Age | Commit message (Collapse) | Author |
|
Uses the /proc/self/fd trick, which does not work
on Darwin.
|
|
Test for the upcoming fd-based xattr support.
|
|
Make Access() symlink-safe through use of faccessat.
|
|
Mostly detected with the 'codespell' utility, but also includes some
manual grammar fixes.
|
|
Error was:
tests/cli/cli_test.go:552: declaration of "err" shadows declaration at tests/cli/cli_test.go:544
|
|
Mount with idle timeout 10ms and check that the process exits by itself
within 5 seconds.
|
|
Retry with length 1000 if length 4000 fails, which
should work on all filesystems.
Failure was:
--- FAIL: TestTooLongSymlink (0.00s)
correctness_test.go:198: symlink xxx[...]xxxx /tmp/xfs.mnt/gocryptfs-test-parent/549823072/365091391/TooLongSymlink: file name too long
https://github.com/rfjakob/gocryptfs/issues/267
|
|
Setting TMPDIR now allows to run the tests against
a directory of your choice, making it easier to test
different filesystems.
|
|
Directly use int file descriptors for the dirfd
and get rid of one level of indirection.
|
|
Help uncover symlink races.
|
|
Instead of reporting the consequence:
matrix_test.go:906: modeHave 0664 != modeWant 0777
Report it if chmod itself fails, and also report the old file mode:
matrix_test.go:901: chmod 000 -> 777 failed: bad file descriptor
|
|
The cipherdir path is used as the fsname, as displayed
in "df -T". Now, having a comma in fsname triggers a sanity check
in go-fuse, aborting the mount with:
/bin/fusermount: mount failed: Invalid argument
fuse.NewServer failed: fusermount exited with code 256
Sanitize fsname by replacing any commas with underscores.
https://github.com/rfjakob/gocryptfs/issues/262
|
|
Rename openBackingPath to openBackingDir and use OpenDirNofollow
to be safe against symlink races. Note that openBackingDir is
not used in several important code paths like Create().
But it is used in Unlink, and the performance impact in the RM benchmark
to be acceptable:
Before
$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.bYO: gocryptfs v1.6-12-g930c37e-dirty; go-fuse v20170619-49-gb11e293; 2018-09-08 go1.10.3
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.07979 s, 243 MB/s
READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.882413 s, 297 MB/s
UNTAR: 16.703
MD5: 7.606
LS: 1.349
RM: 3.237
After
$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.jK3: gocryptfs v1.6-13-g84d6faf-dirty; go-fuse v20170619-49-gb11e293; 2018-09-08 go1.10.3
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.06261 s, 247 MB/s
READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.947228 s, 277 MB/s
UNTAR: 17.197
MD5: 7.540
LS: 1.364
RM: 3.410
|
|
Go 1.7 does not have t.Name() yet.
|
|
This fixes the "0100 directory" problem in reverse mode,
and should be slightly faster.
|
|
Makes sure we don't add regressions when fixing
https://github.com/rfjakob/gocryptfs/issues/259
|
|
The function seems to have been renamed by 426b9536 by mistake.
Rename it back so the test is run again.
|
|
Instead, first Load() the file, then DecryptMasterKey().
Fixes https://github.com/rfjakob/gocryptfs/issues/258
|
|
Callers that do not want to decrypt the masterkey should
call plain Load().
https://github.com/rfjakob/gocryptfs/issues/258
|
|
|
|
https://github.com/rfjakob/gocryptfs/issues/235
|
|
In the past we did not check whether all methods of checking
the file return the same result. We should.
|
|
If we encounter a 128KB block of zeros, try to skip to the next
data section by calling File.SeekData().
This fixes xfstests generic/285, which creates a 17TB sparse file,
and runs fsck afterwards. Without this optimization, fsck would
take ages.
|
|
TrezorPayload stores 32 random bytes used for unlocking
the master key using a Trezor security module. The randomness makes sure
that a unique unlock value is used for each gocryptfs filesystem.
|
|
configfile.LoadConfFile() -> configfile.Load()
configfile.CreateConfFile() -> configfile.Create()
|
|
Using an external program for the Trezor PIN is not supported
at the moment.
|
|
Verify that the Trezor feature flag is set after "-init -trezor".
|
|
readpassword.Trezor() is not implemented yet and returns
a hardcoded dummy key.
|
|
When mounted via /etc/fstab like this,
/a /b fuse.gocryptfs default 0 0
we always get extra options passed. As reported by @mahkoh
at https://github.com/rfjakob/gocryptfs/pull/233 :
mount passes `-o noexec` if `-o user` is set and `-o exec` is not set.
If both `-o user` and `-o exec` are set, it passes `-o exec`.
Make these options work, and in addtion, also make -suid and -rw
work the same way.
Reported-by: @mahkoh
|
|
By returning an error instead of calling os.Exit,
error cases can be tested easily. Error cases
were not tested until now.
|
|
Support has been merged into the xattr package
( https://github.com/pkg/xattr/pull/29 ), use it.
|
|
This currently fails because we do not use llistxattr
yet.
|
|
mv is unhappy when we return EPERM when it tries to set
system.posix_acl_access:
mv: preserving permissions for ‘b/x’: Operation not permitted
Now we return EOPNOTSUPP like tmpfs does and mv seems happy.
|
|
|
|
Values a binary-safe, there is no need to base64-encode them.
Old, base64-encoded values are supported transparently
on reading. Writing xattr values now always writes them binary.
|
|
The tests write to the example_filesystems folder, which
1) May leave your source tree in a modified state
2) Triggers test failures when the fsck tests run concurrently,
which happens on Travis CI every now and then.
Fix both problem by copying the example_filesystems folder
to a private location in /tmp.
|
|
These were using stale err values.
|
|
Reported by https://goreportcard.com/report/github.com/rfjakob/gocryptfs
|
|
Gnome may still have files open causing spurious test
failures.
|
|
One fd leak found in TestMountBackground.
|
|
And fix two in test_helpers.Mount().
Leftover fds can cause an unmount failure like this later:
fusermount: failed to unmount /tmp/gocryptfs-test-parent/873632270/default-plain: Device or resource busy
so try to catch them early.
|
|
With testcases.
|
|
|
|
Make sure we get only 1 warning output per
problem.
Also, add new corruption types to broken_fs_v1.4.
|
|
Most corruption cases except xattr should be covered.
With test filesystem.
The output is still pretty ugly. xattr support will
be added in the next commits.
|
|
These can cause EBUSY errors when unmounting.
|
|
The fsck operation is not yet implemented, this commits
just adds the flag and improves cli flag handling.
|
|
Now that https://github.com/pkg/xattr/pull/24
has been merged there is no reason to keep
our private copy.
Switch to the upstream version.
|
|
This function has been deprecated by the pkg/xattr
upstream, so write our own.
|
|
We handle empty files by storing an actual empty file
on disk. Handle xattrs similarily and encrypt the
empty value to the empty value.
|