aboutsummaryrefslogtreecommitdiff
path: root/internal/fusefrontend_reverse
diff options
context:
space:
mode:
Diffstat (limited to 'internal/fusefrontend_reverse')
-rw-r--r--internal/fusefrontend_reverse/ctlsock_interface.go30
1 files changed, 25 insertions, 5 deletions
diff --git a/internal/fusefrontend_reverse/ctlsock_interface.go b/internal/fusefrontend_reverse/ctlsock_interface.go
index 376814d..1f02fc1 100644
--- a/internal/fusefrontend_reverse/ctlsock_interface.go
+++ b/internal/fusefrontend_reverse/ctlsock_interface.go
@@ -1,19 +1,39 @@
package fusefrontend_reverse
import (
- "errors"
+ "path/filepath"
+ "strings"
+ "syscall"
"github.com/rfjakob/gocryptfs/internal/ctlsock"
+ "github.com/rfjakob/gocryptfs/internal/nametransform"
)
var _ ctlsock.Interface = &ReverseFS{} // Verify that interface is implemented.
-// EncryptPath implements ctlsock.Backend
+// EncryptPath implements ctlsock.Backend.
+// This is actually not used inside reverse mode, but we implement it because
+// third-party tools want to encrypt paths through the control socket.
func (rfs *ReverseFS) EncryptPath(plainPath string) (string, error) {
- return "", errors.New("Not implemented")
+ if rfs.args.PlaintextNames || plainPath == "" {
+ return plainPath, nil
+ }
+ cipherPath := ""
+ parts := strings.Split(plainPath, "/")
+ for _, part := range parts {
+ dirIV := derivePathIV(cipherPath, ivPurposeDirIV)
+ encryptedPart := rfs.nameTransform.EncryptName(part, dirIV)
+ if rfs.args.LongNames && len(encryptedPart) > syscall.NAME_MAX {
+ encryptedPart = nametransform.HashLongName(encryptedPart)
+ }
+ cipherPath = filepath.Join(cipherPath, encryptedPart)
+ }
+ return cipherPath, nil
}
// DecryptPath implements ctlsock.Backend
-func (rfs *ReverseFS) DecryptPath(plainPath string) (string, error) {
- return rfs.decryptPath(plainPath)
+func (rfs *ReverseFS) DecryptPath(cipherPath string) (string, error) {
+ p, err := rfs.decryptPath(cipherPath)
+ //fmt.Printf("rfs DecryptPath: %q -> %q %v\n", cipherPath, p, err)
+ return p, err
}