fusefrontend_reverse: fix 176-byte names
A file with a name of exactly 176 bytes length caused this error: ls: cannot access ./tmp/dsg/sXSGJLTuZuW1FarwIkJs0w/b6mGjdxIRpaeanTo0rbh0A/QjMRrQZC_4WLhmHI1UOBcA/gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY: No such file or directory ls: cannot access ./tmp/dsg/sXSGJLTuZuW1FarwIkJs0w/b6mGjdxIRpaeanTo0rbh0A/QjMRrQZC_4WLhmHI1UOBcA/gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY.name: No such file or directory -????????? ? ? ? ? ? gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY -????????? ? ? ? ? ? gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY.name Root cause was a wrong shortNameMax constant that failed to account for the obligatory padding byte. Fix the constant and also expand the TestLongnameStat test case to test ALL file name lengths from 1-255 bytes. Fixes https://github.com/rfjakob/gocryptfs/issues/143 .
This commit is contained in:
parent
0072a96f20
commit
4da245c69d
@ -17,7 +17,14 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
shortNameMax = 176
|
// File names are padded to 16-byte multiples, encrypted and
|
||||||
|
// base64-encoded. We can encode at most 176 bytes to stay below the 255
|
||||||
|
// bytes limit:
|
||||||
|
// * base64(176 bytes) = 235 bytes
|
||||||
|
// * base64(192 bytes) = 256 bytes (over 255!)
|
||||||
|
// But the PKCS#7 padding is at least one byte. This means we can only use
|
||||||
|
// 175 bytes for the file name.
|
||||||
|
shortNameMax = 175
|
||||||
)
|
)
|
||||||
|
|
||||||
var longnameParentCache map[string]string
|
var longnameParentCache map[string]string
|
||||||
@ -57,6 +64,7 @@ func (rfs *ReverseFS) findLongnameParent(dir string, dirIV []byte, longname stri
|
|||||||
}
|
}
|
||||||
dirEntries, err := dirfd.Readdirnames(-1)
|
dirEntries, err := dirfd.Readdirnames(-1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
tlog.Warn.Printf("findLongnameParent: Readdirnames failed: %v\n", err)
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
longnameCacheLock.Lock()
|
longnameCacheLock.Lock()
|
||||||
@ -78,7 +86,6 @@ func (rfs *ReverseFS) findLongnameParent(dir string, dirIV []byte, longname stri
|
|||||||
if hit == "" {
|
if hit == "" {
|
||||||
return "", syscall.ENOENT
|
return "", syscall.ENOENT
|
||||||
}
|
}
|
||||||
|
|
||||||
return hit, nil
|
return hit, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -254,6 +254,8 @@ func TestExampleFSv13(t *testing.T) {
|
|||||||
// gocryptfs v1.3 introduced HKDF.
|
// gocryptfs v1.3 introduced HKDF.
|
||||||
// We check the md5 sum of the encrypted version of a file to make sure we don't
|
// We check the md5 sum of the encrypted version of a file to make sure we don't
|
||||||
// accidentially change the ciphertext generation.
|
// accidentially change the ciphertext generation.
|
||||||
|
// Create a full crypto round-trip by mounting two times:
|
||||||
|
// dirA -> reverse mount -> dirB -> forward mount -> dirC
|
||||||
func TestExampleFSv13reverse(t *testing.T) {
|
func TestExampleFSv13reverse(t *testing.T) {
|
||||||
// Prepare directories
|
// Prepare directories
|
||||||
dirA := "v1.3-reverse"
|
dirA := "v1.3-reverse"
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
package reverse_test
|
package reverse_test
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"os"
|
"os"
|
||||||
"syscall"
|
"syscall"
|
||||||
@ -10,25 +11,26 @@ import (
|
|||||||
"github.com/rfjakob/gocryptfs/tests/test_helpers"
|
"github.com/rfjakob/gocryptfs/tests/test_helpers"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// TestLongnameStat checks that file names of all sizes (1 to 255) show up in
|
||||||
|
// the decrypted reverse view (dirC, mounted in TestMain).
|
||||||
func TestLongnameStat(t *testing.T) {
|
func TestLongnameStat(t *testing.T) {
|
||||||
fd, err := os.Create(dirA + "/" + x240)
|
for i := 1; i <= 255; i++ {
|
||||||
if err != nil {
|
name := string(bytes.Repeat([]byte("x"), i))
|
||||||
t.Fatal(err)
|
fd, err := os.Create(dirA + "/" + name)
|
||||||
}
|
|
||||||
path := dirC + "/" + x240
|
|
||||||
if !test_helpers.VerifyExistence(path) {
|
|
||||||
t.Fail()
|
|
||||||
}
|
|
||||||
test_helpers.VerifySize(t, path, 0)
|
|
||||||
_, err = fd.Write(make([]byte, 10))
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
fd.Close()
|
fd.Close()
|
||||||
/*
|
path := dirC + "/" + name
|
||||||
time.Sleep(1000 * time.Millisecond)
|
if !test_helpers.VerifyExistence(path) {
|
||||||
test_helpers.VerifySize(t, path, 10)
|
t.Fail()
|
||||||
*/
|
}
|
||||||
|
test_helpers.VerifySize(t, path, 0)
|
||||||
|
// A large number of longname files is a performance problem in
|
||||||
|
// reverse mode. Delete the file once we are done with it to speed up
|
||||||
|
// the test (2 seconds -> 0.2 seconds)
|
||||||
|
syscall.Unlink(dirA + "/" + name)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestSymlinks(t *testing.T) {
|
func TestSymlinks(t *testing.T) {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user