extern/encfs
1
0
Fork 0
mirror of https://github.com/vgough/encfs.git synced 2024-11-21 23:43:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

run clang-format

Browse Source
This commit is contained in:
Valient Gough 2015-06-17 21:16:50 -07:00
parent 0b813eb50b
commit 1682f365d9
17 changed files with 162 additions and 156 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
encfs/BlockFileIO.cpp
View File

@ -67,11 +67,11 @@ ssize_t BlockFileIO::cacheReadOneBlock(const IORequest &req) const {
* in the last block of a file, which may be smaller than the blocksize. * in the last block of a file, which may be smaller than the blocksize.
* For reverse encryption, the cache must not be used at all, because * For reverse encryption, the cache must not be used at all, because
* the lower file may have changed behind our back. */ * the lower file may have changed behind our back. */
if ( (_noCache == false) && (req.offset == _cache.offset) && if ((_noCache == false) && (req.offset == _cache.offset) &&
(_cache.dataLen != 0)) { (_cache.dataLen != 0)) {
// satisfy request from cache // satisfy request from cache
int len = req.dataLen; int len = req.dataLen;
if (_cache.dataLen < len) len = _cache.dataLen; // Don't read past EOF if (_cache.dataLen < len) len = _cache.dataLen; // Don't read past EOF
memcpy(req.data, _cache.data, len); memcpy(req.data, _cache.data, len);
return len; return len;
} else { } else {

5
encfs/BlockNameIO.cpp
View File

@ -151,7 +151,7 @@ int BlockNameIO::encodeName(const char *plaintextName, int length, uint64_t *iv,
// add checksum bytes // add checksum bytes
encodedName[0] = (mac >> 8) & 0xff; encodedName[0] = (mac >> 8) & 0xff;
encodedName[1] = (mac) & 0xff; encodedName[1] = (mac)&0xff;
_cipher->blockEncode((unsigned char *)encodedName + 2, length + padding, _cipher->blockEncode((unsigned char *)encodedName + 2, length + padding,
(uint64_t)mac ^ tmpIV, _key); (uint64_t)mac ^ tmpIV, _key);
@ -184,8 +184,7 @@ int BlockNameIO::decodeName(const char *encodedName, int length, uint64_t *iv,
int decodedStreamLen = decLen256 - 2; int decodedStreamLen = decLen256 - 2;
// don't bother trying to decode files which are too small // don't bother trying to decode files which are too small
if (decodedStreamLen < _bs) if (decodedStreamLen < _bs) {
{
rDebug("Rejecting filename '%s'", encodedName); rDebug("Rejecting filename '%s'", encodedName);
throw ERROR("Filename too small to decode"); throw ERROR("Filename too small to decode");
} }

