Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for Local Network Usage permission #94

Open
kasnder opened this issue May 6, 2022 · 2 comments
Open

Support for Local Network Usage permission #94

kasnder opened this issue May 6, 2022 · 2 comments
Labels
enhancement

Comments

@kasnder
Copy link

kasnder commented May 6, 2022
edited
Loading

Is your feature request related to a problem? Please describe.
iOS 14 introduced a new permission for apps to access the local network. This doesn't seem to be currently handled by the tool.

Describe the solution you'd like
It would be nice to add this new permission to the tool.

Describe alternatives you've considered
The option does not currently seem to be covered.

Additional context
According to the Apple Developer Docs, the new permission is related to the Bonjour service.
@kasnder
Copy link
Author

kasnder commented Mar 9, 2023
edited
Loading

I've now figured this out. The configuration is stored in /Library/Preferences/com.apple.networkextension.plist. This file is amended once a new app is installed. For example, the (shortended) entry for the Spotify app is:

<dict>
[...]
	<key>DenyMulticast</key>
	<true/>
	<key>IsIdentifierExternal</key>
	<false/>
	<key>MatchAccountIdentifiers</key>
	<dict>
		<key>CF$UID</key>
		<integer>0</integer>
	</dict>
	<key>MatchDomains</key>
	<dict>
		<key>CF$UID</key>
		<integer>0</integer>
	</dict>
	<key>MulticastPreferenceSet</key>
	<false/>
[...]
</dict>
<string>com.spotify.client</string>

MulticastPreferenceSet indicates whether a permission popup has been shown before. DenyMulticast saves the user's choice in response to that permission popup.

The file is manged by the nehelper daemon. We can thus

  1. unload the daemon with
launchctl unload /System/Library/LaunchDaemons/com.apple.nehelper-embedded.plist
  1. change /Library/Preferences/com.apple.networkextension.plist as we wish
  2. reload the daemon with
launchctl load /System/Library/LaunchDaemons/com.apple.nehelper-embedded.plist

There does, however, seem to exist some kind of signature that's additionally added to the file. I haven't figure out yet, how this works. Yet, I've been able to change the file regardless.

@kasnder
Copy link
Author

kasnder commented Mar 10, 2023
edited
Loading

For those who want to quickly change the setting with the command line (like me), this is a set of commands that automates granting the setting (for the app com.spotify.client):

plistutil -i com.apple.networkextension.plist -o com.apple.networkextension.xml -f xml
xmlstarlet ed -r "//string[text() = 'com.spotify.client']/preceding-sibling::*[1]/key[text() = 'MulticastPreferenceSet' or text() = 'DenyMulticast']/following-sibling::*[1]" -v true com.apple.networkextension.xml
plistutil -i com.apple.networkextension.xml -o com.apple.networkextension.plist -f bin

Update: Here's a fully working script to grant this permission (needs jailbroken device).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kasnder