f022e1d0bb1d2646e9edf291f51badd0a66e792c
[wimlib] / src / win32_apply.c
1 /*
2  * win32_apply.c - Windows-specific code for applying files from a WIM image.
3  */
4
5 /*
6  * Copyright (C) 2013 Eric Biggers
7  *
8  * This file is part of wimlib, a library for working with WIM files.
9  *
10  * wimlib is free software; you can redistribute it and/or modify it under the
11  * terms of the GNU General Public License as published by the Free
12  * Software Foundation; either version 3 of the License, or (at your option)
13  * any later version.
14  *
15  * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY
16  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
17  * A PARTICULAR PURPOSE. See the GNU General Public License for more
18  * details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with wimlib; if not, see http://www.gnu.org/licenses/.
22  */
23
24 #ifdef __WIN32__
25
26 #ifdef HAVE_CONFIG_H
27 #  include "config.h"
28 #endif
29
30 #include <aclapi.h> /* for SetSecurityInfo() */
31
32 #include "wimlib/win32_common.h"
33
34 #include "wimlib/apply.h"
35 #include "wimlib/dentry.h"
36 #include "wimlib/endianness.h"
37 #include "wimlib/error.h"
38 #include "wimlib/lookup_table.h"
39 #include "wimlib/metadata.h"
40 #include "wimlib/reparse.h"
41 #include "wimlib/security.h"
42
43 #define MAX_CREATE_HARD_LINK_WARNINGS 5
44 #define MAX_CREATE_SOFT_LINK_WARNINGS 5
45
46 #define MAX_SET_SD_ACCESS_DENIED_WARNINGS 1
47 #define MAX_SET_SACL_PRIV_NOTHELD_WARNINGS 1
48
49 static const wchar_t *apply_access_denied_msg =
50 L"If you are not running this program as the administrator, you may\n"
51  "          need to do so, so that all data and metadata can be extracted\n"
52  "          exactly as the origignal copy.  However, if you do not care that\n"
53  "          the security descriptors are extracted correctly, you could run\n"
54  "          `wimlib-imagex apply' with the --no-acls flag instead.\n"
55  ;
56
57
58 static int
59 win32_extract_try_rpfix(u8 *rpbuf,
60                         u16 *rpbuflen_p,
61                         const wchar_t *extract_root_realpath,
62                         unsigned extract_root_realpath_nchars)
63 {
64         struct reparse_data rpdata;
65         wchar_t *target;
66         size_t target_nchars;
67         size_t stripped_nchars;
68         wchar_t *stripped_target;
69         wchar_t stripped_target_nchars;
70         int ret;
71
72         utf16lechar *new_target;
73         utf16lechar *new_print_name;
74         size_t new_target_nchars;
75         size_t new_print_name_nchars;
76         utf16lechar *p;
77
78         ret = parse_reparse_data(rpbuf, *rpbuflen_p, &rpdata);
79         if (ret)
80                 return ret;
81
82         if (extract_root_realpath[0] == L'\0' ||
83             extract_root_realpath[1] != L':' ||
84             extract_root_realpath[2] != L'\\')
85         {
86                 ERROR("Can't understand full path format \"%ls\".  "
87                       "Try turning reparse point fixups off...",
88                       extract_root_realpath);
89                 return WIMLIB_ERR_REPARSE_POINT_FIXUP_FAILED;
90         }
91
92         ret = parse_substitute_name(rpdata.substitute_name,
93                                     rpdata.substitute_name_nbytes,
94                                     rpdata.rptag);
95         if (ret < 0)
96                 return 0;
97         stripped_nchars = ret;
98         target = rpdata.substitute_name;
99         target_nchars = rpdata.substitute_name_nbytes / sizeof(utf16lechar);
100         stripped_target = target + stripped_nchars;
101         stripped_target_nchars = target_nchars - stripped_nchars;
102
103         new_target = alloca((6 + extract_root_realpath_nchars +
104                              stripped_target_nchars) * sizeof(utf16lechar));
105
106         p = new_target;
107         if (stripped_nchars == 6) {
108                 /* Include \??\ prefix if it was present before */
109                 p = wmempcpy(p, L"\\??\\", 4);
110         }
111
112         /* Print name excludes the \??\ if present. */
113         new_print_name = p;
114         if (stripped_nchars != 0) {
115                 /* Get drive letter from real path to extract root, if a drive
116                  * letter was present before. */
117                 *p++ = extract_root_realpath[0];
118                 *p++ = extract_root_realpath[1];
119         }
120         /* Copy the rest of the extract root */
121         p = wmempcpy(p, extract_root_realpath + 2, extract_root_realpath_nchars - 2);
122
123         /* Append the stripped target */
124         p = wmempcpy(p, stripped_target, stripped_target_nchars);
125         new_target_nchars = p - new_target;
126         new_print_name_nchars = p - new_print_name;
127
128         if (new_target_nchars * sizeof(utf16lechar) >= REPARSE_POINT_MAX_SIZE ||
129             new_print_name_nchars * sizeof(utf16lechar) >= REPARSE_POINT_MAX_SIZE)
130         {
131                 ERROR("Path names too long to do reparse point fixup!");
132                 return WIMLIB_ERR_REPARSE_POINT_FIXUP_FAILED;
133         }
134         rpdata.substitute_name = new_target;
135         rpdata.substitute_name_nbytes = new_target_nchars * sizeof(utf16lechar);
136         rpdata.print_name = new_print_name;
137         rpdata.print_name_nbytes = new_print_name_nchars * sizeof(utf16lechar);
138         return make_reparse_buffer(&rpdata, rpbuf, rpbuflen_p);
139 }
140
141 /* Wrapper around the FSCTL_SET_REPARSE_POINT ioctl to set the reparse data on
142  * an extracted reparse point. */
143 static int
144 win32_set_reparse_data(HANDLE h,
145                        const struct wim_inode *inode,
146                        const struct wim_lookup_table_entry *lte,
147                        const wchar_t *path,
148                        struct apply_args *args)
149 {
150         int ret;
151         u8 rpbuf[REPARSE_POINT_MAX_SIZE] _aligned_attribute(8);
152         DWORD bytesReturned;
153         u16 rpbuflen;
154
155         DEBUG("Setting reparse data on \"%ls\"", path);
156
157         ret = wim_inode_get_reparse_data(inode, rpbuf, &rpbuflen);
158         if (ret)
159                 return ret;
160
161         if (args->extract_flags & WIMLIB_EXTRACT_FLAG_RPFIX &&
162             (inode->i_reparse_tag == WIM_IO_REPARSE_TAG_SYMLINK ||
163              inode->i_reparse_tag == WIM_IO_REPARSE_TAG_MOUNT_POINT) &&
164             !inode->i_not_rpfixed)
165         {
166                 ret = win32_extract_try_rpfix(rpbuf,
167                                               &rpbuflen,
168                                               args->target_realpath,
169                                               args->target_realpath_len);
170                 if (ret)
171                         return WIMLIB_ERR_REPARSE_POINT_FIXUP_FAILED;
172         }
173
174         /* Set the reparse data on the open file using the
175          * FSCTL_SET_REPARSE_POINT ioctl.
176          *
177          * There are contradictions in Microsoft's documentation for this:
178          *
179          * "If hDevice was opened without specifying FILE_FLAG_OVERLAPPED,
180          * lpOverlapped is ignored."
181          *
182          * --- So setting lpOverlapped to NULL is okay since it's ignored.
183          *
184          * "If lpOverlapped is NULL, lpBytesReturned cannot be NULL. Even when an
185          * operation returns no output data and lpOutBuffer is NULL,
186          * DeviceIoControl makes use of lpBytesReturned. After such an
187          * operation, the value of lpBytesReturned is meaningless."
188          *
189          * --- So lpOverlapped not really ignored, as it affects another
190          *  parameter.  This is the actual behavior: lpBytesReturned must be
191          *  specified, even though lpBytesReturned is documented as:
192          *
193          *  "Not used with this operation; set to NULL."
194          */
195         if (!DeviceIoControl(h, FSCTL_SET_REPARSE_POINT, rpbuf,
196                              rpbuflen,
197                              NULL, 0,
198                              &bytesReturned /* lpBytesReturned */,
199                              NULL /* lpOverlapped */))
200         {
201                 DWORD err = GetLastError();
202                 if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
203                 {
204                         args->num_soft_links_failed++;
205                         if (args->num_soft_links_failed <= MAX_CREATE_SOFT_LINK_WARNINGS) {
206                                 WARNING("Can't set reparse data on \"%ls\": Access denied!\n"
207                                         "          You may be trying to extract a symbolic "
208                                         "link without the\n"
209                                         "          SeCreateSymbolicLink privilege, which by "
210                                         "default non-Administrator\n"
211                                         "          accounts do not have.", path);
212                         }
213                         if (args->num_hard_links_failed == MAX_CREATE_HARD_LINK_WARNINGS) {
214                                 WARNING("Suppressing further warnings regarding failure to extract\n"
215                                         "          reparse points due to insufficient privileges...");
216                         }
217                 } else {
218                         ERROR("Failed to set reparse data on \"%ls\"", path);
219                         win32_error(err);
220                         if (inode->i_reparse_tag == WIM_IO_REPARSE_TAG_SYMLINK ||
221                             inode->i_reparse_tag == WIM_IO_REPARSE_TAG_MOUNT_POINT)
222                                 return WIMLIB_ERR_LINK;
223                         else
224                                 return WIMLIB_ERR_WRITE;
225                 }
226         }
227         return 0;
228 }
229
230 /* Wrapper around the FSCTL_SET_COMPRESSION ioctl to change the
231  * FILE_ATTRIBUTE_COMPRESSED flag of a file or directory. */
232 static int
233 win32_set_compression_state(HANDLE hFile, USHORT format, const wchar_t *path)
234 {
235         DWORD bytesReturned;
236         if (!DeviceIoControl(hFile, FSCTL_SET_COMPRESSION,
237                              &format, sizeof(USHORT),
238                              NULL, 0,
239                              &bytesReturned, NULL))
240         {
241                 /* Could be a warning only, but we only call this if the volume
242                  * supports compression.  So I'm calling this an error. */
243                 DWORD err = GetLastError();
244                 ERROR("Failed to set compression flag on \"%ls\"", path);
245                 win32_error(err);
246                 if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
247                         return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
248                 else
249                         return WIMLIB_ERR_WRITE;
250         }
251         return 0;
252 }
253
254 /* Wrapper around FSCTL_SET_SPARSE ioctl to set a file as sparse. */
255 static int
256 win32_set_sparse(HANDLE hFile, const wchar_t *path)
257 {
258         DWORD bytesReturned;
259         if (!DeviceIoControl(hFile, FSCTL_SET_SPARSE,
260                              NULL, 0,
261                              NULL, 0,
262                              &bytesReturned, NULL))
263         {
264                 /* Could be a warning only, but we only call this if the volume
265                  * supports sparse files.  So I'm calling this an error. */
266                 DWORD err = GetLastError();
267                 WARNING("Failed to set sparse flag on \"%ls\"", path);
268                 win32_error(err);
269                 if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
270                         return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
271                 else
272                         return WIMLIB_ERR_WRITE;
273         }
274         return 0;
275 }
276
277 /*
278  * Sets the security descriptor on an extracted file.
279  */
280 static int
281 win32_set_security_data(const struct wim_inode *inode,
282                         HANDLE hFile,
283                         const wchar_t *path,
284                         struct apply_args *args)
285 {
286         PSECURITY_DESCRIPTOR descriptor;
287         unsigned long n;
288         DWORD err;
289         const struct wim_security_data *sd;
290
291         SECURITY_INFORMATION securityInformation = 0;
292
293         void *owner = NULL;
294         void *group = NULL;
295         ACL *dacl = NULL;
296         ACL *sacl = NULL;
297
298         BOOL owner_defaulted;
299         BOOL group_defaulted;
300         BOOL dacl_present;
301         BOOL dacl_defaulted;
302         BOOL sacl_present;
303         BOOL sacl_defaulted;
304
305         sd = wim_const_security_data(args->w);
306         descriptor = sd->descriptors[inode->i_security_id];
307
308         GetSecurityDescriptorOwner(descriptor, &owner, &owner_defaulted);
309         if (owner)
310                 securityInformation |= OWNER_SECURITY_INFORMATION;
311
312         GetSecurityDescriptorGroup(descriptor, &group, &group_defaulted);
313         if (group)
314                 securityInformation |= GROUP_SECURITY_INFORMATION;
315
316         GetSecurityDescriptorDacl(descriptor, &dacl_present,
317                                   &dacl, &dacl_defaulted);
318         if (dacl)
319                 securityInformation |= DACL_SECURITY_INFORMATION;
320
321         GetSecurityDescriptorSacl(descriptor, &sacl_present,
322                                   &sacl, &sacl_defaulted);
323         if (sacl)
324                 securityInformation |= SACL_SECURITY_INFORMATION;
325
326 again:
327         if (securityInformation == 0)
328                 return 0;
329         if (SetSecurityInfo(hFile, SE_FILE_OBJECT,
330                             securityInformation, owner, group, dacl, sacl))
331                 return 0;
332         err = GetLastError();
333         if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS)
334                 goto fail;
335         switch (err) {
336         case ERROR_PRIVILEGE_NOT_HELD:
337                 if (securityInformation & SACL_SECURITY_INFORMATION) {
338                         n = args->num_set_sacl_priv_notheld++;
339                         securityInformation &= ~SACL_SECURITY_INFORMATION;
340                         sacl = NULL;
341                         if (n < MAX_SET_SACL_PRIV_NOTHELD_WARNINGS) {
342                                 WARNING(
343 "We don't have enough privileges to set the full security\n"
344 "          descriptor on \"%ls\"!\n", path);
345                                 if (args->num_set_sd_access_denied +
346                                     args->num_set_sacl_priv_notheld == 1)
347                                 {
348                                         WARNING("%ls", apply_access_denied_msg);
349                                 }
350                                 WARNING("Re-trying with SACL omitted.\n", path);
351                         } else if (n == MAX_SET_SACL_PRIV_NOTHELD_WARNINGS) {
352                                 WARNING(
353 "Suppressing further 'privileges not held' error messages when setting\n"
354 "          security descriptors.");
355                         }
356                         goto again;
357                 }
358                 /* Fall through */
359         case ERROR_INVALID_OWNER:
360         case ERROR_ACCESS_DENIED:
361                 n = args->num_set_sd_access_denied++;
362                 if (n < MAX_SET_SD_ACCESS_DENIED_WARNINGS) {
363                         WARNING("Failed to set security descriptor on \"%ls\": "
364                                 "Access denied!\n", path);
365                         if (args->num_set_sd_access_denied +
366                             args->num_set_sacl_priv_notheld == 1)
367                         {
368                                 WARNING("%ls", apply_access_denied_msg);
369                         }
370                 } else if (n == MAX_SET_SD_ACCESS_DENIED_WARNINGS) {
371                         WARNING(
372 "Suppressing further access denied error messages when setting\n"
373 "          security descriptors");
374                 }
375                 return 0;
376         default:
377 fail:
378                 ERROR("Failed to set security descriptor on \"%ls\"", path);
379                 win32_error(err);
380                 if (err == ERROR_ACCESS_DENIED || err == ERROR_PRIVILEGE_NOT_HELD)
381                         return WIMLIB_ERR_INSUFFICIENT_PRIVILEGES_TO_EXTRACT;
382                 else
383                         return WIMLIB_ERR_WRITE;
384         }
385 }
386
387
388 static int
389 win32_extract_chunk(const void *buf, size_t len, void *arg)
390 {
391         HANDLE hStream = arg;
392
393         DWORD nbytes_written;
394         wimlib_assert(len <= 0xffffffff);
395
396         if (!WriteFile(hStream, buf, len, &nbytes_written, NULL) ||
397             nbytes_written != len)
398         {
399                 DWORD err = GetLastError();
400                 ERROR("WriteFile(): write error");
401                 win32_error(err);
402                 return WIMLIB_ERR_WRITE;
403         }
404         return 0;
405 }
406
407 static int
408 do_win32_extract_stream(HANDLE hStream, const struct wim_lookup_table_entry *lte)
409 {
410         return extract_wim_resource(lte, wim_resource_size(lte),
411                                     win32_extract_chunk, hStream);
412 }
413
414 struct win32_encrypted_extract_ctx {
415         const struct wim_lookup_table_entry *lte;
416         u64 offset;
417 };
418
419 static DWORD WINAPI
420 win32_encrypted_import_cb(unsigned char *data, void *_ctx,
421                           unsigned long *len_p)
422 {
423         struct win32_encrypted_extract_ctx *ctx = _ctx;
424         unsigned long len = *len_p;
425         const struct wim_lookup_table_entry *lte = ctx->lte;
426
427         len = min(len, wim_resource_size(lte) - ctx->offset);
428
429         if (read_partial_wim_resource_into_buf(lte, len, ctx->offset, data))
430                 return ERROR_READ_FAULT;
431
432         ctx->offset += len;
433         *len_p = len;
434         return ERROR_SUCCESS;
435 }
436
437 /* Create an encrypted file and extract the raw encrypted data to it.
438  *
439  * @path:  Path to encrypted file to create.
440  * @lte:   WIM lookup_table entry for the raw encrypted data.
441  *
442  * This is separate from do_win32_extract_stream() because the WIM is supposed
443  * to contain the *raw* encrypted data, which needs to be extracted ("imported")
444  * using the special APIs OpenEncryptedFileRawW(), WriteEncryptedFileRaw(), and
445  * CloseEncryptedFileRaw().
446  *
447  * Returns 0 on success; nonzero on failure.
448  */
449 static int
450 do_win32_extract_encrypted_stream(const wchar_t *path,
451                                   const struct wim_lookup_table_entry *lte)
452 {
453         void *file_ctx;
454         int ret;
455
456         DEBUG("Opening file \"%ls\" to extract raw encrypted data", path);
457
458         ret = OpenEncryptedFileRawW(path, CREATE_FOR_IMPORT, &file_ctx);
459         if (ret) {
460                 ERROR("Failed to open \"%ls\" to write raw encrypted data", path);
461                 win32_error(ret);
462                 return WIMLIB_ERR_OPEN;
463         }
464
465         if (lte) {
466                 struct win32_encrypted_extract_ctx ctx;
467
468                 ctx.lte = lte;
469                 ctx.offset = 0;
470                 ret = WriteEncryptedFileRaw(win32_encrypted_import_cb, &ctx, file_ctx);
471                 if (ret == ERROR_SUCCESS) {
472                         ret = 0;
473                 } else {
474                         ret = WIMLIB_ERR_WRITE;
475                         ERROR("Failed to extract encrypted file \"%ls\"", path);
476                 }
477         }
478         CloseEncryptedFileRaw(file_ctx);
479         return ret;
480 }
481
482 static bool
483 path_is_root_of_drive(const wchar_t *path)
484 {
485         if (*path == L'\0')
486                 return false;
487
488         if (!wcsncmp(path, L"\\\\?\\", 4))
489                 path += 4;
490
491         if (*path != L'/' && *path != L'\\') {
492                 if (*(path + 1) == L':')
493                         path += 2;
494                 else
495                         return false;
496         }
497         while (*path == L'/' || *path == L'\\')
498                 path++;
499         return (*path == L'\0');
500 }
501
502 static inline DWORD
503 win32_mask_attributes(DWORD i_attributes)
504 {
505         return i_attributes & ~(FILE_ATTRIBUTE_SPARSE_FILE |
506                                 FILE_ATTRIBUTE_COMPRESSED |
507                                 FILE_ATTRIBUTE_REPARSE_POINT |
508                                 FILE_ATTRIBUTE_DIRECTORY |
509                                 FILE_ATTRIBUTE_ENCRYPTED |
510                                 FILE_FLAG_DELETE_ON_CLOSE |
511                                 FILE_FLAG_NO_BUFFERING |
512                                 FILE_FLAG_OPEN_NO_RECALL |
513                                 FILE_FLAG_OVERLAPPED |
514                                 FILE_FLAG_RANDOM_ACCESS |
515                                 /*FILE_FLAG_SESSION_AWARE |*/
516                                 FILE_FLAG_SEQUENTIAL_SCAN |
517                                 FILE_FLAG_WRITE_THROUGH);
518 }
519
520 static inline DWORD
521 win32_get_create_flags_and_attributes(DWORD i_attributes)
522 {
523         /*
524          * Some attributes cannot be set by passing them to CreateFile().  In
525          * particular:
526          *
527          * FILE_ATTRIBUTE_DIRECTORY:
528          *   CreateDirectory() must be called instead of CreateFile().
529          *
530          * FILE_ATTRIBUTE_SPARSE_FILE:
531          *   Needs an ioctl.
532          *   See: win32_set_sparse().
533          *
534          * FILE_ATTRIBUTE_COMPRESSED:
535          *   Not clear from the documentation, but apparently this needs an
536          *   ioctl as well.
537          *   See: win32_set_compressed().
538          *
539          * FILE_ATTRIBUTE_REPARSE_POINT:
540          *   Needs an ioctl, with the reparse data specified.
541          *   See: win32_set_reparse_data().
542          *
543          * In addition, clear any file flags in the attributes that we don't
544          * want, but also specify FILE_FLAG_OPEN_REPARSE_POINT and
545          * FILE_FLAG_BACKUP_SEMANTICS as we are a backup application.
546          */
547         return win32_mask_attributes(i_attributes) |
548                 FILE_FLAG_OPEN_REPARSE_POINT |
549                 FILE_FLAG_BACKUP_SEMANTICS;
550 }
551
552 /* Set compression and/or sparse attributes on a stream, if supported by the
553  * volume. */
554 static int
555 win32_set_special_stream_attributes(HANDLE hFile, const struct wim_inode *inode,
556                                     struct wim_lookup_table_entry *unnamed_stream_lte,
557                                     const wchar_t *path, unsigned vol_flags)
558 {
559         int ret;
560
561         if (inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED) {
562                 if (vol_flags & FILE_FILE_COMPRESSION) {
563                         ret = win32_set_compression_state(hFile,
564                                                           COMPRESSION_FORMAT_DEFAULT,
565                                                           path);
566                         if (ret)
567                                 return ret;
568                 } else {
569                         DEBUG("Cannot set compression attribute on \"%ls\": "
570                               "volume does not support transparent compression",
571                               path);
572                 }
573         }
574
575         if (inode->i_attributes & FILE_ATTRIBUTE_SPARSE_FILE) {
576                 if (vol_flags & FILE_SUPPORTS_SPARSE_FILES) {
577                         DEBUG("Setting sparse flag on \"%ls\"", path);
578                         ret = win32_set_sparse(hFile, path);
579                         if (ret)
580                                 return ret;
581                 } else {
582                         DEBUG("Cannot set sparse attribute on \"%ls\": "
583                               "volume does not support sparse files",
584                               path);
585                 }
586         }
587         return 0;
588 }
589
590 /* Pre-create directories; extract encrypted streams */
591 static int
592 win32_begin_extract_unnamed_stream(const struct wim_inode *inode,
593                                    const struct wim_lookup_table_entry *lte,
594                                    const wchar_t *path,
595                                    DWORD *creationDisposition_ret,
596                                    unsigned int vol_flags)
597 {
598         DWORD err;
599         int ret;
600
601         /* Directories must be created with CreateDirectoryW().  Then the call
602          * to CreateFileW() will merely open the directory that was already
603          * created rather than creating a new file. */
604         if (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY) {
605                 if (!path_is_root_of_drive(path)) {
606                         if (!CreateDirectoryW(path, NULL)) {
607                                 err = GetLastError();
608                                 if (err != ERROR_ALREADY_EXISTS) {
609                                         ERROR("Failed to create directory \"%ls\"",
610                                               path);
611                                         win32_error(err);
612                                         return WIMLIB_ERR_MKDIR;
613                                 }
614                         }
615                         DEBUG("Created directory \"%ls\"", path);
616                 }
617                 *creationDisposition_ret = OPEN_EXISTING;
618         }
619         if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED &&
620             vol_flags & FILE_SUPPORTS_ENCRYPTION)
621         {
622                 if (inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY) {
623                         unsigned remaining_sharing_violations = 100;
624                         while (!EncryptFile(path)) {
625                                 if (remaining_sharing_violations &&
626                                     err == ERROR_SHARING_VIOLATION)
627                                 {
628                                         WARNING("Couldn't encrypt directory \"%ls\" "
629                                                 "due to sharing violation; re-trying "
630                                                 "after 100 ms", path);
631                                         Sleep(100);
632                                         remaining_sharing_violations--;
633                                 } else {
634                                         err = GetLastError();
635                                         ERROR("Failed to encrypt directory \"%ls\"",
636                                               path);
637                                         win32_error(err);
638                                         return WIMLIB_ERR_WRITE;
639                                 }
640                         }
641                 } else {
642                         ret = do_win32_extract_encrypted_stream(path, lte);
643                         if (ret)
644                                 return ret;
645                         DEBUG("Extracted encrypted file \"%ls\"", path);
646                 }
647                 *creationDisposition_ret = OPEN_EXISTING;
648         }
649
650         /* Set file attributes if we created the file.  Otherwise, we haven't
651          * created the file set and we will set the attributes in the call to
652          * CreateFileW().
653          *
654          * The FAT filesystem does not let you change the attributes of the root
655          * directory, so treat that as a special case and do not set attributes.
656          * */
657         if (*creationDisposition_ret == OPEN_EXISTING &&
658             !path_is_root_of_drive(path))
659         {
660                 if (!SetFileAttributesW(path,
661                                         win32_mask_attributes(inode->i_attributes)))
662                 {
663                         err = GetLastError();
664                         ERROR("Failed to set attributes on \"%ls\"", path);
665                         win32_error(err);
666                         return WIMLIB_ERR_WRITE;
667                 }
668         }
669         return 0;
670 }
671
672 /* Set security descriptor and extract stream data or reparse data (skip the
673  * unnamed data stream of encrypted files, which was already extracted). */
674 static int
675 win32_finish_extract_stream(HANDLE h, const struct wim_dentry *dentry,
676                             const struct wim_lookup_table_entry *lte,
677                             const wchar_t *stream_path,
678                             const wchar_t *stream_name_utf16,
679                             struct apply_args *args)
680 {
681         int ret = 0;
682         const struct wim_inode *inode = dentry->d_inode;
683         if (stream_name_utf16 == NULL) {
684                 /* Unnamed stream. */
685
686                 /* Set security descriptor, unless the extract_flags indicate
687                  * not to or the volume does not supported it.  Note that this
688                  * is only done when the unnamed stream is being extracted, as
689                  * security descriptors are per-file and not per-stream. */
690                 if (inode->i_security_id >= 0 &&
691                     !(args->extract_flags & WIMLIB_EXTRACT_FLAG_NO_ACLS)
692                     && (args->vol_flags & FILE_PERSISTENT_ACLS))
693                 {
694                         ret = win32_set_security_data(inode, h, stream_path, args);
695                         if (ret)
696                                 return ret;
697                 }
698
699                 /* Handle reparse points.  The data for them needs to be set
700                  * using a special ioctl.  Note that the reparse point may have
701                  * been created using CreateFileW() in the case of
702                  * non-directories or CreateDirectoryW() in the case of
703                  * directories; but the ioctl works either way.  Also, it is
704                  * only this step that actually sets the
705                  * FILE_ATTRIBUTE_REPARSE_POINT, as it is not valid to set it
706                  * using SetFileAttributesW() or CreateFileW().
707                  *
708                  * If the volume does not support reparse points we simply
709                  * ignore the reparse data.  (N.B. the code currently doesn't
710                  * actually reach this case because reparse points are skipped
711                  * entirely on such volumes.) */
712                 if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT) {
713                         if (args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS) {
714                                 ret = win32_set_reparse_data(h, inode,
715                                                              lte, stream_path,
716                                                              args);
717                                 if (ret)
718                                         return ret;
719                         } else {
720                                 DEBUG("Cannot set reparse data on \"%ls\": volume "
721                                       "does not support reparse points", stream_path);
722                         }
723                 } else if (lte != NULL &&
724                            !(args->vol_flags & FILE_SUPPORTS_ENCRYPTION &&
725                              inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED))
726                 {
727                         /* Extract the data of the unnamed stream, unless the
728                          * lookup table entry is NULL (indicating an empty
729                          * stream for which no data needs to be extracted), or
730                          * the stream is encrypted and therefore was already
731                          * extracted as a special case. */
732                         ret = do_win32_extract_stream(h, lte);
733                         if (ret)
734                                 return ret;
735                 }
736
737                 if (dentry_has_short_name(dentry) && !dentry->dos_name_invalid)
738                         SetFileShortNameW(h, dentry->short_name);
739                 else if (running_on_windows_7_or_later())
740                         SetFileShortNameW(h, L"");
741         } else {
742                 /* Extract the data for a named data stream. */
743                 if (lte != NULL) {
744                         DEBUG("Extracting named data stream \"%ls\" (len = %"PRIu64")",
745                               stream_path, wim_resource_size(lte));
746                         ret = do_win32_extract_stream(h, lte);
747                 }
748         }
749         return ret;
750 }
751
752 static int
753 win32_decrypt_file(HANDLE open_handle, const wchar_t *path)
754 {
755         DWORD err;
756         /* We cannot call DecryptFileW() while there is an open handle to the
757          * file.  So close it first. */
758         if (!CloseHandle(open_handle)) {
759                 err = GetLastError();
760                 ERROR("Failed to close handle for \"%ls\"", path);
761                 win32_error(err);
762                 return WIMLIB_ERR_WRITE;
763         }
764         if (!DecryptFileW(path, 0 /* reserved parameter; set to 0 */)) {
765                 err = GetLastError();
766                 ERROR("Failed to decrypt file \"%ls\"", path);
767                 win32_error(err);
768                 return WIMLIB_ERR_WRITE;
769         }
770         return 0;
771 }
772
773 /*
774  * Create and extract a stream to a file, or create a directory, using the
775  * Windows API.
776  *
777  * This handles reparse points, directories, alternate data streams, encrypted
778  * files, compressed files, etc.
779  *
780  * @dentry: WIM dentry for the file or directory being extracted.
781  *
782  * @path:  Path to extract the file to.
783  *
784  * @stream_name_utf16:
785  *         Name of the stream, or NULL if the stream is unnamed.  This will
786  *         be called with a NULL stream_name_utf16 before any non-NULL
787  *         stream_name_utf16's.
788  *
789  * @lte:   WIM lookup table entry for the stream.  May be NULL to indicate
790  *         a stream of length 0.
791  *
792  * @args:  Additional apply context, including flags indicating supported
793  *         volume features.
794  *
795  * Returns 0 on success; nonzero on failure.
796  */
797 static int
798 win32_extract_stream(const struct wim_dentry *dentry,
799                      const wchar_t *path,
800                      const wchar_t *stream_name_utf16,
801                      struct wim_lookup_table_entry *lte,
802                      struct apply_args *args)
803 {
804         wchar_t *stream_path;
805         HANDLE h;
806         int ret;
807         DWORD err;
808         DWORD creationDisposition = CREATE_ALWAYS;
809         DWORD requestedAccess;
810         BY_HANDLE_FILE_INFORMATION file_info;
811         unsigned remaining_sharing_violations = 1000;
812         const struct wim_inode *inode = dentry->d_inode;
813
814         if (stream_name_utf16) {
815                 /* Named stream.  Create a buffer that contains the UTF-16LE
816                  * string [./]path:stream_name_utf16.  This is needed to
817                  * create and open the stream using CreateFileW().  I'm not
818                  * aware of any other APIs to do this.  Note: the '$DATA' suffix
819                  * seems to be unneeded.  Additional note: a "./" prefix needs
820                  * to be added when the path is not absolute to avoid ambiguity
821                  * with drive letters. */
822                 size_t stream_path_nchars;
823                 size_t path_nchars;
824                 size_t stream_name_nchars;
825                 const wchar_t *prefix;
826
827                 path_nchars = wcslen(path);
828                 stream_name_nchars = wcslen(stream_name_utf16);
829                 stream_path_nchars = path_nchars + 1 + stream_name_nchars;
830                 if (path[0] != cpu_to_le16(L'\0') &&
831                     path[0] != cpu_to_le16(L'/') &&
832                     path[0] != cpu_to_le16(L'\\') &&
833                     path[1] != cpu_to_le16(L':'))
834                 {
835                         prefix = L"./";
836                         stream_path_nchars += 2;
837                 } else {
838                         prefix = L"";
839                 }
840                 stream_path = alloca((stream_path_nchars + 1) * sizeof(wchar_t));
841                 swprintf(stream_path, L"%ls%ls:%ls",
842                          prefix, path, stream_name_utf16);
843         } else {
844                 /* Unnamed stream; its path is just the path to the file itself.
845                  * */
846                 stream_path = (wchar_t*)path;
847
848                 ret = win32_begin_extract_unnamed_stream(inode, lte, path,
849                                                          &creationDisposition,
850                                                          args->vol_flags);
851                 if (ret)
852                         goto fail;
853         }
854
855         DEBUG("Opening \"%ls\"", stream_path);
856         /* DELETE access is needed for SetFileShortNameW(), for some reason. */
857         requestedAccess = GENERIC_READ | GENERIC_WRITE | DELETE |
858                           ACCESS_SYSTEM_SECURITY;
859 try_open_again:
860         /* Open the stream to be extracted.  Depending on what we have set
861          * creationDisposition to, we may be creating this for the first time,
862          * or we may be opening on existing stream we already created using
863          * CreateDirectoryW() or OpenEncryptedFileRawW(). */
864         h = CreateFileW(stream_path,
865                         requestedAccess,
866                         FILE_SHARE_READ,
867                         NULL,
868                         creationDisposition,
869                         win32_get_create_flags_and_attributes(inode->i_attributes),
870                         NULL);
871         if (h == INVALID_HANDLE_VALUE) {
872                 err = GetLastError();
873                 if (err == ERROR_ACCESS_DENIED &&
874                     path_is_root_of_drive(stream_path))
875                 {
876                         ret = 0;
877                         goto out;
878                 }
879                 if ((err == ERROR_PRIVILEGE_NOT_HELD ||
880                      err == ERROR_ACCESS_DENIED) &&
881                     (requestedAccess & ACCESS_SYSTEM_SECURITY))
882                 {
883                         /* Try opening the file again without privilege to
884                          * modify SACL. */
885                         requestedAccess &= ~ACCESS_SYSTEM_SECURITY;
886                         goto try_open_again;
887                 }
888                 if (err == ERROR_SHARING_VIOLATION) {
889                         if (remaining_sharing_violations) {
890                                 --remaining_sharing_violations;
891                                 /* This can happen when restoring encrypted directories
892                                  * for some reason.  Probably a bug in EncryptFile(). */
893                                 WARNING("Couldn't open \"%ls\" due to sharing violation; "
894                                         "re-trying after 100ms", stream_path);
895                                 Sleep(100);
896                                 goto try_open_again;
897                         } else {
898                                 ERROR("Too many sharing violations; giving up...");
899                         }
900                 } else {
901                         if (creationDisposition == OPEN_EXISTING)
902                                 ERROR("Failed to open \"%ls\"", stream_path);
903                         else
904                                 ERROR("Failed to create \"%ls\"", stream_path);
905                         win32_error(err);
906                 }
907                 ret = WIMLIB_ERR_OPEN;
908                 goto fail;
909         }
910
911         /* Check the attributes of the file we just opened, and remove
912          * encryption or compression if either was set by default but is not
913          * supposed to be set based on the WIM inode attributes. */
914         if (!GetFileInformationByHandle(h, &file_info)) {
915                 err = GetLastError();
916                 ERROR("Failed to get attributes of \"%ls\"", stream_path);
917                 win32_error(err);
918                 ret = WIMLIB_ERR_STAT;
919                 goto fail_close_handle;
920         }
921
922         /* Remove encryption? */
923         if (file_info.dwFileAttributes & FILE_ATTRIBUTE_ENCRYPTED &&
924             !(inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED))
925         {
926                 /* File defaulted to encrypted due to being in an encrypted
927                  * directory, but is not actually supposed to be encrypted.
928                  *
929                  * This is a workaround, because I'm not aware of any way to
930                  * directly (e.g. with CreateFileW()) create an unencrypted file
931                  * in a directory with FILE_ATTRIBUTE_ENCRYPTED set. */
932                 ret = win32_decrypt_file(h, stream_path);
933                 if (ret)
934                         goto fail; /* win32_decrypt_file() closed the handle. */
935                 creationDisposition = OPEN_EXISTING;
936                 goto try_open_again;
937         }
938
939         /* Remove compression? */
940         if (file_info.dwFileAttributes & FILE_ATTRIBUTE_COMPRESSED &&
941             !(inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED))
942         {
943                 /* Similar to the encrypted case, above, if the file defaulted
944                  * to compressed due to being in an compressed directory, but is
945                  * not actually supposed to be compressed, explicitly set the
946                  * compression format to COMPRESSION_FORMAT_NONE. */
947                 ret = win32_set_compression_state(h, COMPRESSION_FORMAT_NONE,
948                                                   stream_path);
949                 if (ret)
950                         goto fail_close_handle;
951         }
952
953         /* Set compression and/or sparse attributes if needed */
954         ret = win32_set_special_stream_attributes(h, inode, lte, path,
955                                                   args->vol_flags);
956
957         if (ret)
958                 goto fail_close_handle;
959
960         /* At this point we have at least created the needed stream with the
961          * appropriate attributes.  We have yet to set the appropriate security
962          * descriptor and actually extract the stream data (other than for
963          * extracted files, which were already extracted).
964          * win32_finish_extract_stream() handles these additional steps. */
965         ret = win32_finish_extract_stream(h, dentry, lte, stream_path,
966                                           stream_name_utf16, args);
967         if (ret)
968                 goto fail_close_handle;
969
970         /* Done extracting the stream.  Close the handle and return. */
971         DEBUG("Closing \"%ls\"", stream_path);
972         if (!CloseHandle(h)) {
973                 err = GetLastError();
974                 ERROR("Failed to close \"%ls\"", stream_path);
975                 win32_error(err);
976                 ret = WIMLIB_ERR_WRITE;
977                 goto fail;
978         }
979         ret = 0;
980         goto out;
981 fail_close_handle:
982         CloseHandle(h);
983 fail:
984         ERROR("Error extracting \"%ls\"", stream_path);
985 out:
986         return ret;
987 }
988
989 /*
990  * Creates a file, directory, or reparse point and extracts all streams to it
991  * (unnamed data stream and/or reparse point stream, plus any alternate data
992  * streams).  Handles sparse, compressed, and/or encrypted files.
993  *
994  * @dentry:     WIM dentry for this file or directory.
995  * @path:       UTF-16LE external path to extract the inode to.
996  * @args:       Additional extraction context.
997  *
998  * Returns 0 on success; nonzero on failure.
