Windows: improved error messages
[wimlib] / src / win32_apply.c
index 39e7d40..630a77f 100644 (file)
@@ -3,22 +3,20 @@
  */
 
 /*
- * Copyright (C) 2013, 2014 Eric Biggers
+ * Copyright (C) 2013, 2014, 2015 Eric Biggers
  *
- * This file is part of wimlib, a library for working with WIM files.
+ * This file is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 3 of the License, or (at your option) any
+ * later version.
  *
- * wimlib is free software; you can redistribute it and/or modify it under the
- * terms of the GNU General Public License as published by the Free
- * Software Foundation; either version 3 of the License, or (at your option)
- * any later version.
- *
- * wimlib is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
- * A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * This file is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
  * details.
  *
- * You should have received a copy of the GNU General Public License
- * along with wimlib; if not, see http://www.gnu.org/licenses/.
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this file; if not, see http://www.gnu.org/licenses/.
  */
 
 #ifdef __WIN32__
 #include "wimlib/win32_common.h"
 
 #include "wimlib/apply.h"
+#include "wimlib/assert.h"
 #include "wimlib/capture.h" /* for mangle_pat() and match_pattern_list()  */
 #include "wimlib/dentry.h"
 #include "wimlib/error.h"
 #include "wimlib/lookup_table.h"
 #include "wimlib/metadata.h"
+#include "wimlib/paths.h"
 #include "wimlib/reparse.h"
 #include "wimlib/textfile.h"
 #include "wimlib/xml.h"
+#include "wimlib/wildcard.h"
 #include "wimlib/wimboot.h"
 
 struct win32_apply_ctx {
@@ -127,7 +128,10 @@ struct win32_apply_ctx {
        unsigned long no_security_descriptors;
 
        /* Number of files for which we couldn't set the short name.  */
-       unsigned long num_short_name_failures;
+       unsigned long num_set_short_name_failures;
+
+       /* Number of files for which we couldn't remove the short name.  */
+       unsigned long num_remove_short_name_failures;
 
        /* Have we tried to enable short name support on the target volume yet?
         */
@@ -174,11 +178,9 @@ get_vol_flags(const wchar_t *target, DWORD *vol_flags_ret,
                                  vol_flags_ret, filesystem_name,
                                  ARRAY_LEN(filesystem_name)))
        {
-               DWORD err = GetLastError();
-               set_errno_from_win32_error(err);
-               WARNING_WITH_ERRNO("Failed to get volume information for "
-                                  "\"%ls\" (err=%"PRIu32")",
-                                  target, (u32)err);
+               win32_warning(GetLastError(),
+                             L"Failed to get volume information for \"%ls\"",
+                             target);
                return;
        }
 
@@ -193,6 +195,30 @@ get_vol_flags(const wchar_t *target, DWORD *vol_flags_ret,
        }
 }
 
+static const wchar_t *
+current_path(struct win32_apply_ctx *ctx);
+
+static void
+build_extraction_path(const struct wim_dentry *dentry,
+                     struct win32_apply_ctx *ctx);
+
+static int
+report_dentry_apply_error(const struct wim_dentry *dentry,
+                         struct win32_apply_ctx *ctx, int ret)
+{
+       build_extraction_path(dentry, ctx);
+       return report_apply_error(&ctx->common, ret, current_path(ctx));
+}
+
+static inline int
+check_apply_error(const struct wim_dentry *dentry,
+                 struct win32_apply_ctx *ctx, int ret)
+{
+       if (unlikely(ret))
+               ret = report_dentry_apply_error(dentry, ctx, ret);
+       return ret;
+}
+
 static int
 win32_get_supported_features(const wchar_t *target,
                             struct wim_features *supported_features)
@@ -298,12 +324,11 @@ load_prepopulate_pats(struct win32_apply_ctx *ctx)
        return 0;
 }
 
-/* Returns %true if the path to @dentry matches a pattern in [PrepopulateList]
- * of WimBootCompress.ini.  Otherwise returns %false.
- *
- * @dentry must have had its full path calculated.  */
+/* Returns %true if the specified absolute path to a file in the WIM image
+ * matches a pattern in [PrepopulateList] of WimBootCompress.ini.  Otherwise
+ * returns %false.  */
 static bool
-in_prepopulate_list(struct wim_dentry *dentry,
+in_prepopulate_list(const wchar_t *path, size_t path_nchars,
                    const struct win32_apply_ctx *ctx)
 {
        const struct string_set *pats = ctx->wimboot.prepopulate_pats;
@@ -311,47 +336,61 @@ in_prepopulate_list(struct wim_dentry *dentry,
        if (!pats || !pats->num_strings)
                return false;
 
-       return match_pattern_list(dentry->_full_path,
-                                 wcslen(dentry->_full_path), pats);
+       return match_pattern_list(path, path_nchars, pats);
 }
 
-static const wchar_t *
-current_path(struct win32_apply_ctx *ctx);
+/* Returns %true if the specified absolute path to a file in the WIM image can
+ * be subject to external backing when extracted.  Otherwise returns %false.  */
+static bool
+can_externally_back_path(const wchar_t *path, size_t path_nchars,
+                        const struct win32_apply_ctx *ctx)
+{
+       if (in_prepopulate_list(path, path_nchars, ctx))
+               return false;
 
-static void
-build_extraction_path(const struct wim_dentry *dentry,
-                     struct win32_apply_ctx *ctx);
+       /* Since we attempt to modify the SYSTEM registry after it's extracted
+        * (see end_wimboot_extraction()), it can't be extracted as externally
+        * backed.  This extends to associated files such as SYSTEM.LOG that
+        * also must be writable in order to write to the registry.  Normally,
+        * SYSTEM is in [PrepopulateList], and the SYSTEM.* files match patterns
+        * in [ExclusionList] and therefore are not captured in the WIM at all.
+        * However, a WIM that wasn't specifically captured in "WIMBoot mode"
+        * may contain SYSTEM.* files.  So to make things "just work", hard-code
+        * the pattern.  */
+       if (match_path(path, path_nchars, L"\\Windows\\System32\\config\\SYSTEM*",
+                      OS_PREFERRED_PATH_SEPARATOR, false))
+               return false;
+
+       return true;
+}
 
 #define WIM_BACKING_NOT_ENABLED                -1
 #define WIM_BACKING_NOT_POSSIBLE       -2
 #define WIM_BACKING_EXCLUDED           -3
 
-/*
- * Determines if the unnamed data stream of a file will be created as an
- * external backing, as opposed to a standard extraction.
- */
 static int
-win32_will_externally_back(struct wim_dentry *dentry, struct apply_ctx *_ctx)
+will_externally_back_inode(struct wim_inode *inode, struct win32_apply_ctx *ctx,
+                          const struct wim_dentry **excluded_dentry_ret)
 {
-       struct win32_apply_ctx *ctx = (struct win32_apply_ctx *)_ctx;
+       struct list_head *next;
+       struct wim_dentry *dentry;
        struct wim_lookup_table_entry *stream;
        int ret;
 
-       if (!(ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_WIMBOOT))
-               return WIM_BACKING_NOT_ENABLED;
+       if (inode->i_can_externally_back)
+               return 0;
 
-       if (!ctx->wimboot.tried_to_load_prepopulate_list) {
-               ret = load_prepopulate_pats(ctx);
-               if (ret == WIMLIB_ERR_NOMEM)
-                       return ret;
-       }
+       /* This may do redundant checks because the cached value
+        * i_can_externally_back is 2-state (as opposed to 3-state:
+        * unknown/no/yes).  But most files can be externally backed, so this
+        * way is fine.  */
 
-       if (dentry->d_inode->i_attributes & (FILE_ATTRIBUTE_DIRECTORY |
-                                            FILE_ATTRIBUTE_REPARSE_POINT |
-                                            FILE_ATTRIBUTE_ENCRYPTED))
+       if (inode->i_attributes & (FILE_ATTRIBUTE_DIRECTORY |
+                                  FILE_ATTRIBUTE_REPARSE_POINT |
+                                  FILE_ATTRIBUTE_ENCRYPTED))
                return WIM_BACKING_NOT_POSSIBLE;
 
-       stream = inode_unnamed_lte_resolved(dentry->d_inode);
+       stream = inode_unnamed_lte_resolved(inode);
 
        if (!stream ||
            stream->resource_location != RESOURCE_IN_WIM ||
@@ -359,35 +398,72 @@ win32_will_externally_back(struct wim_dentry *dentry, struct apply_ctx *_ctx)
            stream->size != stream->rspec->uncompressed_size)
                return WIM_BACKING_NOT_POSSIBLE;
 
-       ret = calculate_dentry_full_path(dentry);
-       if (ret)
-               return ret;
+       /*
+        * We need to check the patterns in [PrepopulateList] against every name
+        * of the inode, in case any of them match.
+        */
+       next = inode->i_extraction_aliases.next;
+       do {
+               dentry = list_entry(next, struct wim_dentry,
+                                   d_extraction_alias_node);
+
+               ret = calculate_dentry_full_path(dentry);
+               if (ret)
+                       return ret;
 
-       if (in_prepopulate_list(dentry, ctx))
-               return WIM_BACKING_EXCLUDED;
+               if (!can_externally_back_path(dentry->_full_path,
+                                             wcslen(dentry->_full_path), ctx))
+               {
+                       if (excluded_dentry_ret)
+                               *excluded_dentry_ret = dentry;
+                       return WIM_BACKING_EXCLUDED;
+               }
+               next = next->next;
+       } while (next != &inode->i_extraction_aliases);
 
+       inode->i_can_externally_back = 1;
        return 0;
 }
 
+/*
+ * Determines if the unnamed data stream of a file will be created as an
+ * external backing, as opposed to a standard extraction.
+ */
+static int
+win32_will_externally_back(struct wim_dentry *dentry, struct apply_ctx *_ctx)
+{
+       struct win32_apply_ctx *ctx = (struct win32_apply_ctx *)_ctx;
+
+       if (!(ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_WIMBOOT))
+               return WIM_BACKING_NOT_ENABLED;
+
+       if (!ctx->wimboot.tried_to_load_prepopulate_list)
+               if (load_prepopulate_pats(ctx) == WIMLIB_ERR_NOMEM)
+                       return WIMLIB_ERR_NOMEM;
+
+       return will_externally_back_inode(dentry->d_inode, ctx, NULL);
+}
+
 static int
-set_external_backing(HANDLE h, struct wim_dentry *dentry, struct win32_apply_ctx *ctx)
+set_external_backing(HANDLE h, struct wim_inode *inode, struct win32_apply_ctx *ctx)
 {
        int ret;
+       const struct wim_dentry *excluded_dentry;
 
-       ret = win32_will_externally_back(dentry, &ctx->common);
+       ret = will_externally_back_inode(inode, ctx, &excluded_dentry);
        if (ret > 0) /* Error.  */
                return ret;
 
        if (ret < 0 && ret != WIM_BACKING_EXCLUDED)
                return 0; /* Not externally backing, other than due to exclusion.  */
 
-       build_extraction_path(dentry, ctx);
-
-       if (ret == WIM_BACKING_EXCLUDED) {
+       if (unlikely(ret == WIM_BACKING_EXCLUDED)) {
                /* Not externally backing due to exclusion.  */
                union wimlib_progress_info info;
 
-               info.wimboot_exclude.path_in_wim = dentry->_full_path;
+               build_extraction_path(excluded_dentry, ctx);
+
+               info.wimboot_exclude.path_in_wim = excluded_dentry->_full_path;
                info.wimboot_exclude.extraction_path = current_path(ctx);
 
                return call_progress(ctx->common.progfunc,
@@ -395,12 +471,20 @@ set_external_backing(HANDLE h, struct wim_dentry *dentry, struct win32_apply_ctx
                                     &info, ctx->common.progctx);
        } else {
                /* Externally backing.  */
-               return wimboot_set_pointer(h,
-                                          current_path(ctx),
-                                          inode_unnamed_lte_resolved(dentry->d_inode),
-                                          ctx->wimboot.data_source_id,
-                                          ctx->wimboot.wim_lookup_table_hash,
-                                          ctx->wimboot.wof_running);
+               if (unlikely(!wimboot_set_pointer(h,
+                                                 inode_unnamed_lte_resolved(inode),
+                                                 ctx->wimboot.data_source_id,
+                                                 ctx->wimboot.wim_lookup_table_hash,
+                                                 ctx->wimboot.wof_running)))
+               {
+                       const DWORD err = GetLastError();
+
+                       build_extraction_path(inode_first_extraction_dentry(inode), ctx);
+                       win32_error(err, L"\"%ls\": Couldn't set WIMBoot pointer data",
+                                   current_path(ctx));
+                       return WIMLIB_ERR_WIMBOOT;
+               }
+               return 0;
        }
 }
 
@@ -420,11 +504,9 @@ start_wimboot_extraction(struct win32_apply_ctx *ctx)
        int ret;
        WIMStruct *wim = ctx->common.wim;
 
-       if (!ctx->wimboot.tried_to_load_prepopulate_list) {
-               ret = load_prepopulate_pats(ctx);
-               if (ret == WIMLIB_ERR_NOMEM)
-                       return ret;
-       }
+       if (!ctx->wimboot.tried_to_load_prepopulate_list)
+               if (load_prepopulate_pats(ctx) == WIMLIB_ERR_NOMEM)
+                       return WIMLIB_ERR_NOMEM;
 
        if (!wim_info_get_wimboot(wim->wim_info, wim->current_image))
                WARNING("Image is not marked as WIMBoot compatible!");
@@ -507,10 +589,9 @@ out_unload_key:
 out_check_res:
        if (res) {
                /* Warning only.  */
-               set_errno_from_win32_error(res);
-               WARNING_WITH_ERRNO("Failed to set \\Setup: dword \"WimBoot\"=1 value "
-                                  "in registry hive \"%ls\" (err=%"PRIu32")",
-                                  ctx->pathbuf.Buffer, (u32)res);
+               win32_warning(res, L"Failed to set \\Setup: dword \"WimBoot\"=1 "
+                             "value in registry hive \"%ls\"",
+                             ctx->pathbuf.Buffer);
        }
 out:
        return 0;
@@ -677,26 +758,19 @@ current_path(struct win32_apply_ctx *ctx)
        return ctx->print_buffer;
 }
 
-/*
- * Ensures the target directory exists and opens a handle to it, in preparation
- * of using paths relative to it.
- */
+/* Open handle to the target directory if it is not already open.  If the target
+ * directory does not exist, this creates it.  */
 static int
-prepare_target(struct list_head *dentry_list, struct win32_apply_ctx *ctx)
+open_target_directory(struct win32_apply_ctx *ctx)
 {
-       int ret;
        NTSTATUS status;
-       size_t path_max;
-
-       /* Open handle to the target directory (possibly creating it).  */
 
-       ret = win32_path_to_nt_path(ctx->common.target, &ctx->target_ntpath);
-       if (ret)
-               return ret;
+       if (ctx->h_target)
+               return 0;
 
        ctx->attr.Length = sizeof(ctx->attr);
+       ctx->attr.RootDirectory = NULL;
        ctx->attr.ObjectName = &ctx->target_ntpath;
-
        status = (*func_NtCreateFile)(&ctx->h_target,
                                      FILE_TRAVERSE,
                                      &ctx->attr,
@@ -710,29 +784,56 @@ prepare_target(struct list_head *dentry_list, struct win32_apply_ctx *ctx)
                                              FILE_OPEN_FOR_BACKUP_INTENT,
                                      NULL,
                                      0);
-
        if (!NT_SUCCESS(status)) {
-               set_errno_from_nt_status(status);
-               ERROR_WITH_ERRNO("Can't open or create directory \"%ls\" "
-                                "(status=0x%08"PRIx32")",
-                                ctx->common.target, (u32)status);
+               winnt_error(status, L"Can't open or create directory \"%ls\"",
+                           ctx->common.target);
                return WIMLIB_ERR_OPENDIR;
        }
+       ctx->attr.RootDirectory = ctx->h_target;
+       ctx->attr.ObjectName = &ctx->pathbuf;
+       return 0;
+}
 
-       path_max = compute_path_max(dentry_list);
+static void
+close_target_directory(struct win32_apply_ctx *ctx)
+{
+       if (ctx->h_target) {
+               (*func_NtClose)(ctx->h_target);
+               ctx->h_target = NULL;
+               ctx->attr.RootDirectory = NULL;
+       }
+}
+
+/*
+ * Ensures the target directory exists and opens a handle to it, in preparation
+ * of using paths relative to it.
+ */
+static int
+prepare_target(struct list_head *dentry_list, struct win32_apply_ctx *ctx)
+{
+       int ret;
+       size_t path_max;
+
+       ret = win32_path_to_nt_path(ctx->common.target, &ctx->target_ntpath);
+       if (ret)
+               return ret;
+
+       ret = open_target_directory(ctx);
+       if (ret)
+               return ret;
 
-       /* Add some extra for building Win32 paths for the file encryption APIs
-        * ...  */
-       path_max += 2 + (ctx->target_ntpath.Length / sizeof(wchar_t));
+       path_max = compute_path_max(dentry_list);
+       /* Add some extra for building Win32 paths for the file encryption APIs,
+        * and ensure we have at least enough to potentially use a 8.3 name for
+        * the last component.  */
+       path_max += max(2 + (ctx->target_ntpath.Length / sizeof(wchar_t)),
+                       8 + 1 + 3);
 
        ctx->pathbuf.MaximumLength = path_max * sizeof(wchar_t);
        ctx->pathbuf.Buffer = MALLOC(ctx->pathbuf.MaximumLength);
        if (!ctx->pathbuf.Buffer)
                return WIMLIB_ERR_NOMEM;
 
-       ctx->attr.RootDirectory = ctx->h_target;
-       ctx->attr.ObjectName = &ctx->pathbuf;
-
        ctx->print_buffer = MALLOC((ctx->common.target_nchars + 1 + path_max + 1) *
                                   sizeof(wchar_t));
        if (!ctx->print_buffer)
@@ -815,81 +916,11 @@ adjust_compression_attribute(HANDLE h, const struct wim_dentry *dentry,
        if (NT_SUCCESS(status))
                return 0;
 
-       set_errno_from_nt_status(status);
-       ERROR_WITH_ERRNO("Can't %s compression attribute on \"%ls\" "
-                        "(status=0x%08"PRIx32")",
-                        (compressed ? "set" : "clear"),
-                        current_path(ctx), status);
+       winnt_error(status, L"Can't %s compression attribute on \"%ls\"",
+                   (compressed ? "set" : "clear"), current_path(ctx));
        return WIMLIB_ERR_SET_ATTRIBUTES;
 }
 
-/*
- * Clear FILE_ATTRIBUTE_ENCRYPTED if the file or directory is not supposed to be
- * encrypted.
- *
- * You can provide FILE_ATTRIBUTE_ENCRYPTED to NtCreateFile() to set it on the
- * created file.  However, the file or directory will otherwise default to the
- * encryption state of the parent directory.  This function works around this
- * limitation by using DecryptFile() to remove FILE_ATTRIBUTE_ENCRYPTED on files
- * (and directories) that are not supposed to have it set.
- *
- * Regardless of whether it succeeds or fails, this function may close the
- * handle to the file.  If it does, it sets it to NULL.
- */
-static int
-maybe_clear_encryption_attribute(HANDLE *h_ptr, const struct wim_dentry *dentry,
-                                struct win32_apply_ctx *ctx)
-{
-       if (dentry->d_inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED)
-               return 0;
-
-       if (ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_NO_ATTRIBUTES)
-               return 0;
-
-       if (!ctx->common.supported_features.encrypted_files)
-               return 0;
-
-       FILE_BASIC_INFORMATION info;
-       NTSTATUS status;
-       BOOL bret;
-
-       /* Get current attributes  */
-       status = (*func_NtQueryInformationFile)(*h_ptr, &ctx->iosb,
-                                               &info, sizeof(info),
-                                               FileBasicInformation);
-       if (NT_SUCCESS(status) &&
-           !(info.FileAttributes & FILE_ATTRIBUTE_ENCRYPTED))
-       {
-               /* Nothing needs to be done.  */
-               return 0;
-       }
-
-       /* Set the new encryption state  */
-
-       /* Due to Windows' crappy file encryption APIs, we need to close the
-        * handle to the file so we don't get ERROR_SHARING_VIOLATION.  We also
-        * hack together a Win32 path, although we will use the \\?\ prefix so
-        * it will actually be a NT path in disguise...  */
-       (*func_NtClose)(*h_ptr);
-       *h_ptr = NULL;
-
-       build_win32_extraction_path(dentry, ctx);
-
-       bret = DecryptFile(ctx->pathbuf.Buffer, 0);
-
-       /* Restore the NT namespace path  */
-       build_extraction_path(dentry, ctx);
-
-       if (!bret) {
-               DWORD err = GetLastError();
-               set_errno_from_win32_error(err);
-               ERROR_WITH_ERRNO("Can't decrypt file \"%ls\" (err=%"PRIu32")",
-                                 current_path(ctx), (u32)err);
-               return WIMLIB_ERR_SET_ATTRIBUTES;
-       }
-       return 0;
-}
-
 /* Try to enable short name support on the target volume.  If successful, return
  * true.  If unsuccessful, issue a warning and return false.  */
 static bool
@@ -922,11 +953,77 @@ try_to_enable_short_names(const wchar_t *volume)
        return true;
 
 fail:
-       WARNING("Failed to enable short name support on %ls "
-               "(err=%"PRIu32")", volume + 4, (u32)GetLastError());
+       win32_warning(GetLastError(),
+                     L"Failed to enable short name support on %ls",
+                     volume + 4);
        return false;
 }
 
