aboutsummaryrefslogtreecommitdiff
path: root/internal/nametransform/diriv.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2018-10-14 20:11:49 +0200
committerJakob Unterwurzacher2019-01-01 16:24:09 +0100
commit932efbd4593fe6be6c86f0dafeaea32910b7c246 (patch)
treea950de9c1434a180f9b6f908d522d8222cecb768 /internal/nametransform/diriv.go
parent0e2e7c13cfc6d37f2521db99bf0393c37a5549d6 (diff)
fusefrontend: make openBackingDir() symlink-safe
openBackingDir() used encryptPath(), which is not symlink-safe itself. Drop encryptPath() and implement our own directory walk. Adds three seconds to untar and two seconds to rm: $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.MzG: gocryptfs v1.6-36-g8fb3c2f-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11 WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.25078 s, 210 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 1.0318 s, 254 MB/s UNTAR: 20.941 MD5: 11.568 LS: 1.638 RM: 5.337
Diffstat (limited to 'internal/nametransform/diriv.go')
-rw-r--r--internal/nametransform/diriv.go9
1 files changed, 6 insertions, 3 deletions
diff --git a/internal/nametransform/diriv.go b/internal/nametransform/diriv.go
index b45ae52..c2b9bb1 100644
--- a/internal/nametransform/diriv.go
+++ b/internal/nametransform/diriv.go
@@ -121,7 +121,7 @@ func WriteDirIV(dirfd int, dir string) error {
// encryptAndHashName encrypts "name" and hashes it to a longname if it is
// too long.
-func (be *NameTransform) encryptAndHashName(name string, iv []byte) string {
+func (be *NameTransform) EncryptAndHashName(name string, iv []byte) string {
cName := be.EncryptName(name, iv)
if be.longNames && len(cName) > unix.NAME_MAX {
return be.HashLongName(cName)
@@ -132,6 +132,9 @@ func (be *NameTransform) encryptAndHashName(name string, iv []byte) string {
// EncryptPathDirIV - encrypt relative plaintext path "plainPath" using EME with
// DirIV. "rootDir" is the backing storage root directory.
// Components that are longer than 255 bytes are hashed if be.longnames == true.
+//
+// TODO: EncryptPathDirIV is NOT SAFE against symlink races. This function
+// should eventually be deleted.
func (be *NameTransform) EncryptPathDirIV(plainPath string, rootDir string) (string, error) {
var err error
// Empty string means root directory
@@ -148,7 +151,7 @@ func (be *NameTransform) EncryptPathDirIV(plainPath string, rootDir string) (str
// in the tar extract benchmark.
parentDir := Dir(plainPath)
if iv, cParentDir := be.DirIVCache.Lookup(parentDir); iv != nil {
- cBaseName := be.encryptAndHashName(baseName, iv)
+ cBaseName := be.EncryptAndHashName(baseName, iv)
return filepath.Join(cParentDir, cBaseName), nil
}
// We have to walk the directory tree, starting at the root directory.
@@ -166,7 +169,7 @@ func (be *NameTransform) EncryptPathDirIV(plainPath string, rootDir string) (str
}
be.DirIVCache.Store(plainWD, iv, cipherWD)
}
- cipherName := be.encryptAndHashName(plainName, iv)
+ cipherName := be.EncryptAndHashName(plainName, iv)
cipherWD = filepath.Join(cipherWD, cipherName)
plainWD = filepath.Join(plainWD, plainName)
}