Age | Commit message (Collapse) | Author |
|
Also get rid of useless isFiltered function.
|
|
Only in plaintextnames-mode AND with the config file at the
default location it will be mapped into the mountpoint.
Also adds a test for that.
|
|
We want to see panics and warnings on the console
|
|
As reverse also does not want a diriv file, the "plaintextNames"
argument became a misnomer.
|
|
Future tests will need more info about the running test case.
|
|
And add AES-SIV
|
|
For example, we cannot mount "/home/user/.cipher" at "/home/user"
because the mount will hide ".cipher" also for us.
Doing it anyway used to cause a nasty hang.
|
|
Ongoing effort to reduce the size of main().
|
|
This was frustrating:
$ gocryptfs a b
Password:
Decrypting master key
open a/gocryptfs.conf: permission denied
|
|
Also explain why AES-SIV exists.
|
|
As described at http://software.clapper.org/daemonize/ ,
a daemon should chdir to / and close its FDs.
|
|
go-fuse translates errors unknown to it into "function not
implemented", which is wrong in this case.
|
|
Split the block up and add a comment why notifypid is important.
|
|
|
|
Gets rid of the idling longnameCacheCleaner thread in "normal" mode.
|
|
|
|
|
|
"vet" is not availably by default on Go 1.4.
|
|
Does not support testing.M, which means we cannot run the
test suite, which means we cannot claim to support it at
all.
|
|
Go versions 1.4 and lower lack NewGCMWithNonceSize(), which causes
a panic in the test.
|
|
|
|
This file does not exist on all systems, causing spurious
test failures.
See #40, #43
|
|
The expected allocated sizes are verified for tmpfs and ext4.
btrfs gives different results, but that's not an error.
Also, simplify test_helpers.Du and several code paths.
Fixes #43.
|
|
The [Stat_t.Dev](https://golang.org/pkg/syscall/#Stat_t) docs say `Dev` is a `unit64`, but on [macOS amd64](https://golang.org/src/syscall/ztypes_darwin_amd64.go) it's an `int32`.
|
|
Additionally, output 0 instead of 7 on permission errors.
|
|
Build helper script: build-without-openssl.bash
|
|
As we now also support AES-SIV the old name is no longer
correct.
|
|
AES-SIV uses 1/2 of the key for authentication, 1/2 for
encryption, so we need a 64-byte key for AES-256. Derive
it from the master key by hashing it with SHA-512.
|
|
Add a test for that.
Also test operations using a 64-byte key.
|
|
|
|
Also pull all the deterministic nonce code into fusefrontend_reverse
to greatly simplify the normal code path.
|
|
After all, is's a virtual file.
|
|
$ gocryptfs -init -extpass "echo test" a
Using password provided via -extpass. <<< DUPLICATE
Reading password from extpass program
The gocryptfs filesystem has been created successfully.
You can now mount it using: gocryptfs a MOUNTPOINT
|
|
As stated in file-format.md.
|
|
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
|
|
|
|
On a CPU without AES-NI:
$ go test -bench .
Benchmark4kEncStupidGCM-2 50000 24155 ns/op 169.57 MB/s
Benchmark4kEncGoGCM-2 20000 93965 ns/op 43.59 MB/s
Benchmark4kEncGCMSIV-2 500 2576193 ns/op 1.59 MB/s
|
|
|
|
This happens all the time in reverse mode when somebody stats
an encrypted symlink target.
|
|
Also delete the unused "dirIVNameStruct", found by deadcode.
|
|
...and fix reported errors:
internal/fusefrontend_reverse/rfile.go:40: github.com/rfjakob/gocryptfs/internal/contentenc.FileHeader composite literal uses unkeyed fields
internal/fusefrontend_reverse/rfs.go:249: github.com/hanwen/go-fuse/fuse.DirEntry composite literal uses unkeyed fields
internal/fusefrontend_reverse/rfs.go:264: github.com/hanwen/go-fuse/fuse.DirEntry composite literal uses unkeyed fields
|
|
|
|
128-bit IVs are NOT used everywhere.
|
|
|
|
This will be used for strong symlink encryption in reverse mode.
|
|
Calling into go-fuse's loopbackFileSystem does not add
any value here.
|
|
Now also verifies the returned file size.
|
|
|
|
Look at the error code from os.Remove and decide about the
right thing to do.
Gets rid of spurious fusermount error messages.
|
|
|