aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-09main: also accept options at the end via "-o"Jakob Unterwurzacher
For compatability with mount(1), options are also accepted as "-o COMMA-SEPARATED-OPTIONS" at the end of the command line. For example, "-o q,zerokey" is equivalent to "-q -zerokey".
2016-10-09main: rename "-o" option to "-ko"Jakob Unterwurzacher
This prevents confusion with the "-o" options that is passed by mount(1) at the end of the command line.
2016-10-09main: init: handle spaces in mount suggestion messageJakob Unterwurzacher
Before: You can now mount it using: gocryptfs a x MOUNTPOINT After: You can now mount it using: gocryptfs "a x" MOUNTPOINT This is still not bulletproof but should handle the common case of having a space in the directory name. After all, it's only a suggestion.
2016-10-09main: friendlier error message on wrong number of argumentsJakob Unterwurzacher
Before: Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT After: Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg" Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
2016-10-09reverse: add panics against API abuseJakob Unterwurzacher
These should help prevent later programming errors.
2016-10-09README: reverse mode is ticket #19, not #34Jakob Unterwurzacher
2016-10-09Update Changelog for v1.1-rc1v1.1-rc1Jakob Unterwurzacher
2016-10-09contrib: pam_mount: check if something is already mounted on DSTJakob Unterwurzacher
pam_mount is supposed to check that as well, but it seems to get confused by the "command#path" syntax used for FUSE. Let's do it here.
2016-10-09tests: add test for "mountpoint shadows cipherdir" logicJakob Unterwurzacher
2016-10-08main: fix shadow detection logicJakob Unterwurzacher
This fired incorrectly: Mountpoint "/home/testuser" would shadow cipherdir "/home/testuser.cipher", this is not supported
2016-10-08LICENSE: add full nameJakob Unterwurzacher
2016-10-08contrib: pam_mount: add instructions for whole-home-dir encryptionJakob Unterwurzacher
2016-10-08contrib: pam_mount: add documentation and wrapperJakob Unterwurzacher
See ticket #34
2016-10-08reverse: gocryptfs.conf was missing from the directory listingsJakob Unterwurzacher
Fix the test for that and add checks in example_filesystems_test.
2016-10-08tests: unmount leftover filesystems before starting the testsJakob Unterwurzacher
A panic during the tests can leave mounted filesystems behind.
2016-10-08tests: add v1.1-reverse-plaintextnames example filesystemJakob Unterwurzacher
2016-10-08tests: add v1.1-reverse example filesystemJakob Unterwurzacher
2016-10-08tests: add v1.1-aessiv example filesystemJakob Unterwurzacher
Also move the example content into "content".
2016-10-08reverse: merge config translation check into isTranslatedConfigJakob Unterwurzacher
Also get rid of useless isFiltered function.
2016-10-08reverse: make gocryptfs.conf mapping plaintextnames-awareJakob Unterwurzacher
Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that.
2016-10-08tests: pass "-nosyslog"Jakob Unterwurzacher
We want to see panics and warnings on the console
2016-10-08tests: invert ResetTmpDir argumentJakob Unterwurzacher
As reverse also does not want a diriv file, the "plaintextNames" argument became a misnomer.
2016-10-08tests: matrix: have the testcase struct as a global variableJakob Unterwurzacher
Future tests will need more info about the running test case.
2016-10-08tests: matrix: convert to table-based styleJakob Unterwurzacher
And add AES-SIV
2016-10-08main: error out when the mount shadows the cipherdirJakob Unterwurzacher
For example, we cannot mount "/home/user/.cipher" at "/home/user" because the mount will hide ".cipher" also for us. Doing it anyway used to cause a nasty hang.
2016-10-08main: split doMount into its own fileJakob Unterwurzacher
Ongoing effort to reduce the size of main().
2016-10-08main: check if the config file can opened before prompting for passwordJakob Unterwurzacher
This was frustrating: $ gocryptfs a b Password: Decrypting master key open a/gocryptfs.conf: permission denied
2016-10-07MANPAGE: note that "-f" implies "-nosyslog"Jakob Unterwurzacher
Also explain why AES-SIV exists.
2016-10-07main: daemonize more thoroughlyJakob Unterwurzacher
As described at http://software.clapper.org/daemonize/ , a daemon should chdir to / and close its FDs.
2016-10-07nametransform: better error code on invalid diriv lengthJakob Unterwurzacher
go-fuse translates errors unknown to it into "function not implemented", which is wrong in this case.
2016-10-07main: clarify nosyslog code pathJakob Unterwurzacher
Split the block up and add a comment why notifypid is important.
2016-10-06main: add "-nonempty" optionJakob Unterwurzacher
2016-10-05reverse: initialize the longname cache only when reverse mode is usedJakob Unterwurzacher
Gets rid of the idling longnameCacheCleaner thread in "normal" mode.
2016-10-04A few more lint fixesJakob Unterwurzacher
2016-10-04lint fixesValient Gough
2016-10-04tests: skip "go tool vet" if the command is not availableJakob Unterwurzacher
"vet" is not availably by default on Go 1.4.
2016-10-04tests: drop Go 1.3.3 from Travis testingJakob Unterwurzacher
Does not support testing.M, which means we cannot run the test suite, which means we cannot claim to support it at all.
2016-10-04tests: skip tests with -openssl=false on Go 1.4 and lowerJakob Unterwurzacher
Go versions 1.4 and lower lack NewGCMWithNonceSize(), which causes a panic in the test.
2016-10-04tests: enable FUSE tests on Travis CIJakob Unterwurzacher
2016-10-04tests: symlink to "/" instead of "/etc/motd"Jakob Unterwurzacher
This file does not exist on all systems, causing spurious test failures. See #40, #43
2016-10-04tests: fallocate: skip some disk usage checks on btrfsJakob Unterwurzacher
The expected allocated sizes are verified for tmpfs and ext4. btrfs gives different results, but that's not an error. Also, simplify test_helpers.Du and several code paths. Fixes #43.
2016-10-04fusefrontend_reverse cast Stat_t.Dev to uint64 (#44)Romain
The [Stat_t.Dev](https://golang.org/pkg/syscall/#Stat_t) docs say `Dev` is a `unit64`, but on [macOS amd64](https://golang.org/src/syscall/ztypes_darwin_amd64.go) it's an `int32`.
2016-10-04maxlen.bash: result was 1 too highJakob Unterwurzacher
Additionally, output 0 instead of 7 on permission errors.
2016-10-04without_openssl: support compiling completely without opensslJakob Unterwurzacher
Build helper script: build-without-openssl.bash
2016-10-04cryptocore: rename "gcm" variable to generic "aeadCipher"Jakob Unterwurzacher
As we now also support AES-SIV the old name is no longer correct.
2016-10-04cryptocore: derive 512-bit key for AES-SIVJakob Unterwurzacher
AES-SIV uses 1/2 of the key for authentication, 1/2 for encryption, so we need a 64-byte key for AES-256. Derive it from the master key by hashing it with SHA-512.
2016-10-03siv_aead: Overhead is always 16Jakob Unterwurzacher
Add a test for that. Also test operations using a 64-byte key.
2016-09-29xray: print block offsetsJakob Unterwurzacher
2016-09-29reverse: use per-purpose nonce generationJakob Unterwurzacher
Also pull all the deterministic nonce code into fusefrontend_reverse to greatly simplify the normal code path.
2016-09-28reverse: move newDirIVFile into virtualfile.goJakob Unterwurzacher
After all, is's a virtual file.