Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

EncFS development ? #314

Closed
benrubson opened this issue Mar 20, 2017 · 25 comments
Closed

EncFS development ? #314

benrubson opened this issue Mar 20, 2017 · 25 comments

Comments

@benrubson
Copy link
Contributor

Hi,

Of course I think I'm not the only one to widely use encfs, which is a very nice and useful product.
I then think that many of us would really be happy to see the encfs development start again, at least to correct the well known security issues.

@vgough, may I then ask you, do you have some plans regarding this ?
@rfjakob, perhaps you also have some plans ?

Here is the list of important security issues :

Related improvement ?

Interesting improvements :

I pushed some PR in the past few weeks to correct some issues, to improve error checking, to add some new options... but not sure I'll be able to handle the above few points.

Many thanks for your feedback 👍

Ben

@samrocketman
Copy link
Collaborator

I'm adding a comment because I'm interested in this discussion. I mostly just do code reviews for this project and find little things here and there to contribute.

@danim7
Copy link

danim7 commented Mar 21, 2017 via email

@rfjakob
Copy link
Collaborator

rfjakob commented Mar 21, 2017

The EncFS project has been running for pretty long now, the git history goes back to 2008, and the first release was 2003. Development has stalled for a while until the project moved to Github in 2014 with the help of @samrocketman . The original author, vgough, put this paragraph on the front page:

EncFS has been dormant for a while. I've started cleaning up in order to try and provide a better base for a version 2, but whether EncFS flowers again depends upon community interest. In order to make it easier for anyone to contribute, it is moving a new home on Github. So if you're interested in EncFS, please dive in!

There are still fixes and smaller changes being merged, and occasionally vgough pushes a bigger thing (like replacing the whole build system with cmake). This is mostly maintainance, though. There is no development happening towards a new on-disk format that fixes the security issues, the so-called "EncFS 2.0".

I think to make EncFS 2.0 happen we will need somebody to step up and lead the "2.0 project".

@ostaszewskik
Copy link

Why I don't see 2.x branch? I hear about Encfs 2.0 coming, but I cannot find the code... @vgough if you provided a crowdfounding page to support the project, I'd happily make a PayPal donation.

@rfjakob
Copy link
Collaborator

rfjakob commented Mar 24, 2017

Well, that's because it does not exist. As you may know, my opinion for EncFS 2.0 was to start afresh, and the result is called gocryptfs. It's stable already and has been audited recently.

@benrubson
Copy link
Contributor Author

benrubson commented Mar 24, 2017

Thank you very much @rfjakob for your feedback 👍

Do you have some news from @vgough ? Do you think he would be OK to lead the 2.0 project ?
Perhaps some issues could be simply corrected without having to change the whole on-disk format, simply changing encfs behaviour depending on the configuration file version.

Perhaps we could also think about closing issues which do not need to be opened anymore ?
We would have a better view.

And what about PR which are opened, will they be reviewed & merged ?
BTW, IMO, we may pay attention to code sanity (functions return code, error handling...) which is really important in a data encryption product.

Many thx again 👍

@samrocketman
Copy link
Collaborator

samrocketman commented Mar 25, 2017

vgough (the original author) moved it to Github in 2014

One minor correction, though not very relevant for the overall discussion. I migrated the project from SVN preserving authorship. That's how I have commit access despite not making any meaningful contributions (other than the migration, some documentation, and a few reviews).

I'm mostly a user of EncFS and cared about it continuing.

@rfjakob
Copy link
Collaborator

rfjakob commented Mar 25, 2017

Ah, I was not aware of that, nice! I updated my comment.

@rfjakob
Copy link
Collaborator

rfjakob commented Mar 25, 2017

@benrubson No, I have not heard from vgough for a while, but he does merge pull requests every now and then. I'll also continue to try to review and merge pull requests. But I can only merge things that I can confidently judge as safe.

As for the 2.0 project, I think somebody else will have to lead it.

@benrubson
Copy link
Contributor Author

Thank you for your feedback @rfjakob and for your effort trying to review pending issues & pull requests 👍
Let's hope we will have some news from @vgough :)

@ostaszewskik
Copy link

@rfjakob many thanks for providing info about your project gocryptfs! Can you post a link to a security audit? As far as I know among gocryptfs, ecryptfs,cryptomator, securefs, CryFS and encfs only the last one has had a professional audit. For that reason I prefer to keep on using a software with known holes rather than believe others don't have it.

@rfjakob
Copy link
Collaborator

rfjakob commented Mar 30, 2017

The gocryptfs audit is here: https://defuse.ca/audits/gocryptfs.htm
If you have any questions or comments, feel free to post in the "Audit Results" ticket: rfjakob/gocryptfs#90

@emanuil-tolev
Copy link

@rfjakob I appreciate gocryptfs (I use it), but there are a lot of usability issues around it. EncFS is currently usable on Android, gocryptfs is not. I just went through 2 hours of compiling SiriKali and gocryptfs on a friend's Mac, with the end result of gocryptfs being unable to mount the volume (could be a go-fuse issue rather than crypto issue). We have both EncFS and gocryptfs volumes, so we could compare .. and EncFS just worked immediately on the Mac.

Starting afresh is probably the best option 14 years later, but there's a lot to still do.

@benrubson
Copy link
Contributor Author

EncFS is currently usable on Android

I agree, as I stated there :
I also think that it would be nice to keep encfs maintained : it has been audited, so security issues are known, and then could certainly be corrected.
In addition it is widely used, sometimes in production environments, it's then quite difficult to migrate from encfs to another product.
It is also written in C++ which makes it easy to install on a wide range of systems : Linux, FreeBSD, Synology / Qnap...
Perhaps we could start the dev again ? Would be really nice 👍

@samrocketman
Copy link
Collaborator

samrocketman commented May 13, 2017

One comment I'd like to add. As a user of EncFS I really appreciate all of the work @vgough @rfjakob @benrubson @danim7 @charles-dyfis-net @jetwhiz and all of the contributors who have kept this project alive. I enjoy using your work to secure personal files.

@benrubson
Copy link
Contributor Author

Let's hope we will have some news from @vgough :)

We do have, many thanks for being back into the business since a few weeks 👍

@vgough
Copy link
Owner

vgough commented Aug 26, 2017

Thank you all for keeping encfs alive. A few years ago, I had created a development branch to really cleanup code, separate out legacy cipher from new cipher framework, and add a few alternatives to openssl. Some bits of that, like cmake support, were eventually merged into master, but I don't have that kind of time today for large changes.

If I were to start over, I like rfjakob's work on gocryptfs, in part because Go has been my primary language for work the last 3 years. If you're running on Linux, I'd give it a try. Unfortunately the "pure go" FUSE library may be hit or miss for a while, since what's really standardized in FUSE between platforms is the FUSE C API rather than the wire protocol.

Eventually I expect that the available Go FUSE libraries will be good enough to work on all platforms, and if I were to start encfs today I would almost certainly use a language like Go.

@benrubson
Copy link
Contributor Author

Unfortunately yes the go FUSE lib is not available everywhere, whereas the FUSE C API is, and is really actively maintained and updated.
This makes the C++ EncFS project compatible with almost everything, Linux, Mac, *BSD, every unix box... Even Windows... This is why I like it 👍 Whatever the devices we are going to use, we will be able to rely on EncFS, as we always did. This makes EncFS a strong competitor 👍

I think that with last committed bug corrections, sanity checks and lint methods, the upcoming version will be nice and "strong".

Improving it at least correcting security issues listed in first post would make it brillant, without having to migrate (personal usage and/or productions) to a new product (which is then sometimes impossible).
For sure we are not so far from this !

Many thanks 👍

mouse07410 added a commit to mouse07410/encfs that referenced this issue Sep 5, 2017
…72..37bc3ac

37bc3ac upping the version to 5.0.1 to fix release vs. source problem
8c9e313 remove error string inline. hopefully helps with odd linking issues
563ee82 Merge pull request vgough#571 from hyperair/cmake-add-test
4ee9ebd Merge pull request vgough#570 from jasjuang/master
a4f48c1 Merge pull request vgough#572 from Dmitry-Me/swapFoundAndExpected
9832a5f "Found" and "expected" were swapped in some tests
48d45b2 Use `make test` in travis.yml
5381145 Use CTest to add xmltest as a testcase so make test works
a5ab98a fix issue vgough#516
369f306 Merge branch 'master' of github.com:leethomason/tinyxml2
8bba8b4 mark unused enums
3f169ac Merge pull request vgough#568 from Dmitry-Me/checkParsingErrorEarlier
86be0cd Merge pull request vgough#566 from redagito/master
aea64c4 Test parsing result as early as possible
dfcf548 CMake fix for static library only build
9201bb9 Merge pull request vgough#563 from Dmitry-Me/betterParameterNameInClone
3f63f21 Better parameter name
9e2d29b weird compile issues
82bb074 tweak test
224ef77 add test case
8a76361 fix incorrect factoring
bc52755 Merge pull request vgough#558 from leethomason/clone
5cfb946 Merge pull request vgough#562 from Dmitry-Me/testMemoryLeaksInDebugHeap
275067a Merge pull request vgough#561 from Dmitry-Me/unlinkedElementsAssertions
ed78570 Programmatically check no leaks are reported in the VC++ debug heap
c2f677b Unlinked nodes assertions
1346a17 tweak comments. fix copy to self case.
1bbc66b Merge branch 'master' into clone
e84f68a Merge branch 'memleak2'
b754ddf address feedback from review
7ce75bc Merge pull request vgough#557 from jasjuang/master
816d3fa Fix string leaking (and destructors not getting called) when there are XMLNodes that aren't in the document tree
53858b4 minor formatting fix and very strange memory tracker missing
ced18c0 missing var??
a30f8bd Merge remote-tracking branch 'origin/master' into clone
b29f556 comment
7085f00 deep copy and clone
f66441e add in support for cmake export, manual Findtinyxml2.cmake is no longer needed
33a1f8b Merge pull request vgough#552 from Dmitry-Me/ensureNoOverrunBeforeCopy
7538286 Merge pull request vgough#535 from jnguyen75/build-tests-option
243ddf5 Ensure no overrun before copying
105f32f Merge remote-tracking branch 'origin/master' into build-tests-option
174a5df Merge pull request vgough#551 from eco/patch-1
9333cfd Add "d" library suffix for debug builds
7b40ce1 Merge pull request vgough#534 from jnguyen75/ref-test-resources
b840b7e Merge pull request vgough#547 from Dmitry-Me/clarifyVariableNames
10b8ecc Clarify variable names
2b0453f Merge pull request vgough#545 from Dmitry-Me/fullyUseEnum
e503563 Fully use enum
fc05f63 Merge pull request vgough#543 from Dmitry-Me/pointerAssertInShallowEqual
ba68a3a Pointer assertion
395ea09 Merge pull request vgough#538 from Dmitry-Me/suppressC6011
71e2c08 Merge pull request vgough#537 from Dmitry-Me/clearerMemberName
7221b49 Suppress C6011 code analysis false positive warning
ae8a82a Clearer variable name
92c0ef3 Merge pull request vgough#527 from Dmitry-Me/reuseNodesCreationCode
2aebfb7 Extract and reuse nodes creation code
1e0b4e6 Use generator expression to specify target output directory for resources directory
7f2ce0d Updated Windows build script to change directory instead of copying files to run xmltest
6bf64fb Use CMake to create resources/out directory
47c7d70 Added BUILD_TESTS option to enable/disable building of xmltest
b37cb42 Merge pull request vgough#513 from leethomason/bool-write
0f42e24 Merge pull request vgough#529 from Winestone/master
969b8c2 Replaced DATA_COPY target with post build command to copy the resources directory
5277134 Removed empty install() command
