Merge pull request #201 from passepartoutvpn/reference-passwords-in-app-group
Keychain: Use app group when dereferencing a password reference
This commit is contained in:
Davide De Rosa
GitHub
commit
1620fb0f99
|
|
@ -201,12 +201,10 @@ public class Keychain {
|
|||
- Returns: The password for the input username and reference.
|
||||
- Throws: `KeychainError.notFound` if unable to find the password in the keychain.
|
||||
**/
|
||||
public static func password(for username: String, reference: Data, context: String? = nil) throws -> String {
|
||||
public func password(for username: String, reference: Data, context: String? = nil) throws -> String {
|
||||
var query = [String: Any]()
|
||||
setScope(query: &query, context: context)
|
||||
query[kSecClass as String] = kSecClassGenericPassword
|
||||
if let context = context {
|
||||
query[kSecAttrService as String] = context
|
||||
}
|
||||
query[kSecAttrAccount as String] = username
|
||||
query[kSecMatchItemList as String] = [reference]
|
||||
query[kSecReturnData as String] = true
|
||||
|
|
|
|||
|
|
@ -212,9 +212,12 @@ open class OpenVPNTunnelProvider: NEPacketTunnelProvider {
|
|||
|
||||
// optional credentials
|
||||
let credentials: OpenVPN.Credentials?
|
||||
if let username = protocolConfiguration.username, let passwordReference = protocolConfiguration.passwordReference,
|
||||
let password = try? Keychain.password(for: username, reference: passwordReference) {
|
||||
|
||||
if let username = protocolConfiguration.username, let passwordReference = protocolConfiguration.passwordReference {
|
||||
let keychain = Keychain(group: appGroup)
|
||||
guard let password = try? keychain.password(for: username, reference: passwordReference) else {
|
||||
completionHandler(ProviderConfigurationError.credentials(details: "keychain.password(for:, reference:)"))
|
||||
return
|
||||
}
|
||||
credentials = OpenVPN.Credentials(username, password)
|
||||
} else {
|
||||
credentials = nil
|
||||
|
|
|
|||
Loading…
Reference in New Issue