diff options
author | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-08-02 16:18:00 +0200 |
---|---|---|
committer | Timur Pocheptsov <timur.pocheptsov@qt.io> | 2018-08-02 14:31:39 +0000 |
commit | 81910b5f3cfb8c8b0c009913d62dacff4e73bc3b (patch) | |
tree | 939cd220e406b02d269a2a09ef1ab3559e4bd914 /src/network | |
parent | db738cbaf1ba7a4886f7869db16dbb9107a8e65e (diff) |
SecureTransport - disable lock on sleep for the custom keychain
It appears that by default our keychain auto-locks when the
system sleeps. This makes the keychain totally useless, since
its password is a random 256 bytes our user never has a chance
to know. Thanks to Mårten for the hint about SecKeychainSetSettings,
the way to properly fix it.
Task-number: QTBUG-69677
Change-Id: I2603c26b8422a1bcace3336e9b4ebe0381c952d7
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Diffstat (limited to 'src/network')
-rw-r--r-- | src/network/ssl/qsslsocket_mac.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/network/ssl/qsslsocket_mac.cpp b/src/network/ssl/qsslsocket_mac.cpp index 046b432252..aa0e1b0dd1 100644 --- a/src/network/ssl/qsslsocket_mac.cpp +++ b/src/network/ssl/qsslsocket_mac.cpp @@ -60,6 +60,7 @@ #include <algorithm> #include <cstddef> +#include <limits> #include <vector> #include <QtCore/private/qcore_mac_p.h> @@ -144,6 +145,16 @@ EphemeralSecKeychain::EphemeralSecKeychain() } } + if (keychain) { + SecKeychainSettings settings = {}; + settings.version = SEC_KEYCHAIN_SETTINGS_VERS1; + // Strange, huh? But that's what their docs say to do! With lockOnSleep + // == false, set interval to INT_MAX to never lock ... + settings.lockInterval = INT_MAX; + if (SecKeychainSetSettings(keychain, &settings) != errSecSuccess) + qCWarning(lcSsl) << "SecKeychainSettings: failed to disable lock on sleep"; + } + #ifdef QSSLSOCKET_DEBUG if (keychain) { qCDebug(lcSsl) << "Custom keychain with name" << keychainName << "was created" |