Mirror of gocryptfs source code on Github http://nuetzlich.net/cgit/gocryptfs/atom?h=flaggy 2021-07-31T11:24:25+00:00 2021-07-31T11:24:25+00:00 Jakob Unterwurzacher 2021-07-31T11:24:25+00:00 urn:sha1:1bc1db620b061aabf59469a5eb4fb60e3e1701a3 Use the Gen field (inode generation) to distinguish hard links while passing the real inode numbers to userspace. Fixes https://github.com/rfjakob/gocryptfs/issues/584 2021-06-21T10:12:44+00:00 Jakob Unterwurzacher 2021-06-21T10:12:44+00:00 urn:sha1:05b813f2026ebe6bff33cb600775823ee8a7df6e 2021-06-21T09:48:16+00:00 Jakob Unterwurzacher 2021-06-21T09:48:16+00:00 urn:sha1:e244b514913a31293eac1dc728f5b1026ab84b98 TestZerokey verifies that `gocryptfs -zerokey` uses the same options as `gocryptfs -init`. 2021-06-20T16:09:21+00:00 DerDonut 2021-06-17T06:11:33+00:00 urn:sha1:a611810ff46ed0899d677f24c330a994ad125bfb This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality. 2021-03-20T09:33:34+00:00 Jakob Unterwurzacher 2021-03-20T09:33:34+00:00 urn:sha1:255a71c9179b9ad32587b20c41f81dc0b8cc3f44 Allows to drop a few Mkdir()s. 2021-03-12T18:25:25+00:00 Jakob Unterwurzacher 2021-03-12T18:25:25+00:00 urn:sha1:952d45ce84f63de963a1727e439e95883f9e65c1 Also fix incomplete uid restoration in TestSupplementaryGroups and replace syscall.Setregid and friends with unix.Setregid and friends. This test is added to check if have problems handling a full disk. The ticket https://github.com/rfjakob/gocryptfs/issues/550 states that the full disk was not where the backing gocryptfs filesystem was, but this has no effect on gocryptfs, so we test the harder case. 2021-03-07T16:22:29+00:00 Jakob Unterwurzacher 2021-03-07T16:22:29+00:00 urn:sha1:e2dc52a9657e530820b2d5b49ad7425b529029ce Hard link tracking was not correctly disabled since the migration to the go-fuse v2 api. Add a test to ensure it stays off. Fixes https://github.com/rfjakob/gocryptfs/issues/525 2021-01-10T07:07:10+00:00 Jakob Unterwurzacher 2021-01-10T07:06:09+00:00 urn:sha1:bed60101f4925eb2cce736301f5cc45ad267c187 Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier when mounting via fstab. Having the files follow chmod/chown of their parent does not seem to be worth the hassle. The content of the diriv files is not secret, and both diriv and name files are protected by the perms of the parent dir. Fixes https://github.com/rfjakob/gocryptfs/issues/539 2020-09-06T09:35:25+00:00 Jakob Unterwurzacher 2020-09-06T09:35:25+00:00 urn:sha1:993b19c19c26eac480d88cc67bfe7455e67faada Fixes https://github.com/rfjakob/gocryptfs/pull/503 2020-06-06T10:53:45+00:00 Jakob Unterwurzacher 2020-06-06T10:50:39+00:00 urn:sha1:3b61244b72f74a25651d4ba184ac7cc62c937db0 Simplify the tests by using empty files. Empty files are valid, and we don't check the content anyway. Also adjust comment style a little and add a missing break statement.