aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2016-05-25 00:28:22 +0200
committerJakob Unterwurzacher2016-05-25 00:28:22 +0200
commitb5ae3dcc4e1a67ac1be24be1b84133c9bd78e7d4 (patch)
tree4e707f98721532add8d81d1035592e0c0e371f76
parent30f0ae37207ea65221a3c66c1f91bc62c025c07d (diff)
Update README for v0.10
Also add dates for all releases.
-rw-r--r--README.md41
1 files changed, 22 insertions, 19 deletions
diff --git a/README.md b/README.md
index 66d7214..9ad6546 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,9 @@ gocryptfs is built on top the excellent
LoopbackFileSystem API.
This project was inspired by EncFS and strives to fix its security
-issues while providing good performance.
+issues while providing good performance
+([benchmarks](https://nuetzlich.net/gocryptfs/comparison/#performance)).
+
For details on the security of gocryptfs see the
[Security](https://nuetzlich.net/gocryptfs/security/) design document.
@@ -22,7 +24,7 @@ Current Status
gocryptfs is a young project. While bugs in any software can cause issues,
bugs in encryption software can cause catastrophic data loss. Keep a backup
of your gocryptfs filesystem *and* store a copy of your master key (printed
-on mount) in a safe place.
+on mount) in a safe place. See below for how gocryptfs is tested.
Only Linux is supported at the moment. [Help wanted for a Mac OS X port.](https://github.com/rfjakob/gocryptfs/issues/15)
@@ -33,15 +35,14 @@ gocryptfs comes with is own test suite that is constantly expanded as features a
added. Run it using `./test.bash`. It takes about 1 minute and requires FUSE
as it mounts several test filesystems.
+The `stress_tests` directory contains stress tests that run indefinitely.
+
In addition, I have ported `xfstests` to FUSE, the result is the
[fuse-xfstests](https://github.com/rfjakob/fuse-xfstests) project. gocryptfs
passes the "generic" tests with one exception, results: [XFSTESTS.md](Documentation/XFSTESTS.md)
A lot of work has gone into this. The testing has found bugs in gocryptfs
-as well as in go-fuse.
-
-The one exception is generic/035, see [go-fuse issue 55](https://github.com/hanwen/go-fuse/issues/55)
-for details. While this is a POSIX violation, I do not see any real-world impact.
+as well as in the go-fuse library.
Compile
-------
@@ -100,7 +101,7 @@ RM: 4.42
Changelog
---------
-v0.10-rc3
+v0.10, 2016-05-24
* **Drop dependency to `spacemonkeygo/openssl`**
* gocryptfs now has its own thin wrapper to OpenSSL's GCM implementation
called `stupidgcm`.
@@ -117,8 +118,10 @@ v0.10-rc3
* In all other cases OpenSSL is much faster and is used instead.
* Passing `-openssl=true/false` overrides the autodetection.
* [Fix statfs](https://github.com/rfjakob/gocryptfs/pull/27), by @lxp
+* Fix a fsstress [failure](https://github.com/hanwen/go-fuse/issues/106)
+ in the go-fuse library.
-v0.9
+v0.9, 2016-04-10
* **Long file name support**
* gocryptfs now supports file names up to 255 characters.
* This is a forwards-compatible change. gocryptfs v0.9 can mount filesystems
@@ -131,25 +134,25 @@ v0.9
* `-d`: Alias for `-debug`
* `-q`: Alias for `-quiet`
-v0.8
+v0.8, 2016-01-23
* Redirect output to syslog when running in the background
* New command-line option:
* `-memprofile`: Write a memory allocation debugging profile the specified
file
-v0.7.2
+v0.7.2, 2016-01-19
* **Fix performance issue in small file creation**
* This brings performance on-par with EncFS paranoia mode, with streaming writes
significantly faster
* The actual [fix](https://github.com/hanwen/go-fuse/commit/c4b6b7949716d13eec856baffc7b7941ae21778c)
is in the go-fuse library. There are no code changes in gocryptfs.
-v0.7.1
+v0.7.1, 2016-01-09
* Make the `build.bash` script compatible with Go 1.3
* Disable fallocate on OSX (system call not availabe)
* Introduce pre-built binaries for Fedora 23 and Debian 8
-v0.7
+v0.7, 2015-12-20
* **Extend GCM IV size to 128 bit from Go's default of 96 bit**
* This pushes back the birthday bound to make IV collisions virtually
impossible
@@ -158,7 +161,7 @@ v0.7
* New command-line option:
* `-gcmiv128`: Use 128-bit GCM IVs (default true)
-v0.6
+v0.6, 2015-12-08
* **Wide-block filename encryption using EME + DirIV**
* EME (ECB-Mix-ECB) provides even better security than CBC as it fixes
the prefix leak. The used Go EME implementation is
@@ -169,11 +172,11 @@ v0.6
* New command-line option:
* `-emenames`: Enable EME filename encryption (default true)
-v0.5.1
+v0.5.1, 2015-12-06
* Fix a rename regression caused by DirIV and add test case
* Use fallocate to guard against out-of-space errors
-v0.5
+v0.5, 2015-12-04
* **Stronger filename encryption: DirIV**
* Each directory gets a random 128 bit file name IV on creation,
stored in `gocryptfs.diriv`
@@ -189,7 +192,7 @@ v0.5
can be used for faster mounting at the cost of lower brute-force
resistance. It was mainly added to speed up the automated tests.
-v0.4
+v0.4, 2015-11-15
* New command-line options:
* `-plaintextnames`: disables filename encryption, added on user request
* `-extpass`: calls an external program for prompting for the password
@@ -200,16 +203,16 @@ v0.4
format changes. The first user is `-plaintextnames`.
* On-disk format 2
-v0.3
+v0.3, 2015-11-01
* **Add a random 128 bit file header to authenticate file->block ownership**
* This is an on-disk-format change
* On-disk format 1
-v0.2
+v0.2, 2015-10-11
* Replace bash daemonization wrapper with native Go implementation
* Better user feedback on mount failures
-v0.1
+v0.1, 2015-10-07
* First release
* On-disk format 0