Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=xattr_user_buffer 2025-07-07T17:59:35+00:00 2025-07-07T17:59:35+00:00 Jakob Unterwurzacher 2025-07-07T17:54:48+00:00 urn:sha1:8f5df19b353e02ffba842fd1b15ccf93da7ee3b4 Tool-assisted. 2024-04-19T20:36:55+00:00 invis-z 2023-11-21T18:12:01+00:00 urn:sha1:4b6b9553c4a2e14fd809754f6bf187957ff3cdfd Add an option to specify user verification options for `fido2-assert -t` Options will be saved to config file Provide same functionality to #705 with simpler implementation Resolve #702 2024-03-13T09:42:53+00:00 Pablo Mazzini 2024-03-09T15:11:24+00:00 urn:sha1:8ced867c4f2a26e00e32d7703fe13aa47d9df923 2021-10-21T12:55:30+00:00 Jakob Unterwurzacher 2021-10-21T07:58:37+00:00 urn:sha1:d583bdb79e6f05bce2451a7e220e553209da4c1d Feature flag + numeric paramater https://github.com/rfjakob/gocryptfs/issues/499 2021-09-10T10:14:19+00:00 Jakob Unterwurzacher 2021-09-10T10:14:19+00:00 urn:sha1:d023cd6c95fcbc6b5056ba1f425d2ac3df4abc5a The rewritten openssl backend does not support this flag anymore, and it was inherently dangerour. Drop it (ignored for compatibility) 2021-08-30T09:31:01+00:00 Jakob Unterwurzacher 2021-08-30T09:31:01+00:00 urn:sha1:34d8a498c4899b1493f7bea16c22486d6725c9b1 Commit 69d88505fd7f4cb0d9e4f1918de296342fe05858 go mod: declare module version v2 translated all instances of "github.com/rfjakob/gocryptfs/" to "github.com/rfjakob/gocryptfs/v2/". Unfortunately, this included hyperlinks. Unbreak the hyperlinks like this: find . -name \*.go | xargs sed -i s%https://github.com/rfjakob/gocryptfs/v2/%https://github.com/rfjakob/gocryptfs/v2/% 2021-08-25T10:39:17+00:00 Jakob Unterwurzacher 2021-08-25T10:36:38+00:00 urn:sha1:61ef6b00a675456ee05d40f1ce44d693bc4be350 Commit f3c777d5eaa682d878c638192311e52f9c204294 added the `-devrandom` option: commit f3c777d5eaa682d878c638192311e52f9c204294 Author: @slackner Date: Sun Nov 19 13:30:04 2017 +0100 main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. We now require Go v1.13 and Kernel versions should have also moved on. Make the flag a no-op. https://github.com/rfjakob/gocryptfs/issues/596 2021-08-23T20:10:23+00:00 Jakob Unterwurzacher 2021-08-23T20:10:23+00:00 urn:sha1:806334eacf2e50d712844761aca2b11014ec99df Have the information in one centralized place, and access it from main as needed. 2021-08-23T14:00:41+00:00 Jakob Unterwurzacher 2021-08-21T19:43:26+00:00 urn:sha1:97d8340bd81ddd60baac598d3e25ebfb4decb50c We used to do validation using lists of mandatory feature flags. With the introduction of XChaCha20Poly1305, this became too simplistic, as it uses a different IV length, hence disabling GCMIV128. Add a dedicated function, Validate(), with open-coded validation logic. The validation and creation logic also gets XChaCha20Poly1305 support, and gocryptfs -init -xchacha now writes the flag into gocryptfs.conf. 2021-08-23T13:05:15+00:00 Jakob Unterwurzacher 2021-08-23T13:05:15+00:00 urn:sha1:69d88505fd7f4cb0d9e4f1918de296342fe05858 Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%