From 05a5c0a0fffb4cb27c6e2dccda42d18ee067631c Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sat, 5 Sep 2015 11:49:05 +0200 Subject: Wrap cluefs part I --- cryptfs/cryptfile.go | 148 +++++++++++++++++++++++++++++++++++++ cryptfs/cryptfs.go | 201 +++++++++++++++++++++++++++++++++++++++++++++++++++ cryptfs/file.go | 148 ------------------------------------- cryptfs/fs.go | 201 --------------------------------------------------- frontend/dir.go | 100 ++++++++++++++++++++++++- frontend/fs.go | 9 +++ frontend/node.go | 8 ++ main.go | 36 ++++++++- 8 files changed, 497 insertions(+), 354 deletions(-) create mode 100644 cryptfs/cryptfile.go create mode 100644 cryptfs/cryptfs.go delete mode 100644 cryptfs/file.go delete mode 100644 cryptfs/fs.go diff --git a/cryptfs/cryptfile.go b/cryptfs/cryptfile.go new file mode 100644 index 0000000..5645f3c --- /dev/null +++ b/cryptfs/cryptfile.go @@ -0,0 +1,148 @@ +package cryptfs + +import ( + "fmt" + "os" + "io" + "errors" + "crypto/cipher" +) + +type CryptFile struct { + file *os.File + gcm cipher.AEAD + plainBS int64 + cipherBS int64 +} + +// readCipherBlock - Read ciphertext block number "blockNo", decrypt, +// return plaintext +func (be *CryptFile) readCipherBlock(blockNo int64) ([]byte, error) { + off := blockNo * int64(be.cipherBS) + buf := make([]byte, be.cipherBS) + + readN, err := be.file.ReadAt(buf, off) + + if err != nil && err != io.EOF { + return nil, err + } + + // Truncate buffer to actually read bytes + buf = buf[:readN] + + // Empty block?file:///home/jakob/go/src/github.com/rfjakob/gocryptfs-bazil/backend/backend.go + + if len(buf) == 0 { + return buf, nil + } + + if len(buf) < NONCE_LEN { + warn.Printf("readCipherBlock: Block is too short: %d bytes\n", len(buf)) + return nil, errors.New("Block is too short") + } + + // Extract nonce + nonce := buf[:NONCE_LEN] + buf = buf[NONCE_LEN:] + + // Decrypt + var plainBuf []byte + plainBuf, err = be.gcm.Open(plainBuf, nonce, buf, nil) + if err != nil { + fmt.Printf("gcm.Open() failed: %d\n", err) + return nil, err + } + + return plainBuf, nil +} + +// intraBlock identifies a part of a file block +type intraBlock struct { + blockNo int64 // Block number in file + offset int64 // Offset into block plaintext + length int64 // Length of data from this block +} + +// Split a plaintext byte range into (possible partial) blocks +func (be *CryptFile) splitRange(offset int64, length int64) []intraBlock { + var b intraBlock + var parts []intraBlock + + for length > 0 { + b.blockNo = offset / be.plainBS + b.offset = offset % be.plainBS + b.length = be.min64(length, be.plainBS - b.offset) + parts = append(parts, b) + offset += b.length + length -= b.length + } + return parts +} + +func (be *CryptFile) min64(x int64, y int64) int64 { + if x < y { + return x + } + return y +} + +// writeCipherBlock - Encrypt plaintext and write it to file block "blockNo" +func (be *CryptFile) writeCipherBlock(blockNo int64, plain []byte) error { + + if int64(len(plain)) > be.plainBS { + panic("writeCipherBlock: Cannot write block that is larger than plainBS") + } + + // Get fresh nonce + nonce := gcmNonce.Get() + // Encrypt data and append to nonce + cipherBuf := be.gcm.Seal(nonce, nonce, plain, nil) + + // WriteAt retries short writes autmatically + written, err := be.file.WriteAt(cipherBuf, blockNo * be.cipherBS) + + debug.Printf("writeCipherBlock: wrote %d ciphertext bytes to block %d\n", + written, blockNo) + + return err +} + +// Perform RMW cycle on block +// Write "data" into file location specified in "b" +func (be *CryptFile) rmwWrite(b intraBlock, data []byte, f *os.File) error { + if b.length != int64(len(data)) { + panic("Length mismatch") + } + + oldBlock, err := be.readCipherBlock(b.blockNo) + if err != nil { + return err + } + newBlockLen := b.offset + b.length + debug.Printf("newBlockLen := %d + %d\n", b.offset, b.length) + var newBlock []byte + + // Write goes beyond the old block and grows the file? + // Must create a bigger newBlock + if newBlockLen > int64(len(oldBlock)) { + newBlock = make([]byte, newBlockLen) + } else { + newBlock = make([]byte, len(oldBlock)) + } + + // Fill with old data + copy(newBlock, oldBlock) + // Then overwrite the relevant parts with new data + copy(newBlock[b.offset:b.offset + b.length], data) + + // Actual write + err = be.writeCipherBlock(b.blockNo, newBlock) + + if err != nil { + // An incomplete write to a ciphertext block means that the whole block + // is destroyed. + fmt.Printf("rmwWrite: Write error: %s\n", err) + } + + return err +} diff --git a/cryptfs/cryptfs.go b/cryptfs/cryptfs.go new file mode 100644 index 0000000..f5781e2 --- /dev/null +++ b/cryptfs/cryptfs.go @@ -0,0 +1,201 @@ +package cryptfs + +import ( + "crypto/cipher" + "crypto/aes" + "fmt" + "strings" + "encoding/base64" + "errors" + "os" +) + +const ( + NONCE_LEN = 12 + AUTH_TAG_LEN = 16 + DEFAULT_PLAINBS = 4096 + + ENCRYPT = true + DECRYPT = false +) + +type CryptFS struct { + blockCipher cipher.Block + gcm cipher.AEAD + plainBS int64 + cipherBS int64 +} + +func NewCryptFS(key [16]byte) *CryptFS { + + b, err := aes.NewCipher(key[:]) + if err != nil { + panic(err) + } + + g, err := cipher.NewGCM(b) + if err != nil { + panic(err) + } + + return &CryptFS{ + blockCipher: b, + gcm: g, + plainBS: DEFAULT_PLAINBS, + cipherBS: DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN, + } +} + +func (fs *CryptFS) NewFile(f *os.File) *CryptFile { + return &CryptFile { + file: f, + gcm: fs.gcm, + plainBS: fs.plainBS, + cipherBS: fs.cipherBS, + } +} + +// DecryptName - decrypt filename +func (be *CryptFS) decryptName(cipherName string) (string, error) { + + bin, err := base64.URLEncoding.DecodeString(cipherName) + if err != nil { + return "", err + } + + if len(bin) % aes.BlockSize != 0 { + return "", errors.New(fmt.Sprintf("Name len=%d is not a multiple of 16", len(bin))) + } + + iv := make([]byte, aes.BlockSize) // TODO ? + cbc := cipher.NewCBCDecrypter(be.blockCipher, iv) + cbc.CryptBlocks(bin, bin) + + bin, err = be.unPad16(bin) + if err != nil { + return "", err + } + + plain := string(bin) + return plain, err +} + +// EncryptName - encrypt filename +func (be *CryptFS) encryptName(plainName string) string { + + bin := []byte(plainName) + bin = be.pad16(bin) + + iv := make([]byte, 16) // TODO ? + cbc := cipher.NewCBCEncrypter(be.blockCipher, iv) + cbc.CryptBlocks(bin, bin) + + cipherName64 := base64.URLEncoding.EncodeToString(bin) + + return cipherName64 +} + +// TranslatePath - encrypt or decrypt path. Just splits the string on "/" +// and hands the parts to EncryptName() / DecryptName() +func (be *CryptFS) translatePath(path string, op