summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-16readpassword: check extpass return codeJakob Unterwurzacher
...and exit if it is not zero.
2016-10-16main: move masterkey warnings into parseMasterKeyJakob Unterwurzacher
This makes sure all callers of parseMasterKey warn the user. At the moment there is only one, but another one will be added soon for forcing a password change when only the master key is known.
2016-10-16fusefrontend: Utimens: ugly band-aid for nil pointer crash in go-fuseJakob Unterwurzacher
Crash is described at https://github.com/rfjakob/gocryptfs/issues/48 . Revert this once https://github.com/hanwen/go-fuse/pull/131 is merged.
2016-10-16tests: verify that UTIME_OMIT worksJakob Unterwurzacher
It currently does not and even causes a crash due to a bug in go-fuse. Also converts the test to table-based.
2016-10-16tests: deduplicate UtimesNano testing codeJakob Unterwurzacher
2016-10-16fusefrontend: log missing gocryptfs.dirivJakob Unterwurzacher
This can happen during normal operation when the directory has been deleted concurrently. But it can also mean that the gocryptfs.diriv is missing due to an error, so log the event at "info" level.
2016-10-16tests: split "normal" tests into "cli" and "defaults"Jakob Unterwurzacher
Also fixes the failure to run the benchmarks do to the missing gocryptfs.diriv.
2016-10-11contrib: gocryptfs-maybe: fix descriptionJakob Unterwurzacher
2016-10-11contrib: add gocryptfs-maybe.bashJakob Unterwurzacher
Conditionally try to mount a gocryptfs filesystem. If either * CIPHERDIR does not exist OR * something is already mounted on MOUNTPOINT print a message to stdout (not stderr!) but exit with 0. This is meant to be called from automated mount systems like pam_mount, where you want to avoid error messages if the filesystem does not exist, or duplicate mounts if the filesystem has already been mounted.
2016-10-11main: suppress master key display if not running on a terminalJakob Unterwurzacher
Mounting through fstab or pam_mount may get the output logged into syslog. We don't want the master key to end up in syslog.
2016-10-10main: show "-o" in the help textJakob Unterwurzacher
Binds it to a dummy variable so it appears in the help text.
2016-10-10main: accept "-o" at the front AND at the endJakob Unterwurzacher
Moving "-o" to the end broke a third-party app, SiriKali. Breaking your users is bad, so let's accept "-o" anywhere.
2016-10-10fusefrontend: Also preserve the owner in MkdirJakob Unterwurzacher
This already worked for files but was missing for dirs.
2016-10-09Update performance.txt for v1.1 releaseJakob Unterwurzacher
2016-10-09Travis CI: Also build without opensslJakob Unterwurzacher
Also update Go versions
2016-10-09README: fix formatting errorJakob Unterwurzacher
2016-10-09Drop contrib/pam_mountJakob Unterwurzacher
The README text has been moved to https://github.com/rfjakob/gocryptfs/wiki/Mounting-on-login-using-pam_mount and the gocryptfs_pam_mount.bash is no longer needed since commit 9cf3ced0ce95495cabd8f4e7055d1c98f42363c9 .
2016-10-09main: more useful error message on unknown flagJakob Unterwurzacher
2016-10-09main: add tests for the "-o" parsingJakob Unterwurzacher
2016-10-09Update README with -passfile, -o, -ko changesJakob Unterwurzacher
2016-10-09main: add "-passfile" optionJakob Unterwurzacher
Make it easier to read the password from a file. Internally this is equivalent to "-extpass /bin/cat FILE".
2016-10-09main: ignore options rw, nosuid, nodev.Jakob Unterwurzacher
When called from mount, we always get either "suid" or "nosuid". As "nosuid" is the default, just ignore the options. Same for the other options.
2016-10-09main: also accept options at the end via "-o"Jakob Unterwurzacher
For compatability with mount(1), options are also accepted as "-o COMMA-SEPARATED-OPTIONS" at the end of the command line. For example, "-o q,zerokey" is equivalent to "-q -zerokey".
2016-10-09main: rename "-o" option to "-ko"Jakob Unterwurzacher
This prevents confusion with the "-o" options that is passed by mount(1) at the end of the command line.
2016-10-09main: init: handle spaces in mount suggestion messageJakob Unterwurzacher
Before: You can now mount it using: gocryptfs a x MOUNTPOINT After: You can now mount it using: gocryptfs "a x" MOUNTPOINT This is still not bulletproof but should handle the common case of having a space in the directory name. After all, it's only a suggestion.
2016-10-09main: friendlier error message on wrong number of argumentsJakob Unterwurzacher
Before: Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT After: Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg" Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
2016-10-09reverse: add panics against API abuseJakob Unterwurzacher
These should help prevent later programming errors.
2016-10-09README: reverse mode is ticket #19, not #34Jakob Unterwurzacher
2016-10-09Update Changelog for v1.1-rc1v1.1-rc1Jakob Unterwurzacher
2016-10-09contrib: pam_mount: check if something is already mounted on DSTJakob Unterwurzacher
pam_mount is supposed to check that as well, but it seems to get confused by the "command#path" syntax used for FUSE. Let's do it here.
2016-10-09tests: add test for "mountpoint shadows cipherdir" logicJakob Unterwurzacher
2016-10-08main: fix shadow detection logicJakob Unterwurzacher
This fired incorrectly: Mountpoint "/home/testuser" would shadow cipherdir "/home/testuser.cipher", this is not supported
2016-10-08LICENSE: add full nameJakob Unterwurzacher
2016-10-08contrib: pam_mount: add instructions for whole-home-dir encryptionJakob Unterwurzacher
2016-10-08contrib: pam_mount: add documentation and wrapperJakob Unterwurzacher
See ticket #34
2016-10-08reverse: gocryptfs.conf was missing from the directory listingsJakob Unterwurzacher
Fix the test for that and add checks in example_filesystems_test.
2016-10-08tests: unmount leftover filesystems before starting the testsJakob Unterwurzacher
A panic during the tests can leave mounted filesystems behind.
2016-10-08tests: add v1.1-reverse-plaintextnames example filesystemJakob Unterwurzacher
2016-10-08tests: add v1.1-reverse example filesystemJakob Unterwurzacher
2016-10-08tests: add v1.1-aessiv example filesystemJakob Unterwurzacher
Also move the example content into "content".
2016-10-08reverse: merge config translation check into isTranslatedConfigJakob Unterwurzacher
Also get rid of useless isFiltered function.
2016-10-08reverse: make gocryptfs.conf mapping plaintextnames-awareJakob Unterwurzacher
Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that.
2016-10-08tests: pass "-nosyslog"Jakob Unterwurzacher
We want to see panics and warnings on the console
2016-10-08tests: invert ResetTmpDir argumentJakob Unterwurzacher
As reverse also does not want a diriv file, the "plaintextNames" argument became a misnomer.
2016-10-08tests: matrix: have the testcase struct as a global variableJakob Unterwurzacher
Future tests will need more info about the running test case.
2016-10-08tests: matrix: convert to table-based styleJakob Unterwurzacher
And add AES-SIV
2016-10-08main: error out when the mount shadows the cipherdirJakob Unterwurzacher
For example, we cannot mount "/home/user/.cipher" at "/home/user" because the mount will hide ".cipher" also for us. Doing it anyway used to cause a nasty hang.
2016-10-08main: split doMount into its own fileJakob Unterwurzacher
Ongoing effort to reduce the size of main().
2016-10-08main: check if the config file can opened before prompting for passwordJakob Unterwurzacher
This was frustrating: $ gocryptfs a b Password: Decrypting master key open a/gocryptfs.conf: permission denied
2016-10-07MANPAGE: note that "-f" implies "-nosyslog"Jakob Unterwurzacher
Also explain why AES-SIV exists.