| Age | Commit message (Collapse) | Author | 
|---|
|  | The cipherdir path is used as the fsname, as displayed
in "df -T". Now, having a comma in fsname triggers a sanity check
in go-fuse, aborting the mount with:
  /bin/fusermount: mount failed: Invalid argument
  fuse.NewServer failed: fusermount exited with code 256
Sanitize fsname by replacing any commas with underscores.
https://github.com/rfjakob/gocryptfs/issues/262 | 
|  | Instead, first Load() the file, then DecryptMasterKey().
Fixes https://github.com/rfjakob/gocryptfs/issues/258 | 
|  | Callers that do not want to decrypt the masterkey should
call plain Load().
https://github.com/rfjakob/gocryptfs/issues/258 | 
|  | https://github.com/rfjakob/gocryptfs/issues/235 | 
|  | configfile.LoadConfFile()   -> configfile.Load()
configfile.CreateConfFile() -> configfile.Create() | 
|  | When mounted via /etc/fstab like this,
  /a /b fuse.gocryptfs default 0 0
we always get extra options passed. As reported by @mahkoh
at https://github.com/rfjakob/gocryptfs/pull/233 :
  mount passes `-o noexec` if `-o user` is set and `-o exec` is not set.
  If both `-o user` and `-o exec` are set, it passes `-o exec`.
Make these options work, and in addtion, also make -suid and -rw
work the same way.
Reported-by: @mahkoh | 
|  | By returning an error instead of calling os.Exit,
error cases can be tested easily. Error cases
were not tested until now. | 
|  | One fd leak found in TestMountBackground. | 
|  | Most corruption cases except xattr should be covered.
With test filesystem.
The output is still pretty ugly. xattr support will
be added in the next commits. | 
|  | The fsck operation is not yet implemented, this commits
just adds the flag and improves cli flag handling. | 
|  | This will allows us to overwrite the password
with zeros once we are done with it.
https://github.com/rfjakob/gocryptfs/issues/211 | 
|  | Allows to use /dev/random for generating the master key instead of the
default Go implementation. When the kernel random generator has been
properly initialized both are considered equally secure, however:
* Versions of Go prior to 1.9 just fall back to /dev/urandom if the
  getrandom() syscall would be blocking (Go Bug #19274)
* Kernel versions prior to 3.17 do not support getrandom(), and there
  is no check if the random generator has been properly initialized
  before reading from /dev/urandom
This is especially useful for embedded hardware with low-entroy. Please
note that generation of the master key might block indefinitely if the
kernel cannot harvest enough entropy. | 
|  | Currently fails, as reported at
https://github.com/rfjakob/gocryptfs/issues/130 . | 
|  | We used to return code 8, now we return code 12 as documented in
the man page.
Also adds a test. | 
|  | This commit defines all exit codes in one place in the exitcodes
package.
Also, it adds a test to verify the exit code on incorrect
password, which is what SiriKali cares about the most.
Fixes https://github.com/rfjakob/gocryptfs/issues/77 . | 
|  | From the comment:
// CheckTrailingGarbage tries to read one byte from stdin and exits with a
// fatal error if the read returns any data.
// This is meant to be called after reading the password, when there is no more
// data expected. This helps to catch problems with third-party tools that
// interface with gocryptfs. | 
|  | Also, make the other password tests more rigorous by verifying the
fs content. | 
|  | It was actually testing extpass a second time. | 
|  | Also fixes the failure to run the benchmarks do to the missing
gocryptfs.diriv. |