50
encfs/CipherFileIO.cpp
View File

@ -144,15 +144,12 @@ int CipherFileIO::getAttr(struct stat *stbuf) const {
// adjust size if we have a file header // adjust size if we have a file header
if ((res == 0) && haveHeader && S_ISREG(stbuf->st_mode) && if ((res == 0) && haveHeader && S_ISREG(stbuf->st_mode) &&
(stbuf->st_size > 0)) { (stbuf->st_size > 0)) {
if(!fsConfig->reverseEncryption) if (!fsConfig->reverseEncryption) {
{
/* In normal mode, the upper file (plaintext) is smaller /* In normal mode, the upper file (plaintext) is smaller
* than the backing ciphertext file */ * than the backing ciphertext file */
rAssert(stbuf->st_size >= HEADER_SIZE); rAssert(stbuf->st_size >= HEADER_SIZE);
stbuf->st_size -= HEADER_SIZE; stbuf->st_size -= HEADER_SIZE;
} } else {
else
{
/* In reverse mode, the upper file (ciphertext) is larger than /* In reverse mode, the upper file (ciphertext) is larger than
* the backing plaintext file */ * the backing plaintext file */
stbuf->st_size += HEADER_SIZE; stbuf->st_size += HEADER_SIZE;
@ -171,13 +168,10 @@ off_t CipherFileIO::getSize() const {
// No check on S_ISREG here -- don't call getSize over getAttr unless this // No check on S_ISREG here -- don't call getSize over getAttr unless this
// is a normal file! // is a normal file!
if (haveHeader && size > 0) { if (haveHeader && size > 0) {
if(!fsConfig->reverseEncryption) if (!fsConfig->reverseEncryption) {
{
rAssert(size >= HEADER_SIZE); rAssert(size >= HEADER_SIZE);
size -= HEADER_SIZE; size -= HEADER_SIZE;
} } else {
else
{
size += HEADER_SIZE; size += HEADER_SIZE;
} }
} }
@ -278,13 +272,13 @@ bool CipherFileIO::writeHeader() {
* the IV. This guarantees unpredictability and prevents watermarking * the IV. This guarantees unpredictability and prevents watermarking
* attacks. * attacks.
*/ */
void CipherFileIO::generateReverseHeader(unsigned char* headerBuf) { void CipherFileIO::generateReverseHeader(unsigned char *headerBuf) {
struct stat stbuf; struct stat stbuf;
int res = getAttr(&stbuf); int res = getAttr(&stbuf);
rAssert( res == 0 ); rAssert(res == 0);
ino_t ino = stbuf.st_ino; ino_t ino = stbuf.st_ino;
rAssert( ino != 0 ); rAssert(ino != 0);
rDebug("generating reverse file IV header from ino=%lu", (unsigned long)ino); rDebug("generating reverse file IV header from ino=%lu", (unsigned long)ino);
@ -300,7 +294,7 @@ void CipherFileIO::generateReverseHeader(unsigned char* headerBuf) {
* may lead to duplicate IVs (see readOneBlock) */ * may lead to duplicate IVs (see readOneBlock) */
unsigned char md[20]; unsigned char md[20];
SHA1(inoBuf, sizeof(ino), md); SHA1(inoBuf, sizeof(ino), md);
rAssert( HEADER_SIZE <= 20 ); rAssert(HEADER_SIZE <= 20);
memcpy(headerBuf, md, HEADER_SIZE); memcpy(headerBuf, md, HEADER_SIZE);
// Save the IV in fileIV for internal use // Save the IV in fileIV for internal use
@ -329,7 +323,7 @@ ssize_t CipherFileIO::readOneBlock(const IORequest &req) const {
// adjust offset if we have a file header // adjust offset if we have a file header
if (haveHeader && !fsConfig->reverseEncryption) { if (haveHeader && !fsConfig->reverseEncryption) {
tmpReq.offset += HEADER_SIZE; tmpReq.offset += HEADER_SIZE;
} }
readSize = base->read(tmpReq); readSize = base->read(tmpReq);
@ -464,12 +458,14 @@ ssize_t CipherFileIO::read(const IORequest &origReq) const {
/* if reverse mode is not active with uniqueIV, /* if reverse mode is not active with uniqueIV,
* the read request is handled by the base class */ * the read request is handled by the base class */
if ( !(fsConfig->reverseEncryption && haveHeader) ) { if (!(fsConfig->reverseEncryption && haveHeader)) {
rDebug("relaying request to base class: offset=%d, dataLen=%d", origReq.offset, origReq.dataLen); rDebug("relaying request to base class: offset=%d, dataLen=%d",
origReq.offset, origReq.dataLen);
return BlockFileIO::read(origReq); return BlockFileIO::read(origReq);
} }
rDebug("handling reverse unique IV read: offset=%d, dataLen=%d", origReq.offset, origReq.dataLen); rDebug("handling reverse unique IV read: offset=%d, dataLen=%d",
origReq.offset, origReq.dataLen);
// generate the file IV header // generate the file IV header
// this is needed in any case - without IV the file cannot be decoded // this is needed in any case - without IV the file cannot be decoded
@ -483,14 +479,14 @@ ssize_t CipherFileIO::read(const IORequest &origReq) const {
* plain text file. Values below zero are the header. */ * plain text file. Values below zero are the header. */
req.offset -= HEADER_SIZE; req.offset -= HEADER_SIZE;
int headerBytes = 0; // number of header bytes to add int headerBytes = 0; // number of header bytes to add
/* The request contains (a part of) the header, so we prefix that part /* The request contains (a part of) the header, so we prefix that part
* to the data. */ * to the data. */
if (req.offset < 0) { if (req.offset < 0) {
headerBytes = -req.offset; headerBytes = -req.offset;
if ( req.dataLen < headerBytes ) if (req.dataLen < headerBytes)
headerBytes = req.dataLen; // only up to the number of bytes requested headerBytes = req.dataLen; // only up to the number of bytes requested
rDebug("Adding %d header bytes", headerBytes); rDebug("Adding %d header bytes", headerBytes);
// copy the header bytes into the data // copy the header bytes into the data
@ -498,14 +494,13 @@ ssize_t CipherFileIO::read(const IORequest &origReq) const {
memcpy(req.data, &headerBuf[headerOffset], headerBytes); memcpy(req.data, &headerBuf[headerOffset], headerBytes);
// the read does not want data beyond the header // the read does not want data beyond the header
if ( headerBytes == req.dataLen) if (headerBytes == req.dataLen) return headerBytes;
return headerBytes;
/* The rest of the request will be read from the backing file. /* The rest of the request will be read from the backing file.
* As we have already generated n=headerBytes bytes, the request is * As we have already generated n=headerBytes bytes, the request is
* shifted by headerBytes */ * shifted by headerBytes */
req.offset += headerBytes; req.offset += headerBytes;
rAssert( req.offset == 0 ); rAssert(req.offset == 0);
req.data += headerBytes; req.data += headerBytes;
req.dataLen -= headerBytes; req.dataLen -= headerBytes;
} }
@ -513,10 +508,9 @@ ssize_t CipherFileIO::read(const IORequest &origReq) const {
// read the payload // read the payload
ssize_t readBytes = BlockFileIO::read(req); ssize_t readBytes = BlockFileIO::read(req);
rDebug("read %ld bytes from backing file", (long)readBytes); rDebug("read %ld bytes from backing file", (long)readBytes);
if ( readBytes < 0) if (readBytes < 0)
return readBytes; // Return error code return readBytes; // Return error code
else else {
{
ssize_t sum = headerBytes + readBytes; ssize_t sum = headerBytes + readBytes;
rDebug("returning sum=%ld", (long)sum); rDebug("returning sum=%ld", (long)sum);
return sum; return sum;

2
encfs/CipherFileIO.h
View File

@ -57,7 +57,7 @@ class CipherFileIO : public BlockFileIO {
private: private:
virtual ssize_t readOneBlock(const IORequest &req) const; virtual ssize_t readOneBlock(const IORequest &req) const;
virtual bool writeOneBlock(const IORequest &req); virtual bool writeOneBlock(const IORequest &req);
virtual void generateReverseHeader(unsigned char* data); virtual void generateReverseHeader(unsigned char *data);
void initHeader(); void initHeader();
bool writeHeader(); bool writeHeader();

3
encfs/DirNode.cpp
View File

@ -311,7 +311,8 @@ string DirNode::plainPath(const char *cipherPath_) {
prefix = "+"; prefix = "+";
} }
if (cipherPath_[0] == mark) { if (cipherPath_[0] == mark) {
return prefix + naming->decodeName(cipherPath_ + 1, strlen(cipherPath_ + 1)); return prefix +
naming->decodeName(cipherPath_ + 1, strlen(cipherPath_ + 1));
} }
// Default. // Default.

