| Age | Commit message (Collapse) | Author |
|---|
|
The startup debug output was very verbose but still missing some
effective crypto settings.
|
|
This means we can unexport the field.
|
|
|
|
Result of:
$ gocryptfs -init foo
$ cat foo/gocryptfs.conf
Before:
{
"Creator": "gocryptfs v2.0.1",
"EncryptedKey": "FodEdNHD/cCwv1n5BuyAkbIOnJ/O5gfdCh3YssUCJ2DUr0A8DrQ5NH2SLhREeWRL3V8EMiPO2Ncr5IVwE4SSxQ==",
"ScryptObject": {
"Salt": "brGaw9Jg1kbPuSXFiwoxqK2oXFTgbniSgpiB+cu+67Y=",
"N": 65536,
"R": 8,
"P": 1,
"KeyLen": 32
},
"Version": 2,
"FeatureFlags": [
"GCMIV128",
"HKDF",
"DirIV",
"EMENames",
"LongNames",
"Raw64"
],
"FIDO2": {
"CredentialID": null,
"HMACSalt": null
}
}
After:
{
"Creator": "gocryptfs v2.0.1-5-gf9718eb-dirty.DerDonut-badnamecontent",
"EncryptedKey": "oFMj1lS1ZsM/vEfanNMeCTPw3PZr5VWeL7ap8Jd8YQm6evy2BAhtQ/pd6RzDx84wlCz9TpxqHRihuwSEMnOWWg==",
"ScryptObject": {
"Salt": "JZ/5mhy4a8EAQ/wDF1POIEe4/Ss38cfJgXgj26DuA4M=",
"N": 65536,
"R": 8,
"P": 1,
"KeyLen": 32
},
"Version": 2,
"FeatureFlags": [
"GCMIV128",
"HKDF",
"DirIV",
"EMENames",
"LongNames",
"Raw64"
]
}
|
|
This proposal is the counterpart of the modifications from the `-badname`
parameter. It modifies the plain -> cipher mapping for filenames when using
`-badname` parameter. The new function `EncryptAndHashBadName` tries to find a
cipher filename for the given plain name with the following steps:
1. If `badname` is disabled or direct mapping is successful: Map directly
(default and current behaviour)
2. If a file with badname flag has a valid cipher file, this is returned
(=File just ends with the badname flag)
3. If a file with a badname flag exists where only the badname flag was added,
this is returned (=File cipher name could not be decrypted by function
`DecryptName` and just the badname flag was added)
4. Search for all files which cipher file name extists when cropping more and
more characters from the end. If only 1 file is found, return this
5. Return an error otherwise
This allows file access in the file browsers but most important it allows that
you rename files with undecryptable cipher names in the plain directories.
Renaming those files will then generate a proper cipher filename One
backdraft: When mounting the cipher dir with -badname parameter, you can never
create (or rename to) files whose file name ends with the badname file flag
(at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error.
I modified the CLI test function to cover additional test cases. Test [Case
7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712)
cannot be performed since the cli tests are executed in panic mode. The
testing is stopped on error. Since the function`DecryptName` produces internal
errors when hitting non-decryptable file names, this test was omitted.
This implementation is a proposal where I tried to change the minimum amount
of existing code. Another possibility would be instead of creating the new
function `EncryptAndHashBadName` to modify the signature of the existing
function `EncryptAndHashName(name string, iv []byte)` to
`EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the
functionality into this function directly. You may allow calling with dirfd=-1
or other invalid values an then performing the current functionality.
|
|
|
|
Move the script from tests to contrib as it may now
be useful to somebody else.
https://github.com/rfjakob/gocryptfs/issues/552
|
|
See [1] for the Portfile.
[1]: https://github.com/macports/macports-ports/blob/master/fuse/gocryptfs/Portfile.
|
|
See: https://www.apple.com/macos.
|
|
Memory compaction was merged
( https://github.com/hanwen/go-fuse/commit/24a1dfe6b4f8d478275d5cf671d982c4ddd8c904 )
Fixes https://github.com/rfjakob/gocryptfs/issues/569
|
|
|
|
For build.bash, list missing dependencies: gcc, pkg-config
Fixes https://github.com/rfjakob/gocryptfs/issues/575
|
|
|
|
|
|
build-without-openssl.bash also disables CGO, so
this makes it more real-world-y.
But the real reason is that disabling CGO hopefully
fixes this travis ci build failure:
+GOOS=darwin
+GOARCH=arm64
+go build -tags without_openssl
/home/travis/.gimme/versions/go1.13.15.linux.amd64/pkg/tool/linux_amd64/link: running gcc failed: exit status 1
/usr/bin/ld: unrecognized option '-pagezero_size'
/usr/bin/ld: use the --help option for usage information
collect2: error: ld returned 1 exit status
The command "./crossbuild.bash" exited with 2.
|
|
gocryptfs 2.0 introduced the regression that the size
reported at symlink creation was the ciphertext size,
which is wrong.
Report the plaintext size.
Fixes https://github.com/rfjakob/gocryptfs/issues/574
|
|
|
|
These are now available cross-platform in the unix
package.
|
|
|
|
|
|
$ ./contrib/atomicrename/atomicrename -h
atomicrename creates 100 "src" files in the current directory, renames
them in random order over a single "dst" file while reading the "dst"
file concurrently in a loop.
Progress and errors are reported as they occour in addition to a summary
printed at the end. cifs and fuse filesystems are known to fail, local
filesystems and nfs seem ok.
