summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-03-24fusefrontend: create helpers for symlink encryptionJakob Unterwurzacher
These will be reused by the upcoming xattr support.
2018-03-22Add `-masterkey=stdin` functionalityJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/218
2018-03-18Update depsv1.4.4Jakob Unterwurzacher
We need the bugfix in go-fuse
2018-03-18Update Changelog for v1.4.4Jakob Unterwurzacher
2018-03-13tests: extractloop.sh: better cleanup logic, handle missing /procJakob Unterwurzacher
macos does not have /proc, so don't try to read it.
2018-03-13tests: extractloop.sh: don't abort if md5sum is missingJakob Unterwurzacher
MacOS does not have it installed by default.
2018-03-07macos: extractloop.sh: exclude symlink & mute ln error messageJakob Unterwurzacher
Extracting the symlink fails with linux-3.0/arch/microblaze/boot/dts/system.dts: Can't set permissions to 0755 so just exclude it. The ln error Looks scary but is harmless, so get rid of it. The symlink is only created to make it more convenient to view the csv log.
2018-03-07macos: tests: make extractloop.bash work on macosJakob Unterwurzacher
macos' bash and ln lack a few features we used.
2018-03-07tests: convert remaining wget calls to dl-linux-tarball.bash helperJakob Unterwurzacher
Makes the scripts work when wget is not available (macos)
2018-03-07macos: tests: use curl of wget is not availableJakob Unterwurzacher
2018-03-06tests: exit with error if we have leftover filesystemsJakob Unterwurzacher
2018-03-06tests: macos: try to unmount before rm -RfJakob Unterwurzacher
macos does not have "rm --one-file-system", so try to unmount all remaining test filesystems to protect the backing stores. https://github.com/rfjakob/gocryptfs/issues/213
2018-03-06tests: drop "-z" from fusermount to catch forgotten fdsJakob Unterwurzacher
macos does not have lazy unmount, so let's not use it on linux either. If the unmount fails, run "lsof" to find the open file. Also fix the first bug we found this way.
2018-03-05macos: tests: fix deleting of scratch dirJakob Unterwurzacher
macos rm does not understand --one-file-system, and it cannot handle unreadable directories.
2018-03-05macos: fix fd leak in reverse testsJakob Unterwurzacher
Causes "Resource busy" unmount failures on macos
2018-03-05tests: matrix_test: skip cases when without_openssl is setJakob Unterwurzacher
Fixes test-without-openssl.bash.
2018-03-05test_helpers: add missing newlineJakob Unterwurzacher
2018-03-05test.bash: Don't build with openssl if we were passed "-tags without_openssl"Jakob Unterwurzacher
test-without-openssl.bash now fails, as it should: gocryptfs has been compiled without openssl support but you are still trying to use openssl mount failed: exit status 18 FAIL github.com/rfjakob/gocryptfs/tests/matrix 1.943s
2018-03-05macos: doTestUtimesNano: skip UTIME_OMIT and nanoseconds testcasesJakob Unterwurzacher
Not supported on macos. Beef up the first test case a little by using different second values.
2018-03-05tests: TestUtimesNano: replace ugly compareUtimes wrapperJakob Unterwurzacher
2018-03-05tests: fix a few fd leaksJakob Unterwurzacher
We relied on the finalizer to close a few fds. For some reason, this did not cause problems on Linux, but on MacOS, it causes unmount failures: umount(/private/tmp/gocryptfs-test-parent/194654785/default-plain): Resource busy -- try 'diskutil unmount'
2018-03-05test-without-openssl: accept extra argsJakob Unterwurzacher
Accept extra args, like test.bash does.
2018-03-05macos: skip TestUtimesNanoSymlink earlyJakob Unterwurzacher
Gets rid of the touch error message upon running the tests.
2018-03-05macos: adjust TestTooLongSymlink length for darwinJakob Unterwurzacher
Limit is much lower than on linux
2018-03-05macos: fix second TestEmulateSymlinkat test failureJakob Unterwurzacher
2018-03-05test.bash: skip flock if not availableJakob Unterwurzacher
MacOS does not have it installed by default.
2018-02-28MacOS: skip TestUtimesNanoSymlink and TestUtimesNanoFdJakob Unterwurzacher
These cannot work on MacOS.
2018-02-28MacOS: don't test symlinks longer than 1000 bytesJakob Unterwurzacher
The limit is much lower than on Linux. https://github.com/rfjakob/gocryptfs/issues/213
2018-02-28MacOS: fix TestEmulateSymlinkat test failureJakob Unterwurzacher
On MacOS, symlinks don't have their own permissions, so don't check for them.
2018-02-28test_helpers: use an intermediate pipe for subprocess stdoutJakob Unterwurzacher
To Go test logic waits for stderr and stdout to close, so when we share it with a subprocess, it will wait for it to exit as well. We don't want the tests to hang when the unmount fails. Seen on MacOS as reported at https://github.com/rfjakob/gocryptfs/issues/213
2018-02-28tlog: stop embedding log.Logger to prevent mistakesJakob Unterwurzacher
A few places have called tlog.Warn.Print, which directly calls into log.Logger due to embedding, losing all features of tlog. Stop embedding log.Logger to make sure the internal functions cannot be called accidentially and fix (several!) instances that did.
2018-02-27travis ci: switch to "1.10.x" notationJakob Unterwurzacher
"1.10" does not work as expected because it is parsed as a floating point number: https://github.com/travis-ci/travis-ci/issues/9247 Added benefit is that we always get the latest point release.
2018-02-27travis ci: run on Go 1.10Jakob Unterwurzacher
2018-02-27ctlsock: don't Warn() on closed socketJakob Unterwurzacher
This Warn() is causing panics in the test suite on MacOS: https://github.com/rfjakob/gocryptfs/issues/213
2018-02-26test.bash: disable result cachingJakob Unterwurzacher
Go 1.10 has introduced test result caching and enabled it by default. This does not work properly for our integration tests because they test the compiled binary and do not have a source level dependency on the gocryptfs code. Disable caching.
2018-02-22update description of link to cppcryptfs projectbailey27
2018-02-18cryptocore: make AEADTypeEnum values explicitJakob Unterwurzacher
We now print the number in a debug message, so define the numeric values explicitely instead of using iota. This way you don't have to understand how iota works to find out what the number means. Lack of understanding of how iota works is also the reason why the numbers start at 3 (to keep the current behavoir).
2018-02-18cryptocore: zero derived keysJakob Unterwurzacher
Zero the HKDF-derived keys when we don't need them anymore, and let the variable run of of scope. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18siv_aead: create private key copy and implement wipingJakob Unterwurzacher
Having a private copy relieves the caller from worrying about whether he can zero his copy. The copy can be cleared by calling Wipe().
2018-02-18main: changePassword: zero masterkeyJakob Unterwurzacher
Overwrite the masterkey with zeros once we have encrypted it, and let it run out of scope. Also get rid of the password duplicate in readpassword.Twice.
2018-02-18main: zero password once we are done with itJakob Unterwurzacher
Overwrite the password we have got from the user with zeros once we don't need it anymore, and make sure the variable runs out of scope.
2018-02-18readpassword: convert from string to []byteJakob Unterwurzacher
This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18main: doMount: use a deferred function for wipeKeysJakob Unterwurzacher
Also drop the unused int return.
2018-02-18main: overwrite keys and let them run out of scopeJakob Unterwurzacher
As soon as we don't need them anymore, overwrite keys with zeros. Make sure they run out of scope so we don't create a risk of inadvertedly using all-zero keys for encryption. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18cryptocore, main: add two commentsJakob Unterwurzacher
While reading the code, I had to think about what it does, so add a comment that explains it.
2018-02-18configfile: overwrite and let keys run out of scopeJakob Unterwurzacher
As soon as we don't need them anymore, overwrite keys with zeros and make sure they run out of scope so we don't create a risk of inadvertedly using all-zero keys for encryption. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18stupidgcm: create private copy of the keyJakob Unterwurzacher
Relieves the caller from worrying about whether they can overwrite the key.
2018-02-18main: try to wipe cryptocore's secret keys on unmountJakob Unterwurzacher
Raise the bar for recovering keys from memory. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18fusefrontend[_reverse]: move crypto init up to callerJakob Unterwurzacher
Both fusefrontend and fusefrontend_reverse were doing essentially the same thing, move it into main's initFuseFrontend. A side-effect is that we have a reference to cryptocore in main, which will help with wiping the keys on exit (https://github.com/rfjakob/gocryptfs/issues/211).
2018-02-17stupidgcm: implement key wipeJakob Unterwurzacher
Not bulletproof due to possible GC copies, but still raises to bar for extracting the key. https://github.com/rfjakob/gocryptfs/issues/211