+static NTSTATUS
+remove_conflicting_short_name(const struct wim_dentry *dentry, struct win32_apply_ctx *ctx)
+{
+       wchar_t *name;
+       wchar_t *end;
+       NTSTATUS status;
+       HANDLE h;
+       size_t bufsize = offsetof(FILE_NAME_INFORMATION, FileName) +
+                        (13 * sizeof(wchar_t));
+       u8 buf[bufsize] _aligned_attribute(8);
+       bool retried = false;
+       FILE_NAME_INFORMATION *info = (FILE_NAME_INFORMATION *)buf;
+
+       memset(buf, 0, bufsize);
+
+       /* Build the path with the short name.  */
+       name = &ctx->pathbuf.Buffer[ctx->pathbuf.Length / sizeof(wchar_t)];
+       while (name != ctx->pathbuf.Buffer && *(name - 1) != L'\\')
+               name--;
+       end = mempcpy(name, dentry->short_name, dentry->short_name_nbytes);
+       ctx->pathbuf.Length = ((u8 *)end - (u8 *)ctx->pathbuf.Buffer);
+
+       /* Open the conflicting file (by short name).  */
+       status = (*func_NtOpenFile)(&h, GENERIC_WRITE | DELETE,
+                                   &ctx->attr, &ctx->iosb,
+                                   FILE_SHARE_VALID_FLAGS,
+                                   FILE_OPEN_REPARSE_POINT | FILE_OPEN_FOR_BACKUP_INTENT);
+       if (!NT_SUCCESS(status)) {
+               winnt_warning(status, L"Can't open \"%ls\"", current_path(ctx));
+               goto out;
+       }
+
+#if 0
+       WARNING("Overriding conflicting short name; path=\"%ls\"",
+               current_path(ctx));
+#endif
+
+       /* Try to remove the short name on the conflicting file.  */
+
+retry:
+       status = (*func_NtSetInformationFile)(h, &ctx->iosb, info, bufsize,
+                                             FileShortNameInformation);
+
+       if (status == STATUS_INVALID_PARAMETER && !retried) {
+
+               /* Microsoft forgot to make it possible to remove short names
+                * until Windows 7.  Oops.  Use a random short name instead.  */
+
+               info->FileNameLength = 12 * sizeof(wchar_t);
+               for (int i = 0; i < 8; i++)
+                       info->FileName[i] = 'A' + (rand() % 26);
+               info->FileName[8] = L'.';
+               info->FileName[9] = L'W';
+               info->FileName[10] = L'L';
+               info->FileName[11] = L'B';
+               info->FileName[12] = L'\0';
+               retried = true;
+               goto retry;
+       }
+       (*func_NtClose)(h);
+out:
+       build_extraction_path(dentry, ctx);
+       return status;
+}
+
 /* Set the short name on the open file @h which has been created at the location
  * indicated by @dentry.
  *
@@ -963,6 +1060,7 @@ set_short_name(HANDLE h, const struct wim_dentry *dentry,
        u8 buf[bufsize] _aligned_attribute(8);
        FILE_NAME_INFORMATION *info = (FILE_NAME_INFORMATION *)buf;
        NTSTATUS status;
+       bool tried_to_remove_existing = false;
 
        memset(buf, 0, bufsize);
 
@@ -993,20 +1091,42 @@ retry:
                }
        }
 
+       /*
+        * Short names can conflict in several cases:
+        *
+        * - a file being extracted has a short name conflicting with an
+        *   existing file
+        *
+        * - a file being extracted has a short name conflicting with another
+        *   file being extracted (possible, but shouldn't happen)
+        *
+        * - a file being extracted has a short name that conflicts with the
+        *   automatically generated short name of a file we previously
+        *   extracted, but failed to set the short name for.  Sounds unlikely,
+        *   but this actually does happen fairly often on versions of Windows
+        *   prior to Windows 7 because they do not support removing short names
+        *   from files.
+        */
+       if (unlikely(status == STATUS_OBJECT_NAME_COLLISION) &&
+           dentry->short_name_nbytes && !tried_to_remove_existing)
+       {
+               tried_to_remove_existing = true;
+               status = remove_conflicting_short_name(dentry, ctx);
+               if (NT_SUCCESS(status))
+                       goto retry;
+       }
+
        /* By default, failure to set short names is not an error (since short
         * names aren't too important anymore...).  */
        if (!(ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_SHORT_NAMES)) {
-               ctx->num_short_name_failures++;
+               if (dentry->short_name_nbytes)
+                       ctx->num_set_short_name_failures++;
+               else
+                       ctx->num_remove_short_name_failures++;
                return 0;
        }
 
-       if (status == STATUS_SHORT_NAMES_NOT_ENABLED_ON_VOLUME) {
-               ERROR("Can't set short name when short "
-                     "names are not enabled on the volume!");
-       } else {
-               ERROR("Can't set short name on \"%ls\" (status=0x%08"PRIx32")",
-                     current_path(ctx), (u32)status);
-       }
+       winnt_error(status, L"Can't set short name on \"%ls\"", current_path(ctx));
        return WIMLIB_ERR_SET_SHORT_NAME;
 }
 
@@ -1063,6 +1183,116 @@ create_file(PHANDLE FileHandle,
                              ctx);
 }
 
+static int
+delete_file_or_stream(struct win32_apply_ctx *ctx)
+{
+       NTSTATUS status;
+       HANDLE h;
+       FILE_DISPOSITION_INFORMATION disposition_info;
+       FILE_BASIC_INFORMATION basic_info;
+       bool retried = false;
+
+       status = do_create_file(&h,
+                               DELETE,
+                               NULL,
+                               0,
+                               FILE_OPEN,
+                               FILE_NON_DIRECTORY_FILE,
+                               ctx);
+       if (unlikely(!NT_SUCCESS(status))) {
+               winnt_error(status, L"Can't open \"%ls\" for deletion",
+                           current_path(ctx));
+               return WIMLIB_ERR_OPEN;
+       }
+
+retry:
+       disposition_info.DoDeleteFile = TRUE;
+       status = (*func_NtSetInformationFile)(h, &ctx->iosb,
+                                             &disposition_info,
+                                             sizeof(disposition_info),
+                                             FileDispositionInformation);
+       (*func_NtClose)(h);
+       if (likely(NT_SUCCESS(status)))
+               return 0;
+
+       if (status == STATUS_CANNOT_DELETE && !retried) {
+               /* Clear file attributes and try again.  This is necessary for
+                * FILE_ATTRIBUTE_READONLY files.  */
+               status = do_create_file(&h,
+                                       FILE_WRITE_ATTRIBUTES | DELETE,
+                                       NULL,
+                                       0,
+                                       FILE_OPEN,
+                                       FILE_NON_DIRECTORY_FILE,
+                                       ctx);
+               if (!NT_SUCCESS(status)) {
+                       winnt_error(status,
+                                   L"Can't open \"%ls\" to reset attributes",
+                                   current_path(ctx));
+                       return WIMLIB_ERR_OPEN;
+               }
+               memset(&basic_info, 0, sizeof(basic_info));
+               basic_info.FileAttributes = FILE_ATTRIBUTE_NORMAL;
+               status = (*func_NtSetInformationFile)(h, &ctx->iosb,
+                                                     &basic_info,
+                                                     sizeof(basic_info),
+                                                     FileBasicInformation);
+               if (!NT_SUCCESS(status)) {
+                       winnt_error(status,
+                                   L"Can't reset file attributes on \"%ls\"",
+                                   current_path(ctx));
+                       (*func_NtClose)(h);
+                       return WIMLIB_ERR_SET_ATTRIBUTES;
+               }
+               retried = true;
+               goto retry;
+       }
+       winnt_error(status, L"Can't delete \"%ls\"", current_path(ctx));
+       return WIMLIB_ERR_OPEN;
+}
+
+/*
+ * Create a nondirectory file or named data stream at the current path,
+ * superseding any that already exists at that path.  If successful, return an
+ * open handle to the file or named data stream.
+ */
+static int
+supersede_file_or_stream(struct win32_apply_ctx *ctx, HANDLE *h_ret)
+{
+       NTSTATUS status;
+       bool retried = false;
+
+       /* FILE_ATTRIBUTE_SYSTEM is needed to ensure that
+        * FILE_ATTRIBUTE_ENCRYPTED doesn't get set before we want it to be.  */
+retry:
+       status = do_create_file(h_ret,
+                               GENERIC_READ | GENERIC_WRITE | DELETE,
+                               NULL,
+                               FILE_ATTRIBUTE_SYSTEM,
+                               FILE_CREATE,
+                               FILE_NON_DIRECTORY_FILE,
+                               ctx);
+       if (likely(NT_SUCCESS(status)))
+               return 0;
+
+       /* STATUS_OBJECT_NAME_COLLISION means that the file or stream already
+        * exists.  Delete the existing file or stream, then try again.
+        *
+        * Note: we don't use FILE_OVERWRITE_IF or FILE_SUPERSEDE because of
+        * problems with certain file attributes, especially
+        * FILE_ATTRIBUTE_ENCRYPTED.  FILE_SUPERSEDE is also broken in the
+        * Windows PE ramdisk.  */
+       if (status == STATUS_OBJECT_NAME_COLLISION && !retried) {
+               int ret = delete_file_or_stream(ctx);
+               if (ret)
+                       return ret;
+               retried = true;
+               goto retry;
+       }
+       winnt_error(status, L"Can't create \"%ls\"", current_path(ctx));
+       return WIMLIB_ERR_OPEN;
+}
+
 /* Create empty named data streams.
  *
  * Since these won't have 'struct wim_lookup_table_entry's, they won't show up
@@ -1073,7 +1303,6 @@ create_any_empty_ads(const struct wim_dentry *dentry,
                     struct win32_apply_ctx *ctx)
 {
        const struct wim_inode *inode = dentry->d_inode;
-       LARGE_INTEGER allocation_size;
        bool path_modified = false;
        int ret = 0;
 
