mirror of
https://github.com/vgough/encfs.git
synced 2024-11-24 17:03:13 +01:00
run clang-format
This commit is contained in:
parent
0b813eb50b
commit
1682f365d9
@ -67,11 +67,11 @@ ssize_t BlockFileIO::cacheReadOneBlock(const IORequest &req) const {
|
||||
* in the last block of a file, which may be smaller than the blocksize.
|
||||
* For reverse encryption, the cache must not be used at all, because
|
||||
* the lower file may have changed behind our back. */
|
||||
if ( (_noCache == false) && (req.offset == _cache.offset) &&
|
||||
(_cache.dataLen != 0)) {
|
||||
if ((_noCache == false) && (req.offset == _cache.offset) &&
|
||||
(_cache.dataLen != 0)) {
|
||||
// satisfy request from cache
|
||||
int len = req.dataLen;
|
||||
if (_cache.dataLen < len) len = _cache.dataLen; // Don't read past EOF
|
||||
if (_cache.dataLen < len) len = _cache.dataLen; // Don't read past EOF
|
||||
memcpy(req.data, _cache.data, len);
|
||||
return len;
|
||||
} else {
|
||||
|
@ -151,7 +151,7 @@ int BlockNameIO::encodeName(const char *plaintextName, int length, uint64_t *iv,
|
||||
|
||||
// add checksum bytes
|
||||
encodedName[0] = (mac >> 8) & 0xff;
|
||||
encodedName[1] = (mac) & 0xff;
|
||||
encodedName[1] = (mac)&0xff;
|
||||
|
||||
_cipher->blockEncode((unsigned char *)encodedName + 2, length + padding,
|
||||
(uint64_t)mac ^ tmpIV, _key);
|
||||
@ -184,8 +184,7 @@ int BlockNameIO::decodeName(const char *encodedName, int length, uint64_t *iv,
|
||||
int decodedStreamLen = decLen256 - 2;
|
||||
|
||||
// don't bother trying to decode files which are too small
|
||||
if (decodedStreamLen < _bs)
|
||||
{
|
||||
if (decodedStreamLen < _bs) {
|
||||
rDebug("Rejecting filename '%s'", encodedName);
|
||||
throw ERROR("Filename too small to decode");
|
||||
}
|
||||
|
@ -144,15 +144,12 @@ int CipherFileIO::getAttr(struct stat *stbuf) const {
|
||||
// adjust size if we have a file header
|
||||
if ((res == 0) && haveHeader && S_ISREG(stbuf->st_mode) &&
|
||||
(stbuf->st_size > 0)) {
|
||||
if(!fsConfig->reverseEncryption)
|
||||
{
|
||||
if (!fsConfig->reverseEncryption) {
|
||||
/* In normal mode, the upper file (plaintext) is smaller
|
||||
* than the backing ciphertext file */
|
||||
rAssert(stbuf->st_size >= HEADER_SIZE);
|
||||
stbuf->st_size -= HEADER_SIZE;
|
||||
}
|
||||
else
|
||||
{
|
||||
} else {
|
||||
/* In reverse mode, the upper file (ciphertext) is larger than
|
||||
* the backing plaintext file */
|
||||
stbuf->st_size += HEADER_SIZE;
|
||||
@ -171,13 +168,10 @@ off_t CipherFileIO::getSize() const {
|
||||
// No check on S_ISREG here -- don't call getSize over getAttr unless this
|
||||
// is a normal file!
|
||||
if (haveHeader && size > 0) {
|
||||
if(!fsConfig->reverseEncryption)
|
||||
{
|
||||
if (!fsConfig->reverseEncryption) {
|
||||
rAssert(size >= HEADER_SIZE);
|
||||
size -= HEADER_SIZE;
|
||||
}
|
||||
else
|
||||
{
|
||||
} else {
|
||||
size += HEADER_SIZE;
|
||||
}
|
||||
}
|
||||
@ -278,13 +272,13 @@ bool CipherFileIO::writeHeader() {
|
||||
* the IV. This guarantees unpredictability and prevents watermarking
|
||||
* attacks.
