Age | Commit message (Collapse) | Author |
|
We now print the number in a debug message, so define
the numeric values explicitely instead of using iota.
This way you don't have to understand how iota works
to find out what the number means. Lack of understanding
of how iota works is also the reason why the numbers
start at 3 (to keep the current behavoir).
|
|
Zero the HKDF-derived keys when we don't need them
anymore, and let the variable run of of scope.
https://github.com/rfjakob/gocryptfs/issues/211
|
|
Having a private copy relieves the caller from worrying about
whether he can zero his copy. The copy can be cleared by
calling Wipe().
|
|
Overwrite the masterkey with zeros once we
have encrypted it, and let it run out of scope.
Also get rid of the password duplicate in
readpassword.Twice.
|
|
Overwrite the password we have got from the user
with zeros once we don't need it anymore, and make
sure the variable runs out of scope.
|
|
This will allows us to overwrite the password
with zeros once we are done with it.
https://github.com/rfjakob/gocryptfs/issues/211
|
|
Also drop the unused int return.
|
|
As soon as we don't need them anymore, overwrite
keys with zeros. Make sure they run out of scope
so we don't create a risk of inadvertedly using
all-zero keys for encryption.
https://github.com/rfjakob/gocryptfs/issues/211
|
|
While reading the code, I had to think about what it
does, so add a comment that explains it.
|
|
As soon as we don't need them anymore, overwrite
keys with zeros and make sure they run out of scope
so we don't create a risk of inadvertedly using all-zero
keys for encryption.
https://github.com/rfjakob/gocryptfs/issues/211
|
|
Relieves the caller from worrying about whether they
can overwrite the key.
|
|
Raise the bar for recovering keys from memory.
https://github.com/rfjakob/gocryptfs/issues/211
|
|
Both fusefrontend and fusefrontend_reverse were doing
essentially the same thing, move it into main's
initFuseFrontend.
A side-effect is that we have a reference to cryptocore
in main, which will help with wiping the keys on exit
(https://github.com/rfjakob/gocryptfs/issues/211).
|
|
Not bulletproof due to possible GC copies, but
still raises to bar for extracting the key.
https://github.com/rfjakob/gocryptfs/issues/211
|
|
What the key slice does not get copied around
will make it possible to check if the key has been wiped.
|
|
|
|
|
|
The test is known to fail on gccgo
(https://github.com/rfjakob/gocryptfs/issues/201), but
getdents emulation is not used on linux, so let's skip
the test and ignore the failure.
|
|
|
|
$ go.gcc build
# github.com/rfjakob/gocryptfs/internal/syscallcompat
internal/syscallcompat/unix2syscall_linux.go:32:13: error: incompatible types in assignment (cannot use type int64 as type syscall.Timespec_sec_t)
s.Atim.Sec = u.Atim.Sec
^
|
|
The man page is rendered on github at
https://github.com/rfjakob/gocryptfs/blob/master/Documentation/MANPAGE.md .
Improve formatting a little.
|
|
For some reason the syscall.NAME_MAX constant does not exist
on gccgo, and it does not hurt us to use unix.NAME_MAX instead.
https://github.com/rfjakob/gocryptfs/issues/201
|
|
On mips64le, syscall.Getdents() and struct syscall.Dirent do
not fit together, causing our Getdents implementation to
return garbage ( https://github.com/rfjakob/gocryptfs/issues/200
and https://github.com/golang/go/issues/23624 ).
Switch to unix.Getdents which does not have this problem -
the next Go release with the syscall package fixes is too
far away, and will take time to trickle into distros.
|
|
|
|
|
|
Due to padding between entries, it is 280 even on 32-bit architectures.
See https://github.com/rfjakob/gocryptfs/issues/197 for details.
|
|
We used to print somewhat strange messages:
Getdents: corrupt entry #1: Reclen=276 > 280. Returning EBADR
Reported at https://github.com/rfjakob/gocryptfs/issues/197
|
|
README: add missing word
|
|
We don't actually print that warning anymore.
|
|
syscall.ParseDirent only returns the NAMES, we want
everything.
|
|
Also update the v1.4.3 release date to today.
The release was delayed one day.
|
|
|
|
|
|
|
|
We needed a newer version of x/sys/unix to compile,
and we want the fixes in go-fuse.
|
|
As reported in https://github.com/rfjakob/gocryptfs/issues/194 ,
OSXFuse creates the mountpoint if it does not exist.
|
|
Was unclear for new users - see https://github.com/rfjakob/gocryptfs/issues/194
|
|
Makes it robust against symlink races.
Final piece, closes https://github.com/rfjakob/gocryptfs/issues/165
|
|
Protects findLongnameParent against symlink races.
Also add comments to several functions along the way.
Reported at https://github.com/rfjakob/gocryptfs/issues/165
|
|
gocryptfs.longname.XXX files were considered magic in PlaintextNames
mode, which was wrong.
Fix that and add tests.
Fixes https://github.com/rfjakob/gocryptfs/issues/174
|
|
|
|
OSXFuse automatically creates the mountpoint if it is
below /Volumes because this would require root permissions
which the user might not have.
Reported at https://github.com/rfjakob/gocryptfs/issues/194
|
|
Provide basic man page for xray tool
|
|
|
|
To be able to check out an older version and create
a tarball from it, let `git archive` operate on HEAD.
This used to be broken in a bad way: we use `git describe`
which operates on HEAD to name the tarball, but always archived
HEAD.
|
|
We used to only create a source + dependecies tarball,
but having a source-only tarball makes packaging deb/rpm
easier.
|
|
|
|
In PlaintextNames mode the "gocryptfs.longname." prefix does not have any
special meaning.
https://github.com/rfjakob/gocryptfs/issues/174
|
|
https://github.com/rfjakob/gocryptfs/commit/f0e29d9b90b63d5fbe4164161ecb0e1035bb4af4#diff-86b7f3262ae352959ee0e04cccaac1b0 added an extra line.
|
|
Also get rid of the defer - it is not really necessary here.
|