@@ -1082,7 +1311,6 @@ create_any_empty_ads(const struct wim_dentry *dentry,
 
        for (u16 i = 0; i < inode->i_num_ads; i++) {
                const struct wim_ads_entry *entry;
-               NTSTATUS status;
                HANDLE h;
 
                entry = &inode->i_ads_entries[i];
@@ -1095,25 +1323,14 @@ create_any_empty_ads(const struct wim_dentry *dentry,
                if (entry->lte)
                        continue;
 
-               /* Probably setting the allocation size to 0 has no effect, but
-                * we might as well try.  */
-               allocation_size.QuadPart = 0;
-
                build_extraction_path_with_ads(dentry, ctx,
                                               entry->stream_name,
                                               entry->stream_name_nbytes /
                                                        sizeof(wchar_t));
                path_modified = true;
-               status = do_create_file(&h, FILE_WRITE_DATA, &allocation_size,
-                                       0, FILE_SUPERSEDE, 0, ctx);
-               if (!NT_SUCCESS(status)) {
-                       set_errno_from_nt_status(status);
-                       ERROR_WITH_ERRNO("Can't create \"%ls\" "
-                                        "(status=0x%08"PRIx32")",
-                                        current_path(ctx), (u32)status);
-                       ret = WIMLIB_ERR_OPEN;
+               ret = supersede_file_or_stream(ctx, &h);
+               if (ret)
                        break;
-               }
                (*func_NtClose)(h);
        }
        /* Restore the path to the dentry itself  */
@@ -1136,28 +1353,18 @@ create_directory(const struct wim_dentry *dentry,
        HANDLE h;
        NTSTATUS status;
        int ret;
-       ULONG attrib;
 
-       /* Special attributes:
+       /* DELETE is needed for set_short_name(); GENERIC_READ and GENERIC_WRITE
+        * are needed for adjust_compression_attribute().
         *
-        * Use FILE_ATTRIBUTE_ENCRYPTED if the directory needs to have it set.
-        * This doesn't work for FILE_ATTRIBUTE_COMPRESSED (unfortunately).
-        *
-        * Don't specify FILE_ATTRIBUTE_DIRECTORY; it gets set anyway as a
-        * result of the FILE_DIRECTORY_FILE option.  */
-       attrib = (dentry->d_inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED);
-
-       /* DELETE is needed for set_short_name().
-        * GENERIC_READ and GENERIC_WRITE are needed for
-        * adjust_compression_attribute().  */
+        * FILE_ATTRIBUTE_SYSTEM is needed to ensure that
+        * FILE_ATTRIBUTE_ENCRYPTED doesn't get set before we want it to be.  */
        status = create_file(&h, GENERIC_READ | GENERIC_WRITE | DELETE, NULL,
-                            attrib, FILE_OPEN_IF, FILE_DIRECTORY_FILE,
+                            FILE_ATTRIBUTE_SYSTEM, FILE_OPEN_IF, FILE_DIRECTORY_FILE,
                             dentry, ctx);
        if (!NT_SUCCESS(status)) {
-               set_errno_from_nt_status(status);
-               ERROR_WITH_ERRNO("Can't create directory \"%ls\" "
-                                "(status=0x%08"PRIx32")",
-                                current_path(ctx), (u32)status);
+               winnt_error(status, L"Can't create directory \"%ls\"",
+                           current_path(ctx));
                return WIMLIB_ERR_MKDIR;
        }
 
@@ -1166,12 +1373,7 @@ create_directory(const struct wim_dentry *dentry,
        if (!ret)
                ret = adjust_compression_attribute(h, dentry, ctx);
 
-       if (!ret)
-               ret = maybe_clear_encryption_attribute(&h, dentry, ctx);
-               /* May close the handle!!! */
-
-       if (h)
-               (*func_NtClose)(h);
+       (*func_NtClose)(h);
        return ret;
 }
 
@@ -1202,10 +1404,12 @@ create_directories(struct list_head *dentry_list,
                 * in prepare_target().  */
                if (!dentry_is_root(dentry)) {
                        ret = create_directory(dentry, ctx);
+                       ret = check_apply_error(dentry, ctx, ret);
                        if (ret)
                                return ret;
 
                        ret = create_any_empty_ads(dentry, ctx);
+                       ret = check_apply_error(dentry, ctx, ret);
                        if (ret)
                                return ret;
                }
@@ -1222,116 +1426,36 @@ create_directories(struct list_head *dentry_list,
  *
  * On success, returns an open handle to the file in @h_ret, with GENERIC_READ,
  * GENERIC_WRITE, and DELETE access.  Also, the path to the file will be saved
- * in ctx->pathbuf.  On failure, returns WIMLIB_ERR_OPEN.
+ * in ctx->pathbuf.  On failure, returns an error code.
  */
 static int
 create_nondirectory_inode(HANDLE *h_ret, const struct wim_dentry *dentry,
                          struct win32_apply_ctx *ctx)
 {
-       const struct wim_inode *inode;
-       ULONG attrib;
-       NTSTATUS status;
-       bool retried = false;
-
-       inode = dentry->d_inode;
+       int ret;
+       HANDLE h;
 
