2 * Copyright (c) 2004-2011, 2013 Apple Inc. All rights reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 * Modification History
27 * August 5, 2004 Allan Nathanson <ajn@apple.com>
32 #include <TargetConditionals.h>
39 #define INLINE_PASSWORDS_USE_CFSTRING
40 #endif // TARGET_OS_IPHONE
44 #pragma mark Interface management
50 CFMutableArrayRef interfaces
;
51 CFArrayRef real_interfaces
;
53 real_interfaces
= _SCNetworkInterfaceCopyAllWithPreferences(prefs
);
54 if (real_interfaces
== NULL
) {
55 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
59 interfaces
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
61 // include real interfaces
62 CFArrayAppendArray(interfaces
,
64 CFRangeMake(0, CFArrayGetCount(real_interfaces
)));
65 CFRelease(real_interfaces
);
67 // include pseudo interfaces
68 CFArrayAppendValue(interfaces
, kSCNetworkInterfaceLoopback
);
69 CFArrayAppendValue(interfaces
, kSCNetworkInterfaceIPv4
);
71 // include interfaces that we have created
72 if (new_interfaces
!= NULL
) {
73 CFArrayAppendArray(interfaces
,
75 CFRangeMake(0, CFArrayGetCount(new_interfaces
)));
78 return (CFArrayRef
)interfaces
;
84 _find_interface(int argc
, char **argv
, int *nArgs
)
86 Boolean allowIndex
= TRUE
;
88 CFArrayRef myInterfaces
= interfaces
;
90 CFStringRef select_name
= NULL
;
91 SCNetworkInterfaceRef selected
= NULL
;
94 SCPrint(TRUE
, stdout
, CFSTR("no interface specified\n"));
98 if (nArgs
!= NULL
) *nArgs
= 1;
100 if (strcasecmp(argv
[0], "$child") == 0) {
101 if (net_interface
== NULL
) {
102 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
106 selected
= SCNetworkInterfaceGetInterface(net_interface
);
107 if(selected
== NULL
) {
108 SCPrint(TRUE
, stdout
, CFSTR("no child interface\n"));
112 } else if (strcasecmp(argv
[0], "$service") == 0) {
113 if (net_service
== NULL
) {
114 SCPrint(TRUE
, stdout
, CFSTR("service not selected\n"));
118 selected
= SCNetworkServiceGetInterface(net_service
);
119 if(selected
== NULL
) {
120 SCPrint(TRUE
, stdout
, CFSTR("no interface for service\n"));
126 #if !TARGET_OS_IPHONE
127 else if (strcasecmp(argv
[0], "$bond") == 0) {
128 CFStringRef interfaceType
;
130 if (net_interface
== NULL
) {
131 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
135 interfaceType
= SCNetworkInterfaceGetInterfaceType(net_interface
);
136 if (!CFEqual(interfaceType
, kSCNetworkInterfaceTypeBond
)) {
137 SCPrint(TRUE
, stdout
, CFSTR("interface not Bond\n"));
142 SCPrint(TRUE
, stdout
, CFSTR("no member interface specified\n"));
147 if (nArgs
!= NULL
) *nArgs
+= 1;
149 myInterfaces
= SCBondInterfaceGetMemberInterfaces(net_interface
);
150 if (myInterfaces
== NULL
) {
151 SCPrint(TRUE
, stdout
, CFSTR("no member interfaces\n"));
156 #endif // !TARGET_OS_IPHONE
158 else if (strcasecmp(argv
[0], "$bridge") == 0) {
159 CFStringRef interfaceType
;
161 if (net_interface
== NULL
) {
162 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
166 interfaceType
= SCNetworkInterfaceGetInterfaceType(net_interface
);
167 if (!CFEqual(interfaceType
, kSCNetworkInterfaceTypeBridge
)) {
168 SCPrint(TRUE
, stdout
, CFSTR("interface not Bridge\n"));
173 SCPrint(TRUE
, stdout
, CFSTR("no member interface specified\n"));
178 if (nArgs
!= NULL
) *nArgs
+= 1;
180 myInterfaces
= SCBridgeInterfaceGetMemberInterfaces(net_interface
);
181 if (myInterfaces
== NULL
) {
182 SCPrint(TRUE
, stdout
, CFSTR("no member interfaces\n"));
188 else if (strcasecmp(argv
[0], "$vlan") == 0) {
189 CFStringRef interfaceType
;
191 if (net_interface
== NULL
) {
192 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
196 interfaceType
= SCNetworkInterfaceGetInterfaceType(net_interface
);
197 if (!CFEqual(interfaceType
, kSCNetworkInterfaceTypeVLAN
)) {
198 SCPrint(TRUE
, stdout
, CFSTR("interface not VLAN\n"));
202 selected
= SCVLANInterfaceGetPhysicalInterface(net_interface
);
203 if(selected
== NULL
) {
204 SCPrint(TRUE
, stdout
, CFSTR("no physical interface\n"));
210 if ((myInterfaces
== NULL
) && (interfaces
== NULL
)) {
211 interfaces
= _copy_interfaces();
212 if (interfaces
== NULL
) {
215 myInterfaces
= interfaces
;
219 // try to select the interface by its display name
221 select_name
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
223 n
= (myInterfaces
!= NULL
) ? CFArrayGetCount(myInterfaces
) : 0;
224 for (i
= 0; i
< n
; i
++) {
225 SCNetworkInterfaceRef interface
;
226 CFStringRef interfaceName
;
228 interface
= CFArrayGetValueAtIndex(myInterfaces
, i
);
229 interfaceName
= SCNetworkInterfaceGetLocalizedDisplayName(interface
);
230 if ((interfaceName
!= NULL
) && CFEqual(select_name
, interfaceName
)) {
231 if (selected
== NULL
) {
232 selected
= interface
;
234 // if multiple interfaces match
236 SCPrint(TRUE
, stdout
, CFSTR("multiple interfaces match\n"));
242 if (selected
!= NULL
) {
246 // try to select the interface by its BSD name
248 for (i
= 0; i
< n
; i
++) {
249 SCNetworkInterfaceRef interface
;
250 CFStringRef bsd_name
= NULL
;
252 interface
= CFArrayGetValueAtIndex(myInterfaces
, i
);
253 while ((interface
!= NULL
) && (bsd_name
== NULL
)) {
254 bsd_name
= SCNetworkInterfaceGetBSDName(interface
);
255 if (bsd_name
== NULL
) {
256 interface
= SCNetworkInterfaceGetInterface(interface
);
260 if ((bsd_name
!= NULL
) && CFEqual(select_name
, bsd_name
)) {
261 if (selected
== NULL
) {
262 selected
= interface
;
264 // if multiple interfaces match
266 SCPrint(TRUE
, stdout
, CFSTR("multiple interfaces match\n"));
272 if (selected
!= NULL
) {
276 // try to select the interface by its interface type
278 for (i
= 0; i
< n
; i
++) {
279 SCNetworkInterfaceRef interface
;
280 CFStringRef interfaceType
;
282 interface
= CFArrayGetValueAtIndex(myInterfaces
, i
);
283 interfaceType
= SCNetworkInterfaceGetInterfaceType(interface
);
284 if (CFEqual(select_name
, interfaceType
)) {
285 if (selected
== NULL
) {
286 selected
= interface
;
288 // if multiple interfaces match
290 SCPrint(TRUE
, stdout
, CFSTR("multiple interfaces match\n"));
296 if (selected
!= NULL
) {
305 // try to select the interface by its index
308 val
= strtol(str
, &end
, 10);
309 if ((*str
!= '\0') &&
310 ((*end
== '\0') || (*end
== '.')) &&
312 if ((val
> 0) && (val
<= n
)) {
313 selected
= CFArrayGetValueAtIndex(myInterfaces
, val
- 1);
317 val
= strtol(str
, &end
, 10);
318 if ((*str
!= '\0') && (*end
== '\0') && (errno
== 0)) {
320 selected
= SCNetworkInterfaceGetInterface(selected
);
321 if (selected
== NULL
) {
331 if (selected
!= NULL
) {
335 SCPrint(TRUE
, stdout
, CFSTR("no match\n"));
339 if (select_name
!= NULL
) CFRelease(select_name
);
344 /* -------------------- */
349 create_interface(int argc
, char **argv
)
351 SCNetworkInterfaceRef interface
;
352 CFStringRef interfaceName
;
353 CFStringRef interfaceType
;
354 SCNetworkInterfaceRef new_interface
;
357 SCPrint(TRUE
, stdout
, CFSTR("what interface type?\n"));
361 interfaceType
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
365 if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeBond
)) {
366 SCPrint(TRUE
, stdout
, CFSTR("bond creation not yet supported\n"));
369 if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeBridge
)) {
370 SCPrint(TRUE
, stdout
, CFSTR("bridge creation not yet supported\n"));
373 if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeVLAN
)) {
374 SCPrint(TRUE
, stdout
, CFSTR("vlan creation not yet supported\n"));
379 if (net_interface
== NULL
) {
380 SCPrint(TRUE
, stdout
, CFSTR("no network interface selected\n"));
384 interface
= net_interface
;
386 interface
= _find_interface(argc
, argv
, NULL
);
389 if (interface
== NULL
) {
393 new_interface
= SCNetworkInterfaceCreateWithInterface(interface
, interfaceType
);
394 if (new_interface
== NULL
) {
395 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
399 if (new_interfaces
== NULL
) {
400 new_interfaces
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
402 CFArrayAppendValue(new_interfaces
, new_interface
);
404 if (net_interface
!= NULL
) CFRelease(net_interface
);
405 net_interface
= new_interface
;
407 interfaceName
= SCNetworkInterfaceGetLocalizedDisplayName(net_interface
);
408 if (interfaceName
== NULL
) {
409 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
