summaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2018-05-04tests: example_filesystems: create a private copy in /tmpJakob Unterwurzacher
The tests write to the example_filesystems folder, which 1) May leave your source tree in a modified state 2) Triggers test failures when the fsck tests run concurrently, which happens on Travis CI every now and then. Fix both problem by copying the example_filesystems folder to a private location in /tmp.
2018-04-27tests: helpers: fix a few error reportsJakob Unterwurzacher
These were using stale err values.
2018-04-08Fix the easy golint warningsJakob Unterwurzacher
Reported by https://goreportcard.com/report/github.com/rfjakob/gocryptfs
2018-04-08tests: retry umountJakob Unterwurzacher
Gnome may still have files open causing spurious test failures.
2018-04-07tests: cli_test: fix fd leakJakob Unterwurzacher
One fd leak found in TestMountBackground.
2018-04-07tests: matrix: check for fd leaksJakob Unterwurzacher
And fix two in test_helpers.Mount(). Leftover fds can cause an unmount failure like this later: fusermount: failed to unmount /tmp/gocryptfs-test-parent/873632270/default-plain: Device or resource busy so try to catch them early.
2018-04-02fsck: add xattr supportJakob Unterwurzacher
With testcases.
2018-04-02fsck: test against example_filesystemsJakob Unterwurzacher
2018-04-02fsck: clean up log outputJakob Unterwurzacher
Make sure we get only 1 warning output per problem. Also, add new corruption types to broken_fs_v1.4.
2018-04-02fsck: add initial implementationJakob Unterwurzacher
Most corruption cases except xattr should be covered. With test filesystem. The output is still pretty ugly. xattr support will be added in the next commits.
2018-04-01tests: add a few explicit file Close() in matrix_testJakob Unterwurzacher
These can cause EBUSY errors when unmounting.
2018-04-01main: add "-fsck" flagJakob Unterwurzacher
The fsck operation is not yet implemented, this commits just adds the flag and improves cli flag handling.
2018-03-28Switch from private copy to pkg/xattrJakob Unterwurzacher
Now that https://github.com/pkg/xattr/pull/24 has been merged there is no reason to keep our private copy. Switch to the upstream version.
2018-03-26tests: replace xattr.SupportedJakob Unterwurzacher
This function has been deprecated by the pkg/xattr upstream, so write our own.
2018-03-25fusefrontend: handle empty xattrs efficientlyJakob Unterwurzacher
We handle empty files by storing an actual empty file on disk. Handle xattrs similarily and encrypt the empty value to the empty value.
2018-03-25fusefrontend: add xattr supportJakob Unterwurzacher
At the moment, only for reverse mode. https://github.com/rfjakob/gocryptfs/issues/217
2018-03-24test_helpers: add SwitchTestParentDirJakob Unterwurzacher
SwitchTestParentDir changes testParentDir. This is used when you want to perform tests on a special filesystem. For example, the xattr tests cannot run on tmpfs and use /var/tmp instead of /tmp.
2018-03-22Add `-masterkey=stdin` functionalityJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/218
2018-03-13tests: extractloop.sh: better cleanup logic, handle missing /procJakob Unterwurzacher
macos does not have /proc, so don't try to read it.
2018-03-13tests: extractloop.sh: don't abort if md5sum is missingJakob Unterwurzacher
MacOS does not have it installed by default.
2018-03-07macos: extractloop.sh: exclude symlink & mute ln error messageJakob Unterwurzacher
Extracting the symlink fails with linux-3.0/arch/microblaze/boot/dts/system.dts: Can't set permissions to 0755 so just exclude it. The ln error Looks scary but is harmless, so get rid of it. The symlink is only created to make it more convenient to view the csv log.
2018-03-07macos: tests: make extractloop.bash work on macosJakob Unterwurzacher
macos' bash and ln lack a few features we used.
2018-03-07tests: convert remaining wget calls to dl-linux-tarball.bash helperJakob Unterwurzacher
Makes the scripts work when wget is not available (macos)
2018-03-07macos: tests: use curl of wget is not availableJakob Unterwurzacher
2018-03-06tests: drop "-z" from fusermount to catch forgotten fdsJakob Unterwurzacher
macos does not have lazy unmount, so let's not use it on linux either. If the unmount fails, run "lsof" to find the open file. Also fix the first bug we found this way.
2018-03-05macos: fix fd leak in reverse testsJakob Unterwurzacher
Causes "Resource busy" unmount failures on macos
2018-03-05tests: matrix_test: skip cases when without_openssl is setJakob Unterwurzacher
Fixes test-without-openssl.bash.
2018-03-05test_helpers: add missing newlineJakob Unterwurzacher
2018-03-05macos: doTestUtimesNano: skip UTIME_OMIT and nanoseconds testcasesJakob Unterwurzacher
Not supported on macos. Beef up the first test case a little by using different second values.
2018-03-05tests: TestUtimesNano: replace ugly compareUtimes wrapperJakob Unterwurzacher
2018-03-05tests: fix a few fd leaksJakob Unterwurzacher
We relied on the finalizer to close a few fds. For some reason, this did not cause problems on Linux, but on MacOS, it causes unmount failures: umount(/private/tmp/gocryptfs-test-parent/194654785/default-plain): Resource busy -- try 'diskutil unmount'
2018-03-05macos: skip TestUtimesNanoSymlink earlyJakob Unterwurzacher
Gets rid of the touch error message upon running the tests.
