diff options
| -rw-r--r-- | internal/fusefrontend/fs.go | 19 | ||||
| -rw-r--r-- | internal/fusefrontend/openbackingdir.go (renamed from internal/fusefrontend/names.go) | 22 | ||||
| -rw-r--r-- | internal/fusefrontend/openbackingdir_test.go (renamed from internal/fusefrontend/names_test.go) | 0 |
3 files changed, 19 insertions, 22 deletions
diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go index 5c52a19..5adade6 100644 --- a/internal/fusefrontend/fs.go +++ b/internal/fusefrontend/fs.go @@ -16,6 +16,7 @@ import ( "github.com/hanwen/go-fuse/fuse/nodefs" "github.com/hanwen/go-fuse/fuse/pathfs" + "github.com/rfjakob/gocryptfs/internal/configfile" "github.com/rfjakob/gocryptfs/internal/contentenc" "github.com/rfjakob/gocryptfs/internal/nametransform" "github.com/rfjakob/gocryptfs/internal/serialize_reads" @@ -661,3 +662,21 @@ func (fs *FS) reportMitigatedCorruption(item string) { return } } + +// isFiltered - check if plaintext "path" should be forbidden +// +// Prevents name clashes with internal files when file names are not encrypted +func (fs *FS) isFiltered(path string) bool { + if !fs.args.PlaintextNames { + return false + } + // gocryptfs.conf in the root directory is forbidden + if path == configfile.ConfDefaultName { + tlog.Info.Printf("The name /%s is reserved when -plaintextnames is used\n", + configfile.ConfDefaultName) + return true + } + // Note: gocryptfs.diriv is NOT forbidden because diriv and plaintextnames + // are exclusive + return false +} diff --git a/internal/fusefrontend/names.go b/internal/fusefrontend/openbackingdir.go index 63f2e84..849a486 100644 --- a/internal/fusefrontend/names.go +++ b/internal/fusefrontend/openbackingdir.go @@ -1,36 +1,14 @@ package fusefrontend -// This file forwards file encryption operations to cryptfs - import ( "path/filepath" "strings" "syscall" - "github.com/rfjakob/gocryptfs/internal/configfile" "github.com/rfjakob/gocryptfs/internal/nametransform" "github.com/rfjakob/gocryptfs/internal/syscallcompat" - "github.com/rfjakob/gocryptfs/internal/tlog" ) -// isFiltered - check if plaintext "path" should be forbidden -// -// Prevents name clashes with internal files when file names are not encrypted -func (fs *FS) isFiltered(path string) bool { - if !fs.args.PlaintextNames { - return false - } - // gocryptfs.conf in the root directory is forbidden - if path == configfile.ConfDefaultName { - tlog.Info.Printf("The name /%s is reserved when -plaintextnames is used\n", - configfile.ConfDefaultName) - return true - } - // Note: gocryptfs.diriv is NOT forbidden because diriv and plaintextnames - // are exclusive - return false -} - // openBackingDir opens the parent ciphertext directory of plaintext path // "relPath" and returns the dirfd and the encrypted basename. // diff --git a/internal/fusefrontend/names_test.go b/internal/fusefrontend/openbackingdir_test.go index 8453e52..8453e52 100644 --- a/internal/fusefrontend/names_test.go +++ b/internal/fusefrontend/openbackingdir_test.go |