diff options
author | Jakob Unterwurzacher | 2016-11-01 10:57:39 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2016-11-01 10:57:39 +0100 |
commit | 944eaf2fb507265d41db5685b1c8d902e20e52da (patch) | |
tree | b55f9d466b61bd04e8f8d6e366b543fe79c0a31d /internal | |
parent | a9c7565b8002a98f7dc77dfd675ecf1c803fe6b5 (diff) |
fusefronted: expire dir IV cache after one second
The Back In Time backup tool (https://github.com/bit-team/backintime)
wants to write directly into the ciphertext dir.
This may cause the cached directory IV to become out-of-date.
Having an expiry time limits the inconstency to one second, like
attr_timeout does for the kernel getattr cache.
Diffstat (limited to 'internal')
-rw-r--r-- | internal/nametransform/diriv_cache.go | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/internal/nametransform/diriv_cache.go b/internal/nametransform/diriv_cache.go index 068fd45..82c5bd3 100644 --- a/internal/nametransform/diriv_cache.go +++ b/internal/nametransform/diriv_cache.go @@ -1,12 +1,21 @@ package nametransform -import "sync" +import ( + "sync" + "time" +) // Single-entry DirIV cache. Stores the directory IV and the encrypted // path. type dirIVCache struct { // Directory the DirIV belongs to dir string + // Time the entry expires. + // The cached entry my become out-of-date if the ciphertext directory is + // modifed behind the back of gocryptfs. Having an expiry time limits the + // inconstency to one second, like attr_timeout does for the kernel + // getattr cache. + expiry time.Time // The DirIV iv []byte @@ -25,6 +34,10 @@ func (c *dirIVCache) lookup(dir string) ([]byte, string) { if c.cleared || c.dir != dir { return nil, "" } + if time.Since(c.expiry) > 0 { + c.cleared = true + return nil, "" + } return c.iv, c.cDir } @@ -36,6 +49,8 @@ func (c *dirIVCache) store(dir string, iv []byte, cDir string) { c.iv = iv c.dir = dir c.cDir = cDir + // Set expiry time one second into the future + c.expiry = time.Now().Add(1 * time.Second) } // Clear ... clear the cache. |