Commit Graph

702 Commits

Author SHA1 Message Date
Jakob Unterwurzacher
32102447e0 reverse: Filesystem is read-only of uniqueIV is enabled
Writing to the ciphertext files can rewrite the header. This
would mean we had to re-encrypt the whole file with the new IV.

This could be made more fine-grained, for example allowing
writes to everywhere but the header. However, this is
something that needs a lot of testing to ensure correctness.
Writing to the ciphertext is a niche use case of the niche
use case of using reverse mode, so it is unlikely it would
get the test coverage it needs.

To be safe, we deny all modifications of the ciphertext with
read-only filesystem error (EROFS) if uniqueIV is enabled.

Reverse mode with uniqueIV disabled still supports writing,
if somebody really needs it. This use case is not covered
by the test suite at the moment.
2014-11-30 14:23:35 +01:00
Jakob Unterwurzacher
d1363578fc reverse: Make uniqueIV configurable in expert mode 2014-11-29 20:04:31 +01:00
Jakob Unterwurzacher
7732466277 tests: Replace calls to dd with native writeZeroes 2014-11-29 13:35:02 +01:00
Jakob Unterwurzacher
8620b46d56 Update changelog 2014-11-26 23:57:32 +01:00
Valient Gough
89513f273a Merge pull request #34 from rfjakob/reverse-iv
reverse: Implement unique IV derived from the inode number
2014-11-24 21:00:50 -08:00
Jakob Unterwurzacher
73a5accb8e reverse: Derive IV from inode number
The truncated SHA1 hash of the inode number is used as the IV
for files encrypted in reverse mode.
Passes the test suite.

Closes #24.
2014-11-23 21:21:51 +01:00
Jakob Unterwurzacher
3fce933f65 Document SSL_Cipher::setIVec 2014-11-23 21:19:25 +01:00
Jakob Unterwurzacher
43a1cd3344 tests: Get rid of df warnings
Like "Transport endpoint is not connected" when there is
a stale FUSE mount lying around
2014-11-23 21:17:27 +01:00
Jakob Unterwurzacher
1b5cde2273 tests: Also verify file contents in grow test 2014-11-23 18:24:55 +01:00
Jakob Unterwurzacher
76424a58cb Implement uniqueIV for reverse mode
For now, the IVs are constant. This is fixed in a later commit.
They are enabled by default to make testing easier.
The whole thing passes the test suite on x86 and x86_64.
2014-11-23 18:24:22 +01:00
Jakob Unterwurzacher
dee3f628e3 Implement --nocache
Disable block cache (in EncFS) and stat cache (in kernel).
This is needed if the backing files may be modified
behind the back of EncFS (for example, when you mount
an encrypted filesystem exported by encfs --reverse).

The reverse grow tests fail when this option is not passed to the
decrypting mount.
2014-11-17 21:57:06 +01:00
Jakob Unterwurzacher
9f9e30a73f Check the assertions in cacheReadOneBlock explicitely
...to make the code more robust w.r.t. refactoring.

Also add comments about the last block handling.
2014-11-17 20:21:44 +01:00
Valient Gough
4608c1704b Merge pull request #29 from doughdemon/master
Make it compile with musl libc
2014-11-16 20:55:25 -08:00
Jakob Unterwurzacher
6d895fdc72 tests: Add --reverse file grow test
This test uncovered issues caused by unsafe kernel-side and BlockFileIO caching.
2014-11-17 00:39:14 +01:00
Jakob Unterwurzacher
84dae17d4e Disable unsafe kernel caching for --reverse
By default, the kernel caches file metadata for one second.
This is fine for EncFS' normal mode, but for --reverse, this
means that the encrypted view will be up to one second out of
date.
This causes the reverse grow tests to fail because stale stat()
data is returned.
2014-11-17 00:32:54 +01:00
Jakob Unterwurzacher
a00a3beb8e tests: explicitely verify that the reverse mount worked 2014-11-17 00:32:54 +01:00
Jakob Unterwurzacher
68485500fd Log offending filename "too small" errors 2014-11-17 00:32:54 +01:00
Jakob Unterwurzacher
5e834968b2 Handle ENCFS6_CONFIG set to non-existing file
This used to give the confusing error

	Found config file %s, but failed to load - exiting
2014-11-17 00:32:54 +01:00
Jakob Unterwurzacher
b2943eeed1 tests: Move helper funtion to common.inc
Also fixes md5fh's fd leak.
2014-11-17 00:32:54 +01:00
Jakob Unterwurzacher
1227df72e2 Add function descriptions to BlockFileIO 2014-11-10 23:15:29 +01:00
Jakob Unterwurzacher
7565fb149a Add comments documenting the filesystem config options 2014-11-09 13:59:35 +01:00
Jakob Unterwurzacher
00811625cf Add comments describing the config load functions 2014-11-09 13:58:33 +01:00
Jakob Unterwurzacher
5d3b246a0d V6SubVersion: Add comment explaining that the effective version is 20
..for boost 1.42+.