3
encfs/FSConfig.h
View File

@ -122,7 +122,8 @@ struct FSConfig {
bool idleTracking; // turn on idle monitoring of filesystem bool idleTracking; // turn on idle monitoring of filesystem
FSConfig() : forceDecode(false), reverseEncryption(false), idleTracking(false) {} FSConfig()
: forceDecode(false), reverseEncryption(false), idleTracking(false) {}
}; };
typedef shared_ptr<FSConfig> FSConfigPtr; typedef shared_ptr<FSConfig> FSConfigPtr;

161
encfs/FileUtils.cpp
View File

@ -66,7 +66,6 @@
#include "i18n.h" #include "i18n.h"
// disable rlog section grouping for this file.. seems to cause problems // disable rlog section grouping for this file.. seems to cause problems
#undef RLOG_SECTION #undef RLOG_SECTION
#define RLOG_SECTION #define RLOG_SECTION
@ -296,8 +295,9 @@ bool userAllowMkdir(int promptno, const char *path, mode_t mode) {
// their own language but then have to respond 'y' or 'n'. // their own language but then have to respond 'y' or 'n'.
// xgroup(setup) // xgroup(setup)
cerr << autosprintf( cerr << autosprintf(
_("The directory \"%s\" does not exist. Should it be created? " _("The directory \"%s\" does not exist. Should it be created? "
"(y,n) "), path); "(y,n) "),
path);
char answer[10]; char answer[10];
char *res; char *res;
@ -338,8 +338,7 @@ ConfigType readConfig_load(ConfigInfo *nm, const char *path,
config->cfgType = nm->type; config->cfgType = nm->type;
return nm->type; return nm->type;
} }
} } catch (rlog::Error &err) {
catch (rlog::Error &err) {
err.log(_RLWarningChannel); err.log(_RLWarningChannel);
} }
@ -364,8 +363,10 @@ ConfigType readConfig(const string &rootDir,
if (nm->environmentOverride != NULL) { if (nm->environmentOverride != NULL) {
char *envFile = getenv(nm->environmentOverride); char *envFile = getenv(nm->environmentOverride);
if (envFile != NULL) { if (envFile != NULL) {
if (! fileExists(envFile)) { if (!fileExists(envFile)) {
rError("fatal: config file specified by environment does not exist: %s", envFile); rError(
"fatal: config file specified by environment does not exist: %s",
envFile);
exit(1); exit(1);
} }
return readConfig_load(nm, envFile, config); return readConfig_load(nm, envFile, config);
@ -397,8 +398,7 @@ bool readV6Config(const char *configFile, const shared_ptr<EncFSConfig> &config,
ia >> BOOST_SERIALIZATION_NVP(*config); ia >> BOOST_SERIALIZATION_NVP(*config);
return true; return true;
} } catch (boost::archive::archive_exception &e) {
catch (boost::archive::archive_exception &e) {
rError("Archive exception: %s", e.what()); rError("Archive exception: %s", e.what());
return false; return false;
} }
@ -453,8 +453,7 @@ bool readV5Config(const char *configFile, const shared_ptr<EncFSConfig> &config,
config->blockMACRandBytes = cfgRdr["blockMACRandBytes"].readInt(0); config->blockMACRandBytes = cfgRdr["blockMACRandBytes"].readInt(0);
ok = true; ok = true;
} } catch (rlog::Error &err) {
catch (rlog::Error &err) {
err.log(_RLWarningChannel); err.log(_RLWarningChannel);
rDebug("Error parsing data in config file %s", configFile); rDebug("Error parsing data in config file %s", configFile);
ok = false; ok = false;
@ -494,8 +493,7 @@ bool readV4Config(const char *configFile, const shared_ptr<EncFSConfig> &config,
config->chainedNameIV = false; config->chainedNameIV = false;
ok = true; ok = true;
} } catch (rlog::Error &err) {
catch (rlog::Error &err) {
err.log(_RLWarningChannel); err.log(_RLWarningChannel);
rDebug("Error parsing config file %s", configFile); rDebug("Error parsing config file %s", configFile);
ok = false; ok = false;
@ -521,8 +519,7 @@ bool saveConfig(ConfigType type, const string &rootDir,
try { try {
ok = (*nm->saveFunc)(path.c_str(), config); ok = (*nm->saveFunc)(path.c_str(), config);
} } catch (rlog::Error &err) {
catch (rlog::Error &err) {
err.log(_RLWarningChannel); err.log(_RLWarningChannel);
ok = false; ok = false;
} }
@ -667,7 +664,8 @@ static Cipher::CipherAlgorithm selectCipherAlgorithm() {
Cipher::CipherAlgorithm alg = *it; Cipher::CipherAlgorithm alg = *it;
// xgroup(setup) // xgroup(setup)
cout << autosprintf(_("Selected algorithm \"%s\""), alg.name.c_str()) << "\n\n"; cout << autosprintf(_("Selected algorithm \"%s\""), alg.name.c_str())
<< "\n\n";
return alg; return alg;
} }
@ -707,7 +705,8 @@ static Interface selectNameCoding() {
++it; ++it;
// xgroup(setup) // xgroup(setup)
cout << autosprintf(_("Selected algorithm \"%s\""), it->name.c_str()) << "\"\n\n"; cout << autosprintf(_("Selected algorithm \"%s\""), it->name.c_str())
<< "\"\n\n";
return it->iface; return it->iface;
} }
@ -779,12 +778,12 @@ static int selectBlockSize(const Cipher::CipherAlgorithm &alg) {
} }
cout << autosprintf( cout << autosprintf(
// xgroup(setup) // xgroup(setup)
_("Select a block size in bytes. The cipher you have chosen\n" _("Select a block size in bytes. The cipher you have chosen\n"
"supports sizes from %i to %i bytes in increments of %i.\n" "supports sizes from %i to %i bytes in increments of %i.\n"
"Or just hit enter for the default (%i bytes)\n"), "Or just hit enter for the default (%i bytes)\n"),
alg.blockSize.min(), alg.blockSize.max(), alg.blockSize.inc(), alg.blockSize.min(), alg.blockSize.max(), alg.blockSize.inc(),
DefaultBlockSize); DefaultBlockSize);
// xgroup(setup) // xgroup(setup)
cout << "\n" << _("filesystem block size: "); cout << "\n" << _("filesystem block size: ");
@ -824,7 +823,7 @@ static bool boolDefault(const char *prompt, bool defaultValue) {
string response; string response;
bool value; bool value;
while(true) { while (true) {
cout << yesno; cout << yesno;
getline(cin, response); getline(cin, response);
@ -867,7 +866,8 @@ static void selectBlockMAC(int *macBytes, int *macRandBytes, bool forceMac) {
