Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=v2.1 2021-06-21T10:12:44+00:00 2021-06-21T10:12:44+00:00 Jakob Unterwurzacher 2021-06-21T10:12:44+00:00 urn:sha1:05b813f2026ebe6bff33cb600775823ee8a7df6e 2021-06-21T10:10:04+00:00 Jakob Unterwurzacher 2021-06-21T10:08:18+00:00 urn:sha1:689b74835bd38ebaf87ba0e205c10b9594e51863 2021-06-21T09:53:33+00:00 Jakob Unterwurzacher 2021-06-21T09:53:33+00:00 urn:sha1:2efef1e270a0e374c479326ab2c296b5e9fdc34d Useless layer of indirection. 2021-06-20T17:09:46+00:00 Jakob Unterwurzacher 2021-06-20T17:09:46+00:00 urn:sha1:c5d8fa83ae702017fc90769dff178fda6a7942a3 This means we can unexport the field. 2021-06-20T16:09:21+00:00 DerDonut 2021-06-17T06:11:33+00:00 urn:sha1:a611810ff46ed0899d677f24c330a994ad125bfb This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality. 2021-06-02T12:29:48+00:00 Jakob Unterwurzacher 2021-06-02T12:21:30+00:00 urn:sha1:04858ddd222bbf7156f33f99cfb293a9b1e15ec8 xfstests generic/523 discovered that we allowed to set xattrs with "/" in the name, but did not allow to read them later. With this change we do not allow to set them in the first place. 2021-01-10T07:07:10+00:00 Jakob Unterwurzacher 2021-01-10T07:06:09+00:00 urn:sha1:bed60101f4925eb2cce736301f5cc45ad267c187 Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier when mounting via fstab. Having the files follow chmod/chown of their parent does not seem to be worth the hassle. The content of the diriv files is not secret, and both diriv and name files are protected by the perms of the parent dir. Fixes https://github.com/rfjakob/gocryptfs/issues/539 2021-01-10T06:27:04+00:00 Jakob Unterwurzacher 2021-01-10T06:27:04+00:00 urn:sha1:f3394ae286d65492483579e038acb33edd8ca274 Prep for https://github.com/rfjakob/gocryptfs/issues/539 2020-10-13T22:35:16+00:00 Jakob Unterwurzacher 2020-10-13T22:35:16+00:00 urn:sha1:af4c1fb7a3f428ff704af22294ad955d05ed41dd Retry operations that have been shown to throw EINTR errors on CIFS. Todo: Solution for this pain in the back: warning: unix.Getdents returned errno 2 in the middle of data rm: cannot remove 'linux-3.0.old3/Documentation/ABI/removed': Input/output error Progress towards fixing https://github.com/rfjakob/gocryptfs/issues/483 . 2020-08-02T17:33:12+00:00 Jakob Unterwurzacher 2020-08-02T17:33:12+00:00 urn:sha1:84ed139cd2cede9b773fe7892a0bc2515fc1f00f