Jakob Unterwurzacher
6cc0aebd71
configfile: define HKDF flag
2017-03-05 12:08:12 +01:00
Jakob Unterwurzacher
b2f3dbb8bd
fusefrontend: when chown'ing a directory, also chown its diriv
...
When filename encryption is active, every directory contains
a "gocryptfs.diriv" file. This file should also change the owner.
Fixes https://github.com/rfjakob/gocryptfs/issues/86
2017-03-02 19:12:21 +01:00
Jakob Unterwurzacher
427c6c1719
exitcodes: define code 12 for "password incorrect"
2017-02-26 19:25:23 +01:00
Jakob Unterwurzacher
57612a278b
configfile: rename "kdf.go" -> "scrypt.go"
...
This really only handles scrypt and no other key-derivation functions.
Renaming the files prevents confusion once we introduce HKDF.
renamed: internal/configfile/kdf.go -> internal/configfile/scrypt.go
renamed: internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go
2017-02-25 18:51:17 +01:00
Jakob Unterwurzacher
a65965783a
stupidgcm: drop only external dependecy
...
This makes it easier to use the package in external projects.
See https://github.com/rfjakob/gocryptfs/issues/79
2017-02-24 09:46:10 +01:00
Jakob Unterwurzacher
43d6aa6677
speed: add benchmark.bash helper
2017-02-24 09:38:50 +01:00
Jakob Unterwurzacher
477071d673
speed: fix build for Go 1.4 and lower
...
Old Go versions miss cipher.NewGCMWithNonceSize, which causes:
internal/speed/speed.go:95: undefined: cipher.NewGCMWithNonceSize
2017-02-23 00:04:51 +01:00
Jakob Unterwurzacher
1e03e059fa
Implement "gocryptfs -speed"
...
A crypto benchmark mode like "openssl speed".
Example run:
$ ./gocryptfs -speed
AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode)
AES-GCM-256-Go 48.19 MB/s
AES-SIV-512-Go 37.40 MB/s
2017-02-22 23:56:34 +01:00
Jakob Unterwurzacher
62e7eb7d04
tests: reverse: check Access() call
2017-02-16 21:20:29 +01:00
Jakob Unterwurzacher
45c1ea499e
fusefrontend_reverse: handle .name files in Access()
...
These were currently passed to decryptPath() were it caused
a warning.
2017-02-16 21:16:42 +01:00
Jakob Unterwurzacher
55d0523dbe
tests: configfile: add missing newlines in verbose output
2017-02-16 19:45:20 +01:00
Jakob Unterwurzacher
8bbc1038fe
syscallcompat: OSX compat: fix variable warnings
...
As suggested by
https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:23:17 +01:00
Jakob Unterwurzacher
3784901fce
readpassword: limit password length to 1000 bytes
...
This used to hang at 100% CPU:
cat /dev/zero | gocryptfs -init a
...and would ultimately send the box into out-of-memory.
The number 1000 is chosen arbitrarily and seems big enough
given that the password must be one line.
Suggested by @mhogomchungu in https://github.com/rfjakob/gocryptfs/issues/77 .
2017-02-13 09:13:22 +01:00
Jakob Unterwurzacher
8adfbf2dc3
Check for trailing garbage after the password
...
From the comment:
// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
2dd90ac19c
readpassword: improve comment on readPasswordStdin
2017-02-12 13:55:30 +01:00
Jakob Unterwurzacher
0f40afc832
ctlsock: handle non-canonical empty paths
...
We have to check if the input path is empty AFTER canonicalizing it,
too!
2017-02-05 18:17:30 +01:00
Jakob Unterwurzacher
8bcae63a5a
ctlsock: sanitize: handle multiple leading slashes
2017-02-05 18:05:35 +01:00
Jakob Unterwurzacher
2bdd0ec802
golint comment fix
...
internal/ctlsock/ctlsock_serve.go:73:1: comment on exported const
ReadBufSize should be of the form "ReadBufSize ..."
2017-01-29 19:01:16 +01:00
Jakob Unterwurzacher
1273d7edae
ctlsock: better error message for forward mode path decryption
2017-01-29 18:55:52 +01:00
Jakob Unterwurzacher
53fe6f5690
ctlsock: abort message processing on JSON error
...
The code was missing a "continue" in that branch.
Also improve the error messages a bit.
2017-01-29 18:25:46 +01:00
Jakob Unterwurzacher
532ef15417
ctlsock: interpret paths that point above CWD as ""
...
Paths that start with ".." were previously accepted as-is.
2017-01-29 15:24:47 +01:00
Jakob Unterwurzacher
6166dad05c
readpassword: support spaces in "-passfile" filename
...
...and while we are at it, also filenames starting with "-".
2017-01-29 00:34:12 +01:00
Jakob Unterwurzacher
39eca53677
main: make sure the ctlsock file is deleted on incorrect password
...
Otherwise the next try to mount ends in
"ctlsock: listen unix ctl.sock: bind: address already in use"
2017-01-26 21:32:08 +01:00
Jakob Unterwurzacher
a7c7588deb
fusefrontend: fix hard-linking with long name
...
This used to incorrectly try to link twice and return EEXIST.
2017-01-26 20:56:42 +01:00
Jakob Unterwurzacher
de87a256ab
tlog: better comment for the terminal colors
2017-01-26 20:01:45 +01:00
Jakob Unterwurzacher
fe1705c55b
reverse: add single-entry path cache
...
Speeds up the "ls -lR" benchmark from 2.6 seconds to 2.0.
2017-01-03 18:14:01 +01:00
Jakob Unterwurzacher
ef089c9f80
reverse: factor out rDecryptName
...
This prepares the code for the introduction of a path cache.
2017-01-03 17:46:11 +01:00
Jakob Unterwurzacher
8be54bf3f8
prefer_openssl: default to Go GCM on OSX
2016-12-10 21:04:17 +01:00
Jakob Unterwurzacher
12374be9c5
ctlsock: abort the connection if the request is too big
...
Reading partial JSON would cause a mess. Just kill the connection.
Also, stop using syscall.PathMax that is not defined on Darwin
( https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-264253024 )
2016-12-10 20:43:08 +01:00
Jakob Unterwurzacher
8945f4db95
ctlsock: add a note about Accept() throwing errors on Close()
2016-12-10 15:01:00 +01:00
Jakob Unterwurzacher
6af725ff09
ctlsock: exit early if socket cannot be created; delete on exit
...
Both are achieved by opening the socket from main and passing
it to the ctlsock package instead of passing the path.
2016-12-10 14:54:06 +01:00
Jakob Unterwurzacher
967e7bd125
stupidgcm: Fix without_openssl build failure
...
