Age | Commit message (Collapse) | Author |
|
|
|
|
|
Pretty-prints the config while stripping out sensitive
(and uninteresting) data
https://github.com/rfjakob/gocryptfs/issues/111
|
|
...and fix a few golint issues and print a scary warning message on mount.
Also, force the fs to ro,noexec.
|
|
Force decode of encrypted files even if the integrity check fails, instead of
failing with an IO error. Warning messages are still printed to syslog if corrupted
files are encountered.
It can be useful to recover files from disks with bad sectors or other corrupted
media.
Closes https://github.com/rfjakob/gocryptfs/pull/102 .
|
|
This makes it render properly on the github webinterface.
|
|
|
|
* Further explain the use of 'scryptn' parameter
* Further explain the use of 'scryptn' parameter in MANPAGE
* Use 28 as reasonable upper limit
|
|
|
|
|
|
|
|
|
|
...and while we are at it, also filenames starting with "-".
|
|
As requested in https://github.com/rfjakob/gocryptfs/issues/73 .
|
|
Preallocation is very slow on hdds that run btrfs. Give the
user the option to disable it. This greatly speeds up small file
operations but reduces the robustness against out-of-space errors.
Also add the option to the man page.
More info: https://github.com/rfjakob/gocryptfs/issues/63
|
|
|
|
"-f" looks too much like "--force". The old variant is still
accepted for compatability.
|
|
|
|
|
|
People will search for "-o" alphabetically, so put it into the
alphabetical option list, even if it is not a real option.
|
|
|
|
Requested at https://github.com/rfjakob/gocryptfs/issues/28
|
|
Make it easier to read the password from a file. Internally this
is equivalent to "-extpass /bin/cat FILE".
|
|
For compatability with mount(1), options are also accepted as
"-o COMMA-SEPARATED-OPTIONS" at the end of the command line.
For example, "-o q,zerokey" is equivalent to "-q -zerokey".
|
|
This prevents confusion with the "-o" options that is passed
by mount(1) at the end of the command line.
|
|
Also explain why AES-SIV exists.
|
|
|
|
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
|
|
|
|
This is no change in behavoir, just a clarification in the man page.
|
|
Device files and suid binaries are often not needed when running
gocryptfs as root. As they are potentially dangerous, let the
user enable them explicitely via the new "-o" option instead of
always enabling them when running as root.
|
|
The GCMIV128 feature flag is already mandatory, dropping the command
line option is the final step.
Completes https://github.com/rfjakob/gocryptfs/issues/29 .
|
|
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
|
|
The DirIV feature flag is already mandatory, dropping the command
line option is the final step.
|
|
As v0.4 introduced ext4-style feature flags, the on-disk format version
is unlinkely to change. Drop it from the version output to reduce
clutter. Use "gocryptfs -version -debug" to see it.
Add the Go version string because only Go 1.6 and newer have an optimized
AES-GCM implementation. This will help users to understand the performance
of their build.
|
|
From the man page:
**-ro**
: Mount the filesystem read-only
Also add a test.
|
|
As requested in https://github.com/rfjakob/gocryptfs/issues/26 ,
this adds the option to allow other users to access the filesystem.
|
|
Optimized assembly versions for Go GCM are only available
on amd64.
|
|
Go GCM is faster than OpenSSL if the CPU has AES instructions
and you are running Go 1.6+.
The "-openssl" option now defaults to "auto".
"gocryptfs -debug -version" displays the result of the autodetection.
See https://github.com/rfjakob/gocryptfs/issues/23 for details and
benchmarks.
|
|
|
|
|
|
|
|
|
|
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
|
|
|
|
|
|
|