1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Commit graph

1240 commits

Author SHA1 Message Date
Pete Batard
a73e695ba4 [pki] timestamp validation improvements
* Add timestamp processing for nested signature and check for anomalous differences
* Also prevent attack scenarios that may attempt to leverage multiple nested signatures or countersigners
* Simplify code by using CryptDecodeObjectEx/WinVerifyTrustEx and improve timestamp reporting
2017-09-03 13:54:07 +01:00
Pete Batard
c74d7bce1f [misc] update ChangeLog for BETA 2017-09-02 16:06:41 +01:00
Pete Batard
35da381a11 [pki] check timestamp chronology during update validation
* Done to address the second "vulnerability" proposed in #1009, independently
  of the protocol used.
2017-09-02 15:27:56 +01:00
Pete Batard
c3c39f7f8a [pki] fix https://www.kb.cert.org/vuls/id/403768
* This commit effectively fixes https://www.kb.cert.org/vuls/id/403768 (CVE-2017-13083) as
  it is described per its revision 11, which is the latest revision at the time of this commit,
  by disabling Windows prompts, enacted during signature validation, that allow the user to
  bypass the intended signature verification checks.
* It needs to be pointed out that the vulnerability ("allow(ing) the use of a self-signed
  certificate"), which relies on the end-user actively ignoring a Windows prompt that tells
  them that the update failed the signature validation whilst also advising against running it,
  is being fully addressed, even as the update protocol remains HTTP.
* It also need to be pointed out that the extended delay (48 hours) between the time the
  vulnerability was reported and the moment it is fixed in our codebase has to do with
  the fact that the reporter chose to deviate from standard security practices by not
  disclosing the details of the vulnerability with us, be it publicly or privately,
  before creating the cert.org report. The only advance notification we received was a
  generic note about the use of HTTP vs HTTPS, which, as have established, is not
  immediately relevant to addressing the reported vulnerability.
* Closes #1009
* Note: The other vulnerability scenario described towards the end of #1009, which
  doesn't have to do with the "lack of CA checking", will be addressed separately.
2017-08-31 12:19:11 +01:00
Pete Batard
fe3004d17f [misc] use UTF-8 compatible _unlinkU() when deleting files 2017-08-30 11:24:47 +01:00
Ino-Bagaric
bf09842fd2 [misc] remove duplicate definition
* Closes #1011
2017-08-29 11:57:01 +01:00
Pete Batard
36cadcfcca [pki] improve error handling
* FormatMessage() does not handle PKI errors
* Also fix an issue with non-official version detection when the language is not English
2017-08-27 15:07:35 +01:00
Pete Batard
868eea5069 [loc] fix Spanish translation 2017-08-26 11:32:40 +01:00
Pete Batard
8b094e840b [net] use http instead of https for downloads
* Since 2.17 will be the last version to support XP, and the native XP SSL
  implementation is too old to access our downloads though https.
2017-08-17 13:33:20 +01:00
Feras n
9de244c10e [loc] update Arabic translation to latest 2017-08-16 16:39:20 +01:00
Pete Batard
58a38145b7 [misc] finally, set .editorconfig to use UTF-8 *without* BOM
* The new VS2017 15.3 appears to have fixed this annoying bug at long last:
  https://developercommunity.visualstudio.com/content/problem/22922/editorconfig-support-interprets-charset-utf-8-as-u.html
2017-08-14 21:40:56 +01:00
Pete Batard
5348591729 [core] add support for more non-USB card readers
* Closes #998
2017-08-13 21:03:01 +01:00
Pete Batard
c82842ce2a [core] add Super Floppy Disk support 2017-08-12 15:12:00 +01:00
Pete Batard
65f5ccd28b [ui] fix log no longer automatically scrolling to the last line
* Introduced in 369a392af0 because, of course when Microsoft has a
  call that goes (###, param1, param2) they define a macro for it that goes (param2, param1)...
2017-08-11 11:47:27 +01:00
Pete Batard
3a150ddeda [core] add support for more non-USB card readers
* Closes #994
2017-08-11 11:43:37 +01:00
Pete Batard
90dc847e24 [misc] add static_strcat & static_strcpy and use static_ calls wherever possible
* Also set Rufus next to 2.17 and fix a warning
2017-08-10 19:43:52 +01:00
Pete Batard
5d371088cb [iso] add EFI boot support from 'efi.img' FAT images
* Required to support Debian Live 9.1 in ISO mode
* Note that this only works if the efi.img boot files do not require
  additional content besides the one extracted from the ISO.
