aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2019-10-11 21:52:55 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2019-10-11 22:07:18 +0200
commitabcfbceb9a24cb7f24573f48f40f35e779c822b4 (patch)
treee24016d5f1703416e483eaf4eeb621d480c0f523
parentui: add donation link (diff)
downloadwireguard-apple-abcfbceb9a24cb7f24573f48f40f35e779c822b4.tar.xz
wireguard-apple-abcfbceb9a24cb7f24573f48f40f35e779c822b4.zip
Keychain: make verification errors only happen when we're sure it's due to not found
-rw-r--r--WireGuard/Shared/Keychain.swift2
-rw-r--r--WireGuard/WireGuard/Tunnel/TunnelsManager.swift1
2 files changed, 2 insertions, 1 deletions
diff --git a/WireGuard/Shared/Keychain.swift b/WireGuard/Shared/Keychain.swift
index edc546d6..3059c579 100644
--- a/WireGuard/Shared/Keychain.swift
+++ b/WireGuard/Shared/Keychain.swift
@@ -112,6 +112,6 @@ class Keychain {
static func verifyReference(called ref: Data) -> Bool {
return SecItemCopyMatching([kSecClass as String: kSecClassGenericPassword,
kSecValuePersistentRef as String: ref] as CFDictionary,
- nil) == errSecSuccess
+ nil) != errSecItemNotFound
}
}
diff --git a/WireGuard/WireGuard/Tunnel/TunnelsManager.swift b/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
index ec1ea748..efee1e4e 100644
--- a/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
+++ b/WireGuard/WireGuard/Tunnel/TunnelsManager.swift
@@ -70,6 +70,7 @@ class TunnelsManager {
if let ref = passwordRef {
refs.insert(ref)
} else {
+ wg_log(.info, message: "Removing orphaned tunnel with non-verifying keychain entry: \(tunnelManager.localizedDescription ?? "<unknown>")")
tunnelManager.removeFromPreferences { _ in }
tunnelManagers.remove(at: index)
}