diff options
author | Jakob Unterwurzacher | 2018-11-04 21:27:13 +0100 |
---|---|---|
committer | Jakob Unterwurzacher | 2019-01-01 16:24:20 +0100 |
commit | 8586a8382561e3bcac65f4bfd0ef0694e6e11245 (patch) | |
tree | de9d4e80362dde4db8d47283223b8983e144b638 /internal | |
parent | 0c1ceed1fa55e2a9174050c324f679821a5fca8d (diff) |
fusefrontend: use openBackingDir in ctlsock interface
Instead of calling syscall.Open() ourselves, rely on
openBackingDir().
Diffstat (limited to 'internal')
-rw-r--r-- | internal/fusefrontend/ctlsock_interface.go | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/internal/fusefrontend/ctlsock_interface.go b/internal/fusefrontend/ctlsock_interface.go index 730ed58..92de40f 100644 --- a/internal/fusefrontend/ctlsock_interface.go +++ b/internal/fusefrontend/ctlsock_interface.go @@ -14,13 +14,18 @@ import ( var _ ctlsock.Interface = &FS{} // Verify that interface is implemented. // EncryptPath implements ctlsock.Backend +// +// TODO: this function is NOT symlink-safe. func (fs *FS) EncryptPath(plainPath string) (string, error) { return fs.encryptPath(plainPath) } // DecryptPath implements ctlsock.Backend +// +// DecryptPath is symlink-safe because openBackingDir() and decryptPathAt() +// are symlink-safe. func (fs *FS) DecryptPath(cipherPath string) (plainPath string, err error) { - dirfd, err := syscall.Open(fs.args.Cipherdir, syscall.O_RDONLY, 0) + dirfd, _, err := fs.openBackingDir("") if err != nil { return "", err } @@ -29,6 +34,8 @@ func (fs *FS) DecryptPath(cipherPath string) (plainPath string, err error) { } // decryptPathAt decrypts a ciphertext path relative to dirfd. +// +// Symlink-safe through ReadDirIVAt() and ReadLongNameAt(). func (fs *FS) decryptPathAt(dirfd int, cipherPath string) (plainPath string, err error) { if fs.args.PlaintextNames || cipherPath == "" { return cipherPath, nil |