2017-08-09 16:27:11 +01:00
Na Jiyoun
3d33493c6f [loc] update Korean translation to latest 2017-08-07 18:11:04 +01:00
Pete Batard
eb5087d504 [togo] fix a typo in index selection and add support for nonofficial ISOs
* Closes #991
2017-08-02 18:59:45 +01:00
Jeroen Sack
65fd9770cb [misc] fix typo in Changelog
* Closes #990
2017-07-31 12:31:26 +01:00
Pete Batard
925837e4d3 v2.16 (build 1170) 2017-07-31 10:55:41 +01:00
Zia Azimi
9740e94876 [loc] update Persian translation to latest 2017-07-29 17:40:10 +01:00
Pete Batard
d620d8848d [loc] fix RTL display of ISO truncation notification
* Also don't use MessageBoxU where unneeded
2017-07-29 17:34:11 +01:00
Nikolaos Margaritis
d7d6caebe1 [loc] update Greek translation to latest 2017-07-29 15:45:55 +01:00
Martin Kubánik
e68df21a16 [loc] update Slovak translation to latest 2017-07-29 15:42:32 +01:00
Krasimir Newenow
6db159be9e [loc] update Bulgarian translation to latest 2017-07-28 15:33:23 +01:00
Matej Horvat
0887368988 [loc] update Slovenian translation to latest 2017-07-28 13:10:51 +01:00
Arif Budiman
a96a615a66 [loc] update Indonesian translation to latest 2017-07-28 13:08:15 +01:00
Gintaras Venslovas
1baf1b7d1a [loc] update Lithuanian translation to latest 2017-07-26 11:48:56 +01:00
Pete Batard
bb00e220ac [ui] more info field fixes
* Prevent text selection and try to force a redraw, to ensure the text is centered on update
* Also update the libcdio 'AL' workaround
2017-07-26 11:47:02 +01:00
Pete Batard
0a3c04379b [misc] fix Coverity warnings 2017-07-25 12:19:50 +01:00
Ivan Strugar
3622b441ed [loc] update Serbian translation to latest 2017-07-25 00:19:35 +01:00
Tiago Rinaldi
32b8b5b232 [loc] update Portuguese (Brazilian) translation to latest
* Closes #981
2017-07-24 17:34:44 +01:00
Pete Batard
93c2d7851e [ui] fix info box when downloading Syslinux/GRUB files
* Don't duplicate the PrintInfo() from DownloadFile()
* Make sure caret is disabled and displayed text will not appear selected
* Also update MSG_085 and remove unneeded MSG_240
2017-07-24 17:20:17 +01:00
Pete Batard
7ef65b551a [misc] yay, more XP fixes...
* Since I half expect 2.16 to be the last version of Rufus to support Windows XP
2017-07-24 16:29:09 +01:00
Noam Sarusi
811f3cc1bc [loc] update Hebrew translation to latest 2017-07-24 12:11:13 +01:00
Константин В
2b3f1be78c [loc] update Ukrainian translation to latest 2017-07-24 11:57:30 +01:00
Tiryoh
4fe6ffb9d4 [loc] update Japanese translation to latest 2017-07-24 11:52:42 +01:00
Dario Komar
7a929b36b4 [loc] update Croatian translation to latest 2017-07-24 11:49:59 +01:00
Pete Batard
369a392af0 [process] improve the search for conflicting processes check
* Add a WaitForSingleObjectWithMessages() call so that we can process Windows messages
  while waiting on events (prevents lockup while issuing log messages)
* Limit the total duration of CheckDriveAccess() to 2 seconds
* Allow for user cancellation
* Also update code to use the Edit_####() predefined macros for Edit controls instead of EM_### messages
2017-07-24 11:36:06 +01:00
Riku Brander
5e609f022f [loc] update Finnish translation to latest 2017-07-22 19:12:11 +01:00
Pete Batard
d5babb5e72 [ui] disable controls prior to format checks
* Also send Unicode strings to the debug output facility, since Windows 10
  *FINALLY* added Unicode processing support there...
2017-07-22 15:17:24 +01:00
Pete Batard
39e418fbe9 [iso] add work around for ISOs that use nonstandard Rock Ridge extensions
* Looking at you Kali Linux!
* Also silence the annoying 'from_733: broken byte order' warning
2017-07-21 13:11:44 +01:00
Elvin Məlikov
f1aeb63267 [loc] update Azerbaijani translation to latest 2017-07-20 17:49:20 +01:00
Pete Batard
4617ba786d [process] add a timeout for the process search
* The process search appears to be blocking on some platform, and we
  also don't want users to have to wait too long on format startup
* Also update the update check for Windows XP SSL errors
2017-07-20 17:43:38 +01:00
Sippapas Wangsri
5c3437f6de [loc] update Thai translation to latest 2017-07-19 16:57:52 +01:00
Pete Batard
9f8f5517fe [loc] update Vietnamese translation to latest 2017-07-19 13:50:35 +01:00
Chocobo1
0137de5c3a [loc] update Chinese Traditional translation to latest
* Closes #985
2017-07-19 13:45:09 +01:00
Pete Batard
e34f5ac528 [process] fix executable paths on Windows 7 or earlier 2017-07-18 17:10:15 +01:00
Gîrlea Alexandru
476ef267d2 [loc] update Romanian translation to latest 2017-07-18 15:39:29 +01:00