4a07484 Fix typo in CMakeLists.txt
962732f Merge pull request vgough#520 from Dmitry-Me/initMemberVars2
d120d64 Initialize member variable
1f5ab7c Merge pull request vgough#517 from Dmitry-Me/initMemberVars
f89bd3e Initialize member variables
c5c99c2 tweaks to bool serialization
f458d26 fix const. hopefully.
ce667c9 ability to set bool write values
5b733ff Merge pull request vgough#504 from Dmitry-Me/ensureLinkPointersAreNotOverwritten
c3a1915 Merge pull request vgough#510 from leethomason/kezenator-line-numbering
e90e901 tweaks, clarification to line numbers
0027138 Merge remote-tracking branch 'origin/master' into kezenator-line-numbering
855a66c Merge pull request vgough#509 from leethomason/fix-win-dll-build
ef7fe0f fix windows dll build/run
34a3f8e Ensure existing attributes are not leaked on attribute insertion
19d8ea8 CodeReview Fix: GetLineNum()?
e353181 CodeReview Fix: initialLineNum? Something a little more descriptive?
e3d4415 CodeReview Fix: The initializer syntax isn't used. Should be 'int unusedLineNum = 0`
4f75616 CodeReview Fix: The non-const reference syntax isn't used in the codebase. Should be a pointer.
2489afc Merge branch 'master' of https://github.com/leethomason/tinyxml2
a43ff72 Removed line numbering support as an advantage of TinyXML-1. Added error reporting system that discusses the support for line number information.
ec69415 Added line number reporting to parse errors and to all nodes and attributes for parsed documents.
156bc1b Merge pull request vgough#502 from Dmitry-Me/reuseClearError
5bbb6fb Merge pull request vgough#500 from Dmitry-Me/reuseAttributeCreation
5a70071 Added static method to convert arbitrary ErrorID to a string. Updated tests to print ErrorID and bool values as strings.
0d2cef0 Reuse code for error clearing
a60caa2 Reuse attribute creation code
f80d78d Merge pull request vgough#499 from Dmitry-Me/unifyNullComparisons
ebb1660 Unify null pointer checks
7de0b6d Merge pull request vgough#493 from leethomason/jwittner
d04f21c Merge pull request vgough#496 from Dmitry-Me/detectDeclarationPlacement
446c3bc Declarations should occur before anything else
cd47f8e Merge pull request vgough#495 from Dmitry-Me/pointerAssertionAfterIdentify
4336431 Pointer post-assertion
13cbc9a add test files. fix doc.
c9a6102 Merge branch 'master' of git://github.com/jwittner/tinyxml2 into jwittner-master
6bbcda0 Merge pull request vgough#490 from Dmitry-Me/avoidCastToSigned
15ad071 Merge pull request vgough#489 from Armagetron/master
ed2627e Merge pull request vgough#487 from jwittner/dev/slnFixes
c5f1e7c Avoid cast to signed integer type
3c21d6f Use correct file pointer
f6106be Merge pull request vgough#488 from Dmitry-Me/reuseElementWithNameCheck
ecb9b07 Reuse "is element with name" check
edb3261 Ignore SLn output dirs, VC files
01f6cca Standardize output directory - fixes conflicts
513e69b Merge branch 'master' of https://github.com/leethomason/tinyxml2
cf3dd09 Move implementations to cpp
e8157ff Merge pull request vgough#484 from kainjow/patch-2
b2f4dc2 Merge pull request vgough#483 from kainjow/patch-1
0d3de1e Merge pull request vgough#482 from Dmitry-Me/stringEqualAssertions
318252a Fix warning on PowerPC
3c97724 Fix typo
21f9969 Assertions in string comparison
f00c179 Merge pull request vgough#480 from kurylo/fix/2016-09-29-cmake-warning
7fcf31b Merge pull request vgough#477 from bejado/XML_NO_ERROR_Comments
6f1ad61 Merge pull request vgough#471 from Dmitry-Me/loopInvariantAssertions
aad6187 Fix cmake warnings on new cmake versions.
3b9cf99 Update comments to reflect single successful return type
e9b547a Merge pull request vgough#475 from Dmitry-Me/splitAccessAndAdjustment
