gocryptfs/internal/fusefrontend, branch v1.3-beta1Mirror of gocryptfs source code on Githubhttp://nuetzlich.net/cgit/gocryptfs/atom?h=v1.3-beta12017-03-18T15:48:28+00:00fusefrontend: get rid of leftover debug output2017-03-18T15:48:28+00:00Jakob Unterwurzacher2017-03-18T15:48:28+00:00urn:sha1:cb47f65212801fbdd999674e549921d8cf23f2f2serialize_reads: add read serialization logic2017-03-18T15:18:00+00:00Jakob Unterwurzacher2017-03-18T15:01:50+00:00urn:sha1:00df0771e3dd9fba0992cbc9a7d347f25aff856a
Due to kernel readahead, we usually get multiple read requests
at the same time. These get submitted to the backing storage in
random order, which is a problem if seeking is very expensive.
Details: https://github.com/rfjakob/gocryptfs/issues/92
fusefrontend: readFileID: reject files that consist only of a header2017-03-12T20:11:02+00:00Jakob Unterwurzacher2017-03-12T20:11:02+00:00urn:sha1:14038a1644f17f50b113a05d09a2a0a3b3e973b2
A header-only file will be considered empty (this is not supposed to happen).
This makes File ID poisoning more difficult.
fusefrontend: truncateGrowFile: avoid createHeader() call2017-03-12T20:06:59+00:00Jakob Unterwurzacher2017-03-12T20:06:59+00:00urn:sha1:d36d53c9bbf1b1f1c34578d443770672528e4466
...if doWrite() can do it for us. This avoids the situation
that the file only consists of a file header when calling
doWrite.
A later patch will check for this condition and warn about it,
as with this change it should no longer occour in normal operation.
nametransform: fix Raw64 not affecting symlink targets2017-03-05T21:59:25+00:00Jakob Unterwurzacher2017-03-05T21:59:25+00:00urn:sha1:445b5019e3f5a74409ca66c166cc1c3ccdd3dce7
The symlink functions incorrectly hardcoded the padded
base64 variant.
full stack: implement HKDF support2017-03-05T20:59:55+00:00Jakob Unterwurzacher2017-03-05T20:59:55+00:00urn:sha1:d0bc7970f721cee607d993406d97d32e2c660abe
...but keep it disabled by default for new filesystems.
We are still missing an example filesystem and CLI arguments
to explicitely enable and disable it.
cryptocore: rename "BackendTypeEnum" -> "AEADTypeEnum"2017-03-05T16:10:57+00:00Jakob Unterwurzacher2017-03-05T16:08:16+00:00urn:sha1:874e4fb5e911cc3654b4bd314f3bef764aa39b74
There are two independent backends, one for name encryption,
the other one, AEAD, for file content.
"BackendTypeEnum" only applies to AEAD (file content), so make that
clear in the name.
cryptocore: use eme v1.1 interface2017-03-05T12:58:24+00:00Jakob Unterwurzacher2017-03-05T12:58:24+00:00urn:sha1:e032539e2c09cd4d1f007d33d7ef97b0fec689ed
Version 1.1 of the EME package (github.com/rfjakob/eme) added
a more convenient interface. Use it.
Note that you have to upgrade your EME package (go get -u)!
fusefrontend: when chown'ing a directory, also chown its diriv2017-03-02T18:12:21+00:00Jakob Unterwurzacher2017-03-02T18:11:24+00:00urn:sha1:b2f3dbb8bd37ebca50eeb33775c980e2ca1f9053
When filename encryption is active, every directory contains
a "gocryptfs.diriv" file. This file should also change the owner.
Fixes https://github.com/rfjakob/gocryptfs/issues/86
ctlsock: better error message for forward mode path decryption2017-01-29T17:55:52+00:00Jakob Unterwurzacher2017-01-29T17:55:52+00:00urn:sha1:1273d7edae3ce72b15dc0d18b5fcc80fd8d3ae15