0.1.1 doesn't seem to add anything at all
Dan2552 opened this issue · 27 comments
- cisco VPN
- 0.1.0 worked but doesn't support adding groupname
It provides warnings fine if you miss out settings:
Warning: You did not provide a group name for service <abc>
Hi Dan, thanks for your feedback!
- Which parameters do you provide to the command? (I'm asking to make sure this is not a problem)
- Which output do you get? (I'm asking because I ran into hard-crashes before that would "not do anything", as you describe it)
- Does the
--debug
output show you anything useful? (I'm asking because I want to find out where exactly it hangs)
Also, please try this version. (I basically just made sure it compiled correctly and I added more debugging output where I suspect it could crash).
if [[ $(which macosvpn) == "" ]]; then
# by flipping the version here, on 0.1.0 it works
sudo bash -c "curl -L https://github.com/halo/macosvpn/releases/download/0.1.1/macosvpn > /usr/local/bin/macosvpn"
# sudo bash -c "curl -L https://github.com/halo/macosvpn/releases/download/0.1.0/macosvpn > /usr/local/bin/macosvpn"
sudo chmod +x /usr/local/bin/macosvpn
fi
sudo macosvpn create --cisco name --endpoint my.endpoint.is.an.ip.address --username $vpn_username --password $vpn_password --groupname MYGROUPNAME --shared-secret $vpn_shared_secret
I'll hopefully be able to spend a bit of time debugging later today.
scripts λ macosvpn --version
0.1.2
scripts λ sudo macosvpn create --cisco test --endpoint test.test --username test --password test --groupname test --shared-secret test --debug
You are running in debug mode
Uncaptured argument values: /usr/local/bin/macosvpn
So, you wish to create one or more VPN service(s).
Gained superhuman rights.
Creating new Cisco IPSec Service using <[Cisco IPSec] name=test endpointPrefix=(null) endpoint=test.test endpointSuffix=(null) username=test password=test sharedSecret=test localIdentifier=test>
Cisco IPSec Service detected...
Instantiating interface references...
Creating a new, fresh VPN service in memory using the interface we already created
That service is to have a name
Ok, so far, the same thing happens to me. But then I ran it again and I got one log message further. Then it failed again 3 times, then it worked as normal and created the VPN as intended, then it kept failing again.
I really dislike random errors :/
For what it's worth, I do see this warning log, but I even see that when it's working. So I don't suppose it's related.
huh. Yeah, I just ran it 10 times in a row and 1 time it worked
Maybe we need to convert it to Swift ;) I saw you're into that. I do wish I could speak it fluently.
Either way, one of the recent code changes must have introduced it. I guess I'll have to go through it step by tep. Other than that, I recently upgraded Yosemite to 10.10.5 (14F1021)
. You?
If I run without sudo
I get a popup to authenticate from OS X, but then my shell does report the following:
fish: 'macosvpn create --cisco test --…' terminated by signal SIGSEGV (Address boundary error)
Don't know if that helps...
Is there a way to pass in arguments when running from Xcode? Some breakpoints would be helpful. I've never touched an Objective-C command-line app before 😄
I have another macbook on 10.10.3
or something will try it there. @arnieggertsson did you have any errors like this when you tried the new release? Which OS version are you on?
I'm running 10.11.1 (15B42)
If I run without sudo I get a popup to authenticate from OS X
See, that is how I originally intended the whole thing to work. That's how it was in the beginning. But at some point processes got prevented from elevating themselves. So I had to start using sudo.
Is there a way to pass in arguments when running from Xcode
Ah, I haven't even thought about that. You'd have to hack around somewhere in VPNArguments
. There doesn't seem to be a way to set defaults in the readme.
@halo This seems like a possibly bad build. I'm on OS X v10.10.5 and reproduce this issue with the GitHub pre-release binary; however, I cannot reproduce it with a local build of master (either Debug or Release build).
Using the GH Release Binary:
$ cd /tmp
$ curl -SLO https://github.com/halo/macosvpn/releases/download/0.1.1/macosvpn
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 581 0 581 0 0 585 0 --:--:-- --:--:-- --:--:-- 585
100 393k 100 393k 0 0 44087 0 0:00:09 0:00:09 --:--:-- 84871+x od
$ chmod +x macosvpn
$ ./macosvpn --version
0.1.0
$ md5 ./macosvpn
MD5 (./macosvpn) = 7f81a4c2283b79cd6f3b369eb505ecd7
$ /usr/bin/macosvpn -v
0.1.0
$ md5 /usr/bin/macosvpn
MD5 (/usr/bin/macosvpn) = 5604e3145d17358539a78661a2d9fa21
$ sudo ./macosvpn create --cisco test --endpoint test.test --username test --password test --groupname test --shared-secret test --debug
You are running in debug mode
Uncaptured argument values: /tmp/macosvpn
So, you wish to create one or more VPN service(s).
