summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-07-01Only print masterkey once on -initJakob Unterwurzacher
It is no longer printed at all when mounting a filesystem, printing on -init can be disabled with -q. https://github.com/rfjakob/gocryptfs/issues/76
2018-07-01trezor: add sanity checks for decrypted valueJakob Unterwurzacher
Check that the value has changed, is not all-zero and has the right length.
2018-07-01Implemented the support of Trezor devices.Dmitry Yu Okunev
2018-07-01main: replace naked panic with log.PanicJakob Unterwurzacher
Fix the check that failed to find the case as well.
2018-07-01trezor: reject password change on Trezor-enabled fsJakob Unterwurzacher
This is not supported (yet? does it make sense?).
2018-07-01trezor: add TrezorPayloadJakob Unterwurzacher
TrezorPayload stores 32 random bytes used for unlocking the master key using a Trezor security module. The randomness makes sure that a unique unlock value is used for each gocryptfs filesystem.
2018-07-01configfile: reduce function name stutterJakob Unterwurzacher
configfile.LoadConfFile() -> configfile.Load() configfile.CreateConfFile() -> configfile.Create()
2018-07-01trezor: exit with usage error if used together with -extpassJakob Unterwurzacher
Using an external program for the Trezor PIN is not supported at the moment.
2018-07-01trezor: add basic "-init -trezor" testJakob Unterwurzacher
Verify that the Trezor feature flag is set after "-init -trezor".
2018-07-01trezor: add skeleton for Trezor supportJakob Unterwurzacher
readpassword.Trezor() is not implemented yet and returns a hardcoded dummy key.
2018-07-01README: Add folders side-by-side animation gifJakob Unterwurzacher
10 second animation that shows what gocryptfs does.
2018-06-24configfile: use tlog.ColorYellow instead of hardcoded color codeJakob Unterwurzacher
2018-06-19Fix three golint warningsJakob Unterwurzacher
We are clean again. Warnings were: internal/fusefrontend/fs.go:443:14: should omit type string from declaration of var cTarget; it will be inferred from the right-hand side internal/fusefrontend/xattr.go:26:1: comment on exported method FS.GetXAttr should be of the form "GetXAttr ..." internal/syscallcompat/sys_common.go:9:7: exported const PATH_MAX should have comment or be unexported
2018-06-12Update README and MANPAGE for v1.5v1.5Jakob Unterwurzacher
Also update the performance numbers. I see some slowdown, reason is not yet clear, but nothing to block the release.
2018-06-12dep: fix constraints and update dependenciesJakob Unterwurzacher
Gopkg.toml was emptied out by commit c3e12b5e68637 which seemed to work fine at the time. It turns out that, in absence of a branch = "master" constraint, dep will use the last tag. We want latest master, as this is what "go get" fetches, and hence what Travis uses for testing.
2018-06-12xattr: return EOPNOTSUPP instead of ENODATA in GetXattrJakob Unterwurzacher
Reading system.posix_acl_access and system.posix_acl_default should return EOPNOTSUPP to inform user-space that we do not support ACLs. xftestest essientially does chacl -l | grep "Operation not supported" to determine if the filesystem supports ACLs, and used to wrongly believe that gocryptfs does.
2018-06-08darwin does not have PATH_MAXJakob Unterwurzacher
Define our own, with the value from Linux.
2018-06-08main: cut down "flag provided but not defined" error messageJakob Unterwurzacher
Don't dump the help text on the unsuspecting user, but give a short error message: $ gocryptfs -foobar flag provided but not defined: -foobar Invalid command line: gocryptfs -foobar. Try 'gocryptfs -help'. For comparison: This is what cp does: $ cp --foo cp: unrecognized option '--foo' Try 'cp --help' for more information. And this what we used to do: $ gocryptfs -foobar flag provided but not defined: -foobar gocryptfs v1.4.4-45-gfb772da; go-fuse v20170619-35-gb16719c; 2018-06-08 go1.10.2 Usage: gocryptfs -init|-passwd|-info [OPTIONS] CIPHERDIR or gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT Common Options (use -hh to show all): -aessiv Use AES-SIV encryption (with -init) -allow_other Allow other users to access the mount -config Custom path to config file -ctlsock Create control socket at location -extpass Call external program to prompt for the password -fg Stay in the foreground -fusedebug Debug FUSE calls -h, -help This short help text -hh Long help text with all options -init Initialize encrypted directory -info Display information about encrypted directory -masterkey Mount with explicit master key instead of password -nonempty Allow mounting over non-empty directory -nosyslog Do not redirect log messages to syslog -passfile Read password from file -passwd Change password -plaintextnames Do not encrypt file names (with -init) -q, -quiet Silence informational messages -reverse Enable reverse mode -ro Mount read-only -speed Run crypto speed test -version Print version information -- Stop option parsing You passed: "-foobar" flag provided but not defined: -foobar
2018-06-07main: forkChild: try to read /proc/self/exeJakob Unterwurzacher
On Linux, where /proc exists, this makes sure that we are executing ourselves again, and not some other copy of the gocryptfs executable. This usually does not matter, but mount(1) unsets $PATH and sets argv[0] to just "gocryptfs".
2018-06-07Set a default PATH if PATH is empty or unsetJulian Orth
mount(1) unsets PATH before calling mount.fuse. Therefore it's not set in gocrpytfs either and daemonization fails if gocryptfs was not executed via an absolute path. mount.fuse handles this by leaving the execution of the helper to /bin/sh. /bin/sh handles an empty PATH by searching a few default locations. This patch sets the PATH to a sane default if it's empty or unset.
2018-06-07main: accept -dev, -nodev, -suid, -nosuid, -exec, -noexecJakob Unterwurzacher
When mounted via /etc/fstab like this, /a /b fuse.gocryptfs default 0 0 we always get extra options passed. As reported by @mahkoh at https://github.com/rfjakob/gocryptfs/pull/233 : mount passes `-o noexec` if `-o user` is set and `-o exec` is not set. If both `-o user` and `-o exec` are set, it passes `-o exec`. Make these options work, and in addtion, also make -suid and -rw work the same way. Reported-by: @mahkoh
2018-06-05main: make prefixOArgs errors testableJakob Unterwurzacher
By returning an error instead of calling os.Exit, error cases can be tested easily. Error cases were not tested until now.
2018-05-27dep: update xattr dependencyJakob Unterwurzacher
We need LGet support from the newest release.
2018-05-27xattr: use LGet/LSet etcJakob Unterwurzacher
Support has been merged into the xattr package ( https://github.com/pkg/xattr/pull/29 ), use it.
2018-05-17tests: add "mv broken symlink" testJakob Unterwurzacher
This currently fails because we do not use llistxattr yet.
2018-05-15crossbuild.bash: call "set -x" lateJakob Unterwurzacher
Fedora 28 executes A LOT of stuff from /usr/share/Modules/ on bash startup. Having -x in the shebang means we see it all.
2018-05-15xattr: return EOPNOTSUPP for unsupported attributesJakob Unterwurzacher
mv is unhappy when we return EPERM when it tries to set system.posix_acl_access: mv: preserving permissions for ‘b/x’: Operation not permitted Now we return EOPNOTSUPP like tmpfs does and mv seems happy.
2018-05-10fsck: update testcases with binary xattrsJakob Unterwurzacher
2018-05-10xattr: optimize storage, store as binary instead of bae64Bolshevik
Values a binary-safe, there is no need to base64-encode them. Old, base64-encoded values are supported transparently on reading. Writing xattr values now always writes them binary.
2018-05-10stupidgcm: return error on too short input instead of panicingJakob Unterwurzacher
This is what Go GCM does as well.
2018-05-07xattr: added passing of a "flags" parameterBolshevik
Pass the "flags" parameter to the lower layer syscall. This makes Apple applications being able to successfully save data.
2018-05-07Updated dependencies.Bolshevik
2018-05-04tests: example_filesystems: create a private copy in /tmpJakob Unterwurzacher
The tests write to the example_filesystems folder, which 1) May leave your source tree in a modified state 2) Triggers test failures when the fsck tests run concurrently, which happens on Travis CI every now and then. Fix both problem by copying the example_filesystems folder to a private location in /tmp.
2018-05-01fusefrontend: xattr: return ENOSYS on unsupported flagsJakob Unterwurzacher
We previously returned EPERM to prevent the kernel from blacklisting our xattr support once we get an unsupported flag, but this causes lots of trouble on MacOS: Cannot save files from GUI apps, see https://github.com/rfjakob/gocryptfs/issues/229 Returning ENOSYS triggers the dotfiles fallback on MacOS and fixes the issue.
2018-04-27tests: helpers: fix a few error reportsJakob Unterwurzacher
These were using stale err values.
2018-04-17Improved xattr handling on non-linux systems (#227)bolshevik
* Fixed xattr filtering for MacOS. "system." and "user." prefixes are only relevant for Linux. * Small cleanup and additional tests.
2018-04-11daemonize: try /bin/logger if /usr/bin/logger failsJakob Unterwurzacher
SUSE has /bin/logger, everybody else has /usr/bin/logger, so try both. Fixes https://github.com/rfjakob/gocryptfs/issues/225
2018-04-08Fix the easy golint warningsJakob Unterwurzacher
Reported by https://goreportcard.com/report/github.com/rfjakob/gocryptfs
2018-04-08tests: retry umountJakob Unterwurzacher
Gnome may still have files open causing spurious test failures.
2018-04-07tests: cli_test: fix fd leakJakob Unterwurzacher
One fd leak found in TestMountBackground.
2018-04-07tests: matrix: check for fd leaksJakob Unterwurzacher
And fix two in test_helpers.Mount(). Leftover fds can cause an unmount failure like this later: fusermount: failed to unmount /tmp/gocryptfs-test-parent/873632270/default-plain: Device or resource busy so try to catch them early.
2018-04-03fsck: report skipped corrupt filesJakob Unterwurzacher
OpenDir and ListXAttr skip over corrupt entries, readFileID treats files the are too small as empty. This improves usability in the face of corruption, but hides the problem in a log message instead of putting it in the return code. Create a channel to report these corruptions to fsck so it can report them to the user. Also update the manpage and the changelog with the -fsck option. Closes https://github.com/rfjakob/gocryptfs/issues/191
2018-04-02fsck: add xattr supportJakob Unterwurzacher
With testcases.
2018-04-02fusefrontend: xattr: return ENODATA for security.* and system.*Jakob Unterwurzacher
"ls -l" queries security.selinux, system.posix_acl_access, system.posix_acl_default and throws error messages if it gets something else than ENODATA.
2018-04-02fsck: test against example_filesystemsJakob Unterwurzacher
2018-04-02fsck: clean up log outputJakob Unterwurzacher
Make sure we get only 1 warning output per problem. Also, add new corruption types to broken_fs_v1.4.
2018-04-02fsck: sort files alphabeticallyJakob Unterwurzacher
This makes fsck runs deterministic.
2018-04-02fsck: add initial implementationJakob Unterwurzacher
Most corruption cases except xattr should be covered. With test filesystem. The output is still pretty ugly. xattr support will be added in the next commits.
2018-04-01fusefronted: reject oversized Read and Write requestsJakob Unterwurzacher
This should not happen via FUSE as the kernel caps the size, but with fsck we have the first user that calls Read directly. For symmetry, check it for Write as well.
2018-04-01main: move getMasterKey into initFuseFrontendJakob Unterwurzacher
This is where the results are used, so call it there. This simplifies doMount a bit because we can get rid of the block protecting masterkey.