Commit Graph

206 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
830cbb7218 build.bash: make reproduceable builds easier
* Reduce the build time precision from seconds to days
* Allow to specify an arbitrary build date through an
  env variable
2017-09-06 21:41:22 +02:00
Jakob Unterwurzacher
1f39ede4b4 main: save memory profile every 60 seconds
...and move all profiling functionality to its own file, as
the main function is already long enough.

Periodically saving the memory profile allows capturing the used
memory during normal operation, as opposed to on exit, where the
kernel has already issued FORGETs for all inodes.

This functionality has been used to create the memory profile shown
in https://github.com/rfjakob/gocryptfs/issues/132 .
2017-07-30 16:07:00 +02:00
Jakob Unterwurzacher
71978ec88a Add "-trace" flag (record execution trace)
Uses the runtime/trace functionality.

TODO: add to man page.
2017-06-07 22:09:06 +02:00
Jakob Unterwurzacher
22820bcd76 main: reorder force_owner flag parsing
No functional changes, just keeping the profiling-related flags
together.
2017-06-07 22:07:56 +02:00
Jakob Unterwurzacher
53b7c17261 Don't cap GOMAXPROCS at 4.
Before Go 1.5, GOMAXPROCS defaulted to 1, hence it made
sense to unconditionally increase it to 4.

But since Go 1.5, GOMAXPROCS defaults to the number of cores,
so don't keep it from increasing above 4.

Also, update the performance numbers.
2017-06-01 20:55:13 +02:00
Charles Duffy
cf1ded5236 Implement force_owner option to display ownership as a specific user. 2017-06-01 00:26:17 +02:00
Jakob Unterwurzacher
1e598e96fc main: add "-info" option
Pretty-prints the config while stripping out sensitive
(and uninteresting) data

https://github.com/rfjakob/gocryptfs/issues/111
2017-05-30 19:01:32 +02:00
Jakob Unterwurzacher
df2f4b1c40 main: add short help text
We have accumulated so many options over time that they
no longer fit on the screen.

Display only a useful subset of options to the user unless
they pass "-hh".
2017-05-30 17:59:13 +02:00
Jakob Unterwurzacher
c44389d942 exitcodes: specific codes for failure to read or write gocryptfs.conf
New codes:
* OpenConf = 23
* WriteConf = 24
2017-05-14 14:30:50 +02:00
Jakob Unterwurzacher
18f354d84b main: password change: exit with code 12 on wrong password
We used to return code 8, now we return code 12 as documented in
the man page.

Also adds a test.
2017-05-14 13:14:00 +02:00
Jakob Unterwurzacher
d5adde1eeb exitcodes: pull all exit code definitions into the package
This commit defines all exit codes in one place in the exitcodes
package.

Also, it adds a test to verify the exit code on incorrect
password, which is what SiriKali cares about the most.

Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-07 22:16:22 +02:00
Jakob Unterwurzacher
cd10d0a6e4 main: more specific default values for GitVersion etc
Now looks like this:

  $ ./gocryptfs -version
  gocryptfs [GitVersion not set - please compile using ./build.bash]; go-fuse [GitVersionFuse not set - please compile using ./build.bash]; 0000-00-00 go1.8

Hopefully easier to grep for.
2017-05-06 14:29:34 +02:00
Jakob Unterwurzacher
a48893b653 main: add "-race" to the version string
...if we were compiled with "-race".
2017-05-06 14:26:34 +02:00
Jakob Unterwurzacher
1e03e059fa Implement "gocryptfs -speed"
A crypto benchmark mode like "openssl speed".

Example run:

  $ ./gocryptfs -speed
  AES-GCM-256-OpenSSL 	 180.89 MB/s	(selected in auto mode)
  AES-GCM-256-Go      	  48.19 MB/s
  AES-SIV-512-Go      	  37.40 MB/s
2017-02-22 23:56:34 +01:00
Jakob Unterwurzacher
8adfbf2dc3 Check for trailing garbage after the password
From the comment:

// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
1e9d735406 Document "--" to stop option parsing in help text + man page 2017-02-12 12:49:04 +01:00
Jakob Unterwurzacher
39eca53677 main: make sure the ctlsock file is deleted on incorrect password
Otherwise the next try to mount ends in
"ctlsock: listen unix ctl.sock: bind: address already in use"
2017-01-26 21:32:08 +01:00
Jakob Unterwurzacher
80c50b9dbc main: give deferred functions a chance to run (fixes -cpuprofile) 2016-11-23 23:49:34 +01:00
Jakob Unterwurzacher
f4c367381e main: fix comments that reference "-f" 2016-11-01 19:04:49 +01:00
Jakob Unterwurzacher
b527e205e2 main: rename "-f" to "-fg"
"-f" looks too much like "--force". The old variant is still
accepted for compatability.
2016-11-01 19:00:45 +01:00
Jakob Unterwurzacher
c487e176bd main: allow password change with -masterkey
Requested at https://github.com/rfjakob/gocryptfs/issues/28
2016-10-16 18:17:28 +02:00
Jakob Unterwurzacher
9f0793ab0f main: more useful error message on unknown flag 2016-10-09 20:55:33 +02:00
Jakob Unterwurzacher
9cf3ced0ce main: also accept options at the end via "-o"
For compatability with mount(1), options are also accepted as
"-o COMMA-SEPARATED-OPTIONS" at the end of the command line.
For example, "-o q,zerokey" is equivalent to "-q -zerokey".
2016-10-09 20:05:54 +02:00
Jakob Unterwurzacher
495479dc66 main: friendlier error message on wrong number of arguments
Before:
	Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT

After:
	Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg"
	Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
2016-10-09 18:18:14 +02:00
Jakob Unterwurzacher
f054353bd3 reverse: make gocryptfs.conf mapping plaintextnames-aware
Only in plaintextnames-mode AND with the config file at the
default location it will be mapped into the mountpoint.

Also adds a test for that.
2016-10-08 20:57:38 +02:00
Jakob Unterwurzacher
631c538f13 main: split doMount into its own file
Ongoing effort to reduce the size of main().
2016-10-08 18:43:24 +02:00
Jakob Unterwurzacher
89bcc50294 main: check if the config file can opened before prompting for password
This was frustrating:

$ gocryptfs a b
Password:
Decrypting master key
open a/gocryptfs.conf: permission denied
2016-10-08 17:19:55 +02:00
Jakob Unterwurzacher
9b1a35174b MANPAGE: note that "-f" implies "-nosyslog"
Also explain why AES-SIV exists.
2016-10-07 23:02:04 +02:00
Jakob Unterwurzacher
14fd5ce598 main: daemonize more thoroughly
As described at http://software.clapper.org/daemonize/ ,
a daemon should chdir to / and close its FDs.
2016-10-07 22:44:28 +02:00
Jakob Unterwurzacher
45dfc90a2f main: clarify nosyslog code path
Split the block up and add a comment why notifypid is important.
2016-10-07 00:05:46 +02:00
Jakob Unterwurzacher
434ce50db3 main: add "-nonempty" option 2016-10-06 22:41:13 +02:00
Valient Gough
b764917cd5 lint fixes 2016-10-04 23:18:33 +02:00
Jakob Unterwurzacher
56c0b19612 without_openssl: support compiling completely without openssl
Build helper script: build-without-openssl.bash
2016-10-04 09:51:14 +02:00
Jakob Unterwurzacher
e9bb8b800c reverse: switch from GCM-SIV to AES-SIV
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
Jakob Unterwurzacher
5f4b16c00f Implement changes proposed by gosimple.
Also delete the unused "dirIVNameStruct", found by deadcode.
2016-09-25 19:48:21 +02:00
Jakob Unterwurzacher
2050c7f3b3 reverse: add gcmsiv flag and associated tests 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d76e7aadb4 reverse: use dynamic inode numbers
...with stable mappings for hard-linked files.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
5f726aaa9d contentenc: add GCM-SIV support
Also add ReverseDummyNonce nonce generation.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
7f87ed78f2 cryptocore: add support for GCM-SIV 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
72efa5c9b1 main: move initDir into its own file 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
9ad49088fa main: add explicit exit after forkChild
Trying to make it more obvious what is happening.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d9db75ebd2 main: factor out cli arg parsing
The main function has gotten way too big.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
a34b447ad1 reverse: let the kernel enforce read-only mode
... and print a warning that reverse mode is experimental
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
1d4c6288f2 main: initial support for reverse mode 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
0d5d6fc99b main: bake build date into version string
$ gocryptfs -version
gocryptfs v0.12-36-ge021b9d-dirty; go-fuse a4c968c; 2016-07-03 go1.6.2
2016-07-03 16:50:52 +02:00
Jakob Unterwurzacher
e021b9d00c main: yellow text for masterkey and zerokey warnings
Also, mention that the shell may save the command line into the
history and reduce "ps -auxwww" to "ps ax" (that's all you need).
2016-07-03 15:37:47 +02:00
Jakob Unterwurzacher
547ddf4264 tlog: switch default logger to syslog
...unless "-nosyslog" is passed.

