diff options
| author | Jakob Unterwurzacher | 2016-06-16 23:23:09 +0200 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2016-06-16 23:23:09 +0200 |
| commit | cc2a75b05029453192cbf90687ce5af5016841ad (patch) | |
| tree | 4389f5e3d0d63b389f107c1ba8844145d0edc44e | |
| parent | 3234b9b5cee8de995dcf42b5384b9290d906397f (diff) | |
Mount v0.6 and older filesystems as read-only
This is part of the phase-out of very old filesystems.
See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for
more info.
| -rw-r--r-- | internal/configfile/config_file.go | 20 | ||||
| -rw-r--r-- | main.go | 7 |
2 files changed, 20 insertions, 7 deletions
diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go index 1753cf3..7024849 100644 --- a/internal/configfile/config_file.go +++ b/internal/configfile/config_file.go @@ -118,10 +118,12 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) { if deprecatedFs { fmt.Printf("\033[33m" + ` This filesystem was created by gocryptfs v0.6 or earlier. You are missing - security improvements. gocryptfs v1.0 is scheduled to drop support for this - filesystem, please upgrade! - If you disagree with the plan or have trouble upgrading, please join the - discussion at https://github.com/rfjakob/gocryptfs/issues/29 . + security improvements. Mounting read-only, please upgrade! + Instructions: https://github.com/rfjakob/gocryptfs/wiki/Upgrading + + gocryptfs v1.0 is scheduled to drop support for this filesystem completely. + If you disagree with the plan or have trouble upgrading, please join + the discussion at https://github.com/rfjakob/gocryptfs/issues/29 . ` + "\033[0m") } @@ -143,9 +145,17 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) { return nil, nil, fmt.Errorf("Password incorrect.") } - return key, &cf, nil + if deprecatedFs { + err = DeprecatedFsError{} + } + return key, &cf, err } +// The filesystem is deprecated. +type DeprecatedFsError struct{} + +func (e DeprecatedFsError) Error() string { return "deprecated filesystem" } + // EncryptKey - encrypt "key" using an scrypt hash generated from "password" // and store it in cf.EncryptedKey. // Uses scrypt with cost parameter logN and stores the scrypt parameters in @@ -122,8 +122,11 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf pw := readpassword.Once(args.extpass) tlog.Info.Println("Decrypting master key") masterkey, confFile, err = configfile.LoadConfFile(args.config, pw) - if err != nil { - tlog.Fatal.Println(err.Error()) + if _, ok := err.(configfile.DeprecatedFsError); ok { + // Force read-only mode + args.ro = true + } else if err != nil { + tlog.Fatal.Println(err) os.Exit(ERREXIT_LOADCONF) } |