2 * Copyright (c) 2004-2011, 2013-2016 Apple Inc. All rights reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
25 * Modification History
27 * August 5, 2004 Allan Nathanson <ajn@apple.com>
32 #include <TargetConditionals.h>
39 #define INLINE_PASSWORDS_USE_CFSTRING
40 #endif // TARGET_OS_IPHONE
44 #pragma mark Interface management
50 CFMutableArrayRef interfaces
;
51 CFArrayRef real_interfaces
;
53 real_interfaces
= _SCNetworkInterfaceCopyAllWithPreferences(prefs
);
54 if (real_interfaces
== NULL
) {
55 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
59 interfaces
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
61 // include real interfaces
62 CFArrayAppendArray(interfaces
,
64 CFRangeMake(0, CFArrayGetCount(real_interfaces
)));
65 CFRelease(real_interfaces
);
67 // include pseudo interfaces
68 CFArrayAppendValue(interfaces
, kSCNetworkInterfaceLoopback
);
69 CFArrayAppendValue(interfaces
, kSCNetworkInterfaceIPv4
);
71 // include interfaces that we have created
72 if (new_interfaces
!= NULL
) {
73 CFArrayAppendArray(interfaces
,
75 CFRangeMake(0, CFArrayGetCount(new_interfaces
)));
78 return (CFArrayRef
)interfaces
;
84 _find_interface(int argc
, char **argv
, int *nArgs
)
86 Boolean allowIndex
= TRUE
;
88 CFArrayRef myInterfaces
= interfaces
;
90 CFStringRef select_name
= NULL
;
91 SCNetworkInterfaceRef selected
= NULL
;
94 SCPrint(TRUE
, stdout
, CFSTR("no interface specified\n"));
98 if (nArgs
!= NULL
) *nArgs
= 1;
100 if (strcasecmp(argv
[0], "$child") == 0) {
101 if (net_interface
== NULL
) {
102 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
106 selected
= SCNetworkInterfaceGetInterface(net_interface
);
107 if(selected
== NULL
) {
108 SCPrint(TRUE
, stdout
, CFSTR("no child interface\n"));
112 } else if (strcasecmp(argv
[0], "$service") == 0) {
113 if (net_service
== NULL
) {
114 SCPrint(TRUE
, stdout
, CFSTR("service not selected\n"));
118 selected
= SCNetworkServiceGetInterface(net_service
);
119 if(selected
== NULL
) {
120 SCPrint(TRUE
, stdout
, CFSTR("no interface for service\n"));
126 #if !TARGET_OS_IPHONE
127 else if (strcasecmp(argv
[0], "$bond") == 0) {
128 CFStringRef interfaceType
;
130 if (net_interface
== NULL
) {
131 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
135 interfaceType
= SCNetworkInterfaceGetInterfaceType(net_interface
);
136 if (!CFEqual(interfaceType
, kSCNetworkInterfaceTypeBond
)) {
137 SCPrint(TRUE
, stdout
, CFSTR("interface not Bond\n"));
142 SCPrint(TRUE
, stdout
, CFSTR("no member interface specified\n"));
147 if (nArgs
!= NULL
) *nArgs
+= 1;
149 myInterfaces
= SCBondInterfaceGetMemberInterfaces(net_interface
);
150 if (myInterfaces
== NULL
) {
151 SCPrint(TRUE
, stdout
, CFSTR("no member interfaces\n"));
156 #endif // !TARGET_OS_IPHONE
158 else if (strcasecmp(argv
[0], "$bridge") == 0) {
159 CFStringRef interfaceType
;
161 if (net_interface
== NULL
) {
162 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
166 interfaceType
= SCNetworkInterfaceGetInterfaceType(net_interface
);
167 if (!CFEqual(interfaceType
, kSCNetworkInterfaceTypeBridge
)) {
168 SCPrint(TRUE
, stdout
, CFSTR("interface not Bridge\n"));
173 SCPrint(TRUE
, stdout
, CFSTR("no member interface specified\n"));
178 if (nArgs
!= NULL
) *nArgs
+= 1;
180 myInterfaces
= SCBridgeInterfaceGetMemberInterfaces(net_interface
);
181 if (myInterfaces
== NULL
) {
182 SCPrint(TRUE
, stdout
, CFSTR("no member interfaces\n"));
188 else if (strcasecmp(argv
[0], "$vlan") == 0) {
189 CFStringRef interfaceType
;
191 if (net_interface
== NULL
) {
192 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
196 interfaceType
= SCNetworkInterfaceGetInterfaceType(net_interface
);
197 if (!CFEqual(interfaceType
, kSCNetworkInterfaceTypeVLAN
)) {
198 SCPrint(TRUE
, stdout
, CFSTR("interface not VLAN\n"));
202 selected
= SCVLANInterfaceGetPhysicalInterface(net_interface
);
203 if(selected
== NULL
) {
204 SCPrint(TRUE
, stdout
, CFSTR("no physical interface\n"));
210 if ((myInterfaces
== NULL
) && (interfaces
== NULL
)) {
211 interfaces
= _copy_interfaces();
212 if (interfaces
== NULL
) {
215 myInterfaces
= interfaces
;
219 // try to select the interface by its display name
221 select_name
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
223 n
= (myInterfaces
!= NULL
) ? CFArrayGetCount(myInterfaces
) : 0;
224 for (i
= 0; i
< n
; i
++) {
225 SCNetworkInterfaceRef interface
;
226 CFStringRef interfaceName
;
228 interface
= CFArrayGetValueAtIndex(myInterfaces
, i
);
229 interfaceName
= SCNetworkInterfaceGetLocalizedDisplayName(interface
);
230 if ((interfaceName
!= NULL
) && CFEqual(select_name
, interfaceName
)) {
231 if (selected
== NULL
) {
232 selected
= interface
;
234 // if multiple interfaces match
236 SCPrint(TRUE
, stdout
, CFSTR("multiple interfaces match\n"));
242 if (selected
!= NULL
) {
246 // try to select the interface by its BSD name
248 for (i
= 0; i
< n
; i
++) {
249 SCNetworkInterfaceRef interface
;
250 CFStringRef bsd_name
= NULL
;
252 interface
= CFArrayGetValueAtIndex(myInterfaces
, i
);
253 while ((interface
!= NULL
) && (bsd_name
== NULL
)) {
254 bsd_name
= SCNetworkInterfaceGetBSDName(interface
);
255 if (bsd_name
== NULL
) {
256 interface
= SCNetworkInterfaceGetInterface(interface
);
260 if ((bsd_name
!= NULL
) && CFEqual(select_name
, bsd_name
)) {
261 if (selected
== NULL
) {
262 selected
= interface
;
264 // if multiple interfaces match
266 SCPrint(TRUE
, stdout
, CFSTR("multiple interfaces match\n"));
272 if (selected
!= NULL
) {
276 // try to select the interface by its interface type
278 for (i
= 0; i
< n
; i
++) {
279 SCNetworkInterfaceRef interface
;
280 CFStringRef interfaceType
;
282 interface
= CFArrayGetValueAtIndex(myInterfaces
, i
);
283 interfaceType
= SCNetworkInterfaceGetInterfaceType(interface
);
284 if (CFEqual(select_name
, interfaceType
)) {
285 if (selected
== NULL
) {
286 selected
= interface
;
288 // if multiple interfaces match
290 SCPrint(TRUE
, stdout
, CFSTR("multiple interfaces match\n"));
296 if (selected
!= NULL
) {
305 // try to select the interface by its index
308 val
= strtol(str
, &end
, 10);
309 if ((*str
!= '\0') &&
310 ((*end
== '\0') || (*end
== '.')) &&
312 if ((val
> 0) && (val
<= n
)) {
313 selected
= CFArrayGetValueAtIndex(myInterfaces
, val
- 1);
317 val
= strtol(str
, &end
, 10);
318 if ((*str
!= '\0') && (*end
== '\0') && (errno
== 0)) {
320 selected
= SCNetworkInterfaceGetInterface(selected
);
321 if (selected
== NULL
) {
331 if (selected
!= NULL
) {
335 SCPrint(TRUE
, stdout
, CFSTR("no match\n"));
339 if (select_name
!= NULL
) CFRelease(select_name
);
344 /* -------------------- */
349 create_interface(int argc
, char **argv
)
351 SCNetworkInterfaceRef interface
;
352 CFStringRef interfaceName
;
353 CFStringRef interfaceType
;
354 SCNetworkInterfaceRef new_interface
;
357 SCPrint(TRUE
, stdout
, CFSTR("what interface type?\n"));
361 interfaceType
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
365 if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeBond
)) {
366 SCPrint(TRUE
, stdout
, CFSTR("bond creation not yet supported\n"));
369 if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeBridge
)) {
370 SCPrint(TRUE
, stdout
, CFSTR("bridge creation not yet supported\n"));
373 if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeVLAN
)) {
374 SCPrint(TRUE
, stdout
, CFSTR("vlan creation not yet supported\n"));
379 if (net_interface
== NULL
) {
380 SCPrint(TRUE
, stdout
, CFSTR("no network interface selected\n"));
384 interface
= net_interface
;
386 interface
= _find_interface(argc
, argv
, NULL
);
389 if (interface
== NULL
) {
393 new_interface
= SCNetworkInterfaceCreateWithInterface(interface
, interfaceType
);
394 if (new_interface
== NULL
) {
395 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
399 if (new_interfaces
== NULL
) {
400 new_interfaces
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
402 CFArrayAppendValue(new_interfaces
, new_interface
);
404 if (net_interface
!= NULL
) CFRelease(net_interface
);
405 net_interface
= new_interface
;
407 interfaceName
= SCNetworkInterfaceGetLocalizedDisplayName(net_interface
);
408 if (interfaceName
== NULL
) {
409 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
411 if (interfaceName
== NULL
) {
412 interfaceName
= SCNetworkInterfaceGetInterfaceType(net_interface
);
414 SCPrint(TRUE
, stdout
, CFSTR("interface \"%@\" created and selected\n"), interfaceName
);
418 CFRelease(interfaceType
);
423 /* -------------------- */
428 select_interface(int argc
, char **argv
)
430 SCNetworkInterfaceRef interface
;
432 interface
= _find_interface(argc
, argv
, NULL
);
433 if (interface
!= NULL
) {
434 CFStringRef interfaceName
;
436 if (net_interface
!= NULL
) CFRelease(net_interface
);
437 net_interface
= CFRetain(interface
);
439 interfaceName
= SCNetworkInterfaceGetLocalizedDisplayName(interface
