Merge branch 'release/1.5.0'

[ci skip]

.crowdin.yml

@@ -0,0 +1,5 @@
+commit_message: "[ci skip]"
+escape_special_characters: 0
+files:
+  - source: /main/ui/src/main/resources/i18n/strings.properties
+    translation: /main/ui/src/main/resources/i18n/strings_%two_letters_code%.properties

.github/CODE_OF_CONDUCT.md

@@ -5,9 +5,9 @@
 In the interest of fostering an open and welcoming environment, we as
 contributors and maintainers pledge to making participation in our project and
 our community a harassment-free experience for everyone, regardless of age, body
-size, disability, ethnicity, gender identity and expression, level of experience,
-nationality, personal appearance, race, religion, or sexual identity and
-orientation.
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
 
 ## Our Standards
 
@@ -23,7 +23,7 @@ include:
 Examples of unacceptable behavior by participants include:
 
 * The use of sexualized language or imagery and unwelcome sexual attention or
-advances
+  advances
 * Trolling, insulting/derogatory comments, and personal or political attacks
 * Public or private harassment
 * Publishing others' private information, such as a physical or electronic
@@ -45,12 +45,12 @@ threatening, offensive, or harmful.
 
 ## Scope
 
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
+This Code of Conduct applies within all project spaces, and it also applies when
+an individual is representing the project or its community in public spaces.
+Examples of representing a project or community include using an official
+project e-mail address, posting via an official social media account, or acting
+as an appointed representative at an online or offline event. Representation of
+a project may be further defined and clarified by project maintainers.
 
 ## Enforcement
 
@@ -68,7 +68,9 @@ members of the project's leadership.
 ## Attribution
 
 This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at [http://contributor-covenant.org/version/1/4][version]
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
 
-[homepage]: http://contributor-covenant.org
-[version]: http://contributor-covenant.org/version/1/4/
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq

.github/CONTRIBUTING.md

@@ -4,8 +4,8 @@
 
 - Ensure you're running the latest version of Cryptomator.
 - Ensure the bug is related to the desktop version of Cryptomator. Bugs concerning the Cryptomator iOS and Android app can be reported on the [Cryptomator for iOS issues list](https://github.com/cryptomator/cryptomator-ios/issues) and [Cryptomator for Android issues list](https://github.com/cryptomator/cryptomator-android/issues) respectively.
-- Ensure the bug was not [already reported](https://github.com/cryptomator/cryptomator/issues). You can also check out our [FAQ](https://community.cryptomator.org/c/faq).
-- If you're unable to find an open issue addressing the problem, [submit a new one](https://github.com/cryptomator/cryptomator/issues/new).
+- Ensure the bug was not [already reported](https://github.com/cryptomator/cryptomator/issues). You can also check out our [FAQ](https://community.cryptomator.org/c/kb/faq).
+- If you're unable to find an open issue addressing the problem, [submit a new one](https://github.com/cryptomator/cryptomator/issues/new/choose).
 
 ## Did you write a patch that fixes a bug?
 
@@ -14,11 +14,11 @@
 
 ## Do you intend to add a new feature or change an existing one?
 
-- Suggest your change by [submitting a new issue](https://github.com/cryptomator/cryptomator/issues/new) and start writing code.
+- Suggest your change by [submitting a new issue](https://github.com/cryptomator/cryptomator/issues/new/choose) and start writing code.
 
 ## Code of Conduct
 
-Help us keep Cryptomator open and inclusive. Please read and follow our [Code of Conduct](https://github.com/cryptomator/cryptomator/blob/develop/CODE_OF_CONDUCT.md).
+Help us keep Cryptomator open and inclusive. Please read and follow our [Code of Conduct](https://github.com/cryptomator/cryptomator/blob/develop/.github/CODE_OF_CONDUCT.md).
 
 ## Above all, thank you for your contributions
 

.github/FUNDING.yml

@@ -0,0 +1,8 @@
+# These are supported funding model platforms
+
+github: [cryptomator] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+custom: https://cryptomator.org/sponsors/

.github/ISSUE_TEMPLATE/bug.md

@@ -0,0 +1,61 @@
+---
+name: "Bug Report"
+about: "Create a report to help us improve"
+labels: type:bug
+---
+
+<!--
+
+Do you want to ask a QUESTION? Are you looking for SUPPORT?
+We're happy to help you via our support channels! Please read: https://github.com/cryptomator/cryptomator/blob/develop/SUPPORT.md
+
+By filing an issue, you are expected to comply with our code of conduct: https://github.com/cryptomator/cryptomator/blob/develop/.github/CODE_OF_CONDUCT.md
+
+Of course, we also expect you to search for existing similar issues first! ;) https://github.com/cryptomator/cryptomator/issues?q=
+
+-->
+
+### Description
+
+[Summarize your problem.]
+
+### System Setup
+
+* Operating system and version: [Windows/macOS/Linux + Version]
+* Cryptomator version: [Shown in the settings]
+* Drive: [Dokany/FUSE/WebDAV]
+
+### Steps to Reproduce
+
+1. [First step]
+2. [Second step]
+3. [and so on…]
+
+#### Expected Behavior
+
+[What you expect to happen.]
+
+#### Actual Behavior
+
+[What actually happens.]
+
+#### Reproducibility
+
+[Always/Intermittent/Only once]
+
+### Additional Information
+
+[Any additional information, log files, screenshots, configuration, or data that might be necessary to reproduce the issue.]
+
+<!--
+
+If you want to add the log file or screenshots, please add them as attachments. If your log file seems empty and doesn't show any errors, you may enable the debug mode first. Here is how to do that: https://community.cryptomator.org/t/how-do-i-enable-debug-mode/36
+
+Then reproduce the problem to ensure all important information is contained in there. You may use test data or redact sensitive information from the log file.
+
+Log file location:
+- Windows: %appdata%/Cryptomator
+- macOS: ~/Library/Logs/Cryptomator
+- Linux: ~/.local/share/Cryptomator/logs
+
+-->

.github/ISSUE_TEMPLATE/feature.md

@@ -0,0 +1,32 @@
+---
+name: "Feature Request"
+about: "Suggest an idea for this project"
+labels: type:feature-request
+---
+
+<!--
+
+Do you want to ask a QUESTION? Are you looking for SUPPORT?
+We're happy to help you via our support channels! Please read: https://github.com/cryptomator/cryptomator/blob/develop/SUPPORT.md
+
+By filing a feature request, you are expected to comply with our code of conduct: https://github.com/cryptomator/cryptomator/blob/develop/.github/CODE_OF_CONDUCT.md
+
+Of course, we also expect you to search for existing similar feature requests first! ;)
+
+-->
+
+### Summary
+
+[One paragraph explanation of the feature.]
+
+### Motivation
+
+[Why are we doing this? What use cases does it support? What is the expected outcome?]
+
+### Considered Alternatives
+
+[A clear and concise description of the alternative solutions you've considered.]
+
+### Additional Context
+
+[Add any other context or screenshots about the feature request here.]

.github/no-response.yml

@@ -0,0 +1,13 @@
+# Configuration for probot-no-response - https://github.com/probot/no-response
+
+# Number of days of inactivity before an Issue is closed for lack of response
+daysUntilClose: 14
+# Label requiring a response
+responseRequiredLabel: state:awaiting-response
+# Comment to post when closing an Issue for lack of response. Set to `false` to disable
+closeComment: >
+  This issue has been automatically closed because there has been no response
+  to our request for more information from the original author. With only the
+  information that is currently in the issue, we don't have enough information
+  to take action. Please reach out if you have or find the answers we need so
+  that we can investigate further.

.github/stale.yml

@@ -0,0 +1,22 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 180
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 30
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - type:security-issue # never close automatically
+  - type:feature-request # never close automatically
+  - state:awaiting-response # handled by different bot
+  - state:blocked
+  - state:confirmed
+# Set to true to ignore issues in a milestone (defaults to false)
+exemptMilestones: true
+# Label to use when marking an issue as stale
+staleLabel: state:stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

.gitignore

@@ -9,15 +9,14 @@
 .settings
 .project
 .classpath
+
+# Maven #
 target/
-test-output/
+pom.xml.versionsBackup
 
-# IntelliJ Settings Files #
-.idea/
-out/
-.idea_modules/
-*.iws
-*.iml
-
-# Temporary file created by test launcher
-main/launcher/.ipcPort.tmp
+# IntelliJ Settings Files (https://intellij-support.jetbrains.com/hc/en-us/articles/206544839-How-to-manage-projects-under-Version-Control-Systems) #
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/dictionaries
+.idea/**/libraries/
+*.iml

.idea/.name

@@ -0,0 +1 @@
+Cryptomator

.idea/codeStyles/Project.xml

@@ -0,0 +1,51 @@
+<component name="ProjectCodeStyleConfiguration">
+  <code_scheme name="Project" version="173">
+    <option name="OTHER_INDENT_OPTIONS">
+      <value>
+        <option name="USE_TAB_CHARACTER" value="true" />
+      </value>
+    </option>
+    <option name="LINE_SEPARATOR" value="&#10;" />
+    <option name="RIGHT_MARGIN" value="220" />
+    <option name="FORMATTER_TAGS_ENABLED" value="true" />
+    <JavaCodeStyleSettings>
+      <option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="30" />
+      <option name="NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND" value="10" />
+      <option name="PACKAGES_TO_USE_IMPORT_ON_DEMAND">
+        <value />
+      </option>
+      <option name="JD_ALIGN_PARAM_COMMENTS" value="false" />
+      <option name="JD_ALIGN_EXCEPTION_COMMENTS" value="false" />
+    </JavaCodeStyleSettings>
+    <codeStyleSettings language="Groovy">
+      <indentOptions>
+        <option name="USE_TAB_CHARACTER" value="true" />
+      </indentOptions>
+    </codeStyleSettings>
+    <codeStyleSettings language="HTML">
+      <indentOptions>
+        <option name="USE_TAB_CHARACTER" value="true" />
+      </indentOptions>
+    </codeStyleSettings>
+    <codeStyleSettings language="JAVA">
+      <option name="KEEP_LINE_BREAKS" value="false" />
+      <option name="BLANK_LINES_AFTER_CLASS_HEADER" value="1" />
+      <option name="KEEP_SIMPLE_BLOCKS_IN_ONE_LINE" value="true" />
+      <option name="KEEP_SIMPLE_METHODS_IN_ONE_LINE" value="true" />
+      <option name="KEEP_SIMPLE_LAMBDAS_IN_ONE_LINE" value="true" />
+      <indentOptions>
+        <option name="USE_TAB_CHARACTER" value="true" />
+      </indentOptions>
+    </codeStyleSettings>
+    <codeStyleSettings language="JSON">
+      <indentOptions>
+        <option name="USE_TAB_CHARACTER" value="true" />
+      </indentOptions>
+    </codeStyleSettings>
+    <codeStyleSettings language="XML">
+      <indentOptions>
+        <option name="USE_TAB_CHARACTER" value="true" />
+      </indentOptions>
+    </codeStyleSettings>
+  </code_scheme>
+</component>

.idea/codeStyles/codeStyleConfig.xml

@@ -0,0 +1,5 @@
+<component name="ProjectCodeStyleConfiguration">
+  <state>
+    <option name="USE_PER_PROJECT_SETTINGS" value="true" />
+  </state>
+</component>

.idea/compiler.xml

@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="CompilerConfiguration">
+    <annotationProcessing>
+      <profile name="Annotation profile for Cryptomator" enabled="true">
+        <sourceOutputDir name="target/generated-sources/annotations" />
+        <sourceTestOutputDir name="target/generated-test-sources/test-annotations" />
+        <outputRelativeToContentRoot value="true" />
+        <processorPath useClasspath="false">
+          <entry name="$MAVEN_REPOSITORY$/com/google/dagger/dagger-compiler/2.27/dagger-compiler-2.27.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/dagger/dagger/2.27/dagger-2.27.jar" />
+          <entry name="$MAVEN_REPOSITORY$/javax/inject/javax.inject/1/javax.inject-1.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/dagger/dagger-producers/2.27/dagger-producers-2.27.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/guava/guava/27.1-jre/guava-27.1-jre.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/code/findbugs/jsr305/3.0.1/jsr305-3.0.1.jar" />
+          <entry name="$MAVEN_REPOSITORY$/org/checkerframework/checker-qual/2.5.2/checker-qual-2.5.2.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/errorprone/error_prone_annotations/2.2.0/error_prone_annotations-2.2.0.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/j2objc/j2objc-annotations/1.1/j2objc-annotations-1.1.jar" />
+          <entry name="$MAVEN_REPOSITORY$/org/codehaus/mojo/animal-sniffer-annotations/1.17/animal-sniffer-annotations-1.17.jar" />
+          <entry name="$MAVEN_REPOSITORY$/org/checkerframework/checker-compat-qual/2.5.3/checker-compat-qual-2.5.3.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/dagger/dagger-spi/2.27/dagger-spi-2.27.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/squareup/javapoet/1.11.1/javapoet-1.11.1.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/googlejavaformat/google-java-format/1.5/google-java-format-1.5.jar" />
+          <entry name="$MAVEN_REPOSITORY$/com/google/errorprone/javac-shaded/9-dev-r4023-3/javac-shaded-9-dev-r4023-3.jar" />
+          <entry name="$MAVEN_REPOSITORY$/javax/annotation/jsr250-api/1.0/jsr250-api-1.0.jar" />
+          <entry name="$MAVEN_REPOSITORY$/net/ltgt/gradle/incap/incap/0.2/incap-0.2.jar" />
+          <entry name="$MAVEN_REPOSITORY$/org/jetbrains/kotlin/kotlin-stdlib/1.3.50/kotlin-stdlib-1.3.50.jar" />
+          <entry name="$MAVEN_REPOSITORY$/org/jetbrains/kotlin/kotlin-stdlib-common/1.3.50/kotlin-stdlib-common-1.3.50.jar" />
+          <entry name="$MAVEN_REPOSITORY$/org/jetbrains/annotations/13.0/annotations-13.0.jar" />
+          <entry name="$MAVEN_REPOSITORY$/org/jetbrains/kotlinx/kotlinx-metadata-jvm/0.1.0/kotlinx-metadata-jvm-0.1.0.jar" />
+        </processorPath>
+        <module name="keychain" />
+        <module name="commons" />
+        <module name="ui" />
+        <module name="launcher" />
+      </profile>
+    </annotationProcessing>
+  </component>
+</project>

.idea/encodings.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="Encoding" defaultCharsetForPropertiesFiles="UTF-8">
+    <file url="file://$PROJECT_DIR$/main" charset="UTF-8" />
+    <file url="file://$PROJECT_DIR$/main/commons/src/main/java" charset="UTF-8" />
+    <file url="file://$PROJECT_DIR$/main/keychain/src/main/java" charset="UTF-8" />
+    <file url="file://$PROJECT_DIR$/main/keychain/src/main/resources" charset="UTF-8" />
+    <file url="file://$PROJECT_DIR$/main/launcher/src/main/java" charset="UTF-8" />
+    <file url="file://$PROJECT_DIR$/main/ui/src/main/java" charset="UTF-8" />
+    <file url="file://$PROJECT_DIR$/main/ui/src/main/resources" charset="UTF-8" />
+    <file url="PROJECT" charset="UTF-8" />
+  </component>
+</project>

.idea/inspectionProfiles/Project_Default.xml

@@ -0,0 +1,10 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="SpellCheckingInspection" enabled="false" level="TYPO" enabled_by_default="false">
+      <option name="processCode" value="true" />
+      <option name="processLiterals" value="true" />
+      <option name="processComments" value="true" />
+    </inspection_tool>
+  </profile>
+</component>

.idea/misc.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ExternalStorageConfigurationManager" enabled="true" />
+  <component name="MavenProjectsManager">
+    <option name="originalFiles">
+      <list>
+        <option value="$PROJECT_DIR$/main/pom.xml" />
+      </list>
+    </option>
+  </component>
+  <component name="ProjectRootManager" version="2" languageLevel="JDK_11" default="false" project-jdk-name="11" project-jdk-type="JavaSDK">
+    <output url="file://$PROJECT_DIR$/out" />
+  </component>
+</project>

.idea/modules.xml

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/Desktop.iml" filepath="$PROJECT_DIR$/.idea/Desktop.iml" />
+    </modules>
+  </component>
+</project>

.idea/runConfigurations/Cryptomator_Linux.xml

@@ -0,0 +1,10 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Cryptomator Linux" type="Application" factoryName="Application">
+    <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
+    <module name="launcher" />
+    <option name="VM_PARAMETERS" value="-Djdk.gtk.version=2 -Duser.language=en -Dcryptomator.settingsPath=&quot;~/.config/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/.config/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/.local/share/Cryptomator/logs&quot; -Dcryptomator.mountPointsDir=&quot;~/.local/share/Cryptomator/mnt&quot; -Xss20m -Xmx512m" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.idea/runConfigurations/Cryptomator_Windows.xml

@@ -0,0 +1,10 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Cryptomator Windows" type="Application" factoryName="Application">
+    <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
+    <module name="launcher" />
+    <option name="VM_PARAMETERS" value="-Duser.language=en -Dcryptomator.settingsPath=&quot;~/AppData/Roaming/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/AppData/Roaming/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/AppData/Roaming/Cryptomator&quot; -Dcryptomator.keychainPath=&quot;~/AppData/Roaming/Cryptomator/keychain.json&quot; -Xss2m -Xmx512m" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.idea/runConfigurations/Cryptomator_macOS.xml

@@ -0,0 +1,11 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Cryptomator macOS" type="Application" factoryName="Application">
+    <option name="MAIN_CLASS_NAME" value="org.cryptomator.launcher.Cryptomator" />
+    <module name="launcher" />
+    <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />
+    <option name="VM_PARAMETERS" value="-Duser.language=en -Dcryptomator.settingsPath=&quot;~/Library/Application Support/Cryptomator/settings.json&quot; -Dcryptomator.ipcPortPath=&quot;~/Library/Application Support/Cryptomator/ipcPort.bin&quot; -Dcryptomator.logDir=&quot;~/Library/Logs/Cryptomator&quot; -Dcryptomator.mountPointsDir=&quot;/Volumes/&quot; -Xss2m -Xmx512m -ea" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

.idea/vcs.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>

.travis-deploy-release.tmpl.json

@@ -0,0 +1,19 @@
+{
+  "package": {
+	"name": "buildkit",
+	"repo": "cryptomator",
+	"subject": "cryptomator"
+  },
+  "version": {
+	"name": "$TRAVIS_TAG",
+	"desc": "Cryptomator version $TRAVIS_TAG",
+	"released": "$TODAY",
+	"vcs_tag": "$TRAVIS_TAG",
+	"gpgSign": true
+  },
+  "files":
+  [
+	{"includePattern": "main/buildkit/target/(buildkit-[a-z]+\\.zip)", "uploadPattern": "/$TRAVIS_TAG/$1"}
+  ],
+  "publish": true
+}

.travis-deploy-snapshot.json

@@ -0,0 +1,15 @@
+{
+  "package": {
+	"name": "buildkit",
+	"repo": "cryptomator",
+	"subject": "cryptomator"
+  },
+  "version": {
+	"name": "snapshot"
+  },
+  "files":
+  [
+	{"includePattern": "main/buildkit/target/(buildkit-[a-z]+\\.zip)", "uploadPattern": "/snapshot/$1", "matrixParams": {"override": 1}}
+  ],
+  "publish": true
+}

.travis.yml

@@ -1,93 +1,65 @@
+dist: bionic
 language: java
 sudo: false
 jdk:
-- oraclejdk9
-branches:
-  except:
-  - continuous # To avoid infinite loops, as this tag is created by this Travis config
+- openjdk11
 cache:
   directories:
   - $HOME/.m2
 env:
   global:
-    - secure: "IfYURwZaDWuBDvyn47n0k1Zod/IQw1FF+CS5nnV08Q+NfC3vGGJMwV8m59XnbfwnWGxwvCaAbk4qP6s6+ijgZNKkvgfFMo3rfTok5zt43bIqgaFOANYV+OC/1c59gYD6ZUxhW5iNgMgU3qdsRtJuwSmfkVv/jKyLGfAbS4kN8BA=" # COVERITY_SCAN_TOKEN
-    - secure: "lV9OwUbHMrMpLUH1CY+Z4puLDdFXytudyPlG1eGRsesdpuG6KM3uQVz6uAtf6lrU8DRbMM/T7ML+PmvQ4UoPPYLdLxESLLBat2qUPOIVBOhTSlCc7I0DmGy04CSvkeMy8dPaQC0ukgNiR7zwoNzfcpGRN/U9S8tziDruuHoZSrg=" # BINTRAY_API_KEY
+    - secure: "HftEaabMmWn5GwKFKksUkOcelc3Mn7xazwAEy+4d4gL1+F8VhID/6DCK7nas+afUymWnxTano8Rv4Ci5MWryNkNkTH+FUPWmF3xWezc3hajSyS7RB92IZ8VPetl4Fo8UI1WwM5apDEaugalPxkIf8a7N+lpG5X/Gpumwzo3Be3w=" # BINTRAY_API_KEY
     - secure: "oWFgRTVP6lyTa7qVxlvkpm20MtVc3BtmsNXQJS6bfg2A0o/iCQMNx7OD59BaafCLGRKvCcJVESiC8FlSylVMS7CDSyYu0gg70NUiIuHp4NBM5inFWYCy/PdQsCTzr5uvNG+rMFQpMFRaCV0FrfM3tLondcVkhsHL68l93Xoexx4=" # CODACY_PROJECT_TOKEN
     - secure: "zJxgytA2Ks5Xzv+7kUaUq+EBFNQw9Qec63lcMJVuXVWczjL16nKW1EzzV515ag+OWL46z3lEPForDhufw0VtFnNmaX68jkO0mp01eLrHApc1llN2Y/U8GBXfNNazN4+Kom4H+z/AO+wJr8EsKMMUczCdQ3APgd9uVI0hzXw/Z3M=" # GITHUB_API_KEY
 addons:
   apt:
     packages:
     - haveged
-  coverity_scan:
-    project:
-      name: "cryptomator/cryptomator"
-    notification_email: sebastian.stenzel@cryptomator.org
-    build_command: "mvn -fmain/pom.xml clean test -DskipTests"
-    branch_pattern: release.*
 install:
-- curl -o $HOME/.m2/settings.xml https://gist.githubusercontent.com/cryptobot/cf5fbd909c4782aaeeeb7c7f4a1a43da/raw/e60ee486e34ee0c79f89f947abe2c83b4290c6bb/settings.xml
-- mvn -fmain/pom.xml clean install -DskipTests org.codehaus.mojo:versions-maven-plugin:help dependency:go-offline -Pcoverage,release # "clean install" needed until we can exclude artifacts currently in the reactor, see https://maven.apache.org/plugins/maven-dependency-plugin/go-offline-mojo.html#excludeReactor and https://issues.apache.org/jira/browse/MDEP-568
-script:
-- mvn --update-snapshots -fmain/pom.xml clean test jacoco:report verify -Pcoverage
-after_success:
-- jdk_switcher use oraclejdk8
-- curl -o ~/codacy-coverage-reporter-assembly-latest.jar https://oss.sonatype.org/service/local/repositories/releases/content/com/codacy/codacy-coverage-reporter/2.0.1/codacy-coverage-reporter-2.0.1-assembly.jar
-- $JAVA_HOME/bin/java -cp ~/codacy-coverage-reporter-assembly-latest.jar com.codacy.CodacyCoverageReporter -l Java -r main/jacoco-report/target/site/jacoco-aggregate/jacoco.xml
-before_deploy:
-- jdk_switcher use oraclejdk9
-- |
-  if [[ $TRAVIS_BRANCH == "develop" ]] && [[ $TRAVIS_PULL_REQUEST == "false" ]]; then
-    CONTINUOUS_RELEASE_URL=`curl -s https://api.github.com/repos/cryptomator/cryptomator/releases/tags/continuous | jq -re '.url'`
-    echo "Existing continuous release: ${CONTINUOUS_RELEASE_URL}"
-    if [[ $CONTINUOUS_RELEASE_URL == http* ]]; then
-      curl -u cryptobot:$GITHUB_API_KEY -X DELETE $CONTINUOUS_RELEASE_URL
-    fi
-  fi
+# - curl -o $HOME/.m2/settings.xml https://gist.githubusercontent.com/cryptobot/cf5fbd909c4782aaeeeb7c7f4a1a43da/raw/e60ee486e34ee0c79f89f947abe2c83b4290c6bb/settings.xml
+- mvn -fmain/pom.xml clean install -DskipTests -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN org.codehaus.mojo:versions-maven-plugin:help dependency:go-offline -Pcoverage,release # "clean install" needed until we can exclude artifacts currently in the reactor, see https://maven.apache.org/plugins/maven-dependency-plugin/go-offline-mojo.html#excludeReactor and https://issues.apache.org/jira/browse/MDEP-568
+before_script:
 - |
   if [[ -n "$TRAVIS_TAG" ]]; then
     mvn -fmain/pom.xml org.codehaus.mojo:versions-maven-plugin:set -DnewVersion=$TRAVIS_TAG
-  elif [[ $TRAVIS_BRANCH == "develop" ]] && [[ $TRAVIS_PULL_REQUEST == "false" ]]; then
+  else
     mvn -fmain/pom.xml org.codehaus.mojo:versions-maven-plugin:set -DnewVersion=SNAPSHOT-$(echo $TRAVIS_COMMIT | head -c7)
-    git tag -f continuous
-    git remote add gh https://cryptobot:${GITHUB_API_KEY}@github.com/cryptomator/cryptomator.git
-    git push -f gh continuous
-    git remote remove gh
   fi
-- mvn -fmain/pom.xml clean package -Prelease -DskipTests
+script:
+- mvn --update-snapshots -fmain/pom.xml clean test verify -Pcoverage
+after_success:
+- curl -o ~/codacy-coverage-reporter.jar https://repo.maven.apache.org/maven2/com/codacy/codacy-coverage-reporter/7.1.0/codacy-coverage-reporter-7.1.0-assembly.jar
+- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar report -l Java -r main/commons/target/site/jacoco/jacoco.xml --partial
+- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar report -l Java -r main/keychain/target/site/jacoco/jacoco.xml --partial
+- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar report -l Java -r main/ui/target/site/jacoco/jacoco.xml --partial
+- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar report -l Java -r main/launcher/target/site/jacoco/jacoco.xml --partial
+- $JAVA_HOME/bin/java -jar ~/codacy-coverage-reporter.jar final
+before_deploy:
+- mvn -fmain/pom.xml package -Prelease -DskipTests
+- export TODAY=`date +'%Y-%m-%d'`; envsubst '$TRAVIS_TAG $TODAY' < .travis-deploy-release.tmpl.json > .travis-deploy-release.json
 deploy:
-- provider: releases # CONTINUOUS
-  prerelease: true
-  api-key: $GITHUB_API_KEY
-  tag_name: continuous
-  overwrite: true
-  file_glob: true
-  file:
-  - "main/uber-jar/target/Cryptomator-*.jar"
-  - "main/ant-kit/target/antkit.tar.gz"
+- provider: bintray # SNAPSHOTS
+  file: .travis-deploy-snapshot.json
+  user: cryptobot
+  key: $BINTRAY_API_KEY
   skip_cleanup: true
-  name: Cryptomator continuous build
-  body: Automatically built on $(date +'%F %T %Z').
   on:
     repo: cryptomator/cryptomator
     branch: develop
-    condition: $TRAVIS_TAG = ''
-- provider: releases # RELEASE
-  prerelease: false
-  api_key: $GITHUB_API_KEY
-  file:
-  - "main/uber-jar/target/Cryptomator-$TRAVIS_TAG.jar"
-  - "main/ant-kit/target/antkit.tar.gz"
+- provider: bintray # RELEASES
+  file: .travis-deploy-release.json
+  user: cryptobot
+  key: $BINTRAY_API_KEY
   skip_cleanup: true
   on:
     repo: cryptomator/cryptomator
     tags: true
-- provider: script
-  script: "curl -X POST -u cryptobot:${BINTRAY_API_KEY} -H 'Content-Type: application/json' -d '{\"name\": \"${TRAVIS_TAG}\", \"vcs_tag\": \"${TRAVIS_TAG}\"}' https://api.bintray.com/packages/cryptomator/cryptomator/cryptomator-win/versions"
+- provider: releases
+  api_key: $GITHUB_API_KEY
+  file_glob: true
+  file:
+    - "main/buildkit/target/buildkit-*.zip"
+  skip_cleanup: true
   on:
     repo: cryptomator/cryptomator
-    tags: true
-- provider: script
-  script: "curl -X POST -u cryptobot:${BINTRAY_API_KEY} -H 'Content-Type: application/json' -d '{\"name\": \"${TRAVIS_TAG}\", \"vcs_tag\": \"${TRAVIS_TAG}\"}' https://api.bintray.com/packages/cryptomator/cryptomator/cryptomator-osx/versions"
-  on:
-    repo: cryptomator/cryptomator
-    tags: true
+    tags: true

3RD PARTY LICENSES/Apache-2.0.txt

@@ -1,202 +0,0 @@
-
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.