3a621f5 Added default values TypeText accessors
fed5112 Split access and pointer adjustment
584af57 fix error string memory errors
2e14517 Merge pull request vgough#474 from Dmitry-Me/unifyIncDecOps
24694e9 Merge pull request vgough#473 from Dmitry-Me/preferConstAccess
0d667f8 Merge pull request vgough#472 from Dmitry-Me/pointerAssertionsStrPairSet
3161a33 Unify increments and decrements
2449582 Use const where const is enough
6fc38ec Pointer assertions for substring
f9f3c3e Loop invariant pointer assertions
4fe8c10 Merge pull request vgough#469 from Trebgarta/master
a369d4b Merge pull request vgough#468 from Dmitry-Me/reuseDeleteChild
1f212f3 Bool-related tests modified to pass
de45d04 SetAttribute: true/false rather 1/0
9cb4eca Reuse DeleteChild()
0bb5901 Merge pull request vgough#466 from Dmitry-Me/makeCommentMoreConcise
9faf14d Merge pull request vgough#465 from Dmitry-Me/unifyNodeDeletion
cb6461c Merge pull request vgough#464 from mwoehlke-kitware/elf-visibility
c7805c5 Merge pull request vgough#463 from Dmitry-Me/clarifyMemoryPoolParts
caa72a6 Make comment more concise
4de7abb Unify node deletion
8170bdc Build with hidden symbols by default
a8e7ea7 Set ELF visibility
88145b8 Clarify "block" and "chunk"
75c8f40 Merge pull request vgough#459 from Elbrasch/master
1043f6f Merge pull request vgough#460 from Dmitry-Me/pointerAssertion
db02b21 Pointer assertion for contract clarity
e1a82c1 Added void XMLPrinter::PushText( int64_t value ), which was declared but not implemented.
74d44ac fix compile issues on clang
c944546 fix permissive casting.
5bf60e9 try to fix the lld issue
6ba2a07 upping the major version. lots of small (incompatible) changes, and the addition of int64 support.
af9bce1 support user data
536a4cd Merge branch 'master' into int64support
098bd1f fix project file version
53b0727 Merge pull request vgough#453 from morinim/issue425
0f45b24 Fixes issue vgough#425
d7e5f47 Merge pull request vgough#445 from kurylo/master
2818e67 Add INCLUDE_DIRECTORIES on the targets for supported cmake versions.
2fe47ea Merge pull request vgough#443 from TheZoc/patch-1
04639a5 Standardized static library output name
1889c3e try to make gcc happier
51c1271 add int64 support
a572db1 ps3 support
8553625 one successful return type. simplify build on vs2015
df4ffc0 fix warning up from vs2015
41599e2 Merge branch 'master' of git://github.com/TheZoc/tinyxml2 into TheZoc-master
ceb6468 Merge pull request vgough#438 from TheZoc/osx-makefile
d3f5c31 remove unused XMLBase
48daa2d Updated Makefile to allow building TinyXML2 as a static library
31d6c87 Merge pull request vgough#435 from ongjunjie/master
1f16f9d Updated to VS 2015
47f9931 minimize file copying on incremental builds
bb4d246 update to VS 2013
97837e7 Merge pull request vgough#428 from wvvelzen/WarningsFix
3d60e25 Merge pull request vgough#427 from wvvelzen/bcb6fix
0aeac18 Fix 2 "Condition is always true" compiler warnings.
67abee5 Fix for Borland C++ Builder 6
fe5dbdb Merge pull request vgough#414 from ReadmeCritic/master
d175e9d Merge pull request vgough#413 from Darksun2010/master
ff71413 Correct the capitalization of Xcode in README
6bf8a07 space misses in the comment of CMakeLists.txt
c8dad95 Merge pull request vgough#410 from Dmitry-Me/assertForFTellReturn
96b110d Assert to ensure ftell() behaves as expected by later code
9ff6654 Merge pull request vgough#407 from JarleStrand/fix-deletechild
81abfd6 Error fix DeleteChild
9c8582c Merge pull request vgough#401 from Dmitry-Me/assertForNonNullString
0515fa9 Assertion in StrPair::SetStr()
f47b20f fix readme syntax
dffea57 remove mystery comment
fe5b7a5 Merge pull request vgough#393 from Dmitry-Me/fixSetTextDescription
9e9c85b Fix SetText() description spelling
