Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-10-09 | main: add "-passfile" option | Jakob Unterwurzacher | |
Make it easier to read the password from a file. Internally this is equivalent to "-extpass /bin/cat FILE". | |||
2016-10-09 | main: ignore options rw, nosuid, nodev. | Jakob Unterwurzacher | |
When called from mount, we always get either "suid" or "nosuid". As "nosuid" is the default, just ignore the options. Same for the other options. | |||
2016-10-09 | main: also accept options at the end via "-o" | Jakob Unterwurzacher | |
For compatability with mount(1), options are also accepted as "-o COMMA-SEPARATED-OPTIONS" at the end of the command line. For example, "-o q,zerokey" is equivalent to "-q -zerokey". | |||
2016-10-09 | main: rename "-o" option to "-ko" | Jakob Unterwurzacher | |
This prevents confusion with the "-o" options that is passed by mount(1) at the end of the command line. | |||
2016-10-09 | main: init: handle spaces in mount suggestion message | Jakob Unterwurzacher | |
Before: You can now mount it using: gocryptfs a x MOUNTPOINT After: You can now mount it using: gocryptfs "a x" MOUNTPOINT This is still not bulletproof but should handle the common case of having a space in the directory name. After all, it's only a suggestion. | |||
2016-10-09 | main: friendlier error message on wrong number of arguments | Jakob Unterwurzacher | |
Before: Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT After: Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg" Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT | |||
2016-10-09 | reverse: add panics against API abuse | Jakob Unterwurzacher | |
These should help prevent later programming errors. | |||
2016-10-09 | README: reverse mode is ticket #19, not #34 | Jakob Unterwurzacher | |
2016-10-09 | Update Changelog for v1.1-rc1v1.1-rc1 | Jakob Unterwurzacher | |
2016-10-09 | contrib: pam_mount: check if something is already mounted on DST | Jakob Unterwurzacher | |
pam_mount is supposed to check that as well, but it seems to get confused by the "command#path" syntax used for FUSE. Let's do it here. | |||
2016-10-09 | tests: add test for "mountpoint shadows cipherdir" logic | Jakob Unterwurzacher | |
2016-10-08 | main: fix shadow detection logic | Jakob Unterwurzacher | |
This fired incorrectly: Mountpoint "/home/testuser" would shadow cipherdir "/home/testuser.cipher", this is not supported | |||
2016-10-08 | LICENSE: add full name | Jakob Unterwurzacher | |
2016-10-08 | contrib: pam_mount: add instructions for whole-home-dir encryption | Jakob Unterwurzacher | |
2016-10-08 | contrib: pam_mount: add documentation and wrapper | Jakob Unterwurzacher | |
See ticket #34 | |||
2016-10-08 | reverse: gocryptfs.conf was missing from the directory listings | Jakob Unterwurzacher | |
Fix the test for that and add checks in example_filesystems_test. | |||
2016-10-08 | tests: unmount leftover filesystems before starting the tests | Jakob Unterwurzacher | |
A panic during the tests can leave mounted filesystems behind. | |||
2016-10-08 | tests: add v1.1-reverse-plaintextnames example filesystem | Jakob Unterwurzacher | |
2016-10-08 | tests: add v1.1-reverse example filesystem | Jakob Unterwurzacher | |
2016-10-08 | tests: add v1.1-aessiv example filesystem | Jakob Unterwurzacher | |
Also move the example content into "content". | |||
2016-10-08 | reverse: merge config translation check into isTranslatedConfig | Jakob Unterwurzacher | |
Also get rid of useless isFiltered function. | |||
2016-10-08 | reverse: make gocryptfs.conf mapping plaintextnames-aware | Jakob Unterwurzacher | |
Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that. | |||
2016-10-08 | tests: pass "-nosyslog" | Jakob Unterwurzacher | |
We want to see panics and warnings on the console | |||
2016-10-08 | tests: invert ResetTmpDir argument | Jakob Unterwurzacher | |
As reverse also does not want a diriv file, the "plaintextNames" argument became a misnomer. | |||
2016-10-08 | tests: matrix: have the testcase struct as a global variable | Jakob Unterwurzacher | |
Future tests will need more info about the running test case. | |||
2016-10-08 | tests: matrix: convert to table-based style | Jakob Unterwurzacher | |
And add AES-SIV | |||
2016-10-08 | main: error out when the mount shadows the cipherdir | Jakob Unterwurzacher | |
For example, we cannot mount "/home/user/.cipher" at "/home/user" because the mount will hide ".cipher" also for us. Doing it anyway used to cause a nasty hang. | |||
2016-10-08 | main: split doMount into its own file | Jakob Unterwurzacher | |
Ongoing effort to reduce the size of main(). | |||
2016-10-08 | main: check if the config file can opened before prompting for password | Jakob Unterwurzacher | |
This was frustrating: $ gocryptfs a b Password: Decrypting master key open a/gocryptfs.conf: permission denied | |||
2016-10-07 | MANPAGE: note that "-f" implies "-nosyslog" | Jakob Unterwurzacher | |
Also explain why AES-SIV exists. | |||
2016-10-07 | main: daemonize more thoroughly | Jakob Unterwurzacher | |
As described at http://software.clapper.org/daemonize/ , a daemon should chdir to / and close its FDs. | |||
2016-10-07 | nametransform: better error code on invalid diriv length | Jakob Unterwurzacher | |
go-fuse translates errors unknown to it into "function not implemented", which is wrong in this case. | |||
2016-10-07 | main: clarify nosyslog code path | Jakob Unterwurzacher | |
Split the block up and add a comment why notifypid is important. | |||
2016-10-06 | main: add "-nonempty" option | Jakob Unterwurzacher | |
2016-10-05 | reverse: initialize the longname cache only when reverse mode is used | Jakob Unterwurzacher | |
Gets rid of the idling longnameCacheCleaner thread in "normal" mode. | |||
2016-10-04 | A few more lint fixes | Jakob Unterwurzacher | |
2016-10-04 | lint fixes | Valient Gough | |
2016-10-04 | tests: skip "go tool vet" if the command is not available | Jakob Unterwurzacher | |
"vet" is not availably by default on Go 1.4. | |||
2016-10-04 | tests: drop Go 1.3.3 from Travis testing | Jakob Unterwurzacher | |
Does not support testing.M, which means we cannot run the test suite, which means we cannot claim to support it at all. | |||
2016-10-04 | tests: skip tests with -openssl=false on Go 1.4 and lower | Jakob Unterwurzacher | |
Go versions 1.4 and lower lack NewGCMWithNonceSize(), which causes a panic in the test. | |||
2016-10-04 | tests: enable FUSE tests on Travis CI | Jakob Unterwurzacher | |
2016-10-04 | tests: symlink to "/" instead of "/etc/motd" | Jakob Unterwurzacher | |
This file does not exist on all systems, causing spurious test failures. See #40, #43 | |||
2016-10-04 | tests: fallocate: skip some disk usage checks on btrfs | Jakob Unterwurzacher | |
The expected allocated sizes are verified for tmpfs and ext4. btrfs gives different results, but that's not an error. Also, simplify test_helpers.Du and several code paths. Fixes #43. | |||
2016-10-04 | fusefrontend_reverse cast Stat_t.Dev to uint64 (#44) | Romain | |
The [Stat_t.Dev](https://golang.org/pkg/syscall/#Stat_t) docs say `Dev` is a `unit64`, but on [macOS amd64](https://golang.org/src/syscall/ztypes_darwin_amd64.go) it's an `int32`. | |||
2016-10-04 | maxlen.bash: result was 1 too high | Jakob Unterwurzacher | |
Additionally, output 0 instead of 7 on permission errors. | |||
2016-10-04 | without_openssl: support compiling completely without openssl | Jakob Unterwurzacher | |
Build helper script: build-without-openssl.bash | |||
2016-10-04 | cryptocore: rename "gcm" variable to generic "aeadCipher" | Jakob Unterwurzacher | |
As we now also support AES-SIV the old name is no longer correct. | |||
2016-10-04 | cryptocore: derive 512-bit key for AES-SIV | Jakob Unterwurzacher | |
AES-SIV uses 1/2 of the key for authentication, 1/2 for encryption, so we need a 64-byte key for AES-256. Derive it from the master key by hashing it with SHA-512. | |||
2016-10-03 | siv_aead: Overhead is always 16 | Jakob Unterwurzacher | |
Add a test for that. Also test operations using a 64-byte key. | |||
2016-09-29 | xray: print block offsets | Jakob Unterwurzacher | |