Jakob Unterwurzacher
1caa925868
Increase GCM IV size from 96 to 128 bits
...
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
2015-12-19 15:02:29 +01:00
Jakob Unterwurzacher
88826dc51d
diriv: handle directory rename over directory
...
If an empty directory is overwritten we will always get
ENOTEMPTY as the "empty" directory will still contain gocryptfs.diriv.
Handle that case by removing the target directory and trying again.
Fixes issue #10
2015-12-19 13:21:15 +01:00
Jakob Unterwurzacher
00a712b4d1
go fmt
...
...and minimal comment changes.
2015-12-13 20:24:13 +01:00
Jakob Unterwurzacher
8518d6d7bd
Handle EINTR returned by Fallocate
...
Fallocate can return EINTR (interrupted system call) and does so
quite often when cpu profiling is enabled.
2015-12-13 17:17:01 +01:00
Jakob Unterwurzacher
ff8c81f95b
go fmt
2015-12-08 13:51:06 +01:00
Jakob Unterwurzacher
56888d83dd
fallocate the space needed for the file header beforehand
...
This makes sure writing to a file fails early if the underlying
filesystem does not support fallocate. It also prevents partial header
write due to ENOSPC.
2015-12-06 15:05:52 +01:00
Jakob Unterwurzacher
fa3a382aa4
Handle ENOSPC errors better by preallocating the space before writing
...
Prevent the case that we run out of space in the middle of
writing a block - that would leave a corrupt block behind.
2015-11-08 22:36:29 +01:00
Jakob Unterwurzacher
e31d319c39
Remove code detected by "deadcode"
...
go get github.com/remyoudompheng/go-misc/deadcode
2015-11-01 12:32:10 +01:00
Jakob Unterwurzacher
902babdf22
Refactor ciphertext <-> plaintext offset translation functions
...
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
2015-11-01 12:11:36 +01:00
Jakob Unterwurzacher
76311b60f2
Add file header (on-disk-format change)
...
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]
Quoting SECURITY.md:
* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
* This means the position of the blocks is protected as well. The blocks
can not be reordered or copied between different files without
causing an decryption error.
2015-11-01 01:38:27 +01:00
Jakob Unterwurzacher
a3d286069f
Use block number as authentication data
2015-10-06 22:27:37 +02:00
Jakob Unterwurzacher
aa082c235a
Utimens: Use UtimesNano instead of Futimes
...
Futimes() only takes microsecond resolution while the FUSE call
Utimens() wants nanosecond precision.
This is why UTIME_OMIT did not work - this change fixes the
xfstests generic/258 test failure.
The go library does not provide a FutimesNano() function which is
why I use UtimesNano() on /proc/self/fd/n.
This is what the Go library does in Futimes().
2015-10-04 20:32:15 +02:00
Jakob Unterwurzacher
c7313f36de
fallocate: return ENOSYS
...
The implementation was incomplete, disable fallocate completely for now.
See https://github.com/rfjakob/gocryptfs/issues/1
Fixes xfstests generic/075
2015-10-04 17:14:40 +02:00
Jakob Unterwurzacher
90bd978283
truncate: Fix bug that caused xfstests generic/030 to fail
...
The bug was caused by using cipherOff where plainOff should
have been used.
Renamed the symbols for less confusion.
2015-10-04 16:04:25 +02:00
Jakob Unterwurzacher
aa6fa7f3cf
Truncate: Logging improvements, show number of blocks as float
2015-10-04 15:45:46 +02:00
Jakob Unterwurzacher
b27edba2bb
Fix Trucate() bug causing files to be too small
...
Uncovered by running xfstests generic/014 several times
2015-10-04 15:40:59 +02:00
Jakob Unterwurzacher
89fef80d32
Run go fmt
2015-10-04 14:49:47 +02:00
Jakob Unterwurzacher
c859f0b2dc
intraBlock: Rename Offset to Skip
...
"Offset" is unclear whether it is an offset from the start of file
or start of block. "Skip" seems much better.
2015-10-04 14:24:43 +02:00
Jakob Unterwurzacher
775676ecb8
Utilize file hole passtrough capability in Truncate()
...
Cuts down the runtime of xfstests generic/014
from 1822 seconds to 36 seconds
2015-10-04 14:21:07 +02:00
Jakob Unterwurzacher
2003ca965d
Zero-pad last block if a file hole is created on Write()
...
Fixes TestFileHoles test
2015-10-04 11:39:35 +02:00
Jakob Unterwurzacher
40448db909
Fix xfstests generic/030 failure
...
The actual fix is
oldSize := f.cfs.PlainSize(uint64(fi.Size()))
the rest is logging improvements
2015-10-04 00:26:20 +02:00
Jakob Unterwurzacher
79870ab096
debug: log inode number instead of encrypted filename
...
Makes the log output smaller and more readable.
2015-10-03 19:16:34 +02:00
Jakob Unterwurzacher
3fef613591
tests: Add append test
2015-09-30 23:42:18 +02:00
Jakob Unterwurzacher
b835f83fd5
Implement Truncate() + Test
2015-09-30 22:36:53 +02:00
Jakob Unterwurzacher
aea8d8d6e7
debug: Log encrypted filename
2015-09-30 20:32:24 +02:00
Jakob Unterwurzacher
0af3cfcac0
Fix symlink size reporting
2015-09-16 19:32:37 +02:00
Jakob Unterwurzacher
e7ba3c61f1
Fix File.GettAttr() size reporting
...
The too-large reported value broke mmap
(applications saw appended zero bytes)
Also
* Add locking for all fd operations
* Add "--debug" command line switch
2015-09-09 19:32:59 +02:00
Jakob Unterwurzacher
80935a0e1b
Explain both frontends in readme
...
Also, re-enable openssl and disable debug messages so testing
gocryptfs is less painful
2015-09-08 23:09:28 +02:00
Jakob Unterwurzacher
28cdff5889
tests: add TestCiphertextRange
2015-09-08 22:36:38 +02:00
Jakob Unterwurzacher
b13cc9686c
Fix append issue
2015-09-08 22:34:23 +02:00
Jakob Unterwurzacher
1ca4fc89aa
More debug logging, improve main_test.go (do not use all-zero content)
2015-09-08 22:03:27 +02:00
Jakob Unterwurzacher
caaad7c8d7
Add pathfs frontend, part II
...
Fix issues in read and write paths.
Now passes selftest.
2015-09-08 21:35:06 +02:00
Jakob Unterwurzacher
889ae90081
Add pathfs frontend (uses go-fuse instead of bazil-fuse), part I
...
Currently fails main_test.go, will be fixed in part II
2015-09-08 00:55:03 +02:00