[arch-projects] [PATCH 4/4] crypto: move function from sysinit to functions

Sat Mar 17 06:44:30 EDT 2012

No functional change, just improve readability.

Signed-off-by: Tom Gundersen <teg at jklm.no>
---
 functions  |   78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 rc.sysinit |   77 -----------------------------------------------------------
 2 files changed, 78 insertions(+), 77 deletions(-)

diff --git a/functions b/functions
index f5da93c..11ab11f 100644
--- a/functions
+++ b/functions
@@ -377,6 +377,84 @@ activate_vgs() {
 	(( $? == 0 )) && stat_done || stat_fail
 }
 
+do_unlock() {
+	# $1 = requested name
+	# $2 = source device
+	# $3 = password
+	# $4 = options
+	stat_append "${1}.."
+	local open=create a=$1 b=$2 failed=0
+	# Ordering of options is different if you are using LUKS vs. not.
+	# Use ugly swizzling to deal with it.
+	# isLuks only gives an exit code but no output to stdout or stderr.
+	if cryptsetup isLuks "$2" 2>/dev/null; then
+		open=luksOpen
+		a=$2
+		b=$1
+	fi
+	case $3 in
+		SWAP)
+			local _overwriteokay=0
+			if [[ -b $2 && -r $2 ]]; then
+				# This is DANGEROUS! If there is any known file system,
+				# partition table, RAID or LVM volume on the device
+				# we don't overwrite it.
+				#
+				# 'blkid' returns 2 if no valid signature has been found.
+				# Only in this case we should allow overwriting the device.
+				#
+				# This sanity check _should_ be sufficient, but it might not.
+				# This may cause dataloss if it is not used carefully.
+				blkid -p "$2" &>/dev/null
+				(( $? == 2 )) && _overwriteokay=1
+			fi
+			if (( _overwriteokay == 0 )); then
+				false
+			elif cryptsetup -d /dev/urandom $4 $open "$a" "$b" >/dev/null; then
+				stat_append "creating swapspace.."
+				mkswap -f -L $1 /dev/mapper/$1 >/dev/null
+			fi;;
+		ASK)
+			printf "\nOpening '$1' volume:\n"
+			cryptsetup $4 $open "$a" "$b" < /dev/console;;
+		/dev*)
+			local ckdev=${3%%:*}
+			local cka=${3#*:}
+			local ckb=${cka#*:}
+			local cka=${cka%:*}
+			local ckfile=/dev/ckfile
+			local ckdir=/dev/ckdir
+			case ${cka} in
+				*[!0-9]*)
+					# Use a file on the device
+					# cka is not numeric: cka=filesystem, ckb=path
+					mkdir ${ckdir}
+					mount -r -t ${cka} ${ckdev} ${ckdir}
+					dd if=${ckdir}/${ckb} of=${ckfile} >/dev/null 2>&1
+					umount ${ckdir}
+					rmdir ${ckdir};;
+				*)
+					# Read raw data from the block device
+					# cka is numeric: cka=offset, ckb=length
+					dd if=${ckdev} of=${ckfile} bs=1 skip=${cka} count=${ckb} >/dev/null 2>&1;;
+			esac
+			cryptsetup -d ${ckfile} $4 $open "$a" "$b" >/dev/null
+			dd if=/dev/urandom of=${ckfile} bs=1 count=$(stat -c %s ${ckfile}) conv=notrunc >/dev/null 2>&1
+			rm ${ckfile};;
+		/*)
+			cryptsetup -d "$3" $4 $open "$a" "$b" >/dev/null;;
+		*)
+			echo "$3" | cryptsetup $4 $open "$a" "$b" >/dev/null;;
+	esac
+	if (( $? )); then
+		failed=1
+		stat_append "failed "
+	else
+		stat_append "ok "
+	fi
+	return $failed
+}
+
 read_crypttab() {
 	# $1 = function to call with the split out line from the crypttab
 	local line nspo failed=0
diff --git a/rc.sysinit b/rc.sysinit
index 06b4bda..3528bb2 100755
--- a/rc.sysinit
+++ b/rc.sysinit
@@ -89,83 +89,6 @@ activate_vgs
 # Set up non-root encrypted partition mappings
 if [[ -f /etc/crypttab ]] && type -p cryptsetup >/dev/null; then
 	stat_busy "Unlocking encrypted volumes:"
-		do_unlock() {
-			# $1 = requested name
-			# $2 = source device
-			# $3 = password
-			# $4 = options
-			stat_append "${1}.."
-			local open=create a=$1 b=$2 failed=0
-			# Ordering of options is different if you are using LUKS vs. not.
-			# Use ugly swizzling to deal with it.
-			# isLuks only gives an exit code but no output to stdout or stderr.
-			if cryptsetup isLuks "$2" 2>/dev/null; then
-				open=luksOpen
-				a=$2
-				b=$1
-			fi
-			case $3 in
-				SWAP)
-					local _overwriteokay=0
-					if [[ -b $2 && -r $2 ]]; then
-						# This is DANGEROUS! If there is any known file system,
-						# partition table, RAID or LVM volume on the device
-						# we don't overwrite it.
-						#
-						# 'blkid' returns 2 if no valid signature has been found.
-						# Only in this case we should allow overwriting the device.
-						#
-						# This sanity check _should_ be sufficient, but it might not.
-						# This may cause dataloss if it is not used carefully.
-						blkid -p "$2" &>/dev/null
-						(( $? == 2 )) && _overwriteokay=1
-					fi
-					if (( _overwriteokay == 0 )); then
-						false
-					elif cryptsetup -d /dev/urandom $4 $open "$a" "$b" >/dev/null; then
-						stat_append "creating swapspace.."
-						mkswap -f -L $1 /dev/mapper/$1 >/dev/null
-					fi;;
-				ASK)
-					printf "\nOpening '$1' volume:\n"
-					cryptsetup $4 $open "$a" "$b" < /dev/console;;
-				/dev*)
-					local ckdev=${3%%:*}
-					local cka=${3#*:}
-					local ckb=${cka#*:}
-					local cka=${cka%:*}
-					local ckfile=/dev/ckfile
-					local ckdir=/dev/ckdir
-					case ${cka} in
-						*[!0-9]*)
-							# Use a file on the device
-							# cka is not numeric: cka=filesystem, ckb=path
-							mkdir ${ckdir}
-							mount -r -t ${cka} ${ckdev} ${ckdir}
-							dd if=${ckdir}/${ckb} of=${ckfile} >/dev/null 2>&1
-							umount ${ckdir}
-							rmdir ${ckdir};;
-						*)
-							# Read raw data from the block device
-							# cka is numeric: cka=offset, ckb=length
-							dd if=${ckdev} of=${ckfile} bs=1 skip=${cka} count=${ckb} >/dev/null 2>&1;;
-					esac
-					cryptsetup -d ${ckfile} $4 $open "$a" "$b" >/dev/null
-					dd if=/dev/urandom of=${ckfile} bs=1 count=$(stat -c %s ${ckfile}) conv=notrunc >/dev/null 2>&1
-					rm ${ckfile};;
-				/*)
-					cryptsetup -d "$3" $4 $open "$a" "$b" >/dev/null;;
-				*)
-					echo "$3" | cryptsetup $4 $open "$a" "$b" >/dev/null;;
-			esac
-			if (( $? )); then
-				failed=1
-				stat_append "failed "
-			else
-				stat_append "ok "
-			fi
-			return $failed
-		}
 	crypto_unlocked=0
 	read_crypttab do_unlock && stat_done || stat_fail
 	# Maybe someone has LVM on an encrypted block device
-- 
1.7.9.4

