nametransform: simplify WriteDirIV to WriteDirIVAt

Un-spaghettify the function and let the callers open the directory.
2019-01-03 13:32:13 +01:00 · 2019-01-03 13:32:13 +01:00 · f6dad8d0fa
commit f6dad8d0fa
parent 0fd7637624
4 changed files with 35 additions and 24 deletions
--- a/init_dir.go
+++ b/init_dir.go
@ -6,12 +6,14 @@ import (
 	"os"
 	"path/filepath"
 	"strings"
 	"syscall"
 	"github.com/rfjakob/gocryptfs/internal/configfile"
 	"github.com/rfjakob/gocryptfs/internal/cryptocore"
 	"github.com/rfjakob/gocryptfs/internal/exitcodes"
 	"github.com/rfjakob/gocryptfs/internal/nametransform"
 	"github.com/rfjakob/gocryptfs/internal/readpassword"
 	"github.com/rfjakob/gocryptfs/internal/syscallcompat"
 	"github.com/rfjakob/gocryptfs/internal/tlog"
 )
@ -96,7 +98,12 @@ func initDir(args *argContainer) {
 	// Forward mode with filename encryption enabled needs a gocryptfs.diriv file
 	// in the root dir
 	if !args.plaintextnames && !args.reverse {
-		err = nametransform.WriteDirIV(-1, args.cipherdir)
+		// Open cipherdir (following symlinks)
 		dirfd, err := syscall.Open(args.cipherdir, syscall.O_RDONLY|syscall.O_DIRECTORY|syscallcompat.O_PATH, 0)
 		if err == nil {
 			err = nametransform.WriteDirIVAt(dirfd)
 			syscall.Close(dirfd)
 		}
 		if err != nil {
 			tlog.Fatal.Println(err)
 			os.Exit(exitcodes.Init)
--- a/internal/fusefrontend/fs_dir.go
+++ b/internal/fusefrontend/fs_dir.go
@ -37,9 +37,14 @@ func (fs *FS) mkdirWithIv(dirfd int, cName string, mode uint32) error {
 	if err != nil {
 		return err
 	}
-	// Create gocryptfs.diriv
+	dirfd2, err := syscallcompat.Openat(dirfd, cName, syscall.O_DIRECTORY|syscall.O_NOFOLLOW|syscallcompat.O_PATH, 0)
-	err = nametransform.WriteDirIV(dirfd, cName)
+	if err == nil {
 		// Create gocryptfs.diriv
 		err = nametransform.WriteDirIVAt(dirfd2)
 		syscall.Close(dirfd2)
 	}
 	if err != nil {
 		// Delete inconsistent directory (missing gocryptfs.diriv!)
 		err2 := syscallcompat.Unlinkat(dirfd, cName, unix.AT_REMOVEDIR)
 		if err2 != nil {
 			tlog.Warn.Printf("mkdirWithIv: rollback failed: %v", err2)
--- a/internal/nametransform/diriv.go
+++ b/internal/nametransform/diriv.go
@ -4,10 +4,8 @@ import (
 	"bytes"
 	"fmt"
 	"io"
 	"log"
 	"os"
 	"path/filepath"
 	"strings"
 	"syscall"
 	"golang.org/x/sys/unix"
@ -60,43 +58,38 @@ func fdReadDirIV(fd *os.File) (iv []byte, err error) {
 	return iv, nil
 }
-// WriteDirIV - create diriv file inside of the specified directory. If dirfd
+// WriteDirIVAt - create a new gocryptfs.diriv file in the directory opened at
-// is nil "dir" should be the absolute path to the directory. If dirfd != nil
+// "dirfd". On error we try to delete the incomplete file.
-// "dir" should be a path (without slashes) relative to the directory
+// This function is exported because it is used from fusefrontend, main,
-// described by "dirfd". This function is exported because it is used from
+// and also the automated tests.
-// pathfs_frontend, main, and also the automated tests.
+func WriteDirIVAt(dirfd int) error {
 func WriteDirIV(dirfd int, dir string) error {
 	// For relative paths we do not expect that "dir" contains slashes
 	if dirfd >= 0 && strings.Contains(dir, "/") {
 		log.Panicf("WriteDirIV: Relative path should not contain slashes: %v", dir)
 	}
 	iv := cryptocore.RandBytes(DirIVLen)
 	file := filepath.Join(dir, DirIVFilename)
 	// 0400 permissions: gocryptfs.diriv should never be modified after creation.
 	// Don't use "ioutil.WriteFile", it causes trouble on NFS:
 	// https://github.com/rfjakob/gocryptfs/commit/7d38f80a78644c8ec4900cc990bfb894387112ed
-	fdRaw, err := syscallcompat.Openat(dirfd, file, os.O_WRONLY|os.O_CREATE|os.O_EXCL, 0400)
+	fd, err := syscallcompat.Openat(dirfd, DirIVFilename, os.O_WRONLY|os.O_CREATE|os.O_EXCL, 0400)
 	if err != nil {
 		tlog.Warn.Printf("WriteDirIV: Openat: %v", err)
 		return err
 	}
-	fd := os.NewFile(uintptr(fdRaw), file)
+	// Wrap the fd in an os.File - we need the write retry logic.
-	_, err = fd.Write(iv)
+	f := os.NewFile(uintptr(fd), DirIVFilename)
 	_, err = f.Write(iv)
 	if err != nil {
-		fd.Close()
+		f.Close()
 		// It is normal to get ENOSPC here
 		if !syscallcompat.IsENOSPC(err) {
 			tlog.Warn.Printf("WriteDirIV: Write: %v", err)
 		}
 		// Delete incomplete gocryptfs.diriv file
-		syscallcompat.Unlinkat(dirfd, file, 0)
+		syscallcompat.Unlinkat(dirfd, DirIVFilename, 0)
 		return err
 	}
-	err = fd.Close()
+	err = f.Close()
 	if err != nil {
 		tlog.Warn.Printf("WriteDirIV: Close: %v", err)
 		// Delete incomplete gocryptfs.diriv file
-		syscallcompat.Unlinkat(dirfd, file, 0)
+		syscallcompat.Unlinkat(dirfd, DirIVFilename, 0)
 		return err
 	}
 	return nil
--- a/tests/test_helpers/helpers.go
+++ b/tests/test_helpers/helpers.go
@ -18,6 +18,7 @@ import (
 	"github.com/rfjakob/gocryptfs/internal/ctlsock"
 	"github.com/rfjakob/gocryptfs/internal/nametransform"
 	"github.com/rfjakob/gocryptfs/internal/syscallcompat"
 )
 // TmpDir will be created inside this directory, set in init() to
@ -112,7 +113,12 @@ func ResetTmpDir(createDirIV bool) {
 		panic(err)
 	}
 	if createDirIV {
-		err = nametransform.WriteDirIV(-1, DefaultCipherDir)
+		// Open cipherdir (following symlinks)
 		dirfd, err := syscall.Open(DefaultCipherDir, syscall.O_RDONLY|syscall.O_DIRECTORY|syscallcompat.O_PATH, 0)
 		if err == nil {
 			err = nametransform.WriteDirIVAt(dirfd)
 			syscall.Close(dirfd)
 		}
 		if err != nil {
 			panic(err)
 		}