hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity
1,524 Commits 2 Branches 0 Tags 6 MiB
9f9d59ded9
Commit Graph

72 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
2362e67a9e cli: add "-hkdf" option 
This commit also enables actually passing the HKDF setting to
fusefrontend, this was missing till now.
 2017-03-07 20:56:50 +01:00
Jakob Unterwurzacher
b765cc526d main: get rid of third open paniclog fd 
We have it saved in Stderr and Stdout anyway, let's free this fd
number.
 2017-03-02 19:12:21 +01:00
Jakob Unterwurzacher
427c6c1719 exitcodes: define code 12 for "password incorrect" 2017-02-26 19:25:23 +01:00
Jakob Unterwurzacher
bef27305bc main: don't attempt lazy unmount on MacOSX 2017-02-15 23:20:41 +01:00
Jakob Unterwurzacher
8adfbf2dc3 Check for trailing garbage after the password 
From the comment:

// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
 2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
de200aad72 main: add "-fsname" option 
As requested in https://github.com/rfjakob/gocryptfs/issues/73 .
 2017-01-26 22:13:57 +01:00
Jakob Unterwurzacher
39eca53677 main: make sure the ctlsock file is deleted on incorrect password 
Otherwise the next try to mount ends in
"ctlsock: listen unix ctl.sock: bind: address already in use"
 2017-01-26 21:32:08 +01:00
Jakob Unterwurzacher
53aedc3783 main: disconnect from the controlling terminal 
This prevents us from getting SIGINT when the user
kills the running script.
 2017-01-02 23:29:52 +01:00
Jakob Unterwurzacher
6af725ff09 ctlsock: exit early if socket cannot be created; delete on exit 
Both are achieved by opening the socket from main and passing
it to the ctlsock package instead of passing the path.
 2016-12-10 14:54:06 +01:00
Jakob Unterwurzacher
21904cd5f0 ctlsock: exit if socket cannot be created 2016-12-10 12:49:43 +01:00
Jakob Unterwurzacher
0f8d3318a3 main, fusefrontend: add "-noprealloc" option 
Preallocation is very slow on hdds that run btrfs. Give the
user the option to disable it. This greatly speeds up small file
operations but reduces the robustness against out-of-space errors.

Also add the option to the man page.

More info: https://github.com/rfjakob/gocryptfs/issues/63
 2016-11-25 09:19:14 +01:00
Jakob Unterwurzacher
75ebb28a62 ctlsock: add initial limited implementation 
At the moment, in forward mode you can only encrypt paths
and in reverse mode you can only decrypt paths.
 2016-11-10 00:27:08 +01:00
Jakob Unterwurzacher
2b991c9743 Add support for unpadded base64 filenames, "-raw64" 
Through base64.RawURLEncoding.

New command-line parameter "-raw64".
 2016-11-01 18:43:22 +01:00
Jakob Unterwurzacher
8ce735e987 main: print "args" slightly prettier 2016-11-01 18:30:00 +01:00
Jakob Unterwurzacher
4cc64c2c95 main: redirect panics to /tmp/gocryptfs_panic.NNNN 
Redirect stdout and stderr to /tmp/gocryptfs_paniclog.NNNNNN
instead of closing them so users have a chance to get the
backtrace on a panic.

This only applies if "-nosyslog" is NOT set. Panics will
go to terminal as usual if it is.
 2016-10-28 21:18:36 +02:00
Jakob Unterwurzacher
540f125f18 main: move masterkey warnings into parseMasterKey 
This makes sure all callers of parseMasterKey warn the user.
At the moment there is only one, but another one will be added
soon for forcing a password change when only the master key is
known.
 2016-10-16 16:20:11 +02:00
Jakob Unterwurzacher
25a8802403 main: rename "-o" option to "-ko" 
This prevents confusion with the "-o" options that is passed
by mount(1) at the end of the command line.
 2016-10-09 19:32:55 +02:00
Jakob Unterwurzacher
495479dc66 main: friendlier error message on wrong number of arguments 
Before:
	Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT

After:
	Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg"
	Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
 2016-10-09 18:18:14 +02:00
Jakob Unterwurzacher
dc4fdd8f44 main: fix shadow detection logic 
This fired incorrectly:

	Mountpoint "/home/testuser" would shadow cipherdir "/home/testuser.cipher", this is not supported
 2016-10-08 23:50:19 +02:00
Jakob Unterwurzacher
f054353bd3 reverse: make gocryptfs.conf mapping plaintextnames-aware 
Only in plaintextnames-mode AND with the config file at the
default location it will be mapped into the mountpoint.

Also adds a test for that.
 2016-10-08 20:57:38 +02:00
Jakob Unterwurzacher
04cdc695f0 main: error out when the mount shadows the cipherdir 
For example, we cannot mount "/home/user/.cipher" at "/home/user"
because the mount will hide ".cipher" also for us.

Doing it anyway used to cause a nasty hang.
 2016-10-08 18:43:31 +02:00
Jakob Unterwurzacher
631c538f13 main: split doMount into its own file 
Ongoing effort to reduce the size of main().
 2016-10-08 18:43:24 +02:00