summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2016-06-16 23:23:09 +0200
committerJakob Unterwurzacher2016-06-16 23:23:09 +0200
commitcc2a75b05029453192cbf90687ce5af5016841ad (patch)
tree4389f5e3d0d63b389f107c1ba8844145d0edc44e
parent3234b9b5cee8de995dcf42b5384b9290d906397f (diff)
Mount v0.6 and older filesystems as read-only
This is part of the phase-out of very old filesystems. See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for more info.
-rw-r--r--internal/configfile/config_file.go20
-rw-r--r--main.go7
2 files changed, 20 insertions, 7 deletions
diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go
index 1753cf3..7024849 100644
--- a/internal/configfile/config_file.go
+++ b/internal/configfile/config_file.go
@@ -118,10 +118,12 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
if deprecatedFs {
fmt.Printf("\033[33m" + `
This filesystem was created by gocryptfs v0.6 or earlier. You are missing
- security improvements. gocryptfs v1.0 is scheduled to drop support for this
- filesystem, please upgrade!
- If you disagree with the plan or have trouble upgrading, please join the
- discussion at https://github.com/rfjakob/gocryptfs/issues/29 .
+ security improvements. Mounting read-only, please upgrade!
+ Instructions: https://github.com/rfjakob/gocryptfs/wiki/Upgrading
+
+ gocryptfs v1.0 is scheduled to drop support for this filesystem completely.
+ If you disagree with the plan or have trouble upgrading, please join
+ the discussion at https://github.com/rfjakob/gocryptfs/issues/29 .
` + "\033[0m")
}
@@ -143,9 +145,17 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) {
return nil, nil, fmt.Errorf("Password incorrect.")
}
- return key, &cf, nil
+ if deprecatedFs {
+ err = DeprecatedFsError{}
+ }
+ return key, &cf, err
}
+// The filesystem is deprecated.
+type DeprecatedFsError struct{}
+
+func (e DeprecatedFsError) Error() string { return "deprecated filesystem" }
+
// EncryptKey - encrypt "key" using an scrypt hash generated from "password"
// and store it in cf.EncryptedKey.
// Uses scrypt with cost parameter logN and stores the scrypt parameters in
diff --git a/main.go b/main.go
index 2d7b50f..b29b2f6 100644
--- a/main.go
+++ b/main.go
@@ -122,8 +122,11 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
pw := readpassword.Once(args.extpass)
tlog.Info.Println("Decrypting master key")
masterkey, confFile, err = configfile.LoadConfFile(args.config, pw)
- if err != nil {
- tlog.Fatal.Println(err.Error())
+ if _, ok := err.(configfile.DeprecatedFsError); ok {
+ // Force read-only mode
+ args.ro = true
+ } else if err != nil {
+ tlog.Fatal.Println(err)
os.Exit(ERREXIT_LOADCONF)
}