|
||||
*/
|
||||
void CipherFileIO::generateReverseHeader(unsigned char* headerBuf) {
|
||||
void CipherFileIO::generateReverseHeader(unsigned char *headerBuf) {
|
||||
|
||||
struct stat stbuf;
|
||||
int res = getAttr(&stbuf);
|
||||
rAssert( res == 0 );
|
||||
rAssert(res == 0);
|
||||
ino_t ino = stbuf.st_ino;
|
||||
rAssert( ino != 0 );
|
||||
rAssert(ino != 0);
|
||||
|
||||
rDebug("generating reverse file IV header from ino=%lu", (unsigned long)ino);
|
||||
|
||||
@ -300,7 +294,7 @@ void CipherFileIO::generateReverseHeader(unsigned char* headerBuf) {
|
||||
* may lead to duplicate IVs (see readOneBlock) */
|
||||
unsigned char md[20];
|
||||
SHA1(inoBuf, sizeof(ino), md);
|
||||
rAssert( HEADER_SIZE <= 20 );
|
||||
rAssert(HEADER_SIZE <= 20);
|
||||
memcpy(headerBuf, md, HEADER_SIZE);
|
||||
|
||||
// Save the IV in fileIV for internal use
|
||||
@ -329,7 +323,7 @@ ssize_t CipherFileIO::readOneBlock(const IORequest &req) const {
|
||||
|
||||
// adjust offset if we have a file header
|
||||
if (haveHeader && !fsConfig->reverseEncryption) {
|
||||
tmpReq.offset += HEADER_SIZE;
|
||||
tmpReq.offset += HEADER_SIZE;
|
||||
}
|
||||
readSize = base->read(tmpReq);
|
||||
|
||||
@ -464,12 +458,14 @@ ssize_t CipherFileIO::read(const IORequest &origReq) const {
|
||||
|
||||
/* if reverse mode is not active with uniqueIV,
|
||||
* the read request is handled by the base class */
|
||||
if ( !(fsConfig->reverseEncryption && haveHeader) ) {
|
||||
rDebug("relaying request to base class: offset=%d, dataLen=%d", origReq.offset, origReq.dataLen);
|
||||
if (!(fsConfig->reverseEncryption && haveHeader)) {
|
||||
rDebug("relaying request to base class: offset=%d, dataLen=%d",
|
||||
origReq.offset, origReq.dataLen);
|
||||
return BlockFileIO::read(origReq);
|
||||
}
|
||||
|
||||
rDebug("handling reverse unique IV read: offset=%d, dataLen=%d", origReq.offset, origReq.dataLen);
|
||||
rDebug("handling reverse unique IV read: offset=%d, dataLen=%d",
|
||||
origReq.offset, origReq.dataLen);
|
||||
|
||||
// generate the file IV header
|
||||
// this is needed in any case - without IV the file cannot be decoded
|
||||
@ -483,14 +479,14 @@ ssize_t CipherFileIO::read(const IORequest &origReq) const {
|
||||
* plain text file. Values below zero are the header. */
|
||||
req.offset -= HEADER_SIZE;
|
||||
|
||||
int headerBytes = 0; // number of header bytes to add
|
||||
int headerBytes = 0; // number of header bytes to add
|
||||
|
||||
/* The request contains (a part of) the header, so we prefix that part
|
||||
* to the data. */
|
||||
if (req.offset < 0) {
|
||||
headerBytes = -req.offset;
|
||||
if ( req.dataLen < headerBytes )
|
||||
headerBytes = req.dataLen; // only up to the number of bytes requested
|
||||
if (req.dataLen < headerBytes)
|
||||
headerBytes = req.dataLen; // only up to the number of bytes requested
|
||||
rDebug("Adding %d header bytes", headerBytes);
|
||||
|
||||
// copy the header bytes into the data
|
||||
@ -498,14 +494,13 @@ ssize_t CipherFileIO::read(const IORequest &origReq) const {
|
||||
memcpy(req.data, &headerBuf[headerOffset], headerBytes);
|
||||
|
||||
// the read does not want data beyond the header
|
||||
if ( headerBytes == req.dataLen)
|
||||
return headerBytes;
|
||||
if (headerBytes == req.dataLen) return headerBytes;
|
||||
|
||||
/* The rest of the request will be read from the backing file.
|
||||
* As we have already generated n=headerBytes bytes, the request is
|
||||
* shifted by headerBytes */
|
||||
req.offset += headerBytes;
|
||||
rAssert( req.offset == 0 );
|
||||
rAssert(req.offset == 0);
|
||||
req.data += headerBytes;
|
||||
req.dataLen -= headerBytes;
|
||||
}
|
||||
@ -513,10 +508,9 @@ ssize_t CipherFileIO::read(const IORequest &origReq) const {
|
||||
// read the payload
|
||||
ssize_t readBytes = BlockFileIO::read(req);
|
||||
rDebug("read %ld bytes from backing file", (long)readBytes);
|
||||
if ( readBytes < 0)
|
||||
return readBytes; // Return error code
|
||||
else
|
||||
{
|
||||
if (readBytes < 0)
|
||||
return readBytes; // Return error code
|
||||
else {
|
||||
ssize_t sum = headerBytes + readBytes;
|
||||
rDebug("returning sum=%ld", (long)sum);
|
||||
return sum;
|
||||
|
@ -57,7 +57,7 @@ class CipherFileIO : public BlockFileIO {
|
||||
private:
|
||||
virtual ssize_t readOneBlock(const IORequest &req) const;
|
||||
virtual bool writeOneBlock(const IORequest &req);
|
||||
virtual void generateReverseHeader(unsigned char* data);
|
||||
virtual void generateReverseHeader(unsigned char *data);
|
||||
|
||||
void initHeader();
|
||||
bool writeHeader();
|
||||
|
@ -311,7 +311,8 @@ string DirNode::plainPath(const char *cipherPath_) {
|
||||
prefix = "+";
|
||||
}
|
||||
if (cipherPath_[0] == mark) {
|
||||
return prefix + naming->decodeName(cipherPath_ + 1, strlen(cipherPath_ + 1));
|
||||
return prefix +
|
||||
naming->decodeName(cipherPath_ + 1, strlen(cipherPath_ + 1));
|
||||
}
|
||||
|
||||
// Default.
