Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
For now, we force ReadOnly mounting for such partitions.
|
|
If we can set required privilege, we ask the user using UAC to enable them.
|
|
Rules of automatic flushing of stdout buffer is implementation-defined
behaviour. In glibc this is automatically flushed, but we can't rely
on it for other implementations such as musl.
|
|
|
|
value of MS certificate
We also rename the variables gpbSha256CodeSignCertFingerprint and gpbSha256MSCodeSignCertFingerprint to gpbSha512CodeSignCertFingerprint and gpbSha512MSCodeSignCertFingerprint respectively to reflect the fact that they are actually SHA512 hash values and not SHA256 ones.
|
|
When using multiple monitors, the resolution can change in OSX,
during plug-in/off off the display(s). To avoid window becoming
non-usable, there is EnsureVisible, that is called in several
places.
However, if you minimize VeraCrypt on the bigger screen, and
restore it in the main screen of a MacBook, after unplugging, the
window will become unusable (unless you know that clicking 'About'
calls EnsureVisible :-)).
Call EnsureVisible OnActivate so MainFrame is always functional
across screens, even when minimized.
|
|
Some systems (e.g. Alpine Linux) seems to require this.
|
|
If an error happens, error message will be read from popen pipe and so
libpcsclite.so will not be found. This is the same outcome as when
stdout is empty.
|
|
creating volumes
This is unlikely to happen thanks to random generator properties but we much add this check to prevent an attack described in page 3 of https://csrc.nist.gov/csrc/media/Projects/crypto-publication-review-project/documents/initial-comments/sp800-38e-initial-public-comments-2021.pdf
|
|
keys option is enable
When this option is enabled, we first build the list of currently inserted devices then we start listening to insertion events.
When a device insertion occurs, we check if this device is on our list and if yes, we ignore its insertion.
We also ignore devices whose Device ID starts with "SWD\" and "ROOT\" since these are not real devices.
|
|
* Crypto: fix warning mismatched bound
../Crypto/cpu.c:67:32: warning: argument 2 of type 'uint32[4]'
{aka 'unsigned int[4]'} with mismatched bound [-Warray-parameter=]
67 | int CpuId(uint32 input, uint32 output[4])
| ~~~~~~~^~~~~~~~~
In file included from ../Crypto/cpu.c:3:
../Crypto/cpu.h:236:33: note: previously declared as 'uint32 *'
{aka 'unsigned int *'}
236 | int CpuId(uint32 input, uint32 *output);
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
* Core/Unix: fix warning ignoring return value
Unix/CoreUnix.cpp: In member function 'virtual std::shared_ptr<VeraCrypt:\
:VolumeInfo> VeraCrypt::CoreUnix::MountVolume(VeraCrypt::MountOptions&)':
Unix/CoreUnix.cpp:682:55: warning: ignoring return value of
'int chown(const char*, __uid_t, __gid_t)' declared with attribute
'warn_unused_result' [-Wunused-result]
682 | chown (mountPoint.c_str(), GetRealUserId(), GetRealGroupId());
| ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
* Main/Forms: fix warning cast to pointer from integer of different size
Forms/MainFrame.cpp: In member function 'void VeraCrypt::MainFrame:\
:UpdateVolumeList()':
Forms/MainFrame.cpp:1718:106: warning: cast to pointer from integer of
different size [-Wint-to-pointer-cast]
1718 | Gui->InsertToListCtrl (SlotListCtrl, ++prevItemIndex,
fields, 0, (void *) volume->SlotNumber);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
Forms/MainFrame.cpp:1753:114: warning: cast to pointer from integer of
different size [-Wint-to-pointer-cast]
1753 | Gui->InsertToListCtrl (SlotListCtrl, ++prevItemIndex,
fields, 0, (void *) slotNumber);
| ^~~~~~~~~~~~~~~~~~~
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
* Crypto: fix undefined behavior signed integer overflow
In function 'twofish_set_key':
cc1: warning: iteration 4 invokes undefined behavior
[-Waggressive-loop-optimizations]
../Crypto/Twofish.c:626:23: note: within this loop
626 | for (i = 0; i != 40; i += 2)
| ~~^~~~~
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
---------
Signed-off-by: Vasiliy Kovalev <kovalev@altlinux.org>
Co-authored-by: Vasiliy Kovalev <kovalev@altlinux.org>
|
|
Currently there are a lot of translated strings that are never seen
anywhere as the installer doesn't offer all the available languages
as options in the installer wizard (sans Burmese).
|
|
|
|
|
|
|
|
|
|
checkboxes.
We also update to wxFormBuilder 3.10.1
|
|
by code
|
|
|
|
driver submission
|
|
|
|
Docs specify cascading encryption should be specified as "AES(Twofish)" but on Linux it requires "AES-Twofish".
|
|
|
|
|
|
|
|
zip_source_pass_to_lower_layer.c tp VS projects
|
|
* Update LZMA to latest
* Update Libzip
Libzip updated to latest.
|
|
privilege before calling CreateFile
This ensures that the returned handle inherits the privilege
|
|
Several enhancements implemented:
- replace CreateThread by _beginthreadex to avoid potential issues when using C runtime
- use an event to notify monitoring thread to stop instead of a volatile boolean
- perform switch to the regular desktop in the main thread and not in the secure desktop thread
|
|
to the available free space
|
|
When replacing a file container, we increase the `diskSpace`
by the file container's size. This doesn't affect the hidden volume
space logic, as in that case we use `MaxVolumeSize` when
`MaxVolumeSizeValid` is true instead of `AvailableDiskSpace`.
|
|
|
|
|
|
|
|
|
|
|
|
filesystems
We keep FAT32 list of supported cluster sizes as it is today for compatibility with existing FAT code
|
|
|
|
remove dead code from ExternalFormatFs
We also modify UacFormatNtfs/UacFormatFs to return actual error code in case of failure
|
|
|
|
format.com and specifying removal parameter in FormatEx
The usage of /Y parameter in format.com simplifies the logic and makes the code robust since we don't need to send \n to the format.com process.
Specifying RemovableMedia parameter to FormatEx fixes its failure in Windows 10 and later to perform quick format. This is also more adequate since we are mounting the volume as removable media for the formatting process.
We also add better error management in order to display adequate error message to the user in case of failure
|
|
If the currently selected item in the drive list is a mounted volume that can be dismounted, the Mount button displays "Dismount" and so we should not add the popup menu of "mount without cache" to it.
|
|
drag-n-drop of keyfiles.
To fix drag-n-drop of keyfiles, we remove the password drop target since it was blocking the standard drop of files and drop target doesn't work because of UIPI restrictions across privilege levels since Expander is started elevated
|
|
|
|
free space (fix by @Jertzukka)
|
|
installer
|
|
After the EMV support commits, the project won't build anymore
without the new dependency of libpcsclite.
|
|
|