hardcoresushi
/
libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity
libgocryptfs/tests/cli/cli_test.go

998 lines
27 KiB
Go
Raw Normal View History

tests: split "normal" tests into "cli" and "defaults" Also fixes the failure to run the benchmarks do to the missing gocryptfs.diriv.
2016-10-16 13:39:25 +02:00
package cli
Add "-extpass" cli option and associated tests
2015-11-15 13:38:19 +01:00
// Test CLI operations like "-init", "-password" etc
import (
tests: cli_test: fix fd leak One fd leak found in TestMountBackground.
2018-04-07 15:46:41 +02:00
"fmt"
main: add "-nonempty" option
2016-10-06 22:41:13 +02:00
"io/ioutil"
Add "-extpass" cli option and associated tests
2015-11-15 13:38:19 +01:00
"os"
"os/exec"
-passwd now takes a passed -scryptn flag into account https://github.com/rfjakob/gocryptfs/issues/400
2019-05-13 23:01:44 +02:00
"strconv"
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
"strings"
tests: add TestDiskFull Also fix incomplete uid restoration in TestSupplementaryGroups and replace syscall.Setregid and friends with unix.Setregid and friends. This test is added to check if have problems handling a full disk. The ticket https://github.com/rfjakob/gocryptfs/issues/550 states that the full disk was not where the backing gocryptfs filesystem was, but this has no effect on gocryptfs, so we test the harder case.
2021-03-12 19:25:25 +01:00
"sync"
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
"syscall"
Add "-extpass" cli option and associated tests
2015-11-15 13:38:19 +01:00
"testing"
tests: check if we close stderr and stdout correctly on mount Currently fails, as reported at https://github.com/rfjakob/gocryptfs/issues/130 .
2017-07-23 20:28:41 +02:00
"time"
Add "-extpass" cli option and associated tests
2015-11-15 13:38:19 +01:00
Major refactoring: Split up "cryptfs" into several internal packages "git status" for reference: deleted: cryptfs/cryptfs.go deleted: cryptfs/names_core.go modified: integration_tests/cli_test.go modified: integration_tests/helpers.go renamed: cryptfs/config_file.go -> internal/configfile/config_file.go renamed: cryptfs/config_test.go -> internal/configfile/config_test.go renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf renamed: cryptfs/kdf.go -> internal/configfile/kdf.go renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go new file: internal/contentenc/content_api.go renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go new file: internal/cryptocore/crypto_api.go renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go new file: internal/nametransform/name_api.go new file: internal/nametransform/names_core.go renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go new file: internal/nametransform/pad16.go renamed: cryptfs/log.go -> internal/toggledlog/log.go renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go modified: main.go modified: masterkey.go modified: pathfs_frontend/file.go modified: pathfs_frontend/file_holes.go modified: pathfs_frontend/fs.go modified: pathfs_frontend/fs_dir.go modified: pathfs_frontend/names.go modified: test.bash
2016-02-06 19:20:54 +01:00
"github.com/rfjakob/gocryptfs/internal/configfile"
exitcodes: pull all exit code definitions into the package This commit defines all exit codes in one place in the exitcodes package. Also, it adds a test to verify the exit code on incorrect password, which is what SiriKali cares about the most. Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-07 22:15:01 +02:00
"github.com/rfjakob/gocryptfs/internal/exitcodes"
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
"github.com/rfjakob/gocryptfs/internal/nametransform"
tests: split example_filesystems into its own package Running these tests from integration_tests' TestMain() was awkward because they were run twice with unchanged settings. integration_tests tests everything with OpenSSL and with native Go crypto, but this does not take affect for the example filesystems. To make this work, test_helpers is also split into its own package.
2016-06-06 23:57:42 +02:00
"github.com/rfjakob/gocryptfs/tests/test_helpers"
Add "-extpass" cli option and associated tests
2015-11-15 13:38:19 +01:00
)
readpassword: convert from string to []byte This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 14:26:54 +01:00
var testPw = []byte("test")
test: split up integration_tests ...into "matrix" and "normal". Also: * Make running multiple packages in parallel safe, see http://stackoverflow.com/questions/23715302/go-how-to-run-tests-for-multiple-packages * Don't depent on test_helper.TmpDir and friends to have a terminating slash
2016-06-30 00:57:14 +02:00
func TestMain(m *testing.M) {
test_helpers.ResetTmpDir(false)
tests: filter leaked fds by prefix When running $ go test ./tests/matrix/ in isolation, it failed like this: fd leak? before, after: [0r=/dev/null 3w=/dev/null 5r=/proc/8078/fd (hidden:4)] [0r=/dev/null 3w=/dev/null 5w=/tmp/go-build366655199/b001/testlog.txt 7r=/proc/8078/fd (hidden:4)] Filter by prefix to get rid of this spurious test failure.
2019-10-06 19:04:16 +02:00
before := test_helpers.ListFds(0, "")
test: split up integration_tests ...into "matrix" and "normal". Also: * Make running multiple packages in parallel safe, see http://stackoverflow.com/questions/23715302/go-how-to-run-tests-for-multiple-packages * Don't depent on test_helper.TmpDir and friends to have a terminating slash
2016-06-30 00:57:14 +02:00
r := m.Run()
tests: filter leaked fds by prefix When running $ go test ./tests/matrix/ in isolation, it failed like this: fd leak? before, after: [0r=/dev/null 3w=/dev/null 5r=/proc/8078/fd (hidden:4)] [0r=/dev/null 3w=/dev/null 5w=/tmp/go-build366655199/b001/testlog.txt 7r=/proc/8078/fd (hidden:4)] Filter by prefix to get rid of this spurious test failure.
2019-10-06 19:04:16 +02:00
after := test_helpers.ListFds(0, "")
tests: cli_test: fix fd leak One fd leak found in TestMountBackground.
2018-04-07 15:46:41 +02:00
if len(before) != len(after) {
tests: clarify which process seems to be leaking fds The tests check if they leak fds themselves, but we also check if gocryptfs leaks fds. Clarify what is what in the error message.
2019-10-06 18:48:09 +02:00
fmt.Printf("fd leak in test process? before, after:\n%v\n%v\n", before, after)
tests: cli_test: fix fd leak One fd leak found in TestMountBackground.
2018-04-07 15:46:41 +02:00
os.Exit(1)
}
test: split up integration_tests ...into "matrix" and "normal". Also: * Make running multiple packages in parallel safe, see http://stackoverflow.com/questions/23715302/go-how-to-run-tests-for-multiple-packages * Don't depent on test_helper.TmpDir and friends to have a terminating slash
2016-06-30 00:57:14 +02:00
os.Exit(r)
}
tests: add tests for "-config" option
2015-11-15 13:48:30 +01:00
// Test -init flag
Add "-extpass" cli option and associated tests
2015-11-15 13:38:19 +01:00
func TestInit(t *testing.T) {
tests: add InitFS helper
2016-06-16 21:06:03 +02:00
dir := test_helpers.InitFS(t)
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08 12:40:29 +02:00
_, c, err := configfile.LoadAndDecrypt(dir+"/"+configfile.ConfDefaultName, testPw)
tests: add tests for "-config" option
2015-11-15 13:48:30 +01:00
if err != nil {
t.Fatal(err)
}
reverse: switch from GCM-SIV to AES-SIV GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
if c.IsFeatureFlagSet(configfile.FlagAESSIV) {
t.Error("AESSIV flag should not be set")
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
}
tests: spin off TestPasswd from TestInit Also, capture all stderr and stdout but pass "-q". This way we get to see error messages if there are any, or spurious output when there should be none due to "-q".
2016-06-14 23:11:54 +02:00
}
tests: add tests for "-config" option
2015-11-15 13:48:30 +01:00
forward mode: create gocryptfs.diriv files with 0440 permissions Makes it easier to share an encrypted folder via a network drive. https://github.com/rfjakob/gocryptfs/issues/387
2019-03-30 20:06:40 +01:00
// Test that gocryptfs.conf and gocryptfs.diriv are there with the expected
// permissions after -init
func TestInitFilePerms(t *testing.T) {
dir := test_helpers.InitFS(t)
var st syscall.Stat_t
syscall.Stat(dir+"/gocryptfs.conf", &st)
perms := st.Mode & 0777
if perms != 0400 {
t.Errorf("Wrong permissions for gocryptfs.conf: %#o", perms)
}
st = syscall.Stat_t{}
syscall.Stat(dir+"/gocryptfs.diriv", &st)
perms = st.Mode & 0777
// From v1.7.1, these are created with 0440 permissions, see
nametransform: make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier when mounting via fstab. Having the files follow chmod/chown of their parent does not seem to be worth the hassle. The content of the diriv files is not secret, and both diriv and name files are protected by the perms of the parent dir. Fixes https://github.com/rfjakob/gocryptfs/issues/539
2021-01-10 08:06:09 +01:00
// https://github.com/rfjakob/gocryptfs/issues/387 .
// From v2.0, created with 0444 perms, see
// https://github.com/rfjakob/gocryptfs/issues/539 .
if perms != 0444 {
forward mode: create gocryptfs.diriv files with 0440 permissions Makes it easier to share an encrypted folder via a network drive. https://github.com/rfjakob/gocryptfs/issues/387
2019-03-30 20:06:40 +01:00
t.Errorf("Wrong permissions for gocryptfs.diriv: %#o", perms)
}
}
main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy.
2017-11-19 13:30:04 +01:00
// Test -init with -devrandom flag
func TestInitDevRandom(t *testing.T) {
test_helpers.InitFS(t, "-devrandom")
}
reverse: switch from GCM-SIV to AES-SIV GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
// Test -init with -aessiv
func TestInitAessiv(t *testing.T) {
dir := test_helpers.InitFS(t, "-aessiv")
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08 12:40:29 +02:00
_, c, err := configfile.LoadAndDecrypt(dir+"/"+configfile.ConfDefaultName, testPw)
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
if err != nil {
t.Fatal(err)
}
reverse: switch from GCM-SIV to AES-SIV GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
if !c.IsFeatureFlagSet(configfile.FlagAESSIV) {
t.Error("AESSIV flag should be set but is not")
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
}
}
// Test -init with -reverse
func TestInitReverse(t *testing.T) {
dir := test_helpers.InitFS(t, "-reverse")
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08 12:40:29 +02:00
_, c, err := configfile.LoadAndDecrypt(dir+"/"+configfile.ConfReverseName, testPw)
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
if err != nil {
t.Fatal(err)
}
reverse: switch from GCM-SIV to AES-SIV GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
if !c.IsFeatureFlagSet(configfile.FlagAESSIV) {
t.Error("AESSIV flag should be set but is not")
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
}
}
-passwd now takes a passed -scryptn flag into account https://github.com/rfjakob/gocryptfs/issues/400
2019-05-13 23:01:44 +02:00
// testPasswd changes the password from "test" to "test" using
// the -extpass method, then from "test" to "newpasswd" using the
// stdin method.
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
func testPasswd(t *testing.T, dir string, extraArgs ...string) {
tests: spin off TestPasswd from TestInit Also, capture all stderr and stdout but pass "-q". This way we get to see error messages if there are any, or spurious output when there should be none due to "-q".
2016-06-14 23:11:54 +02:00
// Change password using "-extpass"
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
args := []string{"-q", "-passwd", "-extpass", "echo test"}
args = append(args, extraArgs...)
args = append(args, dir)
cmd := exec.Command(test_helpers.GocryptfsBinary, args...)
readpassword: create internal package for password reading * Supports stdin * Add tests for extpass and stdin As per user request at https://github.com/rfjakob/gocryptfs/issues/30
2016-06-15 22:43:31 +02:00
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
tests: add InitFS helper
2016-06-16 21:06:03 +02:00
err := cmd.Run()
readpassword: create internal package for password reading * Supports stdin * Add tests for extpass and stdin As per user request at https://github.com/rfjakob/gocryptfs/issues/30
2016-06-15 22:43:31 +02:00
if err != nil {
t.Error(err)
}
// Change password using stdin
tests: fix stdin password change test It was actually testing extpass a second time.
2016-10-16 18:12:37 +02:00
args = []string{"-q", "-passwd"}
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
args = append(args, extraArgs...)
args = append(args, dir)
cmd = exec.Command(test_helpers.GocryptfsBinary, args...)
readpassword: create internal package for password reading * Supports stdin * Add tests for extpass and stdin As per user request at https://github.com/rfjakob/gocryptfs/issues/30
2016-06-15 22:43:31 +02:00
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
p, err := cmd.StdinPipe()
if err != nil {
t.Fatal(err)
}
err = cmd.Start()
if err != nil {
t.Error(err)
}
// Old password
p.Write([]byte("test\n"))
// New password
p.Write([]byte("newpasswd\n"))
p.Close()
err = cmd.Wait()
Add "-extpass" cli option and associated tests
2015-11-15 13:38:19 +01:00
if err != nil {
t.Error(err)
}
}
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
// Test -passwd flag
func TestPasswd(t *testing.T) {
// Create FS
dir := test_helpers.InitFS(t)
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
mnt := dir + ".mnt"
// Add content
test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo test")
file1 := mnt + "/file1"
err := ioutil.WriteFile(file1, []byte("somecontent"), 0600)
if err != nil {
t.Fatal(err)
}
err = test_helpers.UnmountErr(mnt)
if err != nil {
t.Fatal(err)
}
// Change password to "newpasswd"
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
testPasswd(t, dir)
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
// Mount and verify
test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo newpasswd")
content, err := ioutil.ReadFile(file1)
if err != nil {
t.Error(err)
} else if string(content) != "somecontent" {
t.Errorf("wrong content: %q", string(content))
}
err = test_helpers.UnmountErr(mnt)
if err != nil {
t.Fatal(err)
}
}
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
// cp copies file at `src` to `dst`, overwriting
// `dst` if it already exists. Calls t.Fatal on failure.
func cp(t *testing.T, src string, dst string) {
conf, err := ioutil.ReadFile(src)
if err != nil {
t.Fatal(err)
}
syscall.Unlink(dst)
err = ioutil.WriteFile(dst, conf, 0600)
if err != nil {
t.Fatal(err)
}
}
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
// Test -passwd with -masterkey
func TestPasswdMasterkey(t *testing.T) {
// Create FS
dir := test_helpers.InitFS(t)
// Overwrite with config with known master key
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
cp(t, "gocryptfs.conf.b9e5ba23", dir+"/gocryptfs.conf")
// Add content
mnt := dir + ".mnt"
test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo test")
file1 := mnt + "/file1"
err := ioutil.WriteFile(file1, []byte("somecontent"), 0600)
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
if err != nil {
t.Fatal(err)
}
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
test_helpers.UnmountPanic(mnt)
// Change password using stdin
args := []string{"-q", "-passwd", "-masterkey",
"b9e5ba23-981a22b8-c8d790d8-627add29-f680513f-b7b7035f-d203fb83-21d82205"}
args = append(args, dir)
cmd := exec.Command(test_helpers.GocryptfsBinary, args...)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
p, err := cmd.StdinPipe()
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
if err != nil {
t.Fatal(err)
}
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
err = cmd.Start()
if err != nil {
t.Error(err)
}
// New password
p.Write([]byte("newpasswd\n"))
p.Close()
err = cmd.Wait()
if err != nil {
t.Error(err)
}
// Mount and verify
test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo newpasswd")
content, err := ioutil.ReadFile(file1)
if err != nil {
t.Error(err)
} else if string(content) != "somecontent" {
t.Errorf("wrong content: %q", string(content))
}
test_helpers.UnmountPanic(mnt)
}
// Test -passwd with -masterkey=stdin
func TestPasswdMasterkeyStdin(t *testing.T) {
// Create FS
dir := test_helpers.InitFS(t)
// Overwrite with config with known master key
cp(t, "gocryptfs.conf.b9e5ba23", dir+"/gocryptfs.conf")
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
// Add content
mnt := dir + ".mnt"
test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo test")
file1 := mnt + "/file1"
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
err := ioutil.WriteFile(file1, []byte("somecontent"), 0600)
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
if err != nil {
t.Fatal(err)
}
test_helpers.UnmountPanic(mnt)
// Change password using stdin
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
args := []string{"-q", "-passwd", "-masterkey=stdin"}
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
args = append(args, dir)
cmd := exec.Command(test_helpers.GocryptfsBinary, args...)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
p, err := cmd.StdinPipe()
if err != nil {
t.Fatal(err)
}
err = cmd.Start()
if err != nil {
t.Error(err)
}
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
// Masterkey
p.Write([]byte("b9e5ba23-981a22b8-c8d790d8-627add29-f680513f-b7b7035f-d203fb83-21d82205\n"))
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
// New password
p.Write([]byte("newpasswd\n"))
p.Close()
err = cmd.Wait()
if err != nil {
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
t.Fatal(err)
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
}
// Mount and verify
test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo newpasswd")
content, err := ioutil.ReadFile(file1)
if err != nil {
tests: add TestPasswdMasterkeyStdin Tests that `gocryptfs -passwd -masterkey=stdin` works. This was fixed by ff04b1d83ab1201. Fixes https://github.com/rfjakob/gocryptfs/issues/461
2020-05-09 16:53:25 +02:00
t.Fatal(err)
tests: add test for -password -masterkey Also, make the other password tests more rigorous by verifying the fs content.
2016-10-16 19:13:00 +02:00
} else if string(content) != "somecontent" {
t.Errorf("wrong content: %q", string(content))
}
test_helpers.UnmountPanic(mnt)
reverse: add gcmsiv flag and associated tests
2016-09-25 15:05:09 +02:00
}
// Test -passwd with -reverse
func TestPasswdReverse(t *testing.T) {
// Create FS
dir := test_helpers.InitFS(t, "-reverse")
testPasswd(t, dir, "-reverse")
}
-passwd now takes a passed -scryptn flag into account https://github.com/rfjakob/gocryptfs/issues/400
2019-05-13 23:01:44 +02:00
// Test -passwd with -scryptn
func TestPasswdScryptn(t *testing.T) {
dir := test_helpers.InitFS(t)
cf, err := configfile.Load(dir + "/gocryptfs.conf")
if err != nil {
t.Fatal(err)
}
testPasswd(t, dir, "-scryptn", strconv.Itoa(cf.ScryptObject.LogN()+1))
cf2, err := configfile.Load(dir + "/gocryptfs.conf")
if err != nil {
t.Fatal(err)
}
if cf2.ScryptObject.LogN() != cf.ScryptObject.LogN()+1 {
t.Errorf("wrong logN value %d", cf2.ScryptObject.LogN())
}
}
tests: add tests for "-config" option
2015-11-15 13:48:30 +01:00
// Test -init & -config flag
func TestInitConfig(t *testing.T) {
test: split up integration_tests ...into "matrix" and "normal". Also: * Make running multiple packages in parallel safe, see http://stackoverflow.com/questions/23715302/go-how-to-run-tests-for-multiple-packages * Don't depent on test_helper.TmpDir and friends to have a terminating slash
2016-06-30 00:57:14 +02:00
config := test_helpers.TmpDir + "/TestInitConfig.conf"
tests: add InitFS helper
2016-06-16 21:06:03 +02:00
dir := test_helpers.InitFS(t, "-config="+config)
_, err := os.Stat(config)
tests: add tests for "-config" option
2015-11-15 13:48:30 +01:00
if err != nil {
t.Fatal(err)
}
// Test -passwd & -config
tests: spin off TestPasswd from TestInit Also, capture all stderr and stdout but pass "-q". This way we get to see error messages if there are any, or spurious output when there should be none due to "-q".
2016-06-14 23:11:54 +02:00
cmd2 := exec.Command(test_helpers.GocryptfsBinary, "-q", "-passwd", "-extpass", "echo test",
tests: add tests for "-config" option
2015-11-15 13:48:30 +01:00
"-config", config, dir)
tests: spin off TestPasswd from TestInit Also, capture all stderr and stdout but pass "-q". This way we get to see error messages if there are any, or spurious output when there should be none due to "-q".
2016-06-14 23:11:54 +02:00
cmd2.Stdout = os.Stdout
cmd2.Stderr = os.Stderr
tests: add tests for "-config" option
2015-11-15 13:48:30 +01:00
err = cmd2.Run()
Add "-extpass" cli option and associated tests
2015-11-15 13:38:19 +01:00
if err != nil {
t.Error(err)
}
}
tests: add "gocryptfs -init -plaintextnames" cli testcase
2015-12-11 22:21:00 +01:00
Add "-ro" (read-only) flag From the man page: **-ro** : Mount the filesystem read-only Also add a test.
2016-06-16 21:29:22 +02:00
// Test -ro
func TestRo(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
test_helpers.MountOrFatal(t, dir, mnt, "-ro", "-extpass=echo test")
tests: use unmount wrapper in ResetTmpDir This should make it work on OSX. Also, split unmount into two functions. Depending on what you want, * UnmountErr returns the resulting error * UnmountPanic panics if the error was not nil
2016-07-11 20:31:36 +02:00
defer test_helpers.UnmountPanic(mnt)
Add "-ro" (read-only) flag From the man page: **-ro** : Mount the filesystem read-only Also add a test.
2016-06-16 21:29:22 +02:00
file := mnt + "/file"
err := os.Mkdir(file, 0777)
if err == nil {
t.Errorf("Mkdir should have failed")
}
_, err = os.Create(file)
if err == nil {
t.Errorf("Create should have failed")
}
}
main: add "-nonempty" option
2016-10-06 22:41:13 +02:00
// Test "-nonempty"
func TestNonempty(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
err := os.Mkdir(mnt, 0700)
if err != nil {
t.Fatal(err)
}
err = ioutil.WriteFile(mnt+"/somefile", []byte("xyz"), 0600)
if err != nil {
t.Fatal(err)
}
err = test_helpers.Mount(dir, mnt, false, "-extpass=echo test")
if err == nil {
t.Errorf("Mounting over a file should fail per default")
}
// Should work with "-nonempty"
test_helpers.MountOrFatal(t, dir, mnt, "-nonempty", "-extpass=echo test")
test_helpers.UnmountPanic(mnt)
}
tests: add test for "mountpoint shadows cipherdir" logic
2016-10-09 00:03:39 +02:00
Allow "nofail" for /etc/fstab use
2019-03-31 14:33:02 +02:00
// -nofail should be ignored and the mount should succeed
func TestNofail(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
test_helpers.MountOrFatal(t, dir, mnt, "-nofail", "-extpass=echo test")
defer test_helpers.UnmountPanic(mnt)
}
tests: add test for "mountpoint shadows cipherdir" logic
2016-10-09 00:03:39 +02:00
// Test "mountpoint shadows cipherdir" handling
func TestShadows(t *testing.T) {
mnt := test_helpers.InitFS(t)
cipher := mnt + ".cipher"
err := os.Rename(mnt, cipher)
if err != nil {
t.Fatal(err)
}
// This should work
main: show "-o" in the help text Binds it to a dummy variable so it appears in the help text.
2016-10-10 20:21:52 +02:00
// (note that MountOrFatal creates "mnt" again)
tests: add test for "mountpoint shadows cipherdir" logic
2016-10-09 00:03:39 +02:00
test_helpers.MountOrFatal(t, cipher, mnt, "-extpass=echo test")
test_helpers.UnmountPanic(mnt)
cipher2 := mnt + "/cipher"
err = os.Rename(cipher, cipher2)
if err != nil {
t.Fatal(err)
}
// This should fail
err = test_helpers.Mount(cipher2, mnt, false, "-extpass=echo test")
if err == nil {
t.Errorf("Should have failed")
}
}
Check for trailing garbage after the password From the comment: // CheckTrailingGarbage tries to read one byte from stdin and exits with a // fatal error if the read returns any data. // This is meant to be called after reading the password, when there is no more // data expected. This helps to catch problems with third-party tools that // interface with gocryptfs.
2017-02-12 15:35:50 +01:00
main: password change: exit with code 12 on wrong password We used to return code 8, now we return code 12 as documented in the man page. Also adds a test.
2017-05-14 13:14:00 +02:00
// TestMountPasswordIncorrect makes sure the correct exit code is used when the password
// was incorrect while mounting
func TestMountPasswordIncorrect(t *testing.T) {
cDir := test_helpers.InitFS(t) // Create filesystem with password "test"
exitcodes: pull all exit code definitions into the package This commit defines all exit codes in one place in the exitcodes package. Also, it adds a test to verify the exit code on incorrect password, which is what SiriKali cares about the most. Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-07 22:15:01 +02:00
pDir := cDir + ".mnt"
err := test_helpers.Mount(cDir, pDir, false, "-extpass", "echo WRONG", "-wpanic=false")
fsck: add initial implementation Most corruption cases except xattr should be covered. With test filesystem. The output is still pretty ugly. xattr support will be added in the next commits.
2018-04-01 21:23:32 +02:00
exitCode := test_helpers.ExtractCmdExitCode(err)
exitcodes: pull all exit code definitions into the package This commit defines all exit codes in one place in the exitcodes package. Also, it adds a test to verify the exit code on incorrect password, which is what SiriKali cares about the most. Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-07 22:15:01 +02:00
if exitCode != exitcodes.PasswordIncorrect {
t.Errorf("want=%d, got=%d", exitcodes.PasswordIncorrect, exitCode)
}
}
main: password change: exit with code 12 on wrong password We used to return code 8, now we return code 12 as documented in the man page. Also adds a test.
2017-05-14 13:14:00 +02:00
// TestPasswdPasswordIncorrect makes sure the correct exit code is used when the password
// was incorrect while changing the password
func TestPasswdPasswordIncorrect(t *testing.T) {
cDir := test_helpers.InitFS(t) // Create filesystem with password "test"
// Change password
cmd := exec.Command(test_helpers.GocryptfsBinary, "-passwd", cDir)
childStdin, err := cmd.StdinPipe()
if err != nil {
t.Fatal(err)
}
err = cmd.Start()
if err != nil {
t.Fatal(err)
}
_, err = childStdin.Write([]byte("WRONGPASSWORD\nNewPassword"))
if err != nil {
t.Fatal(err)
}
err = childStdin.Close()
if err != nil {
t.Fatal(err)
}
err = cmd.Wait()
fsck: add initial implementation Most corruption cases except xattr should be covered. With test filesystem. The output is still pretty ugly. xattr support will be added in the next commits.
2018-04-01 21:23:32 +02:00
exitCode := test_helpers.ExtractCmdExitCode(err)
main: password change: exit with code 12 on wrong password We used to return code 8, now we return code 12 as documented in the man page. Also adds a test.
2017-05-14 13:14:00 +02:00
if exitCode != exitcodes.PasswordIncorrect {
t.Errorf("want=%d, got=%d", exitcodes.PasswordIncorrect, exitCode)
}
}
tests: check if we close stderr and stdout correctly on mount Currently fails, as reported at https://github.com/rfjakob/gocryptfs/issues/130 .
2017-07-23 20:28:41 +02:00
// Check that we correctly background on mount and close stderr and stdout.
// Something like
// gocryptfs a b | cat
// must not hang ( https://github.com/rfjakob/gocryptfs/issues/130 ).
func TestMountBackground(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
err := os.Mkdir(mnt, 0700)
if err != nil {
t.Fatal(err)
}
// Manually create a pipe pair and connect the child's stdout and stderr
// to it. We cannot use StdoutPipe because that will close the pipe
// when the child forks away.
pr, pw, err := os.Pipe()
if err != nil {
t.Fatal(err)
}
args := []string{"-extpass", "echo test", dir, mnt}
cmd := exec.Command(test_helpers.GocryptfsBinary, args...)
cmd.Stdout = pw
cmd.Stderr = pw
err = cmd.Run()
if err != nil {
t.Error(err)
}
pw.Close()
defer test_helpers.UnmountPanic(mnt)
// Read until we get EOF.
c1 := make(chan struct{}, 1)
go func() {
buf := make([]byte, 1000)
for {
_, err = pr.Read(buf)
// We should get io.EOF when the child closes stdout
// and stderr.
if err != nil {
tests: cli_test: fix fd leak One fd leak found in TestMountBackground.
2018-04-07 15:46:41 +02:00
pr.Close()
tests: check if we close stderr and stdout correctly on mount Currently fails, as reported at https://github.com/rfjakob/gocryptfs/issues/130 .
2017-07-23 20:28:41 +02:00
c1 <- struct{}{}
return
}
}
}()
select {
case <-c1:
return
case <-time.After(time.Second * 5):
t.Fatal("timeout")
}
}
main: add "-fsck" flag The fsck operation is not yet implemented, this commits just adds the flag and improves cli flag handling.
2018-04-01 14:25:10 +02:00
// Test that "gocryptfs -init -info CIPHERDIR" returns an error to the
// user. Only one operation flag is allowed.
func TestMultipleOperationFlags(t *testing.T) {
// Test all combinations
opFlags := []string{"-init", "-info", "-passwd", "-fsck"}
for _, flag1 := range opFlags {
var flag2 string
for _, flag2 = range opFlags {
if flag1 == flag2 {
continue
}
args := []string{flag1, flag2, "/tmp"}
//t.Logf("testing %v", args)
cmd := exec.Command(test_helpers.GocryptfsBinary, args...)
err := cmd.Run()
fsck: add initial implementation Most corruption cases except xattr should be covered. With test filesystem. The output is still pretty ugly. xattr support will be added in the next commits.
2018-04-01 21:23:32 +02:00
exitCode := test_helpers.ExtractCmdExitCode(err)
main: add "-fsck" flag The fsck operation is not yet implemented, this commits just adds the flag and improves cli flag handling.
2018-04-01 14:25:10 +02:00
if exitCode != exitcodes.Usage {
t.Fatalf("this should have failed with code %d, but returned %d",
exitcodes.Usage, exitCode)
}
}
}
}
main: make prefixOArgs errors testable By returning an error instead of calling os.Exit, error cases can be tested easily. Error cases were not tested until now.
2018-06-05 21:02:35 +02:00
main: accept -dev, -nodev, -suid, -nosuid, -exec, -noexec When mounted via /etc/fstab like this, /a /b fuse.gocryptfs default 0 0 we always get extra options passed. As reported by @mahkoh at https://github.com/rfjakob/gocryptfs/pull/233 : mount passes `-o noexec` if `-o user` is set and `-o exec` is not set. If both `-o user` and `-o exec` are set, it passes `-o exec`. Make these options work, and in addtion, also make -suid and -rw work the same way. Reported-by: @mahkoh
2018-06-07 22:50:30 +02:00
func TestNoexec(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
test_helpers.MountOrFatal(t, dir, mnt, "-extpass=echo test", "-noexec")
defer test_helpers.UnmountPanic(mnt)
sh := mnt + "/x.sh"
content := `#!/bin/bash
echo hello
`
tests: MountOrFatal creates mnt dir itself Allows to drop a few Mkdir()s.
2021-03-20 10:33:34 +01:00
err := ioutil.WriteFile(sh, []byte(content), 0755)
main: accept -dev, -nodev, -suid, -nosuid, -exec, -noexec When mounted via /etc/fstab like this, /a /b fuse.gocryptfs default 0 0 we always get extra options passed. As reported by @mahkoh at https://github.com/rfjakob/gocryptfs/pull/233 : mount passes `-o noexec` if `-o user` is set and `-o exec` is not set. If both `-o user` and `-o exec` are set, it passes `-o exec`. Make these options work, and in addtion, also make -suid and -rw work the same way. Reported-by: @mahkoh
2018-06-07 22:50:30 +02:00
if err != nil {
t.Fatal(err)
}
err = exec.Command(sh).Run()
exitCode := test_helpers.ExtractCmdExitCode(err)
if exitCode != int(syscall.EACCES) {
t.Errorf("got exitcode %d instead of EPERM (%d)", exitCode, syscall.EPERM)
}
}
main: make prefixOArgs errors testable By returning an error instead of calling os.Exit, error cases can be tested easily. Error cases were not tested until now.
2018-06-05 21:02:35 +02:00
// Test that a missing argument to "-o" triggers exit code 1.
// See also cli_args_test.go for comprehensive tests of "-o" parsing.
func TestMissingOArg(t *testing.T) {
cmd := exec.Command(test_helpers.GocryptfsBinary, "foo", "bar", "-o")
err := cmd.Run()
exitCode := test_helpers.ExtractCmdExitCode(err)
if exitCode != exitcodes.Usage {
t.Fatalf("this should have failed with code %d, but returned %d",
exitcodes.Usage, exitCode)
}
}
reverse mode: add --exclude option https://github.com/rfjakob/gocryptfs/issues/235
2018-08-11 23:26:49 +02:00
// -exclude must return an error in forward mode
func TestExcludeForward(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
err := test_helpers.Mount(dir, mnt, false, "-extpass", "echo test", "-exclude", "foo")
if err == nil {
t.Errorf("-exclude in forward mode should fail")
}
t.Log(err)
}
main: don't read the config file twice (fix pipe bug) Instead, first Load() the file, then DecryptMasterKey(). Fixes https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08 13:04:33 +02:00
// Check that the config file can be read from a named pipe.
// Make sure bug https://github.com/rfjakob/gocryptfs/issues/258 does not come
// back.
func TestConfigPipe(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
err := os.Mkdir(mnt, 0700)
if err != nil {
t.Fatal(err)
}
bashLine := fmt.Sprintf("%s -q -extpass \"echo test\" -config <(cat %s/gocryptfs.conf) %s %s", test_helpers.GocryptfsBinary, dir, dir, mnt)
cmd := exec.Command("bash", "-c", bashLine)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stdout
err = cmd.Run()
exitCode := test_helpers.ExtractCmdExitCode(err)
if exitCode != 0 {
t.Errorf("bash command\n%q\nresulted in exit code %d", bashLine, exitCode)
return
}
test_helpers.UnmountPanic(mnt)
}
main: sanitize commas from fsname The cipherdir path is used as the fsname, as displayed in "df -T". Now, having a comma in fsname triggers a sanity check in go-fuse, aborting the mount with: /bin/fusermount: mount failed: Invalid argument fuse.NewServer failed: fusermount exited with code 256 Sanitize fsname by replacing any commas with underscores. https://github.com/rfjakob/gocryptfs/issues/262
2018-09-18 19:35:31 +02:00
// Ciphertext dir and mountpoint contains a comma
// https://github.com/rfjakob/gocryptfs/issues/262
func TestComma(t *testing.T) {
dir0 := test_helpers.InitFS(t)
dir := dir0 + ",foo,bar"
err := os.Rename(dir0, dir)
if err != nil {
t.Fatal(err)
}
mnt := dir + ".mnt"
err = test_helpers.Mount(dir, mnt, false, "-extpass", "echo test", "-wpanic=0")
if err != nil {
t.Fatalf("Failed to mount %q on %q: %v", dir, mnt, err)
}
test_helpers.UnmountPanic(mnt)
}
tests: add idle timeout test Mount with idle timeout 10ms and check that the process exits by itself within 5 seconds.
