Jakob Unterwurzacher
6cc0aebd71
configfile: define HKDF flag
2017-03-05 12:08:12 +01:00
Jakob Unterwurzacher
b2f3dbb8bd
fusefrontend: when chown'ing a directory, also chown its diriv
...
When filename encryption is active, every directory contains
a "gocryptfs.diriv" file. This file should also change the owner.
Fixes https://github.com/rfjakob/gocryptfs/issues/86
2017-03-02 19:12:21 +01:00
Jakob Unterwurzacher
b765cc526d
main: get rid of third open paniclog fd
...
We have it saved in Stderr and Stdout anyway, let's free this fd
number.
2017-03-02 19:12:21 +01:00
rfjakob
c304626a47
CLI_ABI: smaller markdown subheadings
...
The old ones were rendered by github almost as big as the parent headings.
2017-03-01 23:31:03 +01:00
Peter Reschenhofer
954aa169cc
Update README.md ( #85 )
...
Correcting year in changelog (1.2.1)
2017-02-28 13:59:33 +01:00
Jakob Unterwurzacher
8f51325116
README: update changelog for 1.2.1 release
2017-02-26 21:34:49 +01:00
Jakob Unterwurzacher
d2c0fae4f6
tests: somewhat support testing without openssl
...
You will still get lots of test error, but at least the tests
will run.
2017-02-26 19:53:29 +01:00
Jakob Unterwurzacher
98ecf1f074
MANPAGE: document "-speed"
2017-02-26 19:34:23 +01:00
Jakob Unterwurzacher
f2920f71e8
MANPAGE: document error code 12
2017-02-26 19:30:28 +01:00
Jakob Unterwurzacher
427c6c1719
exitcodes: define code 12 for "password incorrect"
2017-02-26 19:25:23 +01:00
Jakob Unterwurzacher
57612a278b
configfile: rename "kdf.go" -> "scrypt.go"
...
This really only handles scrypt and no other key-derivation functions.
Renaming the files prevents confusion once we introduce HKDF.
renamed: internal/configfile/kdf.go -> internal/configfile/scrypt.go
renamed: internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go
2017-02-25 18:51:17 +01:00
Jakob Unterwurzacher
a65965783a
stupidgcm: drop only external dependecy
...
This makes it easier to use the package in external projects.
See https://github.com/rfjakob/gocryptfs/issues/79
2017-02-24 09:46:10 +01:00
Jakob Unterwurzacher
43d6aa6677
speed: add benchmark.bash helper
2017-02-24 09:38:50 +01:00
Jakob Unterwurzacher
be19b91a52
README: fix typo and simplify MANPAGE text
2017-02-23 00:14:20 +01:00
Jakob Unterwurzacher
477071d673
speed: fix build for Go 1.4 and lower
...
Old Go versions miss cipher.NewGCMWithNonceSize, which causes:
internal/speed/speed.go:95: undefined: cipher.NewGCMWithNonceSize
2017-02-23 00:04:51 +01:00
Jakob Unterwurzacher
1e03e059fa
Implement "gocryptfs -speed"
...
A crypto benchmark mode like "openssl speed".
Example run:
$ ./gocryptfs -speed
AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode)
AES-GCM-256-Go 48.19 MB/s
AES-SIV-512-Go 37.40 MB/s
2017-02-22 23:56:34 +01:00
Jakob Unterwurzacher
b056776a01
tests: adapt dir overwrite test for Go 1.8
...
In Go 1.8, os.Rename refuses to overwrite an empty directory.
Switch to syscall.Rename, which still does the right thing.
2017-02-20 21:27:37 +01:00
Jakob Unterwurzacher
cb2d1fbcf8
Travis CI: also test with Go 1.8
...
(Currently failing the tests!)
2017-02-20 21:27:26 +01:00
Jakob Unterwurzacher
e406eb22ba
Get rid of remaining $GOPATH dependencies
2017-02-20 21:26:42 +01:00
Jakob Unterwurzacher
166c62fd21
build.bash: use $(go env GOPATH)
2017-02-20 21:26:18 +01:00
Jakob Unterwurzacher
1139c27c36
build.bash: deduplicate build call
2017-02-19 20:27:29 +01:00
Jakob Unterwurzacher
10361a907a
build.bash: GOPATH may be unset since Go v1.8. Handle it.
2017-02-19 20:14:46 +01:00
Jakob Unterwurzacher
7fbe69bfa6
tests.bash: OSX compat: use "flock -n" and skip openssl build
...
Mac OS X flock does not support "--nonblock", but does support "-n":
https://github.com/discoteq/flock/blob/master/man/flock.1.ronn
Skip the openssl build because it requires
1) openssl
2) fixing the import paths in gocryptfs
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-280464400
2017-02-17 19:43:16 +01:00
Jakob Unterwurzacher
07b4b9d60b
Travis: set clone depth to 100
...
Otherwise the build fails once you have more than 50 commits
since the last tag.
You'd get:
$ ./build.bash
fatal: No names found, cannot describe anything.
2017-02-16 21:24:33 +01:00
Jakob Unterwurzacher
62e7eb7d04
tests: reverse: check Access() call
2017-02-16 21:20:29 +01:00
Jakob Unterwurzacher
45c1ea499e
fusefrontend_reverse: handle .name files in Access()
...
These were currently passed to decryptPath() were it caused
a warning.
2017-02-16 21:16:42 +01:00
Jakob Unterwurzacher
55d0523dbe
tests: configfile: add missing newlines in verbose output
2017-02-16 19:45:20 +01:00
Jakob Unterwurzacher
0b19e637c9
tests: OSX compat: wrap Stat_t atime extract
...
Linux has st.Atim, st.Mtim,
OSX hat st.Atimespec, st.Mtimespec.
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:39:56 +01:00
Jakob Unterwurzacher
8bbc1038fe
syscallcompat: OSX compat: fix variable warnings
...
As suggested by
https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:23:17 +01:00
Jakob Unterwurzacher
b66d663ff8
tests: OSX compat: use "mount" command instead of /proc/mounts
...
Mac OS X does not have /proc.
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:13:03 +01:00
Jakob Unterwurzacher
e5bee6a6aa
tests: OSX compat: use OSX-style "stat -f"
...
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16 19:10:36 +01:00
Jakob Unterwurzacher
9f6841373d
benchmarks: OSX compat: replace /usr/bin/time with bash builtin
...
On OSX, /usr/bin/time does not support "-f".
Reported in https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217 .
2017-02-16 19:01:24 +01:00
Jakob Unterwurzacher
ca5c06ef4e
tests: get rid of syscall.PathMax
...
Does not exist on OSX
Reported in https://github.com/rfjakob/gocryptfs/issues/15
2017-02-16 18:47:04 +01:00
Jakob Unterwurzacher
e6075ddf2e
README: also link to cppcryptfs
2017-02-16 18:37:12 +01:00
Jakob Unterwurzacher
f5bb7a37be
README: mention graphical interfaces
2017-02-16 18:36:16 +01:00
Jakob Unterwurzacher
bef27305bc
main: don't attempt lazy unmount on MacOSX
2017-02-15 23:20:41 +01:00
Jakob Unterwurzacher
6ac9dcaae0
tests: use fuse-unmount.bash
...
...instead of having separate compatability logic.
2017-02-15 23:13:33 +01:00
Jakob Unterwurzacher
ce2e610428
OSX compat: replace fusermount calls with fuse-unmount.bash
...
Mac OS X does not have fusermount and uses umount instead.
The fuse-unmount.bash calls the appropriate command.
2017-02-15 23:02:01 +01:00
Jakob Unterwurzacher
6be7808992
Add Mac OS X fusermount replacement script
2017-02-14 21:38:28 +01:00
Jakob Unterwurzacher
3784901fce
readpassword: limit password length to 1000 bytes
...
This used to hang at 100% CPU:
cat /dev/zero | gocryptfs -init a
...and would ultimately send the box into out-of-memory.
The number 1000 is chosen arbitrarily and seems big enough
given that the password must be one line.
Suggested by @mhogomchungu in https://github.com/rfjakob/gocryptfs/issues/77 .
2017-02-13 09:13:22 +01:00
Jakob Unterwurzacher
54caaf4b98
Add CLI ABI documentation
...
Closes https://github.com/rfjakob/gocryptfs/issues/77
2017-02-12 19:20:21 +01:00
Jakob Unterwurzacher
8adfbf2dc3
Check for trailing garbage after the password
...
From the comment:
// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs.
2017-02-12 17:59:09 +01:00
Jakob Unterwurzacher
2dd90ac19c
readpassword: improve comment on readPasswordStdin
2017-02-12 13:55:30 +01:00
Jakob Unterwurzacher
1e9d735406
Document "--" to stop option parsing in help text + man page
2017-02-12 12:49:04 +01:00
Jakob Unterwurzacher
dc2dc9f88c
main: suggest "-q" to suppress master key message
...
If the user has already saved the master key and is not
aware of "-q" the master key needlessly ends up in the terminal
buffer.
Closes https://github.com/rfjakob/gocryptfs/issues/76
2017-02-12 12:23:16 +01:00
Jakob Unterwurzacher
357307cbcf
tests: ctlsock: check warning for non-canonical paths
2017-02-12 12:22:25 +01:00
Jakob Unterwurzacher
0f40afc832
ctlsock: handle non-canonical empty paths
...
We have to check if the input path is empty AFTER canonicalizing it,
too!
2017-02-05 18:17:30 +01:00
Jakob Unterwurzacher
8bcae63a5a
ctlsock: sanitize: handle multiple leading slashes
2017-02-05 18:05:35 +01:00
Jakob Unterwurzacher
2bdd0ec802
golint comment fix
...
internal/ctlsock/ctlsock_serve.go:73:1: comment on exported const
ReadBufSize should be of the form "ReadBufSize ..."
2017-01-29 19:01:16 +01:00
Jakob Unterwurzacher
c8fb619971
contrib: add ctlsock helper scripts
2017-01-29 18:56:17 +01:00