aboutsummaryrefslogtreecommitdiff
path: root/internal
AgeCommit message (Collapse)Author
2021-08-21cryptocore: drop IVLen helper varJakob Unterwurzacher
The IVLen var seems be a net loss in clarity. Drop it. Also add comments and normalize error messages.
2021-08-20-deterministic-names: implement for reverse mode, tooJakob Unterwurzacher
2021-08-20-deterministic-names: accept flag on -initJakob Unterwurzacher
And store it in gocryptfs.conf (=remove DirIV feature flag).
2021-08-20Implement -deterministic-names: extended -zerodirivJakob Unterwurzacher
-deterministc-names uses all-zero dirivs but does not write them to disk anymore.
2021-08-19Flag -zerodiriv to create all diriv as all zero byte filesJose M Perez
2021-08-19syscallcompat: use early return in asUser()Jakob Unterwurzacher
2021-08-19golangci-lint: fix issues found by "unused" and "deadcode"Jakob Unterwurzacher
Except xattrSupported, this is a false positive. $ golangci-lint run --disable-all --enable unused --enable deadcode gocryptfs-xray/xray_main.go:24:5: `GitVersionFuse` is unused (deadcode) var GitVersionFuse = "[GitVersionFuse not set - please compile using ./build.bash]" ^ tests/symlink_race/main.go:47:6: `chmodLoop` is unused (deadcode) func chmodLoop() { ^ internal/readpassword/extpass_test.go:11:5: `testPw` is unused (deadcode) var testPw = []byte("test") ^ tests/reverse/xattr_test.go:13:6: func `xattrSupported` is unused (unused) func xattrSupported(path string) bool { ^ internal/fusefrontend_reverse/rpath.go:20:22: func `(*RootNode).abs` is unused (unused) func (rfs *RootNode) abs(relPath string, err error) (string, error) { ^ tests/matrix/matrix_test.go:310:6: `sContains` is unused (deadcode) func sContains(haystack []string, needle string) bool {
2021-08-19golangci-lint: fix issues found by gosimpleJakob Unterwurzacher
Everything except the if err2.Err == syscall.EOPNOTSUPP case. Gets too confusing when collapsed into a single line. Issues were: $ golangci-lint run --disable-all --enable gosimple mount.go:473:2: S1008: should use 'return strings.HasPrefix(v, "fusermount version")' instead of 'if strings.HasPrefix(v, "fusermount version") { return true }; return false' (gosimple) if strings.HasPrefix(v, "fusermount version") { ^ cli_args.go:258:5: S1002: should omit comparison to bool constant, can be simplified to `args.forcedecode` (gosimple) if args.forcedecode == true { ^ cli_args.go:263:6: S1002: should omit comparison to bool constant, can be simplified to `args.aessiv` (gosimple) if args.aessiv == true { ^ cli_args.go:267:6: S1002: should omit comparison to bool constant, can be simplified to `args.reverse` (gosimple) if args.reverse == true { ^ internal/stupidgcm/stupidgcm.go:227:6: S1002: should omit comparison to bool constant, can be simplified to `g.forceDecode` (gosimple) if g.forceDecode == true { ^ gocryptfs-xray/xray_tests/xray_test.go:23:5: S1004: should use !bytes.Equal(out, expected) instead (gosimple) if bytes.Compare(out, expected) != 0 { ^ gocryptfs-xray/xray_tests/xray_test.go:40:5: S1004: should use !bytes.Equal(out, expected) instead (gosimple) if bytes.Compare(out, expected) != 0 { ^ gocryptfs-xray/paths_ctlsock.go:34:20: S1002: should omit comparison to bool constant, can be simplified to `!eof` (gosimple) for eof := false; eof == false; line++ { ^ tests/reverse/xattr_test.go:19:2: S1008: should use 'return err2.Err != syscall.EOPNOTSUPP' instead of 'if err2.Err == syscall.EOPNOTSUPP { return false }; return true' (gosimple) if err2.Err == syscall.EOPNOTSUPP { ^ internal/fusefrontend/node.go:459:45: S1002: should omit comparison to bool constant, can be simplified to `!nameFileAlreadyThere` (gosimple) if nametransform.IsLongContent(cName2) && nameFileAlreadyThere == false { ^ tests/xattr/xattr_integration_test.go:221:2: S1008: should use 'return err2.Err != syscall.EOPNOTSUPP' instead of 'if err2.Err == syscall.EOPNOTSUPP { return false }; return true' (gosimple) if err2.Err == syscall.EOPNOTSUPP { ^ tests/test_helpers/helpers.go:338:19: S1002: should omit comparison to bool constant, can be simplified to `open` (gosimple) if err != nil && open == true { ^ tests/matrix/concurrency_test.go:121:7: S1004: should use !bytes.Equal(buf, content) instead (gosimple) if bytes.Compare(buf, content) != 0 { ^
2021-08-19tlog: switch from golang.org/x/crypto/ssh/terminal to golang.org/x/termJakob Unterwurzacher
$ golangci-lint run internal/tlog/log.go:13:2: SA1019: package golang.org/x/crypto/ssh/terminal is deprecated: this package moved to golang.org/x/term. (staticcheck) "golang.org/x/crypto/ssh/terminal"
2021-08-18Update dependenciesJakob Unterwurzacher
Using go get -u go mod tidy
2021-08-18Fix issues found by ineffassignJakob Unterwurzacher
gocryptfs$ ineffassign ./... /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/configfile/config_file.go:243:2: ineffectual assignment to scryptHash /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/configfile/config_file.go:272:2: ineffectual assignment to scryptHash /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:285:3: ineffectual assignment to fileID /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/node.go:367:3: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/node_open_create.go:68:2: ineffectual assignment to fd /home/jakob/go/src/github.com/rfjakob/gocryptfs/mount.go:308:2: ineffectual assignment to masterkey /home/jakob/go/src/github.com/rfjakob/gocryptfs/gocryptfs-xray/xray_main.go:156:13: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/fusefrontend/prepare_syscall_test.go:65:16: ineffectual assignment to errno /home/jakob/go/src/github.com/rfjakob/gocryptfs/internal/syscallcompat/open_nofollow_test.go:34:2: ineffectual assignment to fd /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:111:6: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:181:2: ineffectual assignment to sz /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/acl_test.go:198:2: ineffectual assignment to sz /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/defaults/main_test.go:365:8: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/xattr/xattr_fd_test.go:30:6: ineffectual assignment to err /home/jakob/go/src/github.com/rfjakob/gocryptfs/tests/xattr/xattr_fd_test.go:66:6: ineffectual assignment to err
2021-08-18reverse: fix "exclude all but" caseJakob Unterwurzacher
With test. Fixes https://github.com/rfjakob/gocryptfs/issues/588
2021-08-16reverse mode: implement -one-file-systemJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/475
2021-08-16inomap: update outdated wording in commentsJakob Unterwurzacher
2021-08-16inomap: warn on first use of spillMapJakob Unterwurzacher
We normally should not need it, warn if we do. As the tests run with -wpanic, we would catch it.
2021-08-11syscallcompat: use BTRFS_SUPER_MAGIC from unix libJakob Unterwurzacher
2021-08-11syscallcompat: move quirks logic here & fix darwinJakob Unterwurzacher
We need to look at f_fstypename acc. to https://stackoverflow.com/a/52299141/1380267 : > As filesystem type numbers are now assigned at runtime in > recent versions of MacOS, you must use f_fstypename to > determine the type. https://github.com/rfjakob/gocryptfs/issues/585
2021-08-02fusefrontend: add quirks for MacOS ExFATJakob Unterwurzacher
This also moves the quirks logic into fusefrontend. Fixes https://github.com/rfjakob/gocryptfs/issues/585
2021-07-31fusefrontend: -sharedstorage: present stable inode numbersJakob Unterwurzacher
Use the Gen field (inode generation) to distinguish hard links while passing the real inode numbers to userspace. Fixes https://github.com/rfjakob/gocryptfs/issues/584
2021-07-31fusefrontend: prepareAtSyscall: handle error when opening ourselvesJakob Unterwurzacher
Error handling was missing here, so we would later get confusing EBADF errors due to dirfd being -1.
2021-07-29fusefrontend: implement fsync on directoriesJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/587
2021-07-29fido2: actually drop `-v` flagJakob Unterwurzacher
Commit 2a9d70d48f4cc715a6864849cdec91ab08b6fd03 only dropped the flag on mount but not on `-init`. Also drop it on `-init`. Fixes https://github.com/rfjakob/gocryptfs/issues/571 (part II)
2021-06-27fido2: drop `-v` option (PIN request)Jakob Unterwurzacher
We used to pass `-v` on `gocryptfs -init` but not for mount, which seems strange by itself, but more importantly, `-v` does not work on Yubikeys. Drop `-v`. Fixes https://github.com/rfjakob/gocryptfs/issues/571
2021-06-27fido2: pretty-print fidoCommand in debug outputJakob Unterwurzacher
Related: https://github.com/rfjakob/gocryptfs/issues/571
2021-06-26fusefrontend: delete openBackingDirJakob Unterwurzacher
2021-06-26fusefrontend: convert last callers from openBackingDir to prepareAtSyscallJakob Unterwurzacher
2021-06-26fusefrontend: ctlsock: get rid of unneccessary wrapper functionJakob Unterwurzacher
2021-06-26fusefrontend: convert ctlsock from openBackingDir to prepareAtSyscallJakob Unterwurzacher
openBackingDir will be removed. Also, remove leftover debug printfs.
2021-06-26fusefrontend: convert openBackingDir tests to prepareAtSyscallJakob Unterwurzacher
openBackingDir will be removed.
2021-06-25fusefrontend: implement recursive diriv cachingJakob Unterwurzacher
The new contrib/maxlen.bash showed that we have exponential runtime with respect to directory depth. The new recursive diriv caching is a lot smarter as it caches intermediate lookups. maxlen.bash now completes in a few seconds. xfstests results same as https://github.com/rfjakob/fuse-xfstests/blob/2d158e4c82be85c15269af77498e353f928f4fab/screenlog.0 : Failures: generic/035 generic/062 generic/080 generic/093 generic/099 generic/215 generic/285 generic/319 generic/426 generic/444 generic/467 generic/477 generic/523 Failed 13 of 580 tests benchmark.bash results are identical: $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.BdQ: gocryptfs v2.0.1-17-g6b09bc0; go-fuse v2.1.1-0.20210611132105-24a1dfe6b4f8; 2021-06-25 go1.16.5 linux/amd64 /tmp/benchmark.bash.BdQ.mnt is a mountpoint WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 0,4821 s, 544 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 0,266061 s, 985 MB/s UNTAR: 8,280 MD5: 4,564 LS: 1,745 RM: 2,244
2021-06-21nametransform: rename BadNameFlag to BadnameSuffixJakob Unterwurzacher
2021-06-21nametransform: gather badname functions in badname.goJakob Unterwurzacher
2021-06-21nametransform: delete NameTransformer interfaceJakob Unterwurzacher
Useless layer of indirection.
2021-06-21Improve startup debug outputJakob Unterwurzacher
The startup debug output was very verbose but still missing some effective crypto settings.
2021-06-20nametransform: pass badname patterns via NewJakob Unterwurzacher
This means we can unexport the field.
2021-06-20fido2: hide "FIDO2" in gocryptfs.conf if not usedJakob Unterwurzacher
Result of: $ gocryptfs -init foo $ cat foo/gocryptfs.conf Before: { "Creator": "gocryptfs v2.0.1", "EncryptedKey": "FodEdNHD/cCwv1n5BuyAkbIOnJ/O5gfdCh3YssUCJ2DUr0A8DrQ5NH2SLhREeWRL3V8EMiPO2Ncr5IVwE4SSxQ==", "ScryptObject": { "Salt": "brGaw9Jg1kbPuSXFiwoxqK2oXFTgbniSgpiB+cu+67Y=", "N": 65536, "R": 8, "P": 1, "KeyLen": 32 }, "Version": 2, "FeatureFlags": [ "GCMIV128", "HKDF", "DirIV", "EMENames", "LongNames", "Raw64" ], "FIDO2": { "CredentialID": null, "HMACSalt": null } } After: { "Creator": "gocryptfs v2.0.1-5-gf9718eb-dirty.DerDonut-badnamecontent", "EncryptedKey": "oFMj1lS1ZsM/vEfanNMeCTPw3PZr5VWeL7ap8Jd8YQm6evy2BAhtQ/pd6RzDx84wlCz9TpxqHRihuwSEMnOWWg==", "ScryptObject": { "Salt": "JZ/5mhy4a8EAQ/wDF1POIEe4/Ss38cfJgXgj26DuA4M=", "N": 65536, "R": 8, "P": 1, "KeyLen": 32 }, "Version": 2, "FeatureFlags": [ "GCMIV128", "HKDF", "DirIV", "EMENames", "LongNames", "Raw64" ] }
2021-06-20Badname file content accessDerDonut
This proposal is the counterpart of the modifications from the `-badname` parameter. It modifies the plain -> cipher mapping for filenames when using `-badname` parameter. The new function `EncryptAndHashBadName` tries to find a cipher filename for the given plain name with the following steps: 1. If `badname` is disabled or direct mapping is successful: Map directly (default and current behaviour) 2. If a file with badname flag has a valid cipher file, this is returned (=File just ends with the badname flag) 3. If a file with a badname flag exists where only the badname flag was added, this is returned (=File cipher name could not be decrypted by function `DecryptName` and just the badname flag was added) 4. Search for all files which cipher file name extists when cropping more and more characters from the end. If only 1 file is found, return this 5. Return an error otherwise This allows file access in the file browsers but most important it allows that you rename files with undecryptable cipher names in the plain directories. Renaming those files will then generate a proper cipher filename One backdraft: When mounting the cipher dir with -badname parameter, you can never create (or rename to) files whose file name ends with the badname file flag (at the moment this is " GOCRYPTFS_BAD_NAME"). This will cause an error. I modified the CLI test function to cover additional test cases. Test [Case 7](https://github.com/DerDonut/gocryptfs/blob/badnamecontent/tests/cli/cli_test.go#L712) cannot be performed since the cli tests are executed in panic mode. The testing is stopped on error. Since the function`DecryptName` produces internal errors when hitting non-decryptable file names, this test was omitted. This implementation is a proposal where I tried to change the minimum amount of existing code. Another possibility would be instead of creating the new function `EncryptAndHashBadName` to modify the signature of the existing function `EncryptAndHashName(name string, iv []byte)` to `EncryptAndHashName(name string, iv []byte, dirfd int)` and integrate the functionality into this function directly. You may allow calling with dirfd=-1 or other invalid values an then performing the current functionality.
2021-06-06fusefronted: report plaintext size on symlink creationJakob Unterwurzacher
gocryptfs 2.0 introduced the regression that the size reported at symlink creation was the ciphertext size, which is wrong. Report the plaintext size. Fixes https://github.com/rfjakob/gocryptfs/issues/574
2021-06-05syscallcompat: drop obsolete wrappersJakob Unterwurzacher
These are now available cross-platform in the unix package.
2021-06-03fido2: quote argument strings in debug outputJakob Unterwurzacher
Tested using gocryptfs -init -debug -fido2 "hello world" cipherdir Output before: callFidoCommand: executing "/usr/bin/fido2-cred" with args [fido2-cred -M -h -v hello world] After: callFidoCommand: executing "/usr/bin/fido2-cred" with args ["fido2-cred" "-M" "-h" "-v" "hello world"] Related: https://github.com/rfjakob/gocryptfs/issues/571
2021-06-02fusefrontend: run acl Setxattr in user contextJakob Unterwurzacher
The result of setting an acl depends on who runs the operation! Fixes fuse-xfstests generic/375 (see https://github.com/rfjakob/fuse-xfstests/wiki/results_2021-05-19)
2021-06-02fusefrontend: catch ReadAt integer overflowJakob Unterwurzacher
Discovered by xfstests generic/564 . Failure was: generic/564 - output mismatch (see /opt/fuse-xfstests/results//generic/564.out.bad) --- tests/generic/564.out 2021-05-08 21:11:05.307395966 +0200 +++ /opt/fuse-xfstests/results//generic/564.out.bad 2021-05-19 19:01:16.912888879 +0200 @@ -31,7 +31,7 @@ source range beyond 8TiB returns 0 destination range beyond 8TiB returns EFBIG -copy_range: File too large +copy_range: Function not implemented
2021-06-02nametransform: check name validity on encryptionJakob Unterwurzacher
xfstests generic/523 discovered that we allowed to set xattrs with "/" in the name, but did not allow to read them later. With this change we do not allow to set them in the first place.
2021-05-29fusefrontend: list "." and ".." in dir entriesJakob Unterwurzacher
Fixes xfstests generic/401
2021-05-29fusefrontend: rewrite Lseek SEEK_DATA / SEEK_HOLEJakob Unterwurzacher
In response to the discussion of the xfstests mailing list [1], I looked at the Lseek implementation, which was naive and did not handle all cases correctly. The new implementation aligns the returned values to 4096 bytes as most callers expect. A lot of tests are added to verify that we handle all cases correctly now. [1]: https://www.spinics.net/lists/fstests/msg16554.html
2021-05-26contentenc: add PlainOffToCipherOff helperJakob Unterwurzacher
Will be used for improving Lseek()
2021-05-26contentenc: fix CipherSizeToPlainSize non-monoticityJakob Unterwurzacher
For an illegal cipherSize, pretend we have an additional 1-byte block. See code comment for details.
2021-05-26contentenc: update commentsJakob Unterwurzacher
Also, replace one open-coded calculation with a helper function.
2021-05-26tests: contentenc: add TestSizeToSizeJakob Unterwurzacher
TestSizeToSize tests CipherSizeToPlainSize and PlainSizeToCipherSize. Fails at the moment due to CipherSizeToPlainSize non-moniticity.
2021-05-26syscallcompat: add GetdentsSpecial()Jakob Unterwurzacher
GetdentsSpecial calls then Getdents syscall, with normal entries and "." / ".." split into two slices.