|
||||
|
@ -122,7 +122,8 @@ struct FSConfig {
|
||||
|
||||
bool idleTracking; // turn on idle monitoring of filesystem
|
||||
|
||||
FSConfig() : forceDecode(false), reverseEncryption(false), idleTracking(false) {}
|
||||
FSConfig()
|
||||
: forceDecode(false), reverseEncryption(false), idleTracking(false) {}
|
||||
};
|
||||
|
||||
typedef shared_ptr<FSConfig> FSConfigPtr;
|
||||
|
@ -66,7 +66,6 @@
|
||||
|
||||
#include "i18n.h"
|
||||
|
||||
|
||||
// disable rlog section grouping for this file.. seems to cause problems
|
||||
#undef RLOG_SECTION
|
||||
#define RLOG_SECTION
|
||||
@ -296,8 +295,9 @@ bool userAllowMkdir(int promptno, const char *path, mode_t mode) {
|
||||
// their own language but then have to respond 'y' or 'n'.
|
||||
// xgroup(setup)
|
||||
cerr << autosprintf(
|
||||
_("The directory \"%s\" does not exist. Should it be created? "
|
||||
"(y,n) "), path);
|
||||
_("The directory \"%s\" does not exist. Should it be created? "
|
||||
"(y,n) "),
|
||||
path);
|
||||
char answer[10];
|
||||
char *res;
|
||||
|
||||
@ -338,8 +338,7 @@ ConfigType readConfig_load(ConfigInfo *nm, const char *path,
|
||||
config->cfgType = nm->type;
|
||||
return nm->type;
|
||||
}
|
||||
}
|
||||
catch (rlog::Error &err) {
|
||||
} catch (rlog::Error &err) {
|
||||
err.log(_RLWarningChannel);
|
||||
}
|
||||
|
||||
@ -364,8 +363,10 @@ ConfigType readConfig(const string &rootDir,
|
||||
if (nm->environmentOverride != NULL) {
|
||||
char *envFile = getenv(nm->environmentOverride);
|
||||
if (envFile != NULL) {
|
||||
if (! fileExists(envFile)) {
|
||||
rError("fatal: config file specified by environment does not exist: %s", envFile);
|
||||
if (!fileExists(envFile)) {
|
||||
rError(
|
||||
"fatal: config file specified by environment does not exist: %s",
|
||||
envFile);
|
||||
exit(1);
|
||||
}
|
||||
return readConfig_load(nm, envFile, config);
|
||||
@ -397,8 +398,7 @@ bool readV6Config(const char *configFile, const shared_ptr<EncFSConfig> &config,
|
||||
ia >> BOOST_SERIALIZATION_NVP(*config);
|
||||
|
||||
return true;
|
||||
}
|
||||
catch (boost::archive::archive_exception &e) {
|
||||
} catch (boost::archive::archive_exception &e) {
|
||||
rError("Archive exception: %s", e.what());
|
||||
return false;
|
||||
}
|
||||
@ -453,8 +453,7 @@ bool readV5Config(const char *configFile, const shared_ptr<EncFSConfig> &config,
|
||||
config->blockMACRandBytes = cfgRdr["blockMACRandBytes"].readInt(0);
|
||||
|
||||
ok = true;
|
||||
}
|
||||
catch (rlog::Error &err) {
|
||||
} catch (rlog::Error &err) {
|
||||
err.log(_RLWarningChannel);
|
||||
rDebug("Error parsing data in config file %s", configFile);
|
||||
ok = false;
|
||||
@ -494,8 +493,7 @@ bool readV4Config(const char *configFile, const shared_ptr<EncFSConfig> &config,
|
||||
config->chainedNameIV = false;
|
||||
|
||||
ok = true;
|
||||
}
|
||||
catch (rlog::Error &err) {
|
||||
} catch (rlog::Error &err) {
|
||||
err.log(_RLWarningChannel);
|
||||
rDebug("Error parsing config file %s", configFile);
|
||||
ok = false;
|
||||
@ -521,8 +519,7 @@ bool saveConfig(ConfigType type, const string &rootDir,
|
||||
|
||||
try {
|
||||
ok = (*nm->saveFunc)(path.c_str(), config);
|
||||
}
|
||||
catch (rlog::Error &err) {
|
||||
} catch (rlog::Error &err) {
|
||||
err.log(_RLWarningChannel);
|
||||
ok = false;
|
||||
}
|
||||
@ -667,7 +664,8 @@ static Cipher::CipherAlgorithm selectCipherAlgorithm() {
|
||||
Cipher::CipherAlgorithm alg = *it;
|
||||
|
||||
// xgroup(setup)
|
||||
cout << autosprintf(_("Selected algorithm \"%s\""), alg.name.c_str()) << "\n\n";
|
||||
cout << autosprintf(_("Selected algorithm \"%s\""), alg.name.c_str())
|
||||
<< "\n\n";
|
||||
|
||||
return alg;
|
||||
}
|
||||
@ -707,7 +705,8 @@ static Interface selectNameCoding() {
|
||||
++it;
|
||||
|
||||
// xgroup(setup)
|
||||
cout << autosprintf(_("Selected algorithm \"%s\""), it->name.c_str()) << "\"\n\n";
|
||||
cout << autosprintf(_("Selected algorithm \"%s\""), it->name.c_str())
|
||||
<< "\"\n\n";
|
||||
|
||||
return it->iface;
|
||||
}
|
||||
@ -779,12 +778,12 @@ static int selectBlockSize(const Cipher::CipherAlgorithm &alg) {
|
||||
}
|
||||
|
||||
cout << autosprintf(
|
||||
// xgroup(setup)
|
||||
_("Select a block size in bytes. The cipher you have chosen\n"
|
||||
"supports sizes from %i to %i bytes in increments of %i.\n"
