mirrors/rufus
1
0
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2025-05-31 06:48:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[net] add Windows retail ISO downloads

Browse source 
* This is accomplished through Fido (https://github.com/pbatard/Fido), a *SIGNED*
  PowerShell script, that is downloaded from GitHub and that resides in memory for
  the duration of a session.
* The reason we use a downloaded PS script, rather than an embedded on, is because:
  - Microsoft have regularly been changing the deal with regards to how retail ISOs
    can be downloaded, and not for the better, so we can't simply embed a static
    means of downloading ISOs and expect that to work forever.
  - By using an external script, we can immediately respond to whatever new means of
    *ANNOYING* their legitimate users Microsoft will come up with next, as well as
    make sure that, the minute a new retail version of Windows becomes available, it
    also becomes available for download in Rufus.
* Note that if you are concerned about downloading a remote PS script that is being
  run at the same level as an elevated application, you should understand that:
  - Only scripts downloaded from GitHub, from an account that is protected with 2FA,
    are allowed to run (i.e. someone would first have to steal a *physical* 2FA key
    to be in a position to upload a malicious script).
  - On top of this, only scripts that are signed with a separate private key (RSA +
    AES-256), that is itself also protected with a strong unique password which only
    a single person knows (and must manually enter each time they want to make a new
    version of the script available for download), are allowed to run.
  The above means that there's about as much chance for someone to manage to upload
  a malicious script on the GitHub servers, that Rufus would allow to run, as there
  is for someone to upload a malicious version of Rufus itself.
  Still, if you are paranoid and have concerns that, even as you can validate from
  its source that Rufus does not attempt to execute any remote script unless a user
  actively selected and clicked the DOWNLOAD button, you can also completely disable
  the remote script download feature, if you just set the update check to disabled
  (which, by the way, Rufus *EXPLICITLY* asks you to choose whether you want to
  enable or not, the very first time you run the application).
* Also remove _unlinkU() which duplicates what DeleteFileU() already does.
This commit is contained in:
Pete Batard 2019-03-02 23:28:56 +00:00
parent c5513447c9
commit e073fb47b0
No known key found for this signature in database
GPG key ID: 38E0CF5E69EDD671
14 changed files with 471 additions and 111 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/msapi_utf8.h
View file

@ -1,9 +1,9 @@
/*
* MSAPI_UTF8: Common API calls using UTF-8 strings
* Compensating for what Microsoft should have done a long long time ago.
* Also see http://utf8everywhere.org/
* Also see https://utf8everywhere.org
*
* Copyright © 2010-2017 Pete Batard <pete@akeo.ie>
* Copyright © 2010-2019 Pete Batard <pete@akeo.ie>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@ -983,15 +983,6 @@ static __inline int _openU(const char *filename, int oflag , int pmode)
}
#endif
static __inline int _unlinkU(const char *path)
{
int ret;
wconvert(path);
ret = _wunlink(wpath);
wfree(path);
return ret;
}
static __inline int _stat64U(const char *path, struct __stat64 *buffer)
{
int ret;