);
440 if (interfaceName
== NULL
) {
441 interfaceName
= SCNetworkInterfaceGetBSDName(interface
);
443 if (interfaceName
== NULL
) {
444 interfaceName
= SCNetworkInterfaceGetInterfaceType(interface
);
447 SCPrint(TRUE
, stdout
, CFSTR("interface \"%@\" selected\n"), interfaceName
);
454 /* -------------------- */
459 _show_interface(SCNetworkInterfaceRef interface
, CFStringRef prefix
, Boolean showChild
)
461 CFDictionaryRef configuration
;
462 CFStringRef if_bsd_name
;
463 CFStringRef if_localized_name
;
464 CFStringRef if_mac_address
;
466 Boolean isPhysicalEthernet
;
467 CFArrayRef supported
;
469 if_localized_name
= SCNetworkInterfaceGetLocalizedDisplayName(interface
);
470 if (if_localized_name
!= NULL
) {
471 SCPrint(TRUE
, stdout
, CFSTR("%@ name = %@\n"), prefix
, if_localized_name
);
474 if_bsd_name
= SCNetworkInterfaceGetBSDName(interface
);
475 if (if_bsd_name
!= NULL
) {
476 SCPrint(TRUE
, stdout
, CFSTR("%@ interface name = %@\n"), prefix
, if_bsd_name
);
479 if_type
= SCNetworkInterfaceGetInterfaceType(interface
);
480 SCPrint(TRUE
, stdout
, CFSTR("%@ type = %@\n"), prefix
, if_type
);
482 if_mac_address
= SCNetworkInterfaceGetHardwareAddressString(interface
);
483 if (if_mac_address
!= NULL
) {
484 SCPrint(TRUE
, stdout
, CFSTR("%@ address = %@\n"), prefix
, if_mac_address
);
487 configuration
= SCNetworkInterfaceGetConfiguration(interface
);
488 if ((configuration
!= NULL
) &&
489 CFDictionaryContainsKey(configuration
, kSCResvInactive
)) {
490 configuration
= NULL
;
493 if (if_bsd_name
!= NULL
) {
494 CFArrayRef available
;
495 CFDictionaryRef active
;
496 CFDictionaryRef cap_current
;
500 CFDictionaryRef qosPolicy
;
502 cap_current
= SCNetworkInterfaceCopyCapability(interface
, NULL
);
503 if (cap_current
!= NULL
) {
505 CFArrayRef cap_names
;
506 CFMutableArrayRef cap_sorted
;
510 n
= CFDictionaryGetCount(cap_current
);
511 keys
= CFAllocatorAllocate(NULL
, n
* sizeof(CFStringRef
), 0);
512 CFDictionaryGetKeysAndValues(cap_current
, keys
, NULL
);
513 cap_names
= CFArrayCreate(NULL
, keys
, n
, &kCFTypeArrayCallBacks
);
514 CFAllocatorDeallocate(NULL
, keys
);
516 cap_sorted
= CFArrayCreateMutableCopy(NULL
, 0, cap_names
);
517 CFRelease(cap_names
);
519 CFArraySortValues(cap_sorted
, CFRangeMake(0, n
), (CFComparatorFunction
)CFStringCompare
, NULL
);
521 SCPrint(TRUE
, stdout
, CFSTR("%@ capabilities = "), prefix
);
522 for (i
= 0; i
< n
; i
++) {
523 CFStringRef cap_name
;
525 CFNumberRef val
= NULL
;
527 cap_name
= CFArrayGetValueAtIndex(cap_sorted
, i
);
528 if (configuration
!= NULL
) {
529 val
= CFDictionaryGetValue(configuration
, cap_name
);
531 if (!isA_CFNumber(val
)) {
532 val
= CFDictionaryGetValue(cap_current
, cap_name
);
535 SCPrint(TRUE
, stdout
, CFSTR("%s%@%c"),
538 (CFNumberGetValue(val
, kCFNumberIntType
, &cap_val
) &&
539 (cap_val
!= 0)) ? '+' : '-');
541 SCPrint(TRUE
, stdout
, CFSTR("\n"));
543 CFRelease(cap_sorted
);
544 CFRelease(cap_current
);
547 if (SCNetworkInterfaceCopyMTU(interface
, &mtu_cur
, &mtu_min
, &mtu_max
)) {
548 char isCurrent
= '*';
550 if (configuration
!= NULL
) {
554 num
= CFDictionaryGetValue(configuration
, kSCPropNetEthernetMTU
);
555 if (isA_CFNumber(num
) &&
556 CFNumberGetValue(num
, kCFNumberIntType
, &mtu_req
)) {
557 if (mtu_cur
!= mtu_req
) {
564 SCPrint(TRUE
, stdout
, CFSTR("%@ mtu %c = %d (%d < n < %d)\n"),
572 if (SCNetworkInterfaceCopyMediaOptions(interface
, NULL
, &active
, &available
, TRUE
)) {
573 char isCurrent
= ' ';
574 CFArrayRef options
= NULL
;
575 CFArrayRef options_req
= NULL
;
576 CFStringRef subtype
= NULL
;
577 CFStringRef subtype_req
= NULL
;
579 if (configuration
!= NULL
) {
580 subtype_req
= CFDictionaryGetValue(configuration
, kSCPropNetEthernetMediaSubType
);
581 options_req
= CFDictionaryGetValue(configuration
, kSCPropNetEthernetMediaOptions
);
584 if (subtype_req
== NULL
) {
585 subtype_req
= CFSTR("autoselect");
588 if (active
!= NULL
) {
589 subtype
= CFDictionaryGetValue(active
, kSCPropNetEthernetMediaSubType
);
590 options
= CFDictionaryGetValue(active
, kSCPropNetEthernetMediaOptions
);
593 if (subtype
!= NULL
) {
594 if (((subtype_req
!= NULL
) &&
595 CFEqual(subtype
, subtype_req
)) &&
596 ((options
== options_req
) ||
597 ((options
!= NULL
) &&
598 (options_req
!= NULL
) &&
599 CFEqual(options
, options_req
)))
602 } else if ((subtype_req
== NULL
) ||
603 ((subtype_req
!= NULL
) &&
604 CFEqual(subtype_req
, CFSTR("autoselect")))) {
605 // if requested subtype not specified or "autoselect"
610 if (subtype_req
!= NULL
) {
611 SCPrint(TRUE
, stdout
, CFSTR("%@ media %c = %@"),
616 if ((options_req
!= NULL
) &&
617 (CFArrayGetCount(options_req
) > 0)) {
618 CFStringRef options_str
;
620 options_str
= CFStringCreateByCombiningStrings(NULL
, options_req
, CFSTR(","));
621 SCPrint(TRUE
, stdout
, CFSTR(" <%@>"), options_str
);
622 CFRelease(options_str
);
625 SCPrint(TRUE
, stdout
, CFSTR("\n"));
628 SCPrint(TRUE
, stdout
, CFSTR("\n"));
630 if (available
!= NULL
) {
635 subtypes
= SCNetworkInterfaceCopyMediaSubTypes(available
);
636 n_subtypes
= (subtypes
!= NULL
) ? CFArrayGetCount(subtypes
) : 0;
637 for (i
= 0; i
< n_subtypes
; i
++) {
639 CFIndex n_subtype_options
;
641 CFArrayRef subtype_options
;
643 subtype
= CFArrayGetValueAtIndex(subtypes
, i
);
644 subtype_options
= SCNetworkInterfaceCopyMediaSubTypeOptions(available
, subtype
);
645 n_subtype_options
= (subtype_options
!= NULL
) ? CFArrayGetCount(subtype_options
) : 0;
646 for (j
= 0; j
< n_subtype_options
; j
++) {
647 char isCurrent
= ' ';
650 options
= CFArrayGetValueAtIndex(subtype_options
, j
);
652 if (((subtype_req
!= NULL
) &&
653 CFEqual(subtype
, subtype_req
)) &&
654 ((options
== options_req
) ||
655 ((options
!= NULL
) &&
656 (options_req
!= NULL
) &&
657 CFEqual(options
, options_req
)))
662 SCPrint(TRUE
, stdout
, CFSTR("%@ %s %c = %@"),
664 ((i
== 0) && (j
== 0)) ? "supported media" : " ",
668 if ((options
!= NULL
) &&
669 (CFArrayGetCount(options
) > 0)) {
670 CFStringRef options_str
;
672 options_str
= CFStringCreateByCombiningStrings(NULL
, options
, CFSTR(","));
673 SCPrint(TRUE
, stdout
, CFSTR(" <%@>"), options_str
);
674 CFRelease(options_str
);
677 SCPrint(TRUE
, stdout
, CFSTR("\n"));
679 if (subtype_options
!= NULL
) CFRelease(subtype_options
);
681 if (subtypes
!= NULL
) CFRelease(subtypes
);
684 SCPrint(TRUE
, stdout
, CFSTR("\n"));
687 qosPolicy
= SCNetworkInterfaceGetQoSMarkingPolicy(interface
);
688 if (qosPolicy
!= NULL
) {
690 CFArrayRef bundleIDs
;
691 Boolean needComma
= FALSE
;
693 SCPrint(TRUE
, stdout
, CFSTR("%@ qos marking ="), prefix
);
695 bVal
= CFDictionaryGetValue(qosPolicy
, kSCPropNetQoSMarkingEnabled
);
696 if ((bVal
!= NULL
) && isA_CFBoolean(bVal
)) {
697 SCPrint(TRUE
, stdout
, CFSTR(" %senabled"),
698 CFBooleanGetValue(bVal
) ? "" : "!");
702 bVal
= CFDictionaryGetValue(qosPolicy
, kSCPropNetQoSMarkingAppleAudioVideoCalls
);
703 if ((bVal
!= NULL
) && isA_CFBoolean(bVal
)) {
704 SCPrint(TRUE
, stdout
, CFSTR("%s %sapple-av"),
705 needComma
? "," : "",
706 CFBooleanGetValue(bVal
) ? "" : "!");
710 bundleIDs
= CFDictionaryGetValue(qosPolicy
, kSCPropNetQoSMarkingWhitelistedAppIdentifiers
);
711 if ((bundleIDs
!= NULL
) && CFArrayGetCount(bundleIDs
)) {
712 CFIndex n
= CFArrayGetCount(bundleIDs
);
714 SCPrint(TRUE
, stdout
, CFSTR("%s applications = ("),
715 needComma
? "," : "");
716 for (CFIndex i
= 0; i
< n
; i
++) {
717 CFStringRef bundleID
;
719 bundleID
= CFArrayGetValueAtIndex(bundleIDs
, i
);
720 if (!isA_CFString(bundleID
)) {
721 bundleID
= CFSTR("--invalid-bundle-id--");
723 SCPrint(TRUE
, stdout
, CFSTR("%s%@"),
727 SCPrint(TRUE
, stdout
, CFSTR(")"));
730 SCPrint(TRUE
, stdout
, CFSTR("\n"));
734 supported
= SCNetworkInterfaceGetSupportedInterfaceTypes(interface
);
735 SCPrint(TRUE
, stdout
, CFSTR("%@ supported interfaces = "), prefix
);
736 if (supported
!= NULL
) {
738 CFIndex n
= CFArrayGetCount(supported
);
740 for (i
= 0; i
< n
; i
++) {
741 SCPrint(TRUE
, stdout
, CFSTR("%s%@"),
742 (i
== 0) ? "" : ", ",
743 CFArrayGetValueAtIndex(supported
, i
));
746 SCPrint(TRUE
, stdout
, CFSTR("\n"));
748 supported
= SCNetworkInterfaceGetSupportedProtocolTypes(interface
);
749 SCPrint(TRUE
, stdout
, CFSTR("%@ supported protocols = "), prefix
);
750 if (supported
!= NULL
) {
752 CFIndex n
= CFArrayGetCount(supported
);
754 for (i
= 0; i
< n
; i
++) {
755 SCPrint(TRUE
, stdout
, CFSTR("%s%@"),
756 (i
== 0) ? "" : ", ",
757 CFArrayGetValueAtIndex(supported
, i
));
760 SCPrint(TRUE
, stdout
, CFSTR("\n"));
762 isPhysicalEthernet
= _SCNetworkInterfaceIsPhysicalEthernet(interface
);
763 SCPrint(TRUE
, stdout
, CFSTR("%@ is%s physical ethernet\n"),
765 isPhysicalEthernet
? "" : " not");
767 if (configuration
!= NULL
) {
768 CFMutableDictionaryRef effective
;
770 effective
= CFDictionaryCreateMutableCopy(NULL
