Commit Graph

869 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
2efd25eefe Update README for v0.4
Also, add short comments to the top of main_test.go and
performance_test.go.
2015-11-15 16:06:19 +01:00
Jakob Unterwurzacher
40882c6e49 tests: add example_filesystems, test password and -masterkey mount 2015-11-15 15:05:15 +01:00
Jakob Unterwurzacher
296bdf3af2 CipherSizeToPlainSize: Handle illegal states
A file never gets a cipherSize <= HEADER_LEN in normal operation.
However, this can happen if header write it interrupted or the
underlying filesystem does not support fallocate.

Noticed while trying to store a CIPHERDIR in another gocryptfs mount
(gocryptfs does not support fallocate)
2015-11-15 14:15:21 +01:00
Jakob Unterwurzacher
09499be6e9 Move "Debug output enabled" after forkChild() to remove duplicate output 2015-11-15 13:56:01 +01:00
Jakob Unterwurzacher
7a2ab0b233 tests: add tests for "-config" option 2015-11-15 13:48:30 +01:00
Jakob Unterwurzacher
d95fc2333a Add "-extpass" cli option and associated tests 2015-11-15 13:42:04 +01:00
Jakob Unterwurzacher
066c2c90eb MANPAGE: add "-config" flag
Also, "-plaintextnames" can be used with -zerokey.
Fix the incorrect description.
2015-11-14 21:31:39 +01:00
Jakob Unterwurzacher
58592330dc Refactor cli argument handling
Also, add the "-config" option for storing gocryptfs.conf
outside of CIPHERDIR.
2015-11-14 21:25:10 +01:00
Jakob Unterwurzacher
6736212b29 README: add beta badge and update text
Also, improve the help text.
2015-11-14 19:15:51 +01:00
Jakob Unterwurzacher
d69e0df668 README: add beta badge 2015-11-14 18:32:03 +01:00
Jakob Unterwurzacher
b06c1ebfc4 Revert "Travis CI: build using build.bash"
Build fails, see https://github.com/hanwen/go-fuse/pull/72 for details

This reverts commit 4637098b20.
2015-11-14 18:27:06 +01:00
Jakob Unterwurzacher
4637098b20 Travis CI: build using build.bash 2015-11-14 17:25:04 +01:00
Jakob Unterwurzacher
61aacb5c1b Run go fmt and go vet 2015-11-14 17:16:17 +01:00
Jakob Unterwurzacher
f9c21e91aa tests: Add file create benchmarks for different sizes
Example output on my machine:

~/src/github.com/rfjakob/gocryptfs$ ./benchmark.bash
gocryptfs v0.3.1-25-g2e33888-dirty; on-disk format 2
PASS
BenchmarkStreamWrite-2	     100	  12189867 ns/op	  86.02 MB/s
BenchmarkStreamRead-2 	     200	   9113262 ns/op	 115.06 MB/s
BenchmarkCreate0B-2   	   10000	    100249 ns/op
BenchmarkCreate1B-2   	   10000	    177680 ns/op	   0.01 MB/s
BenchmarkCreate100B-2 	    3000	    431586 ns/op	   0.23 MB/s
BenchmarkCreate4kB-2  	    3000	    455204 ns/op	   9.00 MB/s
BenchmarkCreate10kB-2 	    3000	    594044 ns/op	  17.24 MB/s
ok  	github.com/rfjakob/gocryptfs/integration_tests	15.176s
2015-11-14 16:49:59 +01:00
Jakob Unterwurzacher
2e3388800d tests: replace linux kernel untar test with synthetic small file creation 2015-11-12 21:18:18 +01:00
Jakob Unterwurzacher
3664320fe5 tests: move integration tests to separate directory
Also, use new "-defaultonly" flag for benchmarks
(only tests with openssl=true plaintextnames=false)
2015-11-12 21:02:44 +01:00
Jakob Unterwurzacher
ad41cdae11 README: Add link to MANPAGE 2015-11-11 09:21:32 +01:00
Jakob Unterwurzacher
0084087d35 Add MANPAGE.md and MANPAGE-render.bash
MANPAGE-render.bash renders the markdown to a proper man(1) manpage
2015-11-11 09:15:14 +01:00
Jakob Unterwurzacher
e43733ca0d Also hide master key reminder with "-q"
Also fix missing newline after password prompt
2015-11-09 23:33:35 +01:00
Jakob Unterwurzacher
51fcf61630 Use new arg "-notifypid" for more robust daemonization
No more string matching on the parent command line!
2015-11-09 23:33:35 +01:00
Jakob Unterwurzacher
273d8086ae cli: Create our own FlagSet so we can set the policy to ExitOnError 2015-11-09 23:33:29 +01:00
Jakob Unterwurzacher
99dfc84992 Add "-q" (quiet) flag 2015-11-09 22:33:42 +01:00
Jakob Unterwurzacher
79b36dd8eb Add TODO file 2015-11-09 22:06:35 +01:00
Jakob Unterwurzacher
fa3a382aa4 Handle ENOSPC errors better by preallocating the space before writing
Prevent the case that we run out of space in the middle of
writing a block - that would leave a corrupt block behind.
2015-11-08 22:36:29 +01:00
Jakob Unterwurzacher
8b83665693 README: List config format change 2015-11-03 22:34:16 +01:00
Jakob Unterwurzacher
765411cc70 tests: check that the filename encryption is working as expected
Also check that the "gocryptfs.conf" path filtering is working
as expected
2015-11-03 22:27:11 +01:00
Jakob Unterwurzacher
050005fd7b Centralize path filter decision in CryptFS.IsFiltered() 2015-11-03 22:25:29 +01:00
Jakob Unterwurzacher
b80167b39d tests: reduce noise but make test.bash accept "-v" 2015-11-03 21:11:07 +01:00
Jakob Unterwurzacher
988e0a047c tests: add config file and feature flags tests 2015-11-03 21:09:58 +01:00
Jakob Unterwurzacher
3e367b29b0 config: Introduce ext4-style feature flags
// List of feature flags this filesystem has enabled.
// If gocryptfs encounters a feature flag it does not support, it will refuse
// mounting. This mechanism is analogous to the ext4 feature flags that are
// stored in the superblock.
FeatureFlags []string
2015-11-03 21:05:47 +01:00
Jakob Unterwurzacher
28b3af12d1 Fix tests broken by PlaintextNames addition 2015-11-03 18:19:19 +01:00
Jakob Unterwurzacher
6db57b15c9 Update README with v0.4 2015-11-03 00:08:31 +01:00
Jakob Unterwurzacher
1ec0fa388d Update USAGE.txt
Also run go fmt
2015-11-03 00:06:04 +01:00
Jakob Unterwurzacher
de56fe9e35 Implement PlainTextNames mode
Also, forbid access to "gocryptfs.conf" in the root dir.
2015-11-03 00:00:13 +01:00
Jakob Unterwurzacher
66db3ad086 Bump on-disk version to 2 2015-11-02 23:10:11 +01:00
Jakob Unterwurzacher
0ec17c3939 Add "--plaintextnames" option
Also, gather all the command line arguments into an anonymous struct
"args".
2015-11-02 23:09:51 +01:00
Jakob Unterwurzacher
a324407082 Fix three "golint" nitpicks 2015-11-02 22:51:12 +01:00
Jakob Unterwurzacher
389977eec4 Add USAGE.txt 2015-11-02 08:53:14 +01:00
Jakob Unterwurzacher
5263676cb1 package.bash: add architecture to filename
Example: gocryptfs_v0.3-1-g0788eb4_linux-amd64.tar.gz
2015-11-01 15:33:54 +01:00
Jakob Unterwurzacher
e7c25b482e Update test.bash to call build.bash
This makes sure the version number is baked into the binary that is
built
2015-11-01 15:22:53 +01:00
Jakob Unterwurzacher
c272e3042f Fix daemonization regression
Commit af923d2d16 broke daemonization.
Revert the change but get rid of the warning message when running
in the foreground.
2015-11-01 15:21:34 +01:00
Jakob Unterwurzacher
2394d644e8 Update package.bash to call build.bash
This makes sure the version number is baked in
2015-11-01 15:06:30 +01:00
Jakob Unterwurzacher
f761a9b98a README: Note used on-disk formats 2015-11-01 14:07:42 +01:00
Jakob Unterwurzacher
3f490d4d86 Bake version string into binary, add "--version" switch
Example:

	./gocryptfs -version
	gocryptfs v0.2-20-gabcef9e-dirty; on-disk format 1

Note that you MUST compile using "./build.bash" for this to work.
2015-11-01 14:04:29 +01:00
Jakob Unterwurzacher
af923d2d16 Automatically lazy-unmount when we get SIGINT or SIGTERM
This hides the dangling "Transport endpoint is not connected"
mountpoint for everyone but processes that have file open inside
the mountpoint.
2015-11-01 13:28:58 +01:00
Jakob Unterwurzacher
e31d319c39 Remove code detected by "deadcode"
go get github.com/remyoudompheng/go-misc/deadcode
2015-11-01 12:32:10 +01:00
Jakob Unterwurzacher
0a4aa4b427 README: Describe storage overhead 2015-11-01 12:14:59 +01:00
Jakob Unterwurzacher
902babdf22 Refactor ciphertext <-> plaintext offset translation functions
Move all the intelligence into the new file address_translation.go.
That the calculations were spread out too much became apparent when adding
the file header. This should make the code much easier to modify in the
future.
2015-11-01 12:11:36 +01:00
Jakob Unterwurzacher
14276c9632 Fix missing printf arguments discovered by "go vet" 2015-11-01 11:56:33 +01:00
Jakob Unterwurzacher
76311b60f2 Add file header (on-disk-format change)
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ]

Quoting SECURITY.md:

* Every file has a header that contains a 16-byte random *file id*
* Each block uses the file id and its block number as GCM *authentication data*
 * This means the position of the blocks is protected as well. The blocks
   can not be reordered or copied between different files without
   causing an decryption error.
2015-11-01 01:38:27 +01:00