summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-11-04 21:29:17 +0100
committerJakob Unterwurzacher2019-01-01 16:24:25 +0100
commitde3a2c189578f7636c39fde44fbe1da9c78b367e (patch)
tree7d7aab2a7074a51b1a7832560741a9eced72c63c
parent8586a8382561e3bcac65f4bfd0ef0694e6e11245 (diff)
fusefrontend: mark a few more functions as symlink-safe / unsafe
-rw-r--r--internal/fusefrontend/names.go5
-rw-r--r--internal/fusefrontend/xattr.go2
-rw-r--r--internal/nametransform/longnames.go10
3 files changed, 16 insertions, 1 deletions
diff --git a/internal/fusefrontend/names.go b/internal/fusefrontend/names.go
index 5ec252b..6997177 100644
--- a/internal/fusefrontend/names.go
+++ b/internal/fusefrontend/names.go
@@ -33,6 +33,8 @@ func (fs *FS) isFiltered(path string) bool {
// GetBackingPath - get the absolute encrypted path of the backing file
// from the relative plaintext path "relPath"
+//
+// TODO: this function is NOT symlink-safe.
func (fs *FS) getBackingPath(relPath string) (string, error) {
cPath, err := fs.encryptPath(relPath)
if err != nil {
@@ -96,6 +98,9 @@ func (fs *FS) openBackingDir(relPath string) (dirfd int, cName string, err error
}
// encryptPath - encrypt relative plaintext path
+//
+// TODO: this function is NOT symlink-safe because EncryptPathDirIV is not
+// symlink-safe.
func (fs *FS) encryptPath(plainPath string) (string, error) {
if plainPath != "" { // Empty path gets encrypted all the time without actual file accesses.
fs.AccessedSinceLastCheck = 1
diff --git a/internal/fusefrontend/xattr.go b/internal/fusefrontend/xattr.go
index 2fd51a3..81cb207 100644
--- a/internal/fusefrontend/xattr.go
+++ b/internal/fusefrontend/xattr.go
@@ -24,6 +24,7 @@ var xattrNameIV = []byte("xattr_name_iv_xx")
var xattrStorePrefix = "user.gocryptfs."
// GetXAttr - FUSE call. Reads the value of extended attribute "attr".
+//
// TODO: Make symlink-safe. Blocker: package xattr does not provide fgetxattr(2).
func (fs *FS) GetXAttr(path string, attr string, context *fuse.Context) ([]byte, fuse.Status) {
if fs.isFiltered(path) {
@@ -86,6 +87,7 @@ func (fs *FS) RemoveXAttr(path string, attr string, context *fuse.Context) fuse.
}
// ListXAttr - FUSE call. Lists extended attributes on the file at "path".
+//
// TODO: Make symlink-safe. Blocker: package xattr does not provide
// flistxattr(2).
func (fs *FS) ListXAttr(path string, context *fuse.Context) ([]string, fuse.Status) {
diff --git a/internal/nametransform/longnames.go b/internal/nametransform/longnames.go
index 9c8637e..6788ce6 100644
--- a/internal/nametransform/longnames.go
+++ b/internal/nametransform/longnames.go
@@ -24,6 +24,8 @@ const (
// HashLongName - take the hash of a long string "name" and return
// "gocryptfs.longname.[sha256]"
+//
+// This function does not do any I/O.
func (n *NameTransform) HashLongName(name string) string {
hashBin := sha256.Sum256([]byte(name))
hashBase64 := n.B64.EncodeToString(hashBin[:])
@@ -47,6 +49,8 @@ const (
// gocryptfs.longname.[sha256] ........ LongNameContent (content of a long name file)
// gocryptfs.longname.[sha256].name .... LongNameFilename (full file name of a long name file)
// else ................................ LongNameNone (normal file)
+//
+// This function does not do any I/O.
func NameType(cName string) int {
if !strings.HasPrefix(cName, longNamePrefix) {
return LongNameNone
@@ -59,11 +63,15 @@ func NameType(cName string) int {
// IsLongContent returns true if "cName" is the content store of a long name
// file (looks like "gocryptfs.longname.[sha256]").
+//
+// This function does not do any I/O.
func IsLongContent(cName string) bool {
return NameType(cName) == LongNameContent
}
-// ReadLongName - read "$path.name"
+// ReadLongName - read cName + ".name" from the directory opened as dirfd.
+//
+// Symlink-safe through Openat().
func ReadLongNameAt(dirfd int, cName string) (string, error) {
cName += LongNameSuffix
fd, err := syscallcompat.Openat(dirfd, cName, syscall.O_NOFOLLOW, 0)