From 7efe4e4f2a99450f3e6a15447a2ea816f9be848d Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Wed, 24 Feb 2021 21:42:20 +0100 Subject: Windows: Fix freeze when password dialog displayed in secure desktop and try to access token keyfiles protected by PIN --- src/Common/Dlgcode.c | 38 ++++++++++++++++++++++++++++++++++++-- src/Common/Dlgcode.h | 4 +++- 2 files changed, 39 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index 14c57f3e..8e1e0070 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -235,7 +235,8 @@ static std::vector rawHostDeviceList; CRITICAL_SECTION csSecureDesktop; /* Boolean that indicates if our Secure Desktop is active and being used or not */ -BOOL bSecureDesktopOngoing = FALSE; +volatile BOOL bSecureDesktopOngoing = FALSE; +TCHAR SecureDesktopName[65]; HINSTANCE hInst = NULL; HCURSOR hCursor = NULL; @@ -12214,6 +12215,35 @@ BOOL CALLBACK SecurityTokenKeyfileDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam return 0; } +extern "C" BOOL IsThreadInSecureDesktop(DWORD dwThreadID) +{ + BOOL bRet = FALSE; + if (bSecureDesktopOngoing) + { + HDESK currentDesk = GetThreadDesktop (dwThreadID); + if (currentDesk) + { + LPWSTR szName = NULL; + DWORD dwLen = 0; + if (!GetUserObjectInformation (currentDesk, UOI_NAME, NULL, 0, &dwLen)) + { + szName = (LPWSTR) malloc (dwLen); + if (szName) + { + if (GetUserObjectInformation (currentDesk, UOI_NAME, szName, dwLen, &dwLen)) + { + if (0 == _wcsicmp (szName, SecureDesktopName)) + bRet = TRUE; + } + free (szName); + } + } + } + } + + return bRet; +} + BOOL InitSecurityTokenLibrary (HWND hwndDlg) { @@ -12238,6 +12268,8 @@ BOOL InitSecurityTokenLibrary (HWND hwndDlg) HWND hParent = IsWindow (m_hwnd)? m_hwnd : GetActiveWindow(); if (!hParent) hParent = GetForegroundWindow (); + if (IsThreadInSecureDesktop(GetCurrentThreadId()) && !IsThreadInSecureDesktop(GetWindowThreadProcessId(hParent, NULL))) + hParent = GetActiveWindow (); if (SecureDesktopDialogBoxParam (hInst, MAKEINTRESOURCEW (IDD_TOKEN_PASSWORD), hParent, (DLGPROC) SecurityTokenPasswordDlgProc, (LPARAM) &str) == IDCANCEL) throw UserAbort (SRC_POS); } @@ -13847,7 +13879,7 @@ INT_PTR SecureDesktopDialogBoxParam( INT_PTR retValue = 0; BOOL bEffectiveUseSecureDesktop = bCmdUseSecureDesktopValid? bCmdUseSecureDesktop : bUseSecureDesktop; - if (bEffectiveUseSecureDesktop) + if (bEffectiveUseSecureDesktop && !IsThreadInSecureDesktop(GetCurrentThreadId())) { EnterCriticalSection (&csSecureDesktop); bSecureDesktopOngoing = TRUE; @@ -13893,6 +13925,8 @@ INT_PTR SecureDesktopDialogBoxParam( HANDLE hThread = ::CreateThread (NULL, 0, SecureDesktopThread, (LPVOID) ¶m, 0, NULL); if (hThread) { + StringCbCopy(SecureDesktopName, sizeof (SecureDesktopName), szDesktopName); + WaitForSingleObject (hThread, INFINITE); CloseHandle (hThread); diff --git a/src/Common/Dlgcode.h b/src/Common/Dlgcode.h index baf07a5c..6370c2a7 100644 --- a/src/Common/Dlgcode.h +++ b/src/Common/Dlgcode.h @@ -124,7 +124,8 @@ extern BOOL bHideWaitingDialog; extern BOOL bCmdHideWaitingDialog; extern BOOL bCmdHideWaitingDialogValid; extern BOOL bUseSecureDesktop; -extern BOOL bSecureDesktopOngoing; +extern volatile BOOL bSecureDesktopOngoing; +extern TCHAR SecureDesktopName[65]; extern BOOL bUseLegacyMaxPasswordLength; extern BOOL bCmdUseSecureDesktop; extern BOOL bCmdUseSecureDesktopValid; @@ -550,6 +551,7 @@ BOOL LaunchElevatedProcess (HWND hwndDlg, const wchar_t* szModPath, const wchar_ BOOL GetFreeDriveLetter(WCHAR* pCh); BOOL SetPrivilege(LPTSTR szPrivilegeName, BOOL bEnable); BOOL DeleteDirectory (const wchar_t* szDirName); +BOOL IsThreadInSecureDesktop(DWORD dwThreadID); INT_PTR SecureDesktopDialogBoxParam (HINSTANCE, LPCWSTR, HWND, DLGPROC, LPARAM); BOOL VerifyModuleSignature (const wchar_t* path); void GetInstallationPath (HWND hwndDlg, wchar_t* szInstallPath, DWORD cchSize, BOOL* pbInstallPathDetermined); -- cgit v1.2.3