passepartoutvpn
/
wireguard-apple
mirror of https://github.com/passepartoutvpn/wireguard-apple.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Keychain: make verification errors only happen when we're sure it's due to not found 

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
Jason A. Donenfeld 2019-10-11 21:52:55 +02:00
parent 84ca7fcf40
commit d976d159d0
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
WireGuard/Shared/Keychain.swift
View File

@ -112,6 +112,6 @@ class Keychain {
static func verifyReference(called ref: Data) -> Bool { static func verifyReference(called ref: Data) -> Bool {
return SecItemCopyMatching([kSecClass as String: kSecClassGenericPassword, return SecItemCopyMatching([kSecClass as String: kSecClassGenericPassword,
kSecValuePersistentRef as String: ref] as CFDictionary, kSecValuePersistentRef as String: ref] as CFDictionary,
nil) == errSecSuccess nil) != errSecItemNotFound
} }
} }

1
WireGuard/WireGuard/Tunnel/TunnelsManager.swift
View File

@ -70,6 +70,7 @@ class TunnelsManager {
if let ref = passwordRef { if let ref = passwordRef {
refs.insert(ref) refs.insert(ref)
} else { } else {
wg_log(.info, message: "Removing orphaned tunnel with non-verifying keychain entry: \(tunnelManager.localizedDescription ?? "<unknown>")")
tunnelManager.removeFromPreferences { _ in } tunnelManager.removeFromPreferences { _ in }
tunnelManagers.remove(at: index) tunnelManagers.remove(at: index)
} }