From c906a10562acf589596e376f04bbb5ede28f9a22 Mon Sep 17 00:00:00 2001
From: Pompurin404 <pompurin404@mihomo.party>
Date: Wed, 12 Feb 2025 20:20:40 +0800
Subject: [PATCH] use privileged helper to set sysproxy

---
 build/pkg-scripts/postinstall | 37 +++++++++++++++++++++++++++++++++++
 scripts/prepare.mjs           | 12 ++++++++++++
 src/main/sys/sysproxy.ts      | 22 +++++++++++++++++++++
 3 files changed, 71 insertions(+)

diff --git a/build/pkg-scripts/postinstall b/build/pkg-scripts/postinstall
index 0eb38c2..60ba741 100644
--- a/build/pkg-scripts/postinstall
+++ b/build/pkg-scripts/postinstall
@@ -3,4 +3,41 @@ chown root:admin $2/Mihomo\ Party.app/Contents/Resources/sidecar/mihomo
 chown root:admin $2/Mihomo\ Party.app/Contents/Resources/sidecar/mihomo-alpha
 chmod +s $2/Mihomo\ Party.app/Contents/Resources/sidecar/mihomo
 chmod +s $2/Mihomo\ Party.app/Contents/Resources/sidecar/mihomo-alpha
+
+mkdir -p /Library/PrivilegedHelperTools
+cp $2/Mihomo\ Party.app/Contents/Resources/files/party.mihomo.helper /Library/PrivilegedHelperTools/party.mihomo.helper
+chown root:wheel /Library/PrivilegedHelperTools/party.mihomo.helper
+chmod 544 /Library/PrivilegedHelperTools/party.mihomo.helper
+cat << EOF > /Library/LaunchDaemons/party.mihomo.helper.plist
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+        <key>Label</key>
+        <string>party.mihomo.helper</string>
+        <key>MachServices</key>
+        <dict>
+                <key>party.mihomo.helper</key>
+                <true/>
+        </dict>
+        <key>KeepAlive</key>
+        <true/>
+        <key>Program</key>
+        <string>/Library/PrivilegedHelperTools/party.mihomo.helper</string>
+        <key>ProgramArguments</key>
+        <array>
+                <string>/Library/PrivilegedHelperTools/party.mihomo.helper</string>
+        </array>
+        <key>StandardErrorPath</key>
+        <string>/tmp/party.mihomo.helper.err</string>
+        <key>StandardOutPath</key>
+        <string>/tmp/party.mihomo.helper.log</string>
+    </dict>
+</plist>
+EOF
+chown root:wheel /Library/LaunchDaemons/party.mihomo.helper.plist
+chmod 644 /Library/LaunchDaemons/party.mihomo.helper.plist
+launchctl unload /Library/LaunchDaemons/party.mihomo.helper.plist
+launchctl load /Library/LaunchDaemons/party.mihomo.helper.plist
+launchctl start party.mihomo.helper
 exit 0
\ No newline at end of file
diff --git a/scripts/prepare.mjs b/scripts/prepare.mjs
index fec61a9..e159b8d 100644
--- a/scripts/prepare.mjs
+++ b/scripts/prepare.mjs
@@ -309,6 +309,11 @@ const resolveSubstore = () =>
     downloadURL:
       'https://github.com/sub-store-org/Sub-Store/releases/latest/download/sub-store.bundle.js'
   })
+const resolveHelper = () =>
+  resolveResource({
+    file: 'party.mihomo.helper',
+    downloadURL: `https://github.com/mihomo-party-org/mihomo-party-helper/releases/download/${arch}/party.mihomo.helper`
+  })
 const resolveSubstoreFrontend = async () => {
   const tempDir = path.join(TEMP_DIR, 'substore-frontend')
   const tempZip = path.join(tempDir, 'dist.zip')
@@ -404,6 +409,12 @@ const tasks = [
     func: resolve7zip,
     retry: 5,
     winOnly: true
+  },
+  {
+    name: 'helper',
+    func: resolveHelper,
+    retry: 5,
+    darwinOnly: true
   }
 ]
 
@@ -413,6 +424,7 @@ async function runTask() {
   if (task.winOnly && platform !== 'win32') return runTask()
   if (task.linuxOnly && platform !== 'linux') return runTask()
   if (task.unixOnly && platform === 'win32') return runTask()
+  if (task.darwinOnly && platform !== 'darwin') return runTask()
 
   for (let i = 0; i < task.retry; i++) {
     try {
diff --git a/src/main/sys/sysproxy.ts b/src/main/sys/sysproxy.ts
index 38188b7..e8ac1dc 100644
--- a/src/main/sys/sysproxy.ts
+++ b/src/main/sys/sysproxy.ts
@@ -6,9 +6,11 @@ import { execFile } from 'child_process'
 import path from 'path'
 import { resourcesFilesDir } from '../utils/dirs'
 import { net } from 'electron'
+import axios from 'axios'
 
 let defaultBypass: string[]
 let triggerSysProxyTimer: NodeJS.Timeout | null = null
+const helperSocketPath = '/tmp/mihomo-party-helper.sock'
 
 if (process.platform === 'linux')
   defaultBypass = ['localhost', '127.0.0.1', '192.168.0.0/16', '10.0.0.0/8', '172.16.0.0/12', '::1']
@@ -79,6 +81,14 @@ async function enableSysProxy(): Promise<void> {
         } catch {
           triggerAutoProxy(true, `http://${host || '127.0.0.1'}:${pacPort}/pac`)
         }
+      } else if (process.platform === 'darwin') {
+        await axios.post(
+          'http://localhost/pac',
+          { url: `http://${host || '127.0.0.1'}:${pacPort}/pac` },
+          {
+            socketPath: helperSocketPath
+          }
+        )
       } else {
         triggerAutoProxy(true, `http://${host || '127.0.0.1'}:${pacPort}/pac`)
       }
@@ -97,6 +107,14 @@ async function enableSysProxy(): Promise<void> {
         } catch {
           triggerManualProxy(true, host || '127.0.0.1', port, bypass.join(','))
         }
+      } else if (process.platform === 'darwin') {
+        await axios.post(
+          'http://localhost/global',
+          { host: host || '127.0.0.1', port: port.toString(), bypass: bypass.join(',') },
+          {
+            socketPath: helperSocketPath
+          }
+        )
       } else {
         triggerManualProxy(true, host || '127.0.0.1', port, bypass.join(','))
       }
@@ -115,6 +133,10 @@ async function disableSysProxy(): Promise<void> {
       triggerAutoProxy(false, '')
       triggerManualProxy(false, '', 0, '')
     }
+  } else if (process.platform === 'darwin') {
+    await axios.get('http://localhost/off', {
+      socketPath: helperSocketPath
+    })
   } else {
     triggerAutoProxy(false, '')
     triggerManualProxy(false, '', 0, '')