#!/bin/sh

. /scripts/functions

freekey() {
	local d="/mnt/$1-key"
	[ -d "$d" ] && umount "$d" && rmdir "$d" ||:
}

keyfile=
findkey() {
	local name="$1"
	local path keydev luksdev mnt

	[ -f /etc/luks.keys ] ||
		exit 2

	while IFS='	' read path keydev luksdev; do
		if [ -n "$luksdev" ]; then
			get_dev "$luksdev" ||
				continue
		fi

		mnt=
		if [ -n "$keydev" ]; then
			mnt="/mnt/$name-key"
			mkdir -p -- "$mnt"
			mount -r "$keydev" "$mnt" ||
				exit 1
		fi

		if [ ! -f "$mnt/$path" ]; then
			error "luks: $path: keyfile not found."
			freekey "$name"
			exit 1
		fi

		keyfile="$mnt/$path"
		verbose "Keyfile '$path' for '${LUKS_ROOT#/dev/}' encrypted partition."
		return 0

	done < /etc/luks.keys

	# Keyfile not found yet.
	exit 2
}

readkey() {
	if [ -n "$keyfile" ]; then
		cat "$keyfile"
	fi
	freekey "$1"
}

handler() {
	nameluks="${LUKS_ROOT##*/}-luks"

	# skip if $nameluks has already exist
	! dmsetup info "$nameluks" >/dev/null 2>&1 ||
		exit 0

	local rc=0
	if [ -n "${LUKS_KEY-}" ]; then
		findkey "$nameluks"
		readkey "$nameluks" |
			cryptsetup -d- luksOpen "$LUKS_ROOT" "$nameluks"
	else
		rc=2
		while [ "$rc" = 2 ]; do
			cryptsetup -d- luksOpen "$LUKS_ROOT" "$nameluks"
			rc="$?"
		done
	fi

	if [ "$rc" != 0 ]; then
		error "Unable to activate LUKS: $rc"
		exit 1
	fi
}

rc=0
for e in "$handler_eventdir"/luks.*; do
	r=0
	( . "$e"; handler; ) || r="$?"
	case "$r" in
		2) ;;
		1) rc=1 ;;
		0) done_event "$e" ;;
	esac
done

exit $rc
