From fd44880743c38083c304210d266d30f7b2b3e0f6 Mon Sep 17 00:00:00 2001
From: amid <it@ubmail.ru>
Date: Tue, 30 May 2023 15:44:49 +0600
Subject: [PATCH] Fix OPENSSL_ENGINE

---
 VERSION.md                             |  2 +-
 ublinux/rc.preinit.d/56-openssl-engine | 46 ++++++++++++++++++++++++++
 2 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100755 ublinux/rc.preinit.d/56-openssl-engine

diff --git a/VERSION.md b/VERSION.md
index f7334bd..14baccc 100644
--- a/VERSION.md
+++ b/VERSION.md
@@ -1 +1 @@
-VERSION 2.20
+VERSION 2.21
diff --git a/ublinux/rc.preinit.d/56-openssl-engine b/ublinux/rc.preinit.d/56-openssl-engine
new file mode 100755
index 0000000..32adc8d
--- /dev/null
+++ b/ublinux/rc.preinit.d/56-openssl-engine
@@ -0,0 +1,46 @@
+#!/bin/bash
+#
+# Initial script for Live operating system
+# This script are launching before starting init from linux-live script.
+# Current dir allways must be set to root (/)
+# All system path must be relative, except initrd dirs
+
+ENABLED=yes
+[ "$ENABLED" != "yes" ] && exit 0
+DEBUGMODE=no
+
+PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin
+
+unset ROOTFS; [[ -d /usr/lib/ublinux ]] || ROOTFS=.
+SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
+SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
+debug_mode "$0" "$@"
+
+SYSCONF="${ROOTFS}/${SYSCONF}"
+SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
+SOURCE=${SYSCONF}/security; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
+
+exec_openssl_engine(){
+## Настройка OpenSSL ГОСТ
+    FILE_OPENSSL_CONF="${ROOTFS}/etc/ssl/openssl.cnf"
+    FILE_OPENSSL_GOST_CONF="${ROOTFS}/etc/ssl/gost.cnf"
+    TXT_OPENSSL_GOST_CONF="$(sed -r '/^\s*$/d' "${FILE_OPENSSL_GOST_CONF}")"
+    TXT_ENABLE_GOST_CONF="openssl_conf = openssl_gost"
+
+    if [[ ${OPENSSL_ENGINE,,} == "gost" ]]; then
+    # Enable GOST
+	grep -q "${TXT_ENABLE_GOST_CONF}" "${FILE_OPENSSL_CONF}" || sed "0,/^[a-zA-Z0-9\[]/s//${TXT_ENABLE_GOST_CONF}\n&/" -i "${FILE_OPENSSL_CONF}"
+	grep -q "${TXT_OPENSSL_GOST_CONF%%$'\n'*}" "${FILE_OPENSSL_CONF}" || cat ${FILE_OPENSSL_GOST_CONF} >> "${FILE_OPENSSL_CONF}"
+    elif [[ ${OPENSSL_ENGINE,,} == "default" ]]; then
+    ## Disable GOST
+	sed "/${TXT_ENABLE_GOST_CONF}/d" -i "${FILE_OPENSSL_CONF}"
+	sed "/${TXT_OPENSSL_GOST_CONF%%$'\n'*}/,/${TXT_OPENSSL_GOST_CONF##*$'\n'}/d" -i "${FILE_OPENSSL_CONF}"
+    fi
+}
+
+################
+##### MAIN #####
+################
+
+    exec_openssl_engine $@
+    
\ No newline at end of file