* The BlackLotus malware shows that it is possible to download individual
executables and DLLs straight from Microsoft's symbol servers, so we use
that capability to download the missing Windows 8.1 'diskcopy.dll', that
contains the flat floppy disk image with MS-DOS files we need. See:
https://randomascii.wordpress.com/2013/03/09/symbols-the-microsoft-way/
* Also reorder entries in the "Boot selection" dropdown.
* Also use CreateFileWithTimeout() in GetLogicalName().
* As was *ENTIRELY PREDICTIBLE*, the lack of timely releases from the GRUB
project has resulted in distro maintainers (Ubuntu, Fedora, etc.) taking
matters in their own hand and applying patches on top of their 2.06 version.
However, these patches result in 2.06 bootloaders that are incompatible
with 2.06 modules that don't have the same patches applied. Especially this
now results in the infamous "452: out of range pointer" error message when
using patched modules with unpatched bootloader or unpatched modules with
patched bootloaders.
* Making this issue worse, we also have distro maintainers who won't add a
suffix to their GRUB version, AS ONE SHOULD DO WHEN ONE APPLIES TONS OF
PATCHES ON TOP OF A PROJECT'S SOURCE, and MISreport their non 2.06 GRUB as
"2.06", and, because we can't detect what patches are needed from modules
themselves (unlike what is the case for grub_debug_is_enabled), we have no
way of telling incompatible GRUB 2.06 binaries from one another.
* As a result, we have no choice but to append a sanitized version of the ISO
label to the GRUB version, as a means to differentiate between incompatible
versions, and tweak our existing bootloader download mechanism to *ATTEMPT*
to download a compatible 'core.img' from our server... where we will have
to waste a lot of time adding new binaries and symlinks to try to make all
these GRUB "2.06" based images work, and will probably miss quite few with
the end results that users who are just trying to install Linux will be left
stranded.
* Again, I have to point out how the end result of regular users wanting to
try Linux and being unable to do so is the *DIRECT* result of the GRUB project
maintainers having sat on a 2-year influx of CONTINUOUS patches, and thinking
that "Release Early, Release Often" is only a gimmick, and not something that
should apply to their project, even as they have been warned before, by yours
truly, that *NOT* releasing on a timely basis is causing actual grievances...
That's because, had the GRUB maintainers released on a timely basis (at least
once a year) Fedora and Ubuntu would be using vanilla GRUB 2.07 with the memory
patches, and we wouldn't be trying to mix that with old GRUB 2.06 binaries.
* For more on this, see #2233, noting that we will need to apply a compatibility
breaking change during the 4.1 release, to revert the patches we applied to
the default 2.06 'core.img' in pbatard/rufus-web@320b800592.
* This means that someone running Rufus x64 or ARM64 should be
proposed Rufus ARM64 rather than Rufus x64 as an upgrade.
* Also switch the BETA channel from x86 to x64.
* Also remove the _chdirU(app_dir) when using -i in commandline.
* Passing a non-formatting buffer as first parameter of uprintf() can lead
to an exception if this buffer happens to contain a '%' character, so
usage of uprintf() with string buffers that may contain '%' should be
sanitized.
* Also drop the _uprintf/_uprintfs aliases as they are no longer required.
* Having Windows append "SCSI Disk Device" screws up the scoring regarding
disks that are actually describing themselves as SCSI, so replace that
with "UAS Device", as it should be.
* Closes#2221.
* Also fix a MinGW warning.
* Also avoid using LPTSTR in lieu of LPWSTR (even if they do resolve to the exact
same thing) and force the use of app_dir when looking for a local .loc file.
* Closes#2193
* Closes#2164
* Also add breakdown of score computation when device enumeration debug is active
* Also fix a minor Code Analysis warning in msapi_utf8.h
* This means we don't need to worry about conversion issues regarding signedess. In addition,
the behavior will no longer be undefined if for some reason the conversion cannot happen.
* Closes#2104.
* Newer Intel and AMD CPUs have SSE extensions for SHA-1 and SHA-256 acceleration.
* Add new cpu.c/cpu.h sources to detect the extensions, and use them in checksum.c
if available.
* Acceleration code is taken from https://github.com/noloader/SHA-Intrinsics.
* Update the relevant loc messages.
* Also add a -z commandline option to force the Windows version (but without letting
this option work as an override, if running on an unsupported platform).
* Also fix typos and broken URLs.
* Since 8814944c35 we may mount an ISO for the lookup of the Windows version,
which produces DBT_DEVNODES_CHANGED messages being issued when the virtual DVD is being created or removed
* This in turn leads to unwanted device refreshes.
* This patch makes sure we ignore DBT_DEVNODES_CHANGED while scanning.
* Also improve comments in iso.c.
* This is required because, even though it's easy to change a local account name
post install, doing so does not change the directory name in C:\Users\
* Pick the version and build number directly from the install[.wim|.esd] XML index.
