summaryrefslogtreecommitdiff
path: root/internal
AgeCommit message (Collapse)Author
2017-02-23speed: fix build for Go 1.4 and lowerJakob Unterwurzacher
Old Go versions miss cipher.NewGCMWithNonceSize, which causes: internal/speed/speed.go:95: undefined: cipher.NewGCMWithNonceSize
2017-02-22Implement "gocryptfs -speed"Jakob Unterwurzacher
A crypto benchmark mode like "openssl speed". Example run: $ ./gocryptfs -speed AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode) AES-GCM-256-Go 48.19 MB/s AES-SIV-512-Go 37.40 MB/s
2017-02-16tests: reverse: check Access() callJakob Unterwurzacher
2017-02-16fusefrontend_reverse: handle .name files in Access()Jakob Unterwurzacher
These were currently passed to decryptPath() were it caused a warning.
2017-02-16tests: configfile: add missing newlines in verbose outputJakob Unterwurzacher
2017-02-16syscallcompat: OSX compat: fix variable warningsJakob Unterwurzacher
As suggested by https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217
2017-02-13readpassword: limit password length to 1000 bytesJakob Unterwurzacher
This used to hang at 100% CPU: cat /dev/zero | gocryptfs -init a ...and would ultimately send the box into out-of-memory. The number 1000 is chosen arbitrarily and seems big enough given that the password must be one line. Suggested by @mhogomchungu in https://github.com/rfjakob/gocryptfs/issues/77 .
2017-02-12Check for trailing garbage after the passwordJakob Unterwurzacher
From the comment: // CheckTrailingGarbage tries to read one byte from stdin and exits with a // fatal error if the read returns any data. // This is meant to be called after reading the password, when there is no more // data expected. This helps to catch problems with third-party tools that // interface with gocryptfs.
2017-02-12readpassword: improve comment on readPasswordStdinJakob Unterwurzacher
2017-02-05ctlsock: handle non-canonical empty pathsJakob Unterwurzacher
We have to check if the input path is empty AFTER canonicalizing it, too!
2017-02-05ctlsock: sanitize: handle multiple leading slashesJakob Unterwurzacher
2017-01-29golint comment fixJakob Unterwurzacher
internal/ctlsock/ctlsock_serve.go:73:1: comment on exported const ReadBufSize should be of the form "ReadBufSize ..."
2017-01-29ctlsock: better error message for forward mode path decryptionJakob Unterwurzacher
2017-01-29ctlsock: abort message processing on JSON errorJakob Unterwurzacher
The code was missing a "continue" in that branch. Also improve the error messages a bit.
2017-01-29ctlsock: interpret paths that point above CWD as ""Jakob Unterwurzacher
Paths that start with ".." were previously accepted as-is.
2017-01-29readpassword: support spaces in "-passfile" filenameJakob Unterwurzacher
...and while we are at it, also filenames starting with "-".
2017-01-26main: make sure the ctlsock file is deleted on incorrect passwordJakob Unterwurzacher
Otherwise the next try to mount ends in "ctlsock: listen unix ctl.sock: bind: address already in use"
2017-01-26fusefrontend: fix hard-linking with long nameJakob Unterwurzacher
This used to incorrectly try to link twice and return EEXIST.
2017-01-26tlog: better comment for the terminal colorsJakob Unterwurzacher
2017-01-03reverse: add single-entry path cacheJakob Unterwurzacher
Speeds up the "ls -lR" benchmark from 2.6 seconds to 2.0.
2017-01-03reverse: factor out rDecryptNameJakob Unterwurzacher
This prepares the code for the introduction of a path cache.
2016-12-10prefer_openssl: default to Go GCM on OSXJakob Unterwurzacher
2016-12-10ctlsock: abort the connection if the request is too bigJakob Unterwurzacher
Reading partial JSON would cause a mess. Just kill the connection. Also, stop using syscall.PathMax that is not defined on Darwin ( https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-264253024 )
2016-12-10ctlsock: add a note about Accept() throwing errors on Close()Jakob Unterwurzacher
2016-12-10ctlsock: exit early if socket cannot be created; delete on exitJakob Unterwurzacher
Both are achieved by opening the socket from main and passing it to the ctlsock package instead of passing the path.
2016-12-10stupidgcm: Fix without_openssl build failureJakob Unterwurzacher
Also, always call build-without-openssl.bash from test.bash. Failure was: internal/stupidgcm/without_openssl.go:29: missing return at end of function
2016-12-10ctlsock: sanitize paths before passing them to the backendJakob Unterwurzacher
You used to be able to crash gocryptfs by passing "/foo" of "foo/" to the ctlsock. Fixes https://github.com/rfjakob/gocryptfs/issues/66
2016-12-10Replace all calls to naked panic() with log.Panic()Jakob Unterwurzacher
We want all panics to show up in the syslog.
2016-11-28fusefrontend: preserve owner for symlinksJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28fusefronted: preserve owner for device nodes and socketsJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/64
2016-11-28fusefrontend: use Lchown when preserving ownerJakob Unterwurzacher
This prevents (unlikely) symlink race attacks
2016-11-25main, fusefrontend: add "-noprealloc" optionJakob Unterwurzacher
Preallocation is very slow on hdds that run btrfs. Give the user the option to disable it. This greatly speeds up small file operations but reduces the robustness against out-of-space errors. Also add the option to the man page. More info: https://github.com/rfjakob/gocryptfs/issues/63
2016-11-25fusefrontend: coalesce 4kB writesJakob Unterwurzacher
This improves performance on hdds running ext4, and improves streaming write performance on hdds running btrfs. Tar extract slows down on btrfs for some reason. See https://github.com/rfjakob/gocryptfs/issues/63 Benchmarks: encfs v1.9.1 ============ $ ./benchmark.bash -encfs /mnt/hdd-ext4 Testing EncFS at /mnt/hdd-ext4/benchmark.bash.u0g WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,48354 s, 88,4 MB/s UNTAR: 20.79 LS: 3.04 RM: 6.62 $ ./benchmark.bash -encfs /mnt/hdd-btrfs Testing EncFS at /mnt/hdd-btrfs/benchmark.bash.h40 WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,52552 s, 85,9 MB/s UNTAR: 24.51 LS: 2.73 RM: 5.32 gocryptfs v1.1.1-26-g4a7f8ef ============================ $ ./benchmark.bash /mnt/hdd-ext4 Testing gocryptfs at /mnt/hdd-ext4/benchmark.bash.1KG WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,55782 s, 84,1 MB/s UNTAR: 22.23 LS: 1.47 RM: 4.17 $ ./benchmark.bash /mnt/hdd-btrfs Testing gocryptfs at /mnt/hdd-btrfs/benchmark.bash.2t8 WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 6,87206 s, 19,1 MB/s UNTAR: 69.87 LS: 1.52 RM: 5.33 gocryptfs v1.1.1-32 =================== $ ./benchmark.bash /mnt/hdd-ext4 Testing gocryptfs at /mnt/hdd-ext4/benchmark.bash.Qt3 WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 1,22577 s, 107 MB/s UNTAR: 23.46 LS: 1.46 RM: 4.67 $ ./benchmark.bash /mnt/hdd-btrfs/ Testing gocryptfs at /mnt/hdd-btrfs//benchmark.bash.XVk WRITE: 131072000 bytes (131 MB, 125 MiB) copied, 3,68735 s, 35,5 MB/s UNTAR: 116.87 LS: 1.84 RM: 6.34
2016-11-17Fix golint warnings, add helper scriptJakob Unterwurzacher
2016-11-17fusefrontend: get the file ID from the open files tableJakob Unterwurzacher
This fixes the problem that a truncate can reset the file ID without the other open FDs noticing it.
2016-11-17fusefrontend: upgrade wlockMap to use device AND inode numberJakob Unterwurzacher
If there are multiple filesystems backing the gocryptfs filesystems inode numbers are not guaranteed to be unique.
2016-11-10ctlsock: prevent panic on invalid decrypt requestJakob Unterwurzacher
2016-11-10ctlsock: implement EncryptPath for reverse mode, add testsJakob Unterwurzacher
2016-11-10reverse: fix longname decoding bugJakob Unterwurzacher
This could have caused spurious ENOENT errors. That it did not cause these errors all the time is interesting and probably because an earlier readdir would place the entry in the cache. This masks the bug.
2016-11-10Fix golint warningsJakob Unterwurzacher
$ golint ./... | grep -v underscore | grep -v ALL_CAPS internal/fusefrontend_reverse/rfs.go:52:36: exported func NewFS returns unexported type *fusefrontend_reverse.reverseFS, which can be annoying to use internal/nametransform/raw64_go1.5.go:10:2: exported const HaveRaw64 should have comment (or a comment on this block) or be unexported
2016-11-10ctlsock: add initial limited implementationJakob Unterwurzacher
At the moment, in forward mode you can only encrypt paths and in reverse mode you can only decrypt paths.
2016-11-09nametransform: get rid of leading "./"Jakob Unterwurzacher
Paths in the root directory were encrypted to this: foobar -> ./N9vPc0gXUY4PDSt0-muYXQ==
2016-11-06nametransform: nicer error message on empty gocryptfs.dirivJakob Unterwurzacher
Old: Nov 06 13:34:38 brikett gocryptfs[16228]: ReadDirIVAt: Read failed: EOF Nov 06 13:34:38 brikett gocryptfs[16228]: go-fuse: can't convert error type: EOF New: Nov 06 14:08:43 brikett gocryptfs[17361]: ReadDirIVAt: wanted 16 bytes, got 0. Returning EINVAL.
2016-11-01Add Go 1.4 compatibility layer for raw64Jakob Unterwurzacher
Using raw64 will not work, but at least it will compile.
2016-11-01Add support for unpadded base64 filenames, "-raw64"Jakob Unterwurzacher
Through base64.RawURLEncoding. New command-line parameter "-raw64".
2016-11-01fusefronted: expire dir IV cache after one secondJakob Unterwurzacher
The Back In Time backup tool (https://github.com/bit-team/backintime) wants to write directly into the ciphertext dir. This may cause the cached directory IV to become out-of-date. Having an expiry time limits the inconstency to one second, like attr_timeout does for the kernel getattr cache.
2016-11-01fusefrontend: refactor dirIVCacheJakob Unterwurzacher
Simplify the code a bit.
2016-10-30fusefrontend: drop atime workaroundsJakob Unterwurzacher
The fix at https://github.com/hanwen/go-fuse/pull/131 has been merged. Drop the workarounds and re-enable the tests.
2016-10-28fusefronted: more concise corrupt block log messageJakob Unterwurzacher
Calculating the block offset is easy enough, even more now that gocryptfs-xray exists.
2016-10-28fusefrontend: I/O error instead of panic on all-zero nonceJakob Unterwurzacher
Running xfstests generic/075 on tmpfs often triggered a panic for what seems to be a tmpfs bug. Quoting from the email to lkml, http://www.spinics.net/lists/kernel/msg2370127.html : tmpfs seems to be incorrectly returning 0-bytes when reading from a file that is concurrently being truncated.