"within a block will be caught and will cause a read error.")); "within a block will be caught and will cause a read error."));
} else { } else {
cout << "\n\n" << _("You specified --require-macs. " cout << "\n\n" << _("You specified --require-macs. "
"Enabling block authentication code headers...") << "\n\n"; "Enabling block authentication code headers...")
<< "\n\n";
addMAC = true; addMAC = true;
} }
@ -877,13 +877,14 @@ static void selectBlockMAC(int *macBytes, int *macRandBytes, bool forceMac) {
*macBytes = 0; *macBytes = 0;
// xgroup(setup) // xgroup(setup)
cout << _("Add random bytes to each block header?\n" cout << _(
"This adds a performance penalty, but ensures that blocks\n" "Add random bytes to each block header?\n"
"have different authentication codes. Note that you can\n" "This adds a performance penalty, but ensures that blocks\n"
"have the same benefits by enabling per-file initialization\n" "have different authentication codes. Note that you can\n"
"vectors, which does not come with as great of performance\n" "have the same benefits by enabling per-file initialization\n"
"penalty. \n" "vectors, which does not come with as great of performance\n"
"Select a number of bytes, from 0 (no random bytes) to 8: "); "penalty. \n"
"Select a number of bytes, from 0 (no random bytes) to 8: ");
char answer[10]; char answer[10];
int randSize = 0; int randSize = 0;
@ -906,7 +907,8 @@ static bool selectUniqueIV(bool default_answer) {
_("Enable per-file initialization vectors?\n" _("Enable per-file initialization vectors?\n"
"This adds about 8 bytes per file to the storage requirements.\n" "This adds about 8 bytes per file to the storage requirements.\n"
"It should not affect performance except possibly with applications\n" "It should not affect performance except possibly with applications\n"
"which rely on block-aligned file io for performance."), default_answer); "which rely on block-aligned file io for performance."),
default_answer);
} }
/** /**
@ -964,11 +966,12 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
char answer[10] = {0}; char answer[10] = {0};
if (configMode == Config_Prompt) { if (configMode == Config_Prompt) {
// xgroup(setup) // xgroup(setup)
cout << _("Please choose from one of the following options:\n" cout << _(
" enter \"x\" for expert configuration mode,\n" "Please choose from one of the following options:\n"
" enter \"p\" for pre-configured paranoia mode,\n" " enter \"x\" for expert configuration mode,\n"
" anything else, or an empty line will select standard mode.\n" " enter \"p\" for pre-configured paranoia mode,\n"
"?> "); " anything else, or an empty line will select standard mode.\n"
"?> ");
if (annotate) cerr << "$PROMPT$ config_option" << endl; if (annotate) cerr << "$PROMPT$ config_option" << endl;
@ -977,17 +980,17 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
cout << "\n"; cout << "\n";
} }
// documented in ... // documented in ...
int keySize = 0; // selectKeySize() int keySize = 0; // selectKeySize()
int blockSize = 0; // selectBlockSize() int blockSize = 0; // selectBlockSize()
Cipher::CipherAlgorithm alg; // selectCipherAlgorithm() Cipher::CipherAlgorithm alg; // selectCipherAlgorithm()
Interface nameIOIface; // selectNameCoding() Interface nameIOIface; // selectNameCoding()
int blockMACBytes = 0; // selectBlockMAC() int blockMACBytes = 0; // selectBlockMAC()
int blockMACRandBytes = 0; // selectBlockMAC() int blockMACRandBytes = 0; // selectBlockMAC()
bool uniqueIV = true; // selectUniqueIV() bool uniqueIV = true; // selectUniqueIV()
bool chainedIV = true; // selectChainedIV() bool chainedIV = true; // selectChainedIV()
bool externalIV = false; // selectExternalChainedIV() bool externalIV = false; // selectExternalChainedIV()
bool allowHoles = true; // selectZeroBlockPassThrough() bool allowHoles = true; // selectZeroBlockPassThrough()
long desiredKDFDuration = NormalKDFDuration; long desiredKDFDuration = NormalKDFDuration;
if (reverseEncryption) { if (reverseEncryption) {
@ -1037,9 +1040,10 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
if (answer[0] == 'x' || alg.name.empty()) { if (answer[0] == 'x' || alg.name.empty()) {
if (answer[0] != 'x') { if (answer[0] != 'x') {
// xgroup(setup) // xgroup(setup)
cout << _("Sorry, unable to locate cipher for predefined " cout << _(
"configuration...\n" "Sorry, unable to locate cipher for predefined "
"Falling through to Manual configuration mode."); "configuration...\n"
"Falling through to Manual configuration mode.");
} else { } else {
// xgroup(setup) // xgroup(setup)
cout << _("Manual configuration mode selected."); cout << _("Manual configuration mode selected.");
@ -1057,8 +1061,7 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
/* Reverse mounts are read-only by default (set in main.cpp). /* Reverse mounts are read-only by default (set in main.cpp).
* If uniqueIV is off, writing can be allowed, because there * If uniqueIV is off, writing can be allowed, because there
* is no header that could be overwritten */ * is no header that could be overwritten */
if (uniqueIV == false) if (uniqueIV == false) opts->readOnly = false;
opts->readOnly = false;
} else { } else {
chainedIV = selectChainedIV(); chainedIV = selectChainedIV();
uniqueIV = selectUniqueIV(true); uniqueIV = selectUniqueIV(true);
@ -1125,10 +1128,11 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
} }
// xgroup(setup) // xgroup(setup)
cout << _("Now you will need to enter a password for your filesystem.\n" cout << _(
"You will need to remember this password, as there is absolutely\n" "Now you will need to enter a password for your filesystem.\n"
