aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-09README: reverse mode is ticket #19, not #34Jakob Unterwurzacher
2016-10-09Update Changelog for v1.1-rc1v1.1-rc1Jakob Unterwurzacher
2016-10-09contrib: pam_mount: check if something is already mounted on DSTJakob Unterwurzacher
pam_mount is supposed to check that as well, but it seems to get confused by the "command#path" syntax used for FUSE. Let's do it here.
2016-10-09tests: add test for "mountpoint shadows cipherdir" logicJakob Unterwurzacher
2016-10-08main: fix shadow detection logicJakob Unterwurzacher
This fired incorrectly: Mountpoint "/home/testuser" would shadow cipherdir "/home/testuser.cipher", this is not supported
2016-10-08LICENSE: add full nameJakob Unterwurzacher
2016-10-08contrib: pam_mount: add instructions for whole-home-dir encryptionJakob Unterwurzacher
2016-10-08contrib: pam_mount: add documentation and wrapperJakob Unterwurzacher
See ticket #34
2016-10-08reverse: gocryptfs.conf was missing from the directory listingsJakob Unterwurzacher
Fix the test for that and add checks in example_filesystems_test.
2016-10-08tests: unmount leftover filesystems before starting the testsJakob Unterwurzacher
A panic during the tests can leave mounted filesystems behind.
2016-10-08tests: add v1.1-reverse-plaintextnames example filesystemJakob Unterwurzacher
2016-10-08tests: add v1.1-reverse example filesystemJakob Unterwurzacher
2016-10-08tests: add v1.1-aessiv example filesystemJakob Unterwurzacher
Also move the example content into "content".
2016-10-08reverse: merge config translation check into isTranslatedConfigJakob Unterwurzacher
Also get rid of useless isFiltered function.
2016-10-08reverse: make gocryptfs.conf mapping plaintextnames-awareJakob Unterwurzacher
Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that.
2016-10-08tests: pass "-nosyslog"Jakob Unterwurzacher
We want to see panics and warnings on the console
2016-10-08tests: invert ResetTmpDir argumentJakob Unterwurzacher
As reverse also does not want a diriv file, the "plaintextNames" argument became a misnomer.
2016-10-08tests: matrix: have the testcase struct as a global variableJakob Unterwurzacher
Future tests will need more info about the running test case.
2016-10-08tests: matrix: convert to table-based styleJakob Unterwurzacher
And add AES-SIV
2016-10-08main: error out when the mount shadows the cipherdirJakob Unterwurzacher
For example, we cannot mount "/home/user/.cipher" at "/home/user" because the mount will hide ".cipher" also for us. Doing it anyway used to cause a nasty hang.
2016-10-08main: split doMount into its own fileJakob Unterwurzacher
Ongoing effort to reduce the size of main().
2016-10-08main: check if the config file can opened before prompting for passwordJakob Unterwurzacher
This was frustrating: $ gocryptfs a b Password: Decrypting master key open a/gocryptfs.conf: permission denied
2016-10-07MANPAGE: note that "-f" implies "-nosyslog"Jakob Unterwurzacher
Also explain why AES-SIV exists.
2016-10-07main: daemonize more thoroughlyJakob Unterwurzacher
As described at http://software.clapper.org/daemonize/ , a daemon should chdir to / and close its FDs.
2016-10-07nametransform: better error code on invalid diriv lengthJakob Unterwurzacher
go-fuse translates errors unknown to it into "function not implemented", which is wrong in this case.
2016-10-07main: clarify nosyslog code pathJakob Unterwurzacher
Split the block up and add a comment why notifypid is important.
2016-10-06main: add "-nonempty" optionJakob Unterwurzacher
2016-10-05reverse: initialize the longname cache only when reverse mode is usedJakob Unterwurzacher
Gets rid of the idling longnameCacheCleaner thread in "normal" mode.
2016-10-04A few more lint fixesJakob Unterwurzacher
2016-10-04lint fixesValient Gough
2016-10-04tests: skip "go tool vet" if the command is not availableJakob Unterwurzacher
"vet" is not availably by default on Go 1.4.
2016-10-04tests: drop Go 1.3.3 from Travis testingJakob Unterwurzacher
Does not support testing.M, which means we cannot run the test suite, which means we cannot claim to support it at all.
2016-10-04tests: skip tests with -openssl=false on Go 1.4 and lowerJakob Unterwurzacher
Go versions 1.4 and lower lack NewGCMWithNonceSize(), which causes a panic in the test.
2016-10-04tests: enable FUSE tests on Travis CIJakob Unterwurzacher
2016-10-04tests: symlink to "/" instead of "/etc/motd"Jakob Unterwurzacher
This file does not exist on all systems, causing spurious test failures. See #40, #43
2016-10-04tests: fallocate: skip some disk usage checks on btrfsJakob Unterwurzacher
The expected allocated sizes are verified for tmpfs and ext4. btrfs gives different results, but that's not an error. Also, simplify test_helpers.Du and several code paths. Fixes #43.
2016-10-04fusefrontend_reverse cast Stat_t.Dev to uint64 (#44)Romain
The [Stat_t.Dev](https://golang.org/pkg/syscall/#Stat_t) docs say `Dev` is a `unit64`, but on [macOS amd64](https://golang.org/src/syscall/ztypes_darwin_amd64.go) it's an `int32`.
2016-10-04maxlen.bash: result was 1 too highJakob Unterwurzacher
Additionally, output 0 instead of 7 on permission errors.
2016-10-04without_openssl: support compiling completely without opensslJakob Unterwurzacher
Build helper script: build-without-openssl.bash
2016-10-04cryptocore: rename "gcm" variable to generic "aeadCipher"Jakob Unterwurzacher
As we now also support AES-SIV the old name is no longer correct.
2016-10-04cryptocore: derive 512-bit key for AES-SIVJakob Unterwurzacher
AES-SIV uses 1/2 of the key for authentication, 1/2 for encryption, so we need a 64-byte key for AES-256. Derive it from the master key by hashing it with SHA-512.
2016-10-03siv_aead: Overhead is always 16Jakob Unterwurzacher
Add a test for that. Also test operations using a 64-byte key.
2016-09-29xray: print block offsetsJakob Unterwurzacher
2016-09-29reverse: use per-purpose nonce generationJakob Unterwurzacher
Also pull all the deterministic nonce code into fusefrontend_reverse to greatly simplify the normal code path.
2016-09-28reverse: move newDirIVFile into virtualfile.goJakob Unterwurzacher
After all, is's a virtual file.
2016-09-28main: get rid of duplicate "extpass" messageJakob Unterwurzacher
$ gocryptfs -init -extpass "echo test" a Using password provided via -extpass. <<< DUPLICATE Reading password from extpass program The gocryptfs filesystem has been created successfully. You can now mount it using: gocryptfs a MOUNTPOINT
2016-09-26README: storage overhead is 32 bytesJakob Unterwurzacher
As stated in file-format.md.
2016-09-26reverse: switch from GCM-SIV to AES-SIVv1.1-beta1Jakob Unterwurzacher
GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-26siv_aead: add AES-SIV AEAD wrapperJakob Unterwurzacher
2016-09-25stupidgcm: add GCM-SIV benchmarkJakob Unterwurzacher
On a CPU without AES-NI: $ go test -bench . Benchmark4kEncStupidGCM-2 50000 24155 ns/op 169.57 MB/s Benchmark4kEncGoGCM-2 20000 93965 ns/op 43.59 MB/s Benchmark4kEncGCMSIV-2 500 2576193 ns/op 1.59 MB/s
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 20:51:41 +0000