VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Mount
diff options
context:
space:
mode:
Diffstat (limited to 'src/Mount')
-rw-r--r--src/Mount/Favorites.cpp132
-rw-r--r--src/Mount/Mount.c527
-rw-r--r--src/Mount/Mount.rc61
-rw-r--r--src/Mount/Mount.vcxproj.user5
-rw-r--r--src/Mount/Resource.h6
5 files changed, 554 insertions, 177 deletions
diff --git a/src/Mount/Favorites.cpp b/src/Mount/Favorites.cpp
index 284c0b5..e93b920 100644
--- a/src/Mount/Favorites.cpp
+++ b/src/Mount/Favorites.cpp
@@ -243,76 +243,91 @@ namespace VeraCrypt
switch (lw)
{
case IDOK:
-
- /* Global System Favorites settings */
-
- if (SystemFavoritesMode)
{
- BootEncryption BootEncObj (NULL);
+ BOOL bInitialOptionValue = NeedPeriodicDeviceListUpdate;
- if (BootEncObj.GetStatus().DriveMounted)
+ /* Global System Favorites settings */
+
+ if (SystemFavoritesMode)
{
- try
- {
- uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0;
- if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES))
- BootEncObj.SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, reqConfig ? true : false);
+ BootEncryption BootEncObj (NULL);
- SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY));
- }
- catch (Exception &e)
+ if (BootEncObj.GetStatus().DriveMounted)
{
- e.Show (hwndDlg);
+ try
+ {
+ uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0;
+ if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES))
+ BootEncObj.SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, reqConfig ? true : false);
+
+ if (!BootEncObj.IsSystemFavoritesServiceRunning())
+ {
+ // The system favorites service should be always running
+ // If it is stopped for some reason, we reconfigure it
+ BootEncObj.RegisterSystemFavoritesService (TRUE);
+ }
+
+ SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY));
+ }
+ catch (Exception &e)
+ {
+ e.Show (hwndDlg);
+ }
}
}
- }
- /* (System) Favorites list */
+ /* (System) Favorites list */
- if (SelectedItem != -1 && !Favorites.empty())
- SetFavoriteVolume (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode);
+ if (SelectedItem != -1 && !Favorites.empty())
+ SetFavoriteVolume (hwndDlg, Favorites[SelectedItem], SystemFavoritesMode);
- if (SaveFavoriteVolumes (hwndDlg, Favorites, SystemFavoritesMode))
- {
- if (!SystemFavoritesMode)
+ if (SaveFavoriteVolumes (hwndDlg, Favorites, SystemFavoritesMode))
{
- bMountFavoritesOnLogon = FALSE;
-
- foreach (const FavoriteVolume &favorite, Favorites)
+ if (!SystemFavoritesMode)
{
- if (favorite.MountOnLogOn)
+ bMountFavoritesOnLogon = FALSE;
+
+ foreach (const FavoriteVolume &favorite, Favorites)
{
- bMountFavoritesOnLogon = TRUE;
- break;
+ if (favorite.MountOnLogOn)
+ {
+ bMountFavoritesOnLogon = TRUE;
+ break;
+ }
}
- }
- if (!bEnableBkgTask || bCloseBkgTaskWhenNoVolumes || IsNonInstallMode())
- {
- foreach (const FavoriteVolume favorite, Favorites)
+ if (!bEnableBkgTask || bCloseBkgTaskWhenNoVolumes || IsNonInstallMode())
{
- if (favorite.MountOnArrival)
+ foreach (const FavoriteVolume favorite, Favorites)
{
- Warning ("FAVORITE_ARRIVAL_MOUNT_BACKGROUND_TASK_ERR", hwndDlg);
- break;
+ if (favorite.MountOnArrival)
+ {
+ Warning ("FAVORITE_ARRIVAL_MOUNT_BACKGROUND_TASK_ERR", hwndDlg);
+ break;
+ }
}
}
- }
- FavoriteVolumes = Favorites;
+ if (!bInitialOptionValue && NeedPeriodicDeviceListUpdate)
+ {
+ // a favorite was set to use VolumeID. We update the list of devices available for mounting as early as possible
+ UpdateMountableHostDeviceList ();
+ }
+
+ FavoriteVolumes = Favorites;
- ManageStartupSeq();
- SaveSettings (hwndDlg);
- }
- else
- SystemFavoriteVolumes = Favorites;
+ ManageStartupSeq();
+ SaveSettings (hwndDlg);
+ }
+ else
+ SystemFavoriteVolumes = Favorites;
- OnFavoriteVolumesUpdated();
- LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0);
+ OnFavoriteVolumesUpdated();
+ LoadDriveLetters (hwndDlg, GetDlgItem (MainDlg, IDC_DRIVELIST), 0);
- EndDialog (hwndDlg, IDOK);
+ EndDialog (hwndDlg, IDOK);
+ }
}
-
return 1;
case IDCANCEL:
@@ -554,6 +569,7 @@ namespace VeraCrypt
void LoadFavoriteVolumes (vector <FavoriteVolume> &favorites, bool systemFavorites, bool noUacElevation)
{
+ bool bVolumeIdInUse = false;
favorites.clear();
wstring favoritesFilePath = systemFavorites ? GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false) : GetConfigPath (TC_APPD_FILENAME_FAVORITE_VOLUMES);
@@ -701,10 +717,21 @@ namespace VeraCrypt
favorite.Pkcs5 = -1;
}
+ if (!systemFavorites && favorite.UseVolumeID)
+ bVolumeIdInUse = true;
+
favorites.push_back (favorite);
xml++;
}
+ if (!systemFavorites)
+ {
+ if (bVolumeIdInUse && !DisablePeriodicDeviceListUpdate)
+ NeedPeriodicDeviceListUpdate = TRUE;
+ else
+ NeedPeriodicDeviceListUpdate = FALSE;
+ }
+
free (favoritesXml);
}
@@ -763,6 +790,7 @@ namespace VeraCrypt
{
FILE *f;
int cnt = 0;
+ bool bVolumeIdInUse = false;
f = _wfopen (GetConfigPath (systemFavorites ? TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES : TC_APPD_FILENAME_FAVORITE_VOLUMES), L"w,ccs=UTF-8");
if (f == NULL)
@@ -827,7 +855,11 @@ namespace VeraCrypt
s += L" useLabelInExplorer=\"1\"";
if (favorite.UseVolumeID && !IsRepeatedByteArray (0, favorite.VolumeID, sizeof (favorite.VolumeID)))
+ {
s += L" useVolumeID=\"1\"";
+ if (!systemFavorites)
+ bVolumeIdInUse = true;
+ }
s += L">" + wstring (tq) + L"</volume>";
@@ -838,6 +870,14 @@ namespace VeraCrypt
fputws (L"\n\t</favorites>", f);
XmlWriteFooter (f);
+ if (!systemFavorites)
+ {
+ if (bVolumeIdInUse && !DisablePeriodicDeviceListUpdate)
+ NeedPeriodicDeviceListUpdate = TRUE;
+ else
+ NeedPeriodicDeviceListUpdate = FALSE;
+ }
+
if (!CheckFileStreamWriteErrors (hwndDlg, f, systemFavorites ? TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES : TC_APPD_FILENAME_FAVORITE_VOLUMES))
{
fclose (f);
diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c
index 5f96afb..7d4fa81 100644
--- a/src/Mount/Mount.c
+++ b/src/Mount/Mount.c
@@ -49,6 +49,7 @@
#include "../Platform/Finally.h"
#include "../Platform/ForEach.h"
#include "../Setup/SelfExtract.h"
+#include "../Common/EncryptionThreadPool.h"
#include <Strsafe.h>
#include <InitGuid.h>
@@ -64,6 +65,17 @@
typedef BOOL (WINAPI *WTSREGISTERSESSIONNOTIFICATION)(HWND, DWORD);
typedef BOOL (WINAPI *WTSUNREGISTERSESSIONNOTIFICATION)(HWND);
+#ifndef _HPOWERNOTIFY_DEF_
+#define _HPOWERNOTIFY_DEF_
+
+typedef PVOID HPOWERNOTIFY;
+typedef HPOWERNOTIFY *PHPOWERNOTIFY;
+
+#endif
+
+typedef HPOWERNOTIFY (WINAPI *REGISTERSUSPENDRESUMENOTIFICATION)(HANDLE hRecipient, DWORD Flags);
+typedef BOOL (WINAPI *UNREGISTERSUSPENDRESUMENOTIFICATION) (HPOWERNOTIFY Handle);
+
using namespace VeraCrypt;
enum timer_ids
@@ -158,14 +170,14 @@ MountOptions CmdMountOptions;
BOOL CmdMountOptionsValid = FALSE;
MountOptions mountOptions;
MountOptions defaultMountOptions;
-KeyFile *FirstCmdKeyFile;
+KeyFile *FirstCmdKeyFile = NULL;
HBITMAP hbmLogoBitmapRescaled = NULL;
wchar_t OrigKeyboardLayout [8+1] = L"00000409";
BOOL bKeyboardLayoutChanged = FALSE; /* TRUE if the keyboard layout was changed to the standard US keyboard layout (from any other layout). */
BOOL bKeybLayoutAltKeyWarningShown = FALSE; /* TRUE if the user has been informed that it is not possible to type characters by pressing keys while the right Alt key is held down. */
-static KeyFilesDlgParam hidVolProtKeyFilesParam;
+static KeyFilesDlgParam hidVolProtKeyFilesParam = {0};
static MOUNT_LIST_STRUCT LastKnownMountList = {0};
VOLUME_NOTIFICATIONS_LIST VolumeNotificationsList;
@@ -181,12 +193,20 @@ static int bPrebootPasswordDlgMode = FALSE;
static int NoCmdLineArgs;
static BOOL CmdLineVolumeSpecified;
static int LastDriveListVolumeColumnWidth;
+static BOOL ExitMailSlotSpecified = FALSE;
+static TCHAR ExitMailSlotName[MAX_PATH];
// WTS handling
static HMODULE hWtsLib = NULL;
static WTSREGISTERSESSIONNOTIFICATION fnWtsRegisterSessionNotification = NULL;
static WTSUNREGISTERSESSIONNOTIFICATION fnWtsUnRegisterSessionNotification = NULL;
-static void RegisterWtsNotification(HWND hWnd)
+// Used to opt-in to receive notification about power events.
+// This is mandatory to support Windows 10 Modern Standby and Windows 8.1 Connected Standby power model.
+// https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/prepare-software-for-modern-standby
+// https://docs.microsoft.com/en-us/windows/win32/w8cookbook/desktop-activity-moderator?redirectedfrom=MSDN
+static HPOWERNOTIFY g_hPowerNotify = NULL;
+
+static void RegisterWtsAndPowerNotification(HWND hWnd)
{
if (!hWtsLib)
{
@@ -213,9 +233,19 @@ static void RegisterWtsNotification(HWND hWnd)
}
}
}
+
+ if (IsOSAtLeast (WIN_8))
+ {
+ REGISTERSUSPENDRESUMENOTIFICATION fnRegisterSuspendResumeNotification = (REGISTERSUSPENDRESUMENOTIFICATION) GetProcAddress (GetModuleHandle (L"user32.dll"), "RegisterSuspendResumeNotification");
+ if (fnRegisterSuspendResumeNotification)
+ {
+ g_hPowerNotify = fnRegisterSuspendResumeNotification ((HANDLE) hWnd, DEVICE_NOTIFY_WINDOW_HANDLE);
+ }
+
+ }
}
-static void UnregisterWtsNotification(HWND hWnd)
+static void UnregisterWtsAndPowerNotification(HWND hWnd)
{
if (hWtsLib && fnWtsUnRegisterSessionNotification)
{
@@ -225,6 +255,14 @@ static void UnregisterWtsNotification(HWND hWnd)
fnWtsRegisterSessionNotification = NULL;
fnWtsUnRegisterSessionNotification = NULL;
}
+
+ if (IsOSAtLeast (WIN_8) && g_hPowerNotify)
+ {
+ UNREGISTERSUSPENDRESUMENOTIFICATION fnUnregisterSuspendResumeNotification = (UNREGISTERSUSPENDRESUMENOTIFICATION) GetProcAddress (GetModuleHandle (L"user32.dll"), "UnregisterSuspendResumeNotification");
+ if (fnUnregisterSuspendResumeNotification)
+ fnUnregisterSuspendResumeNotification (g_hPowerNotify);
+ g_hPowerNotify = NULL;
+ }
}
static std::vector<MSXML2::IXMLDOMNodePtr> GetReadChildNodes (MSXML2::IXMLDOMNodeListPtr childs)
@@ -375,6 +413,9 @@ static void localcleanup (void)
burn (&defaultMountOptions, sizeof (defaultMountOptions));
burn (szFileName, sizeof(szFileName));
+ KeyFileRemoveAll (&FirstCmdKeyFile);
+ KeyFileRemoveAll (&hidVolProtKeyFilesParam.FirstKeyFile);
+
/* Cleanup common code resources */
cleanup ();
@@ -430,7 +471,7 @@ void EndMainDlg (HWND hwndDlg)
KillTimer (hwndDlg, TIMER_ID_MAIN);
KillTimer (hwndDlg, TIMER_ID_UPDATE_DEVICE_LIST);
TaskBarIconRemove (hwndDlg);
- UnregisterWtsNotification(hwndDlg);
+ UnregisterWtsAndPowerNotification(hwndDlg);
EndDialog (hwndDlg, 0);
}
}
@@ -512,8 +553,11 @@ static void InitMainDialog (HWND hwndDlg)
e.Show (NULL);
}
- // initialize the list of devices available for mounting as early as possible
- UpdateMountableHostDeviceList ();
+ if (NeedPeriodicDeviceListUpdate)
+ {
+ // initialize the list of devices available for mounting as early as possible
+ UpdateMountableHostDeviceList ();
+ }
if (Silent)
LoadDriveLetters (hwndDlg, NULL, 0);
@@ -2371,6 +2415,17 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR
}
CheckCapsLock (hwndDlg, FALSE);
+
+ if (!bSecureDesktopOngoing)
+ {
+ PasswordEditDropTarget* pTarget = new PasswordEditDropTarget ();
+ if (pTarget->Register (hwndDlg))
+ {
+ SetWindowLongPtr (hwndDlg, DWLP_USER, (LONG_PTR) pTarget);
+ }
+ else
+ delete pTarget;
+ }
return 0;
}
@@ -2836,6 +2891,19 @@ err:
return 1;
}
return 0;
+
+ case WM_NCDESTROY:
+ {
+ /* unregister drap-n-drop support */
+ PasswordEditDropTarget* pTarget = (PasswordEditDropTarget*) GetWindowLongPtr (hwndDlg, DWLP_USER);
+ if (pTarget)
+ {
+ SetWindowLongPtr (hwndDlg, DWLP_USER, (LONG_PTR) 0);
+ pTarget->Revoke ();
+ pTarget->Release();
+ }
+ }
+ return 0;
}
return 0;
@@ -2968,7 +3036,21 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
SetWindowPos (hwndDlg, HWND_NOTOPMOST, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE);
}
SetFocus (GetDlgItem (hwndDlg, IDC_PASSWORD));
- SetTimer (hwndDlg, TIMER_ID_CHECK_FOREGROUND, TIMER_INTERVAL_CHECK_FOREGROUND, NULL);
+
+ /* Start the timer to check if we are foreground only if Secure Desktop is not used */
+ /* Implement Text drag-n-drop in order to support droping password from KeePass directly only if Secure Desktop is not used */
+ if (!bSecureDesktopOngoing)
+ {
+ SetTimer (hwndDlg, TIMER_ID_CHECK_FOREGROUND, TIMER_INTERVAL_CHECK_FOREGROUND, NULL);
+
+ PasswordEditDropTarget* pTarget = new PasswordEditDropTarget ();
+ if (pTarget->Register (hwndDlg))
+ {
+ SetWindowLongPtr (hwndDlg, DWLP_USER, (LONG_PTR) pTarget);
+ }
+ else
+ delete pTarget;
+ }
}
return 0;
@@ -3011,11 +3093,16 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
if (keybLayout != 0x00000409 && keybLayout != 0x04090409)
{
Error ("CANT_CHANGE_KEYB_LAYOUT_FOR_SYS_ENCRYPTION", hwndDlg);
- EndDialog (hwndDlg, IDCANCEL);
- return 1;
+ /* don't be too agressive on enforcing an English keyboard layout. E.g. on WindowsPE this call fails and
+ * then the user can only mount a system encrypted device using the command line by passing the password as a parameter
+ * (which might not be obvious for not so advanced users).
+ *
+ * Now, we informed the user that English keyboard is required, if it is not available the volume can just not be mounted.
+ * There should be no other drawback (as e.g., on the change password dialog, when you might change to a password which won't
+ * work on the pre-start environment.
+ */
}
-
- if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0)
+ else if (SetTimer (hwndDlg, TIMER_ID_KEYB_LAYOUT_GUARD, TIMER_INTERVAL_KEYB_LAYOUT_GUARD, NULL) == 0)
{
Error ("CANNOT_SET_TIMER", hwndDlg);
EndDialog (hwndDlg, IDCANCEL);
@@ -3227,6 +3314,19 @@ BOOL CALLBACK PasswordDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM lPa
}
return 0;
+ case WM_NCDESTROY:
+ {
+ /* unregister drap-n-drop support */
+ PasswordEditDropTarget* pTarget = (PasswordEditDropTarget*) GetWindowLongPtr (hwndDlg, DWLP_USER);
+ if (pTarget)
+ {
+ SetWindowLongPtr (hwndDlg, DWLP_USER, (LONG_PTR) 0);
+ pTarget->Revoke ();
+ pTarget->Release();
+ }
+ }
+ return 0;
+
case WM_CONTEXTMENU:
{
RECT buttonRect;
@@ -3640,6 +3740,17 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
ToHyperlink (hwndDlg, IDC_LINK_HIDVOL_PROTECTION_INFO);
+ if (!bSecureDesktopOngoing)
+ {
+ PasswordEditDropTarget* pTarget = new PasswordEditDropTarget ();
+ if (pTarget->Register (hwndDlg))
+ {
+ SetWindowLongPtr (hwndDlg, DWLP_USER, (LONG_PTR) pTarget);
+ }
+ else
+ delete pTarget;
+ }
+
}
return 0;
@@ -3797,6 +3908,19 @@ BOOL CALLBACK MountOptionsDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPARAM
}
return 0;
+
+ case WM_NCDESTROY:
+ {
+ /* unregister drap-n-drop support */
+ PasswordEditDropTarget* pTarget = (PasswordEditDropTarget*) GetWindowLongPtr (hwndDlg, DWLP_USER);
+ if (pTarget)
+ {
+ SetWindowLongPtr (hwndDlg, DWLP_USER, (LONG_PTR) 0);
+ pTarget->Revoke ();
+ pTarget->Release();
+ }
+ }
+ return 0;
}
return 0;
@@ -5048,7 +5172,7 @@ static BOOL Mount (HWND hwndDlg, int nDosDriveNo, wchar_t *szFileName, int pim,
else if (!Silent)
{
int GuiPkcs5 = EffectiveVolumePkcs5;
- BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode;
+ BOOL GuiTrueCryptMode = EffectiveVolumeTrueCryptMode || IsTrueCryptFileExtension (szFileName)? TRUE : FALSE;
int GuiPim = EffectiveVolumePim;
StringCbCopyW (PasswordDlgVolume, sizeof(PasswordDlgVolume), szFileName);
@@ -5142,7 +5266,14 @@ static BOOL Dismount (HWND hwndDlg, int nDosDriveNo)
WaitCursor ();
if (nDosDriveNo == -2)
+ {
nDosDriveNo = (char) (HIWORD (GetSelectedLong (GetDlgItem (hwndDlg, IDC_DRIVELIST))) - L'A');
+ if (nDosDriveNo < 0 || nDosDriveNo >= 26)
+ {
+ NormalCursor ();
+ return FALSE;
+ }
+ }
if (bCloseDismountedWindows)
{
@@ -5156,9 +5287,6 @@ static BOOL Dismount (HWND hwndDlg, int nDosDriveNo)
if (bBeep)
MessageBeep (0xFFFFFFFF);
RefreshMainDlg (hwndDlg);
-
- if (nCurrentOS == WIN_2000 && RemoteSession && !IsAdmin ())
- LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0);
}
NormalCursor ();
@@ -5333,9 +5461,6 @@ retry:
RefreshMainDlg (hwndDlg);
- if (nCurrentOS == WIN_2000 && RemoteSession && !IsAdmin ())
- LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0);
-
NormalCursor();
if (unmount.nReturnCode != 0)
@@ -6069,8 +6194,6 @@ static void DecryptNonSysDevice (HWND hwndDlg, BOOL bResolveAmbiguousSelection,
return;
}
- WaitCursor();
-
// Make sure the user is not attempting to decrypt a partition on an entirely encrypted system drive.
if (IsNonSysPartitionOnSysDrive (scPath.c_str ()) == 1)
{
@@ -6088,8 +6211,6 @@ static void DecryptNonSysDevice (HWND hwndDlg, BOOL bResolveAmbiguousSelection,
{
// The system drive MAY be entirely encrypted (external access without PBA) and the potentially encrypted OS is not running
- NormalCursor ();
-
Warning ("CANT_DECRYPT_PARTITION_ON_ENTIRELY_ENCRYPTED_SYS_DRIVE_UNSURE", hwndDlg);
// We allow the user to continue as we don't know if the drive is really an encrypted system drive.
@@ -6771,6 +6892,41 @@ void DisplayDriveListContextMenu (HWND hwndDlg, LPARAM lParam)
}
}
+// broadcast signal to WAITFOR.EXE MailSlot to notify any waiting instance that we are exiting
+static void SignalExitCode (int exitCode)
+{
+ if (ExitMailSlotSpecified)
+ {
+ HANDLE hFile;
+ hFile = CreateFile (ExitMailSlotName,
+ GENERIC_WRITE,
+ FILE_SHARE_READ,
+ (LPSECURITY_ATTRIBUTES) NULL,
+ OPEN_EXISTING,
+ FILE_ATTRIBUTE_NORMAL,
+ (HANDLE) NULL);
+ if ((hFile == INVALID_HANDLE_VALUE) && (GetLastError () == ERROR_FILE_NOT_FOUND))
+ {
+ // MailSlot not found, wait 1 second and try again in case we exited too quickly
+ Sleep (1000);
+ hFile = CreateFile (ExitMailSlotName,
+ GENERIC_WRITE,
+ FILE_SHARE_READ,
+ (LPSECURITY_ATTRIBUTES) NULL,
+ OPEN_EXISTING,
+ FILE_ATTRIBUTE_NORMAL,
+ (HANDLE) NULL);
+ }
+ if (hFile != INVALID_HANDLE_VALUE)
+ {
+ char szMsg[64];
+ DWORD cbWritten;
+ StringCbPrintfA (szMsg, sizeof (szMsg), "VeraCrypt Exit %d", exitCode);
+ WriteFile(hFile, szMsg, (DWORD) (strlen (szMsg) +1), &cbWritten, (LPOVERLAPPED) NULL);
+ CloseHandle (hFile);
+ }
+ }
+}
/* Except in response to the WM_INITDIALOG and WM_ENDSESSION messages, the dialog box procedure
should return nonzero if it processes a message, and zero if it does not. */
@@ -6850,6 +7006,12 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
AbortProcess ("COMMAND_LINE_ERROR");
}
+ if (EnableMemoryProtection)
+ {
+ /* Protect this process memory from being accessed by non-admin users */
+ EnableProcessProtection ();
+ }
+
if (ComServerMode)
{
InitDialog (hwndDlg);
@@ -6975,7 +7137,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (FirstCmdKeyFile)
{
KeyFileRemoveAll (&FirstKeyFile);
- FirstKeyFile = FirstCmdKeyFile;
+ KeyFileCloneAll (FirstCmdKeyFile, &FirstKeyFile);
KeyFilesEnable = TRUE;
}
@@ -7111,7 +7273,10 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (Quit)
{
if (TaskBarIconMutex == NULL)
+ {
+ SignalExitCode (exitCode);
exit (exitCode);
+ }
MainWindowHidden = TRUE;
@@ -7123,6 +7288,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (TaskBarIconMutex)
TaskBarIconRemove (hwndDlg);
+ SignalExitCode (exitCode);
exit (exitCode);
}
else
@@ -7224,7 +7390,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
}
if (TaskBarIconMutex != NULL)
- RegisterWtsNotification(hwndDlg);
+ RegisterWtsAndPowerNotification(hwndDlg);
DoPostInstallTasks (hwndDlg);
ResetCurrentDirectory ();
}
@@ -7309,7 +7475,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
}
TaskBarIconRemove (hwndDlg);
- UnregisterWtsNotification(hwndDlg);
+ UnregisterWtsAndPowerNotification(hwndDlg);
}
EndMainDlg (hwndDlg);
localcleanup ();
@@ -7336,7 +7502,8 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
{
if (wParam == TIMER_ID_UPDATE_DEVICE_LIST)
{
- UpdateMountableHostDeviceList ();
+ if (NeedPeriodicDeviceListUpdate)
+ UpdateMountableHostDeviceList ();
}
else
{
@@ -7526,7 +7693,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
&& GetDriverRefCount () < 2)
{
TaskBarIconRemove (hwndDlg);
- UnregisterWtsNotification(hwndDlg);
+ UnregisterWtsAndPowerNotification(hwndDlg);
EndMainDlg (hwndDlg);
}
}
@@ -7653,7 +7820,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
EnumWindows (CloseTCWindowsEnum, 0);
TaskBarIconRemove (hwndDlg);
- UnregisterWtsNotification(hwndDlg);
+ UnregisterWtsAndPowerNotification(hwndDlg);
SendMessage (hwndDlg, WM_COMMAND, sel, 0);
}
}
@@ -7674,7 +7841,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
case TC_APPMSG_CLOSE_BKG_TASK:
if (TaskBarIconMutex != NULL)
TaskBarIconRemove (hwndDlg);
- UnregisterWtsNotification(hwndDlg);
+ UnregisterWtsAndPowerNotification(hwndDlg);
return 1;
@@ -8350,12 +8517,12 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
if (bEnableBkgTask)
{
TaskBarIconAdd (hwndDlg);
- RegisterWtsNotification(hwndDlg);
+ RegisterWtsAndPowerNotification(hwndDlg);
}
else
{
TaskBarIconRemove (hwndDlg);
- UnregisterWtsNotification(hwndDlg);
+ UnregisterWtsAndPowerNotification(hwndDlg);
if (MainWindowHidden)
EndMainDlg (hwndDlg);
}
@@ -8625,12 +8792,10 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
WaitCursor ();
- if (!(nCurrentOS == WIN_2000 && RemoteSession))
- {
- BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, 0, ~driveMap);
- Sleep (100);
- BroadcastDeviceChange (DBT_DEVICEARRIVAL, 0, driveMap);
- }
+
+ BroadcastDeviceChange (DBT_DEVICEREMOVECOMPLETE, 0, ~driveMap);
+ Sleep (100);
+ BroadcastDeviceChange (DBT_DEVICEARRIVAL, 0, driveMap);
LoadDriveLetters (hwndDlg, GetDlgItem (hwndDlg, IDC_DRIVELIST), 0);
@@ -8872,6 +9037,9 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
OptionTryEmptyPassword,
OptionNoWaitDlg,
OptionSecureDesktop,
+ OptionDisableDeviceUpdate,
+ OptionEnableMemoryProtection,
+ OptionSignalExit,
};
argument args[]=
@@ -8900,6 +9068,9 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
{ OptionTryEmptyPassword, L"/tryemptypass", NULL, FALSE },
{ OptionNoWaitDlg, L"/nowaitdlg", NULL, FALSE },
{ OptionSecureDesktop, L"/secureDesktop", NULL, FALSE },
+ { OptionDisableDeviceUpdate, L"/disableDeviceUpdate", NULL, FALSE },
+ { OptionEnableMemoryProtection, L"/protectMemory", NULL, FALSE },
+ { OptionSignalExit, L"/signalExit", NULL, FALSE },
};
argumentspec as;
@@ -8990,6 +9161,29 @@ void ExtractCommandLine (HWND hwndDlg, wchar_t *lpszCommandLine)
}
break;
+ case OptionDisableDeviceUpdate:
+ {
+ DisablePeriodicDeviceListUpdate = TRUE;
+ }
+ break;
+
+ case OptionEnableMemoryProtection:
+ {
+ EnableMemoryProtection = TRUE;
+ }
+ break;
+
+ case OptionSignalExit:
+ if (HAS_ARGUMENT == GetArgumentValue (lpszCommandLineArgs, &i,
+ nNoCommandLineArgs, tmpPath, ARRAYSIZE (tmpPath)))
+ {
+ StringCbPrintfW (ExitMailSlotName, sizeof (ExitMailSlotName), L"\\\\.\\mailslot\\WAITFOR.EXE\\%s", tmpPath);
+ ExitMailSlotSpecified = TRUE;
+ }
+ else
+ AbortProcess ("COMMAND_LINE_ERROR");
+ break;
+
case OptionCache:
{
wchar_t szTmp[16] = {0};
@@ -9409,25 +9603,31 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
case SERVICE_CONTROL_STOP:
SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING);
- if (bSystemIsGPT)
+ if (!(BootEncObj->ReadServiceConfigurationFlags () & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER))
{
- uint32 serviceFlags = BootEncObj->ReadServiceConfigurationFlags ();
- if (!(serviceFlags & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER))
+ try
{
- try
- {
- BootEncryption::UpdateSetupConfigFile (true);
- if (!BootEncStatus.HiddenSystem)
- {
- // re-install our bootloader again in case the update process has removed it.
