aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-02-15OSX compat: replace fusermount calls with fuse-unmount.bashJakob Unterwurzacher
Mac OS X does not have fusermount and uses umount instead. The fuse-unmount.bash calls the appropriate command.
2017-02-14Add Mac OS X fusermount replacement scriptJakob Unterwurzacher
2017-02-13readpassword: limit password length to 1000 bytesJakob Unterwurzacher
This used to hang at 100% CPU: cat /dev/zero | gocryptfs -init a ...and would ultimately send the box into out-of-memory. The number 1000 is chosen arbitrarily and seems big enough given that the password must be one line. Suggested by @mhogomchungu in https://github.com/rfjakob/gocryptfs/issues/77 .
2017-02-12Add CLI ABI documentationJakob Unterwurzacher
Closes https://github.com/rfjakob/gocryptfs/issues/77
2017-02-12Check for trailing garbage after the passwordJakob Unterwurzacher
From the comment: // CheckTrailingGarbage tries to read one byte from stdin and exits with a // fatal error if the read returns any data. // This is meant to be called after reading the password, when there is no more // data expected. This helps to catch problems with third-party tools that // interface with gocryptfs.
2017-02-12readpassword: improve comment on readPasswordStdinJakob Unterwurzacher
2017-02-12Document "--" to stop option parsing in help text + man pageJakob Unterwurzacher
2017-02-12main: suggest "-q" to suppress master key messageJakob Unterwurzacher
If the user has already saved the master key and is not aware of "-q" the master key needlessly ends up in the terminal buffer. Closes https://github.com/rfjakob/gocryptfs/issues/76
2017-02-12tests: ctlsock: check warning for non-canonical pathsJakob Unterwurzacher
2017-02-05ctlsock: handle non-canonical empty pathsJakob Unterwurzacher
We have to check if the input path is empty AFTER canonicalizing it, too!
2017-02-05ctlsock: sanitize: handle multiple leading slashesJakob Unterwurzacher
2017-01-29golint comment fixJakob Unterwurzacher
internal/ctlsock/ctlsock_serve.go:73:1: comment on exported const ReadBufSize should be of the form "ReadBufSize ..."
2017-01-29contrib: add ctlsock helper scriptsJakob Unterwurzacher
2017-01-29ctlsock: better error message for forward mode path decryptionJakob Unterwurzacher
2017-01-29ctlsock: abort message processing on JSON errorJakob Unterwurzacher
The code was missing a "continue" in that branch. Also improve the error messages a bit.
2017-01-29ctlsock: interpret paths that point above CWD as ""Jakob Unterwurzacher
Paths that start with ".." were previously accepted as-is.
2017-01-29readpassword: support spaces in "-passfile" filenameJakob Unterwurzacher
...and while we are at it, also filenames starting with "-".
2017-01-26main: add "-fsname" optionJakob Unterwurzacher
As requested in https://github.com/rfjakob/gocryptfs/issues/73 .
2017-01-26main: make sure the ctlsock file is deleted on incorrect passwordJakob Unterwurzacher
Otherwise the next try to mount ends in "ctlsock: listen unix ctl.sock: bind: address already in use"
2017-01-26fusefrontend: fix hard-linking with long nameJakob Unterwurzacher
This used to incorrectly try to link twice and return EEXIST.
2017-01-26tests: add TestLongLink (currently broken)Jakob Unterwurzacher
2017-01-26tlog: better comment for the terminal colorsJakob Unterwurzacher
2017-01-03reverse: add single-entry path cacheJakob Unterwurzacher
Speeds up the "ls -lR" benchmark from 2.6 seconds to 2.0.
2017-01-03reverse: factor out rDecryptNameJakob Unterwurzacher
This prepares the code for the introduction of a path cache.
2017-01-03test.bash: don't let the test process inherit the lock fileJakob Unterwurzacher
This meant that dangling mounts (and gocryptfs processes) kept the lock open.
2017-01-03Add reverse benchmarkJakob Unterwurzacher
2017-01-03tests: only check the size in dl-linux-tarball.bashJakob Unterwurzacher
Getting rid of the MD5 calculation makes calling the script virtually free, where it took 0.2 seconds before.
2017-01-03tests: factor out dl-linux-tarball.bashJakob Unterwurzacher
This will be also used by the reverse benchmarks.
2017-01-02main: disconnect from the controlling terminalJakob Unterwurzacher
This prevents us from getting SIGINT when the user kills the running script.
2016-12-13benchmark.bash: reject "-openssl" option for encfs modeJakob Unterwurzacher
2016-12-13benchmark.bash: add proper argument handlingJakob Unterwurzacher
2016-12-13benchmark.bash: OSX dd does not support "K" postfixJakob Unterwurzacher
2016-12-10benchmark.bash: add comments to show how to force openssl usageJakob Unterwurzacher
2016-12-10prefer_openssl: default to Go GCM on OSXJakob Unterwurzacher
2016-12-10ctlsock: abort the connection if the request is too bigJakob Unterwurzacher
Reading partial JSON would cause a mess. Just kill the connection. Also, stop using syscall.PathMax that is not defined on Darwin ( https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-264253024 )
2016-12-10ctlsock: add a note about Accept() throwing errors on Close()Jakob Unterwurzacher
2016-12-10ctlsock: exit early if socket cannot be created; delete on exitJakob Unterwurzacher
Both are achieved by opening the socket from main and passing it to the ctlsock package instead of passing the path.
2016-12-10test.bash: call vet earlyJakob Unterwurzacher
2016-12-10stupidgcm: Fix without_openssl build failureJakob Unterwurzacher
Also, always call build-without-openssl.bash from test.bash. Failure was: internal/stupidgcm/without_openssl.go:29: missing return at end of function
2016-12-10ctlsock: sanitize paths before passing them to the backendJakob Unterwurzacher
You used to be able to crash gocryptfs by passing "/foo" of "foo/" to the ctlsock. Fixes https://github.com/rfjakob/gocryptfs/issues/66
2016-12-10ctlsock: exit if socket cannot be createdJakob Unterwurzacher
2016-12-10test.bash: check for naked "panic()" callsJakob Unterwurzacher
2016-12-10Replace all calls to naked panic() with log.Panic()Jakob Unterwurzacher
We want all panics to show up in the syslog.
2016-12-06build-without-openssl: compile staticallyJakob Unterwurzacher
$ ldd gocryptfs not a dynamic executable $ file gocryptfs gocryptfs: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped
2016-12-04README: v1.2 includes the rendered man page in the tarballv1.2Jakob Unterwurzacher
2016-12-04Update README for v1.2 releaseJakob Unterwurzacher
2016-11-28fusefrontend: preserve owner for symlinksJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28fusefronted: preserve owner for device nodes and socketsJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28fusefrontend: use Lchown when preserving ownerJakob Unterwurzacher
This prevents (unlikely) symlink race attacks
2016-11-26main: fix USR1 race condition, fixes test flakinessJakob Unterwurzacher
We could have gotten the signal before the handler was ready, which caused the process to wait indefinitely. This was the reason test.bash sometimes hung.