3RD PARTY LICENSES/LGPLv2.1.txt

@@ -1,502 +0,0 @@
-                  GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 2.1, February 1999
-
- Copyright (C) 1991, 1999 Free Software Foundation, Inc.
- 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-[This is the first released version of the Lesser GPL.  It also counts
- as the successor of the GNU Library Public License, version 2, hence
- the version number 2.1.]
-
-                            Preamble
-
-  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
-Licenses are intended to guarantee your freedom to share and change
-free software--to make sure the software is free for all its users.
-
-  This license, the Lesser General Public License, applies to some
-specially designated software packages--typically libraries--of the
-Free Software Foundation and other authors who decide to use it.  You
-can use it too, but we suggest you first think carefully about whether
-this license or the ordinary General Public License is the better
-strategy to use in any particular case, based on the explanations below.
-
-  When we speak of free software, we are referring to freedom of use,
-not price.  Our General Public Licenses are designed to make sure that
-you have the freedom to distribute copies of free software (and charge
-for this service if you wish); that you receive source code or can get
-it if you want it; that you can change the software and use pieces of
-it in new free programs; and that you are informed that you can do
-these things.
-
-  To protect your rights, we need to make restrictions that forbid
-distributors to deny you these rights or to ask you to surrender these
-rights.  These restrictions translate to certain responsibilities for
-you if you distribute copies of the library or if you modify it.
-
-  For example, if you distribute copies of the library, whether gratis
-or for a fee, you must give the recipients all the rights that we gave
-you.  You must make sure that they, too, receive or can get the source
-code.  If you link other code with the library, you must provide
-complete object files to the recipients, so that they can relink them
-with the library after making changes to the library and recompiling
-it.  And you must show them these terms so they know their rights.
-
-  We protect your rights with a two-step method: (1) we copyright the
-library, and (2) we offer you this license, which gives you legal
-permission to copy, distribute and/or modify the library.
-
-  To protect each distributor, we want to make it very clear that
-there is no warranty for the free library.  Also, if the library is
-modified by someone else and passed on, the recipients should know
-that what they have is not the original version, so that the original
-author's reputation will not be affected by problems that might be
-introduced by others.
-
-  Finally, software patents pose a constant threat to the existence of
-any free program.  We wish to make sure that a company cannot
-effectively restrict the users of a free program by obtaining a
-restrictive license from a patent holder.  Therefore, we insist that
-any patent license obtained for a version of the library must be
-consistent with the full freedom of use specified in this license.
-
-  Most GNU software, including some libraries, is covered by the
-ordinary GNU General Public License.  This license, the GNU Lesser
-General Public License, applies to certain designated libraries, and
-is quite different from the ordinary General Public License.  We use
-this license for certain libraries in order to permit linking those
-libraries into non-free programs.
-
-  When a program is linked with a library, whether statically or using
-a shared library, the combination of the two is legally speaking a
-combined work, a derivative of the original library.  The ordinary
-General Public License therefore permits such linking only if the
-entire combination fits its criteria of freedom.  The Lesser General
-Public License permits more lax criteria for linking other code with
-the library.
-
-  We call this license the "Lesser" General Public License because it
-does Less to protect the user's freedom than the ordinary General
-Public License.  It also provides other free software developers Less
-of an advantage over competing non-free programs.  These disadvantages
-are the reason we use the ordinary General Public License for many
-libraries.  However, the Lesser license provides advantages in certain
-special circumstances.
-
-  For example, on rare occasions, there may be a special need to
-encourage the widest possible use of a certain library, so that it becomes
-a de-facto standard.  To achieve this, non-free programs must be
-allowed to use the library.  A more frequent case is that a free
-library does the same job as widely used non-free libraries.  In this
-case, there is little to gain by limiting the free library to free
-software only, so we use the Lesser General Public License.
-
-  In other cases, permission to use a particular library in non-free
-programs enables a greater number of people to use a large body of
-free software.  For example, permission to use the GNU C Library in
-non-free programs enables many more people to use the whole GNU
-operating system, as well as its variant, the GNU/Linux operating
-system.
-
-  Although the Lesser General Public License is Less protective of the
-users' freedom, it does ensure that the user of a program that is
-linked with the Library has the freedom and the wherewithal to run
-that program using a modified version of the Library.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.  Pay close attention to the difference between a
-"work based on the library" and a "work that uses the library".  The
-former contains code derived from the library, whereas the latter must
-be combined with the library in order to run.
-
-                  GNU LESSER GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
-  0. This License Agreement applies to any software library or other
-program which contains a notice placed by the copyright holder or
-other authorized party saying it may be distributed under the terms of
-this Lesser General Public License (also called "this License").
-Each licensee is addressed as "you".
-
-  A "library" means a collection of software functions and/or data
-prepared so as to be conveniently linked with application programs
-(which use some of those functions and data) to form executables.
-
-  The "Library", below, refers to any such software library or work
-which has been distributed under these terms.  A "work based on the
-Library" means either the Library or any derivative work under
-copyright law: that is to say, a work containing the Library or a
-portion of it, either verbatim or with modifications and/or translated
-straightforwardly into another language.  (Hereinafter, translation is
-included without limitation in the term "modification".)
-
-  "Source code" for a work means the preferred form of the work for
-making modifications to it.  For a library, complete source code means
-all the source code for all modules it contains, plus any associated
-interface definition files, plus the scripts used to control compilation
-and installation of the library.
-
-  Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
-running a program using the Library is not restricted, and output from
-such a program is covered only if its contents constitute a work based
-on the Library (independent of the use of the Library in a tool for
-writing it).  Whether that is true depends on what the Library does
-and what the program that uses the Library does.
-
-  1. You may copy and distribute verbatim copies of the Library's
-complete source code as you receive it, in any medium, provided that
-you conspicuously and appropriately publish on each copy an
-appropriate copyright notice and disclaimer of warranty; keep intact
-all the notices that refer to this License and to the absence of any
-warranty; and distribute a copy of this License along with the
-Library.
-
-  You may charge a fee for the physical act of transferring a copy,
-and you may at your option offer warranty protection in exchange for a
-fee.
-
-  2. You may modify your copy or copies of the Library or any portion
-of it, thus forming a work based on the Library, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
-    a) The modified work must itself be a software library.
-
-    b) You must cause the files modified to carry prominent notices
-    stating that you changed the files and the date of any change.
-
-    c) You must cause the whole of the work to be licensed at no
-    charge to all third parties under the terms of this License.
-
-    d) If a facility in the modified Library refers to a function or a
-    table of data to be supplied by an application program that uses
-    the facility, other than as an argument passed when the facility
-    is invoked, then you must make a good faith effort to ensure that,
-    in the event an application does not supply such function or
-    table, the facility still operates, and performs whatever part of
-    its purpose remains meaningful.
-
-    (For example, a function in a library to compute square roots has
-    a purpose that is entirely well-defined independent of the
-    application.  Therefore, Subsection 2d requires that any
-    application-supplied function or table used by this function must
-    be optional: if the application does not supply it, the square
-    root function must still compute square roots.)
-
-These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Library,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
-on the Library, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote
-it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Library.
-
-In addition, mere aggregation of another work not based on the Library
-with the Library (or with a work based on the Library) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
-  3. You may opt to apply the terms of the ordinary GNU General Public
-License instead of this License to a given copy of the Library.  To do
-this, you must alter all the notices that refer to this License, so
-that they refer to the ordinary GNU General Public License, version 2,
-instead of to this License.  (If a newer version than version 2 of the
-ordinary GNU General Public License has appeared, then you can specify
-that version instead if you wish.)  Do not make any other change in
-these notices.
-
-  Once this change is made in a given copy, it is irreversible for
-that copy, so the ordinary GNU General Public License applies to all
-subsequent copies and derivative works made from that copy.
-
-  This option is useful when you wish to copy part of the code of
-the Library into a program that is not a library.
-
-  4. You may copy and distribute the Library (or a portion or
-derivative of it, under Section 2) in object code or executable form
-under the terms of Sections 1 and 2 above provided that you accompany
-it with the complete corresponding machine-readable source code, which
-must be distributed under the terms of Sections 1 and 2 above on a
-medium customarily used for software interchange.
-
-  If distribution of object code is made by offering access to copy
-from a designated place, then offering equivalent access to copy the
-source code from the same place satisfies the requirement to
-distribute the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
-  5. A program that contains no derivative of any portion of the
-Library, but is designed to work with the Library by being compiled or
-linked with it, is called a "work that uses the Library".  Such a
-work, in isolation, is not a derivative work of the Library, and
-therefore falls outside the scope of this License.
-
-  However, linking a "work that uses the Library" with the Library
-creates an executable that is a derivative of the Library (because it
-contains portions of the Library), rather than a "work that uses the
-library".  The executable is therefore covered by this License.
-Section 6 states terms for distribution of such executables.
-
-  When a "work that uses the Library" uses material from a header file
-that is part of the Library, the object code for the work may be a
-derivative work of the Library even though the source code is not.
-Whether this is true is especially significant if the work can be
-linked without the Library, or if the work is itself a library.  The
-threshold for this to be true is not precisely defined by law.
-
-  If such an object file uses only numerical parameters, data
-structure layouts and accessors, and small macros and small inline
-functions (ten lines or less in length), then the use of the object
-file is unrestricted, regardless of whether it is legally a derivative
-work.  (Executables containing this object code plus portions of the
-Library will still fall under Section 6.)
-
-  Otherwise, if the work is a derivative of the Library, you may
-distribute the object code for the work under the terms of Section 6.
-Any executables containing that work also fall under Section 6,
-whether or not they are linked directly with the Library itself.
-
-  6. As an exception to the Sections above, you may also combine or
-link a "work that uses the Library" with the Library to produce a
-work containing portions of the Library, and distribute that work
-under terms of your choice, provided that the terms permit
-modification of the work for the customer's own use and reverse
-engineering for debugging such modifications.
-
-  You must give prominent notice with each copy of the work that the
-Library is used in it and that the Library and its use are covered by
-this License.  You must supply a copy of this License.  If the work
-during execution displays copyright notices, you must include the
-copyright notice for the Library among them, as well as a reference
-directing the user to the copy of this License.  Also, you must do one
-of these things:
-
-    a) Accompany the work with the complete corresponding
-    machine-readable source code for the Library including whatever
-    changes were used in the work (which must be distributed under
-    Sections 1 and 2 above); and, if the work is an executable linked
-    with the Library, with the complete machine-readable "work that
-    uses the Library", as object code and/or source code, so that the
-    user can modify the Library and then relink to produce a modified
-    executable containing the modified Library.  (It is understood
-    that the user who changes the contents of definitions files in the
-    Library will not necessarily be able to recompile the application
-    to use the modified definitions.)
-
-    b) Use a suitable shared library mechanism for linking with the
-    Library.  A suitable mechanism is one that (1) uses at run time a
-    copy of the library already present on the user's computer system,
-    rather than copying library functions into the executable, and (2)
-    will operate properly with a modified version of the library, if
-    the user installs one, as long as the modified version is
-    interface-compatible with the version that the work was made with.
-
-    c) Accompany the work with a written offer, valid for at
-    least three years, to give the same user the materials
-    specified in Subsection 6a, above, for a charge no more
-    than the cost of performing this distribution.
-
-    d) If distribution of the work is made by offering access to copy
-    from a designated place, offer equivalent access to copy the above
-    specified materials from the same place.
-
-    e) Verify that the user has already received a copy of these
-    materials or that you have already sent this user a copy.
-
-  For an executable, the required form of the "work that uses the
-Library" must include any data and utility programs needed for
-reproducing the executable from it.  However, as a special exception,
-the materials to be distributed need not include anything that is
-normally distributed (in either source or binary form) with the major
-components (compiler, kernel, and so on) of the operating system on
-which the executable runs, unless that component itself accompanies
-the executable.
-
-  It may happen that this requirement contradicts the license
-restrictions of other proprietary libraries that do not normally
-accompany the operating system.  Such a contradiction means you cannot
-use both them and the Library together in an executable that you
-distribute.
-
-  7. You may place library facilities that are a work based on the
-Library side-by-side in a single library together with other library
-facilities not covered by this License, and distribute such a combined
-library, provided that the separate distribution of the work based on
-the Library and of the other library facilities is otherwise
-permitted, and provided that you do these two things:
-
-    a) Accompany the combined library with a copy of the same work
-    based on the Library, uncombined with any other library
-    facilities.  This must be distributed under the terms of the
-    Sections above.
-
-    b) Give prominent notice with the combined library of the fact
-    that part of it is a work based on the Library, and explaining
-    where to find the accompanying uncombined form of the same work.
-
-  8. You may not copy, modify, sublicense, link with, or distribute
-the Library except as expressly provided under this License.  Any
-attempt otherwise to copy, modify, sublicense, link with, or
-distribute the Library is void, and will automatically terminate your
-rights under this License.  However, parties who have received copies,
-or rights, from you under this License will not have their licenses
-terminated so long as such parties remain in full compliance.
-
-  9. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
-distribute the Library or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Library (or any work based on the
-Library), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Library or works based on it.
-
-  10. Each time you redistribute the Library (or any work based on the
-Library), the recipient automatically receives a license from the
-original licensor to copy, distribute, link with or modify the Library
-subject to these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties with
-this License.
-
-  11. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Library at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Library by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Library.
-
-If any portion of this section is held invalid or unenforceable under any
-particular circumstance, the balance of the section is intended to apply,
-and the section as a whole is intended to apply in other circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system which is
-implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
-  12. If the distribution and/or use of the Library is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Library under this License may add
-an explicit geographical distribution limitation excluding those countries,
-so that distribution is permitted only in or among countries not thus
-excluded.  In such case, this License incorporates the limitation as if
-written in the body of this License.
-
-  13. The Free Software Foundation may publish revised and/or new
-versions of the Lesser General Public License from time to time.
-Such new versions will be similar in spirit to the present version,
-but may differ in detail to address new problems or concerns.
-
-Each version is given a distinguishing version number.  If the Library
-specifies a version number of this License which applies to it and
-"any later version", you have the option of following the terms and
-conditions either of that version or of any later version published by
-the Free Software Foundation.  If the Library does not specify a
-license version number, you may choose any version ever published by
-the Free Software Foundation.
-
-  14. If you wish to incorporate parts of the Library into other free
-programs whose distribution conditions are incompatible with these,
-write to the author to ask for permission.  For software which is
-copyrighted by the Free Software Foundation, write to the Free
-Software Foundation; we sometimes make exceptions for this.  Our
-decision will be guided by the two goals of preserving the free status
-of all derivatives of our free software and of promoting the sharing
-and reuse of software generally.
-
-                            NO WARRANTY
-
-  15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
-WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
-EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
-OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
-KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
-LIBRARY IS WITH YOU.  SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
-THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
-WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
-AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
-FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
-CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
-LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
-RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
-FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
-SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
-DAMAGES.
-
-                     END OF TERMS AND CONDITIONS
-
-           How to Apply These Terms to Your New Libraries
-
-  If you develop a new library, and you want it to be of the greatest
-possible use to the public, we recommend making it free software that
-everyone can redistribute and change.  You can do so by permitting
-redistribution under these terms (or, alternatively, under the terms of the
-ordinary General Public License).
-
-  To apply these terms, attach the following notices to the library.  It is
-safest to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least the
-"copyright" line and a pointer to where the full notice is found.
-
-    <one line to give the library's name and a brief idea of what it does.>
-    Copyright (C) <year>  <name of author>
-
-    This library is free software; you can redistribute it and/or
-    modify it under the terms of the GNU Lesser General Public
-    License as published by the Free Software Foundation; either
-    version 2.1 of the License, or (at your option) any later version.
-
-    This library is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-    Lesser General Public License for more details.
-
-    You should have received a copy of the GNU Lesser General Public
-    License along with this library; if not, write to the Free Software
-    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
-
-Also add information on how to contact you by electronic and paper mail.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the library, if
-necessary.  Here is a sample; alter the names:
-
-  Yoyodyne, Inc., hereby disclaims all copyright interest in the
-  library `Frob' (a library for tweaking knobs) written by James Random Hacker.
-
-  <signature of Ty Coon>, 1 April 1990
-  Ty Coon, President of Vice
-
-That's all there is to it!

3RD PARTY LICENSES/MIT-X11.txt

@@ -1,21 +0,0 @@
-The MIT License (MIT)
-
-Copyright (c) <year> <copyright holders>
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in
-all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
-THE SOFTWARE.

3RD PARTY LICENSES/Modified BSD.txt

@@ -1,27 +0,0 @@
-Copyright (c) [year], [fullname]
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this
-  list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-
-* Neither the name of [project] nor the names of its
-  contributors may be used to endorse or promote products derived from
-  this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

3RD PARTY LICENSES/Simplified BSD.txt

@@ -1,23 +0,0 @@
-Copyright (c) [year], [fullname]
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this
-  list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

3RD PARTY LICENSES/_NOTICE.md

@@ -1,88 +0,0 @@
-# Third party softwares
-Cryptomator uses third party libraries and fonts that may be licensed under different licenses.
-
-## AquaFX
-The ProgressIndicator in ui/src/main/resource/css/mac_theme.css contains code from the AquaFX project.
-
-Copyright Claudine Zillmann (http://aquafx-project.com/)
-
-Licensed under the accompanying Modified BSD license file.
-
-## Apache Commons + Apache HttpComponents + Jackrabbit WebDAV Library
-Copyright The Apache Software Foundation
-
-Licensed under the Apache License, Version 2.0
-
-### Commons Codec
-
-src/test/org/apache/commons/codec/language/DoubleMetaphoneTest.java contains test data
-from http://aspell.net/test/orig/batch0.tab. Copyright (C) 2002 Kevin Atkinson (kevina@gnu.org)
-
-### Commons Lang
-
-This product includes software from the Spring Framework,
-under the Apache License 2.0 (see: StringUtils.containsWhitespace())
-
-### Jackrabbit WebDAV Library
-
-Based on source code originally developed by
-Day Software (http://www.day.com/).
-
-## CryptoLib + CryptoFS
-Copyright 2016, 2017 Skymatic UG (haftungsbeschränkt)
-
-Licensed under the GNU Affero General Public License, Version 3
-
-## Dagger 2
-Copyright 2014 Google, Inc.
-Copyright 2012 Square, Inc.
-
-Licensed under the Apache License, Version 2.0
-
-## EasyBind
-Copyright (c) 2014, TomasMikula
-
-Licensed under the accompanying simplified BSD license.
-
-
-## GSON + Guava
-Copyright Google, Inc.
-
-Licensed under the Apache License, Version 2.0
-
-## Jetty
-Copyright 1995-2017 Mort Bay Consulting Pty Ltd.
-
-The UnixCrypt.java code implements the one way cryptography used by
-Unix systems for simple password protection.  Copyright 1996 Aki Yoshida,
-modified April 2001  by Iris Van den Broeke, Daniel Deville.
-Permission to use, copy, modify and distribute UnixCrypt
-for non-commercial or commercial purposes and without fee is
-granted provided that the copyright notice appears in all copies.
-
-Licensed under the Apache License, Version 2.0
-
-
-## Logback
-Copyright (C) 1999-2017, QOS.ch. All rights reserved.
-
-Licensed under the GNU Lesser General Public License, Version 2.1
-
-## SIV-Mode
-Copyright (c) Sebastian Stenzel
-
-Licensed under the MIT / X11 License
-
-## SLF4J
-Copyright (c) 2004-2017 QOS.ch
-
-Licensed under the MIT / X11 License
-
-
-# Other third party assets
-Non-software work included in Cryptomator
-
-## Ionicons
-Copyright (c) 2016 Drifty (http://drifty.com/)
-
-ionicons.ttf Licensed under the accompanying MIT license

ISSUE_TEMPLATE.md

@@ -1,31 +0,0 @@
-## Issue Checklist
-
-Before creating a new issue make sure that you
-- searched existing (and closed) issues: https://github.com/cryptomator/cryptomator/issues
-- searched the knowledge base: https://community.cryptomator.org/c/kb
-- have read the support guide: https://github.com/cryptomator/cryptomator/blob/develop/SUPPORT.md
-- have read the contribution guide: https://github.com/cryptomator/cryptomator/blob/develop/CONTRIBUTING.md
-- have read the code of conduct: https://github.com/cryptomator/cryptomator/blob/develop/CODE_OF_CONDUCT.md
-
-## Basic Info
-
-I'm using Windows / macOS / Linux / … in version: …
-
-I'm running Cryptomator in version: …  
-(You can check the version in the Cryptomator settings.)
-
-## Description
-
-…  
-(Please describe in detail what you did, what you expected, and what really happened.)
-
-## Attachments (optional)
-
-If you want to add the log file or screenshots, please add them as attachments. If your log file seems empty and doesn't show any errors, you may enable the debug mode first. Here is how to do that: https://community.cryptomator.org/t/how-do-i-enable-debug-mode/36
-
-Then reproduce the problem to ensure all important information is contained in there. You may use test data or redact sensitive information from the log file.
-
-You can find the log file
-- on Windows: %appdata%/Cryptomator/cryptomator.log
-- on macOS: ~/Library/Logs/Cryptomator/cryptomator.log
-- on Linux: ~/.Cryptomator/cryptomator.log

README.md

@@ -1,14 +1,29 @@
-![cryptomator](cryptomator.png)
+[![cryptomator](cryptomator.png)](https://cryptomator.org/)
 
 [![Build Status](https://travis-ci.org/cryptomator/cryptomator.svg?branch=master)](https://travis-ci.org/cryptomator/cryptomator)
 [![Known Vulnerabilities](https://snyk.io/test/github/cryptomator/cryptomator/badge.svg?targetFile=main%2Fpom.xml)](https://snyk.io/test/github/cryptomator/cryptomator?targetFile=main%2Fpom.xml)
 [![Codacy Badge](https://api.codacy.com/project/badge/Grade/2a0adf3cec6a4143b91035d3924178f1)](https://www.codacy.com/app/cryptomator/cryptomator?utm_source=github.com&utm_medium=referral&utm_content=cryptomator/cryptomator&utm_campaign=Badge_Grade)
 [![Twitter](https://img.shields.io/badge/twitter-@Cryptomator-blue.svg?style=flat)](http://twitter.com/Cryptomator)
-[![POEditor](https://img.shields.io/badge/POEditor-Help%20Translate-blue.svg?style=flat)](https://poeditor.com/join/project/bHwbvJmx0E)
+[![Crowdin](https://badges.crowdin.net/cryptomator/localized.svg)](https://translate.cryptomator.org/)
 [![Latest Release](https://img.shields.io/github/release/cryptomator/cryptomator.svg)](https://github.com/cryptomator/cryptomator/releases/latest)
 [![Community](https://img.shields.io/badge/help-Community-orange.svg)](https://community.cryptomator.org)
 
-Multi-platform transparent client-side encryption of your files in the cloud.
+## Supporting Cryptomator
+
+Cryptomator is provided free of charge as an open-source project despite the high development effort and is therefore dependent on donations. If you are also interested in further development, we offer you the opportunity to support us:
+
+- [One-time or recurring donation via Cryptomator's website.](https://cryptomator.org/#donate)
+- [Become a sponsor via Cryptomator's sponsors website.](https://cryptomator.org/sponsors/)
+
+### Silver Sponsors
+
+[![TheBestVPN](https://cryptomator.org/img/sponsors/thebestvpn.png)](https://thebestvpn.com/)
+
+---
+
+## Introduction
+
+Cryptomator offers multi-platform transparent client-side encryption of your files in the cloud.
 
 Download native binaries of Cryptomator on [cryptomator.org](https://cryptomator.org/) or clone and build Cryptomator using Maven (instructions below).
 
@@ -46,8 +61,7 @@ For more information on the security details visit [cryptomator.org](https://cry
 
 ### Dependencies
 
-* Java 8 (min. 8u51, we recommend to use the current version)
-* [JCE unlimited strength policy files](http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html) (needed for 256-bit keys)
+* JDK 11 (we recommend to use the latest version)
 * Maven 3
 * Optional: OS-dependent build tools for native packaging (see [Windows](https://github.com/cryptomator/cryptomator-win), [OS X](https://github.com/cryptomator/cryptomator-osx), [Linux](https://github.com/cryptomator/builder-containers))
 
