Re: IPSec not a "supported" protocol for PPP interfaces?
Re: IPSec not a "supported" protocol for PPP interfaces?
- Subject: Re: IPSec not a "supported" protocol for PPP interfaces?
- From: Allan Nathanson <email@hidden>
- Date: Thu, 20 Dec 2007 13:28:35 -0500
"IPSec" is not a protocol type. To manage the interfaces "IPSec"
configuration you would :
// get the interface associated with the service
pppInterface = SCNetworkServiceGetInterface(vpnService);
// get the IPSec configuration
ipsec_config =
SCNetworkInterfaceGetExtendedConfiguration(pppInterface,
CFSTR("IPSec"));
if (ipsec_config == NULL) {
new_ipsec_config = CFDictionaryCreateMutable(...);
} else {
new_ipsec_config = CFDictionaryCreateMutableCopy(NULL, 0,
ipsec_config);
}
// update IPSec config
CFDictionarySetValue(new_ipsec_config, ...);
ok = SCNetworkInterfaceSetExtendedConfiguration(pppInterface,
CFSTR("IPSec"), new_ipsec_config);
CFRelease(new_ipsec_config);
if (!ok) ...
- Allan
On Dec 20, 2007, at 1:07 PM, Nathan Duran wrote:
When I create a new L2TP VPN service in my network preferences, it
builds a stack of interfaces like so:
IPv4
|
L2TP
|
PPP
It then creates the new service, and adds the following protocols to
it:
Proxies, DNS, IPv4, IPv6, SMB, IPSec
When I attempt to mimic this behavior via
---
SCNetworkInterfaceRef l2tpInterface =
SCNetworkInterfaceCreateWithInterface(kSCNetworkInterfaceIPv4,
kSCNetworkInterfaceTypeL2TP);
SCNetworkInterfaceRef pppInterface =
SCNetworkInterfaceCreateWithInterface(l2tpInterface,
kSCNetworkInterfaceTypePPP);
SCNetworkServiceRef vpnService = SCNetworkServiceCreate(prefs,
pppInterface);
SCNetworkServiceEstablishDefaultConfiguration(vpnService);
SCNetworkServiceSetName(vpnService, CFSTR("Whatever"));
SCNetworkSetAddService(SCNetworkSetCopyCurrent(prefs), vpnService);
if ( !SCNetworkServiceAddProtocolType(vpnService,
kSCValNetL2TPTransportIPSec) )
{
SCNetworkInterfaceRef theRealVPNInterface =
SCNetworkServiceGetInterface(vpnService);
CFArrayRef supportedProtocols =
SCNetworkInterfaceGetSupportedProtocolTypes(theRealVPNInterface);
CFShow(supportedProtocols);
}
---
SCNetworkServiceAddProtocolType fails with SCError reporting
"Invalid argument 1002" and the output of CFShow is as follows:
<CFArray 0x124400 [0xa0317174]>{type = mutable-small, count = 5,
values = (
0 : <CFString 0xa06ca69c [0xa0317174]>{contents = "DNS"}
1 : <CFString 0xa06ca68c [0xa0317174]>{contents = "IPv4"}
2 : <CFString 0xa06ca67c [0xa0317174]>{contents = "IPv6"}
3 : <CFString 0xa06ca66c [0xa0317174]>{contents = "Proxies"}
4 : <CFString 0xa06ca65c [0xa0317174]>{contents = "SMB"}
)}
So if IPSec isn't a supported protocol, then how is it being added?
I actually already have code to do this via SCPreferencesSetValue,
thereby bypassing the apparently flawed logic in the higher-level
method, but it's hideous and I'm trying to stop using it now that
VPN config settings are no longer scattered across multiple
unrelated preferences files.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden