c9f4400e6d
Replace all calls to naked panic() with log.Panic()
...
We want all panics to show up in the syslog.
2016-12-10 11:54:36 +01:00
6c86afb5cd
build-without-openssl: compile statically
...
$ ldd gocryptfs
not a dynamic executable
$ file gocryptfs
gocryptfs: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped
2016-12-06 22:47:18 +01:00
9b57384574
README: v1.2 includes the rendered man page in the tarball
2016-12-04 20:38:48 +01:00
ec89eb1d76
Update README for v1.2 release
2016-12-04 19:32:23 +01:00
55df8acac3
fusefrontend: preserve owner for symlinks
...
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28 23:15:24 +01:00
e3c5e3f1c8
fusefronted: preserve owner for device nodes and sockets
...
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28 23:09:47 +01:00
a66440c668
fusefrontend: use Lchown when preserving owner
...
This prevents (unlikely) symlink race attacks
2016-11-28 22:46:04 +01:00
7fc93ec093
main: fix USR1 race condition, fixes test flakiness
...
We could have gotten the signal before the handler was ready,
which caused the process to wait indefinitely. This was the reason
test.bash sometimes hung.
2016-11-26 18:18:14 +01:00
3f5c48e058
tests: don't call t.Fatal in checkExampleFS
...
Calling t.Fatal means that the parent test has no chance
to clean up.
2016-11-26 15:20:54 +01:00
a6006c0d2b
test.bash: lock against multiple parallel incovations
...
Running multiple test.bash in parallel causes all kinds of
mayham.
2016-11-26 13:43:50 +01:00
55ea345620
Add write coalescing and -noprealloc to changelog
2016-11-26 13:09:05 +01:00
cb5426e8ee
performance.txt: add numbers for current gocryptfs master and encfs v1.9.1
2016-11-26 12:46:58 +01:00
10884603d8
benchmark.bash: double write length
...
Writing 1000 128KB blocks takes only 1 second and yielded
inconsistent results. With 2000, things look saner.
2016-11-26 12:36:55 +01:00
0f8d3318a3
main, fusefrontend: add "-noprealloc" option
...
Preallocation is very slow on hdds that run btrfs. Give the
user the option to disable it. This greatly speeds up small file
operations but reduces the robustness against out-of-space errors.
Also add the option to the man page.
More info: https://github.com/rfjakob/gocryptfs/issues/63
2016-11-25 09:19:14 +01:00
024511d9c7
fusefrontend: coalesce 4kB writes
...
This improves performance on hdds running ext4, and improves
streaming write performance on hdds running btrfs. Tar extract
slows down on btrfs for some reason.
See https://github.com/rfjakob/gocryptfs/issues/63
Benchmarks:
encfs v1.9.1
============
$ ./benchmark.bash -encfs /mnt/hdd-ext4
Testing EncFS at /mnt/hdd-ext4/benchmark.bash.u0g
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,48354 s, 88,4 MB/s
UNTAR: 20.79
LS: 3.04
RM: 6.62
$ ./benchmark.bash -encfs /mnt/hdd-btrfs
Testing EncFS at /mnt/hdd-btrfs/benchmark.bash.h40
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,52552 s, 85,9 MB/s
UNTAR: 24.51
LS: 2.73
RM: 5.32
gocryptfs v1.1.1-26-g4a7f8ef
============================
$ ./benchmark.bash /mnt/hdd-ext4
Testing gocryptfs at /mnt/hdd-ext4/benchmark.bash.1KG
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,55782 s, 84,1 MB/s
UNTAR: 22.23
LS: 1.47
RM: 4.17
$ ./benchmark.bash /mnt/hdd-btrfs
Testing gocryptfs at /mnt/hdd-btrfs/benchmark.bash.2t8
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 6,87206 s, 19,1 MB/s
UNTAR: 69.87
LS: 1.52
RM: 5.33
gocryptfs v1.1.1-32
===================
$ ./benchmark.bash /mnt/hdd-ext4
Testing gocryptfs at /mnt/hdd-ext4/benchmark.bash.Qt3
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,22577 s, 107 MB/s
UNTAR: 23.46
LS: 1.46
RM: 4.67
$ ./benchmark.bash /mnt/hdd-btrfs/
Testing gocryptfs at /mnt/hdd-btrfs//benchmark.bash.XVk
WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 3,68735 s, 35,5 MB/s
UNTAR: 116.87
LS: 1.84
RM: 6.34
2016-11-25 09:03:32 +01:00
80c50b9dbc
main: give deferred functions a chance to run (fixes -cpuprofile)
2016-11-23 23:49:34 +01:00
910fee244f
benchmark.bash: allow to specify directory
2016-11-23 21:54:55 +01:00
25d06fc809
Drop "benchmark-synthetic.bash"
...
This scipt was broken for a long time and not very useful.
2016-11-23 21:54:13 +01:00
6f475da116
Fix golint warnings, add helper script
2016-11-17 23:40:03 +01:00
36b4e325ca
README: start list for v1.2
2016-11-17 23:34:16 +01:00
41af353dcb
tests: rename fsstress-loopback.bash to fsstress-gocryptfs.bash
...
The primary use is testing gocryptfs, after all.
2016-11-17 22:51:25 +01:00
1bae06a16a
tests: add OpenTruncateRead test
...
This is a regression test for the issue that was fixed by the
last commit.
2016-11-17 22:48:50 +01:00
0489d08ae2
fusefrontend: get the file ID from the open files table
...
This fixes the problem that a truncate can reset the file
ID without the other open FDs noticing it.
2016-11-17 22:29:45 +01:00
e04dc05012
fusefrontend: upgrade wlockMap to use device AND inode number
...
If there are multiple filesystems backing the gocryptfs filesystems
inode numbers are not guaranteed to be unique.
2016-11-17 20:32:19 +01:00
081015aa74
MANPAGE: document ctlsock
2016-11-11 00:01:29 +01:00
d8fb28a1c3
ctlsock: prevent panic on invalid decrypt request
2016-11-10 23:51:47 +01:00
c2629bd9b5
tests: allow overriding hardcoded arguments in Mount helper
2016-11-10 23:47:04 +01:00
c03fc46a51
ctlsock: implement EncryptPath for reverse mode, add tests
2016-11-10 23:32:51 +01:00
d3764b7753
reverse: fix longname decoding bug
...
This could have caused spurious ENOENT errors.
That it did not cause these errors all the time is interesting
and probably because an earlier readdir would place the entry
in the cache. This masks the bug.
2016-11-10 23:30:30 +01:00
e7f57695a6
Fix golint warnings
...
$ golint ./... | grep -v underscore | grep -v ALL_CAPS
internal/fusefrontend_reverse/rfs.go:52:36: exported func NewFS returns unexported type *fusefrontend_reverse.reverseFS, which can be annoying to use
internal/nametransform/raw64_go1.5.go:10:2: exported const HaveRaw64 should have comment (or a comment on this block) or be unexported
2016-11-10 00:38:01 +01:00
75ebb28a62
ctlsock: add initial limited implementation
...
At the moment, in forward mode you can only encrypt paths
and in reverse mode you can only decrypt paths.
2016-11-10 00:27:08 +01:00
df28fc5a11
nametransform: get rid of leading "./"
...
Paths in the root directory were encrypted to this:
foobar -> ./N9vPc0gXUY4PDSt0-muYXQ==
2016-11-09 23:41:47 +01:00
df1e3a10c4
nametransform: nicer error message on empty gocryptfs.diriv
...
Old:
Nov 06 13:34:38 brikett gocryptfs[16228]: ReadDirIVAt: Read failed: EOF
Nov 06 13:34:38 brikett gocryptfs[16228]: go-fuse: can't convert error type: EOF
New:
Nov 06 14:08:43 brikett gocryptfs[17361]: ReadDirIVAt: wanted 16 bytes, got 0. Returning EINVAL.
2016-11-06 14:09:34 +01:00
d15122d3d6
Add Go 1.4 compatibility layer for raw64
...
Using raw64 will not work, but at least it will compile.
2016-11-01 19:25:59 +01:00
f4c367381e
main: fix comments that reference "-f"
2016-11-01 19:04:49 +01:00
b527e205e2
main: rename "-f" to "-fg"
...
"-f" looks too much like "--force". The old variant is still
accepted for compatability.
2016-11-01 19:00:45 +01:00
d6678f73b4
MANPAGE: document -raw64
2016-11-01 18:53:42 +01:00
2b991c9743
Add support for unpadded base64 filenames, "-raw64"
...
Through base64.RawURLEncoding.
New command-line parameter "-raw64".
2016-11-01 18:43:22 +01:00
964e0e6b36
tests: add raw64 tests
...
Also, use "%#v" instead of JSON for debug output.
This means we can unexport all fields.
2016-11-01 18:42:10 +01:00
d41492bcbc
MANPAGE: update version field description
2016-11-01 18:30:32 +01:00
8ce735e987
main: print "args" slightly prettier
2016-11-01 18:30:00 +01:00
75b776cb3d
MANPAGE: add reverse example, move "-o" into alphabetical list
...
People will search for "-o" alphabetically, so put it into the
alphabetical option list, even if it is not a real option.
2016-11-01 15:55:05 +01:00
e993fd5fbc
packakge.bash: include rendered man page in tarball
2016-11-01 15:43:33 +01:00
944eaf2fb5
fusefronted: expire dir IV cache after one second
...
The Back In Time backup tool (https://github.com/bit-team/backintime )
wants to write directly into the ciphertext dir.
This may cause the cached directory IV to become out-of-date.
Having an expiry time limits the inconstency to one second, like
attr_timeout does for the kernel getattr cache.
2016-11-01 10:57:39 +01:00
a9c7565b80
fusefrontend: refactor dirIVCache
...
Simplify the code a bit.
2016-11-01 10:34:41 +01:00
fd88dbd687
README: fix "15#" typo
2016-10-30 16:57:22 +01:00
1a847b8f00
Update README for v1.1.1
2016-10-30 16:48:02 +01:00
c2192cfcad
fusefrontend: drop atime workarounds
...
The fix at https://github.com/hanwen/go-fuse/pull/131 has been merged.
Drop the workarounds and re-enable the tests.
2016-10-30 16:29:36 +01:00
4e95d394cf
build.bash: rename "GOPATH2" to "GOPATH1"
...
It's the 1st component of GOPATH, so call it like that.
2016-10-30 16:17:39 +01:00
c7385b3681
build.bash: abort if we hit a known-bad go-fuse version
...
Also, standardize to "if [[ ]] ; then" style.
2016-10-30 16:17:00 +01:00
Jakob Unterwurzacher