On Tuesday 28 June 2005 16:31, Valient Gough wrote: > The patch from my previous mail should work. I will be releasing a new > version after I've had a chance for more testing.
I did some testing today and found that the previous patch caused a problem as big as the one it solved -- IV headers of new files not properly initialized with the patch. The attached patch is an improvement, although it is not optimal speed-wise as it re-introduces a per-file lock in the read pipeline. Still a work in progress. regards, Valient
--- old-encfs-1.2/encfs/FileNode.cpp 2005-05-17 21:01:55.000000000 +0200 +++ new-encfs-1.2/encfs/FileNode.cpp 2005-06-30 01:00:04.000000000 +0200 @@ -21,6 +21,7 @@ #include <errno.h> #include <sys/stat.h> +#include <sys/types.h> #include <fcntl.h> #include <unistd.h> #include <sys/fsuid.h> @@ -129,6 +130,15 @@ return _pname.c_str(); } +static bool setIV(const Ptr<FileIO> &io, uint64_t iv) +{ + struct stat stbuf; + if((io->getAttr(&stbuf) < 0) || S_ISREG(stbuf.st_mode)) + return io->setIV( iv ); + else + return true; +} + bool FileNode::setName( const char *plaintextName_, const char *cipherName_, uint64_t iv, bool setIVFirst ) { @@ -137,7 +147,7 @@ rDebug("calling setIV on %s", cipherName_); if(setIVFirst) { - if(externalIVChaining && !io->setIV( iv )) + if(externalIVChaining && !setIV(io, iv)) return false; // now change the name.. @@ -161,7 +171,7 @@ io->setFileName( cipherName_ ); } - if(externalIVChaining && !io->setIV( iv )) + if(externalIVChaining && !setIV(io, iv)) { _pname = oldPName; _cname = oldCName; @@ -245,9 +255,11 @@ req.dataLen = size; req.data = data; - // seems like it should be safe to let reads go on at the same time as - // everything else.. - //Lock _lock( mutex ); + // TODO: remove this lock. This was not used in 1.2.2 and below, but there + // seems to be a race condition in the MAC header processing which affects + // paranoia mode users. Better play it safe until the race can be + // eliminated. + Lock _lock( mutex ); rAssert( refCnt > 0 ); rAssert( retainCount > 0 );
pgprPybtsxwZn.pgp
Description: PGP signature