"no recovery mechanism. However, the password can be changed\n" "You will need to remember this password, as there is absolutely\n"
"later using encfsctl.\n\n"); "no recovery mechanism. However, the password can be changed\n"
"later using encfsctl.\n\n");
int encodedKeySize = cipher->encodedKeySize(); int encodedKeySize = cipher->encodedKeySize();
unsigned char *encodedKey = new unsigned char[encodedKeySize]; unsigned char *encodedKey = new unsigned char[encodedKeySize];
@ -1196,11 +1200,10 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
shared_ptr<Cipher> cipher = Cipher::New(config->cipherIface, -1); shared_ptr<Cipher> cipher = Cipher::New(config->cipherIface, -1);
{ {
cout << autosprintf( cout << autosprintf(
// xgroup(diag) // xgroup(diag)
_("Filesystem cipher: \"%s\", version %i:%i:%i"), _("Filesystem cipher: \"%s\", version %i:%i:%i"),
config->cipherIface.name().c_str(), config->cipherIface.name().c_str(), config->cipherIface.current(),
config->cipherIface.current(), config->cipherIface.revision(), config->cipherIface.revision(), config->cipherIface.age());
config->cipherIface.age());
// check if we support this interface.. // check if we support this interface..
if (!cipher) if (!cipher)
cout << _(" (NOT supported)\n"); cout << _(" (NOT supported)\n");
@ -1210,7 +1213,7 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
Interface iface = cipher->interface(); Interface iface = cipher->interface();
// xgroup(diag) // xgroup(diag)
cout << autosprintf(_(" (using %i:%i:%i)\n"), iface.current(), cout << autosprintf(_(" (using %i:%i:%i)\n"), iface.current(),
iface.revision(), iface.age()); iface.revision(), iface.age());
} else } else
cout << "\n"; cout << "\n";
} }
@ -1218,8 +1221,9 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
{ {
// xgroup(diag) // xgroup(diag)
cout << autosprintf(_("Filename encoding: \"%s\", version %i:%i:%i"), cout << autosprintf(_("Filename encoding: \"%s\", version %i:%i:%i"),
config->nameIface.name().c_str(), config->nameIface.current(), config->nameIface.name().c_str(),
config->nameIface.revision(), config->nameIface.age()); config->nameIface.current(),
config->nameIface.revision(), config->nameIface.age());
// check if we support the filename encoding interface.. // check if we support the filename encoding interface..
shared_ptr<NameIO> nameCoder = shared_ptr<NameIO> nameCoder =
@ -1232,7 +1236,7 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
if (config->nameIface != nameCoder->interface()) { if (config->nameIface != nameCoder->interface()) {
Interface iface = nameCoder->interface(); Interface iface = nameCoder->interface();
cout << autosprintf(_(" (using %i:%i:%i)\n"), iface.current(), cout << autosprintf(_(" (using %i:%i:%i)\n"), iface.current(),
iface.revision(), iface.age()); iface.revision(), iface.age());
} else } else
cout << "\n"; cout << "\n";
} }
@ -1248,8 +1252,9 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
} }
if (config->kdfIterations > 0 && config->salt.size() > 0) { if (config->kdfIterations > 0 && config->salt.size() > 0) {
cout << autosprintf(_("Using PBKDF2, with %i iterations"), cout << autosprintf(_("Using PBKDF2, with %i iterations"),
config->kdfIterations) << "\n"; config->kdfIterations) << "\n";
cout << autosprintf(_("Salt Size: %i bits"), (int)(8 * config->salt.size())) << "\n"; cout << autosprintf(_("Salt Size: %i bits"), (int)(8 * config->salt.size()))
<< "\n";
} }
if (config->blockMACBytes || config->blockMACRandBytes) { if (config->blockMACBytes || config->blockMACRandBytes) {
if (config->subVersion < 20040813) { if (config->subVersion < 20040813) {
@ -1448,7 +1453,7 @@ CipherKey EncFSConfig::getUserKey(const std::string &passProg,
snprintf(tmpBuf, sizeof(tmpBuf) - 1, "%i", stdErrCopy); snprintf(tmpBuf, sizeof(tmpBuf) - 1, "%i", stdErrCopy);
setenv(ENCFS_ENV_STDERR, tmpBuf, 1); setenv(ENCFS_ENV_STDERR, tmpBuf, 1);
execvp(argv[0], (char * const *)argv); // returns only on error.. execvp(argv[0], (char *const *)argv); // returns only on error..
perror(_("Internal error: failed to exec program")); perror(_("Internal error: failed to exec program"));
exit(1); exit(1);
@ -1502,17 +1507,16 @@ RootPtr initFS(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
if (readConfig(opts->rootDir, config) != Config_None) { if (readConfig(opts->rootDir, config) != Config_None) {
if (config->blockMACBytes == 0 && opts->requireMac) { if (config->blockMACBytes == 0 && opts->requireMac) {
cout cout << _(
<< _("The configuration disabled MAC, but you passed --require-macs\n"); "The configuration disabled MAC, but you passed --require-macs\n");
return rootInfo; return rootInfo;
} }
if (opts->reverseEncryption) { if (opts->reverseEncryption) {
if (config->blockMACBytes != 0 || config->blockMACRandBytes != 0 || if (config->blockMACBytes != 0 || config->blockMACRandBytes != 0 ||
config->externalIVChaining || config->externalIVChaining || config->chainedNameIV) {
config->chainedNameIV) { cout << _(
cout "The configuration loaded is not compatible with --reverse\n");
<< _("The configuration loaded is not compatible with --reverse\n");
return rootInfo; return rootInfo;
} }
} }
@ -1566,8 +1570,9 @@ RootPtr initFS(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
config->nameIface.name().c_str(), config->nameIface.current(), config->nameIface.name().c_str(), config->nameIface.current(),
config->nameIface.revision(), config->nameIface.age()); config->nameIface.revision(), config->nameIface.age());
// xgroup(diag) // xgroup(diag)
cout << _("The requested filename coding interface is " cout << _(
"not available\n"); "The requested filename coding interface is "
"not available\n");
return rootInfo; return rootInfo;
} }

