#!/bin/bash
# Password setting/generation script.
# Sets both root and u-boot password,
# or optionally just U-boot.
# What is actually written is the password
# and salt.  But the password is printed
# for reference.
# ubpasswd -h will print usage.
if ! [[ -x /sbin/hashpwd ]] ; then
  echo Need /sbin/hashpwd to proceed.
fi
usage() {
  echo "ubpasswd [-u] [-d] [-s salt] [password]"
  echo "  -u        means u-boot only (not UNIX password)"
  echo "  -s        salt is user supplied salt"
  echo "  -d        debug"
  echo "  password  is a user supplied password"
  echo "A salt not supplied is generated."
  echo "If a password is not supplied, it is generated"
  exit 1
}
((ubonly=0))
((hassalt=0))
((debug=0))
((upwd=0))
while getopts ":dus:" opt; do
  case $opt in
    u)
      ((ubonly=1))
      ;;
    s)
      salt="$OPTARG"
      ((hassalt=1)) 
      ;;
    d)
      ((debug=1))
      ;;
    *)
      usage
  esac
done
((debug)) && echo OPTIND is $OPTIND
((sc=OPTIND-1))
shift $sc
if (($# == 1)) ; then
  ((debug)) && echo "User set password is \"$1\""
  ((upwd = 1))
  pass="$1"
fi

((debug)) && echo hassalt is $hassalt, salt is \"$salt\"
((debug)) && echo ubonly is $ubonly
((debug)) && echo debug is $debug

len=8
saltlen=128
mts=/sys/devices/platform/mts-io
did="${mts}/device-id"
mac="${mts}/mac-eth"

if ! /bin/fgrep "mts password protected" /dev/mtdblock2 >/dev/null 2>&1;  then
	echo "U-Boot does not support password protection."
fi

if ((hassalt == 0)) ; then
  salt="$(/bin/dd if=/dev/urandom count=1 bs=128 2>/dev/null  | /bin/base64 |  tr -d '\n' | cut -c1-${saltlen})"
fi

echo "salt: $salt"

((v == 1)) && echo upwd is $upwd
((v == 1)) && echo did length is ${#did}
if ((upwd == 0)) ; then
  if ((${#did} == 0)) ; then
    echo "${mts}/device-id must have a non-zero length value"
    usage
  fi
    if ((${#mac} == 0)) ; then
    echo "${mts}/mac-eth must have a non-zero length value"
    usage
  fi
  if ((v == 1)) ; then
    echo Try this:
    echo "/sbin/hashpwd -d ${did} -m ${mac} ${salt}"
  fi
  result=$(/sbin/hashpwd -d ${did} -m ${mac} ${salt})
else
  result=$(/sbin/hashpwd -p "${pass}" ${salt})
fi
if ! [[ $result =~ ^pass=([^[:space:]]+)[[:space:]]+password_hash=([^[:space:]]+) ]] ; then
  echo "/sbin/hashpwd failed: ${result}"
  exit 1
fi
if ((v == 1)) ; then
  echo result is:
  echo "$result"
fi
pass="${BASH_REMATCH[1]}"
password_hash="${BASH_REMATCH[2]}"
echo "uboot password hash: \"$password_hash\""
if ((ubonly == 0)) ; then
  echo "setting root password to ${pass}"
  echo -e "${pass}\n${pass}" | /usr/bin/passwd >/dev/null 2>&1
fi
set -e
echo "u-boot password is ${pass}"
/usr/bin/u-boot setenv mtss "$salt"
/usr/bin/u-boot setenv mtsp "$password_hash"