Age | Commit message (Collapse) | Author |
|
Also, fix the namespaceMap comment.
|
|
Compiles and mounts but does nothing useful.
|
|
Simplify the tests by using empty files. Empty
files are valid, and we don't check the content
anyway.
Also adjust comment style a little and add
a missing break statement.
|
|
At least 16 bytes due to AES --> at least 22 characters in base64
|
|
Changed invalid file decoding and decryption. Function
DecryptName now shortens the filename until the filename is
decodable and decryptable. Will work with valid **and**
invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-].
If the filename is not decryptable at all, it returns the
original cipher name with flag suffix Changed cli tests to
generate decryptable and undecryptable file names with correct
encrypted content. Replacing #474, extends #393
|
|
Locale trouble was
sshfs-benchmark.bash: line 31: printf: 4.71: invalid number
because printf expected "4,71" in the German locale.
Force the C locale.
|
|
22e3eec15302eac28c1a2ac3f9af29c2c9e82a3c
|
|
Also try to improve and unify output a little.
$ ./getdents /usr/share/man/man1
1: unix.Getdents: n=9984; n=9984; n=9968; n=9976; n=9984; n=9968; n=10000; n=9976; n=9992; n=10000; n=9976; n=9992; n=2312; n=0; err=<nil>; total 122112 bytes
2: unix.Getdents: n=9984; n=48; n=9976; n=9968; n=9976; n=9976; n=9992; n=9984; n=9992; n=10000; n=9976; n=9968; n=10000; n=2272; n=0; err=<nil>; total 122112 bytes
3: unix.Getdents: n=9984; n=9984; n=9968; n=704; n=10000; n=10000; n=9968; n=9968; n=9992; n=10000; n=9960; n=9992; n=9992; n=1600; n=0; err=<nil>; total 122112 bytes
4: unix.Getdents: n=9984; n=9984; n=9968; n=9976; n=9984; n=32; n=9992; n=9984; n=9992; n=10000; n=9976; n=9968; n=10000; n=2272; n=0; err=<nil>; total 122112 bytes
$ ./getdents_c /usr/share/man/man1
1: getdents64: n=9984; n=9984; n=9968; n=9976; n=9984; n=9968; n=10000; n=9976; n=9992; n=10000; n=9976; n=9992; n=2312; n=0; errno=0 total 122112 bytes
2: getdents64: n=9984; n=9984; n=9968; n=9976; n=9984; n=9968; n=10000; n=9976; n=9992; n=10000; n=9976; n=9992; n=2312; n=0; errno=0 total 122112 bytes
3: getdents64: n=9984; n=9984; n=9968; n=9976; n=9984; n=9968; n=10000; n=9976; n=9992; n=10000; n=9976; n=9992; n=2312; n=0; errno=0 total 122112 bytes
4: getdents64: n=9984; n=9984; n=9968; n=9976; n=9984; n=9968; n=10000; n=9976; n=9992; n=10000; n=9976; n=9992; n=2312; n=0; errno=0 total 122112 bytes
|
|
$ ./getdents -loop /mnt/synology/public/tmp/g1
unix.Getdents: n=4176; n=4176; n=4176; n=4176; n=4176; n=3192; n=0; err=<nil>; total 24072 bytes
unix.Getdents: n=4176; n=4176; n=4176; n=4176; n=4176; n=3192; n=0; err=<nil>; total 24072 bytes
unix.Getdents: n=4176; n=-1; err=no such file or directory; total 4176 bytes
|
|
Another way to repro the problem in
https://github.com/rfjakob/gocryptfs/issues/483
|
|
|
|
As noticed by @slackner in
https://github.com/rfjakob/gocryptfs/commit/cb8872577d66ff0fc38bcd70493be06bc0f34ffa#commitcomment-39405233 ,
this is not safe.
This reverts commit cb8872577d66ff0fc38bcd70493be06bc0f34ffa.
|
|
On CIFS mounts, unix.Getdents can return sudden ENOENT
in the middle of data. This will not be reported as an error
by user space tools, so return EIO instead.
Also log it as a warning.
https://github.com/rfjakob/gocryptfs/issues/483
|
|
Same thing like contrib/getdents, but written in C.
|
|
Small tool to try to debug unix.Getdents problems on CIFS mounts
https://github.com/rfjakob/gocryptfs/issues/483
|
|
And also, stop using the wrong directory for sshfs git init.
sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs
git init 4.35 7.82
rsync 7.72 11.66
rm -R 2.71 11.04
mkdir 1.33 4.15
rmdir 0.47 3.97
touch 2.32 2.85
rm 0.45 0.45
|
|
When filename encryption is on, we do know when we
overwrite a directory, and can clear only in this case.
sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs
git init 1.74 7.80
rsync 6.19 11.63
|
|
Mkdir can not cause existing entries in the cache to go
stale. So don't clear it. Benchmark results:
sshfs-benchmark.bash: sshfs gocryptfs-on-sshfs
git init 1.65 8.74
rsync 6.09 17.54
|
|
Let's get some reproducible numbers for
https://github.com/rfjakob/gocryptfs/issues/481
and
https://github.com/rfjakob/gocryptfs/issues/410
Example run:
$ ./sshfs-benchmark.bash nuetzlich.net
working directory: /tmp/sshfs-benchmark.bash.vu4
sshfs mounted: nuetzlich.net:/tmp -> sshfs.mnt
gocryptfs mounted: sshfs.mnt/sshfs-benchmark.bash.KM9/gocryptfs.crypt -> gocryptfs.mnt
sshfs gocryptfs-on-sshfs
git init 1.68 11.23
rsync 6.07 20.35
|
|
Fixes: https://github.com/rfjakob/gocryptfs/issues/483
Related: https://github.com/golang/go/issues/38836
|
|
Looking at the dircache debug output, we see
that a "git status" workload has a very bad
cache hit rate because the entries expire or
get evicted before they can be reused.
Increase both cache size and lifetime for
a 4x speedup:
Before: 75s
After: 17s
https://github.com/rfjakob/gocryptfs/issues/410
|
|
Before:
Lookup "errno.html/1/2/3/4/5": miss
Store: "errno.html/1/2/3/4/5" fd=26 iv=21be6e083d60dcabfe7368264d5082b7
Lookup "errno.html": hit 25 6d68a16d217978915036a3bd55428ae7
Lookup "errno.html/1": hit 25 932a464c299b3430c5e55c924f98ac4d
Lookup "errno.html/1/2": hit 25 7d53348b1692d537f017bf86b3cf5feb
Lookup "errno.html/1/2/3": hit 25 2aef1c9d1ab2b55b163215053fefe703
Lookup "errno.html/1/2/3/4": hit 25 cb802be53721c46a46247c5e4e0f4ce6
Lookup "errno.html/1/2/3/4": hit 25 cb802be53721c46a46247c5e4e0f4ce6
Lookup "errno.html": hit 25 6d68a16d217978915036a3bd55428ae7
After:
Lookup "earlyoom/.git/refs" hit fd=10 dup=17 iv=6ae2cecd269a25e8d946aff6afe9b8b8
Lookup "earlyoom/.git/refs/remotes" hit fd=19 dup=17 iv=f04c2d2a5bcc33ebdeaca664859c980d
Lookup "earlyoom/.git/refs/remotes/origin" miss
Store "earlyoom/.git/refs/remotes/origin" fd=17 iv=834a64a1697c9f5705455ba6dbed22b5
Lookup "earlyoom" hit fd=7 dup=25 iv=2303a892d6e2357c483574a8070b7679
Lookup "earlyoom/.git" hit fd=11 dup=25 iv=d43ca4aff23720c57789c9f62f0aee00
Lookup "earlyoom/.git" hit fd=11 dup=25 iv=d43ca4aff23720c57789c9f62f0aee00
Lookup "earlyoom/.git/refs" hit fd=10 dup=25 iv=6ae2cecd269a25e8d946aff6afe9b8b8
Lookup "earlyoom/.git/refs/heads" hit fd=13 dup=25 iv=f9245e7c066b9adc768a1a666da9fbc8
|
|
|
|
Each file will be read and then concatenated
for the effictive password. This can be used as a
kind of multi-factor authenticiton.
Fixes https://github.com/rfjakob/gocryptfs/issues/288
|
|
The go-fuse v1 dependency is spurious. Will be fixed by
https://github.com/hanwen/go-fuse/pull/360
|
|
We need
https://github.com/hanwen/go-fuse/commit/fd7328faf9fdf75709f7ba7df7072aaf4eeb18b3
to fix a crash reported in https://github.com/rfjakob/gocryptfs/issues/430 :
2019/10/30 17:14:16 Unknown opcode 2016
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x508d38]
This patch is only in the v2.x.x branch. Upgrade to v2, as the
old API is also supported there.
Running
git grep hanwen/go-fuse | grep -v hanwen/go-fuse/v2
to check for forgotten references comes back clean.
|
|
https://github.com/client9/misspell
|
|
Closes https://github.com/rfjakob/gocryptfs/issues/416
|
|
|
|
The -0 flags works like xargs -0.
|
|
Should show up on https://pkg.go.dev/github.com/rfjakob/gocryptfs?tab=doc
which currently reads "No documentation available for this package!"
|
|
Implementation seems to work ok, but is missing tests and
documentation for now.
I will only delete ctlsock-encrypt.bash when both are
done.
https://github.com/rfjakob/gocryptfs/issues/416
|
|
|
|
|
|
lsof may get stuck when gocryptfs itself is stuck.
|
|
The former interal ctlsock server package is renamed
to ctlsocksrv.
|
|
Tests that `gocryptfs -passwd -masterkey=stdin` works.
This was fixed by ff04b1d83ab1201.
Fixes https://github.com/rfjakob/gocryptfs/issues/461
|
|
This was handled both in getMasterKey(). Split it apart.
|
|
Make it clear that function does NOT parse the "-masterkey"
command line argument, it just unhexes the payload.
|
|
We did not use t.Name() as it was not available
before Go 1.8. Now the oldest Go version we support is
Go 1.11, so we can use it.
|
|
The command line option is now called `-badname`,
so adjust the test name to match.
|
|
|
|
Bisecting shows that the performance drop is caused by
this commit:
commit ca9e912a28b901387e1dbb85f6c531119f2d5ef2 (refs/bisect/bad)
Author: Jakob Unterwurzacher <jakobunt@gmail.com>
Date: Sat Feb 29 19:58:08 2020 +0100
fusefrontend: drop xattr user namespace restriction
|
|
Updated using
go get -t -u ./...
|
|
We redirected the wrong ldd fd to /dev/null. Fix it.
|
|
Wrong bit operator was used.
|
|
Also add a test for this.
Thanks @slackner for the comment.
|
|
This was committed by accident.
|
|
Gets rid of static inode number value limitations.
Fixes https://github.com/rfjakob/gocryptfs/issues/457
|
|
Verify that virtual files get assigned inode numbers
we expect.
|