2018-03-05macos: adjust TestTooLongSymlink length for darwinJakob Unterwurzacher
Limit is much lower than on linux
2018-02-28MacOS: skip TestUtimesNanoSymlink and TestUtimesNanoFdJakob Unterwurzacher
These cannot work on MacOS.
2018-02-28test_helpers: use an intermediate pipe for subprocess stdoutJakob Unterwurzacher
To Go test logic waits for stderr and stdout to close, so when we share it with a subprocess, it will wait for it to exit as well. We don't want the tests to hang when the unmount fails. Seen on MacOS as reported at https://github.com/rfjakob/gocryptfs/issues/213
2018-02-18readpassword: convert from string to []byteJakob Unterwurzacher
This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211
2018-01-21Documentation: add extractloop example outputJakob Unterwurzacher
2018-01-17fusefronted: add PlaintextNames special-cases for Create & RenameJakob Unterwurzacher
gocryptfs.longname.XXX files were considered magic in PlaintextNames mode, which was wrong. Fix that and add tests. Fixes https://github.com/rfjakob/gocryptfs/issues/174
2017-12-25fusefrontend: Handle PlaintextNames mode in LinkSebastian Lackner
In PlaintextNames mode the "gocryptfs.longname." prefix does not have any special meaning. https://github.com/rfjakob/gocryptfs/issues/174
2017-12-07fusefrontend_reverse: secure Access against symlink races (somewhat)Jakob Unterwurzacher
Unfortunately, faccessat in Linux ignores AT_SYMLINK_NOFOLLOW, so this is not completely atomic. Given that the information you get from access is not very interesting, it seems good enough. https://github.com/rfjakob/gocryptfs/issues/165
2017-12-06tets_helpers: handle t=nil in InitFSJakob Unterwurzacher
The reverse tests call InitFS with t=nil. By calling panic we get a better error message instead of a generic nil pointer dereference.
2017-11-29fusefrontend: allow_other: close race between mkdir and chownSebastian Lackner
Fixes the same problem as described in 72b975867a3b9bdf53fc2da62e2ba4a328d7e4ab, except for directories instead of device nodes.
2017-11-28fusefrontend: Handle PlaintextNames mode in UnlinkSebastian Lackner
In PlaintextNames mode the "gocryptfs.longname." prefix does not have any special meaning. We should not attempt to delete any .name files. Partially fixes https://github.com/rfjakob/gocryptfs/issues/174
2017-11-28fusefrontend: Handle PlaintextNames mode in MknodSebastian Lackner
In PlaintextNames mode the "gocryptfs.longname." prefix does not have any special meaning. We should not attempt to read the directory IV or to create special .name files. Partially fixes https://github.com/rfjakob/gocryptfs/issues/174
2017-11-27fusefronted: allow_other: close race between mknod and chownJakob Unterwurzacher
If the user manages to replace the directory with a symlink at just the right time, we could be tricked into chown'ing the wrong file. This change fixes the race by using fchownat, which unfortunately is not available on darwin, hence a compat wrapper is added. Scenario, as described by @slackner at https://github.com/rfjakob/gocryptfs/issues/177 : 1. Create a forward mount point with `plaintextnames` enabled 2. Mount as root user with `allow_other` 3. For testing purposes create a file `/tmp/file_owned_by_root` which is owned by the root user 4. As a regular user run inside of the GoCryptFS mount: ``` mkdir tempdir mknod tempdir/file_owned_by_root p & mv tempdir tempdir2 ln -s /tmp tempdir ``` When the steps are done fast enough and in the right order (run in a loop!), the device file will be created in `tempdir`, but the `lchown` will be executed by following the symlink. As a result, the ownership of the file located at `/tmp/file_owned_by_root` will be changed.
2017-11-26reverse: reject too-long symlink target reads with ENAMETOOLONGJakob Unterwurzacher
If the symlink target gets too long due to base64 encoding, we should return ENAMETOOLONG instead of having the kernel reject the data and returning an I/O error to the user. Fixes https://github.com/rfjakob/gocryptfs/issues/167
2017-11-25fusefrontend_reverse: Do not mix up cache information for different directoriesSebastian Lackner
Fixes https://github.com/rfjakob/gocryptfs/issues/168 Steps to reproduce the problem: * Create a regular reverse mount point * Create files with the same very long name in multiple directories - so far everything works as expected, and it will appear with a different name each time, for example, gocryptfs.longname.A in directory A and gocryptfs.longname.B in directory B * Try to access a path with A/gocryptfs.longname.B or B/gocryptfs.longname.A - this should fail, but it actually works. The problem is that the longname cache only uses the path as key and not the dir or divIV. Assume an attacker can directly interact with a reverse mount and knows the relation longname path -> unencoded path in one directory, it allows to test if the same unencoded filename appears in any other directory.
2017-11-25fusefrontend: Fix longname handling for renames with existing targetSebastian Lackner
Fixes https://github.com/rfjakob/gocryptfs/issues/170 Steps to reproduce the problem: * Create a regular forward mount point * Create a file with a shortname and one with a long filename * Try to run 'mv <shortname> <longname>' This should actually work and replace the existing file, but instead it fails with: mv: cannot move '<shortname>' to '<longname>': File exists The problem is the creation of the .name file. If the target already exists we can safely ignore the EEXIST error and just keep the existing .name file.
2017-11-23tests: Add test for access to encrypted version of '.' and '..'Sebastian Lackner
To show that https://github.com/rfjakob/gocryptfs/issues/163 has been fixed.
2017-11-21main: Add '-devrandom' commandline optionSebastian Lackner
Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy.