Use low level xpc in Endpoint security app.

I tried low level XPC API. Here is the sample code. 

int

main(int argc, char *argv[])

{
init_dispatch_queue(); 

xpc_main(handler); 

es_client_t *client; 
es_new_client_result_t result = es_new_client(&client, ^(es_client_t *c, const es_message_t *msg) { 
     handle_event(c, msg); 
});

 if (result != ES_NEW_CLIENT_RESULT_SUCCESS) { os_log_error(OS_LOG_DEFAULT, "Failed to create the ES client: %d", result); 
return 1; 
}

 es_event_type_t events[] = { ES_EVENT_TYPE_AUTH_EXEC, ES_EVENT_TYPE_AUTH_OPEN }; 

if (es_subscribe(client, events, sizeof(events) / sizeof(events[0])) != ES_RETURN_SUCCESS) {

     es_delete_client(client); 
     return 1; 
} 

dispatch_main();

}

 xpc_main() function internally calls dispatch_main. Other extension code didn't execute. I added XPCService dict in info.plist and added RunLoopType as NSRunLoop as given in link. But it still don't work well.  

NSXPConnection API that allows extension to function. I can't use these API as pyobjc do not support block calls. 

 Can we make low level xpc_main() to execute in second thread and not block extension.

Up vote post of durgaprasad_kelkar Down vote post of durgaprasad_kelkar
387 views
Posted by
durgaprasad_kelkar
Reply
Add a Comment

Replies

xpc_main is meant to be used by an XPC Service. An Endpoint Security system extension is not an XPC Service, and so xpc_main is not appropriate here. Rather, your sysex should run its XPC service like a launchd daemon, that is, using xpc_connection_create_mach_service. See the second paragraph (it starts with “The launchd job using XPC is required to create a listener connection manually”) in the Mach Services section of the xpc_connection_create_mach_service man page.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment