summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-03-05configfile: disable Raw64 for nowJakob Unterwurzacher
Raw64 is supported (but was disabled by default) since gocryptfs v1.2. However, the implementation was buggy because it forgot about long names and symlinks. Disable it for now by default and enable it later, together with HKDF.
2017-03-05nametransform: fix Raw64 not affecting symlink targetsJakob Unterwurzacher
The symlink functions incorrectly hardcoded the padded base64 variant.
2017-03-05nametransform: fix Raw64 not affecting longnamesJakob Unterwurzacher
HashLongName() incorrectly hardcoded the call to base64.URLEncoding.
2017-03-05full stack: implement HKDF supportJakob Unterwurzacher
...but keep it disabled by default for new filesystems. We are still missing an example filesystem and CLI arguments to explicitely enable and disable it.
2017-03-05configfile: reject the "HKDF" flag for nowJakob Unterwurzacher
This will be re-enabled once it is implemented.
2017-03-05configfile: switch on Raw64 by defaultJakob Unterwurzacher
As we have dropped Go 1.4 compatibility already, and will add a new feature flag for gocryptfs v1.3 anyway, this is a good time to enable Raw64 as well.
2017-03-05configfile: switch to 128-bit IVs for master key encryptionJakob Unterwurzacher
There is no security reason for doing this, but it will allow to consolidate the code once we drop compatibility with gocryptfs v1.2 (and earlier) filesystems.
2017-03-05README: fix "compatibility" typoJakob Unterwurzacher
2017-03-05Drop Go 1.4 compatability code everywhereJakob Unterwurzacher
Yields a nice reduction in code size.
2017-03-05README: drop Go 1.4 compatability for gocryptfs v1.3Jakob Unterwurzacher
Also drop Go 1.4 from Travis CI and update other Go versions to latest point release.
2017-03-05cryptocore: rename "BackendTypeEnum" -> "AEADTypeEnum"Jakob Unterwurzacher
There are two independent backends, one for name encryption, the other one, AEAD, for file content. "BackendTypeEnum" only applies to AEAD (file content), so make that clear in the name.
2017-03-05cryptocore: use eme v1.1 interfaceJakob Unterwurzacher
Version 1.1 of the EME package (github.com/rfjakob/eme) added a more convenient interface. Use it. Note that you have to upgrade your EME package (go get -u)!
2017-03-05tests: stop calling t.Fatal from example_test_helpersJakob Unterwurzacher
Calling t.Fatal immeadiately aborts the test, which means the filesystem will not get unmounted, which means test.bash will hang.
2017-03-05test.bash: execute build-without-openssl.bash instead of sourcing itJakob Unterwurzacher
Sourcing the script breaks the "cd $(dirname $0)" logic in build-without-openssl.bash.
2017-03-05configfile: define HKDF flagJakob Unterwurzacher
2017-03-02fusefrontend: when chown'ing a directory, also chown its dirivJakob Unterwurzacher
When filename encryption is active, every directory contains a "gocryptfs.diriv" file. This file should also change the owner. Fixes https://github.com/rfjakob/gocryptfs/issues/86
2017-03-02main: get rid of third open paniclog fdJakob Unterwurzacher
We have it saved in Stderr and Stdout anyway, let's free this fd number.
2017-03-01CLI_ABI: smaller markdown subheadingsrfjakob
The old ones were rendered by github almost as big as the parent headings.
2017-02-28Update README.md (#85)Peter Reschenhofer
Correcting year in changelog (1.2.1)
2017-02-26README: update changelog for 1.2.1 releasev1.2.1Jakob Unterwurzacher
2017-02-26tests: somewhat support testing without opensslJakob Unterwurzacher
You will still get lots of test error, but at least the tests will run.
2017-02-26MANPAGE: document "-speed"Jakob Unterwurzacher
2017-02-26MANPAGE: document error code 12Jakob Unterwurzacher
2017-02-26exitcodes: define code 12 for "password incorrect"Jakob Unterwurzacher
2017-02-25configfile: rename "kdf.go" -> "scrypt.go"Jakob Unterwurzacher
This really only handles scrypt and no other key-derivation functions. Renaming the files prevents confusion once we introduce HKDF. renamed: internal/configfile/kdf.go -> internal/configfile/scrypt.go renamed: internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go
2017-02-24stupidgcm: drop only external dependecyJakob Unterwurzacher
This makes it easier to use the package in external projects. See https://github.com/rfjakob/gocryptfs/issues/79
2017-02-24speed: add benchmark.bash helperJakob Unterwurzacher
2017-02-23README: fix typo and simplify MANPAGE textJakob Unterwurzacher
2017-02-23speed: fix build for Go 1.4 and lowerJakob Unterwurzacher
Old Go versions miss cipher.NewGCMWithNonceSize, which causes: internal/speed/speed.go:95: undefined: cipher.NewGCMWithNonceSize
2017-02-22Implement "gocryptfs -speed"Jakob Unterwurzacher
A crypto benchmark mode like "openssl speed". Example run: $ ./gocryptfs -speed AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode) AES-GCM-256-Go 48.19 MB/s AES-SIV-512-Go 37.40 MB/s
2017-02-20tests: adapt dir overwrite test for Go 1.8Jakob Unterwurzacher
In Go 1.8, os.Rename refuses to overwrite an empty directory. Switch to syscall.Rename, which still does the right thing.
2017-02-20Travis CI: also test with Go 1.8Jakob Unterwurzacher
(Currently failing the tests!)
2017-02-20Get rid of remaining $GOPATH dependenciesJakob Unterwurzacher
2017-02-20build.bash: use $(go env GOPATH)Jakob Unterwurzacher
2017-02-19build.bash: deduplicate build callJakob Unterwurzacher
2017-02-19build.bash: GOPATH may be unset since Go v1.8. Handle it.Jakob Unterwurzacher
2017-02-17tests.bash: OSX compat: use "flock -n" and skip openssl buildJakob Unterwurzacher
Mac OS X flock does not support "--nonblock", but does support "-n": https://github.com/discoteq/flock/blob/master/man/flock.1.ronn Skip the openssl build because it requires 1) openssl 2) fixing the import paths in gocryptfs Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-280464400
2017-02-16Travis: set clone depth to 100Jakob Unterwurzacher
Otherwise the build fails once you have more than 50 commits since the last tag. You'd get: $ ./build.bash fatal: No names found, cannot describe anything.
2017-02-16tests: reverse: check Access() callJakob Unterwurzacher
2017-02-16fusefrontend_reverse: handle .name files in Access()Jakob Unterwurzacher
These were currently passed to decryptPath() were it caused a warning.
2017-02-16tests: configfile: add missing newlines in verbose outputJakob Unterwurzacher
2017-02-16tests: OSX compat: wrap Stat_t atime extractJakob Unterwurzacher
Linux has st.Atim, st.Mtim, OSX hat st.Atimespec, st.Mtimespec. Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16syscallcompat: OSX compat: fix variable warningsJakob Unterwurzacher
As suggested by https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16tests: OSX compat: use "mount" command instead of /proc/mountsJakob Unterwurzacher
Mac OS X does not have /proc. Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16tests: OSX compat: use OSX-style "stat -f"Jakob Unterwurzacher
Reported at https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-16benchmarks: OSX compat: replace /usr/bin/time with bash builtinJakob Unterwurzacher
On OSX, /usr/bin/time does not support "-f". Reported in https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217 .
2017-02-16tests: get rid of syscall.PathMaxJakob Unterwurzacher
Does not exist on OSX Reported in https://github.com/rfjakob/gocryptfs/issues/15
2017-02-16README: also link to cppcryptfsJakob Unterwurzacher
2017-02-16README: mention graphical interfacesJakob Unterwurzacher
2017-02-15main: don't attempt lazy unmount on MacOSXJakob Unterwurzacher