2018-10-11 20:43:28 +02:00
// Mount with idle timeout 10ms and check that the process exits by itself
// within 5 seconds.
func TestIdle(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
err := os.Mkdir(mnt, 0700)
if err != nil {
t.Fatal(err)
}
cmd := exec.Command(test_helpers.GocryptfsBinary,
"-q", "-nosyslog", "-fg", "-extpass", "echo test", "-i", "10ms", dir, mnt)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
tests: fix golint error Error was: tests/cli/cli_test.go:552: declaration of "err" shadows declaration at tests/cli/cli_test.go:544
2018-10-11 20:57:52 +02:00
err = cmd.Start()
if err != nil {
tests: add idle timeout test Mount with idle timeout 10ms and check that the process exits by itself within 5 seconds.
2018-10-11 20:43:28 +02:00
t.Fatal(err)
}
timer := time.AfterFunc(5*time.Second, func() {
t.Error("timeout waiting for umount")
cmd.Process.Kill()
})
err = cmd.Wait()
timer.Stop()
if err != nil {
t.Error(err)
}
}
tests: add TestNotIdle Mount with idle timeout of 100ms read something every 10ms. The fs should NOT get unmounted. Regression test for https://github.com/rfjakob/gocryptfs/issues/421
2019-09-08 16:16:18 +02:00
// Mount with idle timeout of 100ms read something every 10ms. The fs should
// NOT get unmounted. Regression test for https://github.com/rfjakob/gocryptfs/issues/421
func TestNotIdle(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
tests: MountOrFatal creates mnt dir itself Allows to drop a few Mkdir()s.
2021-03-20 10:33:34 +01:00
err := test_helpers.Mount(dir, mnt, false, "-extpass", "echo test", "-i=100ms")
tests: add TestNotIdle Mount with idle timeout of 100ms read something every 10ms. The fs should NOT get unmounted. Regression test for https://github.com/rfjakob/gocryptfs/issues/421
2019-09-08 16:16:18 +02:00
if err != nil {
t.Fatal(err)
}
err = ioutil.WriteFile(mnt+"/foo", []byte("foo"), 0600)
if err != nil {
t.Fatal(err)
}
// Read every 10 milliseconds for a total of 1 second
for i := 1; i < 100; i++ {
_, err = ioutil.ReadFile(mnt + "/foo")
if err != nil {
t.Fatalf("iteration %d failed: %v", i, err)
}
time.Sleep(10 * time.Millisecond)
}
// Keep a file handle open for 1 second
fd, err := os.Open(mnt + "/foo")
if err != nil {
t.Fatal(err)
}
time.Sleep(1 * time.Second)
buf := make([]byte, 100)
_, err = fd.Read(buf)
if err != nil {
t.Fatal(err)
}
fd.Close()
// All good.
test_helpers.UnmountPanic(mnt)
}
tests: cli: add TestSymlinkedCipherdir https://github.com/rfjakob/gocryptfs/issues/450
2020-01-25 16:54:57 +01:00
// TestSymlinkedCipherdir checks that if CIPHERDIR itself is a symlink, it is
// followed.
// https://github.com/rfjakob/gocryptfs/issues/450
func TestSymlinkedCipherdir(t *testing.T) {
dir := test_helpers.InitFS(t)
dirSymlink := dir + ".symlink"
err := os.Symlink(dir, dirSymlink)
if err != nil {
t.Fatal(err)
}
mnt := dir + ".mnt"
test_helpers.MountOrFatal(t, dirSymlink, mnt, "-extpass=echo test")
defer test_helpers.UnmountPanic(mnt)
file := mnt + "/file"
f, err := os.Create(file)
if err != nil {
t.Fatal(err)
}
f.Close()
f, err = os.Open(mnt)
if err != nil {
t.Fatal(err)
}
defer f.Close()
names, err := f.Readdirnames(0)
if err != nil {
t.Fatal(err)
}
if len(names) != 1 || names[0] != "file" {
t.Errorf("wrong Readdirnames result: %v", names)
}
}
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
tests: cli: rename TestBypass -> TestBadname The command line option is now called `-badname`, so adjust the test name to match.
2020-05-09 15:29:21 +02:00
// TestBadname tests the `-badname` option
func TestBadname(t *testing.T) {
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
//Supported structure of badname: <ciphername><badname pattern><badname suffix>
//"Visible" shows the success of function DecryptName (cipher -> plain)
//"Access" shows the success of function EncryptAndHashBadName (plain -> cipher)
//Case Visible Access Description
//Case 1 x x Access file without BadName suffix (default mode)
//Case 2 x x Access file with BadName suffix which has a valid cipher file (will only be possible if file was created without badname option)
//Case 3 Access file with valid ciphername + BadName suffix (impossible since this would not be produced by DecryptName)
//Case 4 x x Access file with decryptable part of name and Badname suffix (default badname case)
//Case 5 x x Access file with undecryptable name and BadName suffix (e. g. when part of the cipher name was cut)
//Case 6 x Access file with multiple possible matches.
//Case 7 Access file with BadName suffix and non-matching pattern
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
Added auto decryption of invalid file names Changed invalid file decoding and decryption. Function DecryptName now shortens the filename until the filename is decodable and decryptable. Will work with valid **and** invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-]. If the filename is not decryptable at all, it returns the original cipher name with flag suffix Changed cli tests to generate decryptable and undecryptable file names with correct encrypted content. Replacing #474, extends #393
2020-05-19 13:34:58 +02:00
validFileName := "file"
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
invalidSuffix := "_invalid_file"
var contentCipher [7][]byte
//first mount without badname (see case 2)
test_helpers.MountOrFatal(t, dir, mnt, "-extpass=echo test", "-wpanic=false")
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
Added auto decryption of invalid file names Changed invalid file decoding and decryption. Function DecryptName now shortens the filename until the filename is decodable and decryptable. Will work with valid **and** invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-]. If the filename is not decryptable at all, it returns the original cipher name with flag suffix Changed cli tests to generate decryptable and undecryptable file names with correct encrypted content. Replacing #474, extends #393
2020-05-19 13:34:58 +02:00
file := mnt + "/" + validFileName
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
// Case 1: write one valid filename (empty content)
err := ioutil.WriteFile(file, []byte("Content Case 1."), 0600)
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
if err != nil {
t.Fatal(err)
}
tests: TestBadname: simplify test by using empty files Simplify the tests by using empty files. Empty files are valid, and we don't check the content anyway. Also adjust comment style a little and add a missing break statement.
2020-06-06 12:50:39 +02:00
// read encrypted file name
Added auto decryption of invalid file names Changed invalid file decoding and decryption. Function DecryptName now shortens the filename until the filename is decodable and decryptable. Will work with valid **and** invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-]. If the filename is not decryptable at all, it returns the original cipher name with flag suffix Changed cli tests to generate decryptable and undecryptable file names with correct encrypted content. Replacing #474, extends #393
2020-05-19 13:34:58 +02:00
fread, err := os.Open(dir)
if err != nil {
t.Fatal(err)
}
defer fread.Close()
encryptedfilename := ""
ciphernames, err := fread.Readdirnames(0)
if err != nil {
t.Fatal(err)
}
for _, ciphername := range ciphernames {
if ciphername != "gocryptfs.conf" && ciphername != "gocryptfs.diriv" {
encryptedfilename = ciphername
tests: TestBadname: simplify test by using empty files Simplify the tests by using empty files. Empty files are valid, and we don't check the content anyway. Also adjust comment style a little and add a missing break statement.
2020-06-06 12:50:39 +02:00
// found cipher name of "file"
break
Added auto decryption of invalid file names Changed invalid file decoding and decryption. Function DecryptName now shortens the filename until the filename is decodable and decryptable. Will work with valid **and** invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-]. If the filename is not decryptable at all, it returns the original cipher name with flag suffix Changed cli tests to generate decryptable and undecryptable file names with correct encrypted content. Replacing #474, extends #393
2020-05-19 13:34:58 +02:00
}
}
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
//Generate valid cipherdata for all cases
for i := 0; i < len(contentCipher); i++ {
err := ioutil.WriteFile(file, []byte(fmt.Sprintf("Content Case %d.", i+1)), 0600)
if err != nil {
t.Fatal(err)
}
//save the cipher data for file operations in cipher dir
contentCipher[i], err = ioutil.ReadFile(dir + "/" + encryptedfilename)
if err != nil {
t.Fatal(err)
}
}
Added auto decryption of invalid file names Changed invalid file decoding and decryption. Function DecryptName now shortens the filename until the filename is decodable and decryptable. Will work with valid **and** invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-]. If the filename is not decryptable at all, it returns the original cipher name with flag suffix Changed cli tests to generate decryptable and undecryptable file names with correct encrypted content. Replacing #474, extends #393
2020-05-19 13:34:58 +02:00
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
//re-write content for case 1
err = ioutil.WriteFile(file, []byte("Content Case 1."), 0600)
Added auto decryption of invalid file names Changed invalid file decoding and decryption. Function DecryptName now shortens the filename until the filename is decodable and decryptable. Will work with valid **and** invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-]. If the filename is not decryptable at all, it returns the original cipher name with flag suffix Changed cli tests to generate decryptable and undecryptable file names with correct encrypted content. Replacing #474, extends #393
2020-05-19 13:34:58 +02:00
if err != nil {
t.Fatal(err)
}
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
// Case 2: File with invalid suffix in plain name but valid cipher file
nametransform: rename BadNameFlag to BadnameSuffix
2021-06-21 12:12:44 +02:00
file = mnt + "/" + validFileName + nametransform.BadnameSuffix
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
err = ioutil.WriteFile(file, []byte("Content Case 2."), 0600)
if err != nil {
t.Fatal(err)
}
// unmount...
test_helpers.UnmountPanic(mnt)
// ...and remount with -badname.
test_helpers.MountOrFatal(t, dir, mnt, "-badname=*valid*", "-extpass=echo test", "-wpanic=false")
defer test_helpers.UnmountPanic(mnt)
// Case 3 is impossible: only BadnameSuffix would mean the cipher name is valid
// Case 4: write invalid file which should be decodable
err = ioutil.WriteFile(dir+"/"+encryptedfilename+invalidSuffix, contentCipher[3], 0600)
if err != nil {
t.Fatal(err)
}
//Case 5: write invalid file which is not decodable (cropping the encrpyted file name)
err = ioutil.WriteFile(dir+"/"+encryptedfilename[:len(encryptedfilename)-2]+invalidSuffix, contentCipher[4], 0600)
if err != nil {
t.Fatal(err)
}
// Case 6: Multiple possible matches
// generate two files with invalid cipher names which can both match the badname pattern
err = ioutil.WriteFile(dir+"/mzaZRF9_0IU-_5vv2wPC"+invalidSuffix, contentCipher[5], 0600)
if err != nil {
t.Fatal(err)
}
err = ioutil.WriteFile(dir+"/mzaZRF9_0IU-_5vv2wP"+invalidSuffix, contentCipher[5], 0600)
if err != nil {
t.Fatal(err)
}
// Case 7: Non-Matching badname pattern
err = ioutil.WriteFile(dir+"/"+encryptedfilename+"wrongPattern", contentCipher[6], 0600)
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
if err != nil {
t.Fatal(err)
}
tests: TestBadname: simplify test by using empty files Simplify the tests by using empty files. Empty files are valid, and we don't check the content anyway. Also adjust comment style a little and add a missing break statement.
2020-06-06 12:50:39 +02:00
// check for filenames
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
f, err := os.Open(mnt)
if err != nil {
t.Fatal(err)
}
defer f.Close()
names, err := f.Readdirnames(0)
Added auto decryption of invalid file names Changed invalid file decoding and decryption. Function DecryptName now shortens the filename until the filename is decodable and decryptable. Will work with valid **and** invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-]. If the filename is not decryptable at all, it returns the original cipher name with flag suffix Changed cli tests to generate decryptable and undecryptable file names with correct encrypted content. Replacing #474, extends #393
2020-05-19 13:34:58 +02:00
if err != nil {
t.Fatal(err)
}
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
searchstrings := []string{
validFileName,
nametransform: rename BadNameFlag to BadnameSuffix
2021-06-21 12:12:44 +02:00
validFileName + nametransform.BadnameSuffix,
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
"",
nametransform: rename BadNameFlag to BadnameSuffix
2021-06-21 12:12:44 +02:00
validFileName + invalidSuffix + nametransform.BadnameSuffix,
encryptedfilename[:len(encryptedfilename)-2] + invalidSuffix + nametransform.BadnameSuffix,
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
"",
nametransform: rename BadNameFlag to BadnameSuffix
2021-06-21 12:12:44 +02:00
validFileName + "wrongPattern" + nametransform.BadnameSuffix}
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
results := []bool{false, false, true, false, false, true, true}
var filecontent string
var filebytes []byte
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
for _, name := range names {
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
if name == searchstrings[0] {
//Case 1: Test access
filebytes, err = ioutil.ReadFile(mnt + "/" + name)
if err != nil {
t.Fatal(err)
}
filecontent = string(filebytes)
if filecontent == "Content Case 1." {
results[0] = true
}
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
} else if name == searchstrings[1] {
//Case 2: Test Access
filebytes, err = ioutil.ReadFile(mnt + "/" + name)
if err != nil {
t.Fatal(err)
}
filecontent = string(filebytes)
if filecontent == "Content Case 2." {
results[1] = true
}
} else if name == searchstrings[3] {
//Case 4: Test Access
filebytes, err = ioutil.ReadFile(mnt + "/" + name)
if err != nil {
t.Fatal(err)
}
filecontent = string(filebytes)
if filecontent == "Content Case 4." {
results[3] = true
}
} else if name == searchstrings[4] {
//Case 5: Test Access
filebytes, err = ioutil.ReadFile(mnt + "/" + name)
if err != nil {
t.Fatal(err)
}
filecontent = string(filebytes)
if filecontent == "Content Case 5." {
results[4] = true
}
} else if name == searchstrings[6] {
//Case 7
results[6] = false
}
//Case 3 is always passed
//Case 6 is highly obscure:
//The last part of a valid cipher name must match the badname pattern AND
//the remaining cipher name must still be decryptable. Test case not programmable in a general case
Added auto decryption of invalid file names Changed invalid file decoding and decryption. Function DecryptName now shortens the filename until the filename is decodable and decryptable. Will work with valid **and** invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-]. If the filename is not decryptable at all, it returns the original cipher name with flag suffix Changed cli tests to generate decryptable and undecryptable file names with correct encrypted content. Replacing #474, extends #393
2020-05-19 13:34:58 +02:00
}
Badname file content access This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-17 08:11:33 +02:00
for i := 0; i < len(results); i++ {
if !results[i] {
t.Errorf("Case %d failed: '%s' in [%s]", i+1, searchstrings[i], strings.Join(names, ","))
}
Show undecryptable filenames if they match supplied glob Resolves https://github.com/rfjakob/gocryptfs/issues/393
2019-09-14 18:32:54 +02:00
}
}
main: accept multiple -passfile options Each file will be read and then concatenated for the effictive password. This can be used as a kind of multi-factor authenticiton. Fixes https://github.com/rfjakob/gocryptfs/issues/288
2020-05-17 19:31:04 +02:00
// TestPassfile tests the `-passfile` option
func TestPassfile(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
passfile1 := mnt + ".1.txt"
ioutil.WriteFile(passfile1, []byte("test"), 0600)
test_helpers.MountOrFatal(t, dir, mnt, "-passfile="+passfile1)
defer test_helpers.UnmountPanic(mnt)
}
// TestPassfileX2 tests that the `-passfile` option can be passed twice
func TestPassfileX2(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
passfile1 := mnt + ".1.txt"
passfile2 := mnt + ".2.txt"
ioutil.WriteFile(passfile1, []byte("te"), 0600)
ioutil.WriteFile(passfile2, []byte("st"), 0600)
test_helpers.MountOrFatal(t, dir, mnt, "-passfile="+passfile1, "-passfile="+passfile2)
defer test_helpers.UnmountPanic(mnt)
}
gocryptfs -init: fix wrong exit code on non-empty dir Fixes https://github.com/rfjakob/gocryptfs/pull/503
2020-09-06 11:35:25 +02:00
// TestInitNotEmpty checks that `gocryptfs -init` returns the right error code
// if CIPHERDIR is not empty. See https://github.com/rfjakob/gocryptfs/pull/503
func TestInitNotEmpty(t *testing.T) {
dir := test_helpers.TmpDir + "/" + t.Name()
if err := os.Mkdir(dir, 0700); err != nil {
t.Fatal(err)
}
if err := ioutil.WriteFile(dir+"/foo", nil, 0700); err != nil {
t.Fatal(err)
}
cmd := exec.Command(test_helpers.GocryptfsBinary, "-init", "-extpass", "echo test", dir)
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
err := cmd.Run()
exitCode := test_helpers.ExtractCmdExitCode(err)
if exitCode != exitcodes.CipherDir {
t.Fatalf("wrong exit code: have=%d, want=%d", exitCode, exitcodes.CipherDir)
}
}
v2api: -sharestorage: disable hard link tracking & add tests Hard link tracking was not correctly disabled since the migration to the go-fuse v2 api. Add a test to ensure it stays off. Fixes https://github.com/rfjakob/gocryptfs/issues/525
2021-03-07 17:22:29 +01:00
fusefrontend: -sharedstorage: present stable inode numbers Use the Gen field (inode generation) to distinguish hard links while passing the real inode numbers to userspace. Fixes https://github.com/rfjakob/gocryptfs/issues/584
2021-07-31 13:24:25 +02:00
// TestSharedstorage checks that `-sharedstorage` shows stable inode numbers to
// userpsace despite having hard link tracking disabled
v2api: -sharestorage: disable hard link tracking & add tests Hard link tracking was not correctly disabled since the migration to the go-fuse v2 api. Add a test to ensure it stays off. Fixes https://github.com/rfjakob/gocryptfs/issues/525
2021-03-07 17:22:29 +01:00
func TestSharedstorage(t *testing.T) {
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
test_helpers.MountOrFatal(t, dir, mnt, "-extpass=echo test", "-sharedstorage")
defer test_helpers.UnmountPanic(mnt)
foo1 := mnt + "/foo1"
foo2 := mnt + "/foo2"
if err := ioutil.WriteFile(foo1, nil, 0755); err != nil {
t.Fatal(err)
}
if err := os.Link(foo1, foo2); err != nil {
t.Fatal(err)
}
fusefrontend: -sharedstorage: present stable inode numbers Use the Gen field (inode generation) to distinguish hard links while passing the real inode numbers to userspace. Fixes https://github.com/rfjakob/gocryptfs/issues/584
2021-07-31 13:24:25 +02:00
var st1, st2 syscall.Stat_t
v2api: -sharestorage: disable hard link tracking & add tests Hard link tracking was not correctly disabled since the migration to the go-fuse v2 api. Add a test to ensure it stays off. Fixes https://github.com/rfjakob/gocryptfs/issues/525
2021-03-07 17:22:29 +01:00
if err := syscall.Stat(foo1, &st1); err != nil {
t.Fatal(err)
}
// The link show show a new inode number
if err := syscall.Stat(foo2, &st2); err != nil {
t.Fatal(err)
}
fusefrontend: -sharedstorage: present stable inode numbers Use the Gen field (inode generation) to distinguish hard links while passing the real inode numbers to userspace. Fixes https://github.com/rfjakob/gocryptfs/issues/584
2021-07-31 13:24:25 +02:00
if st1.Ino != st2.Ino {
t.Errorf("unstable inode number: changed from %d to %d", st1.Ino, st2.Ino)
v2api: -sharestorage: disable hard link tracking & add tests Hard link tracking was not correctly disabled since the migration to the go-fuse v2 api. Add a test to ensure it stays off. Fixes https://github.com/rfjakob/gocryptfs/issues/525
2021-03-07 17:22:29 +01:00
}
// Check that we we don't have stat caching. New length should show up
// on the hard link immediately.
if err := ioutil.WriteFile(foo1, []byte("xxxxxx"), 0755); err != nil {
t.Fatal(err)
}
if err := syscall.Stat(foo2, &st2); err != nil {
t.Fatal(err)
}
if st2.Size != 6 {
t.Fatal(st2.Size)
}
}
tests: add TestDiskFull Also fix incomplete uid restoration in TestSupplementaryGroups and replace syscall.Setregid and friends with unix.Setregid and friends. This test is added to check if have problems handling a full disk. The ticket https://github.com/rfjakob/gocryptfs/issues/550 states that the full disk was not where the backing gocryptfs filesystem was, but this has no effect on gocryptfs, so we test the harder case.
2021-03-12 19:25:25 +01:00
// Test that the filesystem is immediately ready for Creat() after mount returns
func TestMountCreat(t *testing.T) {
const concurrency = 2
const repeat = 2
dir := test_helpers.InitFS(t)
mnt := dir + ".mnt"
for j := 0; j < repeat; j++ {
test_helpers.MountOrFatal(t, dir, mnt, "-extpass=echo test")
var wg sync.WaitGroup
wg.Add(concurrency)
for i := 0; i < concurrency; i++ {
go func(i int) {
path := fmt.Sprintf("%s/%d", mnt, i)
fd, err := syscall.Creat(path, 0600)
syscall.Close(fd)
if err != nil {
t.Errorf("Creat %q: %v", path, err)
}
wg.Done()
}(i)
}
wg.Wait()
test_helpers.UnmountPanic(mnt)
}
}