diff options
| -rw-r--r-- | ios/PacketTunnel/PacketTunnelProvider.swift | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ios/PacketTunnel/PacketTunnelProvider.swift b/ios/PacketTunnel/PacketTunnelProvider.swift index 6c28d845d9..50de296161 100644 --- a/ios/PacketTunnel/PacketTunnelProvider.swift +++ b/ios/PacketTunnel/PacketTunnelProvider.swift @@ -194,6 +194,24 @@ class PacketTunnelProvider: NEPacketTunnelProvider, TunnelMonitorDelegate { message: "Failed to read tunnel configuration when starting the tunnel." ) + /* + We use default data protection level which locks keychain and file system access + until device is first unlocked. + + However iOS starts packet tunnel on boot and unfortunately we do not have access to + UIApplication.isProtectedDataAvailable nor associated delegate methods that would + tell us when data protection is being lifted. + + Exit immediately and pass the underlying error to completion handler to tell iOS to + restart the tunnel later on. + */ + if let error = error as? ReadSettingsVersionError, + error.underlyingError as? KeychainError == KeychainError.interactionNotAllowed + { + completionHandler(error.underlyingError) + return + } + configurationError = error startEmptyTunnel(completionHandler: completionHandler) |