]> git.ipfire.org Git - thirdparty/wireguard-apple.git/commitdiff
projects / thirdparty / wireguard-apple.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 84ca7fc)
Keychain: make verification errors only happen when we're sure it's due to not found
authorJason A. Donenfeld <Jason@zx2c4.com>
Fri, 11 Oct 2019 19:52:55 +0000 (21:52 +0200)
committerJason A. Donenfeld <Jason@zx2c4.com>
Fri, 11 Oct 2019 20:07:18 +0000 (22:07 +0200)
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
WireGuard/Shared/Keychain.swift patch | blob | blame | history
WireGuard/WireGuard/Tunnel/TunnelsManager.swift patch | blob | blame | history

diff --git a/WireGuard/Shared/Keychain.swift b/WireGuard/Shared/Keychain.swift
index edc546d6baa15ddcdb9701557a1a4d8be0ecd281..3059c579a8d5003af5b9216b38aed04a9cac4ac8 100644 (file)
--- a/WireGuard/Shared/Keychain.swift
+++ b/WireGuard/Shared/Keychain.swift
@@ -112,6 +112,6 @@ class Keychain {
     static func verifyReference(called ref: Data) -> Bool {
         return SecItemCopyMatching([kSecClass as String: kSecClassGenericPassword,
                                     kSecValuePersistentRef as String: ref] as CFDictionary,
-                                   nil) == errSecSuccess
+                                   nil) != errSecItemNotFound
     }
 }
diff --git a/WireGuard/WireGuard/Tunnel/TunnelsManager.swift b/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
index ec1ea7489b79922bcf14f3fa12df3b3195accf6b..efee1e4ee26ba2353472a6537e20f3f56708e0fb 100644 (file)
--- a/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
+++ b/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
@@ -70,6 +70,7 @@ class TunnelsManager {
                 if let ref = passwordRef {
                     refs.insert(ref)
                 } else {
+                    wg_log(.info, message: "Removing orphaned tunnel with non-verifying keychain entry: \(tunnelManager.localizedDescription ?? "<unknown>")")
                     tunnelManager.removeFromPreferences { _ in }
                     tunnelManagers.remove(at: index)
                 }
Mirror of https://git.zx2c4.com/wireguard-apple