I have created a CMIO (CoreMediaIO) plug-in for OS X that can access media hardware (in my case a virtual camera) using as the basis the Apple's example with SDK. Everything works perfectly but now before releasing I came across the problem of getting the unique media plug-in identifier:
There is not really much the documentation for CoreMedia.framework in general, and I'm curious is there a way to get this unique plug-in identifier in some shared database or something?
So eventually I used TSIs and got the next response from Apple:
As long as you’re properly generating the
UUID, nothing else is required to ensure uniqueness. The generation process
itself guarantees uniqueness. As for generating the UUID, the command line
tool “uuidgen” can take care of that:
https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/uuidgen.1.html
Related
In Order use a PLC as a Client (formerly “Slave”), one has to configure the PDO channels, since the default values of the manufacturer are often not suitable. In my case, I need the PDOs so send INT valued instead of the default UNSIGNED8 (see. Picture).
Therefore my question: What kind of workflow would you recommend, to map the CANopen Client PDO channels?
I found the following workflow suitable, however I appreciate any improvements and recommendations from your side!
Start by locating the .eds file from the manufacturer. The image show this in the B&R Automation Studio Programming Environment
Open the file in a eds. Editor. I found the free Vector CANEds Editor very useful. Delete all RxPODs and RxPDO mappings that you don’t need.
Assign the needed Data Type (e.g. INTEGER16) and Channel Name (“1 Byte In (1)”).
Add the necessary PDOs and PDO mapping from the database. (This might actually be a bug, but if you just edit the PDOs without deleting and recreating them, I always receive error messages)
Map the Date to the Channels
Don't forget to write the number of channels in the first entry (in this image: 1601sub0)
Check the eds file for Errors (press F5) and copy&paste the eds file to the original location point 1.)
Add the PLC Client device in Automation Studio and you should see the correct mappings.
(PS: I couldn't make the images smaller ... any recommendations about formating this question are welcome!)
I want to be able to iterate over a Mac OS Resource Fork so a Cocoa Window can show how many resources there is for a specific resource type (I.e., 'MADI').
I want to use the (yes, I know they're deprecated) Carbon Resource Manager functions. The only way I can think of to get all the values is to brute-force my way from SHORT_MIN to SHORT_MAX for each OSType to check for.
Part of the problem is that there's no documentation in the header, and I am loathe to download the legacy API reference due to its size.
It seems that I got Get1IndResource() and Get1Resource() mixed up in my brain.
Get1IndResource() iterates based on the order a specific resource is in a resource file/fork, starting from 1 instead of 0 (most likely from when the Mac API was written/used by Pascal). Get1Resource() gets resource data from the resource ID number.
I'm working on something that needs to install files periodically into a folder in /Library.
I understand that in the past I could have used one of the Authenticate methods but those have since been deprecated in 10.7.
What I've understood from my reading so far:
I should create a helper that somehow gets authenticated and have that helper do all of the moving tasks. I've taken a look at some of the sample code, including some involving XPC and one called Elevator but I'm a bit confused.
A lot of it seems to deal with setting up some sort of client / server model but I'm not sure how this would translate into me actually installing my files into the correct directories. Most of the examples are just passing strings.
My question simply: How can I create my folder in /Library programmatically and periodically write files to it while only prompting the user for a password ONCE and never again? I'm really not sure how to approach this and there doesn't seem to be much documentation.
You are correct that there isn't much documentation for this. You'll basically write another app, the helper app, which will get installed with SMJobBless(). Not surprisingly,
the tricky part here is the code signing. The least obvious part for me was that the SMAuthorizedClients and SMPrivilegedExecutables entries in the info plist files of each app are dependent on the identity/certificate that you used to sign the app with. There is also a trick with the compiler/linker to getting the info plist file compiled into the helper tool, which will be a single executable file, rather than a bundle.
Once you get the helper app up and running then you have to devise a way to communicate with it since these are two different processes. XPC is one option, perhaps the easiest. XPC is typically used with server processes, but what you are using here is the communication side of XPC only. Basically it passes dictionaries back and forth between the two apps. Create a standard format for the dictionary. I used #"action", #"source", and #"destination" with 3 different action values, #"filemove", #"filecopy", and #"makedirectory". Those are the 3 things that my helper app can do and I can easily add more if necessary.
The helper app will basically setup the XPC connection and event handler stuff and wait for a connection and commands. The commands will just be a dictionary so you check for the appropriate keys/values and do whatever.
I can provide more details and code if you need more help, but this question is 9 months old so I don't want to waste time giving you details you've already figured out.
It seems that once an Ocean Workstep derivative class has been released to production (and is used by clients), its name, namespace and assembly name are effectively locked for future updates (in order to ensure backwards compatibility).
When a Petrel project is saved, workstep references are saved as a full type name (namespace, class, strong assembly name) inside the binary file Classes.ptd. During loading, if the exact type name (assembly version seems to be ignored) can't be resolved, the workstep appears as "workstep not available" in the workflow editor.
In other instances of binary serialization we've encountered, Petrel makes use of the SerializationBinder registered with PetrelSystem.ProjectSerializationService - not so for Workstep instances.
Is there any other way to facilitate Workstep class/namespace/assembly renames?
Why is this behaviour so poorly documented (if at all)? Have we misunderstood something?
This issue will actually be fixed with the Ocean 2012.1 API. The workstep reference will not include the version number anymore: Both workstep and process serialization is cleaned up. Version number is not serialized (and not used on deserialization) and a UniqueId can be used instead of the type name.
Here is an extract of the 2012.1 Ocean release notes on the subject.
Process and Workstep Unique Id
Namespace: Slb.Ocean.Petrel.Workflow
Processes and worksteps created through Ocean did not have a proper identifier until now. They were identified by their full type name including the version number which means that their identifier could change, for instance, if:
- The version number of the plug-in assembly was increased (e.g. new plug-in install).
- The process/workstep class was moved to a new assembly.
- The namespace of the process/workstep class was changed.
This could cause issues in Petrel such as the display of a “broken link” instead of the process name in the Favorites tree or a workstep appearing as "workstep not available" in the workflow editor.
To solve this, Ocean has removed the version number from the process and workstep identifier and is delivering a new API to support a user defined identifier for custom processes and worksteps which will be unique across the Petrel application. Any process/workstep created through Ocean should now implement a unique identifier.
Please refer to:
- Process.UniqueId to define unique identifier for processes
- Workstep.UniqueId to define unique identifier for worksteps.
The new API also offers backward compatibility support for already serialized processes/worksteps and a few changes in the serialization logic. When a legacy project is being opened the old-style ids are automatically replaced by new ids during deserialization.
Best Regards,
Gaelle
This question already has answers here:
How to obtain codesigned application certificate info
(2 answers)
Closed 8 years ago.
I have app signed. I created an identity and used codesign to sign my app as per Apple's Code Signing Guide.
Now, how do I check the signature from within my application?
I need to verify this on Cocoa apps (Objective-C) and apps written in C.
You could use NSTask and run "codesign --verify" and check the exit status. Of corse if the program was altered it could be altered to remove the check, so I'm not sure what that buys you.
If you are not worried about directed tampering (like the kind that might remove your check of the signature) you can use the codesign "kill" option, if you do merely executing means the signature is valid (at least for all pages that have been executed so far...but if a not-yet-resident page has been tampered with you will get killed when that one is read in anyway).
Maybe if you could explain a little more about why you want to verify the signature a better answer could be formed.
Note: Currently MacOS X does not verify signed code prior to execution. This may be different for sandboxed code, and it would seem sensible that it is otherwise anybody could edit the entitlements.
To check an applications signature from within the application itself you use the Code Signing Services. In particular look at SecCodeCheckValidity. The code to do the checking is not long, but there is quite a bit to understand so I won't give a code sample - you need to read and understand the documentation.
Checking the signature allows your application to detect changes to its code & resources and report it is "damaged" (it may well be, not all changes are malicious) and refuse to run. Adding such code does not of course guarantee your code is not damaged, but certainly it does raise the barrier higher against intentional damage (and if MacOS X starts doing the check itself then there will be a big win).
The way signiture verification is implemented on iOS is that when an application is being launched, the launchd daemon decrypts the binary using that device's specific private key (this is why you can't just decompile apps or copy-paste them from one device to another), if the decryption fails, the application fails to launch.
The native tools that do this are not available within applications due to the iOS sandboxing.
If you're simply attempting to track if someone has modified your binary, you can perform an MD5 or SHA1 hash of it, store it in NSUserDefaults and compare it at each app start. If the hash changes between executions you know it has been modified (possibly by a legitimate application update or possibly nefariously.)
Here's an example on how to get the hash of an NSData.
The binary file you're looking for is: AppName.app/AppName