Commit afecd875 authored by Natanael Copa's avatar Natanael Copa
Browse files

initram: support for encrypted apkovls

parent 1e80b3f1
......@@ -64,6 +64,34 @@ retry_mount() {
return 1
}
unpack_apkovl() {
local ovl="$1"
local dest="$2"
local suffix=${ovl##*.}
local i
if [ "$suffix" = "gz" ]; then
tar -C "$dest" -zxf "$ovl"
return $?
fi
for i in $ALPINE_MNT/*/*/openssl-[0-9]*.apk $ALPINE_MNT/*/openssl-[0-9]*.apk; do
[ -f "$i" ] && tar -C / -zxf $i && break
done
if ! openssl list-cipher-commands | grep "^$suffix$" > /dev/null; then
errstr="Cipher $suffix is not supported"
return 1
fi
local count=0
echo ""
while [ $count -lt 3 ]; do
openssl enc -d -$suffix -in "$ovl" | tar -C "$dest" -zx \
2>/dev/null && return 0
count=$(( $count + 1 ))
done
return 1
}
# gotta start from somewhere :)
echo "Alpine Init $VERSION"
......@@ -222,8 +250,8 @@ fi
if [ -f "$ovl" ]; then
ebegin "Loading user settings from $ovl"
tar -C $NEWROOT -zxf "$ovl"
eend $?
unpack_apkovl "$ovl" $NEWROOT
eend $? $errstr
umount /media/$i 2>/dev/null &
pkgs=$(sed 's/\#.*//' $NEWROOT/etc/lbu/packages.list 2>/dev/null)
fi
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment