From 3ca14678bd014fd53881b308610c05c8791f7866 Mon Sep 17 00:00:00 2001
From: Bernd Schoolmann <mail@quexten.com>
Date: Mon, 17 Jul 2023 05:42:21 +0200
Subject: [PATCH] Fix deadlock & unlocking

---
 agent/actions/login.go | 12 ++++++++++++
 agent/actions/vault.go | 22 ++++++++++++----------
 agent/config/config.go | 29 +++++++++++++++++++----------
 3 files changed, 43 insertions(+), 20 deletions(-)

diff --git a/agent/actions/login.go b/agent/actions/login.go
index 2379ccb..ad709e0 100644
--- a/agent/actions/login.go
+++ b/agent/actions/login.go
@@ -13,6 +13,18 @@ import (
 )
 
 func handleLogin(msg ipc.IPCMessage, cfg *config.Config, vault *vault.Vault, callingContext sockets.CallingContext) (response interface{}, err error) {
+	if !cfg.HasPin() {
+		response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
+			Success: false,
+			Message: "No pin set. Set a pin first!",
+		})
+		if err != nil {
+			return nil, err
+		}
+
+		return
+	}
+
 	req := msg.ParsedPayload().(ipc.DoLoginRequest)
 
 	ctx := context.Background()
diff --git a/agent/actions/vault.go b/agent/actions/vault.go
index 1fd8845..c3fe7c6 100644
--- a/agent/actions/vault.go
+++ b/agent/actions/vault.go
@@ -41,7 +41,7 @@ func handleUnlockVault(request ipc.IPCMessage, cfg *config.Config, vault *vault.
 	if err != nil {
 		response, err = ipc.IPCMessageFromPayload(ipc.ActionResponse{
 			Success: false,
-			Message: "wrong pin",
+			Message: "wrong pin: " + err.Error(),
 		})
 		if err != nil {
 			panic(err)
@@ -50,15 +50,17 @@ func handleUnlockVault(request ipc.IPCMessage, cfg *config.Config, vault *vault.
 		return
 	}
 
-	token, err := cfg.GetToken()
-	if err == nil {
-		if token.AccessToken != "" {
-			ctx := context.Background()
-			bitwarden.RefreshToken(ctx, cfg)
-			token, err := cfg.GetToken()
-			err = bitwarden.SyncToVault(context.WithValue(ctx, bitwarden.AuthToken{}, token.AccessToken), vault, cfg, nil)
-			if err != nil {
-				fmt.Println(err)
+	if cfg.IsLoggedIn() {
+		token, err := cfg.GetToken()
+		if err == nil {
+			if token.AccessToken != "" {
+				ctx := context.Background()
+				bitwarden.RefreshToken(ctx, cfg)
+				token, err := cfg.GetToken()
+				err = bitwarden.SyncToVault(context.WithValue(ctx, bitwarden.AuthToken{}, token.AccessToken), vault, cfg, nil)
+				if err != nil {
+					fmt.Println(err)
+				}
 			}
 		}
 	}
diff --git a/agent/config/config.go b/agent/config/config.go
index 6d60fd6..18f92e6 100644
--- a/agent/config/config.go
+++ b/agent/config/config.go
@@ -74,6 +74,10 @@ func (c *Config) IsLocked() bool {
 	return c.key == nil
 }
 
+func (c *Config) IsLoggedIn() bool {
+	return c.ConfigFile.EncryptedMasterPasswordHash != ""
+}
+
 func (c *Config) Unlock(password string) bool {
 	c.mu.Lock()
 	defer c.mu.Unlock()
@@ -150,11 +154,11 @@ func (c *Config) UpdatePin(password string, write bool) {
 	if err5 == nil {
 		c.ConfigFile.EncryptedMasterKey, err5 = c.encryptString(plaintextMasterKey)
 	}
+	c.mu.Unlock()
 
 	if write {
 		c.WriteConfig()
 	}
-	c.mu.Unlock()
 }
 
 func (c *Config) GetToken() (LoginToken, error) {
@@ -366,18 +370,23 @@ func (cfg *Config) TryUnlock(vault *vault.Vault) error {
 	if err != nil {
 		return err
 	}
-	cfg.Unlock(pin)
+	success := cfg.Unlock(pin)
+	if !success {
+		return errors.New("invalid PIN")
+	}
 
-	userKey, err := cfg.GetUserSymmetricKey()
-	if err == nil {
-		key, err := crypto.SymmetricEncryptionKeyFromBytes(userKey)
-		if err != nil {
+	if cfg.IsLoggedIn() {
+		userKey, err := cfg.GetUserSymmetricKey()
+		if err == nil {
+			key, err := crypto.SymmetricEncryptionKeyFromBytes(userKey)
+			if err != nil {
+				return err
+			}
+			vault.Keyring.AccountKey = &key
+		} else {
+			cfg.Lock()
 			return err
 		}
-		vault.Keyring.AccountKey = &key
-	} else {
-		cfg.Lock()
-		return err
 	}
 
 	return nil