Hi, I'd like to write a network extension for a vpn product, that also filter several types of packets before they arrive to the tunnel represeted by the tunnel virtual interface (utun0) Is there anyway I can set the packet filtering to occur before the tunnel ? is it the default case ? Can I use the same network extension for both NEPacketTunnelProvider and NEFilterPacketProvider / NEFilterDataProvider ? thanks !

Hi, I've created persistent task from type launchDaemon based on bash script that should run one time upon first load. These are the contents of the plist file : <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.blabla.task</string> <key>RunAtLoad</key> <true/> <key>LaunchOnlyOnce</key> <true/> <key>Program</key> <string>/Library/Application\ Support/myComp /script.sh</string> </dict> </plist> However, when i load the plist using launchCtl, nothing happens and no meaningful log appears... However, when the Program location changes to /tmp/script.sh then everything is working great So i conclude that there's permission issue to access Library/Application\ Support, although the file permission is allow for all -rwxrwxrwx. But when I give back full disk access in privacy setting, it's working from the /Library.. path. My question is why does bash launchd task that runs with privileges, also requires this privacy acknowledge in order to run the script?

Hi, I'd like to establish connection between my application and a remote server. Ideally it would be using webSocket since the communication is bi-directional and asynchronous. However, In case the webSocket isn't established properly or failing sometime after it was created (due to firewall, proxy servers, network switching or any other reason), than I'd like to switch to using periodical simple HTTPS POST requests (keep alive messages) where the server-to-client data transferred on the responses. The server should also support both communication methods. The following code should reflect my approach. Please advise if this could work or perhaps there are built-in solutions in the framework. NSURL * reqUrl = [NSURL URLWithString:@"wss://mydomain.com"]; NSURLSession* session = [NSURLSession sessionWithConfiguration: [NSURLSessionConfiguration defaultSessionConfiguration]]; NSMutableURLRequest *req = [NSMutableURLRequest requestWithURL:reqUrl]; webSocketTaskWithURL * socketConnection = [URLSession webSocketTaskWithURL:url]; socketConnection.resume() [socketConnection sendMessage:message completionHandler: ^(NSError * e) { if (e != nil) { // fallback to https [req setHTTPBody:[message dataUsingEncoding:NSUTF8StringEncoding]] NSURLSessionDataTask *data_task_http = [session dataTaskWithRequest:req]; completionHandler: ^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) { /*blabla*/}]; [data_task resume]; }

Hi, I've got an object from type NSURLSessionWebSocketTask from which I create webSocket. However, currently it can only receive responses as can be seen here:    NSURLSessionWebSocketMessage * msg = [[NSURLSessionWebSocketMessage alloc] initWithString:myStringBody;   [socketConnection sendMessage:msg completionHandler: ^(NSError * e) {     if (e == nil) {       [socketConnection receiveMessageWithCompletionHandler:^(NSURLSessionWebSocketMessage * _Nullable message, NSError * _Nullable error) {        NSLog(@"got message = %@", message.string);       }];   }]; I'd like to be able to receive messages from server that wasn't triggered from client request (messages that initiated by the server). Ideally, i wish to get them in some sort of queue (maybe NSOperationQueue or dispatch queue). But the bottomline should be that some listener would work in the background. Perhaps there's some delegate to implement this requirement ?

I've got the following code that I use to communicate with a remote server. However, when the response contain a large enough file, the callback block never called, the only thing that trigger the callback, is when I explicitly invoke the cancel method after some timeout from the NSURLSession task (_dataTask). notice that using tcpdump I did observe that the response was properly received on the client side. NSURLSessionConfiguration* config = [NSURLSessionConfiguration defaultSessionConfiguration]; NSOperationQueue *queue = [[NSOperationQueue alloc] init]; queue.maxConcurrentOperationCount = 1; NSURLSession* session = [NSURLSession sessionWithConfiguration:config delegate:nil delegateQueue:queue]; _dataTask = [session dataTaskWithRequest:req completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) { if ([error code] == NSURLErrorCancelled) { writeLog(LOG_ERROR, "NSURLErrorCancelled"); } else { <my completion callback> } }]; [_dataTask resume] I'd like to know if using dataTask has response size limit (because it's working for small files on response body) and if there is such a limit, so which other method should I use in order to overcome it. I saw that there's an alternative method in NSUrlsession dedicated for downloading files called downloadTaskWithRequest but it doesn't have an async completion block.

Hi, I've set the C++ language dialect in my project to c++2a. Than it failed on compiling .mm file which has the following line @import AppKit; But if replace it with the following line and link with framework from project build phases, than it works. #import <AppKit/AppKit.h> My .mm file is including for adapter swift header file (*-Swift.h) which is auto generated and has this @import directive. is it a known issue, should I file a bug ?

I've got an mach-o executable that runs from launchDaemon plist file, and is communicating with other processes using unix domain socket. The file that backs this socket created in /tmp. However, this cause the executable to fail reading the file unless given full disk access. I'd like to find a location for the socket file, which is shared to all processes and doesn't require full disk access. the executable reside in /Library/Application Support/myProj/bin/exec_file is there such location ? Perhaps can i use the same location of the executable itself ?

Hi, I'm looking for a way to integrate clang-tidy rules with my xcode project. is there a way xcode can read .clang-tidy files and add the rules to each compilation line ? I couldn't find anyway to do it, so i presume it's unsupported. but perhaps there can be some workaround i can use to modify the compilation according to clang-tidy rules that the IDE read from a file. thanks !

I'd like to get an indication about the context in which my process is running from. I'd like to distinguish between the following cases : It runs as a persistent scheduled task (launchDaemon/launchAgent) It was called on-demand and created by launchd using open command-line or double-click. It was called directly from command-line terminal (i.e. &gt; /bin/myProg from terminal ) Perhaps is there any indication about the process context using Objective-c/swift framework or any other way ? I wish to avoid inventing the wheel here :-) thanks

I'd like to add a short script that runs clang-format upon trying to save a file in Xcode project. the script will do the following command : #!/bin/zsh /usr/local/bin/clang-format -i <saved_file> Does Xcode support this feature (in visual studio it's called format-on-save :  https://code.visualstudio.com/updates/v1_6#_format-on-save

Consider a C++ method that retrieve struct of native typed arguments like enum class, sub-structs, std::string, int, etc... I'd like to create a swift API that return the same struct but in swift variables for example : class ErrorMessage { public: int status; std::string message; }; class serverResponse { public: ErrorMessage error; std::string str_value; std::uint16_t int_val; std::time_t last_seen; EnumVal status; }; serverResponse getServerResponse(); So I'd like to convert it to the swift equivalent struct with native members open class serverResponseSwift : NSObject { open class var error: ErrorMessage { get } open var str_value: String { get } open var int_val: UInt16 { get } open var status: EnumVal { get } }; I know that direct conversion is not yet possible so I need to use objective-C++ code as a mediator. So I've used a bridging header to include the converting method in objective-C++ which will look like this : @interface Converter - (serverResponseSwift) getServerStatusSwift; @end and the equivalent .mm file will implement the conversion function, but can I use the swift Class in objective-c in order to fill it up according to the CPP serverResponse ? @implementation Converter - (serverResponseSwift) getServerStatusSwift { serverResponse x = getServerResponse(); /// How do I create serverResponseSwift out of serverResponse } Thanks !

Hi, I was wondering if there's any limitation for the context where I initialize my xpc service. This is the code that initialize my xpc service : listener_ = [[NSXPCListener alloc] initWithMachServiceName:@"com.bla.bla"]; xpcService *delegate = [xpcService new]; listener_.delegate = delegate; [listener_ resume];  [[NSRunLoop mainRunLoop] run]; Doing it from the main method and everything works just fine. However, when calling it from different method(main)/thread(main thread)... It doesn't accept remote calls although it seems like the listener was properly initialized. I even tried to wrap this code to run on the main thread using the following wrapper dispatch_sync(dispatch_get_main_queue(), ^{ listener_ = [[NSXPCListener alloc] initWithMachServiceName:@"com.bla.bla"]; xpcService *delegate = [xpcService new]; listener_.delegate = delegate; [listener_ resume]; } where the [[NSRunLoop mainRunLoop] run]; is called from the main method... So my question is what are the requirements to make the XPC work.. is it mandatory to call it from the main method ?

I've got an array of strings that I want to present using swiftUI Picker widget. Each string is composed of multiple words delimited by spaces. I'd like to get the Picker showing the full string of each item in the list, while the selection variable should only get the first word (the selected item is stored in arg) This was my attempt to do so. notice that the object that hold the items called myHandler, and it's shared to the swiftUI view, and can be modified by external swift closure: class myHandler: ObservableObject { @Published var items = [String]() } struct ContentView: View { @State var arg: String = "" @ObservedObject var handler : myHandler ... VStack { Picker("items", selection: $arg) { Text("AAA").tag("***") Text("BBB").tag("yyy") Text("CCC").tag("zzz") ForEach(handler.items , id: \.self, content: { Text($0).tag($0.components(separatedBy: " ")[0]) }) } } .frame() TextField("firstword", text: $arg).frame() For the options outside the ForEach statement, I can see that arg get the value written in the tag. However, for all options that derived from the ForEach, I see that arg equals to the iterable item ($0) which is the multi work string, and not to the first word as expected. Any idea how to fix those items that are generated from the ForEach, so that selection of such item, will set the arg to the string value of the first word in the iterator ?

Hi, I was wondering if there's any option to run xcodebuild to compile the project and skip the code signing phase, even though, a signing account is set in the project under signing and capabilities. The motivation for that, is that on some occasions, my project get built using GitLab CI/CD pipeline, which have machine pool that doesn't have Xcode with account. So I'd like to build only and check that nothing got broken. thanks

Hi, I’d like to perform client-side certificate authentication from https based connection in macOS. I’m using the method didReceiveChallenge from URLSession. However, I cannot read the keychain directly since my process is running as Daemon, and my client certificate reside in login keychain. So I've followed the guidance from this question https://developer.apple.com/forums/thread/106851, and sent this authentication request to a user-based process which is running in the current user so it has access to the keychain. After I acquire the NSURLCredential object, I’d like to return it back to the Daemon, so it may run the completionHandler with that credential. However, After I successfully create the NSURLCredential in the user process, and send it back using some reply callback. It looks like the object didn’t serialized properly and I get the following error : Exception: decodeObjectForKey: Object of class "NSURLCredential" returned nil from -initWithCoder: while being decoded for key <no key> Here’s my client side code ( I made sure that the server side create a valid NSURLCredential object). and the problem occur after I send the XPC request, right when i’m about to get the callback response (reply) - (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler { if (challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodClientCertificate) { [myXpcService getCertIdentityWithAcceptedIssuers:challenge.protectionSpace.distinguishedNames withReply:^(NSURLCredential *cred, NSError *error) { if (error != nil) { completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil); } else { completionHandler(NSURLSessionAuthChallengeUseCredential, cred); } }]; } Perhaps anybody can tell me what did I do wrong here ? Does XPC is capable to pass complex objects like NSURLCredentials ? thanks !