- BootEncryption bootEnc (NULL, true);
- bootEnc.InstallBootLoader (true);
- }
- }
- catch (...)
+ BootEncryption::UpdateSetupConfigFile (true);
+ if (!BootEncStatus.HiddenSystem)
{
+ // re-install our bootloader again in case the update process has removed it.
+ bool bForceSetNextBoot = false;
+ bool bSetBootentry = true;
+ bool bForceFirstBootEntry = true;
+ uint32 flags = BootEncObj->ReadServiceConfigurationFlags ();
+ if (flags & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_FORCE_SET_BOOTNEXT)
+ bForceSetNextBoot = true;
+ if (flags & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_SET_BOOTENTRY)
+ bSetBootentry = false;
+ if (flags & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_FORCE_FIRST_BOOTENTRY)
+ bForceFirstBootEntry = false;
+ BootEncryption bootEnc (NULL, true, bSetBootentry, bForceFirstBootEntry, bForceSetNextBoot);
+ bootEnc.InstallBootLoader (true);
}
}
+ catch (...)
+ {
+ }
}
/* clear VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION flag */
@@ -9529,8 +9729,6 @@ static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv)
SystemFavoritesServiceSetStatus (SERVICE_START_PENDING, 120000);
SystemFavoritesServiceLogInfo (wstring (L"Initializing list of host devices"));
- // initialize the list of devices available for mounting as early as possible
- UpdateMountableHostDeviceList ();
SystemFavoritesServiceLogInfo (wstring (L"Starting System Favorites mounting process"));
@@ -9726,7 +9924,7 @@ BOOL TaskBarIconAdd (HWND hwnd)
ScreenDPI >= 120 ? 0 : 16,
(ScreenDPI >= 120 ? LR_DEFAULTSIZE : 0)
| LR_SHARED
- | (nCurrentOS != WIN_2000 ? LR_DEFAULTCOLOR : LR_VGACOLOR)); // Windows 2000 cannot display more than 16 fixed colors in notification tray
+ | LR_DEFAULTCOLOR);
StringCbCopyW (tnid.szTip, sizeof(tnid.szTip), L"VeraCrypt");
@@ -9778,7 +9976,7 @@ BOOL TaskBarIconChange (HWND hwnd, int iconId)
ScreenDPI >= 120 ? 0 : 16,
(ScreenDPI >= 120 ? LR_DEFAULTSIZE : 0)
| LR_SHARED
- | (nCurrentOS != WIN_2000 ? LR_DEFAULTCOLOR : LR_VGACOLOR)); // Windows 2000 cannot display more than 16 fixed colors in notification tray
+ | LR_DEFAULTCOLOR);
return Shell_NotifyIcon (NIM_MODIFY, &tnid);
}
@@ -10111,9 +10309,6 @@ BOOL MountFavoriteVolumes (HWND hwnd, BOOL systemFavorites, BOOL logOnMount, BOO
{
Sleep (5000);
- SystemFavoritesServiceLogInfo (wstring (L"Updating list of host devices"));
- UpdateMountableHostDeviceList ();
-
SystemFavoritesServiceLogInfo (wstring (L"Trying to mount skipped system favorites"));
// Update the service status to avoid being killed
@@ -10326,7 +10521,7 @@ static void HandleHotKey (HWND hwndDlg, WPARAM wParam)
MessageBeep (0xFFFFFFFF);
}
TaskBarIconRemove (hwndDlg);
- UnregisterWtsNotification(hwndDlg);
+ UnregisterWtsAndPowerNotification(hwndDlg);
EndMainDlg (hwndDlg);
break;
@@ -10842,6 +11037,21 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume)
nStatus = ERR_OS_ERROR;
goto error;
}
+ else if (!bDevice && bPreserveTimestamp)
+ {
+ // ensure that Last Access timestamp is not modified
+ ftLastAccessTime.dwHighDateTime = 0xFFFFFFFF;
+ ftLastAccessTime.dwLowDateTime = 0xFFFFFFFF;
+
+ SetFileTime (dev, NULL, &ftLastAccessTime, NULL);
+
+ /* Remember the container modification/creation date and time. */
+
+ if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0)
+ bTimeStampValid = FALSE;
+ else
+ bTimeStampValid = TRUE;
+ }
// Determine volume host size
if (bDevice)
@@ -10912,15 +11122,6 @@ int RestoreVolumeHeader (HWND hwndDlg, const wchar_t *lpszVolume)
hostSize = fileSize.QuadPart;
}
- if (!bDevice && bPreserveTimestamp)
- {
- /* Remember the container modification/creation date and time. */
-
- if (GetFileTime ((HANDLE) dev, &ftCreationTime, &ftLastAccessTime, &ftLastWriteTime) == 0)
- bTimeStampValid = FALSE;
- else
- bTimeStampValid = TRUE;
- }
/* Read the volume header from the backup file */
char buffer[TC_VOLUME_HEADER_GROUP_SIZE];
@@ -11155,26 +11356,25 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
EnableWindow (GetDlgItem (hwndDlg, IDC_ENABLE_RAM_ENCRYPTION), FALSE);
}
- SYSTEM_INFO sysInfo;
- GetSystemInfo (&sysInfo);
+ size_t cpuCount = GetCpuCount(NULL);
HWND freeCpuCombo = GetDlgItem (hwndDlg, IDC_ENCRYPTION_FREE_CPU_COUNT);
uint32 encryptionFreeCpuCount = ReadEncryptionThreadPoolFreeCpuCountLimit();
- if (encryptionFreeCpuCount > sysInfo.dwNumberOfProcessors - 1)
- encryptionFreeCpuCount = sysInfo.dwNumberOfProcessors - 1;
+ if (encryptionFreeCpuCount > (uint32) (cpuCount - 1))
+ encryptionFreeCpuCount = (uint32) (cpuCount - 1);
- for (uint32 i = 1; i < sysInfo.dwNumberOfProcessors; ++i)
+ for (uint32 i = 1; i < cpuCount; ++i)
{
wstringstream s;
s << i;
AddComboPair (freeCpuCombo, s.str().c_str(), i);
}
- if (sysInfo.dwNumberOfProcessors < 2 || encryptionFreeCpuCount == 0)
+ if (cpuCount < 2 || encryptionFreeCpuCount == 0)
EnableWindow (freeCpuCombo, FALSE);
- if (sysInfo.dwNumberOfProcessors < 2)
+ if (cpuCount < 2)
EnableWindow (GetDlgItem (hwndDlg, IDC_LIMIT_ENC_THREAD_POOL), FALSE);
if (encryptionFreeCpuCount != 0)
@@ -11185,7 +11385,7 @@ static BOOL CALLBACK PerformanceSettingsDlgProc (HWND hwndDlg, UINT msg, WPARAM
SetWindowTextW (GetDlgItem (hwndDlg, IDT_LIMIT_ENC_THREAD_POOL_NOTE), GetString("LIMIT_ENC_THREAD_POOL_NOTE"));
- SetDlgItemTextW (hwndDlg, IDC_HW_AES_SUPPORTED_BY_CPU, (wstring (L" ") + (GetString (is_aes_hw_cpu_supported() ? "UISTR_YES" : "UISTR_NO"))).c_str());
+ SetDlgItemTextW (hwndDlg, IDC_HW_AES_SUPPORTED_BY_CPU, (wstring (L" ") + (GetString (HasAESNI() ? "UISTR_YES" : "UISTR_NO"))).c_str());
ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_HW_ACCELERATION);
ToHyperlink (hwndDlg, IDC_MORE_INFO_ON_THREAD_BASED_PARALLELIZATION);
@@ -11592,6 +11792,8 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
{
WORD lw = LOWORD (wParam);
static std::string platforminfo;
+ static byte currentUserConfig;
+ static string currentCustomUserMessage;
switch (msg)
{
@@ -11616,8 +11818,27 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
BOOL bPimCacheEnabled = (driverConfig & TC_DRIVER_CONFIG_CACHE_BOOT_PIM)? TRUE : FALSE;
BOOL bBlockSysEncTrimEnabled = (driverConfig & VC_DRIVER_CONFIG_BLOCK_SYS_TRIM)? TRUE : FALSE;
