0.1.1 doesn't seem to add anything at all #13

Dan2552 · 2015-10-28T23:47:40Z

cisco VPN
0.1.0 worked but doesn't support adding groupname

It provides warnings fine if you miss out settings:
Warning: You did not provide a group name for service <abc>

The text was updated successfully, but these errors were encountered:

halo · 2015-10-29T08:09:12Z

Hi Dan, thanks for your feedback!

Which parameters do you provide to the command? (I'm asking to make sure this is not a problem)
Which output do you get? (I'm asking because I ran into hard-crashes before that would "not do anything", as you describe it)
Does the --debug output show you anything useful? (I'm asking because I want to find out where exactly it hangs)

Also, please try this version. (I basically just made sure it compiled correctly and I added more debugging output where I suspect it could crash).

Dan2552 · 2015-10-29T09:15:30Z

if [[ $(which macosvpn) == "" ]]; then
  # by flipping the version here, on 0.1.0 it works
  sudo bash -c "curl -L https://github.com/halo/macosvpn/releases/download/0.1.1/macosvpn > /usr/local/bin/macosvpn"
  # sudo bash -c "curl -L https://github.com/halo/macosvpn/releases/download/0.1.0/macosvpn > /usr/local/bin/macosvpn"
  sudo chmod +x /usr/local/bin/macosvpn
fi

sudo macosvpn create --cisco name --endpoint my.endpoint.is.an.ip.address --username $vpn_username --password $vpn_password --groupname MYGROUPNAME --shared-secret $vpn_shared_secret

I'll hopefully be able to spend a bit of time debugging later today.

Dan2552 · 2015-10-29T19:32:06Z

scripts λ macosvpn --version                                          
0.1.2
scripts λ sudo macosvpn create --cisco test --endpoint test.test --username test --password test --groupname test --shared-secret test --debug

  You are running in debug mode

  Uncaptured argument values: /usr/local/bin/macosvpn
  So, you wish to create one or more VPN service(s).
  Gained superhuman rights.
  Creating new Cisco IPSec Service using <[Cisco IPSec] name=test endpointPrefix=(null) endpoint=test.test endpointSuffix=(null) username=test password=test sharedSecret=test localIdentifier=test>
  Cisco IPSec Service detected...
  Instantiating interface references...
  Creating a new, fresh VPN service in memory using the interface we already created
  That service is to have a name

halo · 2015-10-29T19:48:43Z

Ok, so far, the same thing happens to me. But then I ran it again and I got one log message further. Then it failed again 3 times, then it worked as normal and created the VPN as intended, then it kept failing again.

I really dislike random errors :/

halo · 2015-10-29T19:52:13Z

For what it's worth, I do see this warning log, but I even see that when it's working. So I don't suppose it's related.

Dan2552 · 2015-10-29T19:57:07Z

huh. Yeah, I just ran it 10 times in a row and 1 time it worked

halo · 2015-10-29T20:03:40Z

Maybe we need to convert it to Swift ;) I saw you're into that. I do wish I could speak it fluently.

Either way, one of the recent code changes must have introduced it. I guess I'll have to go through it step by tep. Other than that, I recently upgraded Yosemite to 10.10.5 (14F1021). You?

Dan2552 · 2015-10-29T20:04:40Z

If I run without sudo I get a popup to authenticate from OS X, but then my shell does report the following:

fish: 'macosvpn create --cisco test --…' terminated by signal SIGSEGV (Address boundary error)

Don't know if that helps...

Is there a way to pass in arguments when running from Xcode? Some breakpoints would be helpful. I've never touched an Objective-C command-line app before 😄

halo · 2015-10-29T20:04:52Z

I have another macbook on 10.10.3 or something will try it there. @arnieggertsson did you have any errors like this when you tried the new release? Which OS version are you on?

Dan2552 · 2015-10-29T20:05:14Z

I'm running 10.11.1 (15B42)

halo · 2015-10-29T20:11:53Z

If I run without sudo I get a popup to authenticate from OS X

See, that is how I originally intended the whole thing to work. That's how it was in the beginning. But at some point processes got prevented from elevating themselves. So I had to start using sudo.

Is there a way to pass in arguments when running from Xcode

Ah, I haven't even thought about that. You'd have to hack around somewhere in VPNArguments. There doesn't seem to be a way to set defaults in the readme.

steve-jansen · 2015-11-09T17:33:58Z

Is there a way to pass in arguments when running from Xcode

Xcode > Project > Scheme > Edit

Change to debug process as root, and pass args on launch:

steve-jansen · 2015-11-09T18:04:29Z

@halo This seems like a possibly bad build. I'm on OS X v10.10.5 and reproduce this issue with the GitHub pre-release binary; however, I cannot reproduce it with a local build of master (either Debug or Release build).

