// gocryptfs v1.1 introduced reverse mode
func TestExampleFSv11reversePlaintextnames(t *testing.T) {
	dirA := "v1.1-reverse-plaintextnames"
	dirB := test_helpers.TmpDir + "/" + dirA + ".B"
	err := os.Mkdir(dirB, 0700)
	if err != nil {
		t.Fatal(err)
	}
	dirC := test_helpers.TmpDir + "/" + dirA + ".C"
	err = os.Mkdir(dirC, 0700)
	if err != nil {
		t.Fatal(err)
	}
	test_helpers.MountOrFatal(t, dirA, dirB, "-reverse", "-extpass", "echo test", opensslOpt)
	c := dirB + "/gocryptfs.conf"
	if !test_helpers.VerifyExistence(c) {
		t.Errorf("%s missing", c)
	}
	test_helpers.MountOrFatal(t, dirB, dirC, "-extpass", "echo test", opensslOpt)
	checkExampleFSrw(t, dirC, false)
	test_helpers.UnmountPanic(dirC)
	test_helpers.UnmountPanic(dirB)

	m := "e7fb8f0d-2a81df9e-26611e4b-5540b218-e48aa458-c2a623af-d0c82637-1466b5f2"
	test_helpers.MountOrFatal(t, dirA, dirB, "-reverse", "-masterkey", m, opensslOpt)
	if !test_helpers.VerifyExistence(c) {
		t.Errorf("%s missing", c)
	}
	test_helpers.MountOrFatal(t, dirB, dirC, "-aessiv", "-masterkey", m, opensslOpt)
	checkExampleFSrw(t, dirC, false)
	test_helpers.UnmountPanic(dirC)
	test_helpers.UnmountPanic(dirB)
}
示例#2
0
// Test -passwd flag
func TestPasswd(t *testing.T) {
	// Create FS
	dir := test_helpers.InitFS(t)
	mnt := dir + ".mnt"
	// Add content
	test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo test")
	file1 := mnt + "/file1"
	err := ioutil.WriteFile(file1, []byte("somecontent"), 0600)
	if err != nil {
		t.Fatal(err)
	}
	err = test_helpers.UnmountErr(mnt)
	if err != nil {
		t.Fatal(err)
	}
	// Change password to "newpasswd"
	testPasswd(t, dir)
	// Mount and verify
	test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo newpasswd")
	content, err := ioutil.ReadFile(file1)
	if err != nil {
		t.Error(err)
	} else if string(content) != "somecontent" {
		t.Errorf("wrong content: %q", string(content))
	}
	err = test_helpers.UnmountErr(mnt)
	if err != nil {
		t.Fatal(err)
	}
}
// gocryptfs v1.1 introduced reverse mode
func TestExampleFSv11reverse(t *testing.T) {
	dirA := "v1.1-reverse"
	dirB := test_helpers.TmpDir + "/" + dirA + ".B"
	err := os.Mkdir(dirB, 0700)
	if err != nil {
		t.Fatal(err)
	}
	dirC := test_helpers.TmpDir + "/" + dirA + ".C"
	err = os.Mkdir(dirC, 0700)
	if err != nil {
		t.Fatal(err)
	}
	test_helpers.MountOrFatal(t, dirA, dirB, "-reverse", "-extpass", "echo test", opensslOpt)
	c := dirB + "/gocryptfs.conf"
	if !test_helpers.VerifyExistence(c) {
		t.Errorf("%s missing", c)
	}
	test_helpers.MountOrFatal(t, dirB, dirC, "-extpass", "echo test", opensslOpt)
	checkExampleFSrw(t, dirC, false)
	test_helpers.UnmountPanic(dirC)
	test_helpers.UnmountPanic(dirB)

	m := "68b51855-042abd80-635ae1ba-90152a78-2ec2d243-832ac72a-eab0561a-f2d37913"
	test_helpers.MountOrFatal(t, dirA, dirB, "-reverse", "-masterkey", m, opensslOpt)
	if !test_helpers.VerifyExistence(c) {
		t.Errorf("%s missing", c)
	}
	test_helpers.MountOrFatal(t, dirB, dirC, "-aessiv", "-masterkey", m, opensslOpt)
	checkExampleFSrw(t, dirC, false)
	test_helpers.UnmountPanic(dirC)
	test_helpers.UnmountPanic(dirB)
}
示例#4
0
// Test -passwd with -masterkey
func TestPasswdMasterkey(t *testing.T) {
	// Create FS
	dir := test_helpers.InitFS(t)
	// Overwrite with config with known master key
	conf, err := ioutil.ReadFile("gocryptfs.conf.b9e5ba23")
	if err != nil {
		t.Fatal(err)
	}
	syscall.Unlink(dir + "/gocryptfs.conf")
	err = ioutil.WriteFile(dir+"/gocryptfs.conf", conf, 0600)
	if err != nil {
		t.Fatal(err)
	}
	// Add content
	mnt := dir + ".mnt"
	test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo test")
	file1 := mnt + "/file1"
	err = ioutil.WriteFile(file1, []byte("somecontent"), 0600)
	if err != nil {
		t.Fatal(err)
	}
	test_helpers.UnmountPanic(mnt)
	// Change password using stdin
	args := []string{"-q", "-passwd", "-masterkey",
		"b9e5ba23-981a22b8-c8d790d8-627add29-f680513f-b7b7035f-d203fb83-21d82205"}
	args = append(args, dir)
	cmd := exec.Command(test_helpers.GocryptfsBinary, args...)
	cmd.Stdout = os.Stdout
	cmd.Stderr = os.Stderr
	p, err := cmd.StdinPipe()
	if err != nil {
		t.Fatal(err)
	}
	err = cmd.Start()
	if err != nil {
		t.Error(err)
	}
	// New password
	p.Write([]byte("newpasswd\n"))
	p.Close()
	err = cmd.Wait()
	if err != nil {
		t.Error(err)
	}
	// Mount and verify
	test_helpers.MountOrFatal(t, dir, mnt, "-extpass", "echo newpasswd")
	content, err := ioutil.ReadFile(file1)
	if err != nil {
		t.Error(err)
	} else if string(content) != "somecontent" {
		t.Errorf("wrong content: %q", string(content))
	}
	test_helpers.UnmountPanic(mnt)
}
示例#5
0
func TestCtlSock(t *testing.T) {
	cDir := test_helpers.InitFS(t)
	pDir := cDir + ".mnt"
	sock := cDir + ".sock"
	test_helpers.MountOrFatal(t, cDir, pDir, "-ctlsock="+sock, "-extpass", "echo test")
	defer test_helpers.UnmountPanic(pDir)
	req := ctlsock.RequestStruct{
		EncryptPath: "foobar",
	}
	response := test_helpers.QueryCtlSock(t, sock, req)
	if response.Result == "" || response.ErrNo != 0 {
		t.Errorf("got an error reply: %+v", response)
	}
	req.EncryptPath = "not-existing-dir/xyz"
	response = test_helpers.QueryCtlSock(t, sock, req)
	if response.ErrNo != int32(syscall.ENOENT) || response.Result != "" {
		t.Errorf("incorrect error handling: %+v", response)
	}
	// Strange paths should not cause a crash
	crashers := []string{"/foo", "foo/", "/foo/", ".", "/////", "/../../."}
	for _, c := range crashers {
		req.EncryptPath = c
		// QueryCtlSock calls t.Fatal if it gets EOF when gocryptfs panics
		test_helpers.QueryCtlSock(t, sock, req)
	}
}
示例#6
0
// Test DecryptPath and EncryptPath
func TestCtlSockPathOps(t *testing.T) {
	mnt, err := ioutil.TempDir(test_helpers.TmpDir, "reverse_mnt_")
	if err != nil {
		t.Fatal(err)
	}
