VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2019-01-14 00:01:00 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2019-01-14 09:49:13 (GMT)
commit07f6793bd25c7f2eab49292d36b2b64f86dfbf2a (patch)
tree804c8b045e9295b96d29916227751f06b0e102e7
parentd3e7ed96f3685d83dcc39a18574be1dd2cc8f2f6 (diff)
downloadVeraCrypt-07f6793bd25c7f2eab49292d36b2b64f86dfbf2a.zip
VeraCrypt-07f6793bd25c7f2eab49292d36b2b64f86dfbf2a.tar.gz
Windows: enhance support of new behavior of favorite service which is now always running in case of system encryption
-rw-r--r--src/Common/BootEncryption.cpp11
-rw-r--r--src/Mount/Favorites.cpp2
-rw-r--r--src/Mount/Mount.c17
-rw-r--r--src/Setup/Setup.c43
4 files changed, 46 insertions, 27 deletions
diff --git a/src/Common/BootEncryption.cpp b/src/Common/BootEncryption.cpp
index 364f086..9f06561 100644
--- a/src/Common/BootEncryption.cpp
+++ b/src/Common/BootEncryption.cpp
@@ -4599,8 +4599,6 @@ namespace VeraCrypt
{
WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE);
WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE);
-
- SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, true);
}
catch (...)
{
@@ -4615,14 +4613,15 @@ namespace VeraCrypt
}
else
{
- SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, false);
-
DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal", TC_SYSTEM_FAVORITES_SERVICE_NAME);
DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network", TC_SYSTEM_FAVORITES_SERVICE_NAME);
SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS);
throw_sys_if (!service);
+ SERVICE_STATUS serviceStatus = {0};
+ ControlService (service, SERVICE_CONTROL_STOP, &serviceStatus);
+
throw_sys_if (!DeleteService (service));
CloseServiceHandle (service);
@@ -4940,7 +4939,7 @@ namespace VeraCrypt
try
{
- RegisterSystemFavoritesService (false);
+ RegisterSystemFavoritesService (FALSE);
}
catch (...) { }
@@ -5168,6 +5167,8 @@ namespace VeraCrypt
InstallVolumeHeader ();
RegisterBootDriver (hiddenSystem);
+
+ RegisterSystemFavoritesService (TRUE);
}
catch (Exception &)
{
diff --git a/src/Mount/Favorites.cpp b/src/Mount/Favorites.cpp
index dab58bc..284c0b5 100644
--- a/src/Mount/Favorites.cpp
+++ b/src/Mount/Favorites.cpp
@@ -256,7 +256,7 @@ namespace VeraCrypt
{
uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0;
if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES))
- BootEncObj.RegisterSystemFavoritesService (reqConfig ? TRUE : FALSE);
+ BootEncObj.SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, reqConfig ? true : false);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY));
}
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 473372e..13c353f 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -9352,7 +9352,7 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
case SERVICE_CONTROL_PRESHUTDOWN:
SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING);
- if (BootEncObj)
+ if (BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT)
{
try
{
@@ -9383,11 +9383,10 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
DEV_BROADCAST_HDR* pHdr = (DEV_BROADCAST_HDR *) lpEventData;
if (pHdr->dbch_devicetype != DBT_DEVTYP_VOLUME && pHdr->dbch_devicetype != DBT_DEVTYP_HANDLE)
{
- SystemFavoritesServiceLogInfo (L"SERVICE_CONTROL_DEVICEEVENT - DBT_DEVICEARRIVAL received");
-
if (ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION)
{
BOOL bClearKeys = TRUE;
+ SystemFavoritesServiceLogInfo (L"SERVICE_CONTROL_DEVICEEVENT - DBT_DEVICEARRIVAL received");
if (pHdr->dbch_devicetype == DBT_DEVTYP_DEVICEINTERFACE)
{
