1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Commit graph

169 commits

Author SHA1 Message Date
Pete Batard
0df68b6af9
[misc] further Windows 7 specifics removals
* Also remove some unused code in stdlg.c
* Note that virtdisk appears to be a vulnerable library, so we go
  through delay loading yet again...
2023-04-28 17:46:05 +01:00
Pete Batard
1e51385bed
[misc] revert to using the OS arch rather than app arch for the update download
* This means that someone running Rufus x64 or ARM64 should be
  proposed Rufus ARM64 rather than Rufus x64 as an upgrade.
* Also switch the BETA channel from x86 to x64.
* Also remove the _chdirU(app_dir) when using -i in commandline.
2023-04-24 20:50:53 +01:00
Pete Batard
e5f90282ed
[misc] improve Windows version detection
* Also use actual Windows major.minor when checking for updates
2023-04-17 13:33:05 +01:00
Pete Batard
018718b2c8
[misc] disable Windows 7 support
* Also set rufus-next to 3.23 and fix a date typo in ChangeLog.txt
2023-03-27 21:45:55 +02:00
Pete Batard
6ebe13eb31
[fido] deactivate Fido for Windows 7
* Also add an extra Fido translation string and improve/fix Fido testing.
* Also add an exception for HP iLO SD-CARD devices (Closes #2136).
2023-01-27 17:23:08 +00:00
Pete Batard
3fbc465d31
[core] fix Large FAT32 not being used in ISO → ESP mode
* Not using our own FAT32 formatting may result in access errors due to
  Microsoft's hare-brain handling of ESP access.
* Also update upcoming translations and copyright year.
2023-01-09 23:19:01 +00:00
Pete Batard
c19ef1125d
[wue] allow the provision of an arbitrary local account username
* This is required because, even though it's easy to change a local account name
  post install, doing so does not change the directory name in C:\Users\
2022-10-18 13:58:38 +01:00
Pete Batard
8790c480dd
[ui] resize SelectionDialog() according to the text content 2022-07-26 16:49:10 +01:00
Pete Batard
9073962faf
[wue] add automatic local account creation and regional settings duplication
* Local account is created with the same name as the current user along with an *empty* password
  (which we force the user to change on next logon). This is done to assuage users who might be
  weary of entering a password in a third party application, and has the benefit of enabling
  autologon when the install is complete.
* Note that the creation of a local account through an answer file prevents Windows 11 22H2
  from bugging users about MSA *even with an active network connection*.
* For convenience reasons, only duplication of the current username is enabled. We *may* add a
  dialog to enter any random username in a future version, but for 3.20, this is all you get.
* Likewise, the locale duplication is only carried out during OOBE and *not* WinPE (which means
  that you still get the initial "Windows setup language and user preferences" prompt). This is
  intentional as otherwise the default screen and "Repair Windows" options are not presented.
* It's not my fault that the Windows password change screen is super ill conceived, whereas it
  doesn't hide the current password field as it should when the current password is blank, and
  one needs to click on a very small arrow to get the changes applied, instead of a PROMINENT
  button that should intuitively have been positioned right next to "Cancel".
* If you want to complain that we should just "present the user with XYZ and be done with it",
  please bear in mind that we can't add new dialogs to Rufus as willy-nilly as you believe we
  can. *ANY* new UI interface requires major planning, which is the reason why, for the time
  being, we are limited to reusing a simple dissociated list of checkboxes for all WUE options.
2022-07-19 19:11:06 +01:00
Pete Batard
9690742d91
[ui] extend SelectionDialog() to support checkbox selection 2022-06-20 13:47:43 +01:00
Pete Batard
14847a1a89
[misc] update copyright year
* Also update signing certificate hash
2022-01-09 15:02:50 +00:00
Pete Batard
c28f9bc491
[misc] fix PVS-Studio warnings 2022-01-05 12:57:26 +01:00
Pete Batard
1c2884ceba
[misc] fallback to using LoadLibrary() when LoadLibraryEx() fails or doesn't apply
* Per 2a3e82fa96, it looks like some Windows 7 system have trouble with
  LoadLibraryEx() if they don't have KB2533623 installed (which fixes a MAJOR Windows
  vulnerability. Some people sure want to leave their system open to hackers...).
* Work around this by adding a fallback to LoadLibrary() in GetLibraryHandle()
* Also switch to using GetLibraryHandle() in dos.c and using LoadLibrary() in sections
  where we have the full path (since these calls are not vulnerable).
2021-10-18 13:15:41 +01:00
Pete Batard
f26fd2fbe3
[fido] add additional Authenticode validation before running the script
* This basically means that the script is validate *TWICE*, using two
  completely independent signatures, before it is allowed to run, which
  should add another mitigation layer against TOCTOU (which we already
  friggin' mitigated against anyway) and other potential vectors of
  attack.
* Also remove -DisableFirstRunCustomize option and the associated cookie
  prompt monitoring, which the latest version of Fido no longer requires.
* Also update WDK version for signtool and flesh out PKI error messages.
2021-05-27 00:19:25 +01:00
Pete Batard
2a3e82fa96
[misc] switch to using LoadLibraryEx everywhere
* This allows us to further mitigate DLL side loading by enforcing
  LOAD_LIBRARY_SEARCH_SYSTEM32 / LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR.
2021-04-09 11:31:52 +01:00
Pete Batard
bb291df342
[appstore] disable update related elements and enable Fido always
* The check for update is not necessary or even desirable for the AppStore
  version, since the Windows Store takes care of updating the app.
2021-02-08 21:02:01 +00:00
Pete Batard
fce645543f
[dev] add exception for Realtek card readers
* Also update copyright year to 2021
* Also update version for rufus-next
* Also set Win32 "A" APIs to UTF-8 and enable long paths in manifest
2021-01-06 19:27:31 +00:00
Pete Batard
4617f91e3b
[misc] introduce hImageOption and ComboBox_GetCurItemData() to simplify code
* Also add retry to ms-sys' write_sectors()
2020-07-17 21:51:15 +01:00
Pete Batard
0dc13e5283
[ui] fix missing labels for accessibility
* Closes #1467
* Also ensure that previous element is set when repositioning a
  control to preserve tabbing order
* Also fix x64 version being able to download x86 BETA
2020-07-02 22:55:01 +01:00
Pete Batard
94a2699640
[ui] perform ISO download feature check in a background thread 2020-06-13 13:17:35 +01:00
Pete Batard
b8579c04da
[misc] add arbitrary buffer allocation to GetResource()
* If duplicate is TRUE and len is non-zero, then a buffer of len size,
  padded with zeroes, is allocated for the resource.
2020-02-19 12:43:05 +00:00
Pete Batard
b8b22ee890
[misc] update copyright year to 2020 2020-01-30 13:57:33 +00:00
Pete Batard
3e1d0b309f
[ui] fix Windows format prompts not being suppressed 2019-07-08 19:21:40 +01:00
Pete Batard
2607dfabc1
[loc] fix truncation of notification messages 2019-05-15 13:42:33 +01:00
Pete Batard
2a1c57c750
[ui] disable button and add a countdown when launching update
* Also disable Launch button while we do so
* Also add new <Ctrl>-<Alt>-<Y> cheat mode
* Also terminate update thread before exiting if running
* Also set version to rufus-next
2019-04-01 16:38:27 +01:00
Pete Batard
4271e42b50
[fido] download an LZMA compressed version of the script
* Since we have compression available through Bled we might as well use it
* Also validate that the download URL comes from https://github.com/pbatard/Fido
* Also prevent the check for update from running while we are downloading ISOs
2019-03-23 13:59:20 +00:00
Pete Batard
82bb497c1b
[fido] add a log notice to explain why ISO downloads are disabled
* Also fix an issue where Rufus doesn't report an error if 'fmifs.dll' can't be found (#1284)
* Also improve GitHub issue template to mention that Ctrl-L can also be used to access the log
2019-03-19 12:04:29 +00:00
Pete Batard
924c6b1a79
[loc] fix alert hook handling when switching language
* Because the localized title/button text lookup was only executed once
  on startup, it wouldn't apply to the new language on relaunch. Fix that.
2019-03-13 17:01:26 +00:00
Pete Batard
0c368b4e69
[loc] finalize translations for 3.5
* Also update for latest Fido and simplify SetLGP
2019-03-12 19:53:25 +00:00
Pete Batard
65f886141b
[fido] improve UI handling
* Center dialog on open
* Close dialog on main application exit
* Display ISO short name & size on status bar during download
* Display ISO download progress on taskbar
* Also fix improper detection of EAGET Mass Storage USB Device as HDD
2019-03-07 16:29:43 +00:00
Pete Batard
db68bcd7f9
[fido] use Rufus existing alert handler to close Fido's cookie prompts
* Addresses pbatard/Fido#1 while being much more effective than an all-script solution
2019-03-05 12:41:10 +00:00
Pete Batard
8823c0cf9c
[net] always download latest release of Fido
* Also clean up/factorize some of the net code
2019-03-04 19:14:54 +00:00
Pete Batard
e073fb47b0
[net] add Windows retail ISO downloads
* This is accomplished through Fido (https://github.com/pbatard/Fido), a *SIGNED*
  PowerShell script, that is downloaded from GitHub and that resides in memory for
  the duration of a session.
* The reason we use a downloaded PS script, rather than an embedded on, is because:
  - Microsoft have regularly been changing the deal with regards to how retail ISOs
    can be downloaded, and not for the better, so we can't simply embed a static
    means of downloading ISOs and expect that to work forever.
  - By using an external script, we can immediately respond to whatever new means of
    *ANNOYING* their legitimate users Microsoft will come up with next, as well as
    make sure that, the minute a new retail version of Windows becomes available, it
    also becomes available for download in Rufus.
