aboutsummaryrefslogtreecommitdiff
path: root/internal/fusefrontend
diff options
context:
space:
mode:
Diffstat (limited to 'internal/fusefrontend')
-rw-r--r--internal/fusefrontend/args.go1
-rw-r--r--internal/fusefrontend/fs.go54
-rw-r--r--internal/fusefrontend/names.go26
3 files changed, 56 insertions, 25 deletions
diff --git a/internal/fusefrontend/args.go b/internal/fusefrontend/args.go
index e8cab04..8520592 100644
--- a/internal/fusefrontend/args.go
+++ b/internal/fusefrontend/args.go
@@ -9,4 +9,5 @@ type Args struct {
DirIV bool
EMENames bool
GCMIV128 bool
+ LongNames bool
}
diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go
index 007744c..a15e004 100644
--- a/internal/fusefrontend/fs.go
+++ b/internal/fusefrontend/fs.go
@@ -39,7 +39,7 @@ func NewFS(args Args) *FS {
cryptoCore := cryptocore.New(args.Masterkey, args.OpenSSL, args.GCMIV128)
contentEnc := contentenc.New(cryptoCore, contentenc.DefaultBS)
- nameTransform := nametransform.New(cryptoCore, args.EMENames)
+ nameTransform := nametransform.New(cryptoCore, args.EMENames, args.LongNames)
return &FS{
FileSystem: pathfs.NewLoopbackFileSystem(args.Cipherdir),
@@ -49,18 +49,6 @@ func NewFS(args Args) *FS {
}
}
-// GetBackingPath - get the absolute encrypted path of the backing file
-// from the relative plaintext path "relPath"
-func (fs *FS) getBackingPath(relPath string) (string, error) {
- cPath, err := fs.encryptPath(relPath)
- if err != nil {
- return "", err
- }
- cAbsPath := filepath.Join(fs.args.Cipherdir, cPath)
- toggledlog.Debug.Printf("getBackingPath: %s + %s -> %s", fs.args.Cipherdir, relPath, cAbsPath)
- return cAbsPath, nil
-}
-
func (fs *FS) GetAttr(name string, context *fuse.Context) (*fuse.Attr, fuse.Status) {
toggledlog.Debug.Printf("FS.GetAttr('%s')", name)
if fs.isFiltered(name) {
@@ -97,10 +85,11 @@ func (fs *FS) OpenDir(dirName string, context *fuse.Context) ([]fuse.DirEntry, f
}
// Get DirIV (stays nil if DirIV if off)
var cachedIV []byte
+ var cDirAbsPath string
if fs.args.DirIV {
// Read the DirIV once and use it for all later name decryptions
- cDirAbsPath := filepath.Join(fs.args.Cipherdir, cDirName)
- cachedIV, err = fs.nameTransform.ReadDirIV(cDirAbsPath)
+ cDirAbsPath = filepath.Join(fs.args.Cipherdir, cDirName)
+ cachedIV, err = nametransform.ReadDirIV(cDirAbsPath)
if err != nil {
return nil, fuse.ToStatus(err)
}
@@ -117,14 +106,32 @@ func (fs *FS) OpenDir(dirName string, context *fuse.Context) ([]fuse.DirEntry, f
// silently ignore "gocryptfs.diriv" everywhere if dirIV is enabled
continue
}
- var name string = cName
- if !fs.args.PlaintextNames {
- name, err = fs.nameTransform.DecryptName(cName, cachedIV)
- if err != nil {
- toggledlog.Warn.Printf("Invalid name \"%s\" in dir \"%s\": %s", cName, cDirName, err)
+
+ if fs.args.PlaintextNames {
+ plain = append(plain, cipherEntries[i])
+ continue
+ }
+
+ if fs.args.LongNames {
+ isLong := nametransform.IsLongName(cName)
+ if isLong == 1 {
+ cNameLong, err := nametransform.ReadLongName(filepath.Join(cDirAbsPath, cName))
+ if err != nil {
+ toggledlog.Warn.Printf("Could not read long name for file %s, skipping file", cName)
+ continue
+ }
+ cName = cNameLong
+ } else if isLong == 2 {
+ // ignore "gocryptfs.longname.*.name"
continue
}
}
+ name, err := fs.nameTransform.DecryptName(cName, cachedIV)
+ if err != nil {
+ toggledlog.Warn.Printf("Skipping invalid name '%s' in dir '%s': %s", cName, cDirName, err)
+ continue
+ }
+
cipherEntries[i].Name = name
plain = append(plain, cipherEntries[i])
}
@@ -172,6 +179,13 @@ func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Conte
if err != nil {
return nil, fuse.ToStatus(err)
}
+ cBaseName := filepath.Base(cPath)
+ if fs.args.LongNames && nametransform.IsLongName(cBaseName) == 1 {
+ err = fs.nameTransform.WriteLongName(filepath.Dir(cPath), cBaseName, filepath.Base(path))
+ if err != nil {
+ return nil, fuse.ToStatus(err)
+ }
+ }
f, err := os.OpenFile(cPath, iflags|os.O_CREATE, os.FileMode(mode))
if err != nil {
return nil, fuse.ToStatus(err)
diff --git a/internal/fusefrontend/names.go b/internal/fusefrontend/names.go
index 5760c87..e913792 100644
--- a/internal/fusefrontend/names.go
+++ b/internal/fusefrontend/names.go
@@ -3,8 +3,10 @@ package fusefrontend
// This file forwards file encryption operations to cryptfs
import (
+ "path/filepath"
+
"github.com/rfjakob/gocryptfs/internal/configfile"
- mylog "github.com/rfjakob/gocryptfs/internal/toggledlog"
+ "github.com/rfjakob/gocryptfs/internal/toggledlog"
)
// isFiltered - check if plaintext "path" should be forbidden
@@ -16,7 +18,7 @@ func (fs *FS) isFiltered(path string) bool {
}
// gocryptfs.conf in the root directory is forbidden
if path == configfile.ConfDefaultName {
- mylog.Info.Printf("The name /%s is reserved when -plaintextnames is used\n",
+ toggledlog.Info.Printf("The name /%s is reserved when -plaintextnames is used\n",
configfile.ConfDefaultName)
return true
}
@@ -25,6 +27,18 @@ func (fs *FS) isFiltered(path string) bool {
return false
}
+// GetBackingPath - get the absolute encrypted path of the backing file
+// from the relative plaintext path "relPath"
+func (fs *FS) getBackingPath(relPath string) (string, error) {
+ cPath, err := fs.encryptPath(relPath)
+ if err != nil {
+ return "", err
+ }
+ cAbsPath := filepath.Join(fs.args.Cipherdir, cPath)
+ toggledlog.Debug.Printf("getBackingPath: %s + %s -> %s", fs.args.Cipherdir, relPath, cAbsPath)
+ return cAbsPath, nil
+}
+
// encryptPath - encrypt relative plaintext path
func (fs *FS) encryptPath(plainPath string) (string, error) {
if fs.args.PlaintextNames {
@@ -34,8 +48,10 @@ func (fs *FS) encryptPath(plainPath string) (string, error) {
return fs.nameTransform.EncryptPathNoIV(plainPath), nil
}
fs.dirIVLock.RLock()
- defer fs.dirIVLock.RUnlock()
- return fs.nameTransform.EncryptPathDirIV(plainPath, fs.args.Cipherdir)
+ cPath, err := fs.nameTransform.EncryptPathDirIV(plainPath, fs.args.Cipherdir)
+ toggledlog.Debug.Printf("encryptPath '%s' -> '%s' (err: %v)", plainPath, cPath, err)
+ fs.dirIVLock.RUnlock()
+ return cPath, err
}
// decryptPath - decrypt relative ciphertext path
@@ -48,5 +64,5 @@ func (fs *FS) decryptPath(cipherPath string) (string, error) {
}
fs.dirIVLock.RLock()
defer fs.dirIVLock.RUnlock()
- return fs.nameTransform.DecryptPathDirIV(cipherPath, fs.args.Cipherdir, fs.args.EMENames)
+ return fs.nameTransform.DecryptPathDirIV(cipherPath, fs.args.Cipherdir)
}