BOOL bClearKeysEnabled = (driverConfig & VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION)? TRUE : FALSE;
+ BOOL bAutoFixBootloader = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER)? FALSE : TRUE;
+ BOOL bForceVeraCryptNextBoot = FALSE;
+ BOOL bForceSetVeraCryptBootEntry = TRUE;
+ BOOL bForceVeraCryptFirstEntry = TRUE;
+ if (bSystemIsGPT)
+ {
+ bForceVeraCryptNextBoot = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_FORCE_SET_BOOTNEXT)? TRUE : FALSE;
+ bForceSetVeraCryptBootEntry = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_SET_BOOTENTRY)? FALSE : TRUE;
+ bForceVeraCryptFirstEntry = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_FORCE_FIRST_BOOTENTRY)? FALSE : TRUE;
+ }
+
BOOL bIsHiddenOS = IsHiddenOSRunning ();
+ if (bClearKeysEnabled)
+ {
+ // the clear keys option works only if the service is running
+ if (!BootEncObj->IsSystemFavoritesServiceRunning())
+ bClearKeysEnabled = false;
+ }
+
+
if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig, &customUserMessage, &bootLoaderVersion))
{
// operations canceled
@@ -11625,6 +11846,10 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
return 1;
}
+ // we store current configuration in order to be able to detect if user changed it or not after clicking OK
+ currentUserConfig = userConfig;
+ currentCustomUserMessage = customUserMessage;
+
if (bootLoaderVersion != VERSION_NUM)
Warning ("BOOT_LOADER_VERSION_INCORRECT_PREFERENCES", hwndDlg);
@@ -11668,6 +11893,24 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
}
else
CheckDlgButton (hwndDlg, IDC_BLOCK_SYSENC_TRIM, bBlockSysEncTrimEnabled ? BST_CHECKED : BST_UNCHECKED);
+
+ CheckDlgButton (hwndDlg, IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN, bAutoFixBootloader? BST_CHECKED : BST_UNCHECKED);
+ if (bSystemIsGPT)
+ {
+ if (!bAutoFixBootloader || bIsHiddenOS)
+ {
+ // we disable other options if updating bootloader is not allowed or if hidden OS us running
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY), FALSE);
+ }
+ else
+ {
+ CheckDlgButton (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT, bForceVeraCryptNextBoot? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY, bForceSetVeraCryptBootEntry? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY, bForceVeraCryptFirstEntry? BST_CHECKED : BST_UNCHECKED);
+ }
+ }
}
catch (Exception &e)
{
@@ -11694,13 +11937,19 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
{
try
{
- std::string dcsprop = ReadESPFile (L"\\EFI\\VeraCrypt\\DcsProp", true);
+ std::string currentDcsprop = ReadESPFile (L"\\EFI\\VeraCrypt\\DcsProp", true);
+ std::string dcsprop = currentDcsprop;
while (TextEditDialogBox(FALSE, hwndDlg, GetString ("BOOT_LOADER_CONFIGURATION_FILE"), dcsprop) == IDOK)
{
- if (validateDcsPropXml (dcsprop.c_str()))
+ const char* dcspropContent = dcsprop.c_str();
+ if (0 == strcmp(dcspropContent, currentDcsprop.c_str()))
+ {
+ break;
+ }
+ else if (validateDcsPropXml (dcspropContent))
{
- WriteESPFile (L"\\EFI\\VeraCrypt\\DcsProp", (LPBYTE) dcsprop.c_str(), (DWORD) dcsprop.size(), true);
+ WriteESPFile (L"\\EFI\\VeraCrypt\\DcsProp", (LPBYTE) dcspropContent, (DWORD) strlen (dcspropContent), true);
break;
}
else
@@ -11738,17 +11987,7 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
if (!bSystemIsGPT)
GetDlgItemTextA (hwndDlg, IDC_CUSTOM_BOOT_LOADER_MESSAGE, customUserMessage, sizeof (customUserMessage));
- byte userConfig;
- try
- {
- if (!BootEncObj->ReadBootSectorConfig (nullptr, 0, &userConfig))
- return 1;
- }
- catch (Exception &e)
- {
- e.Show (hwndDlg);
- return 1;
- }
+ byte userConfig = currentUserConfig;
if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_PIM_PROMPT))
userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_PIM;
@@ -11757,22 +11996,22 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
if (bSystemIsGPT)
{
- if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT))
- userConfig |= TC_BOOT_USER_CFG_FLAG_STORE_HASH;
- else
- userConfig &= ~TC_BOOT_USER_CFG_FLAG_STORE_HASH;
+ if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_HASH_PROMPT))
+ userConfig |= TC_BOOT_USER_CFG_FLAG_STORE_HASH;
+ else
+ userConfig &= ~TC_BOOT_USER_CFG_FLAG_STORE_HASH;
}
else
{
if (IsDlgButtonChecked (hwndDlg, IDC_DISABLE_BOOT_LOADER_OUTPUT))
- userConfig |= TC_BOOT_USER_CFG_FLAG_SILENT_MODE;
- else
- userConfig &= ~TC_BOOT_USER_CFG_FLAG_SILENT_MODE;
+ userConfig |= TC_BOOT_USER_CFG_FLAG_SILENT_MODE;
+ else
+ userConfig &= ~TC_BOOT_USER_CFG_FLAG_SILENT_MODE;
- if (!IsDlgButtonChecked (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS))
- userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_ESC;
- else
- userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_ESC;
+ if (!IsDlgButtonChecked (hwndDlg, IDC_ALLOW_ESC_PBA_BYPASS))
+ userConfig |= TC_BOOT_USER_CFG_FLAG_DISABLE_ESC;
+ else
+ userConfig &= ~TC_BOOT_USER_CFG_FLAG_DISABLE_ESC;
}
try
@@ -11781,13 +12020,47 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
BOOL bPimCacheEnabled = IsDlgButtonChecked (hwndDlg, IDC_BOOT_LOADER_CACHE_PIM);
BOOL bBlockSysEncTrimEnabled = IsDlgButtonChecked (hwndDlg, IDC_BLOCK_SYSENC_TRIM);
BOOL bClearKeysEnabled = IsDlgButtonChecked (hwndDlg, IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION);
- BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5);
+
+ BOOL bAutoFixBootloader = IsDlgButtonChecked (hwndDlg, IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN);
+ BOOL bForceVeraCryptNextBoot = FALSE;
+ BOOL bForceSetVeraCryptBootEntry = TRUE;
+ BOOL bForceVeraCryptFirstEntry = TRUE;
+ if (bSystemIsGPT)
+ {
+ bForceVeraCryptNextBoot = IsDlgButtonChecked (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT);
+ bForceSetVeraCryptBootEntry = IsDlgButtonChecked (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY);
+ bForceVeraCryptFirstEntry = IsDlgButtonChecked (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY);
+ }
+
+ if (bClearKeysEnabled && !BootEncObj->IsSystemFavoritesServiceRunning())
+ {
+ // the system favorite service service should be running
+ // if it is not the case, report a failure and quit
+ std::string techInfo = SRC_POS;
+ techInfo += "\nIsSystemFavoritesServiceRunning = False.";