, 0, configuration
);
772 // remove known (and already reported) interface configuration keys
773 if (CFDictionaryContainsKey(effective
, kSCResvInactive
)) {
774 CFDictionaryRemoveAllValues(effective
);
776 CFDictionaryRemoveValue(effective
, kSCPropNetEthernetMTU
);
777 CFDictionaryRemoveValue(effective
, kSCPropNetEthernetMediaSubType
);
778 CFDictionaryRemoveValue(effective
, kSCPropNetEthernetMediaOptions
);
780 if (CFDictionaryGetCount(effective
) > 0) {
781 SCPrint(TRUE
, stdout
, CFSTR("\n%@ per-interface configuration\n"), prefix
);
782 _show_entity(effective
, prefix
);
785 CFRelease(effective
);
788 if (CFEqual(if_type
, kSCNetworkInterfaceTypePPP
)) {
789 SCNetworkInterfaceRef childInterface
;
791 childInterface
= SCNetworkInterfaceGetInterface(interface
);
792 if (childInterface
!= NULL
) {
793 CFStringRef childInterfaceType
;
795 childInterfaceType
= SCNetworkInterfaceGetInterfaceType(childInterface
);
796 if (CFEqual(childInterfaceType
, kSCNetworkInterfaceTypeL2TP
)) {
797 CFDictionaryRef ipsec_configuration
;
799 ipsec_configuration
= SCNetworkInterfaceGetExtendedConfiguration(interface
, kSCEntNetIPSec
);
800 if (isA_CFDictionary(ipsec_configuration
) &&
801 (CFDictionaryGetCount(ipsec_configuration
) > 0)) {
802 SCPrint(TRUE
, stdout
, CFSTR("\n%@ per-interface IPSec configuration\n"), prefix
);
803 _show_entity(ipsec_configuration
, prefix
);
810 SCPrint(TRUE
, stdout
, CFSTR("\n%@\n"), interface
);
813 interface
= SCNetworkInterfaceGetInterface(interface
);
814 if (interface
!= NULL
) {
815 CFStringRef newPrefix
;
817 newPrefix
= CFStringCreateWithFormat(NULL
, NULL
, CFSTR("%@ "), prefix
);
818 SCPrint(TRUE
, stdout
, CFSTR("\n%@child interface\n"), newPrefix
);
819 _show_interface(interface
, newPrefix
, showChild
);
820 CFRelease(newPrefix
);
827 /* -------------------- */
831 validateMediaOptions(SCNetworkInterfaceRef interface
, CFMutableDictionaryRef newConfiguration
)
838 mtu
= CFDictionaryGetValue(newConfiguration
, kSCPropNetEthernetMTU
);
839 if (isA_CFNumber(mtu
)) {
844 if (!SCNetworkInterfaceCopyMTU(interface
, NULL
, &mtu_min
, &mtu_max
)) {
845 SCPrint(TRUE
, stdout
, CFSTR("cannot set MTU\n"));
849 if (!CFNumberGetValue(mtu
, kCFNumberIntType
, &mtu_val
) ||
850 (mtu_val
< mtu_min
) ||
851 (mtu_val
> mtu_max
)) {
852 SCPrint(TRUE
, stdout
, CFSTR("mtu out of range\n"));
857 subtype
= CFDictionaryGetValue(newConfiguration
, kSCPropNetEthernetMediaSubType
);
858 options
= CFDictionaryGetValue(newConfiguration
, kSCPropNetEthernetMediaOptions
);
860 if (subtype
!= NULL
) {
861 CFArrayRef available
= NULL
;
862 CFArrayRef config_options
= options
;
863 CFArrayRef subtypes
= NULL
;
864 CFArrayRef subtype_options
= NULL
;
868 if (options
== NULL
) {
869 config_options
= CFArrayCreate(NULL
, NULL
, 0, &kCFTypeArrayCallBacks
);
872 if (!SCNetworkInterfaceCopyMediaOptions(interface
, NULL
, NULL
, &available
, FALSE
)) {
873 SCPrint(TRUE
, stdout
, CFSTR("media type / options not available\n"));
877 if (available
== NULL
) {
881 subtypes
= SCNetworkInterfaceCopyMediaSubTypes(available
);
882 if ((subtypes
== NULL
) ||
883 !CFArrayContainsValue(subtypes
,
884 CFRangeMake(0, CFArrayGetCount(subtypes
)),
886 SCPrint(TRUE
, stdout
, CFSTR("media type not valid\n"));
890 subtype_options
= SCNetworkInterfaceCopyMediaSubTypeOptions(available
, subtype
);
891 if ((subtype_options
== NULL
) ||
892 !CFArrayContainsValue(subtype_options
,
893 CFRangeMake(0, CFArrayGetCount(subtype_options
)),
895 SCPrint(TRUE
, stdout
, CFSTR("media options not valid for \"%@\"\n"), subtype
);
899 if (options
== NULL
) {
900 CFDictionarySetValue(newConfiguration
, kSCPropNetEthernetMediaOptions
, config_options
);
907 if (available
!= NULL
) CFRelease(available
);
908 if (subtypes
!= NULL
) CFRelease(subtypes
);
909 if (subtype_options
!= NULL
) CFRelease(subtype_options
);
910 if (options
== NULL
) CFRelease(config_options
);
912 if (options
!= NULL
) {
913 SCPrint(TRUE
, stdout
, CFSTR("media type and options must both be specified\n"));
922 /* -------------------- */
927 show_interfaces(int argc
, char **argv
)
932 if (interfaces
!= NULL
) CFRelease(interfaces
);
933 interfaces
= _copy_interfaces();
934 if (interfaces
== NULL
) {
938 n
= CFArrayGetCount(interfaces
);
939 for (i
= 0; i
< n
; i
++) {
940 CFIndex childIndex
= 0;
941 SCNetworkInterfaceRef interface
;
943 interface
= CFArrayGetValueAtIndex(interfaces
, i
);
945 CFStringRef interfaceName
;
948 interfaceName
= SCNetworkInterfaceGetLocalizedDisplayName(interface
);
949 if (interfaceName
== NULL
) {
950 interfaceName
= SCNetworkInterfaceGetBSDName(interface
);
952 if (interfaceName
== NULL
) {
953 interfaceName
= SCNetworkInterfaceGetInterfaceType(interface
);
957 if ((net_interface
!= NULL
) && CFEqual(interface
, net_interface
)) {
961 if (childIndex
== 0) {
962 SCPrint(TRUE
, stdout
, CFSTR("%c%2ld: %@\n"),
967 SCPrint(TRUE
, stdout
, CFSTR("%c%2ld.%ld: %@\n"),
975 CFMutableStringRef desc
;
976 CFMutableDictionaryRef formatOptions
;
978 desc
= CFStringCreateMutable(NULL
, 0);
980 formatOptions
= CFDictionaryCreateMutable(NULL
, 0, &kCFTypeDictionaryKeyCallBacks
, &kCFTypeDictionaryValueCallBacks
);
981 CFDictionarySetValue(formatOptions
, CFSTR("PREFIX1"), CFSTR(""));
982 CFDictionarySetValue(formatOptions
, CFSTR("PREFIX2"), CFSTR("$$"));
983 CFStringAppendFormat(desc
, formatOptions
, CFSTR("%@"), interface
);
984 CFRelease(formatOptions
);
986 // cleanup SCNetworkInterface details
987 CFStringFindAndReplace(desc
,
990 CFRangeMake(0, CFStringGetLength(desc
)),
992 CFStringFindAndReplace(desc
,
995 CFRangeMake(0, CFStringGetLength(desc
)),
997 CFStringFindAndReplace(desc
,
1000 CFRangeMake(CFStringGetLength(desc
) - 1, 1),
1001 kCFCompareBackwards
|kCFCompareAnchored
);
1003 // additional cleanup for Bond, Bridge, VLAN options
1004 CFStringFindAndReplace(desc
,
1007 CFRangeMake(0, CFStringGetLength(desc
)),
1009 CFStringFindAndReplace(desc
,
1012 CFRangeMake(0, CFStringGetLength(desc
)),
1014 CFStringFindAndReplace(desc
,
1017 CFRangeMake(0, CFStringGetLength(desc
)),
1020 SCPrint(TRUE
, stdout
, CFSTR("\n %@\n\n"), desc
);
1024 interface
= SCNetworkInterfaceGetInterface(interface
);
1026 } while (interface
!= NULL
);
1033 /* -------------------- */
1037 __doRank(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1039 SCNetworkInterfaceRef interface
;
1040 CFStringRef interfaceName
;
1042 SCNetworkServicePrimaryRank rank
= kSCNetworkServicePrimaryRankDefault
;
1043 SCDynamicStoreRef store
;
1046 SCPrint(TRUE
, stdout
,
1047 CFSTR("%s not specified\n"),
1048 description
!= NULL
? description
: "rank");
1052 if (strlen(argv
[0]) == 0) {
1053 rank
= kSCNetworkServicePrimaryRankDefault
;
1054 } else if ((strcasecmp(argv
[0], "First") == 0)) {
1055 rank
= kSCNetworkServicePrimaryRankFirst
;
1056 } else if ((strcasecmp(argv
[0], "Last") == 0)) {
1057 rank
= kSCNetworkServicePrimaryRankLast
;
1058 } else if ((strcasecmp(argv
[0], "Never") == 0)) {
1059 rank
= kSCNetworkServicePrimaryRankNever
;
1060 } else if ((strcasecmp(argv
[0], "Scoped") == 0)) {
1061 rank
= kSCNetworkServicePrimaryRankScoped
;
1063 SCPrint(TRUE
, stdout
, CFSTR("invalid rank\n"));
1067 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1068 if (interfaceName
== NULL
) {
1069 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1073 store
= SCDynamicStoreCreate(NULL
, CFSTR("scutil --net"), NULL
, NULL
);
1074 interface
= _SCNetworkInterfaceCopyActive(store
, interfaceName
);
1076 if (interface
== NULL
) {
1077 SCPrint(TRUE
, stdout
, CFSTR("No active interface\n"));
1081 ok
= SCNetworkInterfaceSetPrimaryRank(interface
, rank
);
1082 CFRelease(interface
);
1084 SCPrint(TRUE
, stdout
, CFSTR("could not update per-interface rank\n"));
1092 /* -------------------- */
1096 _replaceOne(const void *key
, const void *value
, void *context
)
1098 CFMutableDictionaryRef newConfiguration
= (CFMutableDictionaryRef
)context
;
1100 CFDictionarySetValue(newConfiguration
, key
, value
);
1106 updateInterfaceConfiguration(CFMutableDictionaryRef newConfiguration
)
1108 CFDictionaryRef configuration
;
1110 CFDictionaryRemoveAllValues(newConfiguration
);
1112 configuration
= SCNetworkInterfaceGetConfiguration(net_interface
);
1113 if (configuration
!= NULL
) {
1114 CFDictionaryApplyFunction(configuration
, _replaceOne
, (void *)newConfiguration
);
1122 #pragma mark QoS Marking Policy options
1125 static options qosOptions
[] = {
1126 { "enabled" , NULL
, isBool
, &kSCPropNetQoSMarkingEnabled
, NULL
, NULL
},
1127 { "apple-av" , NULL
, isBool
, &kSCPropNetQoSMarkingAppleAudioVideoCalls
, NULL
, NULL
},
1128 { "bundle-ids", NULL
, isStringArray
, &kSCPropNetQoSMarkingWhitelistedAppIdentifiers
, NULL
, NULL
},
1130 { "?" , NULL
, isHelp
, NULL
, NULL
,
1131 "\nQoS marking policy commands\n\n"
1132 " set interface qos [enabled {yes|no}]\n"
1133 " set interface qos [apple-av {yes|no}]\n"
1134 " set interface qos [bundle-ids bundle-id[,bundle-id]]\n"
1137 #define N_QOS_OPTIONS (sizeof(qosOptions) / sizeof(qosOptions[0]))
1141 __doQoSMarking(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1143 CFStringRef interfaceName
;
1144 CFMutableDictionaryRef newPolicy
;
1146 CFDictionaryRef policy
;
1149 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
1153 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1154 if (interfaceName
== NULL
) {
1155 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1159 policy
= SCNetworkInterfaceGetQoSMarkingPolicy(net_interface
);
1160 if (policy
!= NULL
) {
1161 newPolicy
= CFDictionaryCreateMutableCopy(NULL
, 0, policy
);
1162 CFDictionaryRemoveValue(newPolicy
, kSCResvInactive
);
1164 newPolicy
= CFDictionaryCreateMutable(NULL
,
1166 &kCFTypeDictionaryKeyCallBacks
,
1167 &kCFTypeDictionaryValueCallBacks
);
1170 ok
= _process_options(qosOptions
, N_QOS_OPTIONS
, argc
, argv
, newPolicy
);
1175 if (((policy
== NULL
) && (CFDictionaryGetCount(newPolicy
) > 0)) ||
1176 ((policy
!= NULL
) && !CFEqual(policy
, newPolicy
))) {
1177 if (!SCNetworkInterfaceSetQoSMarkingPolicy(net_interface
, newPolicy
)) {
1178 if (SCError() == kSCStatusNoKey
) {
1179 SCPrint(TRUE
, stdout
, CFSTR("could not update per-interface QoS marking policy\n"));
1181 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
1186 _prefs_changed
= TRUE
;
1191 if (newPolicy
!= NULL
) CFRelease(newPolicy
);
1197 #pragma mark Bond options
1200 static options bondOptions
[] = {
1201 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1202 // xxx { "+device" , ... },
1203 // xxx { "-device" , ... },
1205 { "?" , NULL
, isHelp
, NULL
, NULL
,
1206 "\nBond configuration commands\n\n"
1207 " set interface [mtu n] [media type] [mediaopts opts]\n"
1210 #define N_BOND_OPTIONS (sizeof(bondOptions) / sizeof(bondOptions[0]))
1214 set_interface_bond(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1216 CFStringRef interfaceName
;
1219 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1220 if (interfaceName
== NULL
) {
1221 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1225 ok
= _process_options(bondOptions
, N_BOND_OPTIONS
, argc
, argv
, newConfiguration
);
1227 // validate configuration
1228 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1238 #pragma mark Bridge options
1241 static options bridgeOptions
[] = {
1242 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1243 // xxx { "+device" , ... },
1244 // xxx { "-device" , ... },
1246 { "?" , NULL
, isHelp
, NULL
, NULL
,
1247 "\nBridge configuration commands\n\n"
1248 " set interface [mtu n] [media type] [mediaopts opts]\n"
1251 #define N_BRIDGE_OPTIONS (sizeof(bridgeOptions) / sizeof(bridgeOptions[0]))
1255 set_interface_bridge(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1257 CFStringRef interfaceName
;
1260 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1261 if (interfaceName
== NULL
) {
1262 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1266 ok
= _process_options(bridgeOptions
, N_BRIDGE_OPTIONS
, argc
, argv
, newConfiguration
);
1268 // validate configuration
1269 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1279 #pragma mark AirPort options
1282 static options airportOptions
[] = {
1283 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1284 { "media" , NULL
, isString
, &kSCPropNetEthernetMediaSubType
, NULL
, NULL
},
1285 { "mediaopt" , NULL
, isStringArray
, &kSCPropNetEthernetMediaOptions
, NULL
, NULL
},
1287 { "rank" , NULL
, isOther
, NULL
, __doRank
, NULL
},
1289 { "qos" , NULL
, isOther
, NULL
, __doQoSMarking
, NULL
},
1291 { "?" , NULL
, isHelp
, NULL
, NULL
,
1292 "\nAirPort configuration commands\n\n"
1293 " set interface [mtu n] [media type] [mediaopts opts]\n"
1294 " set interface [rank [{First|Last|Never|Scoped}]]\n"
1295 " set interface [qos <qos-options>]]\n"
1298 #define N_AIRPORT_OPTIONS (sizeof(airportOptions) / sizeof(airportOptions[0]))
1302 set_interface_airport(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1304 CFStringRef interfaceName
;
1307 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1308 if (interfaceName
== NULL
) {
1309 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1313 ok
= _process_options(airportOptions
, N_AIRPORT_OPTIONS
, argc
, argv
, newConfiguration
);
1315 // validate configuration
1316 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1326 #pragma mark Ethernet options
1330 __doCapability(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1335 SCPrint(TRUE
, stdout
,
1336 CFSTR("%s not specified\n"),
1337 description
!= NULL
? description
: "enable/disable");
1341 if (strlen(argv
[0]) == 0) {
1342 ok
= SCNetworkInterfaceSetCapability(net_interface
, key
, NULL
);
1343 } else if ((strcasecmp(argv
[0], "disable") == 0) ||
1344 (strcasecmp(argv
[0], "no" ) == 0) ||
1345 (strcasecmp(argv
[0], "off" ) == 0) ||
1346 (strcasecmp(argv
[0], "0" ) == 0)) {
1347 ok
= SCNetworkInterfaceSetCapability(net_interface
, key
, CFNumberRef_0
);
1348 } else if ((strcasecmp(argv
[0], "enable") == 0) ||
1349 (strcasecmp(argv
[0], "yes" ) == 0) ||
1350 (strcasecmp(argv
[0], "on" ) == 0) ||
1351 (strcasecmp(argv
[0], "1" ) == 0)) {
1352 ok
= SCNetworkInterfaceSetCapability(net_interface
, key
, CFNumberRef_1
);
1354 SCPrint(TRUE
, stdout
, CFSTR("invalid value\n"));
1359 updateInterfaceConfiguration(newConfiguration
);
1361 SCPrint(TRUE
, stdout
,
1362 CFSTR("%@ not updated: %s\n"),
1364 SCErrorString(SCError()));
1372 static options ethernetOptions
[] = {
1373 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1374 { "media" , NULL
, isString
, &kSCPropNetEthernetMediaSubType
, NULL
, NULL
},
1375 { "mediaopt" , NULL
, isStringArray
, &kSCPropNetEthernetMediaOptions
, NULL
, NULL
},
1377 { "av" , NULL
, isOther
, &kSCPropNetEthernetCapabilityAV
, __doCapability
, NULL
},
1378 { "lro" , NULL
, isOther
, &kSCPropNetEthernetCapabilityLRO
, __doCapability
, NULL
},
1379 { "rxcsum" , NULL
, isOther
, &kSCPropNetEthernetCapabilityRXCSUM
, __doCapability
, NULL
},
1380 { "tso" , NULL
, isOther
, &kSCPropNetEthernetCapabilityTSO
, __doCapability
, NULL
},
1381 { "txcsum" , NULL
, isOther
, &kSCPropNetEthernetCapabilityTXCSUM
, __doCapability
, NULL
},
1383 { "rank" , NULL
, isOther
, NULL
, __doRank
, NULL
},
1385 { "qos" , NULL
, isOther
, NULL
, __doQoSMarking
, NULL
},
1387 { "?" , NULL
, isHelp
, NULL
, NULL
,
1388 "\nEthernet configuration commands\n\n"
1389 " set interface [mtu n] [media type] [mediaopts opts]\n"
1390 " set interface [rank [{First|Last|Never|Scoped}]]\n"
1391 " set interface [qos [<qos-options>]]\n"
1394 #define N_ETHERNET_OPTIONS (sizeof(ethernetOptions) / sizeof(ethernetOptions[0]))
1398 set_interface_ethernet(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1400 CFStringRef interfaceName
;
1403 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1404 if (interfaceName
== NULL
) {
1405 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1409 ok
= _process_options(ethernetOptions
, N_ETHERNET_OPTIONS
, argc
, argv
, newConfiguration
);
1411 // validate configuration
1412 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1422 #pragma mark IPSec options
1426 __doIPSecSharedSecret(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1428 CFStringRef encryptionType
;
1431 SCPrint(TRUE
, stdout
, CFSTR("IPSec shared secret not specified\n"));
1435 encryptionType
= CFDictionaryGetValue(newConfiguration
, kSCPropNetIPSecSharedSecretEncryption
);
1436 if (strlen(argv
[0]) > 0) {
1437 if (encryptionType
== NULL
) {
1438 #ifdef INLINE_PASSWORDS_USE_CFSTRING
1441 pw
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1442 #else // INLINE_PASSWORDS_USE_CFSTRING
1444 CFMutableDataRef pw
;
1447 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1448 n
= CFStringGetLength(str
);
1449 pw
= CFDataCreateMutable(NULL
, n
* sizeof(UniChar
));
1450 CFDataSetLength(pw
, n
* sizeof(UniChar
));
1451 /* ALIGN: CF aligns to at least >8 bytes */
1452 CFStringGetCharacters(str
,
1454 (UniChar
*)(void *)CFDataGetMutableBytePtr(pw
));
1456 #endif // INLINE_PASSWORDS_USE_CFSTRING
1458 CFDictionarySetValue(newConfiguration
, key
, pw
);
1460 } else if (CFEqual(encryptionType
, kSCValNetIPSecSharedSecretEncryptionKeychain
)) {
1465 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1466 pw
= CFStringCreateExternalRepresentation(NULL
, str
, kCFStringEncodingUTF8
, 0);
1467 ok
= SCNetworkInterfaceSetPassword(net_interface
,
1468 kSCNetworkInterfacePasswordTypeIPSecSharedSecret
,
1474 updateInterfaceConfiguration(newConfiguration
);
1479 SCPrint(TRUE
, stdout
, CFSTR("IPSec shared secret type \"%@\" not supported\n"), encryptionType
);
1483 if (encryptionType
== NULL
) {
1484 CFDictionaryRemoveValue(newConfiguration
, key
);
