From c698a58d48b8a33abdb155f897bdba66d3371612 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Mon, 3 Oct 2022 22:37:24 +0200 Subject: crypto-wrapper: update to version 0.4.1 --- ...-on-sysinfo-file-that-is-not-available-ou.patch | 73 ++++++++++++++++++++++ pkgs/crypto-wrapper/default.nix | 11 ++-- 2 files changed, 80 insertions(+), 4 deletions(-) create mode 100644 pkgs/crypto-wrapper/0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch diff --git a/pkgs/crypto-wrapper/0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch b/pkgs/crypto-wrapper/0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch new file mode 100644 index 0000000..f902ade --- /dev/null +++ b/pkgs/crypto-wrapper/0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch @@ -0,0 +1,73 @@ +From 20e8f70af32e23c59f54a1f712b7c517b6e0a9be Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= +Date: Mon, 3 Oct 2022 22:27:17 +0200 +Subject: [PATCH] Do not rely on sysinfo file that is not available outside of + OpenWrt + +This instead uses just architecture to try to detect the correct OTP +type. +--- + crypto-wrapper.sh | 28 +++++++--------------------- + 1 file changed, 7 insertions(+), 21 deletions(-) + +diff --git a/crypto-wrapper.sh b/crypto-wrapper.sh +index 3a5deb4..4828f1b 100755 +--- a/crypto-wrapper.sh ++++ b/crypto-wrapper.sh +@@ -12,7 +12,6 @@ SCRIPTNAME=${0##*/} + HASH_TYPE='sha256' + CRYPTO_WRAPPER_ROOT_PREFIX='/tmp/crypto_wrapper' + +-SYSINFO_MODEL_FILE='/tmp/sysinfo/model' + TYPE_ATSHA='atsha' + TYPE_OTP='otp' + +@@ -338,38 +337,25 @@ cached_otp_sign() { + + # -------------------------------------------------------------------- + get_device_type(){ +- local model +- +- [ -f "$SYSINFO_MODEL_FILE" ] || { +- error "Unknown device model; sysinfo file ($SYSINFO_MODEL_FILE) is missing" +- return 2 +- } +- +- model=$(cat "$SYSINFO_MODEL_FILE") +- case "$model" in +- # WARNING: +- # Turris string is also included in other models +- # This case must not include wildcards +- Turris|Turris\ 1.?) ++ local arch ++ arch="$(uname -m)" ++ case "$arch" in ++ ppc) + debug "Device recognized as Turris 1.x" + echo "$TYPE_ATSHA" + ;; +- +- *Omnia*) ++ amrv7l) + debug "Device recognized as Omnia" + echo "$TYPE_ATSHA" + ;; +- +- *Mox*) ++ aarch64) + debug "Device recognized as MOX" + echo "$TYPE_OTP" + ;; +- + *) +- error "Unknown device model: '$model'" ++ error "Unknown device architecture: '$arch'" + return 2 + ;; +- + esac + } + +-- +2.37.3 + diff --git a/pkgs/crypto-wrapper/default.nix b/pkgs/crypto-wrapper/default.nix index 1d4d20b..31b8b22 100644 --- a/pkgs/crypto-wrapper/default.nix +++ b/pkgs/crypto-wrapper/default.nix @@ -11,7 +11,7 @@ let in stdenv.mkDerivation rec { pname = "crypto-wrapper"; - version = "0.4"; + version = "0.4.1"; meta = with lib; { homepage = "https://gitlab.nic.cz/turris/crypto-wrapper"; description = "Simple script abstracting access to the Turris crypto backend."; @@ -22,15 +22,18 @@ in stdenv.mkDerivation rec { src = fetchgit { url = "https://gitlab.nic.cz/turris/crypto-wrapper.git"; rev = "v" + version; - sha256 = "1ly37cajkmgqmlj230h5az9m2m1rgvf4r0bf94yipp80wl0z215s"; + sha256 = "0p6mj8swj6zzd49aas3b1mb7m6xrvrr534bjw97ggq62vx8r2nci"; }; + patches = [./0001-Do-not-rely-on-sysinfo-file-that-is-not-available-ou.patch]; nativeBuildInputs = [ makeWrapper ]; installPhase = '' mkdir -p $out/bin - makeWrapper crypto-wrapper.sh $out/bin/crypto-wrapper \ - --prefix PATH : ${lib.makeBinPath bins} + cp crypto-wrapper.sh $out/bin/crypto-wrapper + wrapProgram $out/bin/crypto-wrapper \ + --prefix PATH : ${lib.makeBinPath bins} \ + --inherit-argv0 ''; } -- cgit v1.2.3