Commit Graph

1973 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
64be5de75f fusefrontend: allow slashes in xattr names
xattr names have fewer restrictions than file names,
relax the validation.

Fixes https://github.com/rfjakob/gocryptfs/issues/627
2021-12-19 14:43:56 +01:00
Jakob Unterwurzacher
eb42e54182 tlog: only enable color if both stderr and stdout are a terminal
This

    gocryptfs -init /does/not/exist 2> err.log

used to write escape codes into err.log. Stop doing that.
2021-12-11 15:37:13 +01:00
Jakob Unterwurzacher
a1f01419e2 tlog: respect NO_COLOR
Fixes https://github.com/rfjakob/gocryptfs/issues/617
2021-12-11 15:35:01 +01:00
Jakob Unterwurzacher
bd1ecf5379 darwin: use O_NOFOLLOW for xattr opens
Running the tests we have lots of these:

Openat: O_NOFOLLOW missing: flags = 0x4
-wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4
panic: -wpanic turns this warning into a panic: Openat: O_NOFOLLOW missing: flags = 0x4

goroutine 114 [running]:
log.(*Logger).Panic(0x14000118280, {0x14000313ca8, 0x1, 0x1})
	log/log.go:224 +0x90
github.com/rfjakob/gocryptfs/v2/internal/tlog.(*toggledLogger).Printf(0x14000076780, {0x1009dc2e8, 0x27}, {0x14000313d18, 0x1, 0x1})
	github.com/rfjakob/gocryptfs/v2/internal/tlog/log.go:78 +0x168
github.com/rfjakob/gocryptfs/v2/internal/syscallcompat.Openat(0x9, {0x1009d0747, 0x1}, 0x4, 0x0)
	github.com/rfjakob/gocryptfs/v2/internal/syscallcompat/sys_common.go:59 +0xf0
github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).getXAttr(0x14000142000, {0x1400001c140, 0x3a})
	github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr_darwin.go:30 +0x8c
github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).Getxattr(0x14000142000, {0x100a7eba0, 0x1400000c2e8}, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000})
	github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node_xattr.go:65 +0x1ac
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).GetXAttr(0x1400008e140, 0x140001901e0, 0x140001133c0, {0x14000016348, 0x14}, {0x14000326000, 0x20, 0x4000})
	github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fs/bridge.go:685 +0x114
github.com/hanwen/go-fuse/v2/fuse.doGetXAttr(0x14000144000, 0x14000113200)
	github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/opcode.go:270 +0x224
github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0x14000144000, 0x14000113200)
	github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:499 +0x214
created by github.com/hanwen/go-fuse/v2/fuse.(*Server).loop
	github.com/hanwen/go-fuse/v2@v2.1.1-0.20210825171523-3ab5d95a30ae/fuse/server.go:470 +0xac

https://github.com/rfjakob/gocryptfs/issues/625
2021-12-09 17:55:05 +01:00
Jakob Unterwurzacher
a48d6c3041 test.bash, crossbuild: catch MacOS test build failures
Regression test for https://github.com/rfjakob/gocryptfs/issues/623

Fixes https://github.com/rfjakob/gocryptfs/issues/623
2021-12-08 18:53:15 +01:00
Jakob Unterwurzacher
ec186c13ce root_test, getdents-debug: restrict to linux
This does not work neither make sense on MacOS.
2021-12-08 18:50:42 +01:00
Jakob Unterwurzacher
7d60315cd5 tests: convert Creat() calls to Open()
Creat() is equivalent to Open(..., O_CREAT|O_WRONLY|O_TRUNC, ...)
and MacOS does not have syscall.Creat().

https://github.com/rfjakob/gocryptfs/issues/623
2021-12-08 18:49:21 +01:00
Jakob Unterwurzacher
de22cb1e5d crossbuild.bash: use shell function instead of variable
This will allow easy expansion of build steps.
2021-12-08 12:45:23 +01:00
Jakob Unterwurzacher
39e736c099 MANPAGE: fix typo 2021-12-04 12:37:12 +01:00
Jakob Unterwurzacher
8722b894a6 MANPAGE: -extpass: document dash duplication bug
Closes https://github.com/rfjakob/gocryptfs/issues/621
2021-12-04 12:34:29 +01:00
Jakob Unterwurzacher
d530fbd400 docs: names longer than 175 bytes (not 176) are stored in longnames
Quoting fusefrontend_reverse/node_helpers.go :

	// File names are padded to 16-byte multiples, encrypted and
	// base64-encoded. We can encode at most 176 bytes to stay below the 255
	// bytes limit:
	// * base64(176 bytes) = 235 bytes
	// * base64(192 bytes) = 256 bytes (over 255!)
	// But the PKCS#7 padding is at least one byte. This means we can only use
	// 175 bytes for the file name.

Noticed by @bailey27 at https://github.com/rfjakob/gocryptfs/issues/499#issuecomment-955790427
2021-11-01 14:44:32 +01:00
Jakob Unterwurzacher
87a6bb370a nametransform: fix math.MaxInt build failure on older Go
Failure is:

  # github.com/rfjakob/gocryptfs/v2/internal/nametransform
  internal/nametransform/names.go:47:33: undefined: math.MaxInt

math.MaxInt was only introduced in Go 1.17. Use MaxInt32 instead,
which is good enough, even on amd64. It only has to be larger than
any name we might encounter.
2021-10-21 16:44:05 +02:00
Jakob Unterwurzacher
d14c9340d6 cli: add -longnamemax
Fixes https://github.com/rfjakob/gocryptfs/issues/499
2021-10-21 15:58:19 +02:00
Jakob Unterwurzacher
d583bdb79e configfile: add LongNameMax support
Feature flag + numeric paramater

https://github.com/rfjakob/gocryptfs/issues/499
2021-10-21 14:55:30 +02:00
Jakob Unterwurzacher
dc32710045 nametransform: add longNameMax parameter
Determines when to start hashing long names instead
of hardcoded 255. Will be used to alleviate "name too long"
issues some users see on cloud storage.

https://github.com/rfjakob/gocryptfs/issues/499
2021-10-21 14:55:30 +02:00
Jakob Unterwurzacher
a652be805e configfile: replace broken switch/case logic with if
Because switch only matches once, we could have missed invalid
cases.

Replace the switch statements with a straight if rake.
2021-10-21 14:55:30 +02:00
Jakob Unterwurzacher
4ba0ced3c7 README: update changelog for v2.2.1 2021-10-20 15:16:31 +02:00
Jakob Unterwurzacher
b0bddc5ed0 github actions: fix allow_other failure
Jobs currently fail like this:

/usr/bin/fusermount: option allow_other only allowed if 'user_allow_other' is set in /etc/fuse.conf
fs.Mount failed: fusermount exited with code 256
--- FAIL: TestForceOwner (0.05s)
    main_test.go:438: mount failed: exit status 19
FAIL
FAIL	github.com/rfjakob/gocryptfs/v2/tests/defaults	1.584s
2021-10-15 22:01:52 +02:00
Charles Duffy
8ec872e330 fusefrontend: honor ForceOwner for LOOKUP and CREATE operations 2021-10-15 17:35:12 +02:00
Jakob Unterwurzacher
3b881b0174 tests: add TestForceOwner
https://github.com/rfjakob/gocryptfs/issues/609
https://github.com/rfjakob/gocryptfs/pull/610
2021-10-15 17:35:12 +02:00
Jakob Unterwurzacher
75cace0568 cryptocore: simplify declarations
Reported by codacity:

internal/cryptocore/cryptocore.go
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendAESSIV; it will be inferred from the right-hand side
var BackendAESSIV AEADTypeEnum = AEADTypeEnum{"AES-SIV-512", "Go", siv_aead.NonceSize}
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendXChaCha20Poly1305; it will be inferred from the right-hand side
var BackendXChaCha20Poly1305 AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "Go", chacha20poly1305.NonceSizeX}
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendXChaCha20Poly1305OpenSSL; it will be inferred from the right-hand side
var BackendXChaCha20Poly1305OpenSSL AEADTypeEnum = AEADTypeEnum{"XChaCha20-Poly1305", "OpenSSL", chacha20poly1305.NonceSizeX}
Found 2 possible new issues
internal/cryptocore/cryptocore.go
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendOpenSSL; it will be inferred from the right-hand side
var BackendOpenSSL AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "OpenSSL", 16}
Minor icon MINOR
Code Style
should omit type AEADTypeEnum from declaration of var BackendGoGCM; it will be inferred from the right-hand side
var BackendGoGCM AEADTypeEnum = AEADTypeEnum{"AES-GCM-256", "Go", 16}
2021-09-28 18:35:37 +02:00
Jakob Unterwurzacher
5406284b9b build.bash: also try BSD date syntax for converting SOURCE_DATE_EPOCH
GNU date syntax does not work on macos.

Fixes https://github.com/rfjakob/gocryptfs/issues/570
2021-09-28 18:17:58 +02:00
Jakob Unterwurzacher
e8e3598284 -init: suggest xchacha if we don't have AES accel
Example on Raspberry Pi 4:

$ ./gocryptfs/gocryptfs -init $(mktemp -d)
Notice: Your CPU does not have AES acceleration. Consider using -xchacha for better performance.
Choose a password for protecting your files.
Password:

https://github.com/rfjakob/gocryptfs/issues/607
2021-09-28 18:09:31 +02:00
Jakob Unterwurzacher
c8996d2664 -info: add contentEncryption
Example:

$ ./gocryptfs -info ./tests/example_filesystems/v2.2-xchacha/
Creator:           gocryptfs v2.1-27-gabaa129-dirty.xchacha
FeatureFlags:      HKDF XChaCha20Poly1305 DirIV EMENames LongNames Raw64
EncryptedKey:      64B
ScryptObject:      Salt=32B N=1024 R=8 P=1 KeyLen=32
contentEncryption: XChaCha20-Poly1305
2021-09-28 18:09:31 +02:00
Jakob Unterwurzacher
db1824a23a cryptocore: disentangle algorithm / library implementation name
Used in gocryptfs-xray, and will also be used in -info.
2021-09-28 18:09:31 +02:00
Jakob Unterwurzacher
5e67e183c0 README: set v2.2.0 release date 2021-09-25 16:45:36 +02:00
Jakob Unterwurzacher
eceeaaad1f README: make changelog entries subheadings
This allows to anchor-link in to each release.
2021-09-25 16:44:06 +02:00
Jakob Unterwurzacher
53d51acd2b README: release will be called v2.2.0 instead of v2.2
pkg.go.dev really wants that we want to comply with
https://golang.org/doc/modules/version-numbers .

Trying v2.2-beta1 as in

    https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2@v2.2-beta1

said "v2.2-beta1 is not a valid semantic version.".
2021-09-15 16:09:26 +02:00
Jakob Unterwurzacher
2d0ba24eca -speed: print cpu model
When somebody posts "gocryptfs -speed" results, they are
most helpful together with the CPU model. Add the cpu model
to the output.

Example:

$ ./gocryptfs -speed
gocryptfs v2.2.0-beta1-5-g52b0444-dirty; go-fuse v2.1.1-0.20210825171523-3ab5d95a30ae; 2021-09-14 go1.17.1 linux/amd64
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz; with AES acceleration
AES-GCM-256-OpenSSL       	 862.79 MB/s
AES-GCM-256-Go            	 997.71 MB/s	(selected in auto mode)
AES-SIV-512-Go            	 159.58 MB/s
XChaCha20-Poly1305-OpenSSL	 729.65 MB/s
XChaCha20-Poly1305-Go     	 843.97 MB/s	(selected in auto mode)
2021-09-14 18:58:22 +02:00
Jakob Unterwurzacher
61e37b2439 stupidgcm: add CpuHasAES()
Makes the code clearer, and will be used in the next commit.
2021-09-14 18:58:04 +02:00
Jakob Unterwurzacher
52b0444985 README: update example -speed output 2021-09-14 10:18:24 +02:00
Jakob Unterwurzacher
cdbc48fe29 -speed: drop useless tab at end of line 2021-09-14 10:15:18 +02:00
Jakob Unterwurzacher
d0cba59f6b README: highlight changes in v2.2, simplify pkg.go.dev link 2021-09-12 18:12:10 +02:00
Jakob Unterwurzacher
2a4380ac25 README: update changelog 2021-09-10 17:19:51 +02:00
Jakob Unterwurzacher
c9b825c58a inomap: deterministically set root device
We used to have "first Translate() wins". This is not deterministic,
as the LOOKUP for the root directory does not seem to reach us, so
the first user LOOKUP would win, which may be on a mountpoint.
2021-09-10 17:17:16 +02:00
Jakob Unterwurzacher
ee56103570 README: update changelog for v2.2-beta1 2021-09-10 12:22:02 +02:00
Jakob Unterwurzacher
a85e39f682 Update README & MANPAGE 2021-09-10 12:17:22 +02:00
Jakob Unterwurzacher
d023cd6c95 cli: drop -forcedecode flag
The rewritten openssl backend does not support this flag anymore,
and it was inherently dangerour. Drop it (ignored for compatibility)
2021-09-10 12:14:19 +02:00
Jakob Unterwurzacher
c974116322 test.bash: call out if build-without-openssl.bash failed
This can print out compile errors that are hard to understand
if you are not aware that it builds without_openssl.
2021-09-10 12:09:30 +02:00
Jakob Unterwurzacher
c50d67f103 profiling: accept parameters & show actual command lines 2021-09-10 11:51:41 +02:00
Jakob Unterwurzacher
ad21647f25 -speed: show which xchacha implementation is preferred 2021-09-08 20:46:52 +02:00
Jakob Unterwurzacher
2620cad0dc tests/matrix: test xchacha with and without openssl 2021-09-08 20:34:01 +02:00
Jakob Unterwurzacher
94e8004b6c Make -openssl also apply to xchacha
Now that stupidgcm supports xchacha, make it available
on mount.
2021-09-08 20:32:16 +02:00
Jakob Unterwurzacher
1a58667293 stupidgcm: add PreferOpenSSL{AES256GCM,Xchacha20poly1305}
Add PreferOpenSSLXchacha20poly1305,
rename PreferOpenSSL -> PreferOpenSSLAES256GCM.
2021-09-08 19:48:13 +02:00
Jakob Unterwurzacher
85c2beccaf stupidgcm: normalize constructor naming
New() -> NewAES256GCM()

Also add missing NewChacha20poly1305
constructor in without_openssl.go.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
f47e287c20 stupidgcm: revamp package documentation
Maybe interesting for people following
https://github.com/rfjakob/gocryptfs/issues/452
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
d598536709 stupidgcm: unexport stupidGCM struct
No need to have it exported.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
3a80db953d stupidgcm: allow zero-length input data
We used to panic in this case because it is useless.
But Go stdlib supports it, so we should as well.
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
738d5a2b3a stupidgcm: fix build with CGO_ENABLED=1 without_openssl
We missed some "// +build" lines
2021-09-07 18:15:04 +02:00
Jakob Unterwurzacher
d9510d0c0b stupidgcm: NewChacha20poly1305: avoid slice append
I noticed that growslice() shows up in the cpuprofile.
Avoiding slice append for the private jey copy gives a 0.6% speedup:

gocryptfs/internal/speed$ benchstat old new
name             old time/op   new time/op   delta
StupidXchacha-4   5.68µs ± 0%   5.65µs ± 0%  -0.63%  (p=0.008 n=5+5)

name             old speed     new speed     delta
StupidXchacha-4  721MB/s ± 0%  725MB/s ± 0%  +0.63%  (p=0.008 n=5+5)
2021-09-07 18:14:58 +02:00