diff options
Diffstat (limited to 'internal/fusefrontend')
| -rw-r--r-- | internal/fusefrontend/args.go | 1 | ||||
| -rw-r--r-- | internal/fusefrontend/fs.go | 54 | ||||
| -rw-r--r-- | internal/fusefrontend/names.go | 26 |
3 files changed, 56 insertions, 25 deletions
diff --git a/internal/fusefrontend/args.go b/internal/fusefrontend/args.go index e8cab04..8520592 100644 --- a/internal/fusefrontend/args.go +++ b/internal/fusefrontend/args.go @@ -9,4 +9,5 @@ type Args struct { DirIV bool EMENames bool GCMIV128 bool + LongNames bool } diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go index 007744c..a15e004 100644 --- a/internal/fusefrontend/fs.go +++ b/internal/fusefrontend/fs.go @@ -39,7 +39,7 @@ func NewFS(args Args) *FS { cryptoCore := cryptocore.New(args.Masterkey, args.OpenSSL, args.GCMIV128) contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS) - nameTransform := nametransform.New(cryptoCore, args.EMENames) + nameTransform := nametransform.New(cryptoCore, args.EMENames, args.LongNames) return &FS{ FileSystem: pathfs.NewLoopbackFileSystem(args.Cipherdir), @@ -49,18 +49,6 @@ func NewFS(args Args) *FS { } } -// GetBackingPath - get the absolute encrypted path of the backing file -// from the relative plaintext path "relPath" -func (fs *FS) getBackingPath(relPath string) (string, error) { - cPath, err := fs.encryptPath(relPath) - if err != nil { - return "", err - } - cAbsPath := filepath.Join(fs.args.Cipherdir, cPath) - toggledlog.Debug.Printf("getBackingPath: %s + %s -> %s", fs.args.Cipherdir, relPath, cAbsPath) - return cAbsPath, nil -} - func (fs *FS) GetAttr(name string, context *fuse.Context) (*fuse.Attr, fuse.Status) { toggledlog.Debug.Printf("FS.GetAttr('%s')", name) if fs.isFiltered(name) { @@ -97,10 +85,11 @@ func (fs *FS) OpenDir(dirName string, context *fuse.Context) ([]fuse.DirEntry, f } // Get DirIV (stays nil if DirIV if off) var cachedIV []byte + var cDirAbsPath string if fs.args.DirIV { // Read the DirIV once and use it for all later name decryptions - cDirAbsPath := filepath.Join(fs.args.Cipherdir, cDirName) - cachedIV, err = fs.nameTransform.ReadDirIV(cDirAbsPath) + cDirAbsPath = filepath.Join(fs.args.Cipherdir, cDirName) + cachedIV, err = nametransform.ReadDirIV(cDirAbsPath) if err != nil { return nil, fuse.ToStatus(err) } @@ -117,14 +106,32 @@ func (fs *FS) OpenDir(dirName string, context *fuse.Context) ([]fuse.DirEntry, f // silently ignore "gocryptfs.diriv" everywhere if dirIV is enabled continue } - var name string = cName - if !fs.args.PlaintextNames { - name, err = fs.nameTransform.DecryptName(cName, cachedIV) - if err != nil { - toggledlog.Warn.Printf("Invalid name \"%s\" in dir \"%s\": %s", cName, cDirName, err) + + if fs.args.PlaintextNames { + plain = append(plain, cipherEntries[i]) + continue + } + + if fs.args.LongNames { + isLong := nametransform.IsLongName(cName) + if isLong == 1 { + cNameLong, err := nametransform.ReadLongName(filepath.Join(cDirAbsPath, cName)) + if err != nil { + toggledlog.Warn.Printf("Could not read long name for file %s, skipping file", cName) + continue + } + cName = cNameLong + } else if isLong == 2 { + // ignore "gocryptfs.longname.*.name" continue } } + name, err := fs.nameTransform.DecryptName(cName, cachedIV) + if err != nil { + toggledlog.Warn.Printf("Skipping invalid name '%s' in dir '%s': %s", cName, cDirName, err) + continue + } + cipherEntries[i].Name = name plain = append(plain, cipherEntries[i]) } @@ -172,6 +179,13 @@ func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Conte if err != nil { return nil, fuse.ToStatus(err) } + cBaseName := filepath.Base(cPath) + if fs.args.LongNames && nametransform.IsLongName(cBaseName) == 1 { + err = fs.nameTransform.WriteLongName(filepath.Dir(cPath), cBaseName, filepath.Base(path)) + if err != nil { + return nil, fuse.ToStatus(err) + } + } f, err := os.OpenFile(cPath, iflags|os.O_CREATE, os.FileMode(mode)) if err != nil { return nil, fuse.ToStatus(err) diff --git a/internal/fusefrontend/names.go b/internal/fusefrontend/names.go index 5760c87..e913792 100644 --- a/internal/fusefrontend/names.go +++ b/internal/fusefrontend/names.go @@ -3,8 +3,10 @@ package fusefrontend // This file forwards file encryption operations to cryptfs import ( + "path/filepath" + "github.com/rfjakob/gocryptfs/internal/configfile" - mylog "github.com/rfjakob/gocryptfs/internal/toggledlog" + "github.com/rfjakob/gocryptfs/internal/toggledlog" ) // isFiltered - check if plaintext "path" should be forbidden @@ -16,7 +18,7 @@ func (fs *FS) isFiltered(path string) bool { } // gocryptfs.conf in the root directory is forbidden if path == configfile.ConfDefaultName { - mylog.Info.Printf("The name /%s is reserved when -plaintextnames is used\n", + toggledlog.Info.Printf("The name /%s is reserved when -plaintextnames is used\n", configfile.ConfDefaultName) return true } @@ -25,6 +27,18 @@ func (fs *FS) isFiltered(path string) bool { return false } +// GetBackingPath - get the absolute encrypted path of the backing file +// from the relative plaintext path "relPath" +func (fs *FS) getBackingPath(relPath string) (string, error) { + cPath, err := fs.encryptPath(relPath) + if err != nil { + return "", err + } + cAbsPath := filepath.Join(fs.args.Cipherdir, cPath) + toggledlog.Debug.Printf("getBackingPath: %s + %s -> %s", fs.args.Cipherdir, relPath, cAbsPath) + return cAbsPath, nil +} + // encryptPath - encrypt relative plaintext path func (fs *FS) encryptPath(plainPath string) (string, error) { if fs.args.PlaintextNames { @@ -34,8 +48,10 @@ func (fs *FS) encryptPath(plainPath string) (string, error) { return fs.nameTransform.EncryptPathNoIV(plainPath), nil } fs.dirIVLock.RLock() - defer fs.dirIVLock.RUnlock() - return fs.nameTransform.EncryptPathDirIV(plainPath, fs.args.Cipherdir) + cPath, err := fs.nameTransform.EncryptPathDirIV(plainPath, fs.args.Cipherdir) + toggledlog.Debug.Printf("encryptPath '%s' -> '%s' (err: %v)", plainPath, cPath, err) + fs.dirIVLock.RUnlock() + return cPath, err } // decryptPath - decrypt relative ciphertext path @@ -48,5 +64,5 @@ func (fs *FS) decryptPath(cipherPath string) (string, error) { } fs.dirIVLock.RLock() defer fs.dirIVLock.RUnlock() - return fs.nameTransform.DecryptPathDirIV(cipherPath, fs.args.Cipherdir, fs.args.EMENames) + return fs.nameTransform.DecryptPathDirIV(cipherPath, fs.args.Cipherdir) } |