Using the GH Release Binary:

$ cd /tmp
$ curl -SLO https://github.com/halo/macosvpn/releases/download/0.1.1/macosvpn
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   581    0   581    0     0    585      0 --:--:-- --:--:-- --:--:--   585
100  393k  100  393k    0     0  44087      0  0:00:09  0:00:09 --:--:-- 84871+x od
$ chmod +x macosvpn
$ ./macosvpn --version
0.1.0
$ md5 ./macosvpn
MD5 (./macosvpn) = 7f81a4c2283b79cd6f3b369eb505ecd7
$ /usr/bin/macosvpn -v
0.1.0
$ md5 /usr/bin/macosvpn
MD5 (/usr/bin/macosvpn) = 5604e3145d17358539a78661a2d9fa21
$ sudo ./macosvpn create --cisco test --endpoint test.test --username test --password test --groupname test --shared-secret test --debug
  You are running in debug mode

  Uncaptured argument values: /tmp/macosvpn
  So, you wish to create one or more VPN service(s).
  Gained superhuman rights.
  Creating new Cisco IPSec Service using <[Cisco IPSec] name=test endpointPrefix=(null) endpoint=test.test endpointSuffix=(null) username=test password=test sharedSecret=test localIdentifier=test>
  L2TP Service detected...
  Instantiating interface references...
$

Local build of `ced57c1`:

$ sudo /Users/me/Library/Developer/Xcode/DerivedData/macosvpn-govqhcedfhzrxhaboujguohazmpf/Build/Products/Debug/macosvpn --version
0.1.2
$ sudo /Users/me/Library/Developer/Xcode/DerivedData/macosvpn-govqhcedfhzrxhaboujguohazmpf/Build/Products/Debug/macosvpn create --cisco test --endpoint test.test --username test --password test --groupname test --shared-secret test --debug

  You are running in debug mode

  Uncaptured argument values: /Users/me/Library/Developer/Xcode/DerivedData/macosvpn-govqhcedfhzrxhaboujguohazmpf/Build/Products/Debug/macosvpn
  So, you wish to create one or more VPN service(s).
  Gained superhuman rights.
  Creating new Cisco IPSec Service using <[Cisco IPSec] name=test endpointPrefix=(null) endpoint=test.test endpointSuffix=(null) username=test password=test sharedSecret=test localIdentifier=test>
  Cisco IPSec Service detected...
  Instantiating interface references...
  Creating a new, fresh VPN service in memory using the interface we already created
  That service is to have a name
  And we also woould like to know the internal ID of this service
  It will be used to find the correct passwords in the system keychain
  Deallocating obsolete interface references...
  Reloading top Interface...
  Configuring Cisco IPSec Service
  Successfully configured Cisco IPSec interface of service test
  Adding default protocols (DNS, etc.) to service test...
  Fetching set of all available network services...
  Fetching IPv4 protocol of service test...
  Configuring IPv4 protocol of service test...
  Commiting all changes including service test...
  Preparing to add Keychain items for service test...
  Succeeded opening System Keychain
  Unlocking System Keychain
  Succeeded unlocking System Keychain
  Created empty Keychain access object
  Successfully created Keychain Item
  Succeeded opening System Keychain
  Unlocking System Keychain
  Succeeded unlocking System Keychain
  Created empty Keychain access object
  Successfully created Keychain Item
  Successfully created Cisco IPSec VPN test with ID 35089AD9-B3E8-4335-9FF5-6C92A7385026

  Finished.

$

halo · 2015-11-10T13:38:03Z

@steve-jansen Thank you for explaining how to run this as root and how to add arguments :) Now I have a reliable way to crash Xcode haha. Seriously, every time I run that, it gives me the beachball somewhere in the VPNController create method :) But I could still reliably reproduce the issue 9 out of 10 times with the compiled local development executable.

So, I just went through all changes recently made and I believe I solved it. Turns out, NULL is not a good group name. See this commit. I'm not sure why, but now it doesn't crash for me any more and I can create as many VPNs as I like, of all types, and with and without group name.

@Dan2552 Would you mind giving master a try? Simply create one Cisco VPN with group name and one without.

And anyone who does that, needs to do it 10 times, because the crash only occurred randomly, and at random places :)

halo · 2015-11-10T14:45:02Z

(Because I had the problem locally and don't have it anymore, I went ahead and released 0.1.3 from latest master.)

Dan2552 · 2015-11-23T17:19:12Z

not having luck on my work computer running Yosemite. When I'm able to, I'll test on my home laptop again and do a bit of debugging with what Steve suggested.

halo · 2016-01-09T13:20:34Z

Ok, I think I found the issue. If the group is set, these Arrays need to have the size 9, otherwise 7. It works fine in each use case provided that rule is respected.

I'm not sure how to initialize a CFStringRef and set the size afterwards in a conditional. What's the syntax to conditionally define the size?

halo · 2016-01-09T18:47:22Z

Figured it out.

