Jakob Unterwurzacher
35bcc2dca2
reverse: transform long names in OpenDir
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
b34a665da4
nametransform: implement ReadDirIV without Openat
...
As ReadDirIV operates on a path anyway, opening the directory
has no clear safety advantage w.r.t. concurrent renames.
If the backing directory is a reverse-mounted gocryptfs filesystem,
each directory open is an OPENDIR, and this causes a full directory
read!
This patch improves the "ls -lR" performance of an
DIR --> gocryptfs-reverse --> gocryptfs
chain by a factor of ~10.
OPENDIR counts for ls -lR:
Before 15570
After 2745
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
01c18dbcab
nametransform: return EINVAL on invalid padding
...
With the generic fmt.Errorf we trigger a warning from go-fuse:
2016/09/21 21:42:31 can't convert error type: Invalid padding
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d76e7aadb4
reverse: use dynamic inode numbers
...
...with stable mappings for hard-linked files.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
5f726aaa9d
contentenc: add GCM-SIV support
...
Also add ReverseDummyNonce nonce generation.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
90f0bdc224
main: init: refuse overwriting .gocryptfs.reverse.conf
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
7f87ed78f2
cryptocore: add support for GCM-SIV
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d1762c5b95
reverse: fix GetAttr for gocryptfs.conf
...
And also don't return the encrypted version of
.gocryptfs.reverse.conf in readdir.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
5fb6c5cf58
reverse: enable init functionality
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
72efa5c9b1
main: move initDir into its own file
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
9ad49088fa
main: add explicit exit after forkChild
...
Trying to make it more obvious what is happening.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d9db75ebd2
main: factor out cli arg parsing
...
The main function has gotten way too big.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
3d59c7dd6a
reverse: add gocryptfs.conf passthrough
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
1932248446
reverse: get rid of debug message
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
ce22ab36e1
reverse: gocryptfs.diriv content was generated from wrong path
...
Should be derived from the directory name only.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
7faa267bd4
reverse: rename readFile to clearer readBackingFile
...
Also refactor the header generation for nicer code.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
be9dfe3a89
reverse: implement dynamic diriv
...
Introduce a unique per-directory diriv that is generated
by hashing the encrypted directory path.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
10f38e8870
reverse: generate file header for Read()
...
Also create virtual gocryptfs.diriv entries (no content yet).
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
ac1221395e
nametransform: export DirIVLen constant
...
Will be needed by reverse mode.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
e42ab3908d
reverse: print value in file offset panic
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
a34b447ad1
reverse: let the kernel enforce read-only mode
...
... and print a warning that reverse mode is experimental
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
777eb8e62f
reverse: rename types to reverseXYZ
...
...to prevent confusion with the forward variants.
FS -> reverseFS
file -> reverseFile
Also add an incomplete read implementation.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
5931eea387
contentenc: add helpers for reverse mode
...
Add the reverse variant of DecryptBlocks etc:
* EncryptBlocks
* JointPlaintextRange
* ExplodeCipherRange
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
1d4c6288f2
main: initial support for reverse mode
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
1d62086742
conentenc: handle zero-sized files in PlainSizeToCipherSize
...
Previously caused an integer underflow.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
9237b4f53e
reverse: add skeleton
...
Compiles but does not do much else.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
f6d4d240e6
tests: skip the nanosecond compare for now
2016-09-25 16:42:29 +02:00
Jakob Unterwurzacher
fca1b82417
fusefrontend: relay Utimens to go-fuse
...
Commit af5441dcd9
has caused a
regression ( https://github.com/rfjakob/gocryptfs/issues/35 )
that is fixed by this commit.
The go-fuse library by now has all the syscall wrappers in
place to correctly handle Utimens, also for symlinks.
Instead of duplicating the effort here just call into go-fuse.
Closes #35
2016-09-25 16:30:29 +02:00
Jakob Unterwurzacher
8f1e51789d
tests: set the times on a symlink
...
This currently fails as reported in
https://github.com/rfjakob/gocryptfs/issues/35 .
Also remove the spurious sleep in the test.
2016-09-25 16:17:26 +02:00
Jakob Unterwurzacher
af5441dcd9
fusefrontend: use NsecToTimespec() for Utimens
...
This fixes a build problem on 32-bit hosts:
internal/fusefrontend/file.go:400: cannot use a.Unix() (type int64) as
type int32 in assignment
internal/fusefrontend/file.go:406: cannot use m.Unix() (type int64) as
type int32 in assignment
It also enables full nanosecond timestamps for dates
after 1970.
2016-08-09 22:18:46 +02:00
Jakob Unterwurzacher
fc0de96763
tests: add TestUtimesNano
...
Make sure setting nanoseconds works by path and fd.
2016-08-09 22:10:25 +02:00
Jakob Unterwurzacher
7395b8e990
cryptocore: comment why 96-bit IVs are still supported
2016-07-31 13:36:38 +02:00
Jakob Unterwurzacher
02aab5d21f
Drop obsolete .drone.yml
...
Drone CI may make sense in the future when I set up a private
instance that supports FUSE, but for now it provides no advantages
to Travis CI.
2016-07-21 21:33:10 +02:00
Jakob Unterwurzacher
2e519b9609
Update README for v1.0
2016-07-17 12:19:50 +02:00
Jakob Unterwurzacher
0a3225b1eb
tests: add RSS tracking to extractloop
...
This obsoletes loopback-mem.bash.
2016-07-16 21:20:54 +02:00
Jakob Unterwurzacher
6b50f2debc
tests: factor out fs-agnostic benchmark script
...
"canonical-benchmarks.bash TESTDIR"
can now be used on any filesystem.
2016-07-16 18:08:01 +02:00
Jakob Unterwurzacher
d3940c6263
tests: add maxlen.bash helper
...
Simple script that finds out the maximum supported filename
length.
2016-07-16 14:10:17 +02:00
Jakob Unterwurzacher
e98c51afd6
tests: add loopback-mem script
...
Helps to find memory leaks in go-fuse's loopback, which
gocryptfs builds upon.
2016-07-14 09:26:00 +02:00
Jakob Unterwurzacher
09c16ed2a7
tests: extractloop: add loopback support
...
loopback is an example app that comes with the go-fuse lib.
It uses all the same APIs as gocryptfs, minus the encryption.
2016-07-12 08:30:29 +02:00
Jakob Unterwurzacher
cf742f4e8b
tests: add encfs support to benchmark.bash and extractloop.bash
...
Pass "-encfs" to test encfs instead of gocryptfs.
2016-07-11 22:10:41 +02:00
Jakob Unterwurzacher
63def5df5d
tests: matrix: print name in verbose output
2016-07-11 21:42:40 +02:00
Jakob Unterwurzacher
df17f1d702
tests: add verbose output when unmounting
2016-07-11 20:41:53 +02:00
Jakob Unterwurzacher
1c54fcd04b
tests: use unmount wrapper in ResetTmpDir
...
This should make it work on OSX.
Also, split unmount into two functions. Depending on what you
want,
* UnmountErr returns the resulting error
* UnmountPanic panics if the error was not nil
2016-07-11 20:41:16 +02:00
rfjakob
621cbad5e1
README: Fix ticket #15 copy-paste errors
...
Thanks to @spaghetti2514 for noticing.
2016-07-10 12:16:55 +02:00
Jakob Unterwurzacher
e8a234f658
Add godoc comments to all internal packages
2016-07-06 21:51:25 +02:00
Jakob Unterwurzacher
a36b4c1b43
README: update for 1.0-rc1
2016-07-06 21:26:57 +02:00
Jakob Unterwurzacher
7f3ede473e
tests: fix shadow warning
...
"go tool vet -shadow=true" complained about the md5 package
being shadowed by variables called "md5".
Fix by using the Md5hex helper and dropping the md5 import.
2016-07-06 21:06:42 +02:00
Jakob Unterwurzacher
9d17fdb206
tests: OSX: cast st.Blksize to int64
...
On Linux, Blksize is already int64. But on OSX
it is int32 and that caused a compile failure.
https://github.com/rfjakob/gocryptfs/issues/15
2016-07-04 08:22:05 +02:00
Jakob Unterwurzacher
603e144f5e
prefer_openssl: OSX: get rid of /proc warnings
...
OSX does not have /proc/cpuinfo, but let's not warn
the user about it.
2016-07-04 08:19:26 +02:00
Jakob Unterwurzacher
52655843ab
stupidgcm: use __builtin_trap()
...
[...]/stupidgcm/locking.go:16:2:
warning: indirection of non-volatile null pointer will
be deleted, not trap [-Wnull-dereference]
[...]/stupidgcm/locking.go:16:2:
note: consider using __builtin_trap() or qualifying
pointer with 'volatile'
https://github.com/rfjakob/gocryptfs/issues/15
2016-07-04 08:14:24 +02:00