• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: packet-tunnel-provider on OSX platform
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: packet-tunnel-provider on OSX platform

  • Subject: Re: packet-tunnel-provider on OSX platform
  • From: 孔祥波 <email@hidden>
  • Date: Wed, 20 Apr 2016 14:17:51 +0800


let config = NETunnelProviderProtocol()


config.providerBundleIdentifier = "you extension bundle id" // this value must set on Mac App, otherwise Apple Code will use your main app bundle id , will fail!, enjoy it!


On Wed, Apr 20, 2016 at 1:32 PM, Kevin Yu <email@hidden> wrote:
After turn on the container app to sandbox, it does not make much difference, I still saw the message:

2016/4/20 PM1:15:14.964 pkd[610]: ignoring mis-configured plug-in at /Users/kevinyu/Library/Developer/Xcode/DerivedData/Smart_VPN-ahmwawingpuachhkpmczcmidvxsy/Build/Products/Debug/drayTunnelX.appex: plug-ins must be sandboxed

but I saw the following log on console after click connect button

2016/4/20 PM 1:15:48.440 nesessionmanager[4826]: NESMVPNSession[vpn:A58F98D8-580D-46BB-BA9C-B514EDB00073]: Received a start command from Smart VPN[8376]
2016/4/20 PM 1:15:48.440 nesessionmanager[4826]: NESMVPNSession[vpn:A58F98D8-580D-46BB-BA9C-B514EDB00073]: status changed to connecting
2016/4/20 PM 1:15:48.606 nesessionmanager[4826]: Failed to find the VPN app for plugin type com.draytek.SmartVPN
2016/4/20 PM 1:15:48.606 nesessionmanager[4826]: Failed to find the primary plugin (type = com.draytek.SmartVPN)
2016/4/20 PM 1:15:48.611 nesessionmanager[4826]: Failed to find the VPN app for plugin type com.draytek.SmartVPN
2016/4/20 PM 1:15:48.611 nesessionmanager[4826]: Failed to find the primary plugin (type = com.draytek.SmartVPN)
2016/4/20 PM 1:15:48.611 nesessionmanager[4826]: NESMVPNSession[vpn:A58F98D8-580D-46BB-BA9C-B514EDB00073]: status changed to disconnecting
2016/4/20 下午1:15:48.613 nesessionmanager[4826]: NESMVPNSession[vpn:A58F98D8-580D-46BB-BA9C-B514EDB00073]: status changed to disconnected, last stop reason Plugin failed


My container app bundle ID = com.draytek.SmartVPN, and extension bundle = com.draytek.SmartVPN.drayTunnelX, do they need to be identical?? we use different ID in iOS app and works well.

My entitlement file looks like this now (identical for app and extension)

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>com.apple.developer.networking.networkextension</key>
        <array>
                <string>packet-tunnel-provider</string>
        </array>
        <key>com.apple.security.app-sandbox</key>
        <true/>
        <key>com.apple.security.application-groups</key>
        <array>
                <string>group.com.draytek.Smart-VPN</string>
        </array>
        <key>com.apple.security.network.client</key>
        <true/>
        <key>keychain-access-groups</key>
        <array>
                <string>$(AppIdentifierPrefix)com.draytek.Smart-VPN.shared</string>
        </array>
</dict>
</plist>


— Kevin


> Kevin Brock <email@hidden> 於 2016年4月20日 下午1:03 寫道:
>
> Is the app also sandboxed?  Both the app and the extension need to be sandboxed, and the entitlements should match.
>
> Kevin
>
>
>> On Apr 19, 2016, at 20:29, Kevin Yu <email@hidden> wrote:
>>
>>>> $ pluginkit -a /path/to/extension
>>
>> I use the above command to add my plugin, I can see the plugin registered via the following command
>>
>> $ pluginkit -m -p com.apple.networkextension.packet-tunnel
>>    com.draytek.SmartVPN.drayTunnelX(1.0)
>>    com.apple.NetworkExtension.IKEv2Provider(1.0)
>>
>> However, I still can not connect my plugin code.
>> When I checked the console log, it shows bunch of messages like this:
>>
>> 2016/4/20 AM10:49:29.082 pkd[610]: ignoring mis-configured plug-in at /Users/kevinyu/Library/Developer/Xcode/DerivedData/Smart_VPN-ahmwawingpuachhkpmczcmidvxsy/Build/Products/Debug/drayTunnelX.appex: plug-ins must be sandboxed
>>
>> And I already checked sandbox switch for my extension and clicked “Outgoing Connections (Client)” option.
>>
>> Any suggestions?
>>
>> p.s. I did not use a fresh Machine, I use the force method to register extension,  is it needed for a fresh Machine?
>>
>> — Kevin
>>
>>
>>
>>
>>> email@hidden 於 2016年3月5日 上午4:00 寫道:
>>>
>>> Quinn, Thanks a lot for the information that I did not know before.
>>>
>>> it turns out my plugin did not registered at all.
>>> Now my question became, how to registered my plugin when deploy the app to other machine?
>>> Because in iOS, it install via app store (or TestFlight) and iOS can handle it well, we did not notice any plugin register operation is needed, it just works.
>>> We also plan to deploy the developing app via Mac’s App Store, what operation is needed for going this way?
>>>
>>> — Kevin
>>>
>>>>
>>>>
>>>>> Any suggestion?
>>>>
>>>>
>>>> * extension registration — Registration problems are more common on OS X than iOS because the app install process is more free form. You can confirm that the extension is registered with the following command:
>>>>
>>>> $ pluginkit -m -p com.apple.networkextension.packet-tunnel
>>>>
>>>> This should produce output that shows your extension.  To get a feeling for the output you should expect to see, you can run the command for some other extension point.  For example, to see share extensions:
>>>>
>>>> $ pluginkit -m -p com.apple.share-services
>>>>
>>>> If your extension isn't registered, you should do two things:
>>>>
>>>> - Install your app on a fresh machine (I use a VM for this, rolling back to a snapshot for each debugging iteration) to see that it works in general. A lot of the time problems like this only occur on your development machine, where you're continually creating and launching new versions of the app.
>>>>
>>>> - On your development machine you can force the extension to register using:
>>>>
>>>> $ pluginkit -a /path/to/extension
>>
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Macnetworkprog mailing list      (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden
>


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >Re: packet-tunnel-provider on OSX platform (From: Kevin Brock <email@hidden>)

  • Prev by Date: Re: packet-tunnel-provider on OSX platform
  • Next by Date: Re: creating non-default vpn configurations for IPSEC/L2TP
  • Previous by thread: Re: packet-tunnel-provider on OSX platform
  • Next by thread: Re: packet-tunnel-provider on OSX platform
  • Index(es):
    • Date
    • Thread