diff options
Diffstat (limited to 'cli_args.go')
| -rw-r--r-- | cli_args.go | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/cli_args.go b/cli_args.go index 9414e67..f0bfb48 100644 --- a/cli_args.go +++ b/cli_args.go @@ -10,6 +10,7 @@ import ( "github.com/rfjakob/gocryptfs/internal/configfile" "github.com/rfjakob/gocryptfs/internal/prefer_openssl" + "github.com/rfjakob/gocryptfs/internal/stupidgcm" "github.com/rfjakob/gocryptfs/internal/tlog" ) @@ -18,7 +19,7 @@ type argContainer struct { debug, init, zerokey, fusedebug, openssl, passwd, fg, version, plaintextnames, quiet, nosyslog, wpanic, longnames, allow_other, ro, reverse, aessiv, nonempty, raw64, - noprealloc, speed, hkdf, serialize_reads bool + noprealloc, speed, hkdf, serialize_reads, forcedecode bool masterkey, mountpoint, cipherdir, cpuprofile, extpass, memprofile, ko, passfile, ctlsock, fsname string // Configuration file name override @@ -113,6 +114,8 @@ func parseCliOpts() (args argContainer) { flagSet.BoolVar(&args.speed, "speed", false, "Run crypto speed test") flagSet.BoolVar(&args.hkdf, "hkdf", true, "Use HKDF as an additional key derivation step") flagSet.BoolVar(&args.serialize_reads, "serialize_reads", false, "Try to serialize read operations") + flagSet.BoolVar(&args.forcedecode, "forcedecode", false, "Force decode of files even if integrity check fails."+ + " Requires gocryptfs to be compiled with openssl support and implies -openssl true") flagSet.StringVar(&args.masterkey, "masterkey", "", "Mount with explicit master key") flagSet.StringVar(&args.cpuprofile, "cpuprofile", "", "Write cpu profile to specified file") flagSet.StringVar(&args.memprofile, "memprofile", "", "Write memory profile to specified file") @@ -154,6 +157,26 @@ func parseCliOpts() (args argContainer) { os.Exit(ErrExitUsage) } } + // "-forcedecode" only works with openssl. Check compilation and command line parameters + if args.forcedecode == true { + if stupidgcm.BuiltWithoutOpenssl == true { + tlog.Fatal.Printf("The -forcedecode flag requires openssl support, but gocryptfs was compiled without it!") + os.Exit(ErrExitUsage) + } + if args.aessiv == true { + tlog.Fatal.Printf("The -forcedecode and -aessiv flags are incompatible because they use different crypto libs (openssl vs native Go)") + os.Exit(ErrExitUsage) + } + if args.reverse == true { + tlog.Fatal.Printf("The reverse mode and the -forcedecode option are not compatible") + os.Exit(ErrExitUsage) + } + v, e := strconv.ParseBool(opensslAuto) + if e == nil && v == false { + tlog.Warn.Printf("-openssl set to true, as it is required by -forcedecode flag") + } + args.openssl = true + } // '-passfile FILE' is a shortcut for -extpass='/bin/cat -- FILE' if args.passfile != "" { args.extpass = "/bin/cat -- " + args.passfile |