From 433e3f8dc90bf36d4a734c5282ed2f0b8f0926a9 Mon Sep 17 00:00:00 2001
From: Roopesh Chander <roop@roopc.net>
Date: Mon, 8 Feb 2021 00:41:46 +0530
Subject: [PATCH] Keychain: Enable correct keychain sharing in macOS

To enable sharing of keychain items using access groups in macOS,
the kSecUseDataProtectionKeychain attribute should be set.
This key has effect only in macOS, and is unavailable in iOS 12,
so we set it only in macOS.
---
 TunnelKit/Sources/AppExtension/Keychain.swift | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/TunnelKit/Sources/AppExtension/Keychain.swift b/TunnelKit/Sources/AppExtension/Keychain.swift
index fdeb254..020d1ba 100644
--- a/TunnelKit/Sources/AppExtension/Keychain.swift
+++ b/TunnelKit/Sources/AppExtension/Keychain.swift
@@ -320,6 +320,9 @@ public class Keychain {
     private func setScope(query: inout [String: Any], context: String?) {
         if let accessGroup = accessGroup {
             query[kSecAttrAccessGroup as String] = accessGroup
+            #if os(macOS)
+            query[kSecUseDataProtectionKeychain as String] = true
+            #endif
         }
         if let context = context {
             query[kSecAttrService as String] = context