All gocryptfs messages already go to syslog, but the messages
that the go-fuse lib emits were still printed to stdout.

Fixes issue #13 ( https://github.com/rfjakob/gocryptfs/issues/13 )
2016-06-26 23:30:22 +02:00
Jakob Unterwurzacher
15b88756ad main: add "-o" option to enable "suid" and "dev"
Device files and suid binaries are often not needed when running
gocryptfs as root. As they are potentially dangerous, let the
user enable them explicitely via the new "-o" option instead of
always enabling them when running as root.
2016-06-26 23:03:18 +02:00
Jakob Unterwurzacher
0115588680 main, fusefrontend: enable suid functionality
FUSE filesystems are mounted with "nosuid" by default. If we run as root,
we can use device files by passing the opposite mount option, "suid".

Also we have to use syscall.Chmod instead of os.Chmod because the
portability translation layer "syscallMode" messes up the sgid
and suid bits.

Fixes 70% of the failures in xfstests generic/193. The remaining are
related to truncate, but we err on the safe side:

    $ diff -u tests/generic/193.out /home/jakob/src/fuse-xfstests/results//generic/193.out.bad
    [...]
     check that suid/sgid bits are cleared after successful truncate...
     with no exec perm
     before: -rwSr-Sr--
    -after:  -rw-r-Sr--
    +after:  -rw-r--r--
2016-06-26 20:13:21 +02:00
Jakob Unterwurzacher
fb5e7023ee main: enable device files when running as root
FUSE filesystems are mounted with "nodev" by default. If we run as root,
we can use device files by passing the opposite mount option, "dev".

Fixes xfstests generic/184.
2016-06-26 19:23:33 +02:00
Jakob Unterwurzacher
23cc0657f4 fusefronted: preserve owner if running as root
If allow_other is set and we run as root, try to give newly created files to
the right user.
2016-06-26 19:18:13 +02:00
Jakob Unterwurzacher
b558901e66 Drop deprecated "-gcmiv128" option
The GCMIV128 feature flag is already mandatory, dropping the command
line option is the final step.

Completes https://github.com/rfjakob/gocryptfs/issues/29 .
2016-06-23 22:10:19 +02:00
Jakob Unterwurzacher
3d59a72ba9 Drop deprecated "-emenames" option
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:56:50 +02:00
Jakob Unterwurzacher
b17f0465c7 Drop deprecated "-diriv" option
The DirIV feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:38:59 +02:00
Jakob Unterwurzacher
f0b4d2354d Refuse mounting of v0.6 and older filesystems 2016-06-19 20:01:04 +02:00
Jakob Unterwurzacher
1dcafb99ff main: drop "on-disk format" from -version output, add Go version
As v0.4 introduced ext4-style feature flags, the on-disk format version
is unlinkely to change. Drop it from the version output to reduce
clutter. Use "gocryptfs -version -debug" to see it.

Add the Go version string because only Go 1.6 and newer have an optimized
AES-GCM implementation. This will help users to understand the performance
of their build.
2016-06-19 19:33:15 +02:00
Jakob Unterwurzacher
cc2a75b050 Mount v0.6 and older filesystems as read-only
This is part of the phase-out of very old filesystems.

See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for
more info.
2016-06-16 23:23:09 +02:00
Jakob Unterwurzacher
82d87ff8ed Add "-ro" (read-only) flag
From the man page:

  **-ro**
  :      Mount the filesystem read-only

Also add a test.
2016-06-16 21:29:22 +02:00
Jakob Unterwurzacher
6c3f97399a Rename internal "toggledlog" package to "tlog"
tlog is used heavily everywhere and deserves a shorter name.

Renamed using sed magic, without any manual rework:

   find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
2016-06-15 23:30:44 +02:00
Jakob Unterwurzacher
09e88f31d1 toggledlog: assume command of color handling
We want to use colored error messages also outside of main,
so let's handle it in the logging package.

The fatal logger now automatically prints red.
2016-06-15 23:17:51 +02:00
Jakob Unterwurzacher
c89455063c readpassword: create internal package for password reading
* Supports stdin
* Add tests for extpass and stdin

As per user request at https://github.com/rfjakob/gocryptfs/issues/30
2016-06-15 22:44:24 +02:00
Jakob Unterwurzacher
393e531afd Fix warnings reported by Go 1.6 "go tool vet -shadow=true"
Warnings were:

  main.go:234: declaration of err shadows declaration at main.go:163:
  internal/fusefrontend/file.go:401: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
  internal/fusefrontend/file.go:419: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
  internal/fusefrontend/fs_dir.go:140: declaration of err shadows declaration at internal/fusefrontend/fs_dir.go:97:
2016-06-14 22:46:23 +02:00
Jakob Unterwurzacher
0c80cca674 toggledlog: convert remaing naked fmt.Print*
Several fatal errors were just printed to stdout, which
meant they were invisible when running the test suite.

Fix this by introducing toggledlog.Fatal and convert as
follows:

Fatal errors     -> toggledlog.Fatal
Warnings         -> toggledlog.Warn
Password prompts -> fmt.Fprintf
2016-06-05 14:32:07 +02:00
Jakob Unterwurzacher
ca54b665e3 main: print actual error from LoadConfFile()
It may not have been a "Wrong password" after all.

Also, push down disabling the warning so LoadConfFile() can
warn about things that matter.
2016-06-05 13:44:22 +02:00
Jakob Unterwurzacher
b97268c948 configfile: bake the "Creator" gocryptfs version into the file
This field is added for the convenience of users and
may help them to identify which gocryptfs version
they need to mount a filesystem.

The same information is essentially contained in FeatureFlags,
but this is more difficult to decode for humans.

It is completely ignored programmatically (also by older gocryptfs
versions).
2016-06-05 11:40:13 +02:00
Jakob Unterwurzacher
281bb8daf0 main: don't tell the user to choose a password when -extpass is used
Instead, print this:

  Using password provided via -extpass.
2016-06-04 15:24:42 +02:00
Jakob Unterwurzacher
2e2ee0a038 main: print relative path in the init success message
... but only if the relative path does not start with "..".

Makes the message easier to grasp. Example:

  $ gocryptfs -init -scryptn=10 v0.9
  [...]
  The filesystem has been created successfully.

Before:
  You can now mount it using: gocryptfs /home/jakob/src/github.com/rfjakob/gocryptfs/integration_tests/example_filesystems/v0.9 MOUNTPOINT

After:
  You can now mount it using: gocryptfs v0.9 MOUNTPOINT
2016-06-04 15:04:57 +02:00
Jakob Unterwurzacher
80b027f830 nametransform, main: better error messages 2016-06-01 20:07:43 +02:00
Jakob Unterwurzacher
e7f78135b3 Add "-allow_other" command-line option
As requested in https://github.com/rfjakob/gocryptfs/issues/26 ,
this adds the option to allow other users to access the filesystem.
2016-05-18 19:30:05 +02:00
Jakob Unterwurzacher
49b597f07c prefer_openssl: autodetect whether to use OpenSSL or Go GCM
Go GCM is faster than OpenSSL if the CPU has AES instructions
and you are running Go 1.6+.

The "-openssl" option now defaults to "auto".

"gocryptfs -debug -version" displays the result of the autodetection.

See https://github.com/rfjakob/gocryptfs/issues/23 for details and
benchmarks.
2016-05-12 00:42:42 +02:00
Jakob Unterwurzacher
36c1039228 build.bash: bake the go-fuse commit hash into the binaries 2016-04-10 23:16:09 +02:00
Jakob Unterwurzacher
bd5405189e Fix "go tool vet -shadow=true" warnings
Among those one real bug.
2016-04-10 21:31:15 +02:00
Jakob Unterwurzacher
3a4922b5d7 Add tests for long name creation and renaming (currently failing, obviously) 2016-02-07 10:55:13 +01:00
Jakob Unterwurzacher
e111e20649 longnames part I: Create and OpenDir work with long filenames > 176 bytes
Todo: Rename, Unlink, Rmdir, Mknod, Mkdir
2016-02-06 22:54:14 +01:00
Jakob Unterwurzacher
c74772bc8d Run go fmt 2016-02-06 20:23:36 +01:00
Jakob Unterwurzacher
9078a77850 Move pathfs_frontend to internal/fusefrontend
"git status" for reference:

renamed:    pathfs_frontend/args.go -> internal/fusefrontend/args.go
renamed:    pathfs_frontend/compat_darwin.go -> internal/fusefrontend/compat_darwin.go
renamed:    pathfs_frontend/compat_linux.go -> internal/fusefrontend/compat_linux.go
renamed:    pathfs_frontend/file.go -> internal/fusefrontend/file.go
renamed:    pathfs_frontend/file_holes.go -> internal/fusefrontend/file_holes.go
renamed:    pathfs_frontend/fs.go -> internal/fusefrontend/fs.go
renamed:    pathfs_frontend/fs_dir.go -> internal/fusefrontend/fs_dir.go
renamed:    pathfs_frontend/names.go -> internal/fusefrontend/names.go
renamed:    pathfs_frontend/write_lock.go -> internal/fusefrontend/write_lock.go
modified:   main.go
2016-02-06 19:27:59 +01:00
Jakob Unterwurzacher
2b8cbd9441 Major refactoring: Split up "cryptfs" into several internal packages
"git status" for reference:

deleted:    cryptfs/cryptfs.go
deleted:    cryptfs/names_core.go
modified:   integration_tests/cli_test.go
modified:   integration_tests/helpers.go
renamed:    cryptfs/config_file.go -> internal/configfile/config_file.go
renamed:    cryptfs/config_test.go -> internal/configfile/config_test.go
renamed:    cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore
renamed:    cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf
renamed:    cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf
renamed:    cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf
renamed:    cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf
renamed:    cryptfs/kdf.go -> internal/configfile/kdf.go
renamed:    cryptfs/kdf_test.go -> internal/configfile/kdf_test.go
renamed:    cryptfs/cryptfs_content.go -> internal/contentenc/content.go
new file:   internal/contentenc/content_api.go
renamed:    cryptfs/content_test.go -> internal/contentenc/content_test.go
renamed:    cryptfs/file_header.go -> internal/contentenc/file_header.go
renamed:    cryptfs/intrablock.go -> internal/contentenc/intrablock.go
renamed:    cryptfs/address_translation.go -> internal/contentenc/offsets.go
new file:   internal/cryptocore/crypto_api.go
renamed:    cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go
renamed:    cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go
renamed:    cryptfs/nonce.go -> internal/cryptocore/nonce.go
renamed:    cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go
renamed:    cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash
renamed:    cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go
new file:   internal/nametransform/name_api.go
new file:   internal/nametransform/names_core.go
renamed:    cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go
renamed:    cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go
renamed:    cryptfs/names_test.go -> internal/nametransform/names_test.go
new file:   internal/nametransform/pad16.go
renamed:    cryptfs/log.go -> internal/toggledlog/log.go
renamed:    cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go
renamed:    cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go
modified:   main.go
modified:   masterkey.go
modified:   pathfs_frontend/file.go
modified:   pathfs_frontend/file_holes.go
modified:   pathfs_frontend/fs.go
modified:   pathfs_frontend/fs_dir.go
modified:   pathfs_frontend/names.go
modified:   test.bash
2016-02-06 19:22:35 +01:00
Jakob Unterwurzacher
6454db68d9 Add new "-wpanic" option and enable it for the automated tests 2016-01-31 18:09:39 +01:00
Jakob Unterwurzacher
9ecb489c66 Allow "-d" as an alis for "-debug", and "-quiet" as an alias for "-q" 2016-01-24 18:20:04 +01:00
Jakob Unterwurzacher
523e430685 Add "-nosyslog" options
Also, actually redirect Warn and Debug as well.
2016-01-24 18:10:18 +01:00
Jakob Unterwurzacher
1030522fe6 Suppress password prompt when using -extpass
Also, add color to the error messages.
2016-01-23 20:18:39 +01:00
Jakob Unterwurzacher
2e419e635f Remove last SetOutput from generic code 2016-01-22 21:49:56 +01:00
Jakob Unterwurzacher
cec2da3e33 Add "-memprofile" option 2016-01-21 23:55:37 +01:00
Jakob Unterwurzacher
d163169655 Wrap Logger to make disabling output more efficient
Instead of using SetOutput(ioutil.Discard), which means
that Printf is still called for every debug message,
use a simple and fast boolean check.

Streaming write performance improves from 86 to 93 MB/s.
2016-01-21 22:59:11 +01:00
Jakob Unterwurzacher
9bab220a1b Switch to syslog when running in the background 2016-01-20 22:31:15 +01:00
Jakob Unterwurzacher
17f0eb1339 Convert logging to standard Go log.Logger
This is in preparation of logging to syslog.
2016-01-20 20:57:00 +01:00
Jakob Unterwurzacher
1936de783f Color for the "init success" message 2016-01-04 20:55:25 +01:00
Jakob Unterwurzacher
ad00ba38e5 Colorize output 2015-12-19 15:46:19 +01:00
Jakob Unterwurzacher
1caa925868 Increase GCM IV size from 96 to 128 bits
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
2015-12-19 15:02:29 +01:00
Jakob Unterwurzacher
e99e841713 Rmdir: handle creating and removing unreadable directories
This patch also splits off Mkdir and Rmdir into its own file.

Fixes issue #8, thanks to @diseq for the bug report.
2015-12-11 20:02:12 +01:00
Jakob Unterwurzacher
b4b9072cc2 Simplify CreateConfFile: do not allow specification of EMENames 2015-12-10 19:38:02 +01:00
Jakob Unterwurzacher
ccf6d00728 Add missing PlaintextNames checks in OpenDir, Mkdir, Rmdir, initDir
Plaintextnames support has bitrotted during the DirIV additions,
this needs test cases. Will be added in a future patch.

Fixes issue #9.
2015-12-10 01:12:05 +01:00
Jakob Unterwurzacher
c6dacd6f91 Add EME filename encryption & enable it by default 2015-12-08 16:17:04 +01:00
Jakob Unterwurzacher
71b94828ed init: create gocryptfs.diriv after creating gocryptfs.conf
Creating the config file can fail easily, for example if the
password is not entered the same twice. This would leave an
orphaned gocryptfs.diriv behind.
2015-12-06 14:24:45 +01:00
Jakob Unterwurzacher
ce42a6f23d Run go fmt 2015-11-29 21:55:20 +01:00
Jakob Unterwurzacher
6f764b3867 Handle all operations except mounting without forking a child
This saves 170ms for each start (why do we take 170ms to start up?)
and cuts down test time by 2 seconds.
2015-11-29 19:09:12 +01:00
Jakob Unterwurzacher
bb116282b7 Add "-scryptn" option that sets the cost parameter for scrypt
Use that option to speed up the automated tests by 7 seconds.

Before:
	ok  	github.com/rfjakob/gocryptfs/integration_tests	26.667s
After:
	ok  	github.com/rfjakob/gocryptfs/integration_tests	19.534s
2015-11-29 18:53:40 +01:00
Jakob Unterwurzacher
1fb349e97b diriv: also support old CBC symlink 2015-11-28 18:39:45 +01:00
Jakob Unterwurzacher
fe7355f9ee diriv: use "DirIV" flag to discern and support mounting old filesystems 2015-11-28 18:38:06 +01:00
Jakob Unterwurzacher
b3d96b6a20 main: pass args struct instead of having a huge function call 2015-11-27 22:30:38 +01:00