* Note that if you are concerned about downloading a remote PS script that is being
  run at the same level as an elevated application, you should understand that:
  - Only scripts downloaded from GitHub, from an account that is protected with 2FA,
    are allowed to run (i.e. someone would first have to steal a *physical* 2FA key
    to be in a position to upload a malicious script).
  - On top of this, only scripts that are signed with a separate private key (RSA +
    AES-256), that is itself also protected with a strong unique password which only
    a single person knows (and must manually enter each time they want to make a new
    version of the script available for download), are allowed to run.
  The above means that there's about as much chance for someone to manage to upload
  a malicious script on the GitHub servers, that Rufus would allow to run, as there
  is for someone to upload a malicious version of Rufus itself.
  Still, if you are paranoid and have concerns that, even as you can validate from
  its source that Rufus does not attempt to execute any remote script unless a user
  actively selected and clicked the DOWNLOAD button, you can also completely disable
  the remote script download feature, if you just set the update check to disabled
  (which, by the way, Rufus *EXPLICITLY* asks you to choose whether you want to
  enable or not, the very first time you run the application).
* Also remove _unlinkU() which duplicates what DeleteFileU() already does.
2019-03-02 23:34:32 +00:00
Pete Batard
078aaf7714
[net] disable BETA version check for anything but x86_32 2019-02-05 17:49:27 +00:00
Pete Batard
7b2edbfd6f
[process] also report the PID of conflicting processes
* Also update copyright year
2019-01-02 12:24:34 +00:00
Pete Batard
f94d2f479f
[core] fix abort if we can't display the "drive in use" message
* Also display the current MUI on startup and set version to rufus-next
2018-12-14 18:19:33 +00:00
Pete Batard
7745edbb92
[misc] use COBJMACROS for COM calls 2018-11-27 11:59:19 +00:00
Pete Batard
04a5793ee7
[misc] use compilation flag to undefine NDEBUG for assert 2018-11-21 17:45:18 +00:00
Pete Batard
15806de646
[ui] display a notice about Secure Boot when UEFI:NTFS is applied 2018-11-20 12:33:12 +00:00
Pete Batard
846857a549 [ui] use Downloads as initial image directory rather than My Documents
* With thanks to win32diskimager for figuring that one out
2018-10-06 14:21:13 +02:00
Pete Batard
619dd9862b [misc] use GetWindowLongPtr/SetWindowLongPtr everywhere
* Also remove WS_EX_RIGHT style from IDC_PERSISTENCE_SIZE since we apply it manually
2018-08-20 09:46:23 +01:00
Pete Batard
c832814af0 [ui] small fixes for RTL languages 2018-08-18 17:38:23 +01:00
Pete Batard
05f8400451 [misc] reorganize UI function calls into their own source
* Also fix ARM/ARM64 broken compilation due to missing __popcnt()
2018-07-06 05:46:36 +01:00
Pete Batard
7c142fadbc [net] improve handling of invalid signatures
* Also make bPromptOnError an actual parameter to the download function calls
* Also prefer the use of assert() to custom assertion messages
2018-06-30 22:45:15 +01:00
Pete Batard
fdfc9ff82d [pki] add RSA-2048 signature validation for all server downloads
* Closes #1172
* Also fix a MinGW warning in badblocks.c
2018-06-29 18:19:05 +01:00
Pete Batard
8238de67e1 [ui] fix more potential notification message truncation
* Some Thai UTF-8 notification messages went over the buffer size limit we used for vsnprintf()
* Also, revert part of 645184f11e and use LRE+PDF marks instead:
  Don't handle in the code what is better handled in the loc file.
2018-06-08 16:29:41 +01:00
Pete Batard
d6e6f46029 [ui] fix notification dialog messages being truncated
* We now auto resize the height of the Notification dialog according to the
  number of lines of the message.
* Also harmonize local RECT variable names according to what we do elsewhere.
2018-06-08 13:02:39 +01:00
Pete Batard
c3aaa0c252 [loc] fix various RTL localization issues
With thanks to Itiel

* Fix a potential buffer overflow in lmprintf for RTL languages
* Automatically apply RLE/PDF to all RTL messages, and remove the RLE/PDFs from the .loc
* Fix Windows messing up of multiline RTL tooltips (The trick is, if you want actually
  want RTL, you need to *disable* RTL... Sure, Microsoft, that makes a lot of sense?!?)
* Also properly scale the length of the multiline tooltips according to the zoom factor
* Closes #1132
2018-05-18 00:55:35 +01:00
Pete Batard
9815a18009 [ui] fix tabbing order for the new UI design
* Accessibility *IS* a thankless job...
2018-05-11 17:35:48 +01:00
Pete Batard
db6a5bb749 [loc] fix tooltip justification for RTL languages
* Left alignment was used instead of right
* Also improve device tooltip display
2018-05-10 12:07:21 +01:00