diff options
| -rw-r--r-- | README.md | 41 | 
1 files changed, 22 insertions, 19 deletions
| @@ -8,7 +8,9 @@ gocryptfs is built on top the excellent  LoopbackFileSystem API.  This project was inspired by EncFS and strives to fix its security -issues while providing good performance. +issues while providing good performance +([benchmarks](https://nuetzlich.net/gocryptfs/comparison/#performance)). +  For details on the security of gocryptfs see the  [Security](https://nuetzlich.net/gocryptfs/security/) design document. @@ -22,7 +24,7 @@ Current Status  gocryptfs is a young project. While bugs in any software can cause issues,  bugs in encryption software can cause catastrophic data loss. Keep a backup  of your gocryptfs filesystem *and* store a copy of your master key (printed -on mount) in a safe place. +on mount) in a safe place. See below for how gocryptfs is tested.  Only Linux is supported at the moment. [Help wanted for a Mac OS X port.](https://github.com/rfjakob/gocryptfs/issues/15) @@ -33,15 +35,14 @@ gocryptfs comes with is own test suite that is constantly expanded as features a  added. Run it using `./test.bash`. It takes about 1 minute and requires FUSE  as it mounts several test filesystems. +The `stress_tests` directory contains stress tests that run indefinitely. +  In addition, I have ported `xfstests` to FUSE, the result is the  [fuse-xfstests](https://github.com/rfjakob/fuse-xfstests) project. gocryptfs  passes the "generic" tests with one exception, results:  [XFSTESTS.md](Documentation/XFSTESTS.md)  A lot of work has gone into this. The testing has found bugs in gocryptfs -as well as in go-fuse. - -The one exception is generic/035, see [go-fuse issue 55](https://github.com/hanwen/go-fuse/issues/55) -for details. While this is a POSIX violation, I do not see any real-world impact. +as well as in the go-fuse library.  Compile  ------- @@ -100,7 +101,7 @@ RM:    4.42  Changelog  --------- -v0.10-rc3 +v0.10, 2016-05-24  * **Drop dependency to `spacemonkeygo/openssl`**   * gocryptfs now has its own thin wrapper to OpenSSL's GCM implementation     called `stupidgcm`. @@ -117,8 +118,10 @@ v0.10-rc3   * In all other cases OpenSSL is much faster and is used instead.   * Passing `-openssl=true/false` overrides the autodetection.  * [Fix statfs](https://github.com/rfjakob/gocryptfs/pull/27), by @lxp +* Fix a fsstress [failure](https://github.com/hanwen/go-fuse/issues/106) +  in the go-fuse library. -v0.9 +v0.9, 2016-04-10  * **Long file name support**   * gocryptfs now supports file names up to 255 characters.   * This is a forwards-compatible change. gocryptfs v0.9 can mount filesystems @@ -131,25 +134,25 @@ v0.9   * `-d`: Alias for `-debug`   * `-q`: Alias for `-quiet` -v0.8 +v0.8, 2016-01-23  * Redirect output to syslog when running in the background  * New command-line option:   * `-memprofile`: Write a memory allocation debugging profile the specified     file -v0.7.2 +v0.7.2, 2016-01-19  * **Fix performance issue in small file creation**   * This brings performance on-par with EncFS paranoia mode, with streaming writes     significantly faster   * The actual [fix](https://github.com/hanwen/go-fuse/commit/c4b6b7949716d13eec856baffc7b7941ae21778c)     is in the go-fuse library. There are no code changes in gocryptfs. -v0.7.1 +v0.7.1, 2016-01-09  * Make the `build.bash` script compatible with Go 1.3  * Disable fallocate on OSX (system call not availabe)  * Introduce pre-built binaries for Fedora 23 and Debian 8 -v0.7 +v0.7, 2015-12-20  * **Extend GCM IV size to 128 bit from Go's default of 96 bit**   * This pushes back the birthday bound to make IV collisions virtually     impossible @@ -158,7 +161,7 @@ v0.7  * New command-line option:   * `-gcmiv128`: Use 128-bit GCM IVs (default true) -v0.6 +v0.6, 2015-12-08  * **Wide-block filename encryption using EME + DirIV**   * EME (ECB-Mix-ECB) provides even better security than CBC as it fixes     the prefix leak. The used Go EME implementation is @@ -169,11 +172,11 @@ v0.6  * New command-line option:   * `-emenames`: Enable EME filename encryption (default true) -v0.5.1 +v0.5.1, 2015-12-06  * Fix a rename regression caused by DirIV and add test case  * Use fallocate to guard against out-of-space errors -v0.5 +v0.5, 2015-12-04  * **Stronger filename encryption: DirIV**   * Each directory gets a random 128 bit file name IV on creation,     stored in `gocryptfs.diriv` @@ -189,7 +192,7 @@ v0.5     can be used for faster mounting at the cost of lower brute-force     resistance. It was mainly added to speed up the automated tests. -v0.4 +v0.4, 2015-11-15  * New command-line options:   * `-plaintextnames`: disables filename encryption, added on user request   * `-extpass`: calls an external program for prompting for the password @@ -200,16 +203,16 @@ v0.4     format changes. The first user is `-plaintextnames`.  * On-disk format 2 -v0.3 +v0.3, 2015-11-01  * **Add a random 128 bit file header to authenticate file->block ownership**   * This is an on-disk-format change  * On-disk format 1 -v0.2 +v0.2, 2015-10-11  * Replace bash daemonization wrapper with native Go implementation  * Better user feedback on mount failures -v0.1 +v0.1, 2015-10-07  * First release  * On-disk format 0 | 
