Refuse mounting of v0.6 and older filesystems
This commit is contained in:
parent
1dcafb99ff
commit
f0b4d2354d
|
@ -109,23 +109,23 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
|
||||||
deprecatedFs := false
|
deprecatedFs := false
|
||||||
for _, i := range requiredFlags {
|
for _, i := range requiredFlags {
|
||||||
if !cf.IsFeatureFlagSet(i) {
|
if !cf.IsFeatureFlagSet(i) {
|
||||||
// For now, warn but continue.
|
fmt.Fprintf(os.Stderr, "Required feature flag %q is missing\n", knownFlags[i])
|
||||||
fmt.Printf("Deprecated filesystem: feature flag %q is missing\n", knownFlags[i])
|
|
||||||
deprecatedFs = true
|
deprecatedFs = true
|
||||||
//return nil, nil, fmt.Errorf("Required feature flag %q is missing", knownFlags[i])
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if deprecatedFs {
|
if deprecatedFs {
|
||||||
fmt.Printf("\033[33m" + `
|
fmt.Fprintf(os.Stderr, "\033[33m"+`
|
||||||
This filesystem was created by gocryptfs v0.6 or earlier. You are missing
|
The filesystem was created by gocryptfs v0.6 or earlier. This version of
|
||||||
security improvements. Mounting read-only, please upgrade!
|
gocryptfs can no longer mount the filesystem.
|
||||||
Instructions: https://github.com/rfjakob/gocryptfs/wiki/Upgrading
|
Please download gocryptfs v0.11 and upgrade your filesystem,
|
||||||
|
see https://github.com/rfjakob/gocryptfs/wiki/Upgrading for instructions.
|
||||||
|
|
||||||
gocryptfs v1.0 is scheduled to drop support for this filesystem completely.
|
If you have trouble upgrading, join the discussion at
|
||||||
If you disagree with the plan or have trouble upgrading, please join
|
https://github.com/rfjakob/gocryptfs/issues/29 .
|
||||||
the discussion at https://github.com/rfjakob/gocryptfs/issues/29 .
|
|
||||||
|
|
||||||
` + "\033[0m")
|
`+"\033[0m")
|
||||||
|
|
||||||
|
return nil, nil, fmt.Errorf("Deprecated filesystem")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Generate derived key from password
|
// Generate derived key from password
|
||||||
|
@ -145,17 +145,9 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
|
||||||
return nil, nil, fmt.Errorf("Password incorrect.")
|
return nil, nil, fmt.Errorf("Password incorrect.")
|
||||||
}
|
}
|
||||||
|
|
||||||
if deprecatedFs {
|
|
||||||
err = DeprecatedFsError{}
|
|
||||||
}
|
|
||||||
return key, &cf, err
|
return key, &cf, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// The filesystem is deprecated.
|
|
||||||
type DeprecatedFsError struct{}
|
|
||||||
|
|
||||||
func (e DeprecatedFsError) Error() string { return "deprecated filesystem" }
|
|
||||||
|
|
||||||
// EncryptKey - encrypt "key" using an scrypt hash generated from "password"
|
// EncryptKey - encrypt "key" using an scrypt hash generated from "password"
|
||||||
// and store it in cf.EncryptedKey.
|
// and store it in cf.EncryptedKey.
|
||||||
// Uses scrypt with cost parameter logN and stores the scrypt parameters in
|
// Uses scrypt with cost parameter logN and stores the scrypt parameters in
|
||||||
|
|
5
main.go
5
main.go
|
@ -122,10 +122,7 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
|
||||||
pw := readpassword.Once(args.extpass)
|
pw := readpassword.Once(args.extpass)
|
||||||
tlog.Info.Println("Decrypting master key")
|
tlog.Info.Println("Decrypting master key")
|
||||||
masterkey, confFile, err = configfile.LoadConfFile(args.config, pw)
|
masterkey, confFile, err = configfile.LoadConfFile(args.config, pw)
|
||||||
if _, ok := err.(configfile.DeprecatedFsError); ok {
|
if err != nil {
|
||||||
// Force read-only mode
|
|
||||||
args.ro = true
|
|
||||||
} else if err != nil {
|
|
||||||
tlog.Fatal.Println(err)
|
tlog.Fatal.Println(err)
|
||||||
os.Exit(ERREXIT_LOADCONF)
|
os.Exit(ERREXIT_LOADCONF)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue