aboutsummaryrefslogtreecommitdiff
path: root/main.go
AgeCommit message (Collapse)Author
2020-04-13speed: show gocryptfs versionJakob Unterwurzacher
Output now looks like this $ gocryptfs -speed gocryptfs v1.7.1-38-gbe3b9df-dirty; go-fuse v2.0.2-57-gd1cfa17; 2020-04-13 go1.13.6 linux/amd64 AES-GCM-256-OpenSSL 607.90 MB/s AES-GCM-256-Go 920.75 MB/s (selected in auto mode) AES-SIV-512-Go 169.85 MB/s XChaCha20-Poly1305-Go 794.30 MB/s and has go version and arch information, which is important when comparing results.
2020-02-15main: respect GOMAXPROCS environment variableJakob Unterwurzacher
If the user sets GOMAXPROCS explicitely, we should respect it.
2019-12-28remove Trezor supportPavol Rusnak
2019-05-13-passwd now takes a passed -scryptn flag into accountJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/400
2019-05-12gocryptfs -version: show architectureJakob Unterwurzacher
Show the GOOS/GOARCH tuple as displayed by "go version".
2019-04-08readpassword: delete CheckTrailingGarbageJakob Unterwurzacher
CheckTrailingGarbage was called even when "-passfile" was used, which is stupid, and causes false positives: https://github.com/rfjakob/gocryptfs/issues/391 (false error "Received trailing garbage after the password" when using -passfile in .bash_profile) Instead of trying to improve the logic to handle that case and make everything even more complicated, delete the function. It is unclear if actually helps in some cases, and it definitely harms as shown by the above bug report.
2019-03-03Allow multiple -extpass argumentsJakob Unterwurzacher
To support arguments containing spaces, -extpass can now be passed multiple times. https://github.com/rfjakob/gocryptfs/issues/289
2019-01-05main: Run 'ensure fds' code early during the program startup.Sebastian Lackner
The files are apparently processed in alphabetic order, so cli_args.go is processed before main.go. In order to run before the go-fuse imports, put the 'ensure fds' code in a separate package. Debug messages are omitted to avoid additional imports (that might contain other code messing up our file descriptors).
2019-01-05main: ensure fds 0,1,2 are always openJakob Unterwurzacher
The Go stdlib, as well as the gocryptfs code, relies on the fact that fds 0,1,2 are always open. See https://github.com/rfjakob/gocryptfs/issues/320 for details.
2018-12-30main: Remove a duplicate word in a comment.Sebastian Lackner
2018-12-15passfile: directly read file instead of invoking catJakob Unterwurzacher
Allows better error handling, gets rid of the call to an external program, and fixes https://github.com/rfjakob/gocryptfs/issues/278 .
2018-09-08main: don't read the config file twice (fix pipe bug)Jakob Unterwurzacher
Instead, first Load() the file, then DecryptMasterKey(). Fixes https://github.com/rfjakob/gocryptfs/issues/258
2018-09-08configfile: add LoadAndDecrypt wrapperJakob Unterwurzacher
Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258
2018-08-15trezor: show support in version stringJakob Unterwurzacher
Show enable_trezor in the version string if we were compiled with `-tags enable_trezor`. And hide the `-trezor` flag from the help output if we were not.
2018-08-11reverse mode: add --exclude optionJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/235
2018-07-01main: replace naked panic with log.PanicJakob Unterwurzacher
Fix the check that failed to find the case as well.
2018-07-01trezor: reject password change on Trezor-enabled fsJakob Unterwurzacher
This is not supported (yet? does it make sense?).
2018-07-01trezor: add TrezorPayloadJakob Unterwurzacher
TrezorPayload stores 32 random bytes used for unlocking the master key using a Trezor security module. The randomness makes sure that a unique unlock value is used for each gocryptfs filesystem.
2018-07-01configfile: reduce function name stutterJakob Unterwurzacher
configfile.LoadConfFile() -> configfile.Load() configfile.CreateConfFile() -> configfile.Create()
2018-07-01trezor: add skeleton for Trezor supportJakob Unterwurzacher
readpassword.Trezor() is not implemented yet and returns a hardcoded dummy key.
2018-06-07Set a default PATH if PATH is empty or unsetJulian Orth
mount(1) unsets PATH before calling mount.fuse. Therefore it's not set in gocrpytfs either and daemonization fails if gocryptfs was not executed via an absolute path. mount.fuse handles this by leaving the execution of the helper to /bin/sh. /bin/sh handles an empty PATH by searching a few default locations. This patch sets the PATH to a sane default if it's empty or unset.
2018-04-02fsck: add initial implementationJakob Unterwurzacher
Most corruption cases except xattr should be covered. With test filesystem. The output is still pretty ugly. xattr support will be added in the next commits.
2018-04-01main: add "-fsck" flagJakob Unterwurzacher
The fsck operation is not yet implemented, this commits just adds the flag and improves cli flag handling.
2018-04-01main: move and rename checkDir*() helperJakob Unterwurzacher
To avoid confusion with fsck, rename to isDir*() and move the functions into init_dir.go.
2018-04-01main: pull regular exits into main functionJakob Unterwurzacher
The replaces the "does not return" comments with an explicit os.Exit, which is unambigous.
2018-03-22Add `-masterkey=stdin` functionalityJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/218
2018-02-18main: changePassword: zero masterkeyJakob Unterwurzacher
Overwrite the masterkey with zeros once we have encrypted it, and let it run out of scope. Also get rid of the password duplicate in readpassword.Twice.
2018-02-18main: zero password once we are done with itJakob Unterwurzacher
Overwrite the password we have got from the user with zeros once we don't need it anymore, and make sure the variable runs out of scope.
2018-02-18readpassword: convert from string to []byteJakob Unterwurzacher
This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
2018-02-18main: doMount: use a deferred function for wipeKeysJakob Unterwurzacher
Also drop the unused int return.
2018-02-18cryptocore, main: add two commentsJakob Unterwurzacher
While reading the code, I had to think about what it does, so add a comment that explains it.
2018-02-04Fix spelling (#205)Felix Lechner
2017-11-15main: print clear error message if CIPHERDIR is missingJakob Unterwurzacher
Getting just the help text in response to gocryptfs -info -config external.config is confusing: https://github.com/rfjakob/gocryptfs/issues/157
2017-09-06build.bash: make reproduceable builds easierJakob Unterwurzacher
* Reduce the build time precision from seconds to days * Allow to specify an arbitrary build date through an env variable
2017-07-30main: save memory profile every 60 secondsJakob Unterwurzacher
...and move all profiling functionality to its own file, as the main function is already long enough. Periodically saving the memory profile allows capturing the used memory during normal operation, as opposed to on exit, where the kernel has already issued FORGETs for all inodes. This functionality has been used to create the memory profile shown in https://github.com/rfjakob/gocryptfs/issues/132 .
2017-06-07Add "-trace" flag (record execution trace)Jakob Unterwurzacher
Uses the runtime/trace functionality. TODO: add to man page.
2017-06-07main: reorder force_owner flag parsingJakob Unterwurzacher
No functional changes, just keeping the profiling-related flags together.
2017-06-01Don't cap GOMAXPROCS at 4.Jakob Unterwurzacher
Before Go 1.5, GOMAXPROCS defaulted to 1, hence it made sense to unconditionally increase it to 4. But since Go 1.5, GOMAXPROCS defaults to the number of cores, so don't keep it from increasing above 4. Also, update the performance numbers.
2017-06-01Implement force_owner option to display ownership as a specific user.Charles Duffy
2017-05-30main: add "-info" optionJakob Unterwurzacher
Pretty-prints the config while stripping out sensitive (and uninteresting) data https://github.com/rfjakob/gocryptfs/issues/111
2017-05-30main: add short help textJakob Unterwurzacher
We have accumulated so many options over time that they no longer fit on the screen. Display only a useful subset of options to the user unless they pass "-hh".
2017-05-14exitcodes: specific codes for failure to read or write gocryptfs.confJakob Unterwurzacher
New codes: * OpenConf = 23 * WriteConf = 24
2017-05-14main: password change: exit with code 12 on wrong passwordJakob Unterwurzacher
We used to return code 8, now we return code 12 as documented in the man page. Also adds a test.
2017-05-07exitcodes: pull all exit code definitions into the packageJakob Unterwurzacher
This commit defines all exit codes in one place in the exitcodes package. Also, it adds a test to verify the exit code on incorrect password, which is what SiriKali cares about the most. Fixes https://github.com/rfjakob/gocryptfs/issues/77 .
2017-05-06main: more specific default values for GitVersion etcJakob Unterwurzacher
Now looks like this: $ ./gocryptfs -version gocryptfs [GitVersion not set - please compile using ./build.bash]; go-fuse [GitVersionFuse not set - please compile using ./build.bash]; 0000-00-00 go1.8 Hopefully easier to grep for.
2017-05-06main: add "-race" to the version stringJakob Unterwurzacher
...if we were compiled with "-race".
2017-02-22Implement "gocryptfs -speed"Jakob Unterwurzacher
A crypto benchmark mode like "openssl speed". Example run: $ ./gocryptfs -speed AES-GCM-256-OpenSSL 180.89 MB/s (selected in auto mode) AES-GCM-256-Go 48.19 MB/s AES-SIV-512-Go 37.40 MB/s
2017-02-12Check for trailing garbage after the passwordJakob Unterwurzacher
From the comment: // CheckTrailingGarbage tries to read one byte from stdin and exits with a // fatal error if the read returns any data. // This is meant to be called after reading the password, when there is no more // data expected. This helps to catch problems with third-party tools that // interface with gocryptfs.
2017-02-12Document "--" to stop option parsing in help text + man pageJakob Unterwurzacher
2017-01-26main: make sure the ctlsock file is deleted on incorrect passwordJakob Unterwurzacher
Otherwise the next try to mount ends in "ctlsock: listen unix ctl.sock: bind: address already in use"