From 6b94f5ef51c92f471919e7542a0ce45b0859282f Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Fri, 4 Jan 2019 17:59:00 +0100 Subject: [PATCH] reverse mode: -exclude: filter out excluded .name files Fixes https://github.com/rfjakob/gocryptfs/issues/286 : While the actual file is properly excluded, the * .name file is still leaked in the directory listing: ``` drwxr-xr-x 2 sebastian sebastian 4,0K Dez 17 14:58 . drwxr-xr-x 7 sebastian sebastian 4,0K Dez 17 14:45 .. -r-------- 1 sebastian sebastian 408 Dez 17 14:56 gocryptfs.conf -r--r--r-- 1 sebastian sebastian 16 Dez 17 14:58 gocryptfs.diriv -r--r--r-- 1 sebastian sebastian 320 Dez 17 14:58 gocryptfs.longname.3vZ_r3eDPb1_fL3j5VA4rd_bcKWLKT9eaxOVIGK5HFA.name ``` --- internal/fusefrontend_reverse/rfs.go | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go index 50d995c..69cedb1 100644 --- a/internal/fusefrontend_reverse/rfs.go +++ b/internal/fusefrontend_reverse/rfs.go @@ -74,6 +74,15 @@ func NewFS(args fusefrontend.Args, c *contentenc.ContentEnc, n *nametransform.Na os.Exit(exitcodes.ExcludeError) } fs.cExclude = append(fs.cExclude, cPath) + if !fs.args.PlaintextNames { + // If we exclude + // gocryptfs.longname.3vZ_r3eDPb1_fL3j5VA4rd_bcKWLKT9eaxOVIGK5HFA + // we should also exclude + // gocryptfs.longname.3vZ_r3eDPb1_fL3j5VA4rd_bcKWLKT9eaxOVIGK5HFA.name + if nametransform.IsLongContent(filepath.Base(cPath)) { + fs.cExclude = append(fs.cExclude, cPath+nametransform.LongNameSuffix) + } + } } tlog.Debug.Printf("-exclude: %v -> %v", fs.args.Exclude, fs.cExclude) } @@ -361,10 +370,10 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse. } entries[i].Name = cName } - // Filter out excluded entries - entries = rfs.excludeDirEntries(cipherPath, entries) // Add virtual files entries = append(entries, virtualFiles[:nVirtual]...) + // Filter out excluded entries + entries = rfs.excludeDirEntries(cipherPath, entries) return entries, fuse.OK }