client/src-tauri/src/lib.rs at 4ac08173735fea25e821e4496511a7cd60e835df · DefGuard/client · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
// FIXME: actually refactor errors instead
#![allow(clippy::result_large_err)]
use std::{fmt, path::PathBuf};
#[cfg(not(windows))]
use std::{
    fs::{set_permissions, Permissions},
    os::unix::fs::PermissionsExt,
};

use chrono::NaiveDateTime;
use semver::Version;
use serde::{Deserialize, Serialize};

use self::database::models::{Id, NoId};

pub mod active_connections;
pub mod app_config;
pub mod appstate;
pub mod commands;
pub mod database;
pub mod enterprise;
pub mod error;
pub mod events;
pub mod log_watcher;
pub mod periodic;
pub mod service;
pub mod tray;
pub mod utils;
pub mod wg_config;

pub mod proto {
    use crate::database::models::{
        location::{Location, LocationMfaMode as MfaMode},
        Id, NoId,
    };

    tonic::include_proto!("defguard.proxy");

    impl DeviceConfig {
        #[must_use]
        pub(crate) fn into_location(self, instance_id: Id) -> Location<NoId> {
            let location_mfa_mode = match self.location_mfa_mode {
                Some(_location_mfa_mode) => self.location_mfa_mode().into(),
                None => {
                    // handle legacy core response
                    // DEPRECATED(1.5): superseeded by location_mfa_mode
                    #[allow(deprecated)]
                    if self.mfa_enabled {
                        MfaMode::Internal
                    } else {
                        MfaMode::Disabled
                    }
                }
            };

            Location {
                id: NoId,
                instance_id,
                network_id: self.network_id,
                name: self.network_name,
                address: self.assigned_ip, // Transforming assigned_ip to address
                pubkey: self.pubkey,
                endpoint: self.endpoint,
                allowed_ips: self.allowed_ips,
                dns: self.dns,
                route_all_traffic: false,
                keepalive_interval: self.keepalive_interval.into(),
                location_mfa_mode,
            }
        }
    }
}

pub const VERSION: &str = concat!(env!("CARGO_PKG_VERSION"), "-", env!("VERGEN_GIT_SHA"));
pub const MIN_CORE_VERSION: Version = Version::new(1, 5, 0);
pub const MIN_PROXY_VERSION: Version = Version::new(1, 5, 0);
// This must match tauri.bundle.identifier from tauri.conf.json.
const BUNDLE_IDENTIFIER: &str = "net.defguard";
// Returns the path to the user’s data directory.
#[must_use]
pub fn app_data_dir() -> Option<PathBuf> {
    dirs_next::data_dir().map(|dir| dir.join(BUNDLE_IDENTIFIER))
}

/// Ensures path has appropriate permissions set (dg25-28):
/// - 700 for directories
/// - 600 for files
pub fn set_perms(path: &PathBuf) {
    #[cfg(not(windows))]
    {
        let perms = if path.is_dir() { 0o700 } else { 0o600 };
        if let Err(err) = set_permissions(path, Permissions::from_mode(perms)) {
            warn!("Failed to set permissions on path {path:?}: {err}");
        }
    }
}

/// Location type used in commands to check if we using tunnel or location
#[derive(Clone, Copy, Debug, Deserialize, PartialEq, Serialize)]
pub enum ConnectionType {
    Tunnel,
    Location,
}

impl fmt::Display for ConnectionType {
    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
        match self {
            ConnectionType::Tunnel => write!(f, "tunnel"),
            ConnectionType::Location => write!(f, "location"),
        }
    }
}

#[macro_use]
extern crate log;

/// Common fields for Tunnel and Location
#[derive(Debug, Serialize, Deserialize)]
pub struct CommonWireguardFields {
    pub instance_id: Id,
    // Native network ID from Defguard Core.
    pub network_id: Id,
    pub name: String,
    pub address: String,
    pub pubkey: String,
    pub endpoint: String,
    pub allowed_ips: String,
    pub dns: Option<String>,
    pub route_all_traffic: bool,
}

/// Common fields for Connection and TunnelConnection due to shared command
#[derive(Debug, Serialize, Deserialize)]
pub struct CommonConnection<I = NoId> {
    pub id: I,
    pub location_id: Id,
    pub start: NaiveDateTime,
    pub end: NaiveDateTime,
    pub connection_type: ConnectionType,
}

// Common fields for LocationStats and TunnelStats due to shared command
#[derive(Debug, Serialize, Deserialize)]
pub struct CommonLocationStats<I = NoId> {
    pub id: I,
    pub location_id: Id,
    pub upload: i64,
    pub download: i64,
    pub last_handshake: i64,
    pub collected_at: NaiveDateTime,
    pub listen_port: u32,
    pub persistent_keepalive_interval: Option<u16>,
    pub connection_type: ConnectionType,
}
// Common fields for ConnectionInfo and TunnelConnectionInfo due to shared command
#[derive(Debug, Serialize)]
pub struct CommonConnectionInfo {
    pub id: Id,
    pub location_id: Id,
    pub start: NaiveDateTime,
    pub end: NaiveDateTime,
    pub upload: Option<i32>,
    pub download: Option<i32>,
}