Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=nfc_v2 2025-07-08T17:54:14+00:00 2025-07-08T17:54:14+00:00 copilot-swe-agent[bot] 2025-07-07T18:18:12+00:00 urn:sha1:386232f39ede046d6453a0990ad40f2d86a26f53 Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com> Add staticcheck to test.bash for continuous static analysis Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com> Fix nil pointer dereference in timesToTimespec function The previous fix for deprecated fuse.UtimeToTimespec caused a panic because unix.TimeToTimespec doesn't handle nil pointers. This fix properly handles nil pointers by using unix.UTIME_OMIT while still using the non-deprecated unix.TimeToTimespec function. Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com> Undo SA6002 changes and add staticcheck ignore directive instead Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com> 2024-12-04T18:06:56+00:00 Jakob Unterwurzacher 2024-12-04T17:55:21+00:00 urn:sha1:11f338f74fffc94bf16cea834aafccda30bd1240 We don't know the exact value as we only read 2kiB. Relates-to: https://github.com/rfjakob/gocryptfs/discussions/882 2024-08-23T10:29:12+00:00 Jakob Unterwurzacher 2024-08-23T10:27:59+00:00 urn:sha1:b78e6a1c4cc0d1bbd3581d561773db85ee2e75b7 Should make debugging situations like https://github.com/rfjakob/gocryptfs/issues/852 Empty stdin in mkinitcpio hook easier. Examples: $ echo -n "" | ./gocryptfs -init a Choose a password for protecting your files. Reading Password from stdin (connected to "pipe:[749878]") Got empty Password from stdin $ ./gocryptfs -init a < /dev/null Choose a password for protecting your files. Reading Password from stdin (connected to "/dev/null") Got empty Password from stdin $ ./gocryptfs -init a < /dev/zero Choose a password for protecting your files. Reading Password from stdin (connected to "/dev/zero") fatal: maximum password length of 2048 bytes exceeded $ ./gocryptfs -init a < /dev/full Choose a password for protecting your files. Reading Password from stdin (connected to "/dev/full") fatal: maximum password length of 2048 bytes exceeded $ jakob@brikett:~/go/src/github.com/rfjakob/gocryptfs$ ./gocryptfs -init a < /dev/urandom Choose a password for protecting your files. Reading Password from stdin (connected to "/dev/urandom") Your master key is: 4e45a317-595d8a2d-46493a30-97de86ef- 540c7364-f0acc297-dd6f2592-7d9a5c97 If the gocryptfs.conf file becomes corrupted or you ever forget your password, there is only one hope for recovery: The master key. Print it to a piece of paper and store it in a drawer. This message is only printed once. The gocryptfs filesystem has been created successfully. You can now mount it using: gocryptfs a MOUNTPOINT 2022-08-28T10:03:34+00:00 Jakob Unterwurzacher 2022-08-28T10:03:34+00:00 urn:sha1:6677d8f1d50a2e51947dac137d126d37614a6255 Fixes https://github.com/rfjakob/gocryptfs/issues/681 Fixes 2a25c3a8fda1f0918fd76687561b1a9c615298b9 2022-01-03T14:18:59+00:00 Jakob Unterwurzacher 2022-01-03T14:18:59+00:00 urn:sha1:4b251f3ce1f0a0472ed10a00aeef70c69ba03a5d This allows cleanups to happen in the caller, like removing the control socket. Fixes https://github.com/rfjakob/gocryptfs/issues/634 2021-08-23T13:05:15+00:00 Jakob Unterwurzacher 2021-08-23T13:05:15+00:00 urn:sha1:69d88505fd7f4cb0d9e4f1918de296342fe05858 Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/% 2021-08-19T06:34:49+00:00 Jakob Unterwurzacher 2021-08-19T06:31:53+00:00 urn:sha1:be2bd4eec7de3836da56a3532ecbcf45a127ece2 Except xattrSupported, this is a false positive. $ golangci-lint run --disable-all --enable unused --enable deadcode gocryptfs-xray/xray_main.go:24:5: `GitVersionFuse` is unused (deadcode) var GitVersionFuse = "[GitVersionFuse not set - please compile using ./build.bash]" ^ tests/symlink_race/main.go:47:6: `chmodLoop` is unused (deadcode) func chmodLoop() { ^ internal/readpassword/extpass_test.go:11:5: `testPw` is unused (deadcode) var testPw = []byte("test") ^ tests/reverse/xattr_test.go:13:6: func `xattrSupported` is unused (unused) func xattrSupported(path string) bool { ^ internal/fusefrontend_reverse/rpath.go:20:22: func `(*RootNode).abs` is unused (unused) func (rfs *RootNode) abs(relPath string, err error) (string, error) { ^ tests/matrix/matrix_test.go:310:6: `sContains` is unused (deadcode) func sContains(haystack []string, needle string) bool { 2020-05-17T17:31:04+00:00 Jakob Unterwurzacher 2020-05-17T17:31:04+00:00 urn:sha1:416080203b4dd79de857eaf7c7cc97d050e00a9f Each file will be read and then concatenated for the effictive password. This can be used as a kind of multi-factor authenticiton. Fixes https://github.com/rfjakob/gocryptfs/issues/288 2019-12-28T18:50:49+00:00 Pavol Rusnak 2019-12-27T21:27:57+00:00 urn:sha1:1364b44ae356da31e24e5605fe73a307e9d6fb03 2019-04-08T18:18:45+00:00 Jakob Unterwurzacher 2019-04-08T18:18:45+00:00 urn:sha1:fe06e9f45646893dc88ebe9e657e2e991f6f5fbb CheckTrailingGarbage was called even when "-passfile" was used, which is stupid, and causes false positives: https://github.com/rfjakob/gocryptfs/issues/391 (false error "Received trailing garbage after the password" when using -passfile in .bash_profile) Instead of trying to improve the logic to handle that case and make everything even more complicated, delete the function. It is unclear if actually helps in some cases, and it definitely harms as shown by the above bug report.