Struct NEVPNProtocolIKEv2 

#[repr(C)]
pub struct NEVPNProtocolIKEv2 { /* private fields */ }

The NEVPNProtocolIKEv2 class declares the programmatic interface of an object that manages the IKEv2-specific portion of a VPN configuration.

Instances of this class use IKE version 2 for key negotiation. Instances of this class are thread safe.

See also Apple’s documentation

Implementations

impl NEVPNProtocolIKEv2

pub unsafe fn deadPeerDetectionRate(&self) -> NEVPNIKEv2DeadPeerDetectionRate

How frequently the IKEv2 client will run the dead peer detection algorithm. Default is NEVPNIKEv2DeadPeerDetectionRateMedium.

pub unsafe fn setDeadPeerDetectionRate( &self, dead_peer_detection_rate: NEVPNIKEv2DeadPeerDetectionRate, )

Setter for deadPeerDetectionRate.

pub unsafe fn serverCertificateIssuerCommonName( &self, ) -> Option<Retained<NSString>>

A string containing the Subject Common Name field of the Certificate Authority certificate that issued the IKEv2 server’s certificate.

pub unsafe fn setServerCertificateIssuerCommonName( &self, server_certificate_issuer_common_name: Option<&NSString>, )

Setter for serverCertificateIssuerCommonName.

pub unsafe fn serverCertificateCommonName(&self) -> Option<Retained<NSString>>

A string containing the value to verify in the IKEv2 server certificate’s Subject Common Name field.

pub unsafe fn setServerCertificateCommonName( &self, server_certificate_common_name: Option<&NSString>, )

Setter for serverCertificateCommonName.

pub unsafe fn certificateType(&self) -> NEVPNIKEv2CertificateType

contains the type of certificate if an certificate is configured. Default is RSA.

pub unsafe fn setCertificateType( &self, certificate_type: NEVPNIKEv2CertificateType, )

Setter for certificateType.

pub unsafe fn useConfigurationAttributeInternalIPSubnet(&self) -> bool

Boolean indicating if client should use INTERNAL_IP4_SUBNET / INTERNAL_IP6_SUBNET attributes. Default is False.

pub unsafe fn setUseConfigurationAttributeInternalIPSubnet( &self, use_configuration_attribute_internal_ip_subnet: bool, )

Setter for useConfigurationAttributeInternalIPSubnet.

pub unsafe fn IKESecurityAssociationParameters( &self, ) -> Retained<NEVPNIKEv2SecurityAssociationParameters>

Parameters for the IKE SA

pub unsafe fn childSecurityAssociationParameters( &self, ) -> Retained<NEVPNIKEv2SecurityAssociationParameters>

Parameters for the child SA

pub unsafe fn disableMOBIKE(&self) -> bool

Disable MOBIKE negotiation. Default is NO.

pub unsafe fn setDisableMOBIKE(&self, disable_mobike: bool)

Setter for disableMOBIKE.

pub unsafe fn disableRedirect(&self) -> bool

Disable Server Redirect. Default is NO.

pub unsafe fn setDisableRedirect(&self, disable_redirect: bool)

Setter for disableRedirect.

pub unsafe fn enablePFS(&self) -> bool

Enable Perfect Forward Secrecy. Default is NO.

pub unsafe fn setEnablePFS(&self, enable_pfs: bool)

Setter for enablePFS.

pub unsafe fn enableRevocationCheck(&self) -> bool

Enable certificate revocation check. Default is NO.

pub unsafe fn setEnableRevocationCheck(&self, enable_revocation_check: bool)

Setter for enableRevocationCheck.

pub unsafe fn strictRevocationCheck(&self) -> bool

Require positive certificate revocation check response for peer certificate validation to pass. Default is NO.

pub unsafe fn setStrictRevocationCheck(&self, strict_revocation_check: bool)

Setter for strictRevocationCheck.

pub unsafe fn minimumTLSVersion(&self) -> NEVPNIKEv2TLSVersion

Sets a minimum TLS version to allow for EAP-TLS authentication. Default is NEVPNIKEv2TLSVersionDefault.

pub unsafe fn setMinimumTLSVersion( &self, minimum_tls_version: NEVPNIKEv2TLSVersion, )

Setter for minimumTLSVersion.

pub unsafe fn maximumTLSVersion(&self) -> NEVPNIKEv2TLSVersion

Sets a maximum TLS version to allow for EAP-TLS authentication. Default is NEVPNIKEv2TLSVersionDefault.

