summaryrefslogtreecommitdiff
path: root/internal/fusefrontend_reverse
AgeCommit message (Collapse)Author
2024-05-05reverse: use incrementing inode number for gocryptfs.longname.*.name filesJakob Unterwurzacher
ed0a12b7337c2d88c027329f64e73070da17d5b3 already fixed the kernel side, now we also want the .name files to NOT appear hardlinked when just looking at the inode number. Relates-to: https://github.com/rfjakob/gocryptfs/issues/802
2024-05-01reverse: use unique generation number for all nodesJakob Unterwurzacher
We used to present gocryptfs.longname.*.name files for hardlinked files as hardlinked to the kernel (same Node ID) which is wrong. Fix this by using a unique generation number for all nodes, which also fixes possible issues with inode reuse. Basically what 1bc1db620b061aabf59469a5eb4fb60e3e1701a3 did for forward mode with -sharedstorage. Fixes https://github.com/rfjakob/gocryptfs/issues/802
2022-08-28make formatJakob Unterwurzacher
2022-08-28Fix invalid -longnamemax for reverse modeNekoGirlSAIKOU
2022-04-02Fix reverse gocryptfs.conf access on macOSVal
Unlike the FUSE implementation on Linux, macFUSE doesn't cache the file attributes from the `LOOKUP` call, so it calls `GETATTR` prior to accessing a file. In the case of the `VirtualConfNode` (reverse config file passthrough), this resulted in the default `GETATTR` implementation returning an empty result, ultimately resulting in a "permission denied" error. 14:44:14.095207 rx 3: GETATTR n2 14:44:14.095229 tx 3: OK, {tA=1s {M0100000 SZ=0 L=0 0:0 0 0:8954996 A 0.000000 M 0.000000 C 0.000000}} 14:44:14.099943 rx 4: ACCESS n2 {u=501 g=20 r} 14:44:14.099990 tx 4: 13=permission denied By impementing `Getattr` (from `fs.NodeGetattrer`) on `VirtualConfNode` this solves the issue.
2021-09-10inomap: deterministically set root deviceJakob Unterwurzacher
We used to have "first Translate() wins". This is not deterministic, as the LOOKUP for the root directory does not seem to reach us, so the first user LOOKUP would win, which may be on a mountpoint.
2021-08-23go mod: declare module version v2Jakob Unterwurzacher
Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%
2021-08-20-deterministic-names: implement for reverse mode, tooJakob Unterwurzacher
2021-08-19golangci-lint: fix issues found by "unused" and "deadcode"Jakob Unterwurzacher
Except xattrSupported, this is a false positive. $ golangci-lint run --disable-all --enable unused --enable deadcode gocryptfs-xray/xray_main.go:24:5: `GitVersionFuse` is unused (deadcode) var GitVersionFuse = "[GitVersionFuse not set - please compile using ./build.bash]" ^ tests/symlink_race/main.go:47:6: `chmodLoop` is unused (deadcode) func chmodLoop() { ^ internal/readpassword/extpass_test.go:11:5: `testPw` is unused (deadcode) var testPw = []byte("test") ^ tests/reverse/xattr_test.go:13:6: func `xattrSupported` is unused (unused) func xattrSupported(path string) bool { ^ internal/fusefrontend_reverse/rpath.go:20:22: func `(*RootNode).abs` is unused (unused) func (rfs *RootNode) abs(relPath string, err error) (string, error) { ^ tests/matrix/matrix_test.go:310:6: `sContains` is unused (deadcode) func sContains(haystack []string, needle string) bool {
2021-08-18Update dependenciesJakob Unterwurzacher
Using go get -u go mod tidy
2021-08-18reverse: fix "exclude all but" caseJakob Unterwurzacher
With test. Fixes https://github.com/rfjakob/gocryptfs/issues/588
2021-08-16reverse mode: implement -one-file-systemJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/475
2021-06-21nametransform: delete NameTransformer interfaceJakob Unterwurzacher
Useless layer of indirection.
2021-06-02nametransform: check name validity on encryptionJakob Unterwurzacher
xfstests generic/523 discovered that we allowed to set xattrs with "/" in the name, but did not allow to read them later. With this change we do not allow to set them in the first place.