1485 } else if (CFEqual(encryptionType
, kSCValNetIPSecSharedSecretEncryptionKeychain
)) {
1487 ok
= SCNetworkInterfaceRemovePassword(net_interface
, kSCNetworkInterfacePasswordTypeIPSecSharedSecret
);
1489 updateInterfaceConfiguration(newConfiguration
);
1494 SCPrint(TRUE
, stdout
, CFSTR("IPSec shared secret type \"%@\" not supported\n"), encryptionType
);
1504 __doIPSecSharedSecretType(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1507 SCPrint(TRUE
, stdout
, CFSTR("IPSec shared secret type mode not specified\n"));
1511 if (strlen(argv
[0]) > 0) {
1512 if (strcasecmp(argv
[0], "keychain") == 0) {
1513 CFDictionarySetValue(newConfiguration
, key
, kSCValNetIPSecSharedSecretEncryptionKeychain
);
1515 SCPrint(TRUE
, stdout
, CFSTR("invalid shared secret type\n"));
1519 CFDictionaryRemoveValue(newConfiguration
, key
);
1522 // encryption type changed, reset shared secret
1523 CFDictionaryRemoveValue(newConfiguration
, kSCPropNetIPSecSharedSecret
);
1530 __doIPSecXAuthPassword(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1532 CFStringRef encryptionType
;
1535 SCPrint(TRUE
, stdout
, CFSTR("IPSec XAuth password not specified\n"));
1539 encryptionType
= CFDictionaryGetValue(newConfiguration
, kSCPropNetIPSecXAuthPasswordEncryption
);
1540 if (strlen(argv
[0]) > 0) {
1541 if (encryptionType
== NULL
) {
1542 #ifdef INLINE_PASSWORDS_USE_CFSTRING
1545 pw
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1546 #else // INLINE_PASSWORDS_USE_CFSTRING
1548 CFMutableDataRef pw
;
1551 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1552 n
= CFStringGetLength(str
);
1553 pw
= CFDataCreateMutable(NULL
, n
* sizeof(UniChar
));
1554 CFDataSetLength(pw
, n
* sizeof(UniChar
));
1555 /* ALIGN: CF aligns to at least >8 byte boundries */
1556 CFStringGetCharacters(str
,
1558 (UniChar
*)(void *)CFDataGetMutableBytePtr(pw
));
1560 #endif // INLINE_PASSWORDS_USE_CFSTRING
1562 CFDictionarySetValue(newConfiguration
, key
, pw
);
1564 } else if (CFEqual(encryptionType
, kSCValNetIPSecXAuthPasswordEncryptionKeychain
)) {
1569 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1570 pw
= CFStringCreateExternalRepresentation(NULL
, str
, kCFStringEncodingUTF8
, 0);
1571 ok
= SCNetworkInterfaceSetPassword(net_interface
,
1572 kSCNetworkInterfacePasswordTypeIPSecXAuth
,
1578 updateInterfaceConfiguration(newConfiguration
);
1583 SCPrint(TRUE
, stdout
, CFSTR("IPSec XAuthPassword type \"%@\" not supported\n"), encryptionType
);
1587 if (encryptionType
== NULL
) {
1588 CFDictionaryRemoveValue(newConfiguration
, key
);
1589 } else if (CFEqual(encryptionType
, kSCValNetIPSecXAuthPasswordEncryptionKeychain
)) {
1592 ok
= SCNetworkInterfaceRemovePassword(net_interface
, kSCNetworkInterfacePasswordTypeIPSecXAuth
);
1594 updateInterfaceConfiguration(newConfiguration
);
1599 SCPrint(TRUE
, stdout
, CFSTR("IPSec XAuthPassword type \"%@\" not supported\n"), encryptionType
);
1609 __doIPSecXAuthPasswordType(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1612 SCPrint(TRUE
, stdout
, CFSTR("IPSec XAuth password type mode not specified\n"));
1616 if (strlen(argv
[0]) > 0) {
1617 if (strcasecmp(argv
[0], "keychain") == 0) {
1618 CFDictionarySetValue(newConfiguration
, key
, kSCValNetIPSecXAuthPasswordEncryptionKeychain
);
1620 SCPrint(TRUE
, stdout
, CFSTR("invalid XAuth password type\n"));
1624 CFDictionaryRemoveValue(newConfiguration
, key
);
1627 // encryption type changed, reset XAuthPassword
1628 CFDictionaryRemoveValue(newConfiguration
, kSCPropNetIPSecXAuthPassword
);
1634 static CF_RETURNS_RETAINED CFStringRef
1635 __cleanupDomainName(CFStringRef domain
)
1637 CFMutableStringRef newDomain
;
1639 newDomain
= CFStringCreateMutableCopy(NULL
, 0, domain
);
1640 CFStringTrimWhitespace(newDomain
);
1641 CFStringTrim(newDomain
, CFSTR("."));
1642 if (CFStringGetLength(newDomain
) == 0) {
1643 CFRelease(newDomain
);
1652 __doOnDemandDomains(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1654 CFMutableArrayRef domains
;
1657 SCPrint(TRUE
, stdout
, CFSTR("OnDemand domain name(s) not specified\n"));
1661 domains
= CFArrayCreateMutable(NULL
, 0, &kCFTypeArrayCallBacks
);
1663 if (strlen(argv
[0]) > 0) {
1667 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1668 array
= CFStringCreateArrayBySeparatingStrings(NULL
, str
, CFSTR(","));
1671 if (array
!= NULL
) {
1673 CFIndex n
= CFArrayGetCount(array
);
1675 for (i
= 0; i
< n
; i
++) {
1678 domain
= __cleanupDomainName(CFArrayGetValueAtIndex(array
, i
));
1679 if (domain
!= NULL
) {
1680 CFArrayAppendValue(domains
, domain
);
1685 SCPrint(TRUE
, stdout
, CFSTR("invalid OnDemand domain name\n"));
1693 if (CFArrayGetCount(domains
) > 0) {
1694 CFDictionarySetValue(newConfiguration
, key
, domains
);
1696 CFDictionaryRemoveValue(newConfiguration
, key
);
1704 static options ipsecOnDemandOptions
[] = {
1705 { "OnDemandMatchDomainsAlways" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsAlways
, __doOnDemandDomains
, NULL
},
1706 { "always" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsAlways
, __doOnDemandDomains
, NULL
},
1707 { "OnDemandMatchDomainsOnRetry", "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsOnRetry
, __doOnDemandDomains
, NULL
},
1708 { "retry" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsOnRetry
, __doOnDemandDomains
, NULL
},
1709 { "OnDemandMatchDomainsNever" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsNever
, __doOnDemandDomains
, NULL
},
1710 { "never" , "domain", isOther
, &kSCPropNetIPSecOnDemandMatchDomainsNever
, __doOnDemandDomains
, NULL
},
1712 { "?" , NULL
, isHelp
, NULL
, NULL
,
1713 "\nOnDemandMatch configuration commands\n\n"
1714 " set interface OnDemandMatch [always domain-name[,domain-name]]\n"
1715 " set interface OnDemandMatch [retry domain-name[,domain-name]]\n"
1716 " set interface OnDemandMatch [never domain-name[,domain-name]]\n"
1719 #define N_IPSEC_ONDEMAND_OPTIONS (sizeof(ipsecOnDemandOptions) / sizeof(ipsecOnDemandOptions[0]))
1723 __doIPSecOnDemandMatch(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1728 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
1732 ok
= _process_options(ipsecOnDemandOptions
, N_IPSEC_ONDEMAND_OPTIONS
, argc
, argv
, newConfiguration
);
1743 static selections ipsecAuthenticationMethodSelections
[] = {
1744 { CFSTR("SharedSecret"), &kSCValNetIPSecAuthenticationMethodSharedSecret
, 0 },
1745 { CFSTR("Certificate") , &kSCValNetIPSecAuthenticationMethodCertificate
, 0 },
1746 { CFSTR("Hybrid") , &kSCValNetIPSecAuthenticationMethodHybrid
, 0 },
1751 static selections ipsecLocalIdentifierTypeSelections
[] = {
1752 { CFSTR("KeyID") , &kSCValNetIPSecLocalIdentifierTypeKeyID
, 0 },
1757 static options ipsecOptions
[] = {
1758 { "AuthenticationMethod" , NULL
, isChooseOne
, &kSCPropNetIPSecAuthenticationMethod
, NULL
, (void *)ipsecAuthenticationMethodSelections
},
1759 { "LocalIdentifier" , NULL
, isString
, &kSCPropNetIPSecLocalIdentifier
, NULL
, NULL
},
1760 { "group" , NULL
, isString
, &kSCPropNetIPSecLocalIdentifier
, NULL
, NULL
},
1761 { "LocalIdentifierType" , NULL
, isChooseOne
, &kSCPropNetIPSecLocalIdentifierType
, NULL
, (void *)ipsecLocalIdentifierTypeSelections
},
1762 { "RemoteAddress" , NULL
, isString
, &kSCPropNetIPSecRemoteAddress
, NULL
, NULL
},
1763 { "SharedSecret" , NULL
, isOther
, &kSCPropNetIPSecSharedSecret
, __doIPSecSharedSecret
, NULL
},
1764 { "SharedSecretEncryption" , NULL
, isOther
, &kSCPropNetIPSecSharedSecretEncryption
, __doIPSecSharedSecretType
, NULL
},
1767 { "XAuthEnabled" , NULL
, isBoolean
, &kSCPropNetIPSecXAuthEnabled
, NULL
, NULL
},
1768 { "XAuthName" , NULL
, isString
, &kSCPropNetIPSecXAuthName
, NULL
, NULL
},
1769 { "XAuthPassword" , NULL
, isOther
, &kSCPropNetIPSecXAuthPassword
, __doIPSecXAuthPassword
, NULL
},
1770 { "XAuthPasswordEncryption", NULL
, isOther
, &kSCPropNetIPSecXAuthPasswordEncryption
, __doIPSecXAuthPasswordType
, NULL
},
1772 // --- OnDemand: ---
1773 { "OnDemandEnabled" , NULL
, isBoolean
, &kSCPropNetIPSecOnDemandEnabled
, NULL
, NULL
},
1774 { "OnDemandMatch" , NULL
, isOther
, NULL
, __doIPSecOnDemandMatch
, NULL
},
1776 { "?" , NULL
, isHelp
, NULL
, NULL
,
1777 "\nIPSec configuration commands\n\n"
1778 " set interface [AuthenticationMethod {SharedSecret|Certificate|Hybrid}]\n"
1779 " set interface [LocalIdentifier group]\n"
1780 " set interface [LocalIdentifierType {KeyID}]\n"
1781 " set interface [RemoteAddress name-or-address]\n"
1782 " set interface [SharedSecret secret]\n"
1783 " set interface [SharedSecretEncryption {Keychain}]\n"
1784 " set interface [XAuthEnabled {enable|disable}]\n"
1785 " set interface [XAuthPassword password]\n"
1786 " set interface [XAuthPasswordEncryption {Keychain}]\n"
1787 " set interface [OnDemandEnabled {enable|disable}]\n"
1788 " set interface [OnDemandMatch <match-options>]\n"
