Development discussion of WireGuard
 help / color / mirror / Atom feed
From: Jeffrey Walton <noloader@gmail.com>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: WireGuard Configurations Gone After iOS 15 Upgrade
Date: Wed, 22 Sep 2021 15:58:01 -0400	[thread overview]
Message-ID: <CAH8yC8mG6TR76jJOh5fiz7hgCPEkxAZDqGM3L5DTEkwRMU8xpw@mail.gmail.com> (raw)
In-Reply-To: <CAHmME9p69qDGUJnbHVsqH_vx8mf=dNY3-sQ-7APhOG85xxLYWA@mail.gmail.com>

On Wed, Sep 22, 2021 at 3:31 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
>
> Hi all,
>
> I've got a new build submitted to the App Store, and so now we wait
> for Apple's review.
>
> I do not understand the root cause or how it might resolve itself yet,
> because I haven't been able to reproduce. But I've removed the
> ridiculous code that deletes network profiles when the keychain can't
> be opened. My hope is that the open failure is transient, and so this
> fix will be sufficient to unwedge it. I guess we'll see...

I recall reading a report last night... An app lost access to its
keychain items after an iOS 15 upgrade. The workaround was to "Enable
iCloud Keychain".

I don't think that's a good idea, however. You don't want your secrets
leaving your security boundary and moving to Apple's cloud. In fact, I
stopped using Apple devices back around iOS 6 when Apple integrated
the keychain into their cloud services.

Jeff

  reply	other threads:[~2021-09-22 19:58 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-22  0:23 Eddie
2021-09-22  0:28 ` Eddie
2021-09-22  0:45   ` Miguel Arroz
2021-09-22  3:14 ` Jason A. Donenfeld
2021-09-22  4:04   ` Anatoli
2021-09-22  4:50     ` Jason A. Donenfeld
2021-09-22  5:17       ` Jason A. Donenfeld
     [not found]         ` <CAMaqUZ2dTaOJ3oPex0pQxBM9njHA7rW5Hb69MvG645n+ya_jhQ@mail.gmail.com>
2021-09-22 13:59           ` Jason A. Donenfeld
2021-09-22 14:47         ` Andrew Fried
2021-09-22 15:23       ` Eddie
2021-09-22 16:50         ` Miguel Arroz
2021-09-22 19:28           ` Jason A. Donenfeld
2021-09-22 19:58             ` Jeffrey Walton [this message]
2021-09-22 22:15             ` Jason A. Donenfeld
2021-09-22 22:31               ` Miguel Arroz
2021-09-22 22:35                 ` Jason A. Donenfeld
2021-09-22 22:42                   ` Miguel Arroz
2021-09-22 22:43                     ` Jason A. Donenfeld
2021-09-22 22:45                   ` Eddie
2021-09-22 22:55                     ` Eddie
2021-09-22 22:55                       ` Jason A. Donenfeld
     [not found]                     ` <814501e8-c2c8-1e0a-2f30-fd83fb7769ec@attglobal.net>
     [not found]                       ` <CAHmME9p5C3bGT=gXV6WQ5HNOBTtitXdGwKm7EaOv_bnVVvX5vA@mail.gmail.com>
2021-09-22 22:56                         ` Eddie
2021-09-23  1:34               ` Jason A. Donenfeld
2021-09-23  2:49                 ` Jason A. Donenfeld
2021-09-23  2:54                 ` Miguel Arroz
2021-09-23  3:06                   ` Miguel Arroz
2021-09-23  3:09                   ` Jason A. Donenfeld
2021-09-23  3:19                     ` Miguel Arroz
2021-09-23  3:22                       ` Jason A. Donenfeld
2021-09-23  3:57                         ` Jason A. Donenfeld
2021-09-23  4:13                           ` Jason A. Donenfeld
2021-09-23  4:21                             ` Miguel Arroz
2021-09-23 14:41                             ` Anatoli
2021-09-23 17:26                               ` Jason A. Donenfeld
2021-09-24  2:17                                 ` Jason A. Donenfeld
2021-09-24  8:05                                   ` Alan Graham
2021-09-22 22:24             ` Anatoli
2021-09-22 22:26               ` Jason A. Donenfeld
2021-09-22 23:12                 ` Anatoli
2021-09-22 23:53                   ` Alan Graham

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAH8yC8mG6TR76jJOh5fiz7hgCPEkxAZDqGM3L5DTEkwRMU8xpw@mail.gmail.com \
    --to=noloader@gmail.com \
    --cc=Jason@zx2c4.com \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).