6c172dcb02
test-without-openssl: accept extra args
...
Accept extra args, like test.bash does.
2018-03-05 21:46:33 +01:00
aa65091bb9
macos: skip TestUtimesNanoSymlink early
...
Gets rid of the touch error message upon running the tests.
2018-03-05 21:36:16 +01:00
b820fa691d
macos: adjust TestTooLongSymlink length for darwin
...
Limit is much lower than on linux
2018-03-05 21:23:57 +01:00
7db5395c53
macos: fix second TestEmulateSymlinkat test failure
2018-03-05 21:20:07 +01:00
3860a82c21
test.bash: skip flock if not available
...
MacOS does not have it installed by default.
2018-03-05 21:11:46 +01:00
29496baa70
MacOS: skip TestUtimesNanoSymlink and TestUtimesNanoFd
...
These cannot work on MacOS.
2018-02-28 20:48:33 +01:00
c5243fc79e
MacOS: don't test symlinks longer than 1000 bytes
...
The limit is much lower than on Linux.
https://github.com/rfjakob/gocryptfs/issues/213
2018-02-28 20:40:08 +01:00
90f2fea7fb
MacOS: fix TestEmulateSymlinkat test failure
...
On MacOS, symlinks don't have their own permissions,
so don't check for them.
2018-02-28 20:19:31 +01:00
48d5f10c79
test_helpers: use an intermediate pipe for subprocess stdout
...
To Go test logic waits for stderr and stdout to close, so
when we share it with a subprocess, it will wait for it to
exit as well.
We don't want the tests to hang when the unmount fails.
Seen on MacOS as reported at
https://github.com/rfjakob/gocryptfs/issues/213
2018-02-28 20:03:54 +01:00
b96e3ee271
tlog: stop embedding log.Logger to prevent mistakes
...
A few places have called tlog.Warn.Print, which directly
calls into log.Logger due to embedding, losing all features
of tlog.
Stop embedding log.Logger to make sure the internal functions
cannot be called accidentially and fix (several!) instances
that did.
2018-02-28 09:02:18 +01:00
ac8f8bf432
travis ci: switch to "1.10.x" notation
...
"1.10" does not work as expected because it
is parsed as a floating point number:
https://github.com/travis-ci/travis-ci/issues/9247
Added benefit is that we always get the latest point
release.
2018-02-27 18:01:24 +01:00
7f6e4ba47a
travis ci: run on Go 1.10
2018-02-27 09:59:09 +01:00
db45f27671
ctlsock: don't Warn() on closed socket
...
This Warn() is causing panics in the test suite
on MacOS: https://github.com/rfjakob/gocryptfs/issues/213
2018-02-27 09:58:14 +01:00
5fcfd30ddc
test.bash: disable result caching
...
Go 1.10 has introduced test result caching and
enabled it by default.
This does not work properly for our integration
tests because they test the compiled binary and
do not have a source level dependency on the
gocryptfs code.
Disable caching.
2018-02-26 23:26:57 +01:00
1ec5ccddd4
update description of link to cppcryptfs project
2018-02-22 15:50:36 +01:00
5ad9bda206
cryptocore: make AEADTypeEnum values explicit
...
We now print the number in a debug message, so define
the numeric values explicitely instead of using iota.
This way you don't have to understand how iota works
to find out what the number means. Lack of understanding
of how iota works is also the reason why the numbers
start at 3 (to keep the current behavoir).
2018-02-18 16:20:38 +01:00
6c6947126d
cryptocore: zero derived keys
...
Zero the HKDF-derived keys when we don't need them
anymore, and let the variable run of of scope.
https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 16:07:09 +01:00
344d7e0a6f
siv_aead: create private key copy and implement wiping
...
Having a private copy relieves the caller from worrying about
whether he can zero his copy. The copy can be cleared by
calling Wipe().
2018-02-18 16:01:46 +01:00
adf7d75d31
main: changePassword: zero masterkey
...
Overwrite the masterkey with zeros once we
have encrypted it, and let it run out of scope.
Also get rid of the password duplicate in
readpassword.Twice.
2018-02-18 15:36:14 +01:00
2cf050d69e
main: zero password once we are done with it
...
Overwrite the password we have got from the user
with zeros once we don't need it anymore, and make
sure the variable runs out of scope.
2018-02-18 15:22:22 +01:00
3b8f5cbb17
readpassword: convert from string to []byte
...
This will allows us to overwrite the password
with zeros once we are done with it.
https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 14:26:54 +01:00
14c063428d
main: doMount: use a deferred function for wipeKeys
...
Also drop the unused int return.
2018-02-18 12:55:20 +01:00
5b5c7a0a5d
main: overwrite keys and let them run out of scope
...
As soon as we don't need them anymore, overwrite
keys with zeros. Make sure they run out of scope
so we don't create a risk of inadvertedly using
all-zero keys for encryption.
https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 12:42:22 +01:00
bd78b44389
cryptocore, main: add two comments
...
While reading the code, I had to think about what it
does, so add a comment that explains it.
2018-02-18 12:41:11 +01:00
0efd220d1e
configfile: overwrite and let keys run out of scope
...
