msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 53s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-09-03 10:48:49 +02:00
parent eabdbb23bc
commit e65e35f9f5
1 changed files with 10 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
includes/target/etc/initramfs-tools/files/unlock_wrapper.sh
View File

@@ -246,30 +246,25 @@ fi)\
# 0: on success # 0: on success
####################################### #######################################
read_passphrase() { read_passphrase() {
declare -a METHODS=("sha512crypt" "yescrypt" "scrypt" "bcrypt") declare -a METHODS=( "sha512crypt" )
declare METHOD="" SALT="" declare METHOD="" SALT=""
PASSPHRASE="$(${ASKPASS} "Enter passphrase: ")" PASSPHRASE="$(${ASKPASS} "Enter passphrase: ")"
if [[ "${NUKE_ENABLED,,}" == 'true' ]]; then if [[ "${NUKE_ENABLED,,}" == 'true' ]]; then
### Validate NUKE_HASH format (e.g., $id$salt$hash) SALT="$(cut -d'$' -f3 <<< "${NUKE_HASH}")"
if [[ "${NUKE_HASH}" =~ ${REGEX} ]]; then
SALT="$(cut -d'$' -f3 <<< "${NUKE_HASH}")" for METHOD in "${METHODS[@]}"; do
for METHOD in "${METHODS[@]}"; do # shellcheck disable=SC2312
if mkpasswd -m "${METHOD}" -S "${SALT}" "${PASSPHRASE}" 2>/dev/null | grep -qF -- "${NUKE_HASH}"; then
# shellcheck disable=SC2312 nuke
if mkpasswd -m "${METHOD}" -S "${SALT}" "${PASSPHRASE}" 2>/dev/null | grep -qF -- "${NUKE_HASH}"; then
nuke fi
fi done
done
fi
fi fi
@@ -427,8 +422,8 @@ main() {
secure_unset_pass secure_unset_pass
# TODO: DEBUGGER # TODO: DEBUGGER
echo "Inside if printf %s '${PASSPHRASE}' | cryptroot-unlock; then" echo "Inside if printf %s '${PASSPHRASE}' | cryptroot-unlock; then"
drop_bash #drop_bash
#exit 0 exit 0
else else