7bc9201 remove static-assert accidentally checked in.
598a88d used stdlib strncmp function
e4c0738 Merge pull request vgough#383 from Chocobo1/travis
f2c6b11 readme.md: add CI build status badges
a58de11 Add appveyor.yml
87a8e71 TravisCI: support osx build
e4f8ba8 Merge pull request vgough#381 from ya1gaurav/patch-1
a589da4 Merge pull request vgough#380 from Dmitry-Me/getRidOfWtypeLimits
60af433 Travis also support clang.
901fed5 Get rid of -Wtype-limits warning
2aee5e1 Merge pull request vgough#379 from renu555/renu555-patch-5
27eb078 Merge pull request vgough#372 from jasjuang/master
d7f2cce Create .travis.yml
8ac308d Merge pull request vgough#376 from renu555/renu555-patch-1
871d72f Build tinyxml2 as static library
b5d51e8 Merge pull request vgough#371 from PKEuS/master
f6002e6 add in support for sudo make uninstall
cac7578 Declared *PRINTF wrappers as static
2beb560 Merge pull request vgough#367 from Dmitry-Me/preAssertsToEnsureNoBufferLeaks
96f38cc Asserts to ensure old buffer is not leaked when allocating a new one
bb8fd3c Merge pull request vgough#364 from PKEuS/master
7ae888a Merge pull request vgough#363 from Dmitry-Me/outputLengthAsserts
d101a9b Merge pull request vgough#366 from yang-le/master
14d5490 add *.o to .gitignore
358202c Moved include of <cstdarg> to cpp file
1d32e58 Asserts for formatted output length
78fca3d Merge pull request vgough#361 from RossBencina/master
fd6ad7e Merge pull request vgough#362 from Dmitry-Me/useElementName
886ad97 Use "name" for element name
e7fa0e1 fix compiler warning (XCode 4.6.1 x86_64) tinyxml2.cpp:2146:77: Implicit conversion loses integer precision: 'const size_t' (aka 'const unsigned long') to 'const int'
eb89ef6 Merge pull request vgough#360 from Dmitry-Me/documentConsistencyAsserts
66487eb Document consistency asserts
400e5b2 Merge pull request vgough#358 from Dmitry-Me/betterDocumentWarningSuppression
8dd493b Better document warning suppression code
4824e95 Merge pull request vgough#343 from Dmitry-Me/checkEntityWasPrinted
70fd52a Merge pull request vgough#354 from Dmitry-Me/properCapsVisualStudio
1ca593c Proper capitalize Visual Studio in comment
aebaeea Merge pull request vgough#353 from Dmitry-Me/unselessConst
73f08a3 Merge pull request vgough#352 from Dmitry-Me/consistencyAsserts
aa8566b fix a macro version check
7865aad Useless const
2f5a103 Consistency asserts
53db4a6 move to cpp file.
1527cf4 Patch for Visual Studio 2003 and earlier.
2b2649e Merge pull request vgough#349 from Dmitry-Me/properHandleSmallBufferOnCe
687bf82 Don't use -1 as buffer length
39c399a Ensure proper pattern was found and printed
91f2dcf Merge pull request vgough#342 from Dmitry-Me/testErrorNames
32de9f0 Merge pull request vgough#341 from Dmitry-Me/cleanupComment
a1beddf Test error name is non-empty for the whole range
962083b Remove redundant comment, fix typo and formatting
735ce51 Merge pull request vgough#339 from Dmitry-Me/properFixGccSignCompare
ca86a0f Proper fix gcc -Wsign-compare
c879a4d Merge pull request vgough#338 from Dmitry-Me/removeAmbiguousEnumItems
949ae37 Merge pull request vgough#337 from Dmitry-Me/checkEntityFoundExplicitly
03d0f4e Merge branch 'SirR4T-assert-fires-when-calling-XMLDocument--Value'
8549202 clean up Value of XMLDocument
c52aa55 Merge branch 'SirR4T-patch-1'
7a93b33 tighten up the error checks
2ecc203 Merge branch 'patch-1' of https://github.com/SirR4T/tinyxml2 into SirR4T-patch-1
5420e54 Get rid of two distinct enum items with same same
764545e Explicitly check entity was not found
3df007e Fix and use correct pointers and types.
96b4346 Remove unnecessary cast in XMLNode::Value()
d608c56 Fix up xmltest.cpp