@@ -58,7 +72,11 @@ cd main
 mvn clean install -Prelease
 ```
 
-An executable jar file will be created inside `main/uber-jar/target`.
+This will build all the jars and bundle them together with their OS-specific dependencies under `main/buildkit/target`. This can now be used to build native packages.
+
+### Start Cryptomator
+
+If you unzip the buildkit for your OS, you will find a launcher script with some basic settings. You might want to adjust these to your needs. To start Cryptomator, simply execute the launcher script from a terminal, e.g. `launcher-linux.sh`, if you're on a Linux system.
 
 ## License
 

SECURITY.md

@@ -0,0 +1,124 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+For reporting security-related vulnerabilities or exploits that [haven't been reported yet](https://github.com/cryptomator/cryptomator/labels/type%3Asecurity-issue), contact us at: security@cryptomator.org
+
+<details>
+<summary>PGP Key</summary>
+
+```
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mQINBFbgeicBEADM9AcU6DTgM5KZnBaJc6x9DBLr+TCMHntTt7YM9GLTlO2Z43Jt
+oYoyqdRWAY28veqpLEFgRvvVD3fdBj/KUOxF1cr2JsErwXqbjwaLq0o/0KIXz7UK
+a6pQSemZKfpOtJrfacofOTwvG6AuG9uakBYNMyxuojyOkoh3xsYS1KZ7TwPgCdET
+t8/zva41Pa5kh5+GeSZJdCuygG6ynPBJEpmK5V7Qizvics5fziXecF+QaFZijafv
+YahfxokvF9pXCQTmV4m57NQma9uK0w83U9nJCPjEd+x3wK0Hxrc1ojy8ZFTA1YND
+AQg/MTABgHbQQkXDQhjS/TloOObqtbMBqNSbcSXpaR4teaCWKBl1MSq00nJLj8db
+vPJGqfg7UbXhlALggp029/kskYlR5SmbxWquLbl0Xre3fDHuHEiWcJL6MS3454Wt
+Mno13/4UhOlRFh5g0pLmPz7seOTJjDqc9abn/RXOLq0+3qX0gC0bDm5aCE5dQ2MV
+FMbrrlw/dZESNLZvtB3gOsramSry1R3HVZ0QJ2vMaF2cxewebqcYbuecUNj6bxpv
+5LEhEmqz6dG1meLLWDsvQLPEUWEIJnfpBiDSm342yxJq4pXnVF+aqAQsCL3FpmvZ
+2j0FgFOs7iXOcFUJIiR0xUmWPk1NWYcUowqmRW8pMM9nFUzFF99iggPznwARAQAB
+tC1DcnlwdG9tYXRvciBTdXBwb3J0IDxzdXBwb3J0QGNyeXB0b21hdG9yLm9yZz6J
+AkAEEwEKACoCGwMFCQcrKAAFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AFAleu2cQC
+GQEACgkQI7Xb75TU2B3+7A/7BKRWdo5/moCCEbBzYQ7vRMLFdwmjFFlSZ7aGC0fP
+YHdeUwxPbO0cATwmNpGMma7rBn1FDg3Vto6/wottGxm+XIRwlyY84CD1VZAihZ/e
+WvjOO28/7VgRy6PGKzlhpDSoT8GwFOgO69e7bEff1Zj562RZe7nXc4tDivILMB++
+KgmmSgtddygmNQCS3RD3KssGo+l+cSjsg09F5WAJ6nQe8Jq2hICq+o/P6UXPI5lX
+bhvWYDn4/8sRHsIlGpQYYDDe0fz7IQKuSLAHpF5upNDxj6dYb05F8PPVrk6MW6nL
+/kf1fZ27DlLN5/NFvhhBRuwxxoAFqPS7Iel3z7L0JkRUYmGLVB5m9Cqiw6FK8JRv
+OtvakdDoKb5lVAoN5NeBfNBSqEcXVF/EdfTfIyyo7hZRA6xFMEVbmYbzt0sj0djV
+ZOey2TOFrTCpkHfUUDgKvk5sn+F3u8mmPIbqquEzlFJSFjcyiYYDv22rg1In+zKV
+Xmw4BFZRDS6IVSQRGlskRGJBixCaGyDYxHXXT2cg4Rk9uiCX11+0E9qlAsg6xPe6
+rnaYDT8dU0AFyVpDpshflXH3kVQSpiqZS3jkAk1/54ODO8pE80Zrnd5m5AMuNcmX
++9MkZKE+h0882UskDs1dyt26GU2hoy4lAeRUaut7zIK/WO6nnuLaTvGWT95RDz+q
+kD2JAiIEEwEKAAwFAleu2iYFgweGH4AACgkQZnuGbqgkCgnmCA//U22uhyEC/Tp3
+Cbt5lctQmqbgMbjRBaHQyW52tPFMaq8vXMbo/5TTtVC6xsp2PJT84cxAd8KX8hWq
+cPtF4wWCJGng/AzyxQ5dWfGvA/ll32ygjtJN3P/AvA9KlhG+6XYmS8cPkBkJBi6B
+2yCdZT1cXc/TPAFzjgAwz7K9g3awG0OeOc/CXymH0DD/snkiwKQoucStolYywZGc
+GszjMQgeT4zOc1wtEz24uL3dMNDlDcQMAh56YvK2oB0iMYmAFyX/IS+f2bM9paXi
+HX+mg/z53iwgf5ZXbslNDbMTJ5GNksjEGjCFfDHAdNdgT+lcW4l2U7q4PYUaN4LA
+DE9j2OlOlQ9qjucOgoCStirnTP7XHd4p31lgdz8+THOQowB5Ji95OkiNQAFCfxBt
+mcA/bWnJZQDm7L8RVzHovBpAaK6vUjxEvR+DXdESSzyZwkpsZwGZcyqGRT26R1/L
+JE5WvjKufNc5v3Cat320MjyrLZwVGRgvEpDMoCw3nTWl9AtOj5vgaakEWr7AnqET
+xk7UFbYmdTlQqkWuLKubz9Rx/FbrBmvd6vwTHy1Dfl6QyMWNCClatgN00Hxped/6
+CErg+R/RXd8apGxnOuWDqoujPn5LOHzgJolp1Ox16nTiZe2G+LbDr3hqRFi1wW6w
+ioMB4KpkdA03uyxJSWmDEMiR1l3Oxom0KUNyeXB0b21hdG9yIFByZXNzIDxwcmVz
+c0BjcnlwdG9tYXRvci5vcmc+iQI9BBMBCgAnBQJXrtnDAhsDBQkHKygABQsJCAcD
+BRUKCQgLBRYCAwEAAh4BAheAAAoJECO12++U1NgdQYMQAKCIzNJF8rURQcFLSv3J
+sPBjRy2HCzCWm21MuhU+bsaZx7U9M9dgEjzLfxN9s19VsBH3WKLgok2FgiYSGka3
+6Oy/P8VFLFmHs7dS9i2fro2eF7i4zj/ZD/9t0jM4ZIgLpbzr5sTBld292nsfXGob
+xOJeOx3oWYyR2FO9VQxXjC3JvJyZkFgoy0tauS4Mvii4cF56wJGcxDTbe1s7UaRC
+a/fh4zgISZSBE3rYhCawkN4mqMDM5RDjrdtjKUPWk345HcjjQ4Wos8xw4YbGbNr9
+Pc7m2URYJJ0jFM4tnoRF6cmA3bT9tm8pcOFg+K/ycVrltVEy+A8Wj8UGjyP1uI1t
+EqWHN3LZpIGfW0w9AGrw7OUI9czXcukfngj/DsOU3WMBDIM8pW9+zBpr75yIS6lz
+C0IqksLXSqX0b/Rby4O+wb6UZ1ZFkaim2GGtAZV+nGXtdnEXSNFiP7ykzjZ02m/1
+7CKyj3VmdAgT56zEIypFSfxm9gOWsJPmfhSyuE8bFyoitgNxpheZk6xZy4upVMPR
+WK3hutScU0yDv2HVCiA3o3Ggy42nmz9HpGF6W2DmBx4bhMaVs6I2VFyKdQzmJD/3
+FCWjwz8PiEgVGHGPnD+WdPFLhrc/44gF4h/VuLjkubtULGuTVvgjeTIJ5LR1Gmwc
+YOk6eD7MAJPzJVj5/PYFtIbKiQIiBBMBCgAMBQJXrtonBYMHhh+AAAoJEGZ7hm6o
+JAoJBh4P/1w88YMTKUHpFTfJEwH2hK36BZN96Bf/k+vP7n1Xxp3NheInJblHFOt/
+ccsup6am+APrk8gGtlIVmtVc3nO8WMsWxfJxGDecyRsNbessnODv/llyg3tzVU/H
+tLk7gLiK0TcIsOLfeNXGTxRRSKWjVFsNfuixNCzzHa7tFq6ddVn9VRZ8fqJB2p21
+OogWSDqUo9q9Wfb4RkYHguDx+8Jzoo/MxR1TSt8gUO2xDvEbqgeQiMCLF8R0lO3Y
+zz0FrpyOsFU1CxVp+wo55bWv1UdwgQKQt4o0m5/zDJ2RAtscXpd4YcTE+XxKeK+4
+qhihhkhLGpKsxzK5m9/qwMbodHwoBCBzfalkUR9xOq9yQIeEoC8XYL62NqB3BCSU
+KfWFIHxUkE9WH5zHWaV+bhrlNgk7nz3xBfPf1P2mNIc1VUHoNqOZOmWwz2VaKLSW
+f3GIqx9wGythFbLdXmUoC3W//DDYgQnvImvkncMqQ5nRHPf8uHcLQK5WZyIxpgWT
+eKon5G/cj0BTptcBhapMwSIyfaC5FV7so0/CkOA6R9Fyq2VpGoHy7XPhFS+6ieLi
+KUWhCvbuf2deWbSaJ0peMdzy1p72UXwrsEM0M3Fz+Jd8zvCaFzf5Fx27+pAAdlfg
+4bT3/2gSf7S+cU3+DnYOH0NeRt2Z2mjEKg9OwttTO/oDboQHdZlrtDRDcnlwdG9t
+YXRvciBTZWN1cml0eS1UZWFtIDxzZWN1cml0eUBjcnlwdG9tYXRvci5vcmc+iQI9
+BBMBCgAnBQJXrtnWAhsDBQkHKygABQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJ
+ECO12++U1NgddzoQAI78+Nvm6VvNuptXJjEmrpHRyKCnHF9wH5kxvF8WZCgpOkJ4
+vONmyS+9ZlepnT83MpGm/MzdIMCnDJmDmqmA5ISBRcD7k9Gjzz5rPKwE2zDyo0M0
+wF1L2UEUqAlcvE0e4twZcP2DGoNqdSf6IaWsXhQMb1a/rTMsoGZLuTB8kCbv6Ntl
+ULahcRToTB2shsbZjzE896P6X5hDCfGWl0Jhcbf53pnXX1dOsEw3et9AGru1IUMs
+UGM+wpgTwagRj+XB/WY1x9IznKtiHTq83Fvt+3bkg0+NIcV3GDqXDIUtqIwy8gDd
+4KgBU+LkyxXFDa4OxLc53n6b+Iy1nDosM+SiqSzdCCgEs/dY1tQBn/7P1GT18dEe
+tFgeH/c6wLvEpDIc9urAsYXf8H+1uy7glWpWTq8DE0yhCr4adjCqlIsVHQQO4UUW
+NfqMGEFpJ+3HjSSwnvDGY78lLQh5d4vqWV435aNaMqZg0gJIA0FtiP1fRtmT73BG
+N/tBNiBxretFR4B+x/TWqPd5iJV7/MAn/pa1WSOcaxzJrVUsjXdgLQCqcHWd4/w1
+f4DU9cJjl3sxZlMdAlg8Q1bF+pmjQQ4WKZkqMtwpoUilfVXmL42ay1LBCgW68/uJ
+OTyGfp8ntUsbbm5raGsny3TLqnacyG9hxcPGNTzD1+MrbUvfsc7+4U0dCZTuiQIi
+BBMBCgAMBQJXrtonBYMHhh+AAAoJEGZ7hm6oJAoJ1DQP/R+1drZiZQU45ChMbfTb
+XQjJRsUOGZp3PTWtx4KrVFvE8ea0PF+DZX5gLJYIU+iZmPXRpzFu6dKPbcZ7RfRt
+5RRH102zDZzijt2CQd7YLO8wxUFoWX9X7DGgxXEcNjl9kFVmnyHgiTwTzuZ0Zy4y
+PvoiwrhcZmXEYbOeV40gLFie6wuzz5IIcs01e30xIs+1/1gwmgI5UnG3jveUgmcj
+f/lvg3POKiwrY5Uzw1FSruJx21X06wTpDcfOACID4L7aY9eg2B/qL2Xj8nuhejqG
++1AVTMk2o6pxkvevHmxYQfEpuWGCw0RCBn9ObWwz6Zn5J9pjGbMrM+b1/M2Ouv3N
+cpoGgCSahKNsRMKO7RMrBG0jtLcasPSgZFYPJSZAAb+YhxKUbpPHzDIwTEjgM7CL
+gKSyRTKyp5IoFK53bpXL/ZIjkAhMvyDult6+BL6vI0+h3BBA9I0FF2Qhe139xLv/
+DS7aDiYAE9vGMGoeCBfxJPwUsDU3hrGe/wgL7fR6nmN7R2QffisBHKHsklORy9t3
+w3YFRd5sBAxv+EOcdkgXEmqKOfVQ8KU9adQcxPDGMAK/esjVwxUxsaf2PF5noxxW
+3zL2ureUO/mMoH5Cwr0BuM3HFb82t1JJd4IXlLEyNvDMFMwD2d7h37bGK7Y5hEsl
+zL7Dm+wQRY8sxg4QOZHbJjQXuQINBFbgeicBEADnkxGSEL1zwACaiVqADKC6/pgO
+MMWjxoENBT6r8Vnp1D5hfNDkEi9iXUpCEO6nzywBf3/4c4Yk1wBOBZ7YWyWXMf4v
+2g1evxELO5z1UlAwna6HSl7G0omIBqzz1Er5IS7C9WEZM8ZggwcuswCrbxfz4+fN
+t7cCL5QyOvuxez+vrn+VIgLQzKm+LV4Wc+OFbHIys+0saQUhItKO0/CsXGc8R314
+jdN5UsZk/MUdPPAs+6OCr8d3PpJvR6IST76TtN8aDjSS9T6em7dwdGFEwCGww3Jc
+xrAkvvUmSlscz+rnvHA5DYQGK6NXLenB40sVQVfch1r1VqwvlzA0u7OovjwM8+7u
++DaBQ0YejbdnC7yfeE91LmZkG6jRKfvTJkv18tjNsgZsVmM13xzP67fCFIB9M+lN
+t9zEldGKHVwm+06FHIWJsBDRgrquNb9xd1vgHHeIbJvKf+LqZhVrbKVEneG34Km+
+ndtb+mvcGc0fOoMU9lYrFaxAWl8oU9BchC9IyjcPZB445R+AhfTuoHSUViSCo6IO
+TG0hQsJuNoKmDAU8l5sTsiFXuXBOo1wK8gTkRnhZHduZrZIjJXvT7efz1knLQ6eG
+prZHf4CtbgHyAe2XZabetWtCsFcPbOjC7ezNK57UvVH98h2GkckxOM00BESMCTee
+kYy7uG0v0rrajzHY1wARAQABiQIlBBgBCgAPBQJW4HonAhsMBQkHKygAAAoJECO1
+2++U1NgdyAsQAKZUVA6pY225BASkeNiW31L7K4VeRYpAdFkiRex2zQFtj9Vovfi1
+JeTs0fRm35dUsQraf1bkhsjEdPVZ3gD324/baauFO04KX+soyQvK/tUq8KO+5ALt
+Ul5aAljuSwxfJWFpApv+Mbf7gOjm+77jirs7pgG/gCow/mkRlmKTwAmn2DXjkckC
+2EH0mqmh5pdoNWKO7WeTFFbUmESsPcnB2FwTpEjHFvgHll+rmKpXZTgFYN4dDhhm
+HsL/SCf/Nw+YIsuvErQ9TJVdJDLG8ZYatruk7dZZMPtFxvxM1Q36gDIpPEOKPkvm
+dMXg6jHaIdYIaoMpzXFaXsQMdRuMtzbcA+CdwXVY55qGLtfmM/QuEiIJdDeeh7iB
++VAMyEFOOpi8IFhixaeMoZAmrKDqOkzPcMJVklLYq8N+b9p5JszYNwZEbpyWCACM
+6K+iJzlWzW/OPZttGLJBgYuSYIJIuG80Cx5m5m1e5RAgQ1iT8nbfrS+gYttwP48J
+V7SXQg7QugxG9l1vlK4VjnXiOFulJ7V0e/VyUBpJp3qHcCxFq3RnxVwlIqKZh+jm
+Q1bk0H0Xodd27nQITfDP5ullByGW2Jrjs6SsXeR3jl9+t0XQfInU1L9d/wSOkMjL
+9IMUt06lV4vB/WP2xioqLZiZ4eAi0E+lWkFxjZsgNs2xbOAYRThMB8a5
+=W1Ri
+-----END PGP PUBLIC KEY BLOCK-----
+```
+</details>

SUPPORT.md

@@ -4,7 +4,15 @@ For development-related topics, GitHub is the right place.
 
 For _everything else_, please visit our official [Cryptomator Community](https://community.cryptomator.org) (we are there, too :wink:). Amongst others, you will find:
 
-- Installation manuals
-- Usage guides
-- Help with problems
-- Tips & tricks
+- [Knowledge Base](https://community.cryptomator.org/c/kb)
+  - Installation manuals
+  - Usage guides
+  - FAQ
+- [Help with problems](https://community.cryptomator.org/c/help)
+  - Assistance with the setup
+  - Known issues and workarounds
+  - Discussions about the apps
+- [Development discussions](https://community.cryptomator.org/c/development)
+  - General questions
+  - Discussions regarding our design decissions
+  - Our roadmap

main/ant-kit/.gitignore

@@ -1 +0,0 @@
-/target/

main/ant-kit/assembly.xml

@@ -1,38 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
-	<id>tarball</id>
-	<includeBaseDirectory>false</includeBaseDirectory>
-	<formats>
-		<format>tar.gz</format>
-	</formats>
-	<fileSets>
-		<fileSet>
-			<directory>target/libs</directory>
-			<includes>
-				<include>*.jar</include>
-			</includes>
-			<outputDirectory>libs</outputDirectory>
-		</fileSet>
-		<fileSet>
-			<directory>target/fixed-binaries</directory>
-			<filtered>false</filtered>
-			<outputDirectory>fixed-binaries</outputDirectory>
-			<fileMode>755</fileMode>
-		</fileSet>
-		<fileSet>
-			<directory>target/package</directory>
-			<filtered>false</filtered>
-			<outputDirectory>package</outputDirectory>
-		</fileSet>
-		<fileSet>
-			<directory>target</directory>
-			<includes>
-				<include>build.xml</include>
-				<include>logback.xml</include>
-			</includes>
-			<filtered>false</filtered>
-			<outputDirectory>.</outputDirectory>
-		</fileSet>
-	</fileSets>
-</assembly>

main/ant-kit/pom.xml

@@ -1,99 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-	<parent>
-		<groupId>org.cryptomator</groupId>
-		<artifactId>main</artifactId>
-		<version>1.4.0-SNAPSHOT</version>
-	</parent>
-	<artifactId>ant-kit</artifactId>
-	<packaging>pom</packaging>
-	<name>Cryptomator Ant Build Kit</name>
-	<description>Builds a package that can be built with Ant locally</description>
-
-	<dependencies>
-		<dependency>
-			<groupId>org.cryptomator</groupId>
-			<artifactId>launcher</artifactId>
-		</dependency>
-	</dependencies>
-
-	<build>	
-		<plugins>
-			<!-- copy libraries to target/libs/: -->
-			<plugin>
-				<artifactId>maven-dependency-plugin</artifactId>
-				<executions>
-					<execution>
-						<id>copy-libs</id>
-						<phase>prepare-package</phase>
-						<goals>
-							<goal>copy-dependencies</goal>
-						</goals>
-						<configuration>
-							<outputDirectory>${project.build.directory}/libs</outputDirectory>
-						</configuration>
-					</execution>
-				</executions>
-			</plugin>
-
-			<!-- copy resources to target/: -->
-			<plugin>
-				<artifactId>maven-resources-plugin</artifactId>
-				<version>3.0.2</version>
-				<executions>
-					<execution>
-						<id>copy-resources</id>
-						<phase>prepare-package</phase>
-						<goals>
-							<goal>copy-resources</goal>
-						</goals>
-						<configuration>
-							<outputDirectory>${project.build.directory}</outputDirectory>
-							<escapeString>\</escapeString>
-							<encoding>UTF-8</encoding>
-							<resources>
-								<resource>
-									<directory>src/main/resources</directory>
-									<filtering>true</filtering>
-									<includes>
-										<include>build.xml</include>
-									</includes>
-								</resource>
-								<resource>
-									<directory>src/main/resources</directory>
-									<filtering>false</filtering>
-									<includes>
-										<include>logback.xml</include>
-									</includes>
-								</resource>
-							</resources>
-						</configuration>
-					</execution>
-				</executions>
-			</plugin>
-
-			<!-- create antkit.tar.gz: -->
-			<plugin>
-				<artifactId>maven-assembly-plugin</artifactId>
-				<version>3.1.0</version>
-				<executions>
-					<execution>
-						<id>make-assembly</id>
-						<phase>package</phase>
-						<goals>
-							<goal>single</goal>
-						</goals>
-					</execution>
-				</executions>
-				<configuration>
-					<descriptors>
-						<descriptor>assembly.xml</descriptor>
-					</descriptors>
-					<appendAssemblyId>false</appendAssemblyId>
-					<finalName>antkit</finalName>
-				</configuration>
-			</plugin>
-		</plugins>
-	</build>
-</project>

main/ant-kit/src/main/resources/build.xml

@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project name="Cryptomator" default="create-jar" basedir="." xmlns:fx="javafx:com.sun.javafx.tools.ant">
-	<taskdef uri="javafx:com.sun.javafx.tools.ant" resource="com/sun/javafx/tools/ant/antlib.xml" classpath="\${java.class.path}:\${java.home}/lib/ant-javafx.jar:." />
-	
-	<!-- Define application to build -->
-	<fx:application id="Cryptomator" name="Cryptomator" version="${project.version}" mainClass="org.cryptomator.launcher.Cryptomator" />
-	
-	<!-- Create main application jar -->
-	<target name="create-jar">
-		<fx:jar destfile="antbuild/Cryptomator-${project.version}.jar">
-			<fx:application refid="Cryptomator" />
-			<fx:fileset dir="libs" includes="launcher-${project.version}.jar" />
-			<fx:resources>
-				<fx:fileset dir="libs" type="jar" includes="*.jar" excludes="launcher-${project.version}.jar" />
-			</fx:resources>
-			<fx:manifest>
-				<fx:attribute name="Implementation-Vendor" value="cryptomator.org" />
-				<fx:attribute name="Implementation-Title" value="Cryptomator"/>
-				<fx:attribute name="Implementation-Version" value="${project.version}" />
-			</fx:manifest>
-		</fx:jar>
-	</target>
-
-	<!-- Create Image package -->
-	<target name="image" depends="create-jar">
-		<fx:deploy nativeBundles="image" outdir="antbuild" verbose="true">
-			<fx:application refid="Cryptomator" />
-			<fx:info title="Cryptomator" vendor="cryptomator.org" copyright="cryptomator.org" license="GPL" category="Utility"/>
-			<fx:platform j2se="9.0">
-				<fx:property name="logback.configurationFile" value="logback.xml" />
-				<fx:property name="cryptomator.settingsPath" value="~/.Cryptomator/settings.json" />
-				<fx:property name="cryptomator.ipcPortPath" value="~/.Cryptomator/ipcPort.bin" />
-				<fx:jvmarg value="-Xss2m"/>
-				<fx:jvmarg value="-Xmx512m"/>
-				<fx:jvmarg value="--add-modules"/>
-				<fx:jvmarg value="jdk.incubator.httpclient"/>
-			</fx:platform>
-			<fx:resources>
-				<fx:fileset dir="." type="data" includes="logback.xml" />
-				<fx:fileset dir="antbuild" type="jar" includes="Cryptomator-${project.version}.jar" />
-				<fx:fileset dir="libs" type="jar" includes="*.jar" excludes="launcher-${project.version}.jar"/>
-			</fx:resources>
-			<fx:permissions elevated="false" />
-			<fx:preferences install="true" />
-		</fx:deploy>
-	</target>
-	
-</project>

main/ant-kit/src/main/resources/logback.xml

@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<!DOCTYPE xml>
-<configuration scan="true" debug="true">
-
-	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
-		<encoder>
-			<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
-		</encoder>
-	</appender>
-	
-	<appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
-		<file>${user.home}/.Cryptomator/cryptomator.log</file>
-		<append>false</append>
-		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-			<fileNamePattern>${user.home}/.Cryptomator/cryptomator%i.log</fileNamePattern>
-			<minIndex>0</minIndex>
-			<maxIndex>9</maxIndex>
-		</rollingPolicy>
-		<triggeringPolicy class="org.cryptomator.logging.LaunchBasedTriggeringPolicy" />
-		<encoder>
-			<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
-		</encoder>
-	</appender>
-	
-	<appender name="UPGRADE_FILE" class="ch.qos.logback.core.FileAppender">
-		<file>${user.home}/.Cryptomator/upgrade.log</file>
-		<append>true</append>
-		<encoder>
-			<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
-		</encoder>
-	</appender>
-
-	<logger name="org.cryptomator" level="INFO" />
-	<logger name="org.eclipse.jetty.server.HttpChannel" level="INFO" />
-	<logger name="org.cryptomator.ui.model" level="INFO">
-		<appender-ref ref="UPGRADE_FILE" />
-	</logger>
-
-	<root level="INFO">
-		<appender-ref ref="STDOUT" />
-		<appender-ref ref="FILE" />
-	</root>
-
-</configuration>

main/buildkit/assembly-linux.xml

@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+		  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
+	<id>tarball</id>
+	<includeBaseDirectory>false</includeBaseDirectory>
+	<formats>
+		<format>zip</format>
+	</formats>
+	<fileSets>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>version.txt</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>ffi-version.txt</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>LICENSE.txt</include>
+			</includes>
+			<outputDirectory></outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>launcher-linux.sh</include>
+			</includes>
+			<outputDirectory></outputDirectory>
+			<fileMode>0755</fileMode>
+		</fileSet>
+		<fileSet>
+			<directory>target/libs</directory>
+			<includes>
+				<include>*.jar</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/linux-libs</directory>
+			<includes>
+				<include>*.jar</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+	</fileSets>
+</assembly>

main/buildkit/assembly-mac.xml

@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+		  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
+	<id>tarball</id>
+	<includeBaseDirectory>false</includeBaseDirectory>
+	<formats>
+		<format>zip</format>
+	</formats>
+	<fileSets>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>version.txt</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>ffi-version.txt</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>LICENSE.txt</include>
+			</includes>
+			<outputDirectory></outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>launcher-mac.sh</include>
+			</includes>
+			<outputDirectory></outputDirectory>
+			<fileMode>0755</fileMode>
+		</fileSet>
+		<fileSet>
+			<directory>target/libs</directory>
+			<includes>
+				<include>*.jar</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/mac-libs</directory>
+			<includes>
+				<include>*.jar</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+	</fileSets>
+</assembly>

main/buildkit/assembly-win.xml

@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<assembly xmlns="http://maven.apache.org/ASSEMBLY/2.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+		  xsi:schemaLocation="http://maven.apache.org/ASSEMBLY/2.0.0 http://maven.apache.org/xsd/assembly-2.0.0.xsd">
+	<id>tarball</id>
+	<includeBaseDirectory>false</includeBaseDirectory>
+	<formats>
+		<format>zip</format>
+	</formats>
+	<fileSets>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>version.txt</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>ffi-version.txt</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>LICENSE.txt</include>
+			</includes>
+			<outputDirectory></outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/</directory>
+			<includes>
+				<include>launcher-win.bat</include>
+			</includes>
+			<outputDirectory></outputDirectory>
+			<fileMode>0755</fileMode>
+		</fileSet>
+		<fileSet>
+			<directory>target/libs</directory>
+			<includes>
+				<include>*.jar</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+		<fileSet>
+			<directory>target/win-libs</directory>
+			<includes>
+				<include>*.jar</include>
+			</includes>
+			<outputDirectory>libs</outputDirectory>
+		</fileSet>
+	</fileSets>
+</assembly>

main/buildkit/pom.xml

@@ -0,0 +1,174 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.cryptomator</groupId>
+		<artifactId>main</artifactId>
+		<version>1.5.0</version>
+	</parent>
+	<artifactId>buildkit</artifactId>
+	<packaging>pom</packaging>
+	<name>Cryptomator Build Kit</name>
+	<description>Builds a package that can be built with Ant locally</description>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>launcher</artifactId>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<plugins>
+			<!-- copy resources -->
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-resources-plugin</artifactId>
+				<version>3.1.0</version>
+				<executions>
+					<execution>
+						<id>copy-resources</id>
+						<phase>prepare-package</phase>
+						<goals>
+							<goal>copy-resources</goal>
+						</goals>
+						<configuration>
+							<outputDirectory>${project.build.directory}</outputDirectory>
+							<resources>
+								<resource>
+									<directory>${project.basedir}/src/main/resources</directory>
+									<includes>
+										<include>version.txt</include>
+										<include>ffi-version.txt</include>
+										<include>launcher-mac.sh</include>
+										<include>launcher-linux.sh</include>
+										<include>launcher-win.bat</include>
+										<include>LICENSE.txt</include>
+									</includes>
+									<filtering>true</filtering>
+								</resource>
+							</resources>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+
+			<!-- copy libraries to target/libs/: -->
+			<plugin>
+				<artifactId>maven-dependency-plugin</artifactId>
+				<version>3.1.1</version>
+				<executions>
+					<execution>
+						<id>copy-libs</id>
+						<phase>prepare-package</phase>
+						<goals>
+							<goal>copy-dependencies</goal>
+						</goals>
+						<configuration>
+							<outputDirectory>${project.build.directory}/libs</outputDirectory>
+							<excludeClassifiers>linux,mac,win</excludeClassifiers>
+							<excludeArtifactIds>dbus-java,secret-service,hkdf,java-utils</excludeArtifactIds>
+						</configuration>
+					</execution>
+					<execution>
+						<id>copy-linux-libs</id>
+						<phase>prepare-package</phase>
+						<goals>
+							<goal>copy-dependencies</goal>
+						</goals>
+						<configuration>
+							<outputDirectory>${project.build.directory}/linux-libs</outputDirectory>
+							<includeGroupIds>org.openjfx</includeGroupIds>
+							<classifier>linux</classifier>
+						</configuration>
+					</execution>
+					<execution>
+						<id>copy-linux-secret-service</id>
+						<phase>prepare-package</phase>
+						<goals>
+							<goal>copy-dependencies</goal>
+						</goals>
+						<configuration>
+							<outputDirectory>${project.build.directory}/linux-libs</outputDirectory>
+							<includeArtifactIds>dbus-java,secret-service,hkdf,java-utils</includeArtifactIds>
+						</configuration>
+					</execution>
+					<execution>
+						<id>copy-mac-libs</id>
+						<phase>prepare-package</phase>
+						<goals>
+							<goal>copy-dependencies</goal>
+						</goals>
+						<configuration>
+							<outputDirectory>${project.build.directory}/mac-libs</outputDirectory>
+							<includeGroupIds>org.openjfx</includeGroupIds>
+							<classifier>mac</classifier>
+						</configuration>
+					</execution>
+					<execution>
+						<id>copy-win-libs</id>
+						<phase>prepare-package</phase>
+						<goals>
+							<goal>copy-dependencies</goal>
+						</goals>
+						<configuration>
+							<outputDirectory>${project.build.directory}/win-libs</outputDirectory>
+							<includeGroupIds>org.openjfx</includeGroupIds>
+							<classifier>win</classifier>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+
+			<!-- create buildkit.zip: -->
+			<plugin>
+				<artifactId>maven-assembly-plugin</artifactId>
+				<version>3.1.1</version>
+				<executions>
+					<execution>
+						<id>assemble-linux</id>
+						<phase>package</phase>
+						<goals>
+							<goal>single</goal>
+						</goals>
+						<configuration>
+							<descriptors>
+								<descriptor>assembly-linux.xml</descriptor>
+							</descriptors>
+							<appendAssemblyId>false</appendAssemblyId>
+							<finalName>buildkit-linux</finalName>
+						</configuration>
+					</execution>
+					<execution>
+						<id>assemble-mac</id>
+						<phase>package</phase>
+						<goals>
+							<goal>single</goal>
+						</goals>
+						<configuration>
+							<descriptors>
+								<descriptor>assembly-mac.xml</descriptor>
+							</descriptors>
+							<appendAssemblyId>false</appendAssemblyId>
+							<finalName>buildkit-mac</finalName>
+						</configuration>
+					</execution>
+					<execution>
+						<id>assemble-win</id>
+						<phase>package</phase>
+						<goals>
+							<goal>single</goal>
+						</goals>
+						<configuration>
+							<descriptors>
+								<descriptor>assembly-win.xml</descriptor>
+							</descriptors>
+							<appendAssemblyId>false</appendAssemblyId>
+							<finalName>buildkit-win</finalName>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
+	</build>
+</project>

main/buildkit/src/main/resources/LICENSE.txt

@@ -1,5 +1,5 @@
-                    GNU AFFERO GENERAL PUBLIC LICENSE
-                       Version 3, 19 November 2007
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
 
  Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
  Everyone is permitted to copy and distribute verbatim copies
@@ -7,15 +7,17 @@
 
                             Preamble
 
-  The GNU Affero General Public License is a free, copyleft license for
-software and other kinds of works, specifically designed to ensure
-cooperation with the community in the case of network server software.
+  The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
 
   The licenses for most software and other practical works are designed
 to take away your freedom to share and change the works.  By contrast,
-our General Public Licenses are intended to guarantee your freedom to
+the GNU General Public License is intended to guarantee your freedom to
 share and change all versions of a program--to make sure it remains free
-software for all its users.
+software for all its users.  We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors.  You can apply it to
+your programs, too.
 
   When we speak of free software, we are referring to freedom, not
 price.  Our General Public Licenses are designed to make sure that you
@@ -24,34 +26,44 @@ them if you wish), that you receive source code or can get it if you
 want it, that you can change the software or use pieces of it in new
 free programs, and that you know you can do these things.
 
-  Developers that use our General Public Licenses protect your rights
-with two steps: (1) assert copyright on the software, and (2) offer
-you this License which gives you legal permission to copy, distribute
-and/or modify the software.
+  To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights.  Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
 
-  A secondary benefit of defending all users' freedom is that
-improvements made in alternate versions of the program, if they
-receive widespread use, become available for other developers to
-incorporate.  Many developers of free software are heartened and
-encouraged by the resulting cooperation.  However, in the case of
-software used on network servers, this result may fail to come about.
-The GNU General Public License permits making a modified version and
-letting the public access it on a server without ever releasing its
-source code to the public.
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received.  You must make sure that they, too, receive
+or can get the source code.  And you must show them these terms so they