DEV_BROADCAST_DEVICEINTERFACE* pInf = (DEV_BROADCAST_DEVICEINTERFACE*) pHdr;
@@ -9402,13 +9401,9 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
}
if (bClearKeys)
- {
+ {
DWORD cbBytesReturned = 0;
- BOOL bResult = DeviceIoControl (hDriver, VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS, NULL, 0, NULL, 0, &cbBytesReturned, NULL);
- if (bResult)
- SystemFavoritesServiceLogInfo (L"New device insertion detected - encryption keys cleared");
- else
- SystemFavoritesServiceLogInfo (L"New device insertion detected - failed to clear encryption keys");
+ DeviceIoControl (hDriver, VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS, NULL, 0, NULL, 0, &cbBytesReturned, NULL);
}
}
}
@@ -9445,8 +9440,8 @@ static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv)
memset (&SystemFavoritesServiceStatus, 0, sizeof (SystemFavoritesServiceStatus));
SystemFavoritesServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
SystemFavoritesServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP;
- if (IsOSAtLeast (WIN_VISTA) && BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT)
- SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN;
+ if (IsOSAtLeast (WIN_VISTA))
+ SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN;
ZeroMemory (&hdr, sizeof(hdr));
hdr.dbcc_size = sizeof (hdr);
diff --git a/src/Setup/Setup.c b/src/Setup/Setup.c
index 57c0cca..5e339f2 100644
--- a/src/Setup/Setup.c
+++ b/src/Setup/Setup.c
@@ -92,6 +92,34 @@ void localcleanup (void)
CloseAppSetupMutex ();
}
+BOOL ForceCopyFile (LPCWSTR szSrcFile, LPCWSTR szDestFile)
+{
+ BOOL bRet = CopyFileW (szSrcFile, szDestFile, FALSE);
+ if (!bRet)
+ {
+ wstring renamedPath = szDestFile;
+ renamedPath += VC_FILENAME_RENAMED_SUFFIX;
+
+ /* rename the locked file in order to be able to create a new one */
+ if (MoveFileExW (szDestFile, renamedPath.c_str(), MOVEFILE_REPLACE_EXISTING))
+ {
+ bRet = CopyFileW (szSrcFile, szDestFile, FALSE);
+ if (bRet)
+ {
+ /* delete the renamed file when the machine reboots */
+ MoveFileEx (renamedPath.c_str(), NULL, MOVEFILE_DELAY_UNTIL_REBOOT);
+ }
+ else
+ {
+ /* restore the original file name */
+ MoveFileEx (renamedPath.c_str(), szDestFile, MOVEFILE_REPLACE_EXISTING);
+ }
+ }
+ }
+
+ return bRet;
+}
+
BOOL ForceDeleteFile (LPCWSTR szFileName)
{
if (!DeleteFile (szFileName))
@@ -814,14 +842,6 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false);
wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true);
- if ( FileExists (servicePath.c_str())
- || (Is64BitOs () && FileExists (serviceLegacyPath.c_str()))
- )
- {
- CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str());
- bResult = CopyFile (szTmp, servicePath.c_str(), FALSE);
- }
-
if (bResult && Is64BitOs ()
&& FileExists (favoritesLegacyFile.c_str())
&& !FileExists (favoritesFile.c_str()))
@@ -830,7 +850,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
bResult = CopyFile (favoritesLegacyFile.c_str(), favoritesFile.c_str(), FALSE);
}
- if (bResult && Is64BitOs () && FileExists (favoritesFile.c_str()) && FileExists (servicePath.c_str()))
+ if (bResult)
{
// Update the path of the service
BootEncryption BootEncObj (hwndDlg);
@@ -839,7 +859,10 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
{
if (BootEncObj.GetDriverServiceStartType() == SERVICE_BOOT_START)
{
- BootEncObj.UpdateSystemFavoritesService ();
+ CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str());
+ bResult = ForceCopyFile (szTmp, servicePath.c_str());
+ if (bResult)
+ BootEncObj.UpdateSystemFavoritesService ();
}
}
catch (...) {}