| Age | Commit message (Collapse) | Author | 
|---|
|  | This is the value EncFS uses, so let's follow suit.
Suggested at https://github.com/rfjakob/gocryptfs/issues/77 . | 
|  |  | 
|  | As reported at https://github.com/rfjakob/gocryptfs/issues/105 ,
the "ioutil.WriteFile(file, iv, 0400)" call causes "permissions denied"
errors on an NFSv4 setup.
"strace"ing diriv creation and gocryptfs.conf creation shows this:
conf (works on the user's NFSv4 mount):
openat(AT_FDCWD, "/tmp/a/gocryptfs.conf.tmp", O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC, 0400) = 3
diriv (fails):
openat(AT_FDCWD, "/tmp/a/gocryptfs.diriv", O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0400) = 3
This patch creates the diriv file with the same flags that are used for
creating the conf:
openat(AT_FDCWD, "/tmp/a/gocryptfs.diriv", O_WRONLY|O_CREAT|O_EXCL|O_CLOEXEC, 0400) = 3
Closes https://github.com/rfjakob/gocryptfs/issues/105 | 
|  | ...and fix a few golint issues and print a scary warning message on mount.
Also, force the fs to ro,noexec. | 
|  | Force decode of encrypted files even if the integrity check fails, instead of
failing with an IO error. Warning messages are still printed to syslog if corrupted
files are encountered.
It can be useful to recover files from disks with bad sectors or other corrupted
media.
Closes https://github.com/rfjakob/gocryptfs/pull/102 . | 
|  | go-fuse has added a new method to the nodefs.File interface that
caused this build error:
  internal/fusefrontend/file.go:75: cannot use file literal (type *file) as type nodefs.File in return argument:
  	*file does not implement nodefs.File (missing Flock method)
Fixes https://github.com/rfjakob/gocryptfs/issues/104 and
prevents the problem from happening again. | 
|  | The volatile inode numbers that we used before cause "find" to complain and error out.
Virtual inode numbers are derived from their parent file inode number by adding 10^19,
which is hopefully large enough no never cause problems in practice.
If the backing directory contains inode numbers higher than that, stat() on these files
will return EOVERFLOW.
Example directory lising after this change:
  $ ls -i
               926473 gocryptfs.conf
  1000000000000926466 gocryptfs.diriv
               944878 gocryptfs.longname.hmZojMqC6ns47eyVxLlH2ailKjN9bxfosi3C-FR8mjA
  1000000000000944878 gocryptfs.longname.hmZojMqC6ns47eyVxLlH2ailKjN9bxfosi3C-FR8mjA.name
               934408 Tdfbf02CKsTaGVYnAsSypA | 
|  | This has long been replaced by virtualFile.GetAttr(). | 
|  | The fmt.Printfs output would end up in the paniclog. | 
|  | ...and improve and comment variable naming in findLongnameParent.
No semantic changes. | 
|  | This PR addresses the Issue #95, about "Confusing file owner for
longname files in reverse mode".
It affects only the reverse mode, and introduces two
modifications:
1) The "gocryptfs.longname.XXXX.name" files are assigned the owner and
group of the underlying plaintext file. Therefore it is consistent
with the file "gocryptfs.longname.XXXX" that has the encrypted
contents of the plaintext file.
2) The two virtual files mentioned above are given -r--r--r--
permissions. This is consistent with the behavior described in
function Access in internal/fusefrontend_reverse/rfs.go where all
virtual files are always readable. Behavior also observed in point
c) in #95 .
Issue #95 URL: https://github.com/rfjakob/gocryptfs/issues/95
Pull request URL: https://github.com/rfjakob/gocryptfs/pull/97 | 
|  | This makes sure we cannot get weak parameters passed through a
rougue gocryptfs.conf. | 
|  | 1000 was too low as at least one user had a password
that was longer.
Fixes https://github.com/rfjakob/gocryptfs/issues/93 | 
|  |  | 
|  | Due to kernel readahead, we usually get multiple read requests
at the same time. These get submitted to the backing storage in
random order, which is a problem if seeking is very expensive.
Details: https://github.com/rfjakob/gocryptfs/issues/92 | 
|  | A header-only file will be considered empty (this is not supposed to happen).
This makes File ID poisoning more difficult. | 
|  | ...if doWrite() can do it for us. This avoids the situation
that the file only consists of a file header when calling
doWrite.
A later patch will check for this condition and warn about it,
as with this change it should no longer occour in normal operation. | 
|  |  | 
|  | If you truncate a ciphertext file to 19 bytes, you could get the
impression that the plaintext is 18446744073709551585 bytes long,
as reported by "ls -l".
Fix it by clamping the value to zero. | 
|  | Also adds a test to verify that they are set in new config
files. | 
|  | Prior to this commit, gocryptfs's reverse mode did not report correct
directory entry sizes for symbolic links, where the dentry size needs to
be the same as the length of a string containing the target path.
This commit corrects this issue and adds a test case to verify the
correctness of the implementation.
This issue was discovered during the use of a strict file copying program
on a reverse-mounted gocryptfs file system. | 
|  | internal/configfile/config_test.go:67: c declared and not used | 
|  | This test fails because Raw64 has been disabled for now. | 
|  | Raw64 is supported (but was disabled by default) since gocryptfs
v1.2. However, the implementation was buggy because it forgot
about long names and symlinks.
Disable it for now by default and enable it later, together
with HKDF. | 
|  | The symlink functions incorrectly hardcoded the padded
base64 variant. | 
|  | HashLongName() incorrectly hardcoded the call to base64.URLEncoding. | 
|  | ...but keep it disabled by default for new filesystems.
We are still missing an example filesystem and CLI arguments
to explicitely enable and disable it. | 
|  | This will be re-enabled once it is implemented. | 
|  | As we have dropped Go 1.4 compatibility already, and will add
a new feature flag for gocryptfs v1.3 anyway, this is a good
time to enable Raw64 as well. | 
|  | There is no security reason for doing this, but it will allow
to consolidate the code once we drop compatibility with gocryptfs v1.2
(and earlier) filesystems. | 
|  | Yields a nice reduction in code size. | 
|  | There are two independent backends, one for name encryption,
the other one, AEAD, for file content.
"BackendTypeEnum" only applies to AEAD (file content), so make that
clear in the name. | 
|  | Version 1.1 of the EME package (github.com/rfjakob/eme) added
a more convenient interface. Use it.
Note that you have to upgrade your EME package (go get -u)! | 
|  |  | 
|  | When filename encryption is active, every directory contains
a "gocryptfs.diriv" file. This file should also change the owner.
Fixes https://github.com/rfjakob/gocryptfs/issues/86 | 
|  |  | 
|  | This really only handles scrypt and no other key-derivation functions.
Renaming the files prevents confusion once we introduce HKDF.
renamed:    internal/configfile/kdf.go -> internal/configfile/scrypt.go
renamed:    internal/configfile/kdf_test.go -> internal/configfile/scrypt_test.go | 
|  | This makes it easier to use the package in external projects.
See https://github.com/rfjakob/gocryptfs/issues/79 | 
|  |  | 
|  | Old Go versions miss cipher.NewGCMWithNonceSize, which causes:
  internal/speed/speed.go:95: undefined: cipher.NewGCMWithNonceSize | 
|  | A crypto benchmark mode like "openssl speed".
Example run:
  $ ./gocryptfs -speed
  AES-GCM-256-OpenSSL 	 180.89 MB/s	(selected in auto mode)
  AES-GCM-256-Go      	  48.19 MB/s
  AES-SIV-512-Go      	  37.40 MB/s | 
|  |  | 
|  | These were currently passed to decryptPath() were it caused
a warning. | 
|  |  | 
|  | As suggested by
https://github.com/rfjakob/gocryptfs/issues/15#issuecomment-279130217 | 
|  | This used to hang at 100% CPU:
    cat /dev/zero | gocryptfs -init a
...and would ultimately send the box into out-of-memory.
The number 1000 is chosen arbitrarily and seems big enough
given that the password must be one line.
Suggested by @mhogomchungu in https://github.com/rfjakob/gocryptfs/issues/77 . | 
|  | From the comment:
// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs. | 
|  |  | 
|  | We have to check if the input path is empty AFTER canonicalizing it,
too! | 
|  |  |