diff options
author | Jakob Unterwurzacher | 2018-11-04 21:29:17 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2019-01-01 16:24:25 +0100 |
commit | de3a2c189578f7636c39fde44fbe1da9c78b367e (patch) | |
tree | 7d7aab2a7074a51b1a7832560741a9eced72c63c | |
parent | 8586a8382561e3bcac65f4bfd0ef0694e6e11245 (diff) |
fusefrontend: mark a few more functions as symlink-safe / unsafe
-rw-r--r-- | internal/fusefrontend/names.go | 5 | ||||
-rw-r--r-- | internal/fusefrontend/xattr.go | 2 | ||||
-rw-r--r-- | internal/nametransform/longnames.go | 10 |
3 files changed, 16 insertions, 1 deletions
diff --git a/internal/fusefrontend/names.go b/internal/fusefrontend/names.go index 5ec252b..6997177 100644 --- a/internal/fusefrontend/names.go +++ b/internal/fusefrontend/names.go @@ -33,6 +33,8 @@ func (fs *FS) isFiltered(path string) bool { // GetBackingPath - get the absolute encrypted path of the backing file // from the relative plaintext path "relPath" +// +// TODO: this function is NOT symlink-safe. func (fs *FS) getBackingPath(relPath string) (string, error) { cPath, err := fs.encryptPath(relPath) if err != nil { @@ -96,6 +98,9 @@ func (fs *FS) openBackingDir(relPath string) (dirfd int, cName string, err error } // encryptPath - encrypt relative plaintext path +// +// TODO: this function is NOT symlink-safe because EncryptPathDirIV is not +// symlink-safe. func (fs *FS) encryptPath(plainPath string) (string, error) { if plainPath != "" { // Empty path gets encrypted all the time without actual file accesses. fs.AccessedSinceLastCheck = 1 diff --git a/internal/fusefrontend/xattr.go b/internal/fusefrontend/xattr.go index 2fd51a3..81cb207 100644 --- a/internal/fusefrontend/xattr.go +++ b/internal/fusefrontend/xattr.go @@ -24,6 +24,7 @@ var xattrNameIV = []byte("xattr_name_iv_xx") var xattrStorePrefix = "user.gocryptfs." // GetXAttr - FUSE call. Reads the value of extended attribute "attr". +// // TODO: Make symlink-safe. Blocker: package xattr does not provide fgetxattr(2). func (fs *FS) GetXAttr(path string, attr string, context *fuse.Context) ([]byte, fuse.Status) { if fs.isFiltered(path) { @@ -86,6 +87,7 @@ func (fs *FS) RemoveXAttr(path string, attr string, context *fuse.Context) fuse. } // ListXAttr - FUSE call. Lists extended attributes on the file at "path". +// // TODO: Make symlink-safe. Blocker: package xattr does not provide // flistxattr(2). func (fs *FS) ListXAttr(path string, context *fuse.Context) ([]string, fuse.Status) { diff --git a/internal/nametransform/longnames.go b/internal/nametransform/longnames.go index 9c8637e..6788ce6 100644 --- a/internal/nametransform/longnames.go +++ b/internal/nametransform/longnames.go @@ -24,6 +24,8 @@ const ( // HashLongName - take the hash of a long string "name" and return // "gocryptfs.longname.[sha256]" +// +// This function does not do any I/O. func (n *NameTransform) HashLongName(name string) string { hashBin := sha256.Sum256([]byte(name)) hashBase64 := n.B64.EncodeToString(hashBin[:]) @@ -47,6 +49,8 @@ const ( // gocryptfs.longname.[sha256] ........ LongNameContent (content of a long name file) // gocryptfs.longname.[sha256].name .... LongNameFilename (full file name of a long name file) // else ................................ LongNameNone (normal file) +// +// This function does not do any I/O. func NameType(cName string) int { if !strings.HasPrefix(cName, longNamePrefix) { return LongNameNone @@ -59,11 +63,15 @@ func NameType(cName string) int { // IsLongContent returns true if "cName" is the content store of a long name // file (looks like "gocryptfs.longname.[sha256]"). +// +// This function does not do any I/O. func IsLongContent(cName string) bool { return NameType(cName) == LongNameContent } -// ReadLongName - read "$path.name" +// ReadLongName - read cName + ".name" from the directory opened as dirfd. +// +// Symlink-safe through Openat(). func ReadLongNameAt(dirfd int, cName string) (string, error) { cName += LongNameSuffix fd, err := syscallcompat.Openat(dirfd, cName, syscall.O_NOFOLLOW, 0) |