| Age | Commit message (Collapse) | Author | 
|---|
|  |  | 
|  | Fixes https://github.com/rfjakob/gocryptfs/issues/930 | 
|  |  | 
|  |  | 
|  | Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com>
Add staticcheck to test.bash for continuous static analysis
Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com>
Fix nil pointer dereference in timesToTimespec function
The previous fix for deprecated fuse.UtimeToTimespec caused a panic
because unix.TimeToTimespec doesn't handle nil pointers. This fix
properly handles nil pointers by using unix.UTIME_OMIT while still
using the non-deprecated unix.TimeToTimespec function.
Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com>
Undo SA6002 changes and add staticcheck ignore directive instead
Co-authored-by: rfjakob <286847+rfjakob@users.noreply.github.com> | 
|  | Tool-assisted. | 
|  | Before:
	./vendor/golang.org/x/sys/unix/syscall_linux.go:	return syscall.Setuid(uid)
	./vendor/golang.org/x/sys/unix/syscall_linux.go:	return syscall.Setgid(gid)
	./vendor/golang.org/x/sys/unix/syscall_linux.go:	return syscall.Setreuid(ruid, euid)
	./vendor/golang.org/x/sys/unix/syscall_linux.go:	return syscall.Setregid(rgid, egid)
	./vendor/golang.org/x/sys/unix/syscall_linux.go:	return syscall.Setresuid(ruid, euid, suid)
	./vendor/golang.org/x/sys/unix/syscall_linux.go:	return syscall.Setresgid(rgid, egid, sgid)
	test.bash: This affects the whole process. Please use the syscallcompat wrappers instead.
After: clean
https://github.com/rfjakob/gocryptfs/issues/930 | 
|  | golint is dead since 2021 | 
|  |  | 
|  |  | 
|  |  | 
|  | Will be used soon in a new gitignore test.
Relates-to: https://github.com/rfjakob/gocryptfs/issues/927 | 
|  | Apparently, the check does not work on some distributions,
notably Ubuntu 24.04. On Ubuntu 24.04, ldd exits with 0
(success) even when run against a static binary.
Even "ld.so --verify" returns 0, and "file" output
is indistinguishable for static and dynamic builds.
We could go for objdump or readelf, but this is not
installed per default.
Just drop the check. By now, I trust that CGO_ENABLED=0
will always build a static binary.
Fixes https://github.com/rfjakob/gocryptfs/issues/926 | 
|  | git test suite t9300-fast-import.sh test 245 does the equivalent of this:
	mkfifo fifo
	exec 8<>fifo
	rm fifo
	cat /dev/null >&8
This used to fail with
	cat: standard output: No such file or directory
because cat tries to fstat stdout.
The open() on the fifo does not reach the filesystem, so we don't
have an fd open for the delted file, hence no way to access it.
Fake fstat success as good as we can to make cat happy.
Fixes https://github.com/rfjakob/gocryptfs/issues/929 | 
|  |  | 
|  | Fixes https://github.com/rfjakob/gocryptfs/issues/783 | 
|  | $ make root_test
	[...]
	=== RUN   TestRootForceOwner
	    root_test.go:398: mkdir /var/tmp/gocryptfs-test-parent-0/3816769547/TestRootForceOwner.2366169656.mnt/dir1: permission denied
	    root_test.go:408: open /var/tmp/gocryptfs-test-parent-0/3816769547/TestRootForceOwner.2366169656.mnt/file1: permission denied
	    root_test.go:415: mknod: permission denied
	--- FAIL: TestRootForceOwner (0.04s)
https://github.com/rfjakob/gocryptfs/issues/783 | 
|  | Also mention that empty files are stored empty. | 
|  | This pulls in
	https://github.com/aperturerobotics/jacobsa-crypto/commit/e3f78416c5c1dbdfef68c84d62a97a809a94f4dd
	"fix build error on loong64 (#8)"
and fixes this build error on loong64:
	$ GOARCH=loong64 go build -tags without_openssl
	# github.com/aperturerobotics/jacobsa-crypto/cmac
	../../go/pkg/mod/github.com/aperturerobotics/jacobsa-crypto@v1.0.2/cmac/hash.go:97:3: undefined: xorBlock | 
|  | https://github.com/rfjakob/gocryptfs/discussions/918 | 
|  |  | 
|  | Without this message, fsstress-gocryptfs.bash seems to just hang after Ctrl-C. | 
|  | The new api guarantees that the value is aligned, preventing
stuff like this on 32 bit platforms:
	goroutine 26 [running]:
	internal/runtime/atomic.panicUnaligned()
		/usr/lib/go-1.24/src/internal/runtime/atomic/unaligned.go:8 +0x24
	internal/runtime/atomic.Xadd64(0x2496c74, 0x1)
		/usr/lib/go-1.24/src/internal/runtime/atomic/atomic_arm.s:318 +0x14
	github.com/rfjakob/gocryptfs/internal/inomap.(*InoMap).NextSpillIno(0x2496c60)
Fixes https://github.com/rfjakob/gocryptfs/issues/912 | 
|  |  | 
|  | Error was:
+ go test -c -tags without_openssl -o /dev/null github.com/rfjakob/gocryptfs/v2/tests/defaults
Error: tests/defaults/main_test.go:532:17: undefined: unix.Getdents
Error: tests/defaults/main_test.go:538:16: undefined: unix.Getdents
Error: tests/defaults/main_test.go:549:16: undefined: unix.Getdents | 
|  | go-fuse 2.6.0, specifically,
https://github.com/hanwen/go-fuse/commit/e885cea8d4d40a5a9bb92bc3cef7193f2a316f59
introduced a new, file-based directory API while
deprecating the old one.
