summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-07-03main: yellow text for masterkey and zerokey warningsJakob Unterwurzacher
Also, mention that the shell may save the command line into the history and reduce "ps -auxwww" to "ps ax" (that's all you need).
2016-07-03nametransform: hide detailed padding error behind the debug flagJakob Unterwurzacher
unPad16 returns detailed errors including the position of the incorrect bytes. Kill a possible padding oracle by lumping everything into a generic error. The detailed error is only logged if debug is active.
2016-07-02tests: call umount instead of fusermount on OSXJakob Unterwurzacher
Reported at https://github.com/rfjakob/gocryptfs/issues/15
2016-07-02fusefrontend: add fallocate supportJakob Unterwurzacher
Mode=0 (default) and mode=1 (keep size) are supported. The patch includes test cases and the whole thing passed xfstests. Fixes https://github.com/rfjakob/gocryptfs/issues/1 .
2016-07-02fusefronted: move Truncate() and Allocate() to their own fileJakob Unterwurzacher
These are large complicated implementations that will share some code.
2016-07-02contentenc: rename PlaintextRange and CiphertextRangeJakob Unterwurzacher
The name could be misunderstood and actually caused a bug: doWrite used to always preallocate 4128 instead of the actual data length.
2016-07-01fusefrontend: coalesce grows in Truncate()Jakob Unterwurzacher
We were growing the file block-by-block which was pretty inefficient. We now coalesce all the grows into a single Ftruncate. Also simplifies the code! Simplistic benchmark: Before: $ time truncate -s 1000M foo real 0m0.568s After: $ time truncate -s 1000M foo real 0m0.205s
2016-07-01fusefrontend: better comments for TruncateJakob Unterwurzacher
2016-06-30fusefrontend: handle dir-overwrites-dir on XFSJakob Unterwurzacher
XFS returns a different error code if you try to overwrite a non-empty directory with a directory: XFS: mv: cannot move ‘foo’ to ‘bar/foo’: File exists ext4: mv: cannot move 'foo' to 'bar/foo': Directory not empty So have EEXIST trigger the Rmdir logic as well. Fixes issue #20 Link: https://github.com/rfjakob/gocryptfs/issues/20
2016-06-30test: split up integration_testsJakob Unterwurzacher
...into "matrix" and "normal". Also: * Make running multiple packages in parallel safe, see http://stackoverflow.com/questions/23715302/go-how-to-run-tests-for-multiple-packages * Don't depent on test_helper.TmpDir and friends to have a terminating slash
2016-06-29build.bash: support colon-separated GOPATH variableJakob Unterwurzacher
Fixes issue #31 https://github.com/rfjakob/gocryptfs/issues/31
2016-06-27tests: run example_filesystems with "-openssl=false" AND "=true"Jakob Unterwurzacher
Run the tests twice, once with openssl and once with Go crypto.
2016-06-27tests: give "-plaintextnames" its own test packageJakob Unterwurzacher
...and add tests for checking that gocryptfs.diriv does not get created. The main "integration_tests" package has become quite big and convoluted over time. This small separate package should make writing tests for "-plaintextnames" easier. As seen in "fusefrontend: fix PlaintextNames versions of Mkdir, Rmdir", we need more of them.
2016-06-27tlog: clean up messages from the go-fuse libraryJakob Unterwurzacher
Drop the date and add the "go-fuse: " prefix so you can see where the message is coming from. Before: Jun 27 09:03:15 brikett gocryptfs[4150]: 2016/06/27 09:03:15 Unimplemented opcode INTERRUPT After: Jun 27 09:10:58 brikett gocryptfs[4961]: go-fuse: Unimplemented opcode INTERRUPT
2016-06-27fusefrontend: fix PlaintextNames versions of Mkdir, RmdirJakob Unterwurzacher
The "!fs.args.DirIV" special case was removed by b17f0465c7 but that, by accident, also removed the handling for PlaintextNames. Re-add it as an explicit PlaintextNames special case. Also adds support for removing directories that miss their gocryptfs.diriv file for some reason.
2016-06-26tlog: switch default logger to syslogJakob Unterwurzacher
...unless "-nosyslog" is passed. All gocryptfs messages already go to syslog, but the messages that the go-fuse lib emits were still printed to stdout. Fixes issue #13 ( https://github.com/rfjakob/gocryptfs/issues/13 )
2016-06-26MANPAGE: note that "-plaintextnames" disables symlink encryptionJakob Unterwurzacher
This is no change in behavoir, just a clarification in the man page.
2016-06-26main: add "-o" option to enable "suid" and "dev"Jakob Unterwurzacher
Device files and suid binaries are often not needed when running gocryptfs as root. As they are potentially dangerous, let the user enable them explicitely via the new "-o" option instead of always enabling them when running as root.
2016-06-26main, fusefrontend: enable suid functionalityJakob Unterwurzacher
FUSE filesystems are mounted with "nosuid" by default. If we run as root, we can use device files by passing the opposite mount option, "suid". Also we have to use syscall.Chmod instead of os.Chmod because the portability translation layer "syscallMode" messes up the sgid and suid bits. Fixes 70% of the failures in xfstests generic/193. The remaining are related to truncate, but we err on the safe side: $ diff -u tests/generic/193.out /home/jakob/src/fuse-xfstests/results//generic/193.out.bad [...] check that suid/sgid bits are cleared after successful truncate... with no exec perm before: -rwSr-Sr-- -after: -rw-r-Sr-- +after: -rw-r--r--
2016-06-26main: enable device files when running as rootJakob Unterwurzacher
FUSE filesystems are mounted with "nodev" by default. If we run as root, we can use device files by passing the opposite mount option, "dev". Fixes xfstests generic/184.
2016-06-26fusefronted: preserve owner if running as rootJakob Unterwurzacher
If allow_other is set and we run as root, try to give newly created files to the right user.
2016-06-26fuserfrontend: support truncate(2) by wrapping ftruncate(2)Jakob Unterwurzacher
Support truncate(2) by opening the file and calling ftruncate(2) While the glibc "truncate" wrapper seems to always use ftruncate, fsstress from xfstests uses this a lot by calling "truncate64" directly.
2016-06-26tests: add missing file "example_test_helpers.go"Jakob Unterwurzacher
This file was forgotten in commit "tests: make tests for unsupported FSs more compact".
2016-06-23README: fix copy-paste errorJakob Unterwurzacher
2016-06-23README: Note that v0.6 filesystems can no longer be mountedJakob Unterwurzacher
2016-06-23Drop deprecated "-gcmiv128" optionJakob Unterwurzacher
The GCMIV128 feature flag is already mandatory, dropping the command line option is the final step. Completes https://github.com/rfjakob/gocryptfs/issues/29 .
2016-06-23tests: make tests for unsupported FSs more compactJakob Unterwurzacher
There is no need to test that deprecated command-line options produce an error. I trust the flags package. Also split the example_filesystem helper functions into a separate file.
2016-06-23Drop deprecated "-emenames" optionJakob Unterwurzacher
The EMENames feature flag is already mandatory, dropping the command line option is the final step.
2016-06-23nametransform: drop unused noiv functionsJakob Unterwurzacher
As DirIV is now mandatory there is no user for the noiv functions.
2016-06-23Drop deprecated "-diriv" optionJakob Unterwurzacher
The DirIV feature flag is already mandatory, dropping the command line option is the final step.
2016-06-23tests: add v0.7-plaintextnames example filesystemJakob Unterwurzacher
The v0.6-plaintextnames example FS lacks the GCMIV128 feature flag, is no longer mountable and can no longer be used for testing. Add a new "-plaintextnames" filesystem created by gocryptfs v0.7. There have been no format changes to "-plaintextnames" since then.
2016-06-19build.bash: check if the go-fuse tree is dirtyJakob Unterwurzacher
If it is, append "-dirty" to the hash.
2016-06-19tests: expect mount failure for v0.6 and older example filesystemsJakob Unterwurzacher
2016-06-19Refuse mounting of v0.6 and older filesystemsJakob Unterwurzacher
2016-06-19main: drop "on-disk format" from -version output, add Go versionJakob Unterwurzacher
As v0.4 introduced ext4-style feature flags, the on-disk format version is unlinkely to change. Drop it from the version output to reduce clutter. Use "gocryptfs -version -debug" to see it. Add the Go version string because only Go 1.6 and newer have an optimized AES-GCM implementation. This will help users to understand the performance of their build.
2016-06-19README: abbreviate ticket #29 linkJakob Unterwurzacher
2016-06-19README: release v0.12v0.12Jakob Unterwurzacher
2016-06-19travis: skip tests on go1.3.3Jakob Unterwurzacher
Go 1.3.3 does not support testing.M, so skip the tests there.
2016-06-16README: mention stdin passwordsJakob Unterwurzacher
2016-06-16README: list changes for v0.12 but don't add release dateJakob Unterwurzacher
The release of v0.12 is delayed to give people more time to upgrade using "mv" or "rsync --remove-source-files".
2016-06-16tests: adapt for read-only operationJakob Unterwurzacher
The v0.6 and older example filesystem are mounted read-only because they are deprecated, so skip the read-write tests.
2016-06-16Mount v0.6 and older filesystems as read-onlyJakob Unterwurzacher
This is part of the phase-out of very old filesystems. See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for more info.
2016-06-16tests: update config_test example filesJakob Unterwurzacher
Recreate the files so they carry all feature flags. Also, create them with "-scryptn 10" to speed up the tests.
2016-06-16tests: exit with correct error code from TestMainJakob Unterwurzacher
extpass_test and example_filesystems_test did it wrong, always returning 0.
2016-06-16Add "-ro" (read-only) flagJakob Unterwurzacher
From the man page: **-ro** : Mount the filesystem read-only Also add a test.
2016-06-16tests: add InitFS helperJakob Unterwurzacher
2016-06-16readpassword: clean up leftover debug commitJakob Unterwurzacher
2016-06-16Rename nametransform, contentenc source filesJakob Unterwurzacher
Let's have shorter names, and merge *_api.go into the "main" file. No code changes.
2016-06-15Rename internal "toggledlog" package to "tlog"Jakob Unterwurzacher
tlog is used heavily everywhere and deserves a shorter name. Renamed using sed magic, without any manual rework: find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
2016-06-15toggledlog: assume command of color handlingJakob Unterwurzacher
We want to use colored error messages also outside of main, so let's handle it in the logging package. The fatal logger now automatically prints red.