|
||||
"Or just hit enter for the default (%i bytes)\n"),
|
||||
alg.blockSize.min(), alg.blockSize.max(), alg.blockSize.inc(),
|
||||
DefaultBlockSize);
|
||||
// xgroup(setup)
|
||||
_("Select a block size in bytes. The cipher you have chosen\n"
|
||||
"supports sizes from %i to %i bytes in increments of %i.\n"
|
||||
"Or just hit enter for the default (%i bytes)\n"),
|
||||
alg.blockSize.min(), alg.blockSize.max(), alg.blockSize.inc(),
|
||||
DefaultBlockSize);
|
||||
|
||||
// xgroup(setup)
|
||||
cout << "\n" << _("filesystem block size: ");
|
||||
@ -824,7 +823,7 @@ static bool boolDefault(const char *prompt, bool defaultValue) {
|
||||
string response;
|
||||
bool value;
|
||||
|
||||
while(true) {
|
||||
while (true) {
|
||||
cout << yesno;
|
||||
getline(cin, response);
|
||||
|
||||
@ -867,7 +866,8 @@ static void selectBlockMAC(int *macBytes, int *macRandBytes, bool forceMac) {
|
||||
"within a block will be caught and will cause a read error."));
|
||||
} else {
|
||||
cout << "\n\n" << _("You specified --require-macs. "
|
||||
"Enabling block authentication code headers...") << "\n\n";
|
||||
"Enabling block authentication code headers...")
|
||||
<< "\n\n";
|
||||
addMAC = true;
|
||||
}
|
||||
|
||||
@ -877,13 +877,14 @@ static void selectBlockMAC(int *macBytes, int *macRandBytes, bool forceMac) {
|
||||
*macBytes = 0;
|
||||
|
||||
// xgroup(setup)
|
||||
cout << _("Add random bytes to each block header?\n"
|
||||
"This adds a performance penalty, but ensures that blocks\n"
|
||||
"have different authentication codes. Note that you can\n"
|
||||
"have the same benefits by enabling per-file initialization\n"
|
||||
"vectors, which does not come with as great of performance\n"
|
||||
"penalty. \n"
|
||||
"Select a number of bytes, from 0 (no random bytes) to 8: ");
|
||||
cout << _(
|
||||
"Add random bytes to each block header?\n"
|
||||
"This adds a performance penalty, but ensures that blocks\n"
|
||||
"have different authentication codes. Note that you can\n"
|
||||
"have the same benefits by enabling per-file initialization\n"
|
||||
"vectors, which does not come with as great of performance\n"
|
||||
"penalty. \n"
|
||||
"Select a number of bytes, from 0 (no random bytes) to 8: ");
|
||||
|
||||
char answer[10];
|
||||
int randSize = 0;
|
||||
@ -906,7 +907,8 @@ static bool selectUniqueIV(bool default_answer) {
|
||||
_("Enable per-file initialization vectors?\n"
|
||||
"This adds about 8 bytes per file to the storage requirements.\n"
|
||||
"It should not affect performance except possibly with applications\n"
|
||||
"which rely on block-aligned file io for performance."), default_answer);
|
||||
"which rely on block-aligned file io for performance."),
|
||||
default_answer);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -964,11 +966,12 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
|
||||
char answer[10] = {0};
|
||||
if (configMode == Config_Prompt) {
|
||||
// xgroup(setup)
|
||||
cout << _("Please choose from one of the following options:\n"
|
||||
" enter \"x\" for expert configuration mode,\n"
|
||||
" enter \"p\" for pre-configured paranoia mode,\n"
|
||||
" anything else, or an empty line will select standard mode.\n"
|
||||
"?> ");
|
||||
cout << _(
|
||||
"Please choose from one of the following options:\n"
|
||||
" enter \"x\" for expert configuration mode,\n"
|
||||
" enter \"p\" for pre-configured paranoia mode,\n"
|
||||
" anything else, or an empty line will select standard mode.\n"
|
||||
"?> ");
|
||||
|
||||
if (annotate) cerr << "$PROMPT$ config_option" << endl;
|
||||
|
||||
@ -977,17 +980,17 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
|
||||
cout << "\n";
|
||||
}
|
||||
|
||||
// documented in ...
|
||||
int keySize = 0; // selectKeySize()
|
||||
int blockSize = 0; // selectBlockSize()
|
||||
Cipher::CipherAlgorithm alg; // selectCipherAlgorithm()
|
||||
Interface nameIOIface; // selectNameCoding()
|
||||
int blockMACBytes = 0; // selectBlockMAC()
|
||||
int blockMACRandBytes = 0; // selectBlockMAC()
|
||||
bool uniqueIV = true; // selectUniqueIV()
|
||||
bool chainedIV = true; // selectChainedIV()
|
||||
bool externalIV = false; // selectExternalChainedIV()
|
||||
bool allowHoles = true; // selectZeroBlockPassThrough()
|
||||
// documented in ...
|
||||
int keySize = 0; // selectKeySize()
|
||||
int blockSize = 0; // selectBlockSize()
|
||||
Cipher::CipherAlgorithm alg; // selectCipherAlgorithm()
|
||||
Interface nameIOIface; // selectNameCoding()
|
||||
int blockMACBytes = 0; // selectBlockMAC()
|
||||
int blockMACRandBytes = 0; // selectBlockMAC()
|
||||
bool uniqueIV = true; // selectUniqueIV()
|
||||
bool chainedIV = true; // selectChainedIV()
|
||||
bool externalIV = false; // selectExternalChainedIV()
|
||||
bool allowHoles = true; // selectZeroBlockPassThrough()
|
||||
long desiredKDFDuration = NormalKDFDuration;
|
||||
|
||||
if (reverseEncryption) {
|
||||
@ -1037,9 +1040,10 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
|
||||
if (answer[0] == 'x' || alg.name.empty()) {
|
||||
if (answer[0] != 'x') {
|
||||
// xgroup(setup)
|
||||
cout << _("Sorry, unable to locate cipher for predefined "
|
||||
"configuration...\n"
|
||||
"Falling through to Manual configuration mode.");
|
||||
cout << _(
|
||||
"Sorry, unable to locate cipher for predefined "
|
||||
"configuration...\n"
|
||||
"Falling through to Manual configuration mode.");
|
||||
} else {
|
||||
// xgroup(setup)
|
||||
cout << _("Manual configuration mode selected.");
|
||||
@ -1057,8 +1061,7 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
|
||||
/* Reverse mounts are read-only by default (set in main.cpp).
|
||||
* If uniqueIV is off, writing can be allowed, because there
|
||||
* is no header that could be overwritten */
|
||||
if (uniqueIV == false)
|
||||
opts->readOnly = false;
|
||||
if (uniqueIV == false) opts->readOnly = false;
|
||||
} else {
|
||||
chainedIV = selectChainedIV();
|
||||
uniqueIV = selectUniqueIV(true);
|
||||
@ -1125,10 +1128,11 @@ RootPtr createV6Config(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
|
||||
}
|
||||
|
||||
// xgroup(setup)
|
||||
cout << _("Now you will need to enter a password for your filesystem.\n"
|
||||
"You will need to remember this password, as there is absolutely\n"
|
||||
"no recovery mechanism. However, the password can be changed\n"
|
||||
"later using encfsctl.\n\n");
|
||||
cout << _(
|
||||
"Now you will need to enter a password for your filesystem.\n"
|
||||
"You will need to remember this password, as there is absolutely\n"
|
||||
"no recovery mechanism. However, the password can be changed\n"
|
||||
"later using encfsctl.\n\n");
|
||||
|
||||
int encodedKeySize = cipher->encodedKeySize();
|
||||
unsigned char *encodedKey = new unsigned char[encodedKeySize];
|
||||
@ -1196,11 +1200,10 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
|
||||
shared_ptr<Cipher> cipher = Cipher::New(config->cipherIface, -1);
|
||||
{
|
||||
cout << autosprintf(
|
||||
// xgroup(diag)
|
||||
_("Filesystem cipher: \"%s\", version %i:%i:%i"),
|
||||
config->cipherIface.name().c_str(),
|
||||
config->cipherIface.current(), config->cipherIface.revision(),
|
||||
config->cipherIface.age());
|
||||
// xgroup(diag)
|
||||
_("Filesystem cipher: \"%s\", version %i:%i:%i"),
|
||||
config->cipherIface.name().c_str(), config->cipherIface.current(),
|
||||
config->cipherIface.revision(), config->cipherIface.age());
|
||||
// check if we support this interface..
|
||||
if (!cipher)
|
||||
cout << _(" (NOT supported)\n");
|
||||
@ -1210,7 +1213,7 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
|
||||
Interface iface = cipher->interface();
|
||||
// xgroup(diag)
|
||||
cout << autosprintf(_(" (using %i:%i:%i)\n"), iface.current(),
|
||||
iface.revision(), iface.age());
|
||||
iface.revision(), iface.age());
|
||||
} else
|
||||
cout << "\n";
|
||||
}
|
||||
@ -1218,8 +1221,9 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
|
||||
{
|
||||
// xgroup(diag)
|
||||
cout << autosprintf(_("Filename encoding: \"%s\", version %i:%i:%i"),
|
||||
config->nameIface.name().c_str(), config->nameIface.current(),
|
||||
config->nameIface.revision(), config->nameIface.age());
|
||||
config->nameIface.name().c_str(),
|
||||
config->nameIface.current(),
|
||||
config->nameIface.revision(), config->nameIface.age());
|
||||
|
||||
// check if we support the filename encoding interface..
|
||||
shared_ptr<NameIO> nameCoder =
|
||||
@ -1232,7 +1236,7 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
|
||||
if (config->nameIface != nameCoder->interface()) {
|
||||
Interface iface = nameCoder->interface();
|
||||
cout << autosprintf(_(" (using %i:%i:%i)\n"), iface.current(),
|
||||
iface.revision(), iface.age());
|
||||
iface.revision(), iface.age());
|
||||
} else
|
||||
cout << "\n";
|
||||
}
|
||||
@ -1248,8 +1252,9 @@ void showFSInfo(const shared_ptr<EncFSConfig> &config) {
|
||||
}
|
||||
if (config->kdfIterations > 0 && config->salt.size() > 0) {
|
||||
cout << autosprintf(_("Using PBKDF2, with %i iterations"),
|
||||
config->kdfIterations) << "\n";
|
||||
cout << autosprintf(_("Salt Size: %i bits"), (int)(8 * config->salt.size())) << "\n";
|
||||
config->kdfIterations) << "\n";
|
||||
cout << autosprintf(_("Salt Size: %i bits"), (int)(8 * config->salt.size()))
|
||||
<< "\n";
|
||||
}
|
||||
if (config->blockMACBytes || config->blockMACRandBytes) {
|
||||
if (config->subVersion < 20040813) {
|
||||
@ -1448,7 +1453,7 @@ CipherKey EncFSConfig::getUserKey(const std::string &passProg,
|
||||
snprintf(tmpBuf, sizeof(tmpBuf) - 1, "%i", stdErrCopy);
|
||||
setenv(ENCFS_ENV_STDERR, tmpBuf, 1);
|
||||
|
||||
execvp(argv[0], (char * const *)argv); // returns only on error..
|
||||
execvp(argv[0], (char *const *)argv); // returns only on error..
|
||||
|
||||
perror(_("Internal error: failed to exec program"));
|
||||
exit(1);
|
||||
@ -1502,17 +1507,16 @@ RootPtr initFS(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
|
||||
|
||||
if (readConfig(opts->rootDir, config) != Config_None) {
|
||||
if (config->blockMACBytes == 0 && opts->requireMac) {
|
||||
cout
|
||||
<< _("The configuration disabled MAC, but you passed --require-macs\n");
|
||||
cout << _(
|
||||
"The configuration disabled MAC, but you passed --require-macs\n");
|
||||
return rootInfo;
|
||||
}
|
||||
|
||||
if (opts->reverseEncryption) {
|
||||
if (config->blockMACBytes != 0 || config->blockMACRandBytes != 0 ||
|
||||
config->externalIVChaining ||
|
||||
config->chainedNameIV) {
|
||||
cout
|
||||
<< _("The configuration loaded is not compatible with --reverse\n");
|
||||
config->externalIVChaining || config->chainedNameIV) {
|
||||
cout << _(
|
||||
"The configuration loaded is not compatible with --reverse\n");
|
||||
return rootInfo;
|
||||
}
|
||||
}
|
||||
@ -1566,8 +1570,9 @@ RootPtr initFS(EncFS_Context *ctx, const shared_ptr<EncFS_Opts> &opts) {
|
||||
config->nameIface.name().c_str(), config->nameIface.current(),
|
||||
config->nameIface.revision(), config->nameIface.age());
|
||||
// xgroup(diag)
|
||||
cout << _("The requested filename coding interface is "
|
||||
"not available\n");
|
||||
cout << _(
|
||||
"The requested filename coding interface is "
|
||||
"not available\n");
|
||||
return rootInfo;
|
||||
}
|
||||
|
||||
|
@ -86,9 +86,9 @@ struct EncFS_Opts {
|
||||
* behind the back of EncFS (for example, in reverse mode).
|
||||
* See main.cpp for a longer explaination. */
|
||||
|
||||
bool readOnly; // Mount read-only
|
||||
bool readOnly; // Mount read-only
|
||||
|
||||
bool requireMac; // Throw an error if MAC is disabled
|
||||
bool requireMac; // Throw an error if MAC is disabled
|
||||
|
||||
ConfigMode configMode;
|
||||
|
||||
|
@ -49,7 +49,7 @@ using namespace rel;
|
||||
using namespace rlog;
|
||||
|
||||
const int MAX_KEYLENGTH = 32; // in bytes (256 bit)
|
||||
const int MAX_IVLENGTH = 16; // 128 bit (AES block size, Blowfish has 64)
|
||||
const int MAX_IVLENGTH = 16; // 128 bit (AES block size, Blowfish has 64)
|
||||
const int KEY_CHECKSUM_BYTES = 4;
|
||||
|
||||
#ifndef MIN
|
||||
@ -674,21 +674,21 @@ void SSL_Cipher::setIVec_old(unsigned char *ivec, unsigned int seed,
|
||||
ivec[0] ^= (var1 >> 24) & 0xff;
|
||||
ivec[1] ^= (var2 >> 16) & 0xff;
|
||||
ivec[2] ^= (var1 >> 8) & 0xff;
|
||||
ivec[3] ^= (var2) & 0xff;
|
||||
ivec[3] ^= (var2)&0xff;
|
||||
ivec[4] ^= (var2 >> 24) & 0xff;
|
||||
ivec[5] ^= (var1 >> 16) & 0xff;
|
||||
ivec[6] ^= (var2 >> 8) & 0xff;
|
||||
ivec[7] ^= (var1) & 0xff;
|
||||
ivec[7] ^= (var1)&0xff;
|
||||
|
||||
if (_ivLength > 8) {
|
||||
ivec[8 + 0] ^= (var1) & 0xff;
|
||||
ivec[8 + 0] ^= (var1)&0xff;
|
||||
ivec[8 + 1] ^= (var2 >> 8) & 0xff;
|
||||
ivec[8 + 2] ^= (var1 >> 16) & 0xff;
|
||||
ivec[8 + 3] ^= (var2 >> 24) & 0xff;
|
||||
ivec[8 + 4] ^= (var1 >> 24) & 0xff;
|
||||
ivec[8 + 5] ^= (var2 >> 16) & 0xff;
|
||||
ivec[8 + 6] ^= (var1 >> 8) & 0xff;
|
||||
ivec[8 + 7] ^= (var2) & 0xff;
|
||||
ivec[8 + 7] ^= (var2)&0xff;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -101,12 +101,12 @@ int StreamNameIO::encodeName(const char *plaintextName, int length,
|
||||
if (_interface >= 1) {
|
||||
// current versions store the checksum at the beginning
|
||||
encodedName[0] = (mac >> 8) & 0xff;
|
||||
encodedName[1] = (mac) & 0xff;
|
||||
encodedName[1] = (mac)&0xff;
|
||||
encodeBegin = (unsigned char *)encodedName + 2;
|
||||
} else {
|
||||
// encfs 0.x stored checksums at the end.
