Age | Commit message (Collapse) | Author |
|
Changed invalid file decoding and decryption. Function
DecryptName now shortens the filename until the filename is
decodable and decryptable. Will work with valid **and**
invalid Base64URL delimiter (valid delimiter [0-9a-zA-z_\\-].
If the filename is not decryptable at all, it returns the
original cipher name with flag suffix Changed cli tests to
generate decryptable and undecryptable file names with correct
encrypted content. Replacing #474, extends #393
|
|
The comment still mentioned CBC, which has been removed
a long time ago.
The test definition can be rewritten using slice literals,
saving sume stuttering.
|
|
Resolves https://github.com/rfjakob/gocryptfs/issues/393
|
|
This adds support for gitignore-like wildcards and exclude patters in
reverse mode. It (somewhat) fixes #273: no regexp support, but the
syntax should be powerful enough to satisfy most needs.
Also, since adding a lot of --exclude options can be tedious, it adds
the --exclude-from option to read patterns from a file (or files).
|
|
Looks like we allowed creating longer names by accident.
Fix that, and add a test that verifies it.
|
|
|
|
Finally allows us to delete EncryptPathDirIV.
|
|
Mostly detected with the 'codespell' utility, but also includes some
manual grammar fixes.
|
|
|
|
Needs some space to grow.
renamed: internal/nametransform/diriv_cache.go -> internal/nametransform/dirivcache/dirivcache.go
|
|
This fixes a few issues I have found reviewing the code:
1) Limit the amount of data ReadLongName() will read. Previously,
you could send gocryptfs into out-of-memory by symlinking
gocryptfs.diriv to /dev/zero.
2) Handle the empty input case in unPad16() by returning an
error. Previously, it would panic with an out-of-bounds array
read. It is unclear to me if this could actually be triggered.
3) Reject empty names after base64-decoding in DecryptName().
An empty name crashes emeCipher.Decrypt().
It is unclear to me if B64.DecodeString() can actually return
a non-error empty result, but let's guard against it anyway.
|
|
nametransform.DecryptName() now always returns syscall.EBADMSG if
the name was invalid.
fusefrontend.OpenDir error messages have been normalized.
|
|
The symlink functions incorrectly hardcoded the padded
base64 variant.
|
|
Yields a nice reduction in code size.
|
|
Version 1.1 of the EME package (github.com/rfjakob/eme) added
a more convenient interface. Use it.
Note that you have to upgrade your EME package (go get -u)!
|
|
Using raw64 will not work, but at least it will compile.
|
|
Through base64.RawURLEncoding.
New command-line parameter "-raw64".
|
|
|
|
This happens all the time in reverse mode when somebody stats
an encrypted symlink target.
|
|
|
|
|
|
With the generic fmt.Errorf we trigger a warning from go-fuse:
2016/09/21 21:42:31 can't convert error type: Invalid padding
|
|
|
|
unPad16 returns detailed errors including the position of the
incorrect bytes. Kill a possible padding oracle by lumping
everything into a generic error.
The detailed error is only logged if debug is active.
|
|
The EMENames feature flag is already mandatory, dropping the command
line option is the final step.
|
|
Let's have shorter names, and merge *_api.go into the "main"
file.
No code changes.
|