libgocryptfs/internal/fusefrontend/names.go

package fusefrontend

// This file forwards file encryption operations to cryptfs

import (
	"os"
	"path/filepath"

	"github.com/rfjakob/gocryptfs/internal/configfile"
	"github.com/rfjakob/gocryptfs/internal/tlog"
)

// isFiltered - check if plaintext "path" should be forbidden
//
// Prevents name clashes with internal files when file names are not encrypted
func (fs *FS) isFiltered(path string) bool {
	if !fs.args.PlaintextNames {
		return false
	}
	// gocryptfs.conf in the root directory is forbidden
	if path == configfile.ConfDefaultName {
		tlog.Info.Printf("The name /%s is reserved when -plaintextnames is used\n",
			configfile.ConfDefaultName)
		return true
	}
	// Note: gocryptfs.diriv is NOT forbidden because diriv and plaintextnames
	// are exclusive
	return false
}

// GetBackingPath - get the absolute encrypted path of the backing file
// from the relative plaintext path "relPath"
func (fs *FS) getBackingPath(relPath string) (string, error) {
	cPath, err := fs.encryptPath(relPath)
	if err != nil {
		return "", err
	}
	cAbsPath := filepath.Join(fs.args.Cipherdir, cPath)
	tlog.Debug.Printf("getBackingPath: %s + %s -> %s", fs.args.Cipherdir, relPath, cAbsPath)
	return cAbsPath, nil
}

// openBackingPath - get the absolute encrypted path of the backing file
// and open the corresponding directory
func (fs *FS) openBackingPath(relPath string) (*os.File, string, error) {
	cPath, err := fs.getBackingPath(relPath)
	if err != nil {
		return nil, "", err
	}
	dirfd, err := os.Open(filepath.Dir(cPath))
	if err != nil {
		return nil, "", err
	}
	return dirfd, filepath.Base(cPath), nil
}

// encryptPath - encrypt relative plaintext path
func (fs *FS) encryptPath(plainPath string) (string, error) {
	if fs.args.PlaintextNames {
		return plainPath, nil
	}
	fs.dirIVLock.RLock()
	cPath, err := fs.nameTransform.EncryptPathDirIV(plainPath, fs.args.Cipherdir)
	tlog.Debug.Printf("encryptPath '%s' -> '%s' (err: %v)", plainPath, cPath, err)
	fs.dirIVLock.RUnlock()
	return cPath, err
}
Move pathfs_frontend to internal/fusefrontend "git status" for reference: renamed: pathfs_frontend/args.go -> internal/fusefrontend/args.go renamed: pathfs_frontend/compat_darwin.go -> internal/fusefrontend/compat_darwin.go renamed: pathfs_frontend/compat_linux.go -> internal/fusefrontend/compat_linux.go renamed: pathfs_frontend/file.go -> internal/fusefrontend/file.go renamed: pathfs_frontend/file_holes.go -> internal/fusefrontend/file_holes.go renamed: pathfs_frontend/fs.go -> internal/fusefrontend/fs.go renamed: pathfs_frontend/fs_dir.go -> internal/fusefrontend/fs_dir.go renamed: pathfs_frontend/names.go -> internal/fusefrontend/names.go renamed: pathfs_frontend/write_lock.go -> internal/fusefrontend/write_lock.go modified: main.go 2016-02-06 19:27:59 +01:00			`package fusefrontend`
diriv: Convert filename encryption users to diriv 2015-11-27 00:03:10 +01:00
diriv: use "DirIV" flag to discern and support mounting old filesystems 2015-11-27 23:34:55 +01:00			`// This file forwards file encryption operations to cryptfs`

			`import (`
fusefrontend: Introduce a openBackingPath helper and use it to simplify Mknod and Symlink 2017-11-28 01:11:19 +01:00			`"os"`
longnames part I: Create and OpenDir work with long filenames > 176 bytes Todo: Rename, Unlink, Rmdir, Mknod, Mkdir 2016-02-06 22:54:14 +01:00			`"path/filepath"`

Major refactoring: Split up "cryptfs" into several internal packages "git status" for reference: deleted: cryptfs/cryptfs.go deleted: cryptfs/names_core.go modified: integration_tests/cli_test.go modified: integration_tests/helpers.go renamed: cryptfs/config_file.go -> internal/configfile/config_file.go renamed: cryptfs/config_test.go -> internal/configfile/config_test.go renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf renamed: cryptfs/kdf.go -> internal/configfile/kdf.go renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go new file: internal/contentenc/content_api.go renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go new file: internal/cryptocore/crypto_api.go renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go new file: internal/nametransform/name_api.go new file: internal/nametransform/names_core.go renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go new file: internal/nametransform/pad16.go renamed: cryptfs/log.go -> internal/toggledlog/log.go renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go modified: main.go modified: masterkey.go modified: pathfs_frontend/file.go modified: pathfs_frontend/file_holes.go modified: pathfs_frontend/fs.go modified: pathfs_frontend/fs_dir.go modified: pathfs_frontend/names.go modified: test.bash 2016-02-06 19:20:54 +01:00			`"github.com/rfjakob/gocryptfs/internal/configfile"`
Rename internal "toggledlog" package to "tlog" tlog is used heavily everywhere and deserves a shorter name. Renamed using sed magic, without any manual rework: find * -type f -exec sed -i 's/toggledlog/tlog/g' {} + 2016-06-15 23:30:44 +02:00			`"github.com/rfjakob/gocryptfs/internal/tlog"`
diriv: use "DirIV" flag to discern and support mounting old filesystems 2015-11-27 23:34:55 +01:00			`)`
diriv: Convert filename encryption users to diriv 2015-11-27 00:03:10 +01:00
Add EME filename encryption & enable it by default 2015-12-08 16:13:29 +01:00			`// isFiltered - check if plaintext "path" should be forbidden`
			`//`
			`// Prevents name clashes with internal files when file names are not encrypted`
			`func (fs *FS) isFiltered(path string) bool {`
			`if !fs.args.PlaintextNames {`
			`return false`
			`}`
			`// gocryptfs.conf in the root directory is forbidden`
Major refactoring: Split up "cryptfs" into several internal packages "git status" for reference: deleted: cryptfs/cryptfs.go deleted: cryptfs/names_core.go modified: integration_tests/cli_test.go modified: integration_tests/helpers.go renamed: cryptfs/config_file.go -> internal/configfile/config_file.go renamed: cryptfs/config_test.go -> internal/configfile/config_test.go renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf renamed: cryptfs/kdf.go -> internal/configfile/kdf.go renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go new file: internal/contentenc/content_api.go renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go new file: internal/cryptocore/crypto_api.go renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go new file: internal/nametransform/name_api.go new file: internal/nametransform/names_core.go renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go new file: internal/nametransform/pad16.go renamed: cryptfs/log.go -> internal/toggledlog/log.go renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go modified: main.go modified: masterkey.go modified: pathfs_frontend/file.go modified: pathfs_frontend/file_holes.go modified: pathfs_frontend/fs.go modified: pathfs_frontend/fs_dir.go modified: pathfs_frontend/names.go modified: test.bash 2016-02-06 19:20:54 +01:00			`if path == configfile.ConfDefaultName {`
Rename internal "toggledlog" package to "tlog" tlog is used heavily everywhere and deserves a shorter name. Renamed using sed magic, without any manual rework: find * -type f -exec sed -i 's/toggledlog/tlog/g' {} + 2016-06-15 23:30:44 +02:00			`tlog.Info.Printf("The name /%s is reserved when -plaintextnames is used\n",`
Major refactoring: Split up "cryptfs" into several internal packages "git status" for reference: deleted: cryptfs/cryptfs.go deleted: cryptfs/names_core.go modified: integration_tests/cli_test.go modified: integration_tests/helpers.go renamed: cryptfs/config_file.go -> internal/configfile/config_file.go renamed: cryptfs/config_test.go -> internal/configfile/config_test.go renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf renamed: cryptfs/kdf.go -> internal/configfile/kdf.go renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go new file: internal/contentenc/content_api.go renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go new file: internal/cryptocore/crypto_api.go renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go new file: internal/nametransform/name_api.go new file: internal/nametransform/names_core.go renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go new file: internal/nametransform/pad16.go renamed: cryptfs/log.go -> internal/toggledlog/log.go renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go modified: main.go modified: masterkey.go modified: pathfs_frontend/file.go modified: pathfs_frontend/file_holes.go modified: pathfs_frontend/fs.go modified: pathfs_frontend/fs_dir.go modified: pathfs_frontend/names.go modified: test.bash 2016-02-06 19:20:54 +01:00			`configfile.ConfDefaultName)`
Add EME filename encryption & enable it by default 2015-12-08 16:13:29 +01:00			`return true`
			`}`
			`// Note: gocryptfs.diriv is NOT forbidden because diriv and plaintextnames`
			`// are exclusive`
			`return false`
			`}`

longnames part I: Create and OpenDir work with long filenames > 176 bytes Todo: Rename, Unlink, Rmdir, Mknod, Mkdir 2016-02-06 22:54:14 +01:00			`// GetBackingPath - get the absolute encrypted path of the backing file`
			`// from the relative plaintext path "relPath"`
			`func (fs *FS) getBackingPath(relPath string) (string, error) {`
			`cPath, err := fs.encryptPath(relPath)`
			`if err != nil {`
			`return "", err`
			`}`
			`cAbsPath := filepath.Join(fs.args.Cipherdir, cPath)`
Rename internal "toggledlog" package to "tlog" tlog is used heavily everywhere and deserves a shorter name. Renamed using sed magic, without any manual rework: find * -type f -exec sed -i 's/toggledlog/tlog/g' {} + 2016-06-15 23:30:44 +02:00			`tlog.Debug.Printf("getBackingPath: %s + %s -> %s", fs.args.Cipherdir, relPath, cAbsPath)`
longnames part I: Create and OpenDir work with long filenames > 176 bytes Todo: Rename, Unlink, Rmdir, Mknod, Mkdir 2016-02-06 22:54:14 +01:00			`return cAbsPath, nil`
			`}`

fusefrontend: Introduce a openBackingPath helper and use it to simplify Mknod and Symlink 2017-11-28 01:11:19 +01:00			`// openBackingPath - get the absolute encrypted path of the backing file`
			`// and open the corresponding directory`
			`func (fs FS) openBackingPath(relPath string) (os.File, string, error) {`
			`cPath, err := fs.getBackingPath(relPath)`
			`if err != nil {`
			`return nil, "", err`
			`}`
			`dirfd, err := os.Open(filepath.Dir(cPath))`
			`if err != nil {`
			`return nil, "", err`
			`}`
			`return dirfd, filepath.Base(cPath), nil`
			`}`

Add EME filename encryption & enable it by default 2015-12-08 16:13:29 +01:00			`// encryptPath - encrypt relative plaintext path`
diriv: Convert filename encryption users to diriv 2015-11-27 00:03:10 +01:00			`func (fs *FS) encryptPath(plainPath string) (string, error) {`
Add EME filename encryption & enable it by default 2015-12-08 16:13:29 +01:00			`if fs.args.PlaintextNames {`
			`return plainPath, nil`
			`}`
diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, Rmdir 2015-11-27 21:48:58 +01:00			`fs.dirIVLock.RLock()`
longnames part I: Create and OpenDir work with long filenames > 176 bytes Todo: Rename, Unlink, Rmdir, Mknod, Mkdir 2016-02-06 22:54:14 +01:00			`cPath, err := fs.nameTransform.EncryptPathDirIV(plainPath, fs.args.Cipherdir)`
Rename internal "toggledlog" package to "tlog" tlog is used heavily everywhere and deserves a shorter name. Renamed using sed magic, without any manual rework: find * -type f -exec sed -i 's/toggledlog/tlog/g' {} + 2016-06-15 23:30:44 +02:00			`tlog.Debug.Printf("encryptPath '%s' -> '%s' (err: %v)", plainPath, cPath, err)`
longnames part I: Create and OpenDir work with long filenames > 176 bytes Todo: Rename, Unlink, Rmdir, Mknod, Mkdir 2016-02-06 22:54:14 +01:00			`fs.dirIVLock.RUnlock()`
			`return cPath, err`
diriv: Convert filename encryption users to diriv 2015-11-27 00:03:10 +01:00			`}`