Jakob Unterwurzacher
a863a6569c
Drop shell wrapper
2015-10-11 18:03:24 +02:00
Jakob Unterwurzacher
14115b061b
Add native daemonization
2015-10-11 18:02:48 +02:00
Jakob Unterwurzacher
39183bea00
Rename sendSig to sendUsr1
...
This matches waitForUsr1 in daemonize()
2015-10-11 18:01:47 +02:00
Jakob Unterwurzacher
5dc7e44aa2
Move main files to top level dir
...
This is in preparation of getting rid of the shell wrapper
2015-10-11 17:14:18 +02:00
Jakob Unterwurzacher
6825d0e740
README: Remove dots notice
2015-10-10 18:34:09 +02:00
Jakob Unterwurzacher
a3e66ca154
Shell wrapper: Also search the binary in $GOPATH/bin
2015-10-08 00:02:55 +02:00
Jakob Unterwurzacher
7ac9d6af58
README: Mention that only Linux is tested
2015-10-07 23:50:19 +02:00
Jakob Unterwurzacher
d9b4f96598
Update README
2015-10-07 23:31:28 +02:00
Jakob Unterwurzacher
ed1df49af5
Run go fmt
2015-10-07 22:59:36 +02:00
Jakob Unterwurzacher
c4a66bc30d
Add package.bash
2015-10-07 22:14:00 +02:00
Jakob Unterwurzacher
440abcbac6
Add test.bash
...
...also adapt the cryptfs tests for 256 bit long keys
2015-10-07 22:09:34 +02:00
Jakob Unterwurzacher
2f970e1aa6
Adapt openssl benchmark for 256 bit long keys
2015-10-07 22:05:32 +02:00
Jakob Unterwurzacher
878f64a5d7
Better usage text
2015-10-07 21:59:54 +02:00
Jakob Unterwurzacher
bef73c63b3
Move gocryptfs wrapper into the same folder as the binary
2015-10-07 21:49:38 +02:00
Jakob Unterwurzacher
65ba0739d5
Implement "gocryptfs --passwd" (pasword changing)
2015-10-07 21:26:17 +02:00
Jakob Unterwurzacher
03502861ce
Reword help text
2015-10-06 23:28:20 +02:00
Jakob Unterwurzacher
31e14936be
Split off SECURITY.md
2015-10-06 23:20:21 +02:00
Jakob Unterwurzacher
8ec16c165d
Update README.md
2015-10-06 23:08:04 +02:00
Jakob Unterwurzacher
a3d286069f
Use block number as authentication data
2015-10-06 22:27:37 +02:00
Jakob Unterwurzacher
45ea8aa546
Add "--masterkey=" parameter for recovery purposes
2015-10-06 21:16:39 +02:00
Jakob Unterwurzacher
5c6df49067
Switch to AES-256
...
AES-256 seems to be becoming the industry standard. While AES-128 is
good enough for tens of years to come, let's follow suit and be extra
safe.
2015-10-06 20:51:35 +02:00
Jakob Unterwurzacher
39ea272e23
Add "--openssl=false" command line option
...
Also make main_test try both variants
2015-10-06 20:24:52 +02:00
Jakob Unterwurzacher
c2bd208bbe
Rewrite README.md (in progress)
2015-10-06 00:35:29 +02:00
Jakob Unterwurzacher
022a6968ae
Implement proper daemonization
...
The shell wrapper sends gocryptfs into the background and waits for SIGUSR1
2015-10-06 00:31:18 +02:00
Jakob Unterwurzacher
552c32c5e9
Move main binary to gocryptfs_main
...
That way the wrapper shell script can be named just "gocryptfs"
2015-10-05 20:32:10 +02:00
Jakob Unterwurzacher
53ecebc71e
openssl AEAD wrapper: handle authenticated data
2015-10-04 23:58:22 +02:00
Jakob Unterwurzacher
e6b7353f4e
Switch nonce generation to purely random
...
The old implementation of counting up from a random starting
point had the problem that is allowed an attacker to find out
the write order of the blocks.
2015-10-04 21:36:16 +02:00
Jakob Unterwurzacher
df52aab082
Clean up openssl benchmark
2015-10-04 21:21:32 +02:00
Jakob Unterwurzacher
d1522c7992
tests: simplify names
...
main_test_tmp -> tmp
main_benchmark.bash -> benchmark.bash
2015-10-04 20:46:21 +02:00
Jakob Unterwurzacher
aa082c235a
Utimens: Use UtimesNano instead of Futimes
...
