Commit Graph

139 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
80c50b9dbc main: give deferred functions a chance to run (fixes -cpuprofile) 2016-11-23 23:49:34 +01:00
Jakob Unterwurzacher
f4c367381e main: fix comments that reference "-f" 2016-11-01 19:04:49 +01:00
Jakob Unterwurzacher
b527e205e2 main: rename "-f" to "-fg"
"-f" looks too much like "--force". The old variant is still
accepted for compatability.
2016-11-01 19:00:45 +01:00
Jakob Unterwurzacher
c487e176bd main: allow password change with -masterkey
Requested at https://github.com/rfjakob/gocryptfs/issues/28
2016-10-16 18:17:28 +02:00
Jakob Unterwurzacher
9f0793ab0f main: more useful error message on unknown flag 2016-10-09 20:55:33 +02:00
Jakob Unterwurzacher
9cf3ced0ce main: also accept options at the end via "-o"
For compatability with mount(1), options are also accepted as
"-o COMMA-SEPARATED-OPTIONS" at the end of the command line.
For example, "-o q,zerokey" is equivalent to "-q -zerokey".
2016-10-09 20:05:54 +02:00
Jakob Unterwurzacher
495479dc66 main: friendlier error message on wrong number of arguments
Before:
	Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT

After:
	Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg"
	Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
2016-10-09 18:18:14 +02:00
Jakob Unterwurzacher
f054353bd3 reverse: make gocryptfs.conf mapping plaintextnames-aware
Only in plaintextnames-mode AND with the config file at the
default location it will be mapped into the mountpoint.

Also adds a test for that.
2016-10-08 20:57:38 +02:00
Jakob Unterwurzacher
631c538f13 main: split doMount into its own file
Ongoing effort to reduce the size of main().
2016-10-08 18:43:24 +02:00
Jakob Unterwurzacher
89bcc50294 main: check if the config file can opened before prompting for password
This was frustrating:

$ gocryptfs a b
Password:
Decrypting master key
open a/gocryptfs.conf: permission denied
2016-10-08 17:19:55 +02:00
Jakob Unterwurzacher
9b1a35174b MANPAGE: note that "-f" implies "-nosyslog"
Also explain why AES-SIV exists.
2016-10-07 23:02:04 +02:00
Jakob Unterwurzacher
14fd5ce598 main: daemonize more thoroughly
As described at http://software.clapper.org/daemonize/ ,
a daemon should chdir to / and close its FDs.
2016-10-07 22:44:28 +02:00
Jakob Unterwurzacher
45dfc90a2f main: clarify nosyslog code path
Split the block up and add a comment why notifypid is important.
2016-10-07 00:05:46 +02:00
Jakob Unterwurzacher
434ce50db3 main: add "-nonempty" option 2016-10-06 22:41:13 +02:00
Valient Gough
b764917cd5 lint fixes 2016-10-04 23:18:33 +02:00
Jakob Unterwurzacher
56c0b19612 without_openssl: support compiling completely without openssl
Build helper script: build-without-openssl.bash
2016-10-04 09:51:14 +02:00
Jakob Unterwurzacher
e9bb8b800c reverse: switch from GCM-SIV to AES-SIV
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
Jakob Unterwurzacher
5f4b16c00f Implement changes proposed by gosimple.
Also delete the unused "dirIVNameStruct", found by deadcode.
2016-09-25 19:48:21 +02:00
Jakob Unterwurzacher
2050c7f3b3 reverse: add gcmsiv flag and associated tests 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d76e7aadb4 reverse: use dynamic inode numbers
...with stable mappings for hard-linked files.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
5f726aaa9d contentenc: add GCM-SIV support
Also add ReverseDummyNonce nonce generation.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
7f87ed78f2 cryptocore: add support for GCM-SIV 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
72efa5c9b1 main: move initDir into its own file 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
9ad49088fa main: add explicit exit after forkChild
Trying to make it more obvious what is happening.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
d9db75ebd2 main: factor out cli arg parsing
The main function has gotten way too big.
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
a34b447ad1 reverse: let the kernel enforce read-only mode
... and print a warning that reverse mode is experimental
2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
1d4c6288f2 main: initial support for reverse mode 2016-09-25 16:43:17 +02:00
Jakob Unterwurzacher
0d5d6fc99b main: bake build date into version string
$ gocryptfs -version
gocryptfs v0.12-36-ge021b9d-dirty; go-fuse a4c968c; 2016-07-03 go1.6.2
2016-07-03 16:50:52 +02:00
Jakob Unterwurzacher
e021b9d00c main: yellow text for masterkey and zerokey warnings
Also, mention that the shell may save the command line into the
history and reduce "ps -auxwww" to "ps ax" (that's all you need).
2016-07-03 15:37:47 +02:00
Jakob Unterwurzacher
547ddf4264 tlog: switch default logger to syslog
...unless "-nosyslog" is passed.

All gocryptfs messages already go to syslog, but the messages
that the go-fuse lib emits were still printed to stdout.

Fixes issue #13 ( https://github.com/rfjakob/gocryptfs/issues/13 )
2016-06-26 23:30:22 +02:00
Jakob Unterwurzacher
15b88756ad main: add "-o" option to enable "suid" and "dev"
Device files and suid binaries are often not needed when running
gocryptfs as root. As they are potentially dangerous, let the
user enable them explicitely via the new "-o" option instead of
always enabling them when running as root.
2016-06-26 23:03:18 +02:00
Jakob Unterwurzacher
0115588680 main, fusefrontend: enable suid functionality
FUSE filesystems are mounted with "nosuid" by default. If we run as root,
we can use device files by passing the opposite mount option, "suid".

Also we have to use syscall.Chmod instead of os.Chmod because the
portability translation layer "syscallMode" messes up the sgid
and suid bits.

Fixes 70% of the failures in xfstests generic/193. The remaining are
related to truncate, but we err on the safe side:

    $ diff -u tests/generic/193.out /home/jakob/src/fuse-xfstests/results//generic/193.out.bad
    [...]
     check that suid/sgid bits are cleared after successful truncate...
     with no exec perm
     before: -rwSr-Sr--
    -after:  -rw-r-Sr--
    +after:  -rw-r--r--
2016-06-26 20:13:21 +02:00
Jakob Unterwurzacher
fb5e7023ee main: enable device files when running as root
FUSE filesystems are mounted with "nodev" by default. If we run as root,
we can use device files by passing the opposite mount option, "dev".

Fixes xfstests generic/184.
2016-06-26 19:23:33 +02:00
Jakob Unterwurzacher
23cc0657f4 fusefronted: preserve owner if running as root
If allow_other is set and we run as root, try to give newly created files to
the right user.
2016-06-26 19:18:13 +02:00
Jakob Unterwurzacher
b558901e66 Drop deprecated "-gcmiv128" option
The GCMIV128 feature flag is already mandatory, dropping the command
line option is the final step.

Completes https://github.com/rfjakob/gocryptfs/issues/29 .
2016-06-23 22:10:19 +02:00
Jakob Unterwurzacher
3d59a72ba9 Drop deprecated "-emenames" option
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:56:50 +02:00
Jakob Unterwurzacher
b17f0465c7 Drop deprecated "-diriv" option
The DirIV feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:38:59 +02:00
Jakob Unterwurzacher
f0b4d2354d Refuse mounting of v0.6 and older filesystems 2016-06-19 20:01:04 +02:00
Jakob Unterwurzacher
1dcafb99ff main: drop "on-disk format" from -version output, add Go version
As v0.4 introduced ext4-style feature flags, the on-disk format version
is unlinkely to change. Drop it from the version output to reduce
clutter. Use "gocryptfs -version -debug" to see it.

Add the Go version string because only Go 1.6 and newer have an optimized
AES-GCM implementation. This will help users to understand the performance
of their build.
2016-06-19 19:33:15 +02:00
Jakob Unterwurzacher
cc2a75b050 Mount v0.6 and older filesystems as read-only
This is part of the phase-out of very old filesystems.

See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for
more info.
2016-06-16 23:23:09 +02:00
Jakob Unterwurzacher
82d87ff8ed Add "-ro" (read-only) flag
From the man page:

  **-ro**
  :      Mount the filesystem read-only

Also add a test.
2016-06-16 21:29:22 +02:00
Jakob Unterwurzacher
6c3f97399a Rename internal "toggledlog" package to "tlog"
tlog is used heavily everywhere and deserves a shorter name.

Renamed using sed magic, without any manual rework:

   find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
2016-06-15 23:30:44 +02:00
Jakob Unterwurzacher
09e88f31d1 toggledlog: assume command of color handling
We want to use colored error messages also outside of main,
so let's handle it in the logging package.

The fatal logger now automatically prints red.
2016-06-15 23:17:51 +02:00
Jakob Unterwurzacher
c89455063c readpassword: create internal package for password reading
* Supports stdin
* Add tests for extpass and stdin

As per user request at https://github.com/rfjakob/gocryptfs/issues/30
2016-06-15 22:44:24 +02:00
Jakob Unterwurzacher
393e531afd Fix warnings reported by Go 1.6 "go tool vet -shadow=true"
Warnings were:

  main.go:234: declaration of err shadows declaration at main.go:163:
  internal/fusefrontend/file.go:401: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
  internal/fusefrontend/file.go:419: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
  internal/fusefrontend/fs_dir.go:140: declaration of err shadows declaration at internal/fusefrontend/fs_dir.go:97:
2016-06-14 22:46:23 +02:00
Jakob Unterwurzacher
0c80cca674 toggledlog: convert remaing naked fmt.Print*
Several fatal errors were just printed to stdout, which
meant they were invisible when running the test suite.

Fix this by introducing toggledlog.Fatal and convert as
follows:

Fatal errors     -> toggledlog.Fatal
Warnings         -> toggledlog.Warn
Password prompts -> fmt.Fprintf
2016-06-05 14:32:07 +02:00
Jakob Unterwurzacher
ca54b665e3 main: print actual error from LoadConfFile()
It may not have been a "Wrong password" after all.

Also, push down disabling the warning so LoadConfFile() can
warn about things that matter.
2016-06-05 13:44:22 +02:00
Jakob Unterwurzacher
b97268c948 configfile: bake the "Creator" gocryptfs version into the file
This field is added for the convenience of users and
may help them to identify which gocryptfs version
they need to mount a filesystem.

The same information is essentially contained in FeatureFlags,
but this is more difficult to decode for humans.

It is completely ignored programmatically (also by older gocryptfs
versions).
2016-06-05 11:40:13 +02:00
Jakob Unterwurzacher
281bb8daf0 main: don't tell the user to choose a password when -extpass is used
Instead, print this:

  Using password provided via -extpass.
2016-06-04 15:24:42 +02:00
Jakob Unterwurzacher
2e2ee0a038 main: print relative path in the init success message
... but only if the relative path does not start with "..".

Makes the message easier to grasp. Example:

  $ gocryptfs -init -scryptn=10 v0.9
  [...]
  The filesystem has been created successfully.

Before:
  You can now mount it using: gocryptfs /home/jakob/src/github.com/rfjakob/gocryptfs/integration_tests/example_filesystems/v0.9 MOUNTPOINT

After:
  You can now mount it using: gocryptfs v0.9 MOUNTPOINT
2016-06-04 15:04:57 +02:00