Jakob Unterwurzacher
6ac9dcaae0
tests: use fuse-unmount.bash
...
...instead of having separate compatability logic.
2017-02-15 23:13:33 +01:00
Jakob Unterwurzacher
ce2e610428
OSX compat: replace fusermount calls with fuse-unmount.bash
...
Mac OS X does not have fusermount and uses umount instead.
The fuse-unmount.bash calls the appropriate command.
2017-02-15 23:02:01 +01:00
Jakob Unterwurzacher
6be7808992
Add Mac OS X fusermount replacement script
2017-02-14 21:38:28 +01:00
Jakob Unterwurzacher
3784901fce
readpassword: limit password length to 1000 bytes
...
This used to hang at 100% CPU:
cat /dev/zero | gocryptfs -init a
...and would ultimately send the box into out-of-memory.
The number 1000 is chosen arbitrarily and seems big enough
given that the password must be one line.
Suggested by @mhogomchungu in https://github.com/rfjakob/gocryptfs/issues/77 .
2017-02-13 09:13:22 +01:00
Jakob Unterwurzacher
54caaf4b98
Add CLI ABI documentation
...
Closes https://github.com/rfjakob/gocryptfs/issues/77
2017-02-12 19:20:21 +01:00
Jakob Unterwurzacher
8adfbf2dc3
Check for trailing garbage after the password
...
From the comment:
// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
2dd90ac19c
readpassword: improve comment on readPasswordStdin
2017-02-12 13:55:30 +01:00
Jakob Unterwurzacher
1e9d735406
Document "--" to stop option parsing in help text + man page
2017-02-12 12:49:04 +01:00
Jakob Unterwurzacher
dc2dc9f88c
main: suggest "-q" to suppress master key message
...
If the user has already saved the master key and is not
aware of "-q" the master key needlessly ends up in the terminal
buffer.
Closes https://github.com/rfjakob/gocryptfs/issues/76
2017-02-12 12:23:16 +01:00
Jakob Unterwurzacher
357307cbcf
tests: ctlsock: check warning for non-canonical paths
2017-02-12 12:22:25 +01:00
Jakob Unterwurzacher
0f40afc832
ctlsock: handle non-canonical empty paths
...
We have to check if the input path is empty AFTER canonicalizing it,
too!
2017-02-05 18:17:30 +01:00
Jakob Unterwurzacher
8bcae63a5a
ctlsock: sanitize: handle multiple leading slashes
2017-02-05 18:05:35 +01:00
Jakob Unterwurzacher
2bdd0ec802
golint comment fix
...
internal/ctlsock/ctlsock_serve.go:73:1: comment on exported const
ReadBufSize should be of the form "ReadBufSize ..."
2017-01-29 19:01:16 +01:00
Jakob Unterwurzacher
c8fb619971
contrib: add ctlsock helper scripts
2017-01-29 18:56:17 +01:00
Jakob Unterwurzacher
1273d7edae
ctlsock: better error message for forward mode path decryption
2017-01-29 18:55:52 +01:00
Jakob Unterwurzacher
53fe6f5690
ctlsock: abort message processing on JSON error
...
The code was missing a "continue" in that branch.
Also improve the error messages a bit.
2017-01-29 18:25:46 +01:00
Jakob Unterwurzacher
532ef15417
ctlsock: interpret paths that point above CWD as ""
...
Paths that start with ".." were previously accepted as-is.
2017-01-29 15:24:47 +01:00
Jakob Unterwurzacher
6166dad05c
readpassword: support spaces in "-passfile" filename
...
...and while we are at it, also filenames starting with "-".
2017-01-29 00:34:12 +01:00
Jakob Unterwurzacher
de200aad72
main: add "-fsname" option
...
As requested in https://github.com/rfjakob/gocryptfs/issues/73 .
2017-01-26 22:13:57 +01:00
Jakob Unterwurzacher
39eca53677
main: make sure the ctlsock file is deleted on incorrect password
...
Otherwise the next try to mount ends in
"ctlsock: listen unix ctl.sock: bind: address already in use"
2017-01-26 21:32:08 +01:00
Jakob Unterwurzacher
a7c7588deb
fusefrontend: fix hard-linking with long name
...
This used to incorrectly try to link twice and return EEXIST.
2017-01-26 20:56:42 +01:00
Jakob Unterwurzacher
d2224aec58
tests: add TestLongLink (currently broken)
2017-01-26 20:49:35 +01:00
Jakob Unterwurzacher
de87a256ab
tlog: better comment for the terminal colors
2017-01-26 20:01:45 +01:00
Jakob Unterwurzacher
fe1705c55b
reverse: add single-entry path cache
...
Speeds up the "ls -lR" benchmark from 2.6 seconds to 2.0.
2017-01-03 18:14:01 +01:00
Jakob Unterwurzacher
ef089c9f80
reverse: factor out rDecryptName
...
This prepares the code for the introduction of a path cache.
2017-01-03 17:46:11 +01:00
Jakob Unterwurzacher
2643dd0ea5
test.bash: don't let the test process inherit the lock file
...
This meant that dangling mounts (and gocryptfs processes) kept
the lock open.
2017-01-03 17:40:20 +01:00
Jakob Unterwurzacher
3e4b29634a
Add reverse benchmark
2017-01-03 15:16:02 +01:00
Jakob Unterwurzacher
94b66ee1b2
tests: only check the size in dl-linux-tarball.bash
...
Getting rid of the MD5 calculation makes calling the script
virtually free, where it took 0.2 seconds before.
2017-01-03 14:33:55 +01:00
Jakob Unterwurzacher
53555fec1c
tests: factor out dl-linux-tarball.bash
...
This will be also used by the reverse benchmarks.
2017-01-03 14:17:42 +01:00
Jakob Unterwurzacher
53aedc3783
main: disconnect from the controlling terminal
...
This prevents us from getting SIGINT when the user
kills the running script.
2017-01-02 23:29:52 +01:00
Jakob Unterwurzacher
9be3d2c214
benchmark.bash: reject "-openssl" option for encfs mode
2016-12-13 22:16:21 +01:00
Jakob Unterwurzacher
15d6da6c48
benchmark.bash: add proper argument handling
2016-12-13 22:13:54 +01:00
Jakob Unterwurzacher
2bacbdf99d
benchmark.bash: OSX dd does not support "K" postfix
2016-12-13 22:13:12 +01:00
Jakob Unterwurzacher
0749fbd9c9
benchmark.bash: add comments to show how to force openssl usage
2016-12-10 21:14:57 +01:00
Jakob Unterwurzacher
8be54bf3f8
prefer_openssl: default to Go GCM on OSX
2016-12-10 21:04:17 +01:00
Jakob Unterwurzacher
12374be9c5
ctlsock: abort the connection if the request is too big
...
Reading partial JSON would cause a mess. Just kill the connection.
Also, stop using syscall.PathMax that is not defined on Darwin
( https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-264253024 )
2016-12-10 20:43:08 +01:00
Jakob Unterwurzacher
8945f4db95
ctlsock: add a note about Accept() throwing errors on Close()
2016-12-10 15:01:00 +01:00
Jakob Unterwurzacher
6af725ff09
ctlsock: exit early if socket cannot be created; delete on exit
...
Both are achieved by opening the socket from main and passing
it to the ctlsock package instead of passing the path.
2016-12-10 14:54:06 +01:00
Jakob Unterwurzacher
e1833fa26a
test.bash: call vet early
2016-12-10 14:53:04 +01:00
Jakob Unterwurzacher
967e7bd125
stupidgcm: Fix without_openssl build failure
...
Also, always call build-without-openssl.bash from test.bash.
Failure was:
internal/stupidgcm/without_openssl.go:29: missing return at end of function
2016-12-10 13:15:19 +01:00
Jakob Unterwurzacher
2758c75cae
ctlsock: sanitize paths before passing them to the backend
...
You used to be able to crash gocryptfs by passing "/foo"
of "foo/" to the ctlsock.
Fixes https://github.com/rfjakob/gocryptfs/issues/66
2016-12-10 12:59:54 +01:00
Jakob Unterwurzacher
21904cd5f0
ctlsock: exit if socket cannot be created
2016-12-10 12:49:43 +01:00
Jakob Unterwurzacher
3e59041147
test.bash: check for naked "panic()" calls
2016-12-10 11:54:54 +01:00
Jakob Unterwurzacher
c9f4400e6d
Replace all calls to naked panic() with log.Panic()
...
We want all panics to show up in the syslog.
2016-12-10 11:54:36 +01:00
Jakob Unterwurzacher
6c86afb5cd
build-without-openssl: compile statically
...
$ ldd gocryptfs
not a dynamic executable
$ file gocryptfs
gocryptfs: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped
2016-12-06 22:47:18 +01:00
Jakob Unterwurzacher
9b57384574
README: v1.2 includes the rendered man page in the tarball
2016-12-04 20:38:48 +01:00
Jakob Unterwurzacher
ec89eb1d76
Update README for v1.2 release
2016-12-04 19:32:23 +01:00
Jakob Unterwurzacher
55df8acac3
fusefrontend: preserve owner for symlinks
...
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28 23:15:24 +01:00
Jakob Unterwurzacher
e3c5e3f1c8
fusefronted: preserve owner for device nodes and sockets
...
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28 23:09:47 +01:00
Jakob Unterwurzacher
a66440c668
fusefrontend: use Lchown when preserving owner
...
This prevents (unlikely) symlink race attacks
2016-11-28 22:46:04 +01:00