Also, always call build-without-openssl.bash from test.bash.
Failure was:
internal/stupidgcm/without_openssl.go:29: missing return at end of function
2016-12-10 13:15:19 +01:00
Jakob Unterwurzacher
2758c75cae
ctlsock: sanitize paths before passing them to the backend
...
You used to be able to crash gocryptfs by passing "/foo"
of "foo/" to the ctlsock.
Fixes https://github.com/rfjakob/gocryptfs/issues/66
2016-12-10 12:59:54 +01:00
Jakob Unterwurzacher
c9f4400e6d
Replace all calls to naked panic() with log.Panic()
...
We want all panics to show up in the syslog.
2016-12-10 11:54:36 +01:00
Jakob Unterwurzacher
55df8acac3
fusefrontend: preserve owner for symlinks
...
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28 23:15:24 +01:00
Jakob Unterwurzacher
e3c5e3f1c8
fusefronted: preserve owner for device nodes and sockets
...
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28 23:09:47 +01:00
Jakob Unterwurzacher
a66440c668
fusefrontend: use Lchown when preserving owner
...
This prevents (unlikely) symlink race attacks
2016-11-28 22:46:04 +01:00
Jakob Unterwurzacher
0f8d3318a3
main, fusefrontend: add "-noprealloc" option
...
Preallocation is very slow on hdds that run btrfs. Give the
user the option to disable it. This greatly speeds up small file
operations but reduces the robustness against out-of-space errors.
Also add the option to the man page.
More info: https://github.com/rfjakob/gocryptfs/issues/63
2016-11-25 09:19:14 +01:00
Jakob Unterwurzacher
024511d9c7
fusefrontend: coalesce 4kB writes
...
This improves performance on hdds running ext4, and improves
streaming write performance on hdds running btrfs. Tar extract
slows down on btrfs for some reason.
See https://github.com/rfjakob/gocryptfs/issues/63
Benchmarks:
encfs v1.9.1
============
$ ./benchmark.bash -encfs /mnt/hdd-ext4
Testing EncFS at /mnt/hdd-ext4/benchmark.bash.u0g
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,48354 s, 88,4 MB/s
UNTAR: 20.79
LS: 3.04
RM: 6.62
$ ./benchmark.bash -encfs /mnt/hdd-btrfs
Testing EncFS at /mnt/hdd-btrfs/benchmark.bash.h40
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,52552 s, 85,9 MB/s
UNTAR: 24.51
LS: 2.73
RM: 5.32
gocryptfs v1.1.1-26-g4a7f8ef
============================
$ ./benchmark.bash /mnt/hdd-ext4
Testing gocryptfs at /mnt/hdd-ext4/benchmark.bash.1KG
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,55782 s, 84,1 MB/s
UNTAR: 22.23
LS: 1.47
RM: 4.17
$ ./benchmark.bash /mnt/hdd-btrfs
Testing gocryptfs at /mnt/hdd-btrfs/benchmark.bash.2t8
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 6,87206 s, 19,1 MB/s
UNTAR: 69.87
LS: 1.52
RM: 5.33
gocryptfs v1.1.1-32
===================
$ ./benchmark.bash /mnt/hdd-ext4
Testing gocryptfs at /mnt/hdd-ext4/benchmark.bash.Qt3
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,22577 s, 107 MB/s
UNTAR: 23.46
LS: 1.46
RM: 4.67
$ ./benchmark.bash /mnt/hdd-btrfs/
Testing gocryptfs at /mnt/hdd-btrfs//benchmark.bash.XVk
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 3,68735 s, 35,5 MB/s
UNTAR: 116.87
LS: 1.84
RM: 6.34
2016-11-25 09:03:32 +01:00
Jakob Unterwurzacher
6f475da116
Fix golint warnings, add helper script
2016-11-17 23:40:03 +01:00
Jakob Unterwurzacher
0489d08ae2
fusefrontend: get the file ID from the open files table
...
This fixes the problem that a truncate can reset the file
ID without the other open FDs noticing it.
2016-11-17 22:29:45 +01:00
Jakob Unterwurzacher
e04dc05012
fusefrontend: upgrade wlockMap to use device AND inode number
...
If there are multiple filesystems backing the gocryptfs filesystems
inode numbers are not guaranteed to be unique.
2016-11-17 20:32:19 +01:00
Jakob Unterwurzacher
d8fb28a1c3
ctlsock: prevent panic on invalid decrypt request
2016-11-10 23:51:47 +01:00
Jakob Unterwurzacher
c03fc46a51
ctlsock: implement EncryptPath for reverse mode, add tests
2016-11-10 23:32:51 +01:00
Jakob Unterwurzacher
d3764b7753
reverse: fix longname decoding bug
...
This could have caused spurious ENOENT errors.
That it did not cause these errors all the time is interesting
and probably because an earlier readdir would place the entry
in the cache. This masks the bug.
2016-11-10 23:30:30 +01:00
Jakob Unterwurzacher
e7f57695a6
Fix golint warnings
...
$ golint ./... | grep -v underscore | grep -v ALL_CAPS
internal/fusefrontend_reverse/rfs.go:52:36: exported func NewFS returns unexported type *fusefrontend_reverse.reverseFS, which can be annoying to use
internal/nametransform/raw64_go1.5.go:10:2: exported const HaveRaw64 should have comment (or a comment on this block) or be unexported
2016-11-10 00:38:01 +01:00
Jakob Unterwurzacher
75ebb28a62
ctlsock: add initial limited implementation
...
At the moment, in forward mode you can only encrypt paths
and in reverse mode you can only decrypt paths.
2016-11-10 00:27:08 +01:00
Jakob Unterwurzacher
df28fc5a11
nametransform: get rid of leading "./"
...
Paths in the root directory were encrypted to this:
foobar -> ./N9vPc0gXUY4PDSt0-muYXQ==
2016-11-09 23:41:47 +01:00
Jakob Unterwurzacher
df1e3a10c4
nametransform: nicer error message on empty gocryptfs.diriv
...
Old:
Nov 06 13:34:38 brikett gocryptfs[16228]: ReadDirIVAt: Read failed: EOF
Nov 06 13:34:38 brikett gocryptfs[16228]: go-fuse: can't convert error type: EOF
New:
Nov 06 14:08:43 brikett gocryptfs[17361]: ReadDirIVAt: wanted 16 bytes, got 0. Returning EINVAL.
2016-11-06 14:09:34 +01:00
Jakob Unterwurzacher
d15122d3d6
Add Go 1.4 compatibility layer for raw64
...
