summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-09main: add "-passfile" optionJakob Unterwurzacher
Make it easier to read the password from a file. Internally this is equivalent to "-extpass /bin/cat FILE".
2016-10-09main: ignore options rw, nosuid, nodev.Jakob Unterwurzacher
When called from mount, we always get either "suid" or "nosuid". As "nosuid" is the default, just ignore the options. Same for the other options.
2016-10-09main: also accept options at the end via "-o"Jakob Unterwurzacher
For compatability with mount(1), options are also accepted as "-o COMMA-SEPARATED-OPTIONS" at the end of the command line. For example, "-o q,zerokey" is equivalent to "-q -zerokey".
2016-10-09main: rename "-o" option to "-ko"Jakob Unterwurzacher
This prevents confusion with the "-o" options that is passed by mount(1) at the end of the command line.
2016-10-09main: init: handle spaces in mount suggestion messageJakob Unterwurzacher
Before: You can now mount it using: gocryptfs a x MOUNTPOINT After: You can now mount it using: gocryptfs "a x" MOUNTPOINT This is still not bulletproof but should handle the common case of having a space in the directory name. After all, it's only a suggestion.
2016-10-09main: friendlier error message on wrong number of argumentsJakob Unterwurzacher
Before: Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT After: Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg" Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
2016-10-09reverse: add panics against API abuseJakob Unterwurzacher
These should help prevent later programming errors.
2016-10-09README: reverse mode is ticket #19, not #34Jakob Unterwurzacher
2016-10-09Update Changelog for v1.1-rc1v1.1-rc1Jakob Unterwurzacher
2016-10-09contrib: pam_mount: check if something is already mounted on DSTJakob Unterwurzacher
pam_mount is supposed to check that as well, but it seems to get confused by the "command#path" syntax used for FUSE. Let's do it here.
2016-10-09tests: add test for "mountpoint shadows cipherdir" logicJakob Unterwurzacher
2016-10-08main: fix shadow detection logicJakob Unterwurzacher
This fired incorrectly: Mountpoint "/home/testuser" would shadow cipherdir "/home/testuser.cipher", this is not supported
2016-10-08LICENSE: add full nameJakob Unterwurzacher
2016-10-08contrib: pam_mount: add instructions for whole-home-dir encryptionJakob Unterwurzacher
2016-10-08contrib: pam_mount: add documentation and wrapperJakob Unterwurzacher
See ticket #34
2016-10-08reverse: gocryptfs.conf was missing from the directory listingsJakob Unterwurzacher
Fix the test for that and add checks in example_filesystems_test.
2016-10-08tests: unmount leftover filesystems before starting the testsJakob Unterwurzacher
A panic during the tests can leave mounted filesystems behind.
2016-10-08tests: add v1.1-reverse-plaintextnames example filesystemJakob Unterwurzacher
2016-10-08tests: add v1.1-reverse example filesystemJakob Unterwurzacher
2016-10-08tests: add v1.1-aessiv example filesystemJakob Unterwurzacher
Also move the example content into "content".
2016-10-08reverse: merge config translation check into isTranslatedConfigJakob Unterwurzacher
Also get rid of useless isFiltered function.
2016-10-08reverse: make gocryptfs.conf mapping plaintextnames-awareJakob Unterwurzacher
Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that.
2016-10-08tests: pass "-nosyslog"Jakob Unterwurzacher
We want to see panics and warnings on the console
2016-10-08tests: invert ResetTmpDir argumentJakob Unterwurzacher
As reverse also does not want a diriv file, the "plaintextNames" argument became a misnomer.
2016-10-08tests: matrix: have the testcase struct as a global variableJakob Unterwurzacher
Future tests will need more info about the running test case.
2016-10-08tests: matrix: convert to table-based styleJakob Unterwurzacher
And add AES-SIV
2016-10-08main: error out when the mount shadows the cipherdirJakob Unterwurzacher
For example, we cannot mount "/home/user/.cipher" at "/home/user" because the mount will hide ".cipher" also for us. Doing it anyway used to cause a nasty hang.
2016-10-08main: split doMount into its own fileJakob Unterwurzacher
Ongoing effort to reduce the size of main().
2016-10-08main: check if the config file can opened before prompting for passwordJakob Unterwurzacher
This was frustrating: $ gocryptfs a b Password: Decrypting master key open a/gocryptfs.conf: permission denied
2016-10-07MANPAGE: note that "-f" implies "-nosyslog"Jakob Unterwurzacher
Also explain why AES-SIV exists.
2016-10-07main: daemonize more thoroughlyJakob Unterwurzacher
As described at http://software.clapper.org/daemonize/ , a daemon should chdir to / and close its FDs.
2016-10-07nametransform: better error code on invalid diriv lengthJakob Unterwurzacher
go-fuse translates errors unknown to it into "function not implemented", which is wrong in this case.
2016-10-07main: clarify nosyslog code pathJakob Unterwurzacher
Split the block up and add a comment why notifypid is important.
2016-10-06main: add "-nonempty" optionJakob Unterwurzacher
2016-10-05reverse: initialize the longname cache only when reverse mode is usedJakob Unterwurzacher
Gets rid of the idling longnameCacheCleaner thread in "normal" mode.
2016-10-04A few more lint fixesJakob Unterwurzacher
2016-10-04lint fixesValient Gough
2016-10-04tests: skip "go tool vet" if the command is not availableJakob Unterwurzacher
"vet" is not availably by default on Go 1.4.
2016-10-04tests: drop Go 1.3.3 from Travis testingJakob Unterwurzacher
Does not support testing.M, which means we cannot run the test suite, which means we cannot claim to support it at all.
2016-10-04tests: skip tests with -openssl=false on Go 1.4 and lowerJakob Unterwurzacher
Go versions 1.4 and lower lack NewGCMWithNonceSize(), which causes a panic in the test.
2016-10-04tests: enable FUSE tests on Travis CIJakob Unterwurzacher
2016-10-04tests: symlink to "/" instead of "/etc/motd"Jakob Unterwurzacher
This file does not exist on all systems, causing spurious test failures. See #40, #43
2016-10-04tests: fallocate: skip some disk usage checks on btrfsJakob Unterwurzacher
The expected allocated sizes are verified for tmpfs and ext4. btrfs gives different results, but that's not an error. Also, simplify test_helpers.Du and several code paths. Fixes #43.
2016-10-04fusefrontend_reverse cast Stat_t.Dev to uint64 (#44)Romain
The [Stat_t.Dev](https://golang.org/pkg/syscall/#Stat_t) docs say `Dev` is a `unit64`, but on [macOS amd64](https://golang.org/src/syscall/ztypes_darwin_amd64.go) it's an `int32`.
2016-10-04maxlen.bash: result was 1 too highJakob Unterwurzacher
Additionally, output 0 instead of 7 on permission errors.
2016-10-04without_openssl: support compiling completely without opensslJakob Unterwurzacher
Build helper script: build-without-openssl.bash
2016-10-04cryptocore: rename "gcm" variable to generic "aeadCipher"Jakob Unterwurzacher
As we now also support AES-SIV the old name is no longer correct.
2016-10-04cryptocore: derive 512-bit key for AES-SIVJakob Unterwurzacher
AES-SIV uses 1/2 of the key for authentication, 1/2 for encryption, so we need a 64-byte key for AES-256. Derive it from the master key by hashing it with SHA-512.
2016-10-03siv_aead: Overhead is always 16Jakob Unterwurzacher
Add a test for that. Also test operations using a 64-byte key.
2016-09-29xray: print block offsetsJakob Unterwurzacher