This prevents unexpected failures when you have set that variable.
Also, give Test::More the number of tests that will be run for
more informative output.
In reverse mode, this caused symlinks pointing to the absolute
plaintext directory to be stripped. This is what the test in
commit
tests: reverse: symlink absolute path inside the plaintext dir
checks for.
Ignoring encfsctl, plainPath() is only called from encfs.cpp, in
_do_readlink() and _do_getattr(). Both functions get the path passed in from
FUSE. Paths from FUSE are always anchored at the mountpoint (they start with
"/", and "/" means the root of the mount). This suggests that the check can
never trigger - I have verified that it does not trigger when running the
test suite.
With this patch, the full test suite passes.
Writing to the ciphertext files can rewrite the header. This
would mean we had to re-encrypt the whole file with the new IV.
This could be made more fine-grained, for example allowing
writes to everywhere but the header. However, this is
something that needs a lot of testing to ensure correctness.
Writing to the ciphertext is a niche use case of the niche
use case of using reverse mode, so it is unlikely it would
get the test coverage it needs.
To be safe, we deny all modifications of the ciphertext with
read-only filesystem error (EROFS) if uniqueIV is enabled.
Reverse mode with uniqueIV disabled still supports writing,
if somebody really needs it. This use case is not covered
by the test suite at the moment.
For now, the IVs are constant. This is fixed in a later commit.
They are enabled by default to make testing easier.
The whole thing passes the test suite on x86 and x86_64.
Disable block cache (in EncFS) and stat cache (in kernel).
This is needed if the backing files may be modified
behind the back of EncFS (for example, when you mount
an encrypted filesystem exported by encfs --reverse).
The reverse grow tests fail when this option is not passed to the
decrypting mount.
By default, the kernel caches file metadata for one second.
This is fine for EncFS' normal mode, but for --reverse, this
means that the encrypted view will be up to one second out of
date.
This causes the reverse grow tests to fail because stale stat()
data is returned.
This is something that should really not happen, it makes
sense to have the user examine the situation himself.
Behavoir was:
23:00:42 (FileUtils.cpp:379) Archive exception: XML start/end tag mismatch - uniqueIV
23:00:42 (FileUtils.cpp:337) Found config file /tmp/a/ciphertext/.encfs6.xml, but failed to load
Creating new encrypted volume.
Please choose from one of the following options:
...
Now it exits with:
23:13:04 (FileUtils.cpp:337) Found config file /tmp/a/ciphertext/.encfs6.xml, but failed to load - exiting