+know their rights.
 
-  The GNU Affero General Public License is designed specifically to
-ensure that, in such cases, the modified source code becomes available
-to the community.  It requires the operator of a network server to
-provide the source code of the modified version running there to the
-users of that server.  Therefore, public use of a modified version, on
-a publicly accessible server, gives the public access to the source
-code of the modified version.
+  Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
 
-  An older license, called the Affero General Public License and
-published by Affero, was designed to accomplish similar goals.  This is
-a different license, not a version of the Affero GPL, but Affero has
-released a new version of the Affero GPL which permits relicensing under
-this license.
+  For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software.  For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+  Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so.  This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software.  The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable.  Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products.  If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+  Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary.  To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
 
   The precise terms and conditions for copying, distribution and
 modification follow.
@@ -60,7 +72,7 @@ modification follow.
 
   0. Definitions.
 
-  "This License" refers to version 3 of the GNU Affero General Public License.
+  "This License" refers to version 3 of the GNU General Public License.
 
   "Copyright" also means copyright-like laws that apply to other kinds of
 works, such as semiconductor masks.
@@ -537,45 +549,35 @@ to collect a royalty for further conveying from those to whom you convey
 the Program, the only way you could satisfy both those terms and this
 License would be to refrain entirely from conveying the Program.
 
-  13. Remote Network Interaction; Use with the GNU General Public License.
-
-  Notwithstanding any other provision of this License, if you modify the
-Program, your modified version must prominently offer all users
-interacting with it remotely through a computer network (if your version
-supports such interaction) an opportunity to receive the Corresponding
-Source of your version by providing access to the Corresponding Source
-from a network server at no charge, through some standard or customary
-means of facilitating copying of software.  This Corresponding Source
-shall include the Corresponding Source for any work covered by version 3
-of the GNU General Public License that is incorporated pursuant to the
-following paragraph.
+  13. Use with the GNU Affero General Public License.
 
   Notwithstanding any other provision of this License, you have
 permission to link or combine any covered work with a work licensed
-under version 3 of the GNU General Public License into a single
+under version 3 of the GNU Affero General Public License into a single
 combined work, and to convey the resulting work.  The terms of this
 License will continue to apply to the part which is the covered work,
-but the work with which it is combined will remain governed by version
-3 of the GNU General Public License.
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
 
   14. Revised Versions of this License.
 
   The Free Software Foundation may publish revised and/or new versions of
-the GNU Affero General Public License from time to time.  Such new versions
-will be similar in spirit to the present version, but may differ in detail to
+the GNU General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
 address new problems or concerns.
 
   Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU Affero General
+Program specifies that a certain numbered version of the GNU General
 Public License "or any later version" applies to it, you have the
 option of following the terms and conditions either of that numbered
 version or of any later version published by the Free Software
 Foundation.  If the Program does not specify a version number of the
-GNU Affero General Public License, you may choose any version ever published
+GNU General Public License, you may choose any version ever published
 by the Free Software Foundation.
 
   If the Program specifies that a proxy can decide which future
-versions of the GNU Affero General Public License can be used, that proxy's
+versions of the GNU General Public License can be used, that proxy's
 public statement of acceptance of a version permanently authorizes you
 to choose that version for the Program.
 
@@ -633,29 +635,40 @@ the "copyright" line and a pointer to where the full notice is found.
     Copyright (C) <year>  <name of author>
 
     This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU Affero General Public License as published by
+    it under the terms of the GNU General Public License as published by
     the Free Software Foundation, either version 3 of the License, or
     (at your option) any later version.
 
     This program is distributed in the hope that it will be useful,
     but WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU Affero General Public License for more details.
+    GNU General Public License for more details.
 
-    You should have received a copy of the GNU Affero General Public License
+    You should have received a copy of the GNU General Public License
     along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 Also add information on how to contact you by electronic and paper mail.
 
-  If your software can interact with users remotely through a computer
-network, you should also make sure that it provides a way for users to
-get its source.  For example, if your program is a web application, its
-interface could display a "Source" link that leads users to an archive
-of the code.  There are many ways you could offer source, and different
-solutions will be better for different programs; see section 13 for the
-specific requirements.
+  If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+    <program>  Copyright (C) <year>  <name of author>
+    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
 
   You should also get your employer (if you work as a programmer) or school,
 if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU AGPL, see
-<http://www.gnu.org/licenses/>.
+For more information on this, and how to apply and follow the GNU GPL, see
+<http://www.gnu.org/licenses/>.
+
+  The GNU General Public License does not permit incorporating your program
+into proprietary programs.  If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.  But first, please read
+<http://www.gnu.org/philosophy/why-not-lgpl.html>.

main/buildkit/src/main/resources/ffi-version.txt

@@ -0,0 +1 @@
+${cryptomator.jni.version}

main/buildkit/src/main/resources/launcher-linux.sh

@@ -0,0 +1,11 @@
+#!/bin/sh
+java \
+	-cp "libs/*" \
+	-Dcryptomator.settingsPath="~/.config/Cryptomator/settings.json" \
+	-Dcryptomator.ipcPortPath="~/.config/Cryptomator/ipcPort.bin" \
+	-Dcryptomator.logDir="~/.local/share/Cryptomator/logs" \
+	-Dcryptomator.mountPointsDir="~/.local/share/Cryptomator/mnt" \
+	-Djdk.gtk.version=2 \
+	-Xss20m \
+	-Xmx512m \
+	org.cryptomator.launcher.Cryptomator

main/buildkit/src/main/resources/launcher-mac.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+java \
+	-cp "libs/*" \
+	-Dcryptomator.settingsPath="~/Library/Application Support/Cryptomator/settings.json" \
+	-Dcryptomator.ipcPortPath="~/Library/Application Support/Cryptomator/ipcPort.bin" \
+	-Dcryptomator.logDir="~/Library/Logs/Cryptomator" \
+	-Dcryptomator.mountPointsDir="/Volumes" \
+	-Xss20m \
+	-Xmx512m \
+	org.cryptomator.launcher.Cryptomator

main/buildkit/src/main/resources/launcher-win.bat

@@ -0,0 +1,10 @@
+@echo off
+java ^
+	-cp "libs/*" ^
+	-Dcryptomator.settingsPath="~/AppData/Roaming/Cryptomator/settings.json" ^
+	-Dcryptomator.ipcPortPath="~/AppData/Roaming/Cryptomator/ipcPort.bin" ^
+	-Dcryptomator.logDir="~/AppData/Roaming/Cryptomator" ^
+	-Dcryptomator.keychainPath="~/AppData/Roaming/Cryptomator/keychain.json" ^
+	-Xss20m ^
+	-Xmx512m ^
+	org.cryptomator.launcher.Cryptomator

main/buildkit/src/main/resources/version.txt

@@ -0,0 +1 @@
+${project.version}

main/commons/pom.xml

@@ -4,29 +4,70 @@
 	<parent>
 		<groupId>org.cryptomator</groupId>
 		<artifactId>main</artifactId>
-		<version>1.4.0-SNAPSHOT</version>
+		<version>1.5.0</version>
 	</parent>
 	<artifactId>commons</artifactId>
 	<name>Cryptomator Commons</name>
 	<description>Shared utilities</description>
 
 	<dependencies>
-		<!-- Libs -->
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>cryptofs</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>fuse-nio-adapter</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>dokany-nio-adapter</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>webdav-nio-adapter</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>jni</artifactId>
+		</dependency>
+
+		<!-- JavaFx -->
+		<dependency>
+			<groupId>org.openjfx</groupId>
+			<artifactId>javafx-base</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.openjfx</groupId>
+			<artifactId>javafx-graphics</artifactId>
+		</dependency>
+
+		<!-- EasyBind -->
+		<dependency>
+			<groupId>org.fxmisc.easybind</groupId>
+			<artifactId>easybind</artifactId>
+		</dependency>
+
+		<!-- JWT -->
+		<dependency>
+			<groupId>com.auth0</groupId>
+			<artifactId>java-jwt</artifactId>
+		</dependency>
+
+		<!-- Google -->
 		<dependency>
 			<groupId>com.google.guava</groupId>
 			<artifactId>guava</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>org.apache.commons</groupId>
-			<artifactId>commons-lang3</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>com.google.code.gson</groupId>
 			<artifactId>gson</artifactId>
 		</dependency>
+
+		<!-- Apache Commons -->
 		<dependency>
-			<groupId>org.fxmisc.easybind</groupId>
-			<artifactId>easybind</artifactId>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-lang3</artifactId>
 		</dependency>
 
 		<!-- DI -->

main/commons/src/main/java/org/cryptomator/common/CommonsModule.java

@@ -5,22 +5,126 @@
  *******************************************************************************/
 package org.cryptomator.common;
 
-import java.util.Comparator;
+import dagger.Module;
+import dagger.Provides;
+import javafx.beans.binding.Binding;
+import javafx.beans.binding.Bindings;
+import javafx.collections.ObservableList;
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.settings.Settings;
+import org.cryptomator.common.settings.SettingsProvider;
+import org.cryptomator.common.vaults.Vault;
+import org.cryptomator.common.vaults.VaultComponent;
+import org.cryptomator.common.vaults.VaultListManager;
+import org.cryptomator.frontend.webdav.WebDavServer;
+import org.fxmisc.easybind.EasyBind;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import javax.inject.Named;
 import javax.inject.Singleton;
+import java.net.InetSocketAddress;
+import java.util.Comparator;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.SynchronousQueue;
+import java.util.concurrent.ThreadPoolExecutor;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicInteger;
 
-import dagger.Module;
-import dagger.Provides;
+@Module(subcomponents = {VaultComponent.class})
+public abstract class CommonsModule {
 
-@Module
-public class CommonsModule {
+	private static final Logger LOG = LoggerFactory.getLogger(CommonsModule.class);
+	private static final int NUM_SCHEDULER_THREADS = 2;
+	private static final int NUM_CORE_BG_THREADS = 6;
+	private static final long BG_THREAD_KEEPALIVE_SECONDS = 60l;
+
+	@Provides
+	@Singleton
+	@Named("licensePublicKey")
+	static String provideLicensePublicKey() {
+		// in PEM format without the dash-escaped begin/end lines
+		return "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQB7NfnqiZbg2KTmoflmZ71PbXru7oW" //
+				+ "fmnV2yv3eDjlDfGruBrqz9TtXBZV/eYWt31xu1osIqaT12lKBvZ511aaAkIBeOEV" //
+				+ "gwcBIlJr6kUw7NKzeJt7r2rrsOyQoOG2nWc/Of/NBqA3mIZRHk5Aq1YupFdD26QE" //
+				+ "r0DzRyj4ixPIt38CQB8=";
+	}
 
 	@Provides
 	@Singleton
 	@Named("SemVer")
-	Comparator<String> providesSemVerComparator() {
+	static Comparator<String> providesSemVerComparator() {
 		return new SemVerComparator();
 	}
 
+	@Provides
+	@Singleton
+	static Settings provideSettings(SettingsProvider settingsProvider) {
+		return settingsProvider.get();
+	}
+
+	@Provides
+	@Singleton
+	static ObservableList<Vault> provideVaultList(VaultListManager vaultListManager) {
+		return vaultListManager.getVaultList();
+	}
+
+	@Provides
+	@Singleton
+	static ScheduledExecutorService provideScheduledExecutorService(ShutdownHook shutdownHook) {
+		final AtomicInteger threadNumber = new AtomicInteger(1);
+		ScheduledExecutorService executorService = Executors.newScheduledThreadPool(NUM_SCHEDULER_THREADS, r -> {
+			String name = String.format("App Scheduled Executor %02d", threadNumber.getAndIncrement());
+			Thread t = new Thread(r);
+			t.setName(name);
+			t.setUncaughtExceptionHandler(CommonsModule::handleUncaughtExceptionInBackgroundThread);
+			t.setDaemon(true);
+			LOG.debug("Starting {}", t.getName());
+			return t;
+		});
+		shutdownHook.runOnShutdown(executorService::shutdown);
+		return executorService;
+	}
+
+	@Provides
+	@Singleton
+	static ExecutorService provideExecutorService(ShutdownHook shutdownHook) {
+		final AtomicInteger threadNumber = new AtomicInteger(1);
+		ExecutorService executorService = new ThreadPoolExecutor(NUM_CORE_BG_THREADS, Integer.MAX_VALUE, BG_THREAD_KEEPALIVE_SECONDS, TimeUnit.SECONDS, new SynchronousQueue<>(), r -> {
+			String name = String.format("App Background Thread %03d", threadNumber.getAndIncrement());
+			Thread t = new Thread(r);
+			t.setName(name);
+			t.setUncaughtExceptionHandler(CommonsModule::handleUncaughtExceptionInBackgroundThread);
+			t.setDaemon(true);
+			LOG.debug("Starting {}", t.getName());
+			return t;
+		});
+		shutdownHook.runOnShutdown(executorService::shutdown);
+		return executorService;
+	}
+
+	private static void handleUncaughtExceptionInBackgroundThread(Thread thread, Throwable throwable) {
+		LOG.error("Uncaught exception in " + thread.getName(), throwable);
+	}
+
+	@Provides
+	@Singleton
+	static Binding<InetSocketAddress> provideServerSocketAddressBinding(Settings settings) {
+		return Bindings.createObjectBinding(() -> {
+			String host = SystemUtils.IS_OS_WINDOWS ? "127.0.0.1" : "localhost";
+			return InetSocketAddress.createUnresolved(host, settings.port().intValue());
+		}, settings.port());
+	}
+
+	@Provides
+	@Singleton
+	static WebDavServer provideWebDavServer(Binding<InetSocketAddress> serverSocketAddressBinding) {
+		WebDavServer server = WebDavServer.create();
+		// no need to unsubscribe eventually, because server is a singleton
+		EasyBind.subscribe(serverSocketAddressBinding, server::bind);
+		return server;
+	}
+
 }

main/commons/src/main/java/org/cryptomator/common/Constants.java

@@ -0,0 +1,7 @@
+package org.cryptomator.common;
+
+public interface Constants {
+
+	String MASTERKEY_FILENAME = "masterkey.cryptomator";
+
+}

main/commons/src/main/java/org/cryptomator/common/Environment.java

@@ -0,0 +1,115 @@
+package org.cryptomator.common;
+
+import com.google.common.base.Splitter;
+import com.google.common.base.Strings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.Optional;
+import java.util.Spliterator;
+import java.util.Spliterators;
+import java.util.function.Predicate;
+import java.util.stream.Stream;
+import java.util.stream.StreamSupport;
+
+@Singleton
+public class Environment {
+
+	private static final Logger LOG = LoggerFactory.getLogger(Environment.class);
+	private static final String USER_HOME = System.getProperty("user.home");
+	private static final Path RELATIVE_HOME_DIR = Paths.get("~");
+	private static final Path ABSOLUTE_HOME_DIR = Paths.get(USER_HOME);
+	private static final char PATH_LIST_SEP = ':';
+	private static final int DEFAULT_MIN_PW_LENGTH = 8;
+
+	@Inject
+	public Environment() {
+		LOG.debug("java.library.path: {}", System.getProperty("java.library.path"));
+		LOG.debug("user.language: {}", System.getProperty("user.language"));
+		LOG.debug("user.region: {}", System.getProperty("user.region"));
+		LOG.debug("logback.configurationFile: {}", System.getProperty("logback.configurationFile"));
+		LOG.debug("cryptomator.settingsPath: {}", System.getProperty("cryptomator.settingsPath"));
+		LOG.debug("cryptomator.ipcPortPath: {}", System.getProperty("cryptomator.ipcPortPath"));
+		LOG.debug("cryptomator.keychainPath: {}", System.getProperty("cryptomator.keychainPath"));
+		LOG.debug("cryptomator.logDir: {}", System.getProperty("cryptomator.logDir"));
+		LOG.debug("cryptomator.mountPointsDir: {}", System.getProperty("cryptomator.mountPointsDir"));
+		LOG.debug("cryptomator.minPwLength: {}", System.getProperty("cryptomator.minPwLength"));
+		LOG.debug("cryptomator.buildNumber: {}", System.getProperty("cryptomator.buildNumber"));
+	}
+
+	public boolean useCustomLogbackConfig() {
+		return getPath("logback.configurationFile").map(Files::exists).orElse(false);
+	}
+
+	public Stream<Path> getSettingsPath() {
+		return getPaths("cryptomator.settingsPath");
+	}
+
+	public Stream<Path> getIpcPortPath() {
+		return getPaths("cryptomator.ipcPortPath");
+	}
+
+	public Stream<Path> getKeychainPath() {
+		return getPaths("cryptomator.keychainPath");
+	}
+
+	public Optional<Path> getLogDir() {
+		return getPath("cryptomator.logDir").map(this::replaceHomeDir);
+	}
+
+	public Optional<Path> getMountPointsDir() {
+		return getPath("cryptomator.mountPointsDir").map(this::replaceHomeDir);
+	}
+
+	public Optional<String> getBuildNumber() {
+		return Optional.ofNullable(System.getProperty("cryptomator.buildNumber"));
+	}
+
+	public int getMinPwLength() {
+		return getInt("cryptomator.minPwLength", DEFAULT_MIN_PW_LENGTH);
+	}
+
+	private int getInt(String propertyName, int defaultValue) {
+		String value = System.getProperty(propertyName);
+		try {
+			return Integer.parseInt(value);
+		} catch (NumberFormatException e) { // includes "null" values
+			return defaultValue;
+		}
+	}
+
+	private Optional<Path> getPath(String propertyName) {
+		String value = System.getProperty(propertyName);
+		return Optional.ofNullable(value).map(Paths::get);
+	}
+	// visible for testing
+
+	Stream<Path> getPaths(String propertyName) {
+		Stream<String> rawSettingsPaths = getRawList(propertyName, PATH_LIST_SEP);
+		return rawSettingsPaths.filter(Predicate.not(Strings::isNullOrEmpty)).map(Paths::get).map(this::replaceHomeDir);
+	}
+
+	private Path replaceHomeDir(Path path) {
+		if (path.startsWith(RELATIVE_HOME_DIR)) {
+			return ABSOLUTE_HOME_DIR.resolve(RELATIVE_HOME_DIR.relativize(path));
+		} else {
+			return path;
+		}
+	}
+
+	private Stream<String> getRawList(String propertyName, char separator) {
+		String value = System.getProperty(propertyName);
+		if (value == null) {
+			return Stream.empty();
+		} else {
+			Iterable<String> iter = Splitter.on(separator).split(value);
+			Spliterator<String> spliter = Spliterators.spliteratorUnknownSize(iter.iterator(), Spliterator.ORDERED | Spliterator.IMMUTABLE);
+			return StreamSupport.stream(spliter, false);
+		}
+	}
+}

main/commons/src/main/java/org/cryptomator/common/JniModule.java

@@ -0,0 +1,32 @@
+/*******************************************************************************
+ * Copyright (c) 2019 Skymatic GmbH.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the accompanying LICENSE file.
+ *******************************************************************************/
+package org.cryptomator.common;
+
+import dagger.Module;
+import dagger.Provides;
+import org.cryptomator.jni.JniFunctions;
+import org.cryptomator.jni.MacFunctions;
+import org.cryptomator.jni.WinFunctions;
+
+import javax.inject.Singleton;
+import java.util.Optional;
+
+@Module
+public class JniModule {
+
+	@Provides
+	@Singleton
+	Optional<MacFunctions> provideOptionalMacFunctions() {
+		return JniFunctions.macFunctions();
+	}
+
+	@Provides
+	@Singleton
+	Optional<WinFunctions> provideOptionalWinFunctions() {
+		return JniFunctions.winFunctions();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/LicenseChecker.java

@@ -0,0 +1,56 @@
+package org.cryptomator.common;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
+import com.auth0.jwt.exceptions.JWTVerificationException;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import com.auth0.jwt.interfaces.JWTVerifier;
+import com.google.common.io.BaseEncoding;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.inject.Singleton;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Optional;
+
+@Singleton
+class LicenseChecker {
+
+	private final JWTVerifier verifier;
+
+	@Inject
+	public LicenseChecker(@Named("licensePublicKey") String pemEncodedPublicKey) {
+		Algorithm algorithm = Algorithm.ECDSA512(decodePublicKey(pemEncodedPublicKey), null);
+		this.verifier = JWT.require(algorithm).build();
+	}
+
+	private static ECPublicKey decodePublicKey(String pemEncodedPublicKey) {
+		try {
+			byte[] keyBytes = BaseEncoding.base64().decode(pemEncodedPublicKey);
+			PublicKey key = KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(keyBytes));
+			if (key instanceof ECPublicKey) {
+				return (ECPublicKey) key;
+			} else {
+				throw new IllegalStateException("Key not an EC public key.");
+			}
+		} catch (InvalidKeySpecException e) {
+			throw new IllegalArgumentException("Invalid license public key", e);
+		} catch (NoSuchAlgorithmException e) {
+			throw new IllegalStateException(e);
+		}
+	}
+
+	public Optional<DecodedJWT> check(String licenseKey) {
+		try {
+			return Optional.of(verifier.verify(licenseKey));
+		} catch (JWTVerificationException exception) {
+			return Optional.empty();
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/LicenseHolder.java

@@ -0,0 +1,79 @@
+package org.cryptomator.common;
+
+import com.auth0.jwt.interfaces.DecodedJWT;
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.BooleanBinding;
+import javafx.beans.binding.StringBinding;
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.SimpleObjectProperty;
+import org.cryptomator.common.settings.Settings;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import java.util.Optional;
+
+@Singleton
+public class LicenseHolder {
+
+	private final Settings settings;
+	private final LicenseChecker licenseChecker;
+	private final ObjectProperty<DecodedJWT> validJwtClaims;
+	private final StringBinding licenseSubject;
+	private final BooleanBinding validLicenseProperty;
+
+	@Inject
+	public LicenseHolder(LicenseChecker licenseChecker, Settings settings) {
+		this.settings = settings;
+		this.licenseChecker = licenseChecker;
+		this.validJwtClaims = new SimpleObjectProperty<>();
+		this.licenseSubject = Bindings.createStringBinding(this::getLicenseSubject, validJwtClaims);
+		this.validLicenseProperty = validJwtClaims.isNotNull();
+
+		Optional<DecodedJWT> claims = licenseChecker.check(settings.licenseKey().get());
+		validJwtClaims.set(claims.orElse(null));
+	}
+
+	public boolean validateAndStoreLicense(String licenseKey) {
+		Optional<DecodedJWT> claims = licenseChecker.check(licenseKey);
+		validJwtClaims.set(claims.orElse(null));
+		if (claims.isPresent()) {
+			settings.licenseKey().set(licenseKey);
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+	/* Observable Properties */
+
+	public Optional<String> getLicenseKey() {
+		DecodedJWT claims = validJwtClaims.get();
+		if (claims != null) {
+			return Optional.of(claims.getToken());
+		} else {
+			return Optional.empty();
+		}
+	}
+
+	public StringBinding licenseSubjectProperty() {
+		return licenseSubject;
+	}
+
+	public String getLicenseSubject() {
+		DecodedJWT claims = validJwtClaims.get();
+		if (claims != null) {
+			return claims.getSubject();
+		} else {
+			return null;
+		}
+	}
+
+	public BooleanBinding validLicenseProperty() {
+		return validLicenseProperty;
+	}
+
+	public boolean isValidLicense() {
+		return validLicenseProperty.get();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/Optionals.java

@@ -1,28 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2017 Skymatic UG (haftungsbeschränkt).
- * All rights reserved. This program and the accompanying materials
- * are made available under the terms of the accompanying LICENSE file.
- *******************************************************************************/
-package org.cryptomator.common;
-
-import java.util.Optional;
-import java.util.function.Function;
-
-public final class Optionals {
-
-	private Optionals() {
-	}
-
-	/**
-	 * Returns a function that is equivalent to the input function but immediately gets the value of the returned optional when invoked.
-	 * 
-	 * @param <T> the type of the input to the function
-	 * @param <R> the type of the result of the function
-	 * @param function An {@code Optional}-bearing input function {@code Function<Foo, Optional<Bar>>}
-	 * @return A {@code Function<Foo, Bar>}, that may throw a NoSuchElementException, if the original function returns an empty optional.
-	 */
-	public static <T, R> Function<T, R> unwrap(Function<T, Optional<R>> function) {
-		return t -> function.apply(t).get();
-	}
-
-}

main/commons/src/main/java/org/cryptomator/common/ShutdownHook.java

@@ -0,0 +1,96 @@
+/*******************************************************************************
+ * Copyright (c) 2017 Skymatic UG (haftungsbeschränkt).
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the accompanying LICENSE file.
+ *******************************************************************************/
+package org.cryptomator.common;
+
+import com.google.common.util.concurrent.Runnables;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import java.util.Queue;
+import java.util.concurrent.PriorityBlockingQueue;
+
+@Singleton
+public class ShutdownHook extends Thread {
+
+	private static final int PRIO_VERY_LAST = Integer.MIN_VALUE;
+	public static final int PRIO_LAST = PRIO_VERY_LAST + 1;
+	public static final int PRIO_DEFAULT = 0;
+	public static final int PRIO_FIRST = Integer.MAX_VALUE;
+	private static final Logger LOG = LoggerFactory.getLogger(ShutdownHook.class);
+	private static final OrderedTask POISON = new OrderedTask(PRIO_VERY_LAST, Runnables.doNothing());
+	private final Queue<OrderedTask> tasks = new PriorityBlockingQueue<>();
+
+	@Inject
+	ShutdownHook() {
+		super(null, null, "ShutdownTasks", 0);
+		Runtime.getRuntime().addShutdownHook(this);
+		LOG.debug("Registered shutdown hook.");
+	}
+
+	@Override
+	public void run() {
+		LOG.debug("Running graceful shutdown tasks...");
+		tasks.add(POISON);
+		Runnable task;
+		while ((task = tasks.remove()) != POISON) {
+			try {
+				task.run();
+			} catch (RuntimeException e) {
+				LOG.error("Exception while shutting down.", e);
+			}
+		}
+	}
+
+	/**
+	 * Schedules a task to be run during shutdown with default order
+	 *
+	 * @param task The task to be scheduled
+	 */
+	public void runOnShutdown(Runnable task) {
+		runOnShutdown(PRIO_DEFAULT, task);
+	}
+
+	/**
+	 * Schedules a task to be run with the given priority
+	 *
+	 * @param priority Tasks with high priority will be run before task with lower priority
+	 * @param task The task to be scheduled
+	 */
+	public void runOnShutdown(int priority, Runnable task) {
