f17721c364
A few more spelling fixes.
2019-01-05 12:27:55 +01:00
61a6b24d4e
doc: update extractloop results
...
Update output and add a nice plot.
2019-01-05 12:17:17 +01:00
28139ca91d
doc: update XFSTESTS results
2019-01-05 12:06:00 +01:00
fab695fa60
Documentation: Fix MANPAGE-render.bash script.
2019-01-04 22:04:44 +01:00
23b5c80a04
Update performance.txt
2019-01-04 22:04:14 +01:00
4b1d080673
Update gocryptfs-xray manpage, have MANPAGE-render.bash generate both
...
have MANPAGE-render.bash generate both gocryptfs.1 and gocryptfs-xray.1
2019-01-04 20:12:07 +01:00
7f0de69fe2
Update changelog and gocryptfs-xray manpage
2019-01-04 20:12:07 +01:00
8c18fb5db9
file-format.md: document AES-SIV block layout
...
Fixes https://github.com/rfjakob/gocryptfs/issues/299
2019-01-04 19:31:41 +01:00
874eaf9734
Assorted spelling fixes.
...
Mostly detected with the 'codespell' utility, but also includes some
manual grammar fixes.
2018-12-27 15:19:55 +01:00
9daa205c10
README: replace openssl-gcm.md with link to wiki
...
The CPU-Benchmarks wiki page has a lot more info
than openssl-gcm.md had.
2018-12-16 12:49:13 +01:00
295d432175
passfile: directly read file instead of invoking cat
...
Allows better error handling, gets rid of the call to an
external program, and fixes https://github.com/rfjakob/gocryptfs/issues/278 .
2018-12-15 17:09:38 +01:00
0751b4e00a
Updated manpage for -idle flag
2018-10-11 22:31:45 +02:00
21f32b1ba7
Update reverse benchmarks
2018-08-18 12:25:03 +02:00
30ba8140f2
Update README for v1.6 release
2018-08-18 12:19:47 +02:00
7e111ea94c
trezor: document -trezor in man page
...
Also fix "--", which was shown as just "-" in the man pager.
2018-08-15 23:34:23 +02:00
5acfbc1b2f
main: add -e as an alias for -exclude
2018-08-15 13:12:13 +02:00
ec2fdc19cf
reverse mode: add --exclude option
...
https://github.com/rfjakob/gocryptfs/issues/235
2018-08-11 23:26:49 +02:00
2ed3f128dd
file-format.md: list full block overhead
...
For large files, the overhead will be 0.78125 %.
2018-07-15 11:24:54 +02:00
7f5a97e843
MANPAGE: add proper description text
...
We only had an "options" section which was
mislabeled as "description". Add a proper description text.
2018-07-07 23:51:16 +02:00
02ab358451
README: Add folders side-by-side animation gif
...
10 second animation that shows what gocryptfs does.
2018-07-01 15:28:22 +02:00
009cc0ae8b
Update README and MANPAGE for v1.5
...
Also update the performance numbers. I see some slowdown, reason
is not yet clear, but nothing to block the release.
2018-06-12 23:07:42 +02:00
4e5783591f
fsck: report skipped corrupt files
...
OpenDir and ListXAttr skip over corrupt entries,
readFileID treats files the are too small as empty.
This improves usability in the face of corruption,
but hides the problem in a log message instead of
putting it in the return code.
Create a channel to report these corruptions to fsck
so it can report them to the user.
Also update the manpage and the changelog with the -fsck option.
Closes https://github.com/rfjakob/gocryptfs/issues/191
2018-04-03 21:24:48 +02:00
9bc039a4ba
Add `-masterkey=stdin` functionality
...
https://github.com/rfjakob/gocryptfs/issues/218
2018-03-22 00:02:10 +01:00
866e850842
MANPAGE: improve markdown rendering
...
The man page is rendered on github at
https://github.com/rfjakob/gocryptfs/blob/master/Documentation/MANPAGE.md .
Improve formatting a little.
2018-02-03 13:39:07 +01:00
7015a6ebfb
Documentation: update xfstests output
...
Also update the v1.4.3 release date to today.
The release was delayed one day.
2018-01-21 20:49:17 +01:00
991708af01
Documentation: add extractloop example output
2018-01-21 20:04:37 +01:00
277ad087ff
MANPAGE: improve description of -o and -ko
...
Was unclear for new users - see https://github.com/rfjakob/gocryptfs/issues/194
2018-01-20 13:35:26 +01:00
a4dff6aea0
Provide basic man page for xray tool ( #193 )
...
