+/* Wrapper around the FSCTL_SET_REPARSE_POINT ioctl to set the reparse data on
+ * an extracted reparse point. */
+static int
+win32_set_reparse_data(HANDLE h,
+ u32 reparse_tag,
+ const struct wim_lookup_table_entry *lte,
+ const wchar_t *path)
+{
+ int ret;
+ u8 *buf;
+ size_t len;
+
+ if (!lte) {
+ WARNING("\"%ls\" is marked as a reparse point but had no reparse data",
+ path);
+ return 0;
+ }
+ len = wim_resource_size(lte);
+ if (len > 16 * 1024 - 8) {
+ WARNING("\"%ls\": reparse data too long!", path);
+ return 0;
+ }
+
+ /* The WIM stream omits the ReparseTag and ReparseDataLength fields, so
+ * leave 8 bytes of space for them at the beginning of the buffer, then
+ * set them manually. */
+ buf = alloca(len + 8);
+ ret = read_full_resource_into_buf(lte, buf + 8, false);
+ if (ret)
+ return ret;
+ *(u32*)(buf + 0) = cpu_to_le32(reparse_tag);
+ *(u16*)(buf + 4) = cpu_to_le16(len);
+ *(u16*)(buf + 6) = 0;
+
+ /* Set the reparse data on the open file using the
+ * FSCTL_SET_REPARSE_POINT ioctl.
+ *
+ * There are contradictions in Microsoft's documentation for this:
+ *
+ * "If hDevice was opened without specifying FILE_FLAG_OVERLAPPED,
+ * lpOverlapped is ignored."
+ *
+ * --- So setting lpOverlapped to NULL is okay since it's ignored.
+ *
+ * "If lpOverlapped is NULL, lpBytesReturned cannot be NULL. Even when an
+ * operation returns no output data and lpOutBuffer is NULL,
+ * DeviceIoControl makes use of lpBytesReturned. After such an
+ * operation, the value of lpBytesReturned is meaningless."
+ *
+ * --- So lpOverlapped not really ignored, as it affects another
+ * parameter. This is the actual behavior: lpBytesReturned must be
+ * specified, even though lpBytesReturned is documented as:
+ *
+ * "Not used with this operation; set to NULL."
+ */
+ DWORD bytesReturned;
+ if (!DeviceIoControl(h, FSCTL_SET_REPARSE_POINT, buf, len + 8,
+ NULL, 0,
+ &bytesReturned /* lpBytesReturned */,
+ NULL /* lpOverlapped */))
+ {
+ DWORD err = GetLastError();
+ ERROR("Failed to set reparse data on \"%ls\"", path);
+ win32_error(err);
+ if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
+ return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
+ else if (reparse_tag == WIM_IO_REPARSE_TAG_SYMLINK ||
+ reparse_tag == WIM_IO_REPARSE_TAG_MOUNT_POINT)
+ return WIMLIB_ERR_LINK;
+ else
+ return WIMLIB_ERR_WRITE;
+ }
+ return 0;
+}
+
+/* Wrapper around the FSCTL_SET_COMPRESSION ioctl to change the
+ * FILE_ATTRIBUTE_COMPRESSED flag of a file or directory. */
+static int
+win32_set_compression_state(HANDLE hFile, USHORT format, const wchar_t *path)
+{
+ DWORD bytesReturned;
+ if (!DeviceIoControl(hFile, FSCTL_SET_COMPRESSION,
+ &format, sizeof(USHORT),
+ NULL, 0,
+ &bytesReturned, NULL))
+ {
+ /* Could be a warning only, but we only call this if the volume
+ * supports compression. So I'm calling this an error. */
+ DWORD err = GetLastError();
+ ERROR("Failed to set compression flag on \"%ls\"", path);
+ win32_error(err);
+ if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
+ return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
+ else
+ return WIMLIB_ERR_WRITE;
+ }
+ return 0;
+}
+
+/* Wrapper around FSCTL_SET_SPARSE ioctl to set a file as sparse. */
+static int
+win32_set_sparse(HANDLE hFile, const wchar_t *path)
+{
+ DWORD bytesReturned;
+ if (!DeviceIoControl(hFile, FSCTL_SET_SPARSE,
+ NULL, 0,
+ NULL, 0,
+ &bytesReturned, NULL))
+ {
+ /* Could be a warning only, but we only call this if the volume
+ * supports sparse files. So I'm calling this an error. */
+ DWORD err = GetLastError();
+ WARNING("Failed to set sparse flag on \"%ls\"", path);
+ win32_error(err);
+ if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
+ return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
+ else
+ return WIMLIB_ERR_WRITE;
+ }
+ return 0;
+}
+
+/*
+ * Sets the security descriptor on an extracted file.
+ */
+static int
+win32_set_security_data(const struct wim_inode *inode,
+ HANDLE hFile,
+ const wchar_t *path,
+ struct apply_args *args)
+{
+ PSECURITY_DESCRIPTOR descriptor;
+ unsigned long n;
+ DWORD err;
+ const struct wim_security_data *sd;
+
+ SECURITY_INFORMATION securityInformation = 0;
+
+ void *owner = NULL;
+ void *group = NULL;
+ ACL *dacl = NULL;
+ ACL *sacl = NULL;
+
+ BOOL owner_defaulted;
+ BOOL group_defaulted;
+ BOOL dacl_present;
+ BOOL dacl_defaulted;
+ BOOL sacl_present;
+ BOOL sacl_defaulted;
+
+ sd = wim_const_security_data(args->w);
+ descriptor = sd->descriptors[inode->i_security_id];
+
+ GetSecurityDescriptorOwner(descriptor, &owner, &owner_defaulted);
+ if (owner)
+ securityInformation |= OWNER_SECURITY_INFORMATION;
+
+ GetSecurityDescriptorGroup(descriptor, &group, &group_defaulted);
+ if (group)
+ securityInformation |= GROUP_SECURITY_INFORMATION;
+
+ GetSecurityDescriptorDacl(descriptor, &dacl_present,
+ &dacl, &dacl_defaulted);
+ if (dacl)
+ securityInformation |= DACL_SECURITY_INFORMATION;
+
+ GetSecurityDescriptorSacl(descriptor, &sacl_present,
+ &sacl, &sacl_defaulted);
+ if (sacl)
+ securityInformation |= SACL_SECURITY_INFORMATION;
+
+again:
+ if (securityInformation == 0)
+ return 0;
+ if (SetSecurityInfo(hFile, SE_FILE_OBJECT,
+ securityInformation, owner, group, dacl, sacl))
+ return 0;
+ err = GetLastError();
+ if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS)
+ goto fail;
+ switch (err) {
+ case ERROR_PRIVILEGE_NOT_HELD:
+ if (securityInformation & SACL_SECURITY_INFORMATION) {
+ n = args->num_set_sacl_priv_notheld++;
+ securityInformation &= ~SACL_SECURITY_INFORMATION;
+ sacl = NULL;
+ if (n < MAX_SET_SACL_PRIV_NOTHELD_WARNINGS) {
+ WARNING(
+"We don't have enough privileges to set the full security\n"
+" descriptor on \"%ls\"!\n", path);
+ if (args->num_set_sd_access_denied +
+ args->num_set_sacl_priv_notheld == 1)
+ {
+ WARNING("%ls", apply_access_denied_msg);
+ }
+ WARNING("Re-trying with SACL omitted.\n", path);
+ } else if (n == MAX_GET_SACL_PRIV_NOTHELD_WARNINGS) {
+ WARNING(
+"Suppressing further 'privileges not held' error messages when setting\n"
+" security descriptors.");
+ }
+ goto again;
+ }
+ /* Fall through */
+ case ERROR_INVALID_OWNER:
+ case ERROR_ACCESS_DENIED:
+ n = args->num_set_sd_access_denied++;
+ if (n < MAX_SET_SD_ACCESS_DENIED_WARNINGS) {
+ WARNING("Failed to set security descriptor on \"%ls\": "
+ "Access denied!\n", path);
+ if (args->num_set_sd_access_denied +
+ args->num_set_sacl_priv_notheld == 1)
+ {
+ WARNING("%ls", apply_access_denied_msg);
+ }
+ } else if (n == MAX_SET_SD_ACCESS_DENIED_WARNINGS) {
+ WARNING(
+"Suppressing further access denied error messages when setting\n"
+" security descriptors");
+ }
+ return 0;
+ default:
+fail:
+ ERROR("Failed to set security descriptor on \"%ls\"", path);
+ win32_error(err);
+ if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
+ return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
+ else
+ return WIMLIB_ERR_WRITE;
+ }
+}
+
+
+static int
+win32_extract_chunk(const void *buf, size_t len, void *arg)
+{
+ HANDLE hStream = arg;
+
+ DWORD nbytes_written;
+ wimlib_assert(len <= 0xffffffff);
+
+ if (!WriteFile(hStream, buf, len, &nbytes_written, NULL) ||
+ nbytes_written != len)
+ {
+ DWORD err = GetLastError();
+ ERROR("WriteFile(): write error");
+ win32_error(err);
+ return WIMLIB_ERR_WRITE;
+ }
+ return 0;
+}
+
+static int
+do_win32_extract_stream(HANDLE hStream, const struct wim_lookup_table_entry *lte)
+{
+ return extract_wim_resource(lte, wim_resource_size(lte),
+ win32_extract_chunk, hStream);
+}
+
+struct win32_encrypted_extract_ctx {
+ void *file_ctx;
+ int wimlib_err_code;
+ bool done;
+ pthread_cond_t cond;
+ pthread_mutex_t mutex;
+ u8 buf[WIM_CHUNK_SIZE];
+ size_t buf_filled;
+};
+
+static DWORD WINAPI
+win32_encrypted_import_cb(unsigned char *data, void *_ctx,
+ unsigned long *len_p)
+{
+ struct win32_encrypted_extract_ctx *ctx = _ctx;
+ unsigned long len = *len_p;
+
+ pthread_mutex_lock(&ctx->mutex);
+ while (len) {
+ size_t bytes_to_copy;
+
+ DEBUG("Importing up to %lu more bytes of raw encrypted data", len);
+ while (ctx->buf_filled == 0) {
+ if (ctx->done)
+ goto out;
+ pthread_cond_wait(&ctx->cond, &ctx->mutex);
+ }
+ bytes_to_copy = min(len, ctx->buf_filled);
+ memcpy(data, ctx->buf, bytes_to_copy);
+ len -= bytes_to_copy;
+ data += bytes_to_copy;
+ ctx->buf_filled -= bytes_to_copy;
+ memmove(ctx->buf, ctx->buf + bytes_to_copy, ctx->buf_filled);
+ pthread_cond_signal(&ctx->cond);
+ }
+out:
+ *len_p -= len;
+ pthread_mutex_unlock(&ctx->mutex);
+ return ERROR_SUCCESS;
+}
+
+/* Extract ("Import") an encrypted file in a different thread. */
+static void *
+win32_encrypted_import_proc(void *arg)
+{
+ struct win32_encrypted_extract_ctx *ctx = arg;
+ DWORD ret;
+ ret = WriteEncryptedFileRaw(win32_encrypted_import_cb, ctx,
+ ctx->file_ctx);
+ pthread_mutex_lock(&ctx->mutex);
+ if (ret == ERROR_SUCCESS) {
+ ctx->wimlib_err_code = 0;
+ } else {
+ win32_error(ret);
+ ctx->wimlib_err_code = WIMLIB_ERR_WRITE;
+ }
+ ctx->done = true;
+ pthread_cond_signal(&ctx->cond);
+ pthread_mutex_unlock(&ctx->mutex);
+ return NULL;
+}
+
+
+static int
+win32_extract_raw_encrypted_chunk(const void *buf, size_t len, void *arg)
+{
+ struct win32_encrypted_extract_ctx *ctx = arg;
+ size_t bytes_to_copy;
+
+ while (len) {
+ DEBUG("Extracting up to %zu more bytes of encrypted data", len);
+ pthread_mutex_lock(&ctx->mutex);
+ while (ctx->buf_filled == WIM_CHUNK_SIZE) {
+ if (ctx->done) {
+ pthread_mutex_unlock(&ctx->mutex);
+ return ctx->wimlib_err_code;
+ }
+ pthread_cond_wait(&ctx->cond, &ctx->mutex);
+ }
+ bytes_to_copy = min(len, WIM_CHUNK_SIZE - ctx->buf_filled);
+ memcpy(&ctx->buf[ctx->buf_filled], buf, bytes_to_copy);
+ len -= bytes_to_copy;
+ buf += bytes_to_copy;
+ ctx->buf_filled += bytes_to_copy;
+ pthread_cond_signal(&ctx->cond);
+ pthread_mutex_unlock(&ctx->mutex);
+ }
+ return 0;
+}
+
+/* Create an encrypted file and extract the raw encrypted data to it.
