Post

Replies

Boosts

Views

Activity

NEPacketTunnelProvider died unexpectedly, no crash dump
Hello,I'm trying to debug an intermittent crash in my NEPacketTunnelProvider. Basically, it will sometimes crash about a minute after establishing a connection. If it survives the first couple minutes, it will work fine for the duration of the connection.My main problem is that there doesn't appear to be any crash dump created. My provider just stops logging, and I see the following logged in the Console:neagent: extension connection was interrupted neagent: Extension <my extension ID> died unexpectedly nesessionmanager: NESMVPNSession[<uuid>]: status changed to disconnectingThe crash happens only on macOS; iOS is fine.A few things I've tried:Checked for a crash dump in ~/Library/Logs/DiagnosticReports and /Library/Logs/DiagnosticReports; found nothing related to my provider.Attached the Xcode debugger. I can never get it to crash with the debugger attached (of course 😝).Monitored memory usage in Xcode. It's typically around 6.7MB, but can drift up close to 8MB during heavy traffic. I believe this is acceptable?Added an uncaught exception handler via NSSetUncaughtExceptionHandler. But my handler never gets called; I suspect this isn't supported for extensions?Followed instructions for Crash Logs and VPN Logging.Has anybody run into an issue like this? Is there some other way to gather info that I'm missing?Thanks,Mike
20
0
9.9k
Aug ’17
Packet tunnel provider on macOS vs Apple Configurator 2
I'm having a couple problems using Apple Configurator 2 profiles with my packet tunnel provider extension. These are specific to macOS; iOS works fine.1. ProviderBundleIdentifier is a required property on macOS, however there doesn't appear to be any way to specify it in Apple Configurator 2. It seems I have to manually edit the exported .mobileconfig file and add the necessary XML. This gets even trickier with a signed profile; I have to save it from AC2, then edit the XML, then go back into AC2 to do the signing. Am I overlooking something, or should I file a radar?2. Profiles with client certificate identities trigger a security prompt during login:<VPN name> wants to sign using key "Configuration Profiles" in your keychain. Do you want to allow access to this item? [Always allow] [Deny] [Allow]Is this expected behavior? Is there anything that can be done in AC2 to pre-populate the ACL for the private key to allow my VPN app/extension to access it silently? Or is there a special way I can access the identity from my VPN app/extension? I'm currently authenticating via URLSession/URLCredential before establishing the tunnel connection. Maybe that's not the expected approach?ThanksMike
8
0
1.9k
Apr ’17