainAccessException {
+		KeychainManager keychainManager = new KeychainManager(new SimpleObjectProperty<>(new MapKeychainAccess()));
+		keychainManager.storePassphrase("test", "asd");
+		Assertions.assertArrayEquals("asd".toCharArray(), keychainManager.loadPassphrase("test"));
+	}
+
+	@Nested
+	public static class WhenObservingProperties {
+
+		@BeforeAll
+		public static void startup() throws InterruptedException {
+			CountDownLatch latch = new CountDownLatch(1);
+			Platform.startup(latch::countDown);
+			latch.await(5, TimeUnit.SECONDS);
+		}
+
+		@Test
+		public void testPropertyChangesWhenStoringPassword() throws KeychainAccessException, InterruptedException {
+			KeychainManager keychainManager = new KeychainManager(new SimpleObjectProperty<>(new MapKeychainAccess()));
+			ReadOnlyBooleanProperty property = keychainManager.getPassphraseStoredProperty("test");
+			Assertions.assertEquals(false, property.get());
+
+			keychainManager.storePassphrase("test", "bar");
+
+			AtomicBoolean result = new AtomicBoolean(false);
+			CountDownLatch latch = new CountDownLatch(1);
+			Platform.runLater(() -> {
+				result.set(property.get());
+				latch.countDown();
+			});
+			latch.await(1, TimeUnit.SECONDS);
+			Assertions.assertEquals(true, result.get());
+		}
+
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/keychain/MapKeychainAccess.java

@@ -3,12 +3,14 @@
  * All rights reserved. This program and the accompanying materials
  * are made available under the terms of the accompanying LICENSE file.
  *******************************************************************************/
-package org.cryptomator.keychain;
+package org.cryptomator.common.keychain;
+
+import org.cryptomator.integrations.keychain.KeychainAccessProvider;
 
 import java.util.HashMap;
 import java.util.Map;
 
-class MapKeychainAccess implements KeychainAccessStrategy {
+class MapKeychainAccess implements KeychainAccessProvider {
 
 	private final Map<String, char[]> map = new HashMap<>();
 
@@ -31,9 +33,20 @@ class MapKeychainAccess implements KeychainAccessStrategy {
 		map.remove(key);
 	}
 
+	@Override
+	public void changePassphrase(String key, CharSequence passphrase) {
+		map.get(key);
+		storePassphrase(key, passphrase);
+	}
+
 	@Override
 	public boolean isSupported() {
 		return true;
 	}
 
+	@Override
+	public boolean isLocked() {
+		return false;
+	}
+
 }

main/commons/src/test/java/org/cryptomator/common/settings/SettingsJsonAdapterTest.java

@@ -5,24 +5,34 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
+import org.cryptomator.common.Environment;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
+import org.mockito.Mockito;
 
 import java.io.IOException;
 
 public class SettingsJsonAdapterTest {
 
-	private final SettingsJsonAdapter adapter = new SettingsJsonAdapter();
+	private final Environment env = Mockito.mock(Environment.class);
+	private final SettingsJsonAdapter adapter = new SettingsJsonAdapter(env);
 
 	@Test
 	public void testDeserialize() throws IOException {
-		String vault1Json = "{\"id\": \"1\", \"path\": \"/vault1\", \"mountName\": \"vault1\", \"winDriveLetter\": \"X\"}";
-		String vault2Json = "{\"id\": \"2\", \"path\": \"/vault2\", \"mountName\": \"vault2\", \"winDriveLetter\": \"Y\"}";
-		String json = "{\"directories\": [" + vault1Json + "," + vault2Json + "]," //
-				+ "\"checkForUpdatesEnabled\": true,"//
-				+ "\"port\": 8080,"//
-				+ "\"numTrayNotifications\": 42,"//
-				+ "\"preferredVolumeImpl\": \"FUSE\"}";
+		String json = """
+				{
+					"directories": [
+						{"id": "1", "path": "/vault1", "mountName": "vault1", "winDriveLetter": "X"},
+						{"id": "2", "path": "/vault2", "mountName": "vault2", "winDriveLetter": "Y"}
+					],
+					"checkForUpdatesEnabled": true,
+					"port": 8080,
+					"numTrayNotifications": 42,
+					"preferredVolumeImpl": "FUSE"
+				}
+				""";
 
 		Settings settings = adapter.fromJson(json);
 
@@ -34,4 +44,16 @@ public class SettingsJsonAdapterTest {
 		Assertions.assertEquals(VolumeImpl.FUSE, settings.preferredVolumeImpl().get());
 	}
 