Using raw64 will not work, but at least it will compile.
2016-11-01 19:25:59 +01:00
Jakob Unterwurzacher
2b991c9743
Add support for unpadded base64 filenames, "-raw64"
...
Through base64.RawURLEncoding.
New command-line parameter "-raw64".
2016-11-01 18:43:22 +01:00
Jakob Unterwurzacher
944eaf2fb5
fusefronted: expire dir IV cache after one second
...
The Back In Time backup tool (https://github.com/bit-team/backintime )
wants to write directly into the ciphertext dir.
This may cause the cached directory IV to become out-of-date.
Having an expiry time limits the inconstency to one second, like
attr_timeout does for the kernel getattr cache.
2016-11-01 10:57:39 +01:00
Jakob Unterwurzacher
a9c7565b80
fusefrontend: refactor dirIVCache
...
Simplify the code a bit.
2016-11-01 10:34:41 +01:00
Jakob Unterwurzacher
c2192cfcad
fusefrontend: drop atime workarounds
...
The fix at https://github.com/hanwen/go-fuse/pull/131 has been merged.
Drop the workarounds and re-enable the tests.
2016-10-30 16:29:36 +01:00
Jakob Unterwurzacher
85f1fd0b0f
fusefronted: more concise corrupt block log message
...
Calculating the block offset is easy enough, even more now
that gocryptfs-xray exists.
2016-10-28 21:18:36 +02:00
Jakob Unterwurzacher
012152f3d1
fusefrontend: I/O error instead of panic on all-zero nonce
...
Running xfstests generic/075 on tmpfs often triggered a panic
for what seems to be a tmpfs bug.
Quoting from the email to lkml,
http://www.spinics.net/lists/kernel/msg2370127.html :
tmpfs seems to be incorrectly returning 0-bytes when reading from
a file that is concurrently being truncated.
2016-10-28 21:18:36 +02:00
Jakob Unterwurzacher
a08d55f42d
fusefronted: optimize NFS streaming writes by saving one Stat()
...
Stat() calls are expensive on NFS as they need a full network
round-trip. We detect when a write immediately follows the
last one and skip the Stat in this case because the write
cannot create a file hole.
On my (slow) NAS, this takes the write speed from 24MB/s to
41MB/s.
2016-10-28 21:17:53 +02:00
Jakob Unterwurzacher
d64ccf7cf4
fusefrontend: move hole padding check out of Write()
...
The details of the hole handling don't have to be in
Write, so move it away.
2016-10-25 22:37:45 +02:00
Jakob Unterwurzacher
6538dc15af
fusefrontend: rename "createsHole" to clearer "createsCiphertextHole"
...
...and add comments for what is happening.
2016-10-25 21:19:37 +02:00
Jakob Unterwurzacher
aeda9721d0
Fix misspellings
...
Close https://github.com/rfjakob/gocryptfs/issues/54
2016-10-24 19:18:13 +02:00
Jakob Unterwurzacher
a74a7e7f54
configfile: add newline at the end
...
For convenience for the user, add a newline at the end.
Reported as #51 .
2016-10-21 08:43:39 +02:00
Jakob Unterwurzacher
589748548f
tests: add 1980.tar.gz extract test
...
Test that we get the right timestamp when extracting a tarball.
Also simplify the workaround in doTestUtimesNano() and fix the
fact that it was running no test at all.
2016-10-19 22:25:54 +02:00
Jakob Unterwurzacher
600ceece35
lint fixes
2016-10-19 01:12:45 +02:00
Jakob Unterwurzacher
891a3b4c8a
fusefrontend: Utimens: one more band-aid
...
Revert once https://github.com/hanwen/go-fuse/pull/131 is merged.
2016-10-16 20:20:00 +02:00
Jakob Unterwurzacher
c487e176bd
main: allow password change with -masterkey
...
Requested at https://github.com/rfjakob/gocryptfs/issues/28
2016-10-16 18:17:28 +02:00
Jakob Unterwurzacher
b2d33028a6
readpassword: check extpass return code
...
...and exit if it is not zero.
2016-10-16 16:44:27 +02:00
Jakob Unterwurzacher
5144470e3d
fusefrontend: Utimens: ugly band-aid for nil pointer crash in go-fuse
...
Crash is described at https://github.com/rfjakob/gocryptfs/issues/48 .
Revert this once https://github.com/hanwen/go-fuse/pull/131 is merged.
2016-10-16 15:08:05 +02:00
Jakob Unterwurzacher
35219d0022
fusefrontend: log missing gocryptfs.diriv
...
This can happen during normal operation when the directory has
been deleted concurrently. But it can also mean that the
gocryptfs.diriv is missing due to an error, so log the event
at "info" level.
2016-10-16 15:04:59 +02:00
Jakob Unterwurzacher
828f718483
fusefrontend: Also preserve the owner in Mkdir
...
This already worked for files but was missing for dirs.
2016-10-10 08:53:29 +02:00
Jakob Unterwurzacher
d3b78fea95
reverse: add panics against API abuse
...
These should help prevent later programming errors.
2016-10-09 17:05:12 +02:00
Jakob Unterwurzacher
d25fcc6a4b
reverse: gocryptfs.conf was missing from the directory listings
...
Fix the test for that and add checks in example_filesystems_test.
2016-10-08 22:25:08 +02:00
Jakob Unterwurzacher
e47577834b
reverse: merge config translation check into isTranslatedConfig
...
Also get rid of useless isFiltered function.
2016-10-08 21:14:16 +02:00
Jakob Unterwurzacher
f054353bd3
reverse: make gocryptfs.conf mapping plaintextnames-aware
...
Only in plaintextnames-mode AND with the config file at the
default location it will be mapped into the mountpoint.
Also adds a test for that.
2016-10-08 20:57:38 +02:00
Jakob Unterwurzacher
53257f4ee5
nametransform: better error code on invalid diriv length
...
go-fuse translates errors unknown to it into "function not
implemented", which is wrong in this case.
2016-10-07 22:40:30 +02:00
Jakob Unterwurzacher
ff48dc1aab
reverse: initialize the longname cache only when reverse mode is used
...
Gets rid of the idling longnameCacheCleaner thread in "normal" mode.
2016-10-05 22:22:28 +02:00
Jakob Unterwurzacher
a4956fa6bf
A few more lint fixes
2016-10-04 23:30:05 +02:00
Valient Gough
b764917cd5
lint fixes
2016-10-04 23:18:33 +02:00
Jakob Unterwurzacher
db5782028a
tests: skip tests with -openssl=false on Go 1.4 and lower
...
Go versions 1.4 and lower lack NewGCMWithNonceSize(), which causes
a panic in the test.
2016-10-04 22:34:12 +02:00
Romain
db72a4489d
fusefrontend_reverse cast Stat_t.Dev to uint64 ( #44 )
...
The [Stat_t.Dev](https://golang.org/pkg/syscall/#Stat_t ) docs say `Dev` is a `unit64`, but on [macOS amd64](https://golang.org/src/syscall/ztypes_darwin_amd64.go ) it's an `int32`.
2016-10-04 15:03:47 +02:00
Jakob Unterwurzacher
56c0b19612
without_openssl: support compiling completely without openssl
...
Build helper script: build-without-openssl.bash
2016-10-04 09:51:14 +02:00
Jakob Unterwurzacher
a00402cc47
cryptocore: rename "gcm" variable to generic "aeadCipher"
...
As we now also support AES-SIV the old name is no longer
correct.
2016-10-04 00:17:09 +02:00
Jakob Unterwurzacher
bb52937834
cryptocore: derive 512-bit key for AES-SIV
...
AES-SIV uses 1/2 of the key for authentication, 1/2 for
encryption, so we need a 64-byte key for AES-256. Derive
it from the master key by hashing it with SHA-512.
2016-10-04 00:16:56 +02:00
Jakob Unterwurzacher
46018785b4
siv_aead: Overhead is always 16
...
Add a test for that.
Also test operations using a 64-byte key.
2016-10-03 23:58:19 +02:00
Jakob Unterwurzacher
a2510efe12
reverse: use per-purpose nonce generation
...
Also pull all the deterministic nonce code into fusefrontend_reverse
to greatly simplify the normal code path.
2016-09-29 21:56:49 +02:00
Jakob Unterwurzacher
bce96b5095
reverse: move newDirIVFile into virtualfile.go
...
After all, is's a virtual file.
2016-09-28 23:30:13 +02:00
Jakob Unterwurzacher
e9bb8b800c
reverse: switch from GCM-SIV to AES-SIV
...
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
Jakob Unterwurzacher
d9fc652df0
siv_aead: add AES-SIV AEAD wrapper
2016-09-26 23:06:40 +02:00
Jakob Unterwurzacher
0e277ba19e
stupidgcm: add GCM-SIV benchmark
...
On a CPU without AES-NI:
$ go test -bench .
Benchmark4kEncStupidGCM-2 50000 24155 ns/op 169.57 MB/s
Benchmark4kEncGoGCM-2 20000 93965 ns/op 43.59 MB/s
Benchmark4kEncGCMSIV-2 500 2576193 ns/op 1.59 MB/s
2016-09-25 20:04:55 +02:00
Jakob Unterwurzacher
28838a489d
nametransform: downgrade invalid length warning
...
This happens all the time in reverse mode when somebody stats
an encrypted symlink target.
2016-09-25 19:50:16 +02:00
Jakob Unterwurzacher
5f4b16c00f
Implement changes proposed by gosimple.
...
Also delete the unused "dirIVNameStruct", found by deadcode.
2016-09-25 19:48:21 +02:00
Jakob Unterwurzacher
166ba74a05
tests: enable all go vet checks
...
...and fix reported errors:
internal/fusefrontend_reverse/rfile.go:40: github.com/rfjakob/gocryptfs/internal/contentenc.FileHeader composite literal uses unkeyed fields
internal/fusefrontend_reverse/rfs.go:249: github.com/hanwen/go-fuse/fuse.DirEntry composite literal uses unkeyed fields
internal/fusefrontend_reverse/rfs.go:264: github.com/hanwen/go-fuse/fuse.DirEntry composite literal uses unkeyed fields
2016-09-25 19:02:12 +02:00
Jakob Unterwurzacher
c7b3150afc
nametransform: delete unused function DecryptPathDirIV
2016-09-25 18:56:23 +02:00
Jakob Unterwurzacher
abd61d968d
contentenc: rename constant "IVBitLen" to "DefaultIVBits" and clarify comment
...
128-bit IVs are NOT used everywhere.
2016-09-25 18:40:29 +02:00
Jakob Unterwurzacher
b883dd10a6
reverse: add symlink encryption and Readlink support
2016-09-25 18:01:24 +02:00
Jakob Unterwurzacher
12808138ef
contentenc: add "ExternalNonce" mode
...
This will be used for strong symlink encryption in reverse mode.
2016-09-25 17:44:19 +02:00
Jakob Unterwurzacher
32e55261ca
fusefrontend: handle Readlink directly
...
Calling into go-fuse's loopbackFileSystem does not add
any value here.
2016-09-25 17:01:39 +02:00
Jakob Unterwurzacher
2050c7f3b3
reverse: add gcmsiv flag and associated tests
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
7bbf6ad6ea
reverse: derive file ID and block IVs from file paths
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
52a6f4f71e
reverse: add longnameParentCache
...
findLongnameParent has to read the whole directory to find the
right file; add a simple cache to avoid most directory scans.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
a6a7b424f8
reverse: resolve long names in Open and GetAttr
...
The last patch added functionality for generating gocryptfs.longname.*
files, this patch adds support for mapping them back to the full
filenames.
Note that resolving a long name needs a full readdir. A cache
will be implemented later on to improve performance.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
35bcc2dca2
reverse: transform long names in OpenDir
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
b34a665da4
nametransform: implement ReadDirIV without Openat
...
As ReadDirIV operates on a path anyway, opening the directory
has no clear safety advantage w.r.t. concurrent renames.
If the backing directory is a reverse-mounted gocryptfs filesystem,
each directory open is an OPENDIR, and this causes a full directory
read!
This patch improves the "ls -lR" performance of an
DIR --> gocryptfs-reverse --> gocryptfs
chain by a factor of ~10.
OPENDIR counts for ls -lR:
Before 15570
After 2745
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
01c18dbcab
nametransform: return EINVAL on invalid padding
...
With the generic fmt.Errorf we trigger a warning from go-fuse:
2016/09/21 21:42:31 can't convert error type: Invalid padding
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d76e7aadb4
reverse: use dynamic inode numbers
...
...with stable mappings for hard-linked files.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
5f726aaa9d
contentenc: add GCM-SIV support
...
Also add ReverseDummyNonce nonce generation.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
7f87ed78f2
cryptocore: add support for GCM-SIV
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d1762c5b95
reverse: fix GetAttr for gocryptfs.conf
...
And also don't return the encrypted version of
.gocryptfs.reverse.conf in readdir.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
3d59c7dd6a
reverse: add gocryptfs.conf passthrough
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
1932248446
reverse: get rid of debug message
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
ce22ab36e1
reverse: gocryptfs.diriv content was generated from wrong path
...
Should be derived from the directory name only.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
7faa267bd4
reverse: rename readFile to clearer readBackingFile
...
Also refactor the header generation for nicer code.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
be9dfe3a89
reverse: implement dynamic diriv
...
Introduce a unique per-directory diriv that is generated
by hashing the encrypted directory path.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
10f38e8870
reverse: generate file header for Read()
...
Also create virtual gocryptfs.diriv entries (no content yet).
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
ac1221395e
nametransform: export DirIVLen constant
...
Will be needed by reverse mode.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
e42ab3908d
reverse: print value in file offset panic
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
777eb8e62f
reverse: rename types to reverseXYZ
...
...to prevent confusion with the forward variants.
FS -> reverseFS
file -> reverseFile
Also add an incomplete read implementation.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
5931eea387
contentenc: add helpers for reverse mode
...
Add the reverse variant of DecryptBlocks etc:
* EncryptBlocks
* JointPlaintextRange
* ExplodeCipherRange
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
1d4c6288f2
main: initial support for reverse mode
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
1d62086742
conentenc: handle zero-sized files in PlainSizeToCipherSize
...
Previously caused an integer underflow.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
9237b4f53e
reverse: add skeleton
...
Compiles but does not do much else.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
fca1b82417
fusefrontend: relay Utimens to go-fuse
...
Commit af5441dcd9
has caused a
regression ( https://github.com/rfjakob/gocryptfs/issues/35 )
that is fixed by this commit.
The go-fuse library by now has all the syscall wrappers in
place to correctly handle Utimens, also for symlinks.
Instead of duplicating the effort here just call into go-fuse.
Closes #35
2016-09-25 16:30:29 +02:00
Jakob Unterwurzacher
af5441dcd9
fusefrontend: use NsecToTimespec() for Utimens
...
This fixes a build problem on 32-bit hosts:
internal/fusefrontend/file.go:400: cannot use a.Unix() (type int64) as
type int32 in assignment
internal/fusefrontend/file.go:406: cannot use m.Unix() (type int64) as
type int32 in assignment
It also enables full nanosecond timestamps for dates
after 1970.
2016-08-09 22:18:46 +02:00
Jakob Unterwurzacher
7395b8e990
cryptocore: comment why 96-bit IVs are still supported
2016-07-31 13:36:38 +02:00
Jakob Unterwurzacher
e8a234f658
Add godoc comments to all internal packages
2016-07-06 21:51:25 +02:00
Jakob Unterwurzacher
603e144f5e
prefer_openssl: OSX: get rid of /proc warnings
...
OSX does not have /proc/cpuinfo, but let's not warn
the user about it.
2016-07-04 08:19:26 +02:00
Jakob Unterwurzacher
52655843ab
stupidgcm: use __builtin_trap()
...
[...]/stupidgcm/locking.go:16:2:
warning: indirection of non-volatile null pointer will
be deleted, not trap [-Wnull-dereference]
[...]/stupidgcm/locking.go:16:2:
note: consider using __builtin_trap() or qualifying
pointer with 'volatile'
https://github.com/rfjakob/gocryptfs/issues/15
2016-07-04 08:14:24 +02:00
Jakob Unterwurzacher
741bf0726e
syscallcompat: OSX: add Mknodat wrapper
...
Protip: find naked *at syscalls using:
git grep "syscall." | grep "at(" | grep -v syscallcompat
2016-07-03 20:22:22 +02:00
Jakob Unterwurzacher
d8524c7369
syscallcompat: OSX: add Unlinkat wrapper
...
Also, replace remaining naked syscall.Openat calls.
2016-07-03 20:17:40 +02:00
Jakob Unterwurzacher
1d7728959c
fusefrontend: downgrade Renameat log message to debug
2016-07-03 20:08:09 +02:00
Jakob Unterwurzacher
79851bf6cc
syscallcompat: OSX: add Renamat wrapper
...
Adds a poor man's renameat implementation for OSX.
2016-07-03 20:05:32 +02:00
Jakob Unterwurzacher
9b725c15cf
syscallcompat: OSX: add Fallocate and Openat wrappers
...
...and convert all calls to syscall.{Fallocate,Openat}
to syscallcompat .
Both syscalls are not available on OSX. We emulate Openat and just
return EOPNOTSUPP for Fallocate.
2016-07-03 19:18:34 +02:00
Jakob Unterwurzacher
c9a472c12f
syscallcompat: move syscall wrapper to their own package
...
We will get more of them as OSX also lacks support for openat.
2016-07-03 17:51:40 +02:00
Jakob Unterwurzacher
e574a6cc1f
nametransform: hide detailed padding error behind the debug flag
...
unPad16 returns detailed errors including the position of the
incorrect bytes. Kill a possible padding oracle by lumping
everything into a generic error.
The detailed error is only logged if debug is active.
2016-07-03 15:35:58 +02:00
Jakob Unterwurzacher
54470baa23
fusefrontend: add fallocate support
...
Mode=0 (default) and mode=1 (keep size) are supported.
The patch includes test cases and the whole thing passed xfstests.
Fixes https://github.com/rfjakob/gocryptfs/issues/1 .
2016-07-02 19:52:09 +02:00
Jakob Unterwurzacher
04ad063515
fusefronted: move Truncate() and Allocate() to their own file
...
These are large complicated implementations that will share some
code.
2016-07-02 15:35:06 +02:00
Jakob Unterwurzacher
7b22b426b9
contentenc: rename PlaintextRange and CiphertextRange
...
The name could be misunderstood and actually caused a bug:
doWrite used to always preallocate 4128 instead of the actual
data length.
2016-07-02 00:12:36 +02:00
Jakob Unterwurzacher
f2b4d57068
fusefrontend: coalesce grows in Truncate()
...
We were growing the file block-by-block which was pretty
inefficient. We now coalesce all the grows into a single
Ftruncate. Also simplifies the code!
Simplistic benchmark: Before:
$ time truncate -s 1000M foo
real 0m0.568s
After:
$ time truncate -s 1000M foo
real 0m0.205s
2016-07-01 23:32:27 +02:00
Jakob Unterwurzacher
ae77d18527
fusefrontend: better comments for Truncate
2016-07-01 09:23:04 +02:00
Jakob Unterwurzacher
e994ffa27d
fusefrontend: handle dir-overwrites-dir on XFS
...
XFS returns a different error code if you try to overwrite
a non-empty directory with a directory:
XFS: mv: cannot move ‘foo’ to ‘bar/foo’: File exists
ext4: mv: cannot move 'foo' to 'bar/foo': Directory not empty
So have EEXIST trigger the Rmdir logic as well.
Fixes issue #20
Link: https://github.com/rfjakob/gocryptfs/issues/20
2016-06-30 23:17:54 +02:00
Jakob Unterwurzacher
c400aca5cf
tlog: clean up messages from the go-fuse library
...
Drop the date and add the "go-fuse: " prefix so you can see
where the message is coming from.
Before:
Jun 27 09:03:15 brikett gocryptfs[4150]: 2016/06/27 09:03:15 Unimplemented opcode INTERRUPT
After:
Jun 27 09:10:58 brikett gocryptfs[4961]: go-fuse: Unimplemented opcode INTERRUPT
2016-06-27 09:12:03 +02:00
Jakob Unterwurzacher
3288d98703
fusefrontend: fix PlaintextNames versions of Mkdir, Rmdir
...
The "!fs.args.DirIV" special case was removed by b17f0465c7
but that, by accident, also removed the handling for
PlaintextNames.
Re-add it as an explicit PlaintextNames special case.
Also adds support for removing directories that miss their
gocryptfs.diriv file for some reason.
2016-06-27 00:27:36 +02:00
Jakob Unterwurzacher
547ddf4264
tlog: switch default logger to syslog
...
...unless "-nosyslog" is passed.
All gocryptfs messages already go to syslog, but the messages
that the go-fuse lib emits were still printed to stdout.
Fixes issue #13 ( https://github.com/rfjakob/gocryptfs/issues/13 )
2016-06-26 23:30:22 +02:00
Jakob Unterwurzacher
0115588680
main, fusefrontend: enable suid functionality
...
FUSE filesystems are mounted with "nosuid" by default. If we run as root,
we can use device files by passing the opposite mount option, "suid".
Also we have to use syscall.Chmod instead of os.Chmod because the
portability translation layer "syscallMode" messes up the sgid
and suid bits.
Fixes 70% of the failures in xfstests generic/193. The remaining are
related to truncate, but we err on the safe side:
$ diff -u tests/generic/193.out /home/jakob/src/fuse-xfstests/results//generic/193.out.bad
[...]
check that suid/sgid bits are cleared after successful truncate...
with no exec perm
before: -rwSr-Sr--
-after: -rw-r-Sr--
+after: -rw-r--r--
2016-06-26 20:13:21 +02:00
Jakob Unterwurzacher
23cc0657f4
fusefronted: preserve owner if running as root
...
If allow_other is set and we run as root, try to give newly created files to
the right user.
2016-06-26 19:18:13 +02:00
Jakob Unterwurzacher
38767ab527
fuserfrontend: support truncate(2) by wrapping ftruncate(2)
...
Support truncate(2) by opening the file and calling ftruncate(2)
While the glibc "truncate" wrapper seems to always use ftruncate, fsstress from
xfstests uses this a lot by calling "truncate64" directly.
2016-06-26 18:41:04 +02:00
Jakob Unterwurzacher
b558901e66
Drop deprecated "-gcmiv128" option
...
The GCMIV128 feature flag is already mandatory, dropping the command
line option is the final step.
Completes https://github.com/rfjakob/gocryptfs/issues/29 .
2016-06-23 22:10:19 +02:00
Jakob Unterwurzacher
3d59a72ba9
Drop deprecated "-emenames" option
...
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:56:50 +02:00
Jakob Unterwurzacher
e970b1fdb5
nametransform: drop unused noiv functions
...
As DirIV is now mandatory there is no user for the noiv functions.
2016-06-23 21:39:04 +02:00
Jakob Unterwurzacher
b17f0465c7
Drop deprecated "-diriv" option
...
The DirIV feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:38:59 +02:00
Jakob Unterwurzacher
f0b4d2354d
Refuse mounting of v0.6 and older filesystems
2016-06-19 20:01:04 +02:00
Jakob Unterwurzacher
cc2a75b050
Mount v0.6 and older filesystems as read-only
...
This is part of the phase-out of very old filesystems.
See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for
more info.
2016-06-16 23:23:09 +02:00
Jakob Unterwurzacher
3234b9b5ce
tests: update config_test example files
...
Recreate the files so they carry all feature flags.
Also, create them with "-scryptn 10" to speed up the tests.
2016-06-16 23:19:05 +02:00
Jakob Unterwurzacher
96750a7d3c
tests: exit with correct error code from TestMain
...
extpass_test and example_filesystems_test did it wrong,
always returning 0.
2016-06-16 21:56:23 +02:00
Jakob Unterwurzacher
c76c952c19
readpassword: clean up leftover debug commit
2016-06-16 20:59:51 +02:00
Jakob Unterwurzacher
7e92ebe16a
Rename nametransform, contentenc source files
...
Let's have shorter names, and merge *_api.go into the "main"
file.
No code changes.
2016-06-16 19:02:47 +02:00
Jakob Unterwurzacher
6c3f97399a
Rename internal "toggledlog" package to "tlog"
...
tlog is used heavily everywhere and deserves a shorter name.
Renamed using sed magic, without any manual rework:
find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
2016-06-15 23:30:44 +02:00
Jakob Unterwurzacher
09e88f31d1
toggledlog: assume command of color handling
...
We want to use colored error messages also outside of main,
so let's handle it in the logging package.
The fatal logger now automatically prints red.
2016-06-15 23:17:51 +02:00
Jakob Unterwurzacher
c89455063c
readpassword: create internal package for password reading
...
* Supports stdin
* Add tests for extpass and stdin
As per user request at https://github.com/rfjakob/gocryptfs/issues/30
2016-06-15 22:44:24 +02:00
Jakob Unterwurzacher
393e531afd
Fix warnings reported by Go 1.6 "go tool vet -shadow=true"
...
Warnings were:
main.go:234: declaration of err shadows declaration at main.go:163:
internal/fusefrontend/file.go:401: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
internal/fusefrontend/file.go:419: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
internal/fusefrontend/fs_dir.go:140: declaration of err shadows declaration at internal/fusefrontend/fs_dir.go:97:
2016-06-14 22:46:23 +02:00
Jakob Unterwurzacher
5b1eed35ee
fusefrontend: Utimens: convert ENOENT to EBADF
...
If /proc/self/fd/X did not exist, the actual error is that the file
descriptor was invalid.
go-fuse's pathfs prefers using an open fd even for path-based operations
but does not take any locks to prevent the fd from being closed.
Instead, it retries the operation by path if it get EBADF. So this
change allows the retry logic to work correctly.
