From 5ae568cbc7cf1037ddd4f5b165632becbc7656c9 Mon Sep 17 00:00:00 2001 From: Jacek Chmielewski Date: Fri, 16 Jan 2026 08:52:12 +0100 Subject: [PATCH 1/3] fix client policy condition --- src-tauri/src/database/models/location.rs | 33 ++++++++++++++++------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/src-tauri/src/database/models/location.rs b/src-tauri/src/database/models/location.rs index 53f15881..ebc33292 100644 --- a/src-tauri/src/database/models/location.rs +++ b/src-tauri/src/database/models/location.rs @@ -11,7 +11,10 @@ use sqlx::{prelude::Type, query, query_as, query_scalar, Error as SqlxError, Sql use super::wireguard_keys::WireguardKeys; use super::{Id, NoId}; #[cfg(not(target_os = "macos"))] -use crate::utils::{DEFAULT_ROUTE_IPV4, DEFAULT_ROUTE_IPV6}; +use crate::{ + database::DbPool, + utils::{DEFAULT_ROUTE_IPV4, DEFAULT_ROUTE_IPV6}, +}; use crate::{ error::Error, proto::{ @@ -240,19 +243,17 @@ impl Location { } #[cfg(not(target_os = "macos"))] - pub(crate) async fn interface_configuration<'e, E>( + pub(crate) async fn interface_configuration( &self, - executor: E, + pool: &DbPool, interface_name: String, preshared_key: Option, mtu: Option, - ) -> Result - where - E: SqliteExecutor<'e>, - { + ) -> Result { + use crate::database::models::instance::{ClientTrafficPolicy, Instance}; + debug!("Looking for WireGuard keys for location {self} instance"); - let Some(keys) = WireguardKeys::find_by_instance_id(executor, self.instance_id).await? - else { + let Some(keys) = WireguardKeys::find_by_instance_id(pool, self.instance_id).await? else { error!("No keys found for instance: {}", self.instance_id); return Err(Error::InternalError( "No keys found for instance".to_string(), @@ -279,7 +280,19 @@ impl Location { } debug!("Parsing location {self} allowed IPs: {}", self.allowed_ips); - let allowed_ips = if self.route_all_traffic { + let Some(instance) = Instance::find_by_id(pool, self.instance_id).await? else { + error!("Instance {} not found", self.instance_id); + return Err(Error::InternalError(format!( + "Instance {} not found", + self.instance_id + ))); + }; + let route_all_traffic = match instance.client_traffic_policy { + ClientTrafficPolicy::ForceAllTraffic => true, + ClientTrafficPolicy::DisableAllTraffic => false, + ClientTrafficPolicy::None => self.route_all_traffic, + }; + let allowed_ips = if route_all_traffic { debug!("Using all traffic routing for location {self}"); vec![DEFAULT_ROUTE_IPV4.into(), DEFAULT_ROUTE_IPV6.into()] } else { From 9e37e2af8d1d801523e34c066189437797cf3b94 Mon Sep 17 00:00:00 2001 From: Jacek Chmielewski Date: Fri, 16 Jan 2026 09:41:20 +0100 Subject: [PATCH 2/3] Fix macos --- src-tauri/src/apple.rs | 26 +++++++++++++++++--------- src-tauri/src/utils.rs | 2 +- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/src-tauri/src/apple.rs b/src-tauri/src/apple.rs index 5d2958af..7162fc11 100644 --- a/src-tauri/src/apple.rs +++ b/src-tauri/src/apple.rs @@ -931,7 +931,7 @@ pub async fn sync_locations_and_tunnels(mtu: Option) -> Result<(), sqlx::Er let all_locations = Location::all(&*DB_POOL, false).await?; for location in &all_locations { // For syncing, set `preshred_key` to `None`. - let Ok(tunnel_config) = location.tunnel_configurarion(&*DB_POOL, None, mtu).await else { + let Ok(tunnel_config) = location.tunnel_configurarion(None, mtu).await else { error!( "Failed to convert location {} to tunnel configuration.", location.name @@ -1019,17 +1019,13 @@ pub async fn sync_locations_and_tunnels(mtu: Option) -> Result<(), sqlx::Er impl Location { /// Build [`TunnelConfiguration`] from [`Location`]. - pub(crate) async fn tunnel_configurarion<'e, E>( + pub(crate) async fn tunnel_configurarion( &self, - executor: E, preshared_key: Option, mtu: Option, - ) -> Result - where - E: SqliteExecutor<'e>, - { + ) -> Result { debug!("Looking for WireGuard keys for location {self} instance"); - let Some(keys) = WireguardKeys::find_by_instance_id(executor, self.instance_id).await? + let Some(keys) = WireguardKeys::find_by_instance_id(&*DB_POOL, self.instance_id).await? else { error!("No keys found for instance: {}", self.instance_id); return Err(Error::InternalError( @@ -1057,7 +1053,19 @@ impl Location { } debug!("Parsing location {self} allowed IPs: {}", self.allowed_ips); - let allowed_ips = if self.route_all_traffic { + let Some(instance) = Instance::find_by_id(&*DB_POOL, self.instance_id).await? else { + error!("Instance {} not found", self.instance_id); + return Err(Error::InternalError(format!( + "Instance {} not found", + self.instance_id + ))); + }; + let route_all_traffic = match instance.client_traffic_policy { + ClientTrafficPolicy::ForceAllTraffic => true, + ClientTrafficPolicy::DisableAllTraffic => false, + ClientTrafficPolicy::None => self.route_all_traffic, + }; + let allowed_ips = if route_all_traffic { debug!("Using all traffic routing for location {self}"); vec![DEFAULT_ROUTE_IPV4.into(), DEFAULT_ROUTE_IPV6.into()] } else { diff --git a/src-tauri/src/utils.rs b/src-tauri/src/utils.rs index ebc6e3c0..e66dd8c2 100644 --- a/src-tauri/src/utils.rs +++ b/src-tauri/src/utils.rs @@ -134,7 +134,7 @@ pub(crate) async fn setup_interface( pool: &DbPool, ) -> Result { let tunnel_config = location - .tunnel_configurarion(pool, preshared_key, mtu) + .tunnel_configurarion(preshared_key, mtu) .await?; tunnel_config.save(); From ff15cbb99266c10b44c02cccd98d1994f6aff7da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adam=20Ciarcin=CC=81ski?= Date: Fri, 16 Jan 2026 10:20:21 +0100 Subject: [PATCH 3/3] Fix apple.rs --- src-tauri/src/apple.rs | 9 +++++++-- src-tauri/src/utils.rs | 6 ++---- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/src-tauri/src/apple.rs b/src-tauri/src/apple.rs index 7162fc11..4fd96710 100644 --- a/src-tauri/src/apple.rs +++ b/src-tauri/src/apple.rs @@ -30,7 +30,6 @@ use objc2_network_extension::{ NETunnelProviderManager, NETunnelProviderProtocol, NETunnelProviderSession, NEVPNStatus, }; use serde::Deserialize; -use sqlx::SqliteExecutor; use tauri::{AppHandle, Emitter, Manager}; use tracing::Level; @@ -38,7 +37,13 @@ use crate::{ active_connections::find_connection, appstate::AppState, database::{ - models::{location::Location, tunnel::Tunnel, wireguard_keys::WireguardKeys, Id}, + models::{ + instance::{ClientTrafficPolicy, Instance}, + location::Location, + tunnel::Tunnel, + wireguard_keys::WireguardKeys, + Id, + }, DB_POOL, }, error::Error, diff --git a/src-tauri/src/utils.rs b/src-tauri/src/utils.rs index e66dd8c2..b42e8582 100644 --- a/src-tauri/src/utils.rs +++ b/src-tauri/src/utils.rs @@ -131,11 +131,9 @@ pub(crate) async fn setup_interface( _name: &str, preshared_key: Option, mtu: Option, - pool: &DbPool, + _pool: &DbPool, ) -> Result { - let tunnel_config = location - .tunnel_configurarion(preshared_key, mtu) - .await?; + let tunnel_config = location.tunnel_configurarion(preshared_key, mtu).await?; tunnel_config.save(); tokio::time::sleep(TUNNEL_START_DELAY).await;