Skip to content

fix: macOS Tahoe compatibility#2

Open
spro wants to merge 1 commit into
HoshimuraYuto:mainfrom
spro:fix/macos-tahoe-compatibility
Open

fix: macOS Tahoe compatibility#2
spro wants to merge 1 commit into
HoshimuraYuto:mainfrom
spro:fix/macos-tahoe-compatibility

Conversation

@spro

@spro spro commented Oct 15, 2025

Copy link
Copy Markdown

SwiftUICore was deprecated and causes compilation errors in macOS Tahoe. Updated to use the standard SwiftUI import instead.

…ility

SwiftUICore was deprecated and causes compilation errors in macOS Tahoe.
Updated to use the standard SwiftUI import instead.
@spro spro requested a review from HoshimuraYuto as a code owner October 15, 2025 05:51
MegaManSec referenced this pull request in MegaManSec/magic-switch May 28, 2026
…ret pairing

Replace the unauthenticated plaintext TCP control channel with a sealed
channel keyed by a 9-character pairing code that the user shares between
their two Macs out of band. The pairing code is stretched via
PBKDF2-HMAC-SHA256 (600k iterations) and stored in the Keychain; each
connection negotiates per-direction session keys via HKDF over fresh
32-byte nonces, then frames messages with ChaCha20-Poly1305 (4-byte
length, 12-byte counter nonce, ciphertext, tag) capped at 64 KiB per
frame. The first sealed message must be the literal AUTH_OK; failure
counts toward a per-IP rate limit (5 failures / 60s -> 15 min block).

Per-connection state replaces the previously shared ConnectionManager
instance, closing the racy-lastReceivedCommand hijack. A 30s idle timer
and 5-minute total budget per connection close slow-drip attacks.
SettingsView gains a Pairing tab that drives generate/enter/unpair and
shows a SHA256(K)[0..4] fingerprint for visual verification.

Outbound calls (executeCommand, sendNotification, sendPeripheralSync)
now route through OutgoingConnection and fail closed if unpaired.
BluetoothPeripheralStore.updatePeripherals additionally rejects lists
larger than 64 entries.

Addresses bugs #1, #2, #3, #4, #5 from the security review.
github-actions Bot referenced this pull request in MegaManSec/magic-switch May 28, 2026
# 1.0.0 (2026-05-28)

### Bug Fixes

* **model:** validate decoded peripheral MAC and clamp name length ([54fcae5](54fcae5))

### Features

* initial commit ([872a902](872a902))
* **menubar:** adapt status bar icon to dark and light mode ([14f7639](14f7639)), closes [#1](#1)
* **network:** authenticate and encrypt peer protocol with shared-secret pairing ([a5dbf48](a5dbf48)), closes [#1](#1) [#2](#2) [#3](#3) [#4](#4) [#5](#5)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants