Fix small last issues

mullvad-cli/src/cmds/bridge.rs

@@ -181,8 +181,6 @@ impl Bridge {
             settings.bridge_settings.bridge_type
         );
 
-        // TODO: check if output is sane
-
         println!("Normal constraints");
         println!(
             "{:<4}{}",

mullvad-cli/src/cmds/proxies.rs

@@ -36,7 +36,7 @@ impl From<Socks5LocalAdd> for Socks5Local {
     }
 }
 
-// TODO: Write comment about why remote does not allow you to set the transport protocol
+// We do not support setting the protocol as anything other than tcp for remote socks5 servers
 #[derive(Args, Debug, Clone)]
 pub struct Socks5RemoteAdd {
     /// The IP of the remote proxy server
@@ -138,7 +138,17 @@ impl ProxyEditParams {
         let ip = self.ip.unwrap_or(remote.endpoint.ip());
         let port = self.port.unwrap_or(remote.endpoint.port());
         match &remote.auth {
-            None => Socks5Remote::new((ip, port)),
+            None => match (self.username, self.password) {
+                (Some(username), Some(password)) => {
+                    let auth = SocksAuth { username, password };
+                    Socks5Remote::new_with_authentication((ip, port), auth)
+                }
+                (None, None) => Socks5Remote::new((ip, port)),
+                _ => {
+                    println!("Remote SOCKS5 proxy does not have a username and password set already, so you must provide both or neither when you edit.");
+                    Socks5Remote::new((ip, port))
+                }
+            },
             Some(SocksAuth { username, password }) => {
                 let username = self.username.unwrap_or(username.to_owned());
                 let password = self.password.unwrap_or(password.to_owned());

talpid-core/src/firewall/windows.rs

@@ -153,6 +153,9 @@ impl Firewall {
             protocol: WinFwProt::from(endpoint.endpoint.protocol),
         };
 
+        // SAFETY: `endpoint1_ip`, `endpoint2_ip`, `endpoint1`, `endpoint2`, `relay_client_wstrs` must not be dropped
+        // until `WinFw_ApplyPolicyConnecting` has returned.
+
         let relay_client_wstrs: Vec<_> = endpoint
             .clients
             .iter()
@@ -173,8 +176,6 @@ impl Firewall {
             ptr::null()
         };
 
-        // SAFETY: `endpoint1_ip`, `endpoint2_ip`, `endpoint1`, `endpoint2`, `relay_client_wstrs` must not be dropped
-        // until `WinFw_ApplyPolicyConnecting` has returned.
         let mut endpoint1_ip = WideCString::new();
         let mut endpoint2_ip = WideCString::new();
         let (endpoint1, endpoint2) = match allowed_tunnel_traffic {
@@ -273,6 +274,7 @@ impl Firewall {
             None => ptr::null(),
         };
 
+        // SAFETY: `relay_client_wstrs` must not be dropped until `WinFw_ApplyPolicyConnected` has returned.
         let relay_client_wstrs: Vec<_> = endpoint
             .clients
             .iter()
@@ -303,6 +305,10 @@ impl Firewall {
             .into_result()
             .map_err(Error::ApplyingConnectedPolicy)
         }
+
+        // SAFETY: `relay_client_wstrs` holds memory pointed to by pointers used in C++ and must
+        // not be dropped until after `WinFw_ApplyPolicyConnected` has returned.
+        drop(relay_client_wstrs);
     }
 
     fn set_blocked_state(

talpid-types/src/net/proxy.rs

@@ -30,10 +30,6 @@ pub struct ProxyEndpoint {
     pub proxy_type: ProxyType,
 }
 
-// TODO(Jonathan): These end up being duplicates of a lot of types in
-// `talpid-types/src/net/openvpn.rs`. However they are not trivially deduplicable since both these
-// types and those types exist in settings (access methods and bridge settings respectively)
-// and deduplicating them would require a settings migration.
 /// User customized proxy used for obfuscation.
 #[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq, Hash)]
 #[serde(rename_all = "snake_case")]

windows/winfw/src/winfw/rules/multi/permitvpnrelay.h

@@ -4,7 +4,6 @@
 #include <winfw/winfw.h>
 #include <libwfp/ipaddress.h>
 #include <string>
-#include <optional>
 
 namespace rules::multi
 {