aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-06-06configfile: warn about missing feature flagsJakob Unterwurzacher
The plan is to drop support for the oldest filesystem versions in gocryptfs v1.0. For now, we only warn the user.
2016-06-06tests: error out properly on mount failureJakob Unterwurzacher
In TestMain we call os.Exit as before, but inside actual tests we now call t.Fatal().
2016-06-05toggledlog: convert remaing naked fmt.Print*Jakob Unterwurzacher
Several fatal errors were just printed to stdout, which meant they were invisible when running the test suite. Fix this by introducing toggledlog.Fatal and convert as follows: Fatal errors -> toggledlog.Fatal Warnings -> toggledlog.Warn Password prompts -> fmt.Fprintf
2016-06-05main: print actual error from LoadConfFile()Jakob Unterwurzacher
It may not have been a "Wrong password" after all. Also, push down disabling the warning so LoadConfFile() can warn about things that matter.
2016-06-05configfile: use map[flagIota] for feature flagsJakob Unterwurzacher
This should make things saner and more extensible. It prepares the infrastructure for "required feature flags" that will be used to deprecate old gocryptfs version.
2016-06-05configfile: bake the "Creator" gocryptfs version into the fileJakob Unterwurzacher
This field is added for the convenience of users and may help them to identify which gocryptfs version they need to mount a filesystem. The same information is essentially contained in FeatureFlags, but this is more difficult to decode for humans. It is completely ignored programmatically (also by older gocryptfs versions).
2016-06-04fusefrontend: report an error if all files in a directory were invalidJakob Unterwurzacher
Just presenting an empty directory means that the user does not know that things went wrong unless he checks the syslog or tries to delete the directory. It would be nice to report the error even if only some files were invalid. However, go-fuse does not allow returning the valid directory entries AND an error.
2016-06-04tests: recreate v0.7 example filesystem with -scryptn=10Jakob Unterwurzacher
Speeds TestExampleFSv07 from 0.46 seconds to 0.07 seconds.
2016-06-04main: don't tell the user to choose a password when -extpass is usedJakob Unterwurzacher
Instead, print this: Using password provided via -extpass.
2016-06-04tests: add v0.9 example filesystem with a 255-byte filenameJakob Unterwurzacher
gocryptfs v0.9 introduced long file names, so lets add an example filesystem that has that feature flag set. Operations on long file names are tested in the regular integration tests as well.
2016-06-04main: print relative path in the init success messageJakob Unterwurzacher
... but only if the relative path does not start with "..". Makes the message easier to grasp. Example: $ gocryptfs -init -scryptn=10 v0.9 [...] The filesystem has been created successfully. Before: You can now mount it using: gocryptfs /home/jakob/src/github.com/rfjakob/gocryptfs/integration_tests/example_filesystems/v0.9 MOUNTPOINT After: You can now mount it using: gocryptfs v0.9 MOUNTPOINT
2016-06-01nametransform, main: better error messagesJakob Unterwurzacher
2016-05-30README: list today as v0.10 release datev0.10Jakob Unterwurzacher
Also improve the order of the bullet points.
2016-05-30README: remove v0.10 release date (not yet released)Jakob Unterwurzacher
The release has been delayed due to the fsstress issues that were hopefully fixed in the last commit.
2016-05-30fusefrontend: replace unreliable "fd < 0" checkJakob Unterwurzacher
... with the "released" boolean. For some reason, the "f.fd.Fd() < 0" check did not work reliably, leading to nil pointer panics on the following wlock.lock(). The problem was discovered during fsstress testing and is unlikely to happen in normal operations. With this change, we passed 1700+ fsstress iterations.
2016-05-30toggledlog: wpanic: use Logger.Panic instead of naked panicJakob Unterwurzacher
This makes sure the panic message also ends up in syslog (if enabled).
2016-05-29fusefrontend: use sync.Once for one-time warningsJakob Unterwurzacher
Using a simple boolean was racy (which was harmless in this case) and non-idomatic.
2016-05-29fusefronted: check Fstat return value on file createJakob Unterwurzacher
The Fstat call should never fail, but still, if it does return an error it should be handled properly.
2016-05-29fusefrontend: simplify wlockMapJakob Unterwurzacher
mapMutex can be anonymous and using an RWMutex is overkill because the lock protects very short sections.
2016-05-29fsstress-loopback: properly stop on Ctrl-CJakob Unterwurzacher
Send fsstress (which ignores Ctrl-C) into the background so the shell gets the signal. Manually kill fsstress in the cleanup handler. Also, use the build.bash script for gocryptfs.
2016-05-29fusefrontend: remove unused "forgotten" variableJakob Unterwurzacher
The functionality has long been replaced by the fd < 0 check.
2016-05-25Update README for v0.10Jakob Unterwurzacher
Also add dates for all releases.
2016-05-25fsstress-loopback: use random directory namesJakob Unterwurzacher
This allows to run more than one instance of the script in parallel. Also, properly clean up on exit.
2016-05-24extractloop: use $SECONDS special variableJakob Unterwurzacher
Gets rid of the call to "date" and simplifies the code.
2016-05-24stress_tests: add header commentsJakob Unterwurzacher
Also, convert extractloop.bash to using md5sum instead of diff -ur so the user does not have to keep an extracted kernel tree around. And print the iteration time.
2016-05-22stupidgcm: add benchmark.bash wrapperJakob Unterwurzacher
Add a simple bash wrapper to make it easier to run the GCM benchmarks.
2016-05-18Add "-allow_other" command-line optionJakob Unterwurzacher
As requested in https://github.com/rfjakob/gocryptfs/issues/26 , this adds the option to allow other users to access the filesystem.
2016-05-13Update README vor v0.10-rc3v0.10-rc3Jakob Unterwurzacher
2016-05-12Encrypt path in statfs() callsDavid Gnedt
Paths in statfs() calls were not encrypted resulting in an Function not implemented error, when the unencrypted path didn't exist in the underlying (encrypted) filesystem. $ df plain/existingdir df: ‘plain/existingdir’: Function not implemented
2016-05-12prefer_openssl: add amd64 constraintJakob Unterwurzacher
Optimized assembly versions for Go GCM are only available on amd64.
2016-05-12prefer_openssl: autodetect whether to use OpenSSL or Go GCMJakob Unterwurzacher
Go GCM is faster than OpenSSL if the CPU has AES instructions and you are running Go 1.6+. The "-openssl" option now defaults to "auto". "gocryptfs -debug -version" displays the result of the autodetection. See https://github.com/rfjakob/gocryptfs/issues/23 for details and benchmarks.
2016-05-11README: Note fallocate changes for v0.10 (issue #22)Jakob Unterwurzacher
2016-05-08fusefrontend: fix panic due to concurrently unregistered wlockJakob Unterwurzacher
Commit 730291feab properly freed wlock when the file descriptor is closed. However, concurrently running Write and Truncates may still want to lock it. Check if the fd has been closed first.
2016-05-08stress_tests: improve outputJakob Unterwurzacher
2016-05-05stress_tests: extractloop: run two loops in parallelJakob Unterwurzacher
This increases the load but also the disk space requirements (to about 2GB).
2016-05-05fusefrontend: fix wlock memory leakJakob Unterwurzacher
The write lock was not freed on release, causing a slow memory leak. This was noticed by running extractloop.bash for 10 hours.
2016-05-05stress_tests: add stress test scriptsJakob Unterwurzacher
These were hosted at https://github.com/rfjakob/fsstress . To make them easier to use for gocryptfs users and developers, add them to the main repo.
2016-05-05stupidgcm: set dummy locking callback.v0.10-rc2Jakob Unterwurzacher
In general, OpenSSL is only threadsafe if you provide a locking function through CRYPTO_set_locking_callback. However, the GCM operations that stupidgcm uses never call that function. To guard against that ever changing, set a dummy locking callback that crashes the app.
2016-05-05stupidgcm: skip tests on Go 1.4 and olderJakob Unterwurzacher
Quoting from the patch: We compare against Go's built-in GCM implementation. Since stupidgcm only supports 128-bit IVs and Go only supports that from 1.5 onward, we cannot run these tests on older Go versions.
2016-05-05Revert "stupidgcm: print openssl error stack before panicing"Jakob Unterwurzacher
This did not help in debugging the openssl <= 1.0.1c issue at all and makes the code more complex. Keep it simple.
2016-05-05cryptocore: support Go 1.4 in testsJakob Unterwurzacher
2016-05-05stupidgcm: reorder calls to support openssl <= 1.0.1cJakob Unterwurzacher
This fixes the test failures on Travis CI. Quoting from https://github.com/openssl/openssl/commit/07a4ff79d23e45f1a45da717b7c1f41a5e1c7c0c /* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier * required the tag before any AAD or ciphertext */
2016-05-04stupidgcm: print openssl error stack before panicingJakob Unterwurzacher
2016-05-04stupidgcm: fix copy-paste error in panic messageJakob Unterwurzacher
Also, print the openssl version in Travis CI
2016-05-04Fix typos in READMEJakob Unterwurzacher
2016-05-04Update README for v0.10-rc1v0.10-rc1Jakob Unterwurzacher
2016-05-04stupidgcm: completely replace spacemonkeygo/opensslJakob Unterwurzacher
2016-05-04stupidgcm: add our own thin wrapper around openssl gcmJakob Unterwurzacher
...complete with tests and benchmark. This will allow us to get rid of the dependency to spacemonkeygo/openssl that causes problems on Arch Linux ( https://github.com/rfjakob/gocryptfs/issues/21 )
2016-05-04cryptocore: add API testsJakob Unterwurzacher
2016-04-28build.bash: replace "git -C"Jakob Unterwurzacher
"-C" is not supported on older git versions. Instead, just cd into the directory. See issue #20.