Attachment #876383 for bug #493690




	: ${dmcrypt_retries:=5}
	: ${wait:=5}

	read_abort() {
		# some colors
		local ans savetty resettty
		[ -z "${NORMAL}" ] && eval $(eval_ecolors)
		einfon "  $1? (${WARN}yes${NORMAL}/${GOOD}No${NORMAL}) "
		shift
		# This is ugly as s**t.  But POSIX doesn't provide `read -t`, so
		# we end up having to implement our own crap with stty/etc...
		savetty=$(stty -g)
		resettty='stty ${savetty}; trap - EXIT HUP INT TERM'
		trap 'eval "${resettty}"' EXIT HUP INT TERM
		stty -icanon
		stty min 0 time "$(( $2 * 10 ))"
		ans=$(dd count=1 bs=1 2>/dev/null) || ans=''
		eval "${resettty}"
		if [ -z "${ans}" ] ; then
			printf '\r'
		else
			echo
		fi
		case ${ans} in
			[yY]) return 0;;
			*) return 1;;
		esac
	}

	# Handle automatic look up of the source path.
	if [ -z "${source}" -a -n "${loop_file}" ] ; then
		source=$(losetup --show -f "${loop_file}")

		return
	fi

	if [ -n "${header}" ] && [ -z "${remdev}" ] ; then
		header_opt="--header=${header}"

		i=0

			ewarn "Waited ${i} times for header file ${header}. Aborting ${target}."
			return
		fi
    # handle header on removable device
    elif [ -n "${header}" ] && [ -n "${remdev}" ] ; then
        # temp directory to mount removable device
        local mntrem="${RC_SVCDIR}/dm-crypt-remdev-header.$$"
        if [ ! -d "${mntrem}" ] ; then
            if ! mkdir -p "${mntrem}" ; then
                ewarn "${source} will not be decrypted ..."
                einfo "Reason: Unable to create temporary mount point '${mntrem}'"
                return
            fi
        fi
        i=0
        einfo "Please insert removable device for ${target}"
        while [ ${i} -lt ${dmcrypt_max_timeout} ] ; do
            foo=""
            if mount -n -o ro "${remdev}" "${mntrem}" 2>/dev/null >/dev/null ; then
                # header exists?
                if [ ! -e "${mntrem}${header}" ] ; then
                    umount -n "${mntrem}"
                    rmdir "${mntrem}"
                    einfo "Cannot find ${header} on removable media."
                    read_abort "Abort" ${dmcrypt_key_timeout} && return
                else
                    header="${mntrem}${header}"
                    break
                fi
            else
                [ -e "${remdev}" ] \
                    && foo="mount failed" \
                    || foo="mount source not found"
            fi
            : $((i += 1))
            read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return
        done
        header_opt="--header ${header}"
	else
		header_opt=""
	fi


	# Handle keys
	if [ -n "${key}" ] ; then
		read_abort() {
			# some colors
			local ans savetty resettty
			[ -z "${NORMAL}" ] && eval $(eval_ecolors)
			einfon "  $1? (${WARN}yes${NORMAL}/${GOOD}No${NORMAL}) "
			shift
			# This is ugly as s**t.  But POSIX doesn't provide `read -t`, so
			# we end up having to implement our own crap with stty/etc...
			savetty=$(stty -g)
			resettty='stty ${savetty}; trap - EXIT HUP INT TERM'
			trap 'eval "${resettty}"' EXIT HUP INT TERM
			stty -icanon
			stty min 0 time "$(( $2 * 10 ))"
			ans=$(dd count=1 bs=1 2>/dev/null) || ans=''
			eval "${resettty}"
			if [ -z "${ans}" ] ; then
				printf '\r'
			else
				echo
			fi
			case ${ans} in
				[yY]) return 0;;
				*) return 1;;
			esac
		}

		# Notes: sed not used to avoid case where /usr partition is encrypted.
		mode=${key##*:} && ( [ "${mode}" = "${key}" ] || [ -z "${mode}" ] ) && mode=reg
		key=${key%:*}

	if [ -d "${mntrem}" ] ; then
		umount -n ${mntrem} 2>/dev/null >/dev/null
		rmdir ${mntrem} 2>/dev/null >/dev/null
		i=0
		while [ ${i} -lt ${rem_unplug_wait} ]; do
			: $((i += 1))
			einfo "removable media unmounted - unplug now ${i}/${rem_unplug_wait} ..."
			sleep 1
		done
	fi
	splash svc_input_end ${SVCNAME} >/dev/null 2>&1



start() {
	local print_header=true cryptfs_status=0
	local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev header

	local x
	for x in $(cat /proc/cmdline) ; do

			unset gpg_options key loop_file target options pre_mount post_mount source swap remdev wait header header_opt
			;;

		gpg_options=*|remdev=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|wait=*|source=*|header=*|rem_unplug_wait=*)
			if [ -z "${target}${swap}" ] ; then
				ewarn "Ignoring setting outside target/swap section: ${targetline}"
				continue

Return to bug 493690

Lines 35-40 Link Here

(-)/usr/portage/sys-fs/cryptsetup/files/2.4.3-dmcrypt.rc (-29 / +70 lines)
35	: ${dmcrypt_retries:=5}	35	: ${dmcrypt_retries:=5}
36	: ${wait:=5}	36	: ${wait:=5}
37		37
		38	read_abort() {
		39	# some colors
		40	local ans savetty resettty
		41	[ -z "${NORMAL}" ] && eval $(eval_ecolors)
		42	einfon " $1? (${WARN}yes${NORMAL}/${GOOD}No${NORMAL}) "
		43	shift
		44	# This is ugly as s**t. But POSIX doesn't provide `read -t`, so
		45	# we end up having to implement our own crap with stty/etc...
		46	savetty=$(stty -g)
		47	resettty='stty ${savetty}; trap - EXIT HUP INT TERM'
		48	trap 'eval "${resettty}"' EXIT HUP INT TERM
		49	stty -icanon
		50	stty min 0 time "$(( $2 * 10 ))"
		51	ans=$(dd count=1 bs=1 2>/dev/null) \|\| ans=''
		52	eval "${resettty}"
		53	if [ -z "${ans}" ] ; then
		54	printf '\r'
		55	else
		56	echo
		57	fi
		58	case ${ans} in
		59	[yY]) return 0;;
		60	*) return 1;;
		61	esac
		62	}
		63
38	# Handle automatic look up of the source path.	64	# Handle automatic look up of the source path.
39	if [ -z "${source}" -a -n "${loop_file}" ] ; then	65	if [ -z "${source}" -a -n "${loop_file}" ] ; then
40	source=$(losetup --show -f "${loop_file}")	66	source=$(losetup --show -f "${loop_file}")
Lines 58-64 Link Here
58	return	84	return
59	fi	85	fi
60		86
61	if [ -n "${header}" ] ; then	87	if [ -n "${header}" ] && [ -z "${remdev}" ] ; then
62	header_opt="--header=${header}"	88	header_opt="--header=${header}"
63		89
64	i=0	90	i=0
Lines 71-76 Link Here
71	ewarn "Waited ${i} times for header file ${header}. Aborting ${target}."	97	ewarn "Waited ${i} times for header file ${header}. Aborting ${target}."
72	return	98	return
73	fi	99	fi
		100	# handle header on removable device
		101	elif [ -n "${header}" ] && [ -n "${remdev}" ] ; then
		102	# temp directory to mount removable device
		103	local mntrem="${RC_SVCDIR}/dm-crypt-remdev-header.$$"
		104	if [ ! -d "${mntrem}" ] ; then
		105	if ! mkdir -p "${mntrem}" ; then
		106	ewarn "${source} will not be decrypted ..."
		107	einfo "Reason: Unable to create temporary mount point '${mntrem}'"
		108	return
		109	fi
		110	fi
		111	i=0
		112	einfo "Please insert removable device for ${target}"
		113	while [ ${i} -lt ${dmcrypt_max_timeout} ] ; do
		114	foo=""
		115	if mount -n -o ro "${remdev}" "${mntrem}" 2>/dev/null >/dev/null ; then
		116	# header exists?
		117	if [ ! -e "${mntrem}${header}" ] ; then
		118	umount -n "${mntrem}"
		119	rmdir "${mntrem}"
		120	einfo "Cannot find ${header} on removable media."
		121	read_abort "Abort" ${dmcrypt_key_timeout} && return
		122	else
		123	header="${mntrem}${header}"
		124	break
		125	fi
		126	else
		127	[ -e "${remdev}" ] \
		128	&& foo="mount failed" \
		129	\|\| foo="mount source not found"
		130	fi
		131	: $((i += 1))
		132	read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return
		133	done
		134	header_opt="--header ${header}"
74	else	135	else
75	header_opt=""	136	header_opt=""
76	fi	137	fi
Lines 118-149 Link Here
118		179
119	# Handle keys	180	# Handle keys
120	if [ -n "${key}" ] ; then	181	if [ -n "${key}" ] ; then
121	read_abort() {
122	# some colors
123	local ans savetty resettty
124	[ -z "${NORMAL}" ] && eval $(eval_ecolors)
125	einfon " $1? (${WARN}yes${NORMAL}/${GOOD}No${NORMAL}) "
126	shift
127	# This is ugly as s**t. But POSIX doesn't provide `read -t`, so
128	# we end up having to implement our own crap with stty/etc...
129	savetty=$(stty -g)
130	resettty='stty ${savetty}; trap - EXIT HUP INT TERM'
131	trap 'eval "${resettty}"' EXIT HUP INT TERM
132	stty -icanon
133	stty min 0 time "$(( $2 * 10 ))"
134	ans=$(dd count=1 bs=1 2>/dev/null) \|\| ans=''
135	eval "${resettty}"
136	if [ -z "${ans}" ] ; then
137	printf '\r'
138	else
139	echo
140	fi
141	case ${ans} in
142	[yY]) return 0;;
143	*) return 1;;
144	esac
145	}
146
147	# Notes: sed not used to avoid case where /usr partition is encrypted.	182	# Notes: sed not used to avoid case where /usr partition is encrypted.
148	mode=${key##*:} && ( [ "${mode}" = "${key}" ] \|\| [ -z "${mode}" ] ) && mode=reg	183	mode=${key##*:} && ( [ "${mode}" = "${key}" ] \|\| [ -z "${mode}" ] ) && mode=reg
149	key=${key%:*}	184	key=${key%:*}
Lines 237-242 Link Here
237	if [ -d "${mntrem}" ] ; then	272	if [ -d "${mntrem}" ] ; then
238	umount -n ${mntrem} 2>/dev/null >/dev/null	273	umount -n ${mntrem} 2>/dev/null >/dev/null
239	rmdir ${mntrem} 2>/dev/null >/dev/null	274	rmdir ${mntrem} 2>/dev/null >/dev/null
		275	i=0
		276	while [ ${i} -lt ${rem_unplug_wait} ]; do
		277	: $((i += 1))
		278	einfo "removable media unmounted - unplug now ${i}/${rem_unplug_wait} ..."
		279	sleep 1
		280	done
240	fi	281	fi
241	splash svc_input_end ${SVCNAME} >/dev/null 2>&1	282	splash svc_input_end ${SVCNAME} >/dev/null 2>&1
242		283
Lines 266-272 Link Here
266		307
267	start() {	308	start() {
268	local print_header=true cryptfs_status=0	309	local print_header=true cryptfs_status=0
269	local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev	310	local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev header
270		311
271	local x	312	local x
272	for x in $(cat /proc/cmdline) ; do	313	for x in $(cat /proc/cmdline) ; do
Lines 298-304 Link Here
298	unset gpg_options key loop_file target options pre_mount post_mount source swap remdev wait header header_opt	339	unset gpg_options key loop_file target options pre_mount post_mount source swap remdev wait header header_opt
299	;;	340	;;
300		341
301	gpg_options=\|remdev=\|key=\|loop_file=\|options=\|pre_mount=\|post_mount=\|wait=\|source=\|header=)	342	gpg_options=\|remdev=\|key=\|loop_file=\|options=\|pre_mount=\|post_mount=\|wait=\|source=\|header=\|rem_unplug_wait=*)
302	if [ -z "${target}${swap}" ] ; then	343	if [ -z "${target}${swap}" ] ; then
303	ewarn "Ignoring setting outside target/swap section: ${targetline}"	344	ewarn "Ignoring setting outside target/swap section: ${targetline}"
304	continue	345	continue