+ *
+ * @path: Path to encrypted file to create.
+ * @lte: WIM lookup_table entry for the raw encrypted data.
+ *
+ * This is separate from do_win32_extract_stream() because the WIM is supposed
+ * to contain the *raw* encrypted data, which needs to be extracted ("imported")
+ * using the special APIs OpenEncryptedFileRawW(), WriteEncryptedFileRaw(), and
+ * CloseEncryptedFileRaw().
+ *
+ * Returns 0 on success; nonzero on failure.
+ */
+static int
+do_win32_extract_encrypted_stream(const wchar_t *path,
+ const struct wim_lookup_table_entry *lte)
+{
+ struct win32_encrypted_extract_ctx ctx;
+ void *file_ctx;
+ pthread_t import_thread;
+ int ret;
+ int ret2;
+
+ DEBUG("Opening file \"%ls\" to extract raw encrypted data", path);
+
+ ret = OpenEncryptedFileRawW(path, CREATE_FOR_IMPORT, &file_ctx);
+ if (ret) {
+ ERROR("Failed to open \"%ls\" to write raw encrypted data", path);
+ win32_error(ret);
+ return WIMLIB_ERR_OPEN;
+ }
+
+ if (!lte)
+ goto out_close;
+
+ /* Hack alert: WriteEncryptedFileRaw() requires the callback function
+ * to work with a buffer whose size we cannot control. This doesn't
+ * play well with our read_resource_prefix() function, which itself uses
+ * a callback function to extract WIM_CHUNK_SIZE chunks of data. We
+ * work around this problem by calling WriteEncryptedFileRaw() in a
+ * different thread and feeding it the data as needed. */
+ ctx.file_ctx = file_ctx;
+ ctx.buf_filled = 0;
+ ctx.done = false;
+ ctx.wimlib_err_code = 0;
+ if (pthread_mutex_init(&ctx.mutex, NULL)) {
+ ERROR_WITH_ERRNO("Can't create mutex");
+ ret = WIMLIB_ERR_NOMEM;
+ goto out_close;
+ }
+ if (pthread_cond_init(&ctx.cond, NULL)) {
+ ERROR_WITH_ERRNO("Can't create condition variable");
+ ret = WIMLIB_ERR_NOMEM;
+ goto out_pthread_mutex_destroy;
+ }
+ ret = pthread_create(&import_thread, NULL,
+ win32_encrypted_import_proc, &ctx);
+ if (ret) {
+ errno = ret;
+ ERROR_WITH_ERRNO("Failed to create thread");
+ ret = WIMLIB_ERR_FORK;
+ goto out_pthread_cond_destroy;
+ }
+
+ ret = extract_wim_resource(lte, wim_resource_size(lte),
+ win32_extract_raw_encrypted_chunk, &ctx);
+ pthread_mutex_lock(&ctx.mutex);
+ ctx.done = true;
+ pthread_cond_signal(&ctx.cond);
+ pthread_mutex_unlock(&ctx.mutex);
+ ret2 = pthread_join(import_thread, NULL);
+ if (ret2) {
+ errno = ret2;
+ ERROR_WITH_ERRNO("Failed to join encrypted import thread");
+ if (ret == 0)
+ ret = WIMLIB_ERR_WRITE;
+ }
+ if (ret == 0)
+ ret = ctx.wimlib_err_code;
+out_pthread_cond_destroy:
+ pthread_cond_destroy(&ctx.cond);
+out_pthread_mutex_destroy:
+ pthread_mutex_destroy(&ctx.mutex);
+out_close:
+ CloseEncryptedFileRaw(file_ctx);
+ if (ret)
+ ERROR("Failed to extract encrypted file \"%ls\"", path);
+ return ret;
+}
+
+static bool
+path_is_root_of_drive(const wchar_t *path)
+{
+ if (!*path)
+ return false;
+
+ if (*path != L'/' && *path != L'\\') {
+ if (*(path + 1) == L':')
+ path += 2;
+ else
+ return false;
+ }
+ while (*path == L'/' || *path == L'\\')
+ path++;
+ return (*path == L'\0');
+}
+
+static inline DWORD
+win32_mask_attributes(DWORD i_attributes)
+{
+ return i_attributes & ~(FILE_ATTRIBUTE_SPARSE_FILE |
+ FILE_ATTRIBUTE_COMPRESSED |
+ FILE_ATTRIBUTE_REPARSE_POINT |
+ FILE_ATTRIBUTE_DIRECTORY |
+ FILE_ATTRIBUTE_ENCRYPTED |
+ FILE_FLAG_DELETE_ON_CLOSE |
+ FILE_FLAG_NO_BUFFERING |
+ FILE_FLAG_OPEN_NO_RECALL |
+ FILE_FLAG_OVERLAPPED |
+ FILE_FLAG_RANDOM_ACCESS |
+ /*FILE_FLAG_SESSION_AWARE |*/
+ FILE_FLAG_SEQUENTIAL_SCAN |
+ FILE_FLAG_WRITE_THROUGH);
+}
+
+static inline DWORD
+win32_get_create_flags_and_attributes(DWORD i_attributes)
+{
+ /*
+ * Some attributes cannot be set by passing them to CreateFile(). In
+ * particular:
+ *
+ * FILE_ATTRIBUTE_DIRECTORY:
+ * CreateDirectory() must be called instead of CreateFile().
+ *
+ * FILE_ATTRIBUTE_SPARSE_FILE:
+ * Needs an ioctl.
+ * See: win32_set_sparse().
+ *
+ * FILE_ATTRIBUTE_COMPRESSED:
+ * Not clear from the documentation, but apparently this needs an
+ * ioctl as well.
+ * See: win32_set_compressed().
+ *
+ * FILE_ATTRIBUTE_REPARSE_POINT:
+ * Needs an ioctl, with the reparse data specified.
+ * See: win32_set_reparse_data().
+ *
+ * In addition, clear any file flags in the attributes that we don't
+ * want, but also specify FILE_FLAG_OPEN_REPARSE_POINT and
+ * FILE_FLAG_BACKUP_SEMANTICS as we are a backup application.
+ */
+ return win32_mask_attributes(i_attributes) |
+ FILE_FLAG_OPEN_REPARSE_POINT |
+ FILE_FLAG_BACKUP_SEMANTICS;
+}
+
+/* Set compression and/or sparse attributes on a stream, if supported by the
+ * volume. */
+static int
+win32_set_special_stream_attributes(HANDLE hFile, const struct wim_inode *inode,
+ struct wim_lookup_table_entry *unnamed_stream_lte,
+ const wchar_t *path, unsigned vol_flags)
+{
+ int ret;
+
+ if (inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED) {
+ if (vol_flags & FILE_FILE_COMPRESSION) {
+ ret = win32_set_compression_state(hFile,
+ COMPRESSION_FORMAT_DEFAULT,
+ path);
+ if (ret)
+ return ret;
+ } else {
+ DEBUG("Cannot set compression attribute on \"%ls\": "
+ "volume does not support transparent compression",
+ path);
+ }
+ }
+
+ if (inode->i_attributes & FILE_ATTRIBUTE_SPARSE_FILE) {
+ if (vol_flags & FILE_SUPPORTS_SPARSE_FILES) {
+ DEBUG("Setting sparse flag on \"%ls\"", path);
+ ret = win32_set_sparse(hFile, path);
+ if (ret)
+ return ret;
+ } else {
+ DEBUG("Cannot set sparse attribute on \"%ls\": "
+ "volume does not support sparse files",
+ path);
+ }
+ }
+ return 0;
+}
+
+/* Pre-create directories; extract encrypted streams */
+static int
+win32_begin_extract_unnamed_stream(const struct wim_inode *inode,
+ const struct wim_lookup_table_entry *lte,
+ const wchar_t *path,
+ DWORD *creationDisposition_ret,
+ unsigned int vol_flags)
+{
+ DWORD err;
+ int ret;
+
+ /* Directories must be created with CreateDirectoryW(). Then the call
+ * to CreateFileW() will merely open the directory that was already
+ * created rather than creating a new file. */
+ if (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY) {
+ if (!CreateDirectoryW(path, NULL)) {
+ err = GetLastError();
+ switch (err) {
+ case ERROR_ALREADY_EXISTS:
+ break;
+ case ERROR_ACCESS_DENIED:
+ if (path_is_root_of_drive(path))
+ break;
+ /* Fall through */
+ default:
+ ERROR("Failed to create directory \"%ls\"",
+ path);
+ win32_error(err);
+ return WIMLIB_ERR_MKDIR;
+ }
+ }
+ DEBUG("Created directory \"%ls\"", path);
+ *creationDisposition_ret = OPEN_EXISTING;
+ }
+ if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED &&
+ vol_flags & FILE_SUPPORTS_ENCRYPTION)
+ {
+ if (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY) {
+ if (!EncryptFile(path)) {
+ err = GetLastError();
+ ERROR("Failed to encrypt directory \"%ls\"",
+ path);
+ win32_error(err);
+ return WIMLIB_ERR_WRITE;
+ }
+ } else {
+ ret = do_win32_extract_encrypted_stream(path, lte);
+ if (ret)
+ return ret;
+ DEBUG("Extracted encrypted file \"%ls\"", path);
+ }
+ *creationDisposition_ret = OPEN_EXISTING;
+ }
+
+ /* Set file attributes if we created the file. Otherwise, we haven't
+ * created the file set and we will set the attributes in the call to
+ * CreateFileW().
+ *
+ * The FAT filesystem does not let you change the attributes of the root
+ * directory, so treat that as a special case and do not set attributes.
+ * */
+ if (*creationDisposition_ret == OPEN_EXISTING &&
+ !path_is_root_of_drive(path))
+ {
+ if (!SetFileAttributesW(path,
+ win32_mask_attributes(inode->i_attributes)))
+ {
+ err = GetLastError();
+ ERROR("Failed to set attributes on \"%ls\"", path);
+ win32_error(err);
+ return WIMLIB_ERR_WRITE;
+ }
+ }
+ return 0;
+}
+
+/* Set security descriptor and extract stream data or reparse data (skip the
+ * unnamed data stream of encrypted files, which was already extracted). */
+static int
+win32_finish_extract_stream(HANDLE h, const struct wim_inode *inode,
+ const struct wim_lookup_table_entry *lte,
+ const wchar_t *stream_path,
+ const wchar_t *stream_name_utf16,
+ struct apply_args *args)
+{
+ int ret = 0;
+ if (stream_name_utf16 == NULL) {
+ /* Unnamed stream. */
+
+ /* Set security descriptor, unless the extract_flags indicate
+ * not to or the volume does not supported it. Note that this
+ * is only done when the unnamed stream is being extracted, as
+ * security descriptors are per-file and not per-stream. */
+ if (inode->i_security_id >= 0 &&
+ !(args->extract_flags & WIMLIB_EXTRACT_FLAG_NO_ACLS)
+ && (args->vol_flags & FILE_PERSISTENT_ACLS))
+ {
+ ret = win32_set_security_data(inode, h, stream_path, args);
+ if (ret)
+ return ret;
+ }
+
+ /* Handle reparse points. The data for them needs to be set
+ * using a special ioctl. Note that the reparse point may have
+ * been created using CreateFileW() in the case of
+ * non-directories or CreateDirectoryW() in the case of
+ * directories; but the ioctl works either way. Also, it is
+ * only this step that actually sets the
+ * FILE_ATTRIBUTE_REPARSE_POINT, as it is not valid to set it
+ * using SetFileAttributesW() or CreateFileW().
+ *
+ * If the volume does not support reparse points we simply
+ * ignore the reparse data. (N.B. the code currently doesn't
+ * actually reach this case because reparse points are skipped
+ * entirely on such volumes.) */
+ if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) {
+ if (args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS) {
+ DEBUG("Setting reparse data on \"%ls\"",
+ stream_path);
+ ret = win32_set_reparse_data(h,
+ inode->i_reparse_tag,
+ lte, stream_path);
+ if (ret)
+ return ret;
+ } else {
+ DEBUG("Cannot set reparse data on \"%ls\": volume "
+ "does not support reparse points", stream_path);
+ }
+ } else if (lte != NULL &&
+ !(args->vol_flags & FILE_SUPPORTS_ENCRYPTION &&
+ inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED))
+ {
+ /* Extract the data of the unnamed stream, unless the
+ * lookup table entry is NULL (indicating an empty
+ * stream for which no data needs to be extracted), or
+ * the stream is encrypted and therefore was already
+ * extracted as a special case. */
+ ret = do_win32_extract_stream(h, lte);
+ }
+ } else {
+ /* Extract the data for a named data stream. */
+ if (lte != NULL) {
+ DEBUG("Extracting named data stream \"%ls\" (len = %"PRIu64")",
+ stream_path, wim_resource_size(lte));
+ ret = do_win32_extract_stream(h, lte);
+ }
+ }
+ return ret;
+}
+
+static int
+win32_decrypt_file(HANDLE open_handle, const wchar_t *path)
+{
+ DWORD err;
+ /* We cannot call DecryptFileW() while there is an open handle to the
+ * file. So close it first. */
+ if (!CloseHandle(open_handle)) {
+ err = GetLastError();
+ ERROR("Failed to close handle for \"%ls\"", path);
+ win32_error(err);
+ return WIMLIB_ERR_WRITE;
+ }
+ if (!DecryptFileW(path, 0 /* reserved parameter; set to 0 */)) {
+ err = GetLastError();
+ ERROR("Failed to decrypt file \"%ls\"", path);
+ win32_error(err);
+ return WIMLIB_ERR_WRITE;
+ }
+ return 0;
+}
+
+/*
+ * Create and extract a stream to a file, or create a directory, using the
+ * Windows API.
+ *
+ * This handles reparse points, directories, alternate data streams, encrypted
+ * files, compressed files, etc.
+ *
+ * @inode: WIM inode containing the stream.
+ *
+ * @path: Path to extract the file to.
+ *
+ * @stream_name_utf16:
+ * Name of the stream, or NULL if the stream is unnamed. This will
+ * be called with a NULL stream_name_utf16 before any non-NULL
+ * stream_name_utf16's.
+ *
+ * @lte: WIM lookup table entry for the stream. May be NULL to indicate
+ * a stream of length 0.
+ *
+ * @args: Additional apply context, including flags indicating supported
+ * volume features.
+ *
+ * Returns 0 on success; nonzero on failure.
+ */
+static int
+win32_extract_stream(const struct wim_inode *inode,
+ const wchar_t *path,
+ const wchar_t *stream_name_utf16,
+ struct wim_lookup_table_entry *lte,
+ struct apply_args *args)
+{
+ wchar_t *stream_path;
+ HANDLE h;
+ int ret;
+ DWORD err;
+ DWORD creationDisposition = CREATE_ALWAYS;
+ DWORD requestedAccess;
+ BY_HANDLE_FILE_INFORMATION file_info;
+
+ if (stream_name_utf16) {
+ /* Named stream. Create a buffer that contains the UTF-16LE
+ * string [./]path:stream_name_utf16. This is needed to
+ * create and open the stream using CreateFileW(). I'm not
+ * aware of any other APIs to do this. Note: the '$DATA' suffix
+ * seems to be unneeded. Additional note: a "./" prefix needs
+ * to be added when the path is not absolute to avoid ambiguity
+ * with drive letters. */
+ size_t stream_path_nchars;
+ size_t path_nchars;
+ size_t stream_name_nchars;
+ const wchar_t *prefix;
+
+ path_nchars = wcslen(path);
+ stream_name_nchars = wcslen(stream_name_utf16);
+ stream_path_nchars = path_nchars + 1 + stream_name_nchars;
+ if (path[0] != cpu_to_le16(L'\0') &&
+ path[0] != cpu_to_le16(L'/') &&
+ path[0] != cpu_to_le16(L'\\') &&
+ path[1] != cpu_to_le16(L':'))
+ {
+ prefix = L"./";
+ stream_path_nchars += 2;
+ } else {
+ prefix = L"";
+ }
+ stream_path = alloca((stream_path_nchars + 1) * sizeof(wchar_t));
+ swprintf(stream_path, L"%ls%ls:%ls",
+ prefix, path, stream_name_utf16);
+ } else {
+ /* Unnamed stream; its path is just the path to the file itself.
+ * */
+ stream_path = (wchar_t*)path;
+
+ ret = win32_begin_extract_unnamed_stream(inode, lte, path,
+ &creationDisposition,
+ args->vol_flags);
+ if (ret)
+ goto fail;
+ }
+
+ DEBUG("Opening \"%ls\"", stream_path);
+ requestedAccess = GENERIC_READ | GENERIC_WRITE |
+ ACCESS_SYSTEM_SECURITY;
+try_open_again:
+ /* Open the stream to be extracted. Depending on what we have set
+ * creationDisposition to, we may be creating this for the first time,
+ * or we may be opening on existing stream we already created using
+ * CreateDirectoryW() or OpenEncryptedFileRawW(). */
+ h = CreateFileW(stream_path,
+ requestedAccess,
+ 0,
+ NULL,
+ creationDisposition,
+ win32_get_create_flags_and_attributes(inode->i_attributes),
+ NULL);
+ if (h == INVALID_HANDLE_VALUE) {
+ err = GetLastError();
+ if (err == ERROR_PRIVILEGE_NOT_HELD &&
+ (requestedAccess & ACCESS_SYSTEM_SECURITY))
+ {
+ /* Try opening the file again without privilege to
+ * modify SACL. */
+ requestedAccess &= ~ACCESS_SYSTEM_SECURITY;
+ goto try_open_again;
+ }
+ ERROR("Failed to create \"%ls\"", stream_path);
+ win32_error(err);
+ ret = WIMLIB_ERR_OPEN;
+ goto fail;
+ }
+
+ /* Check the attributes of the file we just opened, and remove
+ * encryption or compression if either was set by default but is not
+ * supposed to be set based on the WIM inode attributes. */
+ if (!GetFileInformationByHandle(h, &file_info)) {
+ err = GetLastError();
+ ERROR("Failed to get attributes of \"%ls\"", stream_path);
+ win32_error(err);
+ ret = WIMLIB_ERR_STAT;
+ goto fail_close_handle;
+ }
+
+ /* Remove encryption? */
+ if (file_info.dwFileAttributes & FILE_ATTRIBUTE_ENCRYPTED &&
+ !(inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED))
+ {
+ /* File defaulted to encrypted due to being in an encrypted
+ * directory, but is not actually supposed to be encrypted.
+ *
+ * This is a workaround, because I'm not aware of any way to
+ * directly (e.g. with CreateFileW()) create an unencrypted file
+ * in a directory with FILE_ATTRIBUTE_ENCRYPTED set. */
+ ret = win32_decrypt_file(h, stream_path);
+ if (ret)
+ goto fail; /* win32_decrypt_file() closed the handle. */
+ creationDisposition = OPEN_EXISTING;
+ goto try_open_again;
+ }
+
+ /* Remove compression? */
+ if (file_info.dwFileAttributes & FILE_ATTRIBUTE_COMPRESSED &&
+ !(inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED))
+ {
+ /* Similar to the encrypted case, above, if the file defaulted
+ * to compressed due to being in an compressed directory, but is
+ * not actually supposed to be compressed, explicitly set the
+ * compression format to COMPRESSION_FORMAT_NONE. */
+ ret = win32_set_compression_state(h, COMPRESSION_FORMAT_NONE,
+ stream_path);
+ if (ret)
+ goto fail_close_handle;
+ }
+
+ /* Set compression and/or sparse attributes if needed */
+ ret = win32_set_special_stream_attributes(h, inode, lte, path,
+ args->vol_flags);
+
+ if (ret)
+ goto fail_close_handle;
+
+ /* At this point we have at least created the needed stream with the
+ * appropriate attributes. We have yet to set the appropriate security
+ * descriptor and actually extract the stream data (other than for
+ * extracted files, which were already extracted).
+ * win32_finish_extract_stream() handles these additional steps. */
+ ret = win32_finish_extract_stream(h, inode, lte, stream_path,
+ stream_name_utf16, args);
+ if (ret)
+ goto fail_close_handle;
+
+ /* Done extracting the stream. Close the handle and return. */
+ DEBUG("Closing \"%ls\"", stream_path);
+ if (!CloseHandle(h)) {
+ err = GetLastError();
+ ERROR("Failed to close \"%ls\"", stream_path);
+ win32_error(err);
+ ret = WIMLIB_ERR_WRITE;
+ goto fail;
+ }
+ ret = 0;
+ goto out;
+fail_close_handle:
+ CloseHandle(h);
+fail:
+ ERROR("Error extracting \"%ls\"", stream_path);
+out:
+ return ret;
+}
+
+/*
+ * Creates a file, directory, or reparse point and extracts all streams to it
+ * (unnamed data stream and/or reparse point stream, plus any alternate data
+ * streams). Handles sparse, compressed, and/or encrypted files.
+ *
+ * @inode: WIM inode for this file or directory.
+ * @path: UTF-16LE external path to extract the inode to.
+ * @args: Additional extraction context.
+ *
+ * Returns 0 on success; nonzero on failure.
+ */
+static int
+win32_extract_streams(const struct wim_inode *inode,
+ const wchar_t *path, struct apply_args *args)
+{
+ struct wim_lookup_table_entry *unnamed_lte;
+ int ret;
+
+ /* First extract the unnamed stream. */
+
+ unnamed_lte = inode_unnamed_lte_resolved(inode);
+ ret = win32_extract_stream(inode, path, NULL, unnamed_lte, args);
+ if (ret)
+ goto out;
+
+ /* Extract any named streams, if supported by the volume. */
+
+ if (!(args->vol_flags & FILE_NAMED_STREAMS))
+ goto out;
+ for (u16 i = 0; i < inode->i_num_ads; i++) {
+ const struct wim_ads_entry *ads_entry = &inode->i_ads_entries[i];
+
+ /* Skip the unnamed stream if it's in the ADS entries (we
+ * already extracted it...) */
+ if (ads_entry->stream_name_nbytes == 0)
+ continue;
+
+ /* Skip special UNIX data entries (see documentation for
+ * WIMLIB_ADD_IMAGE_FLAG_UNIX_DATA) */
+ if (ads_entry->stream_name_nbytes == WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES
+ && !memcmp(ads_entry->stream_name,
+ WIMLIB_UNIX_DATA_TAG_UTF16LE,
+ WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES))
+ continue;
+
+ /* Extract the named stream */
+ ret = win32_extract_stream(inode,
+ path,
+ ads_entry->stream_name,
+ ads_entry->lte,
+ args);
+ if (ret)
+ break;
+ }
+out:
+ return ret;
+}
+
+/* If not done already, load the supported feature flags for the volume onto
+ * which the image is being extracted, and warn the user about any missing
+ * features that could be important. */
+static int
+win32_check_vol_flags(const wchar_t *output_path, struct apply_args *args)
+{
+ if (args->have_vol_flags)
+ return 0;
+
+ win32_get_vol_flags(output_path, &args->vol_flags);
+ args->have_vol_flags = true;
+ /* Warn the user about data that may not be extracted. */
+ if (!(args->vol_flags & FILE_SUPPORTS_SPARSE_FILES))
+ WARNING("Volume does not support sparse files!\n"
+ " Sparse files will be extracted as non-sparse.");
+ if (!(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS))
+ WARNING("Volume does not support reparse points!\n"
+ " Reparse point data will not be extracted.");
+ if (!(args->vol_flags & FILE_NAMED_STREAMS)) {
+ WARNING("Volume does not support named data streams!\n"
+ " Named data streams will not be extracted.");
+ }
+ if (!(args->vol_flags & FILE_SUPPORTS_ENCRYPTION)) {
+ WARNING("Volume does not support encryption!\n"
+ " Encrypted files will be extracted as raw data.");
+ }
+ if (!(args->vol_flags & FILE_FILE_COMPRESSION)) {
+ WARNING("Volume does not support transparent compression!\n"
+ " Compressed files will be extracted as non-compressed.");
+ }
+ if (!(args->vol_flags & FILE_PERSISTENT_ACLS)) {
+ if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS) {
+ ERROR("Strict ACLs requested, but the volume does not "
+ "support ACLs!");
+ return WIMLIB_ERR_VOLUME_LACKS_FEATURES;
+ } else {
+ WARNING("Volume does not support persistent ACLS!\n"
+ " File permissions will not be extracted.");
+ }
+ }
+ return 0;
+}
+
+/*
+ * Try extracting a hard link.