+	@ParameterizedTest(name = "fromJson() should throw IOException for input: {0}")
+	@ValueSource(strings = { //
+			"", //
+			"<html>", //
+			"{invalidjson}" //
+	})
+	public void testDeserializeMalformed(String input) {
+		Assertions.assertThrows(IOException.class, () -> {
+			adapter.fromJson(input);
+		});
+	}
+
 }

main/commons/src/test/java/org/cryptomator/common/settings/SettingsTest.java

@@ -5,6 +5,7 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
+import org.cryptomator.common.Environment;
 import org.junit.jupiter.api.Test;
 import org.mockito.Mockito;
 
@@ -14,8 +15,10 @@ public class SettingsTest {
 
 	@Test
 	public void testAutoSave() {
+		Environment env = Mockito.mock(Environment.class);
 		@SuppressWarnings("unchecked") Consumer<Settings> changeListener = Mockito.mock(Consumer.class);
-		Settings settings = new Settings();
+
+		Settings settings = new Settings(env);
 		settings.setSaveCmd(changeListener);
 		VaultSettings vaultSettings = VaultSettings.withRandomId();
 		Mockito.verify(changeListener, Mockito.times(0)).accept(settings);
@@ -29,7 +32,7 @@ public class SettingsTest {
 		Mockito.verify(changeListener, Mockito.times(2)).accept(settings);
 
 		// third change (to property of list item):
-		vaultSettings.mountName().set("asd");
+		vaultSettings.displayName().set("asd");
 		Mockito.verify(changeListener, Mockito.times(3)).accept(settings);
 	}
 

main/commons/src/test/java/org/cryptomator/common/settings/VaultSettingsJsonAdapterTest.java

@@ -16,7 +16,6 @@ import java.io.IOException;
 import java.io.StringReader;
 import java.io.StringWriter;
 import java.nio.file.Paths;
-import java.util.Arrays;
 
 public class VaultSettingsJsonAdapterTest {
 
@@ -24,15 +23,15 @@ public class VaultSettingsJsonAdapterTest {
 
 	@Test
 	public void testDeserialize() throws IOException {
-		String json = "{\"id\": \"foo\", \"path\": \"/foo/bar\", \"mountName\": \"test\", \"winDriveLetter\": \"X\", \"shouldBeIgnored\": true, \"individualMountPath\": \"/home/test/crypto\", \"mountFlags\":\"--foo --bar\"}";
+		String json = "{\"id\": \"foo\", \"path\": \"/foo/bar\", \"displayName\": \"test\", \"winDriveLetter\": \"X\", \"shouldBeIgnored\": true, \"individualMountPath\": \"/home/test/crypto\", \"mountFlags\":\"--foo --bar\"}";
 		JsonReader jsonReader = new JsonReader(new StringReader(json));
 
 		VaultSettings vaultSettings = adapter.read(jsonReader);
 		Assertions.assertEquals("foo", vaultSettings.getId());
 		Assertions.assertEquals(Paths.get("/foo/bar"), vaultSettings.path().get());
-		Assertions.assertEquals("test", vaultSettings.mountName().get());
+		Assertions.assertEquals("test", vaultSettings.displayName().get());
 		Assertions.assertEquals("X", vaultSettings.winDriveLetter().get());
-		Assertions.assertEquals("/home/test/crypto", vaultSettings.individualMountPath().get());
+		Assertions.assertEquals("/home/test/crypto", vaultSettings.customMountPath().get());
 		Assertions.assertEquals("--foo --bar", vaultSettings.mountFlags().get());
 
 
@@ -42,7 +41,7 @@ public class VaultSettingsJsonAdapterTest {
 	public void testSerialize() throws IOException {
 		VaultSettings vaultSettings = new VaultSettings("test");
 		vaultSettings.path().set(Paths.get("/foo/bar"));
-		vaultSettings.mountName().set("mountyMcMountFace");
+		vaultSettings.displayName().set("mountyMcMountFace");
 		vaultSettings.mountFlags().set("--foo --bar");
 
 		StringWriter buf = new StringWriter();
@@ -51,12 +50,12 @@ public class VaultSettingsJsonAdapterTest {
 		String result = buf.toString();
 
 		MatcherAssert.assertThat(result, CoreMatchers.containsString("\"id\":\"test\""));
-		if(System.getProperty("os.name").contains("Windows")){
+		if (System.getProperty("os.name").contains("Windows")) {
 			MatcherAssert.assertThat(result, CoreMatchers.containsString("\"path\":\"\\\\foo\\\\bar\""));
 		} else {
 			MatcherAssert.assertThat(result, CoreMatchers.containsString("\"path\":\"/foo/bar\""));
 		}
-		MatcherAssert.assertThat(result, CoreMatchers.containsString("\"mountName\":\"mountyMcMountFace\""));
+		MatcherAssert.assertThat(result, CoreMatchers.containsString("\"displayName\":\"mountyMcMountFace\""));
 		MatcherAssert.assertThat(result, CoreMatchers.containsString("\"mountFlags\":\"--foo --bar\""));
 	}
 

main/commons/src/test/java/org/cryptomator/common/settings/VaultSettingsTest.java

