Firemonkey OS X - Request elevated permissions - macos

I'm developing an OS X Firemonkey application that needs to launch "openvpn", but OpenVPN needs administrator permissions to create the tunnel interface.
I am trying to convert the first sample from this blog post to Delphi:
http://www.michaelvobrien.com/blog/2009/07/authorizationexecutewithprivileges-a-simple-example/
Attempting to run this code, sometimes results in the authorisation prompt as expected, but clicking OK completely freezes the debugger and whole system needs to be powered off. It works better running without the debugger, but still sometimes will freeze...
I've caught the return code before it crashes a couple of times, and it was errAuthorizationToolExecuteFailure
I'm not very familiar with how OSX does things, is there a better method? Apple doesn't recommend using AuthorizationExecuteWithPrivileges for this. I don't know of any other way to run openvpn with the permissions it needs.
uses
Macapi.CoreFoundation, Macapi.Foundation, Macapi.Security;
const
kAuthorizationEmptyEnvironment = nil;
procedure TForm1.Button1Click(Sender: TObject);
var
AuthRef: AuthorizationRef;
Status: OSStatus;
begin
Status := AuthorizationCreate(nil,kAuthorizationEmptyEnvironment,kAuthorizationFlagDefaults,#AuthRef);
Status := AuthorizationExecuteWithPrivileges(AuthRef,'/sbin/dmesg',0,'',nil)
end;

The arguments parameter of AuthorizationExecuteWithPrivileges expects a pointer to an array of PAnsiChars that is terminated with a nil pointer as the last array item. You are simply passing a pointer to an empty string. That is going to give you random crashes depending on what happens to be in memory after the pointer to the empty string.
Try this:
procedure TForm1.Button1Click(Sender: TObject);
var
AuthRef: AuthorizationRef;
Status: OSStatus;
argv: array[0..0] of PAnsiChar;
begin
ArgV[0] := nil;
AuthRef := nil;
Status := AuthorizationCreate(nil,kAuthorizationEmptyEnvironment,kAuthorizationFlagDefaults,#AuthRef);
Status := AuthorizationExecuteWithPrivileges(AuthRef, '/sbin/dmesg', 0, #argv[0], nil);
AuthorizationFree(AuthRef, kAuthorizationFlagDefaults);
end;

Related

Objects are being released when compiling to macOS X

I'm rewriting an app for OS X (which is running in a VirtualBox). When I compile all my objects are released. I'm a novice programmer and this is my first mac app, so I'm not even completely sure this is the problem.
I have installed RAD PAServer to OS X. In this terminal I get the following error messages:
__NSAutoreleaseNoPool(): Object 0x4237a10 of class NSPathStore2 autoreleased with no pool in place - just leaking
__NSAutoreleaseNoPool(): Object 0x664dc3c of class NSCFString autoreleased with no pool in place - just leaking
These are just 2 examples of a large variety or error messages, which all start with __NSAutoreleaseNoPool().
RAD Studio XE-5 doesn't give any error messages when compiling to OS X or a Win32 target platform.
I hope to have informed you sufficiently.
Update:
I have added a TCalendarEdit to my form. When I click on it in OS X, the program crashes and I get the following runtime error message in the PAServer terminal:
malloc: *** error for object 0x127e99d4: incorrect checksum for freed object - object was probably modified after being freed.
Update 2:
It seems not every object is released. This code works:
procedure TForm4.Button1Click(Sender: TObject);
begin
label1.Text := 'bladibla';
end;
And when I recreate TCalendarEdit functionality this way, all is fine:
var
CalendarButton: TButton;
procedure TForm4.Button7Click(Sender: TObject);
begin
Calendar1.Visible := true;
Calendar1.Position.X := Button7.Position.X;
CalendarButton := Button7;
end;
procedure TForm4.Calendar1DateSelected(Sender: TObject);
begin
if CalendarButton = Button6 then
Button6.Text := DateToStr(Calendar1.Date);
if CalendarButton = Button7 then
Button7.Text := DateToStr(Calendar1.Date);
Calendar1.Visible := false;
end;

Readkey in Pascal (Unknown Identifier)

I am learning how to use the graphic mode from Pascal (Using Turbo Pascal 5.5). This is a simple code, which shows me the graphic mode with some messages:
program GraficoPri
uses Graph;
var Driver, Modo : Integer;
begin
Driver := VGA;
Modo := VGAHi;
InitGraph(Driver,Modo,'P:BGI');
{Using DOSBox, P: is a mounted drive I created where all TP files are stored}
SetTextStyle(SansSerifFont,0,2);
SetColor(Red);
OutTextXY(120,60,'Welcome to graphic mode');
Writeln('Push any button to continue'};
Readkey;
CloseGraph;
End.
Well, the problem I'm having is that "Readkey;" is giving me a 'Unknown Identifier' error. I tried changing the line with "Readln;" and it worked fine. What is the problem here?
Thank you!
Readkey is from the crt library, so you need to change
uses graph
to
uses wincrt, graph
Also, readkey is always used as a variable declaration. For example,
ch := readkey;
If you just want to push a button to continue, you should use a repeat-until keypressed loop.
repeat
until keypressed;
This will wait and do nothing until the user presses a key.

Communication with two application on Windows with DELPHI

I have two applications and would like the two to communicate texting when a release exception.
The problem is as follows:
in an application I use the function
Application.Handle
to grab the handle of the application.
And in my client I use:
ServerApplicationHandle: = FindWindow ('TForm1', 'Form1');
To know which application should I send the message, but both return different numbers, they would know tell me why?
As already explained (Main)Form and Application are two different things.
Since Delphi 2007 there is another behavior to note.
In dependency of Application.MainformOnTaskbar you are able (or not) to get the handle via Findwindow.
A little snipplet to show the different behavior
var
FW_ah, FW_mfh, ah, mfh: THandle;
Procedure Display(OnTask: Boolean);
begin
Application.MainFormOnTaskbar := OnTask;
ah := Application.Handle;
mfh := MainForm.Handle;
FW_ah := FindWindow(PChar(Application.ClassName), PChar(Application.Title));
FW_mfh := FindWindow(PChar(ClassName), PChar(Caption));
Showmessage(Format('ah: %d FW_ah: %d - mfh: %d FW_mfh: %d', [ah, FW_ah, mfh, FW_mfh]));
end;
begin
Display(true);
Display(false);
end;
Application.Handle is the window handle for the hidden window associated with the global Application object.
FindWindow('TForm1', 'Form1') will return the window handle of a top-level form in your application.
These are indeed not the same thing. You could, I suppose, use Form1.Handle instead of Application.Handle. However, you would need to be wary of window re-creation.
Frankly this doesn't sound like the best way to do inter-process communication. Perhaps you might consider sockets or named pipes.

SCardEstablishContext hangs as a service

Why might SCardEstablishContext hang, never to return, when called from a service?
I have code that works fine on lots of Windows installations. It accesses a Cherry keyboard's Smart Card reader (6x44) to read data on a smart card. It works fine on most PCs it has been tried on. However, on some PCs, running in Spain with Spanish Windows, the SCardEstablishContext function never returns. I cannot work out why this might be. I have logging either side of it, but the log entry after it does not appear. I cannot then shut it down (the worker thread is getting stuck), and have to kill it.
Exactly the same thread code works fine if run from an application, and not a service. Giving the service login settings of a user instead of system makes no difference.
I've installed Spanish XP on a machine here, but it works just fine. The far end has the same Winscard.dll version as I have here (both at XP SP3 status). No errors are shown in the event log.
How might I work out what is going wrong, and what might be fixing it? (Delphi code below)
// based on code by Norbert Huettisch
function TPCSCConnector.Init: boolean;
var
RetVar: LongInt;
ReaderList: string;
ReaderListSize: integer;
v: array[0..MAXIMUM_SMARTCARD_READERS] of string;
i: integer;
begin
Result := false;
FNumReaders := 0;
{$IFDEF MJ_ONLY}
LogReport(leInformation, 'About to call SCardEstablishContext');
{$ENDIF}
RetVar := SCardEstablishContext(SCARD_SCOPE_USER, nil, nil, #FContext);
{$IFDEF MJ_ONLY}
// never gets to report this (and logging known good etc)
LogReport(leInformation, 'SCardEstablishContext result = ' + IntToStr(RetVar));
{$ENDIF}
if RetVar = SCARD_S_SUCCESS then
begin
There may be different reasons why the API function appears to hang, like a deadlock, or an invisible message box or dialog waiting for user input. You should try to get a stacktrace using WinDbg.
You should also make sure that you are trying to reproduce the bug in the same environment. Important points might be whether Fast User Switching is active and whether other users are logged on, also that there are the same device drivers and services running.