+ *
+ * @output_path: Path to link to be extracted.
+ *
+ * @inode: WIM inode that the link is to; inode->i_extracted_file
+ * the path to a name of the file that has already been
+ * extracted (we use this to create the hard link).
+ *
+ * @args: Additional apply context, used here to keep track of
+ * the number of times creating a hard link failed due to
+ * ERROR_INVALID_FUNCTION. This error should indicate that hard
+ * links are not supported by the volume, and we would like to
+ * warn the user a few times, but not too many times.
+ *
+ * Returns 0 if the hard link was successfully extracted. Returns
+ * WIMLIB_ERR_LINK (> 0) if an error occurred, other than hard links possibly
+ * being unsupported by the volume. Returns a negative value if creating the
+ * hard link failed due to ERROR_INVALID_FUNCTION.
+ */
+static int
+win32_try_hard_link(const wchar_t *output_path, const struct wim_inode *inode,
+ struct apply_args *args)
+{
+ DWORD err;
+
+ /* There is a volume flag for this (FILE_SUPPORTS_HARD_LINKS),
+ * but it's only available on Windows 7 and later. So no use
+ * even checking it, really. Instead, CreateHardLinkW() will
+ * apparently return ERROR_INVALID_FUNCTION if the volume does
+ * not support hard links. */
+ DEBUG("Creating hard link \"%ls => %ls\"",
+ output_path, inode->i_extracted_file);
+ if (CreateHardLinkW(output_path, inode->i_extracted_file, NULL))
+ return 0;
+
+ err = GetLastError();
+ if (err != ERROR_INVALID_FUNCTION) {
+ ERROR("Can't create hard link \"%ls => %ls\"",
+ output_path, inode->i_extracted_file);
+ win32_error(err);
+ return WIMLIB_ERR_LINK;
+ } else {
+ args->num_hard_links_failed++;
+ if (args->num_hard_links_failed < MAX_CREATE_HARD_LINK_WARNINGS) {
+ WARNING("Can't create hard link \"%ls => %ls\":\n"
+ " Volume does not support hard links!\n"
+ " Falling back to extracting a copy of the file.",
+ output_path, inode->i_extracted_file);
+ } else if (args->num_hard_links_failed == MAX_CREATE_HARD_LINK_WARNINGS) {
+ WARNING("Suppressing further hard linking warnings...");
+ }
+ return -1;
+ }
+}
+
+/* Extract a file, directory, reparse point, or hard link to an
+ * already-extracted file using the Win32 API */
+int
+win32_do_apply_dentry(const wchar_t *output_path,
+ size_t output_path_num_chars,
+ struct wim_dentry *dentry,
+ struct apply_args *args)
+{
+ int ret;
+ struct wim_inode *inode = dentry->d_inode;
+
+ ret = win32_check_vol_flags(output_path, args);
+ if (ret)
+ return ret;
+ if (inode->i_nlink > 1 && inode->i_extracted_file != NULL) {
+ /* Linked file, with another name already extracted. Create a
+ * hard link. */
+ ret = win32_try_hard_link(output_path, inode, args);
+ if (ret >= 0)
+ return ret;
+ /* Negative return value from win32_try_hard_link() indicates
+ * that hard links are probably not supported by the volume.
+ * Fall back to extracting a copy of the file. */
+ }
+
+ /* If this is a reparse point and the volume does not support reparse
+ * points, just skip it completely. */
+ if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT &&
+ !(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS))
+ {
+ WARNING("Skipping extraction of reparse point \"%ls\":\n"
+ " Not supported by destination filesystem",
+ output_path);
+ } else {
+ /* Create the file, directory, or reparse point, and extract the
+ * data streams. */
+ ret = win32_extract_streams(inode, output_path, args);
+ if (ret)
+ return ret;
+ }
+ if (inode->i_extracted_file == NULL) {
+ const struct wim_lookup_table_entry *lte;
+
+ /* Tally bytes extracted, including all alternate data streams,
+ * unless we extracted a hard link (or, at least extracted a
+ * name that was supposed to be a hard link) */
+ for (unsigned i = 0; i <= inode->i_num_ads; i++) {
+ lte = inode_stream_lte_resolved(inode, i);
+ if (lte)
+ args->progress.extract.completed_bytes +=
+ wim_resource_size(lte);
+ }
+ if (inode->i_nlink > 1) {
+ /* Save extracted path for a later call to
+ * CreateHardLinkW() if this inode has multiple links.