@@ -8,19 +8,19 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
-import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.CsvSource;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
 public class VaultSettingsTest {
 
-	@Test
-	public void testNormalize() throws Exception {
-		assertEquals("_", VaultSettings.normalizeMountName(" "));
-		assertEquals("a", VaultSettings.normalizeMountName("ä"));
-		assertEquals("C", VaultSettings.normalizeMountName("Ĉ"));
-		assertEquals("_", VaultSettings.normalizeMountName(":"));
-		assertEquals("_", VaultSettings.normalizeMountName("汉语"));
+	@ParameterizedTest
+	@CsvSource({"a\u000Fa,a_a", ": \\,_ _", "汉语,汉语", "..,_", "a\ta,a\u0020a", "\t\n\r,_"})
+	public void testNormalize(String test, String expected) {
+		VaultSettings settings = new VaultSettings("id");
+		settings.displayName().setValue(test);
+		assertEquals(expected, settings.normalizeDisplayName());
 	}
 
 }

main/commons/src/test/java/org/cryptomator/common/vaults/VaultModuleTest.java

@@ -1,9 +1,5 @@
 package org.cryptomator.common.vaults;
 
-import javafx.beans.binding.StringBinding;
-import javafx.beans.property.SimpleBooleanProperty;
-import javafx.beans.property.SimpleObjectProperty;
-import javafx.beans.property.SimpleStringProperty;
 import org.cryptomator.common.settings.Settings;
 import org.cryptomator.common.settings.VaultSettings;
 import org.cryptomator.common.settings.VolumeImpl;
@@ -17,6 +13,11 @@ import org.junit.jupiter.api.condition.OS;
 import org.junit.jupiter.api.io.TempDir;
 import org.mockito.Mockito;
 
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.StringBinding;
+import javafx.beans.property.SimpleBooleanProperty;
+import javafx.beans.property.SimpleObjectProperty;
+import javafx.beans.property.SimpleStringProperty;
 import java.nio.file.Path;
 
 public class VaultModuleTest {
@@ -28,8 +29,9 @@ public class VaultModuleTest {
 
 	@BeforeEach
 	public void setup(@TempDir Path tmpDir) {
-		Mockito.when(vaultSettings.mountName()).thenReturn(new SimpleStringProperty("TEST"));
+		Mockito.when(vaultSettings.mountName()).thenReturn(Bindings.createStringBinding(() -> "TEST"));
 		Mockito.when(vaultSettings.usesReadOnlyMode()).thenReturn(new SimpleBooleanProperty(true));
+		Mockito.when(vaultSettings.displayName()).thenReturn(new SimpleStringProperty("Vault"));
 		System.setProperty("user.home", tmpDir.toString());
 	}
 
@@ -41,7 +43,7 @@ public class VaultModuleTest {
 
 		StringBinding result = module.provideDefaultMountFlags(settings, vaultSettings);
 
-		MatcherAssert.assertThat(result.get(), CoreMatchers.containsString("-ovolname=TEST"));
+		MatcherAssert.assertThat(result.get(), CoreMatchers.containsString("-ovolname=\"TEST\""));
 		MatcherAssert.assertThat(result.get(), CoreMatchers.containsString("-ordonly"));
 	}
 

main/keychain/pom.xml

@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-	<parent>
-		<groupId>org.cryptomator</groupId>
-		<artifactId>main</artifactId>
-		<version>1.5.0-alpha2</version>
-	</parent>
-	<artifactId>keychain</artifactId>
-	<name>System Keychain Access</name>
-
-	<dependencies>
-		<dependency>
-			<groupId>org.cryptomator</groupId>
-			<artifactId>commons</artifactId>
-		</dependency>
-
-		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-lang3</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>com.google.code.gson</groupId>
-			<artifactId>gson</artifactId>
-		</dependency>
-
-		<!-- Google -->
-		<dependency>
-			<groupId>com.google.guava</groupId>
-			<artifactId>guava</artifactId>
-		</dependency>
-
-		<!-- DI -->
-		<dependency>
-			<groupId>com.google.dagger</groupId>
-			<artifactId>dagger</artifactId>
-		</dependency>
-
-		<!-- secret-service lib -->
-		<dependency>
-			<groupId>de.swiesend</groupId>
-			<artifactId>secret-service</artifactId>
-			<version>1.0.0-RC.3</version>
-		</dependency>
-
-		<!-- Logging -->
-		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-simple</artifactId>
-			<scope>test</scope>
-		</dependency>
-	</dependencies>
-</project>