bool) (string, error) { + var err error + + // Empty string means root directory + if path == "" { + return path, err + } + + // Run operation on each path component + var translatedParts []string + parts := strings.Split(path, "/") + for _, part := range parts { + var newPart string + if op == ENCRYPT { + newPart = be.encryptName(part) + } else { + newPart, err = be.decryptName(part) + if err != nil { + return "", err + } + } + translatedParts = append(translatedParts, newPart) + } + + return strings.Join(translatedParts, "/"), err +} + +// EncryptPath - encrypt filename or path. Just hands it to TranslatePath(). +func (be *CryptFS) EncryptPath(path string) string { + newPath, _ := be.translatePath(path, ENCRYPT) + return newPath +} + +// DecryptPath - decrypt filename or path. Just hands it to TranslatePath(). +func (be *CryptFS) DecryptPath(path string) (string, error) { + return be.translatePath(path, DECRYPT) +} + +// plainSize - calculate plaintext size from ciphertext size +func (be *CryptFS) PlainSize(s int64) int64 { + // Zero sized files stay zero-sized + if s > 0 { + // Number of blocks + n := s / be.cipherBS + 1 + overhead := be.cipherBS - be.plainBS + s -= n * overhead + } + return s +} + +// pad16 - pad filename to 16 byte blocks using standard PKCS#7 padding +// https://tools.ietf.org/html/rfc5652#section-6.3 +func (be *CryptFS) pad16(orig []byte) (padded []byte) { + oldLen := len(orig) + if oldLen == 0 { + panic("Padding zero-length string makes no sense") + } + padLen := aes.BlockSize - oldLen % aes.BlockSize + if padLen == 0 { + padLen = aes.BlockSize + } + newLen := oldLen + padLen + padded = make([]byte, newLen) + copy(padded, orig) + padByte := byte(padLen) + for i := oldLen; i < newLen; i++ { + padded[i] = padByte + } + return padded +} + +// unPad16 - remove padding +func (be *CryptFS) unPad16(orig []byte) ([]byte, error) { + oldLen := len(orig) + if oldLen % aes.BlockSize != 0 { + return nil, errors.New("Unaligned size") + } + // The last byte is always a padding byte + padByte := orig[oldLen -1] + // The padding byte's value is the padding length + padLen := int(padByte) + // Padding must be at least 1 byte + if padLen <= 0 { + return nil, errors.New("Padding cannot be zero-length") + } + // Larger paddings make no sense + if padLen > aes.BlockSize { + return nil, errors.New("Padding cannot be larger than 16") + } + // All padding bytes must be identical + for i := oldLen - padLen; i < oldLen; i++ { + if orig[i] != padByte { + return nil, errors.New(fmt.Sprintf("Padding byte at i=%d is invalid", i)) + } + } + newLen := oldLen - padLen + // Padding an empty string makes no sense + if newLen == 0 { + return nil, errors.New("Unpadded length is zero") + } + return orig[0:newLen], nil +} diff --git a/cryptfs/file.go b/cryptfs/file.go deleted file mode 100644 index 5645f3c..0000000 --- a/cryptfs/file.go +++ /dev/null @@ -1,148 +0,0 @@ -package cryptfs - -import ( - "fmt" - "os" - "io" - "errors" - "crypto/cipher" -) - -type CryptFile struct { - file *os.File - gcm cipher.AEAD - plainBS int64 - cipherBS int64 -} - -// readCipherBlock - Read ciphertext block number "blockNo", decrypt, -// return plaintext -func (be *CryptFile) readCipherBlock(blockNo int64) ([]byte, error) { - off := blockNo * int64(be.cipherBS) - buf := make([]byte, be.cipherBS) - - readN, err := be.file.ReadAt(buf, off) - - if err != nil && err != io.EOF { - return nil, err - } - - // Truncate buffer to actually read bytes - buf = buf[:readN] - - // Empty block?file:///home/jakob/go/src/github.com/rfjakob/gocryptfs-bazil/backend/backend.go - - if len(buf) == 0 { - return buf, nil - } - - if len(buf) < NONCE_LEN { - warn.Printf("readCipherBlock: Block is too short: %d bytes\n", len(buf)) - return nil, errors.New("Block is too short") - } - - // Extract nonce - nonce := buf[:NONCE_LEN] - buf = buf[NONCE_LEN:] - - // Decrypt - var plainBuf []byte - plainBuf, err = be.gcm.Open(plainBuf, nonce, buf, nil) - if err != nil { - fmt.Printf("gcm.Open() failed: %d\n", err) - return nil, err - } - - return plainBuf, nil -} - -// intraBlock identifies a part of a file block -type intraBlock struct { - blockNo int64 // Block number in file - offset int64 // Offset into block plaintext - length int64 // Length of data from this block -} - -// Split a plaintext byte range into (possible partial) blocks -func (be *CryptFile) splitRange(offset int64, length int64) []intraBlock { - var b intraBlock - var parts []intraBlock - - for length > 0 { - b.blockNo = offset / be.plainBS - b.offset = offset % be.plainBS - b.length = be.min64(length, be.plainBS - b.offset) - parts = append(parts, b) - offset += b.length - length -= b.length - } - return parts -} - -func (be *CryptFile) min64(x int64, y int64) int64 { - if x < y { - return x - } - return y -} - -// writeCipherBlock - Encrypt plaintext and write it to file block "blockNo" -func (be *CryptFile) writeCipherBlock(blockNo int64, plain []byte) error { - - if int64(len(plain)) > be.plainBS { - panic("writeCipherBlock: Cannot write block that is larger than plainBS") - } - - // Get fresh nonce - nonce := gcmNonce.Get() - // Encrypt data and append to nonce - cipherBuf := be.gcm.Seal(nonce, nonce, plain, nil) - - // WriteAt retries short writes autmatically - written, err := be.file.WriteAt(cipherBuf, blockNo * be.cipherBS) - - debug.Printf("writeCipherBlock: wrote %d ciphertext bytes to block %d\n", - written, blockNo) - - return err -} - -// Perform RMW cycle on block -// Write "data" into file location specified in "b" -func (be *CryptFile) rmwWrite(b intraBlock, data []byte, f *os.File) error { - if b.length != int64(len(data)) { - panic("Length mismatch") - } - - oldBlock, err := be.readCipherBlock(b.blockNo) - if err != nil { - return err - } - newBlockLen := b.offset + b.length - debug.Printf("newBlockLen := %d + %d\n", b.offset, b.length) - var newBlock []byte - - // Write goes beyond the old block and grows the file? - // Must create a bigger newBlock - if newBlockLen > int64(len(oldBlock)) { - newBlock = make([]byte, newBlockLen) - } else { - newBlock = make([]byte, len(oldBlock)) - } - - // Fill with old data - copy(newBlock, oldBlock) - // Then overwrite the relevant parts with new data - copy(newBlock[b.offset:b.offset + b.length], data) - - // Actual write - err = be.writeCipherBlock(b.blockNo, newBlock) - - if err != nil { - // An incomplete write to a ciphertext block means that the whole block - // is destroyed. - fmt.Printf("rmwWrite: Write error: %s\n", err) - } - - return err -} diff --git a/cryptfs/fs.go b/cryptfs/fs.go deleted file mode 100644 index f5781e2..0000000 --- a/cryptfs/fs.go +++ /dev/null @@ -1,201 +0,0 @@ -package cryptfs - -import ( - "crypto/cipher" - "crypto/aes" - "fmt" - "strings" - "encoding/base64" - "errors" - "os" -) - -const ( - NONCE_LEN = 12 - AUTH_TAG_LEN = 16 - DEFAULT_PLAINBS = 4096 - - ENCRYPT = true - DECRYPT = false -) - -type CryptFS struct { - blockCipher cipher.Block - gcm cipher.AEAD - plainBS int64 - cipherBS int64 -} - -func NewCryptFS(key [16]byte) *CryptFS { - - b, err := aes.NewCipher(key[:]) - if err != nil { - panic(err) - } - - g, err := cipher.NewGCM(b) - if err != nil { - panic(err) - } - - return &CryptFS{ - blockCipher: b, - gcm: g, - plainBS: DEFAULT_PLAINBS, - cipherBS: DEFAULT_PLAINBS + NONCE_LEN + AUTH_TAG_LEN, - } -} - -func (fs *CryptFS) NewFile(f *os.File) *CryptFile { - return &CryptFile { - file: f, - gcm: fs.gcm, - plainBS: fs.plainBS, - cipherBS: fs.cipherBS, - } -} - -// DecryptName - decrypt filename -func (be *CryptFS) decryptName(cipherName string) (string, error) { - - bin, err := base64.URLEncoding.DecodeString(cipherName) - if err != nil { - return "", err - } - - if len(bin) % aes.BlockSize != 0 { - return "", errors.New(fmt.Sprintf("Name len=%d is not a multiple of 16", len(bin))) - } - - iv := make([]byte, aes.BlockSize) // TODO ? - cbc := cipher.NewCBCDecrypter(be.blockCipher, iv) - cbc.CryptBlocks(bin, bin) - - bin, err = be.unPad16(bin) - if err != nil { - return "", err - } - - plain := string(bin) - return plain, err -} - -// EncryptName - encrypt filename -func (be *CryptFS) encryptName(plainName string) string { - - bin := []byte(plainName) - bin = be.pad16(bin) - - iv := make([]byte, 16) // TODO ? - cbc := cipher.NewCBCEncrypter(be.blockCipher, iv) - cbc.CryptBlocks(bin, bin) - - cipherName64 := base64.URLEncoding.EncodeToString(bin) - - return cipherName64 -} - -// TranslatePath - encrypt or decrypt path. Just splits the string on "/" -// and hands the parts to EncryptName() / DecryptName() -func (be *CryptFS) translatePath(path string, op bool) (string, error) { - var err error - - // Empty string means root directory - if path == "" { - return path, err - } - - // Run operation on each path component - var translatedParts []string - parts := strings.Split(path, "/") - for _, part := range parts { - var newPart string - if op == ENCRYPT { - newPart = be.encryptName(part) - } else { - newPart, err = be.decryptName(part) - if err != nil { - return "", err - } - } - translatedParts = append(translatedParts, newPart) - } - - return strings.Join(translatedParts, "/"), err -} - -// EncryptPath - encrypt filename or path. Just hands it to TranslatePath(). -func (be *CryptFS) EncryptPath(path string) string { - newPath, _ := be.translatePath(path, ENCRYPT) - return newPath -} - -// DecryptPath - decrypt filename or path. Just hands it to TranslatePath(). -func (be *CryptFS) DecryptPath(path string) (string, error) { - return be.translatePath(path, DECRYPT) -} - -// plainSize - calculate plaintext size from ciphertext size -func (be *CryptFS) PlainSize(s int64) int64 { - // Zero sized files stay zero-sized - if s > 0 { - // Number of blocks - n := s / be.cipherBS + 1 - overhead := be.cipherBS - be.plainBS - s -= n * overhead - } - return s -} - -// pad16 - pad filename to 16 byte blocks using standard PKCS#7 padding -// https://tools.ietf.org/html/rfc5652#section-6.3 -func (be *CryptFS) pad16(orig []byte) (padded []byte) { - oldLen := len(orig) - if oldLen == 0 { - panic("Padding zero-length string makes no sense") - } - padLen := aes.BlockSize - oldLen % aes.BlockSize - if padLen == 0 { - padLen = aes.BlockSize - } - newLen := oldLen + padLen - padded = make([]byte, newLen) - copy(padded, orig) - padByte := byte(padLen) - for i := oldLen; i < newLen; i++ { - padded[i] = padByte - } - return padded -} - -// unPad16 - remove padding -func (be *CryptFS) unPad16(orig []byte) ([]byte, error) { - oldLen := len(orig) - if oldLen % aes.BlockSize != 0 { - return nil, errors.New("Unaligned size") - } - // The last byte is always a padding byte - padByte := orig[oldLen -1] - // The padding byte's value is the padding length - padLen := int(padByte) - // Padding must be at least 1 byte - if padLen <= 0 { - return nil, errors.New("Padding cannot be zero-length") - } - // Larger paddings make no sense - if padLen > aes.BlockSize { - return nil, errors.New("Padding cannot be larger than 16") - } - // All padding bytes must be identical - for i := oldLen - padLen; i < oldLen; i++ { - if orig[i] != padByte { - return nil, errors.New(fmt.Sprintf("Padding byte at i=%d is invalid", i)) - } - } - newLen := oldLen - padLen - // Padding an empty string makes no sense - if newLen == 0 { - return nil, errors.New("Unpadded length is zero") - } - return orig[0:newLen], nil -} diff --git a/frontend/dir.go b/frontend/dir.go index 4703df9..8e11837 100644 --- a/frontend/dir.go +++ b/frontend/dir.go @@ -1,10 +1,108 @@ package frontend import ( - //"github.com/rfjakob/gocryptfs/cryptfs" + "fmt" + "github.com/rfjakob/gocryptfs/cryptfs" "github.com/rfjakob/cluefs/lib/cluefs" + "bazil.org/fuse" + fusefs "bazil.org/fuse/fs" + "golang.org/x/net/context" ) type Dir struct { *cluefs.Dir + crfs *cryptfs.CryptFS +} + +func NewDir(parent string, name string, fs *FS) *Dir { + fmt.Printf("NewDir parent=%s name=%s\n", parent, name) + return &Dir { + Dir: cluefs.NewDir(parent, name, fs.ClueFS), + crfs: fs.CryptFS, + } +} + +func (d *Dir) Open(ctx context.Context, req *fuse.OpenRequest, resp *fuse.OpenResponse) (fusefs.Handle, error) { + fmt.Printf("Open\n") + h, err := d.Dir.Open(ctx, req, resp) + if err != nil { + return nil, err + } + clueDir := h.(*cluefs.Dir) + + return Dir { + Dir: clueDir, + crfs: d.crfs, + }, nil +} + +func (d *Dir) Lookup(ctx context.Context, req *fuse.LookupRequest, resp *fuse.LookupResponse) (fusefs.Node, error) { + fmt.Printf("Lookup %s\n", req.Name) + req.Name = d.crfs.EncryptPath(req.Name) + n, err := d.Dir.Lookup(ctx, req, resp) + if err != nil { + return nil, err + } + clueDir, ok := n.(*cluefs.Dir) + if ok { + return &Dir { Dir: clueDir }, nil + } else { + clueFile := n.(*cluefs.File) + return &File { File: clueFile }, nil + } +} + +func (d *Dir) ReadDirAll(ctx context.Context) ([]fuse.Dirent, error) { + fmt.Printf("ReadDirAll\n") + entries, err := d.Dir.ReadDirAll(ctx) + if err != nil { + return nil, err + } + var decrypted []fuse.Dirent + for _, e := range entries { + if e.Name == "." || e.Name == ".." { + decrypted = append(decrypted, e) + continue + } + newName, err := d.crfs.DecryptPath(e.Name) + if err != nil { + fmt.Printf("ReadDirAll: Error decoding \"%s\": %s\n", e.Name, err.Error()) + continue + } + e.Name = newName + decrypted = append(decrypted, e) + } + return decrypted, nil +} + +func (d *Dir) Mkdir(ctx context.Context, req *fuse.MkdirRequest) (fusefs.Node, error) { + fmt.Printf("Mkdir %s\n", req.Name) + req.Name = d.crfs.EncryptPath(req.Name) + n, err := d.Dir.Mkdir(ctx, req) + if err != nil { + return nil, err + } + clueDir := n.