hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Mount v0.6 and older filesystems as read-only

Browse Source 
This is part of the phase-out of very old filesystems.

See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for
more info.
This commit is contained in:
Jakob Unterwurzacher 2016-06-16 23:23:09 +02:00
parent 3234b9b5ce
commit cc2a75b050
2 changed files with 20 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
internal/configfile/config_file.go
View File

@ -118,10 +118,12 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
if deprecatedFs {
fmt.Printf("\033[33m" + `
This filesystem was created by gocryptfs v0.6 or earlier. You are missing
security improvements. gocryptfs v1.0 is scheduled to drop support for this
filesystem, please upgrade!
If you disagree with the plan or have trouble upgrading, please join the
discussion at https://github.com/rfjakob/gocryptfs/issues/29 .
security improvements. Mounting read-only, please upgrade!
Instructions: https://github.com/rfjakob/gocryptfs/wiki/Upgrading
gocryptfs v1.0 is scheduled to drop support for this filesystem completely.
If you disagree with the plan or have trouble upgrading, please join
the discussion at https://github.com/rfjakob/gocryptfs/issues/29 .
` + "\033[0m")
}
@ -143,9 +145,17 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
return nil, nil, fmt.Errorf("Password incorrect.")
}
return key, &cf, nil
if deprecatedFs {
err = DeprecatedFsError{}
}
return key, &cf, err
}
// The filesystem is deprecated.
type DeprecatedFsError struct{}
func (e DeprecatedFsError) Error() string { return "deprecated filesystem" }
// EncryptKey - encrypt "key" using an scrypt hash generated from "password"
// and store it in cf.EncryptedKey.
// Uses scrypt with cost parameter logN and stores the scrypt parameters in

7
main.go
View File

@ -122,8 +122,11 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
pw := readpassword.Once(args.extpass)
tlog.Info.Println("Decrypting master key")
masterkey, confFile, err = configfile.LoadConfFile(args.config, pw)
if err != nil {
tlog.Fatal.Println(err.Error())
if _, ok := err.(configfile.DeprecatedFsError); ok {
// Force read-only mode
args.ro = true
} else if err != nil {
tlog.Fatal.Println(err)
os.Exit(ERREXIT_LOADCONF)
}