Age | Commit message (Collapse) | Author |
|
unPad16 returns detailed errors including the position of the
incorrect bytes. Kill a possible padding oracle by lumping
everything into a generic error.
The detailed error is only logged if debug is active.
|
|
Reported at https://github.com/rfjakob/gocryptfs/issues/15
|
|
Mode=0 (default) and mode=1 (keep size) are supported.
The patch includes test cases and the whole thing passed xfstests.
Fixes https://github.com/rfjakob/gocryptfs/issues/1 .
|
|
These are large complicated implementations that will share some
code.
|
|
The name could be misunderstood and actually caused a bug:
doWrite used to always preallocate 4128 instead of the actual
data length.
|
|
We were growing the file block-by-block which was pretty
inefficient. We now coalesce all the grows into a single
Ftruncate. Also simplifies the code!
Simplistic benchmark: Before:
$ time truncate -s 1000M foo
real 0m0.568s
After:
$ time truncate -s 1000M foo
real 0m0.205s
|
|
|
|
XFS returns a different error code if you try to overwrite
a non-empty directory with a directory:
XFS: mv: cannot move ‘foo’ to ‘bar/foo’: File exists
ext4: mv: cannot move 'foo' to 'bar/foo': Directory not empty
So have EEXIST trigger the Rmdir logic as well.
Fixes issue #20
Link: https://github.com/rfjakob/gocryptfs/issues/20
|
|
...into "matrix" and "normal".
Also:
* Make running multiple packages in parallel safe, see
http://stackoverflow.com/questions/23715302/go-how-to-run-tests-for-multiple-packages
* Don't depent on test_helper.TmpDir and friends to have a terminating slash
|
|
Fixes issue #31
https://github.com/rfjakob/gocryptfs/issues/31
|
|
Run the tests twice, once with openssl and once with Go crypto.
|
|
...and add tests for checking that gocryptfs.diriv
does not get created.
The main "integration_tests" package has become quite
big and convoluted over time.
This small separate package should make writing tests
for "-plaintextnames" easier.
As seen in "fusefrontend: fix PlaintextNames versions of Mkdir, Rmdir",
we need more of them.
|
|
Drop the date and add the "go-fuse: " prefix so you can see
where the message is coming from.
Before:
Jun 27 09:03:15 brikett gocryptfs[4150]: 2016/06/27 09:03:15 Unimplemented opcode INTERRUPT
After:
Jun 27 09:10:58 brikett gocryptfs[4961]: go-fuse: Unimplemented opcode INTERRUPT
|
|
The "!fs.args.DirIV" special case was removed by b17f0465c7
but that, by accident, also removed the handling for
PlaintextNames.
Re-add it as an explicit PlaintextNames special case.
Also adds support for removing directories that miss their
gocryptfs.diriv file for some reason.
|
|
...unless "-nosyslog" is passed.
All gocryptfs messages already go to syslog, but the messages
that the go-fuse lib emits were still printed to stdout.
Fixes issue #13 ( https://github.com/rfjakob/gocryptfs/issues/13 )
|
|
This is no change in behavoir, just a clarification in the man page.
|
|
Device files and suid binaries are often not needed when running
gocryptfs as root. As they are potentially dangerous, let the
user enable them explicitely via the new "-o" option instead of
always enabling them when running as root.
|
|
FUSE filesystems are mounted with "nosuid" by default. If we run as root,
we can use device files by passing the opposite mount option, "suid".
Also we have to use syscall.Chmod instead of os.Chmod because the
portability translation layer "syscallMode" messes up the sgid
and suid bits.
Fixes 70% of the failures in xfstests generic/193. The remaining are
related to truncate, but we err on the safe side:
$ diff -u tests/generic/193.out /home/jakob/src/fuse-xfstests/results//generic/193.out.bad
[...]
check that suid/sgid bits are cleared after successful truncate...
with no exec perm
before: -rwSr-Sr--
-after: -rw-r-Sr--
+after: -rw-r--r--
|
|
FUSE filesystems are mounted with "nodev" by default. If we run as root,
we can use device files by passing the opposite mount option, "dev".
Fixes xfstests generic/184.
|
|
If allow_other is set and we run as root, try to give newly created files to
the right user.
|
|
Support truncate(2) by opening the file and calling ftruncate(2)
While the glibc "truncate" wrapper seems to always use ftruncate, fsstress from
xfstests uses this a lot by calling "truncate64" directly.
|
|
This file was forgotten in commit
"tests: make tests for unsupported FSs more compact".
|
|
|
|
|
|
The GCMIV128 feature flag is already mandatory, dropping the command
line option is the final step.
Completes https://github.com/rfjakob/gocryptfs/issues/29 .
|
|
There is no need to test that deprecated command-line options
produce an error. I trust the flags package.
Also split the example_filesystem helper functions into a
separate file.
|
|
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
|
|
As DirIV is now mandatory there is no user for the noiv functions.
|
|
The DirIV feature flag is already mandatory, dropping the command
line option is the final step.
|
|
The v0.6-plaintextnames example FS lacks the GCMIV128 feature
flag, is no longer mountable and can no longer be used for testing.
Add a new "-plaintextnames" filesystem created by gocryptfs v0.7.
There have been no format changes to "-plaintextnames" since then.
|
|
If it is, append "-dirty" to the hash.
|
|
|
|
|
|
As v0.4 introduced ext4-style feature flags, the on-disk format version
is unlinkely to change. Drop it from the version output to reduce
clutter. Use "gocryptfs -version -debug" to see it.
Add the Go version string because only Go 1.6 and newer have an optimized
AES-GCM implementation. This will help users to understand the performance
of their build.
|
|
|
|
|
|
Go 1.3.3 does not support testing.M, so skip the tests there.
|
|
|
|
The release of v0.12 is delayed to give people more time to
upgrade using "mv" or "rsync --remove-source-files".
|
|
The v0.6 and older example filesystem are mounted read-only
because they are deprecated, so skip the read-write tests.
|
|
This is part of the phase-out of very old filesystems.
See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for
more info.
|
|
Recreate the files so they carry all feature flags.
Also, create them with "-scryptn 10" to speed up the tests.
|
|
extpass_test and example_filesystems_test did it wrong,
always returning 0.
|
|
From the man page:
**-ro**
: Mount the filesystem read-only
Also add a test.
|
|
|
|
|
|
Let's have shorter names, and merge *_api.go into the "main"
file.
No code changes.
|
|
tlog is used heavily everywhere and deserves a shorter name.
Renamed using sed magic, without any manual rework:
find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
|
|
We want to use colored error messages also outside of main,
so let's handle it in the logging package.
The fatal logger now automatically prints red.
|
|
* Supports stdin
* Add tests for extpass and stdin
As per user request at https://github.com/rfjakob/gocryptfs/issues/30
|