User Profile

Hi, We would like to get to know what are the possible reasons my container app OSSystemExtensionRequestDelegate is generating this error while trying for activation of Endpoint Security extensions and how we can address those cases so that we will solve this. I have verified and found container app along with extensions are code signed and having entitlements. I am using XCode 11.3.1 and macOS Catalina 10.15.3 (SIP disabled). Thanks & Regards, Mohmad Vasim

Hi, Greetings for the day! We would like to update you that we have created Content Filter NetworkExtension and this extension is working fine till Big Sur M1 however we are facing some strange problem in M1 Monterey. Intermittently, When we try to browse websites, it does not respond and after 3-5 minutes its opened the websites correctly. We would like to update you that our subclass overrides handleNewFlow, handleInboundDataFromFlow, handleOutboundDataFromFlow, handleInboundDataCompleteForFlow and handleOutboundDataCompleteForFlow. In all these methods we first check whether NEFilterFlow is nil or not and then pauseVerdict and once asynchronous methods completes execution then we call resumeFlow with verdict (allowVerdict/dropVerdict). When above mentioned issue generated we collected console streaming log and found these lines in the logs (Not from our application): Ignoring resume command for flow 3c8faf3c4a9f7 which does not exist Ignoring resume command for flow 3c90795d4d6f9 which does not exist Ignoring resume command for flow 3c9086d1ede69 which does not exist Ignoring resume command for flow 3c909b251d53b which does not exist We are not sure how above line get printed because we don’t have this logs in our source code so we would need your help to understand this problem and resolution so that we can solve this issue. We have couple of extra queries: What is flow mentioned in above logs in bold text? Is it NEFilterFlow's identifier or something else? How we can validate whether NEFilterFlow is valid or not before calling resumeFlow Why above line is getting printed in log which says flow does not exist. Is there any timeout maintained by NetworkExtension? We are using XPC for interprocess communication so our question is that, Is NetworkExtension/XPC maintain the queue size and if it overflow the size then above line is getting printed. If this is the case then how we can handle that? Is it known issue in NetworkExtension framework itself on M1 Monterey? Thanks & Regards, Mohmad Vasim

Hi All, We are trying to build demo tool by using Network framework API. Here is the code in Objective-c: // //  main.m // #import <Foundation/Foundation.h> #import <Network/Network.h> char *hostname = ""; char *port = ""; nw_connection_t serverConnection; void stopConn() {    nw_connection_cancel(serverConnection); } void connectionDidEnd(NSError *error) {     NSLog(@"connectionDidEnd: %@", [error localizedDescription]);     stopConn(); } void connectionDidFail(NSError *error) {     NSLog(@"connectionDidFail: %@", [error localizedDescription]);     stopConn(); } void connectionReady(nw_connection_t connection) {     NSString *data = @"somedata";     NSData *rawData = [data dataUsingEncoding:NSUTF8StringEncoding];     nw_connection_send(connection, (dispatch_data_t _Nonnull)rawData, NW_CONNECTION_DEFAULT_MESSAGE_CONTEXT, FALSE, ^(nw_error_t  _Nullable error)     {         if (error != NULL)         {             NSLog(@"connection did send Failed.");             connectionDidFail((NSError*)error);             return;         }             NSLog(@"connection did send, data: %@",[[NSString alloc] initWithData:rawData encoding:NSUTF8StringEncoding]);     }); } void setupReceive(nw_connection_t connection) {     nw_connection_receive(connection, 1, 65536, ^(dispatch_data_t  _Nullable content, nw_content_context_t  _Nullable context, bool is_complete, nw_error_t  _Nullable error) {         nw_retain(context);         if (content != NULL)         {             NSString *data = [[NSString alloc] initWithData:(NSData*)content encoding:NSUTF8StringEncoding];             NSLog(@"setupReceive: Receive Data = %@",data);         }         if (is_complete) {             connectionDidEnd((NSError*)error);         } else if (error != NULL) {             connectionDidFail((NSError*)error);         } else {             setupReceive(connection);         }     }); } int main(int argc, const char * argv[]) {     @autoreleasepool {         nw_endpoint_t endpoint = nw_endpoint_create_host(hostname, port);         serverConnection = nw_connection_create(endpoint, nw_parameters_create_secure_tcp(NW_PARAMETERS_DEFAULT_CONFIGURATION, NW_PARAMETERS_DEFAULT_CONFIGURATION));         nw_retain(serverConnection);         nw_connection_set_queue(serverConnection, dispatch_get_main_queue());           nw_connection_set_state_changed_handler(serverConnection, ^(nw_connection_state_t state, nw_error_t  _Nullable error) {             switch (state) {                 case nw_connection_state_invalid:                     NSLog(@"Invalid");                     break;                 case nw_connection_state_waiting:                     NSLog(@"waiting");                     break;                 case nw_connection_state_preparing:                     NSLog(@"Preparing");                     break;                 case nw_connection_state_ready:                     NSLog(@"Client connection ready");                     connectionReady(serverConnection);                     break;                 case nw_connection_state_failed:                     NSLog(@"FAILED...");                     connectionDidFail((NSError*)error);                     break;                 case nw_connection_state_cancelled:                     connectionDidEnd((NSError*)error);                     NSLog(@"connection cancelled");                     break;                 default:                     NSLog(@"Unknown State = %d",state);                     break;             }         });         setupReceive(serverConnection);         nw_connection_start(serverConnection);         dispatch_main();     }     return 0; } Above code is not able to send command to server and always we receive below error nw_protocol_boringssl_write_frames_block_invoke(892) [C1:1][0x1040682a0] Failed to allocate buffer for external data Please let us know if we are doing anything wrong here. Thanks & Regards, Mohmad Vasim

Hi, We would like to know if there is any way to enable Connection Doctor logs before adding any account into Mail application. Mail application's "Connection Doctor" menu is only visible after adding the account successfully in it. Or if there is any way to capture the Mail application Connection logs , it would be appreciated. I have tried below command however it does not showing the connection logs, its logging some Core Data related stuff. System/Applications/Mail.app/Contents/MacOS/Mail -LogActivityOnPort 110 Thanks & Regards, Mohmad Vasim

Hi , We are new to implementing SSL POP3 communication using port 995. We have installed HMailServer and created account and trying to communicate through POP3 SSL. We have used Security framework API to make client and server handshake and after that we are making CAPA , USER, PASS , STAT, LIST command and once we get the list of messages with size , we are initiating RETR 1, 2 .... RETR command sometimes fails randomly on certain emails giving error errSSLDecryptionFail. Sometime RETR 1 processed correctly and when we are trying to fetch RETR 2 then SSLRead is generating error as errSSLDecryptionFail. As per error description errSSLDecryptionFail : invalid data coming from the remote host, a damaged crypto key, or insufficient permission to use a key that is stored in the keychain. We would like to know how to verify above error conditions to identify the issue. I would like to update that when it again make handshake and then at that time RETR 2 is getting succeeds but other RETR is failing with same error. (other RETR meaning RETR 5 etc.) So please help us to know how we can identify the root-cause and how we can fix it. Is there any Sample that we can use to identify the issue and solve it. Thanks & Regards, Mohmad Vasim

Hi, Greetings for the day, We would like to update you that we have started facing one strange problem in macOS Monterey 12.4(M1&Intel) where our system extension is not getting activated, we are getting below error: OSSystemExtensionErrorCodeSignatureInvalid = 8 However I would like to update you that same build is working in other Mac system without any error. We have checked the code sign and notarisation of our system extension container app and found its code signed and notarised too. /Applications/*.app: accepted source=Notarized Developer ID we would request to please help us to know why its getting triggered and how we can resolve it. Thanks & Regards, Mohmad Vasim

Hi, I would like to update that we have a kext that has IOStorageFamily in OSBundleLibraries. I would like to know whether we can create DriverKit that support this family and embed in SystemExtension for deployment? and we have another kext that has combination of IOStorageFamily and IOUSBFamily in OSBundleLibraries. Please let me know whether such type of Kext can be converted into DriverKit. I am new to DriverKit development. Please let us know if there is any sample that has these bundles in DriverKit so that I can check. Please let us know if such are supported with DriverKit then what are the capabilities that we need to add in entitlement request so that it can get approved. Thanks & Regards, Mohmad Vasim

Hi, I am trying to create a system extensions and using that I need to block certain file types(pdf etc.) to get attached in Safari application. For this, I have created endpoint client and subscribed ES_EVENT_TYPE_AUTH_OPEN events and in handler I am checking the certain file types and trying to block those files in attaching into Safari application(gmail.com) by providing the verdict using es_respond_flags_result. However I can see that there is no ES_EVENT_TYPE_AUTH_OPEN event triggered in case of Safari, when we open gmail.com and try to attach the file. In case of Chrome, ES_EVENT_TYPE_AUTH_OPEN events are triggered when we open gmail.com and trying to attach the files and we are able to provide verdict for chrome. But if drag and drop file in Safari browser then we are getting ES_EVENT_TYPE_AUTH_OPEN and able to provide verdicts. Need your help to know whether I am following correct steps to block those file types in Safari application(gmail.com attachment) or there is any other way to achieve the desired functionality or its bug in Safari application as it’s not working with Endpoint security API with the specified scenario. Your early help will be appreciated. Thanks & Regards, Mohmad Vasim

Hi, I am trying to create a system extension and with the help of that I need to block certain file types(pdf etc.) to get attached in Mail application while composing email. For this, I have created endpoint client and subscribed ES_EVENT_TYPE_AUTH_OPEN event and in handler, I am checking the certain file types and trying to block those files in attaching into Mail application by providing the verdict using es_respond_flags_result . However I can see that file types are blocked(because its sending as 0 bytes file size) but at the same time file is getting attached in Mail application and I can send email with the file attached but once I received the email and trying to open the attachment, Its not able to open the file. It says “The file “SamplePdf.pdf” could not be opened because it is empty.” Need your help to know whether I am following correct steps to block those file types in Mail application or there is any other way to achieve the desired functionality or its bug in Mail application as it’s not working with Endpoint security API's verdict. Your early help will be appreciated. Thanks & Regards, Mohmad Vasim

Hi,I am creating an macOS application for checking whether website URL is associated with Apple News URL.Is there any way to understand whether any webpage link publish to Apple News? and if published then how to get Apple News link.There is a way to get the Original Website URL from Apple News link by loading the Apple News URL through URLSession and parsing the html contents and retriving the "redirectToUrlAfterTimeout" value and this link we can open in browser to view the same contents.However I would like to know is there any way(code or framework) that will help me to get the Apple News URL from Original Website URL....Thanks & Regards,Mohmad Vasim

I would like to execute (arp -a) command to get the all connected device IP address and MAC Address and I did by using Process class in swift however I would like to check whether that app will be store compatible.Another query related to same concerns:Whether our app will be accepted by Apple Store(will be store compatible) if executes other commands to utilize the output in our macOS app.