NEPacketTunnelProvider not called got - "Launch failed." {Error Domain=NSPOSIXErrorDomain Code=85 "Bad executable (or shared library)"

Programming Languages Swift
raitech12 OP
Created Jan ’23
Replies 2
Boosts 0
Views 972
Participants 2

We started developing a VPN app in swift. Network extension is configured with profiles

App entitlement is

<plist version="1.0">
<dict>
	<key>com.apple.developer.networking.networkextension</key>
	<array>
		<string>packet-tunnel-provider</string>
		<string>app-proxy-provider</string>
		<string>content-filter-provider</string>
	</array>
	<key>com.apple.developer.networking.vpn.api</key>
	<array>
		<string>allow-vpn</string>
	</array>
	<key>com.apple.security.application-groups</key>
	<array/>
</dict>
</plist>

The Network Extension is a subclass of NEPacketTunnelProvider with the following entitlements

<plist version="1.0">
<dict>
	<key>com.apple.developer.networking.networkextension</key>
	<array>
		<string>packet-tunnel-provider</string>
		<string>app-proxy-provider</string>
		<string>content-filter-provider</string>
	</array>
	<key>com.apple.developer.networking.vpn.api</key>
	<array>
		<string>allow-vpn</string>
	</array>
	<key>com.apple.security.app-sandbox</key>
	<true/>
	<key>com.apple.security.application-groups</key>
	<array/>
	<key>com.apple.security.network.client</key>
	<true/>
</dict>
</plist>

I've overrided init to log the initiailization.

    override init() {
            super.init()
            NSLog("NE Provider init")
        }

Xcode is version 12.5 on macos 11. The signing profile is set to automatic for both app and extension.

After starting the vpn using the app I got the following error:

Failed to start extension com.mxxxxx.Sxxxxx.PacketTunnel: Error Domain=PlugInKit Code=4 "RBSLaunchRequest error trying to launch plugin 
com.mxxxxx.Sxxxxx.PacketTunnel(XXXXXXX-1C0A-427F-8D6D-F9608D5B3C42): 
Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." 
UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x954f11100 
{Error Domain=NSPOSIXErrorDomain Code=85 "Bad executable (or shared library)" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}}" 
UserInfo={NSLocalizedDescription=RBSLaunchRequest error trying to launch plugin com.mxxxxx.Sxxxxx.PacketTunnel(XXXXXXXXX-1C0A-427F-8D6D-F9608D5B3C42): 
Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., 
NSUnderlyingError=0x954f11100 {Error Domain=NSPOSIXErrorDomain Code=85 "Bad executable (or shared library)" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}}}

Any advice please?

Replies  2
Boosts  0
Views  972
Participants  2
DTS Engineer OP
Apple
Jan ’23

Let’s start with your entitlements:

  • com.apple.developer.networking.networkextension should contain an entry for the types of provider you’re actually implementing. If you’re building a packet tunnel provider, that means just packet-tunnel-provider. Remove the other entries.

  • The com.apple.developer.networking.vpn.api entitlement is only relevant for Personal VPN. Remove that.

  • Your app groups entitlement, com.apple.security.application-groups, is empty. Remove that as well.

Xcode is version 12.5 on macos 11.

So, to be clear, you’re building a packet tunnel provider packaged as an app extension and planning to run it on macOS, right?

What does your packet tunnel provider’s Info.plist look like?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
DTS Engineer OP
Apple
Jan ’23

For those following along at home, I’ll be helping raitech12 in a different context.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

1
NEPacketTunnelProvider not called got - "Launch failed." {Error Domain=NSPOSIXErrorDomain Code=85 "Bad executable (or shared library)"
First post date Last post date
 
 
Q