• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Network Service Configuration - SystemConfiguration
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Network Service Configuration - SystemConfiguration


  • Subject: Network Service Configuration - SystemConfiguration
  • From: Robert Davis <email@hidden>
  • Date: Mon, 29 Apr 2013 22:25:27 +0000
  • Thread-topic: Network Service Configuration - SystemConfiguration

Hello,

I am trying to programmatically configure a VPN in OSX 10.8.3.  I have been able to create the the ipv4 interface and the ipsec interface but cannot figure out how to apply the configuration or if i am doing it right.  Not many sources for NetworkConfiguration and VPNs.  The ones on the internet are apparently very outdated.  MoreSCF and MoreIsBetter is no longer viable examples and are very hard to find.  Can anyone guide me to what i am doing wrong or where to find what i need?  The SYstemconfiguration and NetworkConfiguration documentation on Apple's website seems to be grossly lacking in examples and details.

Here is the pertinent code i have so far…..




-(NSString *)createOSXVPNConnection:(NSString *)pcfFilename
{
  NSArray *pcfFileContents = [self readFile:pcfFilename];
  CSCOPCFINFO info = [self getPcfVpnDetails:pcfFileContents]; // My own struct in another file...


  NSString *vpnServiceName = [[pcfFilename lastPathComponent] stringByDeletingPathExtension];
  NSString *vpnDescription = @"";
  NSString *vpnGWAddress = @"";
  NSString *vpnGrpName =@"";
  NSString *vpnGrpPwd = @"";
  NSString *vpnUsrName = @"";
  NSString *vpnUsrPwd = @"";

  

  int szLen = 0;
  szLen = (int)strlen(info.vpnDescription);
  if( szLen != 0 )
    vpnDescription = [NSString stringWithUTF8String:info.vpnDescription];
  
  szLen = 0;
  szLen = (int)strlen(info.vpnGatewayAddress);
  if( szLen != 0)
    vpnGWAddress = [NSString stringWithUTF8String:info.vpnGatewayAddress];

  

  szLen = 0;

  szLen = (int)strlen(info.vpnGroupUsername);
  if( szLen != 0)
    vpnGrpName = [NSString stringWithUTF8String:info.vpnGroupUsername];

  

  szLen = 0;

  szLen = (int)strlen(info.vpnGroupPasswordPlain);
  if( szLen != 0)
    vpnGrpPwd = [NSString stringWithUTF8String:info.vpnGroupPasswordPlain];

  

  szLen = 0;

  szLen = (int)strlen(info.vpnUsername);
  if( szLen != 0)
    vpnUsrName = [NSString stringWithUTF8String:info.vpnUsername];

  

  szLen = 0;

  szLen = (int)strlen(info.vpnPasswordPlain);
  if( szLen != 0)
    vpnUsrPwd = [NSString stringWithUTF8String:info.vpnPasswordPlain];

  

  // Authority
  AuthorizationRef auth = NULL;
  AuthorizationFlags rootFlags =
  kAuthorizationFlagDefaults              |
  kAuthorizationFlagExtendRights          |
  kAuthorizationFlagInteractionAllowed    |
  kAuthorizationFlagPreAuthorize;

  

  AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment,
                      rootFlags, &auth);

  

  //SCPreferencesRef prefs = SCPreferencesCreate(NULL,(__bridge CFStringRef)vpnServiceName, NULL);
  SCPreferencesRef prefs = SCPreferencesCreateWithAuthorization(NULL,CFSTR("CSCOVPNCFG"), NULL, auth);
  SCPreferencesLock(prefs, TRUE);

  

  SCNetworkInterfaceRef ipsecIfRef = SCNetworkInterfaceCreateWithInterface (kSCNetworkInterfaceIPv4,   kSCNetworkInterfaceTypeIPSec);
  SCNetworkInterfaceRef netIfRef = SCNetworkInterfaceGetInterface( ipsecIfRef );
  SCNetworkServiceRef vpnSrvcRef = SCNetworkServiceCreate(prefs, ipsecIfRef);
  SCNetworkServiceSetName(vpnSrvcRef, (__bridge CFStringRef)vpnServiceName);

  

  CFStringRef keysIPSec[9]  = { NULL, NULL, NULL ,NULL, NULL, NULL ,NULL, NULL, NULL };
  CFStringRef valsIPSec[9]  = { NULL, NULL, NULL ,NULL, NULL, NULL ,NULL, NULL, NULL };
  CFIndex numkeys       = 0;

  

  keysIPSec[numkeys]    = kSCPropNetIPSecAuthenticationMethod;
  valsIPSec[numkeys++]  = kSCValNetIPSecAuthenticationMethodSharedSecret;

  

  keysIPSec[numkeys]    = kSCPropNetIPSecLocalIdentifier;
  valsIPSec[numkeys++]  = (__bridge CFStringRef)vpnGrpName;

  

  keysIPSec[numkeys]    = kSCPropNetIPSecLocalIdentifierType;
  valsIPSec[numkeys++]  = kSCValNetIPSecLocalIdentifierTypeKeyID;

    

  keysIPSec[numkeys]    = kSCPropNetIPSecRemoteAddress;
  valsIPSec[numkeys++]  = (__bridge CFStringRef)vpnGWAddress;

  keysIPSec[numkeys]    = kSCPropNetIPSecSharedSecret;
  valsIPSec[numkeys++]  = (__bridge CFStringRef)vpnGrpPwd;

  keysIPSec[numkeys]    = kSCPropNetIPSecSharedSecretEncryption;
  valsIPSec[numkeys++]  = kSCValNetIPSecSharedSecretEncryptionKeychain;

  

  keysIPSec[numkeys]    = kSCPropNetIPSecXAuthName;
  valsIPSec[numkeys++]  = (__bridge CFStringRef)vpnUsrName;

  

  keysIPSec[numkeys]    = kSCPropNetIPSecXAuthPassword;
  valsIPSec[numkeys++]  = (__bridge CFStringRef)vpnUsrPwd;

  

  keysIPSec[numkeys]    = kSCPropNetIPSecXAuthPasswordEncryption;
  valsIPSec[numkeys]  = kSCValNetIPSecXAuthPasswordEncryptionPrompt;

  


  CFDictionaryRef ipsecOptions
        = CFDictionaryCreate
            (NULL, (const void **)&keysIPSec,
            (const void **)&valsIPSec, numkeys,
            &kCFTypeDictionaryKeyCallBacks,
            &kCFTypeDictionaryValueCallBacks);

  

  BOOL success = SCNetworkInterfaceSetConfiguration (ipsecIfRef, ipsecOptions);

  

  if (SCNetworkServiceEstablishDefaultConfiguration(vpnSrvcRef))
  {
    SCNetworkSetRef set = SCNetworkSetCopyCurrent (prefs);
    BOOL setSuccess = SCNetworkSetAddService (set, vpnSrvcRef);

    

    if (set && setSuccess)
    {
      SCPreferencesCommitChanges(prefs);
      SCPreferencesApplyChanges(prefs);
      SCPreferencesSynchronize(prefs);
    }
  }

  

  SCPreferencesUnlock(prefs); 
  CFStringRef srvcID = SCNetworkServiceGetServiceID (vpnSrvcRef);
  return vpnServiceName;
}

RD

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

  • Follow-Ups:
    • Re: Network Service Configuration - SystemConfiguration
      • From: Allan Nathanson <email@hidden>
    • Re: Network Service Configuration - SystemConfiguration
      • From: "Quinn \"The Eskimo!\"" <email@hidden>
  • Prev by Date: Re: CFHTTPRequest issue
  • Next by Date: a little off-topic -- getting a kernel dump
  • Previous by thread: Re: Our question is how to display in iOS WLAN SSID a subtile that to mark this SSID is our support Wi-If hotspots.
  • Next by thread: Re: Network Service Configuration - SystemConfiguration
  • Index(es):
    • Date
    • Thread