What do I have to do to make my WH_SHELL or WH_CBT hook procedure receive events from other processes?

I'm trying to use SetWindowsHookEx to set up a WH_SHELL hook to get notified of system-wide HSHELL_WINDOWCREATED and HSHELL_WINDOWDESTROYED events. I pass 0 for the final dwThreadId argument which, according to the docs, should "associate the hook procedure with all existing threads running in the same desktop as the calling thread". I also pass in the handle to my DLL (HInstance in Delphi) for the hMod parameter as did all the examples I looked at.
Yet, I only ever get notified of windows created by my own app and - more often than not - my tests result in the desktop process going down in flames once I close down my app. Before you ask, I do call UnhookWindowsHookEx. I also always call CallNextHookEx from within my handler.
I am running my test app from a limited user account but so far I haven't found any hints indicating that this would play a role... (though that actually surprises me)
AFAICT, I did everything by the book (obviously I didn't but so far I fail to see where).
I'm using Delphi (2007) but that shouldn't really matter I think.
EDIT: Maybe I should have mentioned this before: I did download and try a couple of examples (though there are unfortunately not that many available for Delphi - especially none for WH_SHELL or WH_CBT). While they do not crash the system like my test app does, they still do not capture events from other processes (even though I can verify with ProcessExplorer that they get loaded into them alright). So it seems there is either something wrong with my system configuration or the examples are wrong or it is simply not possible to capture events from other processes. Can anyone enlighten me?
EDIT2: OK, here's the source of my test project.
The DLL containing the hook procedure:
library HookHelper;
uses
Windows;
{$R *.res}
type
THookCallback = procedure(ACode, AWParam, ALParam: Integer); stdcall;
var
WndHookCallback: THookCallback;
Hook: HHook;
function HookProc(ACode, AWParam, ALParam: Integer): Integer; stdcall;
begin
Result := CallNextHookEx(Hook, ACode, AWParam, ALParam);
if ACode < 0 then Exit;
try
if Assigned(WndHookCallback)
// and (ACode in [HSHELL_WINDOWCREATED, HSHELL_WINDOWDESTROYED]) then
and (ACode in [HCBT_CREATEWND, HCBT_DESTROYWND]) then
WndHookCallback(ACode, AWParam, ALParam);
except
// plop!
end;
end;
procedure InitHook(ACallback: THookCallback); register;
begin
// Hook := SetWindowsHookEx(WH_SHELL, #HookProc, HInstance, 0);
Hook := SetWindowsHookEx(WH_CBT, #HookProc, HInstance, 0);
if Hook = 0 then
begin
// ShowMessage(SysErrorMessage(GetLastError));
end
else
begin
WndHookCallback := ACallback;
end;
end;
procedure UninitHook; register;
begin
if Hook <> 0 then
UnhookWindowsHookEx(Hook);
WndHookCallback := nil;
end;
exports
InitHook,
UninitHook;
begin
end.
And the main form of the app using the hook:
unit MainFo;
interface
uses
Windows, SysUtils, Forms, Dialogs, Classes, Controls, Buttons, StdCtrls;
type
THookTest_Fo = class(TForm)
Hook_Btn: TSpeedButton;
Output_Lbx: TListBox;
Test_Btn: TButton;
procedure Hook_BtnClick(Sender: TObject);
procedure Test_BtnClick(Sender: TObject);
public
destructor Destroy; override;
end;
var
HookTest_Fo: THookTest_Fo;
implementation
{$R *.dfm}
type
THookCallback = procedure(ACode, AWParam, ALParam: Integer); stdcall;
procedure InitHook(const ACallback: THookCallback); register; external 'HookHelper.dll';
procedure UninitHook; register; external 'HookHelper.dll';
procedure HookCallback(ACode, AWParam, ALParam: Integer); stdcall;
begin
if Assigned(HookTest_Fo) then
case ACode of
// HSHELL_WINDOWCREATED:
HCBT_CREATEWND:
HookTest_Fo.Output_Lbx.Items.Add('created handle #' + IntToStr(AWParam));
// HSHELL_WINDOWDESTROYED:
HCBT_DESTROYWND:
HookTest_Fo.Output_Lbx.Items.Add('destroyed handle #' + IntToStr(AWParam));
else
HookTest_Fo.Output_Lbx.Items.Add(Format('code: %d, WParam: $%x, LParam: $%x', [ACode, AWParam, ALParam]));
