| Age | Commit message (Collapse) | Author |
|---|
|
... but only if the relative path does not start with "..".
Makes the message easier to grasp. Example:
$ gocryptfs -init -scryptn=10 v0.9
[...]
The filesystem has been created successfully.
Before:
You can now mount it using: gocryptfs /home/jakob/src/github.com/rfjakob/gocryptfs/integration_tests/example_filesystems/v0.9 MOUNTPOINT
After:
You can now mount it using: gocryptfs v0.9 MOUNTPOINT
|
|
|
|
Also improve the order of the bullet points.
|
|
The release has been delayed due to the fsstress issues that
were hopefully fixed in the last commit.
|
|
... with the "released" boolean.
For some reason, the "f.fd.Fd() < 0" check did not work reliably,
leading to nil pointer panics on the following wlock.lock().
The problem was discovered during fsstress testing and is unlikely
to happen in normal operations.
With this change, we passed 1700+ fsstress iterations.
|
|
This makes sure the panic message also ends up in syslog
(if enabled).
|
|
Using a simple boolean was racy (which was harmless
in this case) and non-idomatic.
|
|
The Fstat call should never fail, but still, if it does return an error
it should be handled properly.
|
|
mapMutex can be anonymous and using an RWMutex is overkill
because the lock protects very short sections.
|
|
Send fsstress (which ignores Ctrl-C) into the background
so the shell gets the signal. Manually kill fsstress in the
cleanup handler.
Also, use the build.bash script for gocryptfs.
|
|
The functionality has long been replaced by the fd < 0
check.
|
|
Also add dates for all releases.
|
|
This allows to run more than one instance of
the script in parallel.
Also, properly clean up on exit.
|
|
Gets rid of the call to "date" and simplifies the code.
|
|
Also, convert extractloop.bash to using md5sum instead of diff -ur
so the user does not have to keep an extracted kernel tree around.
And print the iteration time.
|
|
Add a simple bash wrapper to make it easier to run the GCM
benchmarks.
|
|
As requested in https://github.com/rfjakob/gocryptfs/issues/26 ,
this adds the option to allow other users to access the filesystem.
|
|
|
|
Paths in statfs() calls were not encrypted resulting in
an Function not implemented error, when the unencrypted
path didn't exist in the underlying (encrypted)
filesystem.
$ df plain/existingdir
df: ‘plain/existingdir’: Function not implemented
|
|
Optimized assembly versions for Go GCM are only available
on amd64.
|
|
Go GCM is faster than OpenSSL if the CPU has AES instructions
and you are running Go 1.6+.
The "-openssl" option now defaults to "auto".
"gocryptfs -debug -version" displays the result of the autodetection.
See https://github.com/rfjakob/gocryptfs/issues/23 for details and
benchmarks.
|
|
|
|
Commit 730291feab properly freed wlock when the file descriptor is
closed. However, concurrently running Write and Truncates may
still want to lock it. Check if the fd has been closed first.
|
|
|
|
This increases the load but also the disk space requirements
(to about 2GB).
|
|
The write lock was not freed on release, causing a slow memory leak.
This was noticed by running extractloop.bash for 10 hours.
|
|
These were hosted at https://github.com/rfjakob/fsstress . To
make them easier to use for gocryptfs users and developers, add
them to the main repo.
|
|
In general, OpenSSL is only threadsafe if you provide a locking function
through CRYPTO_set_locking_callback. However, the GCM operations that
stupidgcm uses never call that function.
To guard against that ever changing, set a dummy locking callback
that crashes the app.
|
|
Quoting from the patch:
We compare against Go's built-in GCM implementation. Since stupidgcm only
supports 128-bit IVs and Go only supports that from 1.5 onward, we cannot
run these tests on older Go versions.
|
|
This did not help in debugging the openssl <= 1.0.1c issue at all
and makes the code more complex. Keep it simple.
|
|
|
|
This fixes the test failures on Travis CI.
Quoting from https://github.com/openssl/openssl/commit/07a4ff79d23e45f1a45da717b7c1f41a5e1c7c0c
/* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier
* required the tag before any AAD or ciphertext */
|
|
|
|
Also, print the openssl version in Travis CI
|
|
|
|
|
|
|
|
...complete with tests and benchmark.
This will allow us to get rid of the dependency to spacemonkeygo/openssl
that causes problems on Arch Linux
( https://github.com/rfjakob/gocryptfs/issues/21 )
|
|
|
|
"-C" is not supported on older git versions. Instead, just cd into
the directory.
See issue #20.
|
|
This makes gocryptfs work at all on ZFS.
See https://github.com/rfjakob/gocryptfs/issues/22 .
|
|
|
|
|
|
|
|
Among those one real bug.
|
|
Failure in the example filesystems tests can leave them mounted.
|
|
Using dirfd-relative operations allows safe lockless handling
of the ".name" files.
|
|
|
|
|
|
|
