* Also fix SBAT not being properly parsed for PE32 executables.
* Also fix signature truncation in GetIssuerCertificateInfo() and fall back to
returning signer data if issuer is not available (which is typically the case
for GRUB signed bootloaders).
* Also fix status messages on user cancellation/proceeding.
* This is currently only used to detect the use of 'Microsoft Windows Production PCA 2011'
signed bootloaders.
* Because the cert is still in the process of being revoked, and Windows 11 24H2 still uses
'Microsoft Windows Production PCA 2011' signed bootloaders by default, only report this if
running in expert mode.
* Also fix non-reachable code in wue.c.
* This aims at creating installation media that is compatible with systems where
'Microsoft Windows Production PCA 2011' has been revoked.
* Doesn't work, since the bootloaders being applied by the first stage installer come
from \sources\install.wim[#]\windows\system32\Recovery\Winre.wim[#]\Windows\Boot\
(instead of \sources\boot.wim[#]\Windows\Boot\ as one would naturally expect) and
Microsoft botched the ones they included there by using completely vulnerable (and
therefore revoked) ones.
See https://github.com/pbatard/rufus/issues/2244#issuecomment-2400380839.
* Still, I sure haven't gone through this excruciating ACL bullshit for nothing, so
you get an experimental option, behind the expert mode curtain.
* Per https://forums.mydigitallife.net/threads/win-11-boot-and-upgrade-fix-kit-v5-0-released.83724/
Windows 11 24H2 requires new registry bypasses to be applied to perform in-place upgrade on
non officially supported platforms, and those need to be enacted before running setup.exe.
* In order to streamline this, and because those registry bypasses require elevation, we rename
setup.exe to setup.dll and add our own setup.exe wrapper to set the registry and then call the
original setup.exe (through setup.dll).
* See https://github.com/pbatard/rufus/issues/2568
* Also fix some MinGW build warnings.
* Also fix the annoyance of TortoiseGit/Notepad++ altering the copyright symbol of rufus.rc.
* Looks like using the 'net user USERNAME /logonpasswordchg:yes" might have the side effect
of setting the main user account to expire after a few months. So to alleviate that, we'll
just set the system policy to use passwords that never expire.
* Also clean up the PE parsing code and fix 2 Coverity warnings.
* Also fix typos, misprints and ditch the UNRELIABLE timestamp.acs.microsoft.com server.
* See https://github.com/pbatard/rufus/issues/2244#issuecomment-2243661539
* Note that we don't use the GUID but the resource name for bootmgr.efi, as trying to figure
out where the heck the relevant GUID is located in the PE code is not worth the effort.
* Also add internal fallback for sbat_level.txt if the user can't access our remote version.
* Also improve PE section lookup.
* buf could be freed twice in iso.c.
* Using HRESULT_CODE(error_code) in WindowsErrorString() could lead to "Error: SUCCESS" messages.
* Closes#2524.
* Also try to address potential issues that appear to have been seen in the wild.
* Per #2272 and #1877, MinGW has issues when delay loading libraries, but
it is possible to apply a workaround to alleviate them, by redefining
DECLSPEC_IMPORT before including the corresponding headers.
* This is a bit more tricky to accomplish for virtdisk, as MinGW's windows.h
header does include virtdisk.h on its own (rather than expect a formal
include as MSVC does), so we have to prevent the virtdisk.h inclusion
first, by defining a macro, and then apply our workaround.
* Per ea87573f-65ea-44a2-b4bb-ca96c0a136ab%40akeo.ie/#msg58793876
we are hoping that this should be a temporary workaround and that the root
cause of the issue will be fixed in binutils.
* Closes#2513.
* If you attempt to read past the end of a mounted VHD, not only will Windows happily
return data that doesn't exist (instead of returning End of Disk), but it will also
corrupt the existing data!
* So, to appease the capricious Windows gods, we now make sure that we never attempt
to read (or write) past the boundaries of the source or target when writing images.
* This should address the last issue from #2468.
* Also set version to rufus-next and make some small improvement in winio.h.
* As usual, Microsoft products are so poorly designed that they can't deal with
multiple instances of one thing. In this case, if the Windows installer sees
two ESPs after you select the drive where you want to install Windows and it
creates its own ESP there, it will fail during the "CopyinG Windows Files"
step.
* So make sure that the UEFI:NTFS partition is *not* set to ESP type, even
though it is really an ESP, which is something that we used to do, but that
got reverted in 0f23c47184.
* I don't think we want to make this setting permanent for the time being as
this may result in drawbacks like people using the UEFI Shell going through
an unwanted MD5Sum check because they forgot to turn it off.
* Make them more explicit by ensuring that they use a size suffix.
* Also improve whitespace consistency.
* Also make sure that we display the search for conflicting process message
in the status on a search operation that may timeout.
* Also fix a potential buffer overflow when displaying the detailed HDD vs UFD score due to the
safe_sprintf() macro re-evaluating the expression passed as parameter.
* Also refactor and clean up the the safe_###() macros to avoid similar issues.
* Also use FOF_NO_UI as flag for SHDeleteDirectoryExU(), which may alleviate some Alt-D errors.
