2018-08-11 23:26:49 +02:00
|
|
|
package reverse_test
|
|
|
|
|
|
|
|
import (
|
|
|
|
"io/ioutil"
|
2019-01-04 17:57:57 +01:00
|
|
|
"path/filepath"
|
2018-08-11 23:26:49 +02:00
|
|
|
"testing"
|
|
|
|
|
2020-05-09 17:36:41 +02:00
|
|
|
"github.com/rfjakob/gocryptfs/ctlsock"
|
2019-01-04 17:57:57 +01:00
|
|
|
"github.com/rfjakob/gocryptfs/internal/nametransform"
|
2018-08-11 23:26:49 +02:00
|
|
|
"github.com/rfjakob/gocryptfs/tests/test_helpers"
|
|
|
|
)
|
|
|
|
|
|
|
|
func ctlsockEncryptPath(t *testing.T, sock string, path string) string {
|
|
|
|
req := ctlsock.RequestStruct{EncryptPath: path}
|
|
|
|
response := test_helpers.QueryCtlSock(t, sock, req)
|
|
|
|
if response.ErrNo != 0 {
|
|
|
|
t.Fatal(response)
|
|
|
|
}
|
|
|
|
return response.Result
|
|
|
|
}
|
|
|
|
|
2021-08-18 10:56:45 +02:00
|
|
|
// doTestExcludeTestFs runs exclude tests against the exclude_test_fs folder
|
2021-08-18 11:33:12 +02:00
|
|
|
func doTestExcludeTestFs(t *testing.T, flag string, patterns, visible, hidden []string) {
|
2018-08-11 23:26:49 +02:00
|
|
|
// Mount reverse fs
|
2021-08-18 11:33:12 +02:00
|
|
|
mnt, err := ioutil.TempDir(test_helpers.TmpDir, t.Name())
|
2018-08-11 23:26:49 +02:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
|
|
|
sock := mnt + ".sock"
|
|
|
|
cliArgs := []string{"-reverse", "-extpass", "echo test", "-ctlsock", sock}
|
2021-08-18 10:56:45 +02:00
|
|
|
for _, v := range patterns {
|
2018-08-15 13:11:34 +02:00
|
|
|
cliArgs = append(cliArgs, flag, v)
|
2018-08-11 23:26:49 +02:00
|
|
|
}
|
|
|
|
if plaintextnames {
|
|
|
|
cliArgs = append(cliArgs, "-config", "exclude_test_fs/.gocryptfs.reverse.conf.plaintextnames")
|
|
|
|
}
|
|
|
|
test_helpers.MountOrFatal(t, "exclude_test_fs", mnt, cliArgs...)
|
|
|
|
defer test_helpers.UnmountPanic(mnt)
|
2021-08-18 10:56:45 +02:00
|
|
|
|
|
|
|
// Get encrypted version of visible and hidden paths
|
2021-08-18 11:33:12 +02:00
|
|
|
cVisible := encryptExcludeTestPaths(t, sock, visible)
|
|
|
|
cHidden := encryptExcludeTestPaths(t, sock, hidden)
|
2021-08-18 10:56:45 +02:00
|
|
|
|
|
|
|
// Check that hidden paths are not there and visible paths are there
|
|
|
|
for _, v := range cHidden {
|
2020-08-15 15:39:08 +02:00
|
|
|
if test_helpers.VerifyExistence(t, mnt+"/"+v) {
|
2021-08-18 10:56:45 +02:00
|
|
|
t.Errorf("File %q is visible, but should be hidden", v)
|
2019-01-04 17:57:57 +01:00
|
|
|
}
|
|
|
|
if nametransform.IsLongContent(filepath.Base(v)) {
|
2021-08-18 10:56:45 +02:00
|
|
|
// TODO ???
|
2018-08-11 23:26:49 +02:00
|
|
|
}
|
|
|
|
}
|
2021-08-18 10:56:45 +02:00
|
|
|
for _, v := range cVisible {
|
2020-08-15 15:39:08 +02:00
|
|
|
if !test_helpers.VerifyExistence(t, mnt+"/"+v) {
|
2019-01-04 17:57:57 +01:00
|
|
|
t.Errorf("File %q is hidden, but should be visible", v)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-08-18 10:56:45 +02:00
|
|
|
// encryptExcludeTestPaths is used by doTestExcludeTestFs() to encrypt the lists of
|
2019-01-04 17:57:57 +01:00
|
|
|
// testcase paths
|
|
|
|
func encryptExcludeTestPaths(t *testing.T, socket string, pRelPaths []string) (out []string) {
|
|
|
|
for _, pRelPath := range pRelPaths {
|
|
|
|
cRelPath := ctlsockEncryptPath(t, socket, pRelPath)
|
|
|
|
out = append(out, cRelPath)
|
|
|
|
if !plaintextnames && nametransform.IsLongContent(filepath.Base(cRelPath)) {
|
|
|
|
// If we exclude
|
|
|
|
// gocryptfs.longname.3vZ_r3eDPb1_fL3j5VA4rd_bcKWLKT9eaxOVIGK5HFA
|
|
|
|
// we should also exclude
|
|
|
|
// gocryptfs.longname.3vZ_r3eDPb1_fL3j5VA4rd_bcKWLKT9eaxOVIGK5HFA.name
|
|
|
|
out = append(out, cRelPath+nametransform.LongNameSuffix)
|
2018-08-11 23:26:49 +02:00
|
|
|
}
|
|
|
|
}
|
2019-01-04 17:57:57 +01:00
|
|
|
return out
|
2018-08-11 23:26:49 +02:00
|
|
|
}
|
2018-08-15 13:11:34 +02:00
|
|
|
|
2021-08-18 10:56:45 +02:00
|
|
|
// TestExcludeTestFs runs exclude tests against the exclude_test_fs folder.