Switch to the new API.
xfstests generic/035 now passes.
Fixes https://github.com/hanwen/go-fuse/issues/55 | 
|  | Done using: go get -u github.com/hanwen/go-fuse/v2@master
Upgrading to master because I want
https://github.com/hanwen/go-fuse/commit/216e54932a48254d949871bf07f58d48f5046ec2
and
https://github.com/hanwen/go-fuse/commit/d6170d09d743644ccf6099744e5bad1d2c3e552f
which are not released yet.
Fixes TestSeekDir. | 
|  | Done using: go get -u github.com/hanwen/go-fuse/v2
As expected, this breaks TestSeekDir:
gocryptfs/tests/defaults$ go test -run TestSeekDir
test_helpers: warning: testParentDir "/tmp/gocryptfs-test-parent-1026" does not reside on ext4, we will miss failures caused by ino reuse
--- FAIL: TestSeekDir (0.00s)
    main_test.go:536: 1st getdents returned 288 bytes
    main_test.go:542: 2nd getdents returned 0 bytes
    main_test.go:551: operation not supported
FAIL
exit status 1
FAIL	github.com/rfjakob/gocryptfs/v2/tests/defaults	0.030s | 
|  | Acc. to the commit message,
https://github.com/hanwen/go-fuse/commit/0d1228a39dd49c83c8b7c30dec7928f5d7d84cc0
break seeking in directories. This commit appears in go-fuse v2.6.0. | 
|  | Set the SELinux context. See mount(8) for details. | 
|  |  | 
|  |  | 
|  | As seen in https://github.com/rfjakob/gocryptfs/issues/908,
there are users still running x86-64-v1 cpus. They get
	This program can only be run on AMD64 processors
	with v2 microarchitecture support.
and cannot read their encrypted files.
Build for AMD64v1 again an accept the XChaCha20 performance hit for
for some cpus ( https://github.com/golang/go/issues/67240 ).
This reverts commit f5007b28c366d1a9671146710975679a154f30f8.
Related:
https://github.com/rfjakob/gocryptfs/issues/828
https://github.com/rfjakob/gocryptfs/pull/833
https://github.com/apptainer/apptainer/issues/2873
https://github.com/golang/go/issues/67240 | 
|  | The days of GOPATH are over. Also, use the fsstress path
that "sudo make install" in xfstests uses per default. | 
|  |  | 
|  | This file was only compiled for arm because
(  https://pkg.go.dev/cmd/go#hdr-Build_constraints ):
	If a file's
	name, after stripping the extension and a possible _test suffix,
	matches any of the following patterns:
	*_GOOS
	*_GOARCH
	*_GOOS_GOARCH
	(example: source_windows_amd64.go) where GOOS and GOARCH
	represent any known operating system and architecture values
	respectively, then the file is considered to have an implicit
	build constraint requiring those terms (in addition to any
	explicit constraints in the file).
Error was:
	+ GOOS=linux
	+ GOARCH=386
	+ build
	+ go build -tags without_openssl -o /dev/null
	# github.com/rfjakob/gocryptfs/v2/internal/syscallcompat
	Error: internal/syscallcompat/asuser_linux.go:41:8: undefined: Setregid
	Error: internal/syscallcompat/asuser_linux.go:47:8: undefined: Setreuid
	Error: internal/syscallcompat/thread_credentials_linux.go:29:10: undefined: setgroups
	Error: internal/syscallcompat/thread_credentials_linux.go:36:9: undefined: setgroups
	Error: internal/syscallcompat/thread_credentials_linux.go:49:9: undefined: Setregid
	Error: internal/syscallcompat/thread_credentials_linux.go:57:9: undefined: Setreuid
Rename the file to fix the problem. And add a comment about why this file exists.
Fixes https://github.com/rfjakob/gocryptfs/issues/907 | 
|  | https://github.com/rfjakob/gocryptfs/issues/907 | 
|  | The old link says:
> The Go wiki on GitHub has moved to go.dev (#61940).
>
> Try https://go.dev/wiki/GoArm | 
|  |  | 
|  | Because if we have them in git, we get this:
	$ go install github.com/rfjakob/gocryptfs/v2@latest
	go: downloading github.com/rfjakob/gocryptfs/v2 v2.5.2
	go: github.com/rfjakob/gocryptfs/v2@latest: create zip: tests/fsck/malleable_base64/27AG8t-XZH7G9ou2OSD_z
	g: malformed file path "tests/fsck/malleable_base64/27AG8t-XZH7G9ou2OSD_z\ng": invalid char '\n'
	g: malformed file path "tests/fsck/malleable_base64/27AG8t-XZH7G9ou2OSD_z\rg": invalid char '\r'
Fixes: https://github.com/rfjakob/gocryptfs/issues/904
Relates-to: https://github.com/golang/go/issues/28001 | 
|  | Essentially a port of
https://github.com/hanwen/go-fuse/commit/531a68551e40e7303e94b53fb3792e6dfb28d15a .
This fixes
	panic: interface conversion: *fs.dirStreamAsFile is not fs.FileGetattrer: missing method Getattr
	goroutine 20 [running]:
	github.com/rfjakob/gocryptfs/v2/internal/fusefrontend.(*Node).Getattr(0x55a7ac9d9090?, {0x55a7ac85a4d8, 0xc0013401c8}, {0x55a7ac80eb40?, 0xc0013401b0}, 0xc000586938)
		github.com/rfjakob/gocryptfs/v2/internal/fusefrontend/node.go:74 +0x22c
	github.com/hanwen/go-fuse/v2/fs.(*rawBridge).getattr(0xc0000b6180, {0x55a7ac85a4d8, 0xc0013401c8}, 0xc0010ea160, {0x55a7ac80eb40?, 0xc0013401b0}, 0xc000586938)
		github.com/hanwen/go-fuse/v2@v2.7.2/fs/bridge.go:569 +0x9b
	[...]
which is a bug exposed by a go-fuse update.
Fixes https://github.com/rfjakob/gocryptfs/issues/897 | 
|  | GO111MODULE is default on with Go 1.16, same version that gained
darwin/arm64 support.
We only support Go 1.19 and up, so drop the kludges. | 
|  |  | 
|  | https://github.com/rfjakob/gocryptfs/issues/893 | 
|  | go-libaegis does not support Go 1.18, Ubuntu 22.04 is old,
drop it. | 
|  | We have been getting
        /usr/bin/fusermount3: too many FUSE filesystems mounted; mount_max=N can be set in /etc/fuse.conf
        fs.Mount failed: fusermount exited with code 256
every now and then. I wonder why that is. | 
|  | I did NOT upgrade to x/crypto@v0.35.0 yet because this
requires go 1.23.0
(https://go.googlesource.com/crypto/+/89ff08d67c4d79f9ac619aaf1f7388888798651f)
and our github workflow tests go 1.18.x and newer. | 
|  | Now that we have our own wrappers for Setreuid and friends, we can upgrade.
$ go get golang.org/x/sys
go: upgraded golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a => v0.30.0
$ go mod tidy | 
|  |  | 
|  | x/sys v0.1.0 (https://github.com/golang/sys/commit/d0df966e6959f00dc1c74363e537872647352d51)
breaks our usecase. Switch to our own wrappers.
Relates-to: https://github.com/rfjakob/gocryptfs/issues/892
Relates-to: https://github.com/rfjakob/gocryptfs/issues/893 |