Futimes() only takes microsecond resolution while the FUSE call
Utimens() wants nanosecond precision.
This is why UTIME_OMIT did not work - this change fixes the
xfstests generic/258 test failure.
The go library does not provide a FutimesNano() function which is
why I use UtimesNano() on /proc/self/fd/n.
This is what the Go library does in Futimes().
2015-10-04 20:32:15 +02:00
Jakob Unterwurzacher
c7313f36de
fallocate: return ENOSYS
...
The implementation was incomplete, disable fallocate completely for now.
See https://github.com/rfjakob/gocryptfs/issues/1
Fixes xfstests generic/075
2015-10-04 17:14:40 +02:00
Jakob Unterwurzacher
90bd978283
truncate: Fix bug that caused xfstests generic/030 to fail
...
The bug was caused by using cipherOff where plainOff should
have been used.
Renamed the symbols for less confusion.
2015-10-04 16:04:25 +02:00
Jakob Unterwurzacher
aa6fa7f3cf
Truncate: Logging improvements, show number of blocks as float
2015-10-04 15:45:46 +02:00
Jakob Unterwurzacher
b27edba2bb
Fix Trucate() bug causing files to be too small
...
Uncovered by running xfstests generic/014 several times
2015-10-04 15:40:59 +02:00
Jakob Unterwurzacher
089629442d
Enable ClientInodes so hard links work
...
Fixes xfstests generic/002
2015-10-04 14:50:27 +02:00
Jakob Unterwurzacher
89fef80d32
Run go fmt
2015-10-04 14:49:47 +02:00
Jakob Unterwurzacher
5bd08abf40
Remove ClueFS frontend
...
Development has focused on PathFS for some time now and things are
working well.
2015-10-04 14:35:50 +02:00
Jakob Unterwurzacher
c859f0b2dc
intraBlock: Rename Offset to Skip
...
"Offset" is unclear whether it is an offset from the start of file
or start of block. "Skip" seems much better.
2015-10-04 14:24:43 +02:00
Jakob Unterwurzacher
775676ecb8
Utilize file hole passtrough capability in Truncate()
...
Cuts down the runtime of xfstests generic/014
from 1822 seconds to 36 seconds
2015-10-04 14:21:07 +02:00
Jakob Unterwurzacher
2003ca965d
Zero-pad last block if a file hole is created on Write()
...
Fixes TestFileHoles test
2015-10-04 11:39:35 +02:00
Jakob Unterwurzacher
5229b8f5f5
Add BlockNoPlainOff() and BlockNoCipherOff() + test
...
Also, fix key, it is now []byte, not [16]byte
2015-10-04 11:03:40 +02:00
Jakob Unterwurzacher
fa88741770
tests: add TestFileHoles
...
Create a file with holes by writing to offset 0 (block #0 ) and
offset 4096 (block #1 ).
This test currently fails.
2015-10-04 10:39:44 +02:00
Jakob Unterwurzacher
40448db909
Fix xfstests generic/030 failure
...
The actual fix is
oldSize := f.cfs.PlainSize(uint64(fi.Size()))
the rest is logging improvements
2015-10-04 00:26:20 +02:00
Jakob Unterwurzacher
0802175328
Add daemonization shell script
2015-10-03 19:17:31 +02:00
Jakob Unterwurzacher
79870ab096
debug: log inode number instead of encrypted filename
...
Makes the log output smaller and more readable.
2015-10-03 19:16:34 +02:00
Jakob Unterwurzacher
38bf8a2fcf
Implement file hole passtrough
...
Fixes xfstests generic/010
Note that file holes are not authenticated,
2015-10-03 13:34:33 +02:00
Jakob Unterwurzacher
3fef613591
tests: Add append test
2015-09-30 23:42:18 +02:00
Jakob Unterwurzacher
b835f83fd5
Implement Truncate() + Test
2015-09-30 22:36:53 +02:00
Jakob Unterwurzacher
aea8d8d6e7
debug: Log encrypted filename
2015-09-30 20:32:24 +02:00
Jakob Unterwurzacher
061831edf2
DecryptBlocks: Don't shadow err variable
2015-09-30 20:31:41 +02:00