Provide basic man page for xray tool
2018-01-10 20:27:03 +01:00
63c3878b7c
Fix spelling
2018-01-10 09:26:48 +01:00
47b13e0a8d
Documentation: Add reverse mode benchmark results
2017-12-05 22:54:08 +01:00
f3c777d5ea
main: Add '-devrandom' commandline option
...
Allows to use /dev/random for generating the master key instead of the
default Go implementation. When the kernel random generator has been
properly initialized both are considered equally secure, however:
* Versions of Go prior to 1.9 just fall back to /dev/urandom if the
getrandom() syscall would be blocking (Go Bug #19274 )
* Kernel versions prior to 3.17 do not support getrandom(), and there
is no check if the random generator has been properly initialized
before reading from /dev/urandom
This is especially useful for embedded hardware with low-entroy. Please
note that generation of the master key might block indefinitely if the
kernel cannot harvest enough entropy.
2017-11-21 23:37:06 +01:00
e36a0ebf18
main: add "-sharedstorage" flag
...
At the moment, it does two things:
1. Disable stat() caching so changes to the backing storage show up
immediately.
2. Disable hard link tracking, as the inode numbers on the backing
storage are not stable when files are deleted and re-created behind
our back. This would otherwise produce strange "file does not exist"
and other errors.
Mitigates https://github.com/rfjakob/gocryptfs/issues/156
2017-11-12 20:06:13 +01:00
b3c20e512f
MANPAGE: explain that you may have to pass -aessiv with -masterkey
...
...if the filesystem was created with that option (or reverse
mode).
Mitigates https://github.com/rfjakob/gocryptfs/issues/148
2017-10-19 22:04:46 +02:00
f0e29d9b90
performance.txt: specify READ tests
2017-09-10 18:42:06 +02:00
a710451d92
performance.txt: update for v1.4.1 latest commits, and kernel update
...
$ uname -a
Linux brikett 4.12.5-300.fc26.x86_64 #1 SMP Mon Aug 7 15:27:25 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
2017-09-03 14:25:01 +02:00
26a6e61a46
MANPAGE: update exit codes
...
The exit codes have been documented in CLI_ABI.md for a while,
but they should also be listed in the man page.
Also fix the rendering of "[-o COMMA-SEPARATED-OPTIONS]", where
the square brackets where interpreted as something. Escape all
square brackets to be safe.
2017-08-21 20:53:25 +02:00
838bf883df
Update performance.txt for Linux kernel upgrade
...
For some reason, writing became a lot faster in Linux 4.11
(scheduler improvements?).
2017-08-15 19:13:00 +02:00
069647842c
Update performance.txt for to Getdents change
2017-08-15 19:07:08 +02:00
d5671b785a
docs: label "ENV CHANGE" column
2017-08-15 19:04:02 +02:00
b3e554acc2
Update performance.txt with new results
...
Massive speed boost for streaming reads.
2017-07-01 10:00:50 +02:00
2932a285aa
Update performance.txt with new numbers
2017-06-29 23:45:39 +02:00
dee88f3c4d
Update performance.txt with new numbers
2017-06-29 19:00:16 +02:00
5c7b5770ce
Update performance numbers
2017-06-20 21:46:27 +02:00
bfe421b327
MANPAGE: reorder options to match "-hh" output; add "-hkdf", "-trace"
2017-06-20 19:49:18 +02:00
afc3a8252b
Add performance numbers for v1.3-69-ge52594d
2017-06-11 21:58:01 +02:00
24a7b1b7b8
Add performance numbers for last change
...
Slight streaming write improvement.
2017-06-11 21:44:24 +02:00
b5358ea623
performance.txt: add numbers for latest change
...
Also, get rid of the half-empty line.
2017-06-09 22:13:23 +02:00
53b7c17261
Don't cap GOMAXPROCS at 4.
...
Before Go 1.5, GOMAXPROCS defaulted to 1, hence it made
sense to unconditionally increase it to 4.
But since Go 1.5, GOMAXPROCS defaults to the number of cores,
so don't keep it from increasing above 4.
Also, update the performance numbers.
2017-06-01 20:55:13 +02:00
cf1ded5236
Implement force_owner option to display ownership as a specific user.
2017-06-01 00:26:17 +02:00
1e598e96fc
main: add "-info" option
...
Pretty-prints the config while stripping out sensitive
(and uninteresting) data
https://github.com/rfjakob/gocryptfs/issues/111
2017-05-30 19:01:32 +02:00
bfc8d47747
doc: add performance numbers for 1.3-27
2017-05-25 21:30:58 +02:00
86c06fc172
doc: CLI_ABI.md: fix exitcodes.go link
...
Needs a leading "..".
2017-05-14 14:35:46 +02:00
22bac16201
doc: update CLI_ABI.md with new exit codes
...
All exit codes that are likely to occour are listed.
2017-05-14 14:34:50 +02:00
3409ade272
forcedecode: tighten checks
...
...and fix a few golint issues and print a scary warning message on mount.
Also, force the fs to ro,noexec.
2017-04-24 00:25:02 +02:00
f1945c4daa
Add -forcedecode
...
Force decode of encrypted files even if the integrity check fails, instead of
failing with an IO error. Warning messages are still printed to syslog if corrupted
files are encountered.
It can be useful to recover files from disks with bad sectors or other corrupted
media.
Closes https://github.com/rfjakob/gocryptfs/pull/102 .
2017-04-23 23:11:56 +02:00
602f62b821
MANPAGE: reformat to GFM (github flavored markdown)
...
This makes it render properly on the github webinterface.
2017-03-28 19:55:46 +02:00
912ef72cc8
MANPAGE: fix alphabetical order and expand scryptn explaination
2017-03-25 19:54:50 +01:00
40f0a8ee72
Further explain the use of 'scryptn' parameter ( #94 )
...
* Further explain the use of 'scryptn' parameter
* Further explain the use of 'scryptn' parameter in MANPAGE
* Use 28 as reasonable upper limit
2017-03-25 18:22:08 +01:00
1ff4ae56c1
README: use pre-rendered PNG logo
...
This keeps the README working even if nuetzlich.net is unavailable.
We use a PNG because github disallows embedding local SVGs.
2017-03-25 14:22:07 +01:00
b78c3bd516
MANPAGE: document "-serialize_reads"
2017-03-19 20:23:49 +01:00
61502f9b94
benchmark: add md5sum read performance benchmark
2017-03-18 16:23:33 +01:00
c304626a47
CLI_ABI: smaller markdown subheadings
...
The old ones were rendered by github almost as big as the parent headings.
2017-03-01 23:31:03 +01:00
98ecf1f074
MANPAGE: document "-speed"
2017-02-26 19:34:23 +01:00
f2920f71e8
MANPAGE: document error code 12
2017-02-26 19:30:28 +01:00
54caaf4b98
Add CLI ABI documentation
...
Closes https://github.com/rfjakob/gocryptfs/issues/77
2017-02-12 19:20:21 +01:00
1e9d735406
Document "--" to stop option parsing in help text + man page
2017-02-12 12:49:04 +01:00
6166dad05c
readpassword: support spaces in "-passfile" filename
...
...and while we are at it, also filenames starting with "-".
2017-01-29 00:34:12 +01:00
de200aad72
main: add "-fsname" option
...
As requested in https://github.com/rfjakob/gocryptfs/issues/73 .
2017-01-26 22:13:57 +01:00
cb5426e8ee
performance.txt: add numbers for current gocryptfs master and encfs v1.9.1
2016-11-26 12:46:58 +01:00
10884603d8
benchmark.bash: double write length
...
Writing 1000 128KB blocks takes only 1 second and yielded
inconsistent results. With 2000, things look saner.
2016-11-26 12:36:55 +01:00
0f8d3318a3
main, fusefrontend: add "-noprealloc" option
...
Preallocation is very slow on hdds that run btrfs. Give the
user the option to disable it. This greatly speeds up small file
operations but reduces the robustness against out-of-space errors.
Also add the option to the man page.
More info: https://github.com/rfjakob/gocryptfs/issues/63
2016-11-25 09:19:14 +01:00
081015aa74
MANPAGE: document ctlsock
2016-11-11 00:01:29 +01:00
b527e205e2
main: rename "-f" to "-fg"
...
"-f" looks too much like "--force". The old variant is still
accepted for compatability.
2016-11-01 19:00:45 +01:00
d6678f73b4
MANPAGE: document -raw64
2016-11-01 18:53:42 +01:00
d41492bcbc
MANPAGE: update version field description
2016-11-01 18:30:32 +01:00
75b776cb3d
MANPAGE: add reverse example, move "-o" into alphabetical list
...
People will search for "-o" alphabetically, so put it into the
alphabetical option list, even if it is not a real option.
2016-11-01 15:55:05 +01:00
e993fd5fbc
packakge.bash: include rendered man page in tarball
2016-11-01 15:43:33 +01:00
86afaee200
MANPAGE: prettify plain-text formatting
2016-10-21 00:05:56 +02:00
c487e176bd
main: allow password change with -masterkey
...
