Age | Commit message (Collapse) | Author | |
---|---|---|---|
2015-12-13 | go fmt | Jakob Unterwurzacher | |
...and minimal comment changes. | |||
2015-12-13 | Handle EINTR returned by Fallocate | Jakob Unterwurzacher | |
Fallocate can return EINTR (interrupted system call) and does so quite often when cpu profiling is enabled. | |||
2015-12-11 | Rmdir: handle creating and removing unreadable directories | Jakob Unterwurzacher | |
This patch also splits off Mkdir and Rmdir into its own file. Fixes issue #8, thanks to @diseq for the bug report. | |||
2015-12-10 | Add missing PlaintextNames checks in OpenDir, Mkdir, Rmdir, initDir | Jakob Unterwurzacher | |
Plaintextnames support has bitrotted during the DirIV additions, this needs test cases. Will be added in a future patch. Fixes issue #9. | |||
2015-12-08 | Add EME filename encryption & enable it by default | Jakob Unterwurzacher | |
2015-12-08 | go fmt | Jakob Unterwurzacher | |
2015-12-06 | fallocate the space needed for the file header beforehand | Jakob Unterwurzacher | |
This makes sure writing to a file fails early if the underlying filesystem does not support fallocate. It also prevents partial header write due to ENOSPC. | |||
2015-12-06 | Fix rename, was broken broken by DirIV introduction | Jakob Unterwurzacher | |
As it was, CIPHERDIR was prepended twice, causing every rename to fail with ENOENT. | |||
2015-11-29 | Run go fmt | Jakob Unterwurzacher | |
2015-11-29 | Add single-element cache for DirIV lookup | Jakob Unterwurzacher | |
Another 3x performance boost for applications that walk the directory tree. Excerpt from performance.txt: VERSION UNTAR LS RM v0.4 48 1.5 5 v0.5-rc1 56 7 19 v0.5-rc1-1 54 4.1 9 v0.5-rc1-2 45 1.7 3.4 <---- THIS VERSION | |||
2015-11-29 | OpenDir performance: Read DirIV once and reuse it for all names | Jakob Unterwurzacher | |
Formerly, we called decryptPath for every name. That resulted in a directory walk that reads in all diriv files on the way. Massive improvement for RM and LS (check performance.txt for details) VERSION UNTAR RM LS v0.4 48 5 1.5 v0.5-rc1 56 19 7 v0.5-rc1-1 54 9 4.1 <---- THIS VERSION | |||
2015-11-28 | diriv: also support old CBC symlink | Jakob Unterwurzacher | |
2015-11-28 | diriv: fix Symlink() and Readlink() | Jakob Unterwurzacher | |
Both were missing adaptions for diriv usage resulting in broken functionality | |||
2015-11-28 | diriv: fix readdir | Jakob Unterwurzacher | |
It decrypted all file names using the root directory iv | |||
2015-11-28 | diriv: use "DirIV" flag to discern and support mounting old filesystems | Jakob Unterwurzacher | |
2015-11-27 | Run go fmt | Jakob Unterwurzacher | |
2015-11-27 | diriv: Move WriteDirIV() to cryptfs; add locking to Mkdir, Rmdir | Jakob Unterwurzacher | |
2015-11-27 | diriv: Convert filename encryption users to diriv | Jakob Unterwurzacher | |
2015-11-25 | diriv: Transactionally delete gocryptfs.diriv in Rmdir | Jakob Unterwurzacher | |
2015-11-25 | diriv: Create gocryptfs.diriv in every directory | Jakob Unterwurzacher | |
2015-11-14 | Run go fmt and go vet | Jakob Unterwurzacher | |
2015-11-09 | Add "-q" (quiet) flag | Jakob Unterwurzacher | |
2015-11-08 | Handle ENOSPC errors better by preallocating the space before writing | Jakob Unterwurzacher | |
Prevent the case that we run out of space in the middle of writing a block - that would leave a corrupt block behind. | |||
2015-11-03 | Centralize path filter decision in CryptFS.IsFiltered() | Jakob Unterwurzacher | |
2015-11-03 | Implement PlainTextNames mode | Jakob Unterwurzacher | |
Also, forbid access to "gocryptfs.conf" in the root dir. | |||
2015-11-01 | Remove code detected by "deadcode" | Jakob Unterwurzacher | |
go get github.com/remyoudompheng/go-misc/deadcode | |||
2015-11-01 | Refactor ciphertext <-> plaintext offset translation functions | Jakob Unterwurzacher | |
Move all the intelligence into the new file address_translation.go. That the calculations were spread out too much became apparent when adding the file header. This should make the code much easier to modify in the future. | |||
2015-11-01 | Add file header (on-disk-format change) | Jakob Unterwurzacher | |
Format: [ "Version" uint16 big endian ] [ "Id" 16 random bytes ] Quoting SECURITY.md: * Every file has a header that contains a 16-byte random *file id* * Each block uses the file id and its block number as GCM *authentication data* * This means the position of the blocks is protected as well. The blocks can not be reordered or copied between different files without causing an decryption error. | |||
2015-10-06 | Use block number as authentication data | Jakob Unterwurzacher | |
2015-10-04 | Utimens: Use UtimesNano instead of Futimes | Jakob Unterwurzacher | |
Futimes() only takes microsecond resolution while the FUSE call Utimens() wants nanosecond precision. This is why UTIME_OMIT did not work - this change fixes the xfstests generic/258 test failure. The go library does not provide a FutimesNano() function which is why I use UtimesNano() on /proc/self/fd/n. This is what the Go library does in Futimes(). | |||
2015-10-04 | fallocate: return ENOSYS | Jakob Unterwurzacher | |
The implementation was incomplete, disable fallocate completely for now. See https://github.com/rfjakob/gocryptfs/issues/1 Fixes xfstests generic/075 | |||
2015-10-04 | truncate: Fix bug that caused xfstests generic/030 to fail | Jakob Unterwurzacher | |
The bug was caused by using cipherOff where plainOff should have been used. Renamed the symbols for less confusion. | |||
2015-10-04 | Truncate: Logging improvements, show number of blocks as float | Jakob Unterwurzacher | |
2015-10-04 | Fix Trucate() bug causing files to be too small | Jakob Unterwurzacher | |
Uncovered by running xfstests generic/014 several times | |||
2015-10-04 | Run go fmt | Jakob Unterwurzacher | |
2015-10-04 | intraBlock: Rename Offset to Skip | Jakob Unterwurzacher | |
"Offset" is unclear whether it is an offset from the start of file or start of block. "Skip" seems much better. | |||
2015-10-04 | Utilize file hole passtrough capability in Truncate() | Jakob Unterwurzacher | |
Cuts down the runtime of xfstests generic/014 from 1822 seconds to 36 seconds | |||
2015-10-04 | Zero-pad last block if a file hole is created on Write() | Jakob Unterwurzacher | |
Fixes TestFileHoles test | |||
2015-10-04 | Fix xfstests generic/030 failure | Jakob Unterwurzacher | |
The actual fix is oldSize := f.cfs.PlainSize(uint64(fi.Size())) the rest is logging improvements | |||
2015-10-03 | debug: log inode number instead of encrypted filename | Jakob Unterwurzacher | |
Makes the log output smaller and more readable. | |||
2015-09-30 | tests: Add append test | Jakob Unterwurzacher | |
2015-09-30 | Implement Truncate() + Test | Jakob Unterwurzacher | |
2015-09-30 | debug: Log encrypted filename | Jakob Unterwurzacher | |
2015-09-19 | Fix Chown parameter order | Jakob Unterwurzacher | |
2015-09-17 | Fix read benchmark | Jakob Unterwurzacher | |
2015-09-16 | Fix symlink size reporting | Jakob Unterwurzacher | |
2015-09-13 | Don't warn about "gocryptfs.conf" in the ciphertext root dir | Jakob Unterwurzacher | |
2015-09-13 | Encrypt key with scrypt-hashed password | Jakob Unterwurzacher | |
2015-09-09 | Fix File.GettAttr() size reporting | Jakob Unterwurzacher | |
The too-large reported value broke mmap (applications saw appended zero bytes) Also * Add locking for all fd operations * Add "--debug" command line switch | |||
2015-09-08 | Explain both frontends in readme | Jakob Unterwurzacher | |
Also, re-enable openssl and disable debug messages so testing gocryptfs is less painful |