(*cluefs.Dir) + return &Dir { + Dir: clueDir, + crfs: d.crfs, + }, nil +} + +func (d *Dir) Remove(ctx context.Context, req *fuse.RemoveRequest) error { + fmt.Printf("Remove\n") + req.Name = d.crfs.EncryptPath(req.Name) + return d.Dir.Remove(ctx, req) +} + +func (d *Dir) Create(ctx context.Context, req *fuse.CreateRequest, resp *fuse.CreateResponse) (fusefs.Node, fusefs.Handle, error) { + fmt.Printf("Create\n") + req.Name = d.crfs.EncryptPath(req.Name) + n, _, err := d.Dir.Create(ctx, req, resp) + if err != nil { + return nil, nil, err + } + clueFile := n.(*cluefs.File) + cryptFile := &File {File: clueFile} + return cryptFile, cryptFile, nil } diff --git a/frontend/fs.go b/frontend/fs.go index ba6ad09..83d1953 100644 --- a/frontend/fs.go +++ b/frontend/fs.go @@ -1,13 +1,16 @@ package frontend import ( + "fmt" "github.com/rfjakob/gocryptfs/cryptfs" "github.com/rfjakob/cluefs/lib/cluefs" + fusefs "bazil.org/fuse/fs" ) type FS struct { *cryptfs.CryptFS *cluefs.ClueFS + backing string } type nullTracer struct {} @@ -23,5 +26,11 @@ func NewFS(key [16]byte, backing string) *FS { return &FS { CryptFS: cryptfs.NewCryptFS(key), ClueFS: clfs, + backing: backing, } } + +func (fs *FS) Root() (fusefs.Node, error) { + fmt.Printf("Root\n") + return NewDir("", fs.backing, fs), nil +} diff --git a/frontend/node.go b/frontend/node.go index 7218d54..f9b630c 100644 --- a/frontend/node.go +++ b/frontend/node.go @@ -1,9 +1,17 @@ package frontend import ( + "fmt" "github.com/rfjakob/cluefs/lib/cluefs" ) type Node struct { *cluefs.Node } + +func NewNode(parent string, name string, fs *FS) *Node { + fmt.Printf("NewNode\n") + return &Node{ + Node: cluefs.NewNode(parent, name, fs.ClueFS), + } +} diff --git a/main.go b/main.go index af7bd21..6857b61 100644 --- a/main.go +++ b/main.go @@ -1,11 +1,18 @@ package main import ( + "bazil.org/fuse" + fusefs "bazil.org/fuse/fs" + "fmt" "github.com/rfjakob/cluefs/lib/cluefs" "github.com/rfjakob/gocryptfs/frontend" "os" ) +const ( + PROGRAM_NAME = "gocryptfs" +) + func main() { // Parse command line arguments conf, err := cluefs.ParseArguments() @@ -17,10 +24,31 @@ func main() { var key [16]byte cfs := frontend.NewFS(key, conf.GetShadowDir()) - // Mount and serve file system requests - if err = cfs.MountAndServe(conf.GetMountPoint(), conf.GetReadOnly()); err != nil { - cluefs.ErrlogMain.Printf("could not mount file system [%s]", err) - os.Exit(3) + // Mount the file system + mountOpts := []fuse.MountOption{ + fuse.FSName(PROGRAM_NAME), + fuse.Subtype(PROGRAM_NAME), + fuse.VolumeName(PROGRAM_NAME), + fuse.LocalVolume(), + } + conn, err := fuse.Mount(conf.GetMountPoint(), mountOpts...) + if err != nil { + fmt.Println(err) + os.Exit(1) + } + defer conn.Close() + + // Start serving requests + if err = fusefs.Serve(conn, cfs); err != nil { + fmt.Println(err) + os.Exit(1) + } + + // Check for errors when mounting the file system + <-conn.Ready + if err = conn.MountError; err != nil { + fmt.Println(err) + os.Exit(1) } // We are done -- cgit v1.2.3