To further complicate matters we were occasionally getting reports of the client reporting damaged files even when the launcher seemed to be downloading and staging files successfully.
Protecting system filesThis turned out be due to a very helpful feature of Windows, actually going back to Vista, when the UAC was introduced. When a legacy application wants to create a file in a protected location where it does not have write permissions, Windows will open a file in the Virtual Store folder, rather than letting the file create operation fail. When reading files, Windows will look in the Virtual Store first, so for many applications this will probably work fine.
The drawback to this helpful feature is that it can be downright confusing. Let's say we have an application that checks in the folder where the application lives for a file called myfile.txt. If it exists, it reads the file and displays the contents. If it doesn't exist, it prompts you for some text and writes to the file. Just to make this a bit more concrete, I've put this program up on github if you want to test this for yourself.
Show mePut this application under C:\Program Files\TestVirtualStore. Run the app, it tells you the file C:\Program Files\TestVirtualStore\myfile.txt does not exist, prompts you for some text and proceeds to writing the file. You look in C:\Program Files\TestVirtualStoreand there is no file called myfile.txt there. You run the application again - this time it reads from the file myfile.txt and succeeds, showing you the text you typed earlier.
If you run the same application again, this time as administrator, it will again tell you the file does not exist. Type in some text for the application to write - make sure it is different from before. You look in C:\Program Files\MyApp again and lo and behold, the file is there.
Now run again normally (not as administrator) - you will see the original text displayed again. Where was it saved? In a folder called VirtualStore under %LOCALAPPDATA%. The virtual store kicks in when a legacy application wants to write to a protected folder but can't due to lack of permissions. This means that the application gets a different view of the world depending on whether it is run normally or as administrator. I find that somewhat confusing, to say the least.
Now I'm confused...Let's look at another example, this time writing to C:\ProgramData\TestVirtualStore\myfile.txt. Normally, writing to ProgramData is allowed, but if the permissions of C:\ProgramData\TestVirtualStore do not allow writing, the VirtualStore kicks in again, with the same behavior as for Program Files. The same goes for permissions of individual files - if a file ends up there owned by the administrator, a regular launcher session would simply write a file to the VirtualStore instead. This time finding the file is obscured even further by the fact that ProgramData is a hidden folder - you won't see it unless you have view hidden files enabled in the Explorer.
Just to add to this perfect storm of events, the Windows 10 update would in some cases mess up the permissions of the ProgramData folder.
What is your legacy?So why was this an issue for the launcher? Surely it's not a legacy application? Well, by definition it was, due to an unfortunate oversight. A legacy application is defined as 32-bit, not running with administrative privileges and not including a Windows manifest file. This is where I messed up - I forgot to include a manifest when setting up the EVE launcher project. Normally when starting up new project in Visual Studio it will include a manifest by default - in fact, I had to explicitly remove it when setting up the sample programs used above. The launcher is a Qt project, and it does not include a manifest by default - I had to add it explicitly. This blog here has a good description of how to do it for Qt projects.
If the launcher was a standalone program this probably wouldn't have been an issue, aside from sometimes seeing files and sometimes not, depending on whether you ran as administrator or not. The problem is that the launcher is staging files for the EVE client to use, and the EVE client was already set up with a manifest file so it was not classified as a legacy application. If the launcher ended up writing any files to the VirtualStore the client would never see those files, and worse still, it might see a different version of a file than what the launcher would see.