Dan2552 · 2016-01-11T09:35:42Z

Sorry to be the messenger... Doesn't look like everything is fixed; still failed but worked after running it a few times.

halo · 2016-01-11T12:52:40Z

Ok, this is getting ridiculous :) I experience the same thing now with the released executable (compiled for production).

halo · 2016-01-11T13:11:05Z

I just created dozens of services without problems. Both L2TP and Cisco, with and without group. 😮

I now uploaded the very executable I used just one minute ago for this into the 0.1.4 release. It was not compiled using "Archive", but it's simply the product of the debug "Command + b" building process.

Would you mind trying that one?

Dan2552 · 2016-01-11T14:12:37Z

Yes! It works every time!

halo · 2016-01-11T14:17:58Z

Thank you indeed. I can sleep well again ;)

steve-jansen · 2016-01-11T21:27:15Z

@halo didn't we see a situation previously where the official archive build didn't work as expected, but, a debug build did?

EDIT

See above ^^^ on Nov 9th

halo · 2016-01-12T18:14:12Z

Yes, I was just going to point to the same post :) I'll try to keep an eye on it in upcoming releases.

I'm wondering if Travis could catch this. Not sure if network services can be added there. Could be.

halo · 2016-05-05T19:27:18Z

Just to confirm: I'm working on integration specs which just call the macosvpn executable to test the actual functionality on Travis.

The Release configuration always crashes randomly. The Debug configuration works just fine. No, I don't know why ;)

@steve-jansen So you were absolutely right.

halo · 2016-06-09T18:54:33Z

I turned off "Code Optimization" for the Release configuration. Now it works just fine. Pchew!

See #13

* Updated for Xcode 8 Still using Swift 2.3 though * Travis: Use XCode 8 * Sierra compatibility halo#21 I took the chance and converted VPNServiceCreator to Swift * Version bump 0.2.1 -> 0.3.0 halo#21 * Updated changelog halo#21 * bundle update halo#21 * Extracted CFArray enumeration halo#21 * XCode project update halo#21 * PPP keychain items didn't change name, only cisco did Closes halo#23 * Prevented an Xcode warning halo#21 * Unified exit codes in enumerator * Updated Xcode project halo#21 * Added Sierra to README * Trying to cleanup double-XAUTH interpolation halo#23 This appears to work on Sierra now. Reportedly on El Capitan as well * Version bump 0.3.0 -> 0.3.1 * Making bundler on Travis happy * Updated download links on README * Added exit codes to CHANGELOG for 0.3.1 * Ruby on Travis 2.2.4 -> 2.2.5 Some gems depend on it * Xcode automated Swift upgrade * Do not activate code optimization, it will break functionality See halo#13 * Upgraded PrettyColors vendor library halo#30 * Updated CocoaLumberjack halo#30 * Fixed a compiler warning halo#30 * Explicitly unwrap all interpolated optional strings * Updated changelog halo#30 * Added disconnect on switch/logout flags halo#33 * Added disconnect on switch/logout to help halo#33 * How about not breaking code halo#33 * Added specs halo#33 * Version bump 0.3.1 -> 0.3.2 halo#33 * Making rubocop happy halo#33 I know I cheated ;) * Pulled upstream DDOSLogger halo#35 * Updated Xcode 8.3 -> 9.0 * Fixed compiler warnings Simply by updating the upstream classes * Version bump 0.3.2 -> 0.3.3 * Travis tests Xcode 8+9 * Added changelog for 0.3.3 * Clarified macOS version requirement in README [skip ci] * CI: Try only xcode 9 * Added delete subcommand halo#36 * Bundle update Github noted a security vulnerability in rubocop: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8418 * Target ruby 2.4 in tests * Rubocop --auto-correct * Relax ruby version in Gemfile for Travis * Use default Travis ruby version * Rubocop happiness * Compare same datatypes only halo#37 This breaks on compiling on El Capitan * Travis runs Xcode 8 as well halo#37

halo mentioned this issue Nov 9, 2015

Fixes #12 - "Send all traffic over VPN" CLI option #14

Merged

halo closed this as completed in ea97976 Jan 9, 2016

halo reopened this Jan 11, 2016

Dan2552 closed this as completed Jan 11, 2016

halo mentioned this issue Apr 25, 2017

Debug the project #29

Closed

halo added a commit that referenced this issue May 21, 2017

Do not activate code optimization, it will break functionality

78001b4

See #13

scottk212 mentioned this issue Oct 18, 2019

Update forked repository master branch (#1) #39

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

0.1.1 doesn't seem to add anything at all #13

0.1.1 doesn't seem to add anything at all #13

0.1.1 doesn't seem to add anything at all #13

0.1.1 doesn't seem to add anything at all #13

Comments

Using the GH Release Binary:

Local build of ced57c1:

Local build of `ced57c1`: