diff options
Diffstat (limited to 'src/Common/Dlgcode.c')
| -rw-r--r-- | src/Common/Dlgcode.c | 524 |
1 files changed, 357 insertions, 167 deletions
diff --git a/src/Common/Dlgcode.c b/src/Common/Dlgcode.c index b91167d4..ee3630c0 100644 --- a/src/Common/Dlgcode.c +++ b/src/Common/Dlgcode.c @@ -14,6 +14,7 @@ #include "Tcdefs.h" #include <windowsx.h> +#include <versionhelpers.h> #include <dbghelp.h> #include <dbt.h> #include <Setupapi.h> @@ -590,18 +591,27 @@ BOOL SaveBufferToFile (const char *inputBuffer, const wchar_t *destinationFile, DWORD bytesWritten; BOOL res = TRUE; DWORD dwLastError = 0; +#if defined(SETUP) && !defined (PORTABLE) + BOOL securityModified = FALSE; + SECURITY_INFO_BACKUP secBackup = { 0 }; + const wchar_t* existingFile = destinationFile; +#endif dst = CreateFile (destinationFile, GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, bAppend ? OPEN_EXISTING : CREATE_ALWAYS, 0, NULL); dwLastError = GetLastError(); - if (!bAppend && bRenameIfFailed && (dst == INVALID_HANDLE_VALUE) && (GetLastError () == ERROR_SHARING_VIOLATION)) + if (!bAppend && bRenameIfFailed && (dst == INVALID_HANDLE_VALUE) && (GetLastError () == ERROR_SHARING_VIOLATION || GetLastError() == ERROR_ACCESS_DENIED)) { wchar_t renamedPath[TC_MAX_PATH + 1]; StringCbCopyW (renamedPath, sizeof(renamedPath), destinationFile); StringCbCatW (renamedPath, sizeof(renamedPath), VC_FILENAME_RENAMED_SUFFIX); +#if defined(SETUP) && !defined (PORTABLE) + // Take ownership of the file + securityModified = ModifyFileSecurityPermissions(destinationFile, &secBackup); +#endif /* rename the locked file in order to be able to create a new one */ if (MoveFileEx (destinationFile, renamedPath, MOVEFILE_REPLACE_EXISTING)) { @@ -616,10 +626,20 @@ BOOL SaveBufferToFile (const char *inputBuffer, const wchar_t *destinationFile, } else { +#if defined(SETUP) && !defined (PORTABLE) + existingFile = renamedPath; +#endif /* delete the renamed file when the machine reboots */ MoveFileEx (renamedPath, NULL, MOVEFILE_DELAY_UNTIL_REBOOT); } } +#if defined(SETUP) && !defined (PORTABLE) + if (securityModified) + { + RestoreSecurityInfo(existingFile, &secBackup); + FreeSecurityBackup(&secBackup); + } +#endif } if (dst == INVALID_HANDLE_VALUE) @@ -859,11 +879,6 @@ BOOL VerifyModuleSignature (const wchar_t* path) WINTRUST_DATA WVTData = {0}; wchar_t filePath [TC_MAX_PATH + 1024]; - // we check our own authenticode signature only starting from Windows 10 since this is - // the minimal supported OS apart from XP where we can't verify SHA256 signatures - if (!IsOSAtLeast (WIN_10)) - return TRUE; - // Strip quotation marks (if any) if (path [0] == L'"') { @@ -1088,9 +1103,6 @@ static BOOL GetWindowsVersion(LPOSVERSIONINFOW lpVersionInformation) bRet = TRUE; } - if (!bRet) - bRet = GetVersionExW (lpVersionInformation); - #ifdef SETUP_DLL // we get real version from Kernel32.dll version since MSI always sets current version to 6.0 // https://stackoverflow.com/questions/49335885/windows-10-not-detecting-on-installshield/49343826#49343826 @@ -2133,12 +2145,8 @@ BOOL CALLBACK AboutDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lParam // Version SendMessage (GetDlgItem (hwndDlg, IDT_ABOUT_VERSION), WM_SETFONT, (WPARAM) hUserBoldFont, 0); - StringCbPrintfW (szTmp, sizeof(szTmp), L"VeraCrypt %s", _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX)); -#ifdef _WIN64 - StringCbCatW (szTmp, sizeof(szTmp), L" (64-bit)"); -#else - StringCbCatW (szTmp, sizeof(szTmp), L" (32-bit)"); -#endif + StringCbPrintfW (szTmp, sizeof(szTmp), L"VeraCrypt %s", _T(VERSION_STRING) _T(VERSION_STRING_SUFFIX) L" (64-bit)"); + #if (defined(_DEBUG) || defined(DEBUG)) StringCbCatW (szTmp, sizeof(szTmp), L" (debug)"); #endif @@ -3171,7 +3179,7 @@ BOOL LaunchElevatedProcess (HWND hwndDlg, const wchar_t* szModPath, const wchar_ StringCbCopyW (newCmdLine, sizeof(newCmdLine), L"/q UAC "); StringCbCatW (newCmdLine, sizeof (newCmdLine), args); - if ((int)ShellExecuteW (hWnd, L"runas", szModPath, newCmdLine, NULL, SW_SHOWNORMAL) <= 32) + if ((INT_PTR)ShellExecuteW (hWnd, L"runas", szModPath, newCmdLine, NULL, SW_SHOWNORMAL) <= 32) { if (hwndDlg) handleWin32Error (hwndDlg, SRC_POS); @@ -3603,10 +3611,16 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) InitOSVersionInfo(); - if (!IsOSAtLeast (WIN_7)) + if (!IsOSAtLeast (WIN_10)) + { + // abort using a message that says that VeraCrypt can run only on Windows 10 and later + AbortProcessDirect(L"VeraCrypt requires at least Windows 10 to run."); + } + + if (!Is64BitOs()) { - // abort using a message that says that VeraCrypt can run only on Windows 7 and later and that it is officially supported only on Windows 10 and later - AbortProcessDirect(L"VeraCrypt requires at least Windows 7 to run."); + // abort using a message that says that VeraCrypt can run only on 64-bit Windows + AbortProcessDirect(L"VeraCrypt requires a 64-bit version of Windows to run."); } SetDefaultDllDirectoriesFn = (SetDefaultDllDirectoriesPtr) GetProcAddress (GetModuleHandle(L"kernel32.dll"), "SetDefaultDllDirectories"); @@ -3794,14 +3808,14 @@ void InitApp (HINSTANCE hInstance, wchar_t *lpszCommandLine) InitHelpFileName (); #ifndef SETUP -#ifdef _WIN64 + EnableRamEncryption ((ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_ENABLE_RAM_ENCRYPTION) ? TRUE : FALSE); if (IsRamEncryptionEnabled()) { if (!InitializeSecurityParameters(GetAppRandomSeed)) AbortProcess("OUTOFMEMORY"); } -#endif + if (!EncryptionThreadPoolStart (ReadEncryptionThreadPoolFreeCpuCountLimit())) { handleWin32Error (NULL, SRC_POS); @@ -3916,7 +3930,7 @@ void NotifyDriverOfPortableMode (void) BOOL GetDriveLabel (int driveNo, wchar_t *label, int labelSize) { DWORD fileSystemFlags; - wchar_t root[] = { L'A' + (wchar_t) driveNo, L':', L'\\', 0 }; + wchar_t root[] = { (wchar_t) (L'A' + driveNo), L':', L'\\', 0 }; return GetVolumeInformationW (root, label, labelSize / 2, NULL, NULL, &fileSystemFlags, NULL, 0); } @@ -3946,11 +3960,12 @@ BOOL GetSysDevicePaths (HWND hwndDlg) } // Find extra boot partition - foreach (const HostDevice &drive, GetAvailableHostDevices (false, false)) + std::vector <HostDevice> devices = GetAvailableHostDevices(false, false); + for (const HostDevice& drive : devices) { if (drive.ContainsSystem) { - foreach (const HostDevice &sysDrivePartition, drive.Partitions) + for (const HostDevice &sysDrivePartition : drive.Partitions) { if (sysDrivePartition.Bootable) { @@ -4870,7 +4885,7 @@ static int DriverLoad () else *tmp = 0; - StringCbCatW (driverPath, sizeof(driverPath), !Is64BitOs () ? L"\\veracrypt.sys" : IsARM()? L"\\veracrypt-arm64.sys" : L"\\veracrypt-x64.sys"); + StringCbCatW (driverPath, sizeof(driverPath), IsARM()? L"\\veracrypt-arm64.sys" : L"\\veracrypt-x64.sys"); file = FindFirstFile (driverPath, &find); @@ -5394,7 +5409,7 @@ BOOL SelectMultipleFiles(HWND hwndDlg, const char *stringId, BOOL keepHistory, s return status; } -BOOL BrowseDirectories(HWND hwndDlg, char *lpszTitle, wchar_t *dirName, const wchar_t *initialDir) +BOOL BrowseDirectories(HWND hwndDlg, char *lpszDlgTitle, wchar_t *dirName, const wchar_t *initialDir) { IFileDialog *pfd = NULL; HRESULT hr; @@ -5419,9 +5434,9 @@ BOOL BrowseDirectories(HWND hwndDlg, char *lpszTitle, wchar_t *dirName, const wc } // Set the title. - if (lpszTitle) + if (lpszDlgTitle) { - pfd->SetTitle(GetString(lpszTitle)); + pfd->SetTitle(GetString(lpszDlgTitle)); } IShellItem *psi; @@ -5759,7 +5774,7 @@ BOOL CloseVolumeExplorerWindows (HWND hwnd, int driveNo) BOOL UpdateDriveCustomLabel (int driveNo, wchar_t* effectiveLabel, BOOL bSetValue) { wchar_t wszRegPath[MAX_PATH]; - wchar_t driveStr[] = {L'A' + (wchar_t) driveNo, 0}; + wchar_t driveStr[] = { (wchar_t) (L'A' + driveNo), 0}; HKEY hKey; LSTATUS lStatus; DWORD cbLabelLen = (DWORD) ((wcslen (effectiveLabel) + 1) * sizeof (wchar_t)); @@ -6266,7 +6281,7 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) */ { int thid, i; - char dk[MASTER_KEYDATA_SIZE]; + unsigned char dk[MASTER_KEYDATA_SIZE]; char *tmp_salt = {"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x01\x23\x45\x67\x89\xAB\xCD\xEF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"}; for (thid = FIRST_PRF_ID; thid <= LAST_PRF_ID; thid++) @@ -6284,27 +6299,27 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) case SHA512: /* PKCS-5 test with HMAC-SHA-512 used as the PRF */ - derive_key_sha512 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_sha512 ((unsigned char*) "passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case SHA256: /* PKCS-5 test with HMAC-SHA-256 used as the PRF */ - derive_key_sha256 ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_sha256 ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; #ifndef WOLFCRYPT_BACKEND case BLAKE2S: /* PKCS-5 test with HMAC-BLAKE2s used as the PRF */ - derive_key_blake2s ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_blake2s ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case WHIRLPOOL: /* PKCS-5 test with HMAC-Whirlpool used as the PRF */ - derive_key_whirlpool ("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_whirlpool ((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; case STREEBOG: /* PKCS-5 test with HMAC-STREEBOG used as the PRF */ - derive_key_streebog("passphrase-1234567890", 21, tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); + derive_key_streebog((unsigned char*)"passphrase-1234567890", 21, (unsigned char*) tmp_salt, 64, get_pkcs5_iteration_count(thid, benchmarkPim, benchmarkPreBoot), dk, MASTER_KEYDATA_SIZE); break; } #endif @@ -6328,19 +6343,11 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) { if (thid == SHA256) { -#ifdef _WIN64 benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 26); -#else - benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 24); -#endif } else { -#ifdef _WIN64 benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 21) / 5; -#else - benchmarkTable[benchmarkTotalItems].meanBytesPerSec = (benchmarkTable[benchmarkTotalItems].meanBytesPerSec * 18) / 5; -#endif } } } @@ -6363,10 +6370,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) if (EAInitMode (ci, ci->k2)) { int i; -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (ci, VcGetEncryptionID (ci)); -#endif for (i = 0; i < 10; i++) { @@ -6388,10 +6393,8 @@ static BOOL PerformBenchmark(HWND hBenchDlg, HWND hwndDlg) if (!EAInitMode (ci, ci->k2)) goto counter_error; -#ifdef _WIN64 if (IsRamEncryptionEnabled ()) VcProtectKeys (ci, VcGetEncryptionID (ci)); -#endif if (QueryPerformanceCounter (&performanceCountStart) == 0) goto counter_error; @@ -7639,7 +7642,7 @@ CipherTestDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam) else { - CipherInit2(idTestCipher, key, ks_tmp, ks); + CipherInit2(idTestCipher, key, ks_tmp); if (bEncrypt) { @@ -8261,7 +8264,7 @@ void BroadcastDeviceChange (WPARAM message, int nDosDriveNo, DWORD driveMap) { if (driveMap & (1 << i)) { - wchar_t root[] = { (wchar_t) i + L'A', L':', L'\\', 0 }; + wchar_t root[] = { (wchar_t) (i + L'A'), L':', L'\\', 0 }; SHChangeNotify (eventId, SHCNF_PATH, root, NULL); @@ -8818,12 +8821,12 @@ retry: wstring drivePath = L"\\\\.