| Age | Commit message (Collapse) | Author |
|---|
|
Complete the new Build System
|
|
This change rewrites .travis.yml to use many build stages/jobs. This
allows our build to run faster, as almost all jobs run in containers.
Stage 1: Run on all pushes to all branches
- Job Build: just runs "make" to make sure everything is OK
Stage 2: Run on all PRs and pushes to master
- Job Lint: Makes sure dep, "make gen", "make format", and "make lint"
are all happy.
- Job Build 1: Make sure "go get" and "make" will work. This job will
later run unit tests.
- Job Build 2: Same as Job Build 1, except with another go version.
- Job Integeration: Run integration tests (needs sudo, so needs VM)
Stage 3: Run on releases (if other stages pass)
- Job Deploy: Publishes amd64 binaries to GitHub.
|
|
This change is a complete rewrite of fscrypt's Makefile.
The new build rules can be roughly divided into secions:
Build - bin/fscrypt and bin/pam_fscrypt
Linting - gen (for .proto files), format, lint
Test - test, test-{setup|teardown}, coverage.out
Install - install, uninstall, install-{bin|pam}
Tools - tools and other bin/* needed for the other rules
As before, "make" builds the binary and pam_module, while "make all"
builds and tests everything (except for integration tests), and "make
clean" removes any generated files.
Also note that this new build system:
- Doesn't require input_fail.py
- Properly falis on linter errors
- Builds everything into the bin/ directory (customizable)
- Builds all the vendored tools
|
|
Ideally, we would just use "golint ./..." to check all our our source
files for lint error. However, this does not work because it will
include all packages in the vendor directory. The pull request at:
https://github.com/golang/lint/pull/325
fixes this issue, so we will use it until the PR has been merged.
|
|
This change vendors the source for all our build, formatting, and
linting tools. Generated by running "dep ensure".
|
|
This change ot Gopkg.toml will make it easier to build the linting and
formatting tools. Vendoring their source also makes sure that updates to
these tools do not break the build.
|
|
This change updates dependancies to be consistent with Gopkg.toml.
This change was generated by running "dep ensure".
|
|
fscrypt directly depends on 5 repositories (8 packages). This change
adds those dependancies to Gopkg.toml, so that they can be properly
versioned. Note that the golang.org/x repositories do not use semver.
|
|
The tests added in this change are trivial, but they make sure that
every package has a non-zero number of tests. This is important for
eventually increasing test coverage.
|
|
Our current build tags set off the linter. We will later add in more
comprehensive build tags that will be properly formatted.
|
|
Move to x/crypto/argon2
|
|
|
|
Now that Argon2 is simply and implementation detail of the `crypto`
package, and no a build dependancy, we don't need it in Travis or in the
documenation for building fscrypt.
|
|
Use the golang library for the hashing function instead of the reference
C implementation. This removes the dependancy on libargon2. As we are no
longer doing our own error checking, we also eliminate those tests.
|
|
Start using Dep
|
|
Add dep instalation, remove govendor from go tools, and add a check for
dependancies.
|
|
This change transitions to dep, sets up Gopkg.toml, and purnes the
maximum allowable number of files.
|
|
Moves from goimports to [goreturns](https://github.com/sqs/goreturns).
This should not effect any code that already compiles as goreturns only
adds zero return values, then runs goimports.
This is mainly to help improve ergonomics when dealing with multiple
return types.
|
|
|
|
Fix typo in README.md
|
|
|
|
Limit the amount of RAM that will be used
|
|
|
|
Fixes #73.
Adds maxMemoryBytes as 128MiB and cleans up the helper
functions/variables to make it more clear which values are a number of
bytes, and which values are a number of KiB.
|
|
Typos
|
|
|
|
Makefile cleanup
|
|
|
|
travis: update go version
|
|
|
|
security: Sync filesystem before dropping caches
|
|
|
|
Update all external dependencies to the latest version
|
|
security: Add check option to UserKeyringID
|
|
|
|
|
|
|
|
|
|
|
|
This changes the vendored sources of github.com/golang/protobuf,
golang.org/x/crypto/ssh, and golang.org/x/sys/unix to be the current
master versions.
|
|
We should always log the descriptor not the entire policy structure.
|
|
Fixed failures in PAM module
|
|
Now the user is persented with help when they try to access a keyring
that isn't theirs or try to use fscrypt without a user keyring linked
into the session keyring.
|
|
Chaning the --user flag to (optionally) check for a proper keyring setup
allows us to fail early in cases where we need a working keyring.
|
|
Now instead of spawning a seperate thread we alternate between changing
the euid and ruid to both find the keyring and link it to the process
keyring. Note that we also ensure that the user keyring is linked into
the root keyring whenever possible.
|
|
This was creating an issue becasuse fully dropping privileges required
spawning a goroutine and using rutime.DropOSThread().
|
|
Now the offending panic will just be logged and the module will fail.
This is important as to not crash the login process.
|
|
Changes to the keyrings interface, corresponding UI changes, and misc changes
|
|
Use `/dev/disk/by-uuid` to get UUID links to other filesystems
|
|
|
