Skip to content

[codex] Handle CredWrite logon session failures#152

Draft
SirAndrosBot wants to merge 1 commit into
masterfrom
codex/issue-82-credwrite-logon-session
Draft

[codex] Handle CredWrite logon session failures#152
SirAndrosBot wants to merge 1 commit into
masterfrom
codex/issue-82-credwrite-logon-session

Conversation

@SirAndrosBot

Copy link
Copy Markdown
Collaborator

What changed

  • Added KeyStorageException, a presentable exception type for user-facing key-storage failures.
  • Mapped CredWrite ERROR_NO_SUCH_LOGON_SESSION / 0x520 to a clear warning message when Windows Credential Manager cannot save the database key.
  • Added elevated-process guidance to that warning when KeePass is running as Administrator.
  • Kept all other CredWrite failures on the existing reportable error path.
  • Updated the legacy KeePassWinHello.csproj so the new exception is included in PLGX/legacy builds.

Why

Issue #82 reports repeated generic bug-report dialogs from CredWrite error 0x520 while persistent storage is enabled and KeePass is running elevated.

Windows error 0x520 is ERROR_NO_SUCH_LOGON_SESSION: Windows Credential Manager cannot access the relevant logon session for the write. In this case the plugin should not tell users this is an unexpected internal bug; it should explain that the persistent key was not saved and point at the elevated-process condition when applicable.

Behavior notes

This PR deliberately does not disable Credential Manager storage, delete persistent Windows Hello keys, or silently fall back to in-memory storage. A first worker pass tried that, but review rejected it as too broad for a possibly transient storage write failure. The final patch is warning-only: it preserves existing persistent-storage state and keeps the failure visible.

Refs #82

Validation

  • Worker subagent implemented the initial fix in an isolated branch.
  • Reviewer subagent rejected the first version because it disabled persistent storage and could delete persistent auth material.
  • Patch was trimmed to warning-only behavior.
  • Reviewer subagent approved the trimmed version with no findings.
  • git diff --check passed with only Git LF-to-CRLF working-copy warnings.
  • MSBuild.exe src\KeePassWinHello.csproj /t:Rebuild /p:Configuration=Release /p:DefineConstants=MONO /p:FrameworkPathOverride=C:\Windows\Microsoft.NET\Framework\v4.0.30319 /p:ReferencePath=C:\proj\KeePassWinHello\lib passed with 0 warnings and 0 errors.

Manual test needed

  • Elevated KeePass with persistent storage enabled, reproducing CredWrite 0x520, to confirm the warning appears instead of the generic report dialog.

@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants