Skip to content

Use busybox wget #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Use busybox wget #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
30f7cfe
Use busybox wget
Sep 16, 2022
3771fd7
Add new dependencies
Sep 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/DEBIAN/control
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,6 @@ Homepage: https://github.com/stupidpupil/https-keyscript
Architecture: all
Priority: optional
Section: admin
Depends: cryptsetup (>= 2), wget (>= 1.15)
Depends: cryptsetup (>= 2), busybox (>= 1.30)
Recommends: keyutils (>= 1.5)
Installed-Size: 5
33 changes: 10 additions & 23 deletions src/etc/initramfs-tools/hooks/wget.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,28 +5,15 @@ case $1 in
esac
. /usr/share/initramfs-tools/hook-functions

copy_exec /usr/bin/wget /usr/bin/real_wget

strace_and_copy_libs_for_url ()
{
LIB_PAT="\".*/lib/.*\""
STRACED_LIBS=$(strace /usr/bin/wget --no-iri -q -O - "$1" 2>&1 | grep -o "$LIB_PAT")

echo "$STRACED_LIBS" | while IFS= read -r line
do
# Strip the quotation marks
line="${line%\"}"
line="${line#\"}"

if [ -f "$line" ]
then
copy_exec "$line"
fi
done
}

strace_and_copy_libs_for_url "https://www.debian.org"
strace_and_copy_libs_for_url "https://raw.githubusercontent.com/stupidpupil/https-keyscript/master/tests/fixtures/encrypted_keyfile"
strace_and_copy_libs_for_url "https://mozilla-modern.badssl.com"
# To find out what library are needed do
# strace busybox wget https://badssl.com 2>&1 | grep open
for needed_lib in "libnss_dns*.so*" "libnss_files*.so*" "libresolv*.so*" "ld-linux*.so*" "libc-*.so" "libc.so.*"
do
lib=$(find /lib/ -name "$needed_lib" -type f)
if [ ! -z $lib ]
then
copy_exec "$lib"
fi
done

copy_exec /etc/ssl/certs/ca-certificates.crt
10 changes: 1 addition & 9 deletions src/lib/cryptsetup/scripts/wget_or_ask
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,14 +34,6 @@ if [ -z "$url" ] || [ -z "$openssl_passphrase" ]; then
use_https=0
fi

if [ -x /usr/bin/real_wget ]; then
wget_path="/usr/bin/real_wget"
elif [ -x /usr/bin/wget ]; then
wget_path="/usr/bin/wget"
else
wget_path="wget"
fi

#
# Plymouth helper functions
#
Expand Down Expand Up @@ -149,7 +141,7 @@ https_try_fetch ()

message "Fetching remote keyfile for $CRYPTTAB_NAME..."

encrypted_keyfile=$($wget_path --secure-protocol=PFS -q -O - "$url")
encrypted_keyfile=$(wget -q -O - "$url")

if [ $? -eq 0 ]; then
decrypted_keyfile=$(echo "$encrypted_keyfile" | openssl enc -base64 -aes-256-cbc -md sha256 -d -salt -k "$openssl_passphrase")
Expand Down