pub unsafe fn setMaximumTLSVersion( &self, maximum_tls_version: NEVPNIKEv2TLSVersion, )

Setter for maximumTLSVersion.

pub unsafe fn enableFallback(&self) -> bool

Enable Fallback is used to support Wi-Fi Assist. Wi-Fi Assist allows connections for foreground apps to switch over to Cellular Data when WiFi connectivity is poor. By setting the EnableFallback key, the device will bring up a tunnel over Cellular Data to carry traffic that is eligible for Wi-Fi Assist and also requires VPN. Enabling fallback requires that the server support multiple tunnels for a single user. Default is NO.

pub unsafe fn setEnableFallback(&self, enable_fallback: bool)

Setter for enableFallback.

pub unsafe fn mtu(&self) -> NSUInteger

Maximum Transmission Unit (MTU) size in bytes to assign to the tunnel interface.

pub unsafe fn setMtu(&self, mtu: NSUInteger)

Setter for mtu.

pub unsafe fn ppkConfiguration( &self, ) -> Option<Retained<NEVPNIKEv2PPKConfiguration>>

Configuration for the use of a Post-quantum Pre-shared Key (PPK).

pub unsafe fn setPpkConfiguration( &self, ppk_configuration: Option<&NEVPNIKEv2PPKConfiguration>, )

Setter for ppkConfiguration.

impl NEVPNProtocolIKEv2

Methods declared on superclass NSObject.

pub unsafe fn init(this: Allocated<Self>) -> Retained<Self>

pub unsafe fn new() -> Retained<Self>

Methods from Deref<Target = NEVPNProtocolIPSec>

pub unsafe fn authenticationMethod(&self) -> NEVPNIKEAuthenticationMethod

The method used to authenticate with the IPSec server. Note that if this property is set to NEVPNIKEAuthenticationMethodNone, extended authentication will still be negotiated if useExtendedAuthentication is set to YES.

pub unsafe fn setAuthenticationMethod( &self, authentication_method: NEVPNIKEAuthenticationMethod, )

Setter for authenticationMethod.

pub unsafe fn useExtendedAuthentication(&self) -> bool

A flag indicating if extended authentication will be negotiated. This authentication is in addition to the IKE authentication used to authenticate the endpoints of the IKE session. For IKE version 1, when this flag is set X-Auth authentication will be negotiated as part of the IKE session, using the username and password properties as the credential. For IKE version 2, when this flag is set EAP authentication will be negotiated as part of the IKE session, using the username, password, and/or identity properties as the credential depending on which EAP method the server requires.

pub unsafe fn setUseExtendedAuthentication( &self, use_extended_authentication: bool, )

Setter for useExtendedAuthentication.

pub unsafe fn sharedSecretReference(&self) -> Option<Retained<NSData>>

A persistent reference to a keychain item of class kSecClassGenericPassword containing the IKE shared secret.

pub unsafe fn setSharedSecretReference( &self, shared_secret_reference: Option<&NSData>, )

Setter for sharedSecretReference.

pub unsafe fn localIdentifier(&self) -> Option<Retained<NSString>>

A string identifying the local IPSec endpoint for authentication purposes.

pub unsafe fn setLocalIdentifier(&self, local_identifier: Option<&NSString>)

Setter for localIdentifier.

pub unsafe fn remoteIdentifier(&self) -> Option<Retained<NSString>>

A string identifying the remote IPSec endpoint for authentication purposes.

pub unsafe fn setRemoteIdentifier(&self, remote_identifier: Option<&NSString>)

Setter for remoteIdentifier.

Methods from Deref<Target = NEVPNProtocol>

pub unsafe fn serverAddress(&self) -> Option<Retained<NSString>>

The VPN server. Depending on the protocol, may be an IP address, host name, or URL.

pub unsafe fn setServerAddress(&self, server_address: Option<&NSString>)

Setter for serverAddress.

pub unsafe fn username(&self) -> Option<Retained<NSString>>

The username component of the VPN authentication credential.

pub unsafe fn setUsername(&self, username: Option<&NSString>)

Setter for username.

pub unsafe fn passwordReference(&self) -> Option<Retained<NSData>>

The password component of the VPN authentication credential. The value is a persistent reference to a keychain item with the kSecClassGenericPassword class.

pub unsafe fn setPasswordReference(&self, password_reference: Option<&NSData>)

Setter for passwordReference.

pub unsafe fn identityReference(&self) -> Option<Retained<NSData>>

The certificate and private key component of the VPN authentication credential. The value is a persistent reference to a keychain item with the kSecClassIdentity class.

pub unsafe fn setIdentityReference(&self, identity_reference: Option<&NSData>)

Setter for identityReference.

pub unsafe fn identityData(&self) -> Option<Retained<NSData>>

The PKCS12 data for the VPN authentication identity. The value is a NSData in PKCS12 format.

pub unsafe fn setIdentityData(&self, identity_data: Option<&NSData>)

Setter for identityData.

pub unsafe fn identityDataPassword(&self) -> Option<Retained<NSString>>

The password to be used to decrypt the PKCS12 identity data.

pub unsafe fn setIdentityDataPassword( &self, identity_data_password: Option<&NSString>, )

Setter for identityDataPassword.

pub unsafe fn disconnectOnSleep(&self) -> bool

If YES, the VPN connection will be disconnected when the device goes to sleep. The default is NO.

pub unsafe fn setDisconnectOnSleep(&self, disconnect_on_sleep: bool)

Setter for disconnectOnSleep.

pub unsafe fn proxySettings(&self) -> Option<Retained<NEProxySettings>>

An NEProxySettings object containing the proxy settings to use for connections routed through the tunnel.

pub unsafe fn setProxySettings(&self, proxy_settings: Option<&NEProxySettings>)

Setter for proxySettings.

pub unsafe fn includeAllNetworks(&self) -> bool

If this property is set to YES then all network traffic is routed through the tunnel, with some exclusions. Several of the exclusions can be controlled with the excludeLocalNetworks, excludeCellularServices, excludeAPNs and excludeDeviceCommunication properties. See the documentation for those properties. The following traffic is always excluded from the tunnel:

• Traffic necessary for connecting and maintaining the device’s network connection, such as DHCP.
• Traffic necessary for connecting to captive networks.
• Certain cellular services traffic that is not routable over the internet and is instead directly routed to the cellular network. See the excludeCellularServices property for more details.
• Network communication with a companion device such as a watchOS device. The default value of this property is NO.

pub unsafe fn setIncludeAllNetworks(&self, include_all_networks: bool)

Setter for includeAllNetworks.

pub unsafe fn excludeLocalNetworks(&self) -> bool

If YES, all traffic destined for local networks will be excluded from the tunnel. The default is NO on macOS and YES on iOS.

pub unsafe fn setExcludeLocalNetworks(&self, exclude_local_networks: bool)

Setter for excludeLocalNetworks.

pub unsafe fn excludeCellularServices(&self) -> bool

If includeAllNetworks is set to YES and this property is set to YES, then internet-routable network traffic for cellular services (VoLTE, Wi-Fi Calling, IMS, MMS, Visual Voicemail, etc.) is excluded from the tunnel. Note that some cellular carriers route cellular services traffic directly to the carrier network, bypassing the internet. Such cellular services traffic is always excluded from the tunnel. The default value of this property is YES.

pub unsafe fn setExcludeCellularServices(&self, exclude_cellular_services: bool)

Setter for excludeCellularServices.

pub unsafe fn excludeAPNs(&self) -> bool

If includeAllNetworks is set to YES and this property is set to YES, then network traffic for the Apple Push Notification service (APNs) is excluded from the tunnel. The default value of this property is YES.

pub unsafe fn setExcludeAPNs(&self, exclude_ap_ns: bool)

Setter for excludeAPNs.

pub unsafe fn excludeDeviceCommunication(&self) -> bool

If includeAllNetworks is set to YES and this property is set to YES, then network traffic used for communicating with devices connected via USB or Wi-Fi is excluded from the tunnel. For example, Xcode uses a network tunnel to communicate with connected development devices like iPhone, iPad and TV. The default value of this property is YES.

pub unsafe fn setExcludeDeviceCommunication( &self, exclude_device_communication: bool, )

Setter for excludeDeviceCommunication.

pub unsafe fn enforceRoutes(&self) -> bool

If YES, route rules for this tunnel will take precendence over any locally-defined routes. The default is NO.

pub unsafe fn setEnforceRoutes(&self, enforce_routes: bool)

Setter for enforceRoutes.

pub unsafe fn sliceUUID(&self) -> Option<Retained<NSString>>

Identification string of the associated Cellular slice. If present, VPN tunnel will be scoped to the associated Cellular slice whenever slice is active. Otherwise, VPN tunnel will fallback onto the primary interface.

pub unsafe fn setSliceUUID(&self, slice_uuid: Option<&NSString>)

Setter for sliceUUID.

Methods from Deref<Target = NSObject>

pub fn doesNotRecognizeSelector(&self, sel: Sel) -> !

