Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 10da5cfdef | |||
| 75b6925deb | |||
| 03a59ff38e | |||
| abf506c1fe | |||
| dfb685f258 |
@@ -72,7 +72,7 @@ extension NETunnelProviderProtocol {
|
||||
#error("Unimplemented")
|
||||
#endif
|
||||
guard passwordReference == nil else { return true }
|
||||
wg_log(.debug, message: "Migrating tunnel configuration '\(name)'")
|
||||
wg_log(.info, message: "Migrating tunnel configuration '\(name)'")
|
||||
passwordReference = Keychain.makeReference(containing: oldConfig, called: name)
|
||||
return true
|
||||
}
|
||||
@@ -81,6 +81,27 @@ extension NETunnelProviderProtocol {
|
||||
providerConfiguration = ["UID": getuid()]
|
||||
return true
|
||||
}
|
||||
#elseif os(iOS)
|
||||
if #available(iOS 15, *) {
|
||||
/* Update the stored reference from the old iOS 14 one to the canonical iOS 15 one.
|
||||
* The iOS 14 ones are 96 bits, while the iOS 15 ones are 160 bits. We do this so
|
||||
* that we can have fast set exclusion in deleteReferences safely. */
|
||||
if passwordReference != nil && passwordReference!.count == 12 {
|
||||
var result: CFTypeRef?
|
||||
let ret = SecItemCopyMatching([kSecValuePersistentRef: passwordReference!,
|
||||
kSecReturnPersistentRef: true] as CFDictionary,
|
||||
&result)
|
||||
if ret != errSecSuccess || result == nil {
|
||||
return false
|
||||
}
|
||||
guard let newReference = result as? Data else { return false }
|
||||
if !newReference.elementsEqual(passwordReference!) {
|
||||
wg_log(.info, message: "Migrating iOS 14-style keychain reference to iOS 15-style keychain reference for '\(name)'")
|
||||
passwordReference = newReference
|
||||
return true
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
return false
|
||||
}
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
VERSION_NAME = 1.0.14
|
||||
VERSION_ID = 25
|
||||
VERSION_NAME = 1.0.15
|
||||
VERSION_ID = 26
|
||||
|
||||
@@ -56,19 +56,21 @@ class TunnelsManager {
|
||||
tunnelManager.saveToPreferences { _ in }
|
||||
}
|
||||
#if os(iOS)
|
||||
let verify = true
|
||||
let passwordRef = proto.verifyConfigurationReference() ? proto.passwordReference : nil
|
||||
#elseif os(macOS)
|
||||
let verify = proto.providerConfiguration?["UID"] as? uid_t == getuid()
|
||||
let passwordRef: Data?
|
||||
if proto.providerConfiguration?["UID"] as? uid_t == getuid() {
|
||||
passwordRef = proto.verifyConfigurationReference() ? proto.passwordReference : nil
|
||||
} else {
|
||||
passwordRef = proto.passwordReference // To handle multiple users in macOS, we skip verifying
|
||||
}
|
||||
#else
|
||||
#error("Unimplemented")
|
||||
#endif
|
||||
if verify && !proto.verifyConfigurationReference() {
|
||||
wg_log(.error, message: "Unable to verify keychain entry of tunnel: \(tunnelManager.localizedDescription ?? "<unknown>")")
|
||||
}
|
||||
if let ref = proto.passwordReference {
|
||||
if let ref = passwordRef {
|
||||
refs.insert(ref)
|
||||
} else {
|
||||
wg_log(.error, message: "Removing orphaned tunnel with missing keychain entry: \(tunnelManager.localizedDescription ?? "<unknown>")")
|
||||
wg_log(.info, message: "Removing orphaned tunnel with non-verifying keychain entry: \(tunnelManager.localizedDescription ?? "<unknown>")")
|
||||
tunnelManager.removeFromPreferences { _ in }
|
||||
tunnelManagers.remove(at: index)
|
||||
}
|
||||
|
||||
@@ -159,10 +159,6 @@ class TunnelListCell: UITableViewCell {
|
||||
statusSwitch.isUserInteractionEnabled = (status == .inactive || status == .active)
|
||||
}
|
||||
|
||||
if tunnel.tunnelConfiguration == nil {
|
||||
statusSwitch.isUserInteractionEnabled = false
|
||||
backgroundColor = .systemPink
|
||||
}
|
||||
}
|
||||
|
||||
private func reset(animated: Bool) {
|
||||
|
||||
@@ -344,7 +344,6 @@ extension TunnelsListTableViewController: UITableViewDelegate {
|
||||
}
|
||||
guard let tunnelsManager = tunnelsManager else { return }
|
||||
let tunnel = tunnelsManager.tunnel(at: indexPath.row)
|
||||
guard tunnel.tunnelConfiguration != nil else { return }
|
||||
showTunnelDetail(for: tunnel, animated: true)
|
||||
}
|
||||
|
||||
|
||||
@@ -14,6 +14,6 @@ class LaunchedAtLoginDetector {
|
||||
let then = data.withUnsafeBytes { ptr in
|
||||
ptr.load(as: UInt64.self)
|
||||
}
|
||||
return now - then <= 5000000000
|
||||
return now - then <= 20000000000
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user