#!/usr/bin/bash
#
# Author: Dmitry Razumov <asmeron@ublinux.com>
# Copyright (c) 2021-2025 UBLinux <support@ublinux.com>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
#
# Initial script for Linux UBLinux
# This script are launching before starting init from initrd script
# Current dir allways must be set to root (/)
# All system path must be relative, except initrd dirs

ENABLED=yes
[[ ${ENABLED} == "yes" ]] || { return 0 2>/dev/null && return 0 || exit 0; }
DEBUGMODE=no

PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin

[[ ! -f /init ]] && { ROOTFS= ; CMD_CHROOT= ; } || { [[ -d /sysroot ]] && ROOTFS="/sysroot" || ROOTFS="."; CMD_CHROOT="chroot ${ROOTFS}"; }
SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
debug_mode "${SSC_ARGV0:-$0}" "$@"
SOURCE=${ROOTFS}/usr/lib/ublinux/default; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null

SYSCONF="${ROOTFS}${SYSCONF}"
SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/security; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null

exec_openssl_engine(){
## Настройка OpenSSL ГОСТ
    FILE_OPENSSL_CONF="${ROOTFS}/etc/ssl/openssl.cnf"
    FILE_OPENSSL_GOST_CONF="${ROOTFS}/etc/ssl/gost.cnf"
    TXT_OPENSSL_GOST_CONF="$(sed -r '/^\s*$/d' "${FILE_OPENSSL_GOST_CONF}")"
    TXT_ENABLE_GOST_CONF="openssl_conf = openssl_gost"

    if [[ ${OPENSSL_ENGINE,,} == "gost" ]]; then
    # Enable GOST
        grep -q "${TXT_ENABLE_GOST_CONF}" "${FILE_OPENSSL_CONF}" || sed "0,/^[\[]/s//${TXT_ENABLE_GOST_CONF}\n&/" -i "${FILE_OPENSSL_CONF}"
        grep -q "${TXT_OPENSSL_GOST_CONF%%$'\n'*}" "${FILE_OPENSSL_CONF}" || cat ${FILE_OPENSSL_GOST_CONF} >> "${FILE_OPENSSL_CONF}"
    elif [[ ${OPENSSL_ENGINE,,} == "default" ]]; then
    ## Disable GOST
        sed "/${TXT_ENABLE_GOST_CONF}/d" -i "${FILE_OPENSSL_CONF}"
        sed "/${TXT_OPENSSL_GOST_CONF%%$'\n'*}/,/${TXT_OPENSSL_GOST_CONF##*$'\n'}/d" -i "${FILE_OPENSSL_CONF}"
    fi
}

################
##### MAIN #####
################

    exec_openssl_engine $@