Requested at https://github.com/rfjakob/gocryptfs/issues/28
2016-10-16 18:17:28 +02:00
40420cb4cd
Update performance.txt for v1.1 release
2016-10-09 23:19:08 +02:00
e1c5e71b09
main: add "-passfile" option
...
Make it easier to read the password from a file. Internally this
is equivalent to "-extpass /bin/cat FILE".
2016-10-09 20:08:10 +02:00
9cf3ced0ce
main: also accept options at the end via "-o"
...
For compatability with mount(1), options are also accepted as
"-o COMMA-SEPARATED-OPTIONS" at the end of the command line.
For example, "-o q,zerokey" is equivalent to "-q -zerokey".
2016-10-09 20:05:54 +02:00
25a8802403
main: rename "-o" option to "-ko"
...
This prevents confusion with the "-o" options that is passed
by mount(1) at the end of the command line.
2016-10-09 19:32:55 +02:00
9b1a35174b
MANPAGE: note that "-f" implies "-nosyslog"
...
Also explain why AES-SIV exists.
2016-10-07 23:02:04 +02:00
434ce50db3
main: add "-nonempty" option
2016-10-06 22:41:13 +02:00
e9bb8b800c
reverse: switch from GCM-SIV to AES-SIV
...
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26 23:25:13 +02:00
2050c7f3b3
reverse: add gcmsiv flag and associated tests
2016-09-25 16:43:17 +02:00
77e7abdf8c
XFSTESTS.md: add output from latest fuse-xfstests
...
fuse-xfstests is regularily rebased to xfstests master.
2016-07-03 22:15:59 +02:00
a8a0d2d92c
MANPAGE: note that "-plaintextnames" disables symlink encryption
...
This is no change in behavoir, just a clarification in the man page.
2016-06-26 23:08:25 +02:00
15b88756ad
main: add "-o" option to enable "suid" and "dev"
...
Device files and suid binaries are often not needed when running
gocryptfs as root. As they are potentially dangerous, let the
user enable them explicitely via the new "-o" option instead of
always enabling them when running as root.
2016-06-26 23:03:18 +02:00
b558901e66
Drop deprecated "-gcmiv128" option
...
The GCMIV128 feature flag is already mandatory, dropping the command
line option is the final step.
Completes https://github.com/rfjakob/gocryptfs/issues/29 .
2016-06-23 22:10:19 +02:00
3d59a72ba9
Drop deprecated "-emenames" option
...
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:56:50 +02:00
b17f0465c7
Drop deprecated "-diriv" option
...
The DirIV feature flag is already mandatory, dropping the command
line option is the final step.
2016-06-23 21:38:59 +02:00
1dcafb99ff
main: drop "on-disk format" from -version output, add Go version
...
As v0.4 introduced ext4-style feature flags, the on-disk format version
is unlinkely to change. Drop it from the version output to reduce
clutter. Use "gocryptfs -version -debug" to see it.
Add the Go version string because only Go 1.6 and newer have an optimized
AES-GCM implementation. This will help users to understand the performance
of their build.
2016-06-19 19:33:15 +02:00
82d87ff8ed
Add "-ro" (read-only) flag
...
From the man page:
**-ro**
: Mount the filesystem read-only
Also add a test.
2016-06-16 21:29:22 +02:00
f030123ab5
Add performance numbers for v0.11
2016-06-08 00:32:40 +02:00
e7f78135b3
Add "-allow_other" command-line option
...
As requested in https://github.com/rfjakob/gocryptfs/issues/26 ,
this adds the option to allow other users to access the filesystem.
2016-05-18 19:30:05 +02:00
4ad9d4e444
prefer_openssl: add amd64 constraint
...
Optimized assembly versions for Go GCM are only available
on amd64.
2016-05-12 09:50:36 +02:00
49b597f07c
prefer_openssl: autodetect whether to use OpenSSL or Go GCM
...
Go GCM is faster than OpenSSL if the CPU has AES instructions
and you are running Go 1.6+.
The "-openssl" option now defaults to "auto".
"gocryptfs -debug -version" displays the result of the autodetection.
See https://github.com/rfjakob/gocryptfs/issues/23 for details and
benchmarks.
2016-05-12 00:42:42 +02:00
39f3a24484
stupidgcm: completely replace spacemonkeygo/openssl
2016-05-04 19:56:07 +02:00
Sebastian Lackner