diff options
| author | Jakob Unterwurzacher | 2021-11-01 14:44:32 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2021-11-01 14:44:32 +0100 |
| commit | d530fbd400c88fa54c856d958963d77669ac9cf2 (patch) | |
| tree | d43ee0ed0ab4738e4fe5a77ceed3222740f3842c | |
| parent | 87a6bb370acc3690e89a8b0d5109fcb0dab0a374 (diff) | |
docs: names longer than 175 bytes (not 176) are stored in longnames
Quoting fusefrontend_reverse/node_helpers.go :
// File names are padded to 16-byte multiples, encrypted and
// base64-encoded. We can encode at most 176 bytes to stay below the 255
// bytes limit:
// * base64(176 bytes) = 235 bytes
// * base64(192 bytes) = 256 bytes (over 255!)
// But the PKCS#7 padding is at least one byte. This means we can only use
// 175 bytes for the file name.
Noticed by @bailey27 at https://github.com/rfjakob/gocryptfs/issues/499#issuecomment-955790427
| -rw-r--r-- | Documentation/MANPAGE.md | 7 | ||||
| -rw-r--r-- | cli_args.go | 2 | ||||
| -rw-r--r-- | internal/configfile/feature_flags.go | 2 |
3 files changed, 6 insertions, 5 deletions
diff --git a/Documentation/MANPAGE.md b/Documentation/MANPAGE.md index b9c72dd..ffed44e 100644 --- a/Documentation/MANPAGE.md +++ b/Documentation/MANPAGE.md @@ -318,9 +318,10 @@ the directories. Example: gocryptfs -ko noexec /tmp/foo /tmp/bar #### -longnames -Store names longer than 176 bytes in extra files (default true) -This flag is useful when recovering old gocryptfs filesystems using -"-masterkey". It is ignored (stays at the default) otherwise. +Store names that are longer than 175 bytes in extra files (default true). + +This flag is only useful when recovering very old gocryptfs filesystems (gocryptfs v0.8 and earlier) +using "-masterkey". It is ignored (stays at the default) otherwise. #### -nodev See `-dev, -nodev`. diff --git a/cli_args.go b/cli_args.go index e925345..6b97744 100644 --- a/cli_args.go +++ b/cli_args.go @@ -163,7 +163,7 @@ func parseCliOpts(osArgs []string) (args argContainer) { flagSet.BoolVar(&args.quiet, "quiet", false, "Quiet - silence informational messages") flagSet.BoolVar(&args.nosyslog, "nosyslog", false, "Do not redirect output to syslog when running in the background") flagSet.BoolVar(&args.wpanic, "wpanic", false, "When encountering a warning, panic and exit immediately") - flagSet.BoolVar(&args.longnames, "longnames", true, "Store names longer than 176 bytes in extra files") + flagSet.BoolVar(&args.longnames, "longnames", true, "Store names longer than 175 bytes in extra files") flagSet.BoolVar(&args.allow_other, "allow_other", false, "Allow other users to access the filesystem. "+ "Only works if user_allow_other is set in /etc/fuse.conf.") flagSet.BoolVar(&args.reverse, "reverse", false, "Reverse mode") diff --git a/internal/configfile/feature_flags.go b/internal/configfile/feature_flags.go index e45b20c..d6627a5 100644 --- a/internal/configfile/feature_flags.go +++ b/internal/configfile/feature_flags.go @@ -14,7 +14,7 @@ const ( // This flag is mandatory since gocryptfs v1.0, // except when XChaCha20Poly1305 is used. FlagGCMIV128 - // FlagLongNames allows file names longer than 176 bytes. + // FlagLongNames allows file names longer than 175 bytes. FlagLongNames // FlagLongNameMax sets a custom name length limit, names longer than that // will be hashed. |