Jakob Unterwurzacher
874e4fb5e9
cryptocore: rename "BackendTypeEnum" -> "AEADTypeEnum"
...
There are two independent backends, one for name encryption,
the other one, AEAD, for file content.
"BackendTypeEnum" only applies to AEAD (file content), so make that
clear in the name.
2017-03-05 17:10:57 +01:00
Jakob Unterwurzacher
e032539e2c
cryptocore: use eme v1.1 interface
...
Version 1.1 of the EME package (github.com/rfjakob/eme) added
a more convenient interface. Use it.
Note that you have to upgrade your EME package (go get -u)!
2017-03-05 13:58:24 +01:00
Jakob Unterwurzacher
b2f154a9a9
tests: stop calling t.Fatal from example_test_helpers
...
Calling t.Fatal immeadiately aborts the test, which means the
filesystem will not get unmounted, which means test.bash will
hang.
2017-03-05 13:39:25 +01:00
Jakob Unterwurzacher
6465fa42a6
test.bash: execute build-without-openssl.bash instead of sourcing it
...
Sourcing the script breaks the "cd $(dirname $0)" logic in
build-without-openssl.bash.
2017-03-05 13:32:28 +01:00
Jakob Unterwurzacher
6cc0aebd71
configfile: define HKDF flag
2017-03-05 12:08:12 +01:00
Jakob Unterwurzacher
b2f3dbb8bd
fusefrontend: when chown'ing a directory, also chown its diriv
...
When filename encryption is active, every directory contains
a "gocryptfs.diriv" file. This file should also change the owner.
Fixes https://github.com/rfjakob/gocryptfs/issues/86
2017-03-02 19:12:21 +01:00
Jakob Unterwurzacher
b765cc526d
main: get rid of third open paniclog fd
...
We have it saved in Stderr and Stdout anyway, let's free this fd
number.
2017-03-02 19:12:21 +01:00
rfjakob
c304626a47
CLI_ABI: smaller markdown subheadings
...
The old ones were rendered by github almost as big as the parent headings.
2017-03-01 23:31:03 +01:00
Peter Reschenhofer
954aa169cc
Update README.md ( #85 )
...
Correcting year in changelog (1.2.1)
2017-02-28 13:59:33 +01:00
Jakob Unterwurzacher
8f51325116
README: update changelog for 1.2.1 release
2017-02-26 21:34:49 +01:00
Jakob Unterwurzacher
d2c0fae4f6
tests: somewhat support testing without openssl
...
You will still get lots of test error, but at least the tests
will run.
2017-02-26 19:53:29 +01:00
Jakob Unterwurzacher
98ecf1f074
MANPAGE: document "-speed"
2017-02-26 19:34:23 +01:00
Jakob Unterwurzacher
f2920f71e8
MANPAGE: document error code 12
2017-02-26 19:30:28 +01:00
Jakob Unterwurzacher
427c6c1719
exitcodes: define code 12 for "password incorrect"
2017-02-26 19:25:23 +01:00
Jakob Unterwurzacher
57612a278b
configfile: rename "kdf.go" -> "scrypt.go"
...
This really only handles scrypt and no other key-derivation functions.
Renaming the files prevents confusion once we introduce HKDF.
renamed: internal/configfile/kdf.go -> internal/configfile/scrypt.go
renamed: internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go
2017-02-25 18:51:17 +01:00
Jakob Unterwurzacher
a65965783a
stupidgcm: drop only external dependecy
...
This makes it easier to use the package in external projects.
See https://github.com/rfjakob/gocryptfs/issues/79
2017-02-24 09:46:10 +01:00
Jakob Unterwurzacher
43d6aa6677
speed: add benchmark.bash helper
2017-02-24 09:38:50 +01:00
Jakob Unterwurzacher
be19b91a52
README: fix typo and simplify MANPAGE text
2017-02-23 00:14:20 +01:00
Jakob Unterwurzacher
477071d673
speed: fix build for Go 1.4 and lower
...
Old Go versions miss cipher.NewGCMWithNonceSize, which causes:
internal/speed/speed.go:95: undefined: cipher.NewGCMWithNonceSize
2017-02-23 00:04:51 +01:00
Jakob Unterwurzacher
1e03e059fa
Implement "gocryptfs -speed"
...
A crypto benchmark mode like "openssl speed".
Example run:
$ ./gocryptfs -speed
AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode)
AES-GCM-256-Go 48.19 MB/s
AES-SIV-512-Go 37.40 MB/s
2017-02-22 23:56:34 +01:00
Jakob Unterwurzacher
b056776a01
tests: adapt dir overwrite test for Go 1.8
...
In Go 1.8, os.Rename refuses to overwrite an empty directory.
Switch to syscall.Rename, which still does the right thing.
2017-02-20 21:27:37 +01:00
Jakob Unterwurzacher
cb2d1fbcf8
Travis CI: also test with Go 1.8
...
(Currently failing the tests!)
2017-02-20 21:27:26 +01:00
Jakob Unterwurzacher
e406eb22ba
Get rid of remaining $GOPATH dependencies
2017-02-20 21:26:42 +01:00
Jakob Unterwurzacher
166c62fd21
build.bash: use $(go env GOPATH)
2017-02-20 21:26:18 +01:00
Jakob Unterwurzacher
1139c27c36
build.bash: deduplicate build call
2017-02-19 20:27:29 +01:00
Jakob Unterwurzacher
10361a907a
build.bash: GOPATH may be unset since Go v1.8. Handle it.
