summaryrefslogtreecommitdiff
path: root/tests/reverse
AgeCommit message (Collapse)Author
2019-01-20syscallcompat: drop Faccessat AT_SYMLINK_NOFOLLOW helperJakob Unterwurzacher
unix.Faccessat has added support for AT_SYMLINK_NOFOLLOW in July 2018, https://github.com/golang/sys/commit/bd9dbc187b6e1dacfdd2722a87e83093c2d7bd6e#diff-341484dbbe3180cd7a31ef2ad2d679b6 which means we no longer need our own helper. Closes https://github.com/rfjakob/gocryptfs/issues/347
2019-01-04tests: reverse: verify that longname .name files are exluded as wellJakob Unterwurzacher
Currently fails, will be fixed in the next commit. https://github.com/rfjakob/gocryptfs/issues/286
2019-01-02tests: add fd leak retry logic to UnmountErr, really return errorJakob Unterwurzacher
Give the gocryptfs process one extra millisecond to close files. Allows us to drop several other sleeps. UnmountErr now really returns an error when it detects an fd leak instead of just printing a message.
2019-01-02tests: reverse: add ctlsocket cleanup delayJakob Unterwurzacher
2018-12-27Assorted spelling fixes.Sebastian Lackner
Mostly detected with the 'codespell' utility, but also includes some manual grammar fixes.
2018-10-10tests: catch "name too long" symlink failure on XFSJakob Unterwurzacher
Retry with length 1000 if length 4000 fails, which should work on all filesystems. Failure was: --- FAIL: TestTooLongSymlink (0.00s) correctness_test.go:198: symlink xxx[...]xxxx /tmp/xfs.mnt/gocryptfs-test-parent/549823072/365091391/TooLongSymlink: file name too long https://github.com/rfjakob/gocryptfs/issues/267
2018-09-08fusefrontend: use OpenDirNofollow in openBackingDirJakob Unterwurzacher
Rename openBackingPath to openBackingDir and use OpenDirNofollow to be safe against symlink races. Note that openBackingDir is not used in several important code paths like Create(). But it is used in Unlink, and the performance impact in the RM benchmark to be acceptable: Before $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.bYO: gocryptfs v1.6-12-g930c37e-dirty; go-fuse v20170619-49-gb11e293; 2018-09-08 go1.10.3 WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.07979 s, 243 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.882413 s, 297 MB/s UNTAR: 16.703 MD5: 7.606 LS: 1.349 RM: 3.237 After $ ./benchmark.bash Testing gocryptfs at /tmp/benchmark.bash.jK3: gocryptfs v1.6-13-g84d6faf-dirty; go-fuse v20170619-49-gb11e293; 2018-09-08 go1.10.3 WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.06261 s, 247 MB/s READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.947228 s, 277 MB/s UNTAR: 17.197 MD5: 7.540 LS: 1.364 RM: 3.410
2018-09-08tests: restore Go 1.7 compatibilityJakob Unterwurzacher
Go 1.7 does not have t.Name() yet.
2018-09-08syscallcompat: use O_PATH in OpenDirNofollowJakob Unterwurzacher
This fixes the "0100 directory" problem in reverse mode, and should be slightly faster.
2018-08-15main: add -e as an alias for -excludeJakob Unterwurzacher
2018-08-11reverse mode: add --exclude optionJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/235
2018-04-02fsck: clean up log outputJakob Unterwurzacher
Make sure we get only 1 warning output per problem. Also, add new corruption types to broken_fs_v1.4.
2018-03-07tests: convert remaining wget calls to dl-linux-tarball.bash helperJakob Unterwurzacher
Makes the scripts work when wget is not available (macos)
2018-03-05macos: fix fd leak in reverse testsJakob Unterwurzacher
Causes "Resource busy" unmount failures on macos
2018-03-05macos: adjust TestTooLongSymlink length for darwinJakob Unterwurzacher
Limit is much lower than on linux
2017-12-07fusefrontend_reverse: secure Access against symlink races (somewhat)Jakob Unterwurzacher
Unfortunately, faccessat in Linux ignores AT_SYMLINK_NOFOLLOW, so this is not completely atomic. Given that the information you get from access is not very interesting, it seems good enough. https://github.com/rfjakob/gocryptfs/issues/165
2017-11-26reverse: reject too-long symlink target reads with ENAMETOOLONGJakob Unterwurzacher
If the symlink target gets too long due to base64 encoding, we should return ENAMETOOLONG instead of having the kernel reject the data and returning an I/O error to the user. Fixes https://github.com/rfjakob/gocryptfs/issues/167
2017-11-25fusefrontend_reverse: Do not mix up cache information for different directoriesSebastian Lackner
Fixes https://github.com/rfjakob/gocryptfs/issues/168 Steps to reproduce the problem: * Create a regular reverse mount point * Create files with the same very long name in multiple directories - so far everything works as expected, and it will appear with a different name each time, for example, gocryptfs.longname.A in directory A and gocryptfs.longname.B in directory B * Try to access a path with A/gocryptfs.longname.B or B/gocryptfs.longname.A - this should fail, but it actually works. The problem is that the longname cache only uses the path as key and not the dir or divIV. Assume an attacker can directly interact with a reverse mount and knows the relation longname path -> unencoded path in one directory, it allows to test if the same unencoded filename appears in any other directory.
