summaryrefslogtreecommitdiff
path: root/main.go
AgeCommit message (Collapse)Author
2016-06-26tlog: switch default logger to syslogJakob Unterwurzacher
...unless "-nosyslog" is passed. All gocryptfs messages already go to syslog, but the messages that the go-fuse lib emits were still printed to stdout. Fixes issue #13 ( https://github.com/rfjakob/gocryptfs/issues/13 )
2016-06-26main: add "-o" option to enable "suid" and "dev"Jakob Unterwurzacher
Device files and suid binaries are often not needed when running gocryptfs as root. As they are potentially dangerous, let the user enable them explicitely via the new "-o" option instead of always enabling them when running as root.
2016-06-26main, fusefrontend: enable suid functionalityJakob Unterwurzacher
FUSE filesystems are mounted with "nosuid" by default. If we run as root, we can use device files by passing the opposite mount option, "suid". Also we have to use syscall.Chmod instead of os.Chmod because the portability translation layer "syscallMode" messes up the sgid and suid bits. Fixes 70% of the failures in xfstests generic/193. The remaining are related to truncate, but we err on the safe side: $ diff -u tests/generic/193.out /home/jakob/src/fuse-xfstests/results//generic/193.out.bad [...] check that suid/sgid bits are cleared after successful truncate... with no exec perm before: -rwSr-Sr-- -after: -rw-r-Sr-- +after: -rw-r--r--
2016-06-26main: enable device files when running as rootJakob Unterwurzacher
FUSE filesystems are mounted with "nodev" by default. If we run as root, we can use device files by passing the opposite mount option, "dev". Fixes xfstests generic/184.
2016-06-26fusefronted: preserve owner if running as rootJakob Unterwurzacher
If allow_other is set and we run as root, try to give newly created files to the right user.
2016-06-23Drop deprecated "-gcmiv128" optionJakob Unterwurzacher
The GCMIV128 feature flag is already mandatory, dropping the command line option is the final step. Completes https://github.com/rfjakob/gocryptfs/issues/29 .
2016-06-23Drop deprecated "-emenames" optionJakob Unterwurzacher
The EMENames feature flag is already mandatory, dropping the command line option is the final step.
2016-06-23Drop deprecated "-diriv" optionJakob Unterwurzacher
The DirIV feature flag is already mandatory, dropping the command line option is the final step.
2016-06-19Refuse mounting of v0.6 and older filesystemsJakob Unterwurzacher
2016-06-19main: drop "on-disk format" from -version output, add Go versionJakob Unterwurzacher
As v0.4 introduced ext4-style feature flags, the on-disk format version is unlinkely to change. Drop it from the version output to reduce clutter. Use "gocryptfs -version -debug" to see it. Add the Go version string because only Go 1.6 and newer have an optimized AES-GCM implementation. This will help users to understand the performance of their build.
2016-06-16Mount v0.6 and older filesystems as read-onlyJakob Unterwurzacher
This is part of the phase-out of very old filesystems. See https://github.com/rfjakob/gocryptfs/wiki/Compatibility for more info.
2016-06-16Add "-ro" (read-only) flagJakob Unterwurzacher
From the man page: **-ro** : Mount the filesystem read-only Also add a test.
2016-06-15Rename internal "toggledlog" package to "tlog"Jakob Unterwurzacher
tlog is used heavily everywhere and deserves a shorter name. Renamed using sed magic, without any manual rework: find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
2016-06-15toggledlog: assume command of color handlingJakob Unterwurzacher
We want to use colored error messages also outside of main, so let's handle it in the logging package. The fatal logger now automatically prints red.
