From 5bf5cd43bda75261e1df8a057c5a26b61a27279f Mon Sep 17 00:00:00 2001
From: aiamnezia <ai@amnezia.org>
Date: Thu, 24 Apr 2025 01:55:29 +0400
Subject: [PATCH] Add insertion of gateway address to strict killswitch
 exceptions

---
 client/core/controllers/gatewayController.cpp | 25 +++++++++++++++++++
 client/protocols/openvpnprotocol.cpp          |  2 +-
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/client/core/controllers/gatewayController.cpp b/client/core/controllers/gatewayController.cpp
index f8c23c1a..23fa4933 100644
--- a/client/core/controllers/gatewayController.cpp
+++ b/client/core/controllers/gatewayController.cpp
@@ -7,6 +7,7 @@
 #include <QJsonDocument>
 #include <QJsonObject>
 #include <QNetworkReply>
+#include <QUrl>
 
 #include "QBlockCipher.h"
 #include "QRsa.h"
@@ -14,6 +15,8 @@
 #include "amnezia_application.h"
 #include "core/api/apiUtils.h"
 #include "utilities.h"
+#include "core/ipcclient.h"
+#include "core/networkUtilities.h"
 
 namespace
 {
@@ -50,6 +53,17 @@ ErrorCode GatewayController::get(const QString &endpoint, QByteArray &responseBo
 
     request.setUrl(QString(endpoint).arg(m_gatewayEndpoint));
 
+    // bypass killSwitch exceptions for API-gateway
+#if defined(Q_OS_LINUX) || defined(Q_OS_MACOS) || defined(Q_OS_WIN)
+    {
+        QString host = QUrl(request.url()).host();
+        QString ip = NetworkUtilities::getIPAddress(host);
+        if (!ip.isEmpty()) {
+            IpcClient::Interface()->addKillSwitchExceptions(QStringList{ip});
+        }
+    }
+#endif
+
     QNetworkReply *reply;
     reply = amnApp->networkManager()->get(request);
 
@@ -101,6 +115,17 @@ ErrorCode GatewayController::post(const QString &endpoint, const QJsonObject api
 
     request.setUrl(endpoint.arg(m_gatewayEndpoint));
 
+    // bypass killSwitch exceptions for API-gateway
+#if defined(Q_OS_LINUX) || defined(Q_OS_MACOS) || defined(Q_OS_WIN)
+    {
+        QString host = QUrl(request.url()).host();
+        QString ip = NetworkUtilities::getIPAddress(host);
+        if (!ip.isEmpty()) {
+            IpcClient::Interface()->addKillSwitchExceptions(QStringList{ip});
+        }
+    }
+#endif
+
     QSimpleCrypto::QBlockCipher blockCipher;
     QByteArray key = blockCipher.generatePrivateSalt(32);
     QByteArray iv = blockCipher.generatePrivateSalt(32);
diff --git a/client/protocols/openvpnprotocol.cpp b/client/protocols/openvpnprotocol.cpp
index 1721a45a..5ede4c42 100644
--- a/client/protocols/openvpnprotocol.cpp
+++ b/client/protocols/openvpnprotocol.cpp
@@ -172,7 +172,7 @@ ErrorCode OpenVpnProtocol::start()
     }
 
 #if defined(Q_OS_LINUX) || defined(Q_OS_MACOS)
-    IpcClient::Interface()->allowTrafficTo(QStringList(NetworkUtilities::getIPAddress(
+    IpcClient::Interface()->addKillSwitchExceptions(QStringList(NetworkUtilities::getIPAddress(
             m_configData.value(amnezia::config_key::hostName).toString())));
 #endif