-       /* If the file already exists and has FILE_ATTRIBUTE_SYSTEM and/or
-        * FILE_ATTRIBUTE_HIDDEN, these must be specified in order to supersede
-        * the file.
-        *
-        * Normally the user shouldn't be trying to overwrite such files anyway,
-        * but we at least provide FILE_ATTRIBUTE_SYSTEM and
-        * FILE_ATTRIBUTE_HIDDEN if the WIM inode has those attributes so that
-        * we catch the case where the user extracts the same files to the same
-        * location more than one time.
-        *
-        * Also specify FILE_ATTRIBUTE_ENCRYPTED if the file needs to be
-        * encrypted.
-        *
-        * In NO_ATTRIBUTES mode just don't specify any attributes at all.
-        */
-       if (ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_NO_ATTRIBUTES) {
-               attrib = 0;
-       } else {
-               attrib = (inode->i_attributes & (FILE_ATTRIBUTE_SYSTEM |
-                                                FILE_ATTRIBUTE_HIDDEN |
-                                                FILE_ATTRIBUTE_ENCRYPTED));
-       }
        build_extraction_path(dentry, ctx);
-retry:
-       status = do_create_file(h_ret, GENERIC_READ | GENERIC_WRITE | DELETE,
-                               NULL, attrib, FILE_SUPERSEDE,
-                               FILE_NON_DIRECTORY_FILE, ctx);
-       if (NT_SUCCESS(status)) {
-               int ret;
-
-               ret = adjust_compression_attribute(*h_ret, dentry, ctx);
-               if (ret) {
-                       (*func_NtClose)(*h_ret);
-                       return ret;
-               }
-
-               ret = maybe_clear_encryption_attribute(h_ret, dentry, ctx);
-               /* May close the handle!!! */
-
-               if (ret) {
-                       if (*h_ret)
-                               (*func_NtClose)(*h_ret);
-                       return ret;
-               }
-
-               if (!*h_ret) {
-                       /* Re-open the handle so that we can return it on
-                        * success.  */
-                       status = do_create_file(h_ret,
-                                               GENERIC_READ |
-                                                       GENERIC_WRITE | DELETE,
-                                               NULL, 0, FILE_OPEN,
-                                               FILE_NON_DIRECTORY_FILE, ctx);
-                       if (!NT_SUCCESS(status))
-                               goto fail;
-               }
-
-               ret = create_any_empty_ads(dentry, ctx);
-               if (ret) {
-                       (*func_NtClose)(*h_ret);
-                       return ret;
-               }
-               return 0;
-       }
 
-       if (status == STATUS_ACCESS_DENIED && !retried) {
-               /* We also can't supersede an existing file that has
-                * FILE_ATTRIBUTE_READONLY set; doing so causes NtCreateFile()
-                * to return STATUS_ACCESS_DENIED .  The only workaround seems
-                * to be to explicitly remove FILE_ATTRIBUTE_READONLY on the
-                * existing file, then try again.  */
+       ret = supersede_file_or_stream(ctx, &h);
+       if (ret)
+               goto out;
 
-               FILE_BASIC_INFORMATION info;
-               HANDLE h;
+       ret = adjust_compression_attribute(h, dentry, ctx);
+       if (ret)
+               goto out_close;
 
-               status = do_create_file(&h, FILE_WRITE_ATTRIBUTES, NULL, 0,
-                                       FILE_OPEN, FILE_NON_DIRECTORY_FILE, ctx);
-               if (!NT_SUCCESS(status))
-                       goto fail;
+       ret = create_any_empty_ads(dentry, ctx);
+       if (ret)
+               goto out_close;
 
-               memset(&info, 0, sizeof(info));
-               info.FileAttributes = FILE_ATTRIBUTE_NORMAL;
+       *h_ret = h;
+       return 0;
 
-               status = (*func_NtSetInformationFile)(h, &ctx->iosb,
-                                                     &info, sizeof(info),
-                                                     FileBasicInformation);
-               (*func_NtClose)(h);
-               if (!NT_SUCCESS(status))
-                       goto fail;
-               retried = true;
-               goto retry;
-       }
-fail:
-       set_errno_from_nt_status(status);
-       ERROR_WITH_ERRNO("Can't create file \"%ls\" (status=0x%08"PRIx32")",
-                        current_path(ctx), (u32)status);
-       return WIMLIB_ERR_OPEN;
+out_close:
+       (*func_NtClose)(h);
+out:
+       return ret;
 }
 
 /* Creates a hard link at the location named by @dentry to the file represented
@@ -1367,8 +1491,8 @@ create_link(HANDLE h, const struct wim_dentry *dentry,
                                                      FileLinkInformation);
                if (NT_SUCCESS(status))
                        return 0;
-               ERROR("Failed to create link \"%ls\" (status=0x%08"PRIx32")",
-                     current_path(ctx), (u32)status);
+               winnt_error(status, L"Failed to create link \"%ls\"",
+                           current_path(ctx));
                return WIMLIB_ERR_LINK;
        } else {
                HANDLE h2;
@@ -1416,7 +1540,7 @@ create_links(HANDLE h, const struct wim_dentry *first_dentry,
 
 /* Create a nondirectory file, including all links.  */
 static int
-create_nondirectory(const struct wim_inode *inode, struct win32_apply_ctx *ctx)
+create_nondirectory(struct wim_inode *inode, struct win32_apply_ctx *ctx)
 {
        struct wim_dentry *first_dentry;
        HANDLE h;
@@ -1439,7 +1563,7 @@ create_nondirectory(const struct wim_inode *inode, struct win32_apply_ctx *ctx)
 
        /* "WIMBoot" extraction: set external backing by the WIM file if needed.  */
        if (!ret && unlikely(ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_WIMBOOT))
-               ret = set_external_backing(h, first_dentry, ctx);
+               ret = set_external_backing(h, inode, ctx);
 
        (*func_NtClose)(h);
        return ret;
@@ -1450,8 +1574,8 @@ create_nondirectory(const struct wim_inode *inode, struct win32_apply_ctx *ctx)
 static int
 create_nondirectories(struct list_head *dentry_list, struct win32_apply_ctx *ctx)
 {
-       const struct wim_dentry *dentry;
-       const struct wim_inode *inode;
+       struct wim_dentry *dentry;
+       struct wim_inode *inode;
        int ret;
 
        list_for_each_entry(dentry, dentry_list, d_extraction_list_node) {
@@ -1461,6 +1585,7 @@ create_nondirectories(struct list_head *dentry_list, struct win32_apply_ctx *ctx
                /* Call create_nondirectory() only once per inode  */
                if (dentry == inode_first_extraction_dentry(inode)) {
                        ret = create_nondirectory(inode, ctx);
+                       ret = check_apply_error(dentry, ctx, ret);
                        if (ret)
                                return ret;
                }
@@ -1480,17 +1605,17 @@ close_handles(struct win32_apply_ctx *ctx)
 
 /* Prepare to read the next stream, which has size @stream_size, into an
  * in-memory buffer.  */
-static int
+static bool
 prepare_data_buffer(struct win32_apply_ctx *ctx, u64 stream_size)
 {
        if (stream_size > ctx->data_buffer_size) {
                /* Larger buffer needed.  */
                void *new_buffer;
                if ((size_t)stream_size != stream_size)
-                       return WIMLIB_ERR_NOMEM;
+                       return false;
                new_buffer = REALLOC(ctx->data_buffer, stream_size);
                if (!new_buffer)
-                       return WIMLIB_ERR_NOMEM;
+                       return false;
                ctx->data_buffer = new_buffer;
                ctx->data_buffer_size = stream_size;
        }
@@ -1498,7 +1623,7 @@ prepare_data_buffer(struct win32_apply_ctx *ctx, u64 stream_size)
         * extract_chunk() that the data buffer needs to be filled while reading
         * the stream data.  */
        ctx->data_buffer_ptr = ctx->data_buffer;
-       return 0;
+       return true;
 }
 
 static int
@@ -1523,20 +1648,6 @@ begin_extract_stream_instance(const struct wim_lookup_table_entry *stream,
                build_extraction_path(dentry, ctx);
        }
 
