From f0b4d2354ddd481eed6c6b26046fe6b4e04e5d7e Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sun, 19 Jun 2016 20:01:04 +0200 Subject: Refuse mounting of v0.6 and older filesystems --- internal/configfile/config_file.go | 30 +++++++++++------------------- main.go | 5 +---- 2 files changed, 12 insertions(+), 23 deletions(-) diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go index 7024849..95f4c6c 100644 --- a/internal/configfile/config_file.go +++ b/internal/configfile/config_file.go @@ -109,23 +109,23 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) { deprecatedFs := false for _, i := range requiredFlags { if !cf.IsFeatureFlagSet(i) { - // For now, warn but continue. - fmt.Printf("Deprecated filesystem: feature flag %q is missing\n", knownFlags[i]) + fmt.Fprintf(os.Stderr, "Required feature flag %q is missing\n", knownFlags[i]) deprecatedFs = true - //return nil, nil, fmt.Errorf("Required feature flag %q is missing", knownFlags[i]) } } if deprecatedFs { - fmt.Printf("\033[33m" + ` - This filesystem was created by gocryptfs v0.6 or earlier. You are missing - security improvements. Mounting read-only, please upgrade! - Instructions: https://github.com/rfjakob/gocryptfs/wiki/Upgrading + fmt.Fprintf(os.Stderr, "\033[33m"+` + The filesystem was created by gocryptfs v0.6 or earlier. This version of + gocryptfs can no longer mount the filesystem. + Please download gocryptfs v0.11 and upgrade your filesystem, + see https://github.com/rfjakob/gocryptfs/wiki/Upgrading for instructions. - gocryptfs v1.0 is scheduled to drop support for this filesystem completely. - If you disagree with the plan or have trouble upgrading, please join - the discussion at https://github.com/rfjakob/gocryptfs/issues/29 . + If you have trouble upgrading, join the discussion at + https://github.com/rfjakob/gocryptfs/issues/29 . -` + "\033[0m") +`+"\033[0m") + + return nil, nil, fmt.Errorf("Deprecated filesystem") } // Generate derived key from password @@ -145,17 +145,9 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) { return nil, nil, fmt.Errorf("Password incorrect.") } - if deprecatedFs { - err = DeprecatedFsError{} - } return key, &cf, err } -// The filesystem is deprecated. -type DeprecatedFsError struct{} - -func (e DeprecatedFsError) Error() string { return "deprecated filesystem" } - // EncryptKey - encrypt "key" using an scrypt hash generated from "password" // and store it in cf.EncryptedKey. // Uses scrypt with cost parameter logN and stores the scrypt parameters in diff --git a/main.go b/main.go index 6467b4b..6ed9271 100644 --- a/main.go +++ b/main.go @@ -122,10 +122,7 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf pw := readpassword.Once(args.extpass) tlog.Info.Println("Decrypting master key") masterkey, confFile, err = configfile.LoadConfFile(args.config, pw) - if _, ok := err.(configfile.DeprecatedFsError); ok { - // Force read-only mode - args.ro = true - } else if err != nil { + if err != nil { tlog.Fatal.Println(err) os.Exit(ERREXIT_LOADCONF) } -- cgit v1.2.3