ff53d71 Merge pull request vgough#335 from SirR4T/SirR4T-add-DEBUG-macro-in-CMakeLists_txt
1bf04fd Merge pull request vgough#330 from Dmitry-Me/avoidUnneededPrinterCreation
9afd1d0 Clarify meaning of 'empty'
9c3122b Bypass asserts for `XMLDocument::Value()`
13b2d73 Add null-checks in `XMLTest()`
a7edb88 Add a test case for issue vgough#323
39a77dd Define the `DEBUG` macro in CMakeLists.txt
8e85afa Fix whitespaces in xmltest.cpp
2f0d173 Fix whitespaces in tinyxml2.cpp
a0f499d Fix ParseDeep() to close issue vgough#332
2bb6bb5 Add a test case for issue vgough#332
67c429e Avoid unneeded printer object creation
e5e5541 Merge pull request vgough#328 from Dmitry-Me/firstCheckThenConvert
72801b8 First check, then convert
89df56c Merge pull request vgough#327 from Dmitry-Me/ensureFileSizeFitsInSizeT
2a8b1f5 Ensure file contents fit into size_t range
882e89e Merge pull request vgough#326 from Dmitry-Me/cleanupPointersComparison
a295da4 Merge pull request vgough#324 from Dmitry-Me/checkWithoutClangTautological
69d521d Unify pointers comparison, consistency asserts
2ad4320 Range check without clang "always true" warning
4f0c2ff fix 'always true' warning
70f2c74 Merge pull request vgough#322 from Dmitry-Me/detectParsingErrorEarlier
ccd267a Detect parsing error earlier when looking at end of tag
9f24acd Merge pull request vgough#321 from Dmitry-Me/dontLeakTheElement
e3932d6 Merge pull request vgough#319 from Dmitry-Me/getRidOfNull
5ea4f3c Merge pull request vgough#315 from Dmitry-Me/orderPatternsAsTheyAreSearched
2d39158 Merge pull request vgough#317 from Dmitry-Me/moreConsistencyAsserts
5daa54c Don't leak the element
e76b851 Get rid of NULL, cleanup formatting
9614f8f More consistency asserts
4a0392d Merge pull request vgough#314 from Dmitry-Me/ensureEnumIsPrintedProperly
0aa957a Merge pull request vgough#313 from Dmitry-Me/shouldBeNoErrorInitially
400f119 Ensure enum is printed properly
32533ca Test there's no error initially, proper swap "found" and "expected"
a1a4a13 Merge pull request vgough#312 from Dmitry-Me/newDocumentMustBeEmpty
4034395 Merge pull request vgough#311 from Dmitry-Me/betterParameterName
2a2ed16 Merge pull request vgough#310 from Dmitry-Me/moreConst
1881344 Merge pull request vgough#309 from Dmitry-Me/makeParseDeepProtected
48b5df0 Document must be initially empty
0400922 Better parameter name
2667aab Const qualifiers where access is const, unify formatting
9b0f177 Make ParseDeep() protected
51b3332 Merge pull request vgough#308 from Dmitry-Me/mergePrintCalls
8c067ab Merge pull request vgough#307 from Dmitry-Me/simplifyOverengineeredCode
fb33e99 Merge pull request vgough#306 from Dmitry-Me/printSubstringEntirely
6a79c17 Merge Print() calls
8d4e0ec Simplify overengineered code
c505e13 Order patterns the same way they are searched
d95172b Print entire substring instead of each character
28c7c8c Merge pull request vgough#305 from Dmitry-Me/errorShouldBeClearedAfterLoad
55c7879 Merge branch 'Haloric-Issue-302'
f657783 merge fix for save file error
d9852a5 If LoadFile() fails then subsequent successful LoadFile() must clear the error
ea21390 Merge branch 'Haloric-Issue299'
3ccb1ce minor formatting cleanup
189198f Issue 302: clear any previous save error
148cc1a Issue 299 - test for code changes
7e74477 Issue299 - Allow Accept() to work with element trees that are not linked in to the owning document.
32cca51 Merge pull request vgough#300 from davidsanfal/master
01969dc Merge remote-tracking branch 'origin/master'
2b1e181 Merge pull request vgough#298 from Dmitry-Me/fixCommentTypo
5ea1cf3 Merge pull request vgough#297 from Dmitry-Me/betterAssertsInParsing
4633c3a add biicode support
2f465c4 Fix comment typo
3dc797b Better asserts in parsing

git-subtree-dir: vendor/github.com/leethomason/tinyxml2
git-subtree-split: 37bc3aca429f0164adf68c23444540b4a24b5778
@ghost
Copy link

ghost commented Sep 9, 2017

@vgough Hey, I've been using your software for some years and I love it, thank you for creating it. I reccomend it to my friends if they're interested in securing data. Also a thanks to @rfjakob @benrubson @danim7 @charles-dyfis-net @jetwhiz and all other contributors who helped make this software great.

@mouse07410
Copy link

@benrubson a late-comer with an improvement suggestion: add the ability to use smart card (say, PIV and OpenPGP) for volume key wrapping (asymmetric crypto).

@samrocketman
Copy link
Collaborator

Thanks for your work @benrubson

@buhtz
Copy link

buhtz commented Oct 5, 2023

Hello,
I'm member of maintenance team of Back In Time depending on EncFS. We are aware of the security problems and finguring out how to deal (bit-team/backintime#1549 and bit-team/backintime#1248) with it without breaking to much of our features.

I would strongly suggest to update your README.md about the current project status including a time stamp. From reading your README.md it is not clear what is going on. Also the repo itself is not archived yet.

To my understanding EncFS is not in active development and won't be in the future.
The suggest from EncFS maintainer is to move to gocrytfs. Am I right so far?

Does anyone have a migration guide?

@samrocketman
Copy link
Collaborator

samrocketman commented Oct 7, 2023

It's kind of in the same state as it was originally. It's up to project contributors to drive the project; so if nobody is contributing it stagnates. That doesn't necessarily require the repository to be archived.

If by current maintainer suggesting gocryptfs you mean, vgough; I don't see how they suggested what you should use instead. They were musing on if they had to do it all over they'd start with Go and come up with something like gocryptfs. Their comment was clear at the time that go-FUSE didn't provide as good of portability as C bindings. Bear in mind this comment was written 6 years ago so a lot could have changed.

I don't think quoting such an old comment and holding it as their current opinion presents their intent in good faith.

I doubt anyone here can help with your migration unfortunately (I just use EncFS and others took up the mantle to contribute to EncFS but then moved on to other things). Such is the way of open source sometimes.

In general, file based encryption at the file level is going to have some limitations; I suggest looking more into encrypting TAR via standard, modern encryption, such as GPG. In my case, I encrypt my drives with LUKS. I would look at solutions which provide fully wrapped encryption if you want to avoid the security issues pointed out completely (i.e. having multiple copies of encrypted files whose known contents is changing could weaken their seal).

@charles-dyfis-net
Copy link
Contributor

@samrocketman, ...to admittedly go off on a tangent from a very minor piece of your comment (which I otherwise have no qualms with) -- I'm not sure GPG can be described as modern (though OpenPGP being literally standardized, there's no room to argue with "standard").

We know better today than to try to build indefinitely backwards-compatible protocols (enabling downgrade attacks and the ability for attackers to construct content that triggers little-used or untested codepaths, both of which OpenPGP implementations are prone to), which is why modern tools like minisign or saltpack or age deliberately bake in their algorithm choices.

We know better today than to try to build encryption tools with streaming APIs that treat decryption and signature validation as two completely separate operations (such that content can be decrypted and streamed to stdout -- and thus used by software trying to consume it -- before any signature validation is performed; older versions of OpenPGP also let an attacker strip the signature packets altogether without causing a consumer to even exit with a nonzero status -- but when you're streaming a decryption operation to something like sh or tar that immediately enacts its input, a nonzero exit status comes too late anyhow, making piping stdout from even modern OpenPGP risky).

We know about Authenticated Encryption with Associated Data -- with widespread and solid implementations of algorithms like GCM sitting at the heart of newer tools -- and the importance of designing wire protocols and data formats to make the obvious and easy implementation more likely to be correct, design considerations that were a decade away from being taken seriously in cryptography when PGP was first designed.

Today, we know better than to use PGP.

@samrocketman
Copy link
Collaborator

samrocketman commented Oct 7, 2023

Today, we know better than to use PGP.

Didn't mean to paint myself as an expert; hopefully I made clear I am a user of EncFS and don't really dive into its internals.

The only reason why I'm particular to using GPG over other tools is during the snowden revelations the leaked NSA files mentioned GPG gave them trouble. So as an encryption layman I tend to lend it some trust from that real world breach of information. I don't have any scientific reasoning as to why anyone should use anything so I probably shouldn't have suggested any alternatives; I was trying to be helpful but it could lead others down the wrong path in this case.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

10 participants