Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=xattr_user_buffer 2021-10-21T12:55:30+00:00 2021-10-21T12:55:30+00:00 Jakob Unterwurzacher 2021-10-21T07:58:37+00:00 urn:sha1:d583bdb79e6f05bce2451a7e220e553209da4c1d Feature flag + numeric paramater https://github.com/rfjakob/gocryptfs/issues/499 2021-08-25T10:39:17+00:00 Jakob Unterwurzacher 2021-08-25T10:36:38+00:00 urn:sha1:61ef6b00a675456ee05d40f1ce44d693bc4be350 Commit f3c777d5eaa682d878c638192311e52f9c204294 added the `-devrandom` option: commit f3c777d5eaa682d878c638192311e52f9c204294 Author: @slackner Date: Sun Nov 19 13:30:04 2017 +0100 main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. We now require Go v1.13 and Kernel versions should have also moved on. Make the flag a no-op. https://github.com/rfjakob/gocryptfs/issues/596 2021-08-23T14:00:41+00:00 Jakob Unterwurzacher 2021-08-21T19:43:26+00:00 urn:sha1:97d8340bd81ddd60baac598d3e25ebfb4decb50c We used to do validation using lists of mandatory feature flags. With the introduction of XChaCha20Poly1305, this became too simplistic, as it uses a different IV length, hence disabling GCMIV128. Add a dedicated function, Validate(), with open-coded validation logic. The validation and creation logic also gets XChaCha20Poly1305 support, and gocryptfs -init -xchacha now writes the flag into gocryptfs.conf. 2021-08-23T13:05:15+00:00 Jakob Unterwurzacher 2021-08-23T13:05:15+00:00 urn:sha1:69d88505fd7f4cb0d9e4f1918de296342fe05858 Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/% 2021-08-21T12:04:04+00:00 Jakob Unterwurzacher 2021-08-21T12:04:04+00:00 urn:sha1:b603169d2ccd47013d46bfcb33c1c105342cff95 Drop Create and rename Create2 to Create. 2021-08-21T12:01:58+00:00 Jakob Unterwurzacher 2021-08-21T12:01:58+00:00 urn:sha1:4b93525249e7dca3b76a4a2be924c4d57a4d81e1 The argument list got too long. Part 1: Replace with Create2 2021-08-20T13:57:40+00:00 Jakob Unterwurzacher 2021-08-20T13:57:40+00:00 urn:sha1:2a9dea2973a6141e8efdf8bd26d8ddb2d2c35fc4 And store it in gocryptfs.conf (=remove DirIV feature flag). 2020-09-12T16:06:54+00:00 Pavol Rusnak 2020-09-05T20:42:15+00:00 urn:sha1:1e624a4cc3aafa57b5fa213c88bcd3689cefd1c3 2019-12-28T18:50:49+00:00 Pavol Rusnak 2019-12-27T21:27:57+00:00 urn:sha1:1364b44ae356da31e24e5605fe73a307e9d6fb03 2018-09-08T10:40:29+00:00 Jakob Unterwurzacher 2018-09-08T10:40:29+00:00 urn:sha1:2bdf7d5172d3540606f098030e8ede7a3ad1dfdd Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258