v2api/reverse: add missing decryptPath call openBackingDir

internal/fusefrontend_reverse/node.go

@@ -21,14 +21,14 @@ type Node struct {
 // Lookup - FUSE call for discovering a file.
 // TODO handle virtual files
 func (n *Node) Lookup(ctx context.Context, name string, out *fuse.EntryOut) (ch *fs.Inode, errno syscall.Errno) {
-	dirfd, cName, errno := n.prepareAtSyscall(name)
+	dirfd, pName, errno := n.prepareAtSyscall(name)
 	if errno != 0 {
 		return
 	}
 	defer syscall.Close(dirfd)
 
 	// Get device number and inode number into `st`
-	st, err := syscallcompat.Fstatat2(dirfd, cName, unix.AT_SYMLINK_NOFOLLOW)
+	st, err := syscallcompat.Fstatat2(dirfd, pName, unix.AT_SYMLINK_NOFOLLOW)
 	if err != nil {
 		return nil, fs.ToErrno(err)
 	}
@@ -37,7 +37,7 @@ func (n *Node) Lookup(ctx context.Context, name string, out *fuse.EntryOut) (ch
 	ch = n.newChild(ctx, st, out)
 
 	// Translate ciphertext size in `out.Attr.Size` to plaintext size
-	n.translateSize(dirfd, cName, &out.Attr)
+	n.translateSize(dirfd, pName, &out.Attr)
 
 	return ch, 0
 }
@@ -51,13 +51,13 @@ func (n *Node) Getattr(ctx context.Context, f fs.FileHandle, out *fuse.AttrOut)
 		return f.(fs.FileGetattrer).Getattr(ctx, out)
 	}
 
-	dirfd, cName, errno := n.prepareAtSyscall("")
+	dirfd, pName, errno := n.prepareAtSyscall("")
 	if errno != 0 {
 		return
 	}
 	defer syscall.Close(dirfd)
 
-	st, err := syscallcompat.Fstatat2(dirfd, cName, unix.AT_SYMLINK_NOFOLLOW)
+	st, err := syscallcompat.Fstatat2(dirfd, pName, unix.AT_SYMLINK_NOFOLLOW)
 	if err != nil {
 		return fs.ToErrno(err)
 	}
@@ -68,7 +68,7 @@ func (n *Node) Getattr(ctx context.Context, f fs.FileHandle, out *fuse.AttrOut)
 	out.Attr.FromStat(st)
 
 	// Translate ciphertext size in `out.Attr.Size` to plaintext size
-	n.translateSize(dirfd, cName, &out.Attr)
+	n.translateSize(dirfd, pName, &out.Attr)
 
 	if rn.args.ForceOwner != nil {
 		out.Owner = *rn.args.ForceOwner

internal/fusefrontend_reverse/rpath.go

@@ -64,11 +64,11 @@ func (rfs *RootNode) rDecryptName(cName string, dirIV []byte, pDir string) (pNam
 
 // decryptPath decrypts a relative ciphertext path to a relative plaintext
 // path.
-func (rn *RootNode) decryptPath(relPath string) (string, error) {
+func (rn *RootNode) decryptPath(cPath string) (string, error) {
-	if rn.args.PlaintextNames || relPath == "" {
+	if rn.args.PlaintextNames || cPath == "" {
-		return relPath, nil
+		return cPath, nil
 	}
-	parts := strings.Split(relPath, "/")
+	parts := strings.Split(cPath, "/")
 	var transformedParts []string
 	for i := range parts {
 		// Start at the top and recurse
@@ -90,12 +90,20 @@ func (rn *RootNode) decryptPath(relPath string) (string, error) {
 // and returns the fd to the directory and the decrypted name of the
 // target file. The fd/name pair is intended for use with fchownat and
 // friends.
-func (rn *RootNode) openBackingDir(pRelPath string) (dirfd int, pName string, err error) {
+func (rn *RootNode) openBackingDir(cPath string) (dirfd int, pName string, err error) {
+	defer func() {
+		tlog.Debug.Printf("openBackingDir %q -> %d %q %v\n", cPath, dirfd, pName, err)
+	}()
+	dirfd = -1
+	pRelPath, err := rn.decryptPath(cPath)
+	if err != nil {
+		return
+	}
 	// Open directory, safe against symlink races
 	pDir := filepath.Dir(pRelPath)
 	dirfd, err = syscallcompat.OpenDirNofollow(rn.args.Cipherdir, pDir)
 	if err != nil {
-		return -1, "", err
+		return
 	}
 	pName = filepath.Base(pRelPath)
 	return dirfd, pName, nil