Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 11:08:02 -06:00
Code Activity

Windows: enhance support of new behavior of favorite service which is now always running in case of system encryption

Browse Source
This commit is contained in:
Mounir IDRASSI
2019-01-14 01:01:00 +01:00
parent d3e7ed96f3
commit 07f6793bd2
4 changed files with 46 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/Common/BootEncryption.cpp
View File

@@ -4599,8 +4599,6 @@ namespace VeraCrypt
{ {
WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE); WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE);
WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE); WriteLocalMachineRegistryString (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network\\" TC_SYSTEM_FAVORITES_SERVICE_NAME, NULL, L"Service", FALSE);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, true);
} }
catch (...) catch (...)
{ {
@@ -4615,14 +4613,15 @@ namespace VeraCrypt
} }
else else
{ {
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, false);
DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal", TC_SYSTEM_FAVORITES_SERVICE_NAME); DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal", TC_SYSTEM_FAVORITES_SERVICE_NAME);
DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network", TC_SYSTEM_FAVORITES_SERVICE_NAME); DeleteLocalMachineRegistryKey (L"SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Network", TC_SYSTEM_FAVORITES_SERVICE_NAME);
SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS); SC_HANDLE service = OpenService (scm, TC_SYSTEM_FAVORITES_SERVICE_NAME, SERVICE_ALL_ACCESS);
throw_sys_if (!service); throw_sys_if (!service);
SERVICE_STATUS serviceStatus = {0};
ControlService (service, SERVICE_CONTROL_STOP, &serviceStatus);
throw_sys_if (!DeleteService (service)); throw_sys_if (!DeleteService (service));
CloseServiceHandle (service); CloseServiceHandle (service);
@@ -4940,7 +4939,7 @@ namespace VeraCrypt
try try
{ {
RegisterSystemFavoritesService (false); RegisterSystemFavoritesService (FALSE);
} }
catch (...) { } catch (...) { }
@@ -5168,6 +5167,8 @@ namespace VeraCrypt
InstallVolumeHeader (); InstallVolumeHeader ();
RegisterBootDriver (hiddenSystem); RegisterBootDriver (hiddenSystem);
RegisterSystemFavoritesService (TRUE);
} }
catch (Exception &) catch (Exception &)
{ {

2
src/Mount/Favorites.cpp
View File

@@ -256,7 +256,7 @@ namespace VeraCrypt
{ {
uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0; uint32 reqConfig = IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_OPEN_EXPLORER_WIN_ON_MOUNT) ? TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES : 0;
if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES)) if (reqConfig != (ReadDriverConfigurationFlags() & TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES))
BootEncObj.RegisterSystemFavoritesService (reqConfig ? TRUE : FALSE); BootEncObj.SetDriverConfigurationFlag (TC_DRIVER_CONFIG_CACHE_BOOT_PASSWORD_FOR_SYS_FAVORITES, reqConfig ? true : false);
SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY)); SetDriverConfigurationFlag (TC_DRIVER_CONFIG_DISABLE_NONADMIN_SYS_FAVORITES_ACCESS, IsDlgButtonChecked (hwndDlg, IDC_FAVORITE_DISABLE_HOTKEY));
} }

13
src/Mount/Mount.c
View File

@@ -9352,7 +9352,7 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
case SERVICE_CONTROL_PRESHUTDOWN: case SERVICE_CONTROL_PRESHUTDOWN:
SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING); SystemFavoritesServiceSetStatus (SERVICE_STOP_PENDING);
if (BootEncObj) if (BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT)
{ {
try try
{ {
@@ -9383,11 +9383,10 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
DEV_BROADCAST_HDR* pHdr = (DEV_BROADCAST_HDR *) lpEventData; DEV_BROADCAST_HDR* pHdr = (DEV_BROADCAST_HDR *) lpEventData;
if (pHdr->dbch_devicetype != DBT_DEVTYP_VOLUME && pHdr->dbch_devicetype != DBT_DEVTYP_HANDLE) if (pHdr->dbch_devicetype != DBT_DEVTYP_VOLUME && pHdr->dbch_devicetype != DBT_DEVTYP_HANDLE)
{ {
SystemFavoritesServiceLogInfo (L"SERVICE_CONTROL_DEVICEEVENT - DBT_DEVICEARRIVAL received");
if (ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION) if (ReadDriverConfigurationFlags() & VC_DRIVER_CONFIG_CLEAR_KEYS_ON_NEW_DEVICE_INSERTION)
{ {
BOOL bClearKeys = TRUE; BOOL bClearKeys = TRUE;
SystemFavoritesServiceLogInfo (L"SERVICE_CONTROL_DEVICEEVENT - DBT_DEVICEARRIVAL received");
if (pHdr->dbch_devicetype == DBT_DEVTYP_DEVICEINTERFACE) if (pHdr->dbch_devicetype == DBT_DEVTYP_DEVICEINTERFACE)
{ {
DEV_BROADCAST_DEVICEINTERFACE* pInf = (DEV_BROADCAST_DEVICEINTERFACE*) pHdr; DEV_BROADCAST_DEVICEINTERFACE* pInf = (DEV_BROADCAST_DEVICEINTERFACE*) pHdr;
@@ -9404,11 +9403,7 @@ static DWORD WINAPI SystemFavoritesServiceCtrlHandler ( DWORD dwControl,
if (bClearKeys) if (bClearKeys)
{ {
DWORD cbBytesReturned = 0; DWORD cbBytesReturned = 0;
BOOL bResult = DeviceIoControl (hDriver, VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS, NULL, 0, NULL, 0, &cbBytesReturned, NULL); DeviceIoControl (hDriver, VC_IOCTL_EMERGENCY_CLEAR_ALL_KEYS, NULL, 0, NULL, 0, &cbBytesReturned, NULL);
if (bResult)
SystemFavoritesServiceLogInfo (L"New device insertion detected - encryption keys cleared");
else
SystemFavoritesServiceLogInfo (L"New device insertion detected - failed to clear encryption keys");
} }
} }
} }
@@ -9445,7 +9440,7 @@ static VOID WINAPI SystemFavoritesServiceMain (DWORD argc, LPTSTR *argv)
memset (&SystemFavoritesServiceStatus, 0, sizeof (SystemFavoritesServiceStatus)); memset (&SystemFavoritesServiceStatus, 0, sizeof (SystemFavoritesServiceStatus));
SystemFavoritesServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS; SystemFavoritesServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
SystemFavoritesServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP; SystemFavoritesServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP;
if (IsOSAtLeast (WIN_VISTA) && BootEncObj && BootEncStatus.DriveMounted && BootEncObj->GetSystemDriveConfiguration().SystemPartition.IsGPT) if (IsOSAtLeast (WIN_VISTA))
SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN; SystemFavoritesServiceStatus.dwControlsAccepted |= SERVICE_ACCEPT_PRESHUTDOWN;
ZeroMemory (&hdr, sizeof(hdr)); ZeroMemory (&hdr, sizeof(hdr));

41
src/Setup/Setup.c
View File

@@ -92,6 +92,34 @@ void localcleanup (void)
CloseAppSetupMutex (); CloseAppSetupMutex ();
} }
BOOL ForceCopyFile (LPCWSTR szSrcFile, LPCWSTR szDestFile)
{
BOOL bRet = CopyFileW (szSrcFile, szDestFile, FALSE);
if (!bRet)
{
wstring renamedPath = szDestFile;
renamedPath += VC_FILENAME_RENAMED_SUFFIX;
/* rename the locked file in order to be able to create a new one */
if (MoveFileExW (szDestFile, renamedPath.c_str(), MOVEFILE_REPLACE_EXISTING))
{
bRet = CopyFileW (szSrcFile, szDestFile, FALSE);
if (bRet)
{
/* delete the renamed file when the machine reboots */
MoveFileEx (renamedPath.c_str(), NULL, MOVEFILE_DELAY_UNTIL_REBOOT);
}
else
{
/* restore the original file name */
MoveFileEx (renamedPath.c_str(), szDestFile, MOVEFILE_REPLACE_EXISTING);
}
}
}
return bRet;
}
BOOL ForceDeleteFile (LPCWSTR szFileName) BOOL ForceDeleteFile (LPCWSTR szFileName)
{ {
if (!DeleteFile (szFileName)) if (!DeleteFile (szFileName))
@@ -814,14 +842,6 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false); wstring favoritesFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, false);
wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true); wstring favoritesLegacyFile = GetServiceConfigPath (TC_APPD_FILENAME_SYSTEM_FAVORITE_VOLUMES, true);
if ( FileExists (servicePath.c_str())
|| (Is64BitOs () && FileExists (serviceLegacyPath.c_str()))
)
{
CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str());
bResult = CopyFile (szTmp, servicePath.c_str(), FALSE);
}
if (bResult && Is64BitOs () if (bResult && Is64BitOs ()
&& FileExists (favoritesLegacyFile.c_str()) && FileExists (favoritesLegacyFile.c_str())
&& !FileExists (favoritesFile.c_str())) && !FileExists (favoritesFile.c_str()))
@@ -830,7 +850,7 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
bResult = CopyFile (favoritesLegacyFile.c_str(), favoritesFile.c_str(), FALSE); bResult = CopyFile (favoritesLegacyFile.c_str(), favoritesFile.c_str(), FALSE);
} }
if (bResult && Is64BitOs () && FileExists (favoritesFile.c_str()) && FileExists (servicePath.c_str())) if (bResult)
{ {
// Update the path of the service // Update the path of the service
BootEncryption BootEncObj (hwndDlg); BootEncryption BootEncObj (hwndDlg);
@@ -839,6 +859,9 @@ BOOL DoFilesInstall (HWND hwndDlg, wchar_t *szDestDir)
{ {
if (BootEncObj.GetDriverServiceStartType() == SERVICE_BOOT_START) if (BootEncObj.GetDriverServiceStartType() == SERVICE_BOOT_START)
{ {
CopyMessage (hwndDlg, (wchar_t *) servicePath.c_str());
bResult = ForceCopyFile (szTmp, servicePath.c_str());
if (bResult)
BootEncObj.UpdateSystemFavoritesService (); BootEncObj.UpdateSystemFavoritesService ();
} }
} }