1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
package defaults
import (
"os"
"syscall"
"testing"
"github.com/rfjakob/gocryptfs/v2/ctlsock"
"github.com/rfjakob/gocryptfs/v2/tests/test_helpers"
)
func TestCtlSock(t *testing.T) {
cDir := test_helpers.InitFS(t)
pDir := cDir + ".mnt"
sock := cDir + ".sock"
test_helpers.MountOrFatal(t, cDir, pDir, "-ctlsock="+sock, "-extpass", "echo test")
defer test_helpers.UnmountPanic(pDir)
req := ctlsock.RequestStruct{
EncryptPath: "foobar",
}
response := test_helpers.QueryCtlSock(t, sock, req)
if response.Result == "" || response.ErrNo != 0 {
t.Errorf("got an error reply: %+v", response)
}
req.EncryptPath = "not-existing-dir/xyz"
response = test_helpers.QueryCtlSock(t, sock, req)
if response.ErrNo != int32(syscall.ENOENT) || response.Result != "" {
t.Errorf("incorrect error handling: wanted ErrNo=%d, have %+v", syscall.ENOENT, response)
}
// Strange paths should not cause a crash
crashers := []string{"/foo", "foo/", "/foo/", ".", "/////", "/../../."}
for _, c := range crashers {
req.EncryptPath = c
// QueryCtlSock calls t.Fatal if it gets EOF when gocryptfs panics
response = test_helpers.QueryCtlSock(t, sock, req)
if response.WarnText == "" {
t.Errorf("We should get a warning about non-canonical paths here")
}
}
}
func TestCtlSockDecrypt(t *testing.T) {
cDir := test_helpers.InitFS(t)
pDir := cDir + ".mnt"
sock := cDir + ".sock"
test_helpers.MountOrFatal(t, cDir, pDir, "-ctlsock="+sock, "-extpass", "echo test")
defer test_helpers.UnmountPanic(pDir)
paths := []string{
"xxxxxxx123456789",
"foo/bar/baz",
test_helpers.X255,
"123/" + test_helpers.X255,
"123/" + test_helpers.X255 + "/456",
}
for _, p := range paths {
// Create path
err := os.MkdirAll(pDir+"/"+p, 0700)
if err != nil {
t.Fatal(err)
}
// Encrypt the path through the ctlsock
req := ctlsock.RequestStruct{
EncryptPath: p,
}
response := test_helpers.QueryCtlSock(t, sock, req)
if response.Result == "" || response.ErrNo != 0 {
t.Fatalf("got an error for query %+v: %+v", req, response)
}
// Check if the encrypted path actually exists
cPath := response.Result
_, err = os.Stat(cDir + "/" + cPath)
if err != nil {
t.Fatal(err)
}
// Decrypt the path through the ctlsock and see if we get the original path
req = ctlsock.RequestStruct{
DecryptPath: cPath,
}
response = test_helpers.QueryCtlSock(t, sock, req)
if response.Result == "" || response.ErrNo != 0 {
t.Errorf("query=%+v, response=%+v", req, response)
continue
}
if response.Result != p {
t.Errorf("want=%q got=%q", p, response.Result)
}
}
}
func TestCtlSockDecryptCrash(t *testing.T) {
cDir := test_helpers.InitFS(t)
pDir := cDir + ".mnt"
sock := cDir + ".sock"
test_helpers.MountOrFatal(t, cDir, pDir, "-ctlsock="+sock, "-extpass", "echo test")
defer test_helpers.UnmountPanic(pDir)
}
|
