mirrors/rufus
1
0
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2025-05-28 13:44:15 -04:00
Code Issues Projects Releases Packages Wiki Activity

[pki] add RSA-2048 signature validation for all server downloads

Browse source 
* Closes #1172
* Also fix a MinGW warning in badblocks.c
This commit is contained in:
Pete Batard 2018-06-29 18:19:05 +01:00
parent 2d262df8f3
commit fdfc9ff82d
8 changed files with 331 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

16
src/rufus.c
View file

@ -1567,7 +1567,7 @@ static BOOL BootCheck(void)
IGNORE_RETVAL(_chdir(tmp));
static_sprintf(tmp, "%s/%s-%s/%s", FILES_URL, grub, img_report.grub2_version, core_img);
PromptOnError = FALSE;
grub2_len = (long)DownloadFile(tmp, core_img, hMainDialog);
grub2_len = (long)DownloadSignedFile(tmp, core_img, hMainDialog);
PromptOnError = TRUE;
if ((grub2_len == 0) && (DownloadStatus == 404)) {
// Couldn't locate the file on the server => try to download without the version extra
@ -1578,7 +1578,7 @@ static BOOL BootCheck(void)
tmp2[i] = 0;
static_sprintf(tmp, "%s/%s-%s/%s", FILES_URL, grub, tmp2, core_img);
PromptOnError = FALSE;
grub2_len = (long)DownloadFile(tmp, core_img, hMainDialog);
grub2_len = (long)DownloadSignedFile(tmp, core_img, hMainDialog);
PromptOnError = TRUE;
static_sprintf(tmp, "%s/%s-%s/%s", FILES_URL, grub, img_report.grub2_version, core_img);
}
@ -1624,7 +1624,7 @@ static BOOL BootCheck(void)
static_sprintf(tmp, "%s-%s", syslinux, embedded_sl_version_str[0]);
IGNORE_RETVAL(_mkdir(tmp));
static_sprintf(tmp, "%s/%s-%s/%s", FILES_URL, syslinux, embedded_sl_version_str[0], old_c32_name[i]);
len = DownloadFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog);
len = DownloadSignedFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog);
if (len == 0) {
uprintf("Could not download file - cancelling");
return FALSE;
@ -1672,14 +1672,14 @@ static BOOL BootCheck(void)
static_sprintf(tmp, "%s/%s-%s%s/%s.%s", FILES_URL, syslinux, img_report.sl_version_str,
img_report.sl_version_ext, ldlinux, ldlinux_ext[i]);
PromptOnError = (*img_report.sl_version_ext == 0);
syslinux_ldlinux_len[i] = DownloadFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog);
syslinux_ldlinux_len[i] = DownloadSignedFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog);
PromptOnError = TRUE;
if ((syslinux_ldlinux_len[i] == 0) && (DownloadStatus == 404) && (*img_report.sl_version_ext != 0)) {
// Couldn't locate the file on the server => try to download without the version extra
uprintf("Extended version was not found, trying main version...");
static_sprintf(tmp, "%s/%s-%s/%s.%s", FILES_URL, syslinux, img_report.sl_version_str,
ldlinux, ldlinux_ext[i]);
syslinux_ldlinux_len[i] = DownloadFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog);
syslinux_ldlinux_len[i] = DownloadSignedFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog);
if (syslinux_ldlinux_len[i] != 0) {
// Duplicate the file so that the user won't be prompted to download again
static_sprintf(tmp, "%s-%s\\%s.%s", syslinux, img_report.sl_version_str, ldlinux, ldlinux_ext[i]);
@ -1722,7 +1722,7 @@ static BOOL BootCheck(void)
static_sprintf(tmp, "%s-%s", syslinux, embedded_sl_version_str[1]);
IGNORE_RETVAL(_mkdir(tmp));
static_sprintf(tmp, "%s/%s-%s/%s.%s", FILES_URL, syslinux, embedded_sl_version_str[1], ldlinux, ldlinux_ext[2]);
if (DownloadFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog) == 0)
if (DownloadSignedFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog) == 0)
return FALSE;
}
}
@ -1752,7 +1752,7 @@ static BOOL BootCheck(void)
static_sprintf(tmp, "grub4dos-%s", GRUB4DOS_VERSION);
IGNORE_RETVAL(_mkdir(tmp));
static_sprintf(tmp, "%s/grub4dos-%s/grldr", FILES_URL, GRUB4DOS_VERSION);
if (DownloadFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog) == 0)
if (DownloadSignedFile(tmp, &tmp[sizeof(FILES_URL)], hMainDialog) == 0)
return FALSE;
}
}
@ -2978,7 +2978,7 @@ static INT_PTR CALLBACK MainCallback(HWND hDlg, UINT message, WPARAM wParam, LPA
case WM_COMMAND:
#ifdef RUFUS_TEST
if (LOWORD(wParam) == IDC_TEST) {
Notification(MSG_ERROR, NULL, lmprintf(MSG_042), lmprintf(MSG_043, lmprintf(MSG_055)));
DownloadSignedFile(FILES_URL "/gendb.sh", "C:\\Downloads\\gendb.sh", hProgress);
break;
}
#endif