aboutsummaryrefslogtreecommitdiff
path: root/internal/fusefrontend/ctlsock_interface.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2019-01-02 21:45:40 +0100
committerJakob Unterwurzacher2019-01-02 21:45:40 +0100
commit2b12bba274ba75f76ac8c2af3790e4190b32396f (patch)
treeba8a637f0677cbe387220de9f4742dd0e33c639c /internal/fusefrontend/ctlsock_interface.go
parent59f1300591d44b1e5d8187b54951c03d6120289f (diff)
fusefronted: make EncryptPath symlink-safe
Finally allows us to delete EncryptPathDirIV.
Diffstat (limited to 'internal/fusefrontend/ctlsock_interface.go')
-rw-r--r--internal/fusefrontend/ctlsock_interface.go28
1 files changed, 26 insertions, 2 deletions
diff --git a/internal/fusefrontend/ctlsock_interface.go b/internal/fusefrontend/ctlsock_interface.go
index b29d150..15345f3 100644
--- a/internal/fusefrontend/ctlsock_interface.go
+++ b/internal/fusefrontend/ctlsock_interface.go
@@ -3,21 +3,45 @@ package fusefrontend
import (
"fmt"
"path"
+ "path/filepath"
"strings"
"syscall"
"github.com/rfjakob/gocryptfs/internal/ctlsock"
"github.com/rfjakob/gocryptfs/internal/nametransform"
"github.com/rfjakob/gocryptfs/internal/syscallcompat"
+ "github.com/rfjakob/gocryptfs/internal/tlog"
)
var _ ctlsock.Interface = &FS{} // Verify that interface is implemented.
// EncryptPath implements ctlsock.Backend
//
-// TODO: this function is NOT symlink-safe.
+// Symlink-safe through openBackingDir().
func (fs *FS) EncryptPath(plainPath string) (string, error) {
- return fs.encryptPath(plainPath)
+ if plainPath == "" {
+ // Empty string gets encrypted as empty string
+ return plainPath, nil
+ }
+ if fs.args.PlaintextNames {
+ return plainPath, nil
+ }
+ // Encrypt path level by level using openBackingDir. Pretty inefficient,
+ // but does not matter here.
+ parts := strings.Split(plainPath, "/")
+ wd := ""
+ cPath := ""
+ for _, part := range parts {
+ wd = filepath.Join(wd, part)
+ dirfd, cName, err := fs.openBackingDir(wd)
+ if err != nil {
+ return "", err
+ }
+ syscall.Close(dirfd)
+ cPath = filepath.Join(cPath, cName)
+ }
+ tlog.Debug.Printf("encryptPath '%s' -> '%s'", plainPath, cPath)
+ return cPath, nil
}
// DecryptPath implements ctlsock.Backend