|
|
|
|
func TestExcludeTestFs(t *testing.T) {
|
2021-08-18 11:33:12 +02:00
|
|
|
// --exclude-wildcard patterns, gitignore syntax
|
|
|
|
patterns := []string{
|
|
|
|
"file1", // matches file1 anywhere
|
|
|
|
"!longdir1" + x240 + "/file1", // ! includes an otherwise file
|
|
|
|
"file2/", // a trailing slash matches only a directory
|
|
|
|
"dir1/file2", // matches file2 inside dir1 anywhere
|
|
|
|
"#file2", // comments are ignored
|
|
|
|
"dir2", // excludes the whole directory
|
|
|
|
"longfile2" + x240, // matches longfile2 anywhere
|
|
|
|
"/longfile3" + x240, // a leading / anchors the match at the root
|
|
|
|
"*~", // wildcards are supported
|
|
|
|
"dir1/**/exclude", // ** matches any number of directories
|
|
|
|
"file3/", // pattern with trailing slash should not match a file
|
|
|
|
}
|
|
|
|
// visible are plaintext paths that should be visible in the encrypted view
|
|
|
|
visible := []string{
|
|
|
|
"file2",
|
|
|
|
"dir1/longfile1" + x240,
|
|
|
|
"dir1/longfile3" + x240,
|
|
|
|
"longdir1" + x240,
|
|
|
|
"longdir1" + x240 + "/file1",
|
|
|
|
"longdir2" + x240 + "/file",
|
|
|
|
"longfile1" + x240,
|
|
|
|
"file3",
|
|
|
|
}
|
|
|
|
// hidden are plaintext paths that should be hidden in the encrypted view
|
|
|
|
hidden := []string{
|
|
|
|
"bkp1~",
|
|
|
|
"dir1/file1",
|
|
|
|
"dir1/file2",
|
|
|
|
"dir1/exclude",
|
|
|
|
"dir1/longbkp1" + x240 + "~",
|
|
|
|
"dir1/longfile2" + x240,
|
|
|
|
"dir1/subdir1/exclude",
|
|
|
|
"dir1/subdir1/subdir2/exclude",
|
|
|
|
"dir2",
|
|
|
|
"dir2/file",
|
|
|
|
"dir2/longdir1" + x240 + "/file",
|
|
|
|
"dir2/longfile." + x240,
|
|
|
|
"dir2/subdir",
|
|
|
|
"dir2/subdir/file",
|
|
|
|
"file1",
|
|
|
|
"longdir2" + x240 + "/bkp~",
|
|
|
|
"longfile2" + x240,
|
|
|
|
"longfile3" + x240,
|
|
|
|
}
|
|
|
|
|
|
|
|
doTestExcludeTestFs(t, "-exclude-wildcard", patterns, visible, hidden)
|
|
|
|
doTestExcludeTestFs(t, "-ew", patterns, visible, hidden)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Exclude everything using "/*", then selectively include only dir1 using "!/dir1"
|
|
|
|
// https://github.com/rfjakob/gocryptfs/issues/588
|
|
|
|
func TestExcludeAllOnlyDir1(t *testing.T) {
|
|
|
|
// --exclude-wildcard patterns, gitignore syntax
|
|
|
|
patterns := []string{
|
|
|
|
"*",
|
|
|
|
"!/dir1",
|
|
|
|
}
|
|
|
|
// visible are plaintext paths that should be visible in the encrypted view
|
|
|
|
visible := []string{
|
|
|
|
"dir1",
|
|
|
|
"dir1/file1",
|
|
|
|
}
|
|
|
|
// hidden are plaintext paths that should be hidden in the encrypted view
|
|
|
|
hidden := []string{
|
|
|
|
"dir2",
|
|
|
|
"dir2/file",
|
|
|
|
"dir2/longdir1" + x240 + "/file",
|
|
|
|
"dir2/longfile." + x240,
|
|
|
|
"dir2/subdir",
|
|
|
|
"dir2/subdir/file",
|
|
|
|
"file1",
|
|
|
|
"longdir2" + x240 + "/bkp~",
|
|
|
|
"longfile2" + x240,
|
|
|
|
"longfile3" + x240,
|
|
|
|
}
|
|
|
|
doTestExcludeTestFs(t, "-exclude-wildcard", patterns, visible, hidden)
|
2018-08-15 13:11:34 +02:00
|
|
|
}
|