Gained superhuman rights.
Creating new Cisco IPSec Service using <[Cisco IPSec] name=test endpointPrefix=(null) endpoint=test.test endpointSuffix=(null) username=test password=test sharedSecret=test localIdentifier=test>
L2TP Service detected...
Instantiating interface references...
$
Local build of ced57c1:
$ sudo /Users/me/Library/Developer/Xcode/DerivedData/macosvpn-govqhcedfhzrxhaboujguohazmpf/Build/Products/Debug/macosvpn --version
0.1.2
$ sudo /Users/me/Library/Developer/Xcode/DerivedData/macosvpn-govqhcedfhzrxhaboujguohazmpf/Build/Products/Debug/macosvpn create --cisco test --endpoint test.test --username test --password test --groupname test --shared-secret test --debug
You are running in debug mode
Uncaptured argument values: /Users/me/Library/Developer/Xcode/DerivedData/macosvpn-govqhcedfhzrxhaboujguohazmpf/Build/Products/Debug/macosvpn
So, you wish to create one or more VPN service(s).
Gained superhuman rights.
Creating new Cisco IPSec Service using <[Cisco IPSec] name=test endpointPrefix=(null) endpoint=test.test endpointSuffix=(null) username=test password=test sharedSecret=test localIdentifier=test>
Cisco IPSec Service detected...
Instantiating interface references...
Creating a new, fresh VPN service in memory using the interface we already created
That service is to have a name
And we also woould like to know the internal ID of this service
It will be used to find the correct passwords in the system keychain
Deallocating obsolete interface references...
Reloading top Interface...
Configuring Cisco IPSec Service
Successfully configured Cisco IPSec interface of service test
Adding default protocols (DNS, etc.) to service test...
Fetching set of all available network services...
Fetching IPv4 protocol of service test...
Configuring IPv4 protocol of service test...
Commiting all changes including service test...
Preparing to add Keychain items for service test...
Succeeded opening System Keychain
Unlocking System Keychain
Succeeded unlocking System Keychain
Created empty Keychain access object
Successfully created Keychain Item
Succeeded opening System Keychain
Unlocking System Keychain
Succeeded unlocking System Keychain
Created empty Keychain access object
Successfully created Keychain Item
Successfully created Cisco IPSec VPN test with ID 35089AD9-B3E8-4335-9FF5-6C92A7385026
Finished.
$
@steve-jansen Thank you for explaining how to run this as root and how to add arguments :) Now I have a reliable way to crash Xcode haha. Seriously, every time I run that, it gives me the beachball somewhere in the VPNController create
method :) But I could still reliably reproduce the issue 9 out of 10 times with the compiled local development executable.
So, I just went through all changes recently made and I believe I solved it. Turns out, NULL
is not a good group name. See this commit. I'm not sure why, but now it doesn't crash for me any more and I can create as many VPNs as I like, of all types, and with and without group name.
@Dan2552 Would you mind giving master a try? Simply create one Cisco VPN with group name and one without.
And anyone who does that, needs to do it 10 times, because the crash only occurred randomly, and at random places :)
(Because I had the problem locally and don't have it anymore, I went ahead and released 0.1.3 from latest master.)
not having luck on my work computer running Yosemite. When I'm able to, I'll test on my home laptop again and do a bit of debugging with what Steve suggested.
Ok, I think I found the issue. If the group is set, these Arrays need to have the size 9, otherwise 7. It works fine in each use case provided that rule is respected.
I'm not sure how to initialize a CFStringRef
and set the size afterwards in a conditional. What's the syntax to conditionally define the size?
Figured it out.
Sorry to be the messenger... Doesn't look like everything is fixed; still failed but worked after running it a few times.
Ok, this is getting ridiculous :) I experience the same thing now with the released executable (compiled for production).
I just created dozens of services without problems. Both L2TP and Cisco, with and without group. 😮
I now uploaded the very executable I used just one minute ago for this into the 0.1.4 release. It was not compiled using "Archive", but it's simply the product of the debug "Command + b" building process.
Would you mind trying that one?
Yes! It works every time!
Thank you indeed. I can sleep well again ;)
@halo didn't we see a situation previously where the official archive build didn't work as expected, but, a debug build did?
EDIT
Yes, I was just going to point to the same post :) I'll try to keep an eye on it in upcoming releases.
I'm wondering if Travis could catch this. Not sure if network services can be added there. Could be.
Just to confirm: I'm working on integration specs which just call the macosvpn executable to test the actual functionality on Travis.
The Release
configuration always crashes randomly. The Debug
configuration works just fine. No, I don't know why ;)
@steve-jansen So you were absolutely right.
I turned off "Code Optimization" for the Release
configuration. Now it works just fine. Pchew!