Commit Graph

21 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
e537ecbe2e tests: fix golint error
Error was:

  tests/cli/cli_test.go:552: declaration of "err" shadows declaration at tests/cli/cli_test.go:544
2018-10-11 20:57:52 +02:00
Jakob Unterwurzacher
04241455a2 tests: add idle timeout test
Mount with idle timeout 10ms and check that the process exits by itself
within 5 seconds.
2018-10-11 20:43:28 +02:00
Jakob Unterwurzacher
5ca6243eeb main: sanitize commas from fsname
The cipherdir path is used as the fsname, as displayed
in "df -T". Now, having a comma in fsname triggers a sanity check
in go-fuse, aborting the mount with:

  /bin/fusermount: mount failed: Invalid argument
  fuse.NewServer failed: fusermount exited with code 256

Sanitize fsname by replacing any commas with underscores.

https://github.com/rfjakob/gocryptfs/issues/262
2018-09-18 19:39:52 +02:00
Jakob Unterwurzacher
ca24c20694 main: don't read the config file twice (fix pipe bug)
Instead, first Load() the file, then DecryptMasterKey().

Fixes https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08 13:04:33 +02:00
Jakob Unterwurzacher
2bdf7d5172 configfile: add LoadAndDecrypt wrapper
Callers that do not want to decrypt the masterkey should
call plain Load().

https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08 12:40:29 +02:00
Jakob Unterwurzacher
ec2fdc19cf reverse mode: add --exclude option
https://github.com/rfjakob/gocryptfs/issues/235
2018-08-11 23:26:49 +02:00
Jakob Unterwurzacher
91de77943f configfile: reduce function name stutter
configfile.LoadConfFile()   -> configfile.Load()
configfile.CreateConfFile() -> configfile.Create()
2018-07-01 20:56:22 +02:00
Jakob Unterwurzacher
53d6a9999d main: accept -dev, -nodev, -suid, -nosuid, -exec, -noexec
When mounted via /etc/fstab like this,

  /a /b fuse.gocryptfs default 0 0

we always get extra options passed. As reported by @mahkoh
at https://github.com/rfjakob/gocryptfs/pull/233 :

  mount passes `-o noexec` if `-o user` is set and `-o exec` is not set.
  If both `-o user` and `-o exec` are set, it passes `-o exec`.

Make these options work, and in addtion, also make -suid and -rw
work the same way.

Reported-by: @mahkoh
2018-06-07 22:50:30 +02:00
Jakob Unterwurzacher
e29a81efc3 main: make prefixOArgs errors testable
By returning an error instead of calling os.Exit,
error cases can be tested easily. Error cases
were not tested until now.
2018-06-05 21:02:35 +02:00
Jakob Unterwurzacher
9d7392a5be tests: cli_test: fix fd leak
One fd leak found in TestMountBackground.
2018-04-07 15:46:41 +02:00
Jakob Unterwurzacher
f28d85fad5 fsck: add initial implementation
Most corruption cases except xattr should be covered.
With test filesystem.

The output is still pretty ugly. xattr support will
be added in the next commits.
2018-04-02 16:38:18 +02:00
Jakob Unterwurzacher
8fcd39a3b0 main: add "-fsck" flag
The fsck operation is not yet implemented, this commits
just adds the flag and improves cli flag handling.
2018-04-01 14:25:10 +02:00
Jakob Unterwurzacher
3b8f5cbb17 readpassword: convert from string to []byte
This will allows us to overwrite the password
with zeros once we are done with it.

https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18 14:26:54 +01:00
Sebastian Lackner
f3c777d5ea main: Add '-devrandom' commandline option
Allows to use /dev/random for generating the master key instead of the
default Go implementation. When the kernel random generator has been
properly initialized both are considered equally secure, however:

* Versions of Go prior to 1.9 just fall back to /dev/urandom if the
  getrandom() syscall would be blocking (Go Bug #19274)

* Kernel versions prior to 3.17 do not support getrandom(), and there
  is no check if the random generator has been properly initialized
  before reading from /dev/urandom

This is especially useful for embedded hardware with low-entroy. Please
note that generation of the master key might block indefinitely if the
kernel cannot harvest enough entropy.
2017-11-21 23:37:06 +01:00
Jakob Unterwurzacher
318c41827c tests: check if we close stderr and stdout correctly on mount
Currently fails, as reported at
https://github.com/rfjakob/gocryptfs/issues/130 .
2017-07-24 00:05:29 +02:00
Jakob Unterwurzacher
18f354d84b main: password change: exit with code 12 on wrong password
We used to return code 8, now we return code 12 as documented in
the man page.

Also adds a test.
2017-05-14 13:14:00 +02:00
Jakob Unterwurzacher
d5adde1eeb exitcodes: pull all exit code definitions into the package
This commit defines all exit codes in one place in the exitcodes
package.

Also, it adds a test to verify the exit code on incorrect
password, which is what SiriKali cares about the most.

Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-07 22:16:22 +02:00
Jakob Unterwurzacher
8adfbf2dc3 Check for trailing garbage after the password
From the comment:

// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
4866785f4b tests: add test for -password -masterkey
Also, make the other password tests more rigorous by verifying the
fs content.
2016-10-16 19:13:00 +02:00
Jakob Unterwurzacher
ca3cc5eca3 tests: fix stdin password change test
It was actually testing extpass a second time.
2016-10-16 18:13:26 +02:00
Jakob Unterwurzacher
57e8df990c tests: split "normal" tests into "cli" and "defaults"
Also fixes the failure to run the benchmarks do to the missing
gocryptfs.diriv.
2016-10-16 15:04:53 +02:00