Contents

Alkenso/sEndpointSecurity

The package now is part of [SwiftSpellbook_macOS](https://github.com/Alkenso/SwiftSpellbook_macOS)

ESClient

ESClient is a Swift wrapper around EndpointSecurity C API with a bit extended functional for convenience

import sEndpointSecurity

//  Create ESClient
var status: es_new_client_result_t = ES_NEW_CLIENT_RESULT_ERR_INTERNAL
guard let client = ESClient(status: &status) else {
    print("Failed to create ESClient. Status = \(status)")
    exit(1)
}

//  Register message handlers
client.authMessageHandler = { message, callback in
    print("Auth message: \(try! message.converted())")
    callback(.allowOnce)
}

client.notifyMessageHandler = { message in
    print("Notify message: \(try! message.converted())")
}

//  Start receiving messages
guard client.subscribe([ES_EVENT_TYPE_AUTH_EXEC, ES_EVENT_TYPE_NOTIFY_EXIT]) else {
    print("Failed to subscribe to ES messages")
    exit(2)
}


withExtendedLifetime(client) { RunLoop.main.run() }

ES over XPC

ESXPCClient

ESXPCClient is client counterpart of ES over XPC implementation. It looks very close to ESClient, but have some differences due to asynchronous XPC nature

import sEndpointSecurity

//  Create ESXPCClient
let client = ESXPCClient(NSXPCConnection(serviceName: "com.alkenso.ESXPC"))

//  Register message handlers
client.authMessageHandler = { message, callback in
    print("Auth message: \(try! message.converted())")
    callback(.allowOnce)
}

client.notifyMessageHandler = { message in
    print("Notify message: \(try! message.converted())")
}

let status = try! client.activate()
guard status == ES_NEW_CLIENT_RESULT_SUCCESS else {
    print("Failed to activate ESXPCClient. Status = \(status)")
    exit(1)
}

//  Start receiving messages
client.subscribe([ES_EVENT_TYPE_AUTH_EXEC, ES_EVENT_TYPE_NOTIFY_EXIT]) { result in
    guard result.success == true else {
        print("Failed to subscribe to ES events")
        exit(2)
    }
    print("Successfully subscribed to ES events")
}


withExtendedLifetime(client) {}

ESXPCService

ESXPCService is service counterpart of ES over XPC implementation. It is created in the process that actually works with ES framework.

import sEndpointSecurity

let service = ESXPCService(
    listener: NSXPCListener.service(),
    createClient: ESClient.init
)
service.activate()

withExtendedLifetime(service) { RunLoop.main.run() }

Dependencies

The package is designed with the minimum dependencies. At the moment, it it the only one utility library SwiftSpellbook (no additional dependencies)

Package Metadata

Repository: Alkenso/sEndpointSecurity

Stars: 11

Forks: 0

Open issues: 2

Default branch: main

Primary language: swift

README: README.md

Archived: yes