Commit Graph

458 Commits

Author SHA1 Message Date
Valient Gough
843a4ca5be Merge pull request #69 from rfjakob/next
Changes for 1.8.1
2015-03-24 13:45:16 -07:00
Jakob Unterwurzacher
17e12d3e9a Bump version to 1.8.1 and update changelog 2015-03-22 22:02:22 +01:00
Eric Swanson
9d06412f1c Work around #14 (Editing Configuration File Disables MACs) with "--require-macs"
This patch implements the workaround proposed by
https://defuse.ca/audits/encfs.htm to create a --require-macs command
line argument. If this argument is passed, encfs will refuse to mount
with MACs disabled. When creating a filesystem, encfs will force MACs to
be enabled.

Addressed CR comments, and added docs.
2015-03-22 21:04:16 +01:00
Jakob Unterwurzacher
82ceb88998 Remove "-o default_permissions" unless needed.
It is only needed when "-o allow_other" is specified.

"-o default_permissions" causes libfuse to check file access
in userspace. This costs CPU cycles and causes additional
stat() calls - libfuse has to walk up the whole path to check
for "x" permissions on directories.

This improves "make benchmark-reverse" performance
by 30% when caching is disabled. It also gives a slight
improvement with caches on.

Before:

  tests/benchmark-reverse.pl /var/tmp
  * rsync 1 (initial copy)... 12179 ms
  * rsync 2 (no changes)... 1840 ms
  cleaning up... done
  tests/benchmark-reverse.pl /var/tmp --nocache
  * rsync 1 (initial copy)... 30696 ms
  * rsync 2 (no changes)... 10552 ms
  cleaning up... done

After:

  tests/benchmark-reverse.pl /var/tmp
  * rsync 1 (initial copy)... 12095 ms
  * rsync 2 (no changes)... 1693 ms
  cleaning up... done
  tests/benchmark-reverse.pl /var/tmp --nocache
  * rsync 1 (initial copy)... 21266 ms
  * rsync 2 (no changes)... 6486 ms
  cleaning up... done
2015-03-22 21:04:16 +01:00
Jakob Unterwurzacher
31568b1de5 tests: Add benchmark-reverse.pl
Benchmarks "encfs --reverse" rsync performance.

Run "make benchmark-reverse" to run it with default settings.
2015-03-22 21:03:47 +01:00
Jakob Unterwurzacher
c58d311569 tests: Complain loudly when encfs segfaults while mounting
...instead of having all later tests fail with strange
error messages.
2015-03-20 00:12:51 +01:00
Jakob Unterwurzacher
21b3811f86 reverse mode: Disable unique IV by default
Commit 76424a58cb enabled unique IV
for reverse mode by default, to get more testing and to increase
security of reverse mode.

The downside is that all IVs change when the inode numbers change,
which means that all of the ciphertext changes.

This may bite people who copied the plaintext to a new filesystem
- they will find out that they have to rsync everything again.

This commit disables unique IV for reverse mode by default. It can
still be enabled through expert mode.
2015-03-16 08:31:25 +01:00
Jakob Unterwurzacher
d14bedfff6 encfs manpage: Document --nocache 2015-03-15 17:55:44 +01:00
Jakob Unterwurzacher
0182dbf9d7 gitignore: add autogenerated po/*.gmo files 2015-03-15 17:55:44 +01:00
Jakob Unterwurzacher
5ef4ab0a41 reverse: re-enable kernel cache
Disabling the kernel cache make sure the encrypted view is always
up-to-date, however, it causes a factor 3 slowdown.
Please use --nocache manually if you want to disable caching.
Closes #60.

Also replaces the magic identifiers 513 and 514 by proper defines.
2015-03-15 17:54:56 +01:00
Valient Gough
b2f50bab1e import po files from Rosetta, update and fix po build errors 2015-03-13 21:59:02 -07:00
Valient Gough
b8ed8abbab add comment about misuse of ngettext 2015-03-13 21:59:01 -07:00
Valient Gough
a856210a85 Merge pull request #58 from rfjakob/next
Release 1.8
2015-03-09 21:28:24 -07:00
Jakob Unterwurzacher
01d65f43ff Bump encfs version to 1.8 2015-03-09 22:01:43 +01:00
Valient Gough
51c01bc5ec Merge pull request #56 from fulldecent/patch-2
Remove link to old homepage, as there is no additional info there
2015-02-28 22:13:31 -08:00
William Entriken
a266911e83 Remove link to old homepage, as there is no additional info there 2015-02-28 10:33:42 -05:00
Valient Gough
6909139e70 Fix pod links in DESIGN.md 2015-02-27 21:10:12 -08:00
Valient Gough
7537360de8 Merge pull request #54 from fulldecent/patch-1
Update markdown formatting for documentation
2015-02-27 21:06:59 -08:00
William Entriken
58d720d273 Update markdown formatting for documentation 2015-02-13 21:04:53 -05:00
Valient Gough
65bd22f55a fix typo in man page 2015-01-27 22:49:40 -08:00
Valient Gough
a69075a901 Merge pull request #51 from rfjakob/next
Fix reverse tests on OSX, improve install documentation
2015-01-17 16:39:05 -08:00
Jakob Unterwurzacher
fce6d727e3 README.md: Add link to the man page
github renders pod files beautifully, and encfs(1) is an
excellent document.
2015-01-13 23:22:55 +01:00
Jakob Unterwurzacher
d494d18f73 encfs manpage: Document ENCFS6_CONFIG 2015-01-13 23:13:48 +01:00
Jakob Unterwurzacher
bc4f38fcca configure.ac: Error out if pkg-config is missing
With pkg-config missing, a broken configure was generated, that failed
with a confusing error:

	./configure: line 19272: syntax error near unexpected token `OPENSSL,'
	./configure: line 19272: `    PKG_CHECK_MODULES(OPENSSL, openssl >= 0.9.7,'

Now, it errors out in the autoconf stage with:

	configure.ac:23: error: possibly undefined macro: PKG_CHECK_MODULES
	      If this token and others are legitimate, please use m4_pattern_allow.
	      See the Autoconf documentation.
2015-01-13 22:32:46 +01:00
Jakob Unterwurzacher
49527fcdf6 Update ax_boost_base.m4 to fix build failure on Ubuntu 14.04 x86_64
Error message from configure was:

	checking whether the Boost::Serialization library is available... yes
	configure: error: Could not find a version of the library!

Upstream commit:

	http://git.savannah.gnu.org/cgit/autoconf-archive.git/commit/?id=cba04c6644ef75f6f0eb7ac67db90d2533d80f0c
2015-01-12 23:47:31 +01:00
Jakob Unterwurzacher
6b411e60f8 INSTALL.md: Convert to markdown and expand 2015-01-11 23:34:30 +01:00
Jakob Unterwurzacher
b05872d85d tests: Use portable_unmount in reverse tests
Fixes unmount failure on OSX
2015-01-11 23:34:30 +01:00
Valient Gough
6239a3c58f Merge pull request #47 from hurlebouc/master
Improve FUSE library check
2015-01-07 09:08:09 -08:00
Hubert
153825e441 *change the way the configure check presence of library FUSE : previous
one search twice (one for adding the path of the library to LDFLAGS and
the other for eventually checking that the library is actually added)
for the same symbol (fuse_new) that resuls in the configure script
caching the first result of the test (which is 'false' because the
library where not still added) and reuseing it in the second test. A
solution is to use two different symbols for theses two tests).
2015-01-07 13:55:20 +01:00
Sam Gleske
8889e5ea5b doc: encfs spelling and grammar corrections
Conflicts:
	encfs/encfs.pod
2015-01-03 18:53:05 -08:00
Sam Gleske
9d5730e808 doc: encfs add file-hole pass-through doc
Previously undocumented though file-hole pass-through has been
available in encfs since 1.4.1.
2015-01-03 18:51:29 -08:00
Valient Gough
35bf0469cf Merge pull request #44 from Ledest/master
encfssh: use mktemp(1) for create unique unenc_dir
2014-12-27 22:44:59 -08:00
Valient Gough
6df09679c6 Merge pull request #45 from rfjakob/next
Add PATH_MAX workaround, improve benchmark.pl
2014-12-27 22:40:19 -08:00
Jakob Unterwurzacher
553f65a014 benchmark.pl: Improve help text, add Makefile target
Performing a benchmark on /var/tmp now is as easy as
"make benchmark".
2014-12-27 15:00:58 +01:00
Jakob Unterwurzacher
f8a563bdcd encfsctl: define a default PATH_MAX
Unless it is already defined. Fixes build errors with musl libc.
2014-12-27 15:00:58 +01:00
Jakob Unterwurzacher
517c7bc948 benchmark.pl: Skip ecryptfs if mount.ecryptfs is not available
Allows the benchmark to work on OS X or when ecryptfs is not
installed.
Also, introduce stopwatch_start/stop helpers to cut down copy-paste
code.
2014-12-27 15:00:58 +01:00
Led
d9a3759cfd encfssh: use mktemp(1) for create unique unenc_dir 2014-12-25 01:24:17 +02:00
Valient Gough
3643924ba3 Merge pull request #39 from rfjakob/next
Update yes/no prompts. Fixes issue #20
2014-12-13 19:22:15 -08:00
Jakob Unterwurzacher
0a920fa733 Use standard "[y]/n" / "y/[n]" prompt
This removes the need for a translated prompt. Fixes issue #20.

Also,
* merge boolDefaultNo() and boolDefaultYes() into boolDefault()
* do not accept arbitrary answers, but prompt again
2014-12-13 13:01:03 +01:00
Jakob Unterwurzacher
80844b89da Update translation URL
"rosetta" now lives at translations.launchpad.net
2014-12-13 13:00:18 +01:00
Valient Gough
11c4b70a70 Merge pull request #38 from rfjakob/next
Add benchmark.pl
2014-12-08 19:17:39 -08:00
Jakob Unterwurzacher
0a274fe77f Mention PERFORMANCE.md in README.md 2014-12-08 19:47:56 +01:00
Jakob Unterwurzacher
9a64ff97c5 benchmark.pl: Align numbers right in Markdown output 2014-12-08 19:34:50 +01:00
Jakob Unterwurzacher
b9c8b5cb47 Put benchmark results into PERFORMANCE.md 2014-12-08 19:21:33 +01:00
Jakob Unterwurzacher
ca6c46e2dc DESIGN.md: Add markdown headings 2014-12-08 18:20:15 +01:00
Jakob Unterwurzacher
f4d100648f Rename README to DESIGN.md and link to it in README.md
This document provides a nice overview and should be presented
prominently.
2014-12-08 18:14:35 +01:00
Jakob Unterwurzacher
9feb263dea tests: Add benchmark.pl - benchmark EncFS against eCryptfs
Example Results
* Seagate Barracuda 7200.9, model ST3250824AS
* Linux 3.16.3
* EncFS 1c5c75c44f

Test            | EncFS        | eCryptfs     | EncFS advantage
----------------|--------------|--------------|----------------
stream_write    |     32 MiB/s |     38 MiB/s | 0.84
extract         |  28744 ms    |  30027 ms    | 1.04
du              |    495 MB    |    784 MB    | 1.58
rsync           |   3319 ms    |  62486 ms    | 18.83
delete          |   6462 ms    |  74652 ms    | 11.55

(eCryptfs is very slow for stat() on a classical HDD)
2014-12-08 18:09:20 +01:00
Jakob Unterwurzacher
1c5c75c44f tests: Name all tests ".t.pl"
This way, everything (for example, common.inc) can have its proper
".pl" ending and syntax highlighting works properly in every editor.
2014-12-08 17:39:10 +01:00
Valient Gough
40531024c8 Merge pull request #36 from rfjakob/master
Reverse mode improvements
2014-12-02 12:43:11 -08:00
Jakob Unterwurzacher
8c7cf98af6 Clarify read-only handling of reverse mounts without uniqueIV
Also, delete unused define

Both issues spottet by Valient Gough's review
2014-12-01 20:13:40 +01:00