-
-
Save vmlinz/991f627ca9ff7d34c43c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - (void)viewDidLoad | |
| { | |
| [super viewDidLoad]; | |
| // init VPN manager | |
| self.vpnManager = [NEVPNManager sharedManager]; | |
| // load config from perference | |
| [_vpnManager loadFromPreferencesWithCompletionHandler:^(NSError *error) { | |
| if (error) { | |
| NSLog(@"Load config failed [%@]", error.localizedDescription); | |
| return; | |
| } | |
| if (_vpnManager.protocol) { | |
| // config exists | |
| } | |
| // config IPSec protocol | |
| NEVPNProtocolIPSec *p = [[NEVPNProtocolIPSec alloc] init]; | |
| p.username = @"[Your username]"; | |
| p.serverAddress = @"[Your server address]";; | |
| // get password persistent reference from keychain | |
| p.passwordReference = [self searchKeychainCopyMatching:@"VPN_PASSWORD"]; | |
| // PSK | |
| p.authenticationMethod = NEVPNIKEAuthenticationMethodSharedSecret; | |
| p.sharedSecretReference = [self searchKeychainCopyMatching:@"PSK"]; | |
| /* | |
| // certificate | |
| p.identityData = [NSData dataWithContentsOfFile:[[NSBundle mainBundle] pathForResource:@"client" ofType:@"p12"]]; | |
| p.identityDataPassword = @"[Your certificate import password]"; | |
| */ | |
| p.localIdentifier = @"[VPN local identifier]"; | |
| p.remoteIdentifier = @"[VPN remote identifier]"; | |
| p.useExtendedAuthentication = YES; | |
| p.disconnectOnSleep = NO; | |
| _vpnManager.protocol = p; | |
| _vpnManager.localizedDescription = @"IPSec Demo"; | |
| [_vpnManager saveToPreferencesWithCompletionHandler:^(NSError *error) { | |
| NSLog(@"Save config failed [%@]", error.localizedDescription); | |
| }]; | |
| }]; | |
| } | |
| - (IBAction)startVPNConnection:(id)sender { | |
| //[[VodManager sharedManager] installVPNProfile]; | |
| NSError *startError; | |
| [_vpnManager.connection startVPNTunnelAndReturnError:&startError]; | |
| if (startError) { | |
| NSLog("Start VPN failed: [%@]", startError.localizedDescription); | |
| } | |
| } | |
| static NSString * const serviceName = @"im.zorro.ipsec_demo.vpn_config"; | |
| - (NSData *)searchKeychainCopyMatching:(NSString *)identifier { | |
| NSMutableDictionary *searchDictionary = [[NSMutableDictionary alloc] init]; | |
| NSData *encodedIdentifier = [identifier dataUsingEncoding:NSUTF8StringEncoding]; | |
| searchDictionary[(__bridge id)kSecClass] = (__bridge id)kSecClassGenericPassword; | |
| searchDictionary[(__bridge id)kSecAttrGeneric] = encodedIdentifier; | |
| searchDictionary[(__bridge id)kSecAttrAccount] = encodedIdentifier; | |
| searchDictionary[(__bridge id)kSecAttrService] = serviceName; | |
| searchDictionary[(__bridge id)kSecMatchLimit] = (__bridge id)kSecMatchLimitOne; | |
| searchDictionary[(__bridge id)kSecReturnPersistentRef] = @YES; | |
| CFTypeRef result = NULL; | |
| SecItemCopyMatching((__bridge CFDictionaryRef)searchDictionary, &result); | |
| return (__bridge_transfer NSData *)result; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment