| Age | Commit message (Collapse) | Author |
|---|
|
fuse-xfstests should be installed to /opt now to make
the terminal output independent of the user name
(as done in https://github.com/rfjakob/fuse-xfstests/wiki/results_2021-06-02 )
|
|
Commit f3c777d5eaa682d878c638192311e52f9c204294 added the `-devrandom` option:
commit f3c777d5eaa682d878c638192311e52f9c204294
Author: @slackner
Date: Sun Nov 19 13:30:04 2017 +0100
main: Add '-devrandom' commandline option
Allows to use /dev/random for generating the master key instead of the
default Go implementation. When the kernel random generator has been
properly initialized both are considered equally secure, however:
* Versions of Go prior to 1.9 just fall back to /dev/urandom if the
getrandom() syscall would be blocking (Go Bug #19274)
* Kernel versions prior to 3.17 do not support getrandom(), and there
is no check if the random generator has been properly initialized
before reading from /dev/urandom
This is especially useful for embedded hardware with low-entroy. Please
note that generation of the master key might block indefinitely if the
kernel cannot harvest enough entropy.
We now require Go v1.13 and Kernel versions should have also moved on.
Make the flag a no-op.
https://github.com/rfjakob/gocryptfs/issues/596
|
|
We want /dev/fd/N support:
https://github.com/hanwen/go-fuse/commit/74a933d6e856048cbff1a437bf3dbf79162e77de
"fuse: support special /dev/fd/N mountpoint"
Fixes https://github.com/rfjakob/gocryptfs/issues/590
|
|
https://github.com/rfjakob/gocryptfs/issues/452
|
|
|
|
|
|
Combines both new flags.
|
|
|
|
|
|
Also use the new cryptocore algo names.
|
|
Looks like these are part of an abandoned plan.
|
|
|
|
Have the information in one centralized place,
and access it from main as needed.
|
|
|
|
|
|
We used to do validation using lists of mandatory feature flags.
With the introduction of XChaCha20Poly1305, this became too
simplistic, as it uses a different IV length, hence disabling
GCMIV128.
Add a dedicated function, Validate(), with open-coded validation
logic.
The validation and creation logic also gets XChaCha20Poly1305
support, and gocryptfs -init -xchacha now writes the flag into
gocryptfs.conf.
|
|
Mount flag only at the moment, not saved to gocryptfs.conf.
https://github.com/rfjakob/gocryptfs/issues/452
|
|
As the filename did not end in _test.go, TestZerokey
was not actually run. Fix that.
renamed: tests/cli/zerokey.go -> tests/cli/zerokey_test.go
|
|
Our git version is v2+ for some time now, but go.mod
still declared v1. Hopefully making both match makes
https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work.
All the import paths have been fixed like this:
find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%
|
|
This makes the comment visible to godoc.
|
|
Drop Create and rename Create2 to Create.
|
|
The argument list got too long.
Part 1: Replace with Create2
|
|
The IVLen var seems be a net loss in clarity. Drop it.
Also add comments and normalize error messages.
|
|
Fixes https://github.com/rfjakob/gocryptfs/issues/151
Fixes https://github.com/rfjakob/gocryptfs/issues/402
Fixes https://github.com/rfjakob/gocryptfs/pull/592
Partial-fix https://github.com/rfjakob/gocryptfs/issues/108
|
|
|
|
It was in INIT OPTIONS by mistake.
|
|
And store it in gocryptfs.conf (=remove DirIV feature flag).
|
|
-deterministc-names uses all-zero dirivs but does not write
them to disk anymore.
|
|
|
|
|
|
Except xattrSupported, this is a false positive.
