summaryrefslogtreecommitdiff
path: root/internal
AgeCommit message (Collapse)Author
2018-02-18siv_aead: create private key copy and implement wipingJakob Unterwurzacher
Having a private copy relieves the caller from worrying about whether he can zero his copy. The copy can be cleared by calling Wipe().
2018-02-18main: changePassword: zero masterkeyJakob Unterwurzacher
Overwrite the masterkey with zeros once we have encrypted it, and let it run out of scope. Also get rid of the password duplicate in readpassword.Twice.
2018-02-18readpassword: convert from string to []byteJakob Unterwurzacher
This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18cryptocore, main: add two commentsJakob Unterwurzacher
While reading the code, I had to think about what it does, so add a comment that explains it.
2018-02-18configfile: overwrite and let keys run out of scopeJakob Unterwurzacher
As soon as we don't need them anymore, overwrite keys with zeros and make sure they run out of scope so we don't create a risk of inadvertedly using all-zero keys for encryption. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18stupidgcm: create private copy of the keyJakob Unterwurzacher
Relieves the caller from worrying about whether they can overwrite the key.
2018-02-18main: try to wipe cryptocore's secret keys on unmountJakob Unterwurzacher
Raise the bar for recovering keys from memory. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18fusefrontend[_reverse]: move crypto init up to callerJakob Unterwurzacher
Both fusefrontend and fusefrontend_reverse were doing essentially the same thing, move it into main's initFuseFrontend. A side-effect is that we have a reference to cryptocore in main, which will help with wiping the keys on exit (https://github.com/rfjakob/gocryptfs/issues/211).
2018-02-17stupidgcm: implement key wipeJakob Unterwurzacher
Not bulletproof due to possible GC copies, but still raises to bar for extracting the key. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-17stupidgcm: switch to pointer receiversJakob Unterwurzacher
What the key slice does not get copied around will make it possible to check if the key has been wiped.
2018-02-04gccgo: skip emulateGetdents on linuxJakob Unterwurzacher
The test is known to fail on gccgo (https://github.com/rfjakob/gocryptfs/issues/201), but getdents emulation is not used on linux, so let's skip the test and ignore the failure.
2018-02-04Fix spelling (#205)Felix Lechner
2018-02-03Fix assignment error in Unix2syscall by converting Timespec into Nsec (#203)Felix Lechner
$ go.gcc build # github.com/rfjakob/gocryptfs/internal/syscallcompat internal/syscallcompat/unix2syscall_linux.go:32:13: error: incompatible types in assignment (cannot use type int64 as type syscall.Timespec_sec_t) s.Atim.Sec = u.Atim.Sec ^
2018-02-01gccgo: replace syscall.NAME_MAX with unix.NAME_MAXJakob Unterwurzacher
For some reason the syscall.NAME_MAX constant does not exist on gccgo, and it does not hurt us to use unix.NAME_MAX instead. https://github.com/rfjakob/gocryptfs/issues/201
2018-01-31syscallcompat: switch from syscall.Getdents to unix.GetdentsJakob Unterwurzacher
On mips64le, syscall.Getdents() and struct syscall.Dirent do not fit together, causing our Getdents implementation to return garbage ( https://github.com/rfjakob/gocryptfs/issues/200 and https://github.com/golang/go/issues/23624 ). Switch to unix.Getdents which does not have this problem - the next Go release with the syscall package fixes is too far away, and will take time to trickle into distros.
2018-01-25syscallcompat: hardcode maxReclen = 280 for all architecturesJakob Unterwurzacher
Due to padding between entries, it is 280 even on 32-bit architectures. See https://github.com/rfjakob/gocryptfs/issues/197 for details.
2018-01-25syscallcompat: fix reversed warning outputJakob Unterwurzacher
We used to print somewhat strange messages: Getdents: corrupt entry #1: Reclen=276 > 280. Returning EBADR Reported at https://github.com/rfjakob/gocryptfs/issues/197
2018-01-25fusefrontend: drop unused haveGetdents warningJakob Unterwurzacher
We don't actually print that warning anymore.
2018-01-25syscallcompat: explain why we don't use syscall.ParseDirent()Jakob Unterwurzacher
syscall.ParseDirent only returns the NAMES, we want everything.
2018-01-17fusefrontend_reverse: use OpenNofollow in virtualFile.GetAttrJakob Unterwurzacher
Makes it robust against symlink races. Final piece, closes https://github.com/rfjakob/gocryptfs/issues/165
2018-01-17fusefrontend_reverse: use OpenNofollow in findLongnameParentJakob Unterwurzacher
Protects findLongnameParent against symlink races. Also add comments to several functions along the way. Reported at https://github.com/rfjakob/gocryptfs/issues/165
2018-01-17fusefronted: add PlaintextNames special-cases for Create & RenameJakob Unterwurzacher
gocryptfs.longname.XXX files were considered magic in PlaintextNames mode, which was wrong. Fix that and add tests. Fixes https://github.com/rfjakob/gocryptfs/issues/174
2018-01-16Run go fmtJakob Unterwurzacher
2017-12-25fusefrontend: Use Linkat syscall to implement LinkSebastian Lackner
2017-12-25fusefrontend: Handle PlaintextNames mode in LinkSebastian Lackner
In PlaintextNames mode the "gocryptfs.longname." prefix does not have any special meaning. https://github.com/rfjakob/gocryptfs/issues/174
2017-12-11fusefrontend_reverse: Use O_DIRECTORY in OpenDir implementationSebastian Lackner
Also get rid of the defer - it is not really necessary here.
2017-12-11fusefrontend_reverse: Reject access to device nodes in newFile functionSebastian Lackner
Steps to reproduce: * Create a regular reverse mount point * Create a file "test" in the original directory * Access the corresponding encrypted directory in the mount point (ls <encrypted dir>) * Quickly delete the file in the original data - instead create a device node * Access the file again, it will access the device node and attempt to read from it Fixes https://github.com/rfjakob/gocryptfs/issues/187
2017-12-07fusefrontend_reverse: Use openBackingDir in GetAttrSebastian Lackner
Also fixes 48bd59f38843e5ebd4e4c9f666f1aea1c9990803 - the directory FD should also be closed in case of an error.
2017-12-07fusefrontend_reverse: Use openBackingDir in ReadlinkSebastian Lackner
2017-12-07fusefrontend_reverse: fix fd leak in GetAttrJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/184
2017-12-07fusefrontend_reverse: secure Access against symlink races (somewhat)Jakob Unterwurzacher
Unfortunately, faccessat in Linux ignores AT_SYMLINK_NOFOLLOW, so this is not completely atomic. Given that the information you get from access is not very interesting, it seems good enough. https://github.com/rfjakob/gocryptfs/issues/165
2017-12-07syscallcompat: add FaccessatJakob Unterwurzacher
Add faccessat(2) with a hack for symlink, because the kernel does not actually looks at the passed flags. From man 2 faccessat: C library/kernel differences The raw faccessat() system call takes only the first three argu‐ ments. The AT_EACCESS and AT_SYMLINK_NOFOLLOW flags are actually implemented within the glibc wrapper function for faccessat().
2017-12-06fusefrontend_reverse: secure Readlink against symlink racesJakob Unterwurzacher
...by using Readlinkat. Tracking ticket: https://github.com/rfjakob/gocryptfs/issues/165
2017-12-06syscallcompat: add ReadlinkatJakob Unterwurzacher
We need readlinkat to implement Readlink symlink-race-free.
2017-12-06syscallcompat: add Darwin version of unix2syscallJakob Unterwurzacher
The "Atim" field is called "Atimespec" on Darwin, same for Mtim and Ctim.
2017-12-06fusefrontend_reverse: secure GetAttr against symlink racesJakob Unterwurzacher
...by using the OpenNofollow helper & Fstatat. Also introduce a helper to convert from unix.Stat_t to syscall.Stat_t. Tracking ticket: https://github.com/rfjakob/gocryptfs/issues/165
2017-12-05syscallcompat: OpenNofollow: use O_DIRECTORY flagJakob Unterwurzacher
...when opening intermedia directories to give us an extra layer of safety. From the FreeBSD man page: This flag can be used to prevent applications with elevated privileges from opening files which are even unsafe to open with O_RDONLY, such as device nodes.
2017-12-05fusefrontend_reverse: secure OpenDir against symlink racesJakob Unterwurzacher
...by using the new OpenNofollow helper. The benchmark shows a small but acceptable performance loss: $ ./benchmark-reverse.bash LS: 2.182 CAT: 18.221 Tracking ticket: https://github.com/rfjakob/gocryptfs/issues/165
2017-12-05syscallcompat: OpenNofollow: fix relPath="" caseJakob Unterwurzacher
Sometimes want to open baseDir itself. This case was broken, fix it.
2017-12-03syscallcompat: convert Getdents to fd input, add emulationJakob Unterwurzacher
Now that we have Fstatat we can use it in Getdents to get rid of the path name. Also, add an emulated version of getdents for MacOS. This allows to drop the !HaveGetdents special cases from fusefrontend. Modify the getdents test to test both native getdents and the emulated version.
2017-12-03syscallcompat: add Fstatat + emulation + testJakob Unterwurzacher
Fstatat has recently been added to x/sys/unix. Make it available for use in gocryptfs.
2017-12-02fusefrontend_reverse: secure StatFs agains symlink racesJakob Unterwurzacher
...by ignoring the path that was passed in. https://github.com/rfjakob/gocryptfs/issues/165
2017-12-02fusefrontend_reverse: secure Open against symlink racesJakob Unterwurzacher
...using the new syscallcompat.OpenNofollow helper. This change secures Open() against symlink race attacks as described in https://github.com/rfjakob/gocryptfs/issues/165
2017-12-02syscallcompat: add OpenNofollow helperJakob Unterwurzacher
OpenNofollow = symlink-race-safe Open Prepares fixing https://github.com/rfjakob/gocryptfs/issues/165
2017-12-02syscallcompat: move test setup into its own fileJakob Unterwurzacher
The infrastructure will also be used by the upcoming OpenNofollow tests.
2017-12-02syscallcompat: use Unlinkat and Symlinkat from x/sys/unixJakob Unterwurzacher
I'm unsure why I did not notice this earlier, but the syscall wrappers provided by x/sys/unix seem to do just fine. Drop our own version.
2017-12-01syscallcompat: Improve the Openat and Mknodat syscall emulationSebastian Lackner
This avoids the conversion to an absolute path.
2017-12-01syscallcompat: Fix syscall emulation for absolute pathsSebastian Lackner
For absolute paths, the file descriptor should be ignored. In such a case there is also no need to hold the lock or change the working directory.
2017-12-01fusefrontend: Improve documentation of mkdirWithIv and WriteDirIVSebastian Lackner
As requested in https://github.com/rfjakob/gocryptfs/pull/179
2017-11-30syscallcompat: check that we get NOFOLLOW wherever possibleJakob Unterwurzacher
...and fix the instances where the AT_SYMLINK_NOFOLLOW / O_NOFOLLOW / O_EXCL flag was missing.