diff options
| author | Jakob Unterwurzacher | 2021-09-10 12:14:19 +0200 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2021-09-10 12:14:19 +0200 |
| commit | d023cd6c95fcbc6b5056ba1f425d2ac3df4abc5a (patch) | |
| tree | 8e5df3a175b183f0db989a9d8f940a3c5c7434b0 /internal/fusefrontend | |
| parent | c974116322f057a36ffb0b2ec0338b7f60872773 (diff) | |
cli: drop -forcedecode flag
The rewritten openssl backend does not support this flag anymore,
and it was inherently dangerour. Drop it (ignored for compatibility)
Diffstat (limited to 'internal/fusefrontend')
| -rw-r--r-- | internal/fusefrontend/args.go | 2 | ||||
| -rw-r--r-- | internal/fusefrontend/file.go | 14 | ||||
| -rw-r--r-- | internal/fusefrontend/xattr_unit_test.go | 4 |
3 files changed, 5 insertions, 15 deletions
diff --git a/internal/fusefrontend/args.go b/internal/fusefrontend/args.go index 4aedf2e..64a5923 100644 --- a/internal/fusefrontend/args.go +++ b/internal/fusefrontend/args.go @@ -26,8 +26,6 @@ type Args struct { ConfigCustom bool // NoPrealloc disables automatic preallocation before writing NoPrealloc bool - // Force decode even if integrity check fails (openSSL only) - ForceDecode bool // Exclude is a list of paths to make inaccessible, starting match at // the filesystem root Exclude []string diff --git a/internal/fusefrontend/file.go b/internal/fusefrontend/file.go index 661c2b8..3ce1b1e 100644 --- a/internal/fusefrontend/file.go +++ b/internal/fusefrontend/file.go @@ -20,7 +20,6 @@ import ( "github.com/rfjakob/gocryptfs/v2/internal/contentenc" "github.com/rfjakob/gocryptfs/v2/internal/inomap" "github.com/rfjakob/gocryptfs/v2/internal/openfiletable" - "github.com/rfjakob/gocryptfs/v2/internal/stupidgcm" "github.com/rfjakob/gocryptfs/v2/internal/syscallcompat" "github.com/rfjakob/gocryptfs/v2/internal/tlog" ) @@ -208,16 +207,9 @@ func (f *File) doRead(dst []byte, off uint64, length uint64) ([]byte, syscall.Er plaintext, err := f.contentEnc.DecryptBlocks(ciphertext, firstBlockNo, fileID) f.rootNode.contentEnc.CReqPool.Put(ciphertext) if err != nil { - if f.rootNode.args.ForceDecode && err == stupidgcm.ErrAuth { - // We do not have the information which block was corrupt here anymore, - // but DecryptBlocks() has already logged it anyway. - tlog.Warn.Printf("doRead %d: off=%d len=%d: returning corrupt data due to forcedecode", - f.qIno.Ino, off, length) - } else { - curruptBlockNo := firstBlockNo + f.contentEnc.PlainOffToBlockNo(uint64(len(plaintext))) - tlog.Warn.Printf("doRead %d: corrupt block #%d: %v", f.qIno.Ino, curruptBlockNo, err) - return nil, syscall.EIO - } + curruptBlockNo := firstBlockNo + f.contentEnc.PlainOffToBlockNo(uint64(len(plaintext))) + tlog.Warn.Printf("doRead %d: corrupt block #%d: %v", f.qIno.Ino, curruptBlockNo, err) + return nil, syscall.EIO } // Crop down to the relevant part diff --git a/internal/fusefrontend/xattr_unit_test.go b/internal/fusefrontend/xattr_unit_test.go index 7449d24..5bffd5e 100644 --- a/internal/fusefrontend/xattr_unit_test.go +++ b/internal/fusefrontend/xattr_unit_test.go @@ -17,8 +17,8 @@ import ( func newTestFS(args Args) *RootNode { // Init crypto backend key := make([]byte, cryptocore.KeyLen) - cCore := cryptocore.New(key, cryptocore.BackendGoGCM, contentenc.DefaultIVBits, true, false) - cEnc := contentenc.New(cCore, contentenc.DefaultBS, false) + cCore := cryptocore.New(key, cryptocore.BackendGoGCM, contentenc.DefaultIVBits, true) + cEnc := contentenc.New(cCore, contentenc.DefaultBS) n := nametransform.New(cCore.EMECipher, true, true, nil, false) rn := NewRootNode(args, cEnc, n) oneSec := time.Second |