gocryptfs, branch v1.3-beta1Mirror of gocryptfs source code on Githubhttp://nuetzlich.net/cgit/gocryptfs/atom?h=v1.3-beta12017-03-18T15:48:58+00:00tests: add hkdf_sanity tests with broken example filesystem2017-03-18T15:48:58+00:00Jakob Unterwurzacher2017-03-18T15:48:58+00:00urn:sha1:f1dbd19fe9f277430f4edc1501f4fb5dd8f745b1
These are deliberately corrupt.
fusefrontend: get rid of leftover debug output2017-03-18T15:48:28+00:00Jakob Unterwurzacher2017-03-18T15:48:28+00:00urn:sha1:cb47f65212801fbdd999674e549921d8cf23f2f2benchmark: add md5sum read performance benchmark2017-03-18T15:23:33+00:00Jakob Unterwurzacher2017-03-18T15:23:33+00:00urn:sha1:61502f9b9487f04145c4b07a3f756bdcd12e02e6serialize_reads: add read serialization logic2017-03-18T15:18:00+00:00Jakob Unterwurzacher2017-03-18T15:01:50+00:00urn:sha1:00df0771e3dd9fba0992cbc9a7d347f25aff856a
Due to kernel readahead, we usually get multiple read requests
at the same time. These get submitted to the backing storage in
random order, which is a problem if seeking is very expensive.
Details: https://github.com/rfjakob/gocryptfs/issues/92
fusefrontend: readFileID: reject files that consist only of a header2017-03-12T20:11:02+00:00Jakob Unterwurzacher2017-03-12T20:11:02+00:00urn:sha1:14038a1644f17f50b113a05d09a2a0a3b3e973b2
A header-only file will be considered empty (this is not supposed to happen).
This makes File ID poisoning more difficult.
fusefrontend: truncateGrowFile: avoid createHeader() call2017-03-12T20:06:59+00:00Jakob Unterwurzacher2017-03-12T20:06:59+00:00urn:sha1:d36d53c9bbf1b1f1c34578d443770672528e4466
...if doWrite() can do it for us. This avoids the situation
that the file only consists of a file header when calling
doWrite.
A later patch will check for this condition and warn about it,
as with this change it should no longer occour in normal operation.
configfile: HKDF feature flag should also be set for "-plaintextnames"2017-03-07T20:05:45+00:00Jakob Unterwurzacher2017-03-07T20:03:05+00:00urn:sha1:9a0808b1ee4cca94a3178b14838b558bf03d483bcontentenc: catch integer underflow in file size calculation2017-03-07T19:56:50+00:00Jakob Unterwurzacher2017-03-06T22:50:17+00:00urn:sha1:2f953fdb95f44078895fec9bc4d542cd371126be
If you truncate a ciphertext file to 19 bytes, you could get the
impression that the plaintext is 18446744073709551585 bytes long,
as reported by "ls -l".
Fix it by clamping the value to zero.
cli: enable "-raw64" by default2017-03-07T19:56:50+00:00Jakob Unterwurzacher2017-03-06T21:59:30+00:00urn:sha1:efc88346bec52675d5243f988aa3386d617ee1c4
This brings the CLI options back in sync with the default
feature flags.
tests: recreate v1.3 example filesystem2017-03-07T19:56:50+00:00Jakob Unterwurzacher2017-03-06T21:53:49+00:00urn:sha1:f1244b6d06a4932e8a51adedf351ec83262c2db5
The filesystem was created with a gocryptfs version that ignored
the HKDF flag (hence everything was actually encrypted WITHOUT hkdf).
Fix it by recreating it.