See https://github.com/hanwen/go-fuse/issues/398 for background info.
|
|
Tested using
gocryptfs -init -debug -fido2 "hello world" cipherdir
Output before:
callFidoCommand: executing "/usr/bin/fido2-cred" with args [fido2-cred -M -h -v hello world]
After:
callFidoCommand: executing "/usr/bin/fido2-cred" with args ["fido2-cred" "-M" "-h" "-v" "hello world"]
Related: https://github.com/rfjakob/gocryptfs/issues/571
|
|
We don't write during fsck, but somebody else might try
to.
|
|
We used to leave directories like
/tmp/gocryptfs.fsck.104431245
behind. Let's clean up after ourselves.
|
|
The result of setting an acl depends on who runs the
operation!
Fixes fuse-xfstests generic/375
(see https://github.com/rfjakob/fuse-xfstests/wiki/results_2021-05-19)
|
|
Discovered by xfstests generic/564 .
Failure was:
generic/564 - output mismatch (see /opt/fuse-xfstests/results//generic/564.out.bad)
--- tests/generic/564.out 2021-05-08 21:11:05.307395966 +0200
+++ /opt/fuse-xfstests/results//generic/564.out.bad 2021-05-19 19:01:16.912888879 +0200
@@ -31,7 +31,7 @@
source range beyond 8TiB returns 0
destination range beyond 8TiB returns EFBIG
-copy_range: File too large
+copy_range: Function not implemented
|
|
xfstests generic/523 discovered that we allowed to set
xattrs with "/" in the name, but did not allow to read
them later.
With this change we do not allow to set them in the first
place.
|
|
Done using:
go get github.com/hanwen/go-fuse/v2@master
go mod tidy
|
|
Change https://review.gerrithub.io/c/hanwen/go-fuse/+/516154
was merged upstream.
This reverts commit 3374afccc46d186c206cdbc218a79d8958b00acf.
|
|
Failure looked like this:
--- FAIL: TestFileHoleCopy (3.73s)
--- FAIL: TestFileHoleCopy/k81 (0.04s)
file_holes_test.go:93: size changed: st0.Blocks=88 st2.Blocks=96
file_holes_test.go:147: aborting further subtests
$ findholes TestFileHoleCopy.k81.1
0 data
36864 hole
45056 data
50434 hole
50434 eof
$ findholes TestFileHoleCopy.k81.2
0 data
36864 hole
45056 data
50434 hole
50434 eof
$ filefrag -v TestFileHoleCopy.k81.1
Filesystem type is: ef53
File size of TestFileHoleCopy.k81.1 is 50434 (13 blocks of 4096 bytes)
ext: logical_offset: physical_offset: length: expected: flags:
0: 0.. 2: 23702311.. 23702313: 3:
1: 3.. 8: 20389855.. 20389860: 6: 23702314:
2: 11.. 12: 23702314.. 23702315: 2: 20389863: last,eof
TestFileHoleCopy.k81.1: 3 extents found
$ filefrag -v TestFileHoleCopy.k81.2
Filesystem type is: ef53
File size of TestFileHoleCopy.k81.2 is 50434 (13 blocks of 4096 bytes)
ext: logical_offset: physical_offset: length: expected: flags:
0: 0.. 2: 20389861.. 20389863: 3:
1: 3.. 4: 23702316.. 23702317: 2: 20389864:
2: 5.. 6: 20389864.. 20389865: 2: 23702318:
3: 7.. 8: 23702318.. 23702319: 2: 20389866:
4: 11.. 12: 23702320.. 23702321: 2: last,eof
TestFileHoleCopy.k81.2: 4 extents found
|
|
Fixes xfstests generic/401
|
|
In response to the discussion of the xfstests mailing list [1],
I looked at the Lseek implementation, which was naive and
did not handle all cases correctly.
The new implementation aligns the returned values to 4096 bytes
as most callers expect.
A lot of tests are added to verify that we handle all
cases correctly now.
[1]: https://www.spinics.net/lists/fstests/msg16554.html
|
|
Also, change the logic for the segment walk to not
rely on the total size. cp does not use the total
size either, and we miss bugs by cheating!
|
|
Will be used for improving Lseek()
|
|
For an illegal cipherSize, pretend we have an additional
1-byte block.
See code comment for details.
|
|
Also, replace one open-coded calculation with a
helper function.
|
|
TestSizeToSize tests CipherSizeToPlainSize and PlainSizeToCipherSize.
Fails at the moment due to CipherSizeToPlainSize non-moniticity.
|
|
Currently fails.
|
|
Problem in go-fuse has long been fixed.
|
|
Utility and libs to find hole/data segments using lseek.
|
|
GetdentsSpecial calls then Getdents syscall,
with normal entries and "." / ".." split into two slices.
|
|
As discovered by xfstests generic/401 [1], during the move to
the v2 api we seem to have lost the "." and ".." directory
entries.
[1]: https://github.com/rfjakob/fuse-xfstests/blob/4ef5b032bc283743d0eb58a8a28738766e664899/screenlog.0#L520
|
|
https://github.com/rfjakob/gocryptfs/issues/556
|
|
Breakage was:
+GOOS=darwin
+GOARCH=amd64
+go build -tags without_openssl
internal/fusefrontend/node_dir_ops.go:45:34: cannot use context (type *fuse.Context) as type *fuse.Caller in argument to syscallcompat.MkdiratUser
internal/fusefrontend/node_dir_ops.go:83:35: cannot use context (type *fuse.Context) as type *fuse.Caller in argument to syscallcompat.MkdiratUser
|
|
Let's have MkdiratUser take fuse.Context like everybody
else.
|
|
Turns out the whole euid switching logic can be shared when
wrapping the syscall in a closure.
|
|
|
|
This is unclear to users, as seen on
https://github.com/rfjakob/gocryptfs/issues/452#issuecomment-828836651
|
|
|
|
|