This forces us to mount the ISO during scan, but it's the only way to get an accurate Build number...
* Also drop linking to version.dll (along with the whole version.dll delay-loading shenanigans).
* Remove last ditch effort on systems that are clearly broken for localization
and always report an explicit error to the user.
* Also update GitHub Actions actions/checkout (Closes#2036).
* Some "unofficial" Windows ISOs use a custom boot.wim that only includes the Setup
image at index 1, rather than at index 2, after the PE image, for official ISOs.
* Also refactor to add a long needed vhd.h header.
* Also fix a MinGW warning.
* Local account is created with the same name as the current user along with an *empty* password
(which we force the user to change on next logon). This is done to assuage users who might be
weary of entering a password in a third party application, and has the benefit of enabling
autologon when the install is complete.
* Note that the creation of a local account through an answer file prevents Windows 11 22H2
from bugging users about MSA *even with an active network connection*.
* For convenience reasons, only duplication of the current username is enabled. We *may* add a
dialog to enter any random username in a future version, but for 3.20, this is all you get.
* Likewise, the locale duplication is only carried out during OOBE and *not* WinPE (which means
that you still get the initial "Windows setup language and user preferences" prompt). This is
intentional as otherwise the default screen and "Repair Windows" options are not presented.
* It's not my fault that the Windows password change screen is super ill conceived, whereas it
doesn't hide the current password field as it should when the current password is blank, and
one needs to click on a very small arrow to get the changes applied, instead of a PROMINENT
button that should intuitively have been positioned right next to "Cancel".
* If you want to complain that we should just "present the user with XYZ and be done with it",
please bear in mind that we can't add new dialogs to Rufus as willy-nilly as you believe we
can. *ANY* new UI interface requires major planning, which is the reason why, for the time
being, we are limited to reusing a simple dissociated list of checkboxes for all WUE options.
* In a manner that defies logic, Microsoft designed Windows setup to parse Autounattend.xml
for windowsPE tasks in the PE environment, but only carry out the copying of that file
to %WINDIR%\Panther for subsequent processing with the other passes *IF* there exist an
actual windowsPE section.
* In short, when using the Autounattend.xml method, Microsoft have made all passes there
dependent on the existence of a windowsPE pass, regardless of whether that pass has any
use or not.
* Working around this would be fine and all (just add an empty windowsPE pass so that the
later passes get executed) if the absence of a windowsPE pass didn't also determine
whether the user will be presented with the default Windows setup screens that include
the "Repair your computer" option or a completely different set of screens (c.f. #1971).
* This means that, to keep users happy, we need to add yet another method to carry out
tasks that should have remained the realm of boot.wim's Autounattend.xml, and instead
create a \sources\$OEM$\$$\Panther\unattend.xml when there are no windowsPE tasks (on
account that setup copies anything found under \sources\$OEM$\$$\ to %WINDIR%\).
Only through this can we have the specialize and oobeSystem tasks actually carried out
(for bypassing MSA requirements of skipping the data collection screens) while keeping
the original Windows Setup look and feel.
* Closes#1981
* The use of an unattend.xml to create the TPM/Secure Boot/Disk/RAM bypass keys was
prompted by Microsoft restricting the ability of Windows Store app from manipulating
offline registry hives.
* However, the use of a windowsPE phase in unattend.xml to insert the keys results in
a windows command prompt briefly appearing when setup launches, as well as slightly
different Windows setup screens from the default.
* So we are now reverting to trying to edit the boot.wim registry hive offline (which
should work for the non Store version of Rufus) while falling back to using a PE
unattend section if that doesn't work.
* Closes#1971
* This is enabled by default for Windows 11 images and is done to prevent the
annoying behaviour of Windows 11 *automatically* upgrading all ReFS drives
it sees to latest version, thereby instantly preventing you from accessing
these drives ever again with Windows 10.
* See: https://gist.github.com/0xbadfca11/da0598e47dd643d933dc#Mountability.
* I've never seen that watermark in the first place, therefore can't test if the option is
working, and, as opposed to the other options, users can deal with it post install anyway.
* Also ensure that we prompt for customization when selecting an install.wim.
* This moves the extended Windows 11 options (bypass TPM & Secure Boot) away from
"Image options" into a new explicit dialog, along with supplementary customization
such as enabling offline account (for Windows 11 22H2) and skipping all data
collection questions.
* This customization is now enacted through an unattend.xml file rather than offline
registry manipulation, so that this *should* also work with the Windows Store version.
* Also update arch detection and rework/reorganize upcoming translation changes.
* Note: The 'Remove "unsupported hardware" desktop watermark' option is *UNTESTED*.
* This enables the provision of Registry/Settings key IgnoreUsb01 to IgnoreUsb08 where
one can specify a USB device to ignore by providing its VID:PID as a 32-bit hex value.
* Closes#1879.
* Also update rufus.ini sample for current Rufus version.
* Also fix status display for Alt-Q.