2017-02-19 20:14:46 +01:00
Jakob Unterwurzacher
7fbe69bfa6
tests.bash: OSX compat: use "flock -n" and skip openssl build
...
Mac OS X flock does not support "--nonblock", but does support "-n":
https://github.com/discoteq/flock/blob/master/man/flock.1.ronn
Skip the openssl build because it requires
1) openssl
2) fixing the import paths in gocryptfs
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-280464400
2017-02-17 19:43:16 +01:00
Jakob Unterwurzacher
07b4b9d60b
Travis: set clone depth to 100
...
Otherwise the build fails once you have more than 50 commits
since the last tag.
You'd get:
$ ./build.bash
fatal: No names found, cannot describe anything.
2017-02-16 21:24:33 +01:00
Jakob Unterwurzacher
62e7eb7d04
tests: reverse: check Access() call
2017-02-16 21:20:29 +01:00
Jakob Unterwurzacher
45c1ea499e
fusefrontend_reverse: handle .name files in Access()
...
These were currently passed to decryptPath() were it caused
a warning.
2017-02-16 21:16:42 +01:00
Jakob Unterwurzacher
55d0523dbe
tests: configfile: add missing newlines in verbose output
2017-02-16 19:45:20 +01:00
Jakob Unterwurzacher
0b19e637c9
tests: OSX compat: wrap Stat_t atime extract
...
Linux has st.Atim, st.Mtim,
OSX hat st.Atimespec, st.Mtimespec.
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:39:56 +01:00
Jakob Unterwurzacher
8bbc1038fe
syscallcompat: OSX compat: fix variable warnings
...
As suggested by
https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:23:17 +01:00
Jakob Unterwurzacher
b66d663ff8
tests: OSX compat: use "mount" command instead of /proc/mounts
...
Mac OS X does not have /proc.
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:13:03 +01:00
Jakob Unterwurzacher
e5bee6a6aa
tests: OSX compat: use OSX-style "stat -f"
...
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:10:36 +01:00
Jakob Unterwurzacher
9f6841373d
benchmarks: OSX compat: replace /usr/bin/time with bash builtin
...
On OSX, /usr/bin/time does not support "-f".
Reported in https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217 .
2017-02-16 19:01:24 +01:00
Jakob Unterwurzacher
ca5c06ef4e
tests: get rid of syscall.PathMax
...
Does not exist on OSX
Reported in https://github.com/rfjakob/gocryptfs/issues/15
2017-02-16 18:47:04 +01:00
Jakob Unterwurzacher
e6075ddf2e
README: also link to cppcryptfs
2017-02-16 18:37:12 +01:00
Jakob Unterwurzacher
f5bb7a37be
README: mention graphical interfaces
2017-02-16 18:36:16 +01:00
Jakob Unterwurzacher
bef27305bc
main: don't attempt lazy unmount on MacOSX
2017-02-15 23:20:41 +01:00
Jakob Unterwurzacher
6ac9dcaae0
tests: use fuse-unmount.bash
...
...instead of having separate compatability logic.
2017-02-15 23:13:33 +01:00
Jakob Unterwurzacher
ce2e610428
OSX compat: replace fusermount calls with fuse-unmount.bash
...
Mac OS X does not have fusermount and uses umount instead.
The fuse-unmount.bash calls the appropriate command.
2017-02-15 23:02:01 +01:00
Jakob Unterwurzacher
6be7808992
Add Mac OS X fusermount replacement script
2017-02-14 21:38:28 +01:00
Jakob Unterwurzacher
3784901fce
readpassword: limit password length to 1000 bytes
...
This used to hang at 100% CPU:
cat /dev/zero | gocryptfs -init a
...and would ultimately send the box into out-of-memory.
The number 1000 is chosen arbitrarily and seems big enough
given that the password must be one line.
Suggested by @mhogomchungu in https://github.com/rfjakob/gocryptfs/issues/77 .
2017-02-13 09:13:22 +01:00
Jakob Unterwurzacher
54caaf4b98
Add CLI ABI documentation
...
Closes https://github.com/rfjakob/gocryptfs/issues/77
2017-02-12 19:20:21 +01:00
Jakob Unterwurzacher
8adfbf2dc3
Check for trailing garbage after the password
...
From the comment:
// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
2dd90ac19c
readpassword: improve comment on readPasswordStdin
2017-02-12 13:55:30 +01:00
Jakob Unterwurzacher
1e9d735406
Document "--" to stop option parsing in help text + man page
2017-02-12 12:49:04 +01:00
Jakob Unterwurzacher
dc2dc9f88c
main: suggest "-q" to suppress master key message
...
If the user has already saved the master key and is not
aware of "-q" the master key needlessly ends up in the terminal
buffer.
Closes https://github.com/rfjakob/gocryptfs/issues/76
2017-02-12 12:23:16 +01:00
Jakob Unterwurzacher
357307cbcf
tests: ctlsock: check warning for non-canonical paths
2017-02-12 12:22:25 +01:00