Implement PlainTextNames mode

Also, forbid access to "gocryptfs.conf" in the root dir.

1 files changed, 59 insertions, 9 deletions

diff --git a/pathfs_frontend/fs.go b/pathfs_frontend/fs.go
index 3ec503f..1ef19d2 100644
--- a/pathfs_frontend/fs.go
+++ b/pathfs_frontend/fs.go
@@ -19,9 +19,9 @@ type FS struct {
 }
 
 // Encrypted FUSE overlay filesystem
-func NewFS(key []byte, backing string, useOpenssl bool) *FS {
+func NewFS(key []byte, backing string, useOpenssl bool, plaintextNames bool) *FS {
 	return &FS{
-		CryptFS:    cryptfs.NewCryptFS(key, useOpenssl),
+		CryptFS:    cryptfs.NewCryptFS(key, useOpenssl, plaintextNames),
 		FileSystem: pathfs.NewLoopbackFileSystem(backing),
 		backing:    backing,
 	}
@@ -34,6 +34,9 @@ func (fs *FS) GetPath(relPath string) string {
 
 func (fs *FS) GetAttr(name string, context *fuse.Context) (*fuse.Attr, fuse.Status) {
 	cryptfs.Debug.Printf("FS.GetAttr('%s')\n", name)
+	if name == cryptfs.ConfDefaultName {
+		return nil, fuse.EPERM // See comment in Open()
+	}
 	cName := fs.EncryptPath(name)
 	a, status := fs.FileSystem.GetAttr(cName, context)
 	if a == nil {
@@ -56,12 +59,12 @@ func (fs *FS) OpenDir(dirName string, context *fuse.Context) ([]fuse.DirEntry, f
 	if cipherEntries != nil {
 		for i := range cipherEntries {
 			cName := cipherEntries[i].Name
+			if dirName == "" && cName == cryptfs.ConfDefaultName {
+				// ignore "gocryptfs.conf" in the top level dir
+				continue
+			}
 			name, err := fs.DecryptPath(cName)
 			if err != nil {
-				if dirName == "" && cName == cryptfs.ConfDefaultName {
-					// Silently ignore "gocryptfs.conf" in the top level dir
-					continue
-				}
 				fmt.Printf("Invalid name \"%s\" in dir \"%s\": %s\n", cName, name, err)
 				continue
 			}
@@ -85,11 +88,18 @@ func (fs *FS) mangleOpenFlags(flags uint32) (newFlags int, writeOnly bool) {
 	return newFlags, writeOnly
 }
 
-func (fs *FS) Open(name string, flags uint32, context *fuse.Context) (fuseFile nodefs.File, status fuse.Status) {
-	cryptfs.Debug.Printf("Open(%s)\n", name)
+func (fs *FS) Open(path string, flags uint32, context *fuse.Context) (fuseFile nodefs.File, status fuse.Status) {
+	cryptfs.Debug.Printf("Open(%s)\n", path)
+
+	if path == cryptfs.ConfDefaultName {
+		// "gocryptfs.conf" in the top level dir is forbidden
+		// to protect the config file of this filesystem if
+		// "--plaintextnames" is enabled
+		return nil, fuse.EPERM
+	}
 
 	iflags, writeOnly := fs.mangleOpenFlags(flags)
-	f, err := os.OpenFile(fs.GetPath(name), iflags, 0666)
+	f, err := os.OpenFile(fs.GetPath(path), iflags, 0666)
 	if err != nil {
 		return nil, fuse.ToStatus(err)
 	}
@@ -98,6 +108,10 @@ func (fs *FS) Open(name string, flags uint32, context *fuse.Context) (fuseFile n
 }
 
 func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Context) (fuseFile nodefs.File, code fuse.Status) {
+	if path == cryptfs.ConfDefaultName {
+		return nil, fuse.EPERM // See comment in Open()
+	}
+
 	iflags, writeOnly := fs.mangleOpenFlags(flags)
 	f, err := os.OpenFile(fs.GetPath(path), iflags|os.O_CREATE, os.FileMode(mode))
 	if err != nil {
@@ -107,14 +121,26 @@ func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Conte
 }
 
 func (fs *FS) Chmod(path string, mode uint32, context *fuse.Context) (code fuse.Status) {
+	if path == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	return fs.FileSystem.Chmod(fs.EncryptPath(path), mode, context)
 }
 
 func (fs *FS) Chown(path string, uid uint32, gid uint32, context *fuse.Context) (code fuse.Status) {
+	if path == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	return fs.FileSystem.Chown(fs.EncryptPath(path), uid, gid, context)
 }
 
 func (fs *FS) Mknod(name string, mode uint32, dev uint32, context *fuse.Context) (code fuse.Status) {
+	if name == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	return fs.FileSystem.Mknod(fs.EncryptPath(name), mode, dev, context)
 }
 
@@ -124,6 +150,10 @@ func (fs *FS) Truncate(path string, offset uint64, context *fuse.Context) (code
 }
 
 func (fs *FS) Utimens(path string, Atime *time.Time, Mtime *time.Time, context *fuse.Context) (code fuse.Status) {
+	if path == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	return fs.FileSystem.Utimens(fs.EncryptPath(path), Atime, Mtime, context)
 }
 
@@ -141,10 +171,18 @@ func (fs *FS) Readlink(name string, context *fuse.Context) (out string, status f
 }
 
 func (fs *FS) Mkdir(path string, mode uint32, context *fuse.Context) (code fuse.Status) {
+	if path == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	return fs.FileSystem.Mkdir(fs.EncryptPath(path), mode, context)
 }
 
 func (fs *FS) Unlink(name string, context *fuse.Context) (code fuse.Status) {
+	if name == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	cName := fs.EncryptPath(name)
 	code = fs.FileSystem.Unlink(cName, context)
 	if code != fuse.OK {
@@ -158,16 +196,28 @@ func (fs *FS) Rmdir(name string, context *fuse.Context) (code fuse.Status) {
 }
 
 func (fs *FS) Symlink(pointedTo string, linkName string, context *fuse.Context) (code fuse.Status) {
+	if linkName == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	// TODO symlink encryption
 	cryptfs.Debug.Printf("Symlink(\"%s\", \"%s\")\n", pointedTo, linkName)
 	return fs.FileSystem.Symlink(fs.EncryptPath(pointedTo), fs.EncryptPath(linkName), context)
 }
 
 func (fs *FS) Rename(oldPath string, newPath string, context *fuse.Context) (codee fuse.Status) {
+	if newPath == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	return fs.FileSystem.Rename(fs.EncryptPath(oldPath), fs.EncryptPath(newPath), context)
 }
 
 func (fs *FS) Link(orig string, newName string, context *fuse.Context) (code fuse.Status) {
+	if newName == cryptfs.ConfDefaultName {
+		return fuse.EPERM // See comment in Open()
+	}
+
 	return fs.FileSystem.Link(fs.EncryptPath(orig), fs.EncryptPath(newName), context)
 }