Commit Graph

10 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
8fcd39a3b0 main: add "-fsck" flag
The fsck operation is not yet implemented, this commits
just adds the flag and improves cli flag handling.
2018-04-01 14:25:10 +02:00
Jakob Unterwurzacher
3b8f5cbb17 readpassword: convert from string to []byte
This will allows us to overwrite the password
with zeros once we are done with it.

https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 14:26:54 +01:00
Sebastian Lackner
f3c777d5ea main: Add '-devrandom' commandline option
Allows to use /dev/random for generating the master key instead of the
default Go implementation. When the kernel random generator has been
properly initialized both are considered equally secure, however:

* Versions of Go prior to 1.9 just fall back to /dev/urandom if the
  getrandom() syscall would be blocking (Go Bug #19274)

* Kernel versions prior to 3.17 do not support getrandom(), and there
  is no check if the random generator has been properly initialized
  before reading from /dev/urandom

This is especially useful for embedded hardware with low-entroy. Please
note that generation of the master key might block indefinitely if the
kernel cannot harvest enough entropy.
2017-11-21 23:37:06 +01:00
Jakob Unterwurzacher
318c41827c tests: check if we close stderr and stdout correctly on mount
Currently fails, as reported at
https://github.com/rfjakob/gocryptfs/issues/130 .
2017-07-24 00:05:29 +02:00
Jakob Unterwurzacher
18f354d84b main: password change: exit with code 12 on wrong password
We used to return code 8, now we return code 12 as documented in
the man page.

Also adds a test.
2017-05-14 13:14:00 +02:00
Jakob Unterwurzacher
d5adde1eeb exitcodes: pull all exit code definitions into the package
This commit defines all exit codes in one place in the exitcodes
package.

Also, it adds a test to verify the exit code on incorrect
password, which is what SiriKali cares about the most.

Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-07 22:16:22 +02:00
Jakob Unterwurzacher
8adfbf2dc3 Check for trailing garbage after the password
From the comment:

// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
4866785f4b tests: add test for -password -masterkey
Also, make the other password tests more rigorous by verifying the
fs content.
2016-10-16 19:13:00 +02:00
Jakob Unterwurzacher
ca3cc5eca3 tests: fix stdin password change test
It was actually testing extpass a second time.
2016-10-16 18:13:26 +02:00
Jakob Unterwurzacher
57e8df990c tests: split "normal" tests into "cli" and "defaults"
Also fixes the failure to run the benchmarks do to the missing
gocryptfs.diriv.
2016-10-16 15:04:53 +02:00