+		tasks.add(new OrderedTask(priority, task));
+	}
+
+	private static class OrderedTask implements Comparable<OrderedTask>, Runnable {
+
+		private final int priority;
+		private final Runnable task;
+
+		public OrderedTask(int priority, Runnable task) {
+			this.priority = priority;
+			this.task = task;
+		}
+
+		@Override
+		public int compareTo(OrderedTask other) {
+			// overflow-safe signum impl:
+			if (this.priority > other.priority) {
+				return -1; // higher prio -> this before other
+			} else if (this.priority < other.priority) {
+				return +1; // lower prio -> other before this
+			} else {
+				return 0; // same prio
+			}
+		}
+
+		@Override
+		public void run() {
+			task.run();
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/settings/Settings.java

@@ -8,8 +8,7 @@
  ******************************************************************************/
 package org.cryptomator.common.settings;
 
-import java.util.function.Consumer;
-
+import javafx.beans.Observable;
 import javafx.beans.property.BooleanProperty;
 import javafx.beans.property.IntegerProperty;
 import javafx.beans.property.ObjectProperty;
@@ -18,29 +17,40 @@ import javafx.beans.property.SimpleIntegerProperty;
 import javafx.beans.property.SimpleObjectProperty;
 import javafx.beans.property.SimpleStringProperty;
 import javafx.beans.property.StringProperty;
-import javafx.beans.value.ObservableValue;
 import javafx.collections.FXCollections;
-import javafx.collections.ListChangeListener;
 import javafx.collections.ObservableList;
+import javafx.geometry.NodeOrientation;
+
+import java.util.function.Consumer;
 
 public class Settings {
 
 	public static final int MIN_PORT = 1024;
 	public static final int MAX_PORT = 65535;
-	public static final boolean DEFAULT_CHECK_FOR_UDPATES = true;
+	public static final boolean DEFAULT_ASKED_FOR_UPDATE_CHECK = false;
+	public static final boolean DEFAULT_CHECK_FOR_UDPATES = false;
+	public static final boolean DEFAULT_START_HIDDEN = false;
 	public static final int DEFAULT_PORT = 42427;
 	public static final int DEFAULT_NUM_TRAY_NOTIFICATIONS = 3;
-	public static final String DEFAULT_GVFS_SCHEME = "dav";
+	public static final WebDavUrlScheme DEFAULT_GVFS_SCHEME = WebDavUrlScheme.DAV;
 	public static final boolean DEFAULT_DEBUG_MODE = false;
-	public static final VolumeImpl DEFAULT_VOLUME_IMPL = VolumeImpl.FUSE;
+	public static final VolumeImpl DEFAULT_PREFERRED_VOLUME_IMPL = System.getProperty("os.name").toLowerCase().contains("windows") ? VolumeImpl.DOKANY : VolumeImpl.FUSE;
+	public static final UiTheme DEFAULT_THEME = UiTheme.LIGHT;
+	public static final NodeOrientation DEFAULT_USER_INTERFACE_ORIENTATION = NodeOrientation.LEFT_TO_RIGHT;
+	private static final String DEFAULT_LICENSE_KEY = "";
 
 	private final ObservableList<VaultSettings> directories = FXCollections.observableArrayList(VaultSettings::observables);
+	private final BooleanProperty askedForUpdateCheck = new SimpleBooleanProperty(DEFAULT_ASKED_FOR_UPDATE_CHECK);
 	private final BooleanProperty checkForUpdates = new SimpleBooleanProperty(DEFAULT_CHECK_FOR_UDPATES);
+	private final BooleanProperty startHidden = new SimpleBooleanProperty(DEFAULT_START_HIDDEN);
 	private final IntegerProperty port = new SimpleIntegerProperty(DEFAULT_PORT);
 	private final IntegerProperty numTrayNotifications = new SimpleIntegerProperty(DEFAULT_NUM_TRAY_NOTIFICATIONS);
-	private final StringProperty preferredGvfsScheme = new SimpleStringProperty(DEFAULT_GVFS_SCHEME);
+	private final ObjectProperty<WebDavUrlScheme> preferredGvfsScheme = new SimpleObjectProperty<>(DEFAULT_GVFS_SCHEME);
 	private final BooleanProperty debugMode = new SimpleBooleanProperty(DEFAULT_DEBUG_MODE);
-	private final ObjectProperty<VolumeImpl> volumeImpl = new SimpleObjectProperty<>(DEFAULT_VOLUME_IMPL);
+	private final ObjectProperty<VolumeImpl> preferredVolumeImpl = new SimpleObjectProperty<>(DEFAULT_PREFERRED_VOLUME_IMPL);
+	private final ObjectProperty<UiTheme> theme = new SimpleObjectProperty<>(DEFAULT_THEME);
+	private final ObjectProperty<NodeOrientation> userInterfaceOrientation = new SimpleObjectProperty<>(DEFAULT_USER_INTERFACE_ORIENTATION);
+	private final StringProperty licenseKey = new SimpleStringProperty(DEFAULT_LICENSE_KEY);
 
 	private Consumer<Settings> saveCmd;
 
@@ -48,20 +58,25 @@ public class Settings {
 	 * Package-private constructor; use {@link SettingsProvider}.
 	 */
 	Settings() {
-		directories.addListener((ListChangeListener.Change<? extends VaultSettings> change) -> this.save());
+		directories.addListener(this::somethingChanged);
+		askedForUpdateCheck.addListener(this::somethingChanged);
 		checkForUpdates.addListener(this::somethingChanged);
+		startHidden.addListener(this::somethingChanged);
 		port.addListener(this::somethingChanged);
 		numTrayNotifications.addListener(this::somethingChanged);
 		preferredGvfsScheme.addListener(this::somethingChanged);
 		debugMode.addListener(this::somethingChanged);
-		volumeImpl.addListener(this::somethingChanged);
+		preferredVolumeImpl.addListener(this::somethingChanged);
+		theme.addListener(this::somethingChanged);
+		userInterfaceOrientation.addListener(this::somethingChanged);
+		licenseKey.addListener(this::somethingChanged);
 	}
 
 	void setSaveCmd(Consumer<Settings> saveCmd) {
 		this.saveCmd = saveCmd;
 	}
-
-	private void somethingChanged(ObservableValue<?> observable, Object oldValue, Object newValue) {
+	
+	private void somethingChanged(@SuppressWarnings("unused") Observable observable) {
 		this.save();
 	}
 
@@ -77,9 +92,17 @@ public class Settings {
 		return directories;
 	}
 
+	public BooleanProperty askedForUpdateCheck() {
+		return askedForUpdateCheck;
+	}
+
 	public BooleanProperty checkForUpdates() {
 		return checkForUpdates;
 	}
+	
+	public BooleanProperty startHidden() {
+		return startHidden;
+	}
 
 	public IntegerProperty port() {
 		return port;
@@ -89,7 +112,7 @@ public class Settings {
 		return numTrayNotifications;
 	}
 
-	public StringProperty preferredGvfsScheme() {
+	public ObjectProperty<WebDavUrlScheme> preferredGvfsScheme() {
 		return preferredGvfsScheme;
 	}
 
@@ -97,8 +120,19 @@ public class Settings {
 		return debugMode;
 	}
 
-	public ObjectProperty<VolumeImpl> volumeImpl() {
-		return volumeImpl;
+	public ObjectProperty<VolumeImpl> preferredVolumeImpl() {
+		return preferredVolumeImpl;
 	}
 
+	public ObjectProperty<UiTheme> theme() {
+		return theme;
+	}
+
+	public ObjectProperty<NodeOrientation> userInterfaceOrientation() {
+		return userInterfaceOrientation;
+	}
+
+	public StringProperty licenseKey() {
+		return licenseKey;
+	}
 }

main/commons/src/main/java/org/cryptomator/common/settings/SettingsJsonAdapter.java

@@ -5,17 +5,17 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import com.google.gson.TypeAdapter;
 import com.google.gson.stream.JsonReader;
 import com.google.gson.stream.JsonToken;
 import com.google.gson.stream.JsonWriter;
+import javafx.geometry.NodeOrientation;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
 
 public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 
@@ -28,12 +28,17 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 		out.beginObject();
 		out.name("directories");
 		writeVaultSettingsArray(out, value.getDirectories());
+		out.name("askedForUpdateCheck").value(value.askedForUpdateCheck().get());
 		out.name("checkForUpdatesEnabled").value(value.checkForUpdates().get());
+		out.name("startHidden").value(value.startHidden().get());
 		out.name("port").value(value.port().get());
 		out.name("numTrayNotifications").value(value.numTrayNotifications().get());
-		out.name("preferredGvfsScheme").value(value.preferredGvfsScheme().get());
+		out.name("preferredGvfsScheme").value(value.preferredGvfsScheme().get().name());
 		out.name("debugMode").value(value.debugMode().get());
-		out.name("volumeImpl").value(value.volumeImpl().get().name());
+		out.name("preferredVolumeImpl").value(value.preferredVolumeImpl().get().name());
+		out.name("theme").value(value.theme().get().name());
+		out.name("uiOrientation").value(value.userInterfaceOrientation().get().name());
+		out.name("licenseKey").value(value.licenseKey().get());
 		out.endObject();
 	}
 
@@ -56,9 +61,15 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 				case "directories":
 					settings.getDirectories().addAll(readVaultSettingsArray(in));
 					break;
+				case "askedForUpdateCheck":
+					settings.askedForUpdateCheck().set(in.nextBoolean());
+					break;
 				case "checkForUpdatesEnabled":
 					settings.checkForUpdates().set(in.nextBoolean());
 					break;
+				case "startHidden":
+					settings.startHidden().set(in.nextBoolean());
+					break;
 				case "port":
 					settings.port().set(in.nextInt());
 					break;
@@ -66,17 +77,27 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 					settings.numTrayNotifications().set(in.nextInt());
 					break;
 				case "preferredGvfsScheme":
-					settings.preferredGvfsScheme().set(in.nextString());
+					settings.preferredGvfsScheme().set(parseWebDavUrlSchemePrefix(in.nextString()));
 					break;
 				case "debugMode":
 					settings.debugMode().set(in.nextBoolean());
 					break;
-				case "volumeImpl":
-					settings.volumeImpl().set(parseNioAdapterName(in.nextString()));
+				case "preferredVolumeImpl":
+					settings.preferredVolumeImpl().set(parsePreferredVolumeImplName(in.nextString()));
+					break;
+				case "theme":
+					settings.theme().set(parseUiTheme(in.nextString()));
+					break;
+				case "uiOrientation":
+					settings.userInterfaceOrientation().set(parseUiOrientation(in.nextString()));
+					break;
+				case "licenseKey":
+					settings.licenseKey().set(in.nextString());
 					break;
 				default:
 					LOG.warn("Unsupported vault setting found in JSON: " + name);
 					in.skipValue();
+					break;
 			}
 		}
 		in.endObject();
@@ -84,11 +105,39 @@ public class SettingsJsonAdapter extends TypeAdapter<Settings> {
 		return settings;
 	}
 
-	private VolumeImpl parseNioAdapterName(String nioAdapterName) {
+	private VolumeImpl parsePreferredVolumeImplName(String nioAdapterName) {
 		try {
-			return VolumeImpl.valueOf(nioAdapterName);
+			return VolumeImpl.valueOf(nioAdapterName.toUpperCase());
 		} catch (IllegalArgumentException e) {
-			return Settings.DEFAULT_VOLUME_IMPL;
+			LOG.warn("Invalid volume type {}. Defaulting to {}.", nioAdapterName, Settings.DEFAULT_PREFERRED_VOLUME_IMPL);
+			return Settings.DEFAULT_PREFERRED_VOLUME_IMPL;
+		}
+	}
+
+	private WebDavUrlScheme parseWebDavUrlSchemePrefix(String webDavUrlSchemeName) {
+		try {
+			return WebDavUrlScheme.valueOf(webDavUrlSchemeName.toUpperCase());
+		} catch (IllegalArgumentException e) {
+			LOG.warn("Invalid WebDAV url scheme {}. Defaulting to {}.", webDavUrlSchemeName, Settings.DEFAULT_GVFS_SCHEME);
+			return Settings.DEFAULT_GVFS_SCHEME;
+		}
+	}
+
+	private UiTheme parseUiTheme(String uiThemeName) {
+		try {
+			return UiTheme.valueOf(uiThemeName.toUpperCase());
+		} catch (IllegalArgumentException e) {
+			LOG.warn("Invalid ui theme {}. Defaulting to {}.", uiThemeName, Settings.DEFAULT_THEME);
+			return Settings.DEFAULT_THEME;
+		}
+	}
+
+	private NodeOrientation parseUiOrientation(String uiOrientationName) {
+		try {
+			return NodeOrientation.valueOf(uiOrientationName.toUpperCase());
+		} catch (IllegalArgumentException e) {
+			LOG.warn("Invalid ui orientation {}. Defaulting to {}.", uiOrientationName, Settings.DEFAULT_USER_INTERFACE_ORIENTATION);
+			return Settings.DEFAULT_USER_INTERFACE_ORIENTATION;
 		}
 	}
 

main/commons/src/main/java/org/cryptomator/common/settings/SettingsProvider.java

@@ -8,6 +8,16 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonParseException;
+import org.cryptomator.common.Environment;
+import org.cryptomator.common.LazyInitializer;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
@@ -16,123 +26,99 @@ import java.io.OutputStreamWriter;
 import java.io.Reader;
 import java.io.Writer;
 import java.nio.charset.StandardCharsets;
-import java.nio.file.FileSystem;
-import java.nio.file.FileSystems;
 import java.nio.file.Files;
+import java.nio.file.NoSuchFileException;
 import java.nio.file.Path;
+import java.nio.file.StandardCopyOption;
 import java.nio.file.StandardOpenOption;
 import java.util.Optional;
-import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.ScheduledFuture;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicReference;
-
-import javax.inject.Inject;
-import javax.inject.Provider;
-import javax.inject.Singleton;
-
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.lang3.SystemUtils;
-import org.cryptomator.common.LazyInitializer;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.gson.Gson;
-import com.google.gson.GsonBuilder;
+import java.util.function.Supplier;
+import java.util.stream.Stream;
 
 @Singleton
-public class SettingsProvider implements Provider<Settings> {
+public class SettingsProvider implements Supplier<Settings> {
 
 	private static final Logger LOG = LoggerFactory.getLogger(SettingsProvider.class);
-	private static final Path DEFAULT_SETTINGS_PATH;
 	private static final long SAVE_DELAY_MS = 1000;
 
-	static {
-		final FileSystem fs = FileSystems.getDefault();
-		if (SystemUtils.IS_OS_WINDOWS) {
-			DEFAULT_SETTINGS_PATH = fs.getPath(SystemUtils.USER_HOME, "AppData/Roaming/Cryptomator/settings.json");
-		} else if (SystemUtils.IS_OS_MAC_OSX) {
-			DEFAULT_SETTINGS_PATH = fs.getPath(SystemUtils.USER_HOME, "Library/Application Support/Cryptomator/settings.json");
-		} else {
-			DEFAULT_SETTINGS_PATH = fs.getPath(SystemUtils.USER_HOME, ".Cryptomator/settings.json");
-		}
-	}
-
-	private final ScheduledExecutorService saveScheduler = Executors.newSingleThreadScheduledExecutor();
 	private final AtomicReference<ScheduledFuture<?>> scheduledSaveCmd = new AtomicReference<>();
 	private final AtomicReference<Settings> settings = new AtomicReference<>();
 	private final SettingsJsonAdapter settingsJsonAdapter = new SettingsJsonAdapter();
+	private final Environment env;
+	private final ScheduledExecutorService scheduler;
 	private final Gson gson;
 
 	@Inject
-	public SettingsProvider() {
+	public SettingsProvider(Environment env, ScheduledExecutorService scheduler) {
+		this.env = env;
+		this.scheduler = scheduler;
 		this.gson = new GsonBuilder() //
 				.setPrettyPrinting().setLenient().disableHtmlEscaping() //
 				.registerTypeAdapter(Settings.class, settingsJsonAdapter) //
 				.create();
 	}
 
-	private Path getSettingsPath() {
-		final String settingsPathProperty = System.getProperty("cryptomator.settingsPath");
-		return Optional.ofNullable(settingsPathProperty).filter(StringUtils::isNotBlank).map(this::replaceHomeDir).map(FileSystems.getDefault()::getPath).orElse(DEFAULT_SETTINGS_PATH);
-	}
-
-	private String replaceHomeDir(String path) {
-		if (path.startsWith("~/")) {
-			return SystemUtils.USER_HOME + path.substring(1);
-		} else {
-			return path;
-		}
-	}
-
 	@Override
 	public Settings get() {
 		return LazyInitializer.initializeLazily(settings, this::load);
 	}
 
 	private Settings load() {
-		Settings settings;
-		final Path settingsPath = getSettingsPath();
-		try (InputStream in = Files.newInputStream(settingsPath, StandardOpenOption.READ); //
-				Reader reader = new InputStreamReader(in, StandardCharsets.UTF_8)) {
-			settings = gson.fromJson(reader, Settings.class);
+		Settings settings = env.getSettingsPath().flatMap(this::tryLoad).findFirst().orElse(new Settings());
+		settings.setSaveCmd(this::scheduleSave);
+		return settings;
+	}
+
+	private Stream<Settings> tryLoad(Path path) {
+		LOG.debug("Attempting to load settings from {}", path);
+		try (InputStream in = Files.newInputStream(path, StandardOpenOption.READ); //
+			 Reader reader = new InputStreamReader(in, StandardCharsets.UTF_8)) {
+			Settings settings = gson.fromJson(reader, Settings.class);
 			if (settings == null) {
 				throw new IOException("Unexpected EOF");
 			}
-			LOG.info("Settings loaded from " + settingsPath);
+			LOG.info("Settings loaded from {}", path);
+			return Stream.of(settings);
+		} catch (NoSuchFileException e) {
+			return Stream.empty();
 		} catch (IOException e) {
-			LOG.info("Failed to load settings, creating new one.");
-			settings = new Settings();
+			LOG.warn("Exception while loading settings from " + path, e);
+			return Stream.empty();
 		}
-		settings.setSaveCmd(this::scheduleSave);
-		return settings;
 	}
 
 	private void scheduleSave(Settings settings) {
 		if (settings == null) {
 			return;
 		}
-		ScheduledFuture<?> saveCmd = saveScheduler.schedule(() -> {
-			this.save(settings);
-		}, SAVE_DELAY_MS, TimeUnit.MILLISECONDS);
-		ScheduledFuture<?> previousSaveCmd = scheduledSaveCmd.getAndSet(saveCmd);
-		if (previousSaveCmd != null) {
-			previousSaveCmd.cancel(false);
-		}
+		final Optional<Path> settingsPath = env.getSettingsPath().findFirst(); // alway save to preferred (first) path
+		settingsPath.ifPresent(path -> {
+			Runnable saveCommand = () -> this.save(settings, path);
+			ScheduledFuture<?> scheduledTask = scheduler.schedule(saveCommand, SAVE_DELAY_MS, TimeUnit.MILLISECONDS);
+			ScheduledFuture<?> previouslyScheduledTask = scheduledSaveCmd.getAndSet(scheduledTask);
+			if (previouslyScheduledTask != null) {
+				previouslyScheduledTask.cancel(false);
+			}
+		});
 	}
 
-	private void save(Settings settings) {
+	private void save(Settings settings, Path settingsPath) {
 		assert settings != null : "method should only be invoked by #scheduleSave, which checks for null";
-		final Path settingsPath = getSettingsPath();
+		LOG.debug("Attempting to save settings to {}", settingsPath);
 		try {
 			Files.createDirectories(settingsPath.getParent());
-			try (OutputStream out = Files.newOutputStream(settingsPath, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING); //
-					Writer writer = new OutputStreamWriter(out, StandardCharsets.UTF_8)) {
+			Path tmpPath = settingsPath.resolveSibling(settingsPath.getFileName().toString() + ".tmp");
+			try (OutputStream out = Files.newOutputStream(tmpPath, StandardOpenOption.CREATE_NEW); //
+				 Writer writer = new OutputStreamWriter(out, StandardCharsets.UTF_8)) {
 				gson.toJson(settings, writer);
-				LOG.info("Settings saved to " + settingsPath);
 			}
-		} catch (IOException e) {
+			Files.move(tmpPath, settingsPath, StandardCopyOption.REPLACE_EXISTING);
+			LOG.info("Settings saved to {}", settingsPath);
+		} catch (IOException | JsonParseException e) {
 			LOG.error("Failed to save settings.", e);
 		}
 	}

main/commons/src/main/java/org/cryptomator/common/settings/UiTheme.java

@@ -0,0 +1,18 @@
+package org.cryptomator.common.settings;
+
+public enum UiTheme {
+	LIGHT("Light"),
+	DARK("Dark");
+	// CUSTOM("Custom (%s)");
+
+	private String displayName;
+
+	UiTheme(String displayName) {
+		this.displayName = displayName;
+	}
+
+	public String getDisplayName() {
+		return displayName;
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/settings/VaultSettings.java

@@ -5,16 +5,8 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
-import java.nio.ByteBuffer;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.Path;
-import java.util.Base64;
-import java.util.Objects;
-import java.util.UUID;
-
-import org.apache.commons.lang3.StringUtils;
-import org.fxmisc.easybind.EasyBind;
-
+import com.google.common.base.Strings;
+import com.google.common.io.BaseEncoding;
 import javafx.beans.Observable;
 import javafx.beans.property.BooleanProperty;
 import javafx.beans.property.ObjectProperty;
@@ -22,23 +14,43 @@ import javafx.beans.property.SimpleBooleanProperty;
 import javafx.beans.property.SimpleObjectProperty;
 import javafx.beans.property.SimpleStringProperty;
 import javafx.beans.property.StringProperty;
+import org.apache.commons.lang3.StringUtils;
+import org.fxmisc.easybind.EasyBind;
 
+import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Path;
+import java.util.Base64;
+import java.util.List;
+import java.util.Objects;
+import java.util.Optional;
+import java.util.Random;
+import java.util.UUID;
+
+/**
+ * The settings specific to a single vault.
+ * TODO: Change the name of individualMountPath and its derivatives to customMountPath
+ */
 public class VaultSettings {
 
 	public static final boolean DEFAULT_UNLOCK_AFTER_STARTUP = false;
-	public static final boolean DEFAULT_MOUNT_AFTER_UNLOCK = true;
 	public static final boolean DEFAULT_REAVEAL_AFTER_MOUNT = true;
 	public static final boolean DEFAULT_USES_INDIVIDUAL_MOUNTPATH = false;
+	public static final boolean DEFAULT_USES_READONLY_MODE = false;
+	public static final String DEFAULT_MOUNT_FLAGS = "";
+	
+	private static final Random RNG = new Random(); 
 
 	private final String id;
-	private final ObjectProperty<Path> path = new SimpleObjectProperty<>();
+	private final ObjectProperty<Path> path = new SimpleObjectProperty();
 	private final StringProperty mountName = new SimpleStringProperty();
 	private final StringProperty winDriveLetter = new SimpleStringProperty();
 	private final BooleanProperty unlockAfterStartup = new SimpleBooleanProperty(DEFAULT_UNLOCK_AFTER_STARTUP);
-	private final BooleanProperty mountAfterUnlock = new SimpleBooleanProperty(DEFAULT_MOUNT_AFTER_UNLOCK);
 	private final BooleanProperty revealAfterMount = new SimpleBooleanProperty(DEFAULT_REAVEAL_AFTER_MOUNT);
 	private final BooleanProperty usesIndividualMountPath = new SimpleBooleanProperty(DEFAULT_USES_INDIVIDUAL_MOUNTPATH);
 	private final StringProperty individualMountPath = new SimpleStringProperty();
+	private final BooleanProperty usesReadOnlyMode = new SimpleBooleanProperty(DEFAULT_USES_READONLY_MODE);
+	private final StringProperty mountFlags = new SimpleStringProperty(DEFAULT_MOUNT_FLAGS);
 
 	public VaultSettings(String id) {
 		this.id = Objects.requireNonNull(id);
@@ -47,7 +59,7 @@ public class VaultSettings {
 	}
 
 	Observable[] observables() {
-		return new Observable[]{path, mountName, winDriveLetter, unlockAfterStartup, mountAfterUnlock, revealAfterMount, usesIndividualMountPath, individualMountPath};
+		return new Observable[]{path, mountName, winDriveLetter, unlockAfterStartup, revealAfterMount, usesIndividualMountPath, individualMountPath, usesReadOnlyMode, mountFlags};
 	}
 
 	private void deriveMountNameFromPath(Path path) {
@@ -61,20 +73,9 @@ public class VaultSettings {
 	}
 
 	private static String generateId() {
-		return asBase64String(nineBytesFrom(UUID.randomUUID()));
-	}
-
-	private static String asBase64String(byte[] bytes) {
-		byte[] base64Bytes = Base64.getUrlEncoder().encode(bytes);
-		return new String(base64Bytes, StandardCharsets.US_ASCII);
-	}
-
-	private static byte[] nineBytesFrom(UUID uuid) {
-		ByteBuffer uuidBuffer = ByteBuffer.allocate(9);
-		uuidBuffer.putLong(uuid.getMostSignificantBits());
-		uuidBuffer.put((byte) (uuid.getLeastSignificantBits() & 0xFF));
-		uuidBuffer.flip();
-		return uuidBuffer.array();
+		byte[] randomBytes = new byte[9];
+		RNG.nextBytes(randomBytes);
+		return BaseEncoding.base64Url().encode(randomBytes);
 	}
 
 	public static String normalizeMountName(String mountName) {
@@ -118,10 +119,6 @@ public class VaultSettings {
 		return unlockAfterStartup;
 	}
 
-	public BooleanProperty mountAfterUnlock() {
-		return mountAfterUnlock;
-	}
-
 	public BooleanProperty revealAfterMount() {
 		return revealAfterMount;
 	}
@@ -134,6 +131,22 @@ public class VaultSettings {
 		return individualMountPath;
 	}
 
+	public Optional<String> getIndividualMountPath() {
+		if (usesIndividualMountPath.get()) {
+			return Optional.ofNullable(Strings.emptyToNull(individualMountPath.get()));
+		} else {
+			return Optional.empty();
+		}
+	}
+
+	public BooleanProperty usesReadOnlyMode() {
+		return usesReadOnlyMode;
+	}
+
+	public StringProperty mountFlags() {
+		return mountFlags;
+	}
+
 	/* Hashcode/Equals */
 
 	@Override

main/commons/src/main/java/org/cryptomator/common/settings/VaultSettingsJsonAdapter.java

@@ -5,14 +5,13 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
-import java.io.IOException;
-import java.nio.file.Paths;
-
+import com.google.gson.stream.JsonReader;
+import com.google.gson.stream.JsonWriter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.google.gson.stream.JsonReader;
-import com.google.gson.stream.JsonWriter;
+import java.io.IOException;
+import java.nio.file.Paths;
 
 class VaultSettingsJsonAdapter {
 
@@ -25,11 +24,11 @@ class VaultSettingsJsonAdapter {
 		out.name("mountName").value(value.mountName().get());
 		out.name("winDriveLetter").value(value.winDriveLetter().get());
 		out.name("unlockAfterStartup").value(value.unlockAfterStartup().get());
-		out.name("mountAfterUnlock").value(value.mountAfterUnlock().get());
 		out.name("revealAfterMount").value(value.revealAfterMount().get());
 		out.name("usesIndividualMountPath").value(value.usesIndividualMountPath().get());
-		//TODO: should this always be written? ( because it could contain metadata, which the user does not want to save!)
 		out.name("individualMountPath").value(value.individualMountPath().get());
+		out.name("usesReadOnlyMode").value(value.usesReadOnlyMode().get());
+		out.name("mountFlags").value(value.mountFlags().get());
 		out.endObject();
 	}
 
@@ -40,9 +39,10 @@ class VaultSettingsJsonAdapter {
 		String individualMountPath = null;
 		String winDriveLetter = null;
 		boolean unlockAfterStartup = VaultSettings.DEFAULT_UNLOCK_AFTER_STARTUP;
-		boolean mountAfterUnlock = VaultSettings.DEFAULT_MOUNT_AFTER_UNLOCK;
 		boolean revealAfterMount = VaultSettings.DEFAULT_REAVEAL_AFTER_MOUNT;
 		boolean usesIndividualMountPath = VaultSettings.DEFAULT_USES_INDIVIDUAL_MOUNTPATH;
+		boolean usesReadOnlyMode = VaultSettings.DEFAULT_USES_READONLY_MODE;
+		String mountFlags = VaultSettings.DEFAULT_MOUNT_FLAGS;
 
 		in.beginObject();
 		while (in.hasNext()) {
@@ -63,9 +63,6 @@ class VaultSettingsJsonAdapter {
 				case "unlockAfterStartup":
 					unlockAfterStartup = in.nextBoolean();
 					break;
-				case "mountAfterUnlock":
-					mountAfterUnlock = in.nextBoolean();
-					break;
 				case "revealAfterMount":
 					revealAfterMount = in.nextBoolean();
 					break;
@@ -75,9 +72,16 @@ class VaultSettingsJsonAdapter {
 				case "individualMountPath":
 					individualMountPath = in.nextString();
 					break;
+				case "usesReadOnlyMode":
+					usesReadOnlyMode = in.nextBoolean();
+					break;
+				case "mountFlags":
+					mountFlags = in.nextString();
+					break;
 				default:
 					LOG.warn("Unsupported vault setting found in JSON: " + name);
 					in.skipValue();
+					break;
 			}
 		}
 		in.endObject();
@@ -87,10 +91,11 @@ class VaultSettingsJsonAdapter {
 		vaultSettings.path().set(Paths.get(path));
 		vaultSettings.winDriveLetter().set(winDriveLetter);
 		vaultSettings.unlockAfterStartup().set(unlockAfterStartup);
-		vaultSettings.mountAfterUnlock().set(mountAfterUnlock);
 		vaultSettings.revealAfterMount().set(revealAfterMount);
 		vaultSettings.usesIndividualMountPath().set(usesIndividualMountPath);
 		vaultSettings.individualMountPath().set(individualMountPath);
+		vaultSettings.usesReadOnlyMode().set(usesReadOnlyMode);
+		vaultSettings.mountFlags().set(mountFlags);
 		return vaultSettings;
 	}
 

main/commons/src/main/java/org/cryptomator/common/settings/VolumeImpl.java

@@ -4,7 +4,8 @@ import java.util.Arrays;
 
 public enum VolumeImpl {
 	WEBDAV("WebDAV"),
-	FUSE("FUSE");
+	FUSE("FUSE"),
+	DOKANY("Dokany");
 
 	private String displayName;
 

