diff options
Diffstat (limited to '')
4 files changed, 30 insertions, 8 deletions
diff --git a/WireGuard/WireGuard.xcodeproj/project.pbxproj b/WireGuard/WireGuard.xcodeproj/project.pbxproj index 473ae0b..7ef5dd0 100644 --- a/WireGuard/WireGuard.xcodeproj/project.pbxproj +++ b/WireGuard/WireGuard.xcodeproj/project.pbxproj @@ -30,6 +30,10 @@ 5FF7B96321CC95DE00A7DD74 /* InterfaceConfiguration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5FF7B96121CC95DE00A7DD74 /* InterfaceConfiguration.swift */; }; 5FF7B96521CC95FA00A7DD74 /* PeerConfiguration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5FF7B96421CC95FA00A7DD74 /* PeerConfiguration.swift */; }; 5FF7B96621CC95FA00A7DD74 /* PeerConfiguration.swift in Sources */ = {isa = PBXBuildFile; fileRef = 5FF7B96421CC95FA00A7DD74 /* PeerConfiguration.swift */; }; + 6B5C5E27220A48D30024272E /* Keychain.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B5C5E26220A48D30024272E /* Keychain.swift */; }; + 6B5C5E28220A48D30024272E /* Keychain.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B5C5E26220A48D30024272E /* Keychain.swift */; }; + 6B5C5E29220A48D30024272E /* Keychain.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B5C5E26220A48D30024272E /* Keychain.swift */; }; + 6B5C5E2A220A48D30024272E /* Keychain.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B5C5E26220A48D30024272E /* Keychain.swift */; }; 6B707D8421F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B707D8321F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift */; }; 6B707D8621F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6B707D8321F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift */; }; 6F4DD16B21DA558800690EAE /* TunnelListRow.swift in Sources */ = {isa = PBXBuildFile; fileRef = 6F4DD16A21DA558800690EAE /* TunnelListRow.swift */; }; @@ -238,6 +242,7 @@ 5F9696AF21CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "TunnelConfiguration+WgQuickConfig.swift"; sourceTree = "<group>"; }; 5FF7B96121CC95DE00A7DD74 /* InterfaceConfiguration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = InterfaceConfiguration.swift; sourceTree = "<group>"; }; 5FF7B96421CC95FA00A7DD74 /* PeerConfiguration.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PeerConfiguration.swift; sourceTree = "<group>"; }; + 6B5C5E26220A48D30024272E /* Keychain.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = Keychain.swift; sourceTree = "<group>"; }; 6B707D8321F918D4000A8F73 /* TunnelConfiguration+UapiConfig.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "TunnelConfiguration+UapiConfig.swift"; sourceTree = "<group>"; }; 6F4DD16721DA552B00690EAE /* NSTableView+Reuse.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "NSTableView+Reuse.swift"; sourceTree = "<group>"; }; 6F4DD16A21DA558800690EAE /* TunnelListRow.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = TunnelListRow.swift; sourceTree = "<group>"; }; @@ -427,6 +432,7 @@ 6FF3526A21C23F720008484E /* Logging */, 6F7774E6217201E0006A79B3 /* Model */, 6F5A2B4421AFDE020081EDD8 /* FileManager+Extension.swift */, + 6B5C5E26220A48D30024272E /* Keychain.swift */, ); path = Shared; sourceTree = "<group>"; @@ -1075,6 +1081,7 @@ 6F5A2B4621AFDED40081EDD8 /* FileManager+Extension.swift in Sources */, 6FFA5DA021958ECC0001E2F7 /* ErrorNotifier.swift in Sources */, 5F9696B121CD7128008063FE /* TunnelConfiguration+WgQuickConfig.swift in Sources */, + 6B5C5E28220A48D30024272E /* Keychain.swift in Sources */, 6FFA5D96219446380001E2F7 /* NETunnelProviderProtocol+Extension.swift in Sources */, 6FFA5D8E2194370D0001E2F7 /* TunnelConfiguration.swift in Sources */, 5FF7B96621CC95FA00A7DD74 /* PeerConfiguration.swift in Sources */, @@ -1105,6 +1112,7 @@ 6FB1BDD321D50F5300A991BF /* ZipArchive.swift in Sources */, 6FB1BDD421D50F5300A991BF /* ioapi.c in Sources */, 6FDB3C3C21DCF6BB00A0C0BF /* TunnelViewModel.swift in Sources */, + 6B5C5E29220A48D30024272E /* Keychain.swift in Sources */, 6FCD99AF21E0EA1700BA4C82 /* ImportPanelPresenter.swift in Sources */, 6FB1BDD521D50F5300A991BF /* unzip.c in Sources */, 6FB1BDD621D50F5300A991BF /* zip.c in Sources */, @@ -1162,6 +1170,7 @@ 6FB1BDB221D4F55700A991BF /* DNSResolver.swift in Sources */, 6FB1BDB321D4F55700A991BF /* ErrorNotifier.swift in Sources */, 6FB1BDA221D4F53300A991BF /* ringlogger.c in Sources */, + 6B5C5E2A220A48D30024272E /* Keychain.swift in Sources */, 6FB1BDA421D4F53300A991BF /* Logger.swift in Sources */, 6FB1BDA521D4F53300A991BF /* TunnelConfiguration+WgQuickConfig.swift in Sources */, 6FB1BDA621D4F53300A991BF /* NETunnelProviderProtocol+Extension.swift in Sources */, @@ -1200,6 +1209,7 @@ 6FDEF80021863C0100D8FBF6 /* ioapi.c in Sources */, 6F7F7E5F21C7D74B00527607 /* TunnelErrors.swift in Sources */, 6FDEF7FC21863B6100D8FBF6 /* zip.c in Sources */, + 6B5C5E27220A48D30024272E /* Keychain.swift in Sources */, 6F628C3F217F3413003482A3 /* DNSServer.swift in Sources */, 6F628C3D217F09E9003482A3 /* TunnelViewModel.swift in Sources */, 5F4541A621C4449E00994C13 /* ButtonCell.swift in Sources */, diff --git a/WireGuard/WireGuard/Tunnel/TunnelsManager.swift b/WireGuard/WireGuard/Tunnel/TunnelsManager.swift index 6bcf6f7..e10ba77 100644 --- a/WireGuard/WireGuard/Tunnel/TunnelsManager.swift +++ b/WireGuard/WireGuard/Tunnel/TunnelsManager.swift @@ -44,12 +44,21 @@ class TunnelsManager { return } - let tunnelManagers = managers ?? [] - tunnelManagers.forEach { tunnelManager in - if (tunnelManager.protocolConfiguration as? NETunnelProviderProtocol)?.migrateConfigurationIfNeeded() == true { + var tunnelManagers = managers ?? [] + var refs: Set<Data> = [] + for (index, tunnelManager) in tunnelManagers.enumerated().reversed() { + let proto = tunnelManager.protocolConfiguration as? NETunnelProviderProtocol + if proto?.migrateConfigurationIfNeeded(called: tunnelManager.localizedDescription ?? "unknown") ?? false { tunnelManager.saveToPreferences { _ in } } + if let ref = proto?.verifyConfigurationReference() { + refs.insert(ref) + } else { + tunnelManager.removeFromPreferences { _ in } + tunnelManagers.remove(at: index) + } } + Keychain.deleteReferences(except: refs) completionHandler(.success(TunnelsManager(tunnelProviders: tunnelManagers))) } #endif @@ -105,6 +114,7 @@ class TunnelsManager { tunnelProviderManager.saveToPreferences { [weak self] error in guard error == nil else { wg_log(.error, message: "Add: Saving configuration failed: \(error!)") + (tunnelProviderManager.protocolConfiguration as? NETunnelProviderProtocol)?.destroyConfigurationReference() completionHandler(.failure(TunnelsManagerError.systemErrorOnAddTunnel(systemError: error!))) return } @@ -153,7 +163,7 @@ class TunnelsManager { tunnel.name = tunnelName } - tunnelProviderManager.protocolConfiguration = NETunnelProviderProtocol(tunnelConfiguration: tunnelConfiguration) + tunnelProviderManager.protocolConfiguration = NETunnelProviderProtocol(tunnelConfiguration: tunnelConfiguration, previouslyFrom: tunnelProviderManager.protocolConfiguration) tunnelProviderManager.localizedDescription = tunnelConfiguration.name tunnelProviderManager.isEnabled = true @@ -162,6 +172,7 @@ class TunnelsManager { tunnelProviderManager.saveToPreferences { [weak self] error in guard error == nil else { + //TODO: the passwordReference for the old one has already been removed at this point and we can't easily roll back! wg_log(.error, message: "Modify: Saving configuration failed: \(error!)") completionHandler(TunnelsManagerError.systemErrorOnModifyTunnel(systemError: error!)) return @@ -202,6 +213,7 @@ class TunnelsManager { func remove(tunnel: TunnelContainer, completionHandler: @escaping (TunnelsManagerError?) -> Void) { let tunnelProviderManager = tunnel.tunnelProvider + (tunnelProviderManager.protocolConfiguration as? NETunnelProviderProtocol)?.destroyConfigurationReference() tunnelProviderManager.removeFromPreferences { [weak self] error in guard error == nil else { diff --git a/WireGuard/WireGuard/UI/iOS/WireGuard.entitlements b/WireGuard/WireGuard/UI/iOS/WireGuard.entitlements index b5bbc16..33ce9fc 100644 --- a/WireGuard/WireGuard/UI/iOS/WireGuard.entitlements +++ b/WireGuard/WireGuard/UI/iOS/WireGuard.entitlements @@ -8,7 +8,7 @@ </array> <key>com.apple.security.application-groups</key> <array> - <string>group.$(APP_ID_IOS)</string> - </array> + <string>group.$(APP_ID_IOS)</string> + </array> </dict> </plist> diff --git a/WireGuard/WireGuardNetworkExtension/WireGuardNetworkExtension_iOS.entitlements b/WireGuard/WireGuardNetworkExtension/WireGuardNetworkExtension_iOS.entitlements index b5bbc16..33ce9fc 100644 --- a/WireGuard/WireGuardNetworkExtension/WireGuardNetworkExtension_iOS.entitlements +++ b/WireGuard/WireGuardNetworkExtension/WireGuardNetworkExtension_iOS.entitlements @@ -8,7 +8,7 @@ </array> <key>com.apple.security.application-groups</key> <array> - <string>group.$(APP_ID_IOS)</string> - </array> + <string>group.$(APP_ID_IOS)</string> + </array> </dict> </plist> |