999  */
1000 static int
1001 win32_extract_streams(const struct wim_dentry *dentry,
1002                       const wchar_t *path, struct apply_args *args)
1003 {
1004         struct wim_lookup_table_entry *unnamed_lte;
1005         int ret;
1006         const struct wim_inode *inode = dentry->d_inode;
1007
1008         /* First extract the unnamed stream. */
1009
1010         unnamed_lte = inode_unnamed_lte_resolved(inode);
1011         ret = win32_extract_stream(dentry, path, NULL, unnamed_lte, args);
1012         if (ret)
1013                 goto out;
1014
1015         /* Extract any named streams, if supported by the volume. */
1016
1017         if (!(args->vol_flags & FILE_NAMED_STREAMS))
1018                 goto out;
1019         for (u16 i = 0; i < inode->i_num_ads; i++) {
1020                 const struct wim_ads_entry *ads_entry = &inode->i_ads_entries[i];
1021
1022                 /* Skip the unnamed stream if it's in the ADS entries (we
1023                  * already extracted it...) */
1024                 if (ads_entry->stream_name_nbytes == 0)
1025                         continue;
1026
1027                 /* Skip special UNIX data entries (see documentation for
1028                  * WIMLIB_ADD_FLAG_UNIX_DATA) */
1029                 if (ads_entry->stream_name_nbytes == WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES
1030                     && !memcmp(ads_entry->stream_name,
1031                                WIMLIB_UNIX_DATA_TAG_UTF16LE,
1032                                WIMLIB_UNIX_DATA_TAG_UTF16LE_NBYTES))
1033                         continue;
1034
1035                 /* Extract the named stream */
1036                 ret = win32_extract_stream(dentry,
1037                                            path,
1038                                            ads_entry->stream_name,
1039                                            ads_entry->lte,
1040                                            args);
1041                 if (ret)
1042                         break;
1043         }
1044 out:
1045         return ret;
1046 }
1047
1048 static int
1049 dentry_clear_inode_visited(struct wim_dentry *dentry, void *_ignore)
1050 {
1051         dentry->d_inode->i_visited = 0;
1052         return 0;
1053 }
1054
1055 static int
1056 dentry_get_features(struct wim_dentry *dentry, void *_features_p)
1057 {
1058         DWORD features = 0;
1059         DWORD *features_p = _features_p;
1060         struct wim_inode *inode = dentry->d_inode;
1061
1062         if (inode->i_visited) {
1063                 features |= FILE_SUPPORTS_HARD_LINKS;
1064         } else {
1065                 inode->i_visited = 1;
1066                 if (inode->i_attributes & FILE_ATTRIBUTE_SPARSE_FILE)
1067                         features |= FILE_SUPPORTS_SPARSE_FILES;
1068                 if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)
1069                         features |= FILE_SUPPORTS_REPARSE_POINTS;
1070                 for (unsigned i = 0; i < inode->i_num_ads; i++)
1071                         if (inode->i_ads_entries[i].stream_name_nbytes)
1072                                 features |= FILE_NAMED_STREAMS;
1073                 if (inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED)
1074                         features |= FILE_SUPPORTS_ENCRYPTION;
1075                 if (inode->i_attributes & FILE_ATTRIBUTE_COMPRESSED)
1076                         features |= FILE_FILE_COMPRESSION;
1077                 if (inode->i_security_id != -1)
1078                         features |= FILE_PERSISTENT_ACLS;
1079         }
1080         *features_p |= features;
1081         return 0;
1082 }
1083
1084 /* If not done already, load the supported feature flags for the volume onto
1085  * which the image is being extracted, and warn the user about any missing
1086  * features that could be important. */
1087 static int
1088 win32_check_vol_flags(const wchar_t *output_path,
1089                       struct wim_dentry *root, struct apply_args *args)
1090 {
1091         DWORD dentry_features = 0;
1092         DWORD missing_features;
1093
1094         if (args->have_vol_flags)
1095                 return 0;
1096
1097         for_dentry_in_tree(root, dentry_clear_inode_visited, NULL);
1098         for_dentry_in_tree(root, dentry_get_features, &dentry_features);
1099
1100         win32_get_vol_flags(output_path, &args->vol_flags);
1101         args->have_vol_flags = true;
1102
1103         missing_features = dentry_features & ~args->vol_flags;
1104
1105         /* Warn the user about data that may not be extracted. */
1106         if (missing_features & FILE_SUPPORTS_SPARSE_FILES)
1107                 WARNING("Volume does not support sparse files!\n"
1108                         "          Sparse files will be extracted as non-sparse.");
1109         if (missing_features & FILE_SUPPORTS_REPARSE_POINTS)
1110                 WARNING("Volume does not support reparse points!\n"
1111                         "          Reparse point data will not be extracted.");
1112         if (missing_features & FILE_NAMED_STREAMS) {
1113                 WARNING("Volume does not support named data streams!\n"
1114                         "          Named data streams will not be extracted.");
1115         }
1116         if (missing_features & FILE_SUPPORTS_ENCRYPTION) {
1117                 WARNING("Volume does not support encryption!\n"
1118                         "          Encrypted files will be extracted as raw data.");
1119         }
1120         if (missing_features & FILE_FILE_COMPRESSION) {
1121                 WARNING("Volume does not support transparent compression!\n"
1122                         "          Compressed files will be extracted as non-compressed.");
1123         }
1124         if (missing_features & FILE_PERSISTENT_ACLS) {
1125                 if (args->extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS) {
1126                         ERROR("Strict ACLs requested, but the volume does not "
1127                               "support ACLs!");
1128                         return WIMLIB_ERR_VOLUME_LACKS_FEATURES;
1129                 } else {
1130                         WARNING("Volume does not support persistent ACLS!\n"
1131                                 "          File permissions will not be extracted.");
1132                 }
1133         }
1134         if (running_on_windows_7_or_later() &&
1135             (missing_features & FILE_SUPPORTS_HARD_LINKS))
1136         {
1137                 WARNING("Volume does not support hard links!\n"
1138                         "          Hard links will be extracted as duplicate files.");
1139         }
1140         return 0;
1141 }
1142
1143 /*
1144  * Try extracting a hard link.
1145  *
1146  * @output_path:  Path to link to be extracted.
1147  *
1148  * @inode:        WIM inode that the link is to; inode->i_extracted_file
1149  *                the path to a name of the file that has already been
1150  *                extracted (we use this to create the hard link).
1151  *
1152  * @args:         Additional apply context, used here to keep track of
1153  *                the number of times creating a hard link failed due to
1154  *                ERROR_INVALID_FUNCTION.  This error should indicate that hard
1155  *                links are not supported by the volume, and we would like to
1156  *                warn the user a few times, but not too many times.
1157  *
1158  * Returns 0 if the hard link was successfully extracted.  Returns
1159  * WIMLIB_ERR_LINK (> 0) if an error occurred, other than hard links possibly
1160  * being unsupported by the volume.  Returns a negative value if creating the
1161  * hard link failed due to ERROR_INVALID_FUNCTION.
1162  */
1163 static int
1164 win32_try_hard_link(const wchar_t *output_path, const struct wim_inode *inode,
1165                     struct apply_args *args)
1166 {
1167         DWORD err;
1168
1169         /* There is a volume flag for this (FILE_SUPPORTS_HARD_LINKS),
1170          * but it's only available on Windows 7 and later.
1171          *
1172          * Otherwise, CreateHardLinkW() will apparently return
1173          * ERROR_INVALID_FUNCTION if the volume does not support hard links. */
1174
1175         DEBUG("Creating hard link \"%ls => %ls\"",
1176               output_path, inode->i_extracted_file);
1177
1178         if (running_on_windows_7_or_later() &&
1179             !(args->vol_flags & FILE_SUPPORTS_HARD_LINKS))
1180                 goto hard_links_unsupported;
1181
1182         if (CreateHardLinkW(output_path, inode->i_extracted_file, NULL))
1183                 return 0;
1184
1185         err = GetLastError();
1186         if (err != ERROR_INVALID_FUNCTION) {
1187                 ERROR("Can't create hard link \"%ls => %ls\"",
1188                       output_path, inode->i_extracted_file);
1189                 win32_error(err);
1190                 return WIMLIB_ERR_LINK;
1191         }
1192 hard_links_unsupported:
1193         args->num_hard_links_failed++;
1194         if (args->num_hard_links_failed <= MAX_CREATE_HARD_LINK_WARNINGS) {
1195                 if (running_on_windows_7_or_later())
1196                 {
1197                         WARNING("Extracting duplicate copy of \"%ls\" "
1198                                 "rather than hard link", output_path);
1199                 } else {
1200                         WARNING("Can't create hard link \"%ls\" => \"%ls\":\n"
1201                                 "          Volume does not support hard links!\n"
1202                                 "          Falling back to extracting a copy of the file.",
1203                                 output_path, inode->i_extracted_file);
1204                 }
1205         }
1206         if (args->num_hard_links_failed == MAX_CREATE_HARD_LINK_WARNINGS)
1207                 WARNING("Suppressing further hard linking warnings...");
1208         return -1;
1209 }
1210
1211 /* Extract a file, directory, reparse point, or hard link to an
1212  * already-extracted file using the Win32 API */
1213 int
1214 win32_do_apply_dentry(const wchar_t *output_path,
1215                       size_t output_path_num_chars,
1216                       struct wim_dentry *dentry,
1217                       struct apply_args *args)
1218 {
1219         int ret;
1220         struct wim_inode *inode = dentry->d_inode;
1221
1222         ret = win32_check_vol_flags(output_path, dentry, args);
1223         if (ret)
1224                 return ret;
1225         if (inode->i_nlink > 1 && inode->i_extracted_file != NULL) {
1226                 /* Linked file, with another name already extracted.  Create a
1227                  * hard link. */
1228                 ret = win32_try_hard_link(output_path, inode, args);
1229                 if (ret >= 0)
1230                         return ret;
1231                 /* Negative return value from win32_try_hard_link() indicates
1232                  * that hard links are probably not supported by the volume.
1233                  * Fall back to extracting a copy of the file. */
1234         }
1235
1236         /* If this is a reparse point and the volume does not support reparse
1237          * points, just skip it completely. */
1238         if (inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT &&
1239             !(args->vol_flags & FILE_SUPPORTS_REPARSE_POINTS))
1240         {
1241                 WARNING("Not extracting reparse point \"%ls\"", output_path);
1242                 dentry->not_extracted = 1;
1243         } else {
1244                 /* Create the file, directory, or reparse point, and extract the
1245                  * data streams. */
1246                 ret = win32_extract_streams(dentry, output_path, args);
1247                 if (ret)
1248                         return ret;
1249         }
1250         if (inode->i_extracted_file == NULL) {
1251                 const struct wim_lookup_table_entry *lte;
1252
1253                 /* Tally bytes extracted, including all alternate data streams,
1254                  * unless we extracted a hard link (or, at least extracted a
1255                  * name that was supposed to be a hard link) */
1256                 for (unsigned i = 0; i <= inode->i_num_ads; i++) {
1257                         lte = inode_stream_lte_resolved(inode, i);
1258                         if (lte)
1259                                 args->progress.extract.completed_bytes +=
1260                                                         wim_resource_size(lte);
1261                 }
1262                 if (inode->i_nlink > 1) {
1263                         /* Save extracted path for a later call to
1264                          * CreateHardLinkW() if this inode has multiple links.
1265                          * */
1266                         inode->i_extracted_file = WCSDUP(output_path);
1267                         if (!inode->i_extracted_file)
1268                                 return WIMLIB_ERR_NOMEM;
1269                 }
1270         }
1271         return 0;
1272 }
1273
1274 /* Set timestamps on an extracted file using the Win32 API */
1275 int
1276 win32_do_apply_dentry_timestamps(const wchar_t *path,
1277                                  size_t path_num_chars,
1278                                  struct wim_dentry *dentry,
1279                                  struct apply_args *args)
1280 {
1281         DWORD err;
1282         HANDLE h;
1283         const struct wim_inode *inode = dentry->d_inode;
1284
1285         /* Windows doesn't let you change the timestamps of the root directory
1286          * (at least on FAT, which is dumb but expected since FAT doesn't store
1287          * any metadata about the root directory...) */
1288         if (path_is_root_of_drive(path))
1289                 return 0;
1290
1291         DEBUG("Opening \"%ls\" to set timestamps", path);
1292         h = win32_open_existing_file(path, FILE_WRITE_ATTRIBUTES);
1293         if (h == INVALID_HANDLE_VALUE) {
1294                 err = GetLastError();
1295                 goto fail;
1296         }
1297
1298         FILETIME creationTime = {.dwLowDateTime = inode->i_creation_time & 0xffffffff,
1299                                  .dwHighDateTime = inode->i_creation_time >> 32};
1300         FILETIME lastAccessTime = {.dwLowDateTime = inode->i_last_access_time & 0xffffffff,
1301                                   .dwHighDateTime = inode->i_last_access_time >> 32};
1302         FILETIME lastWriteTime = {.dwLowDateTime = inode->i_last_write_time & 0xffffffff,
1303                                   .dwHighDateTime = inode->i_last_write_time >> 32};
1304
1305         DEBUG("Calling SetFileTime() on \"%ls\"", path);
1306         if (!SetFileTime(h, &creationTime, &lastAccessTime, &lastWriteTime)) {
1307                 err = GetLastError();
1308                 CloseHandle(h);
1309                 goto fail;
1310         }
1311         DEBUG("Closing \"%ls\"", path);
1312         if (!CloseHandle(h)) {
1313                 err = GetLastError();
1314                 goto fail;
1315         }
1316         goto out;
1317 fail:
1318         /* Only warn if setting timestamps failed; still return 0. */
1319         WARNING("Can't set timestamps on \"%ls\"", path);
1320         win32_error(err);
1321 out:
1322         return 0;
1323 }
1324
1325 #endif /* __WIN32__ */