diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 8cfbcf69..61439de3 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -5,18 +5,18 @@ on:
branches:
- main
- dev
- - 'release/**'
+ - "release/**"
paths-ignore:
- - '*.md'
- - 'LICENSE'
+ - "*.md"
+ - "LICENSE"
pull_request:
branches:
- main
- dev
- - 'release/**'
+ - "release/**"
paths-ignore:
- - '*.md'
- - 'LICENSE'
+ - "*.md"
+ - "LICENSE"
env:
CARGO_TERM_COLOR: always
@@ -42,8 +42,8 @@ jobs:
- name: Scan code with Trivy
uses: aquasecurity/trivy-action@0.33.1
with:
- scan-type: 'fs'
- scan-ref: '.'
+ scan-type: "fs"
+ scan-ref: "."
exit-code: "1"
ignore-unfixed: true
severity: "CRITICAL,HIGH,MEDIUM"
@@ -66,7 +66,7 @@ jobs:
- name: Run cargo deny
working-directory: ./src-tauri
run: |
- cargo install cargo-deny
+ cargo install cargo-deny --version 0.18.6
cargo deny check
- name: Run tests
run: cargo test --locked --no-fail-fast
diff --git a/package.json b/package.json
index 11a719dd..ff2a17b3 100644
--- a/package.json
+++ b/package.json
@@ -44,7 +44,10 @@
"onlyBuiltDependencies": [
"@swc/core",
"esbuild"
- ]
+ ],
+ "overrides": {
+ "mdast-util-to-hast": "13.2.1"
+ }
},
"dependencies": {
"@floating-ui/react": "^0.27.16",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 79a0806f..f5572b38 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -4,6 +4,9 @@ settings:
autoInstallPeers: true
excludeLinksFromLockfile: false
+overrides:
+ mdast-util-to-hast: 13.2.1
+
importers:
.:
@@ -2166,8 +2169,8 @@ packages:
mdast-util-phrasing@4.1.0:
resolution: {integrity: sha512-TqICwyvJJpBwvGAMZjj4J2n0X8QWp21b9l0o7eXyVJ25YNWYbJDVIyD1bZXE6WtV6RmKJVYmQAKWa0zWOABz2w==}
- mdast-util-to-hast@13.2.0:
- resolution: {integrity: sha512-QGYKEuUsYT9ykKBCMOEDLsU5JRObWQusAolFMeko/tYPufNkRffBAQjIE+99jbA87xv6FgmjLtwjh9wBWajwAA==}
+ mdast-util-to-hast@13.2.1:
+ resolution: {integrity: sha512-cctsq2wp5vTsLIcaymblUriiTcZd0CwWtCbLvrOzYCDZoWyMNV8sZ7krj09FSnsiJi3WVsHLM4k6Dq/yaPyCXA==}
mdast-util-to-markdown@2.1.2:
resolution: {integrity: sha512-xj68wMTvGXVOKonmog6LwyJKrYXZPvlwabaryTjLh9LuvovB/KAH+kvi8Gjj+7rJjsFi23nkUxRQv1KqSroMqA==}
@@ -4940,7 +4943,7 @@ snapshots:
'@types/mdast': 4.0.4
unist-util-is: 6.0.1
- mdast-util-to-hast@13.2.0:
+ mdast-util-to-hast@13.2.1:
dependencies:
'@types/hast': 3.0.4
'@types/mdast': 4.0.4
@@ -5332,7 +5335,7 @@ snapshots:
devlop: 1.1.0
hast-util-to-jsx-runtime: 2.3.6
html-url-attributes: 3.0.1
- mdast-util-to-hast: 13.2.0
+ mdast-util-to-hast: 13.2.1
react: 19.2.0
remark-parse: 11.0.0
remark-rehype: 11.1.2
@@ -5458,7 +5461,7 @@ snapshots:
dependencies:
'@types/hast': 3.0.4
'@types/mdast': 4.0.4
- mdast-util-to-hast: 13.2.0
+ mdast-util-to-hast: 13.2.1
unified: 11.0.5
vfile: 6.0.3
diff --git a/src-tauri/Client.entitlements b/src-tauri/Client.entitlements
index 552baf4b..863984e6 100644
--- a/src-tauri/Client.entitlements
+++ b/src-tauri/Client.entitlements
@@ -14,5 +14,9 @@
82GZ7KN29J.net.defguard
com.apple.developer.team-identifier
82GZ7KN29J
+ com.apple.security.application-groups
+
+ group.net.defguard
+
diff --git a/src-tauri/src/apple.rs b/src-tauri/src/apple.rs
index 4d7fafb6..a3af555c 100644
--- a/src-tauri/src/apple.rs
+++ b/src-tauri/src/apple.rs
@@ -1,39 +1,324 @@
//! Structures used for interchangeability with the Swift code.
use std::{
+ collections::HashMap,
hint::spin_loop,
net::IpAddr,
+ ptr::NonNull,
str::FromStr,
sync::{
- atomic::{AtomicBool, AtomicUsize, Ordering},
- mpsc::channel,
- Arc, Mutex,
+ atomic::{AtomicBool, Ordering},
+ mpsc::{self, channel, Receiver, RecvTimeoutError, Sender},
+ Arc, LazyLock, Mutex,
},
+ time::Duration,
};
use block2::RcBlock;
use defguard_wireguard_rs::{host::Peer, key::Key, net::IpAddrMask};
-use objc2::{rc::Retained, runtime::AnyObject};
+use objc2::{
+ rc::Retained,
+ runtime::{AnyObject, ProtocolObject},
+};
use objc2_foundation::{
ns_string, NSArray, NSData, NSDate, NSDictionary, NSError, NSMutableArray, NSMutableDictionary,
- NSNumber, NSRunLoop, NSString,
+ NSNotification, NSNotificationCenter, NSNotificationName, NSNumber, NSObjectProtocol,
+ NSOperationQueue, NSRunLoop, NSString,
};
use objc2_network_extension::{
- NETunnelProviderManager, NETunnelProviderProtocol, NETunnelProviderSession,
+ NETunnelProviderManager, NETunnelProviderProtocol, NETunnelProviderSession, NEVPNStatus,
};
use serde::{Deserialize, Serialize};
use sqlx::SqliteExecutor;
+use tauri::{AppHandle, Emitter, Manager};
use crate::{
+ active_connections::find_connection,
+ appstate::AppState,
database::{
models::{location::Location, tunnel::Tunnel, wireguard_keys::WireguardKeys, Id},
DB_POOL,
},
error::Error,
+ events::EventKey,
utils::{DEFAULT_ROUTE_IPV4, DEFAULT_ROUTE_IPV6},
+ ConnectionType,
};
const PLUGIN_BUNDLE_ID: &str = "net.defguard.VPNExtension";
+static OBSERVER_COMMS: LazyLock<(
+ Mutex>,
+ Mutex