Jakob Unterwurzacher
cf29ce3762
stupidgcm: set dummy locking callback.
...
In general, OpenSSL is only threadsafe if you provide a locking function
through CRYPTO_set_locking_callback. However, the GCM operations that
stupidgcm uses never call that function.
To guard against that ever changing, set a dummy locking callback
that crashes the app.
2016-05-05 00:09:08 +02:00
Jakob Unterwurzacher
906172938a
stupidgcm: skip tests on Go 1.4 and older
...
Quoting from the patch:
We compare against Go's built-in GCM implementation. Since stupidgcm only
supports 128-bit IVs and Go only supports that from 1.5 onward, we cannot
run these tests on older Go versions.
2016-05-05 00:09:08 +02:00
Jakob Unterwurzacher
b4d45554f2
Revert "stupidgcm: print openssl error stack before panicing"
...
This did not help in debugging the openssl <= 1.0.1c issue at all
and makes the code more complex. Keep it simple.
2016-05-05 00:09:08 +02:00
Jakob Unterwurzacher
66156181ee
cryptocore: support Go 1.4 in tests
2016-05-05 00:09:08 +02:00
Jakob Unterwurzacher
508a949d9d
stupidgcm: reorder calls to support openssl <= 1.0.1c
...
This fixes the test failures on Travis CI.
Quoting from 07a4ff79d2
/* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier
* required the tag before any AAD or ciphertext */
2016-05-05 00:08:25 +02:00
Jakob Unterwurzacher
d0945b73d2
stupidgcm: print openssl error stack before panicing
2016-05-04 20:50:13 +02:00
Jakob Unterwurzacher
6c010c3080
stupidgcm: fix copy-paste error in panic message
...
Also, print the openssl version in Travis CI
2016-05-04 20:15:11 +02:00
Jakob Unterwurzacher
86eb37e41a
Fix typos in README
2016-05-04 20:04:10 +02:00
Jakob Unterwurzacher
907bb58800
Update README for v0.10-rc1
2016-05-04 19:56:19 +02:00
Jakob Unterwurzacher
39f3a24484
stupidgcm: completely replace spacemonkeygo/openssl
2016-05-04 19:56:07 +02:00
Jakob Unterwurzacher
c92190bf07
stupidgcm: add our own thin wrapper around openssl gcm
...
...complete with tests and benchmark.
This will allow us to get rid of the dependency to spacemonkeygo/openssl
that causes problems on Arch Linux
( https://github.com/rfjakob/gocryptfs/issues/21 )
2016-05-04 19:56:07 +02:00
Jakob Unterwurzacher
1bb907b38e
cryptocore: add API tests
2016-05-04 19:56:07 +02:00
Jakob Unterwurzacher
bb16f2d565
build.bash: replace "git -C"
...
"-C" is not supported on older git versions. Instead, just cd into
the directory.
See issue #20 .
2016-04-28 08:41:39 +02:00
Jakob Unterwurzacher
4d79fba285
prelloc: warn and continue if fallocate(2) is not supported
...
This makes gocryptfs work at all on ZFS.
See https://github.com/rfjakob/gocryptfs/issues/22 .
2016-04-20 22:47:31 +02:00
Jakob Unterwurzacher
f035d3efba
Update manpage with "longnames" option, explain feature flag options
2016-04-17 21:19:51 +02:00
Jakob Unterwurzacher
36c1039228
build.bash: bake the go-fuse commit hash into the binaries
2016-04-10 23:16:09 +02:00
Jakob Unterwurzacher
776c734f43
Update readme.md and performance.txt for v0.9
2016-04-10 23:01:00 +02:00
Jakob Unterwurzacher
bd5405189e
Fix "go tool vet -shadow=true" warnings
...
Among those one real bug.
2016-04-10 21:31:15 +02:00
Jakob Unterwurzacher
bd1f17ca9f
tests: clean up leftover mounts in resetTmpDir
...
Failure in the example filesystems tests can leave them mounted.
2016-04-10 21:31:15 +02:00
Jakob Unterwurzacher
db72fcea41
longnames: fix fsstress failure, use dirfd
...
Using dirfd-relative operations allows safe lockless handling
of the ".name" files.
2016-04-10 21:31:08 +02:00
Jakob Unterwurzacher
63d3e51734
longnames: use symbolic constants instead of naked ints
2016-04-10 12:36:43 +02:00
Jakob Unterwurzacher
e42e46c97c
Add v0.9-rc2 performance numbers
2016-04-10 12:04:50 +02:00
Jakob Unterwurzacher
0a49ecb869
Add v0.9 changes to README
2016-04-03 23:11:46 +02:00
Jakob Unterwurzacher
8c44b27869
travis ci: also build with Go 1.6
2016-04-03 22:51:44 +02:00
Jakob Unterwurzacher
37a9b4c3ee
Enable openssl in tests to support old Go versions
...
Go 1.4 and older do not support 128-bit IVs which caused
the tests to panic.
2016-03-03 00:59:58 +01:00
Jakob Unterwurzacher
b5221c9651
Fix Go 1.4 build failure caused by a refactoring oversight
2016-03-03 00:48:32 +01:00
Jakob Unterwurzacher
653d4a619c
longnames part II: Rename, Unlink, Rmdir, Mknod, Mkdir + tests
2016-02-07 14:02:09 +01:00
Jakob Unterwurzacher
2a11906963
tests: do not create gocryptfs.diriv if plaintextnames==true
2016-02-07 13:28:55 +01:00
Jakob Unterwurzacher
6b5d977cce
Move OpenDir to fs_dir.go
2016-02-07 11:29:54 +01:00
Jakob Unterwurzacher
3a4922b5d7
Add tests for long name creation and renaming (currently failing, obviously)
2016-02-07 10:55:13 +01:00
Jakob Unterwurzacher
e111e20649
longnames part I: Create and OpenDir work with long filenames > 176 bytes
...
Todo: Rename, Unlink, Rmdir, Mknod, Mkdir
2016-02-06 22:54:14 +01:00
Jakob Unterwurzacher
5abd9cec13
travis: run all tests in "internal"
2016-02-06 22:53:38 +01:00
Jakob Unterwurzacher
6b27b6a1e7
Move dirIVCache to its own file
2016-02-06 20:27:28 +01:00
Jakob Unterwurzacher
9b6894bdbf
test.bash: Accept flags
2016-02-06 20:25:18 +01:00
Jakob Unterwurzacher
c74772bc8d
Run go fmt
2016-02-06 20:23:36 +01:00
Jakob Unterwurzacher
b0ee5258b1
Fix tests - were broken by the refactoring
2016-02-06 20:22:45 +01:00
Jakob Unterwurzacher
9078a77850
Move pathfs_frontend to internal/fusefrontend
...
"git status" for reference:
renamed: pathfs_frontend/args.go -> internal/fusefrontend/args.go
renamed: pathfs_frontend/compat_darwin.go -> internal/fusefrontend/compat_darwin.go
renamed: pathfs_frontend/compat_linux.go -> internal/fusefrontend/compat_linux.go
renamed: pathfs_frontend/file.go -> internal/fusefrontend/file.go
renamed: pathfs_frontend/file_holes.go -> internal/fusefrontend/file_holes.go
renamed: pathfs_frontend/fs.go -> internal/fusefrontend/fs.go
renamed: pathfs_frontend/fs_dir.go -> internal/fusefrontend/fs_dir.go
renamed: pathfs_frontend/names.go -> internal/fusefrontend/names.go
renamed: pathfs_frontend/write_lock.go -> internal/fusefrontend/write_lock.go
modified: main.go
2016-02-06 19:27:59 +01:00
Jakob Unterwurzacher
2b8cbd9441
Major refactoring: Split up "cryptfs" into several internal packages
...
"git status" for reference:
deleted: cryptfs/cryptfs.go
deleted: cryptfs/names_core.go
modified: integration_tests/cli_test.go
modified: integration_tests/helpers.go
renamed: cryptfs/config_file.go -> internal/configfile/config_file.go
renamed: cryptfs/config_test.go -> internal/configfile/config_test.go
renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore
renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf
renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf
renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf
renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf
renamed: cryptfs/kdf.go -> internal/configfile/kdf.go
renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go
renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go
new file: internal/contentenc/content_api.go
renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go
renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go
renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go
renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go
new file: internal/cryptocore/crypto_api.go
renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go
renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go
renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go
renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go
renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash
renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go
new file: internal/nametransform/name_api.go
new file: internal/nametransform/names_core.go
renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go
renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go
renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go
new file: internal/nametransform/pad16.go
renamed: cryptfs/log.go -> internal/toggledlog/log.go
renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go
renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go
modified: main.go
modified: masterkey.go
modified: pathfs_frontend/file.go
modified: pathfs_frontend/file_holes.go
modified: pathfs_frontend/fs.go
modified: pathfs_frontend/fs_dir.go
modified: pathfs_frontend/names.go
modified: test.bash
2016-02-06 19:22:35 +01:00
Jakob Unterwurzacher
adcfbd79a8
Rename DirIVCacheEnc to just DirIVCache
...
...and unexport dirIVCache
2016-02-06 12:27:55 +01:00
Jakob Unterwurzacher
1573efec98
Don't print plain text directory name in "Invalid name" warning
2016-01-31 18:30:39 +01:00
Jakob Unterwurzacher
6454db68d9
Add new "-wpanic" option and enable it for the automated tests
2016-01-31 18:09:39 +01:00
Jakob Unterwurzacher
4c9e249e3a
Convert fdLock to an RWMutex and protect the whole transaction
...
...against concurrent closes.
The testcase
(set -e; while true; do truncate -s $RANDOM b; done) &
(set -e; while true; do truncate -s $RANDOM b; done) &
uncovered lots of unnecessary RMW failures that were the result
of concurrent closes.
With this patch, the only remaining error is "Truncate on forgotten file"
that is probably caused by a problem in the go-fuse lib
( https://github.com/hanwen/go-fuse/issues/95 )
2016-01-25 00:51:28 +01:00
Jakob Unterwurzacher
4259c8f7eb
Only warn once for unsupported fallocate(2) and truncate(2)
...
Also, print the inode number in Ftruncate warnings.
2016-01-24 19:43:21 +01:00
Jakob Unterwurzacher
8fb32aab68
Downgrade "gocryptfs.diriv not found" warning if the directory was deleted
...
The directory may have been concurrently deleted or moved. Failure to
read the diriv is not an error in that case.
Downgrading the message to debug.
2016-01-24 19:40:53 +01:00
Jakob Unterwurzacher
65b8d5bc46
Update MANPAGE with new options
2016-01-24 18:20:52 +01:00
Jakob Unterwurzacher
9ecb489c66
Allow "-d" as an alis for "-debug", and "-quiet" as an alias for "-q"
2016-01-24 18:20:04 +01:00
Jakob Unterwurzacher
523e430685
Add "-nosyslog" options
...
Also, actually redirect Warn and Debug as well.
2016-01-24 18:10:18 +01:00
Jakob Unterwurzacher
2f32114bd3
Add per-inode write mutex
...
At the moment, FUSE writes to a single file are serialized by the kernel.
However, it is unclear if this is guaranteed behaviour or may change
in the future.
This patch adds our own per-inode write lock to rule out races regardless
of kernel behavoir.
2016-01-24 13:08:08 +01:00
Jakob Unterwurzacher
dac9f71089
tests: more helpful error message when the tmp dir cannot be cleared
2016-01-24 13:07:18 +01:00
Jakob Unterwurzacher
1030522fe6
Suppress password prompt when using -extpass
...
Also, add color to the error messages.
2016-01-23 20:18:39 +01:00