crypto: move function from sysinit to functions

No functional change, just improve readability.

Signed-off-by: Tom Gundersen <teg@jklm.no>

1 files changed, 78 insertions, 0 deletions

diff --git a/functions b/functions
index f5da93c..11ab11f 100644
--- a/functions
+++ b/functions
@@ -377,6 +377,84 @@ activate_vgs() {
 	(( $? == 0 )) && stat_done || stat_fail
 }
 
+do_unlock() {
+	# $1 = requested name
+	# $2 = source device
+	# $3 = password
+	# $4 = options
+	stat_append "${1}.."
+	local open=create a=$1 b=$2 failed=0
+	# Ordering of options is different if you are using LUKS vs. not.
+	# Use ugly swizzling to deal with it.
+	# isLuks only gives an exit code but no output to stdout or stderr.
+	if cryptsetup isLuks "$2" 2>/dev/null; then
+		open=luksOpen
+		a=$2
+		b=$1
+	fi
+	case $3 in
+		SWAP)
+			local _overwriteokay=0
+			if [[ -b $2 && -r $2 ]]; then
+				# This is DANGEROUS! If there is any known file system,
+				# partition table, RAID or LVM volume on the device
+				# we don't overwrite it.
+				#
+				# 'blkid' returns 2 if no valid signature has been found.
+				# Only in this case we should allow overwriting the device.
+				#
+				# This sanity check _should_ be sufficient, but it might not.
+				# This may cause dataloss if it is not used carefully.
+				blkid -p "$2" &>/dev/null
+				(( $? == 2 )) && _overwriteokay=1
+			fi
+			if (( _overwriteokay == 0 )); then
+				false
+			elif cryptsetup -d /dev/urandom $4 $open "$a" "$b" >/dev/null; then
+				stat_append "creating swapspace.."
+				mkswap -f -L $1 /dev/mapper/$1 >/dev/null
+			fi;;
+		ASK)
+			printf "\nOpening '$1' volume:\n"
+			cryptsetup $4 $open "$a" "$b" < /dev/console;;
+		/dev*)
+			local ckdev=${3%%:*}
+			local cka=${3#*:}
+			local ckb=${cka#*:}
+			local cka=${cka%:*}
+			local ckfile=/dev/ckfile
+			local ckdir=/dev/ckdir
+			case ${cka} in
+				*[!0-9]*)
+					# Use a file on the device
+					# cka is not numeric: cka=filesystem, ckb=path
+					mkdir ${ckdir}
+					mount -r -t ${cka} ${ckdev} ${ckdir}
+					dd if=${ckdir}/${ckb} of=${ckfile} >/dev/null 2>&1
+					umount ${ckdir}
+					rmdir ${ckdir};;
+				*)
+					# Read raw data from the block device
+					# cka is numeric: cka=offset, ckb=length
+					dd if=${ckdev} of=${ckfile} bs=1 skip=${cka} count=${ckb} >/dev/null 2>&1;;
+			esac
+			cryptsetup -d ${ckfile} $4 $open "$a" "$b" >/dev/null
+			dd if=/dev/urandom of=${ckfile} bs=1 count=$(stat -c %s ${ckfile}) conv=notrunc >/dev/null 2>&1
+			rm ${ckfile};;
+		/*)
+			cryptsetup -d "$3" $4 $open "$a" "$b" >/dev/null;;
+		*)
+			echo "$3" | cryptsetup $4 $open "$a" "$b" >/dev/null;;
+	esac
+	if (( $? )); then
+		failed=1
+		stat_append "failed "
+	else
+		stat_append "ok "
+	fi
+	return $failed
+}
+
 read_crypttab() {
 	# $1 = function to call with the split out line from the crypttab
 	local line nspo failed=0