411 if (interfaceName
== NULL
) {
412 interfaceName
= SCNetworkInterfaceGetInterfaceType(net_interface
);
414 SCPrint(TRUE
, stdout
, CFSTR("interface \"%@\" created and selected\n"), interfaceName
);
418 CFRelease(interfaceType
);
423 /* -------------------- */
428 select_interface(int argc
, char **argv
)
430 SCNetworkInterfaceRef interface
;
432 interface
= _find_interface(argc
, argv
, NULL
);
433 if (interface
!= NULL
) {
434 CFStringRef interfaceName
;
436 if (net_interface
!= NULL
) CFRelease(net_interface
);
437 net_interface
= CFRetain(interface
);
439 interfaceName
= SCNetworkInterfaceGetLocalizedDisplayName(interface
);
440 if (interfaceName
== NULL
) {
441 interfaceName
= SCNetworkInterfaceGetBSDName(interface
);
443 if (interfaceName
== NULL
) {
444 interfaceName
= SCNetworkInterfaceGetInterfaceType(interface
);
447 SCPrint(TRUE
, stdout
, CFSTR("interface \"%@\" selected\n"), interfaceName
);
454 /* -------------------- */
459 _show_interface(SCNetworkInterfaceRef interface
, CFStringRef prefix
, Boolean showChild
)
461 CFDictionaryRef configuration
;
462 CFStringRef if_bsd_name
;
463 CFStringRef if_localized_name
;
464 CFStringRef if_mac_address
;
466 Boolean isPhysicalEthernet
;
467 CFArrayRef supported
;
469 if_localized_name
= SCNetworkInterfaceGetLocalizedDisplayName(interface
);
470 if (if_localized_name
!= NULL
) {
471 SCPrint(TRUE
, stdout
, CFSTR("%@ name = %@\n"), prefix
, if_localized_name
);
474 if_bsd_name
= SCNetworkInterfaceGetBSDName(interface
);
475 if (if_bsd_name
!= NULL
) {
476 SCPrint(TRUE
, stdout
, CFSTR("%@ interface name = %@\n"), prefix
, if_bsd_name
);
479 if_type
= SCNetworkInterfaceGetInterfaceType(interface
);
480 SCPrint(TRUE
, stdout
, CFSTR("%@ type = %@\n"), prefix
, if_type
);
482 if_mac_address
= SCNetworkInterfaceGetHardwareAddressString(interface
);
483 if (if_mac_address
!= NULL
) {
484 SCPrint(TRUE
, stdout
, CFSTR("%@ address = %@\n"), prefix
, if_mac_address
);
487 configuration
= SCNetworkInterfaceGetConfiguration(interface
);
488 if ((configuration
!= NULL
) &&
489 CFDictionaryContainsKey(configuration
, kSCResvInactive
)) {
490 configuration
= NULL
;
493 if (if_bsd_name
!= NULL
) {
494 CFArrayRef available
;
495 CFDictionaryRef active
;
496 CFDictionaryRef cap_current
;
501 cap_current
= SCNetworkInterfaceCopyCapability(interface
, NULL
);
502 if (cap_current
!= NULL
) {
504 CFArrayRef cap_names
;
505 CFMutableArrayRef cap_sorted
;
509 n
= CFDictionaryGetCount(cap_current
);
510 keys
= CFAllocatorAllocate(NULL
, n
* sizeof(CFStringRef
), 0);
511 CFDictionaryGetKeysAndValues(cap_current
, keys
, NULL
);
512 cap_names
= CFArrayCreate(NULL
, keys
, n
, &kCFTypeArrayCallBacks
);
513 CFAllocatorDeallocate(NULL
, keys
);
515 cap_sorted
= CFArrayCreateMutableCopy(NULL
, 0, cap_names
);
516 CFRelease(cap_names
);
518 CFArraySortValues(cap_sorted
, CFRangeMake(0, n
), (CFComparatorFunction
)CFStringCompare
, NULL
);
520 SCPrint(TRUE
, stdout
, CFSTR("%@ capabilities = "), prefix
);
521 for (i
= 0; i
< n
; i
++) {
522 CFStringRef cap_name
;
524 CFNumberRef val
= NULL
;
526 cap_name
= CFArrayGetValueAtIndex(cap_sorted
, i
);
527 if (configuration
!= NULL
) {
528 val
= CFDictionaryGetValue(configuration
, cap_name
);
530 if (!isA_CFNumber(val
)) {
531 val
= CFDictionaryGetValue(cap_current
, cap_name
);
534 SCPrint(TRUE
, stdout
, CFSTR("%s%@%c"),
537 (CFNumberGetValue(val
, kCFNumberIntType
, &cap_val
) &&
538 (cap_val
!= 0)) ? '+' : '-');
540 SCPrint(TRUE
, stdout
, CFSTR("\n"));
542 CFRelease(cap_sorted
);
543 CFRelease(cap_current
);
546 if (SCNetworkInterfaceCopyMTU(interface
, &mtu_cur
, &mtu_min
, &mtu_max
)) {
547 char isCurrent
= '*';
549 if (configuration
!= NULL
) {
553 num
= CFDictionaryGetValue(configuration
, kSCPropNetEthernetMTU
);
554 if (isA_CFNumber(num
)) {
555 CFNumberGetValue(num
, kCFNumberIntType
, &mtu_req
);
556 if (mtu_cur
!= mtu_req
) {
563 SCPrint(TRUE
, stdout
, CFSTR("%@ mtu %c = %d (%d < n < %d)\n"),
571 if (SCNetworkInterfaceCopyMediaOptions(interface
, NULL
, &active
, &available
, TRUE
)) {
572 char isCurrent
= ' ';
573 CFArrayRef options
= NULL
;
574 CFArrayRef options_req
= NULL
;
575 CFStringRef subtype
= NULL
;
576 CFStringRef subtype_req
= NULL
;
578 if (configuration
!= NULL
) {
579 subtype_req
= CFDictionaryGetValue(configuration
, kSCPropNetEthernetMediaSubType
);
580 options_req
= CFDictionaryGetValue(configuration
, kSCPropNetEthernetMediaOptions
);
583 if (subtype_req
== NULL
) {
584 subtype_req
= CFSTR("autoselect");
587 if (active
!= NULL
) {
588 subtype
= CFDictionaryGetValue(active
, kSCPropNetEthernetMediaSubType
);
589 options
= CFDictionaryGetValue(active
, kSCPropNetEthernetMediaOptions
);
592 if (subtype
!= NULL
) {
593 if (((subtype_req
!= NULL
) &&
594 CFEqual(subtype
, subtype_req
)) &&
595 ((options
== options_req
) ||
596 ((options
!= NULL
) &&
597 (options_req
!= NULL
) &&
598 CFEqual(options
, options_req
)))
601 } else if ((subtype_req
== NULL
) ||
602 ((subtype_req
!= NULL
) &&
603 CFEqual(subtype_req
, CFSTR("autoselect")))) {
604 // if requested subtype not specified or "autoselect"
609 if (subtype_req
!= NULL
) {
610 SCPrint(TRUE
, stdout
, CFSTR("%@ media %c = %@"),
615 if ((options_req
!= NULL
) &&
616 (CFArrayGetCount(options_req
) > 0)) {
617 CFStringRef options_str
;
619 options_str
= CFStringCreateByCombiningStrings(NULL
, options_req
, CFSTR(","));
620 SCPrint(TRUE
, stdout
, CFSTR(" <%@>"), options_str
);
621 CFRelease(options_str
);
624 SCPrint(TRUE
, stdout
, CFSTR("\n"));
627 SCPrint(TRUE
, stdout
, CFSTR("\n"));
629 if (available
!= NULL
) {
634 subtypes
= SCNetworkInterfaceCopyMediaSubTypes(available
);
635 n_subtypes
= (subtypes
!= NULL
) ? CFArrayGetCount(subtypes
) : 0;
636 for (i
= 0; i
< n_subtypes
; i
++) {
638 CFIndex n_subtype_options
;
640 CFArrayRef subtype_options
;
642 subtype
= CFArrayGetValueAtIndex(subtypes
, i
);
643 subtype_options
= SCNetworkInterfaceCopyMediaSubTypeOptions(available
, subtype
);
644 n_subtype_options
= (subtype_options
!= NULL
) ? CFArrayGetCount(subtype_options
) : 0;
645 for (j
= 0; j
< n_subtype_options
; j
++) {
646 char isCurrent
= ' ';
649 options
= CFArrayGetValueAtIndex(subtype_options
, j
);
651 if (((subtype_req
!= NULL
) &&
652 CFEqual(subtype
, subtype_req
)) &&
653 ((options
== options_req
) ||
654 ((options
!= NULL
) &&
655 (options_req
!= NULL
) &&
656 CFEqual(options
, options_req
)))
661 SCPrint(TRUE
, stdout
, CFSTR("%@ %s %c = %@"),
663 ((i
== 0) && (j
== 0)) ? "supported media" : " ",
667 if ((options
!= NULL
) &&
668 (CFArrayGetCount(options
) > 0)) {
669 CFStringRef options_str
;
671 options_str
= CFStringCreateByCombiningStrings(NULL
, options
, CFSTR(","));
672 SCPrint(TRUE
, stdout
, CFSTR(" <%@>"), options_str
);
673 CFRelease(options_str
);
676 SCPrint(TRUE
, stdout
, CFSTR("\n"));
678 if (subtype_options
!= NULL
) CFRelease(subtype_options
);
680 if (subtypes
!= NULL
) CFRelease(subtypes
);
683 SCPrint(TRUE
, stdout
, CFSTR("\n"));
687 supported
= SCNetworkInterfaceGetSupportedInterfaceTypes(interface
);
688 SCPrint(TRUE
, stdout
, CFSTR("%@ supported interfaces = "), prefix
);
689 if (supported
!= NULL
) {
691 CFIndex n
= CFArrayGetCount(supported
);
693 for (i
= 0; i
< n
; i
++) {
694 SCPrint(TRUE
, stdout
, CFSTR("%s%@"),
695 (i
== 0) ? "" : ", ",
696 CFArrayGetValueAtIndex(supported
, i
));
699 SCPrint(TRUE
, stdout
, CFSTR("\n"));
701 supported
= SCNetworkInterfaceGetSupportedProtocolTypes(interface
);
702 SCPrint(TRUE
, stdout
, CFSTR("%@ supported protocols = "), prefix
);
703 if (supported
!= NULL
) {
705 CFIndex n
= CFArrayGetCount(supported
);
707 for (i
= 0; i
< n
; i
++) {
708 SCPrint(TRUE
, stdout
, CFSTR("%s%@"),
709 (i
== 0) ? "" : ", ",
710 CFArrayGetValueAtIndex(supported
, i
));
713 SCPrint(TRUE
, stdout
, CFSTR("\n"));
715 isPhysicalEthernet
= _SCNetworkInterfaceIsPhysicalEthernet(interface
);
716 SCPrint(TRUE
, stdout
, CFSTR("%@ is physical ethernet = %s \n"),
717 prefix
, (isPhysicalEthernet
== TRUE
) ? "YES" : "NO");
719 if (configuration
!= NULL
) {
720 CFMutableDictionaryRef effective
;
722 effective
= CFDictionaryCreateMutableCopy(NULL
, 0, configuration
);
724 // remove known (and already reported) interface configuration keys
725 if (CFDictionaryContainsKey(effective
, kSCResvInactive
)) {
726 CFDictionaryRemoveAllValues(effective
);
728 CFDictionaryRemoveValue(effective
, kSCPropNetEthernetMTU
);
729 CFDictionaryRemoveValue(effective
, kSCPropNetEthernetMediaSubType
);
730 CFDictionaryRemoveValue(effective
, kSCPropNetEthernetMediaOptions
);
732 if (CFDictionaryGetCount(effective
) > 0) {
733 SCPrint(TRUE
, stdout
, CFSTR("\n%@ per-interface configuration\n"), prefix
);
734 _show_entity(effective
, prefix
);
737 CFRelease(effective
);
740 if (CFEqual(if_type
, kSCNetworkInterfaceTypePPP
)) {
741 SCNetworkInterfaceRef childInterface
;
743 childInterface
= SCNetworkInterfaceGetInterface(interface
);
744 if (childInterface
!= NULL
) {
745 CFStringRef childInterfaceType
;
747 childInterfaceType
= SCNetworkInterfaceGetInterfaceType(childInterface
);
748 if (CFEqual(childInterfaceType
, kSCNetworkInterfaceTypeL2TP
)) {
749 CFDictionaryRef ipsec_configuration
;
751 ipsec_configuration
= SCNetworkInterfaceGetExtendedConfiguration(interface
, kSCEntNetIPSec
);
752 if (isA_CFDictionary(ipsec_configuration
) &&
753 (CFDictionaryGetCount(ipsec_configuration
) > 0)) {
754 SCPrint(TRUE
, stdout
, CFSTR("\n%@ per-interface IPSec configuration\n"), prefix
);
755 _show_entity(ipsec_configuration
, prefix
);
762 SCPrint(TRUE
, stdout
, CFSTR("\n%@\n"), interface
);
765 interface
= SCNetworkInterfaceGetInterface(interface
);
766 if (interface
!= NULL
) {
767 CFStringRef newPrefix
;
769 newPrefix
= CFStringCreateWithFormat(NULL
, NULL
, CFSTR("%@ "), prefix
);
770 SCPrint(TRUE
, stdout
, CFSTR("\n%@child interface\n"), newPrefix
);
771 _show_interface(interface
, newPrefix
, showChild
);
772 CFRelease(newPrefix
);
779 /* -------------------- */
783 validateMediaOptions(SCNetworkInterfaceRef interface
, CFMutableDictionaryRef newConfiguration
)
790 mtu
= CFDictionaryGetValue(newConfiguration
, kSCPropNetEthernetMTU
);
791 if (isA_CFNumber(mtu
)) {
796 if (!SCNetworkInterfaceCopyMTU(interface
, NULL
, &mtu_min
, &mtu_max
)) {
797 SCPrint(TRUE
, stdout
, CFSTR("cannot set MTU\n"));
801 if (!CFNumberGetValue(mtu
, kCFNumberIntType
, &mtu_val
) ||
802 (mtu_val
< mtu_min
) ||
803 (mtu_val
> mtu_max
)) {
804 SCPrint(TRUE
, stdout
, CFSTR("mtu out of range\n"));
809 subtype
= CFDictionaryGetValue(newConfiguration
, kSCPropNetEthernetMediaSubType
);
810 options
= CFDictionaryGetValue(newConfiguration
, kSCPropNetEthernetMediaOptions
);
812 if (subtype
!= NULL
) {
813 CFArrayRef available
= NULL
;
814 CFArrayRef config_options
= options
;
815 CFArrayRef subtypes
= NULL
;
816 CFArrayRef subtype_options
= NULL
;
820 if (options
== NULL
) {
821 config_options
= CFArrayCreate(NULL
, NULL
, 0, &kCFTypeArrayCallBacks
);
824 if (!SCNetworkInterfaceCopyMediaOptions(interface
, NULL
, NULL
, &available
, FALSE
)) {
825 SCPrint(TRUE
, stdout
, CFSTR("media type / options not available\n"));
829 if (available
== NULL
) {
833 subtypes
= SCNetworkInterfaceCopyMediaSubTypes(available
);
834 if ((subtypes
== NULL
) ||
835 !CFArrayContainsValue(subtypes
,
836 CFRangeMake(0, CFArrayGetCount(subtypes
)),
838 SCPrint(TRUE
, stdout
, CFSTR("media type not valid\n"));
842 subtype_options
= SCNetworkInterfaceCopyMediaSubTypeOptions(available
, subtype
);
843 if ((subtype_options
== NULL
) ||
844 !CFArrayContainsValue(subtype_options
,
845 CFRangeMake(0, CFArrayGetCount(subtype_options
)),
847 SCPrint(TRUE
, stdout
, CFSTR("media options not valid for \"%@\"\n"), subtype
);
851 if (options
== NULL
) {
852 CFDictionarySetValue(newConfiguration
, kSCPropNetEthernetMediaOptions
, config_options
);
859 if (available
!= NULL
) CFRelease(available
);
860 if (subtypes
!= NULL
) CFRelease(subtypes
);
861 if (subtype_options
!= NULL
) CFRelease(subtype_options
);
862 if (options
== NULL
) CFRelease(config_options
);
864 if (options
!= NULL
) {
865 SCPrint(TRUE
, stdout
, CFSTR("media type and options must both be specified\n"));
874 /* -------------------- */
879 show_interfaces(int argc
, char **argv
)
884 if (interfaces
!= NULL
) CFRelease(interfaces
);
885 interfaces
= _copy_interfaces();
886 if (interfaces
== NULL
) {
890 n
= CFArrayGetCount(interfaces
);
891 for (i
= 0; i
< n
; i
++) {
892 CFIndex childIndex
= 0;
893 SCNetworkInterfaceRef interface
;
895 interface
= CFArrayGetValueAtIndex(interfaces
, i
);
897 CFStringRef interfaceName
;
900 interfaceName
= SCNetworkInterfaceGetLocalizedDisplayName(interface
);
901 if (interfaceName
== NULL
) {
902 interfaceName
= SCNetworkInterfaceGetBSDName(interface
);
904 if (interfaceName
== NULL
) {
905 interfaceName
= SCNetworkInterfaceGetInterfaceType(interface
);
909 if ((net_interface
!= NULL
) && CFEqual(interface
, net_interface
)) {
913 if (childIndex
== 0) {
914 SCPrint(TRUE
, stdout
, CFSTR("%c%2d: %@\n"),
919 SCPrint(TRUE
, stdout
, CFSTR("%c%2d.%d: %@\n"),
927 CFMutableStringRef desc
;
930 str
= CFCopyDescription(interface
);
931 desc
= CFStringCreateMutableCopy(NULL
, 0, str
);
934 CFStringFindAndReplace(desc
,
937 CFRangeMake(0, CFStringGetLength(desc
)),
939 CFStringFindAndReplace(desc
,
942 CFRangeMake(0, CFStringGetLength(desc
)),
944 CFStringFindAndReplace(desc
,
947 CFRangeMake(0, CFStringGetLength(desc
)),
949 SCPrint(TRUE
, stdout
, CFSTR("\n %@\n\n"), desc
);
953 interface
= SCNetworkInterfaceGetInterface(interface
);
955 } while (interface
!= NULL
);
962 /* -------------------- */
966 __doRank(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
968 SCNetworkInterfaceRef interface
;
969 CFStringRef interfaceName
;
971 SCNetworkServicePrimaryRank rank
= kSCNetworkServicePrimaryRankDefault
;
972 SCDynamicStoreRef store
;
975 SCPrint(TRUE
, stdout
,
976 CFSTR("%s not specified\n"),
977 description
!= NULL
? description
: "rank");
981 if (strlen(argv
[0]) == 0) {
982 rank
= kSCNetworkServicePrimaryRankDefault
;
983 } else if ((strcasecmp(argv
[0], "First") == 0)) {
984 rank
= kSCNetworkServicePrimaryRankFirst
;
985 } else if ((strcasecmp(argv
[0], "Last") == 0)) {
986 rank
= kSCNetworkServicePrimaryRankLast
;
987 } else if ((strcasecmp(argv
[0], "Never") == 0)) {
988 rank
= kSCNetworkServicePrimaryRankNever
;
990 SCPrint(TRUE
, stdout
, CFSTR("invalid rank\n"));
994 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
995 if (interfaceName
== NULL
) {
996 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1000 store
= SCDynamicStoreCreate(NULL
, CFSTR("scutil --net"), NULL
, NULL
);
1001 interface
= _SCNetworkInterfaceCopyActive(store
, interfaceName
);
1003 if (interface
== NULL
) {
1004 SCPrint(TRUE
, stdout
, CFSTR("No active interface\n"));
1008 ok
= SCNetworkInterfaceSetPrimaryRank(interface
, rank
);
1009 CFRelease(interface
);
1011 SCPrint(TRUE
, stdout
, CFSTR("could not update per-interface rank\n"));
1019 /* -------------------- */
1023 _replaceOne(const void *key
, const void *value
, void *context
)
1025 CFMutableDictionaryRef newConfiguration
= (CFMutableDictionaryRef
)context
;
1027 CFDictionarySetValue(newConfiguration
, key
, value
);
1033 updateInterfaceConfiguration(CFMutableDictionaryRef newConfiguration
)
1035 CFDictionaryRef configuration
;
1037 CFDictionaryRemoveAllValues(newConfiguration
);
1039 configuration
= SCNetworkInterfaceGetConfiguration(net_interface
);
1040 if (configuration
!= NULL
) {
1041 CFDictionaryApplyFunction(configuration
, _replaceOne
, (void *)newConfiguration
);
1049 #pragma mark Bond options
1052 static options bondOptions
[] = {
1053 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1054 // xxx { "+device" , ... },
1055 // xxx { "-device" , ... },
1057 { "?" , NULL
, isHelp
, NULL
, NULL
,
1058 "\nBond configuration commands\n\n"
1059 " set interface [mtu n] [media type] [mediaopts opts]\n"
1062 #define N_BOND_OPTIONS (sizeof(bondOptions) / sizeof(bondOptions[0]))
1066 set_interface_bond(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1068 CFStringRef interfaceName
;
1071 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1072 if (interfaceName
== NULL
) {
1073 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1077 ok
= _process_options(bondOptions
, N_BOND_OPTIONS
, argc
, argv
, newConfiguration
);
1079 // validate configuration
1080 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1090 #pragma mark Bridge options
1093 static options bridgeOptions
[] = {
1094 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1095 // xxx { "+device" , ... },
1096 // xxx { "-device" , ... },
1098 { "?" , NULL
, isHelp
, NULL
, NULL
,
1099 "\nBridge configuration commands\n\n"
1100 " set interface [mtu n] [media type] [mediaopts opts]\n"
1103 #define N_BRIDGE_OPTIONS (sizeof(bridgeOptions) / sizeof(bridgeOptions[0]))
1107 set_interface_bridge(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1109 CFStringRef interfaceName
;
1112 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1113 if (interfaceName
== NULL
) {
1114 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1118 ok
= _process_options(bridgeOptions
, N_BRIDGE_OPTIONS
, argc
, argv
, newConfiguration
);
1120 // validate configuration
1121 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1131 #pragma mark AirPort options
1134 static options airportOptions
[] = {
1135 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1136 { "media" , NULL
, isString
, &kSCPropNetEthernetMediaSubType
, NULL
, NULL
},
1137 { "mediaopt" , NULL
, isStringArray
, &kSCPropNetEthernetMediaOptions
, NULL
, NULL
},
1139 { "rank" , NULL
, isOther
, NULL
, __doRank
, NULL
},
1141 { "?" , NULL
, isHelp
, NULL
, NULL
,
1142 "\nAirPort configuration commands\n\n"
1143 " set interface [mtu n] [media type] [mediaopts opts]\n"
1146 #define N_AIRPORT_OPTIONS (sizeof(airportOptions) / sizeof(airportOptions[0]))
1150 set_interface_airport(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1152 CFStringRef interfaceName
;
1155 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1156 if (interfaceName
== NULL
) {
1157 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1161 ok
= _process_options(airportOptions
, N_AIRPORT_OPTIONS
, argc
, argv
, newConfiguration
);
1163 // validate configuration
1164 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1174 #pragma mark Ethernet options
1178 __doCapability(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1183 SCPrint(TRUE
, stdout
,
1184 CFSTR("%s not specified\n"),
1185 description
!= NULL
? description
: "enable/disable");
1189 if (strlen(argv
[0]) == 0) {
1190 ok
= SCNetworkInterfaceSetCapability(net_interface
, key
, NULL
);
1191 } else if ((strcasecmp(argv
[0], "disable") == 0) ||
1192 (strcasecmp(argv
[0], "no" ) == 0) ||
1193 (strcasecmp(argv
[0], "off" ) == 0) ||
1194 (strcasecmp(argv
[0], "0" ) == 0)) {
1195 ok
= SCNetworkInterfaceSetCapability(net_interface
, key
, CFNumberRef_0
);
1196 } else if ((strcasecmp(argv
[0], "enable") == 0) ||
1197 (strcasecmp(argv
[0], "yes" ) == 0) ||
1198 (strcasecmp(argv
[0], "on" ) == 0) ||
1199 (strcasecmp(argv
[0], "1" ) == 0)) {
1200 ok
= SCNetworkInterfaceSetCapability(net_interface
, key
, CFNumberRef_1
);
1202 SCPrint(TRUE
, stdout
, CFSTR("invalid value\n"));
1207 updateInterfaceConfiguration(newConfiguration
);
1209 SCPrint(TRUE
, stdout
,
1210 CFSTR("%@ not updated: %s\n"),
1212 SCErrorString(SCError()));
1220 static options ethernetOptions
[] = {
1221 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1222 { "media" , NULL
, isString
, &kSCPropNetEthernetMediaSubType
, NULL
, NULL
},
1223 { "mediaopt" , NULL
, isStringArray
, &kSCPropNetEthernetMediaOptions
, NULL
, NULL
},
1225 { "av" , NULL
, isOther
, &kSCPropNetEthernetCapabilityAV
, __doCapability
, NULL
},
1226 { "lro" , NULL
, isOther
, &kSCPropNetEthernetCapabilityLRO
, __doCapability
, NULL
},
1227 { "rxcsum" , NULL
, isOther
, &kSCPropNetEthernetCapabilityRXCSUM
, __doCapability
, NULL
},
1228 { "tso" , NULL
, isOther
, &kSCPropNetEthernetCapabilityTSO
, __doCapability
, NULL
},
1229 { "txcsum" , NULL
, isOther
, &kSCPropNetEthernetCapabilityTXCSUM
, __doCapability
, NULL
},
1231 { "rank" , NULL
, isOther
, NULL
, __doRank
, NULL
},
1233 { "?" , NULL
, isHelp
, NULL
, NULL
,
1234 "\nEthernet configuration commands\n\n"
1235 " set interface [mtu n] [media type] [mediaopts opts]\n"
1238 #define N_ETHERNET_OPTIONS (sizeof(ethernetOptions) / sizeof(ethernetOptions[0]))
1242 set_interface_ethernet(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1244 CFStringRef interfaceName
;
1247 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1248 if (interfaceName
== NULL
) {
1249 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1253 ok
= _process_options(ethernetOptions
, N_ETHERNET_OPTIONS
, argc
, argv
, newConfiguration
);
1255 // validate configuration
1256 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1266 #pragma mark IPSec options
1270 __doIPSecSharedSecret(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1272 CFStringRef encryptionType
;
1275 SCPrint(TRUE
, stdout
, CFSTR("IPSec shared secret not specified\n"));
1279 encryptionType
= CFDictionaryGetValue(newConfiguration
, kSCPropNetIPSecSharedSecretEncryption
);
1280 if (strlen(argv
[0]) > 0) {
1281 if (encryptionType
== NULL
) {
1282 #ifdef INLINE_PASSWORDS_USE_CFSTRING
1285 pw
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1286 #else // INLINE_PASSWORDS_USE_CFSTRING
1288 CFMutableDataRef pw
;
1291 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1292 n
= CFStringGetLength(str
);
1293 pw
= CFDataCreateMutable(NULL
, n
* sizeof(UniChar
));
1294 CFDataSetLength(pw
, n
* sizeof(UniChar
));
1295 /* ALIGN: CF aligns to at least >8 bytes */
1296 CFStringGetCharacters(str
,
1298 (UniChar
*)(void *)CFDataGetMutableBytePtr(pw
));
1300 #endif // INLINE_PASSWORDS_USE_CFSTRING
1302 CFDictionarySetValue(newConfiguration
, key
, pw
);
1304 } else if (CFEqual(encryptionType
, kSCValNetIPSecSharedSecretEncryptionKeychain
)) {
1309 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1310 pw
= CFStringCreateExternalRepresentation(NULL
, str
, kCFStringEncodingUTF8
, 0);
1311 ok
= SCNetworkInterfaceSetPassword(net_interface
,
1312 kSCNetworkInterfacePasswordTypeIPSecSharedSecret
,
1318 updateInterfaceConfiguration(newConfiguration
);
1323 SCPrint(TRUE
, stdout
, CFSTR("IPSec shared secret type \"%@\" not supported\n"), encryptionType
);
1327 if (encryptionType
== NULL
) {
1328 CFDictionaryRemoveValue(newConfiguration
, key
);
1329 } else if (CFEqual(encryptionType
, kSCValNetIPSecSharedSecretEncryptionKeychain
)) {
1331 ok
= SCNetworkInterfaceRemovePassword(net_interface
, kSCNetworkInterfacePasswordTypeIPSecSharedSecret
);
1333 updateInterfaceConfiguration(newConfiguration
);
1338 SCPrint(TRUE
, stdout
, CFSTR("IPSec shared secret type \"%@\" not supported\n"), encryptionType
);
1348 __doIPSecSharedSecretType(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1351 SCPrint(TRUE
, stdout
, CFSTR("IPSec shared secret type mode not specified\n"));
1355 if (strlen(argv
[0]) > 0) {
1356 if (strcasecmp(argv
[0], "keychain") == 0) {
1357 CFDictionarySetValue(newConfiguration
, key
, kSCValNetIPSecSharedSecretEncryptionKeychain
);
1359 SCPrint(TRUE
, stdout
, CFSTR("invalid shared secret type\n"));
1363 CFDictionaryRemoveValue(newConfiguration
, key
);
1366 // encryption type changed, reset shared secret
1367 CFDictionaryRemoveValue(newConfiguration
, kSCPropNetIPSecSharedSecret
);
1374 __doIPSecXAuthPassword(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1376 CFStringRef encryptionType
;
1379 SCPrint(TRUE
, stdout
, CFSTR("IPSec XAuth password not specified\n"));
1383 encryptionType
= CFDictionaryGetValue(newConfiguration
, kSCPropNetIPSecXAuthPasswordEncryption
);
1384 if (strlen(argv
[0]) > 0) {
1385 if (encryptionType
== NULL
) {
1386 #ifdef INLINE_PASSWORDS_USE_CFSTRING
1389 pw
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1390 #else // INLINE_PASSWORDS_USE_CFSTRING
1392 CFMutableDataRef pw
;
1395 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1396 n
= CFStringGetLength(str
);
1397 pw
= CFDataCreateMutable(NULL
, n
* sizeof(UniChar
));
1398 CFDataSetLength(pw
, n
* sizeof(UniChar
));
1399 /* ALIGN: CF aligns to at least >8 byte boundries */
1400 CFStringGetCharacters(str
,
1402 (UniChar
*)(void *)CFDataGetMutableBytePtr(pw
));
1404 #endif // INLINE_PASSWORDS_USE_CFSTRING
1406 CFDictionarySetValue(newConfiguration
, key
, pw
);
1408 } else if (CFEqual(encryptionType
, kSCValNetIPSecXAuthPasswordEncryptionKeychain
)) {
1413 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1414 pw
= CFStringCreateExternalRepresentation(NULL
, str
, kCFStringEncodingUTF8
, 0);
1415 ok
= SCNetworkInterfaceSetPassword(net_interface
,
1416 kSCNetworkInterfacePasswordTypeIPSecXAuth
,
1422 updateInterfaceConfiguration(newConfiguration
);
1427 SCPrint(TRUE
, stdout
, CFSTR("IPSec XAuthPassword type \"%@\" not supported\n"), encryptionType
);
1431 if (encryptionType
== NULL
) {
1432 CFDictionaryRemoveValue(newConfiguration
, key
);
1433 } else if (CFEqual(encryptionType
, kSCValNetIPSecXAuthPasswordEncryptionKeychain
)) {
1436 ok
= SCNetworkInterfaceRemovePassword(net_interface
, kSCNetworkInterfacePasswordTypeIPSecXAuth
);
1438 updateInterfaceConfiguration(newConfiguration
);
1443 SCPrint(TRUE
, stdout
, CFSTR("IPSec XAuthPassword type \"%@\" not supported\n"), encryptionType
);
1453 __doIPSecXAuthPasswordType(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1456 SCPrint(TRUE
, stdout
, CFSTR("IPSec XAuth password type mode not specified\n"));
1460 if (strlen(argv
[0]) > 0) {
1461 if (strcasecmp(argv
[0], "keychain") == 0) {
1462 CFDictionarySetValue(newConfiguration
, key
, kSCValNetIPSecXAuthPasswordEncryptionKeychain
);
1464 SCPrint(TRUE
, stdout
, CFSTR("invalid XAuth password type\n"));
1468 CFDictionaryRemoveValue(newConfiguration
, key
);
1471 // encryption type changed, reset XAuthPassword
1472 CFDictionaryRemoveValue(newConfiguration
, kSCPropNetIPSecXAuthPassword
);
1478 static CF_RETURNS_RETAINED CFStringRef
1479 __cleanupDomainName(CFStringRef domain
)
1481 CFMutableStringRef newDomain
;
1483 newDomain
= CFStringCreateMutableCopy(NULL
, 0, domain
);
1484 CFStringTrimWhitespace(newDomain
);
1485 CFStringTrim(newDomain
, CFSTR("."));
1486 if (CFStringGetLength(newDomain
) == 0) {
1487 CFRelease(newDomain
);
1496 __doOnDemandDomains(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1498 CFMutableArrayRef domains
;
1501 SCPrint(TRUE
, stdout
, CFSTR("OnDemand domain name(s) not specified\n"));
1505 domains
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
1507 if (strlen(argv
[0]) > 0) {
1511 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1512 array
= CFStringCreateArrayBySeparatingStrings(NULL
, str
, CFSTR(","));
1515 if (array
!= NULL
) {
1517 CFIndex n
= CFArrayGetCount(array
);
1519 for (i
= 0; i
< n
; i
++) {
1522 domain
= __cleanupDomainName(CFArrayGetValueAtIndex(array
, i
));
1523 if (domain
!= NULL
) {
1524 CFArrayAppendValue(domains
, domain
);
1529 SCPrint(TRUE
, stdout
, CFSTR("invalid OnDemand domain name\n"));
1537 if (CFArrayGetCount(domains
) > 0) {
1538 CFDictionarySetValue(newConfiguration
, key
, domains
);
1540 CFDictionaryRemoveValue(newConfiguration
, key
);
1548 static options ipsecOnDemandOptions
[] = {
1549 { "OnDemandMatchDomainsAlways" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsAlways
, __doOnDemandDomains
, NULL
},
1550 { "always" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsAlways
, __doOnDemandDomains
, NULL
},
1551 { "OnDemandMatchDomainsOnRetry", "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsOnRetry
, __doOnDemandDomains
, NULL
},
1552 { "retry" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsOnRetry
, __doOnDemandDomains
, NULL
},
1553 { "OnDemandMatchDomainsNever" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsNever
, __doOnDemandDomains
, NULL
},
1554 { "never" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsNever
, __doOnDemandDomains
, NULL
},
1556 { "?" , NULL
, isHelp
, NULL
, NULL
,
1557 "\nOnDemandMatch configuration commands\n\n"
1558 " set interface OnDemandMatch always domain-name[,domain-name]\n"
1559 " set interface OnDemandMatch retry domain-name[,domain-name]\n"
1560 " set interface OnDemandMatch never domain-name[,domain-name]\n"
1563 #define N_IPSEC_ONDEMAND_OPTIONS (sizeof(ipsecOnDemandOptions) / sizeof(ipsecOnDemandOptions[0]))
1567 __doIPSecOnDemandMatch(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1572 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
1576 ok
= _process_options(ipsecOnDemandOptions
, N_IPSEC_ONDEMAND_OPTIONS
, argc
, argv
, newConfiguration
);
1587 static selections ipsecAuthenticationMethodSelections
[] = {
1588 { CFSTR("SharedSecret"), &kSCValNetIPSecAuthenticationMethodSharedSecret
, 0 },
1589 { CFSTR("Certificate") , &kSCValNetIPSecAuthenticationMethodCertificate
, 0 },
1590 { CFSTR("Hybrid") , &kSCValNetIPSecAuthenticationMethodHybrid
, 0 },
1595 static selections ipsecLocalIdentifierTypeSelections
[] = {
1596 { CFSTR("KeyID") , &kSCValNetIPSecLocalIdentifierTypeKeyID
, 0 },
1601 static options ipsecOptions
[] = {
1602 { "AuthenticationMethod" , NULL
, isChooseOne
, &kSCPropNetIPSecAuthenticationMethod
, NULL
, (void *)ipsecAuthenticationMethodSelections
},
1603 { "LocalIdentifier" , NULL
, isString
, &kSCPropNetIPSecLocalIdentifier
, NULL
, NULL
},
1604 { "group" , NULL
, isString
, &kSCPropNetIPSecLocalIdentifier
, NULL
, NULL
},
1605 { "LocalIdentifierType" , NULL
, isChooseOne
, &kSCPropNetIPSecLocalIdentifierType
, NULL
, (void *)ipsecLocalIdentifierTypeSelections
},
1606 { "RemoteAddress" , NULL
, isString
, &kSCPropNetIPSecRemoteAddress
, NULL
, NULL
},
1607 { "SharedSecret" , NULL
, isOther
, &kSCPropNetIPSecSharedSecret
, __doIPSecSharedSecret
, NULL
},
1608 { "SharedSecretEncryption" , NULL
, isOther
, &kSCPropNetIPSecSharedSecretEncryption
, __doIPSecSharedSecretType
, NULL
},
1611 { "XAuthEnabled" , NULL
, isBoolean
, &kSCPropNetIPSecXAuthEnabled
, NULL
, NULL
},
1612 { "XAuthName" , NULL
, isString
, &kSCPropNetIPSecXAuthName
, NULL
, NULL
},
1613 { "XAuthPassword" , NULL
, isOther
, &kSCPropNetIPSecXAuthPassword
, __doIPSecXAuthPassword
, NULL
},
1614 { "XAuthPasswordEncryption", NULL
, isOther
, &kSCPropNetIPSecXAuthPasswordEncryption
, __doIPSecXAuthPasswordType
, NULL
},
1616 // --- OnDemand: ---
1617 { "OnDemandEnabled" , NULL
, isBoolean
, &kSCPropNetIPSecOnDemandEnabled
, NULL
, NULL
},
1618 { "OnDemandMatch" , NULL
, isOther
, NULL
, __doIPSecOnDemandMatch
, NULL
},
1620 { "?" , NULL
, isHelp
, NULL
, NULL
,
1621 "\nIPSec configuration commands\n\n"
1622 " set interface [AuthenticationMethod {SharedSecret|Certificate|Hybrid}]\n"
1623 " set interface [LocalIdentifier group]\n"
1624 " set interface [LocalIdentifierType {KeyID}]\n"
1625 " set interface [RemoteAddress name-or-address]\n"
1626 " set interface [SharedSecret secret]\n"
1627 " set interface [SharedSecretEncryption {Keychain}]\n"
1628 " set interface [XAuthEnabled {enable|disable}]\n"
1629 " set interface [XAuthPassword password]\n"
1630 " set interface [XAuthPasswordEncryption {Keychain}]\n"
1631 " set interface [OnDemandEnabled {enable|disable}]\n"
1632 " set interface [OnDemandMatch <match-options>]\n"
1635 #define N_IPSEC_OPTIONS (sizeof(ipsecOptions) / sizeof(ipsecOptions[0]))
1639 set_interface_ipsec(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1643 ok
= _process_options(ipsecOptions
, N_IPSEC_OPTIONS
, argc
, argv
, newConfiguration
);
1649 #pragma mark FireWire options
1652 static options firewireOptions
[] = {
1653 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1654 { "media" , NULL
, isString
, &kSCPropNetEthernetMediaSubType
, NULL
, NULL
},
1655 { "mediaopt" , NULL
, isStringArray
, &kSCPropNetEthernetMediaOptions
, NULL
, NULL
},
1657 { "?" , NULL
, isHelp
, NULL
, NULL
,
1658 "\nFireWire configuration commands\n\n"
1659 " set interface [mtu n] [media type] [mediaopts opts]\n"
1662 #define N_FIREWIRE_OPTIONS (sizeof(firewireOptions) / sizeof(firewireOptions[0]))
1666 set_interface_firewire(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1668 CFStringRef interfaceName
;
1671 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1672 if (interfaceName
== NULL
) {
1673 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1677 ok
= _process_options(firewireOptions
, N_FIREWIRE_OPTIONS
, argc
, argv
, newConfiguration
);
1679 // validate configuration
1680 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1690 #pragma mark Modem options
1693 static selections modemDialSelections
[] = {
1694 { CFSTR("ignore"), &kSCValNetModemDialModeIgnoreDialTone
, 0 },
1695 { CFSTR("manual"), &kSCValNetModemDialModeManual
, 0 },
1696 { CFSTR("wait") , &kSCValNetModemDialModeWaitForDialTone
, 0 },
1700 static options modemOptions
[] = {
1701 { "ConnectionScript" , "script", isString
, &kSCPropNetModemConnectionScript
, NULL
, NULL
},
1702 { "DialMode" , "mode" , isChooseOne
, &kSCPropNetModemDialMode
, NULL
, (void *)modemDialSelections
},
1703 { "CallWaiting" , NULL
, isBoolean
, &kSCPropNetModemHoldEnabled
, NULL
, NULL
},
1704 { "CallWaitingAlert" , NULL
, isBoolean
, &kSCPropNetModemHoldCallWaitingAudibleAlert
, NULL
, NULL
},
1705 { "CallWaitingDisconnectOnAnswer", NULL
, isBoolean
, &kSCPropNetModemHoldDisconnectOnAnswer
, NULL
, NULL
},
1706 { "DataCompression" , NULL
, isBoolean
, &kSCPropNetModemDataCompression
, NULL
, NULL
},
1707 { "ErrorCorrection" , NULL
, isBoolean
, &kSCPropNetModemErrorCorrection
, NULL
, NULL
},
1708 { "HoldReminder" , NULL
, isBoolean
, &kSCPropNetModemHoldReminder
, NULL
, NULL
},
1709 { "HoldReminderTime" , "time" , isNumber
, &kSCPropNetModemHoldReminderTime
, NULL
, NULL
},
1710 { "PulseDial" , NULL
, isBoolean
, &kSCPropNetModemPulseDial
, NULL
, NULL
},
1711 { "Speaker" , NULL
, isBoolean
, &kSCPropNetModemSpeaker
, NULL
, NULL
},
1713 { "?" , NULL
, isHelp
, NULL
, NULL
,
1714 "\nModem configuration commands\n\n"
1715 " set interface [ConnectionScript connection-script]\n"
1716 " set interface [CallWaiting {enable|disable}]\n"
1717 " set interface [CallWaitingAlert {enable|disable}]\n"
1718 " set interface [CallWaitingDisconnectOnAnswer {enable|disable}]\n"
1719 " set interface [DialMode {ignore|wait}]\n"
1720 " set interface [DataCompression {enable|disable}]\n"
1721 " set interface [ErrorCorrection {enable|disable}]\n"
1722 " set interface [HoldReminder {enable|disable}]\n"
1723 " set interface [HoldReminderTime n]\n"
1724 " set interface [PulseDial {enable|disable}]\n"
1725 " set interface [Speaker {enable|disable}]\n"
1728 #define N_MODEM_OPTIONS (sizeof(modemOptions) / sizeof(modemOptions[0]))
1732 set_interface_modem(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1736 ok
= _process_options(modemOptions
, N_MODEM_OPTIONS
, argc
, argv
, newConfiguration
);
1742 #pragma mark PPP options
1746 __doPPPAuthPW(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1748 CFStringRef encryptionType
;
1751 SCPrint(TRUE
, stdout
, CFSTR("PPP password not specified\n"));
1755 encryptionType
= CFDictionaryGetValue(newConfiguration
, kSCPropNetPPPAuthPasswordEncryption
);
1756 if (strlen(argv
[0]) > 0) {
1757 if (encryptionType
== NULL
) {
1758 #ifdef INLINE_PASSWORDS_USE_CFSTRING
1761 pw
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1762 #else // INLINE_PASSWORDS_USE_CFSTRING
1764 CFMutableDataRef pw
;
1767 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1768 n
= CFStringGetLength(str
);
1769 pw
= CFDataCreateMutable(NULL
, n
* sizeof(UniChar
));
1770 CFDataSetLength(pw
, n
* sizeof(UniChar
));
1771 /* ALIGN: CF aligns to at least >8 byte boundries */
1772 CFStringGetCharacters(str
,
1774 (UniChar
*)(void *)CFDataGetMutableBytePtr(pw
));
1776 #endif // INLINE_PASSWORDS_USE_CFSTRING
1778 CFDictionarySetValue(newConfiguration
, key
, pw
);
1780 } else if (CFEqual(encryptionType
, kSCValNetPPPAuthPasswordEncryptionKeychain
)) {
1785 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1786 pw
= CFStringCreateExternalRepresentation(NULL
, str
, kCFStringEncodingUTF8
, 0);
1787 ok
= SCNetworkInterfaceSetPassword(net_interface
,
1788 kSCNetworkInterfacePasswordTypePPP
,
1794 updateInterfaceConfiguration(newConfiguration
);
1799 SCPrint(TRUE
, stdout
, CFSTR("PPP password type \"%@\" not supported\n"), encryptionType
);
1803 if (encryptionType
== NULL
) {
1804 CFDictionaryRemoveValue(newConfiguration
, key
);
1805 } else if (CFEqual(encryptionType
, kSCValNetPPPAuthPasswordEncryptionKeychain
)) {
1808 ok
= SCNetworkInterfaceRemovePassword(net_interface
, kSCNetworkInterfacePasswordTypePPP
);
1810 updateInterfaceConfiguration(newConfiguration
);
1815 SCPrint(TRUE
, stdout
, CFSTR("PPP password type \"%@\" not supported\n"), encryptionType
);
1825 __doPPPAuthPWType(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1828 SCPrint(TRUE
, stdout
, CFSTR("PPP password type mode not specified\n"));
1832 if (strlen(argv
[0]) > 0) {
1833 if (strcasecmp(argv
[0], "keychain") == 0) {
1834 CFDictionarySetValue(newConfiguration
, key
, kSCValNetPPPAuthPasswordEncryptionKeychain
);
1836 SCPrint(TRUE
, stdout
, CFSTR("invalid password type\n"));
1840 CFDictionaryRemoveValue(newConfiguration
, key
);
1843 // encryption type changed, reset password
1844 CFDictionaryRemoveValue(newConfiguration
, kSCPropNetPPPAuthPassword
);
1850 static options l2tp_ipsecOptions
[] = {
1851 { "SharedSecret" , NULL
, isOther
, &kSCPropNetIPSecSharedSecret
, __doIPSecSharedSecret
, NULL
},
1852 { "SharedSecretEncryption", NULL
, isOther
, &kSCPropNetIPSecSharedSecretEncryption
, __doIPSecSharedSecretType
, NULL
},
1854 { "?" , NULL
, isHelp
, NULL
, NULL
,
1855 "\nIPSec configuration commands\n\n"
1856 " set interface ipsec [SharedSecret secret]\n"
1857 " set interface ipsec [SharedSecretEncryption {Keychain}]\n"
1860 #define N_L2TP_IPSEC_OPTIONS (sizeof(l2tp_ipsecOptions) / sizeof(l2tp_ipsecOptions[0]))
1864 __doPPPIPSec(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newPPPConfiguration
)
1866 SCNetworkInterfaceRef childInterface
;
1867 CFStringRef childInterfaceType
;
1868 CFDictionaryRef configuration
;
1869 CFMutableDictionaryRef newConfiguration
;
1873 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
1877 childInterface
= SCNetworkInterfaceGetInterface(net_interface
);
1878 if (childInterface
== NULL
) {
1879 SCPrint(TRUE
, stdout
, CFSTR("this interfaces configuration cannot be changed\n"));
1883 childInterfaceType
= SCNetworkInterfaceGetInterfaceType(childInterface
);
1884 if (!CFEqual(childInterfaceType
, kSCNetworkInterfaceTypeL2TP
)) {
1885 SCPrint(TRUE
, stdout
, CFSTR("this interfaces configuration cannot be changed\n"));
1889 configuration
= SCNetworkInterfaceGetExtendedConfiguration(net_interface
, kSCEntNetIPSec
);
1890 if (configuration
== NULL
) {
1891 newConfiguration
= CFDictionaryCreateMutable(NULL
,
1893 &kCFTypeDictionaryKeyCallBacks
,
1894 &kCFTypeDictionaryValueCallBacks
);
1896 newConfiguration
= CFDictionaryCreateMutableCopy(NULL
, 0, configuration
);
1897 CFDictionaryRemoveValue(newConfiguration
, kSCResvInactive
);
1900 ok
= _process_options(l2tp_ipsecOptions
, N_L2TP_IPSEC_OPTIONS
, argc
, argv
, newConfiguration
);
1905 if (((configuration
== NULL
) && (CFDictionaryGetCount(newConfiguration
) > 0)) ||
1906 ((configuration
!= NULL
) && !CFEqual(configuration
, newConfiguration
))) {
1907 if (!SCNetworkInterfaceSetExtendedConfiguration(net_interface
, kSCEntNetIPSec
, newConfiguration
)) {
1908 if (SCError() == kSCStatusNoKey
) {
1909 SCPrint(TRUE
, stdout
, CFSTR("could not update per-service interface configuration\n"));
1911 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
1916 _prefs_changed
= TRUE
;
1921 if (newConfiguration
!= NULL
) CFRelease(newConfiguration
);
1927 static options pppOnDemandOptions
[] = {
1928 { "OnDemandMatchDomainsAlways" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsAlways
, __doOnDemandDomains
, NULL
},
1929 { "always" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsAlways
, __doOnDemandDomains
, NULL
},
1930 { "OnDemandMatchDomainsOnRetry", "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsOnRetry
, __doOnDemandDomains
, NULL
},
1931 { "retry" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsOnRetry
, __doOnDemandDomains
, NULL
},
1932 { "OnDemandMatchDomainsNever" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsNever
, __doOnDemandDomains
, NULL
},
1933 { "never" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsNever
, __doOnDemandDomains
, NULL
},
1935 { "?" , NULL
, isHelp
, NULL
, NULL
,
1936 "\nOnDemandMatch configuration commands\n\n"
1937 " set interface OnDemand always domain-name[,domain-name]\n"
1938 " set interface OnDemand retry domain-name[,domain-name]\n"
1939 " set interface OnDemand never domain-name[,domain-name]\n"
1942 #define N_PPP_ONDEMAND_OPTIONS (sizeof(pppOnDemandOptions) / sizeof(pppOnDemandOptions[0]))
1946 __doPPPOnDemandMatch(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1951 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
1955 ok
= _process_options(pppOnDemandOptions
, N_PPP_ONDEMAND_OPTIONS
, argc
, argv
, newConfiguration
);
1967 static selections authPromptSelections
[] = {
1968 { CFSTR("before"), &kSCValNetPPPAuthPromptBefore
, 0 },
1969 { CFSTR("after") , &kSCValNetPPPAuthPromptAfter
, 0 },
1974 static selections authProtocolSelections
[] = {
1975 { CFSTR("CHAP") , &kSCValNetPPPAuthProtocolCHAP
, 0 },
1976 { CFSTR("EAP") , &kSCValNetPPPAuthProtocolEAP
, 0 },
1977 { CFSTR("MSCHAP1"), &kSCValNetPPPAuthProtocolMSCHAP1
, 0 },
1978 { CFSTR("MSCHAP2"), &kSCValNetPPPAuthProtocolMSCHAP2
, 0 },
1979 { CFSTR("PAP") , &kSCValNetPPPAuthProtocolPAP
, 0 },
1984 static options pppOptions
[] = {
1985 { "ACSP" , NULL
, isBoolean
, &kSCPropNetPPPACSPEnabled
, NULL
, NULL
},
1986 { "ConnectTime" , "?time" , isNumber
, &kSCPropNetPPPConnectTime
, NULL
, NULL
},
1987 { "DialOnDemand" , NULL
, isBoolean
, &kSCPropNetPPPDialOnDemand
, NULL
, NULL
},
1988 { "DisconnectOnFastUserSwitch", NULL
, isBoolean
, &kSCPropNetPPPDisconnectOnFastUserSwitch
, NULL
, NULL
},
1989 { "DisconnectOnIdle" , NULL
, isBoolean
, &kSCPropNetPPPDisconnectOnIdle
, NULL
, NULL
},
1990 { "DisconnectOnIdleTimer" , "timeout" , isNumber
, &kSCPropNetPPPDisconnectOnIdleTimer
, NULL
, NULL
},
1991 { "DisconnectOnLogout" , NULL
, isBoolean
, &kSCPropNetPPPDisconnectOnLogout
, NULL
, NULL
},
1992 { "DisconnectOnSleep" , NULL
, isBoolean
, &kSCPropNetPPPDisconnectOnSleep
, NULL
, NULL
},
1993 { "DisconnectTime" , "?time" , isNumber
, &kSCPropNetPPPDisconnectTime
, NULL
, NULL
},
1994 { "IdleReminder" , NULL
, isBoolean
, &kSCPropNetPPPIdleReminder
, NULL
, NULL
},
1995 { "IdleReminderTimer" , "time" , isNumber
, &kSCPropNetPPPIdleReminderTimer
, NULL
, NULL
},
1996 { "Logfile" , "path" , isString
, &kSCPropNetPPPLogfile
, NULL
, NULL
},
1997 { "Plugins" , "plugin" , isStringArray
, &kSCPropNetPPPPlugins
, NULL
, NULL
},
1998 { "RetryConnectTime" , "time" , isNumber
, &kSCPropNetPPPRetryConnectTime
, NULL
, NULL
},
1999 { "SessionTimer" , "time" , isNumber
, &kSCPropNetPPPSessionTimer
, NULL
, NULL
},
2000 { "UseSessionTimer" , NULL
, isBoolean
, &kSCPropNetPPPUseSessionTimer
, NULL
, NULL
},
2001 { "VerboseLogging" , NULL
, isBoolean
, &kSCPropNetPPPVerboseLogging
, NULL
, NULL
},
2004 { "AuthEAPPlugins" , "plugin" , isStringArray
, &kSCPropNetPPPAuthEAPPlugins
, NULL
, NULL
},
2005 { "AuthName" , "account" , isString
, &kSCPropNetPPPAuthName
, NULL
, NULL
},
2006 { "Account" , "account" , isString
, &kSCPropNetPPPAuthName
, NULL
, NULL
},
2007 { "AuthPassword" , "password" , isOther
, &kSCPropNetPPPAuthPassword
, __doPPPAuthPW
, NULL
},
2008 { "Password" , "password" , isOther
, &kSCPropNetPPPAuthPassword
, __doPPPAuthPW
, NULL
},
2009 { "AuthPasswordEncryption" , "type" , isOther
, &kSCPropNetPPPAuthPasswordEncryption
, __doPPPAuthPWType
, NULL
},
2010 { "AuthPrompt" , "before/after", isChooseOne
, &kSCPropNetPPPAuthPrompt
, NULL
, (void *)authPromptSelections
},
2011 { "AuthProtocol" , "protocol" , isChooseMultiple
, &kSCPropNetPPPAuthProtocol
, NULL
, (void *)authProtocolSelections
},
2014 { "CommRemoteAddress" , "phone#" , isString
, &kSCPropNetPPPCommRemoteAddress
, NULL
, NULL
},
2015 { "CommAlternateRemoteAddress", "phone#" , isString
, &kSCPropNetPPPCommAlternateRemoteAddress
, NULL
, NULL
},
2016 { "CommConnectDelay" , "time" , isNumber
, &kSCPropNetPPPCommConnectDelay
, NULL
, NULL
},
2017 { "CommDisplayTerminalWindow" , NULL
, isBoolean
, &kSCPropNetPPPCommDisplayTerminalWindow
, NULL
, NULL
},
2018 { "CommRedialCount" , "retry count" , isNumber
, &kSCPropNetPPPCommRedialCount
, NULL
, NULL
},
2019 { "CommRedialEnabled" , NULL
, isBoolean
, &kSCPropNetPPPCommRedialEnabled
, NULL
, NULL
},
2020 { "CommRedialInterval" , "retry delay" , isNumber
, &kSCPropNetPPPCommRedialInterval
, NULL
, NULL
},
2021 { "CommTerminalScript" , "script" , isString
, &kSCPropNetPPPCommTerminalScript
, NULL
, NULL
},
2022 { "CommUseTerminalScript" , NULL
, isBoolean
, &kSCPropNetPPPCommUseTerminalScript
, NULL
, NULL
},
2025 { "CCPEnabled" , NULL
, isBoolean
, &kSCPropNetPPPCCPEnabled
, NULL
, NULL
},
2026 { "CCPMPPE40Enabled" , NULL
, isBoolean
, &kSCPropNetPPPCCPMPPE40Enabled
, NULL
, NULL
},
2027 { "CCPMPPE128Enabled" , NULL
, isBoolean
, &kSCPropNetPPPCCPMPPE128Enabled
, NULL
, NULL
},
2030 { "IPCPCompressionVJ" , NULL
, isBoolean
, &kSCPropNetPPPIPCPCompressionVJ
, NULL
, NULL
},
2031 { "IPCPUsePeerDNS" , NULL
, isBoolean
, &kSCPropNetPPPIPCPUsePeerDNS
, NULL
, NULL
},
2034 { "LCPEchoEnabled" , NULL
, isBoolean
, &kSCPropNetPPPLCPEchoEnabled
, NULL
, NULL
},
2035 { "LCPEchoFailure" , NULL
, isNumber
, &kSCPropNetPPPLCPEchoFailure
, NULL
, NULL
},
2036 { "LCPEchoInterval" , NULL
, isNumber
, &kSCPropNetPPPLCPEchoInterval
, NULL
, NULL
},
2037 { "LCPCompressionACField" , NULL
, isBoolean
, &kSCPropNetPPPLCPCompressionACField
, NULL
, NULL
},
2038 { "LCPCompressionPField" , NULL
, isBoolean
, &kSCPropNetPPPLCPCompressionPField
, NULL
, NULL
},
2039 { "LCPMRU" , NULL
, isNumber
, &kSCPropNetPPPLCPMRU
, NULL
, NULL
},
2040 { "LCPMTU" , NULL
, isNumber
, &kSCPropNetPPPLCPMTU
, NULL
, NULL
},
2041 { "LCPReceiveACCM" , NULL
, isNumber
, &kSCPropNetPPPLCPReceiveACCM
, NULL
, NULL
},
2042 { "LCPTransmitACCM" , NULL
, isNumber
, &kSCPropNetPPPLCPTransmitACCM
, NULL
, NULL
},
2045 { "IPSec" , NULL
, isOther
, NULL
, __doPPPIPSec
, NULL
},
2048 // --- OnDemand: ---
2049 { "OnDemandEnabled" , NULL
, isBoolean
, &kSCPropNetPPPOnDemandEnabled
, NULL
, NULL
},
2050 { "OnDemandMatch" , NULL
, isOther
, NULL
, __doPPPOnDemandMatch
, NULL
},
2054 { "?" , NULL
, isHelp
, NULL
, NULL
,
2055 "\nPPP configuration commands\n\n"
2056 " set interface [Account account]\n"
2057 " set interface [Password password]\n"
2058 " set interface [Number telephone-number]\n"
2059 " set interface [AlternateNumber telephone-number]\n"
2060 " set interface [IdleReminder {enable|disable}]\n"
2061 " set interface [IdleReminderTimer time-in-seconds]\n"
2062 " set interface [DisconnectOnIdle {enable|disable}]\n"
2063 " set interface [DisconnectOnIdleTimer time-in-seconds]\n"
2064 " set interface [DisconnectOnLogout {enable|disable}]\n"
2065 " set interface [IPSec <ipsec-options>]\n"
2067 " set interface [OnDemandEnabled {enable|disable}]\n"
2068 " set interface [OnDemandMatch <match-options>]\n"
2072 #define N_PPP_OPTIONS (sizeof(pppOptions) / sizeof(pppOptions[0]))
2076 set_interface_ppp(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2080 ok
= _process_options(pppOptions
, N_PPP_OPTIONS
, argc
, argv
, newConfiguration
);
2086 #pragma mark VLAN options
2090 set_interface_vlan(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2092 // xxxxx ("device", "tag")
2093 SCPrint(TRUE
, stdout
, CFSTR("vlan interface management not yet supported\n"));
2099 #pragma mark VPN options
2103 __doVPNAuthPW(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2105 CFStringRef encryptionType
;
2108 SCPrint(TRUE
, stdout
, CFSTR("VPN password not specified\n"));
2112 encryptionType
= CFDictionaryGetValue(newConfiguration
, kSCPropNetVPNAuthPasswordEncryption
);
2113 if (strlen(argv
[0]) > 0) {
2114 if (encryptionType
== NULL
) {
2115 #ifdef INLINE_PASSWORDS_USE_CFSTRING
2118 pw
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
2119 #else // INLINE_PASSWORDS_USE_CFSTRING
2121 CFMutableDataRef pw
;
2124 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
2125 n
= CFStringGetLength(str
);
2126 pw
= CFDataCreateMutable(NULL
, n
* sizeof(UniChar
));
2127 CFDataSetLength(pw
, n
* sizeof(UniChar
));
2128 CFStringGetCharacters(str
,
2130 (UniChar
*)(void *)CFDataGetMutableBytePtr(pw
));
2132 #endif // INLINE_PASSWORDS_USE_CFSTRING
2134 CFDictionarySetValue(newConfiguration
, key
, pw
);
2136 } else if (CFEqual(encryptionType
, kSCValNetVPNAuthPasswordEncryptionKeychain
)) {
2141 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
2142 pw
= CFStringCreateExternalRepresentation(NULL
, str
, kCFStringEncodingUTF8
, 0);
2143 ok
= SCNetworkInterfaceSetPassword(net_interface
,
2144 kSCNetworkInterfacePasswordTypeVPN
,
2150 updateInterfaceConfiguration(newConfiguration
);
2155 SCPrint(TRUE
, stdout
, CFSTR("VPN password type \"%@\" not supported\n"), encryptionType
);
2159 if (encryptionType
== NULL
) {
2160 CFDictionaryRemoveValue(newConfiguration
, key
);
2161 } else if (CFEqual(encryptionType
, kSCValNetVPNAuthPasswordEncryptionKeychain
)) {
2164 ok
= SCNetworkInterfaceRemovePassword(net_interface
, kSCNetworkInterfacePasswordTypeVPN
);
2166 updateInterfaceConfiguration(newConfiguration
);
2171 SCPrint(TRUE
, stdout
, CFSTR("PPP password type \"%@\" not supported\n"), encryptionType
);
2181 __doVPNAuthPWType(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2184 SCPrint(TRUE
, stdout
, CFSTR("VPN password type mode not specified\n"));
2188 if (strlen(argv
[0]) > 0) {
2189 if (strcasecmp(argv
[0], "keychain") == 0) {
2190 CFDictionarySetValue(newConfiguration
, key
, kSCValNetVPNAuthPasswordEncryptionKeychain
);
2191 } else if (strcasecmp(argv
[0], "prompt") == 0) {
2192 CFDictionarySetValue(newConfiguration
, key
, kSCValNetVPNAuthPasswordEncryptionPrompt
);
2194 SCPrint(TRUE
, stdout
, CFSTR("invalid password type\n"));
2198 CFDictionaryRemoveValue(newConfiguration
, key
);
2201 // encryption type changed, reset password
2202 CFDictionaryRemoveValue(newConfiguration
, kSCPropNetVPNAuthPassword
);
2208 static selections vpnAuthenticationMethodSelections
[] = {
2209 { CFSTR("Password") , &kSCValNetVPNAuthenticationMethodPassword
, 0 },
2210 { CFSTR("Certificate") , &kSCValNetVPNAuthenticationMethodCertificate
, 0 },
2215 static options vpnOptions
[] = {
2216 { "AuthName" , "account" , isString
, &kSCPropNetVPNAuthName
, NULL
, NULL
},
2217 { "Account" , "account" , isString
, &kSCPropNetVPNAuthName
, NULL
, NULL
},
2218 { "AuthPassword" , "password" , isOther
, &kSCPropNetVPNAuthPassword
, __doVPNAuthPW
, NULL
},
2219 { "Password" , "password" , isOther
, &kSCPropNetVPNAuthPassword
, __doVPNAuthPW
, NULL
},
2220 { "AuthPasswordEncryption" , "type" , isOther
, &kSCPropNetVPNAuthPasswordEncryption
, __doVPNAuthPWType
, NULL
},
2221 { "AuthenticationMethod" , NULL
, isChooseOne
, &kSCPropNetVPNAuthenticationMethod
, NULL
, (void *)vpnAuthenticationMethodSelections
},
2222 { "ConnectTime" , "?time" , isNumber
, &kSCPropNetVPNConnectTime
, NULL
, NULL
},
2223 { "DisconnectOnFastUserSwitch", NULL
, isBoolean
, &kSCPropNetVPNDisconnectOnFastUserSwitch
, NULL
, NULL
},
2224 { "DisconnectOnIdle" , NULL
, isBoolean
, &kSCPropNetVPNDisconnectOnIdle
, NULL
, NULL
},
2225 { "DisconnectOnIdleTimer" , "timeout" , isNumber
, &kSCPropNetVPNDisconnectOnIdleTimer
, NULL
, NULL
},
2226 { "DisconnectOnLogout" , NULL
, isBoolean
, &kSCPropNetVPNDisconnectOnLogout
, NULL
, NULL
},
2227 { "DisconnectOnSleep" , NULL
, isBoolean
, &kSCPropNetVPNDisconnectOnSleep
, NULL
, NULL
},
2228 { "Logfile" , "path" , isString
, &kSCPropNetVPNLogfile
, NULL
, NULL
},
2229 { "MTU" , NULL
, isNumber
, &kSCPropNetVPNMTU
, NULL
, NULL
},
2230 { "RemoteAddress" , "server" , isString
, &kSCPropNetVPNRemoteAddress
, NULL
, NULL
},
2231 { "Server" , "server" , isString
, &kSCPropNetVPNRemoteAddress
, NULL
, NULL
},
2232 { "VerboseLogging" , NULL
, isBoolean
, &kSCPropNetVPNVerboseLogging
, NULL
, NULL
},
2235 { "?" , NULL
, isHelp
, NULL
, NULL
,
2236 "\nVPN configuration commands\n\n"
2237 " set interface [Server server]\n"
2238 " set interface [Account account]\n"
2239 " set interface [Password password]\n"
2242 #define N_VPN_OPTIONS (sizeof(vpnOptions) / sizeof(vpnOptions[0]))
2246 set_interface_vpn(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2250 ok
= _process_options(vpnOptions
, N_VPN_OPTIONS
, argc
, argv
, newConfiguration
);
2256 #pragma mark [more] Interface management
2261 set_interface(int argc
, char **argv
)
2263 CFDictionaryRef configuration
;
2264 CFStringRef interfaceType
;
2265 CFMutableDictionaryRef newConfiguration
= NULL
;
2268 if (net_interface
== NULL
) {
2269 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
2274 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
2278 configuration
= SCNetworkInterfaceGetConfiguration(net_interface
);
2279 if (configuration
!= NULL
) {
2280 configuration
= CFDictionaryCreateCopy(NULL
, configuration
);
2281 newConfiguration
= CFDictionaryCreateMutableCopy(NULL
, 0, configuration
);
2282 CFDictionaryRemoveValue(newConfiguration
, kSCResvInactive
);
2284 newConfiguration
= CFDictionaryCreateMutable(NULL
,
2286 &kCFTypeDictionaryKeyCallBacks
,
2287 &kCFTypeDictionaryValueCallBacks
);
2290 interfaceType
= SCNetworkInterfaceGetInterfaceType(net_interface
);
2292 if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeEthernet
)) {
2293 ok
= set_interface_ethernet(argc
, argv
, newConfiguration
);
2294 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeFireWire
)) {
2295 ok
= set_interface_firewire(argc
, argv
, newConfiguration
);
2296 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeIPSec
)) {
2297 ok
= set_interface_ipsec(argc
, argv
, newConfiguration
);
2298 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeModem
)) {
2299 ok
= set_interface_modem(argc
, argv
, newConfiguration
);
2300 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeIEEE80211
)) {
2301 ok
= set_interface_airport(argc
, argv
, newConfiguration
);
2302 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypePPP
)) {
2303 ok
= set_interface_ppp(argc
, argv
, newConfiguration
);
2304 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeBond
)) {
2305 ok
= set_interface_bond(argc
, argv
, newConfiguration
);
2306 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeBridge
)) {
2307 ok
= set_interface_bridge(argc
, argv
, newConfiguration
);
2308 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeVLAN
)) {
2309 ok
= set_interface_vlan(argc
, argv
, newConfiguration
);
2310 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeVPN
)) {
2311 ok
= set_interface_vpn(argc
, argv
, newConfiguration
);
2313 SCPrint(TRUE
, stdout
, CFSTR("this interfaces configuration cannot be changed\n"));
2320 if (((configuration
== NULL
) && (CFDictionaryGetCount(newConfiguration
) > 0)) ||
2321 ((configuration
!= NULL
) && !CFEqual(configuration
, newConfiguration
))) {
2322 if (!SCNetworkInterfaceSetConfiguration(net_interface
, newConfiguration
)) {
2323 if (SCError() == kSCStatusNoKey
) {
2324 SCPrint(TRUE
, stdout
, CFSTR("could not update per-service interface configuration\n"));
2326 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
2331 _prefs_changed
= TRUE
;
2336 if (configuration
!= NULL
) CFRelease(configuration
);
2337 if (newConfiguration
!= NULL
) CFRelease(newConfiguration
);
2342 /* -------------------- */
2347 show_interface(int argc
, char **argv
)
2349 SCNetworkInterfaceRef interface
;
2352 interface
= _find_interface(argc
, argv
, NULL
);
2354 if (net_interface
!= NULL
) {
2355 interface
= net_interface
;
2357 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
2362 if (interface
!= NULL
) {
2363 _show_interface(interface
, CFSTR(""), TRUE
);
2370 /* -------------------- */
2374 CF_RETURNS_RETAINED CFStringRef
2375 _interface_description(SCNetworkInterfaceRef interface
)
2377 CFMutableStringRef description
;
2378 CFStringRef if_bsd_name
;
2379 CFStringRef if_type
;
2381 description
= CFStringCreateMutable(NULL
, 0);
2383 if_type
= SCNetworkInterfaceGetInterfaceType(interface
);
2384 CFStringAppend(description
, if_type
);
2386 if_bsd_name
= SCNetworkInterfaceGetBSDName(interface
);
2387 if (if_bsd_name
!= NULL
) {
2388 CFStringAppendFormat(description
, NULL
, CFSTR(" (%@)"), if_bsd_name
);
2391 interface
= SCNetworkInterfaceGetInterface(interface
);
2392 while ((interface
!= NULL
) &&
2393 !CFEqual(interface
, kSCNetworkInterfaceIPv4
)) {
2394 CFStringRef childDescription
;
2396 childDescription
= _interface_description(interface
);
2397 CFStringAppendFormat(description
, NULL
, CFSTR(" / %@"), childDescription
);
2398 CFRelease(childDescription
);
2400 interface
= SCNetworkInterfaceGetInterface(interface
);