This fixes the error
rsync: failed to set times on "/tmp/ping.Kgw.mnt/linux-3.0/[...]/.dvb_demux.c.N7YlEM":
No such file or directory (2)
that was triggered by pingpong-rsync.bash.
2016-06-09 22:21:00 +02:00
Jakob Unterwurzacher
5da292828c
fusefrontend: fix chown on dangling symlinks
...
We (actually, go-fuse) used to call Chown() instead of Lchown()
which meant that the operation would fail on dangling symlinks.
Fix this by calling os.Lchown() ourself. Also add a test case
for this.
2016-06-08 00:32:44 +02:00
Jakob Unterwurzacher
0f4d350136
configfile: warn about missing feature flags
...
The plan is to drop support for the oldest filesystem versions
in gocryptfs v1.0. For now, we only warn the user.
2016-06-06 23:13:10 +02:00
Jakob Unterwurzacher
0c80cca674
toggledlog: convert remaing naked fmt.Print*
...
Several fatal errors were just printed to stdout, which
meant they were invisible when running the test suite.
Fix this by introducing toggledlog.Fatal and convert as
follows:
Fatal errors -> toggledlog.Fatal
Warnings -> toggledlog.Warn
Password prompts -> fmt.Fprintf
2016-06-05 14:32:07 +02:00
Jakob Unterwurzacher
ca54b665e3
main: print actual error from LoadConfFile()
...
It may not have been a "Wrong password" after all.
Also, push down disabling the warning so LoadConfFile() can
warn about things that matter.
2016-06-05 13:44:22 +02:00
Jakob Unterwurzacher
f2d208c464
configfile: use map[flagIota] for feature flags
...
This should make things saner and more extensible. It prepares
the infrastructure for "required feature flags" that will be used
to deprecate old gocryptfs version.
2016-06-05 12:54:45 +02:00
Jakob Unterwurzacher
b97268c948
configfile: bake the "Creator" gocryptfs version into the file
...
This field is added for the convenience of users and
may help them to identify which gocryptfs version
they need to mount a filesystem.
The same information is essentially contained in FeatureFlags,
but this is more difficult to decode for humans.
It is completely ignored programmatically (also by older gocryptfs
versions).
2016-06-05 11:40:13 +02:00
Jakob Unterwurzacher
a602e798b1
fusefrontend: report an error if all files in a directory were invalid
...
Just presenting an empty directory means that the user does not know
that things went wrong unless he checks the syslog or tries to delete
the directory.
It would be nice to report the error even if only some files were
invalid. However, go-fuse does not allow returning the valid
directory entries AND an error.
2016-06-04 16:39:27 +02:00
Jakob Unterwurzacher
80b027f830
nametransform, main: better error messages
2016-06-01 20:07:43 +02:00
Jakob Unterwurzacher
5dd9576a11
fusefrontend: replace unreliable "fd < 0" check
...
... with the "released" boolean.
For some reason, the "f.fd.Fd() < 0" check did not work reliably,
leading to nil pointer panics on the following wlock.lock().
The problem was discovered during fsstress testing and is unlikely
to happen in normal operations.
With this change, we passed 1700+ fsstress iterations.
2016-05-30 09:36:06 +02:00
Jakob Unterwurzacher
5e9953ec27
toggledlog: wpanic: use Logger.Panic instead of naked panic
...
This makes sure the panic message also ends up in syslog
(if enabled).
2016-05-30 09:26:59 +02:00
Jakob Unterwurzacher
1648c54adb
fusefrontend: use sync.Once for one-time warnings
...
Using a simple boolean was racy (which was harmless
in this case) and non-idomatic.
2016-05-29 22:50:03 +02:00
Jakob Unterwurzacher
fd53dfd2ad
fusefronted: check Fstat return value on file create
...
The Fstat call should never fail, but still, if it does return an error
it should be handled properly.
2016-05-29 22:43:48 +02:00
Jakob Unterwurzacher
77813bdc13
fusefrontend: simplify wlockMap
...
mapMutex can be anonymous and using an RWMutex is overkill
because the lock protects very short sections.
2016-05-29 22:40:05 +02:00
Jakob Unterwurzacher
4c0cb37c50
fusefrontend: remove unused "forgotten" variable
...
The functionality has long been replaced by the fd < 0
check.
2016-05-29 13:46:47 +02:00
Jakob Unterwurzacher
888e147cd8
stupidgcm: add benchmark.bash wrapper
...
Add a simple bash wrapper to make it easier to run the GCM
benchmarks.
2016-05-22 15:49:09 +02:00
David Gnedt
a93bcabe9c
Encrypt path in statfs() calls
...
Paths in statfs() calls were not encrypted resulting in
an Function not implemented error, when the unencrypted
path didn't exist in the underlying (encrypted)
filesystem.
$ df plain/existingdir
df: ‘plain/existingdir’: Function not implemented
2016-05-12 23:24:39 +02:00
Jakob Unterwurzacher
4ad9d4e444
prefer_openssl: add amd64 constraint
...
Optimized assembly versions for Go GCM are only available
on amd64.
2016-05-12 09:50:36 +02:00
Jakob Unterwurzacher
49b597f07c
prefer_openssl: autodetect whether to use OpenSSL or Go GCM
...
Go GCM is faster than OpenSSL if the CPU has AES instructions
and you are running Go 1.6+.
The "-openssl" option now defaults to "auto".
"gocryptfs -debug -version" displays the result of the autodetection.
See https://github.com/rfjakob/gocryptfs/issues/23 for details and
benchmarks.
2016-05-12 00:42:42 +02:00
Jakob Unterwurzacher
ba7c798418
fusefrontend: fix panic due to concurrently unregistered wlock
...
Commit 730291feab
properly freed wlock when the file descriptor is
closed. However, concurrently running Write and Truncates may
still want to lock it. Check if the fd has been closed first.
2016-05-08 23:21:20 +02:00
Jakob Unterwurzacher
730291feab
fusefrontend: fix wlock memory leak
...
The write lock was not freed on release, causing a slow memory leak.
This was noticed by running extractloop.bash for 10 hours.
2016-05-05 13:38:39 +02:00
Jakob Unterwurzacher
cf29ce3762
stupidgcm: set dummy locking callback.
...
In general, OpenSSL is only threadsafe if you provide a locking function
through CRYPTO_set_locking_callback. However, the GCM operations that
stupidgcm uses never call that function.
To guard against that ever changing, set a dummy locking callback
that crashes the app.
2016-05-05 00:09:08 +02:00
Jakob Unterwurzacher
906172938a
stupidgcm: skip tests on Go 1.4 and older
...
Quoting from the patch:
We compare against Go's built-in GCM implementation. Since stupidgcm only
supports 128-bit IVs and Go only supports that from 1.5 onward, we cannot
run these tests on older Go versions.
2016-05-05 00:09:08 +02:00
Jakob Unterwurzacher
b4d45554f2
Revert "stupidgcm: print openssl error stack before panicing"
...
This did not help in debugging the openssl <= 1.0.1c issue at all
and makes the code more complex. Keep it simple.
2016-05-05 00:09:08 +02:00
Jakob Unterwurzacher
66156181ee
cryptocore: support Go 1.4 in tests
2016-05-05 00:09:08 +02:00
Jakob Unterwurzacher
508a949d9d
stupidgcm: reorder calls to support openssl <= 1.0.1c
...
This fixes the test failures on Travis CI.
Quoting from 07a4ff79d2
/* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier
* required the tag before any AAD or ciphertext */
2016-05-05 00:08:25 +02:00
Jakob Unterwurzacher
d0945b73d2
stupidgcm: print openssl error stack before panicing
2016-05-04 20:50:13 +02:00
Jakob Unterwurzacher
6c010c3080
stupidgcm: fix copy-paste error in panic message
...
Also, print the openssl version in Travis CI
2016-05-04 20:15:11 +02:00
Jakob Unterwurzacher
39f3a24484
stupidgcm: completely replace spacemonkeygo/openssl
2016-05-04 19:56:07 +02:00
Jakob Unterwurzacher
c92190bf07
stupidgcm: add our own thin wrapper around openssl gcm
...
...complete with tests and benchmark.
This will allow us to get rid of the dependency to spacemonkeygo/openssl
that causes problems on Arch Linux
( https://github.com/rfjakob/gocryptfs/issues/21 )
2016-05-04 19:56:07 +02:00
Jakob Unterwurzacher
1bb907b38e
cryptocore: add API tests
2016-05-04 19:56:07 +02:00
Jakob Unterwurzacher
4d79fba285
prelloc: warn and continue if fallocate(2) is not supported
...
This makes gocryptfs work at all on ZFS.
See https://github.com/rfjakob/gocryptfs/issues/22 .
2016-04-20 22:47:31 +02:00
Jakob Unterwurzacher
bd5405189e
Fix "go tool vet -shadow=true" warnings
...
Among those one real bug.
2016-04-10 21:31:15 +02:00
Jakob Unterwurzacher
db72fcea41
longnames: fix fsstress failure, use dirfd
...
Using dirfd-relative operations allows safe lockless handling
of the ".name" files.
2016-04-10 21:31:08 +02:00
Jakob Unterwurzacher
63d3e51734
longnames: use symbolic constants instead of naked ints
2016-04-10 12:36:43 +02:00
Jakob Unterwurzacher
37a9b4c3ee
Enable openssl in tests to support old Go versions
...
Go 1.4 and older do not support 128-bit IVs which caused
the tests to panic.
2016-03-03 00:59:58 +01:00
Jakob Unterwurzacher
b5221c9651
Fix Go 1.4 build failure caused by a refactoring oversight
2016-03-03 00:48:32 +01:00
Jakob Unterwurzacher
653d4a619c
longnames part II: Rename, Unlink, Rmdir, Mknod, Mkdir + tests
2016-02-07 14:02:09 +01:00
Jakob Unterwurzacher
6b5d977cce
Move OpenDir to fs_dir.go
2016-02-07 11:29:54 +01:00
Jakob Unterwurzacher
3a4922b5d7
Add tests for long name creation and renaming (currently failing, obviously)
2016-02-07 10:55:13 +01:00
Jakob Unterwurzacher
e111e20649
longnames part I: Create and OpenDir work with long filenames > 176 bytes
...
Todo: Rename, Unlink, Rmdir, Mknod, Mkdir
2016-02-06 22:54:14 +01:00
Jakob Unterwurzacher
6b27b6a1e7
Move dirIVCache to its own file
2016-02-06 20:27:28 +01:00
Jakob Unterwurzacher
c74772bc8d
Run go fmt
2016-02-06 20:23:36 +01:00
Jakob Unterwurzacher
b0ee5258b1
Fix tests - were broken by the refactoring
2016-02-06 20:22:45 +01:00
Jakob Unterwurzacher
9078a77850
Move pathfs_frontend to internal/fusefrontend
...
"git status" for reference:
renamed: pathfs_frontend/args.go -> internal/fusefrontend/args.go
renamed: pathfs_frontend/compat_darwin.go -> internal/fusefrontend/compat_darwin.go
renamed: pathfs_frontend/compat_linux.go -> internal/fusefrontend/compat_linux.go
renamed: pathfs_frontend/file.go -> internal/fusefrontend/file.go
renamed: pathfs_frontend/file_holes.go -> internal/fusefrontend/file_holes.go
renamed: pathfs_frontend/fs.go -> internal/fusefrontend/fs.go
renamed: pathfs_frontend/fs_dir.go -> internal/fusefrontend/fs_dir.go
renamed: pathfs_frontend/names.go -> internal/fusefrontend/names.go
renamed: pathfs_frontend/write_lock.go -> internal/fusefrontend/write_lock.go
modified: main.go
2016-02-06 19:27:59 +01:00
Jakob Unterwurzacher
2b8cbd9441
Major refactoring: Split up "cryptfs" into several internal packages
...
"git status" for reference:
deleted: cryptfs/cryptfs.go
deleted: cryptfs/names_core.go
modified: integration_tests/cli_test.go
modified: integration_tests/helpers.go
renamed: cryptfs/config_file.go -> internal/configfile/config_file.go
renamed: cryptfs/config_test.go -> internal/configfile/config_test.go
renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore
renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf
renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf
renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf
renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf
renamed: cryptfs/kdf.go -> internal/configfile/kdf.go
renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go
renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go
new file: internal/contentenc/content_api.go
renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go
renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go
renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go
renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go
new file: internal/cryptocore/crypto_api.go
renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go
renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go
renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go
renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go
renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash
renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go
new file: internal/nametransform/name_api.go
new file: internal/nametransform/names_core.go
renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go
renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go
renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go
new file: internal/nametransform/pad16.go
renamed: cryptfs/log.go -> internal/toggledlog/log.go
renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go
renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go
modified: main.go
modified: masterkey.go
modified: pathfs_frontend/file.go
modified: pathfs_frontend/file_holes.go
modified: pathfs_frontend/fs.go
modified: pathfs_frontend/fs_dir.go
modified: pathfs_frontend/names.go
modified: test.bash
2016-02-06 19:22:35 +01:00