aboutsummaryrefslogtreecommitdiff
path: root/pkgs/crypto-wrapper
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/crypto-wrapper')
-rw-r--r--pkgs/crypto-wrapper/0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch73
-rw-r--r--pkgs/crypto-wrapper/default.nix11
2 files changed, 80 insertions, 4 deletions
diff --git a/pkgs/crypto-wrapper/0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch b/pkgs/crypto-wrapper/0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch
new file mode 100644
index 0000000..f902ade
--- /dev/null
+++ b/pkgs/crypto-wrapper/0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch
@@ -0,0 +1,73 @@
+From 20e8f70af32e23c59f54a1f712b7c517b6e0a9be Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
+Date: Mon, 3 Oct 2022 22:27:17 +0200
+Subject: [PATCH] Do not rely on sysinfo file that is not available outside of
+ OpenWrt
+
+This instead uses just architecture to try to detect the correct OTP
+type.
+---
+ crypto-wrapper.sh | 28 +++++++---------------------
+ 1 file changed, 7 insertions(+), 21 deletions(-)
+
+diff --git a/crypto-wrapper.sh b/crypto-wrapper.sh
+index 3a5deb4..4828f1b 100755
+--- a/crypto-wrapper.sh
++++ b/crypto-wrapper.sh
+@@ -12,7 +12,6 @@ SCRIPTNAME=${0##*/}
+ HASH_TYPE='sha256'
+ CRYPTO_WRAPPER_ROOT_PREFIX='/tmp/crypto_wrapper'
+
+-SYSINFO_MODEL_FILE='/tmp/sysinfo/model'
+ TYPE_ATSHA='atsha'
+ TYPE_OTP='otp'
+
+@@ -338,38 +337,25 @@ cached_otp_sign() {
+
+ # --------------------------------------------------------------------
+ get_device_type(){
+- local model
+-
+- [ -f "$SYSINFO_MODEL_FILE" ] || {
+- error "Unknown device model; sysinfo file ($SYSINFO_MODEL_FILE) is missing"
+- return 2
+- }
+-
+- model=$(cat "$SYSINFO_MODEL_FILE")
+- case "$model" in
+- # WARNING:
+- # Turris string is also included in other models
+- # This case must not include wildcards
+- Turris|Turris\ 1.?)
++ local arch
++ arch="$(uname -m)"
++ case "$arch" in
++ ppc)
+ debug "Device recognized as Turris 1.x"
+ echo "$TYPE_ATSHA"
+ ;;
+-
+- *Omnia*)
++ amrv7l)
+ debug "Device recognized as Omnia"
+ echo "$TYPE_ATSHA"
+ ;;
+-
+- *Mox*)
++ aarch64)
+ debug "Device recognized as MOX"
+ echo "$TYPE_OTP"
+ ;;
+-
+ *)
+- error "Unknown device model: '$model'"
++ error "Unknown device architecture: '$arch'"
+ return 2
+ ;;
+-
+ esac
+ }
+
+--
+2.37.3
+
diff --git a/pkgs/crypto-wrapper/default.nix b/pkgs/crypto-wrapper/default.nix
index 1d4d20b..31b8b22 100644
--- a/pkgs/crypto-wrapper/default.nix
+++ b/pkgs/crypto-wrapper/default.nix
@@ -11,7 +11,7 @@ let
in stdenv.mkDerivation rec {
pname = "crypto-wrapper";
- version = "0.4";
+ version = "0.4.1";
meta = with lib; {
homepage = "https://gitlab.nic.cz/turris/crypto-wrapper";
description = "Simple script abstracting access to the Turris crypto backend.";
@@ -22,15 +22,18 @@ in stdenv.mkDerivation rec {
src = fetchgit {
url = "https://gitlab.nic.cz/turris/crypto-wrapper.git";
rev = "v" + version;
- sha256 = "1ly37cajkmgqmlj230h5az9m2m1rgvf4r0bf94yipp80wl0z215s";
+ sha256 = "0p6mj8swj6zzd49aas3b1mb7m6xrvrr534bjw97ggq62vx8r2nci";
};
+ patches = [./0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch];
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
mkdir -p $out/bin
- makeWrapper crypto-wrapper.sh $out/bin/crypto-wrapper \
- --prefix PATH : ${lib.makeBinPath bins}
+ cp crypto-wrapper.sh $out/bin/crypto-wrapper
+ wrapProgram $out/bin/crypto-wrapper \
+ --prefix PATH : ${lib.makeBinPath bins} \
+ --inherit-argv0
'';
}