main/commons/src/main/java/org/cryptomator/common/settings/WebDavUrlScheme.java

@@ -0,0 +1,37 @@
+package org.cryptomator.common.settings;
+
+import java.util.Arrays;
+
+public enum WebDavUrlScheme {
+	DAV("dav", "dav:// (Gnome, Nautilus, ...)"),
+	WEBDAV("webdav", "webdav:// (KDE, Dolphin, ...)");
+
+	private final String prefix;
+	private final String displayName;
+
+	WebDavUrlScheme(String prefix, String displayName) {this.prefix = prefix;
+		this.displayName = displayName;
+	}
+
+	public String getPrefix() {
+		return prefix;
+	}
+
+	public String getDisplayName() {
+		return displayName;
+	}
+
+	/**
+	 * Finds a WebDavUrlScheme by prefix.
+	 *
+	 * @param prefix Prefix of the WebDavUrlScheme
+	 * @return WebDavUrlScheme with the given <code>prefix</code>.
+	 * @throws IllegalArgumentException if not WebDavUrlScheme with the given <code>prefix</code> was found.
+	 */
+	public static WebDavUrlScheme forPrefix(String prefix) throws IllegalArgumentException {
+		return Arrays.stream(values()) //
+				.filter(impl -> impl.prefix.equals(prefix)) //
+				.findAny() //
+				.orElseThrow(IllegalArgumentException::new);
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/DefaultMountFlags.java

@@ -0,0 +1,13 @@
+package org.cryptomator.common.vaults;
+
+import javax.inject.Qualifier;
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+@Qualifier
+@Documented
+@Retention(RUNTIME)
+public @interface DefaultMountFlags {
+}

main/commons/src/main/java/org/cryptomator/common/vaults/DokanyVolume.java

@@ -0,0 +1,112 @@
+package org.cryptomator.common.vaults;
+
+import com.google.common.base.Strings;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.cryptofs.CryptoFileSystem;
+import org.cryptomator.frontend.dokany.Mount;
+import org.cryptomator.frontend.dokany.MountFactory;
+import org.cryptomator.frontend.dokany.MountFailedException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.nio.file.DirectoryNotEmptyException;
+import java.nio.file.DirectoryStream;
+import java.nio.file.Files;
+import java.nio.file.NotDirectoryException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.Optional;
+import java.util.concurrent.ExecutorService;
+
+public class DokanyVolume implements Volume {
+
+	private static final Logger LOG = LoggerFactory.getLogger(DokanyVolume.class);
+
+	private static final String FS_TYPE_NAME = "Cryptomator File System";
+
+	private final VaultSettings vaultSettings;
+	private final MountFactory mountFactory;
+	private final WindowsDriveLetters windowsDriveLetters;
+	private Mount mount;
+	private Path mountPoint;
+
+	@Inject
+	public DokanyVolume(VaultSettings vaultSettings, ExecutorService executorService, WindowsDriveLetters windowsDriveLetters) {
+		this.vaultSettings = vaultSettings;
+		this.mountFactory = new MountFactory(executorService);
+		this.windowsDriveLetters = windowsDriveLetters;
+	}
+
+	@Override
+	public boolean isSupported() {
+		return DokanyVolume.isSupportedStatic();
+	}
+
+	@Override
+	public void mount(CryptoFileSystem fs, String mountFlags) throws VolumeException, IOException {
+		this.mountPoint = determineMountPoint();
+		String mountName = vaultSettings.mountName().get();
+		try {
+			this.mount = mountFactory.mount(fs.getPath("/"), mountPoint, mountName, FS_TYPE_NAME, mountFlags.strip());
+		} catch (MountFailedException e) {
+			if (vaultSettings.getIndividualMountPath().isPresent()) {
+				LOG.warn("Failed to mount vault into {}. Is this directory currently accessed by another process (e.g. Windows Explorer)?", mountPoint);
+			}
+			throw new VolumeException("Unable to mount Filesystem", e);
+		}
+	}
+
+	private Path determineMountPoint() throws VolumeException, IOException {
+		Optional<String> optionalCustomMountPoint = vaultSettings.getIndividualMountPath();
+		if (optionalCustomMountPoint.isPresent()) {
+			Path customMountPoint = Paths.get(optionalCustomMountPoint.get());
+			checkProvidedMountPoint(customMountPoint);
+			return customMountPoint;
+		} else if (!Strings.isNullOrEmpty(vaultSettings.winDriveLetter().get())) {
+			return Path.of(vaultSettings.winDriveLetter().get().charAt(0) + ":\\");
+		} else {
+			//auto assign drive letter
+			if (!windowsDriveLetters.getAvailableDriveLetters().isEmpty()) {
+				return Path.of(windowsDriveLetters.getAvailableDriveLetters().iterator().next() + ":\\");
+			} else {
+				//TODO: Error Handling
+				throw new VolumeException("No free drive letter available.");
+			}
+		}
+	}
+
+	private void checkProvidedMountPoint(Path mountPoint) throws IOException {
+		if (!Files.isDirectory(mountPoint)) {
+			throw new NotDirectoryException(mountPoint.toString());
+		}
+		try (DirectoryStream<Path> ds = Files.newDirectoryStream(mountPoint)) {
+			if (ds.iterator().hasNext()) {
+				throw new DirectoryNotEmptyException(mountPoint.toString());
+			}
+		}
+	}
+
+	@Override
+	public void reveal() throws VolumeException {
+		boolean success = mount.reveal();
+		if (!success) {
+			throw new VolumeException("Reveal failed.");
+		}
+	}
+
+	@Override
+	public void unmount() {
+		mount.close();
+	}
+
+	@Override
+	public Optional<Path> getMountPoint() {
+		return Optional.ofNullable(mountPoint);
+	}
+
+	public static boolean isSupportedStatic() {
+		return MountFactory.isApplicable();
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/FuseVolume.java

@@ -0,0 +1,177 @@
+package org.cryptomator.common.vaults;
+
+import com.google.common.base.Splitter;
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.Environment;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.cryptofs.CryptoFileSystem;
+import org.cryptomator.frontend.fuse.mount.CommandFailedException;
+import org.cryptomator.frontend.fuse.mount.EnvironmentVariables;
+import org.cryptomator.frontend.fuse.mount.FuseMountFactory;
+import org.cryptomator.frontend.fuse.mount.FuseNotSupportedException;
+import org.cryptomator.frontend.fuse.mount.Mount;
+import org.cryptomator.frontend.fuse.mount.Mounter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import java.io.IOException;
+import java.nio.file.DirectoryNotEmptyException;
+import java.nio.file.DirectoryStream;
+import java.nio.file.Files;
+import java.nio.file.NotDirectoryException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.Optional;
+
+public class FuseVolume implements Volume {
+
+	private static final Logger LOG = LoggerFactory.getLogger(FuseVolume.class);
+	private static final int MAX_TMPMOUNTPOINT_CREATION_RETRIES = 10;
+	private static final boolean IS_MAC = System.getProperty("os.name").toLowerCase().contains("mac");
+
+	private final VaultSettings vaultSettings;
+	private final Environment environment;
+
+	private Mount fuseMnt;
+	private Path mountPoint;
+	private boolean createdTemporaryMountPoint;
+
+	@Inject
+	public FuseVolume(VaultSettings vaultSettings, Environment environment) {
+		this.vaultSettings = vaultSettings;
+		this.environment = environment;
+	}
+
+	@Override
+	public void mount(CryptoFileSystem fs, String mountFlags) throws IOException, FuseNotSupportedException, VolumeException {
+		Optional<String> optionalCustomMountPoint = vaultSettings.getIndividualMountPath();
+		if (optionalCustomMountPoint.isPresent()) {
+			Path customMountPoint = Paths.get(optionalCustomMountPoint.get());
+			checkProvidedMountPoint(customMountPoint);
+			this.mountPoint = customMountPoint;
+			LOG.debug("Successfully checked custom mount point: {}", mountPoint);
+		} else {
+			this.mountPoint = prepareTemporaryMountPoint();
+			LOG.debug("Successfully created mount point: {}", mountPoint);
+		}
+		mount(fs.getPath("/"), mountFlags);
+	}
+
+	private void checkProvidedMountPoint(Path mountPoint) throws IOException {
+		if (!Files.isDirectory(mountPoint)) {
+			throw new NotDirectoryException(mountPoint.toString());
+		}
+		try (DirectoryStream<Path> ds = Files.newDirectoryStream(mountPoint)) {
+			if (ds.iterator().hasNext()) {
+				throw new DirectoryNotEmptyException(mountPoint.toString());
+			}
+		}
+	}
+
+	private Path prepareTemporaryMountPoint() throws IOException, VolumeException {
+		Path mountPoint = chooseNonExistingTemporaryMountPoint();
+		// https://github.com/osxfuse/osxfuse/issues/306#issuecomment-245114592:
+		// In order to allow non-admin users to mount FUSE volumes in `/Volumes`,
+		// starting with version 3.5.0, FUSE will create non-existent mount points automatically.
+		if (IS_MAC && mountPoint.getParent().equals(Paths.get("/Volumes"))) {
+			return mountPoint;
+		} else {
+			Files.createDirectories(mountPoint);
+			this.createdTemporaryMountPoint = true;
+			return mountPoint;
+		}
+	}
+
+	private Path chooseNonExistingTemporaryMountPoint() throws VolumeException {
+		Path parent = environment.getMountPointsDir().orElseThrow();
+		String basename = vaultSettings.getId();
+		for (int i = 0; i < MAX_TMPMOUNTPOINT_CREATION_RETRIES; i++) {
+			Path mountPoint = parent.resolve(basename + "_" + i);
+			if (Files.notExists(mountPoint)) {
+				return mountPoint;
+			}
+		}
+		LOG.error("Failed to find feasible mountpoint at {}/{}_x. Giving up after {} attempts.", parent, basename, MAX_TMPMOUNTPOINT_CREATION_RETRIES);
+		throw new VolumeException("Did not find feasible mount point.");
+	}
+
+	private void mount(Path root, String mountFlags) throws VolumeException {
+		try {
+			Mounter mounter = FuseMountFactory.getMounter();
+			EnvironmentVariables envVars = EnvironmentVariables.create() //
+					.withFlags(splitFlags(mountFlags)).withMountPoint(mountPoint) //
+					.build();
+			this.fuseMnt = mounter.mount(root, envVars);
+		} catch (CommandFailedException e) {
+			throw new VolumeException("Unable to mount Filesystem", e);
+		}
+	}
+
+	private String[] splitFlags(String str) {
+		return Splitter.on(' ').splitToList(str).toArray(String[]::new);
+	}
+
+	@Override
+	public void reveal() throws VolumeException {
+		try {
+			fuseMnt.revealInFileManager();
+		} catch (CommandFailedException e) {
+			LOG.debug("Revealing the vault in file manger failed: " + e.getMessage());
+			throw new VolumeException(e);
+		}
+	}
+
+	@Override
+	public boolean supportsForcedUnmount() {
+		return true;
+	}
+
+	@Override
+	public synchronized void unmountForced() throws VolumeException {
+		try {
+			fuseMnt.unmountForced();
+			fuseMnt.close();
+		} catch (CommandFailedException e) {
+			throw new VolumeException(e);
+		}
+		cleanupTemporaryMountPoint();
+	}
+
+	@Override
+	public synchronized void unmount() throws VolumeException {
+		try {
+			fuseMnt.unmount();
+			fuseMnt.close();
+		} catch (CommandFailedException e) {
+			throw new VolumeException(e);
+		}
+		cleanupTemporaryMountPoint();
+	}
+
+	private void cleanupTemporaryMountPoint() {
+		if (createdTemporaryMountPoint) {
+			try {
+				Files.delete(mountPoint);
+				LOG.debug("Successfully deleted mount point: {}", mountPoint);
+			} catch (IOException e) {
+				LOG.warn("Could not delete mount point: {}", e.getMessage());
+			}
+		}
+	}
+
+	@Override
+	public boolean isSupported() {
+		return FuseVolume.isSupportedStatic();
+	}
+
+	@Override
+	public Optional<Path> getMountPoint() {
+		return Optional.ofNullable(mountPoint);
+	}
+
+	public static boolean isSupportedStatic() {
+		return (SystemUtils.IS_OS_MAC_OSX || SystemUtils.IS_OS_LINUX) && FuseMountFactory.isFuseSupported();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/vaults/PerVault.java

@@ -0,0 +1,13 @@
+package org.cryptomator.common.vaults;
+
+import javax.inject.Scope;
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
+@Scope
+@Documented
+@Retention(RetentionPolicy.RUNTIME)
+@interface PerVault {
+
+}

main/commons/src/main/java/org/cryptomator/common/vaults/Vault.java

@@ -0,0 +1,308 @@
+/*******************************************************************************
+ * Copyright (c) 2016, 2017 Sebastian Stenzel and others.
+ * All rights reserved.
+ * This program and the accompanying materials are made available under the terms of the accompanying LICENSE file.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.common.vaults;
+
+import com.google.common.base.Strings;
+import javafx.beans.Observable;
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.BooleanBinding;
+import javafx.beans.binding.StringBinding;
+import javafx.beans.property.ObjectProperty;
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.LazyInitializer;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.cryptofs.CryptoFileSystem;
+import org.cryptomator.cryptofs.CryptoFileSystemProperties;
+import org.cryptomator.cryptofs.CryptoFileSystemProperties.FileSystemFlags;
+import org.cryptomator.cryptofs.CryptoFileSystemProvider;
+import org.cryptomator.cryptolib.api.CryptoException;
+import org.cryptomator.cryptolib.api.InvalidPassphraseException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.inject.Provider;
+import java.io.IOException;
+import java.nio.file.NoSuchFileException;
+import java.nio.file.NotDirectoryException;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.EnumSet;
+import java.util.Objects;
+import java.util.Set;
+import java.util.concurrent.atomic.AtomicReference;
+
+import static org.cryptomator.common.Constants.MASTERKEY_FILENAME;
+
+@PerVault
+public class Vault {
+
+	private static final Logger LOG = LoggerFactory.getLogger(Vault.class);
+	private static final Path HOME_DIR = Paths.get(SystemUtils.USER_HOME);
+
+	private final VaultSettings vaultSettings;
+	private final Provider<Volume> volumeProvider;
+	private final StringBinding defaultMountFlags;
+	private final AtomicReference<CryptoFileSystem> cryptoFileSystem;
+	private final ObjectProperty<VaultState> state;
+	private final VaultStats stats;
+	private final StringBinding displayableName;
+	private final StringBinding displayablePath;
+	private final BooleanBinding locked;
+	private final BooleanBinding processing;
+	private final BooleanBinding unlocked;
+	private final BooleanBinding missing;
+	private final BooleanBinding needsMigration;
+	private final StringBinding accessPoint;
+	private final BooleanBinding accessPointPresent;
+
+	private volatile Volume volume;
+
+	@Inject
+	Vault(VaultSettings vaultSettings, Provider<Volume> volumeProvider, @DefaultMountFlags StringBinding defaultMountFlags, AtomicReference<CryptoFileSystem> cryptoFileSystem, ObjectProperty<VaultState> state, VaultStats stats) {
+		this.vaultSettings = vaultSettings;
+		this.volumeProvider = volumeProvider;
+		this.defaultMountFlags = defaultMountFlags;
+		this.cryptoFileSystem = cryptoFileSystem;
+		this.state = state;
+		this.stats = stats;
+		this.displayableName = Bindings.createStringBinding(this::getDisplayableName, vaultSettings.path());
+		this.displayablePath = Bindings.createStringBinding(this::getDisplayablePath, vaultSettings.path());
+		this.locked = Bindings.createBooleanBinding(this::isLocked, state);
+		this.processing = Bindings.createBooleanBinding(this::isProcessing, state);
+		this.unlocked = Bindings.createBooleanBinding(this::isUnlocked, state);
+		this.missing = Bindings.createBooleanBinding(this::isMissing, state);
+		this.needsMigration = Bindings.createBooleanBinding(this::isNeedsMigration, state);
+		this.accessPoint = Bindings.createStringBinding(this::getAccessPoint, state);
+		this.accessPointPresent = this.accessPoint.isNotEmpty();
+	}
+
+	// ******************************************************************************
+	// Commands
+	// ********************************************************************************/
+
+	private CryptoFileSystem getCryptoFileSystem(CharSequence passphrase) throws NoSuchFileException, IOException, InvalidPassphraseException, CryptoException {
+		return LazyInitializer.initializeLazily(cryptoFileSystem, () -> unlockCryptoFileSystem(passphrase), IOException.class);
+	}
+
+	private CryptoFileSystem unlockCryptoFileSystem(CharSequence passphrase) throws NoSuchFileException, IOException, InvalidPassphraseException, CryptoException {
+		Set<FileSystemFlags> flags = EnumSet.noneOf(FileSystemFlags.class);
+		if (vaultSettings.usesReadOnlyMode().get()) {
+			flags.add(FileSystemFlags.READONLY);
+		}
+		CryptoFileSystemProperties fsProps = CryptoFileSystemProperties.cryptoFileSystemProperties() //
+				.withPassphrase(passphrase) //
+				.withFlags(flags) //
+				.withMasterkeyFilename(MASTERKEY_FILENAME) //
+				.build();
+		return CryptoFileSystemProvider.newFileSystem(getPath(), fsProps);
+	}
+
+	public synchronized void unlock(CharSequence passphrase) throws CryptoException, IOException, Volume.VolumeException {
+		if (vaultSettings.usesIndividualMountPath().get() && Strings.isNullOrEmpty(vaultSettings.individualMountPath().get())) {
+			throw new NotDirectoryException("");
+		}
+		CryptoFileSystem fs = getCryptoFileSystem(passphrase);
+		volume = volumeProvider.get();
+		volume.mount(fs, getEffectiveMountFlags());
+	}
+
+	public synchronized void lock(boolean forced) throws Volume.VolumeException {
+		if (forced && volume.supportsForcedUnmount()) {
+			volume.unmountForced();
+		} else {
+			volume.unmount();
+		}
+		CryptoFileSystem fs = cryptoFileSystem.getAndSet(null);
+		if (fs != null) {
+			try {
+				fs.close();
+			} catch (IOException e) {
+				LOG.error("Error closing file system.", e);
+			}
+		}
+	}
+
+	public void reveal() throws Volume.VolumeException {
+		volume.reveal();
+	}
+
+	// ******************************************************************************
+	// Observable Properties
+	// *******************************************************************************
+
+	public ObjectProperty<VaultState> stateProperty() {
+		return state;
+	}
+
+	public VaultState getState() {
+		return state.get();
+	}
+
+	public void setState(VaultState value) {
+		state.setValue(value);
+	}
+
+	public BooleanBinding lockedProperty() {
+		return locked;
+	}
+
+	public boolean isLocked() {
+		return state.get() == VaultState.LOCKED;
+	}
+
+	public BooleanBinding processingProperty() {
+		return processing;
+	}
+
+	public boolean isProcessing() {
+		return state.get() == VaultState.PROCESSING;
+	}
+
+	public BooleanBinding unlockedProperty() {
+		return unlocked;
+	}
+
+	public boolean isUnlocked() {
+		return state.get() == VaultState.UNLOCKED;
+	}
+
+	public BooleanBinding missingProperty() {
+		return missing;
+	}
+
+	public boolean isMissing() {
+		return state.get() == VaultState.MISSING;
+	}
+
+	public BooleanBinding needsMigrationProperty() {
+		return needsMigration;
+	}
+
+	public boolean isNeedsMigration() {
+		return state.get() == VaultState.NEEDS_MIGRATION;
+	}
+
+	public StringBinding displayableNameProperty() {
+		return displayableName;
+	}
+
+	public String getDisplayableName() {
+		Path p = vaultSettings.path().get();
+		return p.getFileName().toString();
+	}
+
+	public StringBinding accessPointProperty() {
+		return accessPoint;
+	}
+
+	public String getAccessPoint() {
+		if (state.get() == VaultState.UNLOCKED) {
+			assert volume != null;
+			return volume.getMountPoint().orElse(Path.of("")).toString();
+		} else {
+			return "";
+		}
+	}
+
+	public BooleanBinding accessPointPresentProperty() {
+		return accessPointPresent;
+	}
+
+	public boolean isAccessPointPresent() {
+		return accessPointPresent.get();
+	}
+
+	public StringBinding displayablePathProperty() {
+		return displayablePath;
+	}
+
+	public String getDisplayablePath() {
+		Path p = vaultSettings.path().get();
+		if (p.startsWith(HOME_DIR)) {
+			Path relativePath = HOME_DIR.relativize(p);
+			String homePrefix = SystemUtils.IS_OS_WINDOWS ? "~\\" : "~/";
+			return homePrefix + relativePath.toString();
+		} else {
+			return p.toString();
+		}
+	}
+
+	// ******************************************************************************
+	// Getter/Setter
+	// *******************************************************************************/
+
+	public VaultStats getStats() {
+		return stats;
+	}
+
+	public Observable[] observables() {
+		return new Observable[]{state};
+	}
+
+	public VaultSettings getVaultSettings() {
+		return vaultSettings;
+	}
+
+	public Path getPath() {
+		return vaultSettings.path().getValue();
+	}
+
+	public boolean isHavingCustomMountFlags() {
+		return !Strings.isNullOrEmpty(vaultSettings.mountFlags().get());
+	}
+
+	public StringBinding defaultMountFlagsProperty() {
+		return defaultMountFlags;
+	}
+
+	public String getDefaultMountFlags() {
+		return defaultMountFlags.get();
+	}
+
+	public String getEffectiveMountFlags() {
+		String mountFlags = vaultSettings.mountFlags().get();
+		if (Strings.isNullOrEmpty(mountFlags)) {
+			return getDefaultMountFlags();
+		} else {
+			return mountFlags;
+		}
+	}
+
+	public void setCustomMountFlags(String mountFlags) {
+		vaultSettings.mountFlags().set(mountFlags);
+	}
+
+	public String getId() {
+		return vaultSettings.getId();
+	}
+
+	// ******************************************************************************
+	// Hashcode / Equals
+	// *******************************************************************************/
+
+	@Override
+	public int hashCode() {
+		return Objects.hash(vaultSettings);
+	}
+
+	@Override
+	public boolean equals(Object obj) {
+		if (obj instanceof Vault && obj.getClass().equals(this.getClass())) {
+			final Vault other = (Vault) obj;
+			return Objects.equals(this.vaultSettings, other.vaultSettings);
+		} else {
+			return false;
+		}
+	}
+
+	public boolean supportsForcedUnmount() {
+		return volume.supportsForcedUnmount();
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/VaultComponent.java

@@ -3,9 +3,10 @@
  * All rights reserved. This program and the accompanying materials
  * are made available under the terms of the accompanying LICENSE file.
  *******************************************************************************/
-package org.cryptomator.ui.model;
+package org.cryptomator.common.vaults;
 
-import org.cryptomator.ui.model.VaultModule.PerVault;
+import dagger.BindsInstance;
+import org.cryptomator.common.settings.VaultSettings;
 
 import dagger.Subcomponent;
 
@@ -17,7 +18,12 @@ public interface VaultComponent {
 
 	@Subcomponent.Builder
 	interface Builder {
-		Builder vaultModule(VaultModule module);
+
+		@BindsInstance
+		Builder vaultSettings(VaultSettings vaultSettings);
+
+		@BindsInstance
+		Builder initialVaultState(VaultState vaultState);
 
 		VaultComponent build();
 	}

main/commons/src/main/java/org/cryptomator/common/vaults/VaultListChangeListener.java

@@ -0,0 +1,33 @@
+package org.cryptomator.common.vaults;
+
+import javafx.collections.ListChangeListener;
+import javafx.collections.ObservableList;
+import org.cryptomator.common.settings.VaultSettings;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * This listener makes sure to reflect any changes to the vault list back to the settings.
+ */
+class VaultListChangeListener implements ListChangeListener<Vault> {
+
+	private final ObservableList<VaultSettings> vaultSettingsList;
+
+	public VaultListChangeListener(ObservableList<VaultSettings> vaultSettingsList) {
+		this.vaultSettingsList = vaultSettingsList;
+	}
+
+	@Override
+	public void onChanged(Change<? extends Vault> c) {
+		while(c.next()) {
+			if (c.wasAdded()) {
+				List<VaultSettings> addedSettings = c.getAddedSubList().stream().map(Vault::getVaultSettings).collect(Collectors.toList());
+				vaultSettingsList.addAll(c.getFrom(), addedSettings);
+			} else if (c.wasRemoved()) {
+				List<VaultSettings> removedSettings = c.getRemoved().stream().map(Vault::getVaultSettings).collect(Collectors.toList());
+				vaultSettingsList.removeAll(removedSettings);
+			}
+		}
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/VaultListManager.java

@@ -0,0 +1,100 @@
+/*******************************************************************************
+ * Copyright (c) 2016, 2017 Sebastian Stenzel and others.
+ * All rights reserved.
+ * This program and the accompanying materials are made available under the terms of the accompanying LICENSE file.
+ *
+ * Contributors:
+ *     Sebastian Stenzel - initial API and implementation
+ *******************************************************************************/
+package org.cryptomator.common.vaults;
+
+import javafx.collections.FXCollections;
+import javafx.collections.ObservableList;
+import org.cryptomator.common.settings.Settings;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.cryptofs.CryptoFileSystemProvider;
+import org.cryptomator.cryptofs.migration.Migrators;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.NoSuchFileException;
+import java.nio.file.Path;
+import java.util.Collection;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+import static org.cryptomator.common.Constants.MASTERKEY_FILENAME;
+
+@Singleton
+public class VaultListManager {
+	
+	private final VaultComponent.Builder vaultComponentBuilder;
+	private final ObservableList<Vault> vaultList;
+
+	@Inject
+	public VaultListManager(VaultComponent.Builder vaultComponentBuilder, Settings settings) {
+		this.vaultComponentBuilder = vaultComponentBuilder;
+		this.vaultList = FXCollections.observableArrayList(Vault::observables);
+		
+		addAll(settings.getDirectories());
+		vaultList.addListener(new VaultListChangeListener(settings.getDirectories()));
+	}
+
+	public ObservableList<Vault> getVaultList() {
+		return vaultList;
+	}
+
+	public Vault add(Path pathToVault) throws NoSuchFileException {
+		if (!CryptoFileSystemProvider.containsVault(pathToVault, MASTERKEY_FILENAME)) {
+			throw new NoSuchFileException(pathToVault.toString(), null, "Not a vault directory");
+		}
+		Optional<Vault> alreadyExistingVault = get(pathToVault);
+		if (alreadyExistingVault.isPresent()) {
+			return alreadyExistingVault.get();
+		} else {
+			VaultSettings vaultSettings = VaultSettings.withRandomId();
+			vaultSettings.path().set(pathToVault);
+			Vault newVault = create(vaultSettings);
+			vaultList.add(newVault);
+			return newVault;
+		}
+	}
+	
+	private void addAll(Collection<VaultSettings> vaultSettings) {
+		Collection<Vault> vaults = vaultSettings.stream().map(this::create).collect(Collectors.toList());
+		vaultList.addAll(vaults);
+	}
+	
+	private Optional<Vault> get(Path vaultPath) {
+		return vaultList.stream().filter(v -> {
+			try {
+				return Files.isSameFile(vaultPath, v.getPath());
+			} catch (IOException e) {
+				return false;
+			}
+		}).findAny();
+	}
+
+	private Vault create(VaultSettings vaultSettings) {
+		VaultState vaultState = determineVaultState(vaultSettings.path().get());
+		VaultComponent comp = vaultComponentBuilder.vaultSettings(vaultSettings).initialVaultState(vaultState).build();
+		return comp.vault();
+	}
+
+	public static VaultState determineVaultState(Path pathToVault) {
+		try {
+			if (!CryptoFileSystemProvider.containsVault(pathToVault, MASTERKEY_FILENAME)) {
+				return VaultState.MISSING;
+			} else if (Migrators.get().needsMigration(pathToVault, MASTERKEY_FILENAME)) {
+				return VaultState.NEEDS_MIGRATION;
+			} else {
+				return VaultState.LOCKED;
+			}
+		} catch (IOException e) {
+			return VaultState.ERROR;
+		}
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/vaults/VaultModule.java

@@ -0,0 +1,152 @@
+/*******************************************************************************
+ * Copyright (c) 2017 Skymatic UG (haftungsbeschränkt).
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the accompanying LICENSE file.
+ *******************************************************************************/
+package org.cryptomator.common.vaults;
+
+import dagger.Module;
+import dagger.Provides;
+import javafx.beans.binding.Bindings;
+import javafx.beans.binding.StringBinding;
