diff options
author | Jakob Unterwurzacher | 2018-10-14 20:11:49 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2019-01-01 16:24:09 +0100 |
commit | 932efbd4593fe6be6c86f0dafeaea32910b7c246 (patch) | |
tree | a950de9c1434a180f9b6f908d522d8222cecb768 /internal/nametransform/diriv.go | |
parent | 0e2e7c13cfc6d37f2521db99bf0393c37a5549d6 (diff) |
fusefrontend: make openBackingDir() symlink-safe
openBackingDir() used encryptPath(), which is not symlink-safe
itself. Drop encryptPath() and implement our own directory walk.
Adds three seconds to untar and two seconds to rm:
$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.MzG: gocryptfs v1.6-36-g8fb3c2f-dirty; go-fuse v20170619-66-g6df8ddc; 2018-10-14 go1.11
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.25078 s, 210 MB/s
READ: 262144000 bytes (262 MB, 250 MiB) copied, 1.0318 s, 254 MB/s
UNTAR: 20.941
MD5: 11.568
LS: 1.638
RM: 5.337
Diffstat (limited to 'internal/nametransform/diriv.go')
-rw-r--r-- | internal/nametransform/diriv.go | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/internal/nametransform/diriv.go b/internal/nametransform/diriv.go index b45ae52..c2b9bb1 100644 --- a/internal/nametransform/diriv.go +++ b/internal/nametransform/diriv.go @@ -121,7 +121,7 @@ func WriteDirIV(dirfd int, dir string) error { // encryptAndHashName encrypts "name" and hashes it to a longname if it is // too long. -func (be *NameTransform) encryptAndHashName(name string, iv []byte) string { +func (be *NameTransform) EncryptAndHashName(name string, iv []byte) string { cName := be.EncryptName(name, iv) if be.longNames && len(cName) > unix.NAME_MAX { return be.HashLongName(cName) @@ -132,6 +132,9 @@ func (be *NameTransform) encryptAndHashName(name string, iv []byte) string { // EncryptPathDirIV - encrypt relative plaintext path "plainPath" using EME with // DirIV. "rootDir" is the backing storage root directory. // Components that are longer than 255 bytes are hashed if be.longnames == true. +// +// TODO: EncryptPathDirIV is NOT SAFE against symlink races. This function +// should eventually be deleted. func (be *NameTransform) EncryptPathDirIV(plainPath string, rootDir string) (string, error) { var err error // Empty string means root directory @@ -148,7 +151,7 @@ func (be *NameTransform) EncryptPathDirIV(plainPath string, rootDir string) (str // in the tar extract benchmark. parentDir := Dir(plainPath) if iv, cParentDir := be.DirIVCache.Lookup(parentDir); iv != nil { - cBaseName := be.encryptAndHashName(baseName, iv) + cBaseName := be.EncryptAndHashName(baseName, iv) return filepath.Join(cParentDir, cBaseName), nil } // We have to walk the directory tree, starting at the root directory. @@ -166,7 +169,7 @@ func (be *NameTransform) EncryptPathDirIV(plainPath string, rootDir string) (str } be.DirIVCache.Store(plainWD, iv, cipherWD) } - cipherName := be.encryptAndHashName(plainName, iv) + cipherName := be.EncryptAndHashName(plainName, iv) cipherWD = filepath.Join(cipherWD, cipherName) plainWD = filepath.Join(plainWD, plainName) } |