1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
package reverse_test
import (
"io/ioutil"
"path/filepath"
"testing"
"github.com/rfjakob/gocryptfs/ctlsock"
"github.com/rfjakob/gocryptfs/internal/nametransform"
"github.com/rfjakob/gocryptfs/tests/test_helpers"
)
func ctlsockEncryptPath(t *testing.T, sock string, path string) string {
req := ctlsock.RequestStruct{EncryptPath: path}
response := test_helpers.QueryCtlSock(t, sock, req)
if response.ErrNo != 0 {
t.Fatal(response)
}
return response.Result
}
// doTestExcludeTestFs runs exclude tests against the exclude_test_fs folder
func doTestExcludeTestFs(t *testing.T, flag string) {
// --exclude-wildcard patterns, gitignore syntax
patterns := []string{
"file1", // matches file1 anywhere
"!longdir1" + x240 + "/file1", // ! includes an otherwise file
"file2/", // a trailing slash matches only a directory
"dir1/file2", // matches file2 inside dir1 anywhere
"#file2", // comments are ignored
"dir2", // excludes the whole directory
"longfile2" + x240, // matches longfile2 anywhere
"/longfile3" + x240, // a leading / anchors the match at the root
"*~", // wildcards are supported
"dir1/**/exclude", // ** matches any number of directories
"file3/", // pattern with trailing slash should not match a file
}
// pVisible are plaintext paths that should be visible in the encrypted view
pVisible := []string{
"file2",
"dir1/longfile1" + x240,
"dir1/longfile3" + x240,
"longdir1" + x240,
"longdir1" + x240 + "/file1",
"longdir2" + x240 + "/file",
"longfile1" + x240,
"file3",
}
// pHidden are plaintext paths that should be hidden in the encrypted view
pHidden := []string{
"bkp1~",
"dir1/file1",
"dir1/file2",
"dir1/exclude",
"dir1/longbkp1" + x240 + "~",
"dir1/longfile2" + x240,
"dir1/subdir1/exclude",
"dir1/subdir1/subdir2/exclude",
"dir2",
"dir2/file",
"dir2/longdir1" + x240 + "/file",
"dir2/longfile." + x240,
"dir2/subdir",
"dir2/subdir/file",
"file1",
"longdir2" + x240 + "/bkp~",
"longfile2" + x240,
"longfile3" + x240,
}
// Mount reverse fs
mnt, err := ioutil.TempDir(test_helpers.TmpDir, "TestExclude")
if err != nil {
t.Fatal(err)
}
sock := mnt + ".sock"
cliArgs := []string{"-reverse", "-extpass", "echo test", "-ctlsock", sock}
for _, v := range patterns {
cliArgs = append(cliArgs, flag, v)
}
if plaintextnames {
cliArgs = append(cliArgs, "-config", "exclude_test_fs/.gocryptfs.reverse.conf.plaintextnames")
}
test_helpers.MountOrFatal(t, "exclude_test_fs", mnt, cliArgs...)
defer test_helpers.UnmountPanic(mnt)
// Get encrypted version of visible and hidden paths
cVisible := encryptExcludeTestPaths(t, sock, pVisible)
cHidden := encryptExcludeTestPaths(t, sock, pHidden)
// Check that hidden paths are not there and visible paths are there
for _, v := range cHidden {
if test_helpers.VerifyExistence(t, mnt+"/"+v) {
t.Errorf("File %q is visible, but should be hidden", v)
}
if nametransform.IsLongContent(filepath.Base(v)) {
// TODO ???
}
}
for _, v := range cVisible {
if !test_helpers.VerifyExistence(t, mnt+"/"+v) {
t.Errorf("File %q is hidden, but should be visible", v)
}
}
}
// encryptExcludeTestPaths is used by doTestExcludeTestFs() to encrypt the lists of
// testcase paths
func encryptExcludeTestPaths(t *testing.T, socket string, pRelPaths []string) (out []string) {
for _, pRelPath := range pRelPaths {
cRelPath := ctlsockEncryptPath(t, socket, pRelPath)
out = append(out, cRelPath)
if !plaintextnames && nametransform.IsLongContent(filepath.Base(cRelPath)) {
// If we exclude
// gocryptfs.longname.3vZ_r3eDPb1_fL3j5VA4rd_bcKWLKT9eaxOVIGK5HFA
// we should also exclude
// gocryptfs.longname.3vZ_r3eDPb1_fL3j5VA4rd_bcKWLKT9eaxOVIGK5HFA.name
out = append(out, cRelPath+nametransform.LongNameSuffix)
}
}
return out
}
// TestExcludeTestFs runs exclude tests against the exclude_test_fs folder.
func TestExcludeTestFs(t *testing.T) {
doTestExcludeTestFs(t, "-exclude-wildcard")
doTestExcludeTestFs(t, "-ew")
}
|