+import javafx.beans.property.BooleanProperty;
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.ReadOnlyBooleanProperty;
+import javafx.beans.property.ReadOnlyStringProperty;
+import javafx.beans.property.SimpleObjectProperty;
+import javafx.beans.property.StringProperty;
+import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.settings.Settings;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.settings.VolumeImpl;
+import org.cryptomator.cryptofs.CryptoFileSystem;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.concurrent.atomic.AtomicReference;
+
+@Module
+public class VaultModule {
+
+	private static final Logger LOG = LoggerFactory.getLogger(VaultModule.class);
+
+	@Provides
+	@PerVault
+	public AtomicReference<CryptoFileSystem> provideCryptoFileSystemReference() {
+		return new AtomicReference<>();
+	}
+
+	@Provides
+	@PerVault
+	public ObjectProperty<VaultState> provideVaultState(VaultState initialState) {
+		return new SimpleObjectProperty<>(initialState);
+	}
+
+	@Provides
+	public Volume provideVolume(Settings settings, WebDavVolume webDavVolume, FuseVolume fuseVolume, DokanyVolume dokanyVolume) {
+		VolumeImpl preferredImpl = settings.preferredVolumeImpl().get();
+		if (VolumeImpl.DOKANY == preferredImpl && dokanyVolume.isSupported()) {
+			return dokanyVolume;
+		} else if (VolumeImpl.FUSE == preferredImpl && fuseVolume.isSupported()) {
+			return fuseVolume;
+		} else {
+			if (VolumeImpl.WEBDAV != preferredImpl) {
+				LOG.warn("Using WebDAV, because {} is not supported.", preferredImpl.getDisplayName());
+			}
+			assert webDavVolume.isSupported();
+			return webDavVolume;
+		}
+	}
+
+	@Provides
+	@PerVault
+	@DefaultMountFlags
+	public StringBinding provideDefaultMountFlags(Settings settings, VaultSettings vaultSettings) {
+		ObjectProperty<VolumeImpl> preferredVolumeImpl = settings.preferredVolumeImpl();
+		StringProperty mountName = vaultSettings.mountName();
+		BooleanProperty readOnly = vaultSettings.usesReadOnlyMode();
+
+		return Bindings.createStringBinding(() -> {
+			VolumeImpl v = preferredVolumeImpl.get();
+			if (v == VolumeImpl.FUSE && SystemUtils.IS_OS_MAC) {
+				return getMacFuseDefaultMountFlags(mountName, readOnly);
+			} else if (v == VolumeImpl.FUSE && SystemUtils.IS_OS_LINUX) {
+				return getLinuxFuseDefaultMountFlags(readOnly);
+			} else if (v == VolumeImpl.DOKANY && SystemUtils.IS_OS_WINDOWS) {
+				return getDokanyDefaultMountFlags(readOnly);
+			} else {
+				return "--flags-supported-on-FUSE-or-DOKANY-only";
+			}
+		}, mountName, readOnly, preferredVolumeImpl);
+	}
+
+	// see: https://github.com/osxfuse/osxfuse/wiki/Mount-options
+	private String getMacFuseDefaultMountFlags(ReadOnlyStringProperty mountName, ReadOnlyBooleanProperty readOnly) {
+		assert SystemUtils.IS_OS_MAC_OSX;
+		StringBuilder flags = new StringBuilder();
+		if (readOnly.get()) {
+			flags.append(" -ordonly");
+		}
+		flags.append(" -ovolname=").append(mountName.get());
+		flags.append(" -oatomic_o_trunc");
+		flags.append(" -oauto_xattr");
+		flags.append(" -oauto_cache");
+		flags.append(" -omodules=iconv,from_code=UTF-8,to_code=UTF-8-MAC"); // show files names in Unicode NFD encoding
+		flags.append(" -onoappledouble"); // vastly impacts performance for some reason...
+		flags.append(" -odefault_permissions"); // let the kernel assume permissions based on file attributes etc
+
+		try {
+			Path userHome = Paths.get(System.getProperty("user.home"));
+			int uid = (int) Files.getAttribute(userHome, "unix:uid");
+			int gid = (int) Files.getAttribute(userHome, "unix:gid");
+			flags.append(" -ouid=").append(uid);
+			flags.append(" -ogid=").append(gid);
+		} catch (IOException e) {
+			LOG.error("Could not read uid/gid from USER_HOME", e);
+		}
+
+		return flags.toString().strip();
+	}
+
+	// see https://manpages.debian.org/testing/fuse/mount.fuse.8.en.html
+	private String getLinuxFuseDefaultMountFlags(ReadOnlyBooleanProperty readOnly) {
+		assert SystemUtils.IS_OS_LINUX;
+		StringBuilder flags = new StringBuilder();
+		if (readOnly.get()) {
+			flags.append(" -oro");
+		}
+		flags.append(" -oauto_unmount");
+
+		try {
+			Path userHome = Paths.get(System.getProperty("user.home"));
+			int uid = (int) Files.getAttribute(userHome, "unix:uid");
+			int gid = (int) Files.getAttribute(userHome, "unix:gid");
+			flags.append(" -ouid=").append(uid);
+			flags.append(" -ogid=").append(gid);
+		} catch (IOException e) {
+			LOG.error("Could not read uid/gid from USER_HOME", e);
+		}
+
+		return flags.toString().strip();
+	}
+
+	// see https://github.com/cryptomator/dokany-nio-adapter/blob/develop/src/main/java/org/cryptomator/frontend/dokany/MountUtil.java#L30-L34
+	private String getDokanyDefaultMountFlags(ReadOnlyBooleanProperty readOnly) {
+		assert SystemUtils.IS_OS_WINDOWS;
+		StringBuilder flags = new StringBuilder();
+		flags.append(" --options CURRENT_SESSION");
+		if (readOnly.get()) {
+			flags.append(",WRITE_PROTECTION");
+		}
+		flags.append(" --thread-count 5");
+		flags.append(" --timeout 10000");
+		flags.append(" --allocation-unit-size 4096");
+		flags.append(" --sector-size 4096");
+		return flags.toString().strip();
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/vaults/VaultState.java

@@ -0,0 +1,34 @@
+package org.cryptomator.common.vaults;
+
+public enum VaultState {
+	/**
+	 * No vault found at the provided path 
+	 */
+	MISSING,
+
+	/**
+	 * Vault requires migration to a newer vault format
+	 */
+	NEEDS_MIGRATION,
+
+	/**
+	 * Vault ready to be unlocked
+	 */
+	LOCKED,
+
+	/**
+	 * Vault in transition between two other states
+	 */
+	PROCESSING,
+
+	/**
+	 * Vault is unlocked
+	 */
+	UNLOCKED,
+
+	/**
+	 * Unknown state due to preceeding unrecoverable exceptions.
+	 */
+	ERROR;
+
+}

main/commons/src/main/java/org/cryptomator/common/vaults/VaultStats.java

@@ -0,0 +1,100 @@
+package org.cryptomator.common.vaults;
+
+import javafx.application.Platform;
+import javafx.beans.Observable;
+import javafx.beans.property.LongProperty;
+import javafx.beans.property.ObjectProperty;
+import javafx.beans.property.SimpleLongProperty;
+import javafx.concurrent.ScheduledService;
+import javafx.concurrent.Task;
+import javafx.util.Duration;
+import org.cryptomator.cryptofs.CryptoFileSystem;
+import org.cryptomator.cryptofs.CryptoFileSystemStats;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import java.util.Optional;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.atomic.AtomicReference;
+
+@PerVault
+public class VaultStats {
+
+	private static final Logger LOG = LoggerFactory.getLogger(VaultStats.class);
+
+	private final AtomicReference<CryptoFileSystem> fs;
+	private final ObjectProperty<VaultState> state;
+	private final ScheduledService<Optional<CryptoFileSystemStats>> updateService;
+	private final LongProperty bytesPerSecondRead = new SimpleLongProperty();
+	private final LongProperty bytesPerSecondWritten = new SimpleLongProperty();
+
+	@Inject
+	VaultStats(AtomicReference<CryptoFileSystem> fs, ObjectProperty<VaultState> state, ExecutorService executor) {
+		this.fs = fs;
+		this.state = state;
+		this.updateService = new UpdateStatsService();
+		updateService.setExecutor(executor);
+		updateService.setPeriod(Duration.seconds(1));
+
+		state.addListener(this::vaultStateChanged);
+	}
+
+	private void vaultStateChanged(@SuppressWarnings("unused") Observable observable) {
+		switch (state.get()) {
+			case UNLOCKED:
+				assert fs.get() != null;
+				LOG.debug("start recording stats");
+				updateService.restart();
+				break;
+			default:
+				LOG.debug("stop recording stats");
+				updateService.cancel();
+				break;
+		}
+	}
+
+	private void updateStats(Optional<CryptoFileSystemStats> stats) {
+		assert Platform.isFxApplicationThread();
+		bytesPerSecondRead.set(stats.map(CryptoFileSystemStats::pollBytesRead).orElse(0l));
+		bytesPerSecondWritten.set(stats.map(CryptoFileSystemStats::pollBytesWritten).orElse(0l));
+	}
+
+	private class UpdateStatsService extends ScheduledService<Optional<CryptoFileSystemStats>> {
+
+		@Override
+		protected Task<Optional<CryptoFileSystemStats>> createTask() {
+			return new Task<>() {
+				@Override
+				protected Optional<CryptoFileSystemStats> call() {
+					return Optional.ofNullable(fs.get()).map(CryptoFileSystem::getStats);
+				}
+			};
+		}
+
+		@Override
+		protected void succeeded() {
+			assert getValue() != null;
+			updateStats(getValue());
+			super.succeeded();
+		}
+	}
+
+	/* Observables */
+
+	public LongProperty bytesPerSecondReadProperty() {
+		return bytesPerSecondRead;
+	}
+
+	public long getBytesPerSecondRead() {
+		return bytesPerSecondRead.get();
+	}
+
+	public LongProperty bytesPerSecondWrittenProperty() {
+		return bytesPerSecondWritten;
+	}
+
+	public long getBytesPerSecondWritten() {
+		return bytesPerSecondWritten.get();
+	}
+}

main/commons/src/main/java/org/cryptomator/common/vaults/Volume.java

@@ -0,0 +1,79 @@
+package org.cryptomator.common.vaults;
+
+import org.cryptomator.common.settings.VolumeImpl;
+import org.cryptomator.cryptofs.CryptoFileSystem;
+
+import java.io.IOException;
+import java.nio.file.Path;
+import java.util.Optional;
+import java.util.stream.Stream;
+
+/**
+ * Takes a Volume and usess it to mount an unlocked vault
+ */
+public interface Volume {
+
+	/**
+	 * Checks in constant time whether this volume type is supported on the system running Cryptomator.
+	 *
+	 * @return true if this volume can be mounted
+	 */
+	boolean isSupported();
+
+	/**
+	 * @param fs
+	 * @throws IOException
+	 */
+	void mount(CryptoFileSystem fs, String mountFlags) throws IOException, VolumeException;
+
+	void reveal() throws VolumeException;
+
+	void unmount() throws VolumeException;
+
+	Optional<Path> getMountPoint();
+
+	// optional forced unmounting:
+
+	default boolean supportsForcedUnmount() {
+		return false;
+	}
+
+	default void unmountForced() throws VolumeException {
+		throw new VolumeException("Operation not supported.");
+	}
+
+	static VolumeImpl[] getCurrentSupportedAdapters() {
+		return Stream.of(VolumeImpl.values()).filter(impl -> {
+			switch (impl) {
+				case WEBDAV:
+					return WebDavVolume.isSupportedStatic();
+				case DOKANY:
+					return DokanyVolume.isSupportedStatic();
+				case FUSE:
+					return FuseVolume.isSupportedStatic();
+				default:
+					return false;//throw new IllegalStateException("Adapter not implemented.");
+			}
+		}).toArray(VolumeImpl[]::new);
+	}
+
+	/**
+	 * Exception thrown when a volume-specific command such as mount/unmount/reveal failed.
+	 */
+	class VolumeException extends Exception {
+
+		public VolumeException(String message) {
+			super(message);
+		}
+
+		public VolumeException(Throwable cause) {
+			super(cause);
+		}
+
+		public VolumeException(String message, Throwable cause) {
+			super(message, cause);
+		}
+
+	}
+
+}

main/commons/src/main/java/org/cryptomator/common/vaults/WebDavVolume.java

@@ -1,4 +1,4 @@
-package org.cryptomator.ui.model;
+package org.cryptomator.common.vaults;
 
 
 import org.cryptomator.common.settings.Settings;
@@ -11,11 +11,11 @@ import org.cryptomator.frontend.webdav.servlet.WebDavServletController;
 
 import javax.inject.Inject;
 import javax.inject.Provider;
-
 import java.net.InetAddress;
 import java.net.UnknownHostException;
+import java.nio.file.Path;
+import java.util.Optional;
 
-@VaultModule.PerVault
 public class WebDavVolume implements Volume {
 
 	private static final String LOCALHOST_ALIAS = "cryptomator-vault";
@@ -27,6 +27,7 @@ public class WebDavVolume implements Volume {
 	private WebDavServer server;
 	private WebDavServletController servlet;
 	private Mounter.Mount mount;
+	private Path mountPoint;
 
 	@Inject
 	public WebDavVolume(Provider<WebDavServer> serverProvider, VaultSettings vaultSettings, Settings settings) {
@@ -36,7 +37,7 @@ public class WebDavVolume implements Volume {
 	}
 
 	@Override
-	public void prepare(CryptoFileSystem fs) {
+	public void mount(CryptoFileSystem fs, String mountFlags) throws VolumeException {
 		if (server == null) {
 			server = serverProvider.get();
 		}
@@ -45,48 +46,59 @@ public class WebDavVolume implements Volume {
 		}
 		servlet = server.createWebDavServlet(fs.getPath("/"), vaultSettings.getId() + "/" + vaultSettings.mountName().get());
 		servlet.start();
+		mount();
 	}
 
-	@Override
-	public void mount() throws CommandFailedException {
+	private void mount() throws VolumeException {
 		if (servlet == null) {
 			throw new IllegalStateException("Mounting requires unlocked WebDAV servlet.");
 		}
 		MountParams mountParams = MountParams.create() //
 				.withWindowsDriveLetter(vaultSettings.winDriveLetter().get()) //
-				.withPreferredGvfsScheme(settings.preferredGvfsScheme().get())//
+				.withPreferredGvfsScheme(settings.preferredGvfsScheme().get().getPrefix())//
 				.withWebdavHostname(getLocalhostAliasOrNull()) //
 				.build();
 		try {
 			this.mount = servlet.mount(mountParams); // might block this thread for a while
 		} catch (Mounter.CommandFailedException e) {
 			e.printStackTrace();
-			throw new CommandFailedException(e);
+			throw new VolumeException(e);
 		}
 	}
 
 	@Override
-	public void reveal() throws CommandFailedException {
+	public void reveal() throws VolumeException {
 		try {
 			mount.reveal();
 		} catch (Mounter.CommandFailedException e) {
 			e.printStackTrace();
-			throw new CommandFailedException(e);
+			throw new VolumeException(e);
 		}
 	}
 
 	@Override
-	public synchronized void unmount() throws CommandFailedException {
+	public synchronized void unmount() throws VolumeException {
 		try {
 			mount.unmount();
 		} catch (Mounter.CommandFailedException e) {
-			throw new CommandFailedException(e);
+			throw new VolumeException(e);
 		}
+		cleanup();
 	}
 
 	@Override
-	public synchronized void unmountForced() {
-		mount.forced();
+	public synchronized void unmountForced() throws VolumeException {
+		try {
+			mount.forced().orElseThrow(IllegalStateException::new).unmount();
+		} catch (Mounter.CommandFailedException e) {
+			throw new VolumeException(e);
+		}
+		cleanup();
+	}
+
+	@Override
+	public Optional<Path> getMountPoint() {
+		return Optional.ofNullable(mountPoint);
 	}
 
 	private String getLocalhostAliasOrNull() {
@@ -102,29 +114,25 @@ public class WebDavVolume implements Volume {
 		}
 	}
 
-	@Override
-	public void stop() {
+	private void cleanup() {
 		if (servlet != null) {
 			servlet.stop();
 		}
 
 	}
 
-	public synchronized String getMountUri() {
-		return servlet.getServletRootUri().toString() + "/";
-	}
-
-	/**
-	 * TODO: what to check wether it is implemented?
-	 *
-	 * @return
-	 */
 	@Override
 	public boolean isSupported() {
-		return true;
+		return WebDavVolume.isSupportedStatic();
 	}
 
+	@Override
 	public boolean supportsForcedUnmount() {
 		return mount != null && mount.forced().isPresent();
 	}
+
+
+	public static boolean isSupportedStatic() {
+		return true;
+	}
 }

main/commons/src/main/java/org/cryptomator/common/vaults/WindowsDriveLetters.java

@@ -0,0 +1,55 @@
+/*******************************************************************************
+ * Copyright (c) 2017 Skymatic UG (haftungsbeschränkt).
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the accompanying LICENSE file.
+ *******************************************************************************/
+package org.cryptomator.common.vaults;
+
+import com.google.common.collect.Sets;
+import org.apache.commons.lang3.SystemUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.inject.Singleton;
+import java.nio.file.FileSystems;
+import java.nio.file.Path;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.IntStream;
+import java.util.stream.StreamSupport;
+
+@Singleton
+public final class WindowsDriveLetters {
+
+	private static final Logger LOG = LoggerFactory.getLogger(WindowsDriveLetters.class);
+	private static final Set<String> A_TO_Z;
+
+	static {
+		try (IntStream stream = IntStream.rangeClosed('A', 'Z')) {
+			A_TO_Z = stream.mapToObj(i -> String.valueOf((char) i)).collect(Collectors.toSet());
+		}
+	}
+
+	@Inject
+	public WindowsDriveLetters() {
+	}
+
+	public Set<String> getAllDriveLetters() {
+		return A_TO_Z;
+	}
+
+	public Set<String> getOccupiedDriveLetters() {
+		if (!SystemUtils.IS_OS_WINDOWS) {
+			return Set.of();
+		} else {
+			Iterable<Path> rootDirs = FileSystems.getDefault().getRootDirectories();
+			return StreamSupport.stream(rootDirs.spliterator(), false).map(p -> p.toString().substring(0,1)).collect(Collectors.toSet());
+		}
+	}
+
+	public Set<String> getAvailableDriveLetters() {
+		return Sets.difference(A_TO_Z, getOccupiedDriveLetters());
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/EnvironmentTest.java

@@ -0,0 +1,133 @@
+package org.cryptomator.common;
+
+import org.hamcrest.MatcherAssert;
+import org.hamcrest.Matchers;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Nested;
+import org.junit.jupiter.api.Test;
+
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+@DisplayName("Environment Variables Test")
+class EnvironmentTest {
+
+	private Environment env;
+
+	@BeforeAll
+	static void init() {
+		System.setProperty("user.home", "/home/testuser");
+	}
+
+	@BeforeEach
+	void initEach() {
+		env = new Environment();
+	}
+
+	@Test
+	@DisplayName("cryptomator.settingsPath=~/.config/Cryptomator/settings.json:~/.Cryptomator/settings.json")
+	public void testSettingsPath() {
+		System.setProperty("cryptomator.settingsPath", "~/.config/Cryptomator/settings.json:~/.Cryptomator/settings.json");
+
+		List<Path> result = env.getSettingsPath().collect(Collectors.toList());
+		MatcherAssert.assertThat(result, Matchers.hasSize(2));
+		MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/.config/Cryptomator/settings.json"),
+				Paths.get("/home/testuser/.Cryptomator/settings.json")));
+	}
+
+	@Test
+	@DisplayName("cryptomator.ipcPortPath=~/.config/Cryptomator/ipcPort.bin:~/.Cryptomator/ipcPort.bin")
+	public void testIpcPortPath() {
+		System.setProperty("cryptomator.ipcPortPath", "~/.config/Cryptomator/ipcPort.bin:~/.Cryptomator/ipcPort.bin");
+
+		List<Path> result = env.getIpcPortPath().collect(Collectors.toList());
+		MatcherAssert.assertThat(result, Matchers.hasSize(2));
+		MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/.config/Cryptomator/ipcPort.bin"),
+				Paths.get("/home/testuser/.Cryptomator/ipcPort.bin")));
+	}
+
+	@Test
+	@DisplayName("cryptomator.keychainPath=~/AppData/Roaming/Cryptomator/keychain.json")
+	public void testKeychainPath() {
+		System.setProperty("cryptomator.keychainPath", "~/AppData/Roaming/Cryptomator/keychain.json");
+
+		List<Path> result = env.getKeychainPath().collect(Collectors.toList());
+		MatcherAssert.assertThat(result, Matchers.hasSize(1));
+		MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/AppData/Roaming/Cryptomator/keychain.json")));
+	}
+
+	@Test
+	@DisplayName("cryptomator.logDir=/foo/bar")
+	public void testAbsoluteLogDir() {
+		System.setProperty("cryptomator.logDir", "/foo/bar");
+
+		Optional<Path> logDir = env.getLogDir();
+
+		Assertions.assertTrue(logDir.isPresent());
+	}
+
+	@Test
+	@DisplayName("cryptomator.logDir=~/foo/bar")
+	public void testRelativeLogDir() {
+		System.setProperty("cryptomator.logDir", "~/foo/bar");
+
+		Optional<Path> logDir = env.getLogDir();
+
+		Assertions.assertTrue(logDir.isPresent());
+		Assertions.assertEquals(Paths.get("/home/testuser/foo/bar"), logDir.get());
+	}
+
+	@Nested
+	@DisplayName("Path Lists")
+	class SettingsPath {
+
+		@Test
+		@DisplayName("test.path.property=")
+		public void testEmptyList() {
+			System.setProperty("test.path.property", "");
+			List<Path> result = env.getPaths("test.path.property").collect(Collectors.toList());
+
+			MatcherAssert.assertThat(result, Matchers.hasSize(0));
+		}
+
+		@Test
+		@DisplayName("test.path.property=/foo/bar/test")
+		public void testSingleAbsolutePath() {
+			System.setProperty("test.path.property", "/foo/bar/test");
+			List<Path> result = env.getPaths("test.path.property").collect(Collectors.toList());
+
+			MatcherAssert.assertThat(result, Matchers.hasSize(1));
+			MatcherAssert.assertThat(result, Matchers.hasItem(Paths.get("/foo/bar/test")));
+		}
+
+		@Test
+		@DisplayName("test.path.property=~/test")
+		public void testSingleHomeRelativePath() {
+			System.setProperty("test.path.property", "~/test");
+			List<Path> result = env.getPaths("test.path.property").collect(Collectors.toList());
+
+			MatcherAssert.assertThat(result, Matchers.hasSize(1));
+			MatcherAssert.assertThat(result, Matchers.hasItem(Paths.get("/home/testuser/test")));
+		}
+
+		@Test
+		@DisplayName("test.path.property=~/test:~/test2:/foo/bar/test")
+		public void testMultiplePaths() {
+			System.setProperty("test.path.property", "~/test:~/test2:/foo/bar/test");
+			List<Path> result = env.getPaths("test.path.property").collect(Collectors.toList());
+
+			MatcherAssert.assertThat(result, Matchers.hasSize(3));
+			MatcherAssert.assertThat(result, Matchers.contains(Paths.get("/home/testuser/test"),
+					Paths.get("/home/testuser/test2"),
+					Paths.get("/foo/bar/test")));
+		}
+
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/LicenseCheckerTest.java

@@ -0,0 +1,62 @@
+package org.cryptomator.common;
+
+import com.auth0.jwt.interfaces.DecodedJWT;
+import org.cryptomator.common.LicenseChecker;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import java.util.Optional;
+
+class LicenseCheckerTest {
+
+	private static final String PUBLIC_KEY = "MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBgc4HZz+/fBbC7lmEww0AO3NK9wVZ" //
+			+ "PDZ0VEnsaUFLEYpTzb90nITtJUcPUbvOsdZIZ1Q8fnbquAYgxXL5UgHMoywAib47" //
+			+ "6MkyyYgPk0BXZq3mq4zImTRNuaU9slj9TVJ3ScT3L1bXwVuPJDzpr5GOFpaj+WwM" //
+			+ "Al8G7CqwoJOsW7Kddns=";
+	
+	private LicenseChecker licenseChecker;
+
+	@BeforeEach
+	public void setup() {
+		licenseChecker = new LicenseChecker(PUBLIC_KEY);
+	}
+
+	@Test
+	public void testCheckValidLicense() {
+		String license = "eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6InhaRGZacHJ5NFA5dlpQWnlHMmZOQlJqLTdMejVvbVZkbTd0SG9DZ1NOZlkifQ.eyJzdWIiOiJjcnlwdG9ib3RAZXhhbXBsZS5jb20iLCJpYXQiOjE1MTYyMzkwMjJ9.AQaBIKQdNCxmRJi2wLOcbagTgi39WhdWwgdpKTYSPicg-aPr_tst_RjmnqMemx3cBe0Blr4nEbj_lAtSKHz_i61fAUyI1xCIAZYbK9Q3ICHIHQl3AiuCpBwFl-k81OB4QDYiKpEc9gLN5dhW_VymJMsgOvyiC0UjC91f2AM7s46byDNj";
+		
+		Optional<DecodedJWT> decoded = licenseChecker.check(license);
+		
+		Assertions.assertTrue(decoded.isPresent());
+		Assertions.assertEquals("cryptobot@example.com", decoded.get().getSubject());
+	}
+
+	@Test
+	public void testCheckInvalidLicenseHeader() {
+		String license = "EyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6InhaRGZacHJ5NFA5dlpQWnlHMmZOQlJqLTdMejVvbVZkbTd0SG9DZ1NOZlkifQ.eyJzdWIiOiJjcnlwdG9ib3RAZXhhbXBsZS5jb20iLCJpYXQiOjE1MTYyMzkwMjJ9.AQaBIKQdNCxmRJi2wLOcbagTgi39WhdWwgdpKTYSPicg-aPr_tst_RjmnqMemx3cBe0Blr4nEbj_lAtSKHz_i61fAUyI1xCIAZYbK9Q3ICHIHQl3AiuCpBwFl-k81OB4QDYiKpEc9gLN5dhW_VymJMsgOvyiC0UjC91f2AM7s46byDNj";
+
+		Optional<DecodedJWT> decoded = licenseChecker.check(license);
+
+		Assertions.assertFalse(decoded.isPresent());
+	}
+
+	@Test
+	public void testCheckInvalidLicensePayload() {
+		String license = "eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6InhaRGZacHJ5NFA5dlpQWnlHMmZOQlJqLTdMejVvbVZkbTd0SG9DZ1NOZlkifQ.EyJzdWIiOiJjcnlwdG9ib3RAZXhhbXBsZS5jb20iLCJpYXQiOjE1MTYyMzkwMjJ9.AQaBIKQdNCxmRJi2wLOcbagTgi39WhdWwgdpKTYSPicg-aPr_tst_RjmnqMemx3cBe0Blr4nEbj_lAtSKHz_i61fAUyI1xCIAZYbK9Q3ICHIHQl3AiuCpBwFl-k81OB4QDYiKpEc9gLN5dhW_VymJMsgOvyiC0UjC91f2AM7s46byDNj";
+
+		Optional<DecodedJWT> decoded = licenseChecker.check(license);
+
+		Assertions.assertFalse(decoded.isPresent());
+	}
+
+	@Test
+	public void testCheckInvalidLicenseSignature() {
+		String license = "eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6InhaRGZacHJ5NFA5dlpQWnlHMmZOQlJqLTdMejVvbVZkbTd0SG9DZ1NOZlkifQ.eyJzdWIiOiJjcnlwdG9ib3RAZXhhbXBsZS5jb20iLCJpYXQiOjE1MTYyMzkwMjJ9.aQaBIKQdNCxmRJi2wLOcbagTgi39WhdWwgdpKTYSPicg-aPr_tst_RjmnqMemx3cBe0Blr4nEbj_lAtSKHz_i61fAUyI1xCIAZYbK9Q3ICHIHQl3AiuCpBwFl-k81OB4QDYiKpEc9gLN5dhW_VymJMsgOvyiC0UjC91f2AM7s46byDNj";
+
+		Optional<DecodedJWT> decoded = licenseChecker.check(license);
+
+		Assertions.assertFalse(decoded.isPresent());
+	}
+
+}

main/commons/src/test/java/org/cryptomator/common/SemVerComparatorTest.java

@@ -8,10 +8,10 @@
  *******************************************************************************/
 package org.cryptomator.common;
 
-import java.util.Comparator;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
 
-import org.junit.Assert;
-import org.junit.Test;
+import java.util.Comparator;
 
 public class SemVerComparatorTest {
 
@@ -21,38 +21,38 @@ public class SemVerComparatorTest {
 
 	@Test
 	public void compareEqualVersions() {
-		Assert.assertEquals(0, Integer.signum(semVerComparator.compare("1.23.4", "1.23.4")));
-		Assert.assertEquals(0, Integer.signum(semVerComparator.compare("1.23.4-alpha", "1.23.4-alpha")));
-		Assert.assertEquals(0, Integer.signum(semVerComparator.compare("1.23.4+20170101", "1.23.4+20171231")));
-		Assert.assertEquals(0, Integer.signum(semVerComparator.compare("1.23.4-alpha+20170101", "1.23.4-alpha+20171231")));
+		Assertions.assertEquals(0, Integer.signum(semVerComparator.compare("1.23.4", "1.23.4")));
+		Assertions.assertEquals(0, Integer.signum(semVerComparator.compare("1.23.4-alpha", "1.23.4-alpha")));
+		Assertions.assertEquals(0, Integer.signum(semVerComparator.compare("1.23.4+20170101", "1.23.4+20171231")));
+		Assertions.assertEquals(0, Integer.signum(semVerComparator.compare("1.23.4-alpha+20170101", "1.23.4-alpha+20171231")));
 	}
 
 	// newer versions in first argument
 
 	@Test
 	public void compareHigherToLowerVersions() {
-		Assert.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.5", "1.23.4")));
-		Assert.assertEquals(1, Integer.signum(semVerComparator.compare("1.24.4", "1.23.4")));
-		Assert.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4", "1.23")));
-		Assert.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4", "1.23.4-SNAPSHOT")));
-		Assert.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4", "1.23.4-56.78")));
-		Assert.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4-beta", "1.23.4-alpha")));
-		Assert.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4-alpha.1", "1.23.4-alpha")));
-		Assert.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4-56.79", "1.23.4-56.78")));
+		Assertions.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.5", "1.23.4")));
+		Assertions.assertEquals(1, Integer.signum(semVerComparator.compare("1.24.4", "1.23.4")));
+		Assertions.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4", "1.23")));
+		Assertions.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4", "1.23.4-SNAPSHOT")));
+		Assertions.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4", "1.23.4-56.78")));
+		Assertions.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4-beta", "1.23.4-alpha")));
+		Assertions.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4-alpha.1", "1.23.4-alpha")));
+		Assertions.assertEquals(1, Integer.signum(semVerComparator.compare("1.23.4-56.79", "1.23.4-56.78")));
 	}
 
 	// newer versions in second argument
 
 	@Test
 	public void compareLowerToHigherVersions() {
-		Assert.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4", "1.23.5")));
-		Assert.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4", "1.24.4")));
-		Assert.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23", "1.23.4")));
