hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity
2,065 Commits 2 Branches 0 Tags 6 MiB
b221d4cf3c
Commit Graph

2065 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hardcore Sushi
b221d4cf3c
libgocrypfs: OpenSSL as git submodule 2024-07-18 21:50:26 +02:00
Hardcore Sushi
4f32853ae5
libgocryptfs: update to gocryptfs v2.4.0 2023-09-07 17:30:22 +02:00
Jakob Unterwurzacher
8979cca43e README: update changelog for v2.4.0 2023-06-10 16:31:49 +02:00
Jakob Unterwurzacher
3058b7978f tests: add cluster test 
finds out what happens if multiple
gocryptfs mounts write to one file concurrently
(usually, nothing good).

This use case is relevant for HPC clusters.
 2023-05-30 09:43:45 +02:00
Jakob Unterwurzacher
b725de5ec3 fsstress-gocryptfs.bash: improve header comment 
I maybe should have noted that this is xfstests generic/013.
 2023-05-19 13:17:24 +02:00
Jakob Unterwurzacher
c67454464a tests: TestDirectMount: check for default_permissions 2023-05-18 10:14:21 +02:00
Jakob Unterwurzacher
09954c4bde fusefrontend: implement our own Access() 
Not having Access() means go-fuse emulates it by looking at Getattr().
This works fine most of the time, but breaks down on sshfs, where
sshfs-benchmark.bash shows this:

	gocryptfs/tests$ ./sshfs-benchmark.bash nuetzlich.net
	working directory: /tmp/sshfs-benchmark.bash.JQC
	sshfs mounted: nuetzlich.net:/tmp -> sshfs.mnt
	gocryptfs mounted: sshfs.mnt/sshfs-benchmark.bash.Wrz/gocryptfs.crypt -> gocryptfs.mnt

	sshfs-benchmark.bash:    sshfs  gocryptfs-on-sshfs
	git init                  3.98                6.80
	rsync                     7.71               10.84
	rm -R                     4.30rm: descend into write-protected directory 'gocryptfs.mnt/git1'?

The go-fuse emulation gets it wrong here because sshfs reports
permissions but does not enforce them.

Implement it ourselves properly.
 2023-05-17 23:26:56 +02:00
Jakob Unterwurzacher
7d1e48d195 go.mod: add test dependency github.com/moby/sys/mountinfo 2023-05-17 17:22:39 +02:00
Jakob Unterwurzacher
a40e9a8622 mount: set DirectMount: true 
Attempt to directly call mount(2) before trying fusermount. This means we
can do without fusermount if running as root.

https://github.com/rfjakob/gocryptfs/issues/697
 2023-05-17 16:47:22 +02:00
Jakob Unterwurzacher
8d3b992824 tests: TestDirectMount: also check dev, suid 2023-05-17 16:08:49 +02:00
Jakob Unterwurzacher
b4defa636b mount: drop "max_read=" 
go-fuse now sets this internally.

Regression-tested in TestDirectMount.
 2023-05-17 15:48:23 +02:00
Jakob Unterwurzacher
199a74bc1a mount: set FsName via go-fuse 
go-fuse now handles setting FsName, including DirectMount,
so use that instead of our own solution.

Regression-tested in TestDirectMount.
 2023-05-17 15:38:35 +02:00
Jakob Unterwurzacher
d7a3d7b97d tests: add TestDirectMount 
This is in preparation of adding directmount capability.

It also check that FsName is set correctly, which is
in preparation for the next patch.
 2023-05-17 15:34:47 +02:00
Jakob Unterwurzacher
76d0f3ca7c tests: root_test: use TMPDIR=/var/tmp 
Otherwise we fail like this on my Fedora 38 box:

	=== RUN   TestOverlay
	DetectQuirks: tmpfs detected, no extended attributes except acls will work.
	    root_test.go:379: No user xattrs! overlay mount will likely fail.
	15:15:57.957960 Unimplemented opcode OPCODE-51
	    root_test.go:398: mount: /tmp/gocryptfs-test-parent-0/3652394902/TestOverlay.2374697046.mnt/merged: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
	               dmesg(1) may have more information after failed mount system call.

