From 2b67cd7915ffe7ea01b53251b7a13b371b03f416 Mon Sep 17 00:00:00 2001
From: Quentin Kaiser <quentin.kaiser@onekey.com>
Date: Sat, 11 Nov 2023 14:15:27 +0100
Subject: [PATCH 1/2] chore(deps): move e2fsprogs dependency to onekey
 maintained fork.

---
 docs/installation.md   | 10 ++++++++++
 overlay.nix            |  6 ++++++
 unblob/install-deps.sh |  8 ++++++++
 3 files changed, 24 insertions(+)

diff --git a/docs/installation.md b/docs/installation.md
index af1edb6f24..2484aaaa04 100644
--- a/docs/installation.md
+++ b/docs/installation.md
@@ -140,3 +140,13 @@ There is a handy `install-deps.sh` script included in the repository and PyPI pa
        curl -L -o sasquatch_1.0_arm64.deb https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-4/sasquatch_1.0_arm64.deb
        sudo dpkg -i sasquatch_1.0_arm64.deb
        rm sasquatch_1.0_arm64.deb
+
+4. We maintain a fork of e2fsprogs based on Debian upstream, with some security fixes. You can install it this way:
+
+        curl -L -o libext2fs2_1.47.0-3.ok1_amd64.deb https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/libext2fs2_1.47.0-3.ok1_amd64.deb
+        dpkg -i libext2fs2_1.47.0-3.ok1_amd64.deb
+        rm -f libext2fs2_1.47.0-3.ok1_amd64.deb
+
+        curl -L -o e2fsprogs_1.47.0-3.ok1_amd64.deb https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/e2fsprogs_1.47.0-3.ok1_amd64.deb
+        dpkg -i e2fsprogs_1.47.0-3.ok1_amd64.deb
+        rm -f e2fsprogs_1.47.0-3.ok1_amd64.deb
diff --git a/overlay.nix b/overlay.nix
index 94706fe19c..61faaa3a3b 100644
--- a/overlay.nix
+++ b/overlay.nix
@@ -9,6 +9,12 @@ inputs: final: prev:
     (super: {
       pname = "e2fsprogs-nofortify";
       hardeningDisable = (super.hardeningDisable or [ ]) ++ [ "fortify3" ];
+
+      version = "1.47.0-3.ok1";
+      src = prev.fetchurl {
+        url = "https://github.com/onekey-sec/e2fsprogs/archive/refs/tags/v1.47.0-3.ok1.tar.gz";
+        hash = "sha256-fsLUySjAdgnRp5m405a4Egso+LXNLxR9Y7WHt8qAvFM=";
+      };
     });
 
   # Own package updated independently of nixpkgs
diff --git a/unblob/install-deps.sh b/unblob/install-deps.sh
index 0261433ced..7eb569f4ab 100755
--- a/unblob/install-deps.sh
+++ b/unblob/install-deps.sh
@@ -18,3 +18,11 @@ apt-get install --no-install-recommends -y \
 curl -L -o sasquatch_1.0_amd64.deb https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-4/sasquatch_1.0_amd64.deb
 dpkg -i sasquatch_1.0_amd64.deb
 rm -f sasquatch_1.0_amd64.deb
+
+curl -L -o libext2fs2_1.47.0-3.ok1_amd64.deb https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/libext2fs2_1.47.0-3.ok1_amd64.deb
+dpkg -i libext2fs2_1.47.0-3.ok1_amd64.deb
+rm -f libext2fs2_1.47.0-3.ok1_amd64.deb
+
+curl -L -o e2fsprogs_1.47.0-3.ok1_amd64.deb https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/e2fsprogs_1.47.0-3.ok1_amd64.deb
+dpkg -i e2fsprogs_1.47.0-3.ok1_amd64.deb
+rm -f e2fsprogs_1.47.0-3.ok1_amd64.deb

From 8394a7f2645bb3e0afd0d039928b9cfe122e1aec Mon Sep 17 00:00:00 2001
From: Quentin Kaiser <quentin.kaiser@onekey.com>
Date: Sun, 12 Nov 2023 10:55:48 +0100
Subject: [PATCH 2/2] chore(deps): get architecture dynamically when fetching
 debian packages.

---
 docs/installation.md   | 23 +++++++++--------------
 unblob/install-deps.sh | 18 +++++++++---------
 2 files changed, 18 insertions(+), 23 deletions(-)

diff --git a/docs/installation.md b/docs/installation.md
index 2484aaaa04..9a5229dda0 100644
--- a/docs/installation.md
+++ b/docs/installation.md
@@ -132,21 +132,16 @@ There is a handy `install-deps.sh` script included in the repository and PyPI pa
 
 2.  If you need **squashfs support**, install sasquatch:
 
-        curl -L -o sasquatch_1.0_amd64.deb https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-4/sasquatch_1.0_amd64.deb
-        sudo dpkg -i sasquatch_1.0_amd64.deb
-        rm sasquatch_1.0_amd64.deb
-3. If you need **squashfs(arm64) support**, install sasquatch(arm64):
-
-       curl -L -o sasquatch_1.0_arm64.deb https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-4/sasquatch_1.0_arm64.deb
-       sudo dpkg -i sasquatch_1.0_arm64.deb
-       rm sasquatch_1.0_arm64.deb
+        curl -L -o sasquatch_1.0.deb "https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-4/sasquatch_1.0_$(dpkg --print-architecture).deb"
+        sudo dpkg -i sasquatch_1.0.deb
+        rm sasquatch_1.0.deb
 
 4. We maintain a fork of e2fsprogs based on Debian upstream, with some security fixes. You can install it this way:
 
-        curl -L -o libext2fs2_1.47.0-3.ok1_amd64.deb https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/libext2fs2_1.47.0-3.ok1_amd64.deb
-        dpkg -i libext2fs2_1.47.0-3.ok1_amd64.deb
-        rm -f libext2fs2_1.47.0-3.ok1_amd64.deb
+        curl -L -o libext2fs2_1.47.0-3.ok1.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/libext2fs2_1.47.0-3.ok1_$(dpkg --print-architecture).deb"
+        dpkg -i libext2fs2_1.47.0-3.ok1.deb
+        rm -f libext2fs2_1.47.0-3.ok1.deb
 
-        curl -L -o e2fsprogs_1.47.0-3.ok1_amd64.deb https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/e2fsprogs_1.47.0-3.ok1_amd64.deb
-        dpkg -i e2fsprogs_1.47.0-3.ok1_amd64.deb
-        rm -f e2fsprogs_1.47.0-3.ok1_amd64.deb
+        curl -L -o e2fsprogs_1.47.0-3.ok1.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/e2fsprogs_1.47.0-3.ok1_$(dpkg --print-architecture).deb"
+        dpkg -i e2fsprogs_1.47.0-3.ok1.deb
+        rm -f e2fsprogs_1.47.0-3.ok1.deb
diff --git a/unblob/install-deps.sh b/unblob/install-deps.sh
index 7eb569f4ab..1e11c2b537 100755
--- a/unblob/install-deps.sh
+++ b/unblob/install-deps.sh
@@ -15,14 +15,14 @@ apt-get install --no-install-recommends -y \
     libmagic1 \
     zstd
 
-curl -L -o sasquatch_1.0_amd64.deb https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-4/sasquatch_1.0_amd64.deb
-dpkg -i sasquatch_1.0_amd64.deb
-rm -f sasquatch_1.0_amd64.deb
+curl -L -o sasquatch_1.0.deb "https://github.com/onekey-sec/sasquatch/releases/download/sasquatch-v4.5.1-4/sasquatch_1.0_$(dpkg --print-architecture).deb"
+dpkg -i sasquatch_1.0.deb
+rm -f sasquatch_1.0.deb
 
-curl -L -o libext2fs2_1.47.0-3.ok1_amd64.deb https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/libext2fs2_1.47.0-3.ok1_amd64.deb
-dpkg -i libext2fs2_1.47.0-3.ok1_amd64.deb
-rm -f libext2fs2_1.47.0-3.ok1_amd64.deb
+curl -L -o libext2fs2_1.47.0-3.ok1.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/libext2fs2_1.47.0-3.ok1_$(dpkg --print-architecture).deb"
+dpkg -i libext2fs2_1.47.0-3.ok1.deb
+rm -f libext2fs2_1.47.0-3.ok1.deb
 
-curl -L -o e2fsprogs_1.47.0-3.ok1_amd64.deb https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/e2fsprogs_1.47.0-3.ok1_amd64.deb
-dpkg -i e2fsprogs_1.47.0-3.ok1_amd64.deb
-rm -f e2fsprogs_1.47.0-3.ok1_amd64.deb
+curl -L -o e2fsprogs_1.47.0-3.ok1.deb "https://github.com/onekey-sec/e2fsprogs/releases/download/v1.47.0-3.ok1/e2fsprogs_1.47.0-3.ok1_$(dpkg --print-architecture).deb"
+dpkg -i e2fsprogs_1.47.0-3.ok1.deb
+rm -f e2fsprogs_1.47.0-3.ok1.deb