Handle messages the object doesn’t recognize.

See Apple’s documentation for details.

Methods from Deref<Target = AnyObject>

pub fn class(&self) -> &'static AnyClass

Dynamically find the class of this object.

Panics

May panic if the object is invalid (which may be the case for objects returned from unavailable init/new methods).

Example

Check that an instance of NSObject has the precise class NSObject.

use objc2::ClassType;
use objc2::runtime::NSObject;

let obj = NSObject::new();
assert_eq!(obj.class(), NSObject::class());

pub unsafe fn get_ivar<T>(&self, name: &str) -> &T

where T: Encode,

👎Deprecated: this is difficult to use correctly, use Ivar::load instead.

Use Ivar::load instead.

Safety

The object must have an instance variable with the given name, and it must be of type T.

See Ivar::load_ptr for details surrounding this.

pub fn downcast_ref<T>(&self) -> Option<&T>

where T: DowncastTarget,

Attempt to downcast the object to a class of type T.

This is the reference-variant. Use Retained::downcast if you want to convert a retained object to another type.

Mutable classes

Some classes have immutable and mutable variants, such as NSString and NSMutableString.

When some Objective-C API signature says it gives you an immutable class, it generally expects you to not mutate that, even though it may technically be mutable “under the hood”.

So using this method to convert a NSString to a NSMutableString, while not unsound, is generally frowned upon unless you created the string yourself, or the API explicitly documents the string to be mutable.

See Apple’s documentation on mutability and on isKindOfClass: for more details.

Generic classes

Objective-C generics are called “lightweight generics”, and that’s because they aren’t exposed in the runtime. This makes it impossible to safely downcast to generic collections, so this is disallowed by this method.

You can, however, safely downcast to generic collections where all the type-parameters are AnyObject.

Panics

This works internally by calling isKindOfClass:. That means that the object must have the instance method of that name, and an exception will be thrown (if CoreFoundation is linked) or the process will abort if that is not the case. In the vast majority of cases, you don’t need to worry about this, since both root objects NSObject and NSProxy implement this method.

Examples

Cast an NSString back and forth from NSObject.

use objc2::rc::Retained;
use objc2_foundation::{NSObject, NSString};

let obj: Retained<NSObject> = NSString::new().into_super();
let string = obj.downcast_ref::<NSString>().unwrap();
// Or with `downcast`, if we do not need the object afterwards
let string = obj.downcast::<NSString>().unwrap();

Try (and fail) to cast an NSObject to an NSString.

use objc2_foundation::{NSObject, NSString};

let obj = NSObject::new();
assert!(obj.downcast_ref::<NSString>().is_none());

Try to cast to an array of strings.

use objc2_foundation::{NSArray, NSObject, NSString};

let arr = NSArray::from_retained_slice(&[NSObject::new()]);
// This is invalid and doesn't type check.
let arr = arr.downcast_ref::<NSArray<NSString>>();

This fails to compile, since it would require enumerating over the array to ensure that each element is of the desired type, which is a performance pitfall.

Downcast when processing each element instead.

use objc2_foundation::{NSArray, NSObject, NSString};

let arr = NSArray::from_retained_slice(&[NSObject::new()]);

for elem in arr {
    if let Some(data) = elem.downcast_ref::<NSString>() {
        // handle `data`
    }
}

Trait Implementations

impl AsRef<AnyObject> for NEVPNProtocolIKEv2

fn as_ref(&self) -> &AnyObject

Converts this type into a shared reference of the (usually inferred) input type.

impl AsRef<NEVPNProtocol> for NEVPNProtocolIKEv2

fn as_ref(&self) -> &NEVPNProtocol

Converts this type into a shared reference of the (usually inferred) input type.

impl AsRef<NEVPNProtocolIKEv2> for NEVPNProtocolIKEv2

fn as_ref(&self) -> &Self

Converts this type into a shared reference of the (usually inferred) input type.

impl AsRef<NEVPNProtocolIPSec> for NEVPNProtocolIKEv2

fn as_ref(&self) -> &NEVPNProtocolIPSec

Converts this type into a shared reference of the (usually inferred) input type.

impl AsRef<NSObject> for NEVPNProtocolIKEv2

fn as_ref(&self) -> &NSObject

Converts this type into a shared reference of the (usually inferred) input type.

impl Borrow<AnyObject> for NEVPNProtocolIKEv2

fn borrow(&self) -> &AnyObject

Immutably borrows from an owned value.

impl Borrow<NEVPNProtocol> for NEVPNProtocolIKEv2

fn borrow(&self) -> &NEVPNProtocol

Immutably borrows from an owned value.

impl Borrow<NEVPNProtocolIPSec> for NEVPNProtocolIKEv2

fn borrow(&self) -> &NEVPNProtocolIPSec

Immutably borrows from an owned value.

impl Borrow<NSObject> for NEVPNProtocolIKEv2

fn borrow(&self) -> &NSObject

Immutably borrows from an owned value.

impl ClassType for NEVPNProtocolIKEv2

const NAME: &'static str = "NEVPNProtocolIKEv2"

The name of the Objective-C class that this type represents.

type Super = NEVPNProtocolIPSec

The superclass of this class.

type ThreadKind = <<NEVPNProtocolIKEv2 as ClassType>::Super as ClassType>::ThreadKind

Whether the type can be used from any thread, or from only the main thread.

fn class() -> &'static AnyClass

Get a reference to the Objective-C class that this type represents.

fn as_super(&self) -> &Self::Super

Get an immutable reference to the superclass.

impl CopyingHelper for NEVPNProtocolIKEv2

type Result = NEVPNProtocolIKEv2

The immutable counterpart of the type, or Self if the type has no immutable counterpart.

impl Debug for NEVPNProtocolIKEv2

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Deref for NEVPNProtocolIKEv2

type Target = NEVPNProtocolIPSec

The resulting type after dereferencing.

fn deref(&self) -> &Self::Target

Dereferences the value.

impl Hash for NEVPNProtocolIKEv2

fn hash<H: Hasher>(&self, state: &mut H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Message for NEVPNProtocolIKEv2

fn retain(&self) -> Retained<Self>

where Self: Sized,

Increment the reference count of the receiver.

impl NSCopying for NEVPNProtocolIKEv2

fn copy(&self) -> Retained<Self::Result>

where Self: Sized + Message + CopyingHelper,

Returns a new instance that’s a copy of the receiver.

unsafe fn copyWithZone(&self, zone: *mut NSZone) -> Retained<Self::Result>

where Self: Sized + Message + CopyingHelper,

Returns a new instance that’s a copy of the receiver.

impl NSObjectProtocol for NEVPNProtocolIKEv2

fn isEqual(&self, other: Option<&AnyObject>) -> bool

where Self: Sized + Message,

Check whether the object is equal to an arbitrary other object.

fn hash(&self) -> usize

where Self: Sized + Message,

An integer that can be used as a table address in a hash table structure.

fn isKindOfClass(&self, cls: &AnyClass) -> bool

where Self: Sized + Message,

Check if the object is an instance of the class, or one of its subclasses.

fn is_kind_of<T>(&self) -> bool

where T: ClassType, Self: Sized + Message,

👎Deprecated: use isKindOfClass directly, or cast your objects with AnyObject::downcast_ref

Check if the object is an instance of the class type, or one of its subclasses.

fn isMemberOfClass(&self, cls: &AnyClass) -> bool

where Self: Sized + Message,

Check if the object is an instance of a specific class, without checking subclasses.

fn respondsToSelector(&self, aSelector: Sel) -> bool

where Self: Sized + Message,

Check whether the object implements or inherits a method with the given selector.

fn conformsToProtocol(&self, aProtocol: &AnyProtocol) -> bool

where Self: Sized + Message,

Check whether the object conforms to a given protocol.

fn description(&self) -> Retained<NSObject>

where Self: Sized + Message,

A textual representation of the object.

fn debugDescription(&self) -> Retained<NSObject>

where Self: Sized + Message,

A textual representation of the object to use when debugging.

fn isProxy(&self) -> bool

where Self: Sized + Message,

Check whether the receiver is a subclass of the NSProxy root class instead of the usual NSObject.

fn retainCount(&self) -> usize

where Self: Sized + Message,

The reference count of the object.

impl NSSecureCoding for NEVPNProtocolIKEv2

unsafe fn supportsSecureCoding() -> bool

where Self: Sized + ClassType,

impl PartialEq for NEVPNProtocolIKEv2

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl RefEncode for NEVPNProtocolIKEv2

const ENCODING_REF: Encoding = <NEVPNProtocolIPSec as ::objc2::RefEncode>::ENCODING_REF

The Objective-C type-encoding for a reference of this type.

impl DowncastTarget for NEVPNProtocolIKEv2

impl Eq for NEVPNProtocolIKEv2

impl NSCoding for NEVPNProtocolIKEv2