+ ReportUnexpectedState (techInfo.c_str());
+ return 1;
+ }
+
+ // only write boot configuration if something changed
+ if ((userConfig != currentUserConfig) || (!bSystemIsGPT && (customUserMessage != currentCustomUserMessage)))
+ BootEncObj->WriteBootSectorUserConfig (userConfig, customUserMessage, prop.volumePim, prop.pkcs5);
+
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD, bPasswordCacheEnabled);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PIM, (bPasswordCacheEnabled && bPimCacheEnabled)? TRUE : FALSE);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_EVIL_MAID_ATTACK_DETECTION, IsDlgButtonChecked (hwndDlg, IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION));
SetDriverConfigurationFlag (VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION, bClearKeysEnabled);
- if (!IsHiddenOSRunning ()) /* we don't need to update TRIM config for hidden OS since it's always blocked */
+ SetDriverConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_UPDATE_LOADER, bAutoFixBootloader? FALSE : TRUE);
+ if (bSystemIsGPT && !IsHiddenOSRunning ())
+ {
+ /* we don't need to update TRIM config for hidden OS since it's always blocked */
SetDriverConfigurationFlag (VC_DRIVER_CONFIG_BLOCK_SYS_TRIM, bBlockSysEncTrimEnabled);
+
+ /* we don't update bootloader settings since we never update bootloader under Hidden OS */
+ SetDriverConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_FORCE_SET_BOOTNEXT, bForceVeraCryptNextBoot);
+ SetDriverConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_SET_BOOTENTRY, bForceSetVeraCryptBootEntry? FALSE : TRUE);
+ SetDriverConfigurationFlag (VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_FORCE_FIRST_BOOTENTRY, bForceVeraCryptFirstEntry? FALSE : TRUE);
+ }
}
catch (Exception &e)
{
@@ -11833,10 +12106,54 @@ static BOOL CALLBACK BootLoaderPreferencesDlgProc (HWND hwndDlg, UINT msg, WPARA
case IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION:
if (IsDlgButtonChecked (hwndDlg, IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION))
{
- Warning ("CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING", hwndDlg);
+ if (!BootEncObj->IsSystemFavoritesServiceRunning())
+ {
+ // the system favorite service service should be running
+ // if it is not the case, report a failure
+ std::string techInfo = SRC_POS;
+ techInfo += "\nIsSystemFavoritesServiceRunning = False.";
+ ReportUnexpectedState (techInfo.c_str());
+
+ CheckDlgButton (hwndDlg, IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION, BST_UNCHECKED);
+ }
+ else
+ Warning ("CLEAR_KEYS_ON_DEVICE_INSERTION_WARNING", hwndDlg);
}
break;
+
+ case IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN:
+ if (bSystemIsGPT)
+ {
+ if (IsDlgButtonChecked (hwndDlg, IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN))
+ {
+ if (!IsHiddenOSRunning ())
+ {
+ uint32 driverConfig = ReadDriverConfigurationFlags();
+ BOOL bForceVeraCryptNextBoot = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_FORCE_SET_BOOTNEXT)? TRUE : FALSE;
+ BOOL bForceSetVeraCryptBootEntry = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_SET_BOOTENTRY)? FALSE : TRUE;
+ BOOL bForceVeraCryptFirstEntry = (driverConfig & VC_SYSTEM_FAVORITES_SERVICE_CONFIG_DONT_FORCE_FIRST_BOOTENTRY)? FALSE : TRUE;
+
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT), TRUE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY), TRUE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY), TRUE);
+
+ CheckDlgButton (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT, bForceVeraCryptNextBoot? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY, bForceSetVeraCryptBootEntry? BST_CHECKED : BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY, bForceVeraCryptFirstEntry? BST_CHECKED : BST_UNCHECKED);
+ }
+ }
+ else
+ {
+ CheckDlgButton (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT, BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY, BST_UNCHECKED);
+ CheckDlgButton (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY, BST_UNCHECKED);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_NEXT_BOOT_VERACRYPT), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_BOOT_ENTRY), FALSE);
+ EnableWindow (GetDlgItem (hwndDlg, IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY), FALSE);
+ }
+ }
+ break;
}
return 0;
}
diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc
index 137cc62..f63afe5 100644
--- a/src/Mount/Mount.rc
+++ b/src/Mount/Mount.rc
@@ -195,8 +195,8 @@ BEGIN
EDITTEXT IDC_PIM,69,43,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE
CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,48,97,10
CONTROL "Cache passwords and keyfil&es in memory",IDC_CACHE,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,61,153,10
- CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,74,83,10
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,61,241,10
+ CONTROL "&Display password",IDC_SHOW_PASSWORD,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,74,244,10
CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,87,99,11
PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,173,84,75,14
PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,252,84,69,14
@@ -287,7 +287,7 @@ BEGIN
LTEXT "",IDT_PKCS11_LIB_HELP,16,63,286,65
END
-IDD_EFI_SYSENC_SETTINGS DIALOGEX 0, 0, 375, 194
+IDD_EFI_SYSENC_SETTINGS DIALOGEX 0, 0, 375, 250
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - System Encryption Settings"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -304,13 +304,21 @@ BEGIN
"Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,16,83,340,10
CONTROL "Block TRIM command on system partition/drive",IDC_BLOCK_SYSENC_TRIM,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,98,340,10
- GROUPBOX "Advanced Options",IDT_ADVANCED_OPTIONS,7,131,355,36
- PUSHBUTTON "Edit Boot Loader Configuration",IDC_EDIT_DCSPROP,10,144,173,14
- PUSHBUTTON "Display EFI Platform Information",IDC_SHOW_PLATFORMINFO,187,144,173,14
- PUSHBUTTON "Cancel",IDCANCEL,313,170,50,14
- DEFPUSHBUTTON "OK",IDOK,255,170,50,14
CONTROL "Clear encryption keys from memory if a new device is inserted",IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,112,340,10
