* This is accomplished through Fido (https://github.com/pbatard/Fido), a *SIGNED*
PowerShell script, that is downloaded from GitHub and that resides in memory for
the duration of a session.
* The reason we use a downloaded PS script, rather than an embedded on, is because:
- Microsoft have regularly been changing the deal with regards to how retail ISOs
can be downloaded, and not for the better, so we can't simply embed a static
means of downloading ISOs and expect that to work forever.
- By using an external script, we can immediately respond to whatever new means of
*ANNOYING* their legitimate users Microsoft will come up with next, as well as
make sure that, the minute a new retail version of Windows becomes available, it
also becomes available for download in Rufus.
* Note that if you are concerned about downloading a remote PS script that is being
run at the same level as an elevated application, you should understand that:
- Only scripts downloaded from GitHub, from an account that is protected with 2FA,
are allowed to run (i.e. someone would first have to steal a *physical* 2FA key
to be in a position to upload a malicious script).
- On top of this, only scripts that are signed with a separate private key (RSA +
AES-256), that is itself also protected with a strong unique password which only
a single person knows (and must manually enter each time they want to make a new
version of the script available for download), are allowed to run.
The above means that there's about as much chance for someone to manage to upload
a malicious script on the GitHub servers, that Rufus would allow to run, as there
is for someone to upload a malicious version of Rufus itself.
Still, if you are paranoid and have concerns that, even as you can validate from
its source that Rufus does not attempt to execute any remote script unless a user
actively selected and clicked the DOWNLOAD button, you can also completely disable
the remote script download feature, if you just set the update check to disabled
(which, by the way, Rufus *EXPLICITLY* asks you to choose whether you want to
enable or not, the very first time you run the application).
* Also remove _unlinkU() which duplicates what DeleteFileU() already does.
* With no thanks whatsoever to Microsoft for *NOT* documenting that you need
to pass flag 0x2000000 to WIMCreateFile() if you want to avoid an open error.
One has to wonder if Microsoft isn't deliberately adding *BULLSHIT FLAGS*
that only they know of, to hinder competing third-party tools...
* efi.img was not always being properly process (e.g. proxmox-ve_5.2-1.iso)
* Note that this doesn't mean that the ISO will properly boot, just that we will
now properly detect and install the EFI bootloaders that reside within the .img
* Also add a test ISO to display these controls
* The intent is to use the next round of translation to get these new UI elements localized,
as any translation work takes _months_, and it is a precondition to start working on #691.
* Also fix new issues with image options when switching language
* Now preallocate the file size for each extracted file, to help the target
filesystem avoid fragmentation issues and thus increase writing speed.
* Closes#1170
* Required to support Debian Live 9.1 in ISO mode
* Note that this only works if the efi.img boot files do not require
additional content besides the one extracted from the ISO.
* Rufus now checks for processes with handles opened on the drives/volumes before
starting the format operation and asks the user if they want to continue.
* This mimics Windows' behaviour when formatting drives, and actually uses the
same message as the one from shell32.dll.mui.
* Closes#773
* Not having FILE_SHARE_WRITE on a disk or volume handle helps
prevent spurious accesses from the OS or other apps while we
are repartitioning/refomatting.
* Such as WebConverger (webc-35.1.iso)
* Also fix non installation of Syslinux if Alt-E (dual UEFI/BIOS) is set
* Also update README and AppVeyor script
* Downloadable content will now be indicating, in the log, whether it can be trusted with ✓ (validated) or ✗ (caution)
* Of course this validation only applies for files we know of, i.e. the downloadable content that existed at the time the DB was
created. So, if Syslinux 8.x gets released tomorrow and we put it on our server, you'll get an ✗ regardless of its integrity.
* Closes#758
* Also update Bled to latest, as well as build scripts
* Note: Considering that Visual Studio 2015 is both freely and legally
available for anyone who wants to use it to compile Rufus, starting
with this commit, I will NOT be supporting any other version of Visual
Studio but 2015.
* Using /syslinux.cfg creates issues, so we force the use of /boot/[i386|x86_64]/loader/isolinux.cfg
* IMPORTANT: This does NOT fix openSuse based live ISO support as the openSuse boot scripts are NOT
designed to handle anything else but an ISO9660 filesystem. Especially, they cannot handle FAT.
* Closes#478
* Also set rufus-next to 2.2
* Check compressed DD images for boot capability
* Add DisableLGP setting
* Silence libcdio errors when scanning non ISO images
* Ensure UI displays "No image selected" when relevant
* Also update Bled to latest
* Application will start in portable mode if its name contains a 'p'
eg. "rufus_portable.exe" or "prufus.exe"
* Closes#264
* Also fix a couple smaller issues
* Add apply support to WIM image handling
* Requires Windows 8 or later (Windows 7+ for WIM API support but Windows 8+ for ISO mount)
* Also fix an issue for Windows 7 x64 EFI mode
* Add a cheat mode for VMWare disk detection
* Add a cheat mode to delete the rufus_files directory
* Don't attempt a grub2 download in case we couldn't read the version
* Don't use a shared message buffer between info and status and also
use a more logical handling of low pri/high pri and timeout
* Also fix unwanted selection of info text on restore from minimize
* Also fix the localization generation and add more messages
* And reverted grub2 to the one from b3947fc026 (reverts commit 8b47e95eb5)
since FreeNAS doesn't work with the older one.
Sorry "Super Grub2 Disk" and other older GRUB2 based tools, but you'll need to
update the Grub version you use if you want to be compatible with Rufus.
* Closes#244
* Linux has a MAJOR quirk in that labels such as "Contains Space"
get converted to "/dev/disk/by-label/Contains\x20Space".
* While Rufus already had smart label Syslinux handling (by replacing
the ones found in isolinux.cfg to their more limited FAT32 version)
there was absolutely NO WAY of guessing this quirk until ISOs
such as Red Hat 7 or CentOS 7 started to use spaces in their ISO
labels and people reported breakage!
* This commit also fixes an issue where psz_fullpath was modified when
it shouldn't, which broke Debian 7.7.0, and most likely any ISO
containing a subdirectory in the directory where a syslinux/isolinux
config file is located.
* Closes#396
* Closes#394
* Closes#388
* Closes#380
* With that obscene an amount of pre-releases of 6.03 (seriously, how
many more YEARS pre-release of the same version do you actually need?),
of course the syslinux people have managed to break the last remnants
of compatibility they had between a single major version, so we are now
forced to provide a smorgasbord of pre-release and out of band syslinux
binaries on our server, and make sure we detect and handle incompatible
syslinux versions clientside...
For instance, even after fixing the EFI vs isolinux issue, we find
that tails 1.1 is incompatible with 'pre19'. But it also uses its own
'20131220' extended identifier, instead of 'pre1', its closest
relative. So we have to multiply files and symbolic links to try to
keep everybody happy.
Talk about a MAJOR LETDOWN from the syslinux project...
* Closes#363
* Closes#310
* Alt-I can now be used to disable ISO support. This is meant to be
used for dual ISO/DD images so that DD (disk image) mode will be used
* Also issue a message in the log to indicate whether slow or quick format is used
* Also change the cheat mode keys for force update and proper unit to C and U
* Also try to ignore autorun.inf issues from idiotic antivirus solutions, when writing ISOs
* Also remove the columns in the English labels (improves high DPI display)
* Also update additional ISO related messages to make them more generic
* Also fix an issue with hotplug due to WM_DEVICECHANGE being filtered out
* Also improve AnalyzeMBR() and prevent failure on WriteMBR
* Also fix a couple issues with ISO and Syslinux handling
* Also remove "smart" uncheck of disabled checkboxes - not worth it
* Download the files from files/syslinux-4.07 on the server
* Save local copy in rufus_files/syslinux-4.07
* Move menu.c32/vesamenu.c32 check to BootCheck()
* Detect Syslinux version from isolinux.bin (Closes#272)
* Download required Syslinux v5+ files where needed (Closes#165)
* Also fix an issue where using a Syslinux based ISO didn't switch to ISO mode
* Also alter DownloadFile and ExtractISOFile to return a size
* Fixes the issue that caused a revert of 0206e2036e
(in c93798b877). The issue was that an active index
was being reused and modified, for ISO9660 images, which could wreck havoc when
writing the data blocks.
* Closes#176 (again)
* Closes#176
* Also fix a crash when displaying an error message (MSG_043 requires a parameter)
* Also display an informative message on interfering security solutions when writing an autorun.inf
* Also revert x64 MSVC target to non-XP so that it can be used for Code Analysis
* Some ISO9660 images (such as Ubuntu) use both Joliet and Rock Ridge,
so we have to make a choice which should be preferred.
* Since Rock Ridge allows a greater filename length compared to Joliet,
we perform our scan pass with Joliet disabled, to find out if RR is
being used and if a filename longer than 64 chars exist. If that is
the case, we'll perform the extraction using RR, else we'll use Joliet.
* Also add Alt-J and Alt-K to toggle Joliet/Rock Ridge
* Closes#178
* This is not full Syslinux v5.0 support, but only to prevent the (vesa)menu.c32 message from displaying
* Uses the mandatory inclusion of ldlinux.c32 in Isolinux v5.x for the detection
* Part of a fix for #142
* update copyright year
* switch relevant files to UTF-8 (without signature).
It's 2013 for crying out loud: if your file editor or file viewer
can't handle plain UTF-8, go back to the 1980s!
* also rename autogen.sh to bootstrap.sh
* Contains the bulk of the code required to address #11
* Tested with Windows 8 Pro x64 (en-gb_windows_8_x64_dvd_915412.iso)
and Arch Linux (archlinux-2013.01.04-dual.iso) against an UEFI 2.1 BIOS
* Also fixes missing status report beta versions check
* Add dialog for new release notification
* Do not check for updates during format or ISO ops
* Add RTF support for parser and security improvements
* Also improve init and exit of progress dialog
* Use \i386 always through SetupSourceDevice in txtsetup.sif
and prevent deletion of install directory
* Removed setupdd.sy_ patch. Now, none of the files in \i386 are modified
* Better /minint detection for MBR setup
* Also fixed an issue where mbr.bin resources would not be included
* add readout and display of extended autorun.inf label if available
* use improved isolinux config parsing
* also fix an issue that could leave drive unmounted on forced removal
* also add Alt-F cheatmode to toggle detection of fixed USB disks
* Creates an UTF-16 autoconf.inf with label, as well as autoconf.ico
* also fixed extended labels not displaying - closes#48
* also bumped version to rufus-next
* also factorized iso props analysis
* additional fixes
* Allow the use of vanilla Syslinux by creating a /syslinux.cfg
that references isolinux.cfg
* Fix#40 and #42
* Workaround for #44 by search and replace of ISO label in .cfg
* ISO9660 Joliet fixes
* Fix for broken UDF access with MSVC on some images
(eg. Arch Linux)
* Fix for broken Joliet access on ISO9660 images and
proper Joliet support in iso.c
* scan would fail on lowercase vs mixed case dir name comparison
due to Joliet (eg. using Slackware 13.37 ISO)
* extraction would fail for 4 GB ISO9660 ISOs
* also fixes cases issue when checking for isolinux/bootmgr
* also don't restrict NTFS labels
* DOS creation was broken due to missing unlock + close
* added label validation to prevent errors
* added ellipsis to status bar
* also bumped version to rufus next and fixed f/non-f
* required for Linux distros such as Arch Linux
* also added udf_get_logical_volume_id to libcdio and other fixes
* also prevents overwrite of ldlinux.sys from ISO
* closes#36
* bootmgr ISOs only
* extraction and ISO support UI improvements
* UTF8 support through CreateFileU
* cancellation on ISO file extraction
* switch to using CreateThread