end;
end;
procedure THookTest_Fo.Test_BtnClick(Sender: TObject);
begin
ShowMessage('Boo!');
end;
destructor THookTest_Fo.Destroy;
begin
UninitHook; // just to make sure
inherited;
end;
procedure THookTest_Fo.Hook_BtnClick(Sender: TObject);
begin
if Hook_Btn.Down then
InitHook(HookCallback)
else
UninitHook;
end;
end.
The problem is that your hook DLL is actually being loaded into several different address spaces. Any time Windows detects an event in some foreign process that must be processed by your hook, it loads the hook DLL into that process (if it's not already loaded, of course).
However, each process has its own address space. This means that the callback function pointer that you passed in InitHook() only makes sense in the context of your EXE (that's why it works for events in your app). In any other process that pointer is garbage; it may point to an invalid memory location or (worse) into some random code section. The result can either be an access violation or silent memory corruption.
Generally, the solution is to use some sort of interprocess communication (IPC) to properly notify your EXE. The most painless way for your case would be to post a message and cram the needed info (event and HWND) into its WPARAM/LPARAM. You could either use a WM_APP+n or create one with RegisterWindowMessage(). Make sure the message is posted and not sent, to avoid any deadlocks.
This might be tertiary to your question, but as you're seeing, hooks are very hard to get right - if you can avoid using this by any means, do it. You're going to run into all sorts of problems with them, especially on Vista where you'll have to deal with UIPI.
Just to clarify something that "efotinis" mentioned about posting messages back to your process - the wParam and lParam that you post to your main process can't be pointers, they can just be "numbers".
For example, lets say you hook the WM_WINDOWPOSCHANGING message, windows passes you a pointer to a WINDOWPOS in the lparam. You can't just post that lparam back to your main process because the memory the lparam is pointing to is only valid in the process that recieves the message.
This is what "efotinis" meant when he said " cram the needed info (event and HWND) into its WPARAM/LPARAM". If you want to pass more complex messages back your going to need to use some other IPC (like named pipes, TCP or memory mapped files).
Lol, it looks like the error is in the test code.
If you create two separate buttons, one for Init and one for UnInit (I prefer Exit).
procedure THooktest_FO.UnInitClick(Sender: TObject);
begin
UninitHook;
end;
procedure THooktest_FO.InitClick(Sender: TObject);
begin
InitHook(HookCallback)
end;
Start the app. Click Init and then The test button, the following output is shown:
created handle #1902442
destroyed handle #1902442
created handle #1967978
created handle #7276488
Then the messagebox is shown.
If you click ok you get:
destroyed handle #1967978
HTH
I found the Delphi base documentation for SetWindowsHookEx. But the text is a bit vague.
function SetWindowsHookEx(idHook: Integer; lpfn: TFNHookProc;
hmod: HInst; dwThreadId: DWORD): HHOOK;
hmod: A handle to the module (a DLL) containing the hook function pointed to by the lpfn parameter. This parameter must be set to zero if dwThreadId identifies a thread created by the current process an dlpfn points to a hook function located in the code associated with the current process.
dwThreadId: The identifier of the thread to which the installed hook function will be associated. If this parameter is set to zero, the hook will be a system-wide hook that is associated with all existing threads.
By the way, for the hmod parameter you should have used a module handle. (HINSTANCE points to the application handle).
hand := GetModuleHandle('hookhelper.dll');
Hook := SetWindowsHookEx(WH_SHELL, #HookProc, hand, 0);
But although hand differs from HINSTANCE it still shows the same result.

Resources