-
-
Save fireball2018/dd6544701bd234c08e9a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - (void)viewDidLoad | |
| { | |
| [super viewDidLoad]; | |
| // init VPN manager | |
| self.vpnManager = [NEVPNManager sharedManager]; | |
| // load config from perference | |
| [_vpnManager loadFromPreferencesWithCompletionHandler:^(NSError *error) { | |
| if (error) { | |
| NSLog(@"Load config failed [%@]", error.localizedDescription); | |
| return; | |
| } | |
| if (_vpnManager.protocol) { | |
| // config exists | |
| } | |
| // config IPSec protocol | |
| NEVPNProtocolIPSec *p = [[NEVPNProtocolIPSec alloc] init]; | |
| p.username = @"[Your username]"; | |
| p.serverAddress = @"[Your server address]";; | |
| // get password persistent reference from keychain | |
| p.passwordReference = [self searchKeychainCopyMatching:@"VPN_PASSWORD"]; | |
| // PSK | |
| p.authenticationMethod = NEVPNIKEAuthenticationMethodSharedSecret; | |
| p.sharedSecretReference = [self searchKeychainCopyMatching:@"PSK"]; | |
| /* | |
| // certificate | |
| p.identityData = [NSData dataWithContentsOfFile:[[NSBundle mainBundle] pathForResource:@"client" ofType:@"p12"]]; | |
| p.identityDataPassword = @"[Your certificate import password]"; | |
| */ | |
| p.localIdentifier = @"[VPN local identifier]"; | |
| p.remoteIdentifier = @"[VPN remote identifier]"; | |
| p.useExtendedAuthentication = YES; | |
| p.disconnectOnSleep = NO; | |
| _vpnManager.protocol = p; | |
| _vpnManager.localizedDescription = @"IPSec Demo"; | |
| [_vpnManager saveToPreferencesWithCompletionHandler:^(NSError *error) { | |
| NSLog(@"Save config failed [%@]", error.localizedDescription); | |
| }]; | |
| }]; | |
| } | |
| - (IBAction)startVPNConnection:(id)sender { | |
| //[[VodManager sharedManager] installVPNProfile]; | |
| NSError *startError; | |
| [_vpnManager.connection startVPNTunnelAndReturnError:&startError]; | |
| if (startError) { | |
| NSLog("Start VPN failed: [%@]", startError.localizedDescription); | |
| } | |
| } | |
| static NSString * const serviceName = @"im.zorro.ipsec_demo.vpn_config"; | |
| - (NSData *)searchKeychainCopyMatching:(NSString *)identifier { | |
| NSMutableDictionary *searchDictionary = [[NSMutableDictionary alloc] init]; | |
| NSData *encodedIdentifier = [identifier dataUsingEncoding:NSUTF8StringEncoding]; | |
| searchDictionary[(__bridge id)kSecClass] = (__bridge id)kSecClassGenericPassword; | |
| searchDictionary[(__bridge id)kSecAttrGeneric] = encodedIdentifier; | |
| searchDictionary[(__bridge id)kSecAttrAccount] = encodedIdentifier; | |
| searchDictionary[(__bridge id)kSecAttrService] = serviceName; | |
| searchDictionary[(__bridge id)kSecMatchLimit] = (__bridge id)kSecMatchLimitOne; | |
| searchDictionary[(__bridge id)kSecReturnPersistentRef] = @YES; | |
| CFTypeRef result = NULL; | |
| SecItemCopyMatching((__bridge CFDictionaryRef)searchDictionary, &result); | |
| return (__bridge_transfer NSData *)result; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment