Comments (12)
@rurza Could you take a look at #132 and confirm it works for you? I'm pretty sure it will as I tested it against BatFi, but since I'm not 100% sure how your app and helper tool are supposed to behave, you testing directly against this branch would be appreciated.
from securexpc.
Thanks for opening this issue, I'll take a look this weekend.
from securexpc.
@jakaplan I have a fork that "works". Please take a look :)
from securexpc.
@jakaplan I have a fork that "works". Please take a look :)
I took a look, but don't understand them. Are you trying to run the XPCServer
from within the app as opposed to the daemon?
from securexpc.
Also wanted to let you know I'm committed to working through this issue, but it might take a bit of time to communicate back and forth as we're far apart timezone wise: I'm in UTC+12 and it looks like you're in UTC+2.
from securexpc.
Hey! :)
Time difference isn't a problem – we have a public holidays in Poland right now and my time spent on coding is limited :)
But a big thank for your help!
My project is open source and you can check out two branches:
https://github.com/rurza/BatFi/tree/SecureXPC-sameTeamIdentifier
https://github.com/rurza/BatFi/tree/SecureXPC-sameBundle
The error I'm having with the sameBundle criteria is thrown by the server and it's:
SecureXPC.XPCError.misconfiguredServer(description: "This server does not have a parent bundle.\nPath components: [\"/\", \"Users\", \"rurza\", \"Library\", \"Developer\", \"Xcode\", \"DerivedData\", \"BatFi-hkjasvdzzboyvufdpvzqvkhemujc\", \"Build\", \"Products\", \"Debug\", \"BatFi.app\"]"
For the same teamIdentifier
I'm getting:
SecureXPC.XPCError.misconfiguredServer(description: "An SMAppService daemon must have a property list within its parent bundle\'s Contents/Library/LaunchDaemons /\ndirectory.")
from securexpc.
I now understand what's going wrong for you and why your PR did not make sense to me. Thank you for pointing me at your entire Xcode project, I would not have been able to figure this out otherwise!
The root cause of the issue is that my code is expecting Bundle.main.bundleURL
to return a path to the directory containing the executable running the XPCServer
and this is in fact what it does in my own test setups which located the daemon (or agent) in <App Name>.app/Contents/Resources/
directory in the app's bundle. Apparently when the daemon is located in the <App Name>.app/Contents/MacOS/
directory (as your Xcode project does) instead of returning a path to the executable it returns a path to the containing <App Name>.app
.
I will look for an alternate API that behaves consistently to fix this issue and then put up a PR.
from securexpc.
I don't see anything immediately wrong with the code as it currently exists. Could you provide me with the error message that's associated with the XPCError.misconfiguredServer
error? (If you don't currently have a good way of getting access to this, the easiest is using NSLog(...)
and looking for the result in Console.app)
It checks for the
Bundle
sbundleURL
and it assumes that it'll receive a path with theContents
folder.
It validates that the daemon or agent is located within its parent's application bundle. This means a Contents
folder must exist in its path.
It doesn't work in my case, it returns a path, but to the bundle itself (so the last component is
*.app
).
When you "it returns a path" what is "it" referring to?
Am I doing something wrong?
Possibly. Are you creating the XPCServer
in the daemon? And where is the daemon located within the parent app's directory structure?
from securexpc.
It validates that the daemon or agent is located within its parent's application bundle. This means a Contents folder must exist in its path.
I don't see anything immediately wrong with the code as it currently exists. Could you provide me with the error message that's associated with the XPCError.misconfiguredServer error? (If you don't currently have a good way of getting access to this, the easiest is using NSLog(...) and looking for the result in Console.app)
I'm getting XPCError.misconfiguredServer(description: "This server does not have a parent bundle.\n" "Path components: \(components)")
error. Despite the fact that both binaries (the app – client, and the server, mach service which is a product of Xcode's "Command line tool" template) are in the same bundle. Maybe that's the issue – is it expecting a bundle in the bundle?
from securexpc.
Is it literally logging "Path components: \(components)"
? When I asked what the error was I wanted to see what the components
value was.
A command line tool should work. Can you confirm you're using XPCServer
inside of the command line tool?
from securexpc.
Why do I need XPC? I need to run privileged process to make some changes in Apple's SMC. That's all. So ideally I would need to:
– launch the privileged helper, run the command, quit the helper
– not have to worry about updating the helper tool. Sure, I would like to have the guarantee that messages are coming from my client, but ideally I would always open the latest helper. That's why I need the launch and quit scenario.
from securexpc.
@jakaplan Everything is tip-top :)
from securexpc.
Related Issues (20)
- Transfer MTLSharedTextureHandle HOT 1
- setErrorHandler won't be called when using on server with startAndBlock HOT 5
- Validation fails for sandboxed Mach service HOT 1
- Sandbox memory exhaustion
- Add async variants of `XPCClient.send/sendMessage(...)` functions HOT 1
- Type errors in routes are conflated with missing routes HOT 2
- Add real XPC integration tests HOT 8
- Sample use case
- Verify that exporting a connection for a Mach service works correctly HOT 2
- Add support for client security requirements in anonymous services
- Throw error when attempting to reconnect to an anonymous service
- Document `startAndBlock()` must be called from main thread
- Verify that `endpoint` works for `XPCServiceServer` HOT 1
- Creating an `XPCAnonymousServer` or `XPCMachServer` and never starting it results in XPC API Misuse
- Client-level error handling HOT 6
- `XPC_ERROR_CONNECTION_INTERRUPTED` doesn't appear to actually behave as documented HOT 4
- [help] How can I use FileHandle as argument of withMessageType HOT 3
- Helper crashing in Catalina & Big Sur. HOT 9
- Using a concurrent DispatchQueue HOT 13
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from securexpc.