	    root_test.go:399: exit status 32
	--- FAIL: TestOverlay (0.04s)
	FAIL

Also fix the messed-up DetectQuirks bit test.
 2023-05-17 15:21:20 +02:00
Jakob Unterwurzacher
1a866b7373 canonical-benchmarks.bash: drop page cache of "zero" file 
For the streaming read benchmark, we don't want to benchmark
the page cache.
 2023-05-12 09:55:54 +02:00
Hardcore Sushi
ab3e788676
libgocryptfs: update to gocryptfs v2.3.2 2023-05-07 14:09:44 +02:00
Jakob Unterwurzacher
aa1d8a0f90 cli: don't split multiple-strings flags on comma 
Looks like I used StringSliceVar (which splits on comma)
where I should have always used StringArrayVar (which does not).

Bug report contains this example of misbehavoir:

	#gocryptfs -extpass 'echo abc,123' -init testdir
	Reading password from extpass program "echo abc", arguments: ["123"]
	extpass cmd start failed: exec: "echo abc": executable file not found in $PATH

Fixes https://github.com/rfjakob/gocryptfs/issues/730
 2023-05-03 21:14:53 +02:00
Jakob Unterwurzacher
6c14d25d44 tests: TestParseCliOpts: de-uglify testcase list 2023-05-03 20:56:36 +02:00
Hardcore Sushi
6308adf8e5
libgocryptfs: fix config loading by scrypt hash 2023-05-03 14:13:46 +02:00
Hardcore Sushi
a238cc392f
libgocryptfs: make gcf_init return error code 2023-05-02 22:30:46 +02:00
Jakob Unterwurzacher
feb23c5d58 Update changelog for v2.3.2 2023-04-29 14:37:52 +02:00
Jakob Unterwurzacher
300fe96ae3 Update go-fuse to v2.3.0 
go get github.com/hanwen/go-fuse/v2
 2023-04-29 14:35:26 +02:00
Jakob Unterwurzacher
24b3978715 fusefrontent: report correct size on hard link creation 
And add a test for it.

Fixes https://github.com/rfjakob/gocryptfs/issues/724
 2023-03-29 22:16:14 +02:00
Hardcore Sushi
79f9a10e35
libgocryptfs: update dependencies 2023-03-15 18:46:31 +01:00
Hardcore Sushi
f3b722fdff
libgocryptfs: update to gocryptfs v2.3.1 2023-03-15 18:45:18 +01:00
Jakob Unterwurzacher
b370325ccf speed: GoGCM: start at block size 16 
BenchmarkGoGCMBlockSize/16-4      	 5499200	       219.7 ns/op	  72.83 MB/s
BenchmarkGoGCMBlockSize/32-4      	 4497284	       266.2 ns/op	 120.22 MB/s
BenchmarkGoGCMBlockSize/64-4      	 3296336	       363.4 ns/op	 176.10 MB/s
BenchmarkGoGCMBlockSize/128-4     	 4204794	       285.5 ns/op	 448.36 MB/s
BenchmarkGoGCMBlockSize/256-4     	 2928472	       409.7 ns/op	 624.83 MB/s
BenchmarkGoGCMBlockSize/512-4     	 1825164	       658.0 ns/op	 778.09 MB/s
BenchmarkGoGCMBlockSize/1024-4    	 1000000	      1151 ns/op	 889.98 MB/s
BenchmarkGoGCMBlockSize/2048-4    	  560275	      2135 ns/op	 959.47 MB/s
BenchmarkGoGCMBlockSize/4096-4    	  291906	      4099 ns/op	 999.28 MB/s
BenchmarkGoGCMBlockSize/8192-4    	  148916	      8033 ns/op	1019.83 MB/s
BenchmarkGoGCMBlockSize/16384-4   	   75337	     15911 ns/op	1029.75 MB/s
BenchmarkGoGCMBlockSize/32768-4   	   37912	     31651 ns/op	1035.30 MB/s
BenchmarkGoGCMBlockSize/65536-4   	   19000	     64287 ns/op	1019.43 MB/s
BenchmarkGoGCMBlockSize/131072-4  	    9225	    127636 ns/op	1026.92 MB/s
BenchmarkGoGCMBlockSize/262144-4  	    4752	    252300 ns/op	1039.02 MB/s
BenchmarkGoGCMBlockSize/524288-4  	    2377	    504612 ns/op	1038.99 MB/s
BenchmarkGoGCMBlockSize/1048576-4 	    1183	   1011637 ns/op	1036.51 MB/s
 2023-03-08 17:04:07 +01:00
Jakob Unterwurzacher
d74cf7c723 speed: add per-blocksize GoGCM benchmarks 
Only visible when you run "go test -bench" like this:

$ cd gocryptfs/internal/speed
$ go test -bench .

goos: linux
goarch: amd64
pkg: github.com/rfjakob/gocryptfs/v2/internal/speed
cpu: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BenchmarkStupidGCM-4              	  202352	      5937 ns/op	 689.96 MB/s
BenchmarkStupidGCMDecrypt-4       	  206023	      5782 ns/op	 708.38 MB/s
BenchmarkGoGCM-4                  	  291878	      4098 ns/op	 999.45 MB/s
BenchmarkGoGCMBlockSize/1024-4    	 1000000	      1151 ns/op	 889.88 MB/s
BenchmarkGoGCMBlockSize/2048-4    	  561182	      2134 ns/op	 959.60 MB/s
BenchmarkGoGCMBlockSize/4096-4    	  292057	      4101 ns/op	 998.87 MB/s
BenchmarkGoGCMBlockSize/8192-4    	  149216	      8031 ns/op	1020.09 MB/s
BenchmarkGoGCMBlockSize/16384-4   	   75361	     15917 ns/op	1029.34 MB/s
BenchmarkGoGCMBlockSize/32768-4   	   37916	     31649 ns/op	1035.35 MB/s
BenchmarkGoGCMBlockSize/65536-4   	   19005	     63117 ns/op	1038.33 MB/s
BenchmarkGoGCMBlockSize/131072-4  	    9498	    126166 ns/op	1038.89 MB/s
BenchmarkGoGCMBlockSize/262144-4  	    4755	    252149 ns/op	1039.64 MB/s
BenchmarkGoGCMBlockSize/524288-4  	    2377	    504108 ns/op	1040.03 MB/s
BenchmarkGoGCMBlockSize/1048576-4 	    1188	   1008675 ns/op	1039.56 MB/s
BenchmarkGoGCMDecrypt-4           	  294664	      4059 ns/op	1009.02 MB/s
BenchmarkAESSIV-4                 	   46498	     25432 ns/op	 161.05 MB/s
BenchmarkAESSIVDecrypt-4          	   46908	     25509 ns/op	 160.57 MB/s
BenchmarkXchacha-4                	  244473	      4894 ns/op	 836.97 MB/s
BenchmarkXchachaDecrypt-4         	  249710	      4798 ns/op	 853.75 MB/s
BenchmarkStupidXchacha-4          	  166988	      7101 ns/op	 576.79 MB/s
BenchmarkStupidXchachaDecrypt-4   	  163093	      7240 ns/op	 565.72 MB/s
BenchmarkStupidChacha-4           	  184172	      6527 ns/op	 627.58 MB/s
BenchmarkStupidChachaDecrypt-4    	  179796	      6659 ns/op	 615.11 MB/s
PASS
ok  	github.com/rfjakob/gocryptfs/v2/internal/speed	30.068s
 2023-03-08 16:54:56 +01:00
Jakob Unterwurzacher
77a0410e2e README: update changelog for v2.3.1 2023-03-04 13:52:45 +01:00
rfjakob
403f59b1c0
Update README.md 
Package has been removed from Fedora.

https://github.com/rfjakob/gocryptfs/issues/659
 2023-02-25 18:12:10 +01:00
Jakob Unterwurzacher
8f3ec5dcaa fusefrontend: unbreak isConsecutiveWrite streaming write optimization 
Commit 6196a5b5 got the logic inverted, hence we never
set the last position markers.

Fixes https://github.com/rfjakob/gocryptfs/issues/712
 2023-02-21 22:08:41 +01:00
Jakob Unterwurzacher
85297cda97 fusefrontend: doWrite: report readFileID errors as I/O error 
It used to be reported as "function not implemented", accompanied
with this log output:

  go-fuse: can't convert error type: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000

Now we report EIO and log this:

  doWrite 1372183: corrupt header: ParseHeader: header is all-zero. Header hexdump: 000000000000000000000000000000000000
 2023-02-21 22:08:41 +01:00
Jakob Unterwurzacher
e9a5b8962b contentenc: simplify testRange tables 
Get rid of this eyesore.
 2023-02-21 22:08:41 +01:00
Evgeny
6dc8c26100 MANPAGE: add a note on enabling Trash on macOS 2023-02-01 08:38:33 +01:00
Jakob Unterwurzacher
88bc0aa607 MANPAGE: scryptn: list how much memory is needed 
Calculated acc. to https://words.filippo.io/the-scrypt-parameters/ ,
and add benchmarks to double-check the numbers. They match.
 2023-01-08 22:17:14 +01:00
Gisi0
0b5b864a06 Update MANPAGE.md 
added which package on linux is needed to use fido2 stick
 2023-01-07 10:04:08 +01:00
a1346054
3c1ac3b06b MANPAGE.md: use correct indefinite article a->an 2023-01-01 22:06:29 +01:00
Jakob Unterwurzacher
c4b95cf35a github ci: bump actions ; add "stable" and "oldstable" Go versions 2022-12-29 15:28:59 +01:00
Jakob Unterwurzacher
b2a5cec4dd main: BuildInfo: fix build with Go 1.17 and older 
On Go 1.17 and older we get this:

  Error: ./version.go:67:24: info.Settings undefined (type *debug.BuildInfo has no field or method Settings)

Fix the build error by shedding some nice-to-have features.
 2022-12-29 15:21:17 +01:00
Jakob Unterwurzacher
856ccaac10 make format 
Run "make format" using
go version go1.19.4 linux/amd64
 2022-12-29 15:00:37 +01:00
Jakob Unterwurzacher
99cdaa0b69 main: refactor BuildInfo code 
Simplify and move it into a new file version.go.
 2022-12-29 14:43:48 +01:00
Daniel Theophanes
439dea1b19 Use existing build information for version if not embedded with build script 
Go1.12 introduced BuildInfo which embeds build information. It does
not embed build date to facilitate reproducable builds by default.
If build information is embedded from build script, use the information
provided by the Go build system.
 2022-12-29 14:42:13 +01:00
Jakob Unterwurzacher
ff32e99791 main: doMount: call Setsid before starting logger 
The logger should be in the new background session together
with the gocryptfs process.

Before:
	$ xfce4-terminal -x gocryptfs a b
	$ ps xao pid,ppid,pgid,sid,comm,args
	    PID    PPID    PGID     SID COMMAND         COMMAND
	 192272    1371  192272  192272 gocryptfs       /ssd2/jakob.donotbackup/go/bin/gocryptfs -fg -notifypid=192265 a b
	 192292  192272  192265  192265 logge <defunct> [logger] <defunct>

After:
	$ xfce4-terminal -x gocryptfs a b
	$ ps xao pid,ppid,pgid,sid,comm,args
	    PID    PPID    PGID     SID COMMAND         COMMAND
	 211714    1371  211714  211714 gocryptfs       /ssd2/jakob.donotbackup/go/bin/gocryptfs -fg -notifypid=211708 a b
	 211776  211714  211714  211714 logger          logger -t gocryptfs-211714-logger

Fixes https://github.com/rfjakob/gocryptfs/issues/660
 2022-12-29 13:57:03 +01:00
Christian Stewart
7ee4c8e9c3 go.mod: fix jacobsa/crypto build on riscv64 
Replace dependency jacobsa/crypto with a fork with support for riscv64.

Issue: https://github.com/rfjakob/gocryptfs/issues/666

Upstream PR: https://github.com/jacobsa/crypto/issues/13

Unaddressed on jacobsa/crypto:

https://github.com/jacobsa/crypto/pull/14#issuecomment-1182744229

Signed-off-by: Christian Stewart <christian@paral.in>
 2022-12-21 18:38:11 +01:00
Val
0ec7ffbfe9 Upgrade go-fuse 
Ran `go get -u github.com/hanwen/go-fuse/v2@master` to get this diff

As pointed out in https://github.com/rfjakob/gocryptfs/issues/595#issuecomment-1222271612, go-fuse was updated with a patch to allow `-reverse` mode on macOS!
 2022-11-27 10:18:11 +01:00
Jakob Unterwurzacher
f8bd172289 Update changelog for v2.3.0 2022-10-21 22:06:25 +02:00
Hardcore Sushi
27232cbdb7
libgocryptfs: update to gocryptfs v2.3 2022-09-18 15:05:28 +02:00
Jakob Unterwurzacher
a55b3cc15a tests/matrix: fix data race in TestConcurrentReadWrite 
Fixes https://github.com/golang/go/issues/54715

Output was:

$ go test ./tests/matrix -run TestConcurrentReadWrite -race
test_helpers: warning: testParentDir "/tmp/gocryptfs-test-parent-1026" does not reside on ext4, we will miss failures caused by ino reuse
PASS
PASS
==================
WARNING: DATA RACE
Write at 0x00c00038a0e0 by goroutine 63:
  runtime.racewriterange()
      <autogenerated>:1 +0x29
  internal/poll.(*FD).Pread()
      /usr/local/go/src/internal/poll/fd_unix.go:193 +0x169
  os.(*File).pread()
      /usr/local/go/src/os/file_posix.go:40 +0x335
  os.(*File).ReadAt()
      /usr/local/go/src/os/file.go:136 +0x2de
  github.com/rfjakob/gocryptfs/v2/tests/matrix.TestConcurrentReadWrite.func1()
      /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/matrix/concurrency_test.go:40 +0x14b

Previous write at 0x00c00038a0e0 by goroutine 61:
  runtime.racewriterange()
      <autogenerated>:1 +0x29
  internal/poll.(*FD).Pread()
      /usr/local/go/src/internal/poll/fd_unix.go:193 +0x169
  os.(*File).pread()
      /usr/local/go/src/os/file_posix.go:40 +0x335
  os.(*File).ReadAt()
      /usr/local/go/src/os/file.go:136 +0x2de
  github.com/rfjakob/gocryptfs/v2/tests/matrix.TestConcurrentReadWrite.func1()
      /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/matrix/concurrency_test.go:40 +0x14b

Goroutine 63 (running) created at:
  github.com/rfjakob/gocryptfs/v2/tests/matrix.TestConcurrentReadWrite()
      /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/matrix/concurrency_test.go:34 +0x31d
  testing.tRunner()
      /usr/local/go/src/testing/testing.go:1446 +0x216
  testing.(*T).Run.func1()
      /usr/local/go/src/testing/testing.go:1493 +0x47

Goroutine 61 (running) created at:
  github.com/rfjakob/gocryptfs/v2/tests/matrix.TestConcurrentReadWrite()
      /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/matrix/concurrency_test.go:34 +0x31d
  testing.tRunner()
      /usr/local/go/src/testing/testing.go:1446 +0x216
  testing.(*T).Run.func1()
      /usr/local/go/src/testing/testing.go:1493 +0x47
==================
--- FAIL: TestConcurrentReadWrite (0.03s)
    testing.go:1319: race detected during execution of test
FAIL
TestMain: matrix[2] = matrix.testcaseMatrix{plaintextnames:false, openssl:"false", aessiv:false, raw64:false, extraArgs:[]string(nil)} failed
FAIL	github.com/rfjakob/gocryptfs/v2/tests/matrix	0.170s
FAIL
 2022-08-28 20:31:27 +02:00
Jakob Unterwurzacher
59165f0f53 github ci: add new stable Go versions 2022-08-28 12:10:25 +02:00
Jakob Unterwurzacher
4bd1a8db4c README: Update Changelog for v2.3 2022-08-28 12:04:44 +02:00
Jakob Unterwurzacher
6677d8f1d5 Replace remaining golang.org/x/crypto/ssh/terminal ref with golang.org/x/term 
Fixes https://github.com/rfjakob/gocryptfs/issues/681
Fixes 2a25c3a8fd
 2022-08-28 12:03:34 +02:00