4
encfs/FileUtils.h
View File

@ -86,9 +86,9 @@ struct EncFS_Opts {
* behind the back of EncFS (for example, in reverse mode). * behind the back of EncFS (for example, in reverse mode).
* See main.cpp for a longer explaination. */ * See main.cpp for a longer explaination. */
bool readOnly; // Mount read-only bool readOnly; // Mount read-only
bool requireMac; // Throw an error if MAC is disabled bool requireMac; // Throw an error if MAC is disabled
ConfigMode configMode; ConfigMode configMode;

10
encfs/SSL_Cipher.cpp
View File

@ -49,7 +49,7 @@ using namespace rel;
using namespace rlog; using namespace rlog;
const int MAX_KEYLENGTH = 32; // in bytes (256 bit) const int MAX_KEYLENGTH = 32; // in bytes (256 bit)
const int MAX_IVLENGTH = 16; // 128 bit (AES block size, Blowfish has 64) const int MAX_IVLENGTH = 16; // 128 bit (AES block size, Blowfish has 64)
const int KEY_CHECKSUM_BYTES = 4; const int KEY_CHECKSUM_BYTES = 4;
#ifndef MIN #ifndef MIN
@ -674,21 +674,21 @@ void SSL_Cipher::setIVec_old(unsigned char *ivec, unsigned int seed,
ivec[0] ^= (var1 >> 24) & 0xff; ivec[0] ^= (var1 >> 24) & 0xff;
ivec[1] ^= (var2 >> 16) & 0xff; ivec[1] ^= (var2 >> 16) & 0xff;
ivec[2] ^= (var1 >> 8) & 0xff; ivec[2] ^= (var1 >> 8) & 0xff;
ivec[3] ^= (var2) & 0xff; ivec[3] ^= (var2)&0xff;
ivec[4] ^= (var2 >> 24) & 0xff; ivec[4] ^= (var2 >> 24) & 0xff;
ivec[5] ^= (var1 >> 16) & 0xff; ivec[5] ^= (var1 >> 16) & 0xff;
ivec[6] ^= (var2 >> 8) & 0xff; ivec[6] ^= (var2 >> 8) & 0xff;
ivec[7] ^= (var1) & 0xff; ivec[7] ^= (var1)&0xff;
if (_ivLength > 8) { if (_ivLength > 8) {
ivec[8 + 0] ^= (var1) & 0xff; ivec[8 + 0] ^= (var1)&0xff;
ivec[8 + 1] ^= (var2 >> 8) & 0xff; ivec[8 + 1] ^= (var2 >> 8) & 0xff;
ivec[8 + 2] ^= (var1 >> 16) & 0xff; ivec[8 + 2] ^= (var1 >> 16) & 0xff;
ivec[8 + 3] ^= (var2 >> 24) & 0xff; ivec[8 + 3] ^= (var2 >> 24) & 0xff;
ivec[8 + 4] ^= (var1 >> 24) & 0xff; ivec[8 + 4] ^= (var1 >> 24) & 0xff;
ivec[8 + 5] ^= (var2 >> 16) & 0xff; ivec[8 + 5] ^= (var2 >> 16) & 0xff;
ivec[8 + 6] ^= (var1 >> 8) & 0xff; ivec[8 + 6] ^= (var1 >> 8) & 0xff;
ivec[8 + 7] ^= (var2) & 0xff; ivec[8 + 7] ^= (var2)&0xff;
} }
} }

4
encfs/StreamNameIO.cpp
View File

@ -101,12 +101,12 @@ int StreamNameIO::encodeName(const char *plaintextName, int length,
if (_interface >= 1) { if (_interface >= 1) {
// current versions store the checksum at the beginning // current versions store the checksum at the beginning
encodedName[0] = (mac >> 8) & 0xff; encodedName[0] = (mac >> 8) & 0xff;
encodedName[1] = (mac) & 0xff; encodedName[1] = (mac)&0xff;
encodeBegin = (unsigned char *)encodedName + 2; encodeBegin = (unsigned char *)encodedName + 2;
} else { } else {
// encfs 0.x stored checksums at the end. // encfs 0.x stored checksums at the end.
encodedName[length] = (mac >> 8) & 0xff; encodedName[length] = (mac >> 8) & 0xff;
encodedName[length + 1] = (mac) & 0xff; encodedName[length + 1] = (mac)&0xff;
encodeBegin = (unsigned char *)encodedName; encodeBegin = (unsigned char *)encodedName;
} }

2
encfs/autosprintf.h
View File

@ -42,7 +42,7 @@ class autosprintf {
public: public:
/* Constructor: takes a format string and the printf arguments. */ /* Constructor: takes a format string and the printf arguments. */
autosprintf(const char* format, ...) autosprintf(const char* format, ...)
__attribute__((__format__(__printf__, 2, 3))); __attribute__((__format__(__printf__, 2, 3)));
/* Copy constructor. */ /* Copy constructor. */
autosprintf(const autosprintf& src); autosprintf(const autosprintf& src);
/* Destructor: frees the temporarily allocated string. */ /* Destructor: frees the temporarily allocated string. */

2
encfs/boost-versioning.h
View File

@ -62,7 +62,7 @@ class iserializer<Archive, EncFSConfig> : public basic_iserializer {
virtual bool is_polymorphic() const { virtual bool is_polymorphic() const {
return boost::is_polymorphic<EncFSConfig>::value; return boost::is_polymorphic<EncFSConfig>::value;
} }
virtual ~iserializer() {}; virtual ~iserializer(){};
}; };
template <class Archive> template <class Archive>

3
encfs/encfs.cpp
View File

@ -76,8 +76,7 @@ static EncFS_Context *context() {
* if the argument is NULL. * if the argument is NULL.
*/ */
static bool isReadOnly(EncFS_Context *ctx) { static bool isReadOnly(EncFS_Context *ctx) {
if (ctx == NULL) if (ctx == NULL) ctx = (EncFS_Context *)fuse_get_context()->private_data;
ctx = (EncFS_Context *)fuse_get_context()->private_data;
return ctx->opts->readOnly; return ctx->opts->readOnly;
} }

5
encfs/encfsctl.cpp
View File

@ -453,7 +453,7 @@ static int copyContents(const shared_ptr<EncFS_Root> &rootInfo,
return EXIT_FAILURE; return EXIT_FAILURE;
} }
if (symlink(rootInfo->root->plainPath(linkContents).c_str(), if (symlink(rootInfo->root->plainPath(linkContents).c_str(),
targetName) != 0) { targetName) != 0) {
cerr << "unable to create symlink " << targetName << "\n"; cerr << "unable to create symlink " << targetName << "\n";
return EXIT_FAILURE; return EXIT_FAILURE;
} }
@ -592,7 +592,8 @@ static int cmd_showcruft(int argc, char **argv) {
int filesFound = showcruft(rootInfo, "/"); int filesFound = showcruft(rootInfo, "/");
// TODO: the singular version should say "Found an invalid file", but all the translations // TODO: the singular version should say "Found an invalid file", but all the
// translations
// depend upon this broken singular form, so it isn't easy to change. // depend upon this broken singular form, so it isn't easy to change.
cerr << autosprintf(ngettext("Found %i invalid file.", cerr << autosprintf(ngettext("Found %i invalid file.",
"Found %i invalid files.", filesFound), "Found %i invalid files.", filesFound),

33
encfs/main.cpp
View File

@ -60,7 +60,7 @@ extern "C" void fuse_unmount_compat22(const char *mountpoint);
/* Arbitrary identifiers for long options that do /* Arbitrary identifiers for long options that do
* not have a short version */ * not have a short version */
#define LONG_OPT_ANNOTATE 513 #define LONG_OPT_ANNOTATE 513
#define LONG_OPT_NOCACHE 514 #define LONG_OPT_NOCACHE 514
#define LONG_OPT_REQUIRE_MAC 515 #define LONG_OPT_REQUIRE_MAC 515
using namespace std; using namespace std;
@ -223,15 +223,16 @@ static bool processArgs(int argc, char *argv[],
{"public", 0, 0, 'P'}, // public mode {"public", 0, 0, 'P'}, // public mode
{"extpass", 1, 0, 'p'}, // external password program {"extpass", 1, 0, 'p'}, // external password program
// {"single-thread", 0, 0, 's'}, // single-threaded mode // {"single-thread", 0, 0, 's'}, // single-threaded mode
{"stdinpass", 0, 0, 'S'}, // read password from stdin {"stdinpass", 0, 0, 'S'}, // read password from stdin
{"annotate", 0, 0, LONG_OPT_ANNOTATE}, // Print annotation lines to stderr {"annotate", 0, 0,
{"nocache", 0, 0, LONG_OPT_NOCACHE}, // disable caching LONG_OPT_ANNOTATE}, // Print annotation lines to stderr
{"verbose", 0, 0, 'v'}, // verbose mode {"nocache", 0, 0, LONG_OPT_NOCACHE}, // disable caching
{"version", 0, 0, 'V'}, // version {"verbose", 0, 0, 'v'}, // verbose mode
{"reverse", 0, 0, 'r'}, // reverse encryption {"version", 0, 0, 'V'}, // version
{"standard", 0, 0, '1'}, // standard configuration {"reverse", 0, 0, 'r'}, // reverse encryption
{"paranoia", 0, 0, '2'}, // standard configuration {"standard", 0, 0, '1'}, // standard configuration
{"require-macs", 0, 0, LONG_OPT_REQUIRE_MAC}, // require MACs {"paranoia", 0, 0, '2'}, // standard configuration
{"require-macs", 0, 0, LONG_OPT_REQUIRE_MAC}, // require MACs
{0, 0, 0, 0}}; {0, 0, 0, 0}};
while (1) { while (1) {
@ -309,7 +310,7 @@ static bool processArgs(int argc, char *argv[],
* However, disabling the caches causes a factor 3 * However, disabling the caches causes a factor 3
* slowdown. If you are concerned about inconsistencies, * slowdown. If you are concerned about inconsistencies,
* please use --nocache. */ * please use --nocache. */
break; break;
case LONG_OPT_NOCACHE: case LONG_OPT_NOCACHE:
/* Disable EncFS block cache /* Disable EncFS block cache
* Causes reverse grow tests to fail because short reads * Causes reverse grow tests to fail because short reads
@ -404,8 +405,8 @@ static bool processArgs(int argc, char *argv[],
// "default_permissions" comes with a performance cost. Only enable // "default_permissions" comes with a performance cost. Only enable
// it if makes sense. // it if makes sense.
for(int i=0; i < out->fuseArgc; i++) { for (int i = 0; i < out->fuseArgc; i++) {
if ( out->fuseArgv[i] == NULL ) { if (out->fuseArgv[i] == NULL) {
continue; continue;
} else if (strcmp(out->fuseArgv[i], "allow_other") == 0) { } else if (strcmp(out->fuseArgv[i], "allow_other") == 0) {
PUSHARG("-o"); PUSHARG("-o");
@ -415,7 +416,8 @@ static bool processArgs(int argc, char *argv[],
} }
#if defined(__APPLE__) #if defined(__APPLE__)
// With OSXFuse, the 'local' flag selects a local filesystem mount icon in Finder. // With OSXFuse, the 'local' flag selects a local filesystem mount icon in
// Finder.
PUSHARG("-o"); PUSHARG("-o");
PUSHARG("local"); PUSHARG("local");
#endif #endif
@ -700,7 +702,8 @@ int main(int argc, char *argv[]) {
// xgroup(usage) // xgroup(usage)
fputs(_("fuse failed. Common problems:\n" fputs(_("fuse failed. Common problems:\n"
" - fuse kernel module not installed (modprobe fuse)\n" " - fuse kernel module not installed (modprobe fuse)\n"
" - invalid options -- see usage message\n"), out); " - invalid options -- see usage message\n"),
out);
fclose(out); fclose(out);
} }
} catch (std::exception &ex) { } catch (std::exception &ex) {

18
encfs/readpassphrase.h
View File

@ -1,4 +1,5 @@
/* $OpenBSD: readpassphrase.h,v 1.1 2000/11/21 00:48:38 millert Exp $ */ /* $OpenBSD: readpassphrase.h,v 1.1 2000/11/21 00:48:38 millert Exp $
*/
/* /*
* Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com> * Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
@ -35,17 +36,18 @@
#ifndef HAVE_READPASSPHRASE #ifndef HAVE_READPASSPHRASE
#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */ #define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */
#define RPP_ECHO_ON 0x01 /* Leave echo on. */ #define RPP_ECHO_ON 0x01 /* Leave echo on. */
#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */ #define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */
#define RPP_FORCELOWER 0x04 /* Force input to lower case. */ #define RPP_FORCELOWER 0x04 /* Force input to lower case. */
#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */ #define RPP_FORCEUPPER 0x08 /* Force input to upper case. */
#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */ #define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" extern "C"
#endif #endif
char *readpassphrase(const char *prompt, char *buf, size_t bufSize, int flags); char *
readpassphrase(const char *prompt, char *buf, size_t bufSize, int flags);
#endif /* HAVE_READPASSPHRASE */ #endif /* HAVE_READPASSPHRASE */

7
encfs/test.cpp
View File

@ -363,7 +363,8 @@ bool runTests(const shared_ptr<Cipher> &cipher, bool verbose) {
static bool testCipherSize(const string &name, int keySize, int blockSize, static bool testCipherSize(const string &name, int keySize, int blockSize,
bool verbose) { bool verbose) {
cerr << name << ", key length " << keySize << ", block size " << blockSize << ": "; cerr << name << ", key length " << keySize << ", block size " << blockSize
<< ": ";
shared_ptr<Cipher> cipher = Cipher::New(name, keySize); shared_ptr<Cipher> cipher = Cipher::New(name, keySize);
if (!cipher) { if (!cipher) {
@ -429,8 +430,8 @@ int main(int argc, char *argv[]) {
if (!testCipherSize(it->name, keySize, blockSize, false)) { if (!testCipherSize(it->name, keySize, blockSize, false)) {
// Run again in verbose mode, then exit with error. // Run again in verbose mode, then exit with error.
if (testCipherSize(it->name, keySize, blockSize, true)) { if (testCipherSize(it->name, keySize, blockSize, true)) {
cerr << "Inconsistent test results!\n"; cerr << "Inconsistent test results!\n";
} }
return 1; return 1;
} }
} }