From 1ab99d50b2f391e81d9b231857a9f92e3a43d570 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Wed, 20 Apr 2022 12:08:30 +0200 Subject: [PATCH] certificates: add support for finding certificates on dual boot devices Signed-off-by: John Crispin --- .../files/etc/init.d/certificates | 55 ++++++++++++++++--- 1 file changed, 48 insertions(+), 7 deletions(-) diff --git a/feeds/tip/certificates/files/etc/init.d/certificates b/feeds/tip/certificates/files/etc/init.d/certificates index e47270bab..fd8f59bd2 100755 --- a/feeds/tip/certificates/files/etc/init.d/certificates +++ b/feeds/tip/certificates/files/etc/init.d/certificates @@ -2,6 +2,17 @@ START=80 +copy_certificates() { + [ -f /certificates/dev-id ] || return + + cp /certificates/*.pem /etc/ucentral/ + cp /certificates/dev-id /etc/ucentral/ + chown root.network /etc/ucentral/*.pem + chmod 0440 root.network /etc/ucentral/*.pem + chmod 0400 /etc/ucentral/dev-id + exit 0 +} + boot() { [ -f /etc/ucentral/dev-id ] && return . /lib/functions.sh @@ -17,11 +28,41 @@ boot() { [ -e /dev/ubi1 ] && mount -t ubifs ubi1:certificates /certificates fi fi - [ -f /certificates/dev-id ] && { - cp /certificates/*.pem /etc/ucentral/ - cp /certificates/dev-id /etc/ucentral/ - chown root.network /etc/ucentral/*.pem - chmod 0440 root.network /etc/ucentral/*.pem - chmod 0400 /etc/ucentral/dev-id - } + copy_certificates + + # if we get here no valid certificates were found + + . /lib/functions.sh + + local PART_NAME + + case "$(board_name)" in + actiontec,web7200) + if grep -q bootselect=0 /proc/cmdline; then + PART_NAME=firmware2 + else + PART_NAME=firmware1 + fi + ;; + edgecore,ecw5211|\ + edgecore,eap101|\ + edgecore,eap102) + if grep -q rootfs1 /proc/cmdline; then + PART_NAME=rootfs2 + else + PART_NAME=rootfs1 + fi + ;; + *) + return 1 + ;; + esac + + local MTD=$(find_mtd_index $PART_NAME) + + [ -z "$MTD" ] && return 1 + + ubiattach -m $MTD -d 3 + [ -e /dev/ubi3 ] && mount -t ubifs ubi3:certificates /certificates + copy_certificates }