+ GROUPBOX "Advanced Options",IDT_ADVANCED_OPTIONS,7,131,355,91
+ CONTROL "Automatically fix boot configuration issues that may prevent Windows from starting",IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,144,340,10
+ CONTROL "Force machine to boot on VeraCrypt in the next startup",IDC_FORCE_NEXT_BOOT_VERACRYPT,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,158,340,10
+ CONTROL "Force the presence of VeraCrypt entry in the EFI firmware boot menu",IDC_FORCE_VERACRYPT_BOOT_ENTRY,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,172,340,10
+ CONTROL "Force VeraCrypt entry to be the first in the EFI firmware boot menu",IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,16,186,340,10
+ PUSHBUTTON "Edit Boot Loader Configuration",IDC_EDIT_DCSPROP,10,201,173,14
+ PUSHBUTTON "Display EFI Platform Information",IDC_SHOW_PLATFORMINFO,187,201,173,14
+ PUSHBUTTON "Cancel",IDCANCEL,313,226,50,14
+ DEFPUSHBUTTON "OK",IDOK,255,226,50,14
END
IDD_PERFORMANCE_SETTINGS DIALOGEX 0, 0, 371, 293
@@ -401,7 +409,7 @@ BEGIN
CONTROL "TrueCrypt Mode",IDC_TRUECRYPT_MODE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,7,7,76,10
END
-IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 371, 310
+IDD_SYSENC_SETTINGS DIALOGEX 0, 0, 371, 344
STYLE DS_SETFONT | DS_MODALFRAME | DS_FIXEDSYS | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
CAPTION "VeraCrypt - System Encryption Settings"
FONT 8, "MS Shell Dlg", 400, 0, 0x1
@@ -414,21 +422,24 @@ BEGIN
CONTROL "&Cache pre-boot authentication password in driver memory (for mounting of non-system volumes)",IDC_BOOT_LOADER_CACHE_PASSWORD,
"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,192,339,10
CONTROL "Include PIM when caching pre-boot authentication password",IDC_BOOT_LOADER_CACHE_PIM,
- "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,18,207,340,10
+ "Button",BS_AUTOCHECKBOX | WS_DISABLED | WS_TABSTOP,18,207,339,10
CONTROL "Allow pre-boot &authentication to be bypassed by pressing the Esc key (enables boot manager)",IDC_ALLOW_ESC_PBA_BYPASS,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,222,340,10
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,222,339,10
CONTROL "Disable ""Evil Maid"" attack detection",IDC_DISABLE_EVIL_MAID_ATTACK_DETECTION,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,237,340,10
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,237,339,10
CONTROL "Block TRIM command on system partition/drive",IDC_BLOCK_SYSENC_TRIM,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,251,340,10
- PUSHBUTTON "Cancel",IDCANCEL,314,286,50,14
- DEFPUSHBUTTON "OK",IDOK,257,286,50,14
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,251,339,10
+ CONTROL "Clear encryption keys from memory if a new device is inserted",IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,265,339,10
+ CONTROL "Automatically fix boot configuration issues that may prevent Windows from starting",IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN,
+ "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,298,339,10
+ PUSHBUTTON "Cancel",IDCANCEL,314,320,50,14
+ DEFPUSHBUTTON "OK",IDOK,257,320,50,14
LTEXT "Display this custom message in the pre-boot authentication screen (24 characters maximum):",IDT_CUSTOM_BOOT_LOADER_MESSAGE,18,39,337,8
- GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,9,7,355,165
- GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,9,177,355,105
LTEXT "",IDC_CUSTOM_BOOT_LOADER_MESSAGE_HELP,18,72,337,73
- CONTROL "Clear encryption keys from memory if a new device is inserted",IDC_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION,
- "Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,265,340,10
+ GROUPBOX "Security Options",IDT_SECURITY_OPTIONS,9,177,355,105
+ GROUPBOX "Boot Loader Screen Options",IDT_BOOT_LOADER_SCREEN_OPTIONS,9,7,355,165
+ GROUPBOX "Advanced Options",IDT_ADVANCED_OPTIONS,9,285,355,29
END
/////////////////////////////////////////////////////////////////////////////
@@ -504,7 +515,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 368
TOPMARGIN, 7
- BOTTOMMARGIN, 184
+ BOTTOMMARGIN, 240
END
IDD_PERFORMANCE_SETTINGS, DIALOG
@@ -536,7 +547,7 @@ BEGIN
LEFTMARGIN, 7
RIGHTMARGIN, 364
TOPMARGIN, 7
- BOTTOMMARGIN, 300
+ BOTTOMMARGIN, 334
END
END
#endif // APSTUDIO_INVOKED
@@ -548,8 +559,8 @@ END
//
VS_VERSION_INFO VERSIONINFO
- FILEVERSION 1,24,5,0
- PRODUCTVERSION 1,24,5,0
+ FILEVERSION 1,24,19,0
+ PRODUCTVERSION 1,24,19,0
FILEFLAGSMASK 0x17L
#ifdef _DEBUG
FILEFLAGS 0x1L
@@ -566,11 +577,11 @@ BEGIN
BEGIN
VALUE "CompanyName", "IDRIX"
VALUE "FileDescription", "VeraCrypt"
- VALUE "FileVersion", "1.24-Beta5"
+ VALUE "FileVersion", "1.24-Update7"
VALUE "LegalTrademarks", "VeraCrypt"
VALUE "OriginalFilename", "VeraCrypt.exe"
VALUE "ProductName", "VeraCrypt"
- VALUE "ProductVersion", "1.24-Beta5"
+ VALUE "ProductVersion", "1.24-Update7"
END
END
BLOCK "VarFileInfo"
diff --git a/src/Mount/Mount.vcxproj.user b/src/Mount/Mount.vcxproj.user
index ace9a86..9ab5ba9 100644
--- a/src/Mount/Mount.vcxproj.user
+++ b/src/Mount/Mount.vcxproj.user
@@ -1,3 +1,8 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+ <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+ <LocalDebuggerCommandArguments>
+ </LocalDebuggerCommandArguments>
+ <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
+ </PropertyGroup>
</Project> \ No newline at end of file
diff --git a/src/Mount/Resource.h b/src/Mount/Resource.h
index d102faf..dc73d18 100644
--- a/src/Mount/Resource.h
+++ b/src/Mount/Resource.h
@@ -195,6 +195,10 @@
#define IDC_ENABLE_CPU_RNG 1172
#define IDC_ENABLE_RAM_ENCRYPTION 1173
#define IDC_USE_LEGACY_MAX_PASSWORD_LENGTH 1174
+#define IDC_UPDATE_BOOTLOADER_ON_SHUTDOWN 1175
+#define IDC_FORCE_NEXT_BOOT_VERACRYPT 1176
+#define IDC_FORCE_VERACRYPT_BOOT_ENTRY 1177
+#define IDC_FORCE_VERACRYPT_FIRST_BOOT_ENTRY 1178
#define IDM_HELP 40001
#define IDM_ABOUT 40002
#define IDM_UNMOUNT_VOLUME 40003
@@ -271,7 +275,7 @@
#define _APS_NO_MFC 1
#define _APS_NEXT_RESOURCE_VALUE 120
#define _APS_NEXT_COMMAND_VALUE 40069
-#define _APS_NEXT_CONTROL_VALUE 1175
+#define _APS_NEXT_CONTROL_VALUE 1179
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif