mount,cmount: run Release asynchronously

Before this change the mount and cmount would run Release synchronously. This would mean that it would wait for files to be closed (eg uploaded) before returning to the kernel. However Release is already running asynchronously from userspace so this commit changes it to do the functionality of Release asynchronously too. This should fix libfuse blocking when Release is active and it is asked to do something else with a file. Forum: https://forum.rclone.org/t/vfs-cache-mode-writes-upload-expected-behaviour/8014
Adds a public IP flag for ftp. Closes #3158
2025-12-06 00:03:32 +00:00 · 2019-05-11 10:21:43 +01:00 · 2019-05-09 22:52:21 +01:00 · 2019-05-08 15:14:51 +01:00 · 2019-05-02 16:22:17 +01:00 · 2019-05-02 14:00:00 +01:00
2510 changed files with 667005 additions and 114399 deletions
--- a/.appveyor.yml
+++ b/.appveyor.yml
@@ -0,0 +1,49 @@
+version: "{build}"
+
+os: Windows Server 2012 R2
+
+clone_folder: c:\gopath\src\github.com\ncw\rclone
+
+cache:
+  - '%LocalAppData%\go-build'
+
+environment:
+  GOPATH: C:\gopath
+  CPATH: C:\Program Files (x86)\WinFsp\inc\fuse
+  ORIGPATH: '%PATH%'
+  NOCCPATH: C:\MinGW\bin;%GOPATH%\bin;%PATH%
+  PATHCC64: C:\mingw-w64\x86_64-6.3.0-posix-seh-rt_v5-rev1\mingw64\bin;%NOCCPATH%
+  PATHCC32: C:\mingw-w64\i686-6.3.0-posix-dwarf-rt_v5-rev1\mingw32\bin;%NOCCPATH%
+  PATH: '%PATHCC64%'
+  RCLONE_CONFIG_PASS:
+    secure: HbzxSy9zQ8NYWN9NNPf6ALQO9Q0mwRNqwehsLcOEHy0=
+
+install:
+- choco install winfsp -y
+- choco install zip -y
+- copy c:\MinGW\bin\mingw32-make.exe c:\MinGW\bin\make.exe
+
+build_script:
+- echo %PATH%
+- echo %GOPATH%
+- go version
+- go env
+- go install
+- go build
+- make log_since_last_release > %TEMP%\git-log.txt
+- make version > %TEMP%\version
+- set /p RCLONE_VERSION=<%TEMP%\version
+- set PATH=%PATHCC32%
+- go run bin/cross-compile.go -release beta-latest -git-log %TEMP%\git-log.txt -include "^windows/386" -cgo -tags cmount %RCLONE_VERSION%
+- set PATH=%PATHCC64%
+- go run bin/cross-compile.go -release beta-latest -git-log %TEMP%\git-log.txt -include "^windows/amd64" -cgo -no-clean -tags cmount %RCLONE_VERSION%
+
+test_script:
+- make GOTAGS=cmount quicktest
+
+artifacts:
+- path: rclone.exe
+- path: build/*-v*.zip
+
+deploy_script:
+- IF "%APPVEYOR_REPO_NAME%" == "ncw/rclone" IF "%APPVEYOR_PULL_REQUEST_NUMBER%" == "" make appveyor_upload
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -0,0 +1,50 @@
+---
+version: 2
+
+jobs:
+
+  build:
+    machine: true
+
+    working_directory: ~/.go_workspace/src/github.com/ncw/rclone
+
+    steps:
+    - checkout
+
+    - run:
+        name: Cross-compile rclone
+        command: |
+            docker pull rclone/xgo-cgofuse
+            go get -v github.com/karalabe/xgo
+            xgo \
+                --image=rclone/xgo-cgofuse \
+                --targets=darwin/386,darwin/amd64,linux/386,linux/amd64,windows/386,windows/amd64 \
+                -tags cmount \
+                .
+            xgo \
+                --targets=android/*,ios/* \
+                .
+
+    - run:
+        name: Prepare artifacts
+        command: |
+            mkdir -p /tmp/rclone.dist
+            cp -R rclone-* /tmp/rclone.dist
+            mkdir build
+            cp -R rclone-* build/
+
+    - run:
+        name: Build rclone
+        command: |
+            go version
+            go build
+
+    - run:
+        name: Upload artifacts
+        command: |
+          if [[ $CIRCLE_PULL_REQUEST != "" ]]; then
+              make circleci_upload
+          fi
+
+    - store_artifacts:
+        path: /tmp/rclone.dist
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -0,0 +1,31 @@
+<!--
+
+Welcome :-) We understand you are having a problem with rclone; we want to help you with that!
+
+If you've just got a question or aren't sure if you've found a bug then please use the rclone forum:
+
+    https://forum.rclone.org/
+
+instead of filing an issue for a quick response.
+
+If you are reporting a bug or asking for a new feature then please use one of the templates here:
+
+    https://github.com/ncw/rclone/issues/new
+
+otherwise fill in the form below.
+
+Thank you
+
+The Rclone Developers
+
+-->
+
+
+#### Output of `rclone version`
+
+
+
+#### Describe the issue
+
+
+
--- a/.github/ISSUE_TEMPLATE/Bug.md
+++ b/.github/ISSUE_TEMPLATE/Bug.md
@@ -0,0 +1,50 @@
+---
+name: Bug report
+about: Report a problem with rclone
+---
+
+<!--
+
+Welcome :-) We understand you are having a problem with rclone; we want to help you with that!
+
+If you've just got a question or aren't sure if you've found a bug then please use the rclone forum:
+
+    https://forum.rclone.org/
+
+instead of filing an issue for a quick response.
+
+If you think you might have found a bug, please can you try to replicate it with the latest beta?
+
+    https://beta.rclone.org/
+    
+If you can still replicate it with the latest beta, then please fill in the info below which makes our lives much easier.  A log with -vv will make our day :-)
+
+Thank you
+
+The Rclone Developers
+
+-->
+
+#### What is the problem you are having with rclone?
+
+
+
+#### What is your rclone version (output from `rclone version`)
+
+
+
+#### Which OS you are using and how many bits (eg Windows 7, 64 bit)
+
+
+
+####  Which cloud storage system are you using? (eg Google Drive)
+
+
+
+#### The command you were trying to run (eg `rclone copy /tmp remote:tmp`)
+
+
+
+#### A log from the command with the `-vv` flag (eg output from `rclone -vv copy /tmp remote:tmp`)
+
+
--- a/.github/ISSUE_TEMPLATE/Feature.md
+++ b/.github/ISSUE_TEMPLATE/Feature.md
@@ -0,0 +1,36 @@
+---
+name: Feature request
+about: Suggest a new feature or enhancement for rclone
+---
+
+<!--
+
+Welcome :-)
+
+So you've got an idea to improve rclone? We love that! You'll be glad to hear we've incorporated hundreds of ideas from contributors already.
+
+Here is a checklist of things to do:
+
+  1. Please search the old issues first for your idea and +1 or comment on an existing issue if possible.
+  2. Discuss on the forum first: https://forum.rclone.org/
+  3. Make a feature request issue (this is the right place!).
+  4. Be prepared to get involved making the feature :-)
+
+Looking forward to your great idea!
+
+The Rclone Developers
+
+-->
+
+
+#### What is your current rclone version (output from `rclone version`)?
+
+
+
+#### What problem are you are trying to solve?
+
+
+
+#### How do you think rclone should be changed to solve that?
+
+
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,29 @@
+<!--
+Thank you very much for contributing code or documentation to rclone! Please
+fill out the following questions to make it easier for us to review your
+changes.
+
+You do not need to check all the boxes below all at once, feel free to take
+your time and add more commits. If you're done and ready for review, please
+check the last box.
+-->
+
+#### What is the purpose of this change?
+
+<!--
+Describe the changes here
+-->
+
+#### Was the change discussed in an issue or in the forum before?
+
+<!--
+Link issues and relevant forum posts here.
+-->
+
+#### Checklist
+
+- [ ] I have read the [contribution guidelines](https://github.com/ncw/rclone/blob/master/CONTRIBUTING.md#submitting-a-pull-request).
+- [ ] I have added tests for all changes in this PR if appropriate.
+- [ ] I have added documentation for the changes if appropriate.
+- [ ] All commit messages are in [house style](https://github.com/ncw/rclone/blob/master/CONTRIBUTING.md#commit-messages).
+- [ ] I'm done, this Pull Request is ready for review :-)
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,5 @@ _junk/
 rclone
 build
 docs/public
+rclone.iml
+.idea
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -0,0 +1,26 @@
+# golangci-lint configuration options
+
+linters:
+  enable:
+    - deadcode
+    - errcheck
+    - goimports
+    - golint
+    - ineffassign
+    - structcheck
+    - varcheck
+    - govet
+    - unconvert
+    #- prealloc
+    #- maligned
+  disable-all: true
+
+issues:
+  # Enable some lints excluded by default
+  exclude-use-default: false
+
+  # Maximum issues count per one linter. Set to 0 to disable. Default is 50.
+  max-per-linter: 0
+
+  # Maximum count of issues with the same text. Set to 0 to disable. Default is 3.
+  max-same-issues: 0
--- a/.pkgr.yml
+++ b/.pkgr.yml
@@ -0,0 +1,2 @@
+default_dependencies: false
+cli: rclone
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,27 +1,106 @@
+---
 language: go
-sudo: false
-osx_image: xcode7.3
+sudo: required
+dist: xenial
 os:
- linux
- osx
-go:
- 1.5.4
- 1.6.4
- 1.7.4
+  - linux
+go_import_path: github.com/ncw/rclone
+before_install:
+  - git fetch --unshallow --tags
+  - |
+    if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then
+      sudo modprobe fuse
+      sudo chmod 666 /dev/fuse
+      sudo chown root:$USER /etc/fuse.conf
+    fi
+    if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then
+      brew update
+      brew tap caskroom/cask
+      brew cask install osxfuse
+    fi
+    if [[ "$TRAVIS_OS_NAME" == "windows" ]]; then
+      choco install -y winfsp zip make
+      cd ../..                  # fix crlf in git checkout
+      mv $TRAVIS_REPO_SLUG _old
+      git config --global core.autocrlf false
+      git clone _old $TRAVIS_REPO_SLUG
+      cd $TRAVIS_REPO_SLUG
+    fi
 install:
- git fetch --unshallow --tags
- make vars
- make build_dep
-script:
- make check
- make quicktest
+  - make vars
 env:
-  matrix:
-    secure: gU8gCV9R8Kv/Gn0SmCP37edpfIbPoSvsub48GK7qxJdTU628H0KOMiZW/T0gtV5d67XJZ4eKnhJYlxwwxgSgfejO32Rh5GlYEKT/FuVoH0BD72dM1GDFLSrUiUYOdoHvf/BKIFA3dJFT4lk2ASy4Zh7SEoXHG6goBlqUpYx8hVA=
+  global:
+    - GOTAGS=cmount
+    - GO111MODULE=off
+    - secure: gU8gCV9R8Kv/Gn0SmCP37edpfIbPoSvsub48GK7qxJdTU628H0KOMiZW/T0gtV5d67XJZ4eKnhJYlxwwxgSgfejO32Rh5GlYEKT/FuVoH0BD72dM1GDFLSrUiUYOdoHvf/BKIFA3dJFT4lk2ASy4Zh7SEoXHG6goBlqUpYx8hVA=
+    - secure: AMjrMAksDy3QwqGqnvtUg8FL/GNVgNqTqhntLF9HSU0njHhX6YurGGnfKdD9vNHlajPQOewvmBjwNLcDWGn2WObdvmh9Ohep0EmOjZ63kliaRaSSQueSd8y0idfqMQAxep0SObOYbEDVmQh0RCAE9wOVKRaPgw98XvgqWGDq5Tw=
+    - secure: Uaiveq+/rvQjO03GzvQZV2J6pZfedoFuhdXrLVhhHSeP4ZBca0olw7xaqkabUyP3LkVYXMDSX8EbyeuQT1jfEe5wp5sBdfaDtuYW6heFyjiHIIIbVyBfGXon6db4ETBjOaX/Xt8uktrgNge6qFlj+kpnmpFGxf0jmDLw1zgg7tk=
+addons:
+  apt:
+    packages:
+      - fuse
+      - libfuse-dev
+      - rpm
+      - pkg-config
+cache:
+  directories:
+    - $HOME/.cache/go-build
+matrix:
+  allow_failures:
+    - go: tip
+  include:
+    - go: 1.9.x
+      script:
+        - make quicktest
+    - go: 1.10.x
+      script:
+        - make quicktest
+    - go: 1.11.x
+      script:
+        - make quicktest
+    - go: 1.12.x
+      env:
+        - GOTAGS=cmount
+      script:
+        - make build_dep
+        - make check
+        - make quicktest
+        - make racequicktest
+        - make compile_all
+    - os: osx
+      go: 1.12.x
+      env:
+        - GOTAGS=  # cmount doesn't work on osx travis for some reason
+      cache:
+        directories:
+          - $HOME/Library/Caches/go-build
+      script:
+        - make
+        - make quicktest
+        - make racequicktest
+    # - os: windows
+    #   go: 1.12.x
+    #   env:
+    #     - GOTAGS=cmount
+    #     - CPATH='C:\Program Files (x86)\WinFsp\inc\fuse'
+    #   #filter_secrets: false     # works around a problem with secrets under windows
+    #   cache:
+    #     directories:
+    #       - ${LocalAppData}/go-build
+    #   script:
+    #     - make
+    #     - make quicktest
+    #     - make racequicktest
+    - go: tip
+      script:
+        - make quicktest
+
 deploy:
  provider: script
  script: make travis_beta
+  skip_cleanup: true
  on:
-    branch: master
-    go: 1.7.4
-    condition: "`uname` == 'Linux'"
+    repo: ncw/rclone
+    all_branches: true
+    go: 1.12.x
+    condition: $TRAVIS_PULL_REQUEST == false && $TRAVIS_OS_NAME != "windows"
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -4,31 +4,36 @@ This is a short guide on how to contribute things to rclone.

 ## Reporting a bug ##

-Bug reports are welcome.  Check your issue exists with the latest
-version first. Please add when submitting:
+If you've just got a question or aren't sure if you've found a bug
+then please use the [rclone forum](https://forum.rclone.org/) instead
+of filing an issue.
+
+When filing an issue, please include the following information if
+possible as well as a description of the problem.  Make sure you test
+with the [latest beta of rclone](https://beta.rclone.org/):

  * Rclone version (eg output from `rclone -V`)
  * Which OS you are using and how many bits (eg Windows 7, 64 bit)
  * The command you were trying to run (eg `rclone copy /tmp remote:tmp`)
-  * A log of the command with the `-v` flag (eg output from `rclone -v copy /tmp remote:tmp`)
+  * A log of the command with the `-vv` flag (eg output from `rclone -vv copy /tmp remote:tmp`)
    * if the log contains secrets then edit the file with a text editor first to obscure them

 ## Submitting a pull request ##

 If you find a bug that you'd like to fix, or a new feature that you'd
-like to implement then please submit a pull request via Github.
+like to implement then please submit a pull request via GitHub.

 If it is a big feature then make an issue first so it can be discussed.

 You'll need a Go environment set up with GOPATH set.  See [the Go
 getting started docs](https://golang.org/doc/install) for more info.

-First in your web browser press the fork button on [rclone's Github
+First in your web browser press the fork button on [rclone's GitHub
 page](https://github.com/ncw/rclone).

 Now in your terminal

-    go get github.com/ncw/rclone
+    go get -u github.com/ncw/rclone
    cd $GOPATH/src/github.com/ncw/rclone
    git remote rename origin upstream
    git remote add origin git@github.com:YOURUSER/rclone.git
@@ -43,7 +48,7 @@ When ready - run the unit tests for the code you changed

    go test -v

-Note that you make need to make a test remote, eg `TestSwift` for some
+Note that you may need to make a test remote, eg `TestSwift` for some
 of the unit tests.

 Note the top level Makefile targets
@@ -59,22 +64,31 @@ packages which you can install with

 Make sure you

-  * Add documentation for a new feature
-  * Add unit tests for a new feature
+  * Add [documentation](#writing-documentation) for a new feature.
+  * Follow the [commit message guidelines](#commit-messages).
+  * Add [unit tests](#testing) for a new feature
  * squash commits down to one per feature
-  * rebase to master `git rebase master`
+  * rebase to master with `git rebase master`

 When you are done with that

-  git push origin my-new-feature
+    git push origin my-new-feature

-Go to the Github website and click [Create pull
+Go to the GitHub website and click [Create pull
 request](https://help.github.com/articles/creating-a-pull-request/).

 You patch will get reviewed and you might get asked to fix some stuff.

 If so, then make the changes in the same branch, squash the commits,
-rebase it to master then push it to Github with `--force`.
+rebase it to master then push it to GitHub with `--force`.
+
+## Enabling CI for your fork ##
+
+The CI config files for rclone have taken care of forks of the project, so you can enable CI for your fork repo easily.
+
+rclone currently uses [Travis CI](https://travis-ci.org/), [AppVeyor](https://ci.appveyor.com/), and
+[Circle CI](https://circleci.com/) to build the project. To enable them for your fork, simply go into their
+websites, find your fork of rclone, and enable building there.

 ## Testing ##

@@ -95,42 +109,218 @@ need to make a remote called `TestDrive`.
 You can then run the unit tests in the drive directory.  These tests
 are skipped if `TestDrive:` isn't defined.

-    cd drive
+    cd backend/drive
    go test -v

 You can then run the integration tests which tests all of rclone's
 operations.  Normally these get run against the local filing system,
 but they can be run against any of the remotes.

-    cd ../fs
+    cd fs/sync
    go test -v -remote TestDrive:
    go test -v -remote TestDrive: -subdir

-If you want to run all the integration tests against all the remotes,
-then run in that directory
+    cd fs/operations
+    go test -v -remote TestDrive:

-    go run test_all.go
+If you want to use the integration test framework to run these tests
+all together with an HTML report and test retries then from the
+project root:
+
+    go install github.com/ncw/rclone/fstest/test_all
+    test_all -backend drive
+
+If you want to run all the integration tests against all the remotes,
+then change into the project root and run
+
+    make test
+
+This command is run daily on the integration test server. You can
+find the results at https://pub.rclone.org/integration-tests/
+
+## Code Organisation ##
+
+Rclone code is organised into a small number of top level directories
+with modules beneath.
+
+  * backend - the rclone backends for interfacing to cloud providers - 
+    * all - import this to load all the cloud providers
+    * ...providers
+  * bin - scripts for use while building or maintaining rclone
+  * cmd - the rclone commands
+    * all - import this to load all the commands
+    * ...commands
+  * docs - the documentation and website
+    * content - adjust these docs only - everything else is autogenerated
+  * fs - main rclone definitions - minimal amount of code
+    * accounting - bandwidth limiting and statistics
+    * asyncreader - an io.Reader which reads ahead
+    * config - manage the config file and flags
+    * driveletter - detect if a name is a drive letter
+    * filter - implements include/exclude filtering
+    * fserrors - rclone specific error handling
+    * fshttp - http handling for rclone
+    * fspath - path handling for rclone
+    * hash - defines rclones hash types and functions
+    * list - list a remote
+    * log - logging facilities
+    * march - iterates directories in lock step
+    * object - in memory Fs objects
+    * operations - primitives for sync, eg Copy, Move
+    * sync - sync directories
+    * walk - walk a directory
+  * fstest - provides integration test framework
+    * fstests - integration tests for the backends
+    * mockdir - mocks an fs.Directory
+    * mockobject - mocks an fs.Object
+    * test_all - Runs integration tests for everything
+  * graphics - the images used in the website etc
+  * lib - libraries used by the backend
+    * atexit - register functions to run when rclone exits
+    * dircache - directory ID to name caching
+    * oauthutil - helpers for using oauth
+    * pacer - retries with backoff and paces operations
+    * readers - a selection of useful io.Readers
+    * rest - a thin abstraction over net/http for REST
+  * vendor - 3rd party code managed by `go mod`
+  * vfs - Virtual FileSystem layer for implementing rclone mount and similar
+
+## Writing Documentation ##
+
+If you are adding a new feature then please update the documentation.
+
+If you add a new general flag (not for a backend), then document it in
+`docs/content/docs.md` - the flags there are supposed to be in
+alphabetical order.
+
+If you add a new backend option/flag, then it should be documented in
+the source file in the `Help:` field.  The first line of this is used
+for the flag help, the remainder is shown to the user in `rclone
+config` and is added to the docs with `make backenddocs`.
+
+The only documentation you need to edit are the `docs/content/*.md`
+files.  The MANUAL.*, rclone.1, web site etc are all auto generated
+from those during the release process.  See the `make doc` and `make
+website` targets in the Makefile if you are interested in how.  You
+don't need to run these when adding a feature.
+
+Documentation for rclone sub commands is with their code, eg
+`cmd/ls/ls.go`.

 ## Making a release ##

 There are separate instructions for making a release in the RELEASE.md
-file - doing the first few steps is useful before making a
-contribution.
+file.

-  * go get -u -f -v ./...
-  * make check
-  * make test
-  * make tag
+## Commit messages ##

-## Updating the vendor dirctory ##
+Please make the first line of your commit message a summary of the
+change that a user (not a developer) of rclone would like to read, and
+prefix it with the directory of the change followed by a colon.  The
+changelog gets made by looking at just these first lines so make it
+good!

-Do these commands to update the entire build directory to the latest
-version of all the dependencies.  This should be done early in the
-release cycle.  Individual dependencies can be added with `godep get`.
+If you have more to say about the commit, then enter a blank line and
+carry on the description.  Remember to say why the change was needed -
+the commit itself shows what was changed.
+
+Writing more is better than less.  Comparing the behaviour before the
+change to that after the change is very useful.  Imagine you are
+writing to yourself in 12 months time when you've forgotten everything
+about what you just did and you need to get up to speed quickly.
+
+If the change fixes an issue then write `Fixes #1234` in the commit
+message.  This can be on the subject line if it will fit.  If you
+don't want to close the associated issue just put `#1234` and the
+change will get linked into the issue.
+
+Here is an example of a short commit message:
+
+```
+drive: add team drive support - fixes #885
+```
+
+And here is an example of a longer one:
+
+```
+mount: fix hang on errored upload
+
+In certain circumstances if an upload failed then the mount could hang
+indefinitely. This was fixed by closing the read pipe after the Put
+completed.  This will cause the write side to return a pipe closed
+error fixing the hang.
+
+Fixes #1498
+```
+
+## Adding a dependency ##
+
+rclone uses the [go
+modules](https://tip.golang.org/cmd/go/#hdr-Modules__module_versions__and_more)
+support in go1.11 and later to manage its dependencies.
+
+**NB** you must be using go1.11 or above to add a dependency to
+rclone.  Rclone will still build with older versions of go, but we use
+the `go mod` command for dependencies which is only in go1.11 and
+above.
+
+rclone can be built with modules outside of the GOPATH, but for
+backwards compatibility with older go versions, rclone also maintains
+a `vendor` directory with all the external code rclone needs for
+building.
+
+The `vendor` directory is entirely managed by the `go mod` tool, do
+not add things manually.
+
+To add a dependency `github.com/ncw/new_dependency` see the
+instructions below.  These will fetch the dependency, add it to
+`go.mod` and `go.sum` and vendor it for older go versions.
+
+    GO111MODULE=on go get github.com/ncw/new_dependency
+    GO111MODULE=on go mod vendor
+
+You can add constraints on that package when doing `go get` (see the
+go docs linked above), but don't unless you really need to.
+
+Please check in the changes generated by `go mod` including the
+`vendor` directory and `go.mod` and `go.sum` in a single commit
+separate from any other code changes with the title "vendor: add
+github.com/ncw/new_dependency".  Remember to `git add` any new files
+in `vendor`.
+
+## Updating a dependency ##
+
+If you need to update a dependency then run
+
+    GO111MODULE=on go get -u github.com/pkg/errors
+    GO111MODULE=on go mod vendor
+
+Check in in a single commit as above.
+
+## Updating all the dependencies ##
+
+In order to update all the dependencies then run `make update`.  This
+just uses the go modules to update all the modules to their latest
+stable release. Check in the changes in a single commit as above.
+
+This should be done early in the release cycle to pick up new versions
+of packages in time for them to get some testing.
+
+## Updating a backend ##
+
+If you update a backend then please run the unit tests and the
+integration tests for that backend.
+
+Assuming the backend is called `remote`, make create a config entry
+called `TestRemote` for the tests to use.
+
+Now `cd remote` and run `go test -v` to run the unit tests.
+
+Then `cd fs` and run `go test -v -remote TestRemote:` to run the
+integration tests.
+
+The next section goes into more detail about the tests.

-  * make build_dep
-  * make update
-  
 ## Writing a new backend ##

 Choose a name.  The docs here will use `remote` as an example.
@@ -145,28 +335,44 @@ Research

 Getting going

-  * Create `remote/remote.go` (copy this from a similar fs)
-  * Add your fs to the imports in `fs/all/all.go`
+  * Create `backend/remote/remote.go` (copy this from a similar remote)
+    * box is a good one to start from if you have a directory based remote
+    * b2 is a good one to start from if you have a bucket based remote
+  * Add your remote to the imports in `backend/all/all.go`
+  * HTTP based remotes are easiest to maintain if they use rclone's rest module, but if there is a really good go SDK then use that instead.
+  * Try to implement as many optional methods as possible as it makes the remote more usable.

 Unit tests

  * Create a config entry called `TestRemote` for the unit tests to use
-  * Add your fs to the end of `fstest/fstests/gen_tests.go`
-  * generate `remote/remote_test.go` unit tests `cd fstest/fstests; go generate`
+  * Create a `backend/remote/remote_test.go` - copy and adjust your example remote
  * Make sure all tests pass with `go test -v`

 Integration tests

-  * Add your fs to `fs/test_all.go`
+  * Add your backend to `fstest/test_all/config.yaml`
+      * Once you've done that then you can use the integration test framework from the project root:
+      * go install ./...
+      * test_all -backend remote
+
+Or if you want to run the integration tests manually:
+
  * Make sure integration tests pass with
-      * `cd fs`
-      * `go test -v -remote TestRemote:` and
+      * `cd fs/operations`
+      * `go test -v -remote TestRemote:`
+      * `cd fs/sync`
+      * `go test -v -remote TestRemote:`
+  * If you are making a bucket based remote, then check with this also
      * `go test -v -remote TestRemote: -subdir`
+  * And if your remote defines `ListR` this also
+      * `go test -v -remote TestRemote: -fast-list`

-Add your fs to the docs
+See the [testing](#testing) section for more information on integration tests.

-  * `README.md` - main Github page
-  * `docs/content/remote.md` - main docs page
+Add your fs to the docs - you'll need to pick an icon for it from [fontawesome](http://fontawesome.io/icons/).  Keep lists of remotes in alphabetical order but with the local file system last.
+
+  * `README.md` - main GitHub page
+  * `docs/content/remote.md` - main docs page (note the backend options are automatically added to this file with `make backenddocs`)
  * `docs/content/overview.md` - overview docs
  * `docs/content/docs.md` - list of remotes in config section
  * `docs/content/about.md` - front page of rclone.org
--- a/Godeps/Godeps.json
+++ b/Godeps/Godeps.json
@@ -1,471 +0,0 @@
-{
-	"ImportPath": "github.com/ncw/rclone",
-	"GoVersion": "devel-41908a5",
-	"GodepVersion": "v75",
-	"Packages": [
-		"./..."
-	],
-	"Deps": [
-		{
-			"ImportPath": "bazil.org/fuse",
-			"Rev": "371fbbdaa8987b715bdd21d6adc4c9b20155f748"
-		},
-		{
-			"ImportPath": "bazil.org/fuse/fs",
-			"Rev": "371fbbdaa8987b715bdd21d6adc4c9b20155f748"
-		},
-		{
-			"ImportPath": "bazil.org/fuse/fuseutil",
-			"Rev": "371fbbdaa8987b715bdd21d6adc4c9b20155f748"
-		},
-		{
-			"ImportPath": "cloud.google.com/go/compute/metadata",
-			"Comment": "v0.5.0-11-gbfdc39b",
-			"Rev": "bfdc39bde7a3c8dd361ea7fcdb69e7a41a475bb9"
-		},
-		{
-			"ImportPath": "cloud.google.com/go/internal",
-			"Comment": "v0.5.0-11-gbfdc39b",
-			"Rev": "bfdc39bde7a3c8dd361ea7fcdb69e7a41a475bb9"
-		},
-		{
-			"ImportPath": "github.com/Unknwon/goconfig",
-			"Rev": "87a46d97951ee1ea20ed3b24c25646a79e87ba5d"
-		},
-		{
-			"ImportPath": "github.com/VividCortex/ewma",
-			"Comment": "v1.0-20-gc595cd8",
-			"Rev": "c595cd886c223c6c28fc9ae2727a61b5e4693d85"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/awserr",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/awsutil",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/client",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/client/metadata",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/corehandlers",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/credentials",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/credentials/endpointcreds",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/credentials/stscreds",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/defaults",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/ec2metadata",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/request",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/session",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/aws/signer/v4",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/private/endpoints",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/private/protocol",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/private/protocol/query",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/private/protocol/query/queryutil",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/private/protocol/rest",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/private/protocol/restxml",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/private/waiter",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/service/s3",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/service/s3/s3iface",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/service/s3/s3manager",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/aws/aws-sdk-go/service/sts",
-			"Comment": "v1.5.13-3-gc50c370",
-			"Rev": "c50c37095f7ff735e74842842f9ec157c6300273"
-		},
-		{
-			"ImportPath": "github.com/cpuguy83/go-md2man/md2man",
-			"Comment": "v1.0.6",
-			"Rev": "a65d4d2de4d5f7c74868dfa9b202a3c8be315aaa"
-		},
-		{
-			"ImportPath": "github.com/davecgh/go-spew/spew",
-			"Rev": "5215b55f46b2b919f50a1df0eaa5886afe4e3b3d"
-		},
-		{
-			"ImportPath": "github.com/go-ini/ini",
-			"Comment": "v1.9.0",
-			"Rev": "193d1ecb466bf97aae8b454a5cfc192941c64809"
-		},
-		{
-			"ImportPath": "github.com/golang/protobuf/proto",
-			"Rev": "8ee79997227bf9b34611aee7946ae64735e6fd93"
-		},
-		{
-			"ImportPath": "github.com/google/go-querystring/query",
-			"Rev": "9235644dd9e52eeae6fa48efd539fdc351a0af53"
-		},
-		{
-			"ImportPath": "github.com/googleapis/gax-go",
-			"Rev": "da06d194a00e19ce00d9011a13931c3f6f6887c7"
-		},
-		{
-			"ImportPath": "github.com/inconshreveable/mousetrap",
-			"Rev": "76626ae9c91c4f2a10f34cad8ce83ea42c93bb75"
-		},
-		{
-			"ImportPath": "github.com/jmespath/go-jmespath",
-			"Comment": "0.2.2-12-g0b12d6b",
-			"Rev": "0b12d6b521d83fc7f755e7cfc1b1fbdd35a01a74"
-		},
-		{
-			"ImportPath": "github.com/ncw/go-acd",
-			"Rev": "7954f1fad2bda6a7836999003e4481d6e32edc1e"
-		},
-		{
-			"ImportPath": "github.com/ncw/swift",
-			"Rev": "cefd25ce9a2fdb37e4deecc743a2c58cafecdf3f"
-		},
-		{
-			"ImportPath": "github.com/pkg/errors",
-			"Comment": "v0.8.0-2-g248dadf",
-			"Rev": "248dadf4e9068a0b3e79f02ed0a610d935de5302"
-		},
-		{
-			"ImportPath": "github.com/pmezard/go-difflib/difflib",
-			"Rev": "792786c7400a136282c1664665ae0a8db921c6c2"
-		},
-		{
-			"ImportPath": "github.com/rfjakob/eme",
-			"Comment": "v1.0-10-g601d0e2",
-			"Rev": "601d0e278ceda9aa2085a61c9265f6e690ef5255"
-		},
-		{
-			"ImportPath": "github.com/russross/blackfriday",
-			"Comment": "v1.4-38-g93622da",
-			"Rev": "93622da34e54fb6529bfb7c57e710f37a8d9cbd8"
-		},
-		{
-			"ImportPath": "github.com/shurcooL/sanitized_anchor_name",
-			"Rev": "10ef21a441db47d8b13ebcc5fd2310f636973c77"
-		},
-		{
-			"ImportPath": "github.com/skratchdot/open-golang/open",
-			"Rev": "75fb7ed4208cf72d323d7d02fd1a5964a7a9073c"
-		},
-		{
-			"ImportPath": "github.com/spf13/cobra",
-			"Rev": "9495bc009a56819bdb0ddbc1a373e29c140bc674"
-		},
-		{
-			"ImportPath": "github.com/spf13/cobra/doc",
-			"Rev": "9495bc009a56819bdb0ddbc1a373e29c140bc674"
-		},
-		{
-			"ImportPath": "github.com/spf13/pflag",
-			"Rev": "5ccb023bc27df288a957c5e994cd44fd19619465"
-		},
-		{
-			"ImportPath": "github.com/stacktic/dropbox",
-			"Rev": "58f839b21094d5e0af7caf613599830589233d20"
-		},
-		{
-			"ImportPath": "github.com/stretchr/testify/assert",
-			"Comment": "v1.1.4-6-g18a02ba",
-			"Rev": "18a02ba4a312f95da08ff4cfc0055750ce50ae9e"
-		},
-		{
-			"ImportPath": "github.com/stretchr/testify/require",
-			"Comment": "v1.1.4-6-g18a02ba",
-			"Rev": "18a02ba4a312f95da08ff4cfc0055750ce50ae9e"
-		},
-		{
-			"ImportPath": "github.com/tsenart/tb",
-			"Rev": "19f4c3d79d2bd67d0911b2e310b999eeea4454c1"
-		},
-		{
-			"ImportPath": "golang.org/x/crypto/nacl/secretbox",
-			"Rev": "8a549a1948fc5271eb24f36dcb0d3b47dec75a16"
-		},
-		{
-			"ImportPath": "golang.org/x/crypto/pbkdf2",
-			"Rev": "8a549a1948fc5271eb24f36dcb0d3b47dec75a16"
-		},
-		{
-			"ImportPath": "golang.org/x/crypto/poly1305",
-			"Rev": "8a549a1948fc5271eb24f36dcb0d3b47dec75a16"
-		},
-		{
-			"ImportPath": "golang.org/x/crypto/salsa20/salsa",
-			"Rev": "8a549a1948fc5271eb24f36dcb0d3b47dec75a16"
-		},
-		{
-			"ImportPath": "golang.org/x/crypto/scrypt",
-			"Rev": "8a549a1948fc5271eb24f36dcb0d3b47dec75a16"
-		},
-		{
-			"ImportPath": "golang.org/x/crypto/ssh/terminal",
-			"Rev": "8a549a1948fc5271eb24f36dcb0d3b47dec75a16"
-		},
-		{
-			"ImportPath": "golang.org/x/net/context",
-			"Rev": "6cdc0daab091c43fc46193327e0047b4f883c613"
-		},
-		{
-			"ImportPath": "golang.org/x/net/context/ctxhttp",
-			"Rev": "6cdc0daab091c43fc46193327e0047b4f883c613"
-		},
-		{
-			"ImportPath": "golang.org/x/net/http2",
-			"Rev": "6cdc0daab091c43fc46193327e0047b4f883c613"
-		},
-		{
-			"ImportPath": "golang.org/x/net/http2/hpack",
-			"Rev": "6cdc0daab091c43fc46193327e0047b4f883c613"
-		},
-		{
-			"ImportPath": "golang.org/x/net/idna",
-			"Rev": "6cdc0daab091c43fc46193327e0047b4f883c613"
-		},
-		{
-			"ImportPath": "golang.org/x/net/internal/timeseries",
-			"Rev": "6cdc0daab091c43fc46193327e0047b4f883c613"
-		},
-		{
-			"ImportPath": "golang.org/x/net/lex/httplex",
-			"Rev": "6cdc0daab091c43fc46193327e0047b4f883c613"
-		},
-		{
-			"ImportPath": "golang.org/x/net/trace",
-			"Rev": "6cdc0daab091c43fc46193327e0047b4f883c613"
-		},
-		{
-			"ImportPath": "golang.org/x/oauth2",
-			"Rev": "f6093e37b6cb4092101a298aba5d794eb570757f"
-		},
-		{
-			"ImportPath": "golang.org/x/oauth2/google",
-			"Rev": "f6093e37b6cb4092101a298aba5d794eb570757f"
-		},
-		{
-			"ImportPath": "golang.org/x/oauth2/internal",
-			"Rev": "f6093e37b6cb4092101a298aba5d794eb570757f"
-		},
-		{
-			"ImportPath": "golang.org/x/oauth2/jws",
-			"Rev": "f6093e37b6cb4092101a298aba5d794eb570757f"
-		},
-		{
-			"ImportPath": "golang.org/x/oauth2/jwt",
-			"Rev": "f6093e37b6cb4092101a298aba5d794eb570757f"
-		},
-		{
-			"ImportPath": "golang.org/x/sys/unix",
-			"Rev": "478fcf54317e52ab69f40bb4c7a1520288d7f7ea"
-		},
-		{
-			"ImportPath": "golang.org/x/text/transform",
-			"Rev": "5c6cf4f9a2357d38515014cea8c488ed22bdab90"
-		},
-		{
-			"ImportPath": "golang.org/x/text/unicode/norm",
-			"Rev": "5c6cf4f9a2357d38515014cea8c488ed22bdab90"
-		},
-		{
-			"ImportPath": "google.golang.org/api/drive/v2",
-			"Rev": "eeba0f9a5982027f920574de995cd46f96058368"
-		},
-		{
-			"ImportPath": "google.golang.org/api/gensupport",
-			"Rev": "eeba0f9a5982027f920574de995cd46f96058368"
-		},
-		{
-			"ImportPath": "google.golang.org/api/googleapi",
-			"Rev": "eeba0f9a5982027f920574de995cd46f96058368"
-		},
-		{
-			"ImportPath": "google.golang.org/api/googleapi/internal/uritemplates",
-			"Rev": "eeba0f9a5982027f920574de995cd46f96058368"
-		},
-		{
-			"ImportPath": "google.golang.org/api/storage/v1",
-			"Rev": "eeba0f9a5982027f920574de995cd46f96058368"
-		},
-		{
-			"ImportPath": "google.golang.org/appengine",
-			"Rev": "c98f627282072b1230c8795abe98e2914c8a1de9"
-		},
-		{
-			"ImportPath": "google.golang.org/appengine/internal",
-			"Rev": "c98f627282072b1230c8795abe98e2914c8a1de9"
-		},
-		{
-			"ImportPath": "google.golang.org/appengine/internal/app_identity",
-			"Rev": "c98f627282072b1230c8795abe98e2914c8a1de9"
-		},
-		{
-			"ImportPath": "google.golang.org/appengine/internal/base",
-			"Rev": "c98f627282072b1230c8795abe98e2914c8a1de9"
-		},
-		{
-			"ImportPath": "google.golang.org/appengine/internal/datastore",
-			"Rev": "c98f627282072b1230c8795abe98e2914c8a1de9"
-		},
-		{
-			"ImportPath": "google.golang.org/appengine/internal/log",
-			"Rev": "c98f627282072b1230c8795abe98e2914c8a1de9"
-		},
-		{
-			"ImportPath": "google.golang.org/appengine/internal/modules",
-			"Rev": "c98f627282072b1230c8795abe98e2914c8a1de9"
-		},
-		{
-			"ImportPath": "google.golang.org/appengine/internal/remote_api",
-			"Rev": "c98f627282072b1230c8795abe98e2914c8a1de9"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/codes",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/credentials",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/grpclog",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/internal",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/metadata",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/naming",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/peer",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/stats",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/tap",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		},
-		{
-			"ImportPath": "google.golang.org/grpc/transport",
-			"Comment": "v1.0.4-78-g708a7f9",
-			"Rev": "708a7f9f3283aa2d4f6132d287d78683babe55c8"
-		}
-	]
-}
--- a/Godeps/Readme
+++ b/Godeps/Readme
@@ -1,5 +0,0 @@
-This directory tree is generated automatically by godep.
-
-Please do not edit.
-
-See https://github.com/tools/godep for more information.
--- a/ISSUE_TEMPLATE.md
+++ b/ISSUE_TEMPLATE.md
@@ -1,14 +0,0 @@
-When filing an issue, please include the following information if possible as well as a description of the problem.  Make sure you test with the [latest beta of rclone](http://rclone.org/downloads/).
-
-If you've just got a question then please use the [rclone forum](https://forum.rclone.org/) instead of filing an issue.
-
-> What is your rclone version (eg output from `rclone -V`)
-
-> Which OS you are using and how many bits (eg Windows 7, 64 bit)
-
-> Which cloud storage system are you using? (eg Google Drive)
-
-> The command you were trying to run (eg `rclone copy /tmp remote:tmp`)
-
-> A log from the command with the `-v` flag (eg output from `rclone -v copy /tmp remote:tmp`)
-
--- a/MAINTAINERS.md
+++ b/MAINTAINERS.md
@@ -0,0 +1,92 @@
+# Maintainers guide for rclone #
+
+Current active maintainers of rclone are:
+
+| Name             | GitHub ID   | Specific Responsibilities    |
+| :--------------- | :---------- | :--------------------------  |
+| Nick Craig-Wood  | @ncw        | overall project health       |
+| Stefan Breunig   | @breunigs   |                              |
+| Ishuah Kariuki   | @ishuah     |                              |
+| Remus Bunduc     | @remusb     | cache backend                |
+| Fabian Möller    | @B4dM4n     |                              |
+| Alex Chen        | @Cnly       | onedrive backend             |
+| Sandeep Ummadi   | @sandeepkru | azureblob backend            |
+| Sebastian Bünger | @buengese   | jottacloud & yandex backends |
+
+**This is a work in progress Draft**
+
+This is a guide for how to be an rclone maintainer.  This is mostly a writeup of what I (@ncw) attempt to do.
+
+## Triaging Tickets ##
+
+When a ticket comes in it should be triaged.  This means it should be classified by adding labels and placed into a milestone. Quite a lot of tickets need a bit of back and forth to determine whether it is a valid ticket so tickets may remain without labels or milestone for a while.
+
+Rclone uses the labels like this:
+
+* `bug` - a definite verified bug
+* `can't reproduce` - a problem which we can't reproduce
+* `doc fix` - a bug in the documentation - if users need help understanding the docs add this label
+* `duplicate` - normally close these and ask the user to subscribe to the original
+* `enhancement: new remote` - a new rclone backend
+* `enhancement` - a new feature
+* `FUSE` - do do with `rclone mount` command
+* `good first issue` - mark these if you find a small self contained issue - these get shown to new visitors to the project
+* `help` wanted - mark these if you find a self contained issue - these get shown to new visitors to the project
+* `IMPORTANT` - note to maintainers not to forget to fix this for the release
+* `maintenance` - internal enhancement, code re-organisation etc
+* `Needs Go 1.XX` - waiting for that version of Go to be released
+* `question` - not a `bug` or `enhancement` - direct to the forum for next time
+* `Remote: XXX` - which rclone backend this affects
+* `thinking` - not decided on the course of action yet
+
+If it turns out to be a bug or an enhancement it should be tagged as such, with the appropriate other tags.  Don't forget the "good first issue" tag to give new contributors something easy to do to get going.
+
+When a ticket is tagged it should be added to a milestone, either the next release, the one after, Soon or Help Wanted.  Bugs can be added to the "Known Bugs" milestone if they aren't planned to be fixed or need to wait for something (eg the next go release).
+
+The milestones have these meanings:
+
+* v1.XX - stuff we would like to fit into this release
+* v1.XX+1 - stuff we are leaving until the next release
+* Soon - stuff we think is a good idea - waiting to be scheduled to a release
+* Help wanted - blue sky stuff that might get moved up, or someone could help with
+* Known bugs - bugs waiting on external factors or we aren't going to fix for the moment
+
+Tickets [with no milestone](https://github.com/ncw/rclone/issues?utf8=✓&q=is%3Aissue%20is%3Aopen%20no%3Amile) are good candidates for ones that have slipped between the gaps and need following up.
+
+## Closing Tickets ##
+
+Close tickets as soon as you can - make sure they are tagged with a release.  Post a link to a beta in the ticket with the fix in, asking for feedback.
+
+## Pull requests ##
+
+Try to process pull requests promptly!
+
+Merging pull requests on GitHub itself works quite well now-a-days so you can squash and rebase or rebase pull requests.  rclone doesn't use merge commits.  Use the squash and rebase option if you need to edit the commit message.
+
+After merging the commit, in your local master branch, do `git pull` then run `bin/update-authors.py` to update the authors file then `git push`.
+
+Sometimes pull requests need to be left open for a while - this especially true of contributions of new backends which take a long time to get right.
+
+## Merges ##
+
+If you are merging a branch locally then do `git merge --ff-only branch-name` to avoid a merge commit.  You'll need to rebase the branch if it doesn't merge cleanly.
+
+## Release cycle ##
+
+Rclone aims for a 6-8 week release cycle.  Sometimes release cycles take longer if there is something big to merge that didn't stabilize properly or for personal reasons.
+
+High impact regressions should be fixed before the next release.
+
+Near the start of the release cycle the dependencies should be updated with `make update` to give time for bugs to surface.
+
+Towards the end of the release cycle try not to merge anything too big so let things settle down.
+
+Follow the instructions in RELEASE.md for making the release. Note that the testing part is the most time consuming often needing several rounds of test and fix depending on exactly how many new features rclone has gained.
+
+## Mailing list ##
+
+There is now an invite only mailing list for rclone developers `rclone-dev` on google groups.
+
+## TODO ##
+
+I should probably make a dev@rclone.org to register with cloud providers.
--- a/MANUAL.html
+++ b/MANUAL.html
--- a/MANUAL.md
+++ b/MANUAL.md
--- a/MANUAL.txt
+++ b/MANUAL.txt
--- a/194
+++ b/194
@@ -1,70 +1,91 @@
-SHELL = /bin/bash
-TAG := $(shell echo `git describe --tags`-`git rev-parse --abbrev-ref HEAD` | sed 's/-\([0-9]\)-/-0\1-/; s/-\(HEAD\|master\)$$//')
+SHELL = bash
+BRANCH := $(or $(APPVEYOR_REPO_BRANCH),$(TRAVIS_BRANCH),$(shell git rev-parse --abbrev-ref HEAD))
 LAST_TAG := $(shell git describe --tags --abbrev=0)
-NEW_TAG := $(shell echo $(LAST_TAG) | perl -lpe 's/v//; $$_ += 0.01; $$_ = sprintf("v%.2f", $$_)')
+ifeq ($(BRANCH),$(LAST_TAG))
+	BRANCH := master
+endif
+TAG_BRANCH := -$(BRANCH)
+BRANCH_PATH := branch/
+ifeq ($(subst HEAD,,$(subst master,,$(BRANCH))),)
+	TAG_BRANCH :=
+	BRANCH_PATH :=
+endif
+TAG := $(shell echo $$(git describe --abbrev=8 --tags | sed 's/-\([0-9]\)-/-00\1-/; s/-\([0-9][0-9]\)-/-0\1-/'))$(TAG_BRANCH)
+NEW_TAG := $(shell echo $(LAST_TAG) | perl -lpe 's/v//; $$_ += 0.01; $$_ = sprintf("v%.2f.0", $$_)')
+ifneq ($(TAG),$(LAST_TAG))
+	TAG := $(TAG)-beta
+endif
 GO_VERSION := $(shell go version)
 GO_FILES := $(shell go list ./... | grep -v /vendor/ )
-GO_LATEST := $(findstring go1.7,$(GO_VERSION))
-BETA_URL := http://beta.rclone.org/$(TAG)/
-# Only needed for Go 1.5
-export GO15VENDOREXPERIMENT=1
+BETA_PATH := $(BRANCH_PATH)$(TAG)
+BETA_URL := https://beta.rclone.org/$(BETA_PATH)/
+BETA_UPLOAD_ROOT := memstore:beta-rclone-org
+BETA_UPLOAD := $(BETA_UPLOAD_ROOT)/$(BETA_PATH)
+# Pass in GOTAGS=xyz on the make command line to set build tags
+ifdef GOTAGS
+BUILDTAGS=-tags "$(GOTAGS)"
+LINTTAGS=--build-tags "$(GOTAGS)"
+endif
+
+.PHONY: rclone vars version

 rclone:
-	go install -v
+	touch fs/version.go
+	go install -v --ldflags "-s -X github.com/ncw/rclone/fs.Version=$(TAG)" $(BUILDTAGS)
+	cp -av `go env GOPATH`/bin/rclone .

 vars:
 	@echo SHELL="'$(SHELL)'"
+	@echo BRANCH="'$(BRANCH)'"
 	@echo TAG="'$(TAG)'"
 	@echo LAST_TAG="'$(LAST_TAG)'"
 	@echo NEW_TAG="'$(NEW_TAG)'"
 	@echo GO_VERSION="'$(GO_VERSION)'"
-	@echo GO_LATEST="'$(GO_LATEST)'"
 	@echo BETA_URL="'$(BETA_URL)'"

+version:
+	@echo '$(TAG)'
+
 # Full suite of integration tests
 test:	rclone
-	go test $(GO_FILES)
-	cd fs && go run test_all.go
+	go install --ldflags "-s -X github.com/ncw/rclone/fs.Version=$(TAG)" $(BUILDTAGS) github.com/ncw/rclone/fstest/test_all
+	-test_all 2>&1 | tee test_all.log
+	@echo "Written logs in test_all.log"

 # Quick test
 quicktest:
-	go test $(GO_FILES)
-	go test -cpu=2 -race $(GO_FILES)
+	RCLONE_CONFIG="/notfound" go test $(BUILDTAGS) $(GO_FILES)
+
+racequicktest:
+	RCLONE_CONFIG="/notfound" go test $(BUILDTAGS) -cpu=2 -race $(GO_FILES)

 # Do source code quality checks
 check:	rclone
-ifdef GO_LATEST
-	go vet $(GO_FILES)
-	errcheck $(GO_FILES)
-	find . -name \*.go | grep -v /vendor/ | xargs goimports -d | grep . ; test $$? -eq 1
-	go list ./... | grep -v /vendor/ | xargs -i golint {} | grep -E -v '(StorageUrl|CdnUrl)' ; test $$? -eq 1
-else
-	@echo Skipping tests as not on Go stable
-endif
+	@echo "-- START CODE QUALITY REPORT -------------------------------"
+	@golangci-lint run $(LINTTAGS) ./...
+	@echo "-- END CODE QUALITY REPORT ---------------------------------"

 # Get the build dependencies
 build_dep:
-ifdef GO_LATEST
-	go get -u github.com/kisielk/errcheck
-	go get -u golang.org/x/tools/cmd/goimports
-	go get -u github.com/golang/lint/golint
-	go get -u github.com/mitchellh/gox
-	go get -u github.com/inconshreveable/mousetrap
-	go get -u github.com/tools/godep
-endif
+	go run bin/get-github-release.go -extract golangci-lint golangci/golangci-lint 'golangci-lint-.*\.tar\.gz'
+
+# Get the release dependencies
+release_dep:
+	go get -u github.com/goreleaser/nfpm/...
+	go get -u github.com/aktau/github-release

 # Update dependencies
 update:
-	rm -rf Godeps vendor
-	go get -t -u -f -v ./...
-	godep save ./...
+	GO111MODULE=on go get -u ./...
+	GO111MODULE=on go mod tidy
+	GO111MODULE=on go mod vendor

-doc:	rclone.1 MANUAL.html MANUAL.txt
+doc:	rclone.1 MANUAL.html MANUAL.txt rcdocs commanddocs

 rclone.1:	MANUAL.md
 	pandoc -s --from markdown --to man MANUAL.md -o rclone.1

-MANUAL.md:	bin/make_manual.py docs/content/*.md commanddocs
+MANUAL.md:	bin/make_manual.py docs/content/*.md commanddocs backenddocs
 	./bin/make_manual.py

 MANUAL.html:	MANUAL.md
@@ -74,7 +95,13 @@ MANUAL.txt:	MANUAL.md
 	pandoc -s --from markdown --to plain MANUAL.md -o MANUAL.txt

 commanddocs: rclone
-	rclone gendocs docs/content/commands/
+	XDG_CACHE_HOME="" XDG_CONFIG_HOME="" HOME="\$$HOME" USER="\$$USER" rclone gendocs docs/content/commands/
+
+backenddocs: rclone bin/make_backend_docs.py
+	./bin/make_backend_docs.py
+
+rcdocs: rclone
+	bin/make_rc_docs.sh

 install: rclone
 	install -d ${DESTDIR}/usr/bin
@@ -84,7 +111,7 @@ clean:
 	go clean ./...
 	find . -name \*~ | xargs -r rm -f
 	rm -rf build docs/public
-	rm -f rclone rclonetest/rclonetest
+	rm -f rclone fs/operations/operations.test fs/sync/sync.test fs/test_all.log test.log

 website:
 	cd docs && hugo
@@ -92,45 +119,102 @@ website:
 upload_website:	website
 	rclone -v sync docs/public memstore:www-rclone-org

+tarball:
+	git archive -9 --format=tar.gz --prefix=rclone-$(TAG)/ -o build/rclone-$(TAG).tar.gz $(TAG)
+
+sign_upload:
+	cd build && md5sum rclone-v* | gpg --clearsign > MD5SUMS
+	cd build && sha1sum rclone-v* | gpg --clearsign > SHA1SUMS
+	cd build && sha256sum rclone-v* | gpg --clearsign > SHA256SUMS
+
+check_sign:
+	cd build && gpg --verify MD5SUMS && gpg --decrypt MD5SUMS | md5sum -c
+	cd build && gpg --verify SHA1SUMS && gpg --decrypt SHA1SUMS | sha1sum -c
+	cd build && gpg --verify SHA256SUMS && gpg --decrypt SHA256SUMS | sha256sum -c
+
 upload:
-	rclone -v copy build/ memstore:downloads-rclone-org
+	rclone -P copy build/ memstore:downloads-rclone-org/$(TAG)
+	rclone lsf build --files-only --include '*.{zip,deb,rpm}' --include version.txt | xargs -i bash -c 'i={}; j="$$i"; [[ $$i =~ (.*)(-v[0-9\.]+-)(.*) ]] && j=$${BASH_REMATCH[1]}-current-$${BASH_REMATCH[3]}; rclone copyto -v "memstore:downloads-rclone-org/$(TAG)/$$i" "memstore:downloads-rclone-org/$$j"'

 upload_github:
 	./bin/upload-github $(TAG)

 cross:	doc
-	./bin/cross-compile $(TAG)
+	go run bin/cross-compile.go -release current $(BUILDTAGS) $(TAG)

 beta:
-	./bin/cross-compile $(TAG)β
-	rm build/*-current-*
-	rclone -v copy build/ memstore:pub-rclone-org/$(TAG)β
-	@echo Beta release ready at http://pub.rclone.org/$(TAG)%CE%B2/
+	go run bin/cross-compile.go $(BUILDTAGS) $(TAG)
+	rclone -v copy build/ memstore:pub-rclone-org/$(TAG)
+	@echo Beta release ready at https://pub.rclone.org/$(TAG)/
+
+log_since_last_release:
+	git log $(LAST_TAG)..
+
+compile_all:
+	go run bin/cross-compile.go -parallel 8 -compile-only $(BUILDTAGS) $(TAG)
+
+appveyor_upload:
+	rclone --config bin/travis.rclone.conf -v copy --exclude '*beta-latest*' build/ $(BETA_UPLOAD)
+ifndef BRANCH_PATH
+	rclone --config bin/travis.rclone.conf -v copy --include '*beta-latest*' --include version.txt build/ $(BETA_UPLOAD_ROOT)
+endif
+	@echo Beta release ready at $(BETA_URL)
+
+circleci_upload:
+	./rclone --config bin/travis.rclone.conf -v copy build/ $(BETA_UPLOAD)/testbuilds
+ifndef BRANCH_PATH
+	./rclone --config bin/travis.rclone.conf -v copy build/ $(BETA_UPLOAD_ROOT)/test/testbuilds-latest
+endif
+	@echo Beta release ready at $(BETA_URL)/testbuilds
+
+BUILD_FLAGS := -exclude "^(windows|darwin)/"
+ifeq ($(TRAVIS_OS_NAME),osx)
+	BUILD_FLAGS := -include "^darwin/" -cgo
+endif
+ifeq ($(TRAVIS_OS_NAME),windows)
+# BUILD_FLAGS := -include "^windows/" -cgo
+# 386 doesn't build yet
+	BUILD_FLAGS := -include "^windows/amd64" -cgo
+endif

 travis_beta:
-	./bin/cross-compile $(TAG)β
-	rm build/*-current-*
-	rclone --config bin/travis.rclone.conf -v copy build/ memstore:beta-rclone-org/$(TAG)
+ifeq ($(TRAVIS_OS_NAME),linux)
+	go run bin/get-github-release.go -extract nfpm goreleaser/nfpm 'nfpm_.*\.tar.gz'
+endif
+	git log $(LAST_TAG).. > /tmp/git-log.txt
+	go run bin/cross-compile.go -release beta-latest -git-log /tmp/git-log.txt $(BUILD_FLAGS) -parallel 8 $(BUILDTAGS) $(TAG)
+	rclone --config bin/travis.rclone.conf -v copy --exclude '*beta-latest*' build/ $(BETA_UPLOAD)
+ifndef BRANCH_PATH
+	rclone --config bin/travis.rclone.conf -v copy --include '*beta-latest*' --include version.txt build/ $(BETA_UPLOAD_ROOT)
+endif
 	@echo Beta release ready at $(BETA_URL)

+# Fetch the binary builds from travis and appveyor
+fetch_binaries:
+	rclone -P sync --exclude "/testbuilds/**" --delete-excluded $(BETA_UPLOAD) build/
+
 serve:	website
 	cd docs && hugo server -v -w

 tag:	doc
 	@echo "Old tag is $(LAST_TAG)"
 	@echo "New tag is $(NEW_TAG)"
-	echo -e "package fs\n\n// Version of rclone\nvar Version = \"$(NEW_TAG)-DEV\"\n" | gofmt > fs/version.go
-	perl -lpe 's/VERSION/${NEW_TAG}/g; s/DATE/'`date -I`'/g;' docs/content/downloads.md.in > docs/content/downloads.md
-	git tag $(NEW_TAG)
-	@echo "Add this to changelog in docs/content/changelog.md"
-	@echo "  * $(NEW_TAG) -" `date -I`
-	@git log $(LAST_TAG)..$(NEW_TAG) --oneline
-	@echo "Then commit the changes"
+	echo -e "package fs\n\n// Version of rclone\nvar Version = \"$(NEW_TAG)\"\n" | gofmt > fs/version.go
+	echo -n "$(NEW_TAG)" > docs/layouts/partials/version.html
+	git tag -s -m "Version $(NEW_TAG)" $(NEW_TAG)
+	bin/make_changelog.py $(LAST_TAG) $(NEW_TAG) > docs/content/changelog.md.new
+	mv docs/content/changelog.md.new docs/content/changelog.md
+	@echo "Edit the new changelog in docs/content/changelog.md"
+	@echo "Then commit all the changes"
 	@echo git commit -m \"Version $(NEW_TAG)\" -a -v
 	@echo "And finally run make retag before make cross etc"

 retag:
-	git tag -f $(LAST_TAG)
+	git tag -f -s -m "Version $(LAST_TAG)" $(LAST_TAG)

-gen_tests:
-	cd fstest/fstests && go generate
+startdev:
+	echo -e "package fs\n\n// Version of rclone\nvar Version = \"$(LAST_TAG)-DEV\"\n" | gofmt > fs/version.go
+	git commit -m "Start $(LAST_TAG)-DEV development" fs/version.go
+
+winzip:
+	zip -9 rclone-$(TAG).zip rclone.exe
--- a/README.md
+++ b/README.md
@@ -1,49 +1,97 @@
-[![Logo](http://rclone.org/img/rclone-120x120.png)](http://rclone.org/)
+[![Logo](https://rclone.org/img/rclone-120x120.png)](https://rclone.org/)

-[Website](http://rclone.org) |
-[Documentation](http://rclone.org/docs/) |
+[Website](https://rclone.org) |
+[Documentation](https://rclone.org/docs/) |
+[Download](https://rclone.org/downloads/) | 
 [Contributing](CONTRIBUTING.md) |
-[Changelog](http://rclone.org/changelog/) |
-[Installation](http://rclone.org/install/) |
-[Forum](https://forum.rclone.org/)
-[G+](https://google.com/+RcloneOrg)
+[Changelog](https://rclone.org/changelog/) |
+[Installation](https://rclone.org/install/) |
+[Forum](https://forum.rclone.org/) | 

+[![Build Status](https://travis-ci.org/ncw/rclone.svg?branch=master)](https://travis-ci.org/ncw/rclone)
+[![Windows Build Status](https://ci.appveyor.com/api/projects/status/github/ncw/rclone?branch=master&passingText=windows%20-%20ok&svg=true)](https://ci.appveyor.com/project/ncw/rclone)
+[![CircleCI](https://circleci.com/gh/ncw/rclone/tree/master.svg?style=svg)](https://circleci.com/gh/ncw/rclone/tree/master)
+[![Go Report Card](https://goreportcard.com/badge/github.com/ncw/rclone)](https://goreportcard.com/report/github.com/ncw/rclone)
+[![GoDoc](https://godoc.org/github.com/ncw/rclone?status.svg)](https://godoc.org/github.com/ncw/rclone) 

-[![Build Status](https://travis-ci.org/ncw/rclone.svg?branch=master)](https://travis-ci.org/ncw/rclone) [![Windows Build Status](https://ci.appveyor.com/api/projects/status/github/ncw/rclone?branch=master&passingText=windows%20-%20ok&svg=true)](https://ci.appveyor.com/project/ncw/rclone) [![GoDoc](https://godoc.org/github.com/ncw/rclone?status.svg)](https://godoc.org/github.com/ncw/rclone) 
+# Rclone

-Rclone is a command line program to sync files and directories to and from
+Rclone *("rsync for cloud storage")* is a command line program to sync files and directories to and from different cloud storage providers.

-  * Google Drive
-  * Amazon S3
-  * Openstack Swift / Rackspace cloud files / Memset Memstore
-  * Dropbox
-  * Google Cloud Storage
-  * Amazon Drive
-  * Microsoft One Drive
-  * Hubic
-  * Backblaze B2
-  * Yandex Disk
-  * The local filesystem
+## Storage providers

-Features
+  * Alibaba Cloud (Aliyun) Object Storage System (OSS) [:page_facing_up:](https://rclone.org/s3/#alibaba-oss)
+  * Amazon Drive [:page_facing_up:](https://rclone.org/amazonclouddrive/) ([See note](https://rclone.org/amazonclouddrive/#status))
+  * Amazon S3 [:page_facing_up:](https://rclone.org/s3/)
+  * Backblaze B2 [:page_facing_up:](https://rclone.org/b2/)
+  * Box [:page_facing_up:](https://rclone.org/box/)
+  * Ceph [:page_facing_up:](https://rclone.org/s3/#ceph)
+  * DigitalOcean Spaces [:page_facing_up:](https://rclone.org/s3/#digitalocean-spaces)
+  * Dreamhost [:page_facing_up:](https://rclone.org/s3/#dreamhost)
+  * Dropbox [:page_facing_up:](https://rclone.org/dropbox/)
+  * FTP [:page_facing_up:](https://rclone.org/ftp/)
+  * Google Cloud Storage [:page_facing_up:](https://rclone.org/googlecloudstorage/)
+  * Google Drive [:page_facing_up:](https://rclone.org/drive/)
+  * HTTP [:page_facing_up:](https://rclone.org/http/)
+  * Hubic [:page_facing_up:](https://rclone.org/hubic/)
+  * Jottacloud [:page_facing_up:](https://rclone.org/jottacloud/)
+  * IBM COS S3 [:page_facing_up:](https://rclone.org/s3/#ibm-cos-s3)
+  * Koofr [:page_facing_up:](https://rclone.org/koofr/)
+  * Memset Memstore [:page_facing_up:](https://rclone.org/swift/)
+  * Mega [:page_facing_up:](https://rclone.org/mega/)
+  * Microsoft Azure Blob Storage [:page_facing_up:](https://rclone.org/azureblob/)
+  * Microsoft OneDrive [:page_facing_up:](https://rclone.org/onedrive/)
+  * Minio [:page_facing_up:](https://rclone.org/s3/#minio)
+  * Nextcloud [:page_facing_up:](https://rclone.org/webdav/#nextcloud)
+  * OVH [:page_facing_up:](https://rclone.org/swift/)
+  * OpenDrive [:page_facing_up:](https://rclone.org/opendrive/)
+  * OpenStack Swift [:page_facing_up:](https://rclone.org/swift/)
+  * Oracle Cloud Storage [:page_facing_up:](https://rclone.org/swift/)
+  * ownCloud [:page_facing_up:](https://rclone.org/webdav/#owncloud)
+  * pCloud [:page_facing_up:](https://rclone.org/pcloud/)
+  * put.io [:page_facing_up:](https://rclone.org/webdav/#put-io)
+  * QingStor [:page_facing_up:](https://rclone.org/qingstor/)
+  * Rackspace Cloud Files [:page_facing_up:](https://rclone.org/swift/)
+  * Scaleway [:page_facing_up:](https://rclone.org/s3/#scaleway)
+  * SFTP [:page_facing_up:](https://rclone.org/sftp/)
+  * Wasabi [:page_facing_up:](https://rclone.org/s3/#wasabi)
+  * WebDAV [:page_facing_up:](https://rclone.org/webdav/)
+  * Yandex Disk [:page_facing_up:](https://rclone.org/yandex/)
+  * The local filesystem [:page_facing_up:](https://rclone.org/local/)
+  
+Please see [the full list of all storage providers and their features](https://rclone.org/overview/)

-  * MD5/SHA1 hashes checked at all times for file integrity
+## Features
+
+  * MD5/SHA-1 hashes checked at all times for file integrity
  * Timestamps preserved on files
  * Partial syncs supported on a whole file basis
-  * Copy mode to just copy new/changed files
-  * Sync (one way) mode to make a directory identical
-  * Check mode to check for file hash equality
-  * Can sync to and from network, eg two different cloud accounts
-  * Optional encryption (Crypt)
-  * Optional FUSE mount
+  * [Copy](https://rclone.org/commands/rclone_copy/) mode to just copy new/changed files
+  * [Sync](https://rclone.org/commands/rclone_sync/) (one way) mode to make a directory identical
+  * [Check](https://rclone.org/commands/rclone_check/) mode to check for file hash equality
+  * Can sync to and from network, e.g. two different cloud accounts
+  * Optional encryption ([Crypt](https://rclone.org/crypt/))
+  * Optional cache ([Cache](https://rclone.org/cache/))
+  * Optional FUSE mount ([rclone mount](https://rclone.org/commands/rclone_mount/))

-See the home page for installation, usage, documentation, changelog
-and configuration walkthroughs.
+## Installation & documentation

-  * http://rclone.org/
+Please see the [rclone website](https://rclone.org/) for:
+
+  * [Installation](https://rclone.org/install/)
+  * [Documentation & configuration](https://rclone.org/docs/)
+  * [Changelog](https://rclone.org/changelog/)
+  * [FAQ](https://rclone.org/faq/)
+  * [Storage providers](https://rclone.org/overview/)
+  * [Forum](https://forum.rclone.org/)
+  * ...and more
+
+## Downloads
+
+  * https://rclone.org/downloads/

 License
 -------

 This is free software under the terms of MIT the license (check the
-COPYING file included in this package).
+[COPYING file](/COPYING) included in this package).
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -1,33 +1,71 @@
-Required software for making a release
+Extra required software for making a release
  * [github-release](https://github.com/aktau/github-release) for uploading packages
-  * [gox](https://github.com/mitchellh/gox) for cross compiling
-    * Run `gox -build-toolchain`
-    * This assumes you have your own source checkout
  * pandoc for making the html and man pages
-  * errcheck - go get github.com/kisielk/errcheck
-  * golint - go get github.com/golang/lint

 Making a release
  * git status - make sure everything is checked in
  * Check travis & appveyor builds are green
  * make check
-  * make test
+  * make test # see integration test server or run locally
  * make tag
  * edit docs/content/changelog.md
  * make doc
  * git status - to check for new man pages - git add them
-  * git commit -a -v -m "Version v1.XX"
+  * git commit -a -v -m "Version v1.XX.0"
  * make retag
-  * # Set the GOPATH for a current stable go compiler
-  * make cross
+  * git push --tags origin master
+  * # Wait for the appveyor and travis builds to complete then...
+  * make fetch_binaries
+  * make tarball
+  * make sign_upload
+  * make check_sign
  * make upload
  * make upload_website
-  * git push --tags origin master
  * make upload_github
+  * make startdev
+  * # announce with forum post, twitter post, G+ post

 Early in the next release cycle update the vendored dependencies
+  * Review any pinned packages in go.mod and remove if possible
+      * GO111MODULE=on go get -u github.com/spf13/cobra@master
  * make update
  * git status
  * git add new files
-  * carry forward any patches to vendor stuff
  * git commit -a -v
+
+If `make update` fails with errors like this:
+
+```
+# github.com/cpuguy83/go-md2man/md2man
+../../../../pkg/mod/github.com/cpuguy83/go-md2man@v1.0.8/md2man/md2man.go:11:16: undefined: blackfriday.EXTENSION_NO_INTRA_EMPHASIS
+../../../../pkg/mod/github.com/cpuguy83/go-md2man@v1.0.8/md2man/md2man.go:12:16: undefined: blackfriday.EXTENSION_TABLES
+```
+
+Can be fixed with
+
+    * GO111MODULE=on go get -u github.com/russross/blackfriday@v1.5.2
+    * GO111MODULE=on go mod tidy
+    * GO111MODULE=on go mod vendor
+ 
+
+Making a point release.  If rclone needs a point release due to some
+horrendous bug, then
+  * git branch v1.XX v1.XX-fixes
+  * git cherry-pick any fixes
+  * Test (see above)
+  * make NEW_TAG=v1.XX.1 tag
+  * edit docs/content/changelog.md
+  * make TAG=v1.43.1 doc
+  * git commit -a -v -m "Version v1.XX.1"
+  * git tag -d -v1.XX.1
+  * git tag -s -m "Version v1.XX.1" v1.XX.1
+  * git push --tags -u origin v1.XX-fixes
+  * make BRANCH_PATH= TAG=v1.43.1 fetch_binaries
+  * make TAG=v1.43.1 tarball
+  * make TAG=v1.43.1 sign_upload
+  * make TAG=v1.43.1 check_sign
+  * make TAG=v1.43.1 upload
+  * make TAG=v1.43.1 upload_website
+  * make TAG=v1.43.1 upload_github
+  * NB this overwrites the current beta so after the release, rebuild the last travis build
+  * Announce!
--- a/amazonclouddrive/amazonclouddrive_test.go
+++ b/amazonclouddrive/amazonclouddrive_test.go
@@ -1,62 +0,0 @@
-// Test AmazonCloudDrive filesystem interface
-//
-// Automatically generated - DO NOT EDIT
-// Regenerate with: make gen_tests
-package amazonclouddrive_test
-
-import (
-	"testing"
-
-	"github.com/ncw/rclone/amazonclouddrive"
-	"github.com/ncw/rclone/fs"
-	"github.com/ncw/rclone/fstest/fstests"
-)
-
-func TestSetup(t *testing.T) {
-	fstests.NilObject = fs.Object((*amazonclouddrive.Object)(nil))
-	fstests.RemoteName = "TestAmazonCloudDrive:"
-}
-
-// Generic tests for the Fs
-func TestInit(t *testing.T)                { fstests.TestInit(t) }
-func TestFsString(t *testing.T)            { fstests.TestFsString(t) }
-func TestFsRmdirEmpty(t *testing.T)        { fstests.TestFsRmdirEmpty(t) }
-func TestFsRmdirNotFound(t *testing.T)     { fstests.TestFsRmdirNotFound(t) }
-func TestFsMkdir(t *testing.T)             { fstests.TestFsMkdir(t) }
-func TestFsMkdirRmdirSubdir(t *testing.T)  { fstests.TestFsMkdirRmdirSubdir(t) }
-func TestFsListEmpty(t *testing.T)         { fstests.TestFsListEmpty(t) }
-func TestFsListDirEmpty(t *testing.T)      { fstests.TestFsListDirEmpty(t) }
-func TestFsNewObjectNotFound(t *testing.T) { fstests.TestFsNewObjectNotFound(t) }
-func TestFsPutFile1(t *testing.T)          { fstests.TestFsPutFile1(t) }
-func TestFsPutError(t *testing.T)          { fstests.TestFsPutError(t) }
-func TestFsPutFile2(t *testing.T)          { fstests.TestFsPutFile2(t) }
-func TestFsUpdateFile1(t *testing.T)       { fstests.TestFsUpdateFile1(t) }
-func TestFsListDirFile2(t *testing.T)      { fstests.TestFsListDirFile2(t) }
-func TestFsListDirRoot(t *testing.T)       { fstests.TestFsListDirRoot(t) }
-func TestFsListSubdir(t *testing.T)        { fstests.TestFsListSubdir(t) }
-func TestFsListLevel2(t *testing.T)        { fstests.TestFsListLevel2(t) }
-func TestFsListFile1(t *testing.T)         { fstests.TestFsListFile1(t) }
-func TestFsNewObject(t *testing.T)         { fstests.TestFsNewObject(t) }
-func TestFsListFile1and2(t *testing.T)     { fstests.TestFsListFile1and2(t) }
-func TestFsCopy(t *testing.T)              { fstests.TestFsCopy(t) }
-func TestFsMove(t *testing.T)              { fstests.TestFsMove(t) }
-func TestFsDirMove(t *testing.T)           { fstests.TestFsDirMove(t) }
-func TestFsRmdirFull(t *testing.T)         { fstests.TestFsRmdirFull(t) }
-func TestFsPrecision(t *testing.T)         { fstests.TestFsPrecision(t) }
-func TestObjectString(t *testing.T)        { fstests.TestObjectString(t) }
-func TestObjectFs(t *testing.T)            { fstests.TestObjectFs(t) }
-func TestObjectRemote(t *testing.T)        { fstests.TestObjectRemote(t) }
-func TestObjectHashes(t *testing.T)        { fstests.TestObjectHashes(t) }
-func TestObjectModTime(t *testing.T)       { fstests.TestObjectModTime(t) }
-func TestObjectMimeType(t *testing.T)      { fstests.TestObjectMimeType(t) }
-func TestObjectSetModTime(t *testing.T)    { fstests.TestObjectSetModTime(t) }
-func TestObjectSize(t *testing.T)          { fstests.TestObjectSize(t) }
-func TestObjectOpen(t *testing.T)          { fstests.TestObjectOpen(t) }
-func TestObjectOpenSeek(t *testing.T)      { fstests.TestObjectOpenSeek(t) }
-func TestObjectUpdate(t *testing.T)        { fstests.TestObjectUpdate(t) }
-func TestObjectStorable(t *testing.T)      { fstests.TestObjectStorable(t) }
-func TestFsIsFile(t *testing.T)            { fstests.TestFsIsFile(t) }
-func TestFsIsFileNotFound(t *testing.T)    { fstests.TestFsIsFileNotFound(t) }
-func TestObjectRemove(t *testing.T)        { fstests.TestObjectRemove(t) }
-func TestObjectPurge(t *testing.T)         { fstests.TestObjectPurge(t) }
-func TestFinalise(t *testing.T)            { fstests.TestFinalise(t) }
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -1,20 +0,0 @@
-version: "{build}"
-
-os: Windows Server 2012 R2
-
-clone_folder: c:\gopath\src\github.com\ncw\rclone
-
-environment:
-  GOPATH: c:\gopath
-
-install:
-  - echo %PATH%
-  - echo %GOPATH%
-  - go version
-  - go env
-  - go install
-
-build_script:
- - rmdir vendor\bazil.org\fuse /s /q
- - go test -cpu=2 ./...
- - go test -cpu=2 -short -race ./...
--- a/b2/b2_test.go
+++ b/b2/b2_test.go
@@ -1,62 +0,0 @@
-// Test B2 filesystem interface
-//
-// Automatically generated - DO NOT EDIT
-// Regenerate with: make gen_tests
-package b2_test
-
-import (
-	"testing"
-
-	"github.com/ncw/rclone/b2"
-	"github.com/ncw/rclone/fs"
-	"github.com/ncw/rclone/fstest/fstests"
-)
-
-func TestSetup(t *testing.T) {
-	fstests.NilObject = fs.Object((*b2.Object)(nil))
-	fstests.RemoteName = "TestB2:"
-}
-
-// Generic tests for the Fs
-func TestInit(t *testing.T)                { fstests.TestInit(t) }
-func TestFsString(t *testing.T)            { fstests.TestFsString(t) }
-func TestFsRmdirEmpty(t *testing.T)        { fstests.TestFsRmdirEmpty(t) }
-func TestFsRmdirNotFound(t *testing.T)     { fstests.TestFsRmdirNotFound(t) }
-func TestFsMkdir(t *testing.T)             { fstests.TestFsMkdir(t) }
-func TestFsMkdirRmdirSubdir(t *testing.T)  { fstests.TestFsMkdirRmdirSubdir(t) }
-func TestFsListEmpty(t *testing.T)         { fstests.TestFsListEmpty(t) }
-func TestFsListDirEmpty(t *testing.T)      { fstests.TestFsListDirEmpty(t) }
-func TestFsNewObjectNotFound(t *testing.T) { fstests.TestFsNewObjectNotFound(t) }
-func TestFsPutFile1(t *testing.T)          { fstests.TestFsPutFile1(t) }
-func TestFsPutError(t *testing.T)          { fstests.TestFsPutError(t) }
-func TestFsPutFile2(t *testing.T)          { fstests.TestFsPutFile2(t) }
-func TestFsUpdateFile1(t *testing.T)       { fstests.TestFsUpdateFile1(t) }
-func TestFsListDirFile2(t *testing.T)      { fstests.TestFsListDirFile2(t) }
-func TestFsListDirRoot(t *testing.T)       { fstests.TestFsListDirRoot(t) }
-func TestFsListSubdir(t *testing.T)        { fstests.TestFsListSubdir(t) }
-func TestFsListLevel2(t *testing.T)        { fstests.TestFsListLevel2(t) }
-func TestFsListFile1(t *testing.T)         { fstests.TestFsListFile1(t) }
-func TestFsNewObject(t *testing.T)         { fstests.TestFsNewObject(t) }
-func TestFsListFile1and2(t *testing.T)     { fstests.TestFsListFile1and2(t) }
-func TestFsCopy(t *testing.T)              { fstests.TestFsCopy(t) }
-func TestFsMove(t *testing.T)              { fstests.TestFsMove(t) }
-func TestFsDirMove(t *testing.T)           { fstests.TestFsDirMove(t) }
-func TestFsRmdirFull(t *testing.T)         { fstests.TestFsRmdirFull(t) }
-func TestFsPrecision(t *testing.T)         { fstests.TestFsPrecision(t) }
-func TestObjectString(t *testing.T)        { fstests.TestObjectString(t) }
-func TestObjectFs(t *testing.T)            { fstests.TestObjectFs(t) }
-func TestObjectRemote(t *testing.T)        { fstests.TestObjectRemote(t) }
-func TestObjectHashes(t *testing.T)        { fstests.TestObjectHashes(t) }
-func TestObjectModTime(t *testing.T)       { fstests.TestObjectModTime(t) }
-func TestObjectMimeType(t *testing.T)      { fstests.TestObjectMimeType(t) }
-func TestObjectSetModTime(t *testing.T)    { fstests.TestObjectSetModTime(t) }
-func TestObjectSize(t *testing.T)          { fstests.TestObjectSize(t) }
-func TestObjectOpen(t *testing.T)          { fstests.TestObjectOpen(t) }
-func TestObjectOpenSeek(t *testing.T)      { fstests.TestObjectOpenSeek(t) }
-func TestObjectUpdate(t *testing.T)        { fstests.TestObjectUpdate(t) }
-func TestObjectStorable(t *testing.T)      { fstests.TestObjectStorable(t) }
-func TestFsIsFile(t *testing.T)            { fstests.TestFsIsFile(t) }
-func TestFsIsFileNotFound(t *testing.T)    { fstests.TestFsIsFileNotFound(t) }
-func TestObjectRemove(t *testing.T)        { fstests.TestObjectRemove(t) }
-func TestObjectPurge(t *testing.T)         { fstests.TestObjectPurge(t) }
-func TestFinalise(t *testing.T)            { fstests.TestFinalise(t) }
--- a/backend/alias/alias.go
+++ b/backend/alias/alias.go
@@ -0,0 +1,54 @@
+package alias
+
+import (
+	"errors"
+	"strings"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/config/configmap"
+	"github.com/ncw/rclone/fs/config/configstruct"
+	"github.com/ncw/rclone/fs/fspath"
+)
+
+// Register with Fs
+func init() {
+	fsi := &fs.RegInfo{
+		Name:        "alias",
+		Description: "Alias for a existing remote",
+		NewFs:       NewFs,
+		Options: []fs.Option{{
+			Name:     "remote",
+			Help:     "Remote or path to alias.\nCan be \"myremote:path/to/dir\", \"myremote:bucket\", \"myremote:\" or \"/local/path\".",
+			Required: true,
+		}},
+	}
+	fs.Register(fsi)
+}
+
+// Options defines the configuration for this backend
+type Options struct {
+	Remote string `config:"remote"`
+}
+
+// NewFs constructs an Fs from the path.
+//
+// The returned Fs is the actual Fs, referenced by remote in the config
+func NewFs(name, root string, m configmap.Mapper) (fs.Fs, error) {
+	// Parse config into Options struct
+	opt := new(Options)
+	err := configstruct.Set(m, opt)
+	if err != nil {
+		return nil, err
+	}
+	if opt.Remote == "" {
+		return nil, errors.New("alias can't point to an empty remote - check the value of the remote setting")
+	}
+	if strings.HasPrefix(opt.Remote, name+":") {
+		return nil, errors.New("can't point alias remote at itself - check the value of the remote setting")
+	}
+	fsInfo, configName, fsPath, config, err := fs.ConfigFs(opt.Remote)
+	if err != nil {
+		return nil, err
+	}
+	return fsInfo.NewFs(configName, fspath.JoinRootPath(fsPath, root), config)
+}
--- a/backend/alias/alias_internal_test.go
+++ b/backend/alias/alias_internal_test.go
@@ -0,0 +1,104 @@
+package alias
+
+import (
+	"fmt"
+	"path"
+	"path/filepath"
+	"sort"
+	"testing"
+
+	_ "github.com/ncw/rclone/backend/local" // pull in test backend
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/config"
+	"github.com/stretchr/testify/require"
+)
+
+var (
+	remoteName = "TestAlias"
+)
+
+func prepare(t *testing.T, root string) {
+	config.LoadConfig()
+
+	// Configure the remote
+	config.FileSet(remoteName, "type", "alias")
+	config.FileSet(remoteName, "remote", root)
+}
+
+func TestNewFS(t *testing.T) {
+	type testEntry struct {
+		remote string
+		size   int64
+		isDir  bool
+	}
+	for testi, test := range []struct {
+		remoteRoot string
+		fsRoot     string
+		fsList     string
+		wantOK     bool
+		entries    []testEntry
+	}{
+		{"", "", "", true, []testEntry{
+			{"four", -1, true},
+			{"one%.txt", 6, false},
+			{"three", -1, true},
+			{"two.html", 7, false},
+		}},
+		{"", "four", "", true, []testEntry{
+			{"five", -1, true},
+			{"under four.txt", 9, false},
+		}},
+		{"", "", "four", true, []testEntry{
+			{"four/five", -1, true},
+			{"four/under four.txt", 9, false},
+		}},
+		{"four", "..", "", true, []testEntry{
+			{"four", -1, true},
+			{"one%.txt", 6, false},
+			{"three", -1, true},
+			{"two.html", 7, false},
+		}},
+		{"four", "../three", "", true, []testEntry{
+			{"underthree.txt", 9, false},
+		}},
+	} {
+		what := fmt.Sprintf("test %d remoteRoot=%q, fsRoot=%q, fsList=%q", testi, test.remoteRoot, test.fsRoot, test.fsList)
+
+		remoteRoot, err := filepath.Abs(filepath.FromSlash(path.Join("test/files", test.remoteRoot)))
+		require.NoError(t, err, what)
+		prepare(t, remoteRoot)
+		f, err := fs.NewFs(fmt.Sprintf("%s:%s", remoteName, test.fsRoot))
+		require.NoError(t, err, what)
+		gotEntries, err := f.List(test.fsList)
+		require.NoError(t, err, what)
+
+		sort.Sort(gotEntries)
+
+		require.Equal(t, len(test.entries), len(gotEntries), what)
+		for i, gotEntry := range gotEntries {
+			what := fmt.Sprintf("%s, entry=%d", what, i)
+			wantEntry := test.entries[i]
+
+			require.Equal(t, wantEntry.remote, gotEntry.Remote(), what)
+			require.Equal(t, wantEntry.size, gotEntry.Size(), what)
+			_, isDir := gotEntry.(fs.Directory)
+			require.Equal(t, wantEntry.isDir, isDir, what)
+		}
+	}
+}
+
+func TestNewFSNoRemote(t *testing.T) {
+	prepare(t, "")
+	f, err := fs.NewFs(fmt.Sprintf("%s:", remoteName))
+
+	require.Error(t, err)
+	require.Nil(t, f)
+}
+
+func TestNewFSInvalidRemote(t *testing.T) {
+	prepare(t, "not_existing_test_remote:")
+	f, err := fs.NewFs(fmt.Sprintf("%s:", remoteName))
+
+	require.Error(t, err)
+	require.Nil(t, f)
+}
--- a/backend/alias/test/files/four/five/underfive.txt
+++ b/backend/alias/test/files/four/five/underfive.txt
@@ -0,0 +1 @@
+apple
--- a/backend/alias/test/files/four/under
+++ b/backend/alias/test/files/four/under
@@ -0,0 +1 @@
+beetroot
--- a/backend/alias/test/files/one%.txt
+++ b/backend/alias/test/files/one%.txt
@@ -0,0 +1 @@
+hello
--- a/backend/alias/test/files/three/underthree.txt
+++ b/backend/alias/test/files/three/underthree.txt
@@ -0,0 +1 @@
+rutabaga
--- a/backend/alias/test/files/two.html
+++ b/backend/alias/test/files/two.html
@@ -0,0 +1 @@
+potato
--- a/backend/all/all.go
+++ b/backend/all/all.go
@@ -0,0 +1,32 @@
+package all
+
+import (
+	// Active file systems
+	_ "github.com/ncw/rclone/backend/alias"
+	_ "github.com/ncw/rclone/backend/amazonclouddrive"
+	_ "github.com/ncw/rclone/backend/azureblob"
+	_ "github.com/ncw/rclone/backend/b2"
+	_ "github.com/ncw/rclone/backend/box"
+	_ "github.com/ncw/rclone/backend/cache"
+	_ "github.com/ncw/rclone/backend/crypt"
+	_ "github.com/ncw/rclone/backend/drive"
+	_ "github.com/ncw/rclone/backend/dropbox"
+	_ "github.com/ncw/rclone/backend/ftp"
+	_ "github.com/ncw/rclone/backend/googlecloudstorage"
+	_ "github.com/ncw/rclone/backend/http"
+	_ "github.com/ncw/rclone/backend/hubic"
+	_ "github.com/ncw/rclone/backend/jottacloud"
+	_ "github.com/ncw/rclone/backend/koofr"
+	_ "github.com/ncw/rclone/backend/local"
+	_ "github.com/ncw/rclone/backend/mega"
+	_ "github.com/ncw/rclone/backend/onedrive"
+	_ "github.com/ncw/rclone/backend/opendrive"
+	_ "github.com/ncw/rclone/backend/pcloud"
+	_ "github.com/ncw/rclone/backend/qingstor"
+	_ "github.com/ncw/rclone/backend/s3"
+	_ "github.com/ncw/rclone/backend/sftp"
+	_ "github.com/ncw/rclone/backend/swift"
+	_ "github.com/ncw/rclone/backend/union"
+	_ "github.com/ncw/rclone/backend/webdav"
+	_ "github.com/ncw/rclone/backend/yandex"
+)
--- a/backend/amazonclouddrive/amazonclouddrive.go
+++ b/backend/amazonclouddrive/amazonclouddrive.go
--- a/backend/amazonclouddrive/amazonclouddrive_test.go
+++ b/backend/amazonclouddrive/amazonclouddrive_test.go
@@ -0,0 +1,20 @@
+// Test AmazonCloudDrive filesystem interface
+
+// +build acd
+
+package amazonclouddrive_test
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/backend/amazonclouddrive"
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.NilObject = fs.Object((*amazonclouddrive.Object)(nil))
+	fstests.RemoteName = "TestAmazonCloudDrive:"
+	fstests.Run(t)
+}
--- a/backend/azureblob/azureblob.go
+++ b/backend/azureblob/azureblob.go
--- a/backend/azureblob/azureblob_internal_test.go
+++ b/backend/azureblob/azureblob_internal_test.go
@@ -0,0 +1,18 @@
+// +build !plan9,!solaris
+
+package azureblob
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func (f *Fs) InternalTest(t *testing.T) {
+	// Check first feature flags are set on this
+	// remote
+	enabled := f.Features().SetTier
+	assert.True(t, enabled)
+	enabled = f.Features().GetTier
+	assert.True(t, enabled)
+}
--- a/backend/azureblob/azureblob_test.go
+++ b/backend/azureblob/azureblob_test.go
@@ -0,0 +1,37 @@
+// Test AzureBlob filesystem interface
+
+// +build !plan9,!solaris
+
+package azureblob
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName:  "TestAzureBlob:",
+		NilObject:   (*Object)(nil),
+		TiersToTest: []string{"Hot", "Cool"},
+		ChunkedUpload: fstests.ChunkedUploadConfig{
+			MaxChunkSize: maxChunkSize,
+		},
+	})
+}
+
+func (f *Fs) SetUploadChunkSize(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+	return f.setUploadChunkSize(cs)
+}
+
+func (f *Fs) SetUploadCutoff(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+	return f.setUploadCutoff(cs)
+}
+
+var (
+	_ fstests.SetUploadChunkSizer = (*Fs)(nil)
+	_ fstests.SetUploadCutoffer   = (*Fs)(nil)
+)
--- a/backend/azureblob/azureblob_unsupported.go
+++ b/backend/azureblob/azureblob_unsupported.go
@@ -0,0 +1,6 @@
+// Build for azureblob for unsupported platforms to stop go complaining
+// about "no buildable Go source files "
+
+// +build plan9 solaris
+
+package azureblob
--- a/backend/b2/api/types.go
+++ b/backend/b2/api/types.go
@@ -7,7 +7,7 @@ import (
 	"strings"
 	"time"

-	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/fserrors"
 )

 // Error describes a B2 error response
@@ -17,24 +17,19 @@ type Error struct {
 	Message string `json:"message"` // A human-readable message, in English, saying what went wrong.
 }

-// Error statisfies the error interface
+// Error satisfies the error interface
 func (e *Error) Error() string {
 	return fmt.Sprintf("%s (%d %s)", e.Message, e.Status, e.Code)
 }

-// Fatal statisfies the Fatal interface
+// Fatal satisfies the Fatal interface
 //
 // It indicates which errors should be treated as fatal
 func (e *Error) Fatal() bool {
 	return e.Status == 403 // 403 errors shouldn't be retried
 }

-var _ fs.Fataler = (*Error)(nil)
-
-// Account describes a B2 account
-type Account struct {
-	ID string `json:"accountId"` // The identifier for the account.
-}
+var _ fserrors.Fataler = (*Error)(nil)

 // Bucket describes a B2 bucket
 type Bucket struct {
@@ -74,7 +69,7 @@ const versionFormat = "-v2006-01-02-150405.000"
 func (t Timestamp) AddVersion(remote string) string {
 	ext := path.Ext(remote)
 	base := remote[:len(remote)-len(ext)]
-	s := (time.Time)(t).Format(versionFormat)
+	s := time.Time(t).Format(versionFormat)
 	// Replace the '.' with a '-'
 	s = strings.Replace(s, ".", "-", -1)
 	return base + s + ext
@@ -105,22 +100,22 @@ func RemoveVersion(remote string) (t Timestamp, newRemote string) {
 	return Timestamp(newT), base[:versionStart] + ext
 }

-// IsZero returns true if the timestamp is unitialised
+// IsZero returns true if the timestamp is uninitialized
 func (t Timestamp) IsZero() bool {
-	return (time.Time)(t).IsZero()
+	return time.Time(t).IsZero()
 }

 // Equal compares two timestamps
 //
 // If either are !IsZero then it returns false
 func (t Timestamp) Equal(s Timestamp) bool {
-	if (time.Time)(t).IsZero() {
+	if time.Time(t).IsZero() {
 		return false
 	}
-	if (time.Time)(s).IsZero() {
+	if time.Time(s).IsZero() {
 		return false
 	}
-	return (time.Time)(t).Equal((time.Time)(s))
+	return time.Time(t).Equal(time.Time(s))
 }

 // File is info about a file
@@ -137,10 +132,27 @@ type File struct {

 // AuthorizeAccountResponse is as returned from the b2_authorize_account call
 type AuthorizeAccountResponse struct {
-	AccountID          string `json:"accountId"`          // The identifier for the account.
-	AuthorizationToken string `json:"authorizationToken"` // An authorization token to use with all calls, other than b2_authorize_account, that need an Authorization header.
-	APIURL             string `json:"apiUrl"`             // The base URL to use for all API calls except for uploading and downloading files.
-	DownloadURL        string `json:"downloadUrl"`        // The base URL to use for downloading files.
+	AbsoluteMinimumPartSize int      `json:"absoluteMinimumPartSize"` // The smallest possible size of a part of a large file.
+	AccountID               string   `json:"accountId"`               // The identifier for the account.
+	Allowed                 struct { // An object (see below) containing the capabilities of this auth token, and any restrictions on using it.
+		BucketID     string      `json:"bucketId"`     // When present, access is restricted to one bucket.
+		BucketName   string      `json:"bucketName"`   // When present, name of bucket - may be empty
+		Capabilities []string    `json:"capabilities"` // A list of strings, each one naming a capability the key has.
+		NamePrefix   interface{} `json:"namePrefix"`   // When present, access is restricted to files whose names start with the prefix
+	} `json:"allowed"`
+	APIURL              string `json:"apiUrl"`              // The base URL to use for all API calls except for uploading and downloading files.
+	AuthorizationToken  string `json:"authorizationToken"`  // An authorization token to use with all calls, other than b2_authorize_account, that need an Authorization header.
+	DownloadURL         string `json:"downloadUrl"`         // The base URL to use for downloading files.
+	MinimumPartSize     int    `json:"minimumPartSize"`     // DEPRECATED: This field will always have the same value as recommendedPartSize. Use recommendedPartSize instead.
+	RecommendedPartSize int    `json:"recommendedPartSize"` // The recommended size for each part of a large file. We recommend using this part size for optimal upload performance.
+}
+
+// ListBucketsRequest is parameters for b2_list_buckets call
+type ListBucketsRequest struct {
+	AccountID   string   `json:"accountId"`             // The identifier for the account.
+	BucketID    string   `json:"bucketId,omitempty"`    // When specified, the result will be a list containing just this bucket.
+	BucketName  string   `json:"bucketName,omitempty"`  // When specified, the result will be a list containing just this bucket.
+	BucketTypes []string `json:"bucketTypes,omitempty"` // If present, B2 will use it as a filter for bucket types returned in the list buckets response.
 }

 // ListBucketsResponse is as returned from the b2_list_buckets call
--- a/backend/b2/api/types_test.go
+++ b/backend/b2/api/types_test.go
@@ -4,7 +4,7 @@ import (
 	"testing"
 	"time"

-	"github.com/ncw/rclone/b2/api"
+	"github.com/ncw/rclone/backend/b2/api"
 	"github.com/ncw/rclone/fstest"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
--- a/backend/b2/b2.go
+++ b/backend/b2/b2.go
--- a/backend/b2/b2_internal_test.go
+++ b/backend/b2/b2_internal_test.go
--- a/backend/b2/b2_test.go
+++ b/backend/b2/b2_test.go
@@ -0,0 +1,34 @@
+// Test B2 filesystem interface
+package b2
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: "TestB2:",
+		NilObject:  (*Object)(nil),
+		ChunkedUpload: fstests.ChunkedUploadConfig{
+			MinChunkSize:       minChunkSize,
+			NeedMultipleChunks: true,
+		},
+	})
+}
+
+func (f *Fs) SetUploadChunkSize(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+	return f.setUploadChunkSize(cs)
+}
+
+func (f *Fs) SetUploadCutoff(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+	return f.setUploadCutoff(cs)
+}
+
+var (
+	_ fstests.SetUploadChunkSizer = (*Fs)(nil)
+	_ fstests.SetUploadCutoffer   = (*Fs)(nil)
+)
--- a/backend/b2/upload.go
+++ b/backend/b2/upload.go
@@ -7,24 +7,73 @@ package b2
 import (
 	"bytes"
 	"crypto/sha1"
+	"encoding/hex"
 	"fmt"
+	gohash "hash"
 	"io"
+	"strings"
 	"sync"

-	"github.com/ncw/rclone/b2/api"
+	"github.com/ncw/rclone/backend/b2/api"
 	"github.com/ncw/rclone/fs"
-	"github.com/ncw/rclone/rest"
+	"github.com/ncw/rclone/fs/accounting"
+	"github.com/ncw/rclone/fs/hash"
+	"github.com/ncw/rclone/lib/rest"
 	"github.com/pkg/errors"
 )

+type hashAppendingReader struct {
+	h         gohash.Hash
+	in        io.Reader
+	hexSum    string
+	hexReader io.Reader
+}
+
+// Read returns bytes all bytes from the original reader, then the hex sum
+// of what was read so far, then EOF.
+func (har *hashAppendingReader) Read(b []byte) (int, error) {
+	if har.hexReader == nil {
+		n, err := har.in.Read(b)
+		if err == io.EOF {
+			har.in = nil // allow GC
+			err = nil    // allow reading hexSum before EOF
+
+			har.hexSum = hex.EncodeToString(har.h.Sum(nil))
+			har.hexReader = strings.NewReader(har.hexSum)
+		}
+		return n, err
+	}
+	return har.hexReader.Read(b)
+}
+
+// AdditionalLength returns how many bytes the appended hex sum will take up.
+func (har *hashAppendingReader) AdditionalLength() int {
+	return hex.EncodedLen(har.h.Size())
+}
+
+// HexSum returns the hash sum as hex. It's only available after the original
+// reader has EOF'd. It's an empty string before that.
+func (har *hashAppendingReader) HexSum() string {
+	return har.hexSum
+}
+
+// newHashAppendingReader takes a Reader and a Hash and will append the hex sum
+// after the original reader reaches EOF. The increased size depends on the
+// given hash, which may be queried through AdditionalLength()
+func newHashAppendingReader(in io.Reader, h gohash.Hash) *hashAppendingReader {
+	withHash := io.TeeReader(in, h)
+	return &hashAppendingReader{h: h, in: withHash}
+}
+
 // largeUpload is used to control the upload of large files which need chunking
 type largeUpload struct {
 	f        *Fs                             // parent Fs
 	o        *Object                         // object being uploaded
 	in       io.Reader                       // read the data from here
+	wrap     accounting.WrapFn               // account parts being transferred
 	id       string                          // ID of the file being uploaded
 	size     int64                           // total size
-	parts    int64                           // calculated number of parts
+	parts    int64                           // calculated number of parts, if known
 	sha1s    []string                        // slice of SHA1s for each part
 	uploadMu sync.Mutex                      // lock for upload variable
 	uploads  []*api.GetUploadPartURLResponse // result of get upload URL calls
@@ -34,13 +83,21 @@ type largeUpload struct {
 func (f *Fs) newLargeUpload(o *Object, in io.Reader, src fs.ObjectInfo) (up *largeUpload, err error) {
 	remote := o.remote
 	size := src.Size()
-	parts := size / int64(chunkSize)
-	if size%int64(chunkSize) != 0 {
-		parts++
-	}
-	if parts > maxParts {
-		return nil, errors.Errorf("%q too big (%d bytes) makes too many parts %d > %d - increase --b2-chunk-size", remote, size, parts, maxParts)
+	parts := int64(0)
+	sha1SliceSize := int64(maxParts)
+	if size == -1 {
+		fs.Debugf(o, "Streaming upload with --b2-chunk-size %s allows uploads of up to %s and will fail only when that limit is reached.", f.opt.ChunkSize, maxParts*f.opt.ChunkSize)
+	} else {
+		parts = size / int64(o.fs.opt.ChunkSize)
+		if size%int64(o.fs.opt.ChunkSize) != 0 {
+			parts++
+		}
+		if parts > maxParts {
+			return nil, errors.Errorf("%q too big (%d bytes) makes too many parts %d > %d - increase --b2-chunk-size", remote, size, parts, maxParts)
+		}
+		sha1SliceSize = parts
 	}
+
 	modTime := src.ModTime()
 	opts := rest.Opts{
 		Method: "POST",
@@ -59,8 +116,10 @@ func (f *Fs) newLargeUpload(o *Object, in io.Reader, src fs.ObjectInfo) (up *lar
 		},
 	}
 	// Set the SHA1 if known
-	if calculatedSha1, err := src.Hash(fs.HashSHA1); err == nil && calculatedSha1 != "" {
-		request.Info[sha1Key] = calculatedSha1
+	if !o.fs.opt.DisableCheckSum {
+		if calculatedSha1, err := src.Hash(hash.SHA1); err == nil && calculatedSha1 != "" {
+			request.Info[sha1Key] = calculatedSha1
+		}
 	}
 	var response api.StartLargeFileResponse
 	err = f.pacer.Call(func() (bool, error) {
@@ -70,14 +129,18 @@ func (f *Fs) newLargeUpload(o *Object, in io.Reader, src fs.ObjectInfo) (up *lar
 	if err != nil {
 		return nil, err
 	}
+	// unwrap the accounting from the input, we use wrap to put it
+	// back on after the buffering
+	in, wrap := accounting.UnWrap(in)
 	up = &largeUpload{
 		f:     f,
 		o:     o,
 		in:    in,
+		wrap:  wrap,
 		id:    response.ID,
 		size:  size,
 		parts: parts,
-		sha1s: make([]string, parts),
+		sha1s: make([]string, sha1SliceSize),
 	}
 	return up, nil
 }
@@ -128,11 +191,8 @@ func (up *largeUpload) clearUploadURL() {

 // Transfer a chunk
 func (up *largeUpload) transferChunk(part int64, body []byte) error {
-	calculatedSHA1 := fmt.Sprintf("%x", sha1.Sum(body))
-	up.sha1s[part-1] = calculatedSHA1
-	size := int64(len(body))
 	err := up.f.pacer.Call(func() (bool, error) {
-		fs.Debug(up.o, "Sending chunk %d length %d", part, len(body))
+		fs.Debugf(up.o, "Sending chunk %d length %d", part, len(body))

 		// Get upload URL
 		upload, err := up.getUploadURL()
@@ -140,6 +200,9 @@ func (up *largeUpload) transferChunk(part int64, body []byte) error {
 			return false, err
 		}

+		in := newHashAppendingReader(bytes.NewReader(body), sha1.New())
+		size := int64(len(body)) + int64(in.AdditionalLength())
+
 		// Authorization
 		//
 		// An upload authorization token, from b2_get_upload_part_url.
@@ -163,14 +226,13 @@ func (up *largeUpload) transferChunk(part int64, body []byte) error {
 		// data arrived correctly.  The same SHA1 checksum must be
 		// passed to b2_finish_large_file.
 		opts := rest.Opts{
-			Method:   "POST",
-			Absolute: true,
-			Path:     upload.UploadURL,
-			Body:     fs.AccountPart(up.o, bytes.NewBuffer(body)),
+			Method:  "POST",
+			RootURL: upload.UploadURL,
+			Body:    up.wrap(in),
 			ExtraHeaders: map[string]string{
 				"Authorization":    upload.AuthorizationToken,
 				"X-Bz-Part-Number": fmt.Sprintf("%d", part),
-				sha1Header:         calculatedSHA1,
+				sha1Header:         "hex_digits_at_end",
 			},
 			ContentLength: &size,
 		}
@@ -179,24 +241,29 @@ func (up *largeUpload) transferChunk(part int64, body []byte) error {

 		resp, err := up.f.srv.CallJSON(&opts, nil, &response)
 		retry, err := up.f.shouldRetry(resp, err)
+		if err != nil {
+			fs.Debugf(up.o, "Error sending chunk %d (retry=%v): %v: %#v", part, retry, err, err)
+		}
 		// On retryable error clear PartUploadURL
 		if retry {
-			fs.Debug(up.o, "Clearing part upload URL because of error: %v", err)
+			fs.Debugf(up.o, "Clearing part upload URL because of error: %v", err)
 			upload = nil
 		}
 		up.returnUploadURL(upload)
+		up.sha1s[part-1] = in.HexSum()
 		return retry, err
 	})
 	if err != nil {
-		fs.Debug(up.o, "Error sending chunk %d: %v", part, err)
+		fs.Debugf(up.o, "Error sending chunk %d: %v", part, err)
 	} else {
-		fs.Debug(up.o, "Done sending chunk %d", part)
+		fs.Debugf(up.o, "Done sending chunk %d", part)
 	}
 	return err
 }

 // finish closes off the large upload
 func (up *largeUpload) finish() error {
+	fs.Debugf(up.o, "Finishing large file upload with %d parts", up.parts)
 	opts := rest.Opts{
 		Method: "POST",
 		Path:   "/b2_finish_large_file",
@@ -233,16 +300,107 @@ func (up *largeUpload) cancel() error {
 	return err
 }

+func (up *largeUpload) managedTransferChunk(wg *sync.WaitGroup, errs chan error, part int64, buf []byte) {
+	wg.Add(1)
+	go func(part int64, buf []byte) {
+		defer wg.Done()
+		defer up.f.putUploadBlock(buf)
+		err := up.transferChunk(part, buf)
+		if err != nil {
+			select {
+			case errs <- err:
+			default:
+			}
+		}
+	}(part, buf)
+}
+
+func (up *largeUpload) finishOrCancelOnError(err error, errs chan error) error {
+	if err == nil {
+		select {
+		case err = <-errs:
+		default:
+		}
+	}
+	if err != nil {
+		fs.Debugf(up.o, "Cancelling large file upload due to error: %v", err)
+		cancelErr := up.cancel()
+		if cancelErr != nil {
+			fs.Errorf(up.o, "Failed to cancel large file upload: %v", cancelErr)
+		}
+		return err
+	}
+	return up.finish()
+}
+
+// Stream uploads the chunks from the input, starting with a required initial
+// chunk. Assumes the file size is unknown and will upload until the input
+// reaches EOF.
+func (up *largeUpload) Stream(initialUploadBlock []byte) (err error) {
+	fs.Debugf(up.o, "Starting streaming of large file (id %q)", up.id)
+	errs := make(chan error, 1)
+	hasMoreParts := true
+	var wg sync.WaitGroup
+
+	// Transfer initial chunk
+	up.size = int64(len(initialUploadBlock))
+	up.managedTransferChunk(&wg, errs, 1, initialUploadBlock)
+
+outer:
+	for part := int64(2); hasMoreParts; part++ {
+		// Check any errors
+		select {
+		case err = <-errs:
+			break outer
+		default:
+		}
+
+		// Get a block of memory
+		buf := up.f.getUploadBlock()
+
+		// Read the chunk
+		var n int
+		n, err = io.ReadFull(up.in, buf)
+		if err == io.ErrUnexpectedEOF {
+			fs.Debugf(up.o, "Read less than a full chunk, making this the last one.")
+			buf = buf[:n]
+			hasMoreParts = false
+			err = nil
+		} else if err == io.EOF {
+			fs.Debugf(up.o, "Could not read any more bytes, previous chunk was the last.")
+			up.f.putUploadBlock(buf)
+			err = nil
+			break outer
+		} else if err != nil {
+			// other kinds of errors indicate failure
+			up.f.putUploadBlock(buf)
+			break outer
+		}
+
+		// Keep stats up to date
+		up.parts = part
+		up.size += int64(n)
+		if part > maxParts {
+			err = errors.Errorf("%q too big (%d bytes so far) makes too many parts %d > %d - increase --b2-chunk-size", up.o, up.size, up.parts, maxParts)
+			break outer
+		}
+
+		// Transfer the chunk
+		up.managedTransferChunk(&wg, errs, part, buf)
+	}
+	wg.Wait()
+	up.sha1s = up.sha1s[:up.parts]
+
+	return up.finishOrCancelOnError(err, errs)
+}
+
 // Upload uploads the chunks from the input
 func (up *largeUpload) Upload() error {
-	fs.Debug(up.o, "Starting upload of large file in %d chunks (id %q)", up.parts, up.id)
+	fs.Debugf(up.o, "Starting upload of large file in %d chunks (id %q)", up.parts, up.id)
 	remaining := up.size
 	errs := make(chan error, 1)
 	var wg sync.WaitGroup
 	var err error
-	uploadCounter := up.f.newMultipartUploadCounter()
-	defer uploadCounter.finished()
-	fs.AccountByPart(up.o) // Cancel whole file accounting before reading
 outer:
 	for part := int64(1); part <= up.parts; part++ {
 		// Check any errors
@@ -253,51 +411,25 @@ outer:
 		}

 		reqSize := remaining
-		if reqSize >= int64(chunkSize) {
-			reqSize = int64(chunkSize)
+		if reqSize >= int64(up.f.opt.ChunkSize) {
+			reqSize = int64(up.f.opt.ChunkSize)
 		}

+		// Get a block of memory
+		buf := up.f.getUploadBlock()[:reqSize]
+
 		// Read the chunk
-		buf := make([]byte, reqSize)
 		_, err = io.ReadFull(up.in, buf)
 		if err != nil {
+			up.f.putUploadBlock(buf)
 			break outer
 		}

 		// Transfer the chunk
-		// Get upload Token
-		token := uploadCounter.getMultipartUploadToken()
-		wg.Add(1)
-		go func(part int64, buf []byte, token bool) {
-			defer uploadCounter.returnMultipartUploadToken(token)
-			defer wg.Done()
-			err := up.transferChunk(part, buf)
-			if err != nil {
-				select {
-				case errs <- err:
-				default:
-				}
-			}
-		}(part, buf, token)
-
+		up.managedTransferChunk(&wg, errs, part, buf)
 		remaining -= reqSize
 	}
 	wg.Wait()
-	if err == nil {
-		select {
-		case err = <-errs:
-		default:
-		}
-	}
-	if err != nil {
-		fs.Debug(up.o, "Cancelling large file upload due to error: %v", err)
-		cancelErr := up.cancel()
-		if cancelErr != nil {
-			fs.ErrorLog(up.o, "Failed to cancel large file upload: %v", cancelErr)
-		}
-		return err
-	}
-	// Check any errors
-	fs.Debug(up.o, "Finishing large file upload")
-	return up.finish()
+
+	return up.finishOrCancelOnError(err, errs)
 }
--- a/backend/box/api/types.go
+++ b/backend/box/api/types.go
@@ -0,0 +1,204 @@
+// Package api has type definitions for box
+//
+// Converted from the API docs with help from https://mholt.github.io/json-to-go/
+package api
+
+import (
+	"encoding/json"
+	"fmt"
+	"time"
+)
+
+const (
+	// 2017-05-03T07:26:10-07:00
+	timeFormat = `"` + time.RFC3339 + `"`
+)
+
+// Time represents represents date and time information for the
+// box API, by using RFC3339
+type Time time.Time
+
+// MarshalJSON turns a Time into JSON (in UTC)
+func (t *Time) MarshalJSON() (out []byte, err error) {
+	timeString := (*time.Time)(t).Format(timeFormat)
+	return []byte(timeString), nil
+}
+
+// UnmarshalJSON turns JSON into a Time
+func (t *Time) UnmarshalJSON(data []byte) error {
+	newT, err := time.Parse(timeFormat, string(data))
+	if err != nil {
+		return err
+	}
+	*t = Time(newT)
+	return nil
+}
+
+// Error is returned from box when things go wrong
+type Error struct {
+	Type        string `json:"type"`
+	Status      int    `json:"status"`
+	Code        string `json:"code"`
+	ContextInfo json.RawMessage
+	HelpURL     string `json:"help_url"`
+	Message     string `json:"message"`
+	RequestID   string `json:"request_id"`
+}
+
+// Error returns a string for the error and satisfies the error interface
+func (e *Error) Error() string {
+	out := fmt.Sprintf("Error %q (%d)", e.Code, e.Status)
+	if e.Message != "" {
+		out += ": " + e.Message
+	}
+	if e.ContextInfo != nil {
+		out += fmt.Sprintf(" (%+v)", e.ContextInfo)
+	}
+	return out
+}
+
+// Check Error satisfies the error interface
+var _ error = (*Error)(nil)
+
+// ItemFields are the fields needed for FileInfo
+var ItemFields = "type,id,sequence_id,etag,sha1,name,size,created_at,modified_at,content_created_at,content_modified_at,item_status,shared_link"
+
+// Types of things in Item
+const (
+	ItemTypeFolder    = "folder"
+	ItemTypeFile      = "file"
+	ItemStatusActive  = "active"
+	ItemStatusTrashed = "trashed"
+	ItemStatusDeleted = "deleted"
+)
+
+// Item describes a folder or a file as returned by Get Folder Items and others
+type Item struct {
+	Type              string  `json:"type"`
+	ID                string  `json:"id"`
+	SequenceID        string  `json:"sequence_id"`
+	Etag              string  `json:"etag"`
+	SHA1              string  `json:"sha1"`
+	Name              string  `json:"name"`
+	Size              float64 `json:"size"` // box returns this in xEyy format for very large numbers - see #2261
+	CreatedAt         Time    `json:"created_at"`
+	ModifiedAt        Time    `json:"modified_at"`
+	ContentCreatedAt  Time    `json:"content_created_at"`
+	ContentModifiedAt Time    `json:"content_modified_at"`
+	ItemStatus        string  `json:"item_status"` // active, trashed if the file has been moved to the trash, and deleted if the file has been permanently deleted
+	SharedLink        struct {
+		URL    string `json:"url,omitempty"`
+		Access string `json:"access,omitempty"`
+	} `json:"shared_link"`
+}
+
+// ModTime returns the modification time of the item
+func (i *Item) ModTime() (t time.Time) {
+	t = time.Time(i.ContentModifiedAt)
+	if t.IsZero() {
+		t = time.Time(i.ModifiedAt)
+	}
+	return t
+}
+
+// FolderItems is returned from the GetFolderItems call
+type FolderItems struct {
+	TotalCount int    `json:"total_count"`
+	Entries    []Item `json:"entries"`
+	Offset     int    `json:"offset"`
+	Limit      int    `json:"limit"`
+	Order      []struct {
+		By        string `json:"by"`
+		Direction string `json:"direction"`
+	} `json:"order"`
+}
+
+// Parent defined the ID of the parent directory
+type Parent struct {
+	ID string `json:"id"`
+}
+
+// CreateFolder is the request for Create Folder
+type CreateFolder struct {
+	Name   string `json:"name"`
+	Parent Parent `json:"parent"`
+}
+
+// UploadFile is the request for Upload File
+type UploadFile struct {
+	Name              string `json:"name"`
+	Parent            Parent `json:"parent"`
+	ContentCreatedAt  Time   `json:"content_created_at"`
+	ContentModifiedAt Time   `json:"content_modified_at"`
+}
+
+// UpdateFileModTime is used in Update File Info
+type UpdateFileModTime struct {
+	ContentModifiedAt Time `json:"content_modified_at"`
+}
+
+// UpdateFileMove is the request for Upload File to change name and parent
+type UpdateFileMove struct {
+	Name   string `json:"name"`
+	Parent Parent `json:"parent"`
+}
+
+// CopyFile is the request for Copy File
+type CopyFile struct {
+	Name   string `json:"name"`
+	Parent Parent `json:"parent"`
+}
+
+// CreateSharedLink is the request for Public Link
+type CreateSharedLink struct {
+	SharedLink struct {
+		URL    string `json:"url,omitempty"`
+		Access string `json:"access,omitempty"`
+	} `json:"shared_link"`
+}
+
+// UploadSessionRequest is uses in Create Upload Session
+type UploadSessionRequest struct {
+	FolderID string `json:"folder_id,omitempty"` // don't pass for update
+	FileSize int64  `json:"file_size"`
+	FileName string `json:"file_name,omitempty"` // optional for update
+}
+
+// UploadSessionResponse is returned from Create Upload Session
+type UploadSessionResponse struct {
+	TotalParts       int   `json:"total_parts"`
+	PartSize         int64 `json:"part_size"`
+	SessionEndpoints struct {
+		ListParts  string `json:"list_parts"`
+		Commit     string `json:"commit"`
+		UploadPart string `json:"upload_part"`
+		Status     string `json:"status"`
+		Abort      string `json:"abort"`
+	} `json:"session_endpoints"`
+	SessionExpiresAt  Time   `json:"session_expires_at"`
+	ID                string `json:"id"`
+	Type              string `json:"type"`
+	NumPartsProcessed int    `json:"num_parts_processed"`
+}
+
+// Part defines the return from upload part call which are passed to commit upload also
+type Part struct {
+	PartID string `json:"part_id"`
+	Offset int64  `json:"offset"`
+	Size   int64  `json:"size"`
+	Sha1   string `json:"sha1"`
+}
+
+// UploadPartResponse is returned from the upload part call
+type UploadPartResponse struct {
+	Part Part `json:"part"`
+}
+
+// CommitUpload is used in the Commit Upload call
+type CommitUpload struct {
+	Parts      []Part `json:"parts"`
+	Attributes struct {
+		ContentCreatedAt  Time `json:"content_created_at"`
+		ContentModifiedAt Time `json:"content_modified_at"`
+	} `json:"attributes"`
+}
--- a/backend/box/box.go
+++ b/backend/box/box.go
--- a/backend/box/box_test.go
+++ b/backend/box/box_test.go
@@ -0,0 +1,17 @@
+// Test Box filesystem interface
+package box_test
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/backend/box"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: "TestBox:",
+		NilObject:  (*box.Object)(nil),
+	})
+}
--- a/backend/box/upload.go
+++ b/backend/box/upload.go
@@ -0,0 +1,275 @@
+// multpart upload for box
+
+package box
+
+import (
+	"bytes"
+	"crypto/sha1"
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strconv"
+	"sync"
+	"time"
+
+	"github.com/ncw/rclone/backend/box/api"
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/accounting"
+	"github.com/ncw/rclone/lib/rest"
+	"github.com/pkg/errors"
+)
+
+// createUploadSession creates an upload session for the object
+func (o *Object) createUploadSession(leaf, directoryID string, size int64) (response *api.UploadSessionResponse, err error) {
+	opts := rest.Opts{
+		Method:  "POST",
+		Path:    "/files/upload_sessions",
+		RootURL: uploadURL,
+	}
+	request := api.UploadSessionRequest{
+		FileSize: size,
+	}
+	// If object has an ID then it is existing so create a new version
+	if o.id != "" {
+		opts.Path = "/files/" + o.id + "/upload_sessions"
+	} else {
+		opts.Path = "/files/upload_sessions"
+		request.FolderID = directoryID
+		request.FileName = replaceReservedChars(leaf)
+	}
+	var resp *http.Response
+	err = o.fs.pacer.Call(func() (bool, error) {
+		resp, err = o.fs.srv.CallJSON(&opts, &request, &response)
+		return shouldRetry(resp, err)
+	})
+	return
+}
+
+// sha1Digest produces a digest using sha1 as per RFC3230
+func sha1Digest(digest []byte) string {
+	return "sha=" + base64.StdEncoding.EncodeToString(digest)
+}
+
+// uploadPart uploads a part in an upload session
+func (o *Object) uploadPart(SessionID string, offset, totalSize int64, chunk []byte, wrap accounting.WrapFn) (response *api.UploadPartResponse, err error) {
+	chunkSize := int64(len(chunk))
+	sha1sum := sha1.Sum(chunk)
+	opts := rest.Opts{
+		Method:        "PUT",
+		Path:          "/files/upload_sessions/" + SessionID,
+		RootURL:       uploadURL,
+		ContentType:   "application/octet-stream",
+		ContentLength: &chunkSize,
+		ContentRange:  fmt.Sprintf("bytes %d-%d/%d", offset, offset+chunkSize-1, totalSize),
+		ExtraHeaders: map[string]string{
+			"Digest": sha1Digest(sha1sum[:]),
+		},
+	}
+	var resp *http.Response
+	err = o.fs.pacer.Call(func() (bool, error) {
+		opts.Body = wrap(bytes.NewReader(chunk))
+		resp, err = o.fs.srv.CallJSON(&opts, nil, &response)
+		return shouldRetry(resp, err)
+	})
+	if err != nil {
+		return nil, err
+	}
+	return response, nil
+}
+
+// commitUpload finishes an upload session
+func (o *Object) commitUpload(SessionID string, parts []api.Part, modTime time.Time, sha1sum []byte) (result *api.FolderItems, err error) {
+	opts := rest.Opts{
+		Method:  "POST",
+		Path:    "/files/upload_sessions/" + SessionID + "/commit",
+		RootURL: uploadURL,
+		ExtraHeaders: map[string]string{
+			"Digest": sha1Digest(sha1sum),
+		},
+	}
+	request := api.CommitUpload{
+		Parts: parts,
+	}
+	request.Attributes.ContentModifiedAt = api.Time(modTime)
+	request.Attributes.ContentCreatedAt = api.Time(modTime)
+	var body []byte
+	var resp *http.Response
+	// For discussion of this value see:
+	// https://github.com/ncw/rclone/issues/2054
+	maxTries := o.fs.opt.CommitRetries
+	const defaultDelay = 10
+	var tries int
+outer:
+	for tries = 0; tries < maxTries; tries++ {
+		err = o.fs.pacer.Call(func() (bool, error) {
+			resp, err = o.fs.srv.CallJSON(&opts, &request, nil)
+			if err != nil {
+				return shouldRetry(resp, err)
+			}
+			body, err = rest.ReadBody(resp)
+			return shouldRetry(resp, err)
+		})
+		delay := defaultDelay
+		why := "unknown"
+		if err != nil {
+			// Sometimes we get 400 Error with
+			// parts_mismatch immediately after uploading
+			// the last part.  Ignore this error and wait.
+			if boxErr, ok := err.(*api.Error); ok && boxErr.Code == "parts_mismatch" {
+				why = err.Error()
+			} else {
+				return nil, err
+			}
+		} else {
+			switch resp.StatusCode {
+			case http.StatusOK, http.StatusCreated:
+				break outer
+			case http.StatusAccepted:
+				why = "not ready yet"
+				delayString := resp.Header.Get("Retry-After")
+				if delayString != "" {
+					delay, err = strconv.Atoi(delayString)
+					if err != nil {
+						fs.Debugf(o, "Couldn't decode Retry-After header %q: %v", delayString, err)
+						delay = defaultDelay
+					}
+				}
+			default:
+				return nil, errors.Errorf("unknown HTTP status return %q (%d)", resp.Status, resp.StatusCode)
+			}
+		}
+		fs.Debugf(o, "commit multipart upload failed %d/%d - trying again in %d seconds (%s)", tries+1, maxTries, delay, why)
+		time.Sleep(time.Duration(delay) * time.Second)
+	}
+	if tries >= maxTries {
+		return nil, errors.New("too many tries to commit multipart upload - increase --low-level-retries")
+	}
+	err = json.Unmarshal(body, &result)
+	if err != nil {
+		return nil, errors.Wrapf(err, "couldn't decode commit response: %q", body)
+	}
+	return result, nil
+}
+
+// abortUpload cancels an upload session
+func (o *Object) abortUpload(SessionID string) (err error) {
+	opts := rest.Opts{
+		Method:     "DELETE",
+		Path:       "/files/upload_sessions/" + SessionID,
+		RootURL:    uploadURL,
+		NoResponse: true,
+	}
+	var resp *http.Response
+	err = o.fs.pacer.Call(func() (bool, error) {
+		resp, err = o.fs.srv.Call(&opts)
+		return shouldRetry(resp, err)
+	})
+	return err
+}
+
+// uploadMultipart uploads a file using multipart upload
+func (o *Object) uploadMultipart(in io.Reader, leaf, directoryID string, size int64, modTime time.Time) (err error) {
+	// Create upload session
+	session, err := o.createUploadSession(leaf, directoryID, size)
+	if err != nil {
+		return errors.Wrap(err, "multipart upload create session failed")
+	}
+	chunkSize := session.PartSize
+	fs.Debugf(o, "Multipart upload session started for %d parts of size %v", session.TotalParts, fs.SizeSuffix(chunkSize))
+
+	// Cancel the session if something went wrong
+	defer func() {
+		if err != nil {
+			fs.Debugf(o, "Cancelling multipart upload: %v", err)
+			cancelErr := o.abortUpload(session.ID)
+			if cancelErr != nil {
+				fs.Logf(o, "Failed to cancel multipart upload: %v", err)
+			}
+		}
+	}()
+
+	// unwrap the accounting from the input, we use wrap to put it
+	// back on after the buffering
+	in, wrap := accounting.UnWrap(in)
+
+	// Upload the chunks
+	remaining := size
+	position := int64(0)
+	parts := make([]api.Part, session.TotalParts)
+	hash := sha1.New()
+	errs := make(chan error, 1)
+	var wg sync.WaitGroup
+outer:
+	for part := 0; part < session.TotalParts; part++ {
+		// Check any errors
+		select {
+		case err = <-errs:
+			break outer
+		default:
+		}
+
+		reqSize := remaining
+		if reqSize >= chunkSize {
+			reqSize = chunkSize
+		}
+
+		// Make a block of memory
+		buf := make([]byte, reqSize)
+
+		// Read the chunk
+		_, err = io.ReadFull(in, buf)
+		if err != nil {
+			err = errors.Wrap(err, "multipart upload failed to read source")
+			break outer
+		}
+
+		// Make the global hash (must be done sequentially)
+		_, _ = hash.Write(buf)
+
+		// Transfer the chunk
+		wg.Add(1)
+		o.fs.uploadToken.Get()
+		go func(part int, position int64) {
+			defer wg.Done()
+			defer o.fs.uploadToken.Put()
+			fs.Debugf(o, "Uploading part %d/%d offset %v/%v part size %v", part+1, session.TotalParts, fs.SizeSuffix(position), fs.SizeSuffix(size), fs.SizeSuffix(chunkSize))
+			partResponse, err := o.uploadPart(session.ID, position, size, buf, wrap)
+			if err != nil {
+				err = errors.Wrap(err, "multipart upload failed to upload part")
+				select {
+				case errs <- err:
+				default:
+				}
+				return
+			}
+			parts[part] = partResponse.Part
+		}(part, position)
+
+		// ready for next block
+		remaining -= chunkSize
+		position += chunkSize
+	}
+	wg.Wait()
+	if err == nil {
+		select {
+		case err = <-errs:
+		default:
+		}
+	}
+	if err != nil {
+		return err
+	}
+
+	// Finalise the upload session
+	result, err := o.commitUpload(session.ID, parts, modTime, hash.Sum(nil))
+	if err != nil {
+		return errors.Wrap(err, "multipart upload failed to finalize")
+	}
+
+	if result.TotalCount != 1 || len(result.Entries) != 1 {
+		return errors.Errorf("multipart upload failed %v - not sure why", o)
+	}
+	return o.setMetaData(&result.Entries[0])
+}
--- a/backend/cache/cache.go
+++ b/backend/cache/cache.go
--- a/backend/cache/cache_internal_test.go
+++ b/backend/cache/cache_internal_test.go
--- a/backend/cache/cache_mount_unix_test.go
+++ b/backend/cache/cache_mount_unix_test.go
@@ -0,0 +1,78 @@
+// +build !plan9,!windows
+
+package cache_test
+
+import (
+	"os"
+	"testing"
+	"time"
+
+	"bazil.org/fuse"
+	fusefs "bazil.org/fuse/fs"
+	"github.com/ncw/rclone/cmd/mount"
+	"github.com/ncw/rclone/cmd/mountlib"
+	"github.com/ncw/rclone/fs"
+	"github.com/stretchr/testify/require"
+)
+
+func (r *run) mountFs(t *testing.T, f fs.Fs) {
+	device := f.Name() + ":" + f.Root()
+	var options = []fuse.MountOption{
+		fuse.MaxReadahead(uint32(mountlib.MaxReadAhead)),
+		fuse.Subtype("rclone"),
+		fuse.FSName(device), fuse.VolumeName(device),
+		fuse.NoAppleDouble(),
+		fuse.NoAppleXattr(),
+		//fuse.AllowOther(),
+	}
+	err := os.MkdirAll(r.mntDir, os.ModePerm)
+	require.NoError(t, err)
+	c, err := fuse.Mount(r.mntDir, options...)
+	require.NoError(t, err)
+	filesys := mount.NewFS(f)
+	server := fusefs.New(c, nil)
+
+	// Serve the mount point in the background returning error to errChan
+	r.unmountRes = make(chan error, 1)
+	go func() {
+		err := server.Serve(filesys)
+		closeErr := c.Close()
+		if err == nil {
+			err = closeErr
+		}
+		r.unmountRes <- err
+	}()
+
+	// check if the mount process has an error to report
+	<-c.Ready
+	require.NoError(t, c.MountError)
+
+	r.unmountFn = func() error {
+		// Shutdown the VFS
+		filesys.VFS.Shutdown()
+		return fuse.Unmount(r.mntDir)
+	}
+
+	r.vfs = filesys.VFS
+	r.isMounted = true
+}
+
+func (r *run) unmountFs(t *testing.T, f fs.Fs) {
+	var err error
+
+	for i := 0; i < 4; i++ {
+		err = r.unmountFn()
+		if err != nil {
+			//log.Printf("signal to umount failed - retrying: %v", err)
+			time.Sleep(3 * time.Second)
+			continue
+		}
+		break
+	}
+	require.NoError(t, err)
+	err = <-r.unmountRes
+	require.NoError(t, err)
+	err = r.vfs.CleanUp()
+	require.NoError(t, err)
+	r.isMounted = false
+}
--- a/backend/cache/cache_mount_windows_test.go
+++ b/backend/cache/cache_mount_windows_test.go
@@ -0,0 +1,124 @@
+// +build windows
+
+package cache_test
+
+import (
+	"fmt"
+	"os"
+	"testing"
+	"time"
+
+	"github.com/billziss-gh/cgofuse/fuse"
+	"github.com/ncw/rclone/cmd/cmount"
+	"github.com/ncw/rclone/cmd/mountlib"
+	"github.com/ncw/rclone/fs"
+	"github.com/pkg/errors"
+	"github.com/stretchr/testify/require"
+)
+
+// waitFor runs fn() until it returns true or the timeout expires
+func waitFor(fn func() bool) (ok bool) {
+	const totalWait = 10 * time.Second
+	const individualWait = 10 * time.Millisecond
+	for i := 0; i < int(totalWait/individualWait); i++ {
+		ok = fn()
+		if ok {
+			return ok
+		}
+		time.Sleep(individualWait)
+	}
+	return false
+}
+
+func (r *run) mountFs(t *testing.T, f fs.Fs) {
+	// FIXME implement cmount
+	t.Skip("windows not supported yet")
+
+	device := f.Name() + ":" + f.Root()
+	options := []string{
+		"-o", "fsname=" + device,
+		"-o", "subtype=rclone",
+		"-o", fmt.Sprintf("max_readahead=%d", mountlib.MaxReadAhead),
+		"-o", "uid=-1",
+		"-o", "gid=-1",
+		"-o", "allow_other",
+		// This causes FUSE to supply O_TRUNC with the Open
+		// call which is more efficient for cmount.  However
+		// it does not work with cgofuse on Windows with
+		// WinFSP so cmount must work with or without it.
+		"-o", "atomic_o_trunc",
+		"--FileSystemName=rclone",
+	}
+
+	fsys := cmount.NewFS(f)
+	host := fuse.NewFileSystemHost(fsys)
+
+	// Serve the mount point in the background returning error to errChan
+	r.unmountRes = make(chan error, 1)
+	go func() {
+		var err error
+		ok := host.Mount(r.mntDir, options)
+		if !ok {
+			err = errors.New("mount failed")
+		}
+		r.unmountRes <- err
+	}()
+
+	// unmount
+	r.unmountFn = func() error {
+		// Shutdown the VFS
+		fsys.VFS.Shutdown()
+		if host.Unmount() {
+			if !waitFor(func() bool {
+				_, err := os.Stat(r.mntDir)
+				return err != nil
+			}) {
+				t.Fatalf("mountpoint %q didn't disappear after unmount - continuing anyway", r.mntDir)
+			}
+			return nil
+		}
+		return errors.New("host unmount failed")
+	}
+
+	// Wait for the filesystem to become ready, checking the file
+	// system didn't blow up before starting
+	select {
+	case err := <-r.unmountRes:
+		require.NoError(t, err)
+	case <-time.After(time.Second * 3):
+	}
+
+	// Wait for the mount point to be available on Windows
+	// On Windows the Init signal comes slightly before the mount is ready
+	if !waitFor(func() bool {
+		_, err := os.Stat(r.mntDir)
+		return err == nil
+	}) {
+		t.Errorf("mountpoint %q didn't became available on mount", r.mntDir)
+	}
+
+	r.vfs = fsys.VFS
+	r.isMounted = true
+}
+
+func (r *run) unmountFs(t *testing.T, f fs.Fs) {
+	// FIXME implement cmount
+	t.Skip("windows not supported yet")
+	var err error
+
+	for i := 0; i < 4; i++ {
+		err = r.unmountFn()
+		if err != nil {
+			//log.Printf("signal to umount failed - retrying: %v", err)
+			time.Sleep(3 * time.Second)
+			continue
+		}
+		break
+	}
+	require.NoError(t, err)
+	err = <-r.unmountRes
+	require.NoError(t, err)
+	err = r.vfs.CleanUp()
+	require.NoError(t, err)
+	r.isMounted = false
+}
--- a/backend/cache/cache_test.go
+++ b/backend/cache/cache_test.go
@@ -0,0 +1,23 @@
+// Test Cache filesystem interface
+
+// +build !plan9
+
+package cache_test
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/backend/cache"
+	_ "github.com/ncw/rclone/backend/local"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName:                   "TestCache:",
+		NilObject:                    (*cache.Object)(nil),
+		UnimplementableFsMethods:     []string{"PublicLink", "MergeDirs"},
+		UnimplementableObjectMethods: []string{"MimeType", "ID", "GetTier", "SetTier"},
+	})
+}
--- a/backend/cache/cache_unsupported.go
+++ b/backend/cache/cache_unsupported.go
@@ -0,0 +1,6 @@
+// Build for cache for unsupported platforms to stop go complaining
+// about "no buildable Go source files "
+
+// +build plan9
+
+package cache
--- a/backend/cache/cache_upload_test.go
+++ b/backend/cache/cache_upload_test.go
@@ -0,0 +1,454 @@
+// +build !plan9
+
+package cache_test
+
+import (
+	"fmt"
+	"math/rand"
+	"os"
+	"path"
+	"strconv"
+	"testing"
+	"time"
+
+	"github.com/ncw/rclone/backend/cache"
+	_ "github.com/ncw/rclone/backend/drive"
+	"github.com/ncw/rclone/fs"
+	"github.com/stretchr/testify/require"
+)
+
+func TestInternalUploadTempDirCreated(t *testing.T) {
+	id := fmt.Sprintf("tiutdc%v", time.Now().Unix())
+	rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, false, true,
+		nil,
+		map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id)})
+	defer runInstance.cleanupFs(t, rootFs, boltDb)
+
+	_, err := os.Stat(path.Join(runInstance.tmpUploadDir, id))
+	require.NoError(t, err)
+}
+
+func testInternalUploadQueueOneFile(t *testing.T, id string, rootFs fs.Fs, boltDb *cache.Persistent) {
+	// create some rand test data
+	testSize := int64(524288000)
+	testReader := runInstance.randomReader(t, testSize)
+	bu := runInstance.listenForBackgroundUpload(t, rootFs, "one")
+	runInstance.writeRemoteReader(t, rootFs, "one", testReader)
+	// validate that it exists in temp fs
+	ti, err := os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "one")))
+	require.NoError(t, err)
+
+	if runInstance.rootIsCrypt {
+		require.Equal(t, int64(524416032), ti.Size())
+	} else {
+		require.Equal(t, testSize, ti.Size())
+	}
+	de1, err := runInstance.list(t, rootFs, "")
+	require.NoError(t, err)
+	require.Len(t, de1, 1)
+
+	runInstance.completeBackgroundUpload(t, "one", bu)
+	// check if it was removed from temp fs
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "one")))
+	require.True(t, os.IsNotExist(err))
+
+	// check if it can be read
+	data2, err := runInstance.readDataFromRemote(t, rootFs, "one", 0, int64(1024), false)
+	require.NoError(t, err)
+	require.Len(t, data2, 1024)
+}
+
+func TestInternalUploadQueueOneFileNoRest(t *testing.T) {
+	id := fmt.Sprintf("tiuqofnr%v", time.Now().Unix())
+	rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
+		nil,
+		map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "0s"})
+	defer runInstance.cleanupFs(t, rootFs, boltDb)
+
+	testInternalUploadQueueOneFile(t, id, rootFs, boltDb)
+}
+
+func TestInternalUploadQueueOneFileWithRest(t *testing.T) {
+	id := fmt.Sprintf("tiuqofwr%v", time.Now().Unix())
+	rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
+		nil,
+		map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "1m"})
+	defer runInstance.cleanupFs(t, rootFs, boltDb)
+
+	testInternalUploadQueueOneFile(t, id, rootFs, boltDb)
+}
+
+func TestInternalUploadMoveExistingFile(t *testing.T) {
+	id := fmt.Sprintf("tiumef%v", time.Now().Unix())
+	rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
+		nil,
+		map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "3s"})
+	defer runInstance.cleanupFs(t, rootFs, boltDb)
+
+	err := rootFs.Mkdir("one")
+	require.NoError(t, err)
+	err = rootFs.Mkdir("one/test")
+	require.NoError(t, err)
+	err = rootFs.Mkdir("second")
+	require.NoError(t, err)
+
+	// create some rand test data
+	testSize := int64(10485760)
+	testReader := runInstance.randomReader(t, testSize)
+	runInstance.writeObjectReader(t, rootFs, "one/test/data.bin", testReader)
+	runInstance.completeAllBackgroundUploads(t, rootFs, "one/test/data.bin")
+
+	de1, err := runInstance.list(t, rootFs, "one/test")
+	require.NoError(t, err)
+	require.Len(t, de1, 1)
+
+	time.Sleep(time.Second * 5)
+	//_ = os.Remove(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "one/test")))
+	//require.NoError(t, err)
+
+	err = runInstance.dirMove(t, rootFs, "one/test", "second/test")
+	require.NoError(t, err)
+
+	// check if it can be read
+	de1, err = runInstance.list(t, rootFs, "second/test")
+	require.NoError(t, err)
+	require.Len(t, de1, 1)
+}
+
+func TestInternalUploadTempPathCleaned(t *testing.T) {
+	id := fmt.Sprintf("tiutpc%v", time.Now().Unix())
+	rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
+		nil,
+		map[string]string{"cache-tmp-upload-path": path.Join(runInstance.tmpUploadDir, id), "cache-tmp-wait-time": "5s"})
+	defer runInstance.cleanupFs(t, rootFs, boltDb)
+
+	err := rootFs.Mkdir("one")
+	require.NoError(t, err)
+	err = rootFs.Mkdir("one/test")
+	require.NoError(t, err)
+	err = rootFs.Mkdir("second")
+	require.NoError(t, err)
+
+	// create some rand test data
+	testSize := int64(1048576)
+	testReader := runInstance.randomReader(t, testSize)
+	testReader2 := runInstance.randomReader(t, testSize)
+	runInstance.writeObjectReader(t, rootFs, "one/test/data.bin", testReader)
+	runInstance.writeObjectReader(t, rootFs, "second/data.bin", testReader2)
+
+	runInstance.completeAllBackgroundUploads(t, rootFs, "one/test/data.bin")
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "one/test")))
+	require.True(t, os.IsNotExist(err))
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "one")))
+	require.True(t, os.IsNotExist(err))
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "second")))
+	require.False(t, os.IsNotExist(err))
+
+	runInstance.completeAllBackgroundUploads(t, rootFs, "second/data.bin")
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "second/data.bin")))
+	require.True(t, os.IsNotExist(err))
+
+	de1, err := runInstance.list(t, rootFs, "one/test")
+	require.NoError(t, err)
+	require.Len(t, de1, 1)
+
+	// check if it can be read
+	de1, err = runInstance.list(t, rootFs, "second")
+	require.NoError(t, err)
+	require.Len(t, de1, 1)
+}
+
+func TestInternalUploadQueueMoreFiles(t *testing.T) {
+	id := fmt.Sprintf("tiuqmf%v", time.Now().Unix())
+	rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
+		nil,
+		map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "1s"})
+	defer runInstance.cleanupFs(t, rootFs, boltDb)
+
+	err := rootFs.Mkdir("test")
+	require.NoError(t, err)
+	minSize := 5242880
+	maxSize := 10485760
+	totalFiles := 10
+	rand.Seed(time.Now().Unix())
+
+	lastFile := ""
+	for i := 0; i < totalFiles; i++ {
+		size := int64(rand.Intn(maxSize-minSize) + minSize)
+		testReader := runInstance.randomReader(t, size)
+		remote := "test/" + strconv.Itoa(i) + ".bin"
+		runInstance.writeRemoteReader(t, rootFs, remote, testReader)
+
+		// validate that it exists in temp fs
+		ti, err := os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, remote)))
+		require.NoError(t, err)
+		require.Equal(t, size, runInstance.cleanSize(t, ti.Size()))
+
+		if runInstance.wrappedIsExternal && i < totalFiles-1 {
+			time.Sleep(time.Second * 3)
+		}
+		lastFile = remote
+	}
+
+	// check if cache lists all files, likely temp upload didn't finish yet
+	de1, err := runInstance.list(t, rootFs, "test")
+	require.NoError(t, err)
+	require.Len(t, de1, totalFiles)
+
+	// wait for background uploader to do its thing
+	runInstance.completeAllBackgroundUploads(t, rootFs, lastFile)
+
+	// retry until we have no more temp files and fail if they don't go down to 0
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test")))
+	require.True(t, os.IsNotExist(err))
+
+	// check if cache lists all files
+	de1, err = runInstance.list(t, rootFs, "test")
+	require.NoError(t, err)
+	require.Len(t, de1, totalFiles)
+}
+
+func TestInternalUploadTempFileOperations(t *testing.T) {
+	id := "tiutfo"
+	rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
+		nil,
+		map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "1h"})
+	defer runInstance.cleanupFs(t, rootFs, boltDb)
+
+	boltDb.PurgeTempUploads()
+
+	// create some rand test data
+	runInstance.mkdir(t, rootFs, "test")
+	runInstance.writeRemoteString(t, rootFs, "test/one", "one content")
+
+	// check if it can be read
+	data1, err := runInstance.readDataFromRemote(t, rootFs, "test/one", 0, int64(len([]byte("one content"))), false)
+	require.NoError(t, err)
+	require.Equal(t, []byte("one content"), data1)
+	// validate that it exists in temp fs
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+	require.NoError(t, err)
+
+	// test DirMove - allowed
+	err = runInstance.dirMove(t, rootFs, "test", "second")
+	if err != errNotSupported {
+		require.NoError(t, err)
+		_, err = rootFs.NewObject("test/one")
+		require.Error(t, err)
+		_, err = rootFs.NewObject("second/one")
+		require.NoError(t, err)
+		// validate that it exists in temp fs
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+		require.Error(t, err)
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "second/one")))
+		require.NoError(t, err)
+		_, err = boltDb.SearchPendingUpload(runInstance.encryptRemoteIfNeeded(t, path.Join(id, "test/one")))
+		require.Error(t, err)
+		var started bool
+		started, err = boltDb.SearchPendingUpload(runInstance.encryptRemoteIfNeeded(t, path.Join(id, "second/one")))
+		require.NoError(t, err)
+		require.False(t, started)
+		runInstance.mkdir(t, rootFs, "test")
+		runInstance.writeRemoteString(t, rootFs, "test/one", "one content")
+	}
+
+	// test Rmdir - allowed
+	err = runInstance.rm(t, rootFs, "test")
+	require.Error(t, err)
+	require.Contains(t, err.Error(), "directory not empty")
+	_, err = rootFs.NewObject("test/one")
+	require.NoError(t, err)
+	// validate that it exists in temp fs
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+	require.NoError(t, err)
+	started, err := boltDb.SearchPendingUpload(runInstance.encryptRemoteIfNeeded(t, path.Join(id, "test/one")))
+	require.False(t, started)
+	require.NoError(t, err)
+
+	// test Move/Rename -- allowed
+	err = runInstance.move(t, rootFs, path.Join("test", "one"), path.Join("test", "second"))
+	if err != errNotSupported {
+		require.NoError(t, err)
+		// try to read from it
+		_, err = rootFs.NewObject("test/one")
+		require.Error(t, err)
+		_, err = rootFs.NewObject("test/second")
+		require.NoError(t, err)
+		data2, err := runInstance.readDataFromRemote(t, rootFs, "test/second", 0, int64(len([]byte("one content"))), false)
+		require.NoError(t, err)
+		require.Equal(t, []byte("one content"), data2)
+		// validate that it exists in temp fs
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+		require.Error(t, err)
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/second")))
+		require.NoError(t, err)
+		runInstance.writeRemoteString(t, rootFs, "test/one", "one content")
+	}
+
+	// test Copy -- allowed
+	err = runInstance.copy(t, rootFs, path.Join("test", "one"), path.Join("test", "third"))
+	if err != errNotSupported {
+		require.NoError(t, err)
+		_, err = rootFs.NewObject("test/one")
+		require.NoError(t, err)
+		_, err = rootFs.NewObject("test/third")
+		require.NoError(t, err)
+		data2, err := runInstance.readDataFromRemote(t, rootFs, "test/third", 0, int64(len([]byte("one content"))), false)
+		require.NoError(t, err)
+		require.Equal(t, []byte("one content"), data2)
+		// validate that it exists in temp fs
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+		require.NoError(t, err)
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/third")))
+		require.NoError(t, err)
+	}
+
+	// test Remove -- allowed
+	err = runInstance.rm(t, rootFs, "test/one")
+	require.NoError(t, err)
+	_, err = rootFs.NewObject("test/one")
+	require.Error(t, err)
+	// validate that it doesn't exist in temp fs
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+	require.Error(t, err)
+	runInstance.writeRemoteString(t, rootFs, "test/one", "one content")
+
+	// test Update -- allowed
+	firstModTime, err := runInstance.modTime(t, rootFs, "test/one")
+	require.NoError(t, err)
+	err = runInstance.updateData(t, rootFs, "test/one", "one content", " updated")
+	require.NoError(t, err)
+	obj2, err := rootFs.NewObject("test/one")
+	require.NoError(t, err)
+	data2 := runInstance.readDataFromObj(t, obj2, 0, int64(len("one content updated")), false)
+	require.Equal(t, "one content updated", string(data2))
+	tmpInfo, err := os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+	require.NoError(t, err)
+	if runInstance.rootIsCrypt {
+		require.Equal(t, int64(67), tmpInfo.Size())
+	} else {
+		require.Equal(t, int64(len(data2)), tmpInfo.Size())
+	}
+
+	// test SetModTime -- allowed
+	secondModTime, err := runInstance.modTime(t, rootFs, "test/one")
+	require.NoError(t, err)
+	require.NotEqual(t, secondModTime, firstModTime)
+	require.NotEqual(t, time.Time{}, firstModTime)
+	require.NotEqual(t, time.Time{}, secondModTime)
+}
+
+func TestInternalUploadUploadingFileOperations(t *testing.T) {
+	id := "tiuufo"
+	rootFs, boltDb := runInstance.newCacheFs(t, remoteName, id, true, true,
+		nil,
+		map[string]string{"tmp_upload_path": path.Join(runInstance.tmpUploadDir, id), "tmp_wait_time": "1h"})
+	defer runInstance.cleanupFs(t, rootFs, boltDb)
+
+	boltDb.PurgeTempUploads()
+
+	// create some rand test data
+	runInstance.mkdir(t, rootFs, "test")
+	runInstance.writeRemoteString(t, rootFs, "test/one", "one content")
+
+	// check if it can be read
+	data1, err := runInstance.readDataFromRemote(t, rootFs, "test/one", 0, int64(len([]byte("one content"))), false)
+	require.NoError(t, err)
+	require.Equal(t, []byte("one content"), data1)
+	// validate that it exists in temp fs
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+	require.NoError(t, err)
+
+	err = boltDb.SetPendingUploadToStarted(runInstance.encryptRemoteIfNeeded(t, path.Join(rootFs.Root(), "test/one")))
+	require.NoError(t, err)
+
+	// test DirMove
+	err = runInstance.dirMove(t, rootFs, "test", "second")
+	if err != errNotSupported {
+		require.Error(t, err)
+		_, err = rootFs.NewObject("test/one")
+		require.NoError(t, err)
+		// validate that it exists in temp fs
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+		require.NoError(t, err)
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "second/one")))
+		require.Error(t, err)
+	}
+
+	// test Rmdir
+	err = runInstance.rm(t, rootFs, "test")
+	require.Error(t, err)
+	_, err = rootFs.NewObject("test/one")
+	require.NoError(t, err)
+	// validate that it doesn't exist in temp fs
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+	require.NoError(t, err)
+
+	// test Move/Rename
+	err = runInstance.move(t, rootFs, path.Join("test", "one"), path.Join("test", "second"))
+	if err != errNotSupported {
+		require.Error(t, err)
+		// try to read from it
+		_, err = rootFs.NewObject("test/one")
+		require.NoError(t, err)
+		_, err = rootFs.NewObject("test/second")
+		require.Error(t, err)
+		// validate that it exists in temp fs
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+		require.NoError(t, err)
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/second")))
+		require.Error(t, err)
+	}
+
+	// test Copy -- allowed
+	err = runInstance.copy(t, rootFs, path.Join("test", "one"), path.Join("test", "third"))
+	if err != errNotSupported {
+		require.NoError(t, err)
+		_, err = rootFs.NewObject("test/one")
+		require.NoError(t, err)
+		_, err = rootFs.NewObject("test/third")
+		require.NoError(t, err)
+		data2, err := runInstance.readDataFromRemote(t, rootFs, "test/third", 0, int64(len([]byte("one content"))), false)
+		require.NoError(t, err)
+		require.Equal(t, []byte("one content"), data2)
+		// validate that it exists in temp fs
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+		require.NoError(t, err)
+		_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/third")))
+		require.NoError(t, err)
+	}
+
+	// test Remove
+	err = runInstance.rm(t, rootFs, "test/one")
+	require.Error(t, err)
+	_, err = rootFs.NewObject("test/one")
+	require.NoError(t, err)
+	// validate that it doesn't exist in temp fs
+	_, err = os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+	require.NoError(t, err)
+	runInstance.writeRemoteString(t, rootFs, "test/one", "one content")
+
+	// test Update - this seems to work. Why? FIXME
+	//firstModTime, err := runInstance.modTime(t, rootFs, "test/one")
+	//require.NoError(t, err)
+	//err = runInstance.updateData(t, rootFs, "test/one", "one content", " updated", func() {
+	//	data2 := runInstance.readDataFromRemote(t, rootFs, "test/one", 0, int64(len("one content updated")), true)
+	//	require.Equal(t, "one content", string(data2))
+	//
+	//	tmpInfo, err := os.Stat(path.Join(runInstance.tmpUploadDir, id, runInstance.encryptRemoteIfNeeded(t, "test/one")))
+	//	require.NoError(t, err)
+	//	if runInstance.rootIsCrypt {
+	//		require.Equal(t, int64(67), tmpInfo.Size())
+	//	} else {
+	//		require.Equal(t, int64(len(data2)), tmpInfo.Size())
+	//	}
+	//})
+	//require.Error(t, err)
+
+	// test SetModTime -- seems to work cause of previous
+	//secondModTime, err := runInstance.modTime(t, rootFs, "test/one")
+	//require.NoError(t, err)
+	//require.Equal(t, secondModTime, firstModTime)
+	//require.NotEqual(t, time.Time{}, firstModTime)
+	//require.NotEqual(t, time.Time{}, secondModTime)
+}
--- a/backend/cache/directory.go
+++ b/backend/cache/directory.go
@@ -0,0 +1,137 @@
+// +build !plan9
+
+package cache
+
+import (
+	"path"
+	"time"
+
+	"github.com/ncw/rclone/fs"
+)
+
+// Directory is a generic dir that stores basic information about it
+type Directory struct {
+	Directory fs.Directory `json:"-"` // can be nil
+
+	CacheFs      *Fs    `json:"-"`       // cache fs
+	Name         string `json:"name"`    // name of the directory
+	Dir          string `json:"dir"`     // abs path of the directory
+	CacheModTime int64  `json:"modTime"` // modification or creation time - IsZero for unknown
+	CacheSize    int64  `json:"size"`    // size of directory and contents or -1 if unknown
+
+	CacheItems int64      `json:"items"`     // number of objects or -1 for unknown
+	CacheType  string     `json:"cacheType"` // object type
+	CacheTs    *time.Time `json:",omitempty"`
+}
+
+// NewDirectory builds an empty dir which will be used to unmarshal data in it
+func NewDirectory(f *Fs, remote string) *Directory {
+	cd := ShallowDirectory(f, remote)
+	t := time.Now()
+	cd.CacheTs = &t
+
+	return cd
+}
+
+// ShallowDirectory builds an empty dir which will be used to unmarshal data in it
+func ShallowDirectory(f *Fs, remote string) *Directory {
+	var cd *Directory
+	fullRemote := cleanPath(path.Join(f.Root(), remote))
+
+	// build a new one
+	dir := cleanPath(path.Dir(fullRemote))
+	name := cleanPath(path.Base(fullRemote))
+	cd = &Directory{
+		CacheFs:      f,
+		Name:         name,
+		Dir:          dir,
+		CacheModTime: time.Now().UnixNano(),
+		CacheSize:    0,
+		CacheItems:   0,
+		CacheType:    "Directory",
+	}
+
+	return cd
+}
+
+// DirectoryFromOriginal builds one from a generic fs.Directory
+func DirectoryFromOriginal(f *Fs, d fs.Directory) *Directory {
+	var cd *Directory
+	fullRemote := path.Join(f.Root(), d.Remote())
+
+	dir := cleanPath(path.Dir(fullRemote))
+	name := cleanPath(path.Base(fullRemote))
+	t := time.Now()
+	cd = &Directory{
+		Directory:    d,
+		CacheFs:      f,
+		Name:         name,
+		Dir:          dir,
+		CacheModTime: d.ModTime().UnixNano(),
+		CacheSize:    d.Size(),
+		CacheItems:   d.Items(),
+		CacheType:    "Directory",
+		CacheTs:      &t,
+	}
+
+	return cd
+}
+
+// Fs returns its FS info
+func (d *Directory) Fs() fs.Info {
+	return d.CacheFs
+}
+
+// String returns a human friendly name for this object
+func (d *Directory) String() string {
+	if d == nil {
+		return "<nil>"
+	}
+	return d.Remote()
+}
+
+// Remote returns the remote path
+func (d *Directory) Remote() string {
+	return d.CacheFs.cleanRootFromPath(d.abs())
+}
+
+// abs returns the absolute path to the dir
+func (d *Directory) abs() string {
+	return cleanPath(path.Join(d.Dir, d.Name))
+}
+
+// parentRemote returns the absolute path parent remote
+func (d *Directory) parentRemote() string {
+	absPath := d.abs()
+	if absPath == "" {
+		return ""
+	}
+	return cleanPath(path.Dir(absPath))
+}
+
+// ModTime returns the cached ModTime
+func (d *Directory) ModTime() time.Time {
+	return time.Unix(0, d.CacheModTime)
+}
+
+// Size returns the cached Size
+func (d *Directory) Size() int64 {
+	return d.CacheSize
+}
+
+// Items returns the cached Items
+func (d *Directory) Items() int64 {
+	return d.CacheItems
+}
+
+// ID returns the ID of the cached directory if known
+func (d *Directory) ID() string {
+	if d.Directory == nil {
+		return ""
+	}
+	return d.Directory.ID()
+}
+
+var (
+	_ fs.Directory = (*Directory)(nil)
+)
--- a/backend/cache/handle.go
+++ b/backend/cache/handle.go
@@ -0,0 +1,635 @@
+// +build !plan9
+
+package cache
+
+import (
+	"fmt"
+	"io"
+	"path"
+	"runtime"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/operations"
+	"github.com/pkg/errors"
+)
+
+var uploaderMap = make(map[string]*backgroundWriter)
+var uploaderMapMx sync.Mutex
+
+// initBackgroundUploader returns a single instance
+func initBackgroundUploader(fs *Fs) (*backgroundWriter, error) {
+	// write lock to create one
+	uploaderMapMx.Lock()
+	defer uploaderMapMx.Unlock()
+	if b, ok := uploaderMap[fs.String()]; ok {
+		// if it was already started we close it so that it can be started again
+		if b.running {
+			b.close()
+		} else {
+			return b, nil
+		}
+	}
+
+	bb := newBackgroundWriter(fs)
+	uploaderMap[fs.String()] = bb
+	return uploaderMap[fs.String()], nil
+}
+
+// Handle is managing the read/write/seek operations on an open handle
+type Handle struct {
+	cachedObject   *Object
+	cfs            *Fs
+	memory         *Memory
+	preloadQueue   chan int64
+	preloadOffset  int64
+	offset         int64
+	seenOffsets    map[int64]bool
+	mu             sync.Mutex
+	workersWg      sync.WaitGroup
+	confirmReading chan bool
+	workers        int
+	maxWorkerID    int
+	UseMemory      bool
+	closed         bool
+	reading        bool
+}
+
+// NewObjectHandle returns a new Handle for an existing Object
+func NewObjectHandle(o *Object, cfs *Fs) *Handle {
+	r := &Handle{
+		cachedObject:  o,
+		cfs:           cfs,
+		offset:        0,
+		preloadOffset: -1, // -1 to trigger the first preload
+
+		UseMemory: !cfs.opt.ChunkNoMemory,
+		reading:   false,
+	}
+	r.seenOffsets = make(map[int64]bool)
+	r.memory = NewMemory(-1)
+
+	// create a larger buffer to queue up requests
+	r.preloadQueue = make(chan int64, r.cfs.opt.TotalWorkers*10)
+	r.confirmReading = make(chan bool)
+	r.startReadWorkers()
+	return r
+}
+
+// cacheFs is a convenience method to get the parent cache FS of the object's manager
+func (r *Handle) cacheFs() *Fs {
+	return r.cfs
+}
+
+// storage is a convenience method to get the persistent storage of the object's manager
+func (r *Handle) storage() *Persistent {
+	return r.cacheFs().cache
+}
+
+// String representation of this reader
+func (r *Handle) String() string {
+	return r.cachedObject.abs()
+}
+
+// startReadWorkers will start the worker pool
+func (r *Handle) startReadWorkers() {
+	if r.workers > 0 {
+		return
+	}
+	totalWorkers := r.cacheFs().opt.TotalWorkers
+
+	if r.cacheFs().plexConnector.isConfigured() {
+		if !r.cacheFs().plexConnector.isConnected() {
+			err := r.cacheFs().plexConnector.authenticate()
+			if err != nil {
+				fs.Errorf(r, "failed to authenticate to Plex: %v", err)
+			}
+		}
+		if r.cacheFs().plexConnector.isConnected() {
+			totalWorkers = 1
+		}
+	}
+
+	r.scaleWorkers(totalWorkers)
+}
+
+// scaleOutWorkers will increase the worker pool count by the provided amount
+func (r *Handle) scaleWorkers(desired int) {
+	current := r.workers
+	if current == desired {
+		return
+	}
+	if current > desired {
+		// scale in gracefully
+		for r.workers > desired {
+			r.preloadQueue <- -1
+			r.workers--
+		}
+	} else {
+		// scale out
+		for r.workers < desired {
+			w := &worker{
+				r:  r,
+				id: r.maxWorkerID,
+			}
+			r.workersWg.Add(1)
+			r.workers++
+			r.maxWorkerID++
+			go w.run()
+		}
+	}
+	// ignore first scale out from 0
+	if current != 0 {
+		fs.Debugf(r, "scale workers to %v", desired)
+	}
+}
+
+func (r *Handle) confirmExternalReading() {
+	// if we have a max value of workers
+	// then we skip this step
+	if r.workers > 1 ||
+		!r.cacheFs().plexConnector.isConfigured() {
+		return
+	}
+	if !r.cacheFs().plexConnector.isPlaying(r.cachedObject) {
+		return
+	}
+	fs.Infof(r, "confirmed reading by external reader")
+	r.scaleWorkers(r.cacheFs().opt.TotalWorkers)
+}
+
+// queueOffset will send an offset to the workers if it's different from the last one
+func (r *Handle) queueOffset(offset int64) {
+	if offset != r.preloadOffset {
+		// clean past in-memory chunks
+		if r.UseMemory {
+			go r.memory.CleanChunksByNeed(offset)
+		}
+		r.confirmExternalReading()
+		r.preloadOffset = offset
+
+		// clear the past seen chunks
+		// they will remain in our persistent storage but will be removed from transient
+		// so they need to be picked up by a worker
+		for k := range r.seenOffsets {
+			if k < offset {
+				r.seenOffsets[k] = false
+			}
+		}
+
+		for i := 0; i < r.workers; i++ {
+			o := r.preloadOffset + int64(r.cacheFs().opt.ChunkSize)*int64(i)
+			if o < 0 || o >= r.cachedObject.Size() {
+				continue
+			}
+			if v, ok := r.seenOffsets[o]; ok && v {
+				continue
+			}
+
+			r.seenOffsets[o] = true
+			r.preloadQueue <- o
+		}
+	}
+}
+
+// getChunk is called by the FS to retrieve a specific chunk of known start and size from where it can find it
+// it can be from transient or persistent cache
+// it will also build the chunk from the cache's specific chunk boundaries and build the final desired chunk in a buffer
+func (r *Handle) getChunk(chunkStart int64) ([]byte, error) {
+	var data []byte
+	var err error
+
+	// we calculate the modulus of the requested offset with the size of a chunk
+	offset := chunkStart % int64(r.cacheFs().opt.ChunkSize)
+
+	// we align the start offset of the first chunk to a likely chunk in the storage
+	chunkStart = chunkStart - offset
+	r.queueOffset(chunkStart)
+	found := false
+
+	if r.UseMemory {
+		data, err = r.memory.GetChunk(r.cachedObject, chunkStart)
+		if err == nil {
+			found = true
+		}
+	}
+
+	if !found {
+		// we're gonna give the workers a chance to pickup the chunk
+		// and retry a couple of times
+		for i := 0; i < r.cacheFs().opt.ReadRetries*8; i++ {
+			data, err = r.storage().GetChunk(r.cachedObject, chunkStart)
+			if err == nil {
+				found = true
+				break
+			}
+
+			fs.Debugf(r, "%v: chunk retry storage: %v", chunkStart, i)
+			time.Sleep(time.Millisecond * 500)
+		}
+	}
+
+	// not found in ram or
+	// the worker didn't managed to download the chunk in time so we abort and close the stream
+	if err != nil || len(data) == 0 || !found {
+		if r.workers == 0 {
+			fs.Errorf(r, "out of workers")
+			return nil, io.ErrUnexpectedEOF
+		}
+
+		return nil, errors.Errorf("chunk not found %v", chunkStart)
+	}
+
+	// first chunk will be aligned with the start
+	if offset > 0 {
+		if offset > int64(len(data)) {
+			fs.Errorf(r, "unexpected conditions during reading. current position: %v, current chunk position: %v, current chunk size: %v, offset: %v, chunk size: %v, file size: %v",
+				r.offset, chunkStart, len(data), offset, r.cacheFs().opt.ChunkSize, r.cachedObject.Size())
+			return nil, io.ErrUnexpectedEOF
+		}
+		data = data[int(offset):]
+	}
+
+	return data, nil
+}
+
+// Read a chunk from storage or len(p)
+func (r *Handle) Read(p []byte) (n int, err error) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	var buf []byte
+
+	// first reading
+	if !r.reading {
+		r.reading = true
+	}
+	// reached EOF
+	if r.offset >= r.cachedObject.Size() {
+		return 0, io.EOF
+	}
+	currentOffset := r.offset
+	buf, err = r.getChunk(currentOffset)
+	if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
+		fs.Errorf(r, "(%v/%v) error (%v) response", currentOffset, r.cachedObject.Size(), err)
+	}
+	if len(buf) == 0 && err != io.ErrUnexpectedEOF {
+		return 0, io.EOF
+	}
+	readSize := copy(p, buf)
+	newOffset := currentOffset + int64(readSize)
+	r.offset = newOffset
+
+	return readSize, err
+}
+
+// Close will tell the workers to stop
+func (r *Handle) Close() error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	if r.closed {
+		return errors.New("file already closed")
+	}
+
+	close(r.preloadQueue)
+	r.closed = true
+	// wait for workers to complete their jobs before returning
+	r.workersWg.Wait()
+	r.memory.db.Flush()
+
+	fs.Debugf(r, "cache reader closed %v", r.offset)
+	return nil
+}
+
+// Seek will move the current offset based on whence and instruct the workers to move there too
+func (r *Handle) Seek(offset int64, whence int) (int64, error) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+
+	var err error
+	switch whence {
+	case io.SeekStart:
+		fs.Debugf(r, "moving offset set from %v to %v", r.offset, offset)
+		r.offset = offset
+	case io.SeekCurrent:
+		fs.Debugf(r, "moving offset cur from %v to %v", r.offset, r.offset+offset)
+		r.offset += offset
+	case io.SeekEnd:
+		fs.Debugf(r, "moving offset end (%v) from %v to %v", r.cachedObject.Size(), r.offset, r.cachedObject.Size()+offset)
+		r.offset = r.cachedObject.Size() + offset
+	default:
+		err = errors.Errorf("cache: unimplemented seek whence %v", whence)
+	}
+
+	chunkStart := r.offset - (r.offset % int64(r.cacheFs().opt.ChunkSize))
+	if chunkStart >= int64(r.cacheFs().opt.ChunkSize) {
+		chunkStart = chunkStart - int64(r.cacheFs().opt.ChunkSize)
+	}
+	r.queueOffset(chunkStart)
+
+	return r.offset, err
+}
+
+type worker struct {
+	r  *Handle
+	rc io.ReadCloser
+	id int
+}
+
+// String is a representation of this worker
+func (w *worker) String() string {
+	return fmt.Sprintf("worker-%v <%v>", w.id, w.r.cachedObject.Name)
+}
+
+// reader will return a reader depending on the capabilities of the source reader:
+//   - if it supports seeking it will seek to the desired offset and return the same reader
+//   - if it doesn't support seeking it will close a possible existing one and open at the desired offset
+//   - if there's no reader associated with this worker, it will create one
+func (w *worker) reader(offset, end int64, closeOpen bool) (io.ReadCloser, error) {
+	var err error
+	r := w.rc
+	if w.rc == nil {
+		r, err = w.r.cacheFs().openRateLimited(func() (io.ReadCloser, error) {
+			return w.r.cachedObject.Object.Open(&fs.RangeOption{Start: offset, End: end - 1})
+		})
+		if err != nil {
+			return nil, err
+		}
+		return r, nil
+	}
+
+	if !closeOpen {
+		if do, ok := r.(fs.RangeSeeker); ok {
+			_, err = do.RangeSeek(offset, io.SeekStart, end-offset)
+			return r, err
+		} else if do, ok := r.(io.Seeker); ok {
+			_, err = do.Seek(offset, io.SeekStart)
+			return r, err
+		}
+	}
+
+	_ = w.rc.Close()
+	return w.r.cacheFs().openRateLimited(func() (io.ReadCloser, error) {
+		r, err = w.r.cachedObject.Object.Open(&fs.RangeOption{Start: offset, End: end - 1})
+		if err != nil {
+			return nil, err
+		}
+		return r, nil
+	})
+}
+
+// run is the main loop for the worker which receives offsets to preload
+func (w *worker) run() {
+	var err error
+	var data []byte
+	defer func() {
+		if w.rc != nil {
+			_ = w.rc.Close()
+		}
+		w.r.workersWg.Done()
+	}()
+
+	for {
+		chunkStart, open := <-w.r.preloadQueue
+		if chunkStart < 0 || !open {
+			break
+		}
+
+		// skip if it exists
+		if w.r.UseMemory {
+			if w.r.memory.HasChunk(w.r.cachedObject, chunkStart) {
+				continue
+			}
+
+			// add it in ram if it's in the persistent storage
+			data, err = w.r.storage().GetChunk(w.r.cachedObject, chunkStart)
+			if err == nil {
+				err = w.r.memory.AddChunk(w.r.cachedObject.abs(), data, chunkStart)
+				if err != nil {
+					fs.Errorf(w, "failed caching chunk in ram %v: %v", chunkStart, err)
+				} else {
+					continue
+				}
+			}
+		} else {
+			if w.r.storage().HasChunk(w.r.cachedObject, chunkStart) {
+				continue
+			}
+		}
+
+		chunkEnd := chunkStart + int64(w.r.cacheFs().opt.ChunkSize)
+		// TODO: Remove this comment if it proves to be reliable for #1896
+		//if chunkEnd > w.r.cachedObject.Size() {
+		//	chunkEnd = w.r.cachedObject.Size()
+		//}
+
+		w.download(chunkStart, chunkEnd, 0)
+	}
+}
+
+func (w *worker) download(chunkStart, chunkEnd int64, retry int) {
+	var err error
+	var data []byte
+
+	// stop retries
+	if retry >= w.r.cacheFs().opt.ReadRetries {
+		return
+	}
+	// back-off between retries
+	if retry > 0 {
+		time.Sleep(time.Second * time.Duration(retry))
+	}
+
+	closeOpen := false
+	if retry > 0 {
+		closeOpen = true
+	}
+	w.rc, err = w.reader(chunkStart, chunkEnd, closeOpen)
+	// we seem to be getting only errors so we abort
+	if err != nil {
+		fs.Errorf(w, "object open failed %v: %v", chunkStart, err)
+		err = w.r.cachedObject.refreshFromSource(true)
+		if err != nil {
+			fs.Errorf(w, "%v", err)
+		}
+		w.download(chunkStart, chunkEnd, retry+1)
+		return
+	}
+
+	data = make([]byte, chunkEnd-chunkStart)
+	var sourceRead int
+	sourceRead, err = io.ReadFull(w.rc, data)
+	if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
+		fs.Errorf(w, "failed to read chunk %v: %v", chunkStart, err)
+		err = w.r.cachedObject.refreshFromSource(true)
+		if err != nil {
+			fs.Errorf(w, "%v", err)
+		}
+		w.download(chunkStart, chunkEnd, retry+1)
+		return
+	}
+	data = data[:sourceRead] // reslice to remove extra garbage
+	if err == io.ErrUnexpectedEOF {
+		fs.Debugf(w, "partial downloaded chunk %v", fs.SizeSuffix(chunkStart))
+	} else {
+		fs.Debugf(w, "downloaded chunk %v", chunkStart)
+	}
+
+	if w.r.UseMemory {
+		err = w.r.memory.AddChunk(w.r.cachedObject.abs(), data, chunkStart)
+		if err != nil {
+			fs.Errorf(w, "failed caching chunk in ram %v: %v", chunkStart, err)
+		}
+	}
+
+	err = w.r.storage().AddChunk(w.r.cachedObject.abs(), data, chunkStart)
+	if err != nil {
+		fs.Errorf(w, "failed caching chunk in storage %v: %v", chunkStart, err)
+	}
+}
+
+const (
+	// BackgroundUploadStarted is a state for a temp file that has started upload
+	BackgroundUploadStarted = iota
+	// BackgroundUploadCompleted is a state for a temp file that has completed upload
+	BackgroundUploadCompleted
+	// BackgroundUploadError is a state for a temp file that has an error upload
+	BackgroundUploadError
+)
+
+// BackgroundUploadState is an entity that maps to an existing file which is stored on the temp fs
+type BackgroundUploadState struct {
+	Remote string
+	Status int
+	Error  error
+}
+
+type backgroundWriter struct {
+	fs       *Fs
+	stateCh  chan int
+	running  bool
+	notifyCh chan BackgroundUploadState
+	mu       sync.Mutex
+}
+
+func newBackgroundWriter(f *Fs) *backgroundWriter {
+	b := &backgroundWriter{
+		fs:       f,
+		stateCh:  make(chan int),
+		notifyCh: make(chan BackgroundUploadState),
+	}
+
+	return b
+}
+
+func (b *backgroundWriter) close() {
+	b.stateCh <- 2
+	b.mu.Lock()
+	defer b.mu.Unlock()
+	b.running = false
+
+}
+
+func (b *backgroundWriter) pause() {
+	b.stateCh <- 1
+}
+
+func (b *backgroundWriter) play() {
+	b.stateCh <- 0
+}
+
+func (b *backgroundWriter) isRunning() bool {
+	b.mu.Lock()
+	defer b.mu.Unlock()
+	return b.running
+}
+
+func (b *backgroundWriter) notify(remote string, status int, err error) {
+	state := BackgroundUploadState{
+		Remote: remote,
+		Status: status,
+		Error:  err,
+	}
+	select {
+	case b.notifyCh <- state:
+		fs.Debugf(remote, "notified background upload state: %v", state.Status)
+	default:
+	}
+}
+
+func (b *backgroundWriter) run() {
+	state := 0
+	for {
+		b.mu.Lock()
+		b.running = true
+		b.mu.Unlock()
+		select {
+		case s := <-b.stateCh:
+			state = s
+		default:
+			//
+		}
+		switch state {
+		case 1:
+			runtime.Gosched()
+			time.Sleep(time.Millisecond * 500)
+			continue
+		case 2:
+			return
+		}
+
+		absPath, err := b.fs.cache.getPendingUpload(b.fs.Root(), time.Duration(b.fs.opt.TempWaitTime))
+		if err != nil || absPath == "" || !b.fs.isRootInPath(absPath) {
+			time.Sleep(time.Second)
+			continue
+		}
+
+		remote := b.fs.cleanRootFromPath(absPath)
+		b.notify(remote, BackgroundUploadStarted, nil)
+		fs.Infof(remote, "background upload: started upload")
+		err = operations.MoveFile(b.fs.UnWrap(), b.fs.tempFs, remote, remote)
+		if err != nil {
+			b.notify(remote, BackgroundUploadError, err)
+			_ = b.fs.cache.rollbackPendingUpload(absPath)
+			fs.Errorf(remote, "background upload: %v", err)
+			continue
+		}
+		// clean empty dirs up to root
+		thisDir := cleanPath(path.Dir(remote))
+		for thisDir != "" {
+			thisList, err := b.fs.tempFs.List(thisDir)
+			if err != nil {
+				break
+			}
+			if len(thisList) > 0 {
+				break
+			}
+			err = b.fs.tempFs.Rmdir(thisDir)
+			fs.Debugf(thisDir, "cleaned from temp path")
+			if err != nil {
+				break
+			}
+			thisDir = cleanPath(path.Dir(thisDir))
+		}
+		fs.Infof(remote, "background upload: uploaded entry")
+		err = b.fs.cache.removePendingUpload(absPath)
+		if err != nil && !strings.Contains(err.Error(), "pending upload not found") {
+			fs.Errorf(remote, "background upload: %v", err)
+		}
+		parentCd := NewDirectory(b.fs, cleanPath(path.Dir(remote)))
+		err = b.fs.cache.ExpireDir(parentCd)
+		if err != nil {
+			fs.Errorf(parentCd, "background upload: cache expire error: %v", err)
+		}
+		b.fs.notifyChangeUpstream(remote, fs.EntryObject)
+		fs.Infof(remote, "finished background upload")
+		b.notify(remote, BackgroundUploadCompleted, nil)
+	}
+}
+
+// Check the interfaces are satisfied
+var (
+	_ io.ReadCloser = (*Handle)(nil)
+	_ io.Seeker     = (*Handle)(nil)
+)
--- a/backend/cache/object.go
+++ b/backend/cache/object.go
@@ -0,0 +1,371 @@
+// +build !plan9
+
+package cache
+
+import (
+	"io"
+	"path"
+	"sync"
+	"time"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/hash"
+	"github.com/ncw/rclone/lib/readers"
+	"github.com/pkg/errors"
+)
+
+const (
+	objectInCache       = "Object"
+	objectPendingUpload = "TempObject"
+)
+
+// Object is a generic file like object that stores basic information about it
+type Object struct {
+	fs.Object `json:"-"`
+
+	ParentFs      fs.Fs                `json:"-"`        // parent fs
+	CacheFs       *Fs                  `json:"-"`        // cache fs
+	Name          string               `json:"name"`     // name of the directory
+	Dir           string               `json:"dir"`      // abs path of the object
+	CacheModTime  int64                `json:"modTime"`  // modification or creation time - IsZero for unknown
+	CacheSize     int64                `json:"size"`     // size of directory and contents or -1 if unknown
+	CacheStorable bool                 `json:"storable"` // says whether this object can be stored
+	CacheType     string               `json:"cacheType"`
+	CacheTs       time.Time            `json:"cacheTs"`
+	CacheHashes   map[hash.Type]string // all supported hashes cached
+
+	refreshMutex sync.Mutex
+}
+
+// NewObject builds one from a generic fs.Object
+func NewObject(f *Fs, remote string) *Object {
+	fullRemote := path.Join(f.Root(), remote)
+	dir, name := path.Split(fullRemote)
+
+	cacheType := objectInCache
+	parentFs := f.UnWrap()
+	if f.opt.TempWritePath != "" {
+		_, err := f.cache.SearchPendingUpload(fullRemote)
+		if err == nil { // queued for upload
+			cacheType = objectPendingUpload
+			parentFs = f.tempFs
+			fs.Debugf(fullRemote, "pending upload found")
+		}
+	}
+
+	co := &Object{
+		ParentFs:      parentFs,
+		CacheFs:       f,
+		Name:          cleanPath(name),
+		Dir:           cleanPath(dir),
+		CacheModTime:  time.Now().UnixNano(),
+		CacheSize:     0,
+		CacheStorable: false,
+		CacheType:     cacheType,
+		CacheTs:       time.Now(),
+	}
+	return co
+}
+
+// ObjectFromOriginal builds one from a generic fs.Object
+func ObjectFromOriginal(f *Fs, o fs.Object) *Object {
+	var co *Object
+	fullRemote := cleanPath(path.Join(f.Root(), o.Remote()))
+	dir, name := path.Split(fullRemote)
+
+	cacheType := objectInCache
+	parentFs := f.UnWrap()
+	if f.opt.TempWritePath != "" {
+		_, err := f.cache.SearchPendingUpload(fullRemote)
+		if err == nil { // queued for upload
+			cacheType = objectPendingUpload
+			parentFs = f.tempFs
+			fs.Debugf(fullRemote, "pending upload found")
+		}
+	}
+
+	co = &Object{
+		ParentFs:  parentFs,
+		CacheFs:   f,
+		Name:      cleanPath(name),
+		Dir:       cleanPath(dir),
+		CacheType: cacheType,
+		CacheTs:   time.Now(),
+	}
+	co.updateData(o)
+	return co
+}
+
+func (o *Object) updateData(source fs.Object) {
+	o.Object = source
+	o.CacheModTime = source.ModTime().UnixNano()
+	o.CacheSize = source.Size()
+	o.CacheStorable = source.Storable()
+	o.CacheTs = time.Now()
+	o.CacheHashes = make(map[hash.Type]string)
+}
+
+// Fs returns its FS info
+func (o *Object) Fs() fs.Info {
+	return o.CacheFs
+}
+
+// String returns a human friendly name for this object
+func (o *Object) String() string {
+	if o == nil {
+		return "<nil>"
+	}
+	return o.Remote()
+}
+
+// Remote returns the remote path
+func (o *Object) Remote() string {
+	p := path.Join(o.Dir, o.Name)
+	return o.CacheFs.cleanRootFromPath(p)
+}
+
+// abs returns the absolute path to the object
+func (o *Object) abs() string {
+	return path.Join(o.Dir, o.Name)
+}
+
+// ModTime returns the cached ModTime
+func (o *Object) ModTime() time.Time {
+	_ = o.refresh()
+	return time.Unix(0, o.CacheModTime)
+}
+
+// Size returns the cached Size
+func (o *Object) Size() int64 {
+	_ = o.refresh()
+	return o.CacheSize
+}
+
+// Storable returns the cached Storable
+func (o *Object) Storable() bool {
+	_ = o.refresh()
+	return o.CacheStorable
+}
+
+// refresh will check if the object info is expired and request the info from source if it is
+// all these conditions must be true to ignore a refresh
+// 1. cache ts didn't expire yet
+// 2. is not pending a notification from the wrapped fs
+func (o *Object) refresh() error {
+	isNotified := o.CacheFs.isNotifiedRemote(o.Remote())
+	isExpired := time.Now().After(o.CacheTs.Add(time.Duration(o.CacheFs.opt.InfoAge)))
+	if !isExpired && !isNotified {
+		return nil
+	}
+
+	return o.refreshFromSource(true)
+}
+
+// refreshFromSource requests the original FS for the object in case it comes from a cached entry
+func (o *Object) refreshFromSource(force bool) error {
+	o.refreshMutex.Lock()
+	defer o.refreshMutex.Unlock()
+	var err error
+	var liveObject fs.Object
+
+	if o.Object != nil && !force {
+		return nil
+	}
+	if o.isTempFile() {
+		liveObject, err = o.ParentFs.NewObject(o.Remote())
+		err = errors.Wrapf(err, "in parent fs %v", o.ParentFs)
+	} else {
+		liveObject, err = o.CacheFs.Fs.NewObject(o.Remote())
+		err = errors.Wrapf(err, "in cache fs %v", o.CacheFs.Fs)
+	}
+	if err != nil {
+		fs.Errorf(o, "error refreshing object in : %v", err)
+		return err
+	}
+	o.updateData(liveObject)
+	o.persist()
+
+	return nil
+}
+
+// SetModTime sets the ModTime of this object
+func (o *Object) SetModTime(t time.Time) error {
+	if err := o.refreshFromSource(false); err != nil {
+		return err
+	}
+
+	err := o.Object.SetModTime(t)
+	if err != nil {
+		return err
+	}
+
+	o.CacheModTime = t.UnixNano()
+	o.persist()
+	fs.Debugf(o, "updated ModTime: %v", t)
+
+	return nil
+}
+
+// Open is used to request a specific part of the file using fs.RangeOption
+func (o *Object) Open(options ...fs.OpenOption) (io.ReadCloser, error) {
+	var err error
+
+	if o.Object == nil {
+		err = o.refreshFromSource(true)
+	} else {
+		err = o.refresh()
+	}
+	if err != nil {
+		return nil, err
+	}
+
+	cacheReader := NewObjectHandle(o, o.CacheFs)
+	var offset, limit int64 = 0, -1
+	for _, option := range options {
+		switch x := option.(type) {
+		case *fs.SeekOption:
+			offset = x.Offset
+		case *fs.RangeOption:
+			offset, limit = x.Decode(o.Size())
+		}
+		_, err = cacheReader.Seek(offset, io.SeekStart)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	return readers.NewLimitedReadCloser(cacheReader, limit), nil
+}
+
+// Update will change the object data
+func (o *Object) Update(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) error {
+	if err := o.refreshFromSource(false); err != nil {
+		return err
+	}
+	// pause background uploads if active
+	if o.CacheFs.opt.TempWritePath != "" {
+		o.CacheFs.backgroundRunner.pause()
+		defer o.CacheFs.backgroundRunner.play()
+		// don't allow started uploads
+		if o.isTempFile() && o.tempFileStartedUpload() {
+			return errors.Errorf("%v is currently uploading, can't update", o)
+		}
+	}
+	fs.Debugf(o, "updating object contents with size %v", src.Size())
+
+	// FIXME use reliable upload
+	err := o.Object.Update(in, src, options...)
+	if err != nil {
+		fs.Errorf(o, "error updating source: %v", err)
+		return err
+	}
+
+	// deleting cached chunks and info to be replaced with new ones
+	_ = o.CacheFs.cache.RemoveObject(o.abs())
+	// advertise to ChangeNotify if wrapped doesn't do that
+	o.CacheFs.notifyChangeUpstreamIfNeeded(o.Remote(), fs.EntryObject)
+
+	o.CacheModTime = src.ModTime().UnixNano()
+	o.CacheSize = src.Size()
+	o.CacheHashes = make(map[hash.Type]string)
+	o.CacheTs = time.Now()
+	o.persist()
+
+	return nil
+}
+
+// Remove deletes the object from both the cache and the source
+func (o *Object) Remove() error {
+	if err := o.refreshFromSource(false); err != nil {
+		return err
+	}
+	// pause background uploads if active
+	if o.CacheFs.opt.TempWritePath != "" {
+		o.CacheFs.backgroundRunner.pause()
+		defer o.CacheFs.backgroundRunner.play()
+		// don't allow started uploads
+		if o.isTempFile() && o.tempFileStartedUpload() {
+			return errors.Errorf("%v is currently uploading, can't delete", o)
+		}
+	}
+	err := o.Object.Remove()
+	if err != nil {
+		return err
+	}
+
+	fs.Debugf(o, "removing object")
+	_ = o.CacheFs.cache.RemoveObject(o.abs())
+	_ = o.CacheFs.cache.removePendingUpload(o.abs())
+	parentCd := NewDirectory(o.CacheFs, cleanPath(path.Dir(o.Remote())))
+	_ = o.CacheFs.cache.ExpireDir(parentCd)
+	// advertise to ChangeNotify if wrapped doesn't do that
+	o.CacheFs.notifyChangeUpstreamIfNeeded(parentCd.Remote(), fs.EntryDirectory)
+
+	return nil
+}
+
+// Hash requests a hash of the object and stores in the cache
+// since it might or might not be called, this is lazy loaded
+func (o *Object) Hash(ht hash.Type) (string, error) {
+	_ = o.refresh()
+	if o.CacheHashes == nil {
+		o.CacheHashes = make(map[hash.Type]string)
+	}
+
+	cachedHash, found := o.CacheHashes[ht]
+	if found {
+		return cachedHash, nil
+	}
+	if err := o.refreshFromSource(false); err != nil {
+		return "", err
+	}
+	liveHash, err := o.Object.Hash(ht)
+	if err != nil {
+		return "", err
+	}
+	o.CacheHashes[ht] = liveHash
+
+	o.persist()
+	fs.Debugf(o, "object hash cached: %v", liveHash)
+
+	return liveHash, nil
+}
+
+// persist adds this object to the persistent cache
+func (o *Object) persist() *Object {
+	err := o.CacheFs.cache.AddObject(o)
+	if err != nil {
+		fs.Errorf(o, "failed to cache object: %v", err)
+	}
+	return o
+}
+
+func (o *Object) isTempFile() bool {
+	_, err := o.CacheFs.cache.SearchPendingUpload(o.abs())
+	if err != nil {
+		o.CacheType = objectInCache
+		return false
+	}
+
+	o.CacheType = objectPendingUpload
+	return true
+}
+
+func (o *Object) tempFileStartedUpload() bool {
+	started, err := o.CacheFs.cache.SearchPendingUpload(o.abs())
+	if err != nil {
+		return false
+	}
+	return started
+}
+
+// UnWrap returns the Object that this Object is wrapping or
+// nil if it isn't wrapping anything
+func (o *Object) UnWrap() fs.Object {
+	return o.Object
+}
+
+var (
+	_ fs.Object          = (*Object)(nil)
+	_ fs.ObjectUnWrapper = (*Object)(nil)
+)
--- a/backend/cache/plex.go
+++ b/backend/cache/plex.go
@@ -0,0 +1,298 @@
+// +build !plan9
+
+package cache
+
+import (
+	"bytes"
+	"crypto/tls"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"strings"
+	"sync"
+	"time"
+
+	"github.com/ncw/rclone/fs"
+	cache "github.com/patrickmn/go-cache"
+	"golang.org/x/net/websocket"
+)
+
+const (
+	// defPlexLoginURL is the default URL for Plex login
+	defPlexLoginURL        = "https://plex.tv/users/sign_in.json"
+	defPlexNotificationURL = "%s/:/websockets/notifications?X-Plex-Token=%s"
+)
+
+// PlaySessionStateNotification is part of the API response of Plex
+type PlaySessionStateNotification struct {
+	SessionKey       string `json:"sessionKey"`
+	GUID             string `json:"guid"`
+	Key              string `json:"key"`
+	ViewOffset       int64  `json:"viewOffset"`
+	State            string `json:"state"`
+	TranscodeSession string `json:"transcodeSession"`
+}
+
+// NotificationContainer is part of the API response of Plex
+type NotificationContainer struct {
+	Type             string                         `json:"type"`
+	Size             int                            `json:"size"`
+	PlaySessionState []PlaySessionStateNotification `json:"PlaySessionStateNotification"`
+}
+
+// PlexNotification is part of the API response of Plex
+type PlexNotification struct {
+	Container NotificationContainer `json:"NotificationContainer"`
+}
+
+// plexConnector is managing the cache integration with Plex
+type plexConnector struct {
+	url        *url.URL
+	username   string
+	password   string
+	token      string
+	insecure   bool
+	f          *Fs
+	mu         sync.Mutex
+	running    bool
+	runningMu  sync.Mutex
+	stateCache *cache.Cache
+	saveToken  func(string)
+}
+
+// newPlexConnector connects to a Plex server and generates a token
+func newPlexConnector(f *Fs, plexURL, username, password string, insecure bool, saveToken func(string)) (*plexConnector, error) {
+	u, err := url.ParseRequestURI(strings.TrimRight(plexURL, "/"))
+	if err != nil {
+		return nil, err
+	}
+
+	pc := &plexConnector{
+		f:          f,
+		url:        u,
+		username:   username,
+		password:   password,
+		token:      "",
+		insecure:   insecure,
+		stateCache: cache.New(time.Hour, time.Minute),
+		saveToken:  saveToken,
+	}
+
+	return pc, nil
+}
+
+// newPlexConnector connects to a Plex server and generates a token
+func newPlexConnectorWithToken(f *Fs, plexURL, token string, insecure bool) (*plexConnector, error) {
+	u, err := url.ParseRequestURI(strings.TrimRight(plexURL, "/"))
+	if err != nil {
+		return nil, err
+	}
+
+	pc := &plexConnector{
+		f:          f,
+		url:        u,
+		token:      token,
+		insecure:   insecure,
+		stateCache: cache.New(time.Hour, time.Minute),
+	}
+	pc.listenWebsocket()
+
+	return pc, nil
+}
+
+func (p *plexConnector) closeWebsocket() {
+	p.runningMu.Lock()
+	defer p.runningMu.Unlock()
+	fs.Infof("plex", "stopped Plex watcher")
+	p.running = false
+}
+
+func (p *plexConnector) websocketDial() (*websocket.Conn, error) {
+	u := strings.TrimRight(strings.Replace(strings.Replace(
+		p.url.String(), "http://", "ws://", 1), "https://", "wss://", 1), "/")
+	url := fmt.Sprintf(defPlexNotificationURL, u, p.token)
+
+	config, err := websocket.NewConfig(url, "http://localhost")
+	if err != nil {
+		return nil, err
+	}
+	if p.insecure {
+		config.TlsConfig = &tls.Config{InsecureSkipVerify: true}
+	}
+	return websocket.DialConfig(config)
+}
+
+func (p *plexConnector) listenWebsocket() {
+	p.runningMu.Lock()
+	defer p.runningMu.Unlock()
+
+	conn, err := p.websocketDial()
+	if err != nil {
+		fs.Errorf("plex", "%v", err)
+		return
+	}
+
+	p.running = true
+	go func() {
+		for {
+			if !p.isConnected() {
+				break
+			}
+
+			notif := &PlexNotification{}
+			err := websocket.JSON.Receive(conn, notif)
+			if err != nil {
+				fs.Debugf("plex", "%v", err)
+				p.closeWebsocket()
+				break
+			}
+			// we're only interested in play events
+			if notif.Container.Type == "playing" {
+				// we loop through each of them
+				for _, v := range notif.Container.PlaySessionState {
+					// event type of playing
+					if v.State == "playing" {
+						// if it's not cached get the details and cache them
+						if _, found := p.stateCache.Get(v.Key); !found {
+							req, err := http.NewRequest("GET", fmt.Sprintf("%s%s", p.url.String(), v.Key), nil)
+							if err != nil {
+								continue
+							}
+							p.fillDefaultHeaders(req)
+							resp, err := http.DefaultClient.Do(req)
+							if err != nil {
+								continue
+							}
+							var data []byte
+							data, err = ioutil.ReadAll(resp.Body)
+							if err != nil {
+								continue
+							}
+							p.stateCache.Set(v.Key, data, cache.DefaultExpiration)
+						}
+					} else if v.State == "stopped" {
+						p.stateCache.Delete(v.Key)
+					}
+				}
+			}
+		}
+	}()
+}
+
+// fillDefaultHeaders will add common headers to requests
+func (p *plexConnector) fillDefaultHeaders(req *http.Request) {
+	req.Header.Add("X-Plex-Client-Identifier", fmt.Sprintf("rclone (%v)", p.f.String()))
+	req.Header.Add("X-Plex-Product", fmt.Sprintf("rclone (%v)", p.f.Name()))
+	req.Header.Add("X-Plex-Version", fs.Version)
+	req.Header.Add("Accept", "application/json")
+	if p.token != "" {
+		req.Header.Add("X-Plex-Token", p.token)
+	}
+}
+
+// authenticate will generate a token based on a username/password
+func (p *plexConnector) authenticate() error {
+	p.mu.Lock()
+	defer p.mu.Unlock()
+
+	form := url.Values{}
+	form.Set("user[login]", p.username)
+	form.Add("user[password]", p.password)
+	req, err := http.NewRequest("POST", defPlexLoginURL, strings.NewReader(form.Encode()))
+	if err != nil {
+		return err
+	}
+	p.fillDefaultHeaders(req)
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return err
+	}
+	var data map[string]interface{}
+	err = json.NewDecoder(resp.Body).Decode(&data)
+	if err != nil {
+		return fmt.Errorf("failed to obtain token: %v", err)
+	}
+	tokenGen, ok := get(data, "user", "authToken")
+	if !ok {
+		return fmt.Errorf("failed to obtain token: %v", data)
+	}
+	token, ok := tokenGen.(string)
+	if !ok {
+		return fmt.Errorf("failed to obtain token: %v", data)
+	}
+	p.token = token
+	if p.token != "" {
+		if p.saveToken != nil {
+			p.saveToken(p.token)
+		}
+		fs.Infof(p.f.Name(), "Connected to Plex server: %v", p.url.String())
+	}
+	p.listenWebsocket()
+
+	return nil
+}
+
+// isConnected checks if this rclone is authenticated to Plex
+func (p *plexConnector) isConnected() bool {
+	p.runningMu.Lock()
+	defer p.runningMu.Unlock()
+	return p.running
+}
+
+// isConfigured checks if this rclone is configured to use a Plex server
+func (p *plexConnector) isConfigured() bool {
+	return p.url != nil
+}
+
+func (p *plexConnector) isPlaying(co *Object) bool {
+	var err error
+	if !p.isConnected() {
+		p.listenWebsocket()
+	}
+
+	remote := co.Remote()
+	if cr, yes := p.f.isWrappedByCrypt(); yes {
+		remote, err = cr.DecryptFileName(co.Remote())
+		if err != nil {
+			fs.Debugf("plex", "can not decrypt wrapped file: %v", err)
+			return false
+		}
+	}
+
+	isPlaying := false
+	for _, v := range p.stateCache.Items() {
+		if bytes.Contains(v.Object.([]byte), []byte(remote)) {
+			isPlaying = true
+			break
+		}
+	}
+
+	return isPlaying
+}
+
+// adapted from: https://stackoverflow.com/a/28878037 (credit)
+func get(m interface{}, path ...interface{}) (interface{}, bool) {
+	for _, p := range path {
+		switch idx := p.(type) {
+		case string:
+			if mm, ok := m.(map[string]interface{}); ok {
+				if val, found := mm[idx]; found {
+					m = val
+					continue
+				}
+			}
+			return nil, false
+		case int:
+			if mm, ok := m.([]interface{}); ok {
+				if len(mm) > idx {
+					m = mm[idx]
+					continue
+				}
+			}
+			return nil, false
+		}
+	}
+	return m, true
+}
--- a/backend/cache/storage_memory.go
+++ b/backend/cache/storage_memory.go
@@ -0,0 +1,98 @@
+// +build !plan9
+
+package cache
+
+import (
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/ncw/rclone/fs"
+	cache "github.com/patrickmn/go-cache"
+	"github.com/pkg/errors"
+)
+
+// Memory is a wrapper of transient storage for a go-cache store
+type Memory struct {
+	db *cache.Cache
+}
+
+// NewMemory builds this cache storage
+// defaultExpiration will set the expiry time of chunks in this storage
+func NewMemory(defaultExpiration time.Duration) *Memory {
+	mem := &Memory{}
+	err := mem.Connect(defaultExpiration)
+	if err != nil {
+		fs.Errorf("cache", "can't open ram connection: %v", err)
+	}
+
+	return mem
+}
+
+// Connect will create a connection for the storage
+func (m *Memory) Connect(defaultExpiration time.Duration) error {
+	m.db = cache.New(defaultExpiration, -1)
+	return nil
+}
+
+// HasChunk confirms the existence of a single chunk of an object
+func (m *Memory) HasChunk(cachedObject *Object, offset int64) bool {
+	key := cachedObject.abs() + "-" + strconv.FormatInt(offset, 10)
+	_, found := m.db.Get(key)
+	return found
+}
+
+// GetChunk will retrieve a single chunk which belongs to a cached object or an error if it doesn't find it
+func (m *Memory) GetChunk(cachedObject *Object, offset int64) ([]byte, error) {
+	key := cachedObject.abs() + "-" + strconv.FormatInt(offset, 10)
+	var data []byte
+
+	if x, found := m.db.Get(key); found {
+		data = x.([]byte)
+		return data, nil
+	}
+
+	return nil, errors.Errorf("couldn't get cached object data at offset %v", offset)
+}
+
+// AddChunk adds a new chunk of a cached object
+func (m *Memory) AddChunk(fp string, data []byte, offset int64) error {
+	return m.AddChunkAhead(fp, data, offset, time.Second)
+}
+
+// AddChunkAhead adds a new chunk of a cached object
+func (m *Memory) AddChunkAhead(fp string, data []byte, offset int64, t time.Duration) error {
+	key := fp + "-" + strconv.FormatInt(offset, 10)
+	m.db.Set(key, data, cache.DefaultExpiration)
+
+	return nil
+}
+
+// CleanChunksByAge will cleanup on a cron basis
+func (m *Memory) CleanChunksByAge(chunkAge time.Duration) {
+	m.db.DeleteExpired()
+}
+
+// CleanChunksByNeed will cleanup chunks after the FS passes a specific chunk
+func (m *Memory) CleanChunksByNeed(offset int64) {
+	var items map[string]cache.Item
+
+	items = m.db.Items()
+	for key := range items {
+		sepIdx := strings.LastIndex(key, "-")
+		keyOffset, err := strconv.ParseInt(key[sepIdx+1:], 10, 64)
+		if err != nil {
+			fs.Errorf("cache", "couldn't parse offset entry %v", key)
+			continue
+		}
+
+		if keyOffset < offset {
+			m.db.Delete(key)
+		}
+	}
+}
+
+// CleanChunksBySize will cleanup chunks after the total size passes a certain point
+func (m *Memory) CleanChunksBySize(maxSize int64) {
+	// NOOP
+}
--- a/backend/cache/storage_persistent.go
+++ b/backend/cache/storage_persistent.go
--- a/backend/crypt/cipher.go
+++ b/backend/crypt/cipher.go
@@ -8,17 +8,18 @@ import (
 	"encoding/base32"
 	"fmt"
 	"io"
+	"strconv"
 	"strings"
 	"sync"
 	"unicode/utf8"

-	"github.com/ncw/rclone/crypt/pkcs7"
+	"github.com/ncw/rclone/backend/crypt/pkcs7"
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/accounting"
 	"github.com/pkg/errors"
-
+	"github.com/rfjakob/eme"
 	"golang.org/x/crypto/nacl/secretbox"
 	"golang.org/x/crypto/scrypt"
-
-	"github.com/rfjakob/eme"
 )

 // Constants
@@ -40,6 +41,7 @@ var (
 	ErrorBadDecryptControlChar   = errors.New("bad decryption - contains control chars")
 	ErrorNotAMultipleOfBlocksize = errors.New("not a multiple of blocksize")
 	ErrorTooShortAfterDecode     = errors.New("too short after base32 decode")
+	ErrorTooLongAfterDecode      = errors.New("too long after base32 decode")
 	ErrorEncryptedFileTooShort   = errors.New("file is too short to be encrypted")
 	ErrorEncryptedFileBadHeader  = errors.New("file has truncated block header")
 	ErrorEncryptedBadMagic       = errors.New("not an encrypted file - bad magic string")
@@ -49,6 +51,7 @@ var (
 	ErrorNotAnEncryptedFile      = errors.New("not an encrypted file - no \"" + encryptedSuffix + "\" suffix")
 	ErrorBadSeek                 = errors.New("Seek beyond end of file")
 	defaultSalt                  = []byte{0xA8, 0x0D, 0xF4, 0x3A, 0x8F, 0xBD, 0x03, 0x08, 0xA7, 0xCA, 0xB8, 0x3E, 0x58, 0x1F, 0x86, 0xB1}
+	obfuscQuoteRune              = '!'
 )

 // Global variables
@@ -61,10 +64,11 @@ type ReadSeekCloser interface {
 	io.Reader
 	io.Seeker
 	io.Closer
+	fs.RangeSeeker
 }

-// OpenAtOffset opens the file handle at the offset given
-type OpenAtOffset func(offset int64) (io.ReadCloser, error)
+// OpenRangeSeek opens the file handle at the offset with the limit given
+type OpenRangeSeek func(offset, limit int64) (io.ReadCloser, error)

 // Cipher is used to swap out the encryption implementations
 type Cipher interface {
@@ -81,11 +85,13 @@ type Cipher interface {
 	// DecryptData
 	DecryptData(io.ReadCloser) (io.ReadCloser, error)
 	// DecryptDataSeek decrypt at a given position
-	DecryptDataSeek(open OpenAtOffset, offset int64) (ReadSeekCloser, error)
+	DecryptDataSeek(open OpenRangeSeek, offset, limit int64) (ReadSeekCloser, error)
 	// EncryptedSize calculates the size of the data when encrypted
 	EncryptedSize(int64) int64
 	// DecryptedSize calculates the size of the data when decrypted
 	DecryptedSize(int64) (int64, error)
+	// NameEncryptionMode returns the used mode for name handling
+	NameEncryptionMode() NameEncryptionMode
 }

 // NameEncryptionMode is the type of file name encryption in use
@@ -95,6 +101,7 @@ type NameEncryptionMode int
 const (
 	NameEncryptionOff NameEncryptionMode = iota
 	NameEncryptionStandard
+	NameEncryptionObfuscated
 )

 // NewNameEncryptionMode turns a string into a NameEncryptionMode
@@ -105,6 +112,8 @@ func NewNameEncryptionMode(s string) (mode NameEncryptionMode, err error) {
 		mode = NameEncryptionOff
 	case "standard":
 		mode = NameEncryptionStandard
+	case "obfuscate":
+		mode = NameEncryptionObfuscated
 	default:
 		err = errors.Errorf("Unknown file name encryption mode %q", s)
 	}
@@ -118,6 +127,8 @@ func (mode NameEncryptionMode) String() (out string) {
 		out = "off"
 	case NameEncryptionStandard:
 		out = "standard"
+	case NameEncryptionObfuscated:
+		out = "obfuscate"
 	default:
 		out = fmt.Sprintf("Unknown mode #%d", mode)
 	}
@@ -125,20 +136,22 @@ func (mode NameEncryptionMode) String() (out string) {
 }

 type cipher struct {
-	dataKey    [32]byte                  // Key for secretbox
-	nameKey    [32]byte                  // 16,24 or 32 bytes
-	nameTweak  [nameCipherBlockSize]byte // used to tweak the name crypto
-	block      gocipher.Block
-	mode       NameEncryptionMode
-	buffers    sync.Pool // encrypt/decrypt buffers
-	cryptoRand io.Reader // read crypto random numbers from here
+	dataKey        [32]byte                  // Key for secretbox
+	nameKey        [32]byte                  // 16,24 or 32 bytes
+	nameTweak      [nameCipherBlockSize]byte // used to tweak the name crypto
+	block          gocipher.Block
+	mode           NameEncryptionMode
+	buffers        sync.Pool // encrypt/decrypt buffers
+	cryptoRand     io.Reader // read crypto random numbers from here
+	dirNameEncrypt bool
 }

 // newCipher initialises the cipher.  If salt is "" then it uses a built in salt val
-func newCipher(mode NameEncryptionMode, password, salt string) (*cipher, error) {
+func newCipher(mode NameEncryptionMode, password, salt string, dirNameEncrypt bool) (*cipher, error) {
 	c := &cipher{
-		mode:       mode,
-		cryptoRand: rand.Reader,
+		mode:           mode,
+		cryptoRand:     rand.Reader,
+		dirNameEncrypt: dirNameEncrypt,
 	}
 	c.buffers.New = func() interface{} {
 		return make([]byte, blockSize)
@@ -272,6 +285,9 @@ func (c *cipher) decryptSegment(ciphertext string) (string, error) {
 		// not possible if decodeFilename() working correctly
 		return "", ErrorTooShortAfterDecode
 	}
+	if len(rawCiphertext) > 2048 {
+		return "", ErrorTooLongAfterDecode
+	}
 	paddedPlaintext := eme.Transform(c.block, c.nameTweak[:], rawCiphertext, eme.DirectionDecrypt)
 	plaintext, err := pkcs7.Unpad(nameCipherBlockSize, paddedPlaintext)
 	if err != nil {
@@ -284,11 +300,194 @@ func (c *cipher) decryptSegment(ciphertext string) (string, error) {
 	return string(plaintext), err
 }

+// Simple obfuscation routines
+func (c *cipher) obfuscateSegment(plaintext string) string {
+	if plaintext == "" {
+		return ""
+	}
+
+	// If the string isn't valid UTF8 then don't rotate; just
+	// prepend a !.
+	if !utf8.ValidString(plaintext) {
+		return "!." + plaintext
+	}
+
+	// Calculate a simple rotation based on the filename and
+	// the nameKey
+	var dir int
+	for _, runeValue := range plaintext {
+		dir += int(runeValue)
+	}
+	dir = dir % 256
+
+	// We'll use this number to store in the result filename...
+	var result bytes.Buffer
+	_, _ = result.WriteString(strconv.Itoa(dir) + ".")
+
+	// but we'll augment it with the nameKey for real calculation
+	for i := 0; i < len(c.nameKey); i++ {
+		dir += int(c.nameKey[i])
+	}
+
+	// Now for each character, depending on the range it is in
+	// we will actually rotate a different amount
+	for _, runeValue := range plaintext {
+		switch {
+		case runeValue == obfuscQuoteRune:
+			// Quote the Quote character
+			_, _ = result.WriteRune(obfuscQuoteRune)
+			_, _ = result.WriteRune(obfuscQuoteRune)
+
+		case runeValue >= '0' && runeValue <= '9':
+			// Number
+			thisdir := (dir % 9) + 1
+			newRune := '0' + (int(runeValue)-'0'+thisdir)%10
+			_, _ = result.WriteRune(rune(newRune))
+
+		case (runeValue >= 'A' && runeValue <= 'Z') ||
+			(runeValue >= 'a' && runeValue <= 'z'):
+			// ASCII letter.  Try to avoid trivial A->a mappings
+			thisdir := dir%25 + 1
+			// Calculate the offset of this character in A-Za-z
+			pos := int(runeValue - 'A')
+			if pos >= 26 {
+				pos -= 6 // It's lower case
+			}
+			// Rotate the character to the new location
+			pos = (pos + thisdir) % 52
+			if pos >= 26 {
+				pos += 6 // and handle lower case offset again
+			}
+			_, _ = result.WriteRune(rune('A' + pos))
+
+		case runeValue >= 0xA0 && runeValue <= 0xFF:
+			// Latin 1 supplement
+			thisdir := (dir % 95) + 1
+			newRune := 0xA0 + (int(runeValue)-0xA0+thisdir)%96
+			_, _ = result.WriteRune(rune(newRune))
+
+		case runeValue >= 0x100:
+			// Some random Unicode range; we have no good rules here
+			thisdir := (dir % 127) + 1
+			base := int(runeValue - runeValue%256)
+			newRune := rune(base + (int(runeValue)-base+thisdir)%256)
+			// If the new character isn't a valid UTF8 char
+			// then don't rotate it.  Quote it instead
+			if !utf8.ValidRune(newRune) {
+				_, _ = result.WriteRune(obfuscQuoteRune)
+				_, _ = result.WriteRune(runeValue)
+			} else {
+				_, _ = result.WriteRune(newRune)
+			}
+
+		default:
+			// Leave character untouched
+			_, _ = result.WriteRune(runeValue)
+		}
+	}
+	return result.String()
+}
+
+func (c *cipher) deobfuscateSegment(ciphertext string) (string, error) {
+	if ciphertext == "" {
+		return "", nil
+	}
+	pos := strings.Index(ciphertext, ".")
+	if pos == -1 {
+		return "", ErrorNotAnEncryptedFile
+	} // No .
+	num := ciphertext[:pos]
+	if num == "!" {
+		// No rotation; probably original was not valid unicode
+		return ciphertext[pos+1:], nil
+	}
+	dir, err := strconv.Atoi(num)
+	if err != nil {
+		return "", ErrorNotAnEncryptedFile // Not a number
+	}
+
+	// add the nameKey to get the real rotate distance
+	for i := 0; i < len(c.nameKey); i++ {
+		dir += int(c.nameKey[i])
+	}
+
+	var result bytes.Buffer
+
+	inQuote := false
+	for _, runeValue := range ciphertext[pos+1:] {
+		switch {
+		case inQuote:
+			_, _ = result.WriteRune(runeValue)
+			inQuote = false
+
+		case runeValue == obfuscQuoteRune:
+			inQuote = true
+
+		case runeValue >= '0' && runeValue <= '9':
+			// Number
+			thisdir := (dir % 9) + 1
+			newRune := '0' + int(runeValue) - '0' - thisdir
+			if newRune < '0' {
+				newRune += 10
+			}
+			_, _ = result.WriteRune(rune(newRune))
+
+		case (runeValue >= 'A' && runeValue <= 'Z') ||
+			(runeValue >= 'a' && runeValue <= 'z'):
+			thisdir := dir%25 + 1
+			pos := int(runeValue - 'A')
+			if pos >= 26 {
+				pos -= 6
+			}
+			pos = pos - thisdir
+			if pos < 0 {
+				pos += 52
+			}
+			if pos >= 26 {
+				pos += 6
+			}
+			_, _ = result.WriteRune(rune('A' + pos))
+
+		case runeValue >= 0xA0 && runeValue <= 0xFF:
+			thisdir := (dir % 95) + 1
+			newRune := 0xA0 + int(runeValue) - 0xA0 - thisdir
+			if newRune < 0xA0 {
+				newRune += 96
+			}
+			_, _ = result.WriteRune(rune(newRune))
+
+		case runeValue >= 0x100:
+			thisdir := (dir % 127) + 1
+			base := int(runeValue - runeValue%256)
+			newRune := rune(base + (int(runeValue) - base - thisdir))
+			if int(newRune) < base {
+				newRune += 256
+			}
+			_, _ = result.WriteRune(newRune)
+
+		default:
+			_, _ = result.WriteRune(runeValue)
+
+		}
+	}
+
+	return result.String(), nil
+}
+
 // encryptFileName encrypts a file path
 func (c *cipher) encryptFileName(in string) string {
 	segments := strings.Split(in, "/")
 	for i := range segments {
-		segments[i] = c.encryptSegment(segments[i])
+		// Skip directory name encryption if the user chose to
+		// leave them intact
+		if !c.dirNameEncrypt && i != (len(segments)-1) {
+			continue
+		}
+		if c.mode == NameEncryptionStandard {
+			segments[i] = c.encryptSegment(segments[i])
+		} else {
+			segments[i] = c.obfuscateSegment(segments[i])
+		}
 	}
 	return strings.Join(segments, "/")
 }
@@ -303,7 +502,7 @@ func (c *cipher) EncryptFileName(in string) string {

 // EncryptDirName encrypts a directory path
 func (c *cipher) EncryptDirName(in string) string {
-	if c.mode == NameEncryptionOff {
+	if c.mode == NameEncryptionOff || !c.dirNameEncrypt {
 		return in
 	}
 	return c.encryptFileName(in)
@@ -314,7 +513,17 @@ func (c *cipher) decryptFileName(in string) (string, error) {
 	segments := strings.Split(in, "/")
 	for i := range segments {
 		var err error
-		segments[i], err = c.decryptSegment(segments[i])
+		// Skip directory name decryption if the user chose to
+		// leave them intact
+		if !c.dirNameEncrypt && i != (len(segments)-1) {
+			continue
+		}
+		if c.mode == NameEncryptionStandard {
+			segments[i], err = c.decryptSegment(segments[i])
+		} else {
+			segments[i], err = c.deobfuscateSegment(segments[i])
+		}
+
 		if err != nil {
 			return "", err
 		}
@@ -336,12 +545,16 @@ func (c *cipher) DecryptFileName(in string) (string, error) {

 // DecryptDirName decrypts a directory path
 func (c *cipher) DecryptDirName(in string) (string, error) {
-	if c.mode == NameEncryptionOff {
+	if c.mode == NameEncryptionOff || !c.dirNameEncrypt {
 		return in, nil
 	}
 	return c.decryptFileName(in)
 }

+func (c *cipher) NameEncryptionMode() NameEncryptionMode {
+	return c.mode
+}
+
 // nonce is an NACL secretbox nonce
 type nonce [fileNonceSize]byte

@@ -416,7 +629,7 @@ type encrypter struct {
 }

 // newEncrypter creates a new file handle encrypting on the fly
-func (c *cipher) newEncrypter(in io.Reader) (*encrypter, error) {
+func (c *cipher) newEncrypter(in io.Reader, nonce *nonce) (*encrypter, error) {
 	fh := &encrypter{
 		in:      in,
 		c:       c,
@@ -425,9 +638,13 @@ func (c *cipher) newEncrypter(in io.Reader) (*encrypter, error) {
 		bufSize: fileHeaderSize,
 	}
 	// Initialise nonce
-	err := fh.nonce.fromReader(c.cryptoRand)
-	if err != nil {
-		return nil, err
+	if nonce != nil {
+		fh.nonce = *nonce
+	} else {
+		err := fh.nonce.fromReader(c.cryptoRand)
+		if err != nil {
+			return nil, err
+		}
 	}
 	// Copy magic into buffer
 	copy(fh.buf, fileMagicBytes)
@@ -449,14 +666,13 @@ func (fh *encrypter) Read(p []byte) (n int, err error) {
 		// FIXME should overlap the reads with a go-routine and 2 buffers?
 		readBuf := fh.readBuf[:blockDataSize]
 		n, err = io.ReadFull(fh.in, readBuf)
-		if err == io.EOF {
-			// ReadFull only returns n=0 and EOF
-			return fh.finish(io.EOF)
-		} else if err == io.ErrUnexpectedEOF {
-			// Next read will return EOF
-		} else if err != nil {
+		if n == 0 {
+			// err can't be nil since:
+			// n == len(buf) if and only if err == nil.
 			return fh.finish(err)
 		}
+		// possibly err != nil here, but we will process the
+		// data and the next call to ReadFull will return 0, err
 		// Write nonce to start of block
 		copy(fh.buf, fh.nonce[:])
 		// Encrypt the block using the nonce
@@ -486,11 +702,12 @@ func (fh *encrypter) finish(err error) (int, error) {

 // Encrypt data encrypts the data stream
 func (c *cipher) EncryptData(in io.Reader) (io.Reader, error) {
-	out, err := c.newEncrypter(in)
+	in, wrap := accounting.UnWrap(in) // unwrap the accounting off the Reader
+	out, err := c.newEncrypter(in, nil)
 	if err != nil {
 		return nil, err
 	}
-	return out, nil
+	return wrap(out), nil // and wrap the accounting back on
 }

 // decrypter decrypts an io.ReaderCloser on the fly
@@ -505,7 +722,8 @@ type decrypter struct {
 	bufIndex     int
 	bufSize      int
 	err          error
-	open         OpenAtOffset
+	limit        int64 // limit of bytes to read, -1 for unlimited
+	open         OpenRangeSeek
 }

 // newDecrypter creates a new file handle decrypting on the fly
@@ -515,6 +733,7 @@ func (c *cipher) newDecrypter(rc io.ReadCloser) (*decrypter, error) {
 		c:       c,
 		buf:     c.getBlock(),
 		readBuf: c.getBlock(),
+		limit:   -1,
 	}
 	// Read file header (magic + nonce)
 	readBuf := fh.readBuf[:fileHeaderSize]
@@ -529,16 +748,31 @@ func (c *cipher) newDecrypter(rc io.ReadCloser) (*decrypter, error) {
 	if !bytes.Equal(readBuf[:fileMagicSize], fileMagicBytes) {
 		return nil, fh.finishAndClose(ErrorEncryptedBadMagic)
 	}
-	// retreive the nonce
+	// retrieve the nonce
 	fh.nonce.fromBuf(readBuf[fileMagicSize:])
 	fh.initialNonce = fh.nonce
 	return fh, nil
 }

 // newDecrypterSeek creates a new file handle decrypting on the fly
-func (c *cipher) newDecrypterSeek(open OpenAtOffset, offset int64) (fh *decrypter, err error) {
+func (c *cipher) newDecrypterSeek(open OpenRangeSeek, offset, limit int64) (fh *decrypter, err error) {
+	var rc io.ReadCloser
+	doRangeSeek := false
+	setLimit := false
 	// Open initially with no seek
-	rc, err := open(0)
+	if offset == 0 && limit < 0 {
+		// If no offset or limit then open whole file
+		rc, err = open(0, -1)
+	} else if offset == 0 {
+		// If no offset open the header + limit worth of the file
+		_, underlyingLimit, _, _ := calculateUnderlying(offset, limit)
+		rc, err = open(0, int64(fileHeaderSize)+underlyingLimit)
+		setLimit = true
+	} else {
+		// Otherwise just read the header to start with
+		rc, err = open(0, int64(fileHeaderSize))
+		doRangeSeek = true
+	}
 	if err != nil {
 		return nil, err
 	}
@@ -547,14 +781,17 @@ func (c *cipher) newDecrypterSeek(open OpenAtOffset, offset int64) (fh *decrypte
 	if err != nil {
 		return nil, err
 	}
-	fh.open = open // will be called by fh.Seek
-	if offset != 0 {
-		_, err = fh.Seek(offset, 0)
+	fh.open = open // will be called by fh.RangeSeek
+	if doRangeSeek {
+		_, err = fh.RangeSeek(offset, io.SeekStart, limit)
 		if err != nil {
 			_ = fh.Close()
 			return nil, err
 		}
 	}
+	if setLimit {
+		fh.limit = limit
+	}
 	return fh, nil
 }

@@ -563,26 +800,27 @@ func (fh *decrypter) fillBuffer() (err error) {
 	// FIXME should overlap the reads with a go-routine and 2 buffers?
 	readBuf := fh.readBuf
 	n, err := io.ReadFull(fh.rc, readBuf)
-	if err == io.EOF {
-		// ReadFull only returns n=0 and EOF
-		return io.EOF
-	} else if err == io.ErrUnexpectedEOF {
-		// Next read will return EOF
-	} else if err != nil {
+	if n == 0 {
+		// err can't be nil since:
+		// n == len(buf) if and only if err == nil.
 		return err
 	}
+	// possibly err != nil here, but we will process the data and
+	// the next call to ReadFull will return 0, err
+
 	// Check header + 1 byte exists
 	if n <= blockHeaderSize {
+		if err != nil {
+			return err // return pending error as it is likely more accurate
+		}
 		return ErrorEncryptedFileBadHeader
 	}
 	// Decrypt the block using the nonce
 	block := fh.buf
 	_, ok := secretbox.Open(block[:0], readBuf[:n], fh.nonce.pointer(), &fh.c.dataKey)
 	if !ok {
-		// if block wouldn't decode and got unexpected EOF
-		// then return that as it is probably a better error
 		if err != nil {
-			return err
+			return err // return pending error as it is likely more accurate
 		}
 		return ErrorEncryptedBadBlock
 	}
@@ -606,20 +844,73 @@ func (fh *decrypter) Read(p []byte) (n int, err error) {
 			return 0, fh.finish(err)
 		}
 	}
-	n = copy(p, fh.buf[fh.bufIndex:fh.bufSize])
+	toCopy := fh.bufSize - fh.bufIndex
+	if fh.limit >= 0 && fh.limit < int64(toCopy) {
+		toCopy = int(fh.limit)
+	}
+	n = copy(p, fh.buf[fh.bufIndex:fh.bufIndex+toCopy])
 	fh.bufIndex += n
+	if fh.limit >= 0 {
+		fh.limit -= int64(n)
+		if fh.limit == 0 {
+			return n, fh.finish(io.EOF)
+		}
+	}
 	return n, nil
 }

-// Seek as per io.Seeker
-func (fh *decrypter) Seek(offset int64, whence int) (int64, error) {
+// calculateUnderlying converts an (offset, limit) in a crypted file
+// into an (underlyingOffset, underlyingLimit) for the underlying
+// file.
+//
+// It also returns number of bytes to discard after reading the first
+// block and number of blocks this is from the start so the nonce can
+// be incremented.
+func calculateUnderlying(offset, limit int64) (underlyingOffset, underlyingLimit, discard, blocks int64) {
+	// blocks we need to seek, plus bytes we need to discard
+	blocks, discard = offset/blockDataSize, offset%blockDataSize
+
+	// Offset in underlying stream we need to seek
+	underlyingOffset = int64(fileHeaderSize) + blocks*(blockHeaderSize+blockDataSize)
+
+	// work out how many blocks we need to read
+	underlyingLimit = int64(-1)
+	if limit >= 0 {
+		// bytes to read beyond the first block
+		bytesToRead := limit - (blockDataSize - discard)
+
+		// Read the first block
+		blocksToRead := int64(1)
+
+		if bytesToRead > 0 {
+			// Blocks that need to be read plus left over blocks
+			extraBlocksToRead, endBytes := bytesToRead/blockDataSize, bytesToRead%blockDataSize
+			if endBytes != 0 {
+				// If left over bytes must read another block
+				extraBlocksToRead++
+			}
+			blocksToRead += extraBlocksToRead
+		}
+
+		// Must read a whole number of blocks
+		underlyingLimit = blocksToRead * (blockHeaderSize + blockDataSize)
+	}
+	return
+}
+
+// RangeSeek behaves like a call to Seek(offset int64, whence
+// int) with the output wrapped in an io.LimitedReader
+// limiting the total length to limit.
+//
+// RangeSeek with a limit of < 0 is equivalent to a regular Seek.
+func (fh *decrypter) RangeSeek(offset int64, whence int, limit int64) (int64, error) {
 	fh.mu.Lock()
 	defer fh.mu.Unlock()

 	if fh.open == nil {
 		return 0, fh.finish(errors.New("can't seek - not initialised with newDecrypterSeek"))
 	}
-	if whence != 0 {
+	if whence != io.SeekStart {
 		return 0, fh.finish(errors.New("can only seek from the start"))
 	}

@@ -630,20 +921,16 @@ func (fh *decrypter) Seek(offset int64, whence int) (int64, error) {
 		return 0, fh.err
 	}

-	// blocks we need to seek, plus bytes we need to discard
-	blocks, discard := offset/blockDataSize, offset%blockDataSize
-
-	// Offset in underlying stream we need to seek
-	underlyingOffset := int64(fileHeaderSize) + blocks*(blockHeaderSize+blockDataSize)
+	underlyingOffset, underlyingLimit, discard, blocks := calculateUnderlying(offset, limit)

 	// Move the nonce on the correct number of blocks from the start
 	fh.nonce = fh.initialNonce
 	fh.nonce.add(uint64(blocks))

 	// Can we seek underlying stream directly?
-	if do, ok := fh.rc.(io.Seeker); ok {
+	if do, ok := fh.rc.(fs.RangeSeeker); ok {
 		// Seek underlying stream directly
-		_, err := do.Seek(underlyingOffset, 0)
+		_, err := do.RangeSeek(underlyingOffset, 0, underlyingLimit)
 		if err != nil {
 			return 0, fh.finish(err)
 		}
@@ -653,9 +940,9 @@ func (fh *decrypter) Seek(offset int64, whence int) (int64, error) {
 		fh.rc = nil

 		// Re-open the underlying object with the offset given
-		rc, err := fh.open(underlyingOffset)
+		rc, err := fh.open(underlyingOffset, underlyingLimit)
 		if err != nil {
-			return 0, fh.finish(errors.Wrap(err, "couldn't reopen file with offset"))
+			return 0, fh.finish(errors.Wrap(err, "couldn't reopen file with offset and limit"))
 		}

 		// Set the file handle
@@ -674,9 +961,17 @@ func (fh *decrypter) Seek(offset int64, whence int) (int64, error) {
 	}
 	fh.bufIndex = int(discard)

+	// Set the limit
+	fh.limit = limit
+
 	return offset, nil
 }

+// Seek implements the io.Seeker interface
+func (fh *decrypter) Seek(offset int64, whence int) (int64, error) {
+	return fh.RangeSeek(offset, whence, -1)
+}
+
 // finish sets the final error and tidies up
 func (fh *decrypter) finish(err error) error {
 	if fh.err != nil {
@@ -748,8 +1043,8 @@ func (c *cipher) DecryptData(rc io.ReadCloser) (io.ReadCloser, error) {
 // The open function must return a ReadCloser opened to the offset supplied
 //
 // You must use this form of DecryptData if you might want to Seek the file handle
-func (c *cipher) DecryptDataSeek(open OpenAtOffset, offset int64) (ReadSeekCloser, error) {
-	out, err := c.newDecrypterSeek(open, offset)
+func (c *cipher) DecryptDataSeek(open OpenRangeSeek, offset, limit int64) (ReadSeekCloser, error) {
+	out, err := c.newDecrypterSeek(open, offset, limit)
 	if err != nil {
 		return nil, err
 	}
@@ -786,7 +1081,9 @@ func (c *cipher) DecryptedSize(size int64) (int64, error) {

 // check interfaces
 var (
-	_ Cipher        = (*cipher)(nil)
-	_ io.ReadCloser = (*decrypter)(nil)
-	_ io.Reader     = (*encrypter)(nil)
+	_ Cipher         = (*cipher)(nil)
+	_ io.ReadCloser  = (*decrypter)(nil)
+	_ io.Seeker      = (*decrypter)(nil)
+	_ fs.RangeSeeker = (*decrypter)(nil)
+	_ io.Reader      = (*encrypter)(nil)
 )
--- a/backend/crypt/cipher_test.go
+++ b/backend/crypt/cipher_test.go
@@ -9,7 +9,7 @@ import (
 	"strings"
 	"testing"

-	"github.com/ncw/rclone/crypt/pkcs7"
+	"github.com/ncw/rclone/backend/crypt/pkcs7"
 	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -23,7 +23,8 @@ func TestNewNameEncryptionMode(t *testing.T) {
 	}{
 		{"off", NameEncryptionOff, ""},
 		{"standard", NameEncryptionStandard, ""},
-		{"potato", NameEncryptionMode(0), "Unknown file name encryption mode \"potato\""},
+		{"obfuscate", NameEncryptionObfuscated, ""},
+		{"potato", NameEncryptionOff, "Unknown file name encryption mode \"potato\""},
 	} {
 		actual, actualErr := NewNameEncryptionMode(test.in)
 		assert.Equal(t, actual, test.expected)
@@ -38,7 +39,8 @@ func TestNewNameEncryptionMode(t *testing.T) {
 func TestNewNameEncryptionModeString(t *testing.T) {
 	assert.Equal(t, NameEncryptionOff.String(), "off")
 	assert.Equal(t, NameEncryptionStandard.String(), "standard")
-	assert.Equal(t, NameEncryptionMode(2).String(), "Unknown mode #2")
+	assert.Equal(t, NameEncryptionObfuscated.String(), "obfuscate")
+	assert.Equal(t, NameEncryptionMode(3).String(), "Unknown mode #3")
 }

 func TestValidString(t *testing.T) {
@@ -84,7 +86,7 @@ func TestValidString(t *testing.T) {
 		{"£100", nil},
 		{`hello? sausage/êé/Hello, 世界/ " ' @ < > & ?/z.txt`, nil},
 		{"£100", nil},
-		// Following tests from http://www.php.net/manual/en/reference.pcre.pattern.modifiers.php#54805
+		// Following tests from https://secure.php.net/manual/en/reference.pcre.pattern.modifiers.php#54805
 		{"a", nil},                                        // Valid ASCII
 		{"\xc3\xb1", nil},                                 // Valid 2 Octet Sequence
 		{"\xc3\x28", ErrorBadDecryptUTF8},                 // Invalid 2 Octet Sequence
@@ -155,7 +157,7 @@ func TestDecodeFileName(t *testing.T) {
 }

 func TestEncryptSegment(t *testing.T) {
-	c, _ := newCipher(NameEncryptionStandard, "", "")
+	c, _ := newCipher(NameEncryptionStandard, "", "", true)
 	for _, test := range []struct {
 		in       string
 		expected string
@@ -192,13 +194,18 @@ func TestEncryptSegment(t *testing.T) {

 func TestDecryptSegment(t *testing.T) {
 	// We've tested the forwards above, now concentrate on the errors
-	c, _ := newCipher(NameEncryptionStandard, "", "")
+	longName := make([]byte, 3328)
+	for i := range longName {
+		longName[i] = 'a'
+	}
+	c, _ := newCipher(NameEncryptionStandard, "", "", true)
 	for _, test := range []struct {
 		in          string
 		expectedErr error
 	}{
 		{"64=", ErrorBadBase32Encoding},
 		{"!", base32.CorruptInputError(0)},
+		{string(longName), ErrorTooLongAfterDecode},
 		{encodeFileName([]byte("a")), ErrorNotAMultipleOfBlocksize},
 		{encodeFileName([]byte("123456789abcdef")), ErrorNotAMultipleOfBlocksize},
 		{encodeFileName([]byte("123456789abcdef0")), pkcs7.ErrorPaddingTooLong},
@@ -212,32 +219,54 @@ func TestDecryptSegment(t *testing.T) {

 func TestEncryptFileName(t *testing.T) {
 	// First standard mode
-	c, _ := newCipher(NameEncryptionStandard, "", "")
+	c, _ := newCipher(NameEncryptionStandard, "", "", true)
 	assert.Equal(t, "p0e52nreeaj0a5ea7s64m4j72s", c.EncryptFileName("1"))
 	assert.Equal(t, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng", c.EncryptFileName("1/12"))
 	assert.Equal(t, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0", c.EncryptFileName("1/12/123"))
+	// Standard mode with directory name encryption off
+	c, _ = newCipher(NameEncryptionStandard, "", "", false)
+	assert.Equal(t, "p0e52nreeaj0a5ea7s64m4j72s", c.EncryptFileName("1"))
+	assert.Equal(t, "1/l42g6771hnv3an9cgc8cr2n1ng", c.EncryptFileName("1/12"))
+	assert.Equal(t, "1/12/qgm4avr35m5loi1th53ato71v0", c.EncryptFileName("1/12/123"))
 	// Now off mode
-	c, _ = newCipher(NameEncryptionOff, "", "")
+	c, _ = newCipher(NameEncryptionOff, "", "", true)
 	assert.Equal(t, "1/12/123.bin", c.EncryptFileName("1/12/123"))
+	// Obfuscation mode
+	c, _ = newCipher(NameEncryptionObfuscated, "", "", true)
+	assert.Equal(t, "49.6/99.23/150.890/53.!!lipps", c.EncryptFileName("1/12/123/!hello"))
+	assert.Equal(t, "161.\u00e4", c.EncryptFileName("\u00a1"))
+	assert.Equal(t, "160.\u03c2", c.EncryptFileName("\u03a0"))
+	// Obfuscation mode with directory name encryption off
+	c, _ = newCipher(NameEncryptionObfuscated, "", "", false)
+	assert.Equal(t, "1/12/123/53.!!lipps", c.EncryptFileName("1/12/123/!hello"))
+	assert.Equal(t, "161.\u00e4", c.EncryptFileName("\u00a1"))
+	assert.Equal(t, "160.\u03c2", c.EncryptFileName("\u03a0"))
 }

 func TestDecryptFileName(t *testing.T) {
 	for _, test := range []struct {
-		mode        NameEncryptionMode
-		in          string
-		expected    string
-		expectedErr error
+		mode           NameEncryptionMode
+		dirNameEncrypt bool
+		in             string
+		expected       string
+		expectedErr    error
 	}{
-		{NameEncryptionStandard, "p0e52nreeaj0a5ea7s64m4j72s", "1", nil},
-		{NameEncryptionStandard, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng", "1/12", nil},
-		{NameEncryptionStandard, "p0e52nreeAJ0A5EA7S64M4J72S/L42G6771HNv3an9cgc8cr2n1ng", "1/12", nil},
-		{NameEncryptionStandard, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0", "1/12/123", nil},
-		{NameEncryptionStandard, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1/qgm4avr35m5loi1th53ato71v0", "", ErrorNotAMultipleOfBlocksize},
-		{NameEncryptionOff, "1/12/123.bin", "1/12/123", nil},
-		{NameEncryptionOff, "1/12/123.bix", "", ErrorNotAnEncryptedFile},
-		{NameEncryptionOff, ".bin", "", ErrorNotAnEncryptedFile},
+		{NameEncryptionStandard, true, "p0e52nreeaj0a5ea7s64m4j72s", "1", nil},
+		{NameEncryptionStandard, true, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng", "1/12", nil},
+		{NameEncryptionStandard, true, "p0e52nreeAJ0A5EA7S64M4J72S/L42G6771HNv3an9cgc8cr2n1ng", "1/12", nil},
+		{NameEncryptionStandard, true, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0", "1/12/123", nil},
+		{NameEncryptionStandard, true, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1/qgm4avr35m5loi1th53ato71v0", "", ErrorNotAMultipleOfBlocksize},
+		{NameEncryptionStandard, false, "1/12/qgm4avr35m5loi1th53ato71v0", "1/12/123", nil},
+		{NameEncryptionOff, true, "1/12/123.bin", "1/12/123", nil},
+		{NameEncryptionOff, true, "1/12/123.bix", "", ErrorNotAnEncryptedFile},
+		{NameEncryptionOff, true, ".bin", "", ErrorNotAnEncryptedFile},
+		{NameEncryptionObfuscated, true, "!.hello", "hello", nil},
+		{NameEncryptionObfuscated, true, "hello", "", ErrorNotAnEncryptedFile},
+		{NameEncryptionObfuscated, true, "161.\u00e4", "\u00a1", nil},
+		{NameEncryptionObfuscated, true, "160.\u03c2", "\u03a0", nil},
+		{NameEncryptionObfuscated, false, "1/12/123/53.!!lipps", "1/12/123/!hello", nil},
 	} {
-		c, _ := newCipher(test.mode, "", "")
+		c, _ := newCipher(test.mode, "", "", test.dirNameEncrypt)
 		actual, actualErr := c.DecryptFileName(test.in)
 		what := fmt.Sprintf("Testing %q (mode=%v)", test.in, test.mode)
 		assert.Equal(t, test.expected, actual, what)
@@ -245,34 +274,59 @@ func TestDecryptFileName(t *testing.T) {
 	}
 }

+func TestEncDecMatches(t *testing.T) {
+	for _, test := range []struct {
+		mode NameEncryptionMode
+		in   string
+	}{
+		{NameEncryptionStandard, "1/2/3/4"},
+		{NameEncryptionOff, "1/2/3/4"},
+		{NameEncryptionObfuscated, "1/2/3/4/!hello\u03a0"},
+		{NameEncryptionObfuscated, "Avatar The Last Airbender"},
+	} {
+		c, _ := newCipher(test.mode, "", "", true)
+		out, err := c.DecryptFileName(c.EncryptFileName(test.in))
+		what := fmt.Sprintf("Testing %q (mode=%v)", test.in, test.mode)
+		assert.Equal(t, out, test.in, what)
+		assert.Equal(t, err, nil, what)
+	}
+}
+
 func TestEncryptDirName(t *testing.T) {
 	// First standard mode
-	c, _ := newCipher(NameEncryptionStandard, "", "")
+	c, _ := newCipher(NameEncryptionStandard, "", "", true)
 	assert.Equal(t, "p0e52nreeaj0a5ea7s64m4j72s", c.EncryptDirName("1"))
 	assert.Equal(t, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng", c.EncryptDirName("1/12"))
 	assert.Equal(t, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0", c.EncryptDirName("1/12/123"))
+	// Standard mode with dir name encryption off
+	c, _ = newCipher(NameEncryptionStandard, "", "", false)
+	assert.Equal(t, "1/12", c.EncryptDirName("1/12"))
+	assert.Equal(t, "1/12/123", c.EncryptDirName("1/12/123"))
 	// Now off mode
-	c, _ = newCipher(NameEncryptionOff, "", "")
+	c, _ = newCipher(NameEncryptionOff, "", "", true)
 	assert.Equal(t, "1/12/123", c.EncryptDirName("1/12/123"))
 }

 func TestDecryptDirName(t *testing.T) {
 	for _, test := range []struct {
-		mode        NameEncryptionMode
-		in          string
-		expected    string
-		expectedErr error
+		mode           NameEncryptionMode
+		dirNameEncrypt bool
+		in             string
+		expected       string
+		expectedErr    error
 	}{
-		{NameEncryptionStandard, "p0e52nreeaj0a5ea7s64m4j72s", "1", nil},
-		{NameEncryptionStandard, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng", "1/12", nil},
-		{NameEncryptionStandard, "p0e52nreeAJ0A5EA7S64M4J72S/L42G6771HNv3an9cgc8cr2n1ng", "1/12", nil},
-		{NameEncryptionStandard, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0", "1/12/123", nil},
-		{NameEncryptionStandard, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1/qgm4avr35m5loi1th53ato71v0", "", ErrorNotAMultipleOfBlocksize},
-		{NameEncryptionOff, "1/12/123.bin", "1/12/123.bin", nil},
-		{NameEncryptionOff, "1/12/123", "1/12/123", nil},
-		{NameEncryptionOff, ".bin", ".bin", nil},
+		{NameEncryptionStandard, true, "p0e52nreeaj0a5ea7s64m4j72s", "1", nil},
+		{NameEncryptionStandard, true, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng", "1/12", nil},
+		{NameEncryptionStandard, true, "p0e52nreeAJ0A5EA7S64M4J72S/L42G6771HNv3an9cgc8cr2n1ng", "1/12", nil},
+		{NameEncryptionStandard, true, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng/qgm4avr35m5loi1th53ato71v0", "1/12/123", nil},
+		{NameEncryptionStandard, true, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1/qgm4avr35m5loi1th53ato71v0", "", ErrorNotAMultipleOfBlocksize},
+		{NameEncryptionStandard, false, "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng", "p0e52nreeaj0a5ea7s64m4j72s/l42g6771hnv3an9cgc8cr2n1ng", nil},
+		{NameEncryptionStandard, false, "1/12/123", "1/12/123", nil},
+		{NameEncryptionOff, true, "1/12/123.bin", "1/12/123.bin", nil},
+		{NameEncryptionOff, true, "1/12/123", "1/12/123", nil},
+		{NameEncryptionOff, true, ".bin", ".bin", nil},
 	} {
-		c, _ := newCipher(test.mode, "", "")
+		c, _ := newCipher(test.mode, "", "", test.dirNameEncrypt)
 		actual, actualErr := c.DecryptDirName(test.in)
 		what := fmt.Sprintf("Testing %q (mode=%v)", test.in, test.mode)
 		assert.Equal(t, test.expected, actual, what)
@@ -281,7 +335,7 @@ func TestDecryptDirName(t *testing.T) {
 }

 func TestEncryptedSize(t *testing.T) {
-	c, _ := newCipher(NameEncryptionStandard, "", "")
+	c, _ := newCipher(NameEncryptionStandard, "", "", true)
 	for _, test := range []struct {
 		in       int64
 		expected int64
@@ -305,7 +359,7 @@ func TestEncryptedSize(t *testing.T) {

 func TestDecryptedSize(t *testing.T) {
 	// Test the errors since we tested the reverse above
-	c, _ := newCipher(NameEncryptionStandard, "", "")
+	c, _ := newCipher(NameEncryptionStandard, "", "", true)
 	for _, test := range []struct {
 		in          int64
 		expectedErr error
@@ -660,7 +714,7 @@ func TestRandomSource(t *testing.T) {
 	buf := make([]byte, 16)
 	_, _ = source.Read(buf)
 	sink = newRandomSource(1E8)
-	n, err = io.Copy(sink, source)
+	_, err = io.Copy(sink, source)
 	assert.Error(t, err, "Error in stream")
 }

@@ -676,12 +730,12 @@ func (z *zeroes) Read(p []byte) (n int, err error) {

 // Test encrypt decrypt with different buffer sizes
 func testEncryptDecrypt(t *testing.T, bufSize int, copySize int64) {
-	c, err := newCipher(NameEncryptionStandard, "", "")
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
 	assert.NoError(t, err)
 	c.cryptoRand = &zeroes{} // zero out the nonce
 	buf := make([]byte, bufSize)
 	source := newRandomSource(copySize)
-	encrypted, err := c.newEncrypter(source)
+	encrypted, err := c.newEncrypter(source, nil)
 	assert.NoError(t, err)
 	decrypted, err := c.newDecrypter(ioutil.NopCloser(encrypted))
 	assert.NoError(t, err)
@@ -746,7 +800,7 @@ func TestEncryptData(t *testing.T) {
 		{[]byte{1}, file1},
 		{[]byte{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16}, file16},
 	} {
-		c, err := newCipher(NameEncryptionStandard, "", "")
+		c, err := newCipher(NameEncryptionStandard, "", "", true)
 		assert.NoError(t, err)
 		c.cryptoRand = newRandomSource(1E8) // nodge the crypto rand generator

@@ -769,25 +823,40 @@ func TestEncryptData(t *testing.T) {
 }

 func TestNewEncrypter(t *testing.T) {
-	c, err := newCipher(NameEncryptionStandard, "", "")
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
 	assert.NoError(t, err)
 	c.cryptoRand = newRandomSource(1E8) // nodge the crypto rand generator

 	z := &zeroes{}

-	fh, err := c.newEncrypter(z)
+	fh, err := c.newEncrypter(z, nil)
 	assert.NoError(t, err)
 	assert.Equal(t, nonce{0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18}, fh.nonce)
 	assert.Equal(t, []byte{'R', 'C', 'L', 'O', 'N', 'E', 0x00, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18}, fh.buf[:32])

 	// Test error path
 	c.cryptoRand = bytes.NewBufferString("123456789abcdefghijklmn")
-	fh, err = c.newEncrypter(z)
+	fh, err = c.newEncrypter(z, nil)
 	assert.Nil(t, fh)
 	assert.Error(t, err, "short read of nonce")

 }

+// Test the stream returning 0, io.ErrUnexpectedEOF - this used to
+// cause a fatal loop
+func TestNewEncrypterErrUnexpectedEOF(t *testing.T) {
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
+	assert.NoError(t, err)
+
+	in := &errorReader{io.ErrUnexpectedEOF}
+	fh, err := c.newEncrypter(in, nil)
+	assert.NoError(t, err)
+
+	n, err := io.CopyN(ioutil.Discard, fh, 1E6)
+	assert.Equal(t, io.ErrUnexpectedEOF, err)
+	assert.Equal(t, int64(32), n)
+}
+
 type errorReader struct {
 	err error
 }
@@ -813,7 +882,7 @@ func (c *closeDetector) Close() error {
 }

 func TestNewDecrypter(t *testing.T) {
-	c, err := newCipher(NameEncryptionStandard, "", "")
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
 	assert.NoError(t, err)
 	c.cryptoRand = newRandomSource(1E8) // nodge the crypto rand generator

@@ -854,8 +923,25 @@ func TestNewDecrypter(t *testing.T) {
 	}
 }

-func TestNewDecrypterSeek(t *testing.T) {
-	c, err := newCipher(NameEncryptionStandard, "", "")
+// Test the stream returning 0, io.ErrUnexpectedEOF
+func TestNewDecrypterErrUnexpectedEOF(t *testing.T) {
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
+	assert.NoError(t, err)
+
+	in2 := &errorReader{io.ErrUnexpectedEOF}
+	in1 := bytes.NewBuffer(file16)
+	in := ioutil.NopCloser(io.MultiReader(in1, in2))
+
+	fh, err := c.newDecrypter(in)
+	assert.NoError(t, err)
+
+	n, err := io.CopyN(ioutil.Discard, fh, 1E6)
+	assert.Equal(t, io.ErrUnexpectedEOF, err)
+	assert.Equal(t, int64(16), n)
+}
+
+func TestNewDecrypterSeekLimit(t *testing.T) {
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
 	assert.NoError(t, err)
 	c.cryptoRand = &zeroes{} // nodge the crypto rand generator

@@ -875,46 +961,193 @@ func TestNewDecrypterSeek(t *testing.T) {
 		127, 128, 129, 255, 256, 257, 511, 512, 513, 1023, 1024, 1025, 2047, 2048, 2049,
 		4095, 4096, 4097, 8191, 8192, 8193, 16383, 16384, 16385, 32767, 32768, 32769,
 		65535, 65536, 65537, 131071, 131072, 131073, dataSize - 1, dataSize}
+	limits := []int{-1, 0, 1, 65535, 65536, 65537, 131071, 131072, 131073}

 	// Open stream with a seek of underlyingOffset
-	open := func(underlyingOffset int64) (io.ReadCloser, error) {
-		return ioutil.NopCloser(bytes.NewBuffer(ciphertext[int(underlyingOffset):])), nil
+	var reader io.ReadCloser
+	open := func(underlyingOffset, underlyingLimit int64) (io.ReadCloser, error) {
+		end := len(ciphertext)
+		if underlyingLimit >= 0 {
+			end = int(underlyingOffset + underlyingLimit)
+			if end > len(ciphertext) {
+				end = len(ciphertext)
+			}
+		}
+		reader = ioutil.NopCloser(bytes.NewBuffer(ciphertext[int(underlyingOffset):end]))
+		return reader, nil
 	}

-	inBlock := make([]byte, 1024)
+	inBlock := make([]byte, dataSize)

 	// Check the seek worked by reading a block and checking it
 	// against what it should be
-	check := func(rc ReadSeekCloser, offset int) {
+	check := func(rc io.Reader, offset, limit int) {
 		n, err := io.ReadFull(rc, inBlock)
 		if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
 			require.NoError(t, err)
 		}
 		seekedDecrypted := inBlock[:n]

-		require.Equal(t, plaintext[offset:offset+n], seekedDecrypted)
+		what := fmt.Sprintf("offset = %d, limit = %d", offset, limit)
+		if limit >= 0 {
+			assert.Equal(t, limit, n, what)
+		}
+		require.Equal(t, plaintext[offset:offset+n], seekedDecrypted, what)
+
+		// We should have completely emptied the reader at this point
+		n, err = reader.Read(inBlock)
+		assert.Equal(t, io.EOF, err)
+		assert.Equal(t, 0, n)
 	}

 	// Now try decoding it with a open/seek
 	for _, offset := range trials {
-		rc, err := c.DecryptDataSeek(open, int64(offset))
-		assert.NoError(t, err)
+		for _, limit := range limits {
+			if offset+limit > len(plaintext) {
+				continue
+			}
+			rc, err := c.DecryptDataSeek(open, int64(offset), int64(limit))
+			assert.NoError(t, err)

-		check(rc, offset)
+			check(rc, offset, limit)
+		}
 	}

-	// Now try decoding it with a single open and lots of seeks
-	rc, err := c.DecryptDataSeek(open, 0)
+	// Try decoding it with a single open and lots of seeks
+	fh, err := c.DecryptDataSeek(open, 0, -1)
+	assert.NoError(t, err)
 	for _, offset := range trials {
-		_, err := rc.Seek(int64(offset), 0)
-		assert.NoError(t, err)
+		for _, limit := range limits {
+			if offset+limit > len(plaintext) {
+				continue
+			}
+			_, err := fh.RangeSeek(int64(offset), io.SeekStart, int64(limit))
+			assert.NoError(t, err)

-		check(rc, offset)
+			check(fh, offset, limit)
+		}
+	}
+
+	// Do some checks on the open callback
+	for _, test := range []struct {
+		offset, limit         int64
+		wantOffset, wantLimit int64
+	}{
+		// unlimited
+		{0, -1, int64(fileHeaderSize), -1},
+		{1, -1, int64(fileHeaderSize), -1},
+		{blockDataSize - 1, -1, int64(fileHeaderSize), -1},
+		{blockDataSize, -1, int64(fileHeaderSize) + blockSize, -1},
+		{blockDataSize + 1, -1, int64(fileHeaderSize) + blockSize, -1},
+		// limit=1
+		{0, 1, int64(fileHeaderSize), blockSize},
+		{1, 1, int64(fileHeaderSize), blockSize},
+		{blockDataSize - 1, 1, int64(fileHeaderSize), blockSize},
+		{blockDataSize, 1, int64(fileHeaderSize) + blockSize, blockSize},
+		{blockDataSize + 1, 1, int64(fileHeaderSize) + blockSize, blockSize},
+		// limit=100
+		{0, 100, int64(fileHeaderSize), blockSize},
+		{1, 100, int64(fileHeaderSize), blockSize},
+		{blockDataSize - 1, 100, int64(fileHeaderSize), 2 * blockSize},
+		{blockDataSize, 100, int64(fileHeaderSize) + blockSize, blockSize},
+		{blockDataSize + 1, 100, int64(fileHeaderSize) + blockSize, blockSize},
+		// limit=blockDataSize-1
+		{0, blockDataSize - 1, int64(fileHeaderSize), blockSize},
+		{1, blockDataSize - 1, int64(fileHeaderSize), blockSize},
+		{blockDataSize - 1, blockDataSize - 1, int64(fileHeaderSize), 2 * blockSize},
+		{blockDataSize, blockDataSize - 1, int64(fileHeaderSize) + blockSize, blockSize},
+		{blockDataSize + 1, blockDataSize - 1, int64(fileHeaderSize) + blockSize, blockSize},
+		// limit=blockDataSize
+		{0, blockDataSize, int64(fileHeaderSize), blockSize},
+		{1, blockDataSize, int64(fileHeaderSize), 2 * blockSize},
+		{blockDataSize - 1, blockDataSize, int64(fileHeaderSize), 2 * blockSize},
+		{blockDataSize, blockDataSize, int64(fileHeaderSize) + blockSize, blockSize},
+		{blockDataSize + 1, blockDataSize, int64(fileHeaderSize) + blockSize, 2 * blockSize},
+		// limit=blockDataSize+1
+		{0, blockDataSize + 1, int64(fileHeaderSize), 2 * blockSize},
+		{1, blockDataSize + 1, int64(fileHeaderSize), 2 * blockSize},
+		{blockDataSize - 1, blockDataSize + 1, int64(fileHeaderSize), 2 * blockSize},
+		{blockDataSize, blockDataSize + 1, int64(fileHeaderSize) + blockSize, 2 * blockSize},
+		{blockDataSize + 1, blockDataSize + 1, int64(fileHeaderSize) + blockSize, 2 * blockSize},
+	} {
+		what := fmt.Sprintf("offset = %d, limit = %d", test.offset, test.limit)
+		callCount := 0
+		testOpen := func(underlyingOffset, underlyingLimit int64) (io.ReadCloser, error) {
+			switch callCount {
+			case 0:
+				assert.Equal(t, int64(0), underlyingOffset, what)
+				assert.Equal(t, int64(-1), underlyingLimit, what)
+			case 1:
+				assert.Equal(t, test.wantOffset, underlyingOffset, what)
+				assert.Equal(t, test.wantLimit, underlyingLimit, what)
+			default:
+				t.Errorf("Too many calls %d for %s", callCount+1, what)
+			}
+			callCount++
+			return open(underlyingOffset, underlyingLimit)
+		}
+		fh, err := c.DecryptDataSeek(testOpen, 0, -1)
+		assert.NoError(t, err)
+		gotOffset, err := fh.RangeSeek(test.offset, io.SeekStart, test.limit)
+		assert.NoError(t, err)
+		assert.Equal(t, gotOffset, test.offset)
+	}
+}
+
+func TestDecrypterCalculateUnderlying(t *testing.T) {
+	for _, test := range []struct {
+		offset, limit           int64
+		wantOffset, wantLimit   int64
+		wantDiscard, wantBlocks int64
+	}{
+		// unlimited
+		{0, -1, int64(fileHeaderSize), -1, 0, 0},
+		{1, -1, int64(fileHeaderSize), -1, 1, 0},
+		{blockDataSize - 1, -1, int64(fileHeaderSize), -1, blockDataSize - 1, 0},
+		{blockDataSize, -1, int64(fileHeaderSize) + blockSize, -1, 0, 1},
+		{blockDataSize + 1, -1, int64(fileHeaderSize) + blockSize, -1, 1, 1},
+		// limit=1
+		{0, 1, int64(fileHeaderSize), blockSize, 0, 0},
+		{1, 1, int64(fileHeaderSize), blockSize, 1, 0},
+		{blockDataSize - 1, 1, int64(fileHeaderSize), blockSize, blockDataSize - 1, 0},
+		{blockDataSize, 1, int64(fileHeaderSize) + blockSize, blockSize, 0, 1},
+		{blockDataSize + 1, 1, int64(fileHeaderSize) + blockSize, blockSize, 1, 1},
+		// limit=100
+		{0, 100, int64(fileHeaderSize), blockSize, 0, 0},
+		{1, 100, int64(fileHeaderSize), blockSize, 1, 0},
+		{blockDataSize - 1, 100, int64(fileHeaderSize), 2 * blockSize, blockDataSize - 1, 0},
+		{blockDataSize, 100, int64(fileHeaderSize) + blockSize, blockSize, 0, 1},
+		{blockDataSize + 1, 100, int64(fileHeaderSize) + blockSize, blockSize, 1, 1},
+		// limit=blockDataSize-1
+		{0, blockDataSize - 1, int64(fileHeaderSize), blockSize, 0, 0},
+		{1, blockDataSize - 1, int64(fileHeaderSize), blockSize, 1, 0},
+		{blockDataSize - 1, blockDataSize - 1, int64(fileHeaderSize), 2 * blockSize, blockDataSize - 1, 0},
+		{blockDataSize, blockDataSize - 1, int64(fileHeaderSize) + blockSize, blockSize, 0, 1},
+		{blockDataSize + 1, blockDataSize - 1, int64(fileHeaderSize) + blockSize, blockSize, 1, 1},
+		// limit=blockDataSize
+		{0, blockDataSize, int64(fileHeaderSize), blockSize, 0, 0},
+		{1, blockDataSize, int64(fileHeaderSize), 2 * blockSize, 1, 0},
+		{blockDataSize - 1, blockDataSize, int64(fileHeaderSize), 2 * blockSize, blockDataSize - 1, 0},
+		{blockDataSize, blockDataSize, int64(fileHeaderSize) + blockSize, blockSize, 0, 1},
+		{blockDataSize + 1, blockDataSize, int64(fileHeaderSize) + blockSize, 2 * blockSize, 1, 1},
+		// limit=blockDataSize+1
+		{0, blockDataSize + 1, int64(fileHeaderSize), 2 * blockSize, 0, 0},
+		{1, blockDataSize + 1, int64(fileHeaderSize), 2 * blockSize, 1, 0},
+		{blockDataSize - 1, blockDataSize + 1, int64(fileHeaderSize), 2 * blockSize, blockDataSize - 1, 0},
+		{blockDataSize, blockDataSize + 1, int64(fileHeaderSize) + blockSize, 2 * blockSize, 0, 1},
+		{blockDataSize + 1, blockDataSize + 1, int64(fileHeaderSize) + blockSize, 2 * blockSize, 1, 1},
+	} {
+		what := fmt.Sprintf("offset = %d, limit = %d", test.offset, test.limit)
+		underlyingOffset, underlyingLimit, discard, blocks := calculateUnderlying(test.offset, test.limit)
+		assert.Equal(t, test.wantOffset, underlyingOffset, what)
+		assert.Equal(t, test.wantLimit, underlyingLimit, what)
+		assert.Equal(t, test.wantDiscard, discard, what)
+		assert.Equal(t, test.wantBlocks, blocks, what)
 	}
 }

 func TestDecrypterRead(t *testing.T) {
-	c, err := newCipher(NameEncryptionStandard, "", "")
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
 	assert.NoError(t, err)

 	// Test truncating the file at each possible point
@@ -936,8 +1169,6 @@ func TestDecrypterRead(t *testing.T) {
 		case i == fileHeaderSize:
 			// This would normally produce an error *except* on the first block
 			expectedErr = nil
-		case i <= fileHeaderSize+blockHeaderSize:
-			expectedErr = ErrorEncryptedFileBadHeader
 		default:
 			expectedErr = io.ErrUnexpectedEOF
 		}
@@ -980,7 +1211,7 @@ func TestDecrypterRead(t *testing.T) {
 }

 func TestDecrypterClose(t *testing.T) {
-	c, err := newCipher(NameEncryptionStandard, "", "")
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
 	assert.NoError(t, err)

 	cd := newCloseDetector(bytes.NewBuffer(file16))
@@ -991,6 +1222,7 @@ func TestDecrypterClose(t *testing.T) {
 	// close before reading
 	assert.Equal(t, nil, fh.err)
 	err = fh.Close()
+	assert.NoError(t, err)
 	assert.Equal(t, ErrorFileClosed, fh.err)
 	assert.Equal(t, 1, cd.closed)

@@ -1011,12 +1243,13 @@ func TestDecrypterClose(t *testing.T) {
 	assert.Equal(t, []byte{1}, out)
 	assert.Equal(t, io.EOF, fh.err)
 	err = fh.Close()
+	assert.NoError(t, err)
 	assert.Equal(t, ErrorFileClosed, fh.err)
 	assert.Equal(t, 1, cd.closed)
 }

 func TestPutGetBlock(t *testing.T) {
-	c, err := newCipher(NameEncryptionStandard, "", "")
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
 	assert.NoError(t, err)

 	block := c.getBlock()
@@ -1027,7 +1260,7 @@ func TestPutGetBlock(t *testing.T) {
 }

 func TestKey(t *testing.T) {
-	c, err := newCipher(NameEncryptionStandard, "", "")
+	c, err := newCipher(NameEncryptionStandard, "", "", true)
 	assert.NoError(t, err)

 	// Check zero keys OK
--- a/backend/crypt/crypt.go
+++ b/backend/crypt/crypt.go
@@ -0,0 +1,896 @@
+// Package crypt provides wrappers for Fs and Object which implement encryption
+package crypt
+
+import (
+	"fmt"
+	"io"
+	"strings"
+	"time"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/accounting"
+	"github.com/ncw/rclone/fs/config/configmap"
+	"github.com/ncw/rclone/fs/config/configstruct"
+	"github.com/ncw/rclone/fs/config/obscure"
+	"github.com/ncw/rclone/fs/fspath"
+	"github.com/ncw/rclone/fs/hash"
+	"github.com/pkg/errors"
+)
+
+// Globals
+// Register with Fs
+func init() {
+	fs.Register(&fs.RegInfo{
+		Name:        "crypt",
+		Description: "Encrypt/Decrypt a remote",
+		NewFs:       NewFs,
+		Options: []fs.Option{{
+			Name:     "remote",
+			Help:     "Remote to encrypt/decrypt.\nNormally should contain a ':' and a path, eg \"myremote:path/to/dir\",\n\"myremote:bucket\" or maybe \"myremote:\" (not recommended).",
+			Required: true,
+		}, {
+			Name:    "filename_encryption",
+			Help:    "How to encrypt the filenames.",
+			Default: "standard",
+			Examples: []fs.OptionExample{
+				{
+					Value: "off",
+					Help:  "Don't encrypt the file names.  Adds a \".bin\" extension only.",
+				}, {
+					Value: "standard",
+					Help:  "Encrypt the filenames see the docs for the details.",
+				}, {
+					Value: "obfuscate",
+					Help:  "Very simple filename obfuscation.",
+				},
+			},
+		}, {
+			Name:    "directory_name_encryption",
+			Help:    "Option to either encrypt directory names or leave them intact.",
+			Default: true,
+			Examples: []fs.OptionExample{
+				{
+					Value: "true",
+					Help:  "Encrypt directory names.",
+				},
+				{
+					Value: "false",
+					Help:  "Don't encrypt directory names, leave them intact.",
+				},
+			},
+		}, {
+			Name:       "password",
+			Help:       "Password or pass phrase for encryption.",
+			IsPassword: true,
+		}, {
+			Name:       "password2",
+			Help:       "Password or pass phrase for salt. Optional but recommended.\nShould be different to the previous password.",
+			IsPassword: true,
+		}, {
+			Name: "show_mapping",
+			Help: `For all files listed show how the names encrypt.
+
+If this flag is set then for each file that the remote is asked to
+list, it will log (at level INFO) a line stating the decrypted file
+name and the encrypted file name.
+
+This is so you can work out which encrypted names are which decrypted
+names just in case you need to do something with the encrypted file
+names, or for debugging purposes.`,
+			Default:  false,
+			Hide:     fs.OptionHideConfigurator,
+			Advanced: true,
+		}},
+	})
+}
+
+// newCipherForConfig constructs a Cipher for the given config name
+func newCipherForConfig(opt *Options) (Cipher, error) {
+	mode, err := NewNameEncryptionMode(opt.FilenameEncryption)
+	if err != nil {
+		return nil, err
+	}
+	if opt.Password == "" {
+		return nil, errors.New("password not set in config file")
+	}
+	password, err := obscure.Reveal(opt.Password)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to decrypt password")
+	}
+	var salt string
+	if opt.Password2 != "" {
+		salt, err = obscure.Reveal(opt.Password2)
+		if err != nil {
+			return nil, errors.Wrap(err, "failed to decrypt password2")
+		}
+	}
+	cipher, err := newCipher(mode, password, salt, opt.DirectoryNameEncryption)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to make cipher")
+	}
+	return cipher, nil
+}
+
+// NewCipher constructs a Cipher for the given config
+func NewCipher(m configmap.Mapper) (Cipher, error) {
+	// Parse config into Options struct
+	opt := new(Options)
+	err := configstruct.Set(m, opt)
+	if err != nil {
+		return nil, err
+	}
+	return newCipherForConfig(opt)
+}
+
+// NewFs constructs an Fs from the path, container:path
+func NewFs(name, rpath string, m configmap.Mapper) (fs.Fs, error) {
+	// Parse config into Options struct
+	opt := new(Options)
+	err := configstruct.Set(m, opt)
+	if err != nil {
+		return nil, err
+	}
+	cipher, err := newCipherForConfig(opt)
+	if err != nil {
+		return nil, err
+	}
+	remote := opt.Remote
+	if strings.HasPrefix(remote, name+":") {
+		return nil, errors.New("can't point crypt remote at itself - check the value of the remote setting")
+	}
+	wInfo, wName, wPath, wConfig, err := fs.ConfigFs(remote)
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to parse remote %q to wrap", remote)
+	}
+	// Look for a file first
+	remotePath := fspath.JoinRootPath(wPath, cipher.EncryptFileName(rpath))
+	wrappedFs, err := wInfo.NewFs(wName, remotePath, wConfig)
+	// if that didn't produce a file, look for a directory
+	if err != fs.ErrorIsFile {
+		remotePath = fspath.JoinRootPath(wPath, cipher.EncryptDirName(rpath))
+		wrappedFs, err = wInfo.NewFs(wName, remotePath, wConfig)
+	}
+	if err != fs.ErrorIsFile && err != nil {
+		return nil, errors.Wrapf(err, "failed to make remote %s:%q to wrap", wName, remotePath)
+	}
+	f := &Fs{
+		Fs:     wrappedFs,
+		name:   name,
+		root:   rpath,
+		opt:    *opt,
+		cipher: cipher,
+	}
+	// the features here are ones we could support, and they are
+	// ANDed with the ones from wrappedFs
+	f.features = (&fs.Features{
+		CaseInsensitive:         cipher.NameEncryptionMode() == NameEncryptionOff,
+		DuplicateFiles:          true,
+		ReadMimeType:            false, // MimeTypes not supported with crypt
+		WriteMimeType:           false,
+		BucketBased:             true,
+		CanHaveEmptyDirectories: true,
+		SetTier:                 true,
+		GetTier:                 true,
+	}).Fill(f).Mask(wrappedFs).WrapsFs(f, wrappedFs)
+
+	return f, err
+}
+
+// Options defines the configuration for this backend
+type Options struct {
+	Remote                  string `config:"remote"`
+	FilenameEncryption      string `config:"filename_encryption"`
+	DirectoryNameEncryption bool   `config:"directory_name_encryption"`
+	Password                string `config:"password"`
+	Password2               string `config:"password2"`
+	ShowMapping             bool   `config:"show_mapping"`
+}
+
+// Fs represents a wrapped fs.Fs
+type Fs struct {
+	fs.Fs
+	wrapper  fs.Fs
+	name     string
+	root     string
+	opt      Options
+	features *fs.Features // optional features
+	cipher   Cipher
+}
+
+// Name of the remote (as passed into NewFs)
+func (f *Fs) Name() string {
+	return f.name
+}
+
+// Root of the remote (as passed into NewFs)
+func (f *Fs) Root() string {
+	return f.root
+}
+
+// Features returns the optional features of this Fs
+func (f *Fs) Features() *fs.Features {
+	return f.features
+}
+
+// String returns a description of the FS
+func (f *Fs) String() string {
+	return fmt.Sprintf("Encrypted drive '%s:%s'", f.name, f.root)
+}
+
+// Encrypt an object file name to entries.
+func (f *Fs) add(entries *fs.DirEntries, obj fs.Object) {
+	remote := obj.Remote()
+	decryptedRemote, err := f.cipher.DecryptFileName(remote)
+	if err != nil {
+		fs.Debugf(remote, "Skipping undecryptable file name: %v", err)
+		return
+	}
+	if f.opt.ShowMapping {
+		fs.Logf(decryptedRemote, "Encrypts to %q", remote)
+	}
+	*entries = append(*entries, f.newObject(obj))
+}
+
+// Encrypt an directory file name to entries.
+func (f *Fs) addDir(entries *fs.DirEntries, dir fs.Directory) {
+	remote := dir.Remote()
+	decryptedRemote, err := f.cipher.DecryptDirName(remote)
+	if err != nil {
+		fs.Debugf(remote, "Skipping undecryptable dir name: %v", err)
+		return
+	}
+	if f.opt.ShowMapping {
+		fs.Logf(decryptedRemote, "Encrypts to %q", remote)
+	}
+	*entries = append(*entries, f.newDir(dir))
+}
+
+// Encrypt some directory entries.  This alters entries returning it as newEntries.
+func (f *Fs) encryptEntries(entries fs.DirEntries) (newEntries fs.DirEntries, err error) {
+	newEntries = entries[:0] // in place filter
+	for _, entry := range entries {
+		switch x := entry.(type) {
+		case fs.Object:
+			f.add(&newEntries, x)
+		case fs.Directory:
+			f.addDir(&newEntries, x)
+		default:
+			return nil, errors.Errorf("Unknown object type %T", entry)
+		}
+	}
+	return newEntries, nil
+}
+
+// List the objects and directories in dir into entries.  The
+// entries can be returned in any order but should be for a
+// complete directory.
+//
+// dir should be "" to list the root, and should not have
+// trailing slashes.
+//
+// This should return ErrDirNotFound if the directory isn't
+// found.
+func (f *Fs) List(dir string) (entries fs.DirEntries, err error) {
+	entries, err = f.Fs.List(f.cipher.EncryptDirName(dir))
+	if err != nil {
+		return nil, err
+	}
+	return f.encryptEntries(entries)
+}
+
+// ListR lists the objects and directories of the Fs starting
+// from dir recursively into out.
+//
+// dir should be "" to start from the root, and should not
+// have trailing slashes.
+//
+// This should return ErrDirNotFound if the directory isn't
+// found.
+//
+// It should call callback for each tranche of entries read.
+// These need not be returned in any particular order.  If
+// callback returns an error then the listing will stop
+// immediately.
+//
+// Don't implement this unless you have a more efficient way
+// of listing recursively that doing a directory traversal.
+func (f *Fs) ListR(dir string, callback fs.ListRCallback) (err error) {
+	return f.Fs.Features().ListR(f.cipher.EncryptDirName(dir), func(entries fs.DirEntries) error {
+		newEntries, err := f.encryptEntries(entries)
+		if err != nil {
+			return err
+		}
+		return callback(newEntries)
+	})
+}
+
+// NewObject finds the Object at remote.
+func (f *Fs) NewObject(remote string) (fs.Object, error) {
+	o, err := f.Fs.NewObject(f.cipher.EncryptFileName(remote))
+	if err != nil {
+		return nil, err
+	}
+	return f.newObject(o), nil
+}
+
+type putFn func(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error)
+
+// put implements Put or PutStream
+func (f *Fs) put(in io.Reader, src fs.ObjectInfo, options []fs.OpenOption, put putFn) (fs.Object, error) {
+	// Encrypt the data into wrappedIn
+	wrappedIn, err := f.cipher.EncryptData(in)
+	if err != nil {
+		return nil, err
+	}
+
+	// Find a hash the destination supports to compute a hash of
+	// the encrypted data
+	ht := f.Fs.Hashes().GetOne()
+	var hasher *hash.MultiHasher
+	if ht != hash.None {
+		hasher, err = hash.NewMultiHasherTypes(hash.NewHashSet(ht))
+		if err != nil {
+			return nil, err
+		}
+		// unwrap the accounting
+		var wrap accounting.WrapFn
+		wrappedIn, wrap = accounting.UnWrap(wrappedIn)
+		// add the hasher
+		wrappedIn = io.TeeReader(wrappedIn, hasher)
+		// wrap the accounting back on
+		wrappedIn = wrap(wrappedIn)
+	}
+
+	// Transfer the data
+	o, err := put(wrappedIn, f.newObjectInfo(src), options...)
+	if err != nil {
+		return nil, err
+	}
+
+	// Check the hashes of the encrypted data if we were comparing them
+	if ht != hash.None && hasher != nil {
+		srcHash := hasher.Sums()[ht]
+		var dstHash string
+		dstHash, err = o.Hash(ht)
+		if err != nil {
+			return nil, errors.Wrap(err, "failed to read destination hash")
+		}
+		if srcHash != "" && dstHash != "" && srcHash != dstHash {
+			// remove object
+			err = o.Remove()
+			if err != nil {
+				fs.Errorf(o, "Failed to remove corrupted object: %v", err)
+			}
+			return nil, errors.Errorf("corrupted on transfer: %v crypted hash differ %q vs %q", ht, srcHash, dstHash)
+		}
+	}
+
+	return f.newObject(o), nil
+}
+
+// Put in to the remote path with the modTime given of the given size
+//
+// May create the object even if it returns an error - if so
+// will return the object and the error, otherwise will return
+// nil and the error
+func (f *Fs) Put(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+	return f.put(in, src, options, f.Fs.Put)
+}
+
+// PutStream uploads to the remote path with the modTime given of indeterminate size
+func (f *Fs) PutStream(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+	return f.put(in, src, options, f.Fs.Features().PutStream)
+}
+
+// Hashes returns the supported hash sets.
+func (f *Fs) Hashes() hash.Set {
+	return hash.Set(hash.None)
+}
+
+// Mkdir makes the directory (container, bucket)
+//
+// Shouldn't return an error if it already exists
+func (f *Fs) Mkdir(dir string) error {
+	return f.Fs.Mkdir(f.cipher.EncryptDirName(dir))
+}
+
+// Rmdir removes the directory (container, bucket) if empty
+//
+// Return an error if it doesn't exist or isn't empty
+func (f *Fs) Rmdir(dir string) error {
+	return f.Fs.Rmdir(f.cipher.EncryptDirName(dir))
+}
+
+// Purge all files in the root and the root directory
+//
+// Implement this if you have a way of deleting all the files
+// quicker than just running Remove() on the result of List()
+//
+// Return an error if it doesn't exist
+func (f *Fs) Purge() error {
+	do := f.Fs.Features().Purge
+	if do == nil {
+		return fs.ErrorCantPurge
+	}
+	return do()
+}
+
+// Copy src to this remote using server side copy operations.
+//
+// This is stored with the remote path given
+//
+// It returns the destination Object and a possible error
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantCopy
+func (f *Fs) Copy(src fs.Object, remote string) (fs.Object, error) {
+	do := f.Fs.Features().Copy
+	if do == nil {
+		return nil, fs.ErrorCantCopy
+	}
+	o, ok := src.(*Object)
+	if !ok {
+		return nil, fs.ErrorCantCopy
+	}
+	oResult, err := do(o.Object, f.cipher.EncryptFileName(remote))
+	if err != nil {
+		return nil, err
+	}
+	return f.newObject(oResult), nil
+}
+
+// Move src to this remote using server side move operations.
+//
+// This is stored with the remote path given
+//
+// It returns the destination Object and a possible error
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantMove
+func (f *Fs) Move(src fs.Object, remote string) (fs.Object, error) {
+	do := f.Fs.Features().Move
+	if do == nil {
+		return nil, fs.ErrorCantMove
+	}
+	o, ok := src.(*Object)
+	if !ok {
+		return nil, fs.ErrorCantMove
+	}
+	oResult, err := do(o.Object, f.cipher.EncryptFileName(remote))
+	if err != nil {
+		return nil, err
+	}
+	return f.newObject(oResult), nil
+}
+
+// DirMove moves src, srcRemote to this remote at dstRemote
+// using server side move operations.
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantDirMove
+//
+// If destination exists then return fs.ErrorDirExists
+func (f *Fs) DirMove(src fs.Fs, srcRemote, dstRemote string) error {
+	do := f.Fs.Features().DirMove
+	if do == nil {
+		return fs.ErrorCantDirMove
+	}
+	srcFs, ok := src.(*Fs)
+	if !ok {
+		fs.Debugf(srcFs, "Can't move directory - not same remote type")
+		return fs.ErrorCantDirMove
+	}
+	return do(srcFs.Fs, f.cipher.EncryptDirName(srcRemote), f.cipher.EncryptDirName(dstRemote))
+}
+
+// PutUnchecked uploads the object
+//
+// This will create a duplicate if we upload a new file without
+// checking to see if there is one already - use Put() for that.
+func (f *Fs) PutUnchecked(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+	do := f.Fs.Features().PutUnchecked
+	if do == nil {
+		return nil, errors.New("can't PutUnchecked")
+	}
+	wrappedIn, err := f.cipher.EncryptData(in)
+	if err != nil {
+		return nil, err
+	}
+	o, err := do(wrappedIn, f.newObjectInfo(src))
+	if err != nil {
+		return nil, err
+	}
+	return f.newObject(o), nil
+}
+
+// CleanUp the trash in the Fs
+//
+// Implement this if you have a way of emptying the trash or
+// otherwise cleaning up old versions of files.
+func (f *Fs) CleanUp() error {
+	do := f.Fs.Features().CleanUp
+	if do == nil {
+		return errors.New("can't CleanUp")
+	}
+	return do()
+}
+
+// About gets quota information from the Fs
+func (f *Fs) About() (*fs.Usage, error) {
+	do := f.Fs.Features().About
+	if do == nil {
+		return nil, errors.New("About not supported")
+	}
+	return do()
+}
+
+// UnWrap returns the Fs that this Fs is wrapping
+func (f *Fs) UnWrap() fs.Fs {
+	return f.Fs
+}
+
+// WrapFs returns the Fs that is wrapping this Fs
+func (f *Fs) WrapFs() fs.Fs {
+	return f.wrapper
+}
+
+// SetWrapper sets the Fs that is wrapping this Fs
+func (f *Fs) SetWrapper(wrapper fs.Fs) {
+	f.wrapper = wrapper
+}
+
+// EncryptFileName returns an encrypted file name
+func (f *Fs) EncryptFileName(fileName string) string {
+	return f.cipher.EncryptFileName(fileName)
+}
+
+// DecryptFileName returns a decrypted file name
+func (f *Fs) DecryptFileName(encryptedFileName string) (string, error) {
+	return f.cipher.DecryptFileName(encryptedFileName)
+}
+
+// ComputeHash takes the nonce from o, and encrypts the contents of
+// src with it, and calculates the hash given by HashType on the fly
+//
+// Note that we break lots of encapsulation in this function.
+func (f *Fs) ComputeHash(o *Object, src fs.Object, hashType hash.Type) (hashStr string, err error) {
+	// Read the nonce - opening the file is sufficient to read the nonce in
+	// use a limited read so we only read the header
+	in, err := o.Object.Open(&fs.RangeOption{Start: 0, End: int64(fileHeaderSize) - 1})
+	if err != nil {
+		return "", errors.Wrap(err, "failed to open object to read nonce")
+	}
+	d, err := f.cipher.(*cipher).newDecrypter(in)
+	if err != nil {
+		_ = in.Close()
+		return "", errors.Wrap(err, "failed to open object to read nonce")
+	}
+	nonce := d.nonce
+	// fs.Debugf(o, "Read nonce % 2x", nonce)
+
+	// Check nonce isn't all zeros
+	isZero := true
+	for i := range nonce {
+		if nonce[i] != 0 {
+			isZero = false
+		}
+	}
+	if isZero {
+		fs.Errorf(o, "empty nonce read")
+	}
+
+	// Close d (and hence in) once we have read the nonce
+	err = d.Close()
+	if err != nil {
+		return "", errors.Wrap(err, "failed to close nonce read")
+	}
+
+	// Open the src for input
+	in, err = src.Open()
+	if err != nil {
+		return "", errors.Wrap(err, "failed to open src")
+	}
+	defer fs.CheckClose(in, &err)
+
+	// Now encrypt the src with the nonce
+	out, err := f.cipher.(*cipher).newEncrypter(in, &nonce)
+	if err != nil {
+		return "", errors.Wrap(err, "failed to make encrypter")
+	}
+
+	// pipe into hash
+	m, err := hash.NewMultiHasherTypes(hash.NewHashSet(hashType))
+	if err != nil {
+		return "", errors.Wrap(err, "failed to make hasher")
+	}
+	_, err = io.Copy(m, out)
+	if err != nil {
+		return "", errors.Wrap(err, "failed to hash data")
+	}
+
+	return m.Sums()[hashType], nil
+}
+
+// MergeDirs merges the contents of all the directories passed
+// in into the first one and rmdirs the other directories.
+func (f *Fs) MergeDirs(dirs []fs.Directory) error {
+	do := f.Fs.Features().MergeDirs
+	if do == nil {
+		return errors.New("MergeDirs not supported")
+	}
+	out := make([]fs.Directory, len(dirs))
+	for i, dir := range dirs {
+		out[i] = fs.NewDirCopy(dir).SetRemote(f.cipher.EncryptDirName(dir.Remote()))
+	}
+	return do(out)
+}
+
+// DirCacheFlush resets the directory cache - used in testing
+// as an optional interface
+func (f *Fs) DirCacheFlush() {
+	do := f.Fs.Features().DirCacheFlush
+	if do != nil {
+		do()
+	}
+}
+
+// PublicLink generates a public link to the remote path (usually readable by anyone)
+func (f *Fs) PublicLink(remote string) (string, error) {
+	do := f.Fs.Features().PublicLink
+	if do == nil {
+		return "", errors.New("PublicLink not supported")
+	}
+	o, err := f.NewObject(remote)
+	if err != nil {
+		// assume it is a directory
+		return do(f.cipher.EncryptDirName(remote))
+	}
+	return do(o.(*Object).Object.Remote())
+}
+
+// ChangeNotify calls the passed function with a path
+// that has had changes. If the implementation
+// uses polling, it should adhere to the given interval.
+func (f *Fs) ChangeNotify(notifyFunc func(string, fs.EntryType), pollIntervalChan <-chan time.Duration) {
+	do := f.Fs.Features().ChangeNotify
+	if do == nil {
+		return
+	}
+	wrappedNotifyFunc := func(path string, entryType fs.EntryType) {
+		fs.Logf(f, "path %q entryType %d", path, entryType)
+		var (
+			err       error
+			decrypted string
+		)
+		switch entryType {
+		case fs.EntryDirectory:
+			decrypted, err = f.cipher.DecryptDirName(path)
+		case fs.EntryObject:
+			decrypted, err = f.cipher.DecryptFileName(path)
+		default:
+			fs.Errorf(path, "crypt ChangeNotify: ignoring unknown EntryType %d", entryType)
+			return
+		}
+		if err != nil {
+			fs.Logf(f, "ChangeNotify was unable to decrypt %q: %s", path, err)
+			return
+		}
+		notifyFunc(decrypted, entryType)
+	}
+	do(wrappedNotifyFunc, pollIntervalChan)
+}
+
+// Object describes a wrapped for being read from the Fs
+//
+// This decrypts the remote name and decrypts the data
+type Object struct {
+	fs.Object
+	f *Fs
+}
+
+func (f *Fs) newObject(o fs.Object) *Object {
+	return &Object{
+		Object: o,
+		f:      f,
+	}
+}
+
+// Fs returns read only access to the Fs that this object is part of
+func (o *Object) Fs() fs.Info {
+	return o.f
+}
+
+// Return a string version
+func (o *Object) String() string {
+	if o == nil {
+		return "<nil>"
+	}
+	return o.Remote()
+}
+
+// Remote returns the remote path
+func (o *Object) Remote() string {
+	remote := o.Object.Remote()
+	decryptedName, err := o.f.cipher.DecryptFileName(remote)
+	if err != nil {
+		fs.Debugf(remote, "Undecryptable file name: %v", err)
+		return remote
+	}
+	return decryptedName
+}
+
+// Size returns the size of the file
+func (o *Object) Size() int64 {
+	size, err := o.f.cipher.DecryptedSize(o.Object.Size())
+	if err != nil {
+		fs.Debugf(o, "Bad size for decrypt: %v", err)
+	}
+	return size
+}
+
+// Hash returns the selected checksum of the file
+// If no checksum is available it returns ""
+func (o *Object) Hash(ht hash.Type) (string, error) {
+	return "", hash.ErrUnsupported
+}
+
+// UnWrap returns the wrapped Object
+func (o *Object) UnWrap() fs.Object {
+	return o.Object
+}
+
+// Open opens the file for read.  Call Close() on the returned io.ReadCloser
+func (o *Object) Open(options ...fs.OpenOption) (rc io.ReadCloser, err error) {
+	var openOptions []fs.OpenOption
+	var offset, limit int64 = 0, -1
+	for _, option := range options {
+		switch x := option.(type) {
+		case *fs.SeekOption:
+			offset = x.Offset
+		case *fs.RangeOption:
+			offset, limit = x.Decode(o.Size())
+		default:
+			// pass on Options to underlying open if appropriate
+			openOptions = append(openOptions, option)
+		}
+	}
+	rc, err = o.f.cipher.DecryptDataSeek(func(underlyingOffset, underlyingLimit int64) (io.ReadCloser, error) {
+		if underlyingOffset == 0 && underlyingLimit < 0 {
+			// Open with no seek
+			return o.Object.Open(openOptions...)
+		}
+		// Open stream with a range of underlyingOffset, underlyingLimit
+		end := int64(-1)
+		if underlyingLimit >= 0 {
+			end = underlyingOffset + underlyingLimit - 1
+			if end >= o.Object.Size() {
+				end = -1
+			}
+		}
+		newOpenOptions := append(openOptions, &fs.RangeOption{Start: underlyingOffset, End: end})
+		return o.Object.Open(newOpenOptions...)
+	}, offset, limit)
+	if err != nil {
+		return nil, err
+	}
+	return rc, nil
+}
+
+// Update in to the object with the modTime given of the given size
+func (o *Object) Update(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) error {
+	update := func(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+		return o.Object, o.Object.Update(in, src, options...)
+	}
+	_, err := o.f.put(in, src, options, update)
+	return err
+}
+
+// newDir returns a dir with the Name decrypted
+func (f *Fs) newDir(dir fs.Directory) fs.Directory {
+	newDir := fs.NewDirCopy(dir)
+	remote := dir.Remote()
+	decryptedRemote, err := f.cipher.DecryptDirName(remote)
+	if err != nil {
+		fs.Debugf(remote, "Undecryptable dir name: %v", err)
+	} else {
+		newDir.SetRemote(decryptedRemote)
+	}
+	return newDir
+}
+
+// ObjectInfo describes a wrapped fs.ObjectInfo for being the source
+//
+// This encrypts the remote name and adjusts the size
+type ObjectInfo struct {
+	fs.ObjectInfo
+	f *Fs
+}
+
+func (f *Fs) newObjectInfo(src fs.ObjectInfo) *ObjectInfo {
+	return &ObjectInfo{
+		ObjectInfo: src,
+		f:          f,
+	}
+}
+
+// Fs returns read only access to the Fs that this object is part of
+func (o *ObjectInfo) Fs() fs.Info {
+	return o.f
+}
+
+// Remote returns the remote path
+func (o *ObjectInfo) Remote() string {
+	return o.f.cipher.EncryptFileName(o.ObjectInfo.Remote())
+}
+
+// Size returns the size of the file
+func (o *ObjectInfo) Size() int64 {
+	size := o.ObjectInfo.Size()
+	if size < 0 {
+		return size
+	}
+	return o.f.cipher.EncryptedSize(size)
+}
+
+// Hash returns the selected checksum of the file
+// If no checksum is available it returns ""
+func (o *ObjectInfo) Hash(hash hash.Type) (string, error) {
+	return "", nil
+}
+
+// ID returns the ID of the Object if known, or "" if not
+func (o *Object) ID() string {
+	do, ok := o.Object.(fs.IDer)
+	if !ok {
+		return ""
+	}
+	return do.ID()
+}
+
+// SetTier performs changing storage tier of the Object if
+// multiple storage classes supported
+func (o *Object) SetTier(tier string) error {
+	do, ok := o.Object.(fs.SetTierer)
+	if !ok {
+		return errors.New("crypt: underlying remote does not support SetTier")
+	}
+	return do.SetTier(tier)
+}
+
+// GetTier returns storage tier or class of the Object
+func (o *Object) GetTier() string {
+	do, ok := o.Object.(fs.GetTierer)
+	if !ok {
+		return ""
+	}
+	return do.GetTier()
+}
+
+// Check the interfaces are satisfied
+var (
+	_ fs.Fs              = (*Fs)(nil)
+	_ fs.Purger          = (*Fs)(nil)
+	_ fs.Copier          = (*Fs)(nil)
+	_ fs.Mover           = (*Fs)(nil)
+	_ fs.DirMover        = (*Fs)(nil)
+	_ fs.PutUncheckeder  = (*Fs)(nil)
+	_ fs.PutStreamer     = (*Fs)(nil)
+	_ fs.CleanUpper      = (*Fs)(nil)
+	_ fs.UnWrapper       = (*Fs)(nil)
+	_ fs.ListRer         = (*Fs)(nil)
+	_ fs.Abouter         = (*Fs)(nil)
+	_ fs.Wrapper         = (*Fs)(nil)
+	_ fs.MergeDirser     = (*Fs)(nil)
+	_ fs.DirCacheFlusher = (*Fs)(nil)
+	_ fs.ChangeNotifier  = (*Fs)(nil)
+	_ fs.PublicLinker    = (*Fs)(nil)
+	_ fs.ObjectInfo      = (*ObjectInfo)(nil)
+	_ fs.Object          = (*Object)(nil)
+	_ fs.ObjectUnWrapper = (*Object)(nil)
+	_ fs.IDer            = (*Object)(nil)
+	_ fs.SetTierer       = (*Object)(nil)
+	_ fs.GetTierer       = (*Object)(nil)
+)
--- a/backend/crypt/crypt_test.go
+++ b/backend/crypt/crypt_test.go
@@ -0,0 +1,89 @@
+// Test Crypt filesystem interface
+package crypt_test
+
+import (
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/ncw/rclone/backend/crypt"
+	_ "github.com/ncw/rclone/backend/drive" // for integration tests
+	_ "github.com/ncw/rclone/backend/local"
+	_ "github.com/ncw/rclone/backend/swift" // for integration tests
+	"github.com/ncw/rclone/fs/config/obscure"
+	"github.com/ncw/rclone/fstest"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	if *fstest.RemoteName == "" {
+		t.Skip("Skipping as -remote not set")
+	}
+	fstests.Run(t, &fstests.Opt{
+		RemoteName:                   *fstest.RemoteName,
+		NilObject:                    (*crypt.Object)(nil),
+		UnimplementableObjectMethods: []string{"MimeType"},
+	})
+}
+
+// TestStandard runs integration tests against the remote
+func TestStandard(t *testing.T) {
+	if *fstest.RemoteName != "" {
+		t.Skip("Skipping as -remote set")
+	}
+	tempdir := filepath.Join(os.TempDir(), "rclone-crypt-test-standard")
+	name := "TestCrypt"
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: name + ":",
+		NilObject:  (*crypt.Object)(nil),
+		ExtraConfig: []fstests.ExtraConfigItem{
+			{Name: name, Key: "type", Value: "crypt"},
+			{Name: name, Key: "remote", Value: tempdir},
+			{Name: name, Key: "password", Value: obscure.MustObscure("potato")},
+			{Name: name, Key: "filename_encryption", Value: "standard"},
+		},
+		UnimplementableObjectMethods: []string{"MimeType"},
+	})
+}
+
+// TestOff runs integration tests against the remote
+func TestOff(t *testing.T) {
+	if *fstest.RemoteName != "" {
+		t.Skip("Skipping as -remote set")
+	}
+	tempdir := filepath.Join(os.TempDir(), "rclone-crypt-test-off")
+	name := "TestCrypt2"
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: name + ":",
+		NilObject:  (*crypt.Object)(nil),
+		ExtraConfig: []fstests.ExtraConfigItem{
+			{Name: name, Key: "type", Value: "crypt"},
+			{Name: name, Key: "remote", Value: tempdir},
+			{Name: name, Key: "password", Value: obscure.MustObscure("potato2")},
+			{Name: name, Key: "filename_encryption", Value: "off"},
+		},
+		UnimplementableObjectMethods: []string{"MimeType"},
+	})
+}
+
+// TestObfuscate runs integration tests against the remote
+func TestObfuscate(t *testing.T) {
+	if *fstest.RemoteName != "" {
+		t.Skip("Skipping as -remote set")
+	}
+	tempdir := filepath.Join(os.TempDir(), "rclone-crypt-test-obfuscate")
+	name := "TestCrypt3"
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: name + ":",
+		NilObject:  (*crypt.Object)(nil),
+		ExtraConfig: []fstests.ExtraConfigItem{
+			{Name: name, Key: "type", Value: "crypt"},
+			{Name: name, Key: "remote", Value: tempdir},
+			{Name: name, Key: "password", Value: obscure.MustObscure("potato2")},
+			{Name: name, Key: "filename_encryption", Value: "obfuscate"},
+		},
+		SkipBadWindowsCharacters:     true,
+		UnimplementableObjectMethods: []string{"MimeType"},
+	})
+}
--- a/backend/crypt/pkcs7/pkcs7.go
+++ b/backend/crypt/pkcs7/pkcs7.go
--- a/backend/crypt/pkcs7/pkcs7_test.go
+++ b/backend/crypt/pkcs7/pkcs7_test.go
--- a/backend/drive/drive.go
+++ b/backend/drive/drive.go
--- a/backend/drive/drive_internal_test.go
+++ b/backend/drive/drive_internal_test.go
@@ -0,0 +1,286 @@
+package drive
+
+import (
+	"bytes"
+	"encoding/json"
+	"io"
+	"io/ioutil"
+	"mime"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	_ "github.com/ncw/rclone/backend/local"
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/operations"
+	"github.com/ncw/rclone/fstest/fstests"
+	"github.com/pkg/errors"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	"google.golang.org/api/drive/v3"
+)
+
+func TestDriveScopes(t *testing.T) {
+	for _, test := range []struct {
+		in       string
+		want     []string
+		wantFlag bool
+	}{
+		{"", []string{
+			"https://www.googleapis.com/auth/drive",
+		}, false},
+		{" drive.file , drive.readonly", []string{
+			"https://www.googleapis.com/auth/drive.file",
+			"https://www.googleapis.com/auth/drive.readonly",
+		}, false},
+		{" drive.file , drive.appfolder", []string{
+			"https://www.googleapis.com/auth/drive.file",
+			"https://www.googleapis.com/auth/drive.appfolder",
+		}, true},
+	} {
+		got := driveScopes(test.in)
+		assert.Equal(t, test.want, got, test.in)
+		gotFlag := driveScopesContainsAppFolder(got)
+		assert.Equal(t, test.wantFlag, gotFlag, test.in)
+	}
+}
+
+/*
+var additionalMimeTypes = map[string]string{
+	"application/vnd.ms-excel.sheet.macroenabled.12":                          ".xlsm",
+	"application/vnd.ms-excel.template.macroenabled.12":                       ".xltm",
+	"application/vnd.ms-powerpoint.presentation.macroenabled.12":              ".pptm",
+	"application/vnd.ms-powerpoint.slideshow.macroenabled.12":                 ".ppsm",
+	"application/vnd.ms-powerpoint.template.macroenabled.12":                  ".potm",
+	"application/vnd.ms-powerpoint":                                           ".ppt",
+	"application/vnd.ms-word.document.macroenabled.12":                        ".docm",
+	"application/vnd.ms-word.template.macroenabled.12":                        ".dotm",
+	"application/vnd.openxmlformats-officedocument.presentationml.template":   ".potx",
+	"application/vnd.openxmlformats-officedocument.spreadsheetml.template":    ".xltx",
+	"application/vnd.openxmlformats-officedocument.wordprocessingml.template": ".dotx",
+	"application/vnd.sun.xml.writer":                                          ".sxw",
+	"text/richtext":                                                           ".rtf",
+}
+*/
+
+// Load the example export formats into exportFormats for testing
+func TestInternalLoadExampleFormats(t *testing.T) {
+	fetchFormatsOnce.Do(func() {})
+	buf, err := ioutil.ReadFile(filepath.FromSlash("test/about.json"))
+	var about struct {
+		ExportFormats map[string][]string `json:"exportFormats,omitempty"`
+		ImportFormats map[string][]string `json:"importFormats,omitempty"`
+	}
+	require.NoError(t, err)
+	require.NoError(t, json.Unmarshal(buf, &about))
+	_exportFormats = fixMimeTypeMap(about.ExportFormats)
+	_importFormats = fixMimeTypeMap(about.ImportFormats)
+}
+
+func TestInternalParseExtensions(t *testing.T) {
+	for _, test := range []struct {
+		in      string
+		want    []string
+		wantErr error
+	}{
+		{"doc", []string{".doc"}, nil},
+		{" docx ,XLSX, 	pptx,svg", []string{".docx", ".xlsx", ".pptx", ".svg"}, nil},
+		{"docx,svg,Docx", []string{".docx", ".svg"}, nil},
+		{"docx,potato,docx", []string{".docx"}, errors.New(`couldn't find MIME type for extension ".potato"`)},
+	} {
+		extensions, _, gotErr := parseExtensions(test.in)
+		if test.wantErr == nil {
+			assert.NoError(t, gotErr)
+		} else {
+			assert.EqualError(t, gotErr, test.wantErr.Error())
+		}
+		assert.Equal(t, test.want, extensions)
+	}
+
+	// Test it is appending
+	extensions, _, gotErr := parseExtensions("docx,svg", "docx,svg,xlsx")
+	assert.NoError(t, gotErr)
+	assert.Equal(t, []string{".docx", ".svg", ".xlsx"}, extensions)
+}
+
+func TestInternalFindExportFormat(t *testing.T) {
+	item := &drive.File{
+		Name:     "file",
+		MimeType: "application/vnd.google-apps.document",
+	}
+	for _, test := range []struct {
+		extensions    []string
+		wantExtension string
+		wantMimeType  string
+	}{
+		{[]string{}, "", ""},
+		{[]string{".pdf"}, ".pdf", "application/pdf"},
+		{[]string{".pdf", ".rtf", ".xls"}, ".pdf", "application/pdf"},
+		{[]string{".xls", ".rtf", ".pdf"}, ".rtf", "application/rtf"},
+		{[]string{".xls", ".csv", ".svg"}, "", ""},
+	} {
+		f := new(Fs)
+		f.exportExtensions = test.extensions
+		gotExtension, gotFilename, gotMimeType, gotIsDocument := f.findExportFormat(item)
+		assert.Equal(t, test.wantExtension, gotExtension)
+		if test.wantExtension != "" {
+			assert.Equal(t, item.Name+gotExtension, gotFilename)
+		} else {
+			assert.Equal(t, "", gotFilename)
+		}
+		assert.Equal(t, test.wantMimeType, gotMimeType)
+		assert.Equal(t, true, gotIsDocument)
+	}
+}
+
+func TestMimeTypesToExtension(t *testing.T) {
+	for mimeType, extension := range _mimeTypeToExtension {
+		extensions, err := mime.ExtensionsByType(mimeType)
+		assert.NoError(t, err)
+		assert.Contains(t, extensions, extension)
+	}
+}
+
+func TestExtensionToMimeType(t *testing.T) {
+	for mimeType, extension := range _mimeTypeToExtension {
+		gotMimeType := mime.TypeByExtension(extension)
+		mediatype, _, err := mime.ParseMediaType(gotMimeType)
+		assert.NoError(t, err)
+		assert.Equal(t, mimeType, mediatype)
+	}
+}
+
+func TestExtensionsForExportFormats(t *testing.T) {
+	if _exportFormats == nil {
+		t.Error("exportFormats == nil")
+	}
+	for fromMT, toMTs := range _exportFormats {
+		for _, toMT := range toMTs {
+			if !isInternalMimeType(toMT) {
+				extensions, err := mime.ExtensionsByType(toMT)
+				assert.NoError(t, err, "invalid MIME type %q", toMT)
+				assert.NotEmpty(t, extensions, "No extension found for %q (from: %q)", fromMT, toMT)
+			}
+		}
+	}
+}
+
+func TestExtensionsForImportFormats(t *testing.T) {
+	t.Skip()
+	if _importFormats == nil {
+		t.Error("_importFormats == nil")
+	}
+	for fromMT := range _importFormats {
+		if !isInternalMimeType(fromMT) {
+			extensions, err := mime.ExtensionsByType(fromMT)
+			assert.NoError(t, err, "invalid MIME type %q", fromMT)
+			assert.NotEmpty(t, extensions, "No extension found for %q", fromMT)
+		}
+	}
+}
+
+func (f *Fs) InternalTestDocumentImport(t *testing.T) {
+	oldAllow := f.opt.AllowImportNameChange
+	f.opt.AllowImportNameChange = true
+	defer func() {
+		f.opt.AllowImportNameChange = oldAllow
+	}()
+
+	testFilesPath, err := filepath.Abs(filepath.FromSlash("test/files"))
+	require.NoError(t, err)
+
+	testFilesFs, err := fs.NewFs(testFilesPath)
+	require.NoError(t, err)
+
+	_, f.importMimeTypes, err = parseExtensions("odt,ods,doc")
+	require.NoError(t, err)
+
+	err = operations.CopyFile(f, testFilesFs, "example2.doc", "example2.doc")
+	require.NoError(t, err)
+}
+
+func (f *Fs) InternalTestDocumentUpdate(t *testing.T) {
+	testFilesPath, err := filepath.Abs(filepath.FromSlash("test/files"))
+	require.NoError(t, err)
+
+	testFilesFs, err := fs.NewFs(testFilesPath)
+	require.NoError(t, err)
+
+	_, f.importMimeTypes, err = parseExtensions("odt,ods,doc")
+	require.NoError(t, err)
+
+	err = operations.CopyFile(f, testFilesFs, "example2.xlsx", "example1.ods")
+	require.NoError(t, err)
+}
+
+func (f *Fs) InternalTestDocumentExport(t *testing.T) {
+	var buf bytes.Buffer
+	var err error
+
+	f.exportExtensions, _, err = parseExtensions("txt")
+	require.NoError(t, err)
+
+	obj, err := f.NewObject("example2.txt")
+	require.NoError(t, err)
+
+	rc, err := obj.Open()
+	require.NoError(t, err)
+	defer func() { require.NoError(t, rc.Close()) }()
+
+	_, err = io.Copy(&buf, rc)
+	require.NoError(t, err)
+	text := buf.String()
+
+	for _, excerpt := range []string{
+		"Lorem ipsum dolor sit amet, consectetur",
+		"porta at ultrices in, consectetur at augue.",
+	} {
+		require.Contains(t, text, excerpt)
+	}
+}
+
+func (f *Fs) InternalTestDocumentLink(t *testing.T) {
+	var buf bytes.Buffer
+	var err error
+
+	f.exportExtensions, _, err = parseExtensions("link.html")
+	require.NoError(t, err)
+
+	obj, err := f.NewObject("example2.link.html")
+	require.NoError(t, err)
+
+	rc, err := obj.Open()
+	require.NoError(t, err)
+	defer func() { require.NoError(t, rc.Close()) }()
+
+	_, err = io.Copy(&buf, rc)
+	require.NoError(t, err)
+	text := buf.String()
+
+	require.True(t, strings.HasPrefix(text, "<html>"))
+	require.True(t, strings.HasSuffix(text, "</html>\n"))
+	for _, excerpt := range []string{
+		`<meta http-equiv="refresh"`,
+		`Loading <a href="`,
+	} {
+		require.Contains(t, text, excerpt)
+	}
+}
+
+func (f *Fs) InternalTest(t *testing.T) {
+	// These tests all depend on each other so run them as nested tests
+	t.Run("DocumentImport", func(t *testing.T) {
+		f.InternalTestDocumentImport(t)
+		t.Run("DocumentUpdate", func(t *testing.T) {
+			f.InternalTestDocumentUpdate(t)
+			t.Run("DocumentExport", func(t *testing.T) {
+				f.InternalTestDocumentExport(t)
+				t.Run("DocumentLink", func(t *testing.T) {
+					f.InternalTestDocumentLink(t)
+				})
+			})
+		})
+	})
+}
+
+var _ fstests.InternalTester = (*Fs)(nil)
--- a/backend/drive/drive_test.go
+++ b/backend/drive/drive_test.go
@@ -0,0 +1,35 @@
+// Test Drive filesystem interface
+
+package drive
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: "TestDrive:",
+		NilObject:  (*Object)(nil),
+		ChunkedUpload: fstests.ChunkedUploadConfig{
+			MinChunkSize:  minChunkSize,
+			CeilChunkSize: fstests.NextPowerOfTwo,
+		},
+	})
+}
+
+func (f *Fs) SetUploadChunkSize(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+	return f.setUploadChunkSize(cs)
+}
+
+func (f *Fs) SetUploadCutoff(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+	return f.setUploadCutoff(cs)
+}
+
+var (
+	_ fstests.SetUploadChunkSizer = (*Fs)(nil)
+	_ fstests.SetUploadCutoffer   = (*Fs)(nil)
+)
--- a/backend/drive/test/about.json
+++ b/backend/drive/test/about.json
@@ -0,0 +1,178 @@
+{
+ "importFormats": {
+  "text/tab-separated-values": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "application/x-vnd.oasis.opendocument.presentation": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "image/jpeg": [
+   "application/vnd.google-apps.document"
+  ],
+  "image/bmp": [
+   "application/vnd.google-apps.document"
+  ],
+  "image/gif": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.ms-excel.sheet.macroenabled.12": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "application/vnd.openxmlformats-officedocument.wordprocessingml.template": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.ms-powerpoint.presentation.macroenabled.12": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "application/vnd.ms-word.template.macroenabled.12": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.openxmlformats-officedocument.wordprocessingml.document": [
+   "application/vnd.google-apps.document"
+  ],
+  "image/pjpeg": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.google-apps.script+text/plain": [
+   "application/vnd.google-apps.script"
+  ],
+  "application/vnd.ms-excel": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "application/vnd.sun.xml.writer": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.ms-word.document.macroenabled.12": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.ms-powerpoint.slideshow.macroenabled.12": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "text/rtf": [
+   "application/vnd.google-apps.document"
+  ],
+  "text/plain": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.oasis.opendocument.spreadsheet": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "application/x-vnd.oasis.opendocument.spreadsheet": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "image/png": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/x-vnd.oasis.opendocument.text": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/msword": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/pdf": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/json": [
+   "application/vnd.google-apps.script"
+  ],
+  "application/x-msmetafile": [
+   "application/vnd.google-apps.drawing"
+  ],
+  "application/vnd.openxmlformats-officedocument.spreadsheetml.template": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "application/vnd.ms-powerpoint": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "application/vnd.ms-excel.template.macroenabled.12": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "image/x-bmp": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/rtf": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.openxmlformats-officedocument.presentationml.template": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "image/x-png": [
+   "application/vnd.google-apps.document"
+  ],
+  "text/html": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.oasis.opendocument.text": [
+   "application/vnd.google-apps.document"
+  ],
+  "application/vnd.openxmlformats-officedocument.presentationml.presentation": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "application/vnd.google-apps.script+json": [
+   "application/vnd.google-apps.script"
+  ],
+  "application/vnd.openxmlformats-officedocument.presentationml.slideshow": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "application/vnd.ms-powerpoint.template.macroenabled.12": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "text/csv": [
+   "application/vnd.google-apps.spreadsheet"
+  ],
+  "application/vnd.oasis.opendocument.presentation": [
+   "application/vnd.google-apps.presentation"
+  ],
+  "image/jpg": [
+   "application/vnd.google-apps.document"
+  ],
+  "text/richtext": [
+   "application/vnd.google-apps.document"
+  ]
+ },
+ "exportFormats": {
+  "application/vnd.google-apps.document": [
+   "application/rtf",
+   "application/vnd.oasis.opendocument.text",
+   "text/html",
+   "application/pdf",
+   "application/epub+zip",
+   "application/zip",
+   "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+   "text/plain"
+  ],
+  "application/vnd.google-apps.spreadsheet": [
+   "application/x-vnd.oasis.opendocument.spreadsheet",
+   "text/tab-separated-values",
+   "application/pdf",
+   "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet",
+   "text/csv",
+   "application/zip",
+   "application/vnd.oasis.opendocument.spreadsheet"
+  ],
+  "application/vnd.google-apps.jam": [
+   "application/pdf"
+  ],
+  "application/vnd.google-apps.script": [
+   "application/vnd.google-apps.script+json"
+  ],
+  "application/vnd.google-apps.presentation": [
+   "application/vnd.oasis.opendocument.presentation",
+   "application/pdf",
+   "application/vnd.openxmlformats-officedocument.presentationml.presentation",
+   "text/plain"
+  ],
+  "application/vnd.google-apps.form": [
+   "application/zip"
+  ],
+  "application/vnd.google-apps.drawing": [
+   "image/svg+xml",
+   "image/png",
+   "application/pdf",
+   "image/jpeg"
+  ]
+ }
+}
--- a/backend/drive/test/files/example1.ods
+++ b/backend/drive/test/files/example1.ods
--- a/backend/drive/test/files/example2.doc
+++ b/backend/drive/test/files/example2.doc
--- a/backend/drive/test/files/example3.odt
+++ b/backend/drive/test/files/example3.odt
--- a/backend/drive/upload.go
+++ b/backend/drive/upload.go
@@ -11,7 +11,6 @@
 package drive

 import (
-	"bytes"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -21,17 +20,16 @@ import (
 	"strconv"

 	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/fserrors"
+	"github.com/ncw/rclone/lib/readers"
 	"github.com/pkg/errors"
-	"google.golang.org/api/drive/v2"
+	"google.golang.org/api/drive/v3"
 	"google.golang.org/api/googleapi"
 )

 const (
 	// statusResumeIncomplete is the code returned by the Google uploader when the transfer is not yet complete.
 	statusResumeIncomplete = 308
-
-	// Number of times to try each chunk
-	maxTries = 10
 )

 // resumableUpload is used by the generated APIs to provide resumable uploads.
@@ -52,17 +50,24 @@ type resumableUpload struct {
 }

 // Upload the io.Reader in of size bytes with contentType and info
-func (f *Fs) Upload(in io.Reader, size int64, contentType string, info *drive.File, remote string) (*drive.File, error) {
-	fileID := info.Id
-	params := make(url.Values)
-	params.Set("alt", "json")
-	params.Set("uploadType", "resumable")
-	urls := "https://www.googleapis.com/upload/drive/v2/files"
+func (f *Fs) Upload(in io.Reader, size int64, contentType, fileID, remote string, info *drive.File) (*drive.File, error) {
+	params := url.Values{
+		"alt":        {"json"},
+		"uploadType": {"resumable"},
+		"fields":     {partialFields},
+	}
+	if f.isTeamDrive {
+		params.Set("supportsTeamDrives", "true")
+	}
+	if f.opt.KeepRevisionForever {
+		params.Set("keepRevisionForever", "true")
+	}
+	urls := "https://www.googleapis.com/upload/drive/v3/files"
 	method := "POST"
 	if fileID != "" {
 		params.Set("setModifiedDate", "true")
 		urls += "/{fileId}"
-		method = "PUT"
+		method = "PATCH"
 	}
 	urls += "?" + params.Encode()
 	var res *http.Response
@@ -107,9 +112,8 @@ func (f *Fs) Upload(in io.Reader, size int64, contentType string, info *drive.Fi
 }

 // Make an http.Request for the range passed in
-func (rx *resumableUpload) makeRequest(start int64, body []byte) *http.Request {
-	reqSize := int64(len(body))
-	req, _ := http.NewRequest("POST", rx.URI, bytes.NewBuffer(body))
+func (rx *resumableUpload) makeRequest(start int64, body io.ReadSeeker, reqSize int64) *http.Request {
+	req, _ := http.NewRequest("POST", rx.URI, body)
 	req.ContentLength = reqSize
 	if reqSize != 0 {
 		req.Header.Set("Content-Range", fmt.Sprintf("bytes %v-%v/%v", start, start+reqSize-1, rx.ContentLength))
@@ -128,7 +132,7 @@ var rangeRE = regexp.MustCompile(`^0\-(\d+)$`)
 //
 // If error is nil, then start should be valid
 func (rx *resumableUpload) transferStatus() (start int64, err error) {
-	req := rx.makeRequest(0, nil)
+	req := rx.makeRequest(0, nil, 0)
 	res, err := rx.f.client.Do(req)
 	if err != nil {
 		return 0, err
@@ -155,8 +159,9 @@ func (rx *resumableUpload) transferStatus() (start int64, err error) {
 }

 // Transfer a chunk - caller must call googleapi.CloseBody(res) if err == nil || res != nil
-func (rx *resumableUpload) transferChunk(start int64, body []byte) (int, error) {
-	req := rx.makeRequest(start, body)
+func (rx *resumableUpload) transferChunk(start int64, chunk io.ReadSeeker, chunkSize int64) (int, error) {
+	_, _ = chunk.Seek(0, io.SeekStart)
+	req := rx.makeRequest(start, chunk, chunkSize)
 	res, err := rx.f.client.Do(req)
 	if err != nil {
 		return 599, err
@@ -178,7 +183,7 @@ func (rx *resumableUpload) transferChunk(start int64, body []byte) (int, error)
 	// been 200 OK.
 	//
 	// So parse the response out of the body.  We aren't expecting
-	// any other 2xx codes, so we parse it unconditionaly on
+	// any other 2xx codes, so we parse it unconditionally on
 	// StatusCode
 	if err = json.NewDecoder(res.Body).Decode(&rx.ret); err != nil {
 		return 598, err
@@ -188,29 +193,23 @@ func (rx *resumableUpload) transferChunk(start int64, body []byte) (int, error)
 }

 // Upload uploads the chunks from the input
-// It retries each chunk maxTries times (with a pause of uploadPause between attempts).
+// It retries each chunk using the pacer and --low-level-retries
 func (rx *resumableUpload) Upload() (*drive.File, error) {
 	start := int64(0)
-	buf := make([]byte, chunkSize)
 	var StatusCode int
+	var err error
+	buf := make([]byte, int(rx.f.opt.ChunkSize))
 	for start < rx.ContentLength {
 		reqSize := rx.ContentLength - start
-		if reqSize >= int64(chunkSize) {
-			reqSize = int64(chunkSize)
-		} else {
-			buf = buf[:reqSize]
-		}
-
-		// Read the chunk
-		_, err := io.ReadFull(rx.Media, buf)
-		if err != nil {
-			return nil, err
+		if reqSize >= int64(rx.f.opt.ChunkSize) {
+			reqSize = int64(rx.f.opt.ChunkSize)
 		}
+		chunk := readers.NewRepeatableLimitReaderBuffer(rx.Media, buf, reqSize)

 		// Transfer the chunk
 		err = rx.f.pacer.Call(func() (bool, error) {
-			fs.Debug(rx.remote, "Sending chunk %d length %d", start, reqSize)
-			StatusCode, err = rx.transferChunk(start, buf)
+			fs.Debugf(rx.remote, "Sending chunk %d length %d", start, reqSize)
+			StatusCode, err = rx.transferChunk(start, chunk, reqSize)
 			again, err := shouldRetry(err)
 			if StatusCode == statusResumeIncomplete || StatusCode == http.StatusCreated || StatusCode == http.StatusOK {
 				again = false
@@ -245,7 +244,7 @@ func (rx *resumableUpload) Upload() (*drive.File, error) {
 	// Handle 404 Not Found errors when doing resumable uploads by starting
 	// the entire upload over from the beginning.
 	if rx.ret == nil {
-		return nil, fs.RetryErrorf("Incomplete upload - retry, last error %d", StatusCode)
+		return nil, fserrors.RetryErrorf("Incomplete upload - retry, last error %d", StatusCode)
 	}
 	return rx.ret, nil
 }
--- a/backend/dropbox/dbhash/dbhash.go
+++ b/backend/dropbox/dbhash/dbhash.go
@@ -0,0 +1,127 @@
+// Package dbhash implements the dropbox hash as described in
+//
+// https://www.dropbox.com/developers/reference/content-hash
+package dbhash
+
+import (
+	"crypto/sha256"
+	"hash"
+)
+
+const (
+	// BlockSize of the checksum in bytes.
+	BlockSize = sha256.BlockSize
+	// Size of the checksum in bytes.
+	Size              = sha256.BlockSize
+	bytesPerBlock     = 4 * 1024 * 1024
+	hashReturnedError = "hash function returned error"
+)
+
+type digest struct {
+	n           int // bytes written into blockHash so far
+	blockHash   hash.Hash
+	totalHash   hash.Hash
+	sumCalled   bool
+	writtenMore bool
+}
+
+// New returns a new hash.Hash computing the Dropbox checksum.
+func New() hash.Hash {
+	d := &digest{}
+	d.Reset()
+	return d
+}
+
+// writeBlockHash writes the current block hash into the total hash
+func (d *digest) writeBlockHash() {
+	blockHash := d.blockHash.Sum(nil)
+	_, err := d.totalHash.Write(blockHash)
+	if err != nil {
+		panic(hashReturnedError)
+	}
+	// reset counters for blockhash
+	d.n = 0
+	d.blockHash.Reset()
+}
+
+// Write writes len(p) bytes from p to the underlying data stream. It returns
+// the number of bytes written from p (0 <= n <= len(p)) and any error
+// encountered that caused the write to stop early. Write must return a non-nil
+// error if it returns n < len(p). Write must not modify the slice data, even
+// temporarily.
+//
+// Implementations must not retain p.
+func (d *digest) Write(p []byte) (n int, err error) {
+	n = len(p)
+	for len(p) > 0 {
+		d.writtenMore = true
+		toWrite := bytesPerBlock - d.n
+		if toWrite > len(p) {
+			toWrite = len(p)
+		}
+		_, err = d.blockHash.Write(p[:toWrite])
+		if err != nil {
+			panic(hashReturnedError)
+		}
+		d.n += toWrite
+		p = p[toWrite:]
+		// Accumulate the total hash
+		if d.n == bytesPerBlock {
+			d.writeBlockHash()
+		}
+	}
+	return n, nil
+}
+
+// Sum appends the current hash to b and returns the resulting slice.
+// It does not change the underlying hash state.
+//
+// TODO(ncw) Sum() can only be called once for this type of hash.
+// If you call Sum(), then Write() then Sum() it will result in
+// a panic.  Calling Write() then Sum(), then Sum() is OK.
+func (d *digest) Sum(b []byte) []byte {
+	if d.sumCalled && d.writtenMore {
+		panic("digest.Sum() called more than once")
+	}
+	d.sumCalled = true
+	d.writtenMore = false
+	if d.n != 0 {
+		d.writeBlockHash()
+	}
+	return d.totalHash.Sum(b)
+}
+
+// Reset resets the Hash to its initial state.
+func (d *digest) Reset() {
+	d.n = 0
+	d.totalHash = sha256.New()
+	d.blockHash = sha256.New()
+	d.sumCalled = false
+	d.writtenMore = false
+}
+
+// Size returns the number of bytes Sum will return.
+func (d *digest) Size() int {
+	return d.totalHash.Size()
+}
+
+// BlockSize returns the hash's underlying block size.
+// The Write method must be able to accept any amount
+// of data, but it may operate more efficiently if all writes
+// are a multiple of the block size.
+func (d *digest) BlockSize() int {
+	return d.totalHash.BlockSize()
+}
+
+// Sum returns the Dropbox checksum of the data.
+func Sum(data []byte) [Size]byte {
+	var d digest
+	d.Reset()
+	_, _ = d.Write(data)
+	var out [Size]byte
+	d.Sum(out[:0])
+	return out
+}
+
+// must implement this interface
+var _ hash.Hash = (*digest)(nil)
--- a/backend/dropbox/dbhash/dbhash_test.go
+++ b/backend/dropbox/dbhash/dbhash_test.go
@@ -0,0 +1,88 @@
+package dbhash_test
+
+import (
+	"encoding/hex"
+	"fmt"
+	"testing"
+
+	"github.com/ncw/rclone/backend/dropbox/dbhash"
+	"github.com/stretchr/testify/assert"
+)
+
+func testChunk(t *testing.T, chunk int) {
+	data := make([]byte, chunk)
+	for i := 0; i < chunk; i++ {
+		data[i] = 'A'
+	}
+	for _, test := range []struct {
+		n    int
+		want string
+	}{
+		{0, "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"},
+		{1, "1cd6ef71e6e0ff46ad2609d403dc3fee244417089aa4461245a4e4fe23a55e42"},
+		{2, "01e0655fb754d10418a73760f57515f4903b298e6d67dda6bf0987fa79c22c88"},
+		{4096, "8620913d33852befe09f16fff8fd75f77a83160d29f76f07e0276e9690903035"},
+		{4194303, "647c8627d70f7a7d13ce96b1e7710a771a55d41a62c3da490d92e56044d311fa"},
+		{4194304, "d4d63bac5b866c71620185392a8a6218ac1092454a2d16f820363b69852befa3"},
+		{4194305, "8f553da8d00d0bf509d8470e242888be33019c20c0544811f5b2b89e98360b92"},
+		{8388607, "83b30cf4fb5195b04a937727ae379cf3d06673bf8f77947f6a92858536e8369c"},
+		{8388608, "e08b3ba1f538804075c5f939accdeaa9efc7b5c01865c94a41e78ca6550a88e7"},
+		{8388609, "02c8a4aefc2bfc9036f89a7098001865885938ca580e5c9e5db672385edd303c"},
+	} {
+		d := dbhash.New()
+		var toWrite int
+		for toWrite = test.n; toWrite >= chunk; toWrite -= chunk {
+			n, err := d.Write(data)
+			assert.Nil(t, err)
+			assert.Equal(t, chunk, n)
+		}
+		n, err := d.Write(data[:toWrite])
+		assert.Nil(t, err)
+		assert.Equal(t, toWrite, n)
+		got := hex.EncodeToString(d.Sum(nil))
+		assert.Equal(t, test.want, got, fmt.Sprintf("when testing length %d", n))
+
+	}
+}
+
+func TestHashChunk16M(t *testing.T)  { testChunk(t, 16*1024*1024) }
+func TestHashChunk8M(t *testing.T)   { testChunk(t, 8*1024*1024) }
+func TestHashChunk4M(t *testing.T)   { testChunk(t, 4*1024*1024) }
+func TestHashChunk2M(t *testing.T)   { testChunk(t, 2*1024*1024) }
+func TestHashChunk1M(t *testing.T)   { testChunk(t, 1*1024*1024) }
+func TestHashChunk64k(t *testing.T)  { testChunk(t, 64*1024) }
+func TestHashChunk32k(t *testing.T)  { testChunk(t, 32*1024) }
+func TestHashChunk2048(t *testing.T) { testChunk(t, 2048) }
+func TestHashChunk2047(t *testing.T) { testChunk(t, 2047) }
+
+func TestSumCalledTwice(t *testing.T) {
+	d := dbhash.New()
+	assert.NotPanics(t, func() { d.Sum(nil) })
+	d.Reset()
+	assert.NotPanics(t, func() { d.Sum(nil) })
+	assert.NotPanics(t, func() { d.Sum(nil) })
+	_, _ = d.Write([]byte{1})
+	assert.Panics(t, func() { d.Sum(nil) })
+}
+
+func TestSize(t *testing.T) {
+	d := dbhash.New()
+	assert.Equal(t, 32, d.Size())
+}
+
+func TestBlockSize(t *testing.T) {
+	d := dbhash.New()
+	assert.Equal(t, 64, d.BlockSize())
+}
+
+func TestSum(t *testing.T) {
+	assert.Equal(t,
+		[64]byte{
+			0x1c, 0xd6, 0xef, 0x71, 0xe6, 0xe0, 0xff, 0x46,
+			0xad, 0x26, 0x09, 0xd4, 0x03, 0xdc, 0x3f, 0xee,
+			0x24, 0x44, 0x17, 0x08, 0x9a, 0xa4, 0x46, 0x12,
+			0x45, 0xa4, 0xe4, 0xfe, 0x23, 0xa5, 0x5e, 0x42,
+		},
+		dbhash.Sum([]byte{'A'}),
+	)
+}
--- a/backend/dropbox/dropbox.go
+++ b/backend/dropbox/dropbox.go
--- a/backend/dropbox/dropbox_test.go
+++ b/backend/dropbox/dropbox_test.go
@@ -0,0 +1,26 @@
+// Test Dropbox filesystem interface
+package dropbox
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: "TestDropbox:",
+		NilObject:  (*Object)(nil),
+		ChunkedUpload: fstests.ChunkedUploadConfig{
+			MaxChunkSize: maxChunkSize,
+		},
+	})
+}
+
+func (f *Fs) SetUploadChunkSize(cs fs.SizeSuffix) (fs.SizeSuffix, error) {
+	return f.setUploadChunkSize(cs)
+}
+
+var _ fstests.SetUploadChunkSizer = (*Fs)(nil)
--- a/backend/ftp/ftp.go
+++ b/backend/ftp/ftp.go
@@ -0,0 +1,795 @@
+// Package ftp interfaces with FTP servers
+package ftp
+
+import (
+	"io"
+	"net/textproto"
+	"os"
+	"path"
+	"sync"
+	"time"
+
+	"github.com/jlaffaye/ftp"
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/config/configmap"
+	"github.com/ncw/rclone/fs/config/configstruct"
+	"github.com/ncw/rclone/fs/config/obscure"
+	"github.com/ncw/rclone/fs/hash"
+	"github.com/ncw/rclone/lib/pacer"
+	"github.com/ncw/rclone/lib/readers"
+	"github.com/pkg/errors"
+)
+
+// Register with Fs
+func init() {
+	fs.Register(&fs.RegInfo{
+		Name:        "ftp",
+		Description: "FTP Connection",
+		NewFs:       NewFs,
+		Options: []fs.Option{
+			{
+				Name:     "host",
+				Help:     "FTP host to connect to",
+				Required: true,
+				Examples: []fs.OptionExample{{
+					Value: "ftp.example.com",
+					Help:  "Connect to ftp.example.com",
+				}},
+			}, {
+				Name: "user",
+				Help: "FTP username, leave blank for current username, " + os.Getenv("USER"),
+			}, {
+				Name: "port",
+				Help: "FTP port, leave blank to use default (21)",
+			}, {
+				Name:       "pass",
+				Help:       "FTP password",
+				IsPassword: true,
+				Required:   true,
+			}, {
+				Name:     "concurrency",
+				Help:     "Maximum number of FTP simultaneous connections, 0 for unlimited",
+				Default:  0,
+				Advanced: true,
+			},
+		},
+	})
+}
+
+// Options defines the configuration for this backend
+type Options struct {
+	Host        string `config:"host"`
+	User        string `config:"user"`
+	Pass        string `config:"pass"`
+	Port        string `config:"port"`
+	Concurrency int    `config:"concurrency"`
+}
+
+// Fs represents a remote FTP server
+type Fs struct {
+	name     string       // name of this remote
+	root     string       // the path we are working on if any
+	opt      Options      // parsed options
+	features *fs.Features // optional features
+	url      string
+	user     string
+	pass     string
+	dialAddr string
+	poolMu   sync.Mutex
+	pool     []*ftp.ServerConn
+	tokens   *pacer.TokenDispenser
+}
+
+// Object describes an FTP file
+type Object struct {
+	fs     *Fs
+	remote string
+	info   *FileInfo
+}
+
+// FileInfo is the metadata known about an FTP file
+type FileInfo struct {
+	Name    string
+	Size    uint64
+	ModTime time.Time
+	IsDir   bool
+}
+
+// ------------------------------------------------------------
+
+// Name of this fs
+func (f *Fs) Name() string {
+	return f.name
+}
+
+// Root of the remote (as passed into NewFs)
+func (f *Fs) Root() string {
+	return f.root
+}
+
+// String returns a description of the FS
+func (f *Fs) String() string {
+	return f.url
+}
+
+// Features returns the optional features of this Fs
+func (f *Fs) Features() *fs.Features {
+	return f.features
+}
+
+// Open a new connection to the FTP server.
+func (f *Fs) ftpConnection() (*ftp.ServerConn, error) {
+	fs.Debugf(f, "Connecting to FTP server")
+	c, err := ftp.DialTimeout(f.dialAddr, fs.Config.ConnectTimeout)
+	if err != nil {
+		fs.Errorf(f, "Error while Dialing %s: %s", f.dialAddr, err)
+		return nil, errors.Wrap(err, "ftpConnection Dial")
+	}
+	err = c.Login(f.user, f.pass)
+	if err != nil {
+		_ = c.Quit()
+		fs.Errorf(f, "Error while Logging in into %s: %s", f.dialAddr, err)
+		return nil, errors.Wrap(err, "ftpConnection Login")
+	}
+	return c, nil
+}
+
+// Get an FTP connection from the pool, or open a new one
+func (f *Fs) getFtpConnection() (c *ftp.ServerConn, err error) {
+	if f.opt.Concurrency > 0 {
+		f.tokens.Get()
+	}
+	f.poolMu.Lock()
+	if len(f.pool) > 0 {
+		c = f.pool[0]
+		f.pool = f.pool[1:]
+	}
+	f.poolMu.Unlock()
+	if c != nil {
+		return c, nil
+	}
+	return f.ftpConnection()
+}
+
+// Return an FTP connection to the pool
+//
+// It nils the pointed to connection out so it can't be reused
+//
+// if err is not nil then it checks the connection is alive using a
+// NOOP request
+func (f *Fs) putFtpConnection(pc **ftp.ServerConn, err error) {
+	if f.opt.Concurrency > 0 {
+		defer f.tokens.Put()
+	}
+	c := *pc
+	*pc = nil
+	if err != nil {
+		// If not a regular FTP error code then check the connection
+		_, isRegularError := errors.Cause(err).(*textproto.Error)
+		if !isRegularError {
+			nopErr := c.NoOp()
+			if nopErr != nil {
+				fs.Debugf(f, "Connection failed, closing: %v", nopErr)
+				_ = c.Quit()
+				return
+			}
+		}
+	}
+	f.poolMu.Lock()
+	f.pool = append(f.pool, c)
+	f.poolMu.Unlock()
+}
+
+// NewFs constructs an Fs from the path, container:path
+func NewFs(name, root string, m configmap.Mapper) (ff fs.Fs, err error) {
+	// defer fs.Trace(nil, "name=%q, root=%q", name, root)("fs=%v, err=%v", &ff, &err)
+	// Parse config into Options struct
+	opt := new(Options)
+	err = configstruct.Set(m, opt)
+	if err != nil {
+		return nil, err
+	}
+	pass, err := obscure.Reveal(opt.Pass)
+	if err != nil {
+		return nil, errors.Wrap(err, "NewFS decrypt password")
+	}
+	user := opt.User
+	if user == "" {
+		user = os.Getenv("USER")
+	}
+	port := opt.Port
+	if port == "" {
+		port = "21"
+	}
+
+	dialAddr := opt.Host + ":" + port
+	u := "ftp://" + path.Join(dialAddr+"/", root)
+	f := &Fs{
+		name:     name,
+		root:     root,
+		opt:      *opt,
+		url:      u,
+		user:     user,
+		pass:     pass,
+		dialAddr: dialAddr,
+		tokens:   pacer.NewTokenDispenser(opt.Concurrency),
+	}
+	f.features = (&fs.Features{
+		CanHaveEmptyDirectories: true,
+	}).Fill(f)
+	// Make a connection and pool it to return errors early
+	c, err := f.getFtpConnection()
+	if err != nil {
+		return nil, errors.Wrap(err, "NewFs")
+	}
+	f.putFtpConnection(&c, nil)
+	if root != "" {
+		// Check to see if the root actually an existing file
+		remote := path.Base(root)
+		f.root = path.Dir(root)
+		if f.root == "." {
+			f.root = ""
+		}
+		_, err := f.NewObject(remote)
+		if err != nil {
+			if err == fs.ErrorObjectNotFound || errors.Cause(err) == fs.ErrorNotAFile {
+				// File doesn't exist so return old f
+				f.root = root
+				return f, nil
+			}
+			return nil, err
+		}
+		// return an error with an fs which points to the parent
+		return f, fs.ErrorIsFile
+	}
+	return f, err
+}
+
+// translateErrorFile turns FTP errors into rclone errors if possible for a file
+func translateErrorFile(err error) error {
+	switch errX := err.(type) {
+	case *textproto.Error:
+		switch errX.Code {
+		case ftp.StatusFileUnavailable, ftp.StatusFileActionIgnored:
+			err = fs.ErrorObjectNotFound
+		}
+	}
+	return err
+}
+
+// translateErrorDir turns FTP errors into rclone errors if possible for a directory
+func translateErrorDir(err error) error {
+	switch errX := err.(type) {
+	case *textproto.Error:
+		switch errX.Code {
+		case ftp.StatusFileUnavailable, ftp.StatusFileActionIgnored:
+			err = fs.ErrorDirNotFound
+		}
+	}
+	return err
+}
+
+// findItem finds a directory entry for the name in its parent directory
+func (f *Fs) findItem(remote string) (entry *ftp.Entry, err error) {
+	// defer fs.Trace(remote, "")("o=%v, err=%v", &o, &err)
+	fullPath := path.Join(f.root, remote)
+	dir := path.Dir(fullPath)
+	base := path.Base(fullPath)
+
+	c, err := f.getFtpConnection()
+	if err != nil {
+		return nil, errors.Wrap(err, "findItem")
+	}
+	files, err := c.List(dir)
+	f.putFtpConnection(&c, err)
+	if err != nil {
+		return nil, translateErrorFile(err)
+	}
+	for _, file := range files {
+		if file.Name == base {
+			return file, nil
+		}
+	}
+	return nil, nil
+}
+
+// NewObject finds the Object at remote.  If it can't be found
+// it returns the error fs.ErrorObjectNotFound.
+func (f *Fs) NewObject(remote string) (o fs.Object, err error) {
+	// defer fs.Trace(remote, "")("o=%v, err=%v", &o, &err)
+	entry, err := f.findItem(remote)
+	if err != nil {
+		return nil, err
+	}
+	if entry != nil && entry.Type != ftp.EntryTypeFolder {
+		o := &Object{
+			fs:     f,
+			remote: remote,
+		}
+		info := &FileInfo{
+			Name:    remote,
+			Size:    entry.Size,
+			ModTime: entry.Time,
+		}
+		o.info = info
+
+		return o, nil
+	}
+	return nil, fs.ErrorObjectNotFound
+}
+
+// dirExists checks the directory pointed to by remote exists or not
+func (f *Fs) dirExists(remote string) (exists bool, err error) {
+	entry, err := f.findItem(remote)
+	if err != nil {
+		return false, errors.Wrap(err, "dirExists")
+	}
+	if entry != nil && entry.Type == ftp.EntryTypeFolder {
+		return true, nil
+	}
+	return false, nil
+}
+
+// List the objects and directories in dir into entries.  The
+// entries can be returned in any order but should be for a
+// complete directory.
+//
+// dir should be "" to list the root, and should not have
+// trailing slashes.
+//
+// This should return ErrDirNotFound if the directory isn't
+// found.
+func (f *Fs) List(dir string) (entries fs.DirEntries, err error) {
+	// defer fs.Trace(dir, "curlevel=%d", curlevel)("")
+	c, err := f.getFtpConnection()
+	if err != nil {
+		return nil, errors.Wrap(err, "list")
+	}
+	files, err := c.List(path.Join(f.root, dir))
+	f.putFtpConnection(&c, err)
+	if err != nil {
+		return nil, translateErrorDir(err)
+	}
+	// Annoyingly FTP returns success for a directory which
+	// doesn't exist, so check it really doesn't exist if no
+	// entries found.
+	if len(files) == 0 {
+		exists, err := f.dirExists(dir)
+		if err != nil {
+			return nil, errors.Wrap(err, "list")
+		}
+		if !exists {
+			return nil, fs.ErrorDirNotFound
+		}
+	}
+	for i := range files {
+		object := files[i]
+		newremote := path.Join(dir, object.Name)
+		switch object.Type {
+		case ftp.EntryTypeFolder:
+			if object.Name == "." || object.Name == ".." {
+				continue
+			}
+			d := fs.NewDir(newremote, object.Time)
+			entries = append(entries, d)
+		default:
+			o := &Object{
+				fs:     f,
+				remote: newremote,
+			}
+			info := &FileInfo{
+				Name:    newremote,
+				Size:    object.Size,
+				ModTime: object.Time,
+			}
+			o.info = info
+			entries = append(entries, o)
+		}
+	}
+	return entries, nil
+}
+
+// Hashes are not supported
+func (f *Fs) Hashes() hash.Set {
+	return 0
+}
+
+// Precision shows Modified Time not supported
+func (f *Fs) Precision() time.Duration {
+	return fs.ModTimeNotSupported
+}
+
+// Put in to the remote path with the modTime given of the given size
+//
+// May create the object even if it returns an error - if so
+// will return the object and the error, otherwise will return
+// nil and the error
+func (f *Fs) Put(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+	// fs.Debugf(f, "Trying to put file %s", src.Remote())
+	err := f.mkParentDir(src.Remote())
+	if err != nil {
+		return nil, errors.Wrap(err, "Put mkParentDir failed")
+	}
+	o := &Object{
+		fs:     f,
+		remote: src.Remote(),
+	}
+	err = o.Update(in, src, options...)
+	return o, err
+}
+
+// PutStream uploads to the remote path with the modTime given of indeterminate size
+func (f *Fs) PutStream(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+	return f.Put(in, src, options...)
+}
+
+// getInfo reads the FileInfo for a path
+func (f *Fs) getInfo(remote string) (fi *FileInfo, err error) {
+	// defer fs.Trace(remote, "")("fi=%v, err=%v", &fi, &err)
+	dir := path.Dir(remote)
+	base := path.Base(remote)
+
+	c, err := f.getFtpConnection()
+	if err != nil {
+		return nil, errors.Wrap(err, "getInfo")
+	}
+	files, err := c.List(dir)
+	f.putFtpConnection(&c, err)
+	if err != nil {
+		return nil, translateErrorFile(err)
+	}
+
+	for i := range files {
+		if files[i].Name == base {
+			info := &FileInfo{
+				Name:    remote,
+				Size:    files[i].Size,
+				ModTime: files[i].Time,
+				IsDir:   files[i].Type == ftp.EntryTypeFolder,
+			}
+			return info, nil
+		}
+	}
+	return nil, fs.ErrorObjectNotFound
+}
+
+// mkdir makes the directory and parents using unrooted paths
+func (f *Fs) mkdir(abspath string) error {
+	if abspath == "." || abspath == "/" {
+		return nil
+	}
+	fi, err := f.getInfo(abspath)
+	if err == nil {
+		if fi.IsDir {
+			return nil
+		}
+		return fs.ErrorIsFile
+	} else if err != fs.ErrorObjectNotFound {
+		return errors.Wrapf(err, "mkdir %q failed", abspath)
+	}
+	parent := path.Dir(abspath)
+	err = f.mkdir(parent)
+	if err != nil {
+		return err
+	}
+	c, connErr := f.getFtpConnection()
+	if connErr != nil {
+		return errors.Wrap(connErr, "mkdir")
+	}
+	err = c.MakeDir(abspath)
+	f.putFtpConnection(&c, err)
+	switch errX := err.(type) {
+	case *textproto.Error:
+		switch errX.Code {
+		case ftp.StatusFileUnavailable: // dir already exists: see issue #2181
+			err = nil
+		case 521: // dir already exists: error number according to RFC 959: issue #2363
+			err = nil
+		}
+	}
+	return err
+}
+
+// mkParentDir makes the parent of remote if necessary and any
+// directories above that
+func (f *Fs) mkParentDir(remote string) error {
+	parent := path.Dir(remote)
+	return f.mkdir(path.Join(f.root, parent))
+}
+
+// Mkdir creates the directory if it doesn't exist
+func (f *Fs) Mkdir(dir string) (err error) {
+	// defer fs.Trace(dir, "")("err=%v", &err)
+	root := path.Join(f.root, dir)
+	return f.mkdir(root)
+}
+
+// Rmdir removes the directory (container, bucket) if empty
+//
+// Return an error if it doesn't exist or isn't empty
+func (f *Fs) Rmdir(dir string) error {
+	c, err := f.getFtpConnection()
+	if err != nil {
+		return errors.Wrap(translateErrorFile(err), "Rmdir")
+	}
+	err = c.RemoveDir(path.Join(f.root, dir))
+	f.putFtpConnection(&c, err)
+	return translateErrorDir(err)
+}
+
+// Move renames a remote file object
+func (f *Fs) Move(src fs.Object, remote string) (fs.Object, error) {
+	srcObj, ok := src.(*Object)
+	if !ok {
+		fs.Debugf(src, "Can't move - not same remote type")
+		return nil, fs.ErrorCantMove
+	}
+	err := f.mkParentDir(remote)
+	if err != nil {
+		return nil, errors.Wrap(err, "Move mkParentDir failed")
+	}
+	c, err := f.getFtpConnection()
+	if err != nil {
+		return nil, errors.Wrap(err, "Move")
+	}
+	err = c.Rename(
+		path.Join(srcObj.fs.root, srcObj.remote),
+		path.Join(f.root, remote),
+	)
+	f.putFtpConnection(&c, err)
+	if err != nil {
+		return nil, errors.Wrap(err, "Move Rename failed")
+	}
+	dstObj, err := f.NewObject(remote)
+	if err != nil {
+		return nil, errors.Wrap(err, "Move NewObject failed")
+	}
+	return dstObj, nil
+}
+
+// DirMove moves src, srcRemote to this remote at dstRemote
+// using server side move operations.
+//
+// Will only be called if src.Fs().Name() == f.Name()
+//
+// If it isn't possible then return fs.ErrorCantDirMove
+//
+// If destination exists then return fs.ErrorDirExists
+func (f *Fs) DirMove(src fs.Fs, srcRemote, dstRemote string) error {
+	srcFs, ok := src.(*Fs)
+	if !ok {
+		fs.Debugf(srcFs, "Can't move directory - not same remote type")
+		return fs.ErrorCantDirMove
+	}
+	srcPath := path.Join(srcFs.root, srcRemote)
+	dstPath := path.Join(f.root, dstRemote)
+
+	// Check if destination exists
+	fi, err := f.getInfo(dstPath)
+	if err == nil {
+		if fi.IsDir {
+			return fs.ErrorDirExists
+		}
+		return fs.ErrorIsFile
+	} else if err != fs.ErrorObjectNotFound {
+		return errors.Wrapf(err, "DirMove getInfo failed")
+	}
+
+	// Make sure the parent directory exists
+	err = f.mkdir(path.Dir(dstPath))
+	if err != nil {
+		return errors.Wrap(err, "DirMove mkParentDir dst failed")
+	}
+
+	// Do the move
+	c, err := f.getFtpConnection()
+	if err != nil {
+		return errors.Wrap(err, "DirMove")
+	}
+	err = c.Rename(
+		srcPath,
+		dstPath,
+	)
+	f.putFtpConnection(&c, err)
+	if err != nil {
+		return errors.Wrapf(err, "DirMove Rename(%q,%q) failed", srcPath, dstPath)
+	}
+	return nil
+}
+
+// ------------------------------------------------------------
+
+// Fs returns the parent Fs
+func (o *Object) Fs() fs.Info {
+	return o.fs
+}
+
+// String version of o
+func (o *Object) String() string {
+	if o == nil {
+		return "<nil>"
+	}
+	return o.remote
+}
+
+// Remote returns the remote path
+func (o *Object) Remote() string {
+	return o.remote
+}
+
+// Hash returns the hash of an object returning a lowercase hex string
+func (o *Object) Hash(t hash.Type) (string, error) {
+	return "", hash.ErrUnsupported
+}
+
+// Size returns the size of an object in bytes
+func (o *Object) Size() int64 {
+	return int64(o.info.Size)
+}
+
+// ModTime returns the modification time of the object
+func (o *Object) ModTime() time.Time {
+	return o.info.ModTime
+}
+
+// SetModTime sets the modification time of the object
+func (o *Object) SetModTime(modTime time.Time) error {
+	return nil
+}
+
+// Storable returns a boolean as to whether this object is storable
+func (o *Object) Storable() bool {
+	return true
+}
+
+// ftpReadCloser implements io.ReadCloser for FTP objects.
+type ftpReadCloser struct {
+	rc  io.ReadCloser
+	c   *ftp.ServerConn
+	f   *Fs
+	err error // errors found during read
+}
+
+// Read bytes into p
+func (f *ftpReadCloser) Read(p []byte) (n int, err error) {
+	n, err = f.rc.Read(p)
+	if err != nil && err != io.EOF {
+		f.err = err // store any errors for Close to examine
+	}
+	return
+}
+
+// Close the FTP reader and return the connection to the pool
+func (f *ftpReadCloser) Close() error {
+	var err error
+	errchan := make(chan error, 1)
+	go func() {
+		errchan <- f.rc.Close()
+	}()
+	// Wait for Close for up to 60 seconds
+	timer := time.NewTimer(60 * time.Second)
+	select {
+	case err = <-errchan:
+		timer.Stop()
+	case <-timer.C:
+		// if timer fired assume no error but connection dead
+		fs.Errorf(f.f, "Timeout when waiting for connection Close")
+		return nil
+	}
+	// if errors while reading or closing, dump the connection
+	if err != nil || f.err != nil {
+		_ = f.c.Quit()
+	} else {
+		f.f.putFtpConnection(&f.c, nil)
+	}
+	// mask the error if it was caused by a premature close
+	switch errX := err.(type) {
+	case *textproto.Error:
+		switch errX.Code {
+		case ftp.StatusTransfertAborted, ftp.StatusFileUnavailable:
+			err = nil
+		}
+	}
+	return err
+}
+
+// Open an object for read
+func (o *Object) Open(options ...fs.OpenOption) (rc io.ReadCloser, err error) {
+	// defer fs.Trace(o, "")("rc=%v, err=%v", &rc, &err)
+	path := path.Join(o.fs.root, o.remote)
+	var offset, limit int64 = 0, -1
+	for _, option := range options {
+		switch x := option.(type) {
+		case *fs.SeekOption:
+			offset = x.Offset
+		case *fs.RangeOption:
+			offset, limit = x.Decode(o.Size())
+		default:
+			if option.Mandatory() {
+				fs.Logf(o, "Unsupported mandatory option: %v", option)
+			}
+		}
+	}
+	c, err := o.fs.getFtpConnection()
+	if err != nil {
+		return nil, errors.Wrap(err, "open")
+	}
+	fd, err := c.RetrFrom(path, uint64(offset))
+	if err != nil {
+		o.fs.putFtpConnection(&c, err)
+		return nil, errors.Wrap(err, "open")
+	}
+	rc = &ftpReadCloser{rc: readers.NewLimitedReadCloser(fd, limit), c: c, f: o.fs}
+	return rc, nil
+}
+
+// Update the already existing object
+//
+// Copy the reader into the object updating modTime and size
+//
+// The new object may have been created if an error is returned
+func (o *Object) Update(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (err error) {
+	// defer fs.Trace(o, "src=%v", src)("err=%v", &err)
+	path := path.Join(o.fs.root, o.remote)
+	// remove the file if upload failed
+	remove := func() {
+		// Give the FTP server a chance to get its internal state in order after the error.
+		// The error may have been local in which case we closed the connection.  The server
+		// may still be dealing with it for a moment. A sleep isn't ideal but I haven't been
+		// able to think of a better method to find out if the server has finished - ncw
+		time.Sleep(1 * time.Second)
+		removeErr := o.Remove()
+		if removeErr != nil {
+			fs.Debugf(o, "Failed to remove: %v", removeErr)
+		} else {
+			fs.Debugf(o, "Removed after failed upload: %v", err)
+		}
+	}
+	c, err := o.fs.getFtpConnection()
+	if err != nil {
+		return errors.Wrap(err, "Update")
+	}
+	err = c.Stor(path, in)
+	if err != nil {
+		_ = c.Quit() // toss this connection to avoid sync errors
+		remove()
+		return errors.Wrap(err, "update stor")
+	}
+	o.fs.putFtpConnection(&c, nil)
+	o.info, err = o.fs.getInfo(path)
+	if err != nil {
+		return errors.Wrap(err, "update getinfo")
+	}
+	return nil
+}
+
+// Remove an object
+func (o *Object) Remove() (err error) {
+	// defer fs.Trace(o, "")("err=%v", &err)
+	path := path.Join(o.fs.root, o.remote)
+	// Check if it's a directory or a file
+	info, err := o.fs.getInfo(path)
+	if err != nil {
+		return err
+	}
+	if info.IsDir {
+		err = o.fs.Rmdir(o.remote)
+	} else {
+		c, err := o.fs.getFtpConnection()
+		if err != nil {
+			return errors.Wrap(err, "Remove")
+		}
+		err = c.Delete(path)
+		o.fs.putFtpConnection(&c, err)
+	}
+	return err
+}
+
+// Check the interfaces are satisfied
+var (
+	_ fs.Fs          = &Fs{}
+	_ fs.Mover       = &Fs{}
+	_ fs.DirMover    = &Fs{}
+	_ fs.PutStreamer = &Fs{}
+	_ fs.Object      = &Object{}
+)
--- a/backend/ftp/ftp_test.go
+++ b/backend/ftp/ftp_test.go
@@ -0,0 +1,17 @@
+// Test FTP filesystem interface
+package ftp_test
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/backend/ftp"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: "TestFTP:",
+		NilObject:  (*ftp.Object)(nil),
+	})
+}
--- a/backend/googlecloudstorage/googlecloudstorage.go
+++ b/backend/googlecloudstorage/googlecloudstorage.go
--- a/backend/googlecloudstorage/googlecloudstorage_test.go
+++ b/backend/googlecloudstorage/googlecloudstorage_test.go
@@ -0,0 +1,18 @@
+// Test GoogleCloudStorage filesystem interface
+
+package googlecloudstorage_test
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/backend/googlecloudstorage"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName: "TestGoogleCloudStorage:",
+		NilObject:  (*googlecloudstorage.Object)(nil),
+	})
+}
--- a/backend/http/http.go
+++ b/backend/http/http.go
@@ -0,0 +1,550 @@
+// Package http provides a filesystem interface using golang.org/net/http
+//
+// It treats HTML pages served from the endpoint as directory
+// listings, and includes any links found as files.
+package http
+
+import (
+	"io"
+	"mime"
+	"net/http"
+	"net/url"
+	"path"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/config/configmap"
+	"github.com/ncw/rclone/fs/config/configstruct"
+	"github.com/ncw/rclone/fs/fshttp"
+	"github.com/ncw/rclone/fs/hash"
+	"github.com/ncw/rclone/lib/rest"
+	"github.com/pkg/errors"
+	"golang.org/x/net/html"
+)
+
+var (
+	errorReadOnly = errors.New("http remotes are read only")
+	timeUnset     = time.Unix(0, 0)
+)
+
+func init() {
+	fsi := &fs.RegInfo{
+		Name:        "http",
+		Description: "http Connection",
+		NewFs:       NewFs,
+		Options: []fs.Option{{
+			Name:     "url",
+			Help:     "URL of http host to connect to",
+			Required: true,
+			Examples: []fs.OptionExample{{
+				Value: "https://example.com",
+				Help:  "Connect to example.com",
+			}, {
+				Value: "https://user:pass@example.com",
+				Help:  "Connect to example.com using a username and password",
+			}},
+		}, {
+			Name: "no_slash",
+			Help: `Set this if the site doesn't end directories with /
+
+Use this if your target website does not use / on the end of
+directories.
+
+A / on the end of a path is how rclone normally tells the difference
+between files and directories.  If this flag is set, then rclone will
+treat all files with Content-Type: text/html as directories and read
+URLs from them rather than downloading them.
+
+Note that this may cause rclone to confuse genuine HTML files with
+directories.`,
+			Default:  false,
+			Advanced: true,
+		}},
+	}
+	fs.Register(fsi)
+}
+
+// Options defines the configuration for this backend
+type Options struct {
+	Endpoint string `config:"url"`
+	NoSlash  bool   `config:"no_slash"`
+}
+
+// Fs stores the interface to the remote HTTP files
+type Fs struct {
+	name        string
+	root        string
+	features    *fs.Features // optional features
+	opt         Options      // options for this backend
+	endpoint    *url.URL
+	endpointURL string // endpoint as a string
+	httpClient  *http.Client
+}
+
+// Object is a remote object that has been stat'd (so it exists, but is not necessarily open for reading)
+type Object struct {
+	fs          *Fs
+	remote      string
+	size        int64
+	modTime     time.Time
+	contentType string
+}
+
+// statusError returns an error if the res contained an error
+func statusError(res *http.Response, err error) error {
+	if err != nil {
+		return err
+	}
+	if res.StatusCode < 200 || res.StatusCode > 299 {
+		_ = res.Body.Close()
+		return errors.Errorf("HTTP Error %d: %s", res.StatusCode, res.Status)
+	}
+	return nil
+}
+
+// NewFs creates a new Fs object from the name and root. It connects to
+// the host specified in the config file.
+func NewFs(name, root string, m configmap.Mapper) (fs.Fs, error) {
+	// Parse config into Options struct
+	opt := new(Options)
+	err := configstruct.Set(m, opt)
+	if err != nil {
+		return nil, err
+	}
+
+	if !strings.HasSuffix(opt.Endpoint, "/") {
+		opt.Endpoint += "/"
+	}
+
+	// Parse the endpoint and stick the root onto it
+	base, err := url.Parse(opt.Endpoint)
+	if err != nil {
+		return nil, err
+	}
+	u, err := rest.URLJoin(base, rest.URLPathEscape(root))
+	if err != nil {
+		return nil, err
+	}
+
+	client := fshttp.NewClient(fs.Config)
+
+	var isFile = false
+	if !strings.HasSuffix(u.String(), "/") {
+		// Make a client which doesn't follow redirects so the server
+		// doesn't redirect http://host/dir to http://host/dir/
+		noRedir := *client
+		noRedir.CheckRedirect = func(req *http.Request, via []*http.Request) error {
+			return http.ErrUseLastResponse
+		}
+		// check to see if points to a file
+		res, err := noRedir.Head(u.String())
+		err = statusError(res, err)
+		if err == nil {
+			isFile = true
+		}
+	}
+
+	newRoot := u.String()
+	if isFile {
+		// Point to the parent if this is a file
+		newRoot, _ = path.Split(u.String())
+	} else {
+		if !strings.HasSuffix(newRoot, "/") {
+			newRoot += "/"
+		}
+	}
+
+	u, err = url.Parse(newRoot)
+	if err != nil {
+		return nil, err
+	}
+
+	f := &Fs{
+		name:        name,
+		root:        root,
+		opt:         *opt,
+		httpClient:  client,
+		endpoint:    u,
+		endpointURL: u.String(),
+	}
+	f.features = (&fs.Features{
+		CanHaveEmptyDirectories: true,
+	}).Fill(f)
+	if isFile {
+		return f, fs.ErrorIsFile
+	}
+	if !strings.HasSuffix(f.endpointURL, "/") {
+		return nil, errors.New("internal error: url doesn't end with /")
+	}
+	return f, nil
+}
+
+// Name returns the configured name of the file system
+func (f *Fs) Name() string {
+	return f.name
+}
+
+// Root returns the root for the filesystem
+func (f *Fs) Root() string {
+	return f.root
+}
+
+// String returns the URL for the filesystem
+func (f *Fs) String() string {
+	return f.endpointURL
+}
+
+// Features returns the optional features of this Fs
+func (f *Fs) Features() *fs.Features {
+	return f.features
+}
+
+// Precision is the remote http file system's modtime precision, which we have no way of knowing. We estimate at 1s
+func (f *Fs) Precision() time.Duration {
+	return time.Second
+}
+
+// NewObject creates a new remote http file object
+func (f *Fs) NewObject(remote string) (fs.Object, error) {
+	o := &Object{
+		fs:     f,
+		remote: remote,
+	}
+	err := o.stat()
+	if err != nil {
+		return nil, err
+	}
+	return o, nil
+}
+
+// Join's the remote onto the base URL
+func (f *Fs) url(remote string) string {
+	return f.endpointURL + rest.URLPathEscape(remote)
+}
+
+// parse s into an int64, on failure return def
+func parseInt64(s string, def int64) int64 {
+	n, e := strconv.ParseInt(s, 10, 64)
+	if e != nil {
+		return def
+	}
+	return n
+}
+
+// Errors returned by parseName
+var (
+	errURLJoinFailed     = errors.New("URLJoin failed")
+	errFoundQuestionMark = errors.New("found ? in URL")
+	errHostMismatch      = errors.New("host mismatch")
+	errSchemeMismatch    = errors.New("scheme mismatch")
+	errNotUnderRoot      = errors.New("not under root")
+	errNameIsEmpty       = errors.New("name is empty")
+	errNameContainsSlash = errors.New("name contains /")
+)
+
+// parseName turns a name as found in the page into a remote path or returns an error
+func parseName(base *url.URL, name string) (string, error) {
+	// make URL absolute
+	u, err := rest.URLJoin(base, name)
+	if err != nil {
+		return "", errURLJoinFailed
+	}
+	// check it doesn't have URL parameters
+	uStr := u.String()
+	if strings.Index(uStr, "?") >= 0 {
+		return "", errFoundQuestionMark
+	}
+	// check that this is going back to the same host and scheme
+	if base.Host != u.Host {
+		return "", errHostMismatch
+	}
+	if base.Scheme != u.Scheme {
+		return "", errSchemeMismatch
+	}
+	// check has path prefix
+	if !strings.HasPrefix(u.Path, base.Path) {
+		return "", errNotUnderRoot
+	}
+	// calculate the name relative to the base
+	name = u.Path[len(base.Path):]
+	// mustn't be empty
+	if name == "" {
+		return "", errNameIsEmpty
+	}
+	// mustn't contain a / - we are looking for a single level directory
+	slash := strings.Index(name, "/")
+	if slash >= 0 && slash != len(name)-1 {
+		return "", errNameContainsSlash
+	}
+	return name, nil
+}
+
+// Parse turns HTML for a directory into names
+// base should be the base URL to resolve any relative names from
+func parse(base *url.URL, in io.Reader) (names []string, err error) {
+	doc, err := html.Parse(in)
+	if err != nil {
+		return nil, err
+	}
+	var (
+		walk func(*html.Node)
+		seen = make(map[string]struct{})
+	)
+	walk = func(n *html.Node) {
+		if n.Type == html.ElementNode && n.Data == "a" {
+			for _, a := range n.Attr {
+				if a.Key == "href" {
+					name, err := parseName(base, a.Val)
+					if err == nil {
+						if _, found := seen[name]; !found {
+							names = append(names, name)
+							seen[name] = struct{}{}
+						}
+					}
+					break
+				}
+			}
+		}
+		for c := n.FirstChild; c != nil; c = c.NextSibling {
+			walk(c)
+		}
+	}
+	walk(doc)
+	return names, nil
+}
+
+// Read the directory passed in
+func (f *Fs) readDir(dir string) (names []string, err error) {
+	URL := f.url(dir)
+	u, err := url.Parse(URL)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to readDir")
+	}
+	if !strings.HasSuffix(URL, "/") {
+		return nil, errors.Errorf("internal error: readDir URL %q didn't end in /", URL)
+	}
+	res, err := f.httpClient.Get(URL)
+	if err == nil {
+		defer fs.CheckClose(res.Body, &err)
+		if res.StatusCode == http.StatusNotFound {
+			return nil, fs.ErrorDirNotFound
+		}
+	}
+	err = statusError(res, err)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to readDir")
+	}
+
+	contentType := strings.SplitN(res.Header.Get("Content-Type"), ";", 2)[0]
+	switch contentType {
+	case "text/html":
+		names, err = parse(u, res.Body)
+		if err != nil {
+			return nil, errors.Wrap(err, "readDir")
+		}
+	default:
+		return nil, errors.Errorf("Can't parse content type %q", contentType)
+	}
+	return names, nil
+}
+
+// List the objects and directories in dir into entries.  The
+// entries can be returned in any order but should be for a
+// complete directory.
+//
+// dir should be "" to list the root, and should not have
+// trailing slashes.
+//
+// This should return ErrDirNotFound if the directory isn't
+// found.
+func (f *Fs) List(dir string) (entries fs.DirEntries, err error) {
+	if !strings.HasSuffix(dir, "/") && dir != "" {
+		dir += "/"
+	}
+	names, err := f.readDir(dir)
+	if err != nil {
+		return nil, errors.Wrapf(err, "error listing %q", dir)
+	}
+	for _, name := range names {
+		isDir := name[len(name)-1] == '/'
+		name = strings.TrimRight(name, "/")
+		remote := path.Join(dir, name)
+		if isDir {
+			dir := fs.NewDir(remote, timeUnset)
+			entries = append(entries, dir)
+		} else {
+			file := &Object{
+				fs:     f,
+				remote: remote,
+			}
+			switch err = file.stat(); err {
+			case nil:
+				entries = append(entries, file)
+			case fs.ErrorNotAFile:
+				// ...found a directory not a file
+				dir := fs.NewDir(remote, timeUnset)
+				entries = append(entries, dir)
+			default:
+				fs.Debugf(remote, "skipping because of error: %v", err)
+			}
+		}
+	}
+	return entries, nil
+}
+
+// Put in to the remote path with the modTime given of the given size
+//
+// May create the object even if it returns an error - if so
+// will return the object and the error, otherwise will return
+// nil and the error
+func (f *Fs) Put(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+	return nil, errorReadOnly
+}
+
+// PutStream uploads to the remote path with the modTime given of indeterminate size
+func (f *Fs) PutStream(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) (fs.Object, error) {
+	return nil, errorReadOnly
+}
+
+// Fs is the filesystem this remote http file object is located within
+func (o *Object) Fs() fs.Info {
+	return o.fs
+}
+
+// String returns the URL to the remote HTTP file
+func (o *Object) String() string {
+	if o == nil {
+		return "<nil>"
+	}
+	return o.remote
+}
+
+// Remote the name of the remote HTTP file, relative to the fs root
+func (o *Object) Remote() string {
+	return o.remote
+}
+
+// Hash returns "" since HTTP (in Go or OpenSSH) doesn't support remote calculation of hashes
+func (o *Object) Hash(r hash.Type) (string, error) {
+	return "", hash.ErrUnsupported
+}
+
+// Size returns the size in bytes of the remote http file
+func (o *Object) Size() int64 {
+	return o.size
+}
+
+// ModTime returns the modification time of the remote http file
+func (o *Object) ModTime() time.Time {
+	return o.modTime
+}
+
+// url returns the native url of the object
+func (o *Object) url() string {
+	return o.fs.url(o.remote)
+}
+
+// stat updates the info field in the Object
+func (o *Object) stat() error {
+	url := o.url()
+	res, err := o.fs.httpClient.Head(url)
+	if err == nil && res.StatusCode == http.StatusNotFound {
+		return fs.ErrorObjectNotFound
+	}
+	err = statusError(res, err)
+	if err != nil {
+		return errors.Wrap(err, "failed to stat")
+	}
+	t, err := http.ParseTime(res.Header.Get("Last-Modified"))
+	if err != nil {
+		t = timeUnset
+	}
+	o.size = parseInt64(res.Header.Get("Content-Length"), -1)
+	o.modTime = t
+	o.contentType = res.Header.Get("Content-Type")
+	// If NoSlash is set then check ContentType to see if it is a directory
+	if o.fs.opt.NoSlash {
+		mediaType, _, err := mime.ParseMediaType(o.contentType)
+		if err != nil {
+			return errors.Wrapf(err, "failed to parse Content-Type: %q", o.contentType)
+		}
+		if mediaType == "text/html" {
+			return fs.ErrorNotAFile
+		}
+	}
+	return nil
+}
+
+// SetModTime sets the modification and access time to the specified time
+//
+// it also updates the info field
+func (o *Object) SetModTime(modTime time.Time) error {
+	return errorReadOnly
+}
+
+// Storable returns whether the remote http file is a regular file (not a directory, symbolic link, block device, character device, named pipe, etc)
+func (o *Object) Storable() bool {
+	return true
+}
+
+// Open a remote http file object for reading. Seek is supported
+func (o *Object) Open(options ...fs.OpenOption) (in io.ReadCloser, err error) {
+	url := o.url()
+	req, err := http.NewRequest("GET", url, nil)
+	if err != nil {
+		return nil, errors.Wrap(err, "Open failed")
+	}
+
+	// Add optional headers
+	for k, v := range fs.OpenOptionHeaders(options) {
+		req.Header.Add(k, v)
+	}
+
+	// Do the request
+	res, err := o.fs.httpClient.Do(req)
+	err = statusError(res, err)
+	if err != nil {
+		return nil, errors.Wrap(err, "Open failed")
+	}
+	return res.Body, nil
+}
+
+// Hashes returns hash.HashNone to indicate remote hashing is unavailable
+func (f *Fs) Hashes() hash.Set {
+	return hash.Set(hash.None)
+}
+
+// Mkdir makes the root directory of the Fs object
+func (f *Fs) Mkdir(dir string) error {
+	return errorReadOnly
+}
+
+// Remove a remote http file object
+func (o *Object) Remove() error {
+	return errorReadOnly
+}
+
+// Rmdir removes the root directory of the Fs object
+func (f *Fs) Rmdir(dir string) error {
+	return errorReadOnly
+}
+
+// Update in to the object with the modTime given of the given size
+func (o *Object) Update(in io.Reader, src fs.ObjectInfo, options ...fs.OpenOption) error {
+	return errorReadOnly
+}
+
+// MimeType of an Object if known, "" otherwise
+func (o *Object) MimeType() string {
+	return o.contentType
+}
+
+// Check the interfaces are satisfied
+var (
+	_ fs.Fs          = &Fs{}
+	_ fs.PutStreamer = &Fs{}
+	_ fs.Object      = &Object{}
+	_ fs.MimeTyper   = &Object{}
+)
--- a/backend/http/http_internal_test.go
+++ b/backend/http/http_internal_test.go
@@ -0,0 +1,344 @@
+package http
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"os"
+	"path/filepath"
+	"sort"
+	"testing"
+	"time"
+
+	"github.com/ncw/rclone/fs"
+	"github.com/ncw/rclone/fs/config"
+	"github.com/ncw/rclone/fs/config/configmap"
+	"github.com/ncw/rclone/fstest"
+	"github.com/ncw/rclone/lib/rest"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+var (
+	remoteName = "TestHTTP"
+	testPath   = "test"
+	filesPath  = filepath.Join(testPath, "files")
+)
+
+// prepareServer the test server and return a function to tidy it up afterwards
+func prepareServer(t *testing.T) (configmap.Simple, func()) {
+	// file server for test/files
+	fileServer := http.FileServer(http.Dir(filesPath))
+
+	// Make the test server
+	ts := httptest.NewServer(fileServer)
+
+	// Configure the remote
+	config.LoadConfig()
+	// fs.Config.LogLevel = fs.LogLevelDebug
+	// fs.Config.DumpHeaders = true
+	// fs.Config.DumpBodies = true
+	// config.FileSet(remoteName, "type", "http")
+	// config.FileSet(remoteName, "url", ts.URL)
+
+	m := configmap.Simple{
+		"type": "http",
+		"url":  ts.URL,
+	}
+
+	// return a function to tidy up
+	return m, ts.Close
+}
+
+// prepare the test server and return a function to tidy it up afterwards
+func prepare(t *testing.T) (fs.Fs, func()) {
+	m, tidy := prepareServer(t)
+
+	// Instantiate it
+	f, err := NewFs(remoteName, "", m)
+	require.NoError(t, err)
+
+	return f, tidy
+}
+
+func testListRoot(t *testing.T, f fs.Fs, noSlash bool) {
+	entries, err := f.List("")
+	require.NoError(t, err)
+
+	sort.Sort(entries)
+
+	require.Equal(t, 4, len(entries))
+
+	e := entries[0]
+	assert.Equal(t, "four", e.Remote())
+	assert.Equal(t, int64(-1), e.Size())
+	_, ok := e.(fs.Directory)
+	assert.True(t, ok)
+
+	e = entries[1]
+	assert.Equal(t, "one%.txt", e.Remote())
+	assert.Equal(t, int64(6), e.Size())
+	_, ok = e.(*Object)
+	assert.True(t, ok)
+
+	e = entries[2]
+	assert.Equal(t, "three", e.Remote())
+	assert.Equal(t, int64(-1), e.Size())
+	_, ok = e.(fs.Directory)
+	assert.True(t, ok)
+
+	e = entries[3]
+	assert.Equal(t, "two.html", e.Remote())
+	if noSlash {
+		assert.Equal(t, int64(-1), e.Size())
+		_, ok = e.(fs.Directory)
+		assert.True(t, ok)
+	} else {
+		assert.Equal(t, int64(41), e.Size())
+		_, ok = e.(*Object)
+		assert.True(t, ok)
+	}
+}
+
+func TestListRoot(t *testing.T) {
+	f, tidy := prepare(t)
+	defer tidy()
+	testListRoot(t, f, false)
+}
+
+func TestListRootNoSlash(t *testing.T) {
+	f, tidy := prepare(t)
+	f.(*Fs).opt.NoSlash = true
+	defer tidy()
+
+	testListRoot(t, f, true)
+}
+
+func TestListSubDir(t *testing.T) {
+	f, tidy := prepare(t)
+	defer tidy()
+
+	entries, err := f.List("three")
+	require.NoError(t, err)
+
+	sort.Sort(entries)
+
+	assert.Equal(t, 1, len(entries))
+
+	e := entries[0]
+	assert.Equal(t, "three/underthree.txt", e.Remote())
+	assert.Equal(t, int64(9), e.Size())
+	_, ok := e.(*Object)
+	assert.True(t, ok)
+}
+
+func TestNewObject(t *testing.T) {
+	f, tidy := prepare(t)
+	defer tidy()
+
+	o, err := f.NewObject("four/under four.txt")
+	require.NoError(t, err)
+
+	assert.Equal(t, "four/under four.txt", o.Remote())
+	assert.Equal(t, int64(9), o.Size())
+	_, ok := o.(*Object)
+	assert.True(t, ok)
+
+	// Test the time is correct on the object
+
+	tObj := o.ModTime()
+
+	fi, err := os.Stat(filepath.Join(filesPath, "four", "under four.txt"))
+	require.NoError(t, err)
+	tFile := fi.ModTime()
+
+	dt, ok := fstest.CheckTimeEqualWithPrecision(tObj, tFile, time.Second)
+	assert.True(t, ok, fmt.Sprintf("%s: Modification time difference too big |%s| > %s (%s vs %s) (precision %s)", o.Remote(), dt, time.Second, tObj, tFile, time.Second))
+
+	// check object not found
+	o, err = f.NewObject("not found.txt")
+	assert.Nil(t, o)
+	assert.Equal(t, fs.ErrorObjectNotFound, err)
+}
+
+func TestOpen(t *testing.T) {
+	f, tidy := prepare(t)
+	defer tidy()
+
+	o, err := f.NewObject("four/under four.txt")
+	require.NoError(t, err)
+
+	// Test normal read
+	fd, err := o.Open()
+	require.NoError(t, err)
+	data, err := ioutil.ReadAll(fd)
+	require.NoError(t, err)
+	require.NoError(t, fd.Close())
+	assert.Equal(t, "beetroot\n", string(data))
+
+	// Test with range request
+	fd, err = o.Open(&fs.RangeOption{Start: 1, End: 5})
+	require.NoError(t, err)
+	data, err = ioutil.ReadAll(fd)
+	require.NoError(t, err)
+	require.NoError(t, fd.Close())
+	assert.Equal(t, "eetro", string(data))
+}
+
+func TestMimeType(t *testing.T) {
+	f, tidy := prepare(t)
+	defer tidy()
+
+	o, err := f.NewObject("four/under four.txt")
+	require.NoError(t, err)
+
+	do, ok := o.(fs.MimeTyper)
+	require.True(t, ok)
+	assert.Equal(t, "text/plain; charset=utf-8", do.MimeType())
+}
+
+func TestIsAFileRoot(t *testing.T) {
+	m, tidy := prepareServer(t)
+	defer tidy()
+
+	f, err := NewFs(remoteName, "one%.txt", m)
+	assert.Equal(t, err, fs.ErrorIsFile)
+
+	testListRoot(t, f, false)
+}
+
+func TestIsAFileSubDir(t *testing.T) {
+	m, tidy := prepareServer(t)
+	defer tidy()
+
+	f, err := NewFs(remoteName, "three/underthree.txt", m)
+	assert.Equal(t, err, fs.ErrorIsFile)
+
+	entries, err := f.List("")
+	require.NoError(t, err)
+
+	sort.Sort(entries)
+
+	assert.Equal(t, 1, len(entries))
+
+	e := entries[0]
+	assert.Equal(t, "underthree.txt", e.Remote())
+	assert.Equal(t, int64(9), e.Size())
+	_, ok := e.(*Object)
+	assert.True(t, ok)
+}
+
+func TestParseName(t *testing.T) {
+	for i, test := range []struct {
+		base    string
+		val     string
+		wantErr error
+		want    string
+	}{
+		{"http://example.com/", "potato", nil, "potato"},
+		{"http://example.com/dir/", "potato", nil, "potato"},
+		{"http://example.com/dir/", "potato?download=true", errFoundQuestionMark, ""},
+		{"http://example.com/dir/", "../dir/potato", nil, "potato"},
+		{"http://example.com/dir/", "..", errNotUnderRoot, ""},
+		{"http://example.com/dir/", "http://example.com/", errNotUnderRoot, ""},
+		{"http://example.com/dir/", "http://example.com/dir/", errNameIsEmpty, ""},
+		{"http://example.com/dir/", "http://example.com/dir/potato", nil, "potato"},
+		{"http://example.com/dir/", "https://example.com/dir/potato", errSchemeMismatch, ""},
+		{"http://example.com/dir/", "http://notexample.com/dir/potato", errHostMismatch, ""},
+		{"http://example.com/dir/", "/dir/", errNameIsEmpty, ""},
+		{"http://example.com/dir/", "/dir/potato", nil, "potato"},
+		{"http://example.com/dir/", "subdir/potato", errNameContainsSlash, ""},
+		{"http://example.com/dir/", "With percent %25.txt", nil, "With percent %.txt"},
+		{"http://example.com/dir/", "With colon :", errURLJoinFailed, ""},
+		{"http://example.com/dir/", rest.URLPathEscape("With colon :"), nil, "With colon :"},
+		{"http://example.com/Dungeons%20%26%20Dragons/", "/Dungeons%20&%20Dragons/D%26D%20Basic%20%28Holmes%2C%20B%2C%20X%2C%20BECMI%29/", nil, "D&D Basic (Holmes, B, X, BECMI)/"},
+	} {
+		u, err := url.Parse(test.base)
+		require.NoError(t, err)
+		got, gotErr := parseName(u, test.val)
+		what := fmt.Sprintf("test %d base=%q, val=%q", i, test.base, test.val)
+		assert.Equal(t, test.wantErr, gotErr, what)
+		assert.Equal(t, test.want, got, what)
+	}
+}
+
+// Load HTML from the file given and parse it, checking it against the entries passed in
+func parseHTML(t *testing.T, name string, base string, want []string) {
+	in, err := os.Open(filepath.Join(testPath, "index_files", name))
+	require.NoError(t, err)
+	defer func() {
+		require.NoError(t, in.Close())
+	}()
+	if base == "" {
+		base = "http://example.com/"
+	}
+	u, err := url.Parse(base)
+	require.NoError(t, err)
+	entries, err := parse(u, in)
+	require.NoError(t, err)
+	assert.Equal(t, want, entries)
+}
+
+func TestParseEmpty(t *testing.T) {
+	parseHTML(t, "empty.html", "", []string(nil))
+}
+
+func TestParseApache(t *testing.T) {
+	parseHTML(t, "apache.html", "http://example.com/nick/pub/", []string{
+		"SWIG-embed.tar.gz",
+		"avi2dvd.pl",
+		"cambert.exe",
+		"cambert.gz",
+		"fedora_demo.gz",
+		"gchq-challenge/",
+		"mandelterm/",
+		"pgp-key.txt",
+		"pymath/",
+		"rclone",
+		"readdir.exe",
+		"rush_hour_solver_cut_down.py",
+		"snake-puzzle/",
+		"stressdisk/",
+		"timer-test",
+		"words-to-regexp.pl",
+		"Now 100% better.mp3",
+		"Now better.mp3",
+	})
+}
+
+func TestParseMemstore(t *testing.T) {
+	parseHTML(t, "memstore.html", "", []string{
+		"test/",
+		"v1.35/",
+		"v1.36-01-g503cd84/",
+		"rclone-beta-latest-freebsd-386.zip",
+		"rclone-beta-latest-freebsd-amd64.zip",
+		"rclone-beta-latest-windows-amd64.zip",
+	})
+}
+
+func TestParseNginx(t *testing.T) {
+	parseHTML(t, "nginx.html", "", []string{
+		"deltas/",
+		"objects/",
+		"refs/",
+		"state/",
+		"config",
+		"summary",
+	})
+}
+
+func TestParseCaddy(t *testing.T) {
+	parseHTML(t, "caddy.html", "", []string{
+		"mimetype.zip",
+		"rclone-delete-empty-dirs.py",
+		"rclone-show-empty-dirs.py",
+		"stat-windows-386.zip",
+		"v1.36-155-gcf29ee8b-team-driveβ/",
+		"v1.36-156-gca76b3fb-team-driveβ/",
+		"v1.36-156-ge1f0e0f5-team-driveβ/",
+		"v1.36-22-g06ea13a-ssh-agentβ/",
+	})
+}
--- a/backend/http/test/files/four/under
+++ b/backend/http/test/files/four/under
@@ -0,0 +1 @@
+beetroot
--- a/backend/http/test/files/one%.txt
+++ b/backend/http/test/files/one%.txt
@@ -0,0 +1 @@
+hello
--- a/backend/http/test/files/three/underthree.txt
+++ b/backend/http/test/files/three/underthree.txt
@@ -0,0 +1 @@
+rutabaga
--- a/backend/http/test/files/two.html
+++ b/backend/http/test/files/two.html
@@ -0,0 +1 @@
+<a href="two.html/file.txt">file.txt</a>
--- a/backend/http/test/index_files/apache.html
+++ b/backend/http/test/index_files/apache.html
@@ -0,0 +1,32 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<html>
+ <head>
+  <title>Index of /nick/pub</title>
+ </head>
+ <body>
+<h1>Index of /nick/pub</h1>
+<table><tr><th><img src="/icons/blank.gif" alt="[ICO]"></th><th><a href="?C=N;O=D">Name</a></th><th><a href="?C=M;O=A">Last modified</a></th><th><a href="?C=S;O=A">Size</a></th><th><a href="?C=D;O=A">Description</a></th></tr><tr><th colspan="5"><hr></th></tr>
+<tr><td valign="top"><img src="/icons/back.gif" alt="[DIR]"></td><td><a href="/nick/">Parent Directory</a></td><td>&nbsp;</td><td align="right">  - </td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/compressed.gif" alt="[   ]"></td><td><a href="SWIG-embed.tar.gz">SWIG-embed.tar.gz</a></td><td align="right">29-Nov-2005 16:27  </td><td align="right">2.3K</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/text.gif" alt="[TXT]"></td><td><a href="avi2dvd.pl">avi2dvd.pl</a></td><td align="right">14-Apr-2010 23:07  </td><td align="right"> 17K</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/binary.gif" alt="[   ]"></td><td><a href="cambert.exe">cambert.exe</a></td><td align="right">15-Dec-2006 18:07  </td><td align="right"> 54K</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/compressed.gif" alt="[   ]"></td><td><a href="cambert.gz">cambert.gz</a></td><td align="right">14-Apr-2010 23:07  </td><td align="right"> 18K</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/compressed.gif" alt="[   ]"></td><td><a href="fedora_demo.gz">fedora_demo.gz</a></td><td align="right">08-Jun-2007 11:01  </td><td align="right">1.0M</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="gchq-challenge/">gchq-challenge/</a></td><td align="right">24-Dec-2016 15:24  </td><td align="right">  - </td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="mandelterm/">mandelterm/</a></td><td align="right">13-Jul-2013 22:22  </td><td align="right">  - </td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/text.gif" alt="[TXT]"></td><td><a href="pgp-key.txt">pgp-key.txt</a></td><td align="right">14-Apr-2010 23:07  </td><td align="right">400 </td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="pymath/">pymath/</a></td><td align="right">24-Dec-2016 15:24  </td><td align="right">  - </td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/unknown.gif" alt="[   ]"></td><td><a href="rclone">rclone</a></td><td align="right">09-May-2017 17:15  </td><td align="right"> 22M</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/binary.gif" alt="[   ]"></td><td><a href="readdir.exe">readdir.exe</a></td><td align="right">21-Oct-2016 14:47  </td><td align="right">1.6M</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/text.gif" alt="[TXT]"></td><td><a href="rush_hour_solver_cut_down.py">rush_hour_solver_cut_down.py</a></td><td align="right">23-Jul-2009 11:44  </td><td align="right"> 14K</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="snake-puzzle/">snake-puzzle/</a></td><td align="right">25-Sep-2016 20:56  </td><td align="right">  - </td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="stressdisk/">stressdisk/</a></td><td align="right">08-Nov-2016 14:25  </td><td align="right">  - </td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/unknown.gif" alt="[   ]"></td><td><a href="timer-test">timer-test</a></td><td align="right">09-May-2017 17:05  </td><td align="right">1.5M</td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/text.gif" alt="[TXT]"></td><td><a href="words-to-regexp.pl">words-to-regexp.pl</a></td><td align="right">01-Mar-2005 20:43  </td><td align="right">6.0K</td><td>&nbsp;</td></tr>
+<tr><th colspan="5"><hr></th></tr>
+<!-- some extras from https://github.com/ncw/rclone/issues/1573 -->
+<tr><td valign="top"><img src="/icons/sound2.gif" alt="[SND]"></td><td><a href="Now%20100%25%20better.mp3">Now 100% better.mp3</a></td><td align="right">2017-08-01 11:41 </td><td align="right"> 0 </td><td>&nbsp;</td></tr>
+<tr><td valign="top"><img src="/icons/sound2.gif" alt="[SND]"></td><td><a href="Now%20better.mp3">Now better.mp3</a></td><td align="right">2017-08-01 11:41 </td><td align="right"> 0 </td><td>&nbsp;</td></tr>
+
+</table>
+</body></html>
--- a/backend/http/test/index_files/caddy.html
+++ b/backend/http/test/index_files/caddy.html
@@ -0,0 +1,378 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<title>/</title>
+		<meta charset="utf-8">
+		<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<style>
+* { padding: 0; margin: 0; }
+
+body {
+	font-family: sans-serif;
+	text-rendering: optimizespeed;
+}
+
+a {
+	color: #006ed3;
+	text-decoration: none;
+}
+
+a:hover,
+h1 a:hover {
+	color: #319cff;
+}
+
+header,
+#summary {
+	padding-left: 5%;
+	padding-right: 5%;
+}
+
+th:first-child,
+td:first-child {
+	padding-left: 5%;
+}
+
+th:last-child,
+td:last-child {
+	padding-right: 5%;
+}
+
+header {
+	padding-top: 25px;
+	padding-bottom: 15px;
+	background-color: #f2f2f2;
+}
+
+h1 {
+	font-size: 20px;
+	font-weight: normal;
+	white-space: nowrap;
+	overflow-x: hidden;
+	text-overflow: ellipsis;
+}
+
+h1 a {
+	color: inherit;
+}
+
+h1 a:hover {
+	text-decoration: underline;
+}
+
+main {
+	display: block;
+}
+
+.meta {
+	font-size: 12px;
+	font-family: Verdana, sans-serif;
+	border-bottom: 1px solid #9C9C9C;
+	padding-top: 10px;
+	padding-bottom: 10px;
+}
+
+.meta-item {
+	margin-right: 1em;
+}
+
+#filter {
+	padding: 4px;
+	border: 1px solid #CCC;
+}
+
+table {
+	width: 100%;
+	border-collapse: collapse;
+}
+
+tr {
+	border-bottom: 1px dashed #dadada;
+}
+
+tbody tr:hover {
+	background-color: #ffffec;
+}
+
+th,
+td {
+	text-align: left;
+	padding: 10px 0;
+}
+
+th {
+	padding-top: 15px;
+	padding-bottom: 15px;
+	font-size: 16px;
+	white-space: nowrap;
+}
+
+th a {
+	color: black;
+}
+
+th svg {
+	vertical-align: middle;
+}
+
+td {
+	font-size: 14px;
+}
+
+td:first-child {
+	width: 50%;
+}
+
+th:last-child,
+td:last-child {
+	text-align: right;
+}
+
+td:first-child svg {
+	position: absolute;
+}
+
+td .name,
+td .goup {
+	margin-left: 1.75em;
+	word-break: break-all;
+	overflow-wrap: break-word;
+	white-space: pre-wrap;
+}
+
+footer {
+	padding: 40px 20px;
+	font-size: 12px;
+	text-align: center;
+}
+
+@media (max-width: 600px) {
+	.hideable {
+		display: none;
+	}
+
+	td:first-child {
+		width: auto;
+	}
+
+	th:nth-child(2),
+	td:nth-child(2) {
+		padding-right: 5%;
+		text-align: right;
+	}
+}
+</style>
+	</head>
+	<body>
+		<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="0" width="0" style="position: absolute;">
+			<defs>
+				<!-- Folder -->
+				<linearGradient id="f" y2="640" gradientUnits="userSpaceOnUse" x2="244.84" gradientTransform="matrix(.97319 0 0 1.0135 -.50695 -13.679)" y1="415.75" x1="244.84">
+					<stop stop-color="#b3ddfd" offset="0"/>
+					<stop stop-color="#69c" offset="1"/>
+				</linearGradient>
+				<linearGradient id="e" y2="571.06" gradientUnits="userSpaceOnUse" x2="238.03" gradientTransform="translate(0,2)" y1="346.05" x1="236.26">
+					<stop stop-color="#ace" offset="0"/>
+					<stop stop-color="#369" offset="1"/>
+				</linearGradient>
+				<g id="folder" transform="translate(-266.06 -193.36)">
+					<g transform="matrix(.066019 0 0 .066019 264.2 170.93)">
+						<g transform="matrix(1.4738 0 0 1.4738 -52.053 -166.93)">
+							<path fill="#69c" d="m98.424 343.78c-11.08 0-20 8.92-20 20v48.5 33.719 105.06c0 11.08 8.92 20 20 20h279.22c11.08 0 20-8.92 20-20v-138.78c0-11.08-8.92-20-20-20h-117.12c-7.5478-1.1844-9.7958-6.8483-10.375-11.312v-5.625-11.562c0-11.08-8.92-20-20-20h-131.72z"/>
+							<rect rx="12.885" ry="12.199" height="227.28" width="366.69" y="409.69" x="54.428" fill="#369"/>
+							<path fill="url(#e)" d="m98.424 345.78c-11.08 0-20 8.92-20 20v48.5 33.719 105.06c0 11.08 8.92 20 20 20h279.22c11.08 0 20-8.92 20-20v-138.78c0-11.08-8.92-20-20-20h-117.12c-7.5478-1.1844-9.7958-6.8483-10.375-11.312v-5.625-11.562c0-11.08-8.92-20-20-20h-131.72z"/>
+							<rect rx="12.885" ry="12.199" height="227.28" width="366.69" y="407.69" x="54.428" fill="url(#f)"/>
+						</g>
+					</g>
+				</g>
+
+				<!-- File -->
+				<linearGradient id="a">
+					<stop stop-color="#cbcbcb" offset="0"/>
+					<stop stop-color="#f0f0f0" offset=".34923"/>
+					<stop stop-color="#e2e2e2" offset="1"/>
+				</linearGradient>
+				<linearGradient id="d" y2="686.15" xlink:href="#a" gradientUnits="userSpaceOnUse" y1="207.83" gradientTransform="matrix(.28346 0 0 .31053 -608.52 485.11)" x2="380.1" x1="749.25"/>
+				<linearGradient id="c" y2="287.74" xlink:href="#a" gradientUnits="userSpaceOnUse" y1="169.44" gradientTransform="matrix(.28342 0 0 .31057 -608.52 485.11)" x2="622.33" x1="741.64"/>
+				<linearGradient id="b" y2="418.54" gradientUnits="userSpaceOnUse" y1="236.13" gradientTransform="matrix(.29343 0 0 .29999 -608.52 485.11)" x2="330.88" x1="687.96">
+					<stop stop-color="#fff" offset="0"/>
+					<stop stop-color="#fff" stop-opacity="0" offset="1"/>
+				</linearGradient>
+				<g id="file" transform="translate(-278.15 -216.59)">
+					<g fill-rule="evenodd" transform="matrix(.19775 0 0 .19775 381.05 112.68)">
+						<path d="m-520.17 525.5v36.739 36.739 36.739 36.739h33.528 33.528 33.528 33.528v-36.739-36.739-36.739l-33.528-36.739h-33.528-33.528-33.528z" stroke-opacity=".36478" stroke-width=".42649" fill="#fff"/>
+						<g>
+							<path d="m-520.11 525.68v36.739 36.739 36.739 36.739h33.528 33.528 33.528 33.528v-36.739-36.739-36.739l-33.528-36.739h-33.528-33.528-33.528z" stroke-opacity=".36478" stroke="#000" stroke-width=".42649" fill="url(#d)"/>
+							<path d="m-386 562.42c-10.108-2.9925-23.206-2.5682-33.101-0.86253 1.7084-10.962 1.922-24.701-0.4271-35.877l33.528 36.739z" stroke-width=".95407pt" fill="url(#c)"/>
+							<path d="m-519.13 537-0.60402 134.7h131.68l0.0755-33.296c-2.9446 1.1325-32.692-40.998-70.141-39.186-37.483 1.8137-27.785-56.777-61.006-62.214z" stroke-width="1pt" fill="url(#b)"/>
+						</g>
+					</g>
+				</g>
+
+				<!-- Up arrow -->
+				<g id="up-arrow" transform="translate(-279.22 -208.12)">
+					<path transform="matrix(.22413 0 0 .12089 335.67 164.35)" stroke-width="0" d="m-194.17 412.01h-28.827-28.827l14.414-24.965 14.414-24.965 14.414 24.965z"/>
+				</g>
+
+				<!-- Down arrow -->
+				<g id="down-arrow" transform="translate(-279.22 -208.12)">
+					<path transform="matrix(.22413 0 0 -.12089 335.67 257.93)" stroke-width="0" d="m-194.17 412.01h-28.827-28.827l14.414-24.965 14.414-24.965 14.414 24.965z"/>
+				</g>
+			</defs>
+		</svg>
+
+		<header>
+			<h1>
+				<a href="/">/</a>
+			</h1>
+		</header>
+		<main>
+			<div class="meta">
+				<div id="summary">
+					<span class="meta-item"><b>4</b> directories</span>
+					<span class="meta-item"><b>4</b> files</span>
+					<span class="meta-item"><input type="text" placeholder="filter" id="filter" onkeyup='filter()'></span>
+				</div>
+			</div>
+			<div class="listing">
+				<table aria-describedby="summary">
+					<thead>
+					<tr>
+						<th>
+							<a href="?sort=name&order=desc">Name <svg width="1em" height=".4em" version="1.1" viewBox="0 0 12.922194 6.0358899"><use xlink:href="#up-arrow"></use></svg></a>
+						</th>
+						<th>
+							<a href="?sort=size&order=asc">Size</a>
+						</th>
+						<th class="hideable">
+							<a href="?sort=time&order=asc">Modified</a>
+						</th>
+					</tr>
+					</thead>
+					<tbody>
+					<tr class="file">
+						<td>
+							<a href="./mimetype.zip">
+								<svg width="1.5em" height="1em" version="1.1" viewBox="0 0 26.604381 29.144726"><use xlink:href="#file"></use></svg>
+								<span class="name">mimetype.zip</span>
+							</a>
+						</td>
+						<td data-order="783696">765 KiB</td>
+						<td class="hideable"><time datetime="2016-04-04T15:36:49Z">04/04/2016 03:36:49 PM +00:00</time></td>
+					</tr>
+					<tr class="file">
+						<td>
+							<a href="./rclone-delete-empty-dirs.py">
+								<svg width="1.5em" height="1em" version="1.1" viewBox="0 0 26.604381 29.144726"><use xlink:href="#file"></use></svg>
+								<span class="name">rclone-delete-empty-dirs.py</span>
+							</a>
+						</td>
+						<td data-order="1271">1.2 KiB</td>
+						<td class="hideable"><time datetime="2016-10-26T16:05:08Z">10/26/2016 04:05:08 PM +00:00</time></td>
+					</tr>
+					<tr class="file">
+						<td>
+							<a href="./rclone-show-empty-dirs.py">
+								<svg width="1.5em" height="1em" version="1.1" viewBox="0 0 26.604381 29.144726"><use xlink:href="#file"></use></svg>
+								<span class="name">rclone-show-empty-dirs.py</span>
+							</a>
+						</td>
+						<td data-order="868">868 B</td>
+						<td class="hideable"><time datetime="2016-10-26T09:29:34Z">10/26/2016 09:29:34 AM +00:00</time></td>
+					</tr>
+					<tr class="file">
+						<td>
+							<a href="./stat-windows-386.zip">
+								<svg width="1.5em" height="1em" version="1.1" viewBox="0 0 26.604381 29.144726"><use xlink:href="#file"></use></svg>
+								<span class="name">stat-windows-386.zip</span>
+							</a>
+						</td>
+						<td data-order="704960">688 KiB</td>
+						<td class="hideable"><time datetime="2016-08-14T20:44:58Z">08/14/2016 08:44:58 PM +00:00</time></td>
+					</tr>
+					<tr class="file">
+						<td>
+							<a href="./v1.36-155-gcf29ee8b-team-drive%CE%B2/">
+								<svg width="1.5em" height="1em" version="1.1" viewBox="0 0 35.678803 28.527945"><use xlink:href="#folder"></use></svg>
+								<span class="name">v1.36-155-gcf29ee8b-team-driveβ</span>
+							</a>
+						</td>
+						<td data-order="-1">&mdash;</td>
+						<td class="hideable"><time datetime="2017-06-01T21:28:09Z">06/01/2017 09:28:09 PM +00:00</time></td>
+					</tr>
+					<tr class="file">
+						<td>
+							<a href="./v1.36-156-gca76b3fb-team-drive%CE%B2/">
+								<svg width="1.5em" height="1em" version="1.1" viewBox="0 0 35.678803 28.527945"><use xlink:href="#folder"></use></svg>
+								<span class="name">v1.36-156-gca76b3fb-team-driveβ</span>
+							</a>
+						</td>
+						<td data-order="-1">&mdash;</td>
+						<td class="hideable"><time datetime="2017-06-04T08:53:04Z">06/04/2017 08:53:04 AM +00:00</time></td>
+					</tr>
+					<tr class="file">
+						<td>
+							<a href="./v1.36-156-ge1f0e0f5-team-drive%CE%B2/">
+								<svg width="1.5em" height="1em" version="1.1" viewBox="0 0 35.678803 28.527945"><use xlink:href="#folder"></use></svg>
+								<span class="name">v1.36-156-ge1f0e0f5-team-driveβ</span>
+							</a>
+						</td>
+						<td data-order="-1">&mdash;</td>
+						<td class="hideable"><time datetime="2017-06-02T10:38:05Z">06/02/2017 10:38:05 AM +00:00</time></td>
+					</tr>
+					<tr class="file">
+						<td>
+							<a href="./v1.36-22-g06ea13a-ssh-agent%CE%B2/">
+								<svg width="1.5em" height="1em" version="1.1" viewBox="0 0 35.678803 28.527945"><use xlink:href="#folder"></use></svg>
+								<span class="name">v1.36-22-g06ea13a-ssh-agentβ</span>
+							</a>
+						</td>
+						<td data-order="-1">&mdash;</td>
+						<td class="hideable"><time datetime="2017-04-10T13:58:02Z">04/10/2017 01:58:02 PM +00:00</time></td>
+					</tr>
+					</tbody>
+				</table>
+			</div>
+		</main>
+		<footer>
+			Served with <a rel="noopener noreferrer" href="https://caddyserver.com">Caddy</a>
+		</footer>
+		<script>
+			var filterEl = document.getElementById('filter');
+			function filter() {
+				var q = filterEl.value.trim().toLowerCase();
+				var elems = document.querySelectorAll('tr.file');
+				elems.forEach(function(el) {
+					if (!q) {
+						el.style.display = '';
+						return;
+					}
+					var nameEl = el.querySelector('.name');
+					var nameVal = nameEl.textContent.trim().toLowerCase();
+					if (nameVal.indexOf(q) !== -1) {
+						el.style.display = '';
+					} else {
+						el.style.display = 'none';
+					}
+				});
+			}
+
+			function localizeDatetime(e, index, ar) {
+				if (e.textContent === undefined) {
+					return;
+				}
+				var d = new Date(e.getAttribute('datetime'));
+				if (isNaN(d)) {
+					d = new Date(e.textContent);
+					if (isNaN(d)) {
+						return;
+					}
+				}
+				e.textContent = d.toLocaleString();
+			}
+			var timeList = Array.prototype.slice.call(document.getElementsByTagName("time"));
+			timeList.forEach(localizeDatetime);
+		</script>
+	</body>
+</html>
+
--- a/backend/http/test/index_files/empty.html
+++ b/backend/http/test/index_files/empty.html
--- a/backend/http/test/index_files/memstore.html
+++ b/backend/http/test/index_files/memstore.html
@@ -0,0 +1,77 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+  <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+  <meta name="robots" content="noindex" />
+  <title>Index of /</title>
+</head>
+<body>
+<div id="content">
+  <h1>Index of /</h1>
+
+  <table>
+  <thead>
+      <tr>
+        <th>Name</th>
+        <th>Type</th>
+        <th>Size</th>
+        <th>Last modified</th>
+        <th>MD5</th>
+      </tr>
+  </thead>
+  <tbody>
+  
+      <tr>
+        <td><a href="test/">test/</a></td>
+        <td>application/directory</td>
+        <td>0 bytes</td>
+        <td>-</td>
+        <td>-</td>
+      </tr>
+  
+      <tr>
+        <td><a href="v1.35/">v1.35/</a></td>
+        <td>application/directory</td>
+        <td>0 bytes</td>
+        <td>-</td>
+        <td>-</td>
+      </tr>
+  
+      <tr>
+        <td><a href="v1.36-01-g503cd84/">v1.36-01-g503cd84/</a></td>
+        <td>application/directory</td>
+        <td>0 bytes</td>
+        <td>-</td>
+        <td>-</td>
+      </tr>
+
+      <tr>
+        <td><a href="rclone-beta-latest-freebsd-386.zip">rclone-beta-latest-freebsd-386.zip</a></td>
+        <td>application/zip</td>
+        <td>4.6 MB</td>
+        <td>2017-06-19 14:04:52</td>
+        <td>e747003c69c81e675f206a715264bfa8</td>
+      </tr>
+  
+      <tr>
+        <td><a href="rclone-beta-latest-freebsd-amd64.zip">rclone-beta-latest-freebsd-amd64.zip</a></td>
+        <td>application/zip</td>
+        <td>5.0 MB</td>
+        <td>2017-06-19 14:04:53</td>
+        <td>ff30b5e9bf2863a2373069142e6f2b7f</td>
+      </tr>
+  
+      <tr>
+        <td><a href="rclone-beta-latest-windows-amd64.zip">rclone-beta-latest-windows-amd64.zip</a></td>
+        <td>application/x-zip-compressed</td>
+        <td>4.9 MB</td>
+        <td>2017-06-19 13:56:02</td>
+        <td>851a5547a0495cbbd94cbc90a80ed6f5</td>
+      </tr>
+  
+  </tbody>
+  </table>
+  <p class="right"><a href="http://www.memset.com/"><img src="http://www.memset.com/images/Memset_logo_2010.gif" alt="Memset Ltd." /></a></p>
+</div>
+</body>
+</html>
--- a/backend/http/test/index_files/nginx.html
+++ b/backend/http/test/index_files/nginx.html
@@ -0,0 +1,12 @@
+<html>
+<head><title>Index of /atomic/fedora/</title></head>
+<body bgcolor="white">
+<h1>Index of /atomic/fedora/</h1><hr><pre><a href="../">../</a>
+<a href="deltas/">deltas/</a>                                            04-May-2017 21:37                   -
+<a href="objects/">objects/</a>                                           04-May-2017 20:44                   -
+<a href="refs/">refs/</a>                                              04-May-2017 20:42                   -
+<a href="state/">state/</a>                                             04-May-2017 21:36                   -
+<a href="config">config</a>                                             04-May-2017 20:42                 118
+<a href="summary">summary</a>                                            04-May-2017 21:36                 806
+</pre><hr></body>
+</html>
--- a/backend/hubic/auth.go
+++ b/backend/hubic/auth.go
@@ -2,7 +2,9 @@ package hubic

 import (
 	"net/http"
+	"time"

+	"github.com/ncw/rclone/fs"
 	"github.com/ncw/swift"
 )

@@ -21,12 +23,17 @@ func newAuth(f *Fs) *auth {
 // Request constructs a http.Request for authentication
 //
 // returns nil for not needed
-func (a *auth) Request(*swift.Connection) (*http.Request, error) {
-	err := a.f.getCredentials()
-	if err != nil {
-		return nil, err
+func (a *auth) Request(*swift.Connection) (r *http.Request, err error) {
+	const retries = 10
+	for try := 1; try <= retries; try++ {
+		err = a.f.getCredentials()
+		if err == nil {
+			break
+		}
+		time.Sleep(100 * time.Millisecond)
+		fs.Debugf(a.f, "retrying auth request %d/%d: %v", try, retries, err)
 	}
-	return nil, nil
+	return nil, err
 }

 // Response parses the result of an http request
@@ -36,7 +43,7 @@ func (a *auth) Response(resp *http.Response) error {

 // The public storage URL - set Internal to true to read
 // internal/service net URL
-func (a *auth) StorageUrl(Internal bool) string {
+func (a *auth) StorageUrl(Internal bool) string { // nolint
 	return a.f.credentials.Endpoint
 }

@@ -46,7 +53,7 @@ func (a *auth) Token() string {
 }

 // The CDN url if available
-func (a *auth) CdnUrl() string {
+func (a *auth) CdnUrl() string { // nolint
 	return ""
 }

--- a/backend/hubic/hubic.go
+++ b/backend/hubic/hubic.go
@@ -9,13 +9,20 @@ package hubic
 import (
 	"encoding/json"
 	"fmt"
+	"io/ioutil"
 	"log"
 	"net/http"
+	"strings"
 	"time"

+	"github.com/ncw/rclone/backend/swift"
 	"github.com/ncw/rclone/fs"
-	"github.com/ncw/rclone/oauthutil"
-	"github.com/ncw/rclone/swift"
+	"github.com/ncw/rclone/fs/config"
+	"github.com/ncw/rclone/fs/config/configmap"
+	"github.com/ncw/rclone/fs/config/configstruct"
+	"github.com/ncw/rclone/fs/config/obscure"
+	"github.com/ncw/rclone/fs/fshttp"
+	"github.com/ncw/rclone/lib/oauthutil"
 	swiftLib "github.com/ncw/swift"
 	"github.com/pkg/errors"
 	"golang.org/x/oauth2"
@@ -38,7 +45,7 @@ var (
 			TokenURL: "https://api.hubic.com/oauth/token/",
 		},
 		ClientID:     rcloneClientID,
-		ClientSecret: fs.MustReveal(rcloneEncryptedClientSecret),
+		ClientSecret: obscure.MustReveal(rcloneEncryptedClientSecret),
 		RedirectURL:  oauthutil.RedirectLocalhostURL,
 	}
 )
@@ -49,19 +56,19 @@ func init() {
 		Name:        "hubic",
 		Description: "Hubic",
 		NewFs:       NewFs,
-		Config: func(name string) {
-			err := oauthutil.Config("hubic", name, oauthConfig)
+		Config: func(name string, m configmap.Mapper) {
+			err := oauthutil.Config("hubic", name, m, oauthConfig)
 			if err != nil {
 				log.Fatalf("Failed to configure token: %v", err)
 			}
 		},
-		Options: []fs.Option{{
-			Name: fs.ConfigClientID,
-			Help: "Hubic Client Id - leave blank normally.",
+		Options: append([]fs.Option{{
+			Name: config.ConfigClientID,
+			Help: "Hubic Client Id\nLeave blank normally.",
 		}, {
-			Name: fs.ConfigClientSecret,
-			Help: "Hubic Client Secret - leave blank normally.",
-		}},
+			Name: config.ConfigClientSecret,
+			Help: "Hubic Client Secret\nLeave blank normally.",
+		}}, swift.SharedOptions...),
 	})
 }

@@ -76,6 +83,7 @@ type credentials struct {
 // Fs represents a remote hubic
 type Fs struct {
 	fs.Fs                    // wrapped Fs
+	features    *fs.Features // optional features
 	client      *http.Client // client for oauth api
 	credentials credentials  // returned from the Hubic API
 	expires     time.Time    // time credentials expire
@@ -118,7 +126,9 @@ func (f *Fs) getCredentials() (err error) {
 	}
 	defer fs.CheckClose(resp.Body, &err)
 	if resp.StatusCode < 200 || resp.StatusCode > 299 {
-		return errors.Errorf("failed to get credentials: %s", resp.Status)
+		body, _ := ioutil.ReadAll(resp.Body)
+		bodyStr := strings.TrimSpace(strings.Replace(string(body), "\n", " ", -1))
+		return errors.Errorf("failed to get credentials: %s: %s", resp.Status, bodyStr)
 	}
 	decoder := json.NewDecoder(resp.Body)
 	var result credentials
@@ -126,7 +136,7 @@ func (f *Fs) getCredentials() (err error) {
 	if err != nil {
 		return err
 	}
-	// fs.Debug(f, "Got credentials %+v", result)
+	// fs.Debugf(f, "Got credentials %+v", result)
 	if result.Token == "" || result.Endpoint == "" || result.Expires == "" {
 		return errors.New("couldn't read token, result and expired from credentials")
 	}
@@ -136,13 +146,13 @@ func (f *Fs) getCredentials() (err error) {
 		return err
 	}
 	f.expires = expires
-	fs.Debug(f, "Got swift credentials (expiry %v in %v)", f.expires, f.expires.Sub(time.Now()))
+	fs.Debugf(f, "Got swift credentials (expiry %v in %v)", f.expires, f.expires.Sub(time.Now()))
 	return nil
 }

 // NewFs constructs an Fs from the path, container:path
-func NewFs(name, root string) (fs.Fs, error) {
-	client, _, err := oauthutil.NewClient(name, oauthConfig)
+func NewFs(name, root string, m configmap.Mapper) (fs.Fs, error) {
+	client, _, err := oauthutil.NewClient(name, m, oauthConfig)
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to configure Hubic")
 	}
@@ -156,50 +166,33 @@ func NewFs(name, root string) (fs.Fs, error) {
 		Auth:           newAuth(f),
 		ConnectTimeout: 10 * fs.Config.ConnectTimeout, // Use the timeouts in the transport
 		Timeout:        10 * fs.Config.Timeout,        // Use the timeouts in the transport
-		Transport:      fs.Config.Transport(),
+		Transport:      fshttp.NewTransport(fs.Config),
 	}
 	err = c.Authenticate()
 	if err != nil {
 		return nil, errors.Wrap(err, "error authenticating swift connection")
 	}

+	// Parse config into swift.Options struct
+	opt := new(swift.Options)
+	err = configstruct.Set(m, opt)
+	if err != nil {
+		return nil, err
+	}
+
 	// Make inner swift Fs from the connection
-	swiftFs, err := swift.NewFsWithConnection(name, root, c)
+	swiftFs, err := swift.NewFsWithConnection(opt, name, root, c, true)
 	if err != nil && err != fs.ErrorIsFile {
 		return nil, err
 	}
 	f.Fs = swiftFs
+	f.features = f.Fs.Features().Wrap(f)
 	return f, err
 }

-// Purge deletes all the files and the container
-//
-// Optional interface: Only implement this if you have a way of
-// deleting all the files quicker than just running Remove() on the
-// result of List()
-func (f *Fs) Purge() error {
-	fPurge, ok := f.Fs.(fs.Purger)
-	if !ok {
-		return fs.ErrorCantPurge
-	}
-	return fPurge.Purge()
-}
-
-// Copy src to this remote using server side copy operations.
-//
-// This is stored with the remote path given
-//
-// It returns the destination Object and a possible error
-//
-// Will only be called if src.Fs().Name() == f.Name()
-//
-// If it isn't possible then return fs.ErrorCantCopy
-func (f *Fs) Copy(src fs.Object, remote string) (fs.Object, error) {
-	fCopy, ok := f.Fs.(fs.Copier)
-	if !ok {
-		return nil, fs.ErrorCantCopy
-	}
-	return fCopy.Copy(src, remote)
+// Features returns the optional features of this Fs
+func (f *Fs) Features() *fs.Features {
+	return f.features
 }

 // UnWrap returns the Fs that this Fs is wrapping
@@ -207,16 +200,8 @@ func (f *Fs) UnWrap() fs.Fs {
 	return f.Fs
 }

-// Hashes returns the supported hash sets.
-// Inherited from swift
-func (f *Fs) Hashes() fs.HashSet {
-	return fs.HashSet(fs.HashMD5)
-}
-
 // Check the interfaces are satisfied
 var (
 	_ fs.Fs        = (*Fs)(nil)
-	_ fs.Purger    = (*Fs)(nil)
-	_ fs.Copier    = (*Fs)(nil)
 	_ fs.UnWrapper = (*Fs)(nil)
 )
--- a/backend/hubic/hubic_test.go
+++ b/backend/hubic/hubic_test.go
@@ -0,0 +1,19 @@
+// Test Hubic filesystem interface
+package hubic_test
+
+import (
+	"testing"
+
+	"github.com/ncw/rclone/backend/hubic"
+	"github.com/ncw/rclone/fstest/fstests"
+)
+
+// TestIntegration runs integration tests against the remote
+func TestIntegration(t *testing.T) {
+	fstests.Run(t, &fstests.Opt{
+		RemoteName:          "TestHubic:",
+		NilObject:           (*hubic.Object)(nil),
+		SkipFsCheckWrap:     true,
+		SkipObjectCheckWrap: true,
+	})
+}
--- a/backend/jottacloud/api/types.go
+++ b/backend/jottacloud/api/types.go
@@ -0,0 +1,322 @@
+package api
+
+import (
+	"encoding/xml"
+	"fmt"
+	"time"
+
+	"github.com/pkg/errors"
+)
+
+const (
+	// default time format for almost all request and responses
+	timeFormat = "2006-01-02-T15:04:05Z0700"
+	// the API server seems to use a different format
+	apiTimeFormat = "2006-01-02T15:04:05Z07:00"
+)
+
+// Time represents time values in the Jottacloud API. It uses a custom RFC3339 like format.
+type Time time.Time
+
+// UnmarshalXML turns XML into a Time
+func (t *Time) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error {
+	var v string
+	if err := d.DecodeElement(&v, &start); err != nil {
+		return err
+	}
+	if v == "" {
+		*t = Time(time.Time{})
+		return nil
+	}
+	newTime, err := time.Parse(timeFormat, v)
+	if err == nil {
+		*t = Time(newTime)
+	}
+	return err
+}
+
+// MarshalXML turns a Time into XML
+func (t *Time) MarshalXML(e *xml.Encoder, start xml.StartElement) error {
+	return e.EncodeElement(t.String(), start)
+}
+
+// Return Time string in Jottacloud format
+func (t Time) String() string { return time.Time(t).Format(timeFormat) }
+
+// APIString returns Time string in Jottacloud API format
+func (t Time) APIString() string { return time.Time(t).Format(apiTimeFormat) }
+
+// Flag is a hacky type for checking if an attribute is present
+type Flag bool
+
+// UnmarshalXMLAttr sets Flag to true if the attribute is present
+func (f *Flag) UnmarshalXMLAttr(attr xml.Attr) error {
+	*f = true
+	return nil
+}
+
+// MarshalXMLAttr : Do not use
+func (f *Flag) MarshalXMLAttr(name xml.Name) (xml.Attr, error) {
+	attr := xml.Attr{
+		Name:  name,
+		Value: "false",
+	}
+	return attr, errors.New("unimplemented")
+}
+
+// TokenJSON is the struct representing the HTTP response from OAuth2
+// providers returning a token in JSON form.
+type TokenJSON struct {
+	AccessToken  string `json:"access_token"`
+	TokenType    string `json:"token_type"`
+	RefreshToken string `json:"refresh_token"`
+	ExpiresIn    int32  `json:"expires_in"` // at least PayPal returns string, while most return number
+}
+
+/*
+GET http://www.jottacloud.com/JFS/<account>
+
+<user time="2018-07-18-T21:39:10Z" host="dn-132">
+	<username>12qh1wsht8cssxdtwl15rqh9</username>
+	<account-type>free</account-type>
+	<locked>false</locked>
+	<capacity>5368709120</capacity>
+	<max-devices>-1</max-devices>
+	<max-mobile-devices>-1</max-mobile-devices>
+	<usage>0</usage>
+	<read-locked>false</read-locked>
+	<write-locked>false</write-locked>
+	<quota-write-locked>false</quota-write-locked>
+	<enable-sync>true</enable-sync>
+	<enable-foldershare>true</enable-foldershare>
+	<devices>
+		<device>
+			<name xml:space="preserve">Jotta</name>
+			<display_name xml:space="preserve">Jotta</display_name>
+			<type>JOTTA</type>
+			<sid>5c458d01-9eaf-4f23-8d3c-2486fd9704d8</sid>
+			<size>0</size>
+			<modified>2018-07-15-T22:04:59Z</modified>
+		</device>
+	</devices>
+</user>
+*/
+
+// AccountInfo represents a Jottacloud account
+type AccountInfo struct {
+	Username          string        `xml:"username"`
+	AccountType       string        `xml:"account-type"`
+	Locked            bool          `xml:"locked"`
+	Capacity          int64         `xml:"capacity"`
+	MaxDevices        int           `xml:"max-devices"`
+	MaxMobileDevices  int           `xml:"max-mobile-devices"`
+	Usage             int64         `xml:"usage"`
+	ReadLocked        bool          `xml:"read-locked"`
+	WriteLocked       bool          `xml:"write-locked"`
+	QuotaWriteLocked  bool          `xml:"quota-write-locked"`
+	EnableSync        bool          `xml:"enable-sync"`
+	EnableFolderShare bool          `xml:"enable-foldershare"`
+	Devices           []JottaDevice `xml:"devices>device"`
+}
+
+/*
+GET http://www.jottacloud.com/JFS/<account>/<device>
+
+<device time="2018-07-23-T20:21:50Z" host="dn-158">
+	<name xml:space="preserve">Jotta</name>
+	<display_name xml:space="preserve">Jotta</display_name>
+	<type>JOTTA</type>
+	<sid>5c458d01-9eaf-4f23-8d3c-2486fd9704d8</sid>
+	<size>0</size>
+	<modified>2018-07-15-T22:04:59Z</modified>
+	<user>12qh1wsht8cssxdtwl15rqh9</user>
+	<mountPoints>
+		<mountPoint>
+			<name xml:space="preserve">Archive</name>
+			<size>0</size>
+		<modified>2018-07-15-T22:04:59Z</modified>
+		</mountPoint>
+		<mountPoint>
+			<name xml:space="preserve">Shared</name>
+			<size>0</size>
+			<modified></modified>
+		</mountPoint>
+		<mountPoint>
+			<name xml:space="preserve">Sync</name>
+			<size>0</size>
+			<modified></modified>
+		</mountPoint>
+	</mountPoints>
+	<metadata first="" max="" total="3" num_mountpoints="3"/>
+</device>
+*/
+
+// JottaDevice represents a Jottacloud Device
+type JottaDevice struct {
+	Name        string            `xml:"name"`
+	DisplayName string            `xml:"display_name"`
+	Type        string            `xml:"type"`
+	Sid         string            `xml:"sid"`
+	Size        int64             `xml:"size"`
+	User        string            `xml:"user"`
+	MountPoints []JottaMountPoint `xml:"mountPoints>mountPoint"`
+}
+
+/*
+GET http://www.jottacloud.com/JFS/<account>/<device>/<mountpoint>
+
+<mountPoint time="2018-07-24-T20:35:02Z" host="dn-157">
+	<name xml:space="preserve">Sync</name>
+	<path xml:space="preserve">/12qh1wsht8cssxdtwl15rqh9/Jotta</path>
+	<abspath xml:space="preserve">/12qh1wsht8cssxdtwl15rqh9/Jotta</abspath>
+	<size>0</size>
+	<modified></modified>
+	<device>Jotta</device>
+	<user>12qh1wsht8cssxdtwl15rqh9</user>
+	<folders>
+		<folder name="test"/>
+	</folders>
+	<metadata first="" max="" total="1" num_folders="1" num_files="0"/>
+</mountPoint>
+*/
+
+// JottaMountPoint represents a Jottacloud mountpoint
+type JottaMountPoint struct {
+	Name    string        `xml:"name"`
+	Size    int64         `xml:"size"`
+	Device  string        `xml:"device"`
+	Folders []JottaFolder `xml:"folders>folder"`
+	Files   []JottaFile   `xml:"files>file"`
+}
+
+/*
+GET http://www.jottacloud.com/JFS/<account>/<device>/<mountpoint>/<folder>
+
+<folder name="test" time="2018-07-24-T20:41:37Z" host="dn-158">
+	<path xml:space="preserve">/12qh1wsht8cssxdtwl15rqh9/Jotta/Sync</path>
+	<abspath xml:space="preserve">/12qh1wsht8cssxdtwl15rqh9/Jotta/Sync</abspath>
+	<folders>
+		<folder name="t2"/>c
+	</folders>
+	<files>
+		<file name="block.csv" uuid="f6553cd4-1135-48fe-8e6a-bb9565c50ef2">
+			<currentRevision>
+				<number>1</number>
+				<state>COMPLETED</state>
+				<created>2018-07-05-T15:08:02Z</created>
+				<modified>2018-07-05-T15:08:02Z</modified>
+				<mime>application/octet-stream</mime>
+				<size>30827730</size>
+				<md5>1e8a7b728ab678048df00075c9507158</md5>
+				<updated>2018-07-24-T20:41:10Z</updated>
+			</currentRevision>
+		</file>
+	</files>
+	<metadata first="" max="" total="2" num_folders="1" num_files="1"/>
+</folder>
+*/
+
+// JottaFolder represents a JottacloudFolder
+type JottaFolder struct {
+	XMLName    xml.Name
+	Name       string        `xml:"name,attr"`
+	Deleted    Flag          `xml:"deleted,attr"`
+	Path       string        `xml:"path"`
+	CreatedAt  Time          `xml:"created"`
+	ModifiedAt Time          `xml:"modified"`
+	Updated    Time          `xml:"updated"`
+	Folders    []JottaFolder `xml:"folders>folder"`
+	Files      []JottaFile   `xml:"files>file"`
+}
+
+/*
+GET http://www.jottacloud.com/JFS/<account>/<device>/<mountpoint>/.../<file>
+
+<file name="block.csv" uuid="f6553cd4-1135-48fe-8e6a-bb9565c50ef2">
+	<currentRevision>
+		<number>1</number>
+		<state>COMPLETED</state>
+		<created>2018-07-05-T15:08:02Z</created>
+		<modified>2018-07-05-T15:08:02Z</modified>
+		<mime>application/octet-stream</mime>
+		<size>30827730</size>
+		<md5>1e8a7b728ab678048df00075c9507158</md5>
+		<updated>2018-07-24-T20:41:10Z</updated>
+	</currentRevision>
+</file>
+*/
+
+// JottaFile represents a Jottacloud file
+type JottaFile struct {
+	XMLName         xml.Name
+	Name            string `xml:"name,attr"`
+	Deleted         Flag   `xml:"deleted,attr"`
+	PublicSharePath string `xml:"publicSharePath"`
+	State           string `xml:"currentRevision>state"`
+	CreatedAt       Time   `xml:"currentRevision>created"`
+	ModifiedAt      Time   `xml:"currentRevision>modified"`
+	Updated         Time   `xml:"currentRevision>updated"`
+	Size            int64  `xml:"currentRevision>size"`
+	MimeType        string `xml:"currentRevision>mime"`
+	MD5             string `xml:"currentRevision>md5"`
+}
+
+// Error is a custom Error for wrapping Jottacloud error responses
+type Error struct {
+	StatusCode int    `xml:"code"`
+	Message    string `xml:"message"`
+	Reason     string `xml:"reason"`
+	Cause      string `xml:"cause"`
+}
+
+// Error returns a string for the error and statistifes the error interface
+func (e *Error) Error() string {
+	out := fmt.Sprintf("error %d", e.StatusCode)
+	if e.Message != "" {
+		out += ": " + e.Message
+	}
+	if e.Reason != "" {
+		out += fmt.Sprintf(" (%+v)", e.Reason)
+	}
+	return out
+}
+
+// AllocateFileRequest to prepare an upload to Jottacloud
+type AllocateFileRequest struct {
+	Bytes    int64  `json:"bytes"`
+	Created  string `json:"created"`
+	Md5      string `json:"md5"`
+	Modified string `json:"modified"`
+	Path     string `json:"path"`
+}
+
+// AllocateFileResponse for upload requests
+type AllocateFileResponse struct {
+	Name      string `json:"name"`
+	Path      string `json:"path"`
+	State     string `json:"state"`
+	UploadID  string `json:"upload_id"`
+	UploadURL string `json:"upload_url"`
+	Bytes     int64  `json:"bytes"`
+	ResumePos int64  `json:"resume_pos"`
+}
+
+// UploadResponse after an upload
+type UploadResponse struct {
+	Name      string      `json:"name"`
+	Path      string      `json:"path"`
+	Kind      string      `json:"kind"`
+	ContentID string      `json:"content_id"`
+	Bytes     int64       `json:"bytes"`
+	Md5       string      `json:"md5"`
+	Created   int64       `json:"created"`
+	Modified  int64       `json:"modified"`
+	Deleted   interface{} `json:"deleted"`
+	Mime      string      `json:"mime"`
+}
+
+// DeviceRegistrationResponse is the response to registering a device
+type DeviceRegistrationResponse struct {
+	ClientID     string `json:"client_id"`
+	ClientSecret string `json:"client_secret"`
+}
--- a/backend/jottacloud/api/types_test.go
+++ b/backend/jottacloud/api/types_test.go
@@ -0,0 +1,29 @@
+package api
+
+import (
+	"encoding/xml"
+	"testing"
+	"time"
+)
+
+func TestMountpointEmptyModificationTime(t *testing.T) {
+	mountpoint := `
+<mountPoint time="2018-08-12-T09:58:24Z" host="dn-157">
+  <name xml:space="preserve">Sync</name>
+  <path xml:space="preserve">/foo/Jotta</path>
+  <abspath xml:space="preserve">/foo/Jotta</abspath>
+  <size>0</size>
+  <modified></modified>
+  <device>Jotta</device>
+  <user>foo</user>
+  <metadata first="" max="" total="0" num_folders="0" num_files="0"/>
+</mountPoint>
+`
+	var jf JottaFolder
+	if err := xml.Unmarshal([]byte(mountpoint), &jf); err != nil {
+		t.Fatal(err)
+	}
+	if !time.Time(jf.ModifiedAt).IsZero() {
+		t.Errorf("got non-zero time, want zero")
+	}
+}
--- a/backend/jottacloud/jottacloud.go
+++ b/backend/jottacloud/jottacloud.go
--- a/Show More
+++ b/Show More