| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-10-08 | contrib: pam_mount: add instructions for whole-home-dir encryption | Jakob Unterwurzacher | |
| 2016-10-08 | contrib: pam_mount: add documentation and wrapper | Jakob Unterwurzacher | |
| See ticket #34 | |||
| 2016-10-08 | reverse: gocryptfs.conf was missing from the directory listings | Jakob Unterwurzacher | |
| Fix the test for that and add checks in example_filesystems_test. | |||
| 2016-10-08 | tests: unmount leftover filesystems before starting the tests | Jakob Unterwurzacher | |
| A panic during the tests can leave mounted filesystems behind. | |||
| 2016-10-08 | tests: add v1.1-reverse-plaintextnames example filesystem | Jakob Unterwurzacher | |
| 2016-10-08 | tests: add v1.1-reverse example filesystem | Jakob Unterwurzacher | |
| 2016-10-08 | tests: add v1.1-aessiv example filesystem | Jakob Unterwurzacher | |
| Also move the example content into "content". | |||
| 2016-10-08 | reverse: merge config translation check into isTranslatedConfig | Jakob Unterwurzacher | |
| Also get rid of useless isFiltered function. | |||
| 2016-10-08 | reverse: make gocryptfs.conf mapping plaintextnames-aware | Jakob Unterwurzacher | |
| Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that. | |||
| 2016-10-08 | tests: pass "-nosyslog" | Jakob Unterwurzacher | |
| We want to see panics and warnings on the console | |||
| 2016-10-08 | tests: invert ResetTmpDir argument | Jakob Unterwurzacher | |
| As reverse also does not want a diriv file, the "plaintextNames" argument became a misnomer. | |||
| 2016-10-08 | tests: matrix: have the testcase struct as a global variable | Jakob Unterwurzacher | |
| Future tests will need more info about the running test case. | |||
| 2016-10-08 | tests: matrix: convert to table-based style | Jakob Unterwurzacher | |
| And add AES-SIV | |||
| 2016-10-08 | main: error out when the mount shadows the cipherdir | Jakob Unterwurzacher | |
| For example, we cannot mount "/home/user/.cipher" at "/home/user" because the mount will hide ".cipher" also for us. Doing it anyway used to cause a nasty hang. | |||
| 2016-10-08 | main: split doMount into its own file | Jakob Unterwurzacher | |
| Ongoing effort to reduce the size of main(). | |||
| 2016-10-08 | main: check if the config file can opened before prompting for password | Jakob Unterwurzacher | |
| This was frustrating: $ gocryptfs a b Password: Decrypting master key open a/gocryptfs.conf: permission denied | |||
| 2016-10-07 | MANPAGE: note that "-f" implies "-nosyslog" | Jakob Unterwurzacher | |
| Also explain why AES-SIV exists. | |||
| 2016-10-07 | main: daemonize more thoroughly | Jakob Unterwurzacher | |
| As described at http://software.clapper.org/daemonize/ , a daemon should chdir to / and close its FDs. | |||
| 2016-10-07 | nametransform: better error code on invalid diriv length | Jakob Unterwurzacher | |
| go-fuse translates errors unknown to it into "function not implemented", which is wrong in this case. | |||
| 2016-10-07 | main: clarify nosyslog code path | Jakob Unterwurzacher | |
| Split the block up and add a comment why notifypid is important. | |||
| 2016-10-06 | main: add "-nonempty" option | Jakob Unterwurzacher | |
| 2016-10-05 | reverse: initialize the longname cache only when reverse mode is used | Jakob Unterwurzacher | |
| Gets rid of the idling longnameCacheCleaner thread in "normal" mode. | |||
| 2016-10-04 | A few more lint fixes | Jakob Unterwurzacher | |
| 2016-10-04 | lint fixes | Valient Gough | |
| 2016-10-04 | tests: skip "go tool vet" if the command is not available | Jakob Unterwurzacher | |
| "vet" is not availably by default on Go 1.4. | |||
| 2016-10-04 | tests: drop Go 1.3.3 from Travis testing | Jakob Unterwurzacher | |
| Does not support testing.M, which means we cannot run the test suite, which means we cannot claim to support it at all. | |||
| 2016-10-04 | tests: skip tests with -openssl=false on Go 1.4 and lower | Jakob Unterwurzacher | |
| Go versions 1.4 and lower lack NewGCMWithNonceSize(), which causes a panic in the test. | |||
| 2016-10-04 | tests: enable FUSE tests on Travis CI | Jakob Unterwurzacher | |
| 2016-10-04 | tests: symlink to "/" instead of "/etc/motd" | Jakob Unterwurzacher | |
| This file does not exist on all systems, causing spurious test failures. See #40, #43 | |||
| 2016-10-04 | tests: fallocate: skip some disk usage checks on btrfs | Jakob Unterwurzacher | |
| The expected allocated sizes are verified for tmpfs and ext4. btrfs gives different results, but that's not an error. Also, simplify test_helpers.Du and several code paths. Fixes #43. | |||
| 2016-10-04 | fusefrontend_reverse cast Stat_t.Dev to uint64 (#44) | Romain | |
| The [Stat_t.Dev](https://golang.org/pkg/syscall/#Stat_t) docs say `Dev` is a `unit64`, but on [macOS amd64](https://golang.org/src/syscall/ztypes_darwin_amd64.go) it's an `int32`. | |||
| 2016-10-04 | maxlen.bash: result was 1 too high | Jakob Unterwurzacher | |
| Additionally, output 0 instead of 7 on permission errors. | |||
| 2016-10-04 | without_openssl: support compiling completely without openssl | Jakob Unterwurzacher | |
| Build helper script: build-without-openssl.bash | |||
| 2016-10-04 | cryptocore: rename "gcm" variable to generic "aeadCipher" | Jakob Unterwurzacher | |
| As we now also support AES-SIV the old name is no longer correct. | |||
| 2016-10-04 | cryptocore: derive 512-bit key for AES-SIV | Jakob Unterwurzacher | |
| AES-SIV uses 1/2 of the key for authentication, 1/2 for encryption, so we need a 64-byte key for AES-256. Derive it from the master key by hashing it with SHA-512. | |||
| 2016-10-03 | siv_aead: Overhead is always 16 | Jakob Unterwurzacher | |
| Add a test for that. Also test operations using a 64-byte key. | |||
| 2016-09-29 | xray: print block offsets | Jakob Unterwurzacher | |
| 2016-09-29 | reverse: use per-purpose nonce generation | Jakob Unterwurzacher | |
| Also pull all the deterministic nonce code into fusefrontend_reverse to greatly simplify the normal code path. | |||
| 2016-09-28 | reverse: move newDirIVFile into virtualfile.go | Jakob Unterwurzacher | |
| After all, is's a virtual file. | |||
| 2016-09-28 | main: get rid of duplicate "extpass" message | Jakob Unterwurzacher | |
| $ gocryptfs -init -extpass "echo test" a Using password provided via -extpass. <<< DUPLICATE Reading password from extpass program The gocryptfs filesystem has been created successfully. You can now mount it using: gocryptfs a MOUNTPOINT | |||
| 2016-09-26 | README: storage overhead is 32 bytes | Jakob Unterwurzacher | |
| As stated in file-format.md. | |||
| 2016-09-26 | reverse: switch from GCM-SIV to AES-SIVv1.1-beta1 | Jakob Unterwurzacher | |
| GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV. | |||
| 2016-09-26 | siv_aead: add AES-SIV AEAD wrapper | Jakob Unterwurzacher | |
| 2016-09-25 | stupidgcm: add GCM-SIV benchmark | Jakob Unterwurzacher | |
| On a CPU without AES-NI: $ go test -bench . Benchmark4kEncStupidGCM-2 50000 24155 ns/op 169.57 MB/s Benchmark4kEncGoGCM-2 20000 93965 ns/op 43.59 MB/s Benchmark4kEncGCMSIV-2 500 2576193 ns/op 1.59 MB/s | |||
| 2016-09-25 | tests: add reverse linux tarball test | Jakob Unterwurzacher | |
| 2016-09-25 | nametransform: downgrade invalid length warning | Jakob Unterwurzacher | |
| This happens all the time in reverse mode when somebody stats an encrypted symlink target. | |||
| 2016-09-25 | Implement changes proposed by gosimple. | Jakob Unterwurzacher | |
| Also delete the unused "dirIVNameStruct", found by deadcode. | |||
| 2016-09-25 | tests: enable all go vet checks | Jakob Unterwurzacher | |
| ...and fix reported errors: internal/fusefrontend_reverse/rfile.go:40: github.com/rfjakob/gocryptfs/internal/contentenc.FileHeader composite literal uses unkeyed fields internal/fusefrontend_reverse/rfs.go:249: github.com/hanwen/go-fuse/fuse.DirEntry composite literal uses unkeyed fields internal/fusefrontend_reverse/rfs.go:264: github.com/hanwen/go-fuse/fuse.DirEntry composite literal uses unkeyed fields | |||
| 2016-09-25 | nametransform: delete unused function DecryptPathDirIV | Jakob Unterwurzacher | |
| 2016-09-25 | contentenc: rename constant "IVBitLen" to "DefaultIVBits" and clarify comment | Jakob Unterwurzacher | |
| 128-bit IVs are NOT used everywhere. | |||
