From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Cc: Eddie <stunnel@attglobal.net>, Anatoli <me@anatoli.ws>,
Roopesh Chander S <roop@roopc.net>,
Miguel Arroz <miguel.arroz@gmail.com>,
Alan Graham <alan@meshify.app>,
oss@jacobwilder.org
Subject: Re: WireGuard Configurations Gone After iOS 15 Upgrade
Date: Wed, 22 Sep 2021 19:34:22 -0600 [thread overview]
Message-ID: <CAHmME9reWG3UiHQm1fBvyQUoUF5_oJv6YiBGaOE2AUgLt-nK3w@mail.gmail.com> (raw)
In-Reply-To: <CAHmME9rQY8OU3jbXnB=OroBvudO1KCXL3vL6ESuEgZoMSRqVLw@mail.gmail.com>
Hey folks,
Small update: I've managed to update a fresh 14 device to 15 using the
latest build, and things are broken still.
On the plus side:
- The new build no longer deletes VPN profiles when the corresponding
keychain references are unresolvable, so if there's any chance of
recovery in a next build, it won't ruin those chances.
- Now that I can reproduce it, I can hammer away at trying to fix this directly.
On the minus side:
- The fact that a keychain reference goes stale during an update from
14 to 15 sounds solidly like an Apple bug, rather than any sort of API
misuse.
- I'm skeptical that there'll be a workaround, and if there is, it
will probably be pretty ugly.
If anyone knows the SecItem APIs well, the file in question is:
https://git.zx2c4.com/wireguard-apple/tree/Sources/Shared/Keychain.swift
So, I guess I'll jump into this in full force now. Here we go...
Jason
next prev parent reply other threads:[~2021-09-23 1:34 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-22 0:23 Eddie
2021-09-22 0:28 ` Eddie
2021-09-22 0:45 ` Miguel Arroz
2021-09-22 3:14 ` Jason A. Donenfeld
2021-09-22 4:04 ` Anatoli
2021-09-22 4:50 ` Jason A. Donenfeld
2021-09-22 5:17 ` Jason A. Donenfeld
[not found] ` <CAMaqUZ2dTaOJ3oPex0pQxBM9njHA7rW5Hb69MvG645n+ya_jhQ@mail.gmail.com>
2021-09-22 13:59 ` Jason A. Donenfeld
2021-09-22 14:47 ` Andrew Fried
2021-09-22 15:23 ` Eddie
2021-09-22 16:50 ` Miguel Arroz
2021-09-22 19:28 ` Jason A. Donenfeld
2021-09-22 19:58 ` Jeffrey Walton
2021-09-22 22:15 ` Jason A. Donenfeld
2021-09-22 22:31 ` Miguel Arroz
2021-09-22 22:35 ` Jason A. Donenfeld
2021-09-22 22:42 ` Miguel Arroz
2021-09-22 22:43 ` Jason A. Donenfeld
2021-09-22 22:45 ` Eddie
2021-09-22 22:55 ` Eddie
2021-09-22 22:55 ` Jason A. Donenfeld
[not found] ` <814501e8-c2c8-1e0a-2f30-fd83fb7769ec@attglobal.net>
[not found] ` <CAHmME9p5C3bGT=gXV6WQ5HNOBTtitXdGwKm7EaOv_bnVVvX5vA@mail.gmail.com>
2021-09-22 22:56 ` Eddie
2021-09-23 1:34 ` Jason A. Donenfeld [this message]
2021-09-23 2:49 ` Jason A. Donenfeld
2021-09-23 2:54 ` Miguel Arroz
2021-09-23 3:06 ` Miguel Arroz
2021-09-23 3:09 ` Jason A. Donenfeld
2021-09-23 3:19 ` Miguel Arroz
2021-09-23 3:22 ` Jason A. Donenfeld
2021-09-23 3:57 ` Jason A. Donenfeld
2021-09-23 4:13 ` Jason A. Donenfeld
2021-09-23 4:21 ` Miguel Arroz
2021-09-23 14:41 ` Anatoli
2021-09-23 17:26 ` Jason A. Donenfeld
2021-09-24 2:17 ` Jason A. Donenfeld
2021-09-24 8:05 ` Alan Graham
2021-09-22 22:24 ` Anatoli
2021-09-22 22:26 ` Jason A. Donenfeld
2021-09-22 23:12 ` Anatoli
2021-09-22 23:53 ` Alan Graham
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHmME9reWG3UiHQm1fBvyQUoUF5_oJv6YiBGaOE2AUgLt-nK3w@mail.gmail.com \
--to=jason@zx2c4.com \
--cc=alan@meshify.app \
--cc=me@anatoli.ws \
--cc=miguel.arroz@gmail.com \
--cc=oss@jacobwilder.org \
--cc=roop@roopc.net \
--cc=stunnel@attglobal.net \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).