reverse mode: fix "-exclude" in "-plaintextnames" dir listings
Excluded files showed up in directory listing like this: drwxr-xr-x 2 sebastian sebastian 4,0K Dez 17 14:48 . drwxr-xr-x 7 sebastian sebastian 4,0K Dez 17 14:45 .. -????????? ? ? ? ? ? abcd -r-------- 1 sebastian sebastian 366 Dez 17 14:45 gocryptfs.conf Fixes https://github.com/rfjakob/gocryptfs/issues/285
This commit is contained in:
parent
a2f83acc30
commit
75a3e2c2ee
|
@ -13,8 +13,7 @@ import (
|
||||||
var _ ctlsock.Interface = &ReverseFS{} // Verify that interface is implemented.
|
var _ ctlsock.Interface = &ReverseFS{} // Verify that interface is implemented.
|
||||||
|
|
||||||
// EncryptPath implements ctlsock.Backend.
|
// EncryptPath implements ctlsock.Backend.
|
||||||
// This is actually not used inside reverse mode, but we implement it because
|
// This is used for the control socket and for the "-exclude" logic.
|
||||||
// third-party tools want to encrypt paths through the control socket.
|
|
||||||
func (rfs *ReverseFS) EncryptPath(plainPath string) (string, error) {
|
func (rfs *ReverseFS) EncryptPath(plainPath string) (string, error) {
|
||||||
if rfs.args.PlaintextNames || plainPath == "" {
|
if rfs.args.PlaintextNames || plainPath == "" {
|
||||||
return plainPath, nil
|
return plainPath, nil
|
||||||
|
|
|
@ -39,6 +39,7 @@ type ReverseFS struct {
|
||||||
// Content encryption helper
|
// Content encryption helper
|
||||||
contentEnc *contentenc.ContentEnc
|
contentEnc *contentenc.ContentEnc
|
||||||
// Relative ciphertext paths to exclude (hide) from the user. Used by -exclude.
|
// Relative ciphertext paths to exclude (hide) from the user. Used by -exclude.
|
||||||
|
// With -plaintextnames, these are relative *plaintext* paths.
|
||||||
cExclude []string
|
cExclude []string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -288,7 +289,7 @@ func (rfs *ReverseFS) openDirPlaintextnames(relPath string, entries []fuse.DirEn
|
||||||
if dupe >= 0 {
|
if dupe >= 0 {
|
||||||
// Warn the user loudly: The gocryptfs.conf_NAME_COLLISION file will
|
// Warn the user loudly: The gocryptfs.conf_NAME_COLLISION file will
|
||||||
// throw ENOENT errors that are hard to miss.
|
// throw ENOENT errors that are hard to miss.
|
||||||
tlog.Warn.Printf("The file %s is mapped to %s and shadows another file. Please rename %s in %s .",
|
tlog.Warn.Printf("The file %q is mapped to %q and shadows another file. Please rename %q in directory %q.",
|
||||||
configfile.ConfReverseName, configfile.ConfDefaultName, configfile.ConfDefaultName, rfs.args.Cipherdir)
|
configfile.ConfReverseName, configfile.ConfDefaultName, configfile.ConfDefaultName, rfs.args.Cipherdir)
|
||||||
entries[dupe].Name = "gocryptfs.conf_NAME_COLLISION_" + fmt.Sprintf("%d", cryptocore.RandUint64())
|
entries[dupe].Name = "gocryptfs.conf_NAME_COLLISION_" + fmt.Sprintf("%d", cryptocore.RandUint64())
|
||||||
}
|
}
|
||||||
|
@ -320,7 +321,12 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.
|
||||||
return nil, fuse.ToStatus(err)
|
return nil, fuse.ToStatus(err)
|
||||||
}
|
}
|
||||||
if rfs.args.PlaintextNames {
|
if rfs.args.PlaintextNames {
|
||||||
return rfs.openDirPlaintextnames(cipherPath, entries)
|
entries, status := rfs.openDirPlaintextnames(cipherPath, entries)
|
||||||
|
if !status.Ok() {
|
||||||
|
return nil, status
|
||||||
|
}
|
||||||
|
entries = rfs.excludeDirEntries(cipherPath, entries)
|
||||||
|
return entries, fuse.OK
|
||||||
}
|
}
|
||||||
// Allocate maximum possible number of virtual files.
|
// Allocate maximum possible number of virtual files.
|
||||||
// If all files have long names we need a virtual ".name" file for each,
|
// If all files have long names we need a virtual ".name" file for each,
|
||||||
|
@ -356,22 +362,31 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.
|
||||||
entries[i].Name = cName
|
entries[i].Name = cName
|
||||||
}
|
}
|
||||||
// Filter out excluded entries
|
// Filter out excluded entries
|
||||||
if rfs.cExclude != nil {
|
entries = rfs.excludeDirEntries(cipherPath, entries)
|
||||||
filtered := make([]fuse.DirEntry, 0, len(entries))
|
// Add virtual files
|
||||||
|
entries = append(entries, virtualFiles[:nVirtual]...)
|
||||||
|
return entries, fuse.OK
|
||||||
|
}
|
||||||
|
|
||||||
|
// excludeDirEntries filters out directory entries that are "-exclude"d.
|
||||||
|
// cDir is the relative ciphertext path to the directory these entries are
|
||||||
|
// from.
|
||||||
|
func (rfs *ReverseFS) excludeDirEntries(cDir string, entries []fuse.DirEntry) (filtered []fuse.DirEntry) {
|
||||||
|
if rfs.cExclude == nil {
|
||||||
|
return entries
|
||||||
|
}
|
||||||
|
filtered = make([]fuse.DirEntry, 0, len(entries))
|
||||||
for _, entry := range entries {
|
for _, entry := range entries {
|
||||||
// filepath.Join handles the case of cipherPath="" correctly:
|
// filepath.Join handles the case of cipherPath="" correctly:
|
||||||
// Join("", "foo") -> "foo". This does not: cipherPath + "/" + name"
|
// Join("", "foo") -> "foo". This does not: cipherPath + "/" + name"
|
||||||
p := filepath.Join(cipherPath, entry.Name)
|
p := filepath.Join(cDir, entry.Name)
|
||||||
if rfs.isExcluded(p) {
|
if rfs.isExcluded(p) {
|
||||||
// Skip file
|
// Skip file
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
filtered = append(filtered, entry)
|
filtered = append(filtered, entry)
|
||||||
}
|
}
|
||||||
entries = filtered
|
return filtered
|
||||||
}
|
|
||||||
entries = append(entries, virtualFiles[:nVirtual]...)
|
|
||||||
return entries, fuse.OK
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// StatFs - FUSE call. Returns information about the filesystem (free space
|
// StatFs - FUSE call. Returns information about the filesystem (free space
|
||||||
|
|
Loading…
Reference in New Issue