1791 #define N_IPSEC_OPTIONS (sizeof(ipsecOptions) / sizeof(ipsecOptions[0]))
1795 set_interface_ipsec(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1799 ok
= _process_options(ipsecOptions
, N_IPSEC_OPTIONS
, argc
, argv
, newConfiguration
);
1805 #pragma mark FireWire options
1808 static options firewireOptions
[] = {
1809 { "mtu" , NULL
, isNumber
, &kSCPropNetEthernetMTU
, NULL
, NULL
},
1810 { "media" , NULL
, isString
, &kSCPropNetEthernetMediaSubType
, NULL
, NULL
},
1811 { "mediaopt" , NULL
, isStringArray
, &kSCPropNetEthernetMediaOptions
, NULL
, NULL
},
1813 { "?" , NULL
, isHelp
, NULL
, NULL
,
1814 "\nFireWire configuration commands\n\n"
1815 " set interface [mtu n] [media type] [mediaopts opts]\n"
1818 #define N_FIREWIRE_OPTIONS (sizeof(firewireOptions) / sizeof(firewireOptions[0]))
1822 set_interface_firewire(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1824 CFStringRef interfaceName
;
1827 interfaceName
= SCNetworkInterfaceGetBSDName(net_interface
);
1828 if (interfaceName
== NULL
) {
1829 SCPrint(TRUE
, stdout
, CFSTR("no BSD interface\n"));
1833 ok
= _process_options(firewireOptions
, N_FIREWIRE_OPTIONS
, argc
, argv
, newConfiguration
);
1835 // validate configuration
1836 if (!validateMediaOptions(net_interface
, newConfiguration
)) {
1846 #pragma mark Modem options
1849 static selections modemDialSelections
[] = {
1850 { CFSTR("ignore"), &kSCValNetModemDialModeIgnoreDialTone
, 0 },
1851 { CFSTR("manual"), &kSCValNetModemDialModeManual
, 0 },
1852 { CFSTR("wait") , &kSCValNetModemDialModeWaitForDialTone
, 0 },
1856 static options modemOptions
[] = {
1857 { "ConnectionPersonality" , "NULL" , isString
, &kSCPropNetModemConnectionPersonality
, NULL
, NULL
},
1858 { "DeviceModel" , "model" , isString
, &kSCPropNetModemDeviceModel
, NULL
, NULL
},
1859 { "DeviceVendor" , "vendor", isString
, &kSCPropNetModemDeviceVendor
, NULL
, NULL
},
1860 { "ConnectionScript" , "script", isString
, &kSCPropNetModemConnectionScript
, NULL
, NULL
},
1861 { "DialMode" , "mode" , isChooseOne
, &kSCPropNetModemDialMode
, NULL
, (void *)modemDialSelections
},
1862 { "CallWaiting" , NULL
, isBoolean
, &kSCPropNetModemHoldEnabled
, NULL
, NULL
},
1863 { "CallWaitingAlert" , NULL
, isBoolean
, &kSCPropNetModemHoldCallWaitingAudibleAlert
, NULL
, NULL
},
1864 { "CallWaitingDisconnectOnAnswer", NULL
, isBoolean
, &kSCPropNetModemHoldDisconnectOnAnswer
, NULL
, NULL
},
1865 { "DataCompression" , NULL
, isBoolean
, &kSCPropNetModemDataCompression
, NULL
, NULL
},
1866 { "ErrorCorrection" , NULL
, isBoolean
, &kSCPropNetModemErrorCorrection
, NULL
, NULL
},
1867 { "HoldReminder" , NULL
, isBoolean
, &kSCPropNetModemHoldReminder
, NULL
, NULL
},
1868 { "HoldReminderTime" , "time" , isNumber
, &kSCPropNetModemHoldReminderTime
, NULL
, NULL
},
1869 { "PulseDial" , NULL
, isBoolean
, &kSCPropNetModemPulseDial
, NULL
, NULL
},
1870 { "Speaker" , NULL
, isBoolean
, &kSCPropNetModemSpeaker
, NULL
, NULL
},
1872 { "?" , NULL
, isHelp
, NULL
, NULL
,
1873 "\nModem configuration commands\n\n"
1874 " set interface [DeviceVendor vendor]\n"
1875 " set interface [DeviceModel model]\n"
1876 " set interface [ConnectionPersonality personality]\n"
1878 " set interface [ConnectionScript connection-script]\n"
1880 " set interface [CallWaiting {enable|disable}]\n"
1881 " set interface [CallWaitingAlert {enable|disable}]\n"
1882 " set interface [CallWaitingDisconnectOnAnswer {enable|disable}]\n"
1883 " set interface [DialMode {ignore|wait}]\n"
1884 " set interface [DataCompression {enable|disable}]\n"
1885 " set interface [ErrorCorrection {enable|disable}]\n"
1886 " set interface [HoldReminder {enable|disable}]\n"
1887 " set interface [HoldReminderTime n]\n"
1888 " set interface [PulseDial {enable|disable}]\n"
1889 " set interface [Speaker {enable|disable}]\n"
1892 #define N_MODEM_OPTIONS (sizeof(modemOptions) / sizeof(modemOptions[0]))
1896 set_interface_modem(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1900 ok
= _process_options(modemOptions
, N_MODEM_OPTIONS
, argc
, argv
, newConfiguration
);
1906 #pragma mark PPP options
1910 __doPPPAuthPW(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1912 CFStringRef encryptionType
;
1915 SCPrint(TRUE
, stdout
, CFSTR("PPP password not specified\n"));
1919 encryptionType
= CFDictionaryGetValue(newConfiguration
, kSCPropNetPPPAuthPasswordEncryption
);
1920 if (strlen(argv
[0]) > 0) {
1921 if (encryptionType
== NULL
) {
1922 #ifdef INLINE_PASSWORDS_USE_CFSTRING
1925 pw
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1926 #else // INLINE_PASSWORDS_USE_CFSTRING
1928 CFMutableDataRef pw
;
1931 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1932 n
= CFStringGetLength(str
);
1933 pw
= CFDataCreateMutable(NULL
, n
* sizeof(UniChar
));
1934 CFDataSetLength(pw
, n
* sizeof(UniChar
));
1935 /* ALIGN: CF aligns to at least >8 byte boundries */
1936 CFStringGetCharacters(str
,
1938 (UniChar
*)(void *)CFDataGetMutableBytePtr(pw
));
1940 #endif // INLINE_PASSWORDS_USE_CFSTRING
1942 CFDictionarySetValue(newConfiguration
, key
, pw
);
1944 } else if (CFEqual(encryptionType
, kSCValNetPPPAuthPasswordEncryptionKeychain
)) {
1949 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
1950 pw
= CFStringCreateExternalRepresentation(NULL
, str
, kCFStringEncodingUTF8
, 0);
1951 ok
= SCNetworkInterfaceSetPassword(net_interface
,
1952 kSCNetworkInterfacePasswordTypePPP
,
1958 updateInterfaceConfiguration(newConfiguration
);
1963 SCPrint(TRUE
, stdout
, CFSTR("PPP password type \"%@\" not supported\n"), encryptionType
);
1967 if (encryptionType
== NULL
) {
1968 CFDictionaryRemoveValue(newConfiguration
, key
);
1969 } else if (CFEqual(encryptionType
, kSCValNetPPPAuthPasswordEncryptionKeychain
)) {
1972 ok
= SCNetworkInterfaceRemovePassword(net_interface
, kSCNetworkInterfacePasswordTypePPP
);
1974 updateInterfaceConfiguration(newConfiguration
);
1979 SCPrint(TRUE
, stdout
, CFSTR("PPP password type \"%@\" not supported\n"), encryptionType
);
1989 __doPPPAuthPWType(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
1992 SCPrint(TRUE
, stdout
, CFSTR("PPP password type mode not specified\n"));
1996 if (strlen(argv
[0]) > 0) {
1997 if (strcasecmp(argv
[0], "keychain") == 0) {
1998 CFDictionarySetValue(newConfiguration
, key
, kSCValNetPPPAuthPasswordEncryptionKeychain
);
2000 SCPrint(TRUE
, stdout
, CFSTR("invalid password type\n"));
2004 CFDictionaryRemoveValue(newConfiguration
, key
);
2007 // encryption type changed, reset password
2008 CFDictionaryRemoveValue(newConfiguration
, kSCPropNetPPPAuthPassword
);
2014 static options l2tp_ipsecOptions
[] = {
2015 { "SharedSecret" , NULL
, isOther
, &kSCPropNetIPSecSharedSecret
, __doIPSecSharedSecret
, NULL
},
2016 { "SharedSecretEncryption", NULL
, isOther
, &kSCPropNetIPSecSharedSecretEncryption
, __doIPSecSharedSecretType
, NULL
},
2018 { "?" , NULL
, isHelp
, NULL
, NULL
,
2019 "\nIPSec configuration commands\n\n"
2020 " set interface ipsec [SharedSecret secret]\n"
2021 " set interface ipsec [SharedSecretEncryption {Keychain}]\n"
2024 #define N_L2TP_IPSEC_OPTIONS (sizeof(l2tp_ipsecOptions) / sizeof(l2tp_ipsecOptions[0]))
2028 __doPPPIPSec(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newPPPConfiguration
)
2030 SCNetworkInterfaceRef childInterface
;
2031 CFStringRef childInterfaceType
;
2032 CFDictionaryRef configuration
;
2033 CFMutableDictionaryRef newConfiguration
;
2037 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
2041 childInterface
= SCNetworkInterfaceGetInterface(net_interface
);
2042 if (childInterface
== NULL
) {
2043 SCPrint(TRUE
, stdout
, CFSTR("this interfaces configuration cannot be changed\n"));
2047 childInterfaceType
= SCNetworkInterfaceGetInterfaceType(childInterface
);
2048 if (!CFEqual(childInterfaceType
, kSCNetworkInterfaceTypeL2TP
)) {
2049 SCPrint(TRUE
, stdout
, CFSTR("this interfaces configuration cannot be changed\n"));
2053 configuration
= SCNetworkInterfaceGetExtendedConfiguration(net_interface
, kSCEntNetIPSec
);
2054 if (configuration
== NULL
) {
2055 newConfiguration
= CFDictionaryCreateMutable(NULL
,
2057 &kCFTypeDictionaryKeyCallBacks
,
2058 &kCFTypeDictionaryValueCallBacks
);
2060 newConfiguration
= CFDictionaryCreateMutableCopy(NULL
, 0, configuration
);
2061 CFDictionaryRemoveValue(newConfiguration
, kSCResvInactive
);
2064 ok
= _process_options(l2tp_ipsecOptions
, N_L2TP_IPSEC_OPTIONS
, argc
, argv
, newConfiguration
);
2069 if (((configuration
== NULL
) && (CFDictionaryGetCount(newConfiguration
) > 0)) ||
2070 ((configuration
!= NULL
) && !CFEqual(configuration
, newConfiguration
))) {
2071 if (!SCNetworkInterfaceSetExtendedConfiguration(net_interface
, kSCEntNetIPSec
, newConfiguration
)) {
2072 if (SCError() == kSCStatusNoKey
) {
2073 SCPrint(TRUE
, stdout
, CFSTR("could not update per-service interface configuration\n"));
2075 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
2080 _prefs_changed
= TRUE
;
2085 if (newConfiguration
!= NULL
) CFRelease(newConfiguration
);
2091 static options pppOnDemandOptions
[] = {
2092 { "OnDemandMatchDomainsAlways" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsAlways
, __doOnDemandDomains
, NULL
},
2093 { "always" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsAlways
, __doOnDemandDomains
, NULL
},
2094 { "OnDemandMatchDomainsOnRetry", "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsOnRetry
, __doOnDemandDomains
, NULL
},
2095 { "retry" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsOnRetry
, __doOnDemandDomains
, NULL
},
2096 { "OnDemandMatchDomainsNever" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsNever
, __doOnDemandDomains
, NULL
},
2097 { "never" , "domain", isOther
, &kSCPropNetPPPOnDemandMatchDomainsNever
, __doOnDemandDomains
, NULL
},
2099 { "?" , NULL
, isHelp
, NULL
, NULL
,
2100 "\nOnDemandMatch configuration commands\n\n"
2101 " set interface OnDemand always domain-name[,domain-name]\n"
2102 " set interface OnDemand retry domain-name[,domain-name]\n"
2103 " set interface OnDemand never domain-name[,domain-name]\n"
2106 #define N_PPP_ONDEMAND_OPTIONS (sizeof(pppOnDemandOptions) / sizeof(pppOnDemandOptions[0]))
2110 __doPPPOnDemandMatch(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2115 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
2119 ok
= _process_options(pppOnDemandOptions
, N_PPP_ONDEMAND_OPTIONS
, argc
, argv
, newConfiguration
);
2131 static selections authPromptSelections
[] = {
2132 { CFSTR("before"), &kSCValNetPPPAuthPromptBefore
, 0 },
2133 { CFSTR("after") , &kSCValNetPPPAuthPromptAfter
, 0 },
2138 static selections authProtocolSelections
[] = {
2139 { CFSTR("CHAP") , &kSCValNetPPPAuthProtocolCHAP
, 0 },
2140 { CFSTR("EAP") , &kSCValNetPPPAuthProtocolEAP
, 0 },
2141 { CFSTR("MSCHAP1"), &kSCValNetPPPAuthProtocolMSCHAP1
, 0 },
2142 { CFSTR("MSCHAP2"), &kSCValNetPPPAuthProtocolMSCHAP2
, 0 },
2143 { CFSTR("PAP") , &kSCValNetPPPAuthProtocolPAP
, 0 },
2148 static options pppOptions
[] = {
2149 { "ACSP" , NULL
, isBoolean
, &kSCPropNetPPPACSPEnabled
, NULL
, NULL
},
2150 { "ConnectTime" , "?time" , isNumber
, &kSCPropNetPPPConnectTime
, NULL
, NULL
},
2151 { "DialOnDemand" , NULL
, isBoolean
, &kSCPropNetPPPDialOnDemand
, NULL
, NULL
},
2152 { "DisconnectOnFastUserSwitch", NULL
, isBoolean
, &kSCPropNetPPPDisconnectOnFastUserSwitch
, NULL
, NULL
},
2153 { "DisconnectOnIdle" , NULL
, isBoolean
, &kSCPropNetPPPDisconnectOnIdle
, NULL
, NULL
},
2154 { "DisconnectOnIdleTimer" , "timeout" , isNumber
, &kSCPropNetPPPDisconnectOnIdleTimer
, NULL
, NULL
},
2155 { "DisconnectOnLogout" , NULL
, isBoolean
, &kSCPropNetPPPDisconnectOnLogout
, NULL
, NULL
},
2156 { "DisconnectOnSleep" , NULL
, isBoolean
, &kSCPropNetPPPDisconnectOnSleep
, NULL
, NULL
},
2157 { "DisconnectTime" , "?time" , isNumber
, &kSCPropNetPPPDisconnectTime
, NULL
, NULL
},
2158 { "IdleReminder" , NULL
, isBoolean
, &kSCPropNetPPPIdleReminder
, NULL
, NULL
},
2159 { "IdleReminderTimer" , "time" , isNumber
, &kSCPropNetPPPIdleReminderTimer
, NULL
, NULL
},
2160 { "Logfile" , "path" , isString
, &kSCPropNetPPPLogfile
, NULL
, NULL
},
2161 { "Plugins" , "plugin" , isStringArray
, &kSCPropNetPPPPlugins
, NULL
, NULL
},
2162 { "RetryConnectTime" , "time" , isNumber
, &kSCPropNetPPPRetryConnectTime
, NULL
, NULL
},
2163 { "SessionTimer" , "time" , isNumber
, &kSCPropNetPPPSessionTimer
, NULL
, NULL
},
2164 { "UseSessionTimer" , NULL
, isBoolean
, &kSCPropNetPPPUseSessionTimer
, NULL
, NULL
},
2165 { "VerboseLogging" , NULL
, isBoolean
, &kSCPropNetPPPVerboseLogging
, NULL
, NULL
},
2168 { "AuthEAPPlugins" , "plugin" , isStringArray
, &kSCPropNetPPPAuthEAPPlugins
, NULL
, NULL
},
2169 { "AuthName" , "account" , isString
, &kSCPropNetPPPAuthName
, NULL
, NULL
},
2170 { "Account" , "account" , isString
, &kSCPropNetPPPAuthName
, NULL
, NULL
},
2171 { "AuthPassword" , "password" , isOther
, &kSCPropNetPPPAuthPassword
, __doPPPAuthPW
, NULL
},
2172 { "Password" , "password" , isOther
, &kSCPropNetPPPAuthPassword
, __doPPPAuthPW
, NULL
},
2173 { "AuthPasswordEncryption" , "type" , isOther
, &kSCPropNetPPPAuthPasswordEncryption
, __doPPPAuthPWType
, NULL
},
2174 { "AuthPrompt" , "before/after", isChooseOne
, &kSCPropNetPPPAuthPrompt
, NULL
, (void *)authPromptSelections
},
2175 { "AuthProtocol" , "protocol" , isChooseMultiple
, &kSCPropNetPPPAuthProtocol
, NULL
, (void *)authProtocolSelections
},
2178 { "CommRemoteAddress" , "phone#" , isString
, &kSCPropNetPPPCommRemoteAddress
, NULL
, NULL
},
2179 { "Number" , "phone#" , isString
, &kSCPropNetPPPCommRemoteAddress
, NULL
, NULL
},
2180 { "CommAlternateRemoteAddress", "phone#" , isString
, &kSCPropNetPPPCommAlternateRemoteAddress
, NULL
, NULL
},
2181 { "CommConnectDelay" , "time" , isNumber
, &kSCPropNetPPPCommConnectDelay
, NULL
, NULL
},
2182 { "CommDisplayTerminalWindow" , NULL
, isBoolean
, &kSCPropNetPPPCommDisplayTerminalWindow
, NULL
, NULL
},
2183 { "CommRedialCount" , "retry count" , isNumber
, &kSCPropNetPPPCommRedialCount
, NULL
, NULL
},
2184 { "CommRedialEnabled" , NULL
, isBoolean
, &kSCPropNetPPPCommRedialEnabled
, NULL
, NULL
},
2185 { "CommRedialInterval" , "retry delay" , isNumber
, &kSCPropNetPPPCommRedialInterval
, NULL
, NULL
},
2186 { "CommTerminalScript" , "script" , isString
, &kSCPropNetPPPCommTerminalScript
, NULL
, NULL
},
2187 { "CommUseTerminalScript" , NULL
, isBoolean
, &kSCPropNetPPPCommUseTerminalScript
, NULL
, NULL
},
2190 { "CCPEnabled" , NULL
, isBoolean
, &kSCPropNetPPPCCPEnabled
, NULL
, NULL
},
2191 { "CCPMPPE40Enabled" , NULL
, isBoolean
, &kSCPropNetPPPCCPMPPE40Enabled
, NULL
, NULL
},
2192 { "CCPMPPE128Enabled" , NULL
, isBoolean
, &kSCPropNetPPPCCPMPPE128Enabled
, NULL
, NULL
},
2195 { "IPCPCompressionVJ" , NULL
, isBoolean
, &kSCPropNetPPPIPCPCompressionVJ
, NULL
, NULL
},
2196 { "IPCPUsePeerDNS" , NULL
, isBoolean
, &kSCPropNetPPPIPCPUsePeerDNS
, NULL
, NULL
},
2199 { "LCPEchoEnabled" , NULL
, isBoolean
, &kSCPropNetPPPLCPEchoEnabled
, NULL
, NULL
},
2200 { "LCPEchoFailure" , NULL
, isNumber
, &kSCPropNetPPPLCPEchoFailure
, NULL
, NULL
},
2201 { "LCPEchoInterval" , NULL
, isNumber
, &kSCPropNetPPPLCPEchoInterval
, NULL
, NULL
},
2202 { "LCPCompressionACField" , NULL
, isBoolean
, &kSCPropNetPPPLCPCompressionACField
, NULL
, NULL
},
2203 { "LCPCompressionPField" , NULL
, isBoolean
, &kSCPropNetPPPLCPCompressionPField
, NULL
, NULL
},
2204 { "LCPMRU" , NULL
, isNumber
, &kSCPropNetPPPLCPMRU
, NULL
, NULL
},
2205 { "LCPMTU" , NULL
, isNumber
, &kSCPropNetPPPLCPMTU
, NULL
, NULL
},
2206 { "LCPReceiveACCM" , NULL
, isNumber
, &kSCPropNetPPPLCPReceiveACCM
, NULL
, NULL
},
2207 { "LCPTransmitACCM" , NULL
, isNumber
, &kSCPropNetPPPLCPTransmitACCM
, NULL
, NULL
},
2210 { "IPSec" , NULL
, isOther
, NULL
, __doPPPIPSec
, NULL
},
2213 // --- OnDemand: ---
2214 { "OnDemandEnabled" , NULL
, isBoolean
, &kSCPropNetPPPOnDemandEnabled
, NULL
, NULL
},
2215 { "OnDemandMatch" , NULL
, isOther
, NULL
, __doPPPOnDemandMatch
, NULL
},
2219 { "?" , NULL
, isHelp
, NULL
, NULL
,
2220 "\nPPP configuration commands\n\n"
2221 " set interface [Account account]\n"
2222 " set interface [Password password]\n"
2223 " set interface [Number telephone-number]\n"
2224 " set interface [AlternateNumber telephone-number]\n"
2225 " set interface [IdleReminder {enable|disable}]\n"
2226 " set interface [IdleReminderTimer time-in-seconds]\n"
2227 " set interface [DisconnectOnIdle {enable|disable}]\n"
2228 " set interface [DisconnectOnIdleTimer time-in-seconds]\n"
2229 " set interface [DisconnectOnLogout {enable|disable}]\n"
2230 " set interface [IPSec <ipsec-options>]\n"
2232 " set interface [OnDemandEnabled {enable|disable}]\n"
2233 " set interface [OnDemandMatch <match-options>]\n"
2237 #define N_PPP_OPTIONS (sizeof(pppOptions) / sizeof(pppOptions[0]))
2241 set_interface_ppp(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2245 ok
= _process_options(pppOptions
, N_PPP_OPTIONS
, argc
, argv
, newConfiguration
);
2251 #pragma mark VLAN options
2255 set_interface_vlan(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2257 // xxxxx ("device", "tag")
2258 SCPrint(TRUE
, stdout
, CFSTR("vlan interface management not yet supported\n"));
2264 #pragma mark VPN options
2268 __doVPNAuthPW(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2270 CFStringRef encryptionType
;
2273 SCPrint(TRUE
, stdout
, CFSTR("VPN password not specified\n"));
2277 encryptionType
= CFDictionaryGetValue(newConfiguration
, kSCPropNetVPNAuthPasswordEncryption
);
2278 if (strlen(argv
[0]) > 0) {
2279 if (encryptionType
== NULL
) {
2280 #ifdef INLINE_PASSWORDS_USE_CFSTRING
2283 pw
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
2284 #else // INLINE_PASSWORDS_USE_CFSTRING
2286 CFMutableDataRef pw