-		Assert.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-SNAPSHOT", "1.23.4")));
-		Assert.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-56.78", "1.23.4")));
-		Assert.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-alpha", "1.23.4-beta")));
-		Assert.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-alpha", "1.23.4-alpha.1")));
-		Assert.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-56.78", "1.23.4-56.79")));
+		Assertions.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4", "1.23.5")));
+		Assertions.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4", "1.24.4")));
+		Assertions.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23", "1.23.4")));
+		Assertions.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-SNAPSHOT", "1.23.4")));
+		Assertions.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-56.78", "1.23.4")));
+		Assertions.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-alpha", "1.23.4-beta")));
+		Assertions.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-alpha", "1.23.4-alpha.1")));
+		Assertions.assertEquals(-1, Integer.signum(semVerComparator.compare("1.23.4-56.78", "1.23.4-56.79")));
 	}
 
 }

main/commons/src/test/java/org/cryptomator/common/settings/SettingsJsonAdapterTest.java

@@ -5,10 +5,10 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
-import java.io.IOException;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
 
-import org.junit.Assert;
-import org.junit.Test;
+import java.io.IOException;
 
 public class SettingsJsonAdapterTest {
 
@@ -22,16 +22,16 @@ public class SettingsJsonAdapterTest {
 				+ "\"checkForUpdatesEnabled\": true,"//
 				+ "\"port\": 8080,"//
 				+ "\"numTrayNotifications\": 42,"//
-				+ "\"volumeImpl\": \"FUSE\"}";
+				+ "\"preferredVolumeImpl\": \"FUSE\"}";
 
 		Settings settings = adapter.fromJson(json);
 
-		Assert.assertTrue(settings.checkForUpdates().get());
-		Assert.assertEquals(2, settings.getDirectories().size());
-		Assert.assertEquals(8080, settings.port().get());
-		Assert.assertEquals(42, settings.numTrayNotifications().get());
-		Assert.assertEquals("dav", settings.preferredGvfsScheme().get());
-		Assert.assertEquals(VolumeImpl.FUSE, settings.volumeImpl().get());
+		Assertions.assertTrue(settings.checkForUpdates().get());
+		Assertions.assertEquals(2, settings.getDirectories().size());
+		Assertions.assertEquals(8080, settings.port().get());
+		Assertions.assertEquals(42, settings.numTrayNotifications().get());
+		Assertions.assertEquals(WebDavUrlScheme.DAV, settings.preferredGvfsScheme().get());
+		Assertions.assertEquals(VolumeImpl.FUSE, settings.preferredVolumeImpl().get());
 	}
 
 }

main/commons/src/test/java/org/cryptomator/common/settings/SettingsTest.java

@@ -5,25 +5,23 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
-import java.io.IOException;
-import java.util.function.Consumer;
-
-import org.junit.Test;
+import org.junit.jupiter.api.Test;
 import org.mockito.Mockito;
 
+import java.util.function.Consumer;
+
 public class SettingsTest {
 
 	@Test
-	public void testAutoSave() throws IOException {
-		@SuppressWarnings("unchecked")
-		Consumer<Settings> changeListener = Mockito.mock(Consumer.class);
+	public void testAutoSave() {
+		@SuppressWarnings("unchecked") Consumer<Settings> changeListener = Mockito.mock(Consumer.class);
 		Settings settings = new Settings();
 		settings.setSaveCmd(changeListener);
 		VaultSettings vaultSettings = VaultSettings.withRandomId();
 		Mockito.verify(changeListener, Mockito.times(0)).accept(settings);
 
 		// first change (to property):
-		settings.preferredGvfsScheme().set("asd");
+		settings.preferredGvfsScheme().set(WebDavUrlScheme.WEBDAV);
 		Mockito.verify(changeListener, Mockito.times(1)).accept(settings);
 
 		// second change (to list):

main/commons/src/test/java/org/cryptomator/common/settings/VaultSettingsJsonAdapterTest.java

@@ -5,14 +5,18 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
+import com.google.gson.stream.JsonReader;
+import com.google.gson.stream.JsonWriter;
+import org.hamcrest.CoreMatchers;
+import org.hamcrest.MatcherAssert;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
 import java.io.IOException;
 import java.io.StringReader;
+import java.io.StringWriter;
 import java.nio.file.Paths;
-
-import org.junit.Assert;
-import org.junit.Test;
-
-import com.google.gson.stream.JsonReader;
+import java.util.Arrays;
 
 public class VaultSettingsJsonAdapterTest {
 
@@ -20,15 +24,40 @@ public class VaultSettingsJsonAdapterTest {
 
 	@Test
 	public void testDeserialize() throws IOException {
-		String json = "{\"id\": \"foo\", \"path\": \"/foo/bar\", \"mountName\": \"test\", \"winDriveLetter\": \"X\", \"shouldBeIgnored\": true, \"individualMountPath\": \"/home/test/crypto\"}";
+		String json = "{\"id\": \"foo\", \"path\": \"/foo/bar\", \"mountName\": \"test\", \"winDriveLetter\": \"X\", \"shouldBeIgnored\": true, \"individualMountPath\": \"/home/test/crypto\", \"mountFlags\":\"--foo --bar\"}";
 		JsonReader jsonReader = new JsonReader(new StringReader(json));
 
 		VaultSettings vaultSettings = adapter.read(jsonReader);
-		Assert.assertEquals("foo", vaultSettings.getId());
-		Assert.assertEquals(Paths.get("/foo/bar"), vaultSettings.path().get());
-		Assert.assertEquals("test", vaultSettings.mountName().get());
-		Assert.assertEquals("X", vaultSettings.winDriveLetter().get());
-		Assert.assertEquals("/home/test/crypto", vaultSettings.individualMountPath().get());
+		Assertions.assertEquals("foo", vaultSettings.getId());
+		Assertions.assertEquals(Paths.get("/foo/bar"), vaultSettings.path().get());
+		Assertions.assertEquals("test", vaultSettings.mountName().get());
+		Assertions.assertEquals("X", vaultSettings.winDriveLetter().get());
+		Assertions.assertEquals("/home/test/crypto", vaultSettings.individualMountPath().get());
+		Assertions.assertEquals("--foo --bar", vaultSettings.mountFlags().get());
+
+
+	}
+
+	@Test
+	public void testSerialize() throws IOException {
+		VaultSettings vaultSettings = new VaultSettings("test");
+		vaultSettings.path().set(Paths.get("/foo/bar"));
+		vaultSettings.mountName().set("mountyMcMountFace");
+		vaultSettings.mountFlags().set("--foo --bar");
+
+		StringWriter buf = new StringWriter();
+		JsonWriter jsonWriter = new JsonWriter(buf);
+		adapter.write(jsonWriter, vaultSettings);
+		String result = buf.toString();
+
+		MatcherAssert.assertThat(result, CoreMatchers.containsString("\"id\":\"test\""));
+		if(System.getProperty("os.name").contains("Windows")){
+			MatcherAssert.assertThat(result, CoreMatchers.containsString("\"path\":\"\\\\foo\\\\bar\""));
+		} else {
+			MatcherAssert.assertThat(result, CoreMatchers.containsString("\"path\":\"/foo/bar\""));
+		}
+		MatcherAssert.assertThat(result, CoreMatchers.containsString("\"mountName\":\"mountyMcMountFace\""));
+		MatcherAssert.assertThat(result, CoreMatchers.containsString("\"mountFlags\":\"--foo --bar\""));
 	}
 
 }

main/commons/src/test/java/org/cryptomator/common/settings/VaultSettingsTest.java

@@ -8,9 +8,9 @@
  *******************************************************************************/
 package org.cryptomator.common.settings;
 
-import static org.junit.Assert.assertEquals;
+import org.junit.jupiter.api.Test;
 
-import org.junit.Test;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 public class VaultSettingsTest {
 

main/commons/src/test/java/org/cryptomator/common/vaults/VaultModuleTest.java

@@ -0,0 +1,70 @@
+package org.cryptomator.common.vaults;
+
+import javafx.beans.binding.StringBinding;
+import javafx.beans.property.SimpleBooleanProperty;
+import javafx.beans.property.SimpleObjectProperty;
+import javafx.beans.property.SimpleStringProperty;
+import org.cryptomator.common.settings.Settings;
+import org.cryptomator.common.settings.VaultSettings;
+import org.cryptomator.common.settings.VolumeImpl;
+import org.hamcrest.CoreMatchers;
+import org.hamcrest.MatcherAssert;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.condition.EnabledOnOs;
+import org.junit.jupiter.api.condition.OS;
+import org.junit.jupiter.api.io.TempDir;
+import org.mockito.Mockito;
+
+import java.nio.file.Path;
+
+public class VaultModuleTest {
+
+	private final Settings settings = Mockito.mock(Settings.class);
+	private final VaultSettings vaultSettings = Mockito.mock(VaultSettings.class);
+
+	private final VaultModule module = new VaultModule();
+
+	@BeforeEach
+	public void setup(@TempDir Path tmpDir) {
+		Mockito.when(vaultSettings.mountName()).thenReturn(new SimpleStringProperty("TEST"));
+		Mockito.when(vaultSettings.usesReadOnlyMode()).thenReturn(new SimpleBooleanProperty(true));
+		System.setProperty("user.home", tmpDir.toString());
+	}
+
+	@Test
+	@DisplayName("provideDefaultMountFlags on Mac/FUSE")
+	@EnabledOnOs(OS.MAC)
+	public void testMacFuseDefaultMountFlags() {
+		Mockito.when(settings.preferredVolumeImpl()).thenReturn(new SimpleObjectProperty<>(VolumeImpl.FUSE));
+
+		StringBinding result = module.provideDefaultMountFlags(settings, vaultSettings);
+
+		MatcherAssert.assertThat(result.get(), CoreMatchers.containsString("-ovolname=TEST"));
+		MatcherAssert.assertThat(result.get(), CoreMatchers.containsString("-ordonly"));
+	}
+
+	@Test
+	@DisplayName("provideDefaultMountFlags on Linux/FUSE")
+	@EnabledOnOs(OS.LINUX)
+	public void testLinuxFuseDefaultMountFlags() {
+		Mockito.when(settings.preferredVolumeImpl()).thenReturn(new SimpleObjectProperty<>(VolumeImpl.FUSE));
+
+		StringBinding result = module.provideDefaultMountFlags(settings, vaultSettings);
+
+		MatcherAssert.assertThat(result.get(), CoreMatchers.containsString("-oro"));
+	}
+
+	@Test
+	@DisplayName("provideDefaultMountFlags on Windows/Dokany")
+	@EnabledOnOs(OS.WINDOWS)
+	public void testWinDokanyDefaultMountFlags() {
+		Mockito.when(settings.preferredVolumeImpl()).thenReturn(new SimpleObjectProperty<>(VolumeImpl.DOKANY));
+
+		StringBinding result = module.provideDefaultMountFlags(settings, vaultSettings);
+
+		MatcherAssert.assertThat(result.get(), CoreMatchers.containsString("--options CURRENT_SESSION,WRITE_PROTECTION"));
+	}
+
+}

main/jacoco-report/.gitignore

@@ -1 +0,0 @@
-/target/

main/jacoco-report/pom.xml

@@ -1,50 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-	<parent>
-		<groupId>org.cryptomator</groupId>
-		<artifactId>main</artifactId>
-		<version>1.4.0-SNAPSHOT</version>
-	</parent>
-	<artifactId>jacoco-report</artifactId>
-	<name>Cryptomator Code Coverage Report</name>
-	<packaging>pom</packaging>
-
-	<dependencies>
-		<!-- all modules containing unit tests: -->
-		<dependency>
-			<groupId>org.cryptomator</groupId>
-			<artifactId>commons</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.cryptomator</groupId>
-			<artifactId>keychain</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.cryptomator</groupId>
-			<artifactId>ui</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>org.cryptomator</groupId>
-			<artifactId>launcher</artifactId>
-		</dependency>
-	</dependencies>
-
-	<build>
-		<plugins>
-			<plugin>
-				<groupId>org.jacoco</groupId>
-				<artifactId>jacoco-maven-plugin</artifactId>
-				<executions>
-					<execution>
-						<id>report-aggregate</id>
-						<phase>verify</phase>
-						<goals>
-							<goal>report-aggregate</goal>
-						</goals>
-					</execution>
-				</executions>
-			</plugin>
-		</plugins>
-	</build>
-</project>

main/keychain/pom.xml

@@ -4,12 +4,17 @@
 	<parent>
 		<groupId>org.cryptomator</groupId>
 		<artifactId>main</artifactId>
-		<version>1.4.0-SNAPSHOT</version>
+		<version>1.5.0</version>
 	</parent>
 	<artifactId>keychain</artifactId>
 	<name>System Keychain Access</name>
 
 	<dependencies>
+		<dependency>
+			<groupId>org.cryptomator</groupId>
+			<artifactId>commons</artifactId>
+		</dependency>
+
 		<dependency>
 			<groupId>org.apache.commons</groupId>
 			<artifactId>commons-lang3</artifactId>
@@ -18,11 +23,7 @@
 			<groupId>com.google.code.gson</groupId>
 			<artifactId>gson</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>org.cryptomator</groupId>
-			<artifactId>jni</artifactId>
-		</dependency>
-		
+
 		<!-- Google -->
 		<dependency>
 			<groupId>com.google.guava</groupId>
@@ -34,7 +35,14 @@
 			<groupId>com.google.dagger</groupId>
 			<artifactId>dagger</artifactId>
 		</dependency>
-		
+
+		<!-- secret-service lib -->
+		<dependency>
+			<groupId>de.swiesend</groupId>
+			<artifactId>secret-service</artifactId>
+			<version>1.0.0-RC.3</version>
+		</dependency>
+
 		<!-- Logging -->
 		<dependency>
 			<groupId>org.slf4j</groupId>

main/keychain/src/main/java/org/cryptomator/keychain/KeychainAccess.java

@@ -13,19 +13,19 @@ public interface KeychainAccess {
 	 * @param key Key used to retrieve the passphrase via {@link #loadPassphrase(String)}.
 	 * @param passphrase The secret to store in this keychain.
 	 */
-	void storePassphrase(String key, CharSequence passphrase);
+	void storePassphrase(String key, CharSequence passphrase) throws KeychainAccessException;
 
 	/**
 	 * @param key Unique key previously used while {@link #storePassphrase(String, CharSequence) storing a passphrase}.
 	 * @return The stored passphrase for the given key or <code>null</code> if no value for the given key could be found.
 	 */
-	char[] loadPassphrase(String key);
+	char[] loadPassphrase(String key) throws KeychainAccessException;
 
 	/**
 	 * Deletes a passphrase with a given key.
 	 * 
 	 * @param key Unique key previously used while {@link #storePassphrase(String, CharSequence) storing a passphrase}.
 	 */
-	void deletePassphrase(String key);
+	void deletePassphrase(String key) throws KeychainAccessException;
 
 }

main/keychain/src/main/java/org/cryptomator/keychain/KeychainAccessException.java

@@ -0,0 +1,12 @@
+package org.cryptomator.keychain;
+
+/**
+ * Indicates an error during communication with the operating system's keychain.
+ */
+public class KeychainAccessException extends Exception {
+	
+	KeychainAccessException(Throwable cause) {
+		super(cause);
+	}
+
+}

main/keychain/src/main/java/org/cryptomator/keychain/KeychainAccessStrategy.java

@@ -9,6 +9,8 @@ interface KeychainAccessStrategy extends KeychainAccess {
 
 	/**
 	 * @return <code>true</code> if this KeychainAccessStrategy works on the current machine.
+	 * @implNote This method must not throw any exceptions and should fail fast
+	 * returning <code>false</code> if it can't determine availability of the checked strategy
 	 */
 	boolean isSupported();
 

main/keychain/src/main/java/org/cryptomator/keychain/KeychainModule.java

@@ -5,37 +5,27 @@
  *******************************************************************************/
 package org.cryptomator.keychain;
 
-import java.util.Optional;
-import java.util.Set;
-
 import com.google.common.collect.Sets;
 import dagger.Module;
 import dagger.Provides;
 import dagger.multibindings.ElementsIntoSet;
-import org.cryptomator.jni.JniFunctions;
-import org.cryptomator.jni.MacFunctions;
-import org.cryptomator.jni.WinFunctions;
+import org.cryptomator.common.JniModule;
 
-@Module
+import javax.inject.Singleton;
+import java.util.Optional;
+import java.util.Set;
+
+@Module(includes = {JniModule.class})
 public class KeychainModule {
 
-	@Provides
-	Optional<MacFunctions> provideOptionalMacFunctions() {
-		return JniFunctions.macFunctions();
-	}
-
-	@Provides
-	Optional<WinFunctions> provideOptionalWinFunctions() {
-		return JniFunctions.winFunctions();
-	}
-
 	@Provides
 	@ElementsIntoSet
-	Set<KeychainAccessStrategy> provideKeychainAccessStrategies(MacSystemKeychainAccess macKeychain, WindowsProtectedKeychainAccess winKeychain) {
-		return Sets.newHashSet(macKeychain, winKeychain);
+	Set<KeychainAccessStrategy> provideKeychainAccessStrategies(MacSystemKeychainAccess macKeychain, WindowsProtectedKeychainAccess winKeychain, LinuxSecretServiceKeychainAccess linKeychain) {
+		return Sets.newHashSet(macKeychain, winKeychain, linKeychain);
 	}
 
 	@Provides
+	@Singleton
 	public Optional<KeychainAccess> provideSupportedKeychain(Set<KeychainAccessStrategy> keychainAccessStrategies) {
 		return keychainAccessStrategies.stream().filter(KeychainAccessStrategy::isSupported).map(KeychainAccess.class::cast).findFirst();
 	}

main/keychain/src/main/java/org/cryptomator/keychain/LinuxSecretServiceKeychainAccess.java

@@ -0,0 +1,51 @@
+package org.cryptomator.keychain;
+
+import org.apache.commons.lang3.SystemUtils;
+
+import javax.inject.Inject;
+import java.util.Optional;
+
+/**
+ * A facade to LinuxSecretServiceKeychainAccessImpl that doesn't depend on libraries that are unavailable on Mac and Windows.
+ */
+public class LinuxSecretServiceKeychainAccess implements KeychainAccessStrategy {
+
+	// the actual implementation is hidden in this delegate object which is loaded via reflection,
+	// as it depends on libraries that aren't necessarily available:
+	private final Optional<KeychainAccessStrategy> delegate;
+
+	@Inject
+	public LinuxSecretServiceKeychainAccess() {
+		this.delegate = constructGnomeKeyringKeychainAccess();
+	}
+
+	private static Optional<KeychainAccessStrategy> constructGnomeKeyringKeychainAccess() {
+		try {
+			Class<?> clazz = Class.forName("org.cryptomator.keychain.LinuxSecretServiceKeychainAccessImpl");
+			KeychainAccessStrategy instance = (KeychainAccessStrategy) clazz.getDeclaredConstructor().newInstance();
+			return Optional.of(instance);
+		} catch (Exception e) {
+			return Optional.empty();
+		}
+	}
+
+	@Override
+	public boolean isSupported() {
+		return SystemUtils.IS_OS_LINUX && delegate.map(KeychainAccessStrategy::isSupported).orElse(false);
+	}
+
+	@Override
+	public void storePassphrase(String key, CharSequence passphrase) throws KeychainAccessException {
+		delegate.orElseThrow(IllegalStateException::new).storePassphrase(key, passphrase);
+	}
+
+	@Override
+	public char[] loadPassphrase(String key) throws KeychainAccessException {
+		return delegate.orElseThrow(IllegalStateException::new).loadPassphrase(key);
+	}
+
+	@Override
+	public void deletePassphrase(String key) throws KeychainAccessException {
+		delegate.orElseThrow(IllegalStateException::new).deletePassphrase(key);
+	}
+}

main/keychain/src/main/java/org/cryptomator/keychain/LinuxSecretServiceKeychainAccessImpl.java

@@ -0,0 +1,65 @@
+package org.cryptomator.keychain;
+
+import org.freedesktop.secret.simple.SimpleCollection;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+class LinuxSecretServiceKeychainAccessImpl implements KeychainAccessStrategy {
+
+	@Override
+	public boolean isSupported() {
+		try (@SuppressWarnings("unused") SimpleCollection keyring = new SimpleCollection()) {
+			// seems like we're able to access the keyring.
+			return true;
+		} catch (IOException | RuntimeException e) {
+			return false;
+		}
+	}
+
+	@Override
+	public void storePassphrase(String key, CharSequence passphrase) throws KeychainAccessException {
+		try (SimpleCollection keyring = new SimpleCollection()) {
+			List<String> list = keyring.getItems(createAttributes(key));
+			if (list == null) {
+				keyring.createItem("Cryptomator", passphrase, createAttributes(key));
+			}
+		} catch (IOException e) {
+			throw new KeychainAccessException(e);
+		}
+	}
+
+	@Override
+	public char[] loadPassphrase(String key) throws KeychainAccessException {
+		try (SimpleCollection keyring = new SimpleCollection()) {
+			List<String> list = keyring.getItems(createAttributes(key));
+			if (list != null) {
+				return keyring.getSecret(list.get(0));
+			} else {
+				return null;
+			}
+		} catch (IOException e) {
+			throw new KeychainAccessException(e);
+		}
+	}
+
+	@Override
+	public void deletePassphrase(String key) throws KeychainAccessException {
+		try (SimpleCollection keyring = new SimpleCollection()) {
+			List<String> list = keyring.getItems(createAttributes(key));
+			if (list != null) {
+				keyring.deleteItem(list.get(0));
+			}
+		} catch (IOException e) {
+			throw new KeychainAccessException(e);
+		}
+	}
+
+	private Map<String, String> createAttributes(String key) {
+		Map<String, String> attributes = new HashMap();
+		attributes.put("Vault", key);
+		return attributes;
+	}
+}

main/keychain/src/main/java/org/cryptomator/keychain/WindowsProtectedKeychainAccess.java

@@ -5,30 +5,6 @@
  *******************************************************************************/
 package org.cryptomator.keychain;
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.io.Reader;
-import java.io.UncheckedIOException;
-import java.io.Writer;
-import java.lang.reflect.Type;
-import java.nio.ByteBuffer;
-import java.nio.CharBuffer;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.nio.file.NoSuchFileException;
-import java.nio.file.Path;
-import java.nio.file.StandardOpenOption;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Optional;
-import java.util.UUID;
-
-import javax.inject.Inject;
-
 import com.google.common.io.BaseEncoding;
 import com.google.gson.Gson;
 import com.google.gson.GsonBuilder;
@@ -42,11 +18,36 @@ import com.google.gson.JsonSerializer;
 import com.google.gson.annotations.SerializedName;
 import com.google.gson.reflect.TypeToken;
 import org.apache.commons.lang3.SystemUtils;
+import org.cryptomator.common.Environment;
 import org.cryptomator.jni.WinDataProtection;
 import org.cryptomator.jni.WinFunctions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.inject.Inject;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
+import java.io.Reader;
+import java.io.UncheckedIOException;
+import java.io.Writer;
+import java.lang.reflect.Type;
+import java.nio.ByteBuffer;
+import java.nio.CharBuffer;
+import java.nio.file.Files;
+import java.nio.file.NoSuchFileException;
+import java.nio.file.Path;
+import java.nio.file.StandardOpenOption;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.UUID;
+import java.util.stream.Collectors;
+
 import static java.nio.charset.StandardCharsets.UTF_8;
 
 class WindowsProtectedKeychainAccess implements KeychainAccessStrategy {
@@ -57,24 +58,13 @@ class WindowsProtectedKeychainAccess implements KeychainAccessStrategy {
 			.disableHtmlEscaping().create();
 
 	private final Optional<WinFunctions> winFunctions;
-	private final Path keychainPath;
+	private final List<Path> keychainPaths;
 	private Map<String, KeychainEntry> keychainEntries;
 
 	@Inject
-	public WindowsProtectedKeychainAccess(Optional<WinFunctions> winFunctions) {
+	public WindowsProtectedKeychainAccess(Optional<WinFunctions> winFunctions, Environment environment) {
 		this.winFunctions = winFunctions;
-		String keychainPathProperty = System.getProperty("cryptomator.keychainPath");
-		if (keychainPathProperty == null) {
-			LOG.warn("Windows DataProtection module loaded, but no cryptomator.keychainPath property found.");
-		}
-		if (keychainPathProperty != null) {
-			if (keychainPathProperty.startsWith("~/")) {
-				keychainPathProperty = SystemUtils.USER_HOME + keychainPathProperty.substring(1);
-			}
-			this.keychainPath = FileSystems.getDefault().getPath(keychainPathProperty);
-		} else {
-			this.keychainPath = null;
-		}
+		this.keychainPaths = environment.getKeychainPath().collect(Collectors.toList());
 	}
 
 	private WinDataProtection dataProtection() {
@@ -124,7 +114,7 @@ class WindowsProtectedKeychainAccess implements KeychainAccessStrategy {
 
 	@Override
 	public boolean isSupported() {
-		return SystemUtils.IS_OS_WINDOWS && winFunctions.isPresent() && keychainPath != null;
+		return SystemUtils.IS_OS_WINDOWS && winFunctions.isPresent() && !keychainPaths.isEmpty();
 	}
 
 	private byte[] generateSalt() {
@@ -138,30 +128,44 @@ class WindowsProtectedKeychainAccess implements KeychainAccessStrategy {
 
 	private void loadKeychainEntriesIfNeeded() {
 		if (keychainEntries == null) {
-			loadKeychainEntries();
-		}
-		assert keychainEntries != null;
-	}
-
-	private void loadKeychainEntries() {
-		Type type = new TypeToken<Map<String, KeychainEntry>>() {
-		}.getType();
-		try (InputStream in = Files.newInputStream(keychainPath, StandardOpenOption.READ); //
-				Reader reader = new InputStreamReader(in, UTF_8)) {
-			keychainEntries = GSON.fromJson(reader, type);
-		} catch (JsonParseException | NoSuchFileException e) {
-			LOG.info("Creating new keychain at path {}", keychainPath);
-		} catch (IOException e) {
-			throw new UncheckedIOException("Could not read keychain from path " + keychainPath, e);
+			for (Path keychainPath : keychainPaths) {
+				Optional<Map<String, KeychainEntry>> keychain = loadKeychainEntries(keychainPath);
+				if (keychain.isPresent()) {
+					keychainEntries = keychain.get();
+					break;
+				}
+			}
 		}
 		if (keychainEntries == null) {
+			LOG.info("Unable to load existing keychain file, creating new keychain.");
 			keychainEntries = new HashMap<>();
 		}
 	}
 
+	private Optional<Map<String, KeychainEntry>> loadKeychainEntries(Path keychainPath) {
+		LOG.debug("Attempting to load keychain from {}", keychainPath);
+		Type type = new TypeToken<Map<String, KeychainEntry>>() {
+		}.getType();
+		try (InputStream in = Files.newInputStream(keychainPath, StandardOpenOption.READ); //
+			 Reader reader = new InputStreamReader(in, UTF_8)) {
+			return Optional.of(GSON.fromJson(reader, type));
+		} catch (NoSuchFileException | JsonParseException e) {
+			return Optional.empty();
+		} catch (IOException e) {
+			throw new UncheckedIOException("Could not read keychain from path " + keychainPath, e);
+		}
+	}
+
 	private void saveKeychainEntries() {
+		if (keychainPaths.isEmpty()) {
+			throw new IllegalStateException("Can't save keychain if no keychain path is specified.");
+		}
+		saveKeychainEntries(keychainPaths.get(0));
+	}
+
+	private void saveKeychainEntries(Path keychainPath) {
 		try (OutputStream out = Files.newOutputStream(keychainPath, StandardOpenOption.WRITE, StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING); //
-				Writer writer = new OutputStreamWriter(out, UTF_8)) {
+			 Writer writer = new OutputStreamWriter(out, UTF_8)) {
 			GSON.toJson(keychainEntries, writer);
 		} catch (IOException e) {
 			throw new UncheckedIOException("Could not read keychain from path " + keychainPath, e);
@@ -169,6 +173,7 @@ class WindowsProtectedKeychainAccess implements KeychainAccessStrategy {
 	}
 
 	private static class KeychainEntry {
+
 		@SerializedName("ciphertext")
 		byte[] ciphertext;
 		@SerializedName("salt")

main/keychain/src/test/java/org/cryptomator/keychain/KeychainModuleTest.java

@@ -5,20 +5,20 @@
  *******************************************************************************/
 package org.cryptomator.keychain;
 
-import java.util.Optional;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
 
-import org.junit.Assert;
-import org.junit.Test;
+import java.util.Optional;
 
 public class KeychainModuleTest {
 
 	@Test
-	public void testGetKeychain() {
+	public void testGetKeychain() throws KeychainAccessException {
 		Optional<KeychainAccess> keychainAccess = DaggerTestKeychainComponent.builder().keychainModule(new TestKeychainModule()).build().keychainAccess();
-		Assert.assertTrue(keychainAccess.isPresent());
-		Assert.assertTrue(keychainAccess.get() instanceof MapKeychainAccess);
+		Assertions.assertTrue(keychainAccess.isPresent());
+		Assertions.assertTrue(keychainAccess.get() instanceof MapKeychainAccess);
 		keychainAccess.get().storePassphrase("test", "asd");
-		Assert.assertArrayEquals("asd".toCharArray(), keychainAccess.get().loadPassphrase("test"));
+		Assertions.assertArrayEquals("asd".toCharArray(), keychainAccess.get().loadPassphrase("test"));
 	}
 
 }