| Age | Commit message (Collapse) | Author |
|---|
|
Due to kernel readahead, we usually get multiple read requests
at the same time. These get submitted to the backing storage in
random order, which is a problem if seeking is very expensive.
Details: https://github.com/rfjakob/gocryptfs/issues/92
|
|
This brings the CLI options back in sync with the default
feature flags.
|
|
This commit also enables actually passing the HKDF setting to
fusefrontend, this was missing till now.
|
|
A crypto benchmark mode like "openssl speed".
Example run:
$ ./gocryptfs -speed
AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode)
AES-GCM-256-Go 48.19 MB/s
AES-SIV-512-Go 37.40 MB/s
|
|
...and while we are at it, also filenames starting with "-".
|
|
As requested in https://github.com/rfjakob/gocryptfs/issues/73 .
|
|
Both are achieved by opening the socket from main and passing
it to the ctlsock package instead of passing the path.
|
|
Preallocation is very slow on hdds that run btrfs. Give the
user the option to disable it. This greatly speeds up small file
operations but reduces the robustness against out-of-space errors.
Also add the option to the man page.
More info: https://github.com/rfjakob/gocryptfs/issues/63
|
|
At the moment, in forward mode you can only encrypt paths
and in reverse mode you can only decrypt paths.
|
|
"-f" looks too much like "--force". The old variant is still
accepted for compatability.
|
|
Through base64.RawURLEncoding.
New command-line parameter "-raw64".
|
|
Close https://github.com/rfjakob/gocryptfs/issues/54
|
|
"The options -extpass and -masterkey cannot be used at the same time"
|
|
Binds it to a dummy variable so it appears in the help text.
|
|
Moving "-o" to the end broke a third-party app, SiriKali.
Breaking your users is bad, so let's accept "-o" anywhere.
|
|
|
|
Make it easier to read the password from a file. Internally this
is equivalent to "-extpass /bin/cat FILE".
|
|
When called from mount, we always get either "suid" or "nosuid".
As "nosuid" is the default, just ignore the options. Same for
the other options.
|
|
For compatability with mount(1), options are also accepted as
"-o COMMA-SEPARATED-OPTIONS" at the end of the command line.
For example, "-o q,zerokey" is equivalent to "-q -zerokey".
|
|
This prevents confusion with the "-o" options that is passed
by mount(1) at the end of the command line.
|
|
Only in plaintextnames-mode AND with the config file at the
default location it will be mapped into the mountpoint.
Also adds a test for that.
|
|
|
|
|
|
GCM-SIV is not yet finalized, and the reference implemenation is
painfully slow at about 2 MB/s. Switch to AES-SIV.
|
|
|
|
|
|
The main function has gotten way too big.
|