|
||||
encodedName[length] = (mac >> 8) & 0xff;
|
||||
encodedName[length + 1] = (mac) & 0xff;
|
||||
encodedName[length + 1] = (mac)&0xff;
|
||||
encodeBegin = (unsigned char *)encodedName;
|
||||
}
|
||||
|
||||
|
@ -42,7 +42,7 @@ class autosprintf {
|
||||
public:
|
||||
/* Constructor: takes a format string and the printf arguments. */
|
||||
autosprintf(const char* format, ...)
|
||||
__attribute__((__format__(__printf__, 2, 3)));
|
||||
__attribute__((__format__(__printf__, 2, 3)));
|
||||
/* Copy constructor. */
|
||||
autosprintf(const autosprintf& src);
|
||||
/* Destructor: frees the temporarily allocated string. */
|
||||
|
@ -62,7 +62,7 @@ class iserializer<Archive, EncFSConfig> : public basic_iserializer {
|
||||
virtual bool is_polymorphic() const {
|
||||
return boost::is_polymorphic<EncFSConfig>::value;
|
||||
}
|
||||
virtual ~iserializer() {};
|
||||
virtual ~iserializer(){};
|
||||
};
|
||||
|
||||
template <class Archive>
|
||||
|
@ -76,8 +76,7 @@ static EncFS_Context *context() {
|
||||
* if the argument is NULL.
|
||||
*/
|
||||
static bool isReadOnly(EncFS_Context *ctx) {
|
||||
if (ctx == NULL)
|
||||
ctx = (EncFS_Context *)fuse_get_context()->private_data;
|
||||
if (ctx == NULL) ctx = (EncFS_Context *)fuse_get_context()->private_data;
|
||||
|
||||
return ctx->opts->readOnly;
|
||||
}
|
||||
|
@ -453,7 +453,7 @@ static int copyContents(const shared_ptr<EncFS_Root> &rootInfo,
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
if (symlink(rootInfo->root->plainPath(linkContents).c_str(),
|
||||
targetName) != 0) {
|
||||
targetName) != 0) {
|
||||
cerr << "unable to create symlink " << targetName << "\n";
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
@ -592,7 +592,8 @@ static int cmd_showcruft(int argc, char **argv) {
|
||||
|
||||
int filesFound = showcruft(rootInfo, "/");
|
||||
|
||||
// TODO: the singular version should say "Found an invalid file", but all the translations
|
||||
// TODO: the singular version should say "Found an invalid file", but all the
|
||||
// translations
|
||||
// depend upon this broken singular form, so it isn't easy to change.
|
||||
cerr << autosprintf(ngettext("Found %i invalid file.",
|
||||
"Found %i invalid files.", filesFound),
|
||||
|
@ -60,7 +60,7 @@ extern "C" void fuse_unmount_compat22(const char *mountpoint);
|
||||
/* Arbitrary identifiers for long options that do
|
||||
* not have a short version */
|
||||
#define LONG_OPT_ANNOTATE 513
|
||||
#define LONG_OPT_NOCACHE 514
|
||||
#define LONG_OPT_NOCACHE 514
|
||||
#define LONG_OPT_REQUIRE_MAC 515
|
||||
|
||||
using namespace std;
|
||||
@ -223,15 +223,16 @@ static bool processArgs(int argc, char *argv[],
|
||||
{"public", 0, 0, 'P'}, // public mode
|
||||
{"extpass", 1, 0, 'p'}, // external password program
|
||||
// {"single-thread", 0, 0, 's'}, // single-threaded mode
|
||||
{"stdinpass", 0, 0, 'S'}, // read password from stdin
|
||||
{"annotate", 0, 0, LONG_OPT_ANNOTATE}, // Print annotation lines to stderr
|
||||
{"nocache", 0, 0, LONG_OPT_NOCACHE}, // disable caching
|
||||
{"verbose", 0, 0, 'v'}, // verbose mode
|
||||
{"version", 0, 0, 'V'}, // version
|
||||
{"reverse", 0, 0, 'r'}, // reverse encryption
|
||||
{"standard", 0, 0, '1'}, // standard configuration
|
||||
{"paranoia", 0, 0, '2'}, // standard configuration
|
||||
{"require-macs", 0, 0, LONG_OPT_REQUIRE_MAC}, // require MACs
|
||||
{"stdinpass", 0, 0, 'S'}, // read password from stdin
|
||||
{"annotate", 0, 0,
|
||||
LONG_OPT_ANNOTATE}, // Print annotation lines to stderr
|
||||
{"nocache", 0, 0, LONG_OPT_NOCACHE}, // disable caching
|
||||
{"verbose", 0, 0, 'v'}, // verbose mode
|
||||
{"version", 0, 0, 'V'}, // version
|
||||
{"reverse", 0, 0, 'r'}, // reverse encryption
|
||||
{"standard", 0, 0, '1'}, // standard configuration
|
||||
{"paranoia", 0, 0, '2'}, // standard configuration
|
||||
{"require-macs", 0, 0, LONG_OPT_REQUIRE_MAC}, // require MACs
|
||||
{0, 0, 0, 0}};
|
||||
|
||||
while (1) {
|
||||
@ -309,7 +310,7 @@ static bool processArgs(int argc, char *argv[],
|
||||
* However, disabling the caches causes a factor 3
|
||||
* slowdown. If you are concerned about inconsistencies,
|
||||
* please use --nocache. */
|
||||
break;
|
||||
break;
|
||||
case LONG_OPT_NOCACHE:
|
||||
/* Disable EncFS block cache
|
||||
* Causes reverse grow tests to fail because short reads
|
||||
@ -404,8 +405,8 @@ static bool processArgs(int argc, char *argv[],
|
||||
|
||||
// "default_permissions" comes with a performance cost. Only enable
|
||||
// it if makes sense.
|
||||
for(int i=0; i < out->fuseArgc; i++) {
|
||||
if ( out->fuseArgv[i] == NULL ) {
|
||||
for (int i = 0; i < out->fuseArgc; i++) {
|
||||
if (out->fuseArgv[i] == NULL) {
|
||||
continue;
|
||||
} else if (strcmp(out->fuseArgv[i], "allow_other") == 0) {
|
||||
PUSHARG("-o");
|
||||
@ -415,7 +416,8 @@ static bool processArgs(int argc, char *argv[],
|
||||
}
|
||||
|
||||
#if defined(__APPLE__)
|
||||
// With OSXFuse, the 'local' flag selects a local filesystem mount icon in Finder.
|
||||
// With OSXFuse, the 'local' flag selects a local filesystem mount icon in
|
||||
// Finder.
|
||||
PUSHARG("-o");
|
||||
PUSHARG("local");
|
||||
#endif
|
||||
@ -700,7 +702,8 @@ int main(int argc, char *argv[]) {
|
||||
// xgroup(usage)
|
||||
fputs(_("fuse failed. Common problems:\n"
|
||||
" - fuse kernel module not installed (modprobe fuse)\n"
|
||||
" - invalid options -- see usage message\n"), out);
|
||||
" - invalid options -- see usage message\n"),
|
||||
out);
|
||||
fclose(out);
|
||||
}
|
||||
} catch (std::exception &ex) {
|
||||
|
@ -1,4 +1,5 @@
|
||||
/* $OpenBSD: readpassphrase.h,v 1.1 2000/11/21 00:48:38 millert Exp $ */
|
||||
/* $OpenBSD: readpassphrase.h,v 1.1 2000/11/21 00:48:38 millert Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
@ -35,17 +36,18 @@
|
||||
|
||||
#ifndef HAVE_READPASSPHRASE
|
||||
|
||||
#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */
|
||||
#define RPP_ECHO_ON 0x01 /* Leave echo on. */
|
||||
#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */
|
||||
#define RPP_FORCELOWER 0x04 /* Force input to lower case. */
|
||||
#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */
|
||||
#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */
|
||||
#define RPP_ECHO_OFF 0x00 /* Turn off echo (default). */
|
||||
#define RPP_ECHO_ON 0x01 /* Leave echo on. */
|
||||
#define RPP_REQUIRE_TTY 0x02 /* Fail if there is no tty. */
|
||||
#define RPP_FORCELOWER 0x04 /* Force input to lower case. */
|
||||
#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */
|
||||
#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
#endif
|
||||
char *readpassphrase(const char *prompt, char *buf, size_t bufSize, int flags);
|
||||
char *
|
||||
readpassphrase(const char *prompt, char *buf, size_t bufSize, int flags);
|
||||
|
||||
#endif /* HAVE_READPASSPHRASE */
|
||||
|
||||
|
@ -363,7 +363,8 @@ bool runTests(const shared_ptr<Cipher> &cipher, bool verbose) {
|
||||
|
||||
static bool testCipherSize(const string &name, int keySize, int blockSize,
|
||||
bool verbose) {
|
||||
cerr << name << ", key length " << keySize << ", block size " << blockSize << ": ";
|
||||
cerr << name << ", key length " << keySize << ", block size " << blockSize
|
||||
<< ": ";
|
||||
|
||||
shared_ptr<Cipher> cipher = Cipher::New(name, keySize);
|
||||
if (!cipher) {
|
||||
@ -429,8 +430,8 @@ int main(int argc, char *argv[]) {
|
||||
if (!testCipherSize(it->name, keySize, blockSize, false)) {
|
||||
// Run again in verbose mode, then exit with error.
|
||||
if (testCipherSize(it->name, keySize, blockSize, true)) {
|
||||
cerr << "Inconsistent test results!\n";
|
||||
}
|
||||
cerr << "Inconsistent test results!\n";
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user