#!/bin/sh

# Part of passwordless cryptofs setup in Debian Etch.
# See: http://wejn.org/how-to-make-passwordless-cryptsetup.html
# Author: Wejn <wejn at box dot cz>
#
# Updated by Rodolfo Garcia (kix) <kix at kix dot com>
# For multiple partitions
# http://www.kix.es/
#
# Updated by TJ <linux@tjworld.net> 7 July 2008
# For use with Ubuntu Hardy, usplash, automatic detection of USB devices,
# detection and examination of *all* partitions on the device (not just partition #1), 
# automatic detection of partition type, refactored, commented, debugging code.

# define counter-intuitive shell logic values (based on /bin/true & /bin/false)
TRUE=0
FALSE=1

# set DEBUG=$TRUE to display debug messages, DEBUG=$FALSE to be quiet
DEBUG=$FALSE

# is usplash available? default false
USPLASH=$FALSE
if [ -f /sbin/usplash_write ]; then
    # use innocuous command to determine if usplash is running
    # usplash_write will return exit-code 1 if usplash isn't running
    # need to set a flag to tell usplash_write to report no usplash
    FAIL_NO_USPLASH=1
    #enable verbose messages (required to display messages if kernel boot option "quiet" is enabled
    /sbin/usplash_write "VERBOSE on"
    if [ $? -eq $TRUE ]; then
        # usplash is running
        USPLASH=$TRUE
        /sbin/usplash_write "CLEAR"
    fi
fi

# print message to usplash or stderr
# usage: msg <command> "message" [switch]
# command: TEXT | STATUS | SUCCESS | FAILURE | CLEAR (see 'man usplash_write' for all commands)
# switch : switch used for echo to stderr (ignored for usplash)
# when using usplash the command will cause "message" to be
# printed according to the usplash <command> definition.
# using the switch -n will allow echo to write multiple messages
# to the same line
msg ()
{
    if [ $# -gt 0 ]; then
        # handle multi-line messages
        echo $2 | while read LINE; do
            if [ $USPLASH -eq $TRUE ]; then
                # use usplash
                /sbin/usplash_write "$1 $LINE"
            else
                # use stderr for all messages
                echo $3 "$2" >&2
            fi
        done
    fi
}

[ $DEBUG -eq $TRUE ] && msg STATUS "Executing crypto-usb-key.sh ..."

# flag tracking key-file availability
OPENED=$FALSE

# temporary mount path for USB key
MD=/tmp-usb-mount

if [ "x$1" = "x" -o "x$1" = "xnone" ]; then
    # default key-file on the USB disk
    KEYFILE=.key
else
    KEYFILE=$1
fi

# If the file already exists use it.
# This is useful where an encrypted volume contains keyfile(s) for later
# volumes and is now mounted and accessible
if [ -f $KEYFILE ]; then
    [ $DEBUG -eq $TRUE ] && msg TEXT "Found $KEYFILE"
    cat $KEYFILE
    OPENED=$TRUE
    DEV="existing mount"
    LABEL=""
else
    # Is the USB driver loaded?
    cat /proc/modules | busybox grep usb_storage >/dev/null 2>&1
    USBLOAD=0$?
    if [ $USBLOAD -gt 0 ]; then
        [ $DEBUG -eq $TRUE ] && msg TEXT "Loading driver 'usb_storage'"
        modprobe usb_storage >/dev/null 2>&1
    fi

    # give the system time to settle and open the USB devices
    sleep 7

    # Are there any SCSI block devices?
    ls -d /sys/block/sd* >/dev/null 2>&1
    SBD=$?

    if [ $SBD -eq $TRUE ]; then
        mkdir -p $MD
        [ $DEBUG -eq $TRUE ] && msg TEXT "Trying to get key-file '$KEYFILE' ..."
        for SFS in /sys/block/sd*/sd??; do
            [ $DEBUG -eq $TRUE ] && msg TEXT "Examining $SFS" -n
            # is it a USB device?
            ls -l ${SFS}/../device | busybox grep 'usb' >/dev/null 2>&1
            USB=0$?
            [ $DEBUG -eq $TRUE ] && msg TEXT ", USB=$USB" -n
            # Is the device removable?
            REMOVABLE=0`cat ${SFS}/../removable`
            [ $DEBUG -eq $TRUE ] && msg TEXT ", REMOVABLE=$REMOVABLE" -n
            if [ $USB -eq $TRUE -a $REMOVABLE -eq 1 -a -f $SFS/dev ]; then
                [ $DEBUG -eq $TRUE ] && msg TEXT ", *possible key device*" -n
                DEV=`busybox basename $SFS`
                [ $DEBUG -eq $TRUE ] && msg TEXT ", device $DEV" -n
                # No access to /sbin/vol_id so query the UDEV database directly
                # to get the file-system label
                LABEL=" (`cat /dev/.udev/db/*${DEV} | busybox sed -n 's/.*ID_FS_LABEL_SAFE=\(.*\)/\1/p'`) "
                [ $DEBUG -eq $TRUE ] && msg TEXT ", label $LABEL" -n
                # No access to /sbin/vol_id and /bin/fstype reports vfat/msdos/ntfs as 'unknown', so
                # query the UDEV database directly to get the file-system type
                FSTYPE=`cat /dev/.udev/db/*${DEV} | busybox sed -n 's/.*ID_FS_TYPE=\(.*\)/\1/p'`
                [ $DEBUG -eq $TRUE ] && msg TEXT ", fstype $FSTYPE" -n
                # Is the file-system driver loaded?
                cat /proc/modules | busybox grep $FSTYPE >/dev/null 2>&1
                FSLOAD=0$?
                if [ $FSLOAD -gt 0 ]; then
                    [ $DEBUG -eq $TRUE ] && msg TEXT ", loading driver for $FSTYPE" -n
                    # load the correct file-system driver
                    modprobe $FSTYPE >/dev/null 2>&1
                fi
                [ $DEBUG -eq $TRUE ] && msg TEXT ", mounting /dev/$DEV on $MD" -n
                mount /dev/${DEV} $MD -t $FSTYPE -o ro 2>/dev/null
                [ $DEBUG -eq $TRUE ] && msg TEXT ", (`mount | busybox grep $DEV`)" -n
                if [ -f $MD/$KEYFILE ]; then
                    [ $DEBUG -eq $TRUE ] && msg TEXT ", found $MD/$KEYFILE" -n
                    cat $MD/$KEYFILE
                    [ $DEBUG -eq $TRUE ] && msg TEXT ", umount $MD"
                    umount $MD 2>/dev/null
                    OPENED=$TRUE
                    break
                fi
                [ $DEBUG -eq $TRUE ] && msg TEXT ", umount $MD" -n
                umount $MD 2>/dev/null
                [ $DEBUG -eq $TRUE ] && msg TEXT ", done\n\n" -n
            else
                [ $DEBUG -eq $TRUE ] && msg TEXT ", device `busybox basename $SFS` ignored" -n
            fi
            [ $DEBUG -eq $TRUE ] && msg CLEAR ""
        done
    fi
fi

# clear existing usplash text and status messages
[ $USPLASH -eq $TRUE ] && msg STATUS "                               " && msg CLEAR ""

if [ $OPENED -eq $FALSE ]; then
    msg TEXT "FAILED to find suitable USB key-file ..."
    msg TEXT "Try to enter the LUKS password: "
    read -r A </dev/console >/dev/null
    echo -n "$A"
else
    msg TEXT "Success loading key-file from $DEV $LABEL"
fi

# 
[ $USPLASH -eq $TRUE ] && /sbin/usplash_write "VERBOSE default"