-       /* Reparse point?  */
-       if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)
-           && (stream_name_nchars == 0))
-       {
-               if (!ctx->common.supported_features.reparse_points)
-                       return 0;
-
-               /* We can't write the reparse stream directly; we must set it
-                * with FSCTL_SET_REPARSE_POINT, which requires that all the
-                * data be available.  So, stage the data in a buffer.  */
-
-               list_add_tail(&dentry->tmp_list, &ctx->reparse_dentries);
-               return prepare_data_buffer(ctx, stream->size);
-       }
 
        /* Encrypted file?  */
        if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_ENCRYPTED)
@@ -1556,8 +1667,32 @@ begin_extract_stream_instance(const struct wim_lookup_table_entry *stream,
                 * TODO: This isn't sufficient for extremely large encrypted
                 * files.  Perhaps we should create an extra thread to write
                 * such files...  */
+               if (!prepare_data_buffer(ctx, stream->size))
+                       return WIMLIB_ERR_NOMEM;
                list_add_tail(&dentry->tmp_list, &ctx->encrypted_dentries);
-               return prepare_data_buffer(ctx, stream->size);
+               return 0;
+       }
+
+       /* Reparse point?
+        *
+        * Note: FILE_ATTRIBUTE_REPARSE_POINT is tested *after*
+        * FILE_ATTRIBUTE_ENCRYPTED since the WIM format does not store both EFS
+        * data and reparse data for the same file, and the EFS data takes
+        * precedence.  */
+       if (unlikely(inode->i_attributes & FILE_ATTRIBUTE_REPARSE_POINT)
+           && (stream_name_nchars == 0))
+       {
+               if (!ctx->common.supported_features.reparse_points)
+                       return 0;
+
+               /* We can't write the reparse stream directly; we must set it
+                * with FSCTL_SET_REPARSE_POINT, which requires that all the
+                * data be available.  So, stage the data in a buffer.  */
+
+               if (!prepare_data_buffer(ctx, stream->size))
+                       return WIMLIB_ERR_NOMEM;
+               list_add_tail(&dentry->tmp_list, &ctx->reparse_dentries);
+               return 0;
        }
 
        if (ctx->num_open_handles == MAX_OPEN_STREAMS) {
@@ -1576,10 +1711,8 @@ begin_extract_stream_instance(const struct wim_lookup_table_entry *stream,
                                        FILE_SYNCHRONOUS_IO_NONALERT,
                                ctx);
        if (!NT_SUCCESS(status)) {
-               set_errno_from_nt_status(status);
-               ERROR_WITH_ERRNO("Can't open \"%ls\" for writing "
-                                "(status=0x%08"PRIx32")",
-                                current_path(ctx), (u32)status);
+               winnt_error(status, L"Can't open \"%ls\" for writing",
+                           current_path(ctx));
                return WIMLIB_ERR_OPEN;
        }
 
@@ -1636,10 +1769,8 @@ do_set_reparse_data(const struct wim_dentry *dentry,
        }
 
 fail:
-       set_errno_from_nt_status(status);
-       ERROR_WITH_ERRNO("Can't set reparse data on \"%ls\" "
-                        "(status=0x%08"PRIx32")",
-                        current_path(ctx), (u32)status);
+       winnt_error(status, L"Can't set reparse data on \"%ls\"",
+                   current_path(ctx));
        return WIMLIB_ERR_SET_REPARSE_DATA;
 }
 
@@ -1809,31 +1940,49 @@ import_encrypted_data(PBYTE pbData, PVOID pvCallbackContext, PULONG Length)
        return ERROR_SUCCESS;
 }
 
-/* Write the raw encrypted data to the already-created file corresponding to
- * @dentry.
+/*
+ * Write the raw encrypted data to the already-created file (or directory)
+ * corresponding to @dentry.
  *
  * The raw encrypted data is provided in ctx->data_buffer, and its size is
- * ctx->encrypted_size.  */
+ * ctx->encrypted_size.
+ *
+ * This function may close the target directory, in which case the caller needs
+ * to re-open it if needed.
+ */
 static int
 extract_encrypted_file(const struct wim_dentry *dentry,
                       struct win32_apply_ctx *ctx)
 {
        void *rawctx;
        DWORD err;
+       ULONG flags;
+       bool retried;
 
        /* Temporarily build a Win32 path for OpenEncryptedFileRaw()  */
        build_win32_extraction_path(dentry, ctx);
 
-       err = OpenEncryptedFileRaw(ctx->pathbuf.Buffer,
-                                  CREATE_FOR_IMPORT, &rawctx);
+       flags = CREATE_FOR_IMPORT | OVERWRITE_HIDDEN;
+       if (dentry->d_inode->i_attributes & FILE_ATTRIBUTE_DIRECTORY)
+               flags |= CREATE_FOR_DIR;
+
+       retried = false;
+retry:
+       err = OpenEncryptedFileRaw(ctx->pathbuf.Buffer, flags, &rawctx);
+       if (err == ERROR_SHARING_VIOLATION && !retried) {
+               /* This can be caused by the handle we have open to the target
+                * directory.  Try closing it temporarily.  */
+               close_target_directory(ctx);
+               retried = true;
+               goto retry;
+       }
 
        /* Restore the NT namespace path  */
        build_extraction_path(dentry, ctx);
 
        if (err != ERROR_SUCCESS) {
-               set_errno_from_win32_error(err);
-               ERROR_WITH_ERRNO("Can't open \"%ls\" for encrypted import "
-                                "(err=%"PRIu32")", current_path(ctx), (u32)err);
+               win32_error(err, L"Can't open \"%ls\" for encrypted import",
+                           current_path(ctx));
                return WIMLIB_ERR_OPEN;
        }
 
@@ -1844,9 +1993,8 @@ extract_encrypted_file(const struct wim_dentry *dentry,
        CloseEncryptedFileRaw(rawctx);
 
        if (err != ERROR_SUCCESS) {
-               set_errno_from_win32_error(err);
-               ERROR_WITH_ERRNO("Can't import encrypted file \"%ls\" "
-                                "(err=%"PRIu32")", current_path(ctx), (u32)err);
+               win32_error(err, L"Can't import encrypted file \"%ls\"",
+                           current_path(ctx));
                return WIMLIB_ERR_WRITE;
        }
 
@@ -1877,6 +2025,7 @@ begin_extract_stream(struct wim_lookup_table_entry *stream, void *_ctx)
                        dentry = inode_first_extraction_dentry(inode);
                        ret = begin_extract_stream_instance(stream, dentry,
                                                            stream_name, ctx);
+                       ret = check_apply_error(dentry, ctx, ret);
                        if (ret)
                                goto fail;
                } else {
@@ -1892,6 +2041,7 @@ begin_extract_stream(struct wim_lookup_table_entry *stream, void *_ctx)
                                                                    dentry,
                                                                    stream_name,
                                                                    ctx);
+                               ret = check_apply_error(dentry, ctx, ret);
                                if (ret)
                                        goto fail;
                                next = next->next;
@@ -1926,10 +2076,7 @@ extract_chunk(const void *chunk, size_t size, void *_ctx)
                                                     &ctx->iosb, bufptr, count,
                                                     NULL, NULL);
                        if (!NT_SUCCESS(status)) {
-                               set_errno_from_nt_status(status);
-                               ERROR_WITH_ERRNO("Error writing data to target "
-                                                "volume (status=0x%08"PRIx32")",
-                                                (u32)status);
+                               winnt_error(status, L"Error writing data to target volume");
                                return WIMLIB_ERR_WRITE;
                        }
                        bufptr += ctx->iosb.Information;
@@ -1969,7 +2116,8 @@ end_extract_stream(struct wim_lookup_table_entry *stream, int status, void *_ctx
                              "%"PRIu64" bytes (exceeds %u bytes)",
                              current_path(ctx), stream->size,
                              REPARSE_DATA_MAX_SIZE);
-                       return WIMLIB_ERR_INVALID_REPARSE_DATA;
+                       ret = WIMLIB_ERR_INVALID_REPARSE_DATA;
+                       return check_apply_error(dentry, ctx, ret);
                }
                /* In the WIM format, reparse streams are just the reparse data
                 * and omit the header.  But we can reconstruct the header.  */
@@ -1981,6 +2129,7 @@ end_extract_stream(struct wim_lookup_table_entry *stream, int status, void *_ctx
                        ret = set_reparse_data(dentry, &ctx->rpbuf,
                                               stream->size + REPARSE_DATA_OFFSET,
                                               ctx);
+                       ret = check_apply_error(dentry, ctx, ret);
                        if (ret)
                                return ret;
                }
@@ -1990,6 +2139,11 @@ end_extract_stream(struct wim_lookup_table_entry *stream, int status, void *_ctx
                ctx->encrypted_size = stream->size;
                list_for_each_entry(dentry, &ctx->encrypted_dentries, tmp_list) {
                        ret = extract_encrypted_file(dentry, ctx);
+                       ret = check_apply_error(dentry, ctx, ret);
+                       if (ret)
+                               return ret;
+                       /* Re-open the target directory if needed.  */
+                       ret = open_target_directory(ctx);
                        if (ret)
                                return ret;
                }
@@ -2166,10 +2320,9 @@ do_apply_metadata_to_file(HANDLE h, const struct wim_inode *inode,
                if (!NT_SUCCESS(status) &&
                    (ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_STRICT_ACLS))
                {
-                       set_errno_from_nt_status(status);
-                       ERROR_WITH_ERRNO("Can't set security descriptor "
-                                        "on \"%ls\" (status=0x%08"PRIx32")",
-                                        current_path(ctx), (u32)status);
+                       winnt_error(status,
+                                   L"Can't set security descriptor on \"%ls\"",
+                                   current_path(ctx));
                        return WIMLIB_ERR_SET_SECURITY;
                }
        }
@@ -2179,10 +2332,13 @@ do_apply_metadata_to_file(HANDLE h, const struct wim_inode *inode,
        info.LastAccessTime.QuadPart = inode->i_last_access_time;
        info.LastWriteTime.QuadPart = inode->i_last_write_time;
        info.ChangeTime.QuadPart = 0;
-       if (ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_NO_ATTRIBUTES)
-               info.FileAttributes = 0;
-       else
+       if (ctx->common.extract_flags & WIMLIB_EXTRACT_FLAG_NO_ATTRIBUTES) {
+               info.FileAttributes = FILE_ATTRIBUTE_NORMAL;
+       } else {
                info.FileAttributes = inode->i_attributes & ~SPECIAL_ATTRIBUTES;
+               if (info.FileAttributes == 0)
+                       info.FileAttributes = FILE_ATTRIBUTE_NORMAL;
+       }
 
        status = (*func_NtSetInformationFile)(h, &ctx->iosb,
                                              &info, sizeof(info),
@@ -2194,10 +2350,8 @@ do_apply_metadata_to_file(HANDLE h, const struct wim_inode *inode,
            && !(status == STATUS_INVALID_PARAMETER &&
                 dentry_is_root(inode_first_extraction_dentry(inode))))
        {
-               set_errno_from_nt_status(status);
-               ERROR_WITH_ERRNO("Can't set basic metadata on \"%ls\" "
-                                "(status=0x%08"PRIx32")",
-                                current_path(ctx), (u32)status);
+               winnt_error(status, L"Can't set basic metadata on \"%ls\"",
+                           current_path(ctx));
                return WIMLIB_ERR_SET_ATTRIBUTES;
        }
 
@@ -2239,10 +2393,8 @@ apply_metadata_to_file(const struct wim_dentry *dentry,
                                continue;
                        }
                }
-               set_errno_from_nt_status(status);
-               ERROR_WITH_ERRNO("Can't open \"%ls\" to set metadata "
-                                "(status=0x%08"PRIx32")",
-                                current_path(ctx), (u32)status);
+               winnt_error(status, L"Can't open \"%ls\" to set metadata",
+                           current_path(ctx));
                return WIMLIB_ERR_OPEN;
        }
 
@@ -2265,6 +2417,7 @@ apply_metadata(struct list_head *dentry_list, struct win32_apply_ctx *ctx)
        list_for_each_entry_reverse(dentry, dentry_list, d_extraction_list_node)
        {
                ret = apply_metadata_to_file(dentry, ctx);
+               ret = check_apply_error(dentry, ctx, ret);
                if (ret)
                        return ret;
                ret = report_file_metadata_applied(&ctx->common);
@@ -2280,17 +2433,28 @@ apply_metadata(struct list_head *dentry_list, struct win32_apply_ctx *ctx)
 static void
 do_warnings(const struct win32_apply_ctx *ctx)
 {
-       if (ctx->partial_security_descriptors == 0 &&
-           ctx->no_security_descriptors == 0 &&
-           ctx->num_short_name_failures == 0)
+       if (ctx->partial_security_descriptors == 0
+           && ctx->no_security_descriptors == 0
+           && ctx->num_set_short_name_failures == 0
+       #if 0
+           && ctx->num_remove_short_name_failures == 0
+       #endif
+           )
                return;
 
        WARNING("Extraction to \"%ls\" complete, but with one or more warnings:",
                ctx->common.target);
-       if (ctx->num_short_name_failures) {
+       if (ctx->num_set_short_name_failures) {
                WARNING("- Could not set short names on %lu files or directories",
-                       ctx->num_short_name_failures);
+                       ctx->num_set_short_name_failures);
+       }
+#if 0
+       if (ctx->num_remove_short_name_failures) {
+               WARNING("- Could not remove short names on %lu files or directories"
+                       "          (This is expected on Vista and earlier)",
+                       ctx->num_remove_short_name_failures);
        }
+#endif
        if (ctx->partial_security_descriptors) {
                WARNING("- Could only partially set the security descriptor\n"
                        "            on %lu files or directories.",
@@ -2387,8 +2551,7 @@ win32_extract(struct list_head *dentry_list, struct apply_ctx *_ctx)
 
        do_warnings(ctx);
 out:
-       if (ctx->h_target)
-               (*func_NtClose)(ctx->h_target);
+       close_target_directory(ctx);
        if (ctx->target_ntpath.Buffer)
                HeapFree(GetProcessHeap(), 0, ctx->target_ntpath.Buffer);
        FREE(ctx->pathbuf.Buffer);