Fix logic of migrated "Routing" modules (#1136)

OpenVPN is fine, but WireGuard requires included routes to also be
injected into AllowedIPs.

Fixes #1128

Packages/PassepartoutWireGuardGo/Sources/PassepartoutWireGuardGo/WireGuardConnection.swift

@@ -69,7 +69,9 @@ public final class WireGuardConnection: Connection {
         guard let configuration = module.configuration else {
             fatalError("No WireGuard configuration defined?")
         }
-        tunnelConfiguration = try configuration.toWireGuardConfiguration()
+
+        let tweakedConfiguration = try configuration.withModules(from: parameters.controller.profile)
+        tunnelConfiguration = try tweakedConfiguration.toWireGuardConfiguration()
 
         let interval = TimeInterval(parameters.options.minDataCountInterval) / 1000.0
         dataCountTimer = Timer.publish(every: interval, on: .main, in: .common)
@@ -256,6 +258,31 @@ private extension String {
 
 // MARK: - Helpers
 
+private extension WireGuard.Configuration {
+    func withModules(from profile: Profile) throws -> Self {
+        var newBuilder = builder()
+        let ipModules = profile.activeModules
+            .compactMap {
+                $0 as? IPModule
+            }
+
+        ipModules.forEach { ipModule in
+            newBuilder.peers = peers
+                .map { oldPeer in
+                    var peer = oldPeer.builder()
+                    ipModule.ipv4?.includedRoutes.forEach { route in
+                        peer.allowedIPs.append(route.destination?.rawValue ?? "0.0.0.0/0")
+                    }
+                    ipModule.ipv6?.includedRoutes.forEach { route in
+                        peer.allowedIPs.append(route.destination?.rawValue ?? "::/0")
+                    }
+                    return peer
+                }
+        }
+        return try newBuilder.tryBuild()
+    }
+}
+
 private extension WireGuardLogLevel {
     var osLogLevel: OSLogType {
         switch self {