Archive for the ‘iPhone’ Category

iOS 4.1: Undocumented VPN API, used by Cisco AnyConnect

Saturday, September 25th, 2010

A few days ago, Cisco AnyConnect was admitted to the App Store. This was mentioned by a few blogs, but they didn’t seem to notice the relevance of it. AnyConnect is an enterprise SSL VPN technology by Cisco, so this may not seem relevant to all that many people at first sight.
However, in order to implement a VPN client to provide VPN connectivity for other apps, you need to hook into the operating system’s network stack. On the iOS App Store, everybody knows that Apple is rather strict on what a developer can do — hooking into the OS kernel and providing network functionality to other apps isn’t something they provide APIs for (and therefore don’t allow).

Wondering how Cisco got around these App Store limitations, I took a closer look at the AnyConnect app. Upon first starting it, it asks whether you want to let it “extend… the Virtual Private Network (VPN) capabilities of your device”.

Cisco AnyConnect Secure Mobility Client extends the Virtual Private Network (VPN) capabilities of your device. Do you want to enable this software? Don't Allow / OK


After entering a VPN server name etc., I switched over to the Settings app and noticed that the newly created AnyConnect VPN showed up as a system-wide VPN (though if you try to edit it from there, it’ll just say that you should use the AnyConnect app instead).

To configure the settings for ....., use the app provided by Cisco.

Odd, how would an app be able to do any of this if it’s not allowed to get involved with iOS deeper than the App Store guidelines would allow?

Moving on and digging deeper into the .ipa bundle:

The Payload contains AnyConnectDataAgent.vpnplugin, in addition to the AnyConnect.app:

AnyConnectDataAgent.vpnplugin

AnyConnect.app‘s Entitlements.plist contains an entitlement named com.apple.networking.vpn.configuration:

com.apple.networking.vpn.configuration

Neither vpnplugin bundles nor the com.apple.networking.vpn.configuration entitlement are documented anywhere (at least not in a way that can be found through Google). Since this appears to be a special iOS API created by Apple specifically for Cisco, the question is whether it’s also open to other developers. The only other app I’ve found that uses it is Juniper Junos Pulse, which was posted a few weeks before the AnyConnect app. Since both Junos Pulse and AnyConnect have in common that they require iOS 4.1, I think it’s safe to assume that 4.1 introduced the API they use.
Personally, I’d be interested to see an OpenVPN client for the iPhone. I’m not sure whether that will ever happen though if this VPN API only exits semi-officially, especially since OpenVPN is not backed by a big company like Cisco or Juniper.

Posted in iPhone | 5 Comments »

3rd party Exchange ActiveSync servers

Friday, April 30th, 2010

I’ve recently been looking for a comprehensive list of mail/groupware servers/services that offer Exchange ActiveSync integration, e.g. for the iPhone or Windows Mobile. Since I couldn’t find one, I’m putting together a list myself. (I’m not including Microsoft Exchange Server and all those Hosted Exchange solutions, since they’re pretty obvioius choices.)

Services:
Google Mail using Google Sync: Gmail (free) or own domain (free for up to 50 users)
coming in June: Hotmail
NuevaSync Premium: works with any IMAP mail server ($25/year)

Server software:
Kerio Connect‘s ActiveSync Support ($540 for 5 users)
Open-Xchange using OXtender for Business Mobility: ($21.75 / 14.50€ per user)
Scalix using Scalix ActiveSync: ($299 for 10 users)
Zimbra Collaboration Suite using Zimbra Mobile for Smartphones: ($25/$35 per user per year + $500/$1000 per year)

Z-Push (free, appears to with any IMAP server)

If you know any others, please go ahead and add them to the comments, and I’ll add them to this list.

Tags: ,
Posted in iPhone | No Comments »

Beejive Transcript Importer for Adium

Friday, February 12th, 2010

A few months ago, I wrote a quick and dirty script that goes through iTunes’ iPhone backup, searches for Beejive’s data and converts it to Adium-compatible chat logs. It even imports files and pictures. It does not support timezones and daylight savings time, but other than that, it does a good job. I was initially planning for writing a converter to iChat log format, but iChat’s transcripts basically consists of serialized data stored in plists and is undocumented, so it would be very difficult to implement iChat’s transcript format.

You may download it here. If you find a bug, please do let me know in the comments, but don’t expect I’ll fix it anytime soon ;-) .

Tags: , , ,
Posted in iPhone | No Comments »