2016-06-15readpassword: create internal package for password readingJakob Unterwurzacher
* Supports stdin * Add tests for extpass and stdin As per user request at https://github.com/rfjakob/gocryptfs/issues/30
2016-06-14Fix warnings reported by Go 1.6 "go tool vet -shadow=true"Jakob Unterwurzacher
Warnings were: main.go:234: declaration of err shadows declaration at main.go:163: internal/fusefrontend/file.go:401: declaration of err shadows declaration at internal/fusefrontend/file.go:379: internal/fusefrontend/file.go:419: declaration of err shadows declaration at internal/fusefrontend/file.go:379: internal/fusefrontend/fs_dir.go:140: declaration of err shadows declaration at internal/fusefrontend/fs_dir.go:97:
2016-06-05toggledlog: convert remaing naked fmt.Print*Jakob Unterwurzacher
Several fatal errors were just printed to stdout, which meant they were invisible when running the test suite. Fix this by introducing toggledlog.Fatal and convert as follows: Fatal errors -> toggledlog.Fatal Warnings -> toggledlog.Warn Password prompts -> fmt.Fprintf
2016-06-05main: print actual error from LoadConfFile()Jakob Unterwurzacher
It may not have been a "Wrong password" after all. Also, push down disabling the warning so LoadConfFile() can warn about things that matter.
2016-06-05configfile: bake the "Creator" gocryptfs version into the fileJakob Unterwurzacher
This field is added for the convenience of users and may help them to identify which gocryptfs version they need to mount a filesystem. The same information is essentially contained in FeatureFlags, but this is more difficult to decode for humans. It is completely ignored programmatically (also by older gocryptfs versions).
2016-06-04main: don't tell the user to choose a password when -extpass is usedJakob Unterwurzacher
Instead, print this: Using password provided via -extpass.
2016-06-04main: print relative path in the init success messageJakob Unterwurzacher
... but only if the relative path does not start with "..". Makes the message easier to grasp. Example: $ gocryptfs -init -scryptn=10 v0.9 [...] The filesystem has been created successfully. Before: You can now mount it using: gocryptfs /home/jakob/src/github.com/rfjakob/gocryptfs/integration_tests/example_filesystems/v0.9 MOUNTPOINT After: You can now mount it using: gocryptfs v0.9 MOUNTPOINT
2016-06-01nametransform, main: better error messagesJakob Unterwurzacher
2016-05-18Add "-allow_other" command-line optionJakob Unterwurzacher
As requested in https://github.com/rfjakob/gocryptfs/issues/26 , this adds the option to allow other users to access the filesystem.
2016-05-12prefer_openssl: autodetect whether to use OpenSSL or Go GCMJakob Unterwurzacher
Go GCM is faster than OpenSSL if the CPU has AES instructions and you are running Go 1.6+. The "-openssl" option now defaults to "auto". "gocryptfs -debug -version" displays the result of the autodetection. See https://github.com/rfjakob/gocryptfs/issues/23 for details and benchmarks.
2016-04-10build.bash: bake the go-fuse commit hash into the binariesv0.9Jakob Unterwurzacher
2016-04-10Fix "go tool vet -shadow=true" warningsJakob Unterwurzacher
Among those one real bug.
2016-02-07Add tests for long name creation and renaming (currently failing, obviously)Jakob Unterwurzacher
2016-02-06longnames part I: Create and OpenDir work with long filenames > 176 bytesJakob Unterwurzacher
Todo: Rename, Unlink, Rmdir, Mknod, Mkdir
2016-02-06Run go fmtJakob Unterwurzacher
2016-02-06Move pathfs_frontend to internal/fusefrontendJakob Unterwurzacher
"git status" for reference: renamed: pathfs_frontend/args.go -> internal/fusefrontend/args.go renamed: pathfs_frontend/compat_darwin.go -> internal/fusefrontend/compat_darwin.go renamed: pathfs_frontend/compat_linux.go -> internal/fusefrontend/compat_linux.go renamed: pathfs_frontend/file.go -> internal/fusefrontend/file.go renamed: pathfs_frontend/file_holes.go -> internal/fusefrontend/file_holes.go renamed: pathfs_frontend/fs.go -> internal/fusefrontend/fs.go renamed: pathfs_frontend/fs_dir.go -> internal/fusefrontend/fs_dir.go renamed: pathfs_frontend/names.go -> internal/fusefrontend/names.go renamed: pathfs_frontend/write_lock.go -> internal/fusefrontend/write_lock.go modified: main.go
2016-02-06Major refactoring: Split up "cryptfs" into several internal packagesJakob Unterwurzacher
"git status" for reference: deleted: cryptfs/cryptfs.go deleted: cryptfs/names_core.go modified: integration_tests/cli_test.go modified: integration_tests/helpers.go renamed: cryptfs/config_file.go -> internal/configfile/config_file.go renamed: cryptfs/config_test.go -> internal/configfile/config_test.go renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf renamed: cryptfs/kdf.go -> internal/configfile/kdf.go renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go new file: internal/contentenc/content_api.go renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go new file: internal/cryptocore/crypto_api.go renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go new file: internal/nametransform/name_api.go new file: internal/nametransform/names_core.go renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go new file: internal/nametransform/pad16.go renamed: cryptfs/log.go -> internal/toggledlog/log.go renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go modified: main.go modified: masterkey.go modified: pathfs_frontend/file.go modified: pathfs_frontend/file_holes.go modified: pathfs_frontend/fs.go modified: pathfs_frontend/fs_dir.go modified: pathfs_frontend/names.go modified: test.bash
2016-01-31Add new "-wpanic" option and enable it for the automated testsJakob Unterwurzacher
2016-01-24Allow "-d" as an alis for "-debug", and "-quiet" as an alias for "-q"Jakob Unterwurzacher
2016-01-24Add "-nosyslog" optionsJakob Unterwurzacher
Also, actually redirect Warn and Debug as well.
2016-01-23Suppress password prompt when using -extpassv0.8Jakob Unterwurzacher
Also, add color to the error messages.
2016-01-22Remove last SetOutput from generic codeJakob Unterwurzacher
2016-01-21Add "-memprofile" optionJakob Unterwurzacher
2016-01-21Wrap Logger to make disabling output more efficientJakob Unterwurzacher
Instead of using SetOutput(ioutil.Discard), which means that Printf is still called for every debug message, use a simple and fast boolean check. Streaming write performance improves from 86 to 93 MB/s.
2016-01-20Switch to syslog when running in the backgroundJakob Unterwurzacher
2016-01-20Convert logging to standard Go log.LoggerJakob Unterwurzacher
This is in preparation of logging to syslog.
2016-01-04Color for the "init success" messageJakob Unterwurzacher
2015-12-19Colorize outputJakob Unterwurzacher
2015-12-19Increase GCM IV size from 96 to 128 bitsJakob Unterwurzacher
This pushes back the birthday bound for collisions to make it virtually irrelevant.
2015-12-11Rmdir: handle creating and removing unreadable directoriesJakob Unterwurzacher
This patch also splits off Mkdir and Rmdir into its own file. Fixes issue #8, thanks to @diseq for the bug report.
2015-12-10Simplify CreateConfFile: do not allow specification of EMENamesJakob Unterwurzacher
2015-12-10Add missing PlaintextNames checks in OpenDir, Mkdir, Rmdir, initDirJakob Unterwurzacher
Plaintextnames support has bitrotted during the DirIV additions, this needs test cases. Will be added in a future patch. Fixes issue #9.
2015-12-08Add EME filename encryption & enable it by defaultJakob Unterwurzacher
2015-12-06init: create gocryptfs.diriv after creating gocryptfs.confJakob Unterwurzacher
Creating the config file can fail easily, for example if the password is not entered the same twice. This would leave an orphaned gocryptfs.diriv behind.
2015-11-29Run go fmtJakob Unterwurzacher
2015-11-29Handle all operations except mounting without forking a childJakob Unterwurzacher
This saves 170ms for each start (why do we take 170ms to start up?) and cuts down test time by 2 seconds.