$ golangci-lint run --disable-all --enable unused --enable deadcode
gocryptfs-xray/xray_main.go:24:5: `GitVersionFuse` is unused (deadcode)
var GitVersionFuse = "[GitVersionFuse not set - please compile using ./build.bash]"
^
tests/symlink_race/main.go:47:6: `chmodLoop` is unused (deadcode)
func chmodLoop() {
^
internal/readpassword/extpass_test.go:11:5: `testPw` is unused (deadcode)
var testPw = []byte("test")
^
tests/reverse/xattr_test.go:13:6: func `xattrSupported` is unused (unused)
func xattrSupported(path string) bool {
^
internal/fusefrontend_reverse/rpath.go:20:22: func `(*RootNode).abs` is unused (unused)
func (rfs *RootNode) abs(relPath string, err error) (string, error) {
^
tests/matrix/matrix_test.go:310:6: `sContains` is unused (deadcode)
func sContains(haystack []string, needle string) bool {
|
|
Typo inside doInit.
|
|
This makes fsck runs deterministic again.
Sorting (commit quoted below) got lost while
moving to go-fuse v2 api.
commit e6caf56ea4ab10e747aa5dfc0a768cb8176ebe6a
Author: Jakob Unterwurzacher <jakobunt@gmail.com>
Date: Mon Apr 2 16:56:29 2018 +0200
fsck: sort files alphabetically
This makes fsck runs deterministic.
|
|
Issues were:
# github.com/rfjakob/gocryptfs/contrib/findholes/holes
contrib/findholes/holes/holes.go:136:2: unreachable code
# github.com/rfjakob/gocryptfs/tests/root_test_test
tests/root_test/root_test.go:139:2: unreachable code
Also make sure we actually run "go vet" against the whole
codebase.
|
|
Everything except the
if err2.Err == syscall.EOPNOTSUPP
case. Gets too confusing when collapsed into a single line.
Issues were:
$ golangci-lint run --disable-all --enable gosimple
mount.go:473:2: S1008: should use 'return strings.HasPrefix(v, "fusermount version")' instead of 'if strings.HasPrefix(v, "fusermount version") { return true }; return false' (gosimple)
if strings.HasPrefix(v, "fusermount version") {
^
cli_args.go:258:5: S1002: should omit comparison to bool constant, can be simplified to `args.forcedecode` (gosimple)
if args.forcedecode == true {
^
cli_args.go:263:6: S1002: should omit comparison to bool constant, can be simplified to `args.aessiv` (gosimple)
if args.aessiv == true {
^
cli_args.go:267:6: S1002: should omit comparison to bool constant, can be simplified to `args.reverse` (gosimple)
if args.reverse == true {
^
internal/stupidgcm/stupidgcm.go:227:6: S1002: should omit comparison to bool constant, can be simplified to `g.forceDecode` (gosimple)
if g.forceDecode == true {
^
gocryptfs-xray/xray_tests/xray_test.go:23:5: S1004: should use !bytes.Equal(out, expected) instead (gosimple)
if bytes.Compare(out, expected) != 0 {
^
gocryptfs-xray/xray_tests/xray_test.go:40:5: S1004: should use !bytes.Equal(out, expected) instead (gosimple)
if bytes.Compare(out, expected) != 0 {
^
gocryptfs-xray/paths_ctlsock.go:34:20: S1002: should omit comparison to bool constant, can be simplified to `!eof` (gosimple)
for eof := false; eof == false; line++ {
^
tests/reverse/xattr_test.go:19:2: S1008: should use 'return err2.Err != syscall.EOPNOTSUPP' instead of 'if err2.Err == syscall.EOPNOTSUPP { return false }; return true' (gosimple)
if err2.Err == syscall.EOPNOTSUPP {
^
internal/fusefrontend/node.go:459:45: S1002: should omit comparison to bool constant, can be simplified to `!nameFileAlreadyThere` (gosimple)
if nametransform.IsLongContent(cName2) && nameFileAlreadyThere == false {
^
tests/xattr/xattr_integration_test.go:221:2: S1008: should use 'return err2.Err != syscall.EOPNOTSUPP' instead of 'if err2.Err == syscall.EOPNOTSUPP { return false }; return true' (gosimple)
if err2.Err == syscall.EOPNOTSUPP {
^
tests/test_helpers/helpers.go:338:19: S1002: should omit comparison to bool constant, can be simplified to `open` (gosimple)
if err != nil && open == true {
^
tests/matrix/concurrency_test.go:121:7: S1004: should use !bytes.Equal(buf, content) instead (gosimple)
if bytes.Compare(buf, content) != 0 {
^
|
|
$ golangci-lint run
internal/tlog/log.go:13:2: SA1019: package golang.org/x/crypto/ssh/terminal is deprecated: this package moved to golang.org/x/term. (staticcheck)
"golang.org/x/crypto/ssh/terminal"
|
|
|
|
|
|
Contemporary x/sys/unix does not compile anymore with Go 1.11:
https://github.com/rfjakob/gocryptfs/runs/3362218517?check_suite_focus=true
+ GOOS=darwin
+ GOARCH=amd64
+ go build -tags without_openssl -o /dev/null
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/fcntl_darwin.go:11:9: undefined: fcntl
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/fcntl_darwin.go:16:12: undefined: fcntl
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/fcntl_darwin.go:22:12: undefined: fcntl
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/ioctl.go:21:9: undefined: ioctl
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/ioctl.go:30:9: undefined: ioctl
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/ioctl.go:39:9: undefined: ioctl
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/ioctl.go:49:9: undefined: ioctl
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/ioctl.go:61:9: undefined: ioctl
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/syscall_bsd.go:646:10: undefined: mmap
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/syscall_bsd.go:647:10: undefined: munmap
Error: ../../../go/pkg/mod/golang.org/x/sys@v0.0.0-20210817190340-bfb29a6856f2/unix/ioctl.go:61:9: too many errors
note: module requires Go 1.17make: *** [Makefile:44: ci] Error 2
Error: Process completed with exit code 2.
|
|
Using
go get -u
go mod tidy
|
|
|
|
gocryptfs$ ineffassign ./...
/home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/configfile/config_file.go:243:2: ineffectual assignment to scryptHash
/home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/configfile/config_file.go:272:2: ineffectual assignment to scryptHash
/home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:285:3: ineffectual assignment to fileID
/home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/node.go:367:3: ineffectual assignment to err
/home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/node_open_create.go:68:2: ineffectual assignment to fd
/home/jakob/go/src/github.com/rfjakob/gocryptfs/mount.go:308:2: ineffectual assignment to masterkey
/home/jakob/go/src/github.com/rfjakob/gocryptfs/gocryptfs-xray/xray_main.go:156:13: ineffectual assignment to err
/home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/prepare_syscall_test.go:65:16: ineffectual assignment to errno
/home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/syscallcompat/open_nofollow_test.go:34:2: ineffectual assignment to fd
/home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:111:6: ineffectual assignment to err
/home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:181:2: ineffectual assignment to sz
/home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:198:2: ineffectual assignment to sz
/home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/main_test.go:365:8: ineffectual assignment to err
/home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/xattr/xattr_fd_test.go:30:6: ineffectual assignment to err
/home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/xattr/xattr_fd_test.go:66:6: ineffectual assignment to err
|
|
Fixes https://github.com/rfjakob/gocryptfs/issues/588
|
|
With test.
Fixes https://github.com/rfjakob/gocryptfs/issues/588
|
|
|
|
No functional changes.
|
|
https://github.com/rfjakob/gocryptfs/issues/588
|
|
Sometimes, by chance, case 5 resulted in valid decrypted data:
--- FAIL: TestBadname (0.08s)
cli_test.go:885: Case 5 failed: "J7Rbo1BvfXojpBEr0Qrt_invalid_file GOCRYPTFS_BAD_NAME" in ["file GOCRYPTFS_BAD_NAME,\x9e$O\xc3j\x8c\xd0\x06\x01#\f%k\x02\xcanvalid_file GOCRYPTFS_BAD_NAME,mzaZRF9_0IU-_5vv2wPC_invalid_file GOCRYPTFS_BAD_NAME,file,file_invalid_file GOCRYPTFS_BAD_NAME,mzaZRF9_0IU-_5vv2wP_invalid_file GOCRYPTFS_BAD_NAME"]
Add percent signs so base64 decoding always fails.
Fixes https://github.com/rfjakob/gocryptfs/runs/3347883728
|
|
|
|
|
