libgocryptfs

Author	SHA1	Message	Date
Jakob Unterwurzacher	f28d85fad5	fsck: add initial implementation Most corruption cases except xattr should be covered. With test filesystem. The output is still pretty ugly. xattr support will be added in the next commits.	2018-04-02 16:38:18 +02:00
Jakob Unterwurzacher	8fcd39a3b0	main: add "-fsck" flag The fsck operation is not yet implemented, this commits just adds the flag and improves cli flag handling.	2018-04-01 14:25:10 +02:00
Jakob Unterwurzacher	85056def90	main: move and rename checkDir() helper To avoid confusion with fsck, rename to isDir() and move the functions into init_dir.go.	2018-04-01 12:31:44 +02:00
Jakob Unterwurzacher	5da5e467a6	main: pull regular exits into main function The replaces the "does not return" comments with an explicit os.Exit, which is unambigous.	2018-04-01 12:13:32 +02:00
Jakob Unterwurzacher	9bc039a4ba	Add `-masterkey=stdin` functionality https://github.com/rfjakob/gocryptfs/issues/218	2018-03-22 00:02:10 +01:00
Jakob Unterwurzacher	adf7d75d31	main: changePassword: zero masterkey Overwrite the masterkey with zeros once we have encrypted it, and let it run out of scope. Also get rid of the password duplicate in readpassword.Twice.	2018-02-18 15:36:14 +01:00
Jakob Unterwurzacher	2cf050d69e	main: zero password once we are done with it Overwrite the password we have got from the user with zeros once we don't need it anymore, and make sure the variable runs out of scope.	2018-02-18 15:22:22 +01:00
Jakob Unterwurzacher	3b8f5cbb17	readpassword: convert from string to []byte This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211	2018-02-18 14:26:54 +01:00
Jakob Unterwurzacher	14c063428d	main: doMount: use a deferred function for wipeKeys Also drop the unused int return.	2018-02-18 12:55:20 +01:00
Jakob Unterwurzacher	bd78b44389	cryptocore, main: add two comments While reading the code, I had to think about what it does, so add a comment that explains it.	2018-02-18 12:41:11 +01:00
Felix Lechner	bf2f9640c4	Fix spelling (#205 )	2018-02-04 20:38:22 +01:00
Jakob Unterwurzacher	1b0426bcb2	main: print clear error message if CIPHERDIR is missing Getting just the help text in response to gocryptfs -info -config external.config is confusing: https://github.com/rfjakob/gocryptfs/issues/157	2017-11-15 20:30:21 +01:00
Jakob Unterwurzacher	830cbb7218	build.bash: make reproduceable builds easier * Reduce the build time precision from seconds to days * Allow to specify an arbitrary build date through an env variable	2017-09-06 21:41:22 +02:00
Jakob Unterwurzacher	1f39ede4b4	main: save memory profile every 60 seconds ...and move all profiling functionality to its own file, as the main function is already long enough. Periodically saving the memory profile allows capturing the used memory during normal operation, as opposed to on exit, where the kernel has already issued FORGETs for all inodes. This functionality has been used to create the memory profile shown in https://github.com/rfjakob/gocryptfs/issues/132 .	2017-07-30 16:07:00 +02:00
Jakob Unterwurzacher	71978ec88a	Add "-trace" flag (record execution trace) Uses the runtime/trace functionality. TODO: add to man page.	2017-06-07 22:09:06 +02:00
Jakob Unterwurzacher	22820bcd76	main: reorder force_owner flag parsing No functional changes, just keeping the profiling-related flags together.	2017-06-07 22:07:56 +02:00
Jakob Unterwurzacher	53b7c17261	Don't cap GOMAXPROCS at 4. Before Go 1.5, GOMAXPROCS defaulted to 1, hence it made sense to unconditionally increase it to 4. But since Go 1.5, GOMAXPROCS defaults to the number of cores, so don't keep it from increasing above 4. Also, update the performance numbers.	2017-06-01 20:55:13 +02:00
Charles Duffy	cf1ded5236	Implement force_owner option to display ownership as a specific user.	2017-06-01 00:26:17 +02:00
Jakob Unterwurzacher	1e598e96fc	main: add "-info" option Pretty-prints the config while stripping out sensitive (and uninteresting) data https://github.com/rfjakob/gocryptfs/issues/111	2017-05-30 19:01:32 +02:00
Jakob Unterwurzacher	df2f4b1c40	main: add short help text We have accumulated so many options over time that they no longer fit on the screen. Display only a useful subset of options to the user unless they pass "-hh".	2017-05-30 17:59:13 +02:00
Jakob Unterwurzacher	c44389d942	exitcodes: specific codes for failure to read or write gocryptfs.conf New codes: * OpenConf = 23 * WriteConf = 24	2017-05-14 14:30:50 +02:00
Jakob Unterwurzacher	18f354d84b	main: password change: exit with code 12 on wrong password We used to return code 8, now we return code 12 as documented in the man page. Also adds a test.	2017-05-14 13:14:00 +02:00
Jakob Unterwurzacher	d5adde1eeb	exitcodes: pull all exit code definitions into the package This commit defines all exit codes in one place in the exitcodes package. Also, it adds a test to verify the exit code on incorrect password, which is what SiriKali cares about the most. Fixes https://github.com/rfjakob/gocryptfs/issues/77 .	2017-05-07 22:16:22 +02:00
Jakob Unterwurzacher	cd10d0a6e4	main: more specific default values for GitVersion etc Now looks like this: $ ./gocryptfs -version gocryptfs [GitVersion not set - please compile using ./build.bash]; go-fuse [GitVersionFuse not set - please compile using ./build.bash]; 0000-00-00 go1.8 Hopefully easier to grep for.	2017-05-06 14:29:34 +02:00
Jakob Unterwurzacher	a48893b653	main: add "-race" to the version string ...if we were compiled with "-race".	2017-05-06 14:26:34 +02:00
Jakob Unterwurzacher	1e03e059fa	Implement "gocryptfs -speed" A crypto benchmark mode like "openssl speed". Example run: $ ./gocryptfs -speed AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode) AES-GCM-256-Go 48.19 MB/s AES-SIV-512-Go 37.40 MB/s	2017-02-22 23:56:34 +01:00
Jakob Unterwurzacher	8adfbf2dc3	Check for trailing garbage after the password From the comment: // CheckTrailingGarbage tries to read one byte from stdin and exits with a // fatal error if the read returns any data. // This is meant to be called after reading the password, when there is no more // data expected. This helps to catch problems with third-party tools that // interface with gocryptfs.	2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher	1e9d735406	Document "--" to stop option parsing in help text + man page	2017-02-12 12:49:04 +01:00
Jakob Unterwurzacher	39eca53677	main: make sure the ctlsock file is deleted on incorrect password Otherwise the next try to mount ends in "ctlsock: listen unix ctl.sock: bind: address already in use"	2017-01-26 21:32:08 +01:00
Jakob Unterwurzacher	80c50b9dbc	main: give deferred functions a chance to run (fixes -cpuprofile)	2016-11-23 23:49:34 +01:00
Jakob Unterwurzacher	f4c367381e	main: fix comments that reference "-f"	2016-11-01 19:04:49 +01:00
Jakob Unterwurzacher	b527e205e2	main: rename "-f" to "-fg" "-f" looks too much like "--force". The old variant is still accepted for compatability.	2016-11-01 19:00:45 +01:00
Jakob Unterwurzacher	c487e176bd	main: allow password change with -masterkey Requested at https://github.com/rfjakob/gocryptfs/issues/28	2016-10-16 18:17:28 +02:00
Jakob Unterwurzacher	9f0793ab0f	main: more useful error message on unknown flag	2016-10-09 20:55:33 +02:00
Jakob Unterwurzacher	9cf3ced0ce	main: also accept options at the end via "-o" For compatability with mount(1), options are also accepted as "-o COMMA-SEPARATED-OPTIONS" at the end of the command line. For example, "-o q,zerokey" is equivalent to "-q -zerokey".	2016-10-09 20:05:54 +02:00
Jakob Unterwurzacher	495479dc66	main: friendlier error message on wrong number of arguments Before: Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT After: Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg" Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT	2016-10-09 18:18:14 +02:00
Jakob Unterwurzacher	f054353bd3	reverse: make gocryptfs.conf mapping plaintextnames-aware Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that.	2016-10-08 20:57:38 +02:00
Jakob Unterwurzacher	631c538f13	main: split doMount into its own file Ongoing effort to reduce the size of main().	2016-10-08 18:43:24 +02:00
Jakob Unterwurzacher	89bcc50294	main: check if the config file can opened before prompting for password This was frustrating: $ gocryptfs a b Password: Decrypting master key open a/gocryptfs.conf: permission denied	2016-10-08 17:19:55 +02:00
Jakob Unterwurzacher	9b1a35174b	MANPAGE: note that "-f" implies "-nosyslog" Also explain why AES-SIV exists.	2016-10-07 23:02:04 +02:00
Jakob Unterwurzacher	14fd5ce598	main: daemonize more thoroughly As described at http://software.clapper.org/daemonize/ , a daemon should chdir to / and close its FDs.	2016-10-07 22:44:28 +02:00
Jakob Unterwurzacher	45dfc90a2f	main: clarify nosyslog code path Split the block up and add a comment why notifypid is important.	2016-10-07 00:05:46 +02:00
Jakob Unterwurzacher	434ce50db3	main: add "-nonempty" option	2016-10-06 22:41:13 +02:00
Valient Gough	b764917cd5	lint fixes	2016-10-04 23:18:33 +02:00
Jakob Unterwurzacher	56c0b19612	without_openssl: support compiling completely without openssl Build helper script: build-without-openssl.bash	2016-10-04 09:51:14 +02:00
Jakob Unterwurzacher	e9bb8b800c	reverse: switch from GCM-SIV to AES-SIV GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.	2016-09-26 23:25:13 +02:00
Jakob Unterwurzacher	5f4b16c00f	Implement changes proposed by gosimple. Also delete the unused "dirIVNameStruct", found by deadcode.	2016-09-25 19:48:21 +02:00
Jakob Unterwurzacher	2050c7f3b3	reverse: add gcmsiv flag and associated tests	2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher	d76e7aadb4	reverse: use dynamic inode numbers ...with stable mappings for hard-linked files.	2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher	5f726aaa9d	contentenc: add GCM-SIV support Also add ReverseDummyNonce nonce generation.	2016-09-25 16:43:17 +02:00

1 2 3 4

168 Commits