Commit 76424a58cb enabled unique IV
for reverse mode by default, to get more testing and to increase
security of reverse mode.
The downside is that all IVs change when the inode numbers change,
which means that all of the ciphertext changes.
This may bite people who copied the plaintext to a new filesystem
- they will find out that they have to rsync everything again.
This commit disables unique IV for reverse mode by default. It can
still be enabled through expert mode.
Disabling the kernel cache make sure the encrypted view is always
up-to-date, however, it causes a factor 3 slowdown.
Please use --nocache manually if you want to disable caching.
Closes#60.
Also replaces the magic identifiers 513 and 514 by proper defines.
With pkg-config missing, a broken configure was generated, that failed
with a confusing error:
./configure: line 19272: syntax error near unexpected token `OPENSSL,'
./configure: line 19272: ` PKG_CHECK_MODULES(OPENSSL, openssl >= 0.9.7,'
Now, it errors out in the autoconf stage with:
configure.ac:23: error: possibly undefined macro: PKG_CHECK_MODULES
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
one search twice (one for adding the path of the library to LDFLAGS and
the other for eventually checking that the library is actually added)
for the same symbol (fuse_new) that resuls in the configure script
caching the first result of the test (which is 'false' because the
library where not still added) and reuseing it in the second test. A
solution is to use two different symbols for theses two tests).
This removes the need for a translated prompt. Fixes issue #20.
Also,
* merge boolDefaultNo() and boolDefaultYes() into boolDefault()
* do not accept arbitrary answers, but prompt again
Example Results
* Seagate Barracuda 7200.9, model ST3250824AS
* Linux 3.16.3
* EncFS 1c5c75c44f
Test | EncFS | eCryptfs | EncFS advantage
----------------|--------------|--------------|----------------
stream_write | 32 MiB/s | 38 MiB/s | 0.84
extract | 28744 ms | 30027 ms | 1.04
du | 495 MB | 784 MB | 1.58
rsync | 3319 ms | 62486 ms | 18.83
delete | 6462 ms | 74652 ms | 11.55
(eCryptfs is very slow for stat() on a classical HDD)
This prevents unexpected failures when you have set that variable.
Also, give Test::More the number of tests that will be run for
more informative output.
In reverse mode, this caused symlinks pointing to the absolute
plaintext directory to be stripped. This is what the test in
commit
tests: reverse: symlink absolute path inside the plaintext dir
checks for.
Ignoring encfsctl, plainPath() is only called from encfs.cpp, in
_do_readlink() and _do_getattr(). Both functions get the path passed in from
FUSE. Paths from FUSE are always anchored at the mountpoint (they start with
"/", and "/" means the root of the mount). This suggests that the check can
never trigger - I have verified that it does not trigger when running the
test suite.
With this patch, the full test suite passes.