As soon as we don't need them anymore, overwrite
keys with zeros and make sure they run out of scope
so we don't create a risk of inadvertedly using all-zero
keys for encryption.
https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 12:39:44 +01:00
72ddbae1e6
stupidgcm: create private copy of the key
...
Relieves the caller from worrying about whether they
can overwrite the key.
2018-02-18 12:35:51 +01:00
18f6c6106c
main: try to wipe cryptocore's secret keys on unmount
...
Raise the bar for recovering keys from memory.
https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 11:39:10 +01:00
719693ec5d
fusefrontend[_reverse]: move crypto init up to caller
...
Both fusefrontend and fusefrontend_reverse were doing
essentially the same thing, move it into main's
initFuseFrontend.
A side-effect is that we have a reference to cryptocore
in main, which will help with wiping the keys on exit
(https://github.com/rfjakob/gocryptfs/issues/211 ).
2018-02-18 11:21:58 +01:00
eeed4b4bef
stupidgcm: implement key wipe
...
Not bulletproof due to possible GC copies, but
still raises to bar for extracting the key.
https://github.com/rfjakob/gocryptfs/issues/211
2018-02-17 15:14:55 +01:00
7e0fefe970
stupidgcm: switch to pointer receivers
...
What the key slice does not get copied around
will make it possible to check if the key has been wiped.
2018-02-17 15:02:01 +01:00
a3694e0c07
benchmark.bash: print tested version
2018-02-06 23:03:07 +01:00
a624aab8a1
README: Mention min required Go version
2018-02-05 22:24:51 +01:00
8151222ada
gccgo: skip emulateGetdents on linux
...
The test is known to fail on gccgo
(https://github.com/rfjakob/gocryptfs/issues/201 ), but
getdents emulation is not used on linux, so let's skip
the test and ignore the failure.
2018-02-04 21:14:12 +01:00
bf2f9640c4
Fix spelling ( #205 )
2018-02-04 20:38:22 +01:00
5b986288cf
Fix assignment error in Unix2syscall by converting Timespec into Nsec ( #203 )
...
$ go.gcc build
# github.com/rfjakob/gocryptfs/internal/syscallcompat
internal/syscallcompat/unix2syscall_linux.go:32:13: error: incompatible types in assignment (cannot use type int64 as type syscall.Timespec_sec_t)
s.Atim.Sec = u.Atim.Sec
^
2018-02-03 13:42:49 +01:00
866e850842
MANPAGE: improve markdown rendering
...
The man page is rendered on github at
https://github.com/rfjakob/gocryptfs/blob/master/Documentation/MANPAGE.md .
Improve formatting a little.
2018-02-03 13:39:07 +01:00
9f8d0d8e57
gccgo: replace syscall.NAME_MAX with unix.NAME_MAX
...
For some reason the syscall.NAME_MAX constant does not exist
on gccgo, and it does not hurt us to use unix.NAME_MAX instead.
https://github.com/rfjakob/gocryptfs/issues/201
2018-02-01 23:50:11 +01:00
26ba8103bf
syscallcompat: switch from syscall.Getdents to unix.Getdents
...
On mips64le, syscall.Getdents() and struct syscall.Dirent do
not fit together, causing our Getdents implementation to
return garbage ( https://github.com/rfjakob/gocryptfs/issues/200
and https://github.com/golang/go/issues/23624 ).
Switch to unix.Getdents which does not have this problem -
the next Go release with the syscall package fixes is too
far away, and will take time to trickle into distros.
2018-01-31 18:59:10 +01:00
b611e01035
Update deps
2018-01-31 18:57:41 +01:00
8afcb43b83
added usage of reverse mode to README
2018-01-28 15:40:20 +01:00
f3838c09d8
syscallcompat: hardcode maxReclen = 280 for all architectures
...
Due to padding between entries, it is 280 even on 32-bit architectures.
See https://github.com/rfjakob/gocryptfs/issues/197 for details.
2018-01-25 22:22:13 +01:00
b318572312
syscallcompat: fix reversed warning output
...
We used to print somewhat strange messages:
Getdents: corrupt entry #1 : Reclen=276 > 280. Returning EBADR
Reported at https://github.com/rfjakob/gocryptfs/issues/197
2018-01-25 21:42:15 +01:00
163964b090
Update README.md
...
README: add missing word
2018-01-25 21:35:57 +01:00
ea51837361
fusefrontend: drop unused haveGetdents warning
...
We don't actually print that warning anymore.
2018-01-25 09:06:06 +01:00
de878a3346
syscallcompat: explain why we don't use syscall.ParseDirent()
...
syscall.ParseDirent only returns the NAMES, we want
everything.
2018-01-25 08:43:30 +01:00
7015a6ebfb
Documentation: update xfstests output
...
Also update the v1.4.3 release date to today.
The release was delayed one day.
2018-01-21 20:49:17 +01:00
991708af01
Documentation: add extractloop example output
2018-01-21 20:04:37 +01:00
f63ce35b3d
Update changelog for 1.4.3
2018-01-20 14:27:03 +01:00
735b92c48b
Travis CI: also build with vendored dependencies
2018-01-20 13:49:20 +01:00
6d46c4f31c
dep: update dependencies
...
We needed a newer version of x/sys/unix to compile,
and we want the fixes in go-fuse.
2018-01-20 13:49:20 +01:00
Jakob Unterwurzacher