2017-10-03fusefrontend_reverse: workaround ext4 test failureJakob Unterwurzacher
The extended TestLongnameStat() exposes a pathological case when run on ext4, as ext4 reuses inode numbers immediately. This change modifies the test to not delete the files immediately, so the inode numbers cannot be reused immediately. Fix for the underlying issue is a TODO.
2017-10-01fusefrontend_reverse: fix 176-byte namesJakob Unterwurzacher
A file with a name of exactly 176 bytes length caused this error: ls: cannot access ./tmp/dsg/sXSGJLTuZuW1FarwIkJs0w/b6mGjdxIRpaeanTo0rbh0A/QjMRrQZC_4WLhmHI1UOBcA/gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY: No such file or directory ls: cannot access ./tmp/dsg/sXSGJLTuZuW1FarwIkJs0w/b6mGjdxIRpaeanTo0rbh0A/QjMRrQZC_4WLhmHI1UOBcA/gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY.name: No such file or directory -????????? ? ? ? ? ? gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY -????????? ? ? ? ? ? gocryptfs.longname.QV-UipdDXeUVdl05WruoEzBNPrQCfpu6OzJL0_QnDKY.name Root cause was a wrong shortNameMax constant that failed to account for the obligatory padding byte. Fix the constant and also expand the TestLongnameStat test case to test ALL file name lengths from 1-255 bytes. Fixes https://github.com/rfjakob/gocryptfs/issues/143 .
2017-07-27fusefrontend_reverse: return ENOENT for undecryptable namesJakob Unterwurzacher
This was working until DecryptName switched to returning EBADMSG instead of EINVAL. Add a test to catch the regression next time.
2017-03-07tests: reverse: don't run tests that ignore "-plaintextnames" twiceJakob Unterwurzacher
TestMain() runs all tests twice, once with plaintextnames=true and once with false. Several tests mount their own filesystem and ignore the plaintextnames variable. It makes no sense to run them twice, so skip execution when plaintextnames is set.
2017-03-07Report correct symbolic link dentry sizesM. Vefa Bicakci
Prior to this commit, gocryptfs's reverse mode did not report correct directory entry sizes for symbolic links, where the dentry size needs to be the same as the length of a string containing the target path. This commit corrects this issue and adds a test case to verify the correctness of the implementation. This issue was discovered during the use of a strict file copying program on a reverse-mounted gocryptfs file system.
2017-02-16tests: reverse: check Access() callJakob Unterwurzacher
2017-02-15OSX compat: replace fusermount calls with fuse-unmount.bashJakob Unterwurzacher
Mac OS X does not have fusermount and uses umount instead. The fuse-unmount.bash calls the appropriate command.
2016-11-10ctlsock: prevent panic on invalid decrypt requestJakob Unterwurzacher
2016-11-10ctlsock: implement EncryptPath for reverse mode, add testsJakob Unterwurzacher
2016-10-08reverse: gocryptfs.conf was missing from the directory listingsJakob Unterwurzacher
Fix the test for that and add checks in example_filesystems_test.
2016-10-08reverse: make gocryptfs.conf mapping plaintextnames-awareJakob Unterwurzacher
Only in plaintextnames-mode AND with the config file at the default location it will be mapped into the mountpoint. Also adds a test for that.
2016-09-26reverse: switch from GCM-SIV to AES-SIVv1.1-beta1Jakob Unterwurzacher
GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV.
2016-09-25tests: add reverse linux tarball testJakob Unterwurzacher
2016-09-25reverse: add symlink encryption and Readlink supportJakob Unterwurzacher
2016-09-25reverse: more thorough longname stat testJakob Unterwurzacher
Now also verifies the returned file size.
2016-09-25reverse: add gcmsiv flag and associated testsJakob Unterwurzacher
2016-09-25reverse: add longname benchmarkJakob Unterwurzacher