	sock := mnt + ".sock"
	test_helpers.MountOrFatal(t, "ctlsock_reverse_test_fs", mnt, "-reverse", "-extpass", "echo test", "-ctlsock="+sock)
	defer test_helpers.UnmountPanic(mnt)
	var req ctlsock.RequestStruct
	for i, tc := range ctlSockTestCases {
		// Decrypt
		req = ctlsock.RequestStruct{DecryptPath: tc[0]}
		response := test_helpers.QueryCtlSock(t, sock, req)
		if response.ErrNo != 0 {
			t.Errorf("Testcase %d Decrypt: %q ErrNo=%d ErrText=%s", i, tc[0], response.ErrNo, response.ErrText)
		} else if response.Result != tc[1] {
			t.Errorf("Testcase %d Decrypt: Want %q got %q", i, tc[1], response.Result)
		}
		// Encrypt
		req = ctlsock.RequestStruct{EncryptPath: tc[1]}
		response = test_helpers.QueryCtlSock(t, sock, req)
		if response.ErrNo != 0 {
			t.Errorf("Testcase %d Encrypt: %q ErrNo=%d ErrText=%s", i, tc[0], response.ErrNo, response.ErrText)
		} else if response.Result != tc[0] {
			t.Errorf("Testcase %d Encrypt: Want %q got %q", i, tc[1], response.Result)
		}
	}
}
// Test example_filesystems/v0.7
// with password mount and -masterkey mount
// v0.7 adds 128 bit GCM IVs
func TestExampleFSv07(t *testing.T) {
	cDir := "v0.7"
	pDir := test_helpers.TmpDir + "/" + cDir
	err := os.Mkdir(pDir, 0777)
	if err != nil {
		t.Fatal(err)
	}
	test_helpers.MountOrFatal(t, cDir, pDir, "-extpass", "echo test", opensslOpt)
	checkExampleFS(t, pDir, true)
	test_helpers.UnmountPanic(pDir)
	test_helpers.MountOrFatal(t, cDir, pDir, "-masterkey",
		"ed7f6d83-40cce86c-0e7d79c2-a9438710-575221bf-30a0eb60-2821fa8f-7f3123bf",
		opensslOpt)
	checkExampleFS(t, pDir, true)
	test_helpers.UnmountPanic(pDir)
}
// gocryptfs v0.7 filesystem created with "-plaintextnames"
func TestExampleFSv07PlaintextNames(t *testing.T) {
	cDir := "v0.7-plaintextnames"
	pDir := test_helpers.TmpDir + "/" + cDir + ".mnt"

	test_helpers.MountOrFatal(t, cDir, pDir, "-extpass", "echo test", opensslOpt)
	checkExampleFS(t, pDir, true)
	test_helpers.UnmountPanic(pDir)
	// The actual unmount takes some time, this causes weird problems. Just don't
	// reuse the mountpoint.
	pDir = pDir + ".2"
	test_helpers.MountOrFatal(t, cDir, pDir, "-plaintextnames", "-masterkey",
		"6d96397b-585631e1-c7cba69d-61e738b6-4d5ad2c2-e21f0fb3-52f60d3a-b08526f7",
		opensslOpt)
	checkExampleFS(t, pDir, true)
	test_helpers.UnmountPanic(pDir)
}
// gocryptfs v1.1 introduced AES-SIV
func TestExampleFSv11(t *testing.T) {
	cDir := "v1.1-aessiv"
	pDir := test_helpers.TmpDir + "/" + cDir
	err := os.Mkdir(pDir, 0777)
	if err != nil {
		t.Fatal(err)
	}
	test_helpers.MountOrFatal(t, cDir, pDir, "-extpass", "echo test", opensslOpt)
	checkExampleFSLongnames(t, pDir)
	test_helpers.UnmountPanic(pDir)
	pDir = pDir + ".2"
	test_helpers.MountOrFatal(t, cDir, pDir, "-masterkey",
		"eaf371c3-f9a55336-8819f22b-7bccd7c2-a738cf61-7261c658-14c28a03-9428992b",
		"-aessiv", opensslOpt)
	checkExampleFSLongnames(t, pDir)
	test_helpers.UnmountPanic(pDir)
}
// Test example_filesystems/v0.9
// (gocryptfs v0.9 introduced long file name support)
func TestExampleFSv09(t *testing.T) {
	cDir := "v0.9"
	pDir := test_helpers.TmpDir + "/" + cDir
	err := os.Mkdir(pDir, 0777)
	if err != nil {
		t.Fatal(err)
	}
	test_helpers.MountOrFatal(t, cDir, pDir, "-extpass", "echo test", opensslOpt)
	checkExampleFSLongnames(t, pDir)
	test_helpers.UnmountPanic(pDir)
	pDir = pDir + ".2"
	test_helpers.MountOrFatal(t, cDir, pDir, "-masterkey",
		"1cafe3f4-bc316466-2214c47c-ecd89bf3-4e078fe4-f5faeea7-8b7cab02-884f5e1c",
		opensslOpt)
	checkExampleFSLongnames(t, pDir)
	test_helpers.UnmountPanic(pDir)
}
示例#11
0
// We should not panic when somebody feeds requests that make no sense
func TestCtlSockCrash(t *testing.T) {
	mnt, err := ioutil.TempDir(test_helpers.TmpDir, "reverse_mnt_")
	if err != nil {
		t.Fatal(err)
	}
	sock := mnt + ".sock"
	test_helpers.MountOrFatal(t, "ctlsock_reverse_test_fs", mnt, "-reverse", "-extpass", "echo test", "-ctlsock="+sock,
		"-wpanic=0", "-nosyslog=0")
	defer test_helpers.UnmountPanic(mnt)
	// Try to crash it
	req := ctlsock.RequestStruct{DecryptPath: "gocryptfs.longname.XXX_TestCtlSockCrash_XXX.name"}
	test_helpers.QueryCtlSock(t, sock, req)
}
示例#12
0
// Test -ro
func TestRo(t *testing.T) {
	dir := test_helpers.InitFS(t)
	mnt := dir + ".mnt"
	test_helpers.MountOrFatal(t, dir, mnt, "-ro", "-extpass=echo test")
	defer test_helpers.UnmountPanic(mnt)

	file := mnt + "/file"
	err := os.Mkdir(file, 0777)
	if err == nil {
		t.Errorf("Mkdir should have failed")
	}
	_, err = os.Create(file)
	if err == nil {
		t.Errorf("Create should have failed")
	}
}
示例#13
-1
// Test "-nonempty"
func TestNonempty(t *testing.T) {
	dir := test_helpers.InitFS(t)
	mnt := dir + ".mnt"
	err := os.Mkdir(mnt, 0700)
	if err != nil {
		t.Fatal(err)
	}
	err = ioutil.WriteFile(mnt+"/somefile", []byte("xyz"), 0600)
	if err != nil {
		t.Fatal(err)
	}
	err = test_helpers.Mount(dir, mnt, false, "-extpass=echo test")
	if err == nil {
		t.Errorf("Mounting over a file should fail per default")
	}
	// Should work with "-nonempty"
	test_helpers.MountOrFatal(t, dir, mnt, "-nonempty", "-extpass=echo test")
	test_helpers.UnmountPanic(mnt)
}
示例#14
-1
// Test "mountpoint shadows cipherdir" handling
func TestShadows(t *testing.T) {
	mnt := test_helpers.InitFS(t)
	cipher := mnt + ".cipher"
	err := os.Rename(mnt, cipher)
	if err != nil {
		t.Fatal(err)
	}
	// This should work
	// (note that MountOrFatal creates "mnt" again)
	test_helpers.MountOrFatal(t, cipher, mnt, "-extpass=echo test")
	test_helpers.UnmountPanic(mnt)
	cipher2 := mnt + "/cipher"
	err = os.Rename(cipher, cipher2)
	if err != nil {
		t.Fatal(err)
	}
	// This should fail
	err = test_helpers.Mount(cipher2, mnt, false, "-extpass=echo test")
	if err == nil {
		t.Errorf("Should have failed")
	}
}