fusefrontend_reverse: consistent file owners for .diriv, .name files

This PR addresses the Issue #95, about "Confusing file owner for longname files in reverse mode". It affects only the reverse mode, and introduces two modifications: 1) The "gocryptfs.longname.XXXX.name" files are assigned the owner and group of the underlying plaintext file. Therefore it is consistent with the file "gocryptfs.longname.XXXX" that has the encrypted contents of the plaintext file. 2) The two virtual files mentioned above are given -r--r--r-- permissions. This is consistent with the behavior described in function Access in internal/fusefrontend_reverse/rfs.go where all virtual files are always readable. Behavior also observed in point c) in #95 . Issue #95 URL: https://github.com/rfjakob/gocryptfs/issues/95 Pull request URL: https://github.com/rfjakob/gocryptfs/pull/97
2017-03-27 22:47:45 +02:00 · 2017-03-27 22:47:45 +02:00 · fb1b8ced38
commit fb1b8ced38
parent dfbf642759
3 changed files with 8 additions and 7 deletions
--- a/internal/fusefrontend_reverse/reverse_longnames.go
+++ b/internal/fusefrontend_reverse/reverse_longnames.go
@ -96,6 +96,6 @@ func (rfs *ReverseFS) newNameFile(relPath string) (nodefs.File, fuse.Status) {
 		return nil, fuse.ToStatus(err)
 	}
 	content := []byte(rfs.nameTransform.EncryptName(e, dirIV))
-	parentFile := filepath.Join(rfs.args.Cipherdir, pDir)
+	parentFile := filepath.Join(rfs.args.Cipherdir, pDir, e)
 	return rfs.newVirtualFile(content, parentFile)
 }
--- a/internal/fusefrontend_reverse/rfs.go
+++ b/internal/fusefrontend_reverse/rfs.go
@ -21,8 +21,9 @@ import (
 )
 const (
-	// DirIVMode is the mode to use for Dir IV files.
+	// virtualFileMode is the mode to use for virtual files (gocryptfs.diriv and gocryptfs.longname.*.name)
-	DirIVMode = syscall.S_IFREG | 0400
+	// they are always readable, as stated in func Access
 	virtualFileMode = syscall.S_IFREG | 0444
 )
 // ReverseFS implements the pathfs.FileSystem interface and provides an
@ -108,7 +109,7 @@ func (rfs *ReverseFS) dirIVAttr(relPath string, context *fuse.Context) (*fuse.At
 		return nil, fuse.EPERM
 	}
 	// All good. Let's fake the file. We use the timestamps from the parent dir.
-	a.Mode = DirIVMode
+	a.Mode = virtualFileMode
 	a.Size = nametransform.DirIVLen
 	a.Nlink = 1
 	a.Ino = rfs.inoGen.next()
@ -312,7 +313,7 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.
 	virtualFiles := make([]fuse.DirEntry, len(entries)+1)
 	// Virtual gocryptfs.diriv file
 	virtualFiles[0] = fuse.DirEntry{
-		Mode: syscall.S_IFREG | 0400,
+		Mode: virtualFileMode,
 		Name: nametransform.DirIVFilename,
 	}
 	// Actually used entries
@ -330,7 +331,7 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.
 			if len(cName) > syscall.NAME_MAX {
 				cName = rfs.nameTransform.HashLongName(cName)
 				dotNameFile := fuse.DirEntry{
-					Mode: syscall.S_IFREG | 0600,
+					Mode: virtualFileMode,
 					Name: cName + nametransform.LongNameSuffix,
 				}
 				virtualFiles[nVirtual] = dotNameFile
--- a/internal/fusefrontend_reverse/virtualfile.go
+++ b/internal/fusefrontend_reverse/virtualfile.go
@ -59,7 +59,7 @@ func (f *virtualFile) GetAttr(a *fuse.Attr) fuse.Status {
 	}
 	st.Ino = f.ino
 	st.Size = int64(len(f.content))
-	st.Mode = syscall.S_IFREG | 0400
+	st.Mode = virtualFileMode
 	st.Nlink = 1
 	a.FromStat(&st)
 	return fuse.OK