| Age | Commit message (Collapse) | Author | 
|---|
|  |  | 
|  | gocryptfs 2.0 introduced the regression that the size
reported at symlink creation was the ciphertext size,
which is wrong.
Report the plaintext size.
Fixes https://github.com/rfjakob/gocryptfs/issues/574 | 
|  | As discovered by xfstests generic/401 [1], during the move to
the v2 api we seem to have lost the "." and ".." directory
entries.
[1]: https://github.com/rfjakob/fuse-xfstests/blob/4ef5b032bc283743d0eb58a8a28738766e664899/screenlog.0#L520 | 
|  | Currently fails like this:
=== RUN   TestRmwRace
doRead 0: corrupt block #0: cipher: message authentication failed
-wpanic turns this warning into a panic: doRead 0: corrupt block #0: cipher: message authentication failed
panic: -wpanic turns this warning into a panic: doRead 0: corrupt block #0: cipher: message authentication failed
goroutine 1293 [running]:
log.(*Logger).Panic(0xc00011c230, 0xc0003b17c8, 0x1, 0x1)
	log/log.go:224 +0xac
github.com/rfjakob/gocryptfs/internal/tlog.(*toggledLogger).Printf(0xc00007a780, 0x55a821a766a1, 0x20, 0xc0003b19f0, 0x3, 0x3)
	github.com/rfjakob/gocryptfs/internal/tlog/log.go:78 +0x1ef
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doRead(0xc0001ff420, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x1, 0xc000880000, 0x1020)
	github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:201 +0x8c9
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).doWrite(0xc0001ff420, 0xc000248428, 0x10, 0x30, 0xff0, 0x3, 0x18)
	github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:291 +0xc9e
github.com/rfjakob/gocryptfs/internal/fusefrontend.(*File).Write(0xc0001ff420, 0x55a821b306a0, 0xc000fbde90, 0xc000248428, 0x10, 0x30, 0xff0, 0x7f4a00000000, 0x0)
	github.com/rfjakob/gocryptfs/internal/fusefrontend/file.go:378 +0x25e
github.com/hanwen/go-fuse/v2/fs.(*rawBridge).Write(0xc000168140, 0xc000096000, 0xc0002483d8, 0xc000248428, 0x10, 0x30, 0x55a821ad40e0)
	github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fs/bridge.go:819 +0x26d
github.com/hanwen/go-fuse/v2/fuse.doWrite(0xc000170160, 0xc000248240)
	github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/opcode.go:191 +0x6f
github.com/hanwen/go-fuse/v2/fuse.(*Server).handleRequest(0xc000170160, 0xc000248240, 0xc000000000)
	github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:472 +0x2be
github.com/hanwen/go-fuse/v2/fuse.(*Server).loop(0xc000170160, 0xc000cd4101)
	github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:445 +0x198
created by github.com/hanwen/go-fuse/v2/fuse.(*Server).readRequest
	github.com/hanwen/go-fuse/v2@v2.0.4-0.20210125162859-8e0bbdb16cb7/fuse/server.go:312 +0x41d
    matrix_test.go:354: Write failed | 
|  |  | 
|  |  | 
|  | Instead bubble up the error to the testing object. | 
|  | Chasing a bug that seems to have nothing to do
with magic names, as it already triggers during
warmup:
--- FAIL: TestMagicNames (0.00s)
    matrix_test.go:773: Testing n="warmup1"
    matrix_test.go:773: Testing n="warmup2"
    matrix_test.go:820: no such file or directory | 
|  |  | 
|  | https://github.com/client9/misspell | 
|  | We did not use t.Name() as it was not available
before Go 1.8. Now the oldest Go version we support is
Go 1.11, so we can use it. | 
|  | Just writing zeros carries the risk of not detecting
wrongly created file holes. Write random data instead. | 
|  | When running
  $ go test ./tests/matrix/
in isolation, it failed like this:
  fd leak? before, after:
  [0r=/dev/null 3w=/dev/null 5r=/proc/8078/fd (hidden:4)]
  [0r=/dev/null 3w=/dev/null 5w=/tmp/go-build366655199/b001/testlog.txt 7r=/proc/8078/fd (hidden:4)]
Filter by prefix to get rid of this spurious test failure. | 
|  | The tests check if they leak fds themselves, but we also
check if gocryptfs leaks fds. Clarify what is what in the
error message. | 
|  | Test if https://github.com/rfjakob/gocryptfs/pull/413 works
as intended. | 
|  | Before: ok  	github.com/rfjakob/gocryptfs/tests/matrix	18.560s
After:  ok  	github.com/rfjakob/gocryptfs/tests/matrix	13.425s | 
|  | https://github.com/rfjakob/gocryptfs/issues/363 | 
|  | Another attempt to find out what is going on behind
https://github.com/rfjakob/gocryptfs/issues/363 | 
|  | Try to find out what goes wrong in
https://github.com/rfjakob/gocryptfs/issues/363 | 
|  | Error was:
tests/matrix/matrix_test.go:101:9: no new variables on left side of := | 
|  | Should help debugging https://github.com/rfjakob/gocryptfs/issues/363 | 
|  | Looks like we allowed creating longer names by accident.
Fix that, and add a test that verifies it. | 
|  | Regression test for https://github.com/rfjakob/gocryptfs/issues/354 | 
|  | matrix_test.go is already too big. | 
|  | This should get rid of
    Openat: O_NOFOLLOW missing: flags = 0x0
    Fchmodat: adding missing AT_SYMLINK_NOFOLLOW flag
    sys_common_test.go:203: chmod on symlink should have failed, but did not. New mode=0333
    UnmountErr: "[...]/057376762.mnt" was not found in MountInfo, cannot check for FD leak
and add some context to
    --- FAIL: TestUtimesNano (0.00s)
    matrix_test.go:628: no such file or directory
See https://github.com/rfjakob/gocryptfs/pull/343#issuecomment-453888006
for full test output | 
|  | We currently allocate 18 bytes too much:
https://github.com/rfjakob/gocryptfs/issues/311 | 
|  | matrix_test.go is already too big. | 
|  | Document what "d" and "h" means in the fancy ASCII diagrams.
https://github.com/rfjakob/gocryptfs/pull/326 | 
|  |  | 
|  | This will allow to tests to monitor fd usage and maybe other things. | 
|  | Make Access() symlink-safe through use of faccessat. | 
|  | Instead of reporting the consequence:
    matrix_test.go:906: modeHave 0664 != modeWant 0777
Report it if chmod itself fails, and also report the old file mode:
    matrix_test.go:901: chmod 000 -> 777 failed: bad file descriptor | 
|  | Go 1.7 does not have t.Name() yet. | 
|  | Makes sure we don't add regressions when fixing
https://github.com/rfjakob/gocryptfs/issues/259 | 
|  | The function seems to have been renamed by 426b9536 by mistake.
Rename it back so the test is run again. | 
|  | One fd leak found in TestMountBackground. | 
|  | And fix two in test_helpers.Mount().
Leftover fds can cause an unmount failure like this later:
fusermount: failed to unmount /tmp/gocryptfs-test-parent/873632270/default-plain: Device or resource busy
so try to catch them early. | 
|  | These can cause EBUSY errors when unmounting. | 
|  | macos does not have lazy unmount, so let's not use it
on linux either.
If the unmount fails, run "lsof" to find the open file.
Also fix the first bug we found this way. | 
|  | Fixes test-without-openssl.bash. | 
|  | Not supported on macos.
Beef up the first test case a little by using different second
values. | 
|  |  | 
|  | We relied on the finalizer to close a few fds.
For some reason, this did not cause problems on Linux,
but on MacOS, it causes unmount failures:
umount(/private/tmp/gocryptfs-test-parent/194654785/default-plain): Resource busy -- try 'diskutil unmount' | 
|  | Gets rid of the touch error message upon running the tests. | 
|  | These cannot work on MacOS. | 
|  | gocryptfs.longname.XXX files were considered magic in PlaintextNames
mode, which was wrong.
Fix that and add tests.
Fixes https://github.com/rfjakob/gocryptfs/issues/174 | 
|  | In PlaintextNames mode the "gocryptfs.longname." prefix does not have any
special meaning.
https://github.com/rfjakob/gocryptfs/issues/174 | 
|  | In PlaintextNames mode the "gocryptfs.longname." prefix does not have any
special meaning. We should not attempt to delete any .name files.
Partially fixes https://github.com/rfjakob/gocryptfs/issues/174 | 
|  | In PlaintextNames mode the "gocryptfs.longname." prefix does not have any
special meaning. We should not attempt to read the directory IV or to
create special .name files.
Partially fixes https://github.com/rfjakob/gocryptfs/issues/174 | 
|  | If the user manages to replace the directory with
a symlink at just the right time, we could be tricked
into chown'ing the wrong file.
This change fixes the race by using fchownat, which
unfortunately is not available on darwin, hence a compat
wrapper is added.
Scenario, as described by @slackner at
https://github.com/rfjakob/gocryptfs/issues/177 :
1. Create a forward mount point with `plaintextnames` enabled
2. Mount as root user with `allow_other`
3. For testing purposes create a file `/tmp/file_owned_by_root`
   which is owned by the root user
4. As a regular user run inside of the GoCryptFS mount:
```
mkdir tempdir
mknod tempdir/file_owned_by_root p &
mv tempdir tempdir2
ln -s /tmp tempdir
```
When the steps are done fast enough and in the right order
(run in a loop!), the device file will be created in
`tempdir`, but the `lchown` will be executed by following
the symlink. As a result, the ownership of the file located
at `/tmp/file_owned_by_root` will be changed. |