CNCopyCurrentNetworkInfo in Packet Tunnel Provider not working on iOS 13

We have found that it's no longer possible to retrieve Wi-Fi SSIDs from within a Packet Tunnel Provider using CNCopyCurrentNetworkInfo.


Observations:

  1. Both the app and the packet tunnel provider are properly configured to be able to use CNCopyCurrentNetworkInfo, by including the required entitlements.
  2. When the app calls this method, a dictionary containing a valid SSID is returned.
  3. When the packet tunnel provider calls this method, a dictionary containing "Wi-Fi" is returned, no matter to which network are we connected.
  4. When removing the entitlement from the packet tunnel provider, nil is returned.
  5. From the app we can also use the NEHotspotHelper to obtain this information, but it is not possible to use this method from the packet tunnel provider.
Taking into consideration the newly updated documentation:
The requesting app must meet one of the following requirements:
  • The app uses Core Location, and has the user’s authorization to use location information.
  • The app uses the NEHotspotConfiguration API to configure the current Wi-Fi network.
  • The app has active VPN configurations installed.
An app that fails to meet any of the above requirements receives the following return value:
  • An app linked against iOS 12 or earlier receives a dictionary with pseudo-values. In this case, the SSID is Wi-Fi (or WLAN in the China region), and the BSSID is 00:00:00:00:00:00.
  • An app linked against iOS 13 or later receives NULL.

Important

To use this function, an app linked against iOS 12 or later must enable the Access WiFi Information capability in Xcode. For more information, see Access WiFi Information Entitlement. Calling this function without the entitlement always returns NULL when linked against iOS 12 or later.

This function returns NULL for iPad apps running in macOS.

It seems the rules no longer apply to packet tunnel providers, only to apps.

The app has active VPN configurations installed.

Explicitly states that this applies to apps that have a VPN configuration installed. Not about the associated packet tunnel provider, if available.


Has there been a policy change in how network extensions (in our case, a packet tunnel provider) can access CNCopyCurrentNetworkInfo? If the app has permission to read the CNCopyCurrentNetworkInfo because it has a VPN configuration installed (namely its own packet tunnel provider), why should that packet tunnel not be allowed the same permission?

Replies

Presumably this is with regards the changes in iOS 13 beta (it helps if you include relevant version numbers in a post like this). If so, this sounds like a relatively simple omission, namely that the app’s privileges aren’t being extended to the provider. My recommendation is that you file a bug with your findings and an explanation of why this is important to your product.

Please post your bug number, just for the record.

ps What would be ideal is if you could get in a time machine and file this bug a few months ago (-: However, we’ll see how this pans out.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Filed bug report FB7101522. It was indeed already announced in a WWDC session, but the release notes only got updated in beta 6. Fingers crossed that there might be somebody looking at it. I would really appreciate this fixed in the GM, however unlikely that may be! In any case thanks for your reply, Eskimo!

Has there been any update to your radar? We filled our own report today - FB7248611

Has there been any update to your radar?

It’s possible that this will get fixed but there is no fix for it in iOS 13 GM Seed, and thus it’s very likely to ship to a significant number of customers this way.

We filled our own report today - FB7248611

Thanks.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"
(r. 54595944)

There has been a follow up to do a sysdiagnose trace, which I've done. No further questions or signals since that. Meanwhile, we've tested and confirmed that this issue still exists in iOS 13.1 beta 1, 2 and 3. I will report these findings too as responses to the feedback ticket.


As Eskimo points out correctly, that unfortunately means we're going to have some broken functionality in our apps as of the iOS 13 rollout. I'm still hoping this will be addressed in iOS 13.1.

We're also seeing the problem, in iOS 13 GM from a PacketTunnelProvider. Works fine from the app. Really hoping for a 13.1 fix!


I also saw it in Catalina, macOS 10.15. beta 7.

I also saw it in Catalina, macOS 10.15. beta 7.

Saw what?

CNCopyCurrentNetworkInfo
isn’t public API on macOS.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

Sorry to report that this is not fixed in iOS 13.1 beta 4. With 13.1 released 24 September I'm sceptic that this will see its way into 13.1. Any advice here?

With 13.1 released 24 September I'm sceptic that this will see its way into 13.1.

You’re right to be sceptical here )-: While it’s impossible to predict the future with 100% accuracy, the fix is definitely not in 13.1b4 and it’s hard to imagine it making it into the 13.1 release.

Any advice here?

Just the usual stuff:

  • You’ll have to live with this limitation on 13.1, as you did on 13.0. The only difference here is that 13.1 is likely to get a much larger audience, which will make this more painful )-:

  • You should watch out for, and re-test with, any post 13.1 release that we seed.

I’m sorry I don’t have better news here.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"