diff options
Diffstat (limited to 'internal/fusefrontend_reverse/ctlsock_interface.go')
-rw-r--r-- | internal/fusefrontend_reverse/ctlsock_interface.go | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/internal/fusefrontend_reverse/ctlsock_interface.go b/internal/fusefrontend_reverse/ctlsock_interface.go index 376814d..1f02fc1 100644 --- a/internal/fusefrontend_reverse/ctlsock_interface.go +++ b/internal/fusefrontend_reverse/ctlsock_interface.go @@ -1,19 +1,39 @@ package fusefrontend_reverse import ( - "errors" + "path/filepath" + "strings" + "syscall" "github.com/rfjakob/gocryptfs/internal/ctlsock" + "github.com/rfjakob/gocryptfs/internal/nametransform" ) var _ ctlsock.Interface = &ReverseFS{} // Verify that interface is implemented. -// EncryptPath implements ctlsock.Backend +// EncryptPath implements ctlsock.Backend. +// This is actually not used inside reverse mode, but we implement it because +// third-party tools want to encrypt paths through the control socket. func (rfs *ReverseFS) EncryptPath(plainPath string) (string, error) { - return "", errors.New("Not implemented") + if rfs.args.PlaintextNames || plainPath == "" { + return plainPath, nil + } + cipherPath := "" + parts := strings.Split(plainPath, "/") + for _, part := range parts { + dirIV := derivePathIV(cipherPath, ivPurposeDirIV) + encryptedPart := rfs.nameTransform.EncryptName(part, dirIV) + if rfs.args.LongNames && len(encryptedPart) > syscall.NAME_MAX { + encryptedPart = nametransform.HashLongName(encryptedPart) + } + cipherPath = filepath.Join(cipherPath, encryptedPart) + } + return cipherPath, nil } // DecryptPath implements ctlsock.Backend -func (rfs *ReverseFS) DecryptPath(plainPath string) (string, error) { - return rfs.decryptPath(plainPath) +func (rfs *ReverseFS) DecryptPath(cipherPath string) (string, error) { + p, err := rfs.decryptPath(cipherPath) + //fmt.Printf("rfs DecryptPath: %q -> %q %v\n", cipherPath, p, err) + return p, err } |