2016-02-06 22:54:14 +01:00
|
|
|
package nametransform
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/sha256"
|
2017-05-23 20:46:24 +02:00
|
|
|
"fmt"
|
|
|
|
"io"
|
2016-04-10 19:32:10 +02:00
|
|
|
"os"
|
2016-02-07 14:02:09 +01:00
|
|
|
"path/filepath"
|
2016-02-06 22:54:14 +01:00
|
|
|
"strings"
|
2016-02-07 14:02:09 +01:00
|
|
|
"syscall"
|
2016-02-06 22:54:14 +01:00
|
|
|
|
2016-07-03 20:17:40 +02:00
|
|
|
"github.com/rfjakob/gocryptfs/internal/syscallcompat"
|
2016-06-15 23:30:44 +02:00
|
|
|
"github.com/rfjakob/gocryptfs/internal/tlog"
|
2016-02-06 22:54:14 +01:00
|
|
|
)
|
|
|
|
|
2016-04-10 19:32:10 +02:00
|
|
|
const (
|
2016-10-02 06:14:18 +02:00
|
|
|
// LongNameSuffix is the suffix used for files with long names.
|
2016-04-10 19:32:10 +02:00
|
|
|
// Files with long names are stored in two files:
|
|
|
|
// gocryptfs.longname.[sha256] <--- File content, prefix = gocryptfs.longname.
|
|
|
|
// gocryptfs.longname.[sha256].name <--- File name, suffix = .name
|
|
|
|
LongNameSuffix = ".name"
|
|
|
|
longNamePrefix = "gocryptfs.longname."
|
|
|
|
)
|
2016-02-06 22:54:14 +01:00
|
|
|
|
|
|
|
// HashLongName - take the hash of a long string "name" and return
|
|
|
|
// "gocryptfs.longname.[sha256]"
|
2018-11-04 21:29:17 +01:00
|
|
|
//
|
|
|
|
// This function does not do any I/O.
|
2017-03-05 22:25:41 +01:00
|
|
|
func (n *NameTransform) HashLongName(name string) string {
|
2016-02-06 22:54:14 +01:00
|
|
|
hashBin := sha256.Sum256([]byte(name))
|
2017-03-05 22:59:25 +01:00
|
|
|
hashBase64 := n.B64.EncodeToString(hashBin[:])
|
2016-02-06 22:54:14 +01:00
|
|
|
return longNamePrefix + hashBase64
|
|
|
|
}
|
|
|
|
|
2016-04-10 12:36:43 +02:00
|
|
|
// Values returned by IsLongName
|
|
|
|
const (
|
2016-10-02 06:14:18 +02:00
|
|
|
// LongNameContent is the file that stores the file content.
|
2016-09-22 23:28:11 +02:00
|
|
|
// Example: gocryptfs.longname.URrM8kgxTKYMgCk4hKk7RO9Lcfr30XQof4L_5bD9Iro=
|
|
|
|
LongNameContent = iota
|
2016-10-02 06:14:18 +02:00
|
|
|
// LongNameFilename is the file that stores the full encrypted filename.
|
2016-09-22 23:28:11 +02:00
|
|
|
// Example: gocryptfs.longname.URrM8kgxTKYMgCk4hKk7RO9Lcfr30XQof4L_5bD9Iro=.name
|
2016-04-10 12:36:43 +02:00
|
|
|
LongNameFilename = iota
|
2016-10-02 06:14:18 +02:00
|
|
|
// LongNameNone is used when the file does not have a long name.
|
2016-09-22 23:28:11 +02:00
|
|
|
// Example: i1bpTaVLZq7sRNA9mL_2Ig==
|
|
|
|
LongNameNone = iota
|
2016-04-10 12:36:43 +02:00
|
|
|
)
|
|
|
|
|
2016-04-10 19:32:10 +02:00
|
|
|
// NameType - detect if cName is
|
2016-04-10 12:36:43 +02:00
|
|
|
// gocryptfs.longname.[sha256] ........ LongNameContent (content of a long name file)
|
|
|
|
// gocryptfs.longname.[sha256].name .... LongNameFilename (full file name of a long name file)
|
|
|
|
// else ................................ LongNameNone (normal file)
|
2018-11-04 21:29:17 +01:00
|
|
|
//
|
|
|
|
// This function does not do any I/O.
|
2016-04-10 19:32:10 +02:00
|
|
|
func NameType(cName string) int {
|
2016-02-06 22:54:14 +01:00
|
|
|
if !strings.HasPrefix(cName, longNamePrefix) {
|
2016-04-10 12:36:43 +02:00
|
|
|
return LongNameNone
|
2016-02-06 22:54:14 +01:00
|
|
|
}
|
2016-04-10 19:32:10 +02:00
|
|
|
if strings.HasSuffix(cName, LongNameSuffix) {
|
2016-04-10 12:36:43 +02:00
|
|
|
return LongNameFilename
|
2016-02-06 22:54:14 +01:00
|
|
|
}
|
2016-04-10 12:36:43 +02:00
|
|
|
return LongNameContent
|
2016-02-06 22:54:14 +01:00
|
|
|
}
|
|
|
|
|
2016-11-28 23:09:47 +01:00
|
|
|
// IsLongContent returns true if "cName" is the content store of a long name
|
|
|
|
// file (looks like "gocryptfs.longname.[sha256]").
|
2018-11-04 21:29:17 +01:00
|
|
|
//
|
|
|
|
// This function does not do any I/O.
|
2016-04-10 19:32:10 +02:00
|
|
|
func IsLongContent(cName string) bool {
|
|
|
|
return NameType(cName) == LongNameContent
|
|
|
|
}
|
|
|
|
|
2018-11-04 21:29:17 +01:00
|
|
|
// ReadLongName - read cName + ".name" from the directory opened as dirfd.
|
|
|
|
//
|
|
|
|
// Symlink-safe through Openat().
|
2018-10-01 21:28:54 +02:00
|
|
|
func ReadLongNameAt(dirfd int, cName string) (string, error) {
|
|
|
|
cName += LongNameSuffix
|
2019-01-02 00:07:20 +01:00
|
|
|
var f *os.File
|
|
|
|
{
|
2019-01-03 17:51:23 +01:00
|
|
|
fd, err := syscallcompat.Openat(dirfd, cName, syscall.O_RDONLY|syscall.O_NOFOLLOW, 0)
|
2019-01-02 00:07:20 +01:00
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
f = os.NewFile(uintptr(fd), "")
|
|
|
|
// fd runs out of scope here
|
2016-02-06 22:54:14 +01:00
|
|
|
}
|
2019-01-02 00:07:20 +01:00
|
|
|
defer f.Close()
|
2017-05-23 20:46:24 +02:00
|
|
|
// 256 (=255 padded to 16) bytes base64-encoded take 344 bytes: "AAAAAAA...AAA=="
|
|
|
|
lim := 344
|
|
|
|
// Allocate a bigger buffer so we see whether the file is too big
|
|
|
|
buf := make([]byte, lim+1)
|
2019-01-02 00:07:20 +01:00
|
|
|
n, err := f.ReadAt(buf, 0)
|
2017-05-23 20:46:24 +02:00
|
|
|
if err != nil && err != io.EOF {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
if n == 0 {
|
|
|
|
return "", fmt.Errorf("ReadLongName: empty file")
|
|
|
|
}
|
|
|
|
if n > lim {
|
|
|
|
return "", fmt.Errorf("ReadLongName: size=%d > limit=%d", n, lim)
|
|
|
|
}
|
|
|
|
return string(buf[0:n]), nil
|
2016-02-06 22:54:14 +01:00
|
|
|
}
|
|
|
|
|
2019-01-03 21:08:49 +01:00
|
|
|
// DeleteLongName deletes "hashName.name" in the directory opened at "dirfd".
|
2018-10-01 21:28:54 +02:00
|
|
|
//
|
|
|
|
// This function is symlink-safe through the use of Unlinkat().
|
2018-11-04 22:05:38 +01:00
|
|
|
func DeleteLongNameAt(dirfd int, hashName string) error {
|
2018-09-22 20:10:34 +02:00
|
|
|
err := syscallcompat.Unlinkat(dirfd, hashName+LongNameSuffix, 0)
|
2016-04-10 19:32:10 +02:00
|
|
|
if err != nil {
|
2016-06-15 23:30:44 +02:00
|
|
|
tlog.Warn.Printf("DeleteLongName: %v", err)
|
2016-02-06 22:54:14 +01:00
|
|
|
}
|
2016-04-10 19:32:10 +02:00
|
|
|
return err
|
2016-02-07 14:02:09 +01:00
|
|
|
}
|
2016-02-06 22:54:14 +01:00
|
|
|
|
2016-04-10 19:32:10 +02:00
|
|
|
// WriteLongName encrypts plainName and writes it into "hashName.name".
|
|
|
|
// For the convenience of the caller, plainName may also be a path and will be
|
2018-10-01 21:28:54 +02:00
|
|
|
// Base()named internally.
|
|
|
|
//
|
|
|
|
// This function is symlink-safe through the use of Openat().
|
2018-11-04 22:05:38 +01:00
|
|
|
func (n *NameTransform) WriteLongNameAt(dirfd int, hashName string, plainName string) (err error) {
|
2016-04-10 19:32:10 +02:00
|
|
|
plainName = filepath.Base(plainName)
|
|
|
|
|
|
|
|
// Encrypt the basename
|
|
|
|
dirIV, err := ReadDirIVAt(dirfd)
|
2016-02-06 22:54:14 +01:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
cName := n.EncryptName(plainName, dirIV)
|
2016-04-10 19:32:10 +02:00
|
|
|
|
|
|
|
// Write the encrypted name into hashName.name
|
2018-09-22 20:10:34 +02:00
|
|
|
fdRaw, err := syscallcompat.Openat(dirfd, hashName+LongNameSuffix,
|
2016-04-10 19:32:10 +02:00
|
|
|
syscall.O_WRONLY|syscall.O_CREAT|syscall.O_EXCL, 0600)
|
|
|
|
if err != nil {
|
2017-11-25 01:56:56 +01:00
|
|
|
// Don't warn if the file already exists - this is allowed for renames
|
|
|
|
// and should be handled by the caller.
|
|
|
|
if err != syscall.EEXIST {
|
|
|
|
tlog.Warn.Printf("WriteLongName: Openat: %v", err)
|
|
|
|
}
|
2016-04-10 19:32:10 +02:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
fd := os.NewFile(uintptr(fdRaw), hashName+LongNameSuffix)
|
|
|
|
_, err = fd.Write([]byte(cName))
|
2016-02-06 22:54:14 +01:00
|
|
|
if err != nil {
|
2018-12-29 23:55:50 +01:00
|
|
|
fd.Close()
|
2016-06-15 23:30:44 +02:00
|
|
|
tlog.Warn.Printf("WriteLongName: Write: %v", err)
|
2018-12-29 23:55:50 +01:00
|
|
|
// Delete incomplete longname file
|
|
|
|
syscallcompat.Unlinkat(dirfd, hashName+LongNameSuffix, 0)
|
|
|
|
return err
|
2016-02-06 22:54:14 +01:00
|
|
|
}
|
2018-12-29 23:55:50 +01:00
|
|
|
err = fd.Close()
|
|
|
|
if err != nil {
|
|
|
|
tlog.Warn.Printf("WriteLongName: Close: %v", err)
|
|
|
|
// Delete incomplete longname file
|
|
|
|
syscallcompat.Unlinkat(dirfd, hashName+LongNameSuffix, 0)
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
2016-02-06 22:54:14 +01:00
|
|
|
}
|