2020-11-10fusefrontend_reverse: fix GETATTR panicJakob Unterwurzacher
We don't implement Getattr(), so don't try to call it. Reported at https://github.com/rfjakob/gocryptfs/issues/519#issuecomment-718790790 : 15:22:53.414101 rx 3344: READ n2565 {Fh 7 [42143744 +131072) L 0 RDONLY,0x8000} 15:22:53.414274 rx 3342: READ n2565 {Fh 7 [42012672 +131072) L 0 RDONLY,0x8000} 15:22:53.414787 rx 3346: READ n2565 {Fh 7 [42274816 +131072) L 0 RDONLY,0x8000} 15:22:53.414806 tx 3336: OK, 131072b data "\xcb\xd3<\"!-\xa7\xc4"... 15:22:53.414874 rx 3348: GETATTR n1446 {Fh 0} panic: interface conversion: *fusefrontend_reverse.File is not fs.FileGetattrer: missing method Getattr goroutine 451 [running]: github.com/rfjakob/gocryptfs/internal/fusefrontend_reverse.(*Node).Getattr(0xc00034c880, 0x5620579784c0, 0xc000593e60, 0x562057939800, 0xc000218050, 0xc0000fc108, 0x0) github.com/rfjakob/gocryptfs/internal/fusefrontend_reverse/node.go:69 +0x273 github.com/hanwen/go-fuse/v2/fs.(*rawBridge).getattr(0xc00011e000, 0x5620579784c0, 0xc000593e60, 0xc00034c880, 0x562057939800, 0xc000218050, 0xc0000fc108, 0xbfded1ef58ba7b13) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fs/bridge.go:500 +0x2d4 github.com/hanwen/go-fuse/v2/fs.(*rawBridge).GetAttr(0xc00011e000, 0xc0000e0000, 0xc0000fc198, 0xc0000fc108, 0x0) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fs/bridge.go:488 +0x11c github.com/hanwen/go-fuse/v2/fuse.doGetAttr(0xc000120000, 0xc0000fc000) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fuse/opcode.go:287 +0x6f github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0xc000120000, 0xc0000fc000, 0xc000000000) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fuse/server.go:472 +0x2c1 github.com/hanwen/go-fuse/v2/fuse.(*Server).loop(0xc000120000, 0xc000288001) github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fuse/server.go:445 +0x18c created by github.com/hanwen/go-fuse/v2/fuse.(*Server).readRequest github.com/hanwen/go-fuse/v2@v2.0.4-0.20200908172753-0b6cbc515082/fuse/server.go:312 +0x419
2020-08-30v2api/reverse: update TODO comment on xattrsJakob Unterwurzacher
2020-08-16v2api/reverse: implement LseekJakob Unterwurzacher
2020-08-16v2api/reverse: implement StatfsJakob Unterwurzacher
2020-08-16v2api: clean up api TODOsJakob Unterwurzacher
2020-08-15v2api/reverse: finish -excludeJakob Unterwurzacher
Tests pass now.
2020-08-15v2api/reverse: start wiring up -exclude functionalityJakob Unterwurzacher
Exclude in readdir is missing.
2020-08-15v2api/reverse: fix two fd leaksJakob Unterwurzacher
2020-08-15v2api/reverse: implement ctlsocksrv.InterfaceJakob Unterwurzacher
2020-08-15v2api/reverse: implement gocryptfs.conf mapping with -plaintextnamesJakob Unterwurzacher
2020-08-09v2api/reverse: implement ReadJakob Unterwurzacher
2020-08-08v2api/reverse: implement ReadlinkJakob Unterwurzacher
2020-08-02v2api/reverse: implement Lookup for longnameJakob Unterwurzacher
2020-08-02v2api/reverse: implement Lookup for gocryptfs.conf & gocryptfs.dirivJakob Unterwurzacher
2020-08-01v2api/reverse: add missing decryptPath call openBackingDirJakob Unterwurzacher
2020-08-01v2api/reverse: implement ReaddirJakob Unterwurzacher
2020-08-01v2api/reverse: implement Lookup & GetattrJakob Unterwurzacher
2020-08-01v2api/reverse: start fusefrontend_reverse v2 API implementationJakob Unterwurzacher
2020-08-01v2api/reverse: move old fusefrontend_reverse out of the wayJakob Unterwurzacher
fusefrontend_reverse -> fusefrontend_reverse_v1api
2020-08-01fusefrontend_reverse: collapse getFileTypeJakob Unterwurzacher
2020-06-21v2api (go-fuse v2 api): initial noop implementationJakob Unterwurzacher
Compiles and mounts but does nothing useful.
2020-05-17Update go-fuse import path to github.com/hanwen/go-fuse/v2Jakob Unterwurzacher
We need https://github.com/hanwen/go-fuse/commit/fd7328faf9fdf75709f7ba7df7072aaf4eeb18b3 to fix a crash reported in https://github.com/rfjakob/gocryptfs/issues/430 : 2019/10/30 17:14:16 Unknown opcode 2016 panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x508d38] This patch is only in the v2.x.x branch. Upgrade to v2, as the old API is also supported there. Running git grep hanwen/go-fuse | grep -v hanwen/go-fuse/v2 to check for forgotten references comes back clean.
2020-05-10Fix spelling mistakes found by misspellJakob Unterwurzacher
https://github.com/client9/misspell
2020-05-09ctlsock: create exported ctlsock client libraryJakob Unterwurzacher
The former interal ctlsock server package is renamed to ctlsocksrv.
2020-05-03fusefrontend_reverse: use inomap for inode number translationJakob Unterwurzacher
Gets rid of static inode number value limitations. Fixes https://github.com/rfjakob/gocryptfs/issues/457
2019-04-08readpassword: delete CheckTrailingGarbageJakob Unterwurzacher
CheckTrailingGarbage was called even when "-passfile" was used, which is stupid, and causes false positives: https://github.com/rfjakob/gocryptfs/issues/391 (false error "Received trailing garbage after the password" when using -passfile in .bash_profile) Instead of trying to improve the logic to handle that case and make everything even more complicated, delete the function. It is unclear if actually helps in some cases, and it definitely harms as shown by the above bug report.
2019-03-26reverse: don't show gocryptfs.conf if a custom config path was passedJakob Unterwurzacher
GetAttr checks for this, but OpenDir did not. https://github.com/rfjakob/gocryptfs/issues/385
2019-03-26reverse mode: support wildcard exclude (--exclude-wildcard)Eduardo M KALINOWSKI
This adds support for gitignore-like wildcards and exclude patters in reverse mode. It (somewhat) fixes #273: no regexp support, but the syntax should be powerful enough to satisfy most needs. Also, since adding a lot of --exclude options can be tedious, it adds the --exclude-from option to read patterns from a file (or files).
2019-01-20Revert "syscallcompat: drop Faccessat AT_SYMLINK_NOFOLLOW helper"Jakob Unterwurzacher
Breaks mounting on MacOS: unix.Faccessat on Darwin does NOT (yet) support AT_SYMLINK_NOFOLLOW. See d44fe89ba4f3252c5bd00c4f7730197732f2a26a . This reverts commit 0805a63df1b5f915b228727f6074c2506922d0ad.
2019-01-20syscallcompat: drop Faccessat AT_SYMLINK_NOFOLLOW helperJakob Unterwurzacher
unix.Faccessat has added support for AT_SYMLINK_NOFOLLOW in July 2018, https://github.com/golang/sys/commit/bd9dbc187b6e1dacfdd2722a87e83093c2d7bd6e#diff-341484dbbe3180cd7a31ef2ad2d679b6 which means we no longer need our own helper. Closes https://github.com/rfjakob/gocryptfs/issues/347
2019-01-15fusefrontend_reverse: Delete leftover debug statement.Sebastian Lackner
2019-01-04fusefrontend_reverse: Fix redeclaration of 'entries' variable.Sebastian Lackner
Go version go1.10.7 linux/amd64 complains with: internal/fusefrontend_reverse/rfs.go:333: declaration of "entries" shadows declaration at internal/fusefrontend_reverse/rfs.go:327
2019-01-04reverse mode: -exclude: filter out excluded .name filesJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/286 : While the actual file is properly excluded, the * .name file is still leaked in the directory listing: ``` drwxr-xr-x 2 sebastian sebastian 4,0K Dez 17 14:58 . drwxr-xr-x 7 sebastian sebastian 4,0K Dez 17 14:45 .. -r-------- 1 sebastian sebastian 408 Dez 17 14:56 gocryptfs.conf -r--r--r-- 1 sebastian sebastian 16 Dez 17 14:58 gocryptfs.diriv -r--r--r-- 1 sebastian sebastian 320 Dez 17 14:58 gocryptfs.longname.3vZ_r3eDPb1_fL3j5VA4rd_bcKWLKT9eaxOVIGK5HFA.name ```
2019-01-04reverse mode: fix "-exclude" in "-plaintextnames" dir listingsJakob Unterwurzacher
Excluded files showed up in directory listing like this: drwxr-xr-x 2 sebastian sebastian 4,0K Dez 17 14:48 . drwxr-xr-x 7 sebastian sebastian 4,0K Dez 17 14:45 .. -????????? ? ? ? ? ? abcd -r-------- 1 sebastian sebastian 366 Dez 17 14:45 gocryptfs.conf Fixes https://github.com/rfjakob/gocryptfs/issues/285
2018-09-08syscallcompat: use O_PATH in OpenDirNofollowJakob Unterwurzacher
This fixes the "0100 directory" problem in reverse mode, and should be slightly faster.
2018-09-08syscallcompat: untangle OpenNofollow and rename to OpenDirNofollowJakob Unterwurzacher
The function used to do two things: 1) Walk the directory tree in a manner safe from symlink attacks 2) Open the final component in the mode requested by the caller This change drops (2), which was only used once, and lets the caller handle it. This simplifies the function and makes it fit for reuse in forward mode in openBackingPath(), and for using O_PATH on Linux.