\\X:"; HANDLE dev = INVALID_HANDLE_VALUE; VOLUME_DISK_EXTENTS extents = {0}; - DWORD dwResult = 0; + DWORD cbReturnedBytes = 0; drivePath[4] = root[0]; if ((dev = CreateFile (drivePath.c_str(),0, 0, NULL, OPEN_EXISTING, 0, NULL)) != INVALID_HANDLE_VALUE) { - if (DeviceIoControl (dev, IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS, NULL, 0, &extents, sizeof(extents), &dwResult, NULL)) + if (DeviceIoControl (dev, IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS, NULL, 0, &extents, sizeof(extents), &cbReturnedBytes, NULL)) { if (extents.NumberOfDiskExtents > 0) { @@ -8960,18 +8963,18 @@ retry: if (bDevice && mount.bProtectHiddenVolume) { - int driveNo; + int diskNo; - if (swscanf (volumePath, L"\\Device\\Harddisk%d\\Partition", &driveNo) == 1) + if (swscanf (volumePath, L"\\Device\\Harddisk%d\\Partition", &diskNo) == 1) { OPEN_TEST_STRUCT openTestStruct; memset (&openTestStruct, 0, sizeof (openTestStruct)); openTestStruct.bDetectTCBootLoader = TRUE; - StringCchPrintfW ((wchar_t *) openTestStruct.wszFileName, array_capacity (openTestStruct.wszFileName), L"\\Device\\Harddisk%d\\Partition0", driveNo); + StringCchPrintfW ((wchar_t *) openTestStruct.wszFileName, array_capacity (openTestStruct.wszFileName), L"\\Device\\Harddisk%d\\Partition0", diskNo); - DWORD dwResult; - if (DeviceIoControl (hDriver, TC_IOCTL_OPEN_TEST, &openTestStruct, sizeof (OPEN_TEST_STRUCT), &openTestStruct, sizeof (OPEN_TEST_STRUCT), &dwResult, NULL) && openTestStruct.TCBootLoaderDetected) + DWORD cbBytesReturned; + if (DeviceIoControl (hDriver, TC_IOCTL_OPEN_TEST, &openTestStruct, sizeof (OPEN_TEST_STRUCT), &openTestStruct, sizeof (OPEN_TEST_STRUCT), &cbBytesReturned, NULL) && openTestStruct.TCBootLoaderDetected) WarningDirect ((GetWrongPasswordErrorMessage (hwndDlg) + L"\n\n" + GetString ("HIDDEN_VOL_PROT_PASSWORD_US_KEYB_LAYOUT")).c_str(), hwndDlg); else handleError (hwndDlg, mount.nReturnCode, SRC_POS); @@ -9010,7 +9013,7 @@ retry: if (mount.FilesystemDirty) { wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + wchar_t mountPoint[] = { (wchar_t) (L'A' + driveNo), L':', 0 }; StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_VOLUME_DIRTY"), mountPoint); if (AskWarnYesNoStringTopmost (msg, hwndDlg) == IDYES) @@ -9024,7 +9027,7 @@ retry: && !IsFileOnReadOnlyFilesystem (volumePath)) { wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + wchar_t mountPoint[] = { (wchar_t) (L'A' + driveNo), L':', 0 }; StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_CONTAINER_FORCED_READ_ONLY"), mountPoint); WarningDirect (msg, hwndDlg); @@ -9035,7 +9038,7 @@ retry: && bDevice) { wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + wchar_t mountPoint[] = { (wchar_t)(L'A' + driveNo), L':', 0 }; StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_DEVICE_FORCED_READ_ONLY"), mountPoint); WarningDirect (msg, hwndDlg); @@ -9046,7 +9049,7 @@ retry: && wcsstr (volumePath, L"\\Device\\Harddisk") == volumePath) { wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + wchar_t mountPoint[] = { (wchar_t) (L'A' + driveNo), L':', 0 }; StringCbPrintfW (msg, sizeof(msg), GetString ("MOUNTED_DEVICE_FORCED_READ_ONLY_WRITE_PROTECTION"), mountPoint); WarningDirect (msg, hwndDlg); @@ -9064,7 +9067,7 @@ retry: && bDevice) { wchar_t msg[1024]; - wchar_t mountPoint[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + wchar_t mountPoint[] = { (wchar_t) (L'A' + driveNo), L':', 0 }; StringCbPrintfW (msg, sizeof(msg), GetString ("PARTIAL_SYSENC_MOUNT_READONLY"), mountPoint); WarningDirect (msg, hwndDlg); @@ -9157,7 +9160,7 @@ retry: } // Undo SHCNE_DRIVEREMOVED - wchar_t root[] = { (wchar_t) nDosDriveNo + L'A', L':', L'\\', 0 }; + wchar_t root[] = { (wchar_t) (nDosDriveNo + L'A'), L':', L'\\', 0 }; SHChangeNotify (SHCNE_DRIVEADD, SHCNF_PATH, root, NULL); return FALSE; @@ -9511,7 +9514,7 @@ int GetDiskDeviceDriveLetter (PWSTR deviceName) for (i = 0; i < 26; i++) { - WCHAR drive[] = { (WCHAR) i + L'A', L':', 0 }; + WCHAR drive[] = { (WCHAR) (i + L'A'), L':', 0 }; StringCchCopyW (link, MAX_PATH, L"\\DosDevices\\"); StringCchCatW (link, MAX_PATH, drive); @@ -10204,7 +10207,7 @@ std::wstring GetServiceConfigPath (const wchar_t *fileName, bool useLegacy) { wchar_t sysPath[TC_MAX_PATH]; - if (Is64BitOs() && useLegacy) + if (useLegacy) { typedef UINT (WINAPI *GetSystemWow64Directory_t) (LPWSTR lpBuffer, UINT uSize); @@ -10709,12 +10712,12 @@ void OpenPageHelp (HWND hwndDlg, int nPage) } else { - int r = (int)ShellExecuteW (NULL, L"open", szHelpFile, NULL, NULL, SW_SHOWNORMAL); + INT_PTR r = (INT_PTR)ShellExecuteW (NULL, L"open", szHelpFile, NULL, NULL, SW_SHOWNORMAL); if (r == ERROR_FILE_NOT_FOUND) { // Try the secondary help file - r = (int)ShellExecuteW (NULL, L"open", szHelpFile2, NULL, NULL, SW_SHOWNORMAL); + r = (INT_PTR)ShellExecuteW (NULL, L"open", szHelpFile2, NULL, NULL, SW_SHOWNORMAL); if (r == ERROR_FILE_NOT_FOUND) { @@ -10941,14 +10944,11 @@ BOOL IsARM() BOOL IsServerOS () { - OSVERSIONINFOEXW osVer; - osVer.dwOSVersionInfoSize = sizeof (OSVERSIONINFOEXW); - GetVersionExW ((LPOSVERSIONINFOW) &osVer); - - return (osVer.wProductType == VER_NT_SERVER || osVer.wProductType == VER_NT_DOMAIN_CONTROLLER); + return IsWindowsServer()? TRUE : FALSE; } + // Returns TRUE, if the currently running operating system is installed in a hidden volume. If it's not, or if // there's an error, returns FALSE. BOOL IsHiddenOSRunning (void) @@ -11023,100 +11023,105 @@ std::wstring GetWindowsEdition () { wstring osname = L"win"; - OSVERSIONINFOEXW osVer; + OSVERSIONINFOEXW osVer = { 0 }; osVer.dwOSVersionInfoSize = sizeof (OSVERSIONINFOEXW); - GetVersionExW ((LPOSVERSIONINFOW) &osVer); + if (GetWindowsVersion((LPOSVERSIONINFOW)&osVer)) + { - BOOL home = (osVer.wSuiteMask & VER_SUITE_PERSONAL); - BOOL server = (osVer.wProductType == VER_NT_SERVER || osVer.wProductType == VER_NT_DOMAIN_CONTROLLER); + BOOL home = (osVer.wSuiteMask & VER_SUITE_PERSONAL); + BOOL server = (osVer.wProductType == VER_NT_SERVER || osVer.wProductType == VER_NT_DOMAIN_CONTROLLER); - HKEY hkey; - wchar_t productName[300] = {0}; - DWORD productNameSize = sizeof (productName); - if (RegOpenKeyEx (HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", 0, KEY_QUERY_VALUE, &hkey) == ERROR_SUCCESS) - { - if (RegQueryValueEx (hkey, L"ProductName", 0, 0, (LPBYTE) &productName, &productNameSize) != ERROR_SUCCESS || productNameSize < 1) - productName[0] = 0; + HKEY hkey; + wchar_t productName[300] = { 0 }; + DWORD productNameSize = sizeof(productName); + if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", 0, KEY_QUERY_VALUE, &hkey) == ERROR_SUCCESS) + { + if (RegQueryValueEx(hkey, L"ProductName", 0, 0, (LPBYTE)&productName, &productNameSize) != ERROR_SUCCESS || productNameSize < 1) + productName[0] = 0; - RegCloseKey (hkey); - } + RegCloseKey(hkey); + } - switch (nCurrentOS) - { - case WIN_2000: - osname += L"2000"; - break; + switch (nCurrentOS) + { + case WIN_2000: + osname += L"2000"; + break; - case WIN_XP: - case WIN_XP64: - osname += L"xp"; - osname += home ? L"-home" : L"-pro"; - break; + case WIN_XP: + case WIN_XP64: + osname += L"xp"; + osname += home ? L"-home" : L"-pro"; + break; - case WIN_SERVER_2003: - osname += L"2003"; - break; + case WIN_SERVER_2003: + osname += L"2003"; + break; - case WIN_VISTA: - osname += L"vista"; - break; + case WIN_VISTA: + osname += L"vista"; + break; - case WIN_SERVER_2008: - osname += L"2008"; - break; + case WIN_SERVER_2008: + osname += L"2008"; + break; - case WIN_7: - osname += L"7"; - break; + case WIN_7: + osname += L"7"; + break; - case WIN_SERVER_2008_R2: - osname += L"2008r2"; - break; + case WIN_SERVER_2008_R2: + osname += L"2008r2"; + break; - default: - wstringstream s; - s << CurrentOSMajor << L"." << CurrentOSMinor; - osname += s.str(); - break; - } + default: + wstringstream s; + s << CurrentOSMajor << L"." << CurrentOSMinor; + osname += s.str(); + break; + } - if (server) - osname += L"-server"; + if (server) + osname += L"-server"; - if (IsOSAtLeast (WIN_VISTA)) - { - if (home) - osname += L"-home"; - else if (wcsstr (productName, L"Standard") != 0) - osname += L"-standard"; - else if (wcsstr (productName, L"Professional") != 0) - osname += L"-pro"; - else if (wcsstr (productName, L"Business") != 0) - osname += L"-business"; - else if (wcsstr (productName, L"Enterprise") != 0) - osname += L"-enterprise"; - else if (wcsstr (productName, L"Datacenter") != 0) - osname += L"-datacenter"; - else if (wcsstr (productName, L"Ultimate") != 0) - osname += L"-ultimate"; - } + if (IsOSAtLeast(WIN_VISTA)) + { + if (home) + osname += L"-home"; + else if (wcsstr(productName, L"Standard") != 0) + osname += L"-standard"; + else if (wcsstr(productName, L"Professional") != 0) + osname += L"-pro"; + else if (wcsstr(productName, L"Business") != 0) + osname += L"-business"; + else if (wcsstr(productName, L"Enterprise") != 0) + osname += L"-enterprise"; + else if (wcsstr(productName, L"Datacenter") != 0) + osname += L"-datacenter"; + else if (wcsstr(productName, L"Ultimate") != 0) + osname += L"-ultimate"; + } - if (GetSystemMetrics (SM_STARTER)) - osname += L"-starter"; - else if (wcsstr (productName, L"Basic") != 0) - osname += L"-basic"; + if (GetSystemMetrics(SM_STARTER)) + osname += L"-starter"; + else if (wcsstr(productName, L"Basic") != 0) + osname += L"-basic"; - if (Is64BitOs()) - osname += IsARM()? L"-arm64" : L"-x64"; + osname += IsARM() ? L"-arm64" : L"-x64"; - if (CurrentOSServicePack > 0) + if (CurrentOSServicePack > 0) + { + wstringstream s; + s << L"-sp" << CurrentOSServicePack; + osname += s.str(); + } + + return osname; + } + else { - wstringstream s; - s << L"-sp" << CurrentOSServicePack; - osname += s.str(); + return L""; } - - return osname; } #ifdef SETUP @@ -11129,7 +11134,7 @@ void Applink (const char *dest) wchar_t page[TC_MAX_PATH] = {0}; wchar_t installDir[TC_MAX_PATH] = {0}; BOOL buildUrl = TRUE; - int r; + INT_PTR r; ArrowWaitCursor (); @@ -11333,7 +11338,7 @@ void Applink (const char *dest) } else { - r = (int) ShellExecuteW (NULL, L"open", url, NULL, NULL, SW_SHOWNORMAL); + r = (INT_PTR) ShellExecuteW (NULL, L"open", url, NULL, NULL, SW_SHOWNORMAL); if (((r == ERROR_FILE_NOT_FOUND) || (r == ERROR_PATH_NOT_FOUND)) && buildUrl) { @@ -11480,7 +11485,7 @@ int OpenVolume (OpenVolumeContext *context, const wchar_t *volumePath, Password int volumeType; wchar_t szDiskFile[TC_MAX_PATH], szCFDevice[TC_MAX_PATH]; wchar_t szDosDevice[TC_MAX_PATH]; - char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; + unsigned char buffer[TC_VOLUME_HEADER_EFFECTIVE_SIZE]; LARGE_INTEGER headerOffset; DWORD dwResult; DISK_GEOMETRY_EX deviceGeometry; @@ -11694,7 +11699,7 @@ void CloseVolume (OpenVolumeContext *context) } -int ReEncryptVolumeHeader (HWND hwndDlg, char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode) +int ReEncryptVolumeHeader (HWND hwndDlg, unsigned char *buffer, BOOL bBoot, CRYPTO_INFO *cryptoInfo, Password *password, int pim, BOOL wipeMode) { CRYPTO_INFO *newCryptoInfo = NULL; @@ -13059,7 +13064,7 @@ BOOL IsFileOnReadOnlyFilesystem (const wchar_t *path) void CheckFilesystem (HWND hwndDlg, int driveNo, BOOL fixErrors) { wchar_t msg[1024], param[1024], cmdPath[MAX_PATH]; - wchar_t driveRoot[] = { L'A' + (wchar_t) driveNo, L':', 0 }; + wchar_t driveRoot[] = { (wchar_t) (L'A' + driveNo), L':', 0 }; if (fixErrors && AskWarnYesNo ("FILESYS_REPAIR_CONFIRM_BACKUP", hwndDlg) == IDNO) return; @@ -13305,18 +13310,18 @@ BOOL IsWindowsIsoBurnerAvailable () BOOL LaunchWindowsIsoBurner (HWND hwnd, const wchar_t *isoPath) { wchar_t path[MAX_PATH*2] = { 0 }; - int r; + INT_PTR r; if (SUCCEEDED(SHGetFolderPath (NULL, CSIDL_SYSTEM, NULL, 0, path))) StringCbCatW (path, MAX_PATH*2, L"\\" ISO_BURNER_TOOL); else StringCbCopyW (path, MAX_PATH*2, L"C:\\Windows\\System32\\" ISO_BURNER_TOOL); - r = (int) ShellExecute (hwnd, L"open", path, (wstring (L"\"") + isoPath + L"\"").c_str(), NULL, SW_SHOWNORMAL); + r = (INT_PTR) ShellExecute (hwnd, L"open", path, (wstring (L"\"") + isoPath + L"\"").c_str(), NULL, SW_SHOWNORMAL); if (r <= 32) { - SetLastError (r); + SetLastError ((DWORD) r); handleWin32Error (hwnd, SRC_POS); return FALSE; @@ -14240,17 +14245,14 @@ void GetInstallationPath (HWND hwndDlg, wchar_t* szInstallPath, DWORD cchSize, B SHGetSpecialFolderLocation (hwndDlg, CSIDL_PROGRAM_FILES, &itemList); SHGetPathFromIDList (itemList, path); - if (Is64BitOs()) + // Use a unified default installation path (registry redirection of %ProgramFiles% does not work if the installation path is user-selectable) + wstring s = path; + size_t p = s.find (L" (x86)"); + if (p != wstring::npos) { - // Use a unified default installation path (registry redirection of %ProgramFiles% does not work if the installation path is user-selectable) - wstring s = path; - size_t p = s.find (L" (x86)"); - if (p != wstring::npos) - { - s = s.substr (0, p); - if (_waccess (s.c_str(), 0) != -1) - StringCbCopyW (path, sizeof (path), s.c_str()); - } + s = s.substr (0, p); + if (_waccess (s.c_str(), 0) != -1) + StringCbCopyW (path, sizeof (path), s.c_str()); } StringCbCatW (path, sizeof(path), L"\\VeraCrypt\\"); @@ -14823,7 +14825,7 @@ void SafeOpenURL (LPCWSTR szUrl) } } -#if !defined(SETUP) && defined(_WIN64) +#if !defined(SETUP) #define RtlGenRandom SystemFunction036 extern "C" BOOLEAN NTAPI RtlGenRandom(PVOID RandomBuffer, ULONG RandomBufferLength); @@ -15264,7 +15266,7 @@ void PasswordEditDropTarget::GotLeave(void) DWORD PasswordEditDropTarget::GotEnter(void) { TCHAR szClassName[64]; - DWORD dwStyles; + DWORD_PTR dwStyles; int maxLen; HWND hChild = WindowFromPoint (m_DropPoint); // check that we are on password edit control (we use maximum length to correctly identify password fields since they don't always have ES_PASSWORD style (if the the user checked show password) @@ -15290,7 +15292,7 @@ void PasswordEditDropTarget::GotDrop(CLIPFORMAT format) if(m_Data) { TCHAR szClassName[64]; - DWORD dwStyles; + DWORD_PTR dwStyles; int maxLen; HWND hChild = WindowFromPoint (m_DropPoint); if (hChild && GetClassName (hChild, szClassName, ARRAYSIZE (szClassName)) && (0 == _tcsicmp (szClassName, _T("EDIT"))) @@ -15779,3 +15781,191 @@ DWORD FastResizeFile (const wchar_t* filePath, __int64 fileSize) return dwRet; } #endif // VC_COMREG + +#if defined(SETUP) && !defined (PORTABLE) + +// Helper function to save the current state of the required privileges +BOOL SaveCurrentPrivilegeState(PPRIVILEGE_STATE state) { + if (!state) return FALSE; + + state->takeOwnership = IsPrivilegeEnabled(SE_TAKE_OWNERSHIP_NAME); + state->backup = IsPrivilegeEnabled(SE_BACKUP_NAME); + state->restore = IsPrivilegeEnabled(SE_RESTORE_NAME); + + return TRUE; +} + +// Helper function to restore the saved state of the required privileges +BOOL RestorePrivilegeState(const PPRIVILEGE_STATE state) { + if (!state) return FALSE; + + BOOL result = TRUE; + result &= SetPrivilege(SE_TAKE_OWNERSHIP_NAME, state->takeOwnership); + result &= SetPrivilege(SE_BACKUP_NAME, state->backup); + result &= SetPrivilege(SE_RESTORE_NAME, state->restore); + + return result; +} + +// Helper function to enable required privileges for file operations +BOOL EnableRequiredSetupPrivileges(PPRIVILEGE_STATE currentState) +{ + BOOL result = TRUE; + + // save the current state of the required privileges + ZeroMemory(currentState, sizeof(PRIVILEGE_STATE)); + SaveCurrentPrivilegeState(currentState); + + // Enable required privileges using the existing SetPrivilege function + result &= SetPrivilege(SE_TAKE_OWNERSHIP_NAME, TRUE); + result &= SetPrivilege(SE_BACKUP_NAME, TRUE); + result &= SetPrivilege(SE_RESTORE_NAME, TRUE); + + return result; +} + +// Helper function to backup security information +BOOL BackupSecurityInfo(const wchar_t* filePath, PSECURITY_INFO_BACKUP pBackup) +{ + BOOL result = FALSE; + DWORD dwRes; + + ZeroMemory(pBackup, sizeof(SECURITY_INFO_BACKUP)); + + // Get the security descriptor + dwRes = GetNamedSecurityInfoW( + (LPWSTR)filePath, + SE_FILE_OBJECT, + OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | + DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION, + &pBackup->pOrigOwner, + &pBackup->pOrigGroup, + &pBackup->pOrigDacl, + &pBackup->pOrigSacl, + &pBackup->pOrigSD); + + if (dwRes == ERROR_SUCCESS) + { + // The individual pointers (pOrigOwner, etc.) are now valid + // and point to the copied data + result = TRUE; + } + + return result; +} + +// Helper function to restore security information +BOOL RestoreSecurityInfo(const wchar_t* filePath, PSECURITY_INFO_BACKUP pBackup) +{ + DWORD dwRes; + SECURITY_INFORMATION secInfo = 0; + + if (pBackup->pOrigOwner) + secInfo |= OWNER_SECURITY_INFORMATION; + if (pBackup->pOrigGroup) + secInfo |= GROUP_SECURITY_INFORMATION; + if (pBackup->pOrigDacl) + secInfo |= DACL_SECURITY_INFORMATION; + if (pBackup->pOrigSacl) + secInfo |= SACL_SECURITY_INFORMATION; + + if (secInfo == 0) + return TRUE; // Nothing to restore + + dwRes = SetNamedSecurityInfoW( + (LPWSTR)filePath, + SE_FILE_OBJECT, + secInfo, + pBackup->pOrigOwner, + pBackup->pOrigGroup, + pBackup->pOrigDacl, + pBackup->pOrigSacl); + + return (dwRes == ERROR_SUCCESS); +} + +// Helper function to free security backup +void FreeSecurityBackup(PSECURITY_INFO_BACKUP pBackup) +{ + if (pBackup->pOrigSD) + LocalFree(pBackup->pOrigSD); + ZeroMemory(pBackup, sizeof(SECURITY_INFO_BACKUP)); +} + +// Helper function to take ownership and modify file permissions +BOOL ModifyFileSecurityPermissions(const wchar_t* filePath, PSECURITY_INFO_BACKUP pBackup) +{ + BOOL result = FALSE; + PSID pAdminSID = NULL; + PACL pNewDACL = NULL; + BOOL bBackupDone = FALSE; + + // Get Administrator SID + SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY; + if (!AllocateAndInitializeSid(&SIDAuthNT, 2, + SECURITY_BUILTIN_DOMAIN_RID, + DOMAIN_ALIAS_RID_ADMINS, + 0, 0, 0, 0, 0, 0, + &pAdminSID)) + { + goto cleanup; + } + + // Backup original security info + if (!BackupSecurityInfo(filePath, pBackup)) + goto cleanup; + + bBackupDone = TRUE; + + // Take ownership + DWORD dwRes = SetNamedSecurityInfoW( + (LPWSTR)filePath, + SE_FILE_OBJECT, + OWNER_SECURITY_INFORMATION, + pAdminSID, + NULL, + NULL, + NULL); + + if (dwRes != ERROR_SUCCESS) + goto cleanup; + + // Modify DACL + EXPLICIT_ACCESS ea; + ZeroMemory(&ea, sizeof(EXPLICIT_ACCESS)); + ea.grfAccessPermissions = GENERIC_ALL; + ea.grfAccessMode = SET_ACCESS; + ea.grfInheritance = NO_INHERITANCE; + ea.Trustee.TrusteeForm = TRUSTEE_IS_SID; + ea.Trustee.TrusteeType = TRUSTEE_IS_GROUP; + ea.Trustee.ptstrName = (LPTSTR)pAdminSID; + + dwRes = SetEntriesInAcl(1, &ea, NULL, &pNewDACL); + if (dwRes != ERROR_SUCCESS) + goto cleanup; + + // Apply new DACL + dwRes = SetNamedSecurityInfoW( + (LPWSTR)filePath, + SE_FILE_OBJECT, + DACL_SECURITY_INFORMATION, + NULL, + NULL, + pNewDACL, + NULL); + + result = (dwRes == ERROR_SUCCESS); + +cleanup: + if (!result && bBackupDone) + { + FreeSecurityBackup(pBackup); + } + if (pNewDACL) + LocalFree(pNewDACL); + if (pAdminSID) + FreeSid(pAdminSID); + + return result; +} +#endif
\ No newline at end of file |