Note that RHEL 6 uses boost 1.41, so there may still be a few users
that are not running 1.42+.
2014-11-09 13:08:39 +01:00
Jakob Unterwurzacher
0053cd7a70 Actually print error message in withCipherPath and withFileNode 2014-11-09 12:40:39 +01:00
Jakob Unterwurzacher
cc274dca63 Exit on corrupt config file instead of overwriting it
This is something that should really not happen, it makes
sense to have the user examine the situation himself.

Behavoir was:

	23:00:42 (FileUtils.cpp:379) Archive exception: XML start/end tag mismatch - uniqueIV
	23:00:42 (FileUtils.cpp:337) Found config file /tmp/a/ciphertext/.encfs6.xml, but failed to load
	Creating new encrypted volume.
	Please choose from one of the following options:
	...

Now it exits with:

	23:13:04 (FileUtils.cpp:337) Found config file /tmp/a/ciphertext/.encfs6.xml, but failed to load - exiting
2014-11-05 21:34:30 +01:00
Jakob Unterwurzacher
8efda5b700 tests: Check that absolute symlinks work in reverse mode 2014-11-04 23:08:33 +01:00
Felix Janda
4a2c53a4f9 encfs/encfsctl.cpp: add missing #include <limits.h> 2014-11-01 08:22:45 +01:00
Felix Janda
8034da6a59 Use sys/xattr.h instead of attr/xattr.h by default 2014-11-01 08:22:10 +01:00
Valient Gough
8ae9282efe fix uninitialized memory error in tests 2014-10-26 15:10:28 -07:00
Valient Gough
8d515fda07 show verbose output for failed test 2014-10-26 14:50:43 -07:00
Valient Gough
264f3735d9 fix clang warning 2014-10-26 11:59:20 -07:00
Valient Gough
766564b55f return 1 on failure 2014-10-26 11:58:03 -07:00
Valient Gough
1afc12975b test with both gcc and clang 2014-10-26 11:35:56 -07:00
Valient Gough
b3355962ee rewrite C++11 check to look for basic classes 2014-10-26 11:35:52 -07:00
Valient Gough
01d409b2d7 add config macro to check for c++11 support 2014-10-26 11:02:13 -07:00
Valient Gough
14b228d185 rework fuse version check 2014-10-26 10:50:10 -07:00
Valient Gough
fe4300a53e reduce boost dependency 2014-10-26 10:49:51 -07:00
Valient Gough
19aba9fa77 reduce boost dependencies
enables c++11 mode on GCC
also fix soft links to root paths in reverse mode
2014-10-26 10:23:10 -07:00
Valient Gough
73ea32c2c2 Merge pull request #25 from rfjakob/master
Merge bash tests into Perl infrastructure
2014-10-22 23:15:23 -07:00
Jakob Unterwurzacher
7e03b6d2c5 tests: Add reverse mode tests 2014-10-21 22:13:36 +02:00
Jakob Unterwurzacher
b696f87ace README.md: Mention EncFS unique features 2014-10-20 21:16:40 +02:00
Jakob Unterwurzacher
6adc1e4a8f tests: Always run unit tests 2014-10-20 20:55:13 +02:00
Jakob Unterwurzacher
0e8e1dd20c tests: Move perl tests to tests/, make them callable from top-level Makefile
Use "make test" or "make test-verbose" to run.
Note that "make test" seems to be more common than "make tests", hence the
change.

Also, use a new clean directory directory as a working area for each run
Created using mkdtemp and deleted in cleanup()
2014-10-20 20:55:02 +02:00
Jakob Unterwurzacher
38970c75bd tests: Port bash tests to perl
This integrates the tests written in bash into the existing perl infrastructure.
2014-10-20 20:46:29 +02:00
Jakob Unterwurzacher
d9c7d52b89 tests: Fix fusermount detection in tests.t
Used to fail with

	Unsuccessful stat on filename containing newline at tests.t line 196.
	umount: /tmp/crypt-11388: Permission denied
	not ok 44 - unmount ok, mount point removed
	#   Failed test 'unmount ok, mount point removed'
	#   at tests.t line 205

now all tests pass.
2014-10-20 20:46:29 +02:00
Valient Gough
3b5035893d switch build status icon to vgough/encfs 2014-10-18 21:20:58 -07:00
Valient Gough
b3c851982f reformat using clang 2014-10-18 19:19:33 -07:00
Valient Gough
744f56b95d Merge pull request #23 from rfjakob/master
Add integration tests & Compare MACs in constant time
2014-10-17 13:58:42 -07:00
Jakob Unterwurzacher
87fac6af57 Compare MACs in constant time to prevent timing attacks
Fixes bug #12.
2014-10-17 19:42:06 +02:00
Jakob Unterwurzacher
8bda1c8a46 tests: Add integration tests
Add a simple cli-based test infrastructure with a few tests
to prepare future code changes.
Note that these cannot be run on Travis CI as it does not support
FUSE.

Expected output:

	$ tests/run.sh
	1 Running unit tests: OK
	*** running test_corruption.sh
	2 Reading file: OK
	3 Reading corrupted file: OK
	4 Reading file with MAC: OK
	5 Corruption with MAC returns IO error: OK
	*** running test_file_expansion.sh
	6 Creating files of different sizes: : OK
	7 Growing file: OK
	8 Internal modification: OK
	*** All tests OK
2014-10-17 19:41:21 +02:00