Jakob Unterwurzacher
427c6c1719
exitcodes: define code 12 for "password incorrect"
2017-02-26 19:25:23 +01:00
Jakob Unterwurzacher
57612a278b
configfile: rename "kdf.go" -> "scrypt.go"
...
This really only handles scrypt and no other key-derivation functions.
Renaming the files prevents confusion once we introduce HKDF.
renamed: internal/configfile/kdf.go -> internal/configfile/scrypt.go
renamed: internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go
2017-02-25 18:51:17 +01:00
Jakob Unterwurzacher
a65965783a
stupidgcm: drop only external dependecy
...
This makes it easier to use the package in external projects.
See https://github.com/rfjakob/gocryptfs/issues/79
2017-02-24 09:46:10 +01:00
Jakob Unterwurzacher
43d6aa6677
speed: add benchmark.bash helper
2017-02-24 09:38:50 +01:00
Jakob Unterwurzacher
be19b91a52
README: fix typo and simplify MANPAGE text
2017-02-23 00:14:20 +01:00
Jakob Unterwurzacher
477071d673
speed: fix build for Go 1.4 and lower
...
Old Go versions miss cipher.NewGCMWithNonceSize, which causes:
internal/speed/speed.go:95: undefined: cipher.NewGCMWithNonceSize
2017-02-23 00:04:51 +01:00
Jakob Unterwurzacher
1e03e059fa
Implement "gocryptfs -speed"
...
A crypto benchmark mode like "openssl speed".
Example run:
$ ./gocryptfs -speed
AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode)
AES-GCM-256-Go 48.19 MB/s
AES-SIV-512-Go 37.40 MB/s
2017-02-22 23:56:34 +01:00
Jakob Unterwurzacher
b056776a01
tests: adapt dir overwrite test for Go 1.8
...
In Go 1.8, os.Rename refuses to overwrite an empty directory.
Switch to syscall.Rename, which still does the right thing.
2017-02-20 21:27:37 +01:00
Jakob Unterwurzacher
cb2d1fbcf8
Travis CI: also test with Go 1.8
...
(Currently failing the tests!)
2017-02-20 21:27:26 +01:00
Jakob Unterwurzacher
e406eb22ba
Get rid of remaining $GOPATH dependencies
2017-02-20 21:26:42 +01:00
Jakob Unterwurzacher
166c62fd21
build.bash: use $(go env GOPATH)
2017-02-20 21:26:18 +01:00
Jakob Unterwurzacher
1139c27c36
build.bash: deduplicate build call
2017-02-19 20:27:29 +01:00
Jakob Unterwurzacher
10361a907a
build.bash: GOPATH may be unset since Go v1.8. Handle it.
2017-02-19 20:14:46 +01:00
Jakob Unterwurzacher
7fbe69bfa6
tests.bash: OSX compat: use "flock -n" and skip openssl build
...
Mac OS X flock does not support "--nonblock", but does support "-n":
https://github.com/discoteq/flock/blob/master/man/flock.1.ronn
Skip the openssl build because it requires
1) openssl
2) fixing the import paths in gocryptfs
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-280464400
2017-02-17 19:43:16 +01:00
Jakob Unterwurzacher
07b4b9d60b
Travis: set clone depth to 100
...
Otherwise the build fails once you have more than 50 commits
since the last tag.
You'd get:
$ ./build.bash
fatal: No names found, cannot describe anything.
2017-02-16 21:24:33 +01:00
Jakob Unterwurzacher
62e7eb7d04
tests: reverse: check Access() call
2017-02-16 21:20:29 +01:00
Jakob Unterwurzacher
45c1ea499e
fusefrontend_reverse: handle .name files in Access()
...
These were currently passed to decryptPath() were it caused
a warning.
2017-02-16 21:16:42 +01:00
Jakob Unterwurzacher
55d0523dbe
tests: configfile: add missing newlines in verbose output
2017-02-16 19:45:20 +01:00
Jakob Unterwurzacher
0b19e637c9
tests: OSX compat: wrap Stat_t atime extract
...
Linux has st.Atim, st.Mtim,
OSX hat st.Atimespec, st.Mtimespec.
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:39:56 +01:00
Jakob Unterwurzacher
8bbc1038fe
syscallcompat: OSX compat: fix variable warnings
...
As suggested by
https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:23:17 +01:00
Jakob Unterwurzacher
b66d663ff8
tests: OSX compat: use "mount" command instead of /proc/mounts
...
Mac OS X does not have /proc.
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:13:03 +01:00
Jakob Unterwurzacher
e5bee6a6aa
tests: OSX compat: use OSX-style "stat -f"
...
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:10:36 +01:00
Jakob Unterwurzacher
9f6841373d
benchmarks: OSX compat: replace /usr/bin/time with bash builtin
...
On OSX, /usr/bin/time does not support "-f".
Reported in https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217 .
2017-02-16 19:01:24 +01:00
Jakob Unterwurzacher
ca5c06ef4e
tests: get rid of syscall.PathMax
...
Does not exist on OSX
Reported in https://github.com/rfjakob/gocryptfs/issues/15
2017-02-16 18:47:04 +01:00
Jakob Unterwurzacher
e6075ddf2e
README: also link to cppcryptfs
2017-02-16 18:37:12 +01:00
Jakob Unterwurzacher
f5bb7a37be
README: mention graphical interfaces
2017-02-16 18:36:16 +01:00
Jakob Unterwurzacher
bef27305bc
main: don't attempt lazy unmount on MacOSX
2017-02-15 23:20:41 +01:00
Jakob Unterwurzacher
6ac9dcaae0
tests: use fuse-unmount.bash
...
...instead of having separate compatability logic.
2017-02-15 23:13:33 +01:00
Jakob Unterwurzacher
ce2e610428
OSX compat: replace fusermount calls with fuse-unmount.bash
...
Mac OS X does not have fusermount and uses umount instead.
The fuse-unmount.bash calls the appropriate command.
2017-02-15 23:02:01 +01:00
Jakob Unterwurzacher
6be7808992
Add Mac OS X fusermount replacement script
2017-02-14 21:38:28 +01:00
Jakob Unterwurzacher
3784901fce
readpassword: limit password length to 1000 bytes
...
This used to hang at 100% CPU:
cat /dev/zero | gocryptfs -init a
...and would ultimately send the box into out-of-memory.
The number 1000 is chosen arbitrarily and seems big enough
given that the password must be one line.
Suggested by @mhogomchungu in https://github.com/rfjakob/gocryptfs/issues/77 .
2017-02-13 09:13:22 +01:00
Jakob Unterwurzacher
54caaf4b98
Add CLI ABI documentation
...
Closes https://github.com/rfjakob/gocryptfs/issues/77
2017-02-12 19:20:21 +01:00
Jakob Unterwurzacher
8adfbf2dc3
Check for trailing garbage after the password
...
From the comment:
// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
2dd90ac19c
readpassword: improve comment on readPasswordStdin
2017-02-12 13:55:30 +01:00
Jakob Unterwurzacher
1e9d735406
Document "--" to stop option parsing in help text + man page
2017-02-12 12:49:04 +01:00
Jakob Unterwurzacher
dc2dc9f88c
main: suggest "-q" to suppress master key message
...
If the user has already saved the master key and is not
aware of "-q" the master key needlessly ends up in the terminal
buffer.
Closes https://github.com/rfjakob/gocryptfs/issues/76
2017-02-12 12:23:16 +01:00
Jakob Unterwurzacher
357307cbcf
tests: ctlsock: check warning for non-canonical paths
2017-02-12 12:22:25 +01:00
Jakob Unterwurzacher
0f40afc832
ctlsock: handle non-canonical empty paths
...
We have to check if the input path is empty AFTER canonicalizing it,
too!
2017-02-05 18:17:30 +01:00
Jakob Unterwurzacher
8bcae63a5a
ctlsock: sanitize: handle multiple leading slashes
2017-02-05 18:05:35 +01:00
Jakob Unterwurzacher
2bdd0ec802
golint comment fix
...
internal/ctlsock/ctlsock_serve.go:73:1: comment on exported const
ReadBufSize should be of the form "ReadBufSize ..."
2017-01-29 19:01:16 +01:00
Jakob Unterwurzacher
c8fb619971
contrib: add ctlsock helper scripts
2017-01-29 18:56:17 +01:00
Jakob Unterwurzacher
1273d7edae
ctlsock: better error message for forward mode path decryption
2017-01-29 18:55:52 +01:00
Jakob Unterwurzacher
53fe6f5690
ctlsock: abort message processing on JSON error
...
The code was missing a "continue" in that branch.
Also improve the error messages a bit.
2017-01-29 18:25:46 +01:00
Jakob Unterwurzacher
532ef15417
ctlsock: interpret paths that point above CWD as ""
...
Paths that start with ".." were previously accepted as-is.
2017-01-29 15:24:47 +01:00
Jakob Unterwurzacher
6166dad05c
readpassword: support spaces in "-passfile" filename
...
...and while we are at it, also filenames starting with "-".
2017-01-29 00:34:12 +01:00
Jakob Unterwurzacher
de200aad72
main: add "-fsname" option
...
As requested in https://github.com/rfjakob/gocryptfs/issues/73 .
2017-01-26 22:13:57 +01:00
Jakob Unterwurzacher
39eca53677
main: make sure the ctlsock file is deleted on incorrect password
...
Otherwise the next try to mount ends in
"ctlsock: listen unix ctl.sock: bind: address already in use"
2017-01-26 21:32:08 +01:00
Jakob Unterwurzacher
a7c7588deb
fusefrontend: fix hard-linking with long name
...
This used to incorrectly try to link twice and return EEXIST.
2017-01-26 20:56:42 +01:00
Jakob Unterwurzacher
d2224aec58
tests: add TestLongLink (currently broken)
2017-01-26 20:49:35 +01:00
Jakob Unterwurzacher
de87a256ab
tlog: better comment for the terminal colors
2017-01-26 20:01:45 +01:00