+ * */
+ inode->i_extracted_file = WSTRDUP(output_path);
+ if (!inode->i_extracted_file)
+ return WIMLIB_ERR_NOMEM;
+ }
+ }
+ return 0;
+}
+
+/* Set timestamps on an extracted file using the Win32 API */
+int
+win32_do_apply_dentry_timestamps(const wchar_t *path,
+ size_t path_num_chars,
+ const struct wim_dentry *dentry,
+ const struct apply_args *args)
+{
+ DWORD err;
+ HANDLE h;
+ const struct wim_inode *inode = dentry->d_inode;
+
+ if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT &&
+ !(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS))
+ {
+ /* Skip reparse points not extracted */
+ return 0;
+ }
+
+ /* Windows doesn't let you change the timestamps of the root directory
+ * (at least on FAT, which is dumb but expected since FAT doesn't store
+ * any metadata about the root directory...) */
+ if (path_is_root_of_drive(path))
+ return 0;
+
+ DEBUG("Opening \"%ls\" to set timestamps", path);
+ h = win32_open_existing_file(path, FILE_WRITE_ATTRIBUTES);
+ if (h == INVALID_HANDLE_VALUE) {
+ err = GetLastError();
+ goto fail;
+ }
+
+ FILETIME creationTime = {.dwLowDateTime = inode->i_creation_time & 0xffffffff,
+ .dwHighDateTime = inode->i_creation_time >> 32};
+ FILETIME lastAccessTime = {.dwLowDateTime = inode->i_last_access_time & 0xffffffff,
+ .dwHighDateTime = inode->i_last_access_time >> 32};
+ FILETIME lastWriteTime = {.dwLowDateTime = inode->i_last_write_time & 0xffffffff,
+ .dwHighDateTime = inode->i_last_write_time >> 32};
+
+ DEBUG("Calling SetFileTime() on \"%ls\"", path);
+ if (!SetFileTime(h, &creationTime, &lastAccessTime, &lastWriteTime)) {
+ err = GetLastError();
+ CloseHandle(h);
+ goto fail;
+ }
+ DEBUG("Closing \"%ls\"", path);
+ if (!CloseHandle(h)) {
+ err = GetLastError();
+ goto fail;
+ }
+ goto out;
+fail:
+ /* Only warn if setting timestamps failed; still return 0. */
+ WARNING("Can't set timestamps on \"%ls\"", path);
+ win32_error(err);
+out:
+ return 0;
+}
+
+/* Replacement for POSIX fsync() */
+int
+fsync(int fd)
+{
+ DWORD err;
+ HANDLE h;
+
+ h = (HANDLE)_get_osfhandle(fd);
+ if (h == INVALID_HANDLE_VALUE) {
+ err = GetLastError();
+ ERROR("Could not get Windows handle for file descriptor");
+ win32_error(err);
+ errno = EBADF;
+ return -1;
+ }
+ if (!FlushFileBuffers(h)) {
+ err = GetLastError();
+ ERROR("Could not flush file buffers to disk");
+ win32_error(err);
+ errno = EIO;
+ return -1;
+ }
+ return 0;
+}
+
+/* Use the Win32 API to get the number of processors */
+unsigned
+win32_get_number_of_processors()
+{
+ SYSTEM_INFO sysinfo;
+ GetSystemInfo(&sysinfo);
+ return sysinfo.dwNumberOfProcessors;
+}
+
+/* Replacement for POSIX-2008 realpath(). Warning: partial functionality only
+ * (resolved_path must be NULL). Also I highly doubt that GetFullPathName
+ * really does the right thing under all circumstances. */
+wchar_t *
+realpath(const wchar_t *path, wchar_t *resolved_path)
+{
+ DWORD ret;
+ wimlib_assert(resolved_path == NULL);
+ DWORD err;
+
+ ret = GetFullPathNameW(path, 0, NULL, NULL);
+ if (!ret) {
+ err = GetLastError();
+ goto fail_win32;
+ }
+
+ resolved_path = TMALLOC(ret);
+ if (!resolved_path)
+ goto out;
+ ret = GetFullPathNameW(path, ret, resolved_path, NULL);
+ if (!ret) {
+ err = GetLastError();
+ free(resolved_path);
+ resolved_path = NULL;
+ goto fail_win32;
+ }
+ goto out;
+fail_win32:
+ win32_error(err);
+ errno = -1;
+out:
+ return resolved_path;
+}
+
+/* rename() on Windows fails if the destination file exists. And we need to
+ * make it work on wide characters. Fix it. */
+int
+win32_rename_replacement(const wchar_t *oldpath, const wchar_t *newpath)
+{
+ if (MoveFileExW(oldpath, newpath, MOVEFILE_REPLACE_EXISTING)) {
+ return 0;
+ } else {
+ /* As usual, the possible error values are not documented */
+ DWORD err = GetLastError();
+ ERROR("MoveFileEx(): Can't rename \"%ls\" to \"%ls\"",
+ oldpath, newpath);
+ win32_error(err);
+ errno = -1;
+ return -1;
+ }
+}
+
+/* Replacement for POSIX fnmatch() (partial functionality only) */
+int
+fnmatch(const wchar_t *pattern, const wchar_t *string, int flags)
+{
+ if (PathMatchSpecW(string, pattern))
+ return 0;
+ else
+ return FNM_NOMATCH;
+}
+
+/* truncate() replacement */
+int
+win32_truncate_replacement(const wchar_t *path, off_t size)
+{
+ DWORD err = NO_ERROR;
+ LARGE_INTEGER liOffset;
+
+ HANDLE h = win32_open_existing_file(path, GENERIC_WRITE);
+ if (h == INVALID_HANDLE_VALUE)
+ goto fail;
+
+ liOffset.QuadPart = size;
+ if (!SetFilePointerEx(h, liOffset, NULL, FILE_BEGIN))
+ goto fail_close_handle;
+
+ if (!SetEndOfFile(h))
+ goto fail_close_handle;
+ CloseHandle(h);
+ return 0;
+
+fail_close_handle:
+ err = GetLastError();
+ CloseHandle(h);
+fail:
+ if (err == NO_ERROR)
+ err = GetLastError();
+ ERROR("Can't truncate \"%ls\" to %"PRIu64" bytes", path, size);
+ win32_error(err);
+ errno = -1;
+ return -1;
+}
+
+
+/* This really could be replaced with _wcserror_s, but this doesn't seem to
+ * actually be available in MSVCRT.DLL on Windows XP (perhaps it's statically
+ * linked in by Visual Studio...?). */
+extern int
+win32_strerror_r_replacement(int errnum, wchar_t *buf, size_t buflen)
+{
+ static pthread_mutex_t strerror_lock = PTHREAD_MUTEX_INITIALIZER;
+
+ pthread_mutex_lock(&strerror_lock);
+ mbstowcs(buf, strerror(errnum), buflen);
+ buf[buflen - 1] = '\0';
+ pthread_mutex_unlock(&strerror_lock);
+ return 0;
+}