;
2289 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
2290 n
= CFStringGetLength(str
);
2291 pw
= CFDataCreateMutable(NULL
, n
* sizeof(UniChar
));
2292 CFDataSetLength(pw
, n
* sizeof(UniChar
));
2293 CFStringGetCharacters(str
,
2295 (UniChar
*)(void *)CFDataGetMutableBytePtr(pw
));
2297 #endif // INLINE_PASSWORDS_USE_CFSTRING
2299 CFDictionarySetValue(newConfiguration
, key
, pw
);
2301 } else if (CFEqual(encryptionType
, kSCValNetVPNAuthPasswordEncryptionKeychain
)) {
2306 str
= CFStringCreateWithCString(NULL
, argv
[0], kCFStringEncodingUTF8
);
2307 pw
= CFStringCreateExternalRepresentation(NULL
, str
, kCFStringEncodingUTF8
, 0);
2308 ok
= SCNetworkInterfaceSetPassword(net_interface
,
2309 kSCNetworkInterfacePasswordTypeVPN
,
2315 updateInterfaceConfiguration(newConfiguration
);
2320 SCPrint(TRUE
, stdout
, CFSTR("VPN password type \"%@\" not supported\n"), encryptionType
);
2324 if (encryptionType
== NULL
) {
2325 CFDictionaryRemoveValue(newConfiguration
, key
);
2326 } else if (CFEqual(encryptionType
, kSCValNetVPNAuthPasswordEncryptionKeychain
)) {
2329 ok
= SCNetworkInterfaceRemovePassword(net_interface
, kSCNetworkInterfacePasswordTypeVPN
);
2331 updateInterfaceConfiguration(newConfiguration
);
2336 SCPrint(TRUE
, stdout
, CFSTR("PPP password type \"%@\" not supported\n"), encryptionType
);
2346 __doVPNAuthPWType(CFStringRef key
, const char *description
, void *info
, int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2349 SCPrint(TRUE
, stdout
, CFSTR("VPN password type mode not specified\n"));
2353 if (strlen(argv
[0]) > 0) {
2354 if (strcasecmp(argv
[0], "keychain") == 0) {
2355 CFDictionarySetValue(newConfiguration
, key
, kSCValNetVPNAuthPasswordEncryptionKeychain
);
2356 } else if (strcasecmp(argv
[0], "prompt") == 0) {
2357 CFDictionarySetValue(newConfiguration
, key
, kSCValNetVPNAuthPasswordEncryptionPrompt
);
2359 SCPrint(TRUE
, stdout
, CFSTR("invalid password type\n"));
2363 CFDictionaryRemoveValue(newConfiguration
, key
);
2366 // encryption type changed, reset password
2367 CFDictionaryRemoveValue(newConfiguration
, kSCPropNetVPNAuthPassword
);
2373 static selections vpnAuthenticationMethodSelections
[] = {
2374 { CFSTR("Password") , &kSCValNetVPNAuthenticationMethodPassword
, 0 },
2375 { CFSTR("Certificate") , &kSCValNetVPNAuthenticationMethodCertificate
, 0 },
2380 static options vpnOptions
[] = {
2381 { "AuthName" , "account" , isString
, &kSCPropNetVPNAuthName
, NULL
, NULL
},
2382 { "Account" , "account" , isString
, &kSCPropNetVPNAuthName
, NULL
, NULL
},
2383 { "AuthPassword" , "password" , isOther
, &kSCPropNetVPNAuthPassword
, __doVPNAuthPW
, NULL
},
2384 { "Password" , "password" , isOther
, &kSCPropNetVPNAuthPassword
, __doVPNAuthPW
, NULL
},
2385 { "AuthPasswordEncryption" , "type" , isOther
, &kSCPropNetVPNAuthPasswordEncryption
, __doVPNAuthPWType
, NULL
},
2386 { "AuthenticationMethod" , NULL
, isChooseOne
, &kSCPropNetVPNAuthenticationMethod
, NULL
, (void *)vpnAuthenticationMethodSelections
},
2387 { "ConnectTime" , "?time" , isNumber
, &kSCPropNetVPNConnectTime
, NULL
, NULL
},
2388 { "DisconnectOnFastUserSwitch", NULL
, isBoolean
, &kSCPropNetVPNDisconnectOnFastUserSwitch
, NULL
, NULL
},
2389 { "DisconnectOnIdle" , NULL
, isBoolean
, &kSCPropNetVPNDisconnectOnIdle
, NULL
, NULL
},
2390 { "DisconnectOnIdleTimer" , "timeout" , isNumber
, &kSCPropNetVPNDisconnectOnIdleTimer
, NULL
, NULL
},
2391 { "DisconnectOnLogout" , NULL
, isBoolean
, &kSCPropNetVPNDisconnectOnLogout
, NULL
, NULL
},
2392 { "DisconnectOnSleep" , NULL
, isBoolean
, &kSCPropNetVPNDisconnectOnSleep
, NULL
, NULL
},
2393 { "Logfile" , "path" , isString
, &kSCPropNetVPNLogfile
, NULL
, NULL
},
2394 { "MTU" , NULL
, isNumber
, &kSCPropNetVPNMTU
, NULL
, NULL
},
2395 { "RemoteAddress" , "server" , isString
, &kSCPropNetVPNRemoteAddress
, NULL
, NULL
},
2396 { "Server" , "server" , isString
, &kSCPropNetVPNRemoteAddress
, NULL
, NULL
},
2397 { "VerboseLogging" , NULL
, isBoolean
, &kSCPropNetVPNVerboseLogging
, NULL
, NULL
},
2400 { "?" , NULL
, isHelp
, NULL
, NULL
,
2401 "\nVPN configuration commands\n\n"
2402 " set interface [Server server]\n"
2403 " set interface [Account account]\n"
2404 " set interface [Password password]\n"
2407 #define N_VPN_OPTIONS (sizeof(vpnOptions) / sizeof(vpnOptions[0]))
2411 set_interface_vpn(int argc
, char **argv
, CFMutableDictionaryRef newConfiguration
)
2415 ok
= _process_options(vpnOptions
, N_VPN_OPTIONS
, argc
, argv
, newConfiguration
);
2421 #pragma mark [more] Interface management
2426 set_interface(int argc
, char **argv
)
2428 CFDictionaryRef configuration
;
2429 CFStringRef interfaceType
;
2430 CFMutableDictionaryRef newConfiguration
= NULL
;
2433 if (net_interface
== NULL
) {
2434 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
2439 SCPrint(TRUE
, stdout
, CFSTR("set what?\n"));
2443 configuration
= SCNetworkInterfaceGetConfiguration(net_interface
);
2444 if (configuration
!= NULL
) {
2445 configuration
= CFDictionaryCreateCopy(NULL
, configuration
);
2446 newConfiguration
= CFDictionaryCreateMutableCopy(NULL
, 0, configuration
);
2447 CFDictionaryRemoveValue(newConfiguration
, kSCResvInactive
);
2449 newConfiguration
= CFDictionaryCreateMutable(NULL
,
2451 &kCFTypeDictionaryKeyCallBacks
,
2452 &kCFTypeDictionaryValueCallBacks
);
2455 interfaceType
= SCNetworkInterfaceGetInterfaceType(net_interface
);
2457 if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeEthernet
)) {
2458 ok
= set_interface_ethernet(argc
, argv
, newConfiguration
);
2459 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeFireWire
)) {
2460 ok
= set_interface_firewire(argc
, argv
, newConfiguration
);
2461 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeIPSec
)) {
2462 ok
= set_interface_ipsec(argc
, argv
, newConfiguration
);
2463 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeModem
)) {
2464 ok
= set_interface_modem(argc
, argv
, newConfiguration
);
2465 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeIEEE80211
)) {
2466 ok
= set_interface_airport(argc
, argv
, newConfiguration
);
2467 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypePPP
)) {
2468 ok
= set_interface_ppp(argc
, argv
, newConfiguration
);
2469 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeBond
)) {
2470 ok
= set_interface_bond(argc
, argv
, newConfiguration
);
2471 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeBridge
)) {
2472 ok
= set_interface_bridge(argc
, argv
, newConfiguration
);
2473 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeVLAN
)) {
2474 ok
= set_interface_vlan(argc
, argv
, newConfiguration
);
2475 } else if (CFEqual(interfaceType
, kSCNetworkInterfaceTypeVPN
)) {
2476 ok
= set_interface_vpn(argc
, argv
, newConfiguration
);
2478 SCPrint(TRUE
, stdout
, CFSTR("this interfaces configuration cannot be changed\n"));
2485 if (((configuration
== NULL
) && (CFDictionaryGetCount(newConfiguration
) > 0)) ||
2486 ((configuration
!= NULL
) && !CFEqual(configuration
, newConfiguration
))) {
2487 if (!SCNetworkInterfaceSetConfiguration(net_interface
, newConfiguration
)) {
2488 if (SCError() == kSCStatusNoKey
) {
2489 SCPrint(TRUE
, stdout
, CFSTR("could not update per-service interface configuration\n"));
2491 SCPrint(TRUE
, stdout
, CFSTR("%s\n"), SCErrorString(SCError()));
2496 _prefs_changed
= TRUE
;
2501 if (configuration
!= NULL
) CFRelease(configuration
);
2502 if (newConfiguration
!= NULL
) CFRelease(newConfiguration
);
2507 /* -------------------- */
2512 show_interface(int argc
, char **argv
)
2514 SCNetworkInterfaceRef interface
;
2517 interface
= _find_interface(argc
, argv
, NULL
);
2519 if (net_interface
!= NULL
) {
2520 interface
= net_interface
;
2522 SCPrint(TRUE
, stdout
, CFSTR("interface not selected\n"));
2527 if (interface
!= NULL
) {
2528 _show_interface(interface
, CFSTR(""), TRUE
);
2535 /* -------------------- */
2539 CF_RETURNS_RETAINED CFStringRef
2540 _interface_description(SCNetworkInterfaceRef interface
)
2542 CFMutableStringRef description
;
2543 CFStringRef if_bsd_name
;
2544 CFStringRef if_type
;
2546 description
= CFStringCreateMutable(NULL
, 0);
2548 if_type
= SCNetworkInterfaceGetInterfaceType(interface
);
2549 CFStringAppend(description
, if_type
);
2551 if_bsd_name
= SCNetworkInterfaceGetBSDName(interface
);
2552 if (if_bsd_name
!= NULL
) {
2553 CFStringAppendFormat(description
, NULL
, CFSTR(" (%@)"), if_bsd_name
);
2556 interface
= SCNetworkInterfaceGetInterface(interface
);
2557 while ((interface
!= NULL
) &&
2558 !CFEqual(interface
, kSCNetworkInterfaceIPv4
)) {
2559 CFStringRef childDescription
;
2561 childDescription
= _interface_description(interface
);
2562 CFStringAppendFormat(description
, NULL
, CFSTR(" / %@"), childDescription
);
2563 CFRelease(childDescription
);
2565 interface
= SCNetworkInterfaceGetInterface(interface
);