3d59a72ba9
Drop deprecated "-emenames" option
...
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:56:50 +02:00
b17f0465c7
Drop deprecated "-diriv" option
...
The DirIV feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:38:59 +02:00
f0b4d2354d
Refuse mounting of v0.6 and older filesystems
2016-06-19 20:01:04 +02:00
1dcafb99ff
main: drop "on-disk format" from -version output, add Go version
...
As v0.4 introduced ext4-style feature flags, the on-disk format version
is unlinkely to change. Drop it from the version output to reduce
clutter. Use "gocryptfs -version -debug" to see it.
Add the Go version string because only Go 1.6 and newer have an optimized
AES-GCM implementation. This will help users to understand the performance
of their build.
2016-06-19 19:33:15 +02:00
cc2a75b050
Mount v0.6 and older filesystems as read-only
...
This is part of the phase-out of very old filesystems.
See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for
more info.
2016-06-16 23:23:09 +02:00
82d87ff8ed
Add "-ro" (read-only) flag
...
From the man page:
**-ro**
: Mount the filesystem read-only
Also add a test.
2016-06-16 21:29:22 +02:00
6c3f97399a
Rename internal "toggledlog" package to "tlog"
...
tlog is used heavily everywhere and deserves a shorter name.
Renamed using sed magic, without any manual rework:
find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
2016-06-15 23:30:44 +02:00
09e88f31d1
toggledlog: assume command of color handling
...
We want to use colored error messages also outside of main,
so let's handle it in the logging package.
The fatal logger now automatically prints red.
2016-06-15 23:17:51 +02:00
c89455063c
readpassword: create internal package for password reading
...
* Supports stdin
* Add tests for extpass and stdin
As per user request at https://github.com/rfjakob/gocryptfs/issues/30
2016-06-15 22:44:24 +02:00
393e531afd
Fix warnings reported by Go 1.6 "go tool vet -shadow=true"
...
Warnings were:
main.go:234: declaration of err shadows declaration at main.go:163:
internal/fusefrontend/file.go:401: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
internal/fusefrontend/file.go:419: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
internal/fusefrontend/fs_dir.go:140: declaration of err shadows declaration at internal/fusefrontend/fs_dir.go:97:
2016-06-14 22:46:23 +02:00
0c80cca674
toggledlog: convert remaing naked fmt.Print*
...
Several fatal errors were just printed to stdout, which
meant they were invisible when running the test suite.
Fix this by introducing toggledlog.Fatal and convert as
follows:
Fatal errors -> toggledlog.Fatal
Warnings -> toggledlog.Warn
Password prompts -> fmt.Fprintf
2016-06-05 14:32:07 +02:00
ca54b665e3
main: print actual error from LoadConfFile()
...
It may not have been a "Wrong password" after all.
Also, push down disabling the warning so LoadConfFile() can
warn about things that matter.
2016-06-05 13:44:22 +02:00
b97268c948
configfile: bake the "Creator" gocryptfs version into the file
...
This field is added for the convenience of users and
may help them to identify which gocryptfs version
they need to mount a filesystem.
The same information is essentially contained in FeatureFlags,
but this is more difficult to decode for humans.
It is completely ignored programmatically (also by older gocryptfs
versions).
2016-06-05 11:40:13 +02:00
281bb8daf0
main: don't tell the user to choose a password when -extpass is used
...
Instead, print this:
Using password provided via -extpass.
2016-06-04 15:24:42 +02:00
2e2ee0a038
main: print relative path in the init success message
...
... but only if the relative path does not start with "..".
Makes the message easier to grasp. Example:
$ gocryptfs -init -scryptn=10 v0.9
[...]
The filesystem has been created successfully.
Before:
You can now mount it using: gocryptfs /home/jakob/src/github.com/rfjakob/gocryptfs/integration_tests/example_filesystems/v0.9 MOUNTPOINT
After:
You can now mount it using: gocryptfs v0.9 MOUNTPOINT
2016-06-04 15:04:57 +02:00
80b027f830
nametransform, main: better error messages
2016-06-01 20:07:43 +02:00
e7f78135b3
Add "-allow_other" command-line option
...
As requested in https://github.com/rfjakob/gocryptfs/issues/26 ,
this adds the option to allow other users to access the filesystem.
2016-05-18 19:30:05 +02:00
49b597f07c
prefer_openssl: autodetect whether to use OpenSSL or Go GCM
...
Go GCM is faster than OpenSSL if the CPU has AES instructions
and you are running Go 1.6+.
The "-openssl" option now defaults to "auto".
"gocryptfs -debug -version" displays the result of the autodetection.
See https://github.com/rfjakob/gocryptfs/issues/23 for details and
benchmarks.
2016-05-12 00:42:42 +02:00
36c1039228
build.bash: bake the go-fuse commit hash into the binaries
2016-04-10 23:16:09 +02:00
bd5405189e
Fix "go tool vet -shadow=true" warnings
...
Among those one real bug.
2016-04-10 21:31:15 +02:00
3a4922b5d7
Add tests for long name creation and renaming (currently failing, obviously)
2016-02-07 10:55:13 +01:00
e111e20649
longnames part I: Create and OpenDir work with long filenames > 176 bytes
...
Todo: Rename, Unlink, Rmdir, Mknod, Mkdir
2016-02-06 22:54:14 +01:00
c74772bc8d
Run go fmt
2016-02-06 20:23:36 +01:00
9078a77850
Move pathfs_frontend to internal/fusefrontend
...
"git status" for reference:
renamed: pathfs_frontend/args.go -> internal/fusefrontend/args.go
renamed: pathfs_frontend/compat_darwin.go -> internal/fusefrontend/compat_darwin.go
renamed: pathfs_frontend/compat_linux.go -> internal/fusefrontend/compat_linux.go
renamed: pathfs_frontend/file.go -> internal/fusefrontend/file.go
renamed: pathfs_frontend/file_holes.go -> internal/fusefrontend/file_holes.go
renamed: pathfs_frontend/fs.go -> internal/fusefrontend/fs.go
renamed: pathfs_frontend/fs_dir.go -> internal/fusefrontend/fs_dir.go
renamed: pathfs_frontend/names.go -> internal/fusefrontend/names.go
renamed: pathfs_frontend/write_lock.go -> internal/fusefrontend/write_lock.go
modified: main.go
2016-02-06 19:27:59 +01:00
2b8cbd9441
Major refactoring: Split up "cryptfs" into several internal packages
...
"git status" for reference:
deleted: cryptfs/cryptfs.go
deleted: cryptfs/names_core.go
modified: integration_tests/cli_test.go
modified: integration_tests/helpers.go
renamed: cryptfs/config_file.go -> internal/configfile/config_file.go
renamed: cryptfs/config_test.go -> internal/configfile/config_test.go
renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore
renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf
renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf
renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf
renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf
renamed: cryptfs/kdf.go -> internal/configfile/kdf.go
renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go
renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go
new file: internal/contentenc/content_api.go
renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go
renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go
renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go
renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go
new file: internal/cryptocore/crypto_api.go
renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go
renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go
renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go
renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go
renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash
renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go
new file: internal/nametransform/name_api.go
new file: internal/nametransform/names_core.go
renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go
renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go
renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go
new file: internal/nametransform/pad16.go
renamed: cryptfs/log.go -> internal/toggledlog/log.go
renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go
renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go
modified: main.go
modified: masterkey.go
modified: pathfs_frontend/file.go
modified: pathfs_frontend/file_holes.go
modified: pathfs_frontend/fs.go
modified: pathfs_frontend/fs_dir.go
modified: pathfs_frontend/names.go
modified: test.bash
2016-02-06 19:22:35 +01:00
6454db68d9
Add new "-wpanic" option and enable it for the automated tests
2016-01-31 18:09:39 +01:00
9ecb489c66
Allow "-d" as an alis for "-debug", and "-quiet" as an alias for "-q"
2016-01-24 18:20:04 +01:00
523e430685
Add "-nosyslog" options
...
Also, actually redirect Warn and Debug as well.
2016-01-24 18:10:18 +01:00
1030522fe6
Suppress password prompt when using -extpass
...
Also, add color to the error messages.
2016-01-23 20:18:39 +01:00
2e419e635f
Remove last SetOutput from generic code
2016-01-22 21:49:56 +01:00
cec2da3e33
Add "-memprofile" option
2016-01-21 23:55:37 +01:00
d163169655
Wrap Logger to make disabling output more efficient
...
Instead of using SetOutput(ioutil.Discard), which means
that Printf is still called for every debug message,
use a simple and fast boolean check.
Streaming write performance improves from 86 to 93 MB/s.
2016-01-21 22:59:11 +01:00
9bab220a1b
Switch to syslog when running in the background
2016-01-20 22:31:15 +01:00
17f0eb1339
Convert logging to standard Go log.Logger
...
This is in preparation of logging to syslog.
2016-01-20 20:57:00 +01:00
1936de783f
Color for the "init success" message
2016-01-04 20:55:25 +01:00
ad00ba38e5
Colorize output
2015-12-19 15:46:19 +01:00
1caa925868
Increase GCM IV size from 96 to 128 bits
...
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
2015-12-19 15:02:29 +01:00
e99e841713
Rmdir: handle creating and removing unreadable directories
...
This patch also splits off Mkdir and Rmdir into its own file.
Fixes issue #8 , thanks to @diseq for the bug report.
2015-12-11 20:02:12 +01:00
b4b9072cc2
Simplify CreateConfFile: do not allow specification of EMENames
2015-12-10 19:38:02 +01:00
ccf6d00728
Add missing PlaintextNames checks in OpenDir, Mkdir, Rmdir, initDir
...
Plaintextnames support has bitrotted during the DirIV additions,
this needs test cases. Will be added in a future patch.
Fixes issue #9 .
2015-12-10 01:12:05 +01:00
c6dacd6f91
Add EME filename encryption & enable it by default
2015-12-08 16:17:04 +01:00
71b94828ed
init: create gocryptfs.diriv after creating gocryptfs.conf
...
Creating the config file can fail easily, for example if the
password is not entered the same twice. This would leave an
orphaned gocryptfs.diriv behind.
2015-12-06 14:24:45 +01:00
ce42a6f23d
Run go fmt
2015-11-29 21:55:20 +01:00
6f764b3867
Handle all operations except mounting without forking a child
...
This saves 170ms for each start (why do we take 170ms to start up?)
and cuts down test time by 2 seconds.
2015-11-29 19:09:12 +01:00
bb116282b7
Add "-scryptn" option that sets the cost parameter for scrypt
...
Use that option to speed up the automated tests by 7 seconds.
Before:
ok github.com/rfjakob/gocryptfs/integration_tests 26.667s
After:
ok github.com/rfjakob/gocryptfs/integration_tests 19.534s
2015-11-29 18:53:40 +01:00
1fb349e97b
diriv: also support old CBC symlink
2015-11-28 18:39:45 +01:00
fe7355f9ee
diriv: use "DirIV" flag to discern and support mounting old filesystems
2015-11-28 18:38:06 +01:00
b3d96b6a20
main: pass args struct instead of having a huge function call
2015-11-27 22:30:38 +01:00
a04a92cdab
Run go fmt
2015-11-27 22:20:01 +01:00
6acd772cf9
diriv: Define "DirIV" feature flag
...
(unused so far)
2015-11-27 22:18:36 +01:00
4d466c3412
diriv: Create gocryptfs.diriv in every directory
2015-11-25 20:57:16 +01:00
df46548be6
Print newline after gocryptfs.conf not found error
2015-11-25 20:57:16 +01:00
09499be6e9
Move "Debug output enabled" after forkChild() to remove duplicate output
2015-11-15 13:56:01 +01:00
d95fc2333a
Add "-extpass" cli option and associated tests
2015-11-15 13:42:04 +01:00
066c2c90eb
MANPAGE: add "-config" flag
...
Also, "-plaintextnames" can be used with -zerokey.
Fix the incorrect description.
2015-11-14 21:31:39 +01:00
58592330dc
Refactor cli argument handling
...
Also, add the "-config" option for storing gocryptfs.conf
outside of CIPHERDIR.
2015-11-14 21:25:10 +01:00
6736212b29
README: add beta badge and update text
...
Also, improve the help text.
2015-11-14 19:15:51 +01:00
61aacb5c1b
Run go fmt and go vet
2015-11-14 17:16:17 +01:00
e43733ca0d
Also hide master key reminder with "-q"
...
Also fix missing newline after password prompt
2015-11-09 23:33:35 +01:00
51fcf61630
Use new arg "-notifypid" for more robust daemonization
...
No more string matching on the parent command line!
2015-11-09 23:33:35 +01:00
273d8086ae
cli: Create our own FlagSet so we can set the policy to ExitOnError
2015-11-09 23:33:29 +01:00
99dfc84992
Add "-q" (quiet) flag
2015-11-09 22:33:42 +01:00
765411cc70
tests: check that the filename encryption is working as expected
...
Also check that the "gocryptfs.conf" path filtering is working
as expected
2015-11-03 22:27:11 +01:00
3e367b29b0
config: Introduce ext4-style feature flags
...
// List of feature flags this filesystem has enabled.
// If gocryptfs encounters a feature flag it does not support, it will refuse
// mounting. This mechanism is analogous to the ext4 feature flags that are
// stored in the superblock.
FeatureFlags []string
2015-11-03 21:05:47 +01:00
1ec0fa388d
Update USAGE.txt
...
Also run go fmt
2015-11-03 00:06:04 +01:00
de56fe9e35
Implement PlainTextNames mode
...
Also, forbid access to "gocryptfs.conf" in the root dir.
2015-11-03 00:00:13 +01:00
0ec17c3939
Add "--plaintextnames" option
...
Also, gather all the command line arguments into an anonymous struct
"args".
2015-11-02 23:09:51 +01:00
a324407082
Fix three "golint" nitpicks
2015-11-02 22:51:12 +01:00
c272e3042f
Fix daemonization regression
...
Commit af923d2d16
2015-11-01 15:21:34 +01:00
3f490d4d86
Bake version string into binary, add "--version" switch
...
Example:
./gocryptfs -version
gocryptfs v0.2-20-gabcef9e-dirty; on-disk format 1
Note that you MUST compile using "./build.bash" for this to work.
2015-11-01 14:04:29 +01:00
af923d2d16
Automatically lazy-unmount when we get SIGINT or SIGTERM
...
This hides the dangling "Transport endpoint is not connected"
mountpoint for everyone but processes that have file open inside
the mountpoint.
2015-11-01 13:28:58 +01:00
e31d319c39
Remove code detected by "deadcode"
...
go get github.com/remyoudompheng/go-misc/deadcode
2015-11-01 12:32:10 +01:00
242fcd0736
Run gofmt
2015-10-11 18:51:56 +02:00
d1d444435c
main: check directories for existence early
...
This prevents that the user enters the password only to get an error
later.
2015-10-11 18:33:28 +02:00
14115b061b
Add native daemonization
2015-10-11 18:02:48 +02:00
39183bea00
Rename sendSig to sendUsr1
...
This matches waitForUsr1 in daemonize()
2015-10-11 18:01:47 +02:00
5dc7e44aa2
Move main files to top level dir
...
This is in preparation of getting rid of the shell wrapper
2015-10-11 17:14:18 +02:00
552c32c5e9
Move main binary to gocryptfs_main
...
That way the wrapper shell script can be named just "gocryptfs"
2015-10-05 20:32:10 +02:00
089629442d
Enable ClientInodes so hard links work
...
Fixes xfstests generic/002
2015-10-04 14:50:27 +02:00
89fef80d32
Run go fmt
2015-10-04 14:49:47 +02:00
5bd08abf40
Remove ClueFS frontend
...
Development has focused on PathFS for some time now and things are
working well.
2015-10-04 14:35:50 +02:00
7d666bd87d
Set Fileystem and Type values shown in "df -T" and friends
...
Filesystem is set to CIPHERDIR, Type is set to fuse.gocryptfs
2015-09-19 10:47:16 +02:00
8fe5ec7381
Add --cpuprofile flag
2015-09-18 22:14:07 +02:00
338925aef4
Set GOMAXPROCS = 4
...
Immediate speedup from 70MB/s to 80MB/s on streaming write.
Enables later parallelization.
2015-09-16 19:35:40 +02:00
0af3cfcac0
Fix symlink size reporting
2015-09-16 19:32:37 +02:00
3be2dfdf9d
Add "--zerokey" option to simplify testing and benchmarking
2015-09-15 23:59:57 +02:00
69b3d53f21
init: Check if dir is empty part II (done)
2015-09-14 22:56:59 +02:00
eee2c017dc
init: Check if dir is empty part I
2015-09-13 23:12:56 +02:00
d941b67df4
Implement password handling
2015-09-13 23:06:38 +02:00
6f9e90c414
Encrypt key with scrypt-hashed password
2015-09-13 22:09:38 +02:00
164739b655
Friendlier error message if gocryptfs.conf does not exist
2015-09-13 18:08:15 +02:00
4acaeb668e
Implement json config storage (not yet encrypted)
2015-09-13 17:55:07 +02:00
e7ba3c61f1
Fix File.GettAttr() size reporting
...
The too-large reported value broke mmap
(applications saw appended zero bytes)
Also
* Add locking for all fd operations
* Add "--debug" command line switch
2015-09-09 19:32:59 +02:00
80935a0e1b
Explain both frontends in readme
...
Also, re-enable openssl and disable debug messages so testing
gocryptfs is less painful
2015-09-08 23:09:28 +02:00
889ae90081
Add pathfs frontend (uses go-fuse instead of bazil-fuse), part I
...
Currently fails main_test.go, will be fixed in part II
2015-09-08 00:55:03 +02:00
af0ae03db2
Rename frontend to "cluefs_frontend"
...
Enables adding another frontend later
2015-09-07 21:10:42 +02:00
f2e2b81361
Add README.md
...
Also, run go fmt
2015-09-06 12:12:14 +02:00
5f4c9240ca
Add streaming read and write benchmarks
...
Run using
./main_benchmark.bash
Also, rewrite command line args handling
2015-09-06 11:42:01 +02:00
58d1e24b7c
Add OpenSSL support for file content encryption/decryption
...
This brings streaming read performance from 30MB/s to 81MB/s
(similar improvement for writes)
2015-09-06 10:42:34 +02:00
ad3a1a8899
Set readahead to 1MB
...
This bring streaming read performance from 12MB/s to 30MB/s
2015-09-06 09:47:27 +02:00
05a5c0a0ff
Wrap cluefs part I
2015-09-05 11:49:05 +02:00
6f90ec716a
Rebase to cluefs
...
https://github.com/airnandez/cluefs
2015-09-04 20:37:37 +02:00
6a110b8dde
Mounts and show an empty dir
2015-09-03 23:54:12 +02:00
4b98f74e3e
Builds and mounts
2015-09-03 19:27:07 +02:00
Jakob Unterwurzacher