summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-02-18cryptocore: make AEADTypeEnum values explicitJakob Unterwurzacher
We now print the number in a debug message, so define the numeric values explicitely instead of using iota. This way you don't have to understand how iota works to find out what the number means. Lack of understanding of how iota works is also the reason why the numbers start at 3 (to keep the current behavoir).
2018-02-18cryptocore: zero derived keysJakob Unterwurzacher
Zero the HKDF-derived keys when we don't need them anymore, and let the variable run of of scope. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18siv_aead: create private key copy and implement wipingJakob Unterwurzacher
Having a private copy relieves the caller from worrying about whether he can zero his copy. The copy can be cleared by calling Wipe().
2018-02-18main: changePassword: zero masterkeyJakob Unterwurzacher
Overwrite the masterkey with zeros once we have encrypted it, and let it run out of scope. Also get rid of the password duplicate in readpassword.Twice.
2018-02-18main: zero password once we are done with itJakob Unterwurzacher
Overwrite the password we have got from the user with zeros once we don't need it anymore, and make sure the variable runs out of scope.
2018-02-18readpassword: convert from string to []byteJakob Unterwurzacher
This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18main: doMount: use a deferred function for wipeKeysJakob Unterwurzacher
Also drop the unused int return.
2018-02-18main: overwrite keys and let them run out of scopeJakob Unterwurzacher
As soon as we don't need them anymore, overwrite keys with zeros. Make sure they run out of scope so we don't create a risk of inadvertedly using all-zero keys for encryption. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18cryptocore, main: add two commentsJakob Unterwurzacher
While reading the code, I had to think about what it does, so add a comment that explains it.
2018-02-18configfile: overwrite and let keys run out of scopeJakob Unterwurzacher
As soon as we don't need them anymore, overwrite keys with zeros and make sure they run out of scope so we don't create a risk of inadvertedly using all-zero keys for encryption. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18stupidgcm: create private copy of the keyJakob Unterwurzacher
Relieves the caller from worrying about whether they can overwrite the key.
2018-02-18main: try to wipe cryptocore's secret keys on unmountJakob Unterwurzacher
Raise the bar for recovering keys from memory. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18fusefrontend[_reverse]: move crypto init up to callerJakob Unterwurzacher
Both fusefrontend and fusefrontend_reverse were doing essentially the same thing, move it into main's initFuseFrontend. A side-effect is that we have a reference to cryptocore in main, which will help with wiping the keys on exit (https://github.com/rfjakob/gocryptfs/issues/211).
2018-02-17stupidgcm: implement key wipeJakob Unterwurzacher
Not bulletproof due to possible GC copies, but still raises to bar for extracting the key. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-17stupidgcm: switch to pointer receiversJakob Unterwurzacher
What the key slice does not get copied around will make it possible to check if the key has been wiped.
2018-02-06benchmark.bash: print tested versionJakob Unterwurzacher
2018-02-05README: Mention min required Go versionJakob Unterwurzacher
2018-02-04gccgo: skip emulateGetdents on linuxJakob Unterwurzacher
The test is known to fail on gccgo (https://github.com/rfjakob/gocryptfs/issues/201), but getdents emulation is not used on linux, so let's skip the test and ignore the failure.
2018-02-04Fix spelling (#205)Felix Lechner
2018-02-03Fix assignment error in Unix2syscall by converting Timespec into Nsec (#203)Felix Lechner
$ go.gcc build # github.com/rfjakob/gocryptfs/internal/syscallcompat internal/syscallcompat/unix2syscall_linux.go:32:13: error: incompatible types in assignment (cannot use type int64 as type syscall.Timespec_sec_t) s.Atim.Sec = u.Atim.Sec ^
2018-02-03MANPAGE: improve markdown renderingJakob Unterwurzacher
The man page is rendered on github at https://github.com/rfjakob/gocryptfs/blob/master/Documentation/MANPAGE.md . Improve formatting a little.
2018-02-01gccgo: replace syscall.NAME_MAX with unix.NAME_MAXJakob Unterwurzacher
For some reason the syscall.NAME_MAX constant does not exist on gccgo, and it does not hurt us to use unix.NAME_MAX instead. https://github.com/rfjakob/gocryptfs/issues/201
2018-01-31syscallcompat: switch from syscall.Getdents to unix.GetdentsJakob Unterwurzacher
On mips64le, syscall.Getdents() and struct syscall.Dirent do not fit together, causing our Getdents implementation to return garbage ( https://github.com/rfjakob/gocryptfs/issues/200 and https://github.com/golang/go/issues/23624 ). Switch to unix.Getdents which does not have this problem - the next Go release with the syscall package fixes is too far away, and will take time to trickle into distros.
2018-01-31Update depsJakob Unterwurzacher
2018-01-28added usage of reverse mode to READMEKenneth Newwood
2018-01-25syscallcompat: hardcode maxReclen = 280 for all architecturesJakob Unterwurzacher
Due to padding between entries, it is 280 even on 32-bit architectures. See https://github.com/rfjakob/gocryptfs/issues/197 for details.
2018-01-25syscallcompat: fix reversed warning outputJakob Unterwurzacher
We used to print somewhat strange messages: Getdents: corrupt entry #1: Reclen=276 > 280. Returning EBADR Reported at https://github.com/rfjakob/gocryptfs/issues/197
2018-01-25Update README.mdrfjakob
README: add missing word
2018-01-25fusefrontend: drop unused haveGetdents warningJakob Unterwurzacher
We don't actually print that warning anymore.
2018-01-25syscallcompat: explain why we don't use syscall.ParseDirent()Jakob Unterwurzacher
syscall.ParseDirent only returns the NAMES, we want everything.
2018-01-21Documentation: update xfstests outputv1.4.3Jakob Unterwurzacher
Also update the v1.4.3 release date to today. The release was delayed one day.
2018-01-21Documentation: add extractloop example outputJakob Unterwurzacher
2018-01-20Update changelog for 1.4.3Jakob Unterwurzacher
2018-01-20Travis CI: also build with vendored dependenciesJakob Unterwurzacher
2018-01-20dep: update dependenciesJakob Unterwurzacher
We needed a newer version of x/sys/unix to compile, and we want the fixes in go-fuse.
2018-01-20MacOS: rely on OSXFuse to create the mountpointJakob Unterwurzacher
As reported in https://github.com/rfjakob/gocryptfs/issues/194 , OSXFuse creates the mountpoint if it does not exist.
2018-01-20MANPAGE: improve description of -o and -koJakob Unterwurzacher
Was unclear for new users - see https://github.com/rfjakob/gocryptfs/issues/194
2018-01-17fusefrontend_reverse: use OpenNofollow in virtualFile.GetAttrJakob Unterwurzacher
Makes it robust against symlink races. Final piece, closes https://github.com/rfjakob/gocryptfs/issues/165
2018-01-17fusefrontend_reverse: use OpenNofollow in findLongnameParentJakob Unterwurzacher
Protects findLongnameParent against symlink races. Also add comments to several functions along the way. Reported at https://github.com/rfjakob/gocryptfs/issues/165
2018-01-17fusefronted: add PlaintextNames special-cases for Create & RenameJakob Unterwurzacher
gocryptfs.longname.XXX files were considered magic in PlaintextNames mode, which was wrong. Fix that and add tests. Fixes https://github.com/rfjakob/gocryptfs/issues/174
2018-01-16Run go fmtJakob Unterwurzacher
2018-01-16MacOS: rely on OSXFuse to create mountpoint below /VolumesJakob Unterwurzacher
OSXFuse automatically creates the mountpoint if it is below /Volumes because this would require root permissions which the user might not have. Reported at https://github.com/rfjakob/gocryptfs/issues/194
2018-01-10Provide basic man page for xray tool (#193)Felix Lechner
Provide basic man page for xray tool
2018-01-10Fix spellingFelix Lechner
2018-01-07package-source.bash: archive HEAD instead of masterJakob Unterwurzacher
To be able to check out an older version and create a tarball from it, let `git archive` operate on HEAD. This used to be broken in a bad way: we use `git describe` which operates on HEAD to name the tarball, but always archived HEAD.
2018-01-07package-source.bash: also create source-only tarballJakob Unterwurzacher
We used to only create a source + dependecies tarball, but having a source-only tarball makes packaging deb/rpm easier.
2017-12-25fusefrontend: Use Linkat syscall to implement LinkSebastian Lackner
2017-12-25fusefrontend: Handle PlaintextNames mode in LinkSebastian Lackner
In PlaintextNames mode the "gocryptfs.longname." prefix does not have any special meaning. https://github.com/rfjakob/gocryptfs/issues/174
2017-12-25Pinned the link to line 38 of performance.txt to version 1.4.1 since ↵Rohan Talip
https://github.com/rfjakob/gocryptfs/commit/f0e29d9b90b63d5fbe4164161ecb0e1035bb4af4#diff-86b7f3262ae352959ee0e04cccaac1b0 added an extra line.
2017-12-11fusefrontend_reverse: Use O_DIRECTORY in OpenDir implementationSebastian Lackner
Also get rid of the defer - it is not really necessary here.