summary refs log tree commit diff
diff options
context:
space:
mode:
authorJuan RP <xtraeme@gmail.com>2015-11-08 17:41:35 +0100
committerJuan RP <xtraeme@gmail.com>2015-11-08 17:41:35 +0100
commit39ae8ddc3c9487369a16016e558800d4dea11ce1 (patch)
treee1fa9890c95068008781cac83e274dd92e007a09
parent006db76946b3c127bf0eecf30b24e11127960d9e (diff)
parent3a8d07915bce8a5423d1052eae930a0d7a97ea4b (diff)
downloadrunit-void-39ae8ddc3c9487369a16016e558800d4dea11ce1.tar.gz
runit-void-39ae8ddc3c9487369a16016e558800d4dea11ce1.tar.xz
runit-void-39ae8ddc3c9487369a16016e558800d4dea11ce1.zip
Merge pull request #42 from suiginsoft/master 20151108
Added support for detached LUKS headers, keyfile offset and keyfile size.
-rw-r--r--crypt.awk47
1 files changed, 24 insertions, 23 deletions
diff --git a/crypt.awk b/crypt.awk
index a211371..d533ab8 100644
--- a/crypt.awk
+++ b/crypt.awk
@@ -26,45 +26,48 @@ NF>4 { print "a valid crypttab has max 4 cols not " NF >"/dev/stderr"; next }
         dest=$1
         key=$3
         split($4, opts, ",");
+        commonopts="";
+        swapopts="";
+        luksopts="";
         for(i in opts) {
             split(opts[i], para, "=");
             par=para[1];
-            val=para[2]
-            if ( par == "readonly" || par == "read-only") cmd=cmd "-r ";
-            else if ( par == "cipher" ) cmd=cmd "-c " val " ";
-            else if ( par == "size" ) cmd=cmd "-s " val " ";
-            else if ( par == "hash" ) cmd=cmd "-h " val " ";
-            else if ( par == "offset" ) cmd=cmd "-o " val " ";
-            else if ( par == "skip" ) cmd=cmd "-p " val " ";
-            else if ( par == "tries" ) cmd=cmd "-T " val " ";
-            else if ( par == "verify" ) cmd=cmd "-y ";
-            else if ( par == "discard" ) cmd=cmd "--allow-discards ";
+            val=para[2];
+            if ( par == "readonly" || par == "read-only") commonopts=commonopts "-r ";
+            else if ( par == "discard" ) commonopts=commonopts "--allow-discards ";
+            else if ( par == "tries" ) commonopts=commonopts "-T " val " ";
             else if ( par == "swap" ) makeswap="y";
-            else if ( par == "luks" ) use_luks="y";
+            else if ( par == "cipher" ) swapopts=swapopts "-c " val " ";
+            else if ( par == "size" ) swapopts=swapopts "-s " val " ";
+            else if ( par == "hash" ) swapopts=swapopts "-h " val " ";
+            else if ( par == "offset" ) swapopts=swapopts "-o " val " ";
+            else if ( par == "skip" ) swapopts=swapopts "-p " val " ";
+            else if ( par == "verify" ) swapopts=swapopts "-y ";
             #else if ( par == "noauto" )
             #else if ( par == "nofail" )
             #else if ( par == "plain" )
             #else if ( par == "timeout" )
             #else if ( par == "tmp" )
+            else if ( par == "luks" ) use_luks="y";
             else if ( par == "keyscript" ) {use_keyscript="y"; keyscript=val;}
-            else if ( par == "keyslot" || par == "key-slot" ) luksparams=luksparams "-S " val " ";
+            else if ( par == "keyslot" || par == "key-slot" ) luksopts=luksopts "-S " val " ";
+            else if ( par == "keyfile-size" ) luksopts=luksopts "-l " val " ";
+            else if ( par == "keyfile-offset" ) luksopts=luksopts "-keyfile-offset=" val " ";
+            else if ( par == "header" ) luksopts=luksopts "--header=" val " ";
             else {
                 print "option: " par " not supported " >"/dev/stderr";
-                cmd="";
                 makeswap="";
                 use_luks="";
                 use_keyscript="";
-                luksparams="";
                 next;
             }
         }
         if ( makeswap == "y" && use_luks != "y" ) {
-            ccmd="cryptsetup " cmd " -d " key " create " dest " " src;
+            ccmd="cryptsetup " swapopts commonopts "-d " key " create " dest " " src;
             ccmd_2="mkswap /dev/mapper/" dest;
-            cmd="";
             makeswap="";
-            usekeyscript="";
-            luksparams="";
+            use_luks=""; 
+            use_keyscript="";
             system(ccmd);
             system(ccmd_2);
             ccmd="";
@@ -73,15 +76,15 @@ NF>4 { print "a valid crypttab has max 4 cols not " NF >"/dev/stderr"; next }
         }
         if ( use_luks == "y" && makeswap != "y" ){
             if ( use_keyscript == "y") {
-                ccmd=keyscript " | cryptsetup" luksparams " luksOpen -d - " src " " dest;
+                ccmd=keyscript " | cryptsetup " luksopts commonopts "luksOpen -d - " src " " dest;
                 use_keyscript="";
             }
             else {
                 if ( key == "none" ){
-                    ccmd="cryptsetup" luksparams " luksOpen " src " " dest;
+                    ccmd="cryptsetup " luksopts commonopts "luksOpen " src " " dest;
                 }
                 else {
-                    ccmd="cryptsetup" luksparams " luksOpen -d " key " " src " " dest;
+                    ccmd="cryptsetup " luksopts commonopts "luksOpen -d " key " " src " " dest;
                 }
             }
         }
@@ -89,11 +92,9 @@ NF>4 { print "a valid crypttab has max 4 cols not " NF >"/dev/stderr"; next }
             print "use swap OR luks as option" >"/dev/stderr";
             ccmd="";
         }
-        cmd="";
         makeswap="";
         use_luks="";
         use_keyscript="";
-        luksparams="";
         if ( ccmd != ""){
             system(ccmd);
             ccmd=""