Lines 58-64
Link Here
|
58 |
return |
58 |
return |
59 |
fi |
59 |
fi |
60 |
|
60 |
|
61 |
if [ -n "${header}" ] ; then |
61 |
if [ -n "${header}" ] && [ -z "${remdev}" ] ; then |
62 |
header_opt="--header=${header}" |
62 |
header_opt="--header=${header}" |
63 |
|
63 |
|
64 |
i=0 |
64 |
i=0 |
Lines 71-76
Link Here
|
71 |
ewarn "Waited ${i} times for header file ${header}. Aborting ${target}." |
71 |
ewarn "Waited ${i} times for header file ${header}. Aborting ${target}." |
72 |
return |
72 |
return |
73 |
fi |
73 |
fi |
|
|
74 |
# handle header on removable device |
75 |
elif [ -n "${header}" ] && [ -n "${remdev}" ] ; then |
76 |
# temp directory to mount removable device |
77 |
local mntrem="${RC_SVCDIR}/dm-crypt-remdev-header.$$" |
78 |
if [ ! -d "${mntrem}" ] ; then |
79 |
if ! mkdir -p "${mntrem}" ; then |
80 |
ewarn "${source} will not be decrypted ..." |
81 |
einfo "Reason: Unable to create temporary mount point '${mntrem}'" |
82 |
return |
83 |
fi |
84 |
fi |
85 |
i=0 |
86 |
einfo "Please insert removable device for ${target}" |
87 |
while [ ${i} -lt ${dmcrypt_max_timeout} ] ; do |
88 |
foo="" |
89 |
if mount -n -o ro "${remdev}" "${mntrem}" 2>/dev/null >/dev/null ; then |
90 |
# header exists? |
91 |
if [ ! -e "${mntrem}${header}" ] ; then |
92 |
umount -n "${mntrem}" |
93 |
rmdir "${mntrem}" |
94 |
einfo "Cannot find ${header} on removable media." |
95 |
read_abort "Abort" ${dmcrypt_key_timeout} && return |
96 |
else |
97 |
header="${mntrem}${header}" |
98 |
break |
99 |
fi |
100 |
else |
101 |
[ -e "${remdev}" ] \ |
102 |
&& foo="mount failed" \ |
103 |
|| foo="mount source not found" |
104 |
fi |
105 |
: $((i += 1)) |
106 |
read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return |
107 |
done |
108 |
header_opt="--header ${header}" |
74 |
else |
109 |
else |
75 |
header_opt="" |
110 |
header_opt="" |
76 |
fi |
111 |
fi |
Lines 96-101
Link Here
|
96 |
losetup ${source} ${loop_file} |
131 |
losetup ${source} ${loop_file} |
97 |
fi |
132 |
fi |
98 |
|
133 |
|
|
|
134 |
read_abort() { |
135 |
# some colors |
136 |
local ans savetty resettty |
137 |
[ -z "${NORMAL}" ] && eval $(eval_ecolors) |
138 |
einfon " $1? (${WARN}yes${NORMAL}/${GOOD}No${NORMAL}) " |
139 |
shift |
140 |
# This is ugly as s**t. But POSIX doesn't provide `read -t`, so |
141 |
# we end up having to implement our own crap with stty/etc... |
142 |
savetty=$(stty -g) |
143 |
resettty='stty ${savetty}; trap - EXIT HUP INT TERM' |
144 |
trap 'eval "${resettty}"' EXIT HUP INT TERM |
145 |
stty -icanon |
146 |
stty min 0 time "$(( $2 * 10 ))" |
147 |
ans=$(dd count=1 bs=1 2>/dev/null) || ans='' |
148 |
eval "${resettty}" |
149 |
if [ -z "${ans}" ] ; then |
150 |
printf '\r' |
151 |
else |
152 |
echo |
153 |
fi |
154 |
case ${ans} in |
155 |
[yY]) return 0;; |
156 |
*) return 1;; |
157 |
esac |
158 |
} |
159 |
|
99 |
# cryptsetup: |
160 |
# cryptsetup: |
100 |
# open <device> <name> # <device> is $source |
161 |
# open <device> <name> # <device> is $source |
101 |
# create <name> <device> # <name> is $target |
162 |
# create <name> <device> # <name> is $target |
Lines 118-149
Link Here
|
118 |
|
179 |
|
119 |
# Handle keys |
180 |
# Handle keys |
120 |
if [ -n "${key}" ] ; then |
181 |
if [ -n "${key}" ] ; then |
121 |
read_abort() { |
|
|
122 |
# some colors |
123 |
local ans savetty resettty |
124 |
[ -z "${NORMAL}" ] && eval $(eval_ecolors) |
125 |
einfon " $1? (${WARN}yes${NORMAL}/${GOOD}No${NORMAL}) " |
126 |
shift |
127 |
# This is ugly as s**t. But POSIX doesn't provide `read -t`, so |
128 |
# we end up having to implement our own crap with stty/etc... |
129 |
savetty=$(stty -g) |
130 |
resettty='stty ${savetty}; trap - EXIT HUP INT TERM' |
131 |
trap 'eval "${resettty}"' EXIT HUP INT TERM |
132 |
stty -icanon |
133 |
stty min 0 time "$(( $2 * 10 ))" |
134 |
ans=$(dd count=1 bs=1 2>/dev/null) || ans='' |
135 |
eval "${resettty}" |
136 |
if [ -z "${ans}" ] ; then |
137 |
printf '\r' |
138 |
else |
139 |
echo |
140 |
fi |
141 |
case ${ans} in |
142 |
[yY]) return 0;; |
143 |
*) return 1;; |
144 |
esac |
145 |
} |
146 |
|
147 |
# Notes: sed not used to avoid case where /usr partition is encrypted. |
182 |
# Notes: sed not used to avoid case where /usr partition is encrypted. |
148 |
mode=${key##*:} && ( [ "${mode}" = "${key}" ] || [ -z "${mode}" ] ) && mode=reg |
183 |
mode=${key##*:} && ( [ "${mode}" = "${key}" ] || [ -z "${mode}" ] ) && mode=reg |
149 |
key=${key%:*} |
184 |
key=${key%:*} |
Lines 266-272
Link Here
|
266 |
|
301 |
|
267 |
start() { |
302 |
start() { |
268 |
local print_header=true cryptfs_status=0 |
303 |
local print_header=true cryptfs_status=0 |
269 |
local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev |
304 |
local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev header |
270 |
|
305 |
|
271 |
local x |
306 |
local x |
272 |
for x in $(cat /proc/cmdline) ; do |
307 |
for x in $(cat /proc/cmdline) ; do |