/usr/local/www/system_firmware_auto.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_firmware_auto.php @ 016231d0

1	25682561	Scott Ullrich	<?php
2			/* $Id$ */
3			/*
4			system_firmware_auto.php
5	da55e467	Scott Ullrich	Copyright (C) 2005 Scott Ullrich
6	29aef6c4	Jim Thompson	Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com>
7	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
8	5c59c339	Scott Ullrich
9	4b805dbc	Renato Botelho	Based originally on system_firmware.php
10			(C)2003-2004 Manuel Kasper
11	25682561	Scott Ullrich	All rights reserved.
12
13			Redistribution and use in source and binary forms, with or without
14			modification, are permitted provided that the following conditions are met:
15
16			1. Redistributions of source code must retain the above copyright notice,
17			this list of conditions and the following disclaimer.
18
19			2. Redistributions in binary form must reproduce the above copyright
20			notice, this list of conditions and the following disclaimer in the
21			documentation and/or other materials provided with the distribution.
22
23			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
25			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
27			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32			POSSIBILITY OF SUCH DAMAGE.
33			*/
34	1d333258	Scott Ullrich	/*
35			pfSense_BUILDER_BINARIES: /usr/bin/tar /usr/bin/nohup /bin/cat /sbin/sha256
36	727047a6	sbeaver	pfSense_MODULE: firmware
37	1d333258	Scott Ullrich	*/
38	25682561	Scott Ullrich
39	6b07c15a	Matthew Grooms	##\|+PRIV
40			##\|*IDENT=page-system-firmware-checkforupdate
41			##\|*NAME=System: Firmware: Check For Update page
42			##\|*DESCR=Allow access to the 'System: Firmware: Check For Update' page.
43			##\|MATCH=system_firmware_auto.php
44			##\|-PRIV
45
46	7385a6b4	Scott Ullrich	$nocsrf = true;
47
48	da55e467	Scott Ullrich	require("guiconfig.inc");
49	4e6593de	jim-p	require_once("pfsense-utils.inc");
50	da55e467	Scott Ullrich
51			$curcfg = $config['system']['firmware'];
52	9b7d7aa9	Scott Ullrich
53	0e88de0c	Phil Davis	if (isset($curcfg['alturl']['enable'])) {
54	da55e467	Scott Ullrich	$updater_url = "{$config['system']['firmware']['alturl']['firmwareurl']}";
55	0e88de0c	Phil Davis	} else {
56	ef794b01	Scott Ullrich	$updater_url = $g['update_url'];
57	0e88de0c	Phil Davis	}
58	a30afe0e	Scott Ullrich
59	0e88de0c	Phil Davis	if ($_POST['backupbeforeupgrade']) {
60	a30afe0e	Scott Ullrich	touch("/tmp/perform_full_backup.txt");
61	0e88de0c	Phil Davis	}
62	4b805dbc	Renato Botelho
63	a18b04d8	Colin Fleming	$closehead = false;
64	0e88de0c	Phil Davis	$pgtitle = array(gettext("Diagnostics"), gettext("Firmware"), gettext("Auto Update"));
65	52380979	Scott Ullrich	include("head.inc");
66
67	727047a6	sbeaver	$tab_array = array();
68			$tab_array[] = array(gettext("Manual Update"), false, "system_firmware.php");
69			$tab_array[] = array(gettext("Auto Update"), true, "system_firmware_check.php");
70			$tab_array[] = array(gettext("Updater Settings"), false, "system_firmware_settings.php");
71			if($g['hidedownloadbackup'] == false)
72			$tab_array[] = array(gettext("Restore Full Backup"), false, "system_firmware_restorefullbackup.php");
73
74			display_top_tabs($tab_array);
75	25682561	Scott Ullrich	?>
76
77	727047a6	sbeaver
78			<div id="statusheading" name="statusheading" class="panel panel-default">
79			<div class="panel-heading" id="status" name="status"><?=gettext("Beginning firmware upgrade")?></div>
80			<div id='output' name='output' class="panel-body"></div>
81			</div>
82
83	25682561	Scott Ullrich
84			<?php
85	727047a6	sbeaver	include("foot.inc"); ?>
86
87			<?php
88
89			panel_heading_text(gettext("Downloading current version information") . "...");
90			panel_heading_class('info');
91	25682561	Scott Ullrich
92	414053da	jim-p	$nanosize = "";
93			if ($g['platform'] == "nanobsd") {
94	0e88de0c	Phil Davis	if (file_exists("/etc/nano_use_vga.txt")) {
95	0d7715eb	Renato Botelho	$nanosize = "-nanobsd-vga-";
96	0e88de0c	Phil Davis	} else {
97	0d7715eb	Renato Botelho	$nanosize = "-nanobsd-";
98	0e88de0c	Phil Davis	}
99	0d7715eb	Renato Botelho
100			$nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt")));
101	414053da	jim-p	}
102
103	bd2b98c9	Ermal	@unlink("/tmp/{$g['product_name']}_version");
104	414053da	jim-p	download_file_with_progress_bar("{$updater_url}/version{$nanosize}", "/tmp/{$g['product_name']}_version");
105	773c99bc	Ermal	$latest_version = str_replace("\n", "", @file_get_contents("/tmp/{$g['product_name']}_version"));
106	0e88de0c	Phil Davis	if (!$latest_version) {
107	89f0ac4c	Renato Botelho	update_output_window(gettext("Unable to check for updates."));
108	727047a6	sbeaver	require("foot.inc");
109	773c99bc	Ermal	exit;
110			} else {
111	4e6593de	jim-p	$current_installed_buildtime = trim(file_get_contents("/etc/version.buildtime"));
112			$latest_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version"));
113	773c99bc	Ermal	$latest_version_pfsense = strtotime($latest_version);
114			if(!$latest_version) {
115	727047a6	sbeaver	panel_heading_class('danger');
116			panel_heading_text(gettext('Version check'));
117	89f0ac4c	Renato Botelho	update_output_window(gettext("Unable to check for updates."));
118	727047a6	sbeaver	require("foot.inc");
119	773c99bc	Ermal	exit;
120			} else {
121	4e6593de	jim-p	if (pfs_version_compare($current_installed_buildtime, $current_installed_version, $latest_version) == -1) {
122	727047a6	sbeaver	panel_heading_text(gettext("Downloading updates") . '...');
123			panel_heading_class('info');
124
125	773c99bc	Ermal	conf_mount_rw();
126	087d875c	jim-p	if ($g['platform'] == "nanobsd") {
127			$update_filename = "latest{$nanosize}.img.gz";
128			} else {
129			$update_filename = "latest.tgz";
130			}
131	727047a6	sbeaver
132	4b805dbc	Renato Botelho	$status = download_file_with_progress_bar("{$updater_url}/{$update_filename}", "{$g['upload_path']}/latest.tgz", "read_body_firmware");
133	087d875c	jim-p	$status = download_file_with_progress_bar("{$updater_url}/{$update_filename}.sha256", "{$g['upload_path']}/latest.tgz.sha256");
134	773c99bc	Ermal	conf_mount_ro();
135	b7596b80	Carlos Eduardo Ramos	update_output_window("{$g['product_name']} " . gettext("download complete."));
136	773c99bc	Ermal	} else {
137	727047a6	sbeaver	panel_heading_class('success');
138			panel_heading_text(gettext('Version check complete'));
139	89f0ac4c	Renato Botelho	update_output_window(gettext("You are on the latest version."));
140	727047a6	sbeaver	require("foot.inc");
141	773c99bc	Ermal	exit;
142			}
143			}
144	da55e467	Scott Ullrich	}
145
146			/* launch external upgrade helper */
147	61ffe8b8	Renato Botelho	$external_upgrade_helper_text = "/etc/rc.firmware ";
148
149	0e88de0c	Phil Davis	if ($g['platform'] == "nanobsd") {
150	61ffe8b8	Renato Botelho	$external_upgrade_helper_text .= "pfSenseNanoBSDupgrade ";
151	0e88de0c	Phil Davis	} else {
152	61ffe8b8	Renato Botelho	$external_upgrade_helper_text .= "pfSenseupgrade ";
153	0e88de0c	Phil Davis	}
154	61ffe8b8	Renato Botelho
155	4e6593de	jim-p	$external_upgrade_helper_text .= "{$g['upload_path']}/latest.tgz";
156	da55e467	Scott Ullrich
157	1d333258	Scott Ullrich	$downloaded_latest_tgz_sha256 = str_replace("\n", "", `/sbin/sha256 -q {$g['upload_path']}/latest.tgz`);
158			$upgrade_latest_tgz_sha256 = str_replace("\n", "", `/bin/cat {$g['upload_path']}/latest.tgz.sha256 \| awk '{ print $4 }'`);
159	da55e467	Scott Ullrich
160	563f5b51	Scott Ullrich	$sigchk = 0;
161
162	0e88de0c	Phil Davis	if (!isset($curcfg['alturl']['enable'])) {
163	0ba45a79	Renato Botelho	$sigchk = verify_digital_signature("{$g['upload_path']}/latest.tgz");
164	0e88de0c	Phil Davis	}
165	563f5b51	Scott Ullrich
166	4b798102	Ermal	$exitstatus = 0;
167			if ($sigchk == 1) {
168	89f0ac4c	Renato Botelho	$sig_warning = gettext("The digital signature on this image is invalid.");
169	4b798102	Ermal	$exitstatus = 1;
170			} else if ($sigchk == 2) {
171	89f0ac4c	Renato Botelho	$sig_warning = gettext("This image is not digitally signed.");
172	0e88de0c	Phil Davis	if (!isset($config['system']['firmware']['allowinvalidsig'])) {
173	4b798102	Ermal	$exitstatus = 1;
174	0e88de0c	Phil Davis	}
175	4b798102	Ermal	} else if (($sigchk >= 3)) {
176	89f0ac4c	Renato Botelho	$sig_warning = gettext("There has been an error verifying the signature on this image.");
177	4b798102	Ermal	$exitstatus = 1;
178			}
179
180			if ($exitstatus) {
181	727047a6	sbeaver	panel_heading_text($sig_warning);
182			panel_heading_class('danger');
183
184	4b805dbc	Renato Botelho	update_output_window(gettext("Update cannot continue. You can disable this check on the Updater Settings tab."));
185	727047a6	sbeaver	require("foot.inc");
186	4b805dbc	Renato Botelho	exit;
187	2646434b	Scott Ullrich	} else if ($sigchk == 2) {
188	727047a6	sbeaver	panel_heading_text(gettext('Upgrade in progress...'));
189			panel_heading_class('info');
190
191	4b805dbc	Renato Botelho	update_output_window("\n" . gettext("Upgrade Image does not contain a signature but the system has been configured to allow unsigned images. One moment please...") . "\n");
192	2646434b	Scott Ullrich	}
193	563f5b51	Scott Ullrich
194	0ba45a79	Renato Botelho	if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) {
195	727047a6	sbeaver	panel_heading_text(gettext("The image file is corrupt."));
196			panel_heading_class('danger');
197
198	89f0ac4c	Renato Botelho	update_output_window(gettext("Update cannot continue"));
199	0ba45a79	Renato Botelho	if (file_exists("{$g['upload_path']}/latest.tgz")) {
200			conf_mount_rw();
201	7dde365c	Renato Botelho	unlink("{$g['upload_path']}/latest.tgz");
202	0ba45a79	Renato Botelho	conf_mount_ro();
203			}
204	727047a6	sbeaver	require("foot.inc");
205	563f5b51	Scott Ullrich	exit;
206			}
207
208	da55e467	Scott Ullrich	if($downloaded_latest_tgz_sha256 <> $upgrade_latest_tgz_sha256) {
209	727047a6	sbeaver	panel_heading_text(gettext("Downloading complete but sha256 does not match."));
210			panel_heading_class('danger');
211
212	89f0ac4c	Renato Botelho	update_output_window(gettext("Auto upgrade aborted.") . " \n\n" . gettext("Downloaded SHA256") . ": " . $downloaded_latest_tgz_sha256 . "\n\n" . gettext("Needed SHA256") . ": " . $upgrade_latest_tgz_sha256);
213	d40b3c36	Colin Smith	} else {
214	89f0ac4c	Renato Botelho	update_output_window($g['product_name'] . " " . gettext("is now upgrading.") . "\\n\\n" . gettext("The firewall will reboot once the operation is completed."));
215	22ef0a3d	Ermal	mwexec_bg($external_upgrade_helper_text);
216	d40b3c36	Colin Smith	}
217	cdb0117c	Scott Ullrich
218	da55e467	Scott Ullrich	/*
219			Helper functions
220			*/
221	d40b3c36	Colin Smith
222	9140757d	Bill Marquette	function read_body_firmware($ch, $string) {
223	5779ade6	Renato Botelho	global $g, $fout, $file_size, $downloaded, $counter, $version, $latest_version;
224	da55e467	Scott Ullrich	$length = strlen($string);
225			$downloaded += intval($length);
226			$downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
227			$downloadProgress = 100 - $downloadProgress;
228			$a = $file_size;
229			$b = $downloaded;
230			$c = $downloadProgress;
231	727047a6	sbeaver	$text = " " . gettext("Auto Update Download Status") . "\\n";
232	5924fa0f	Scott Ullrich	$text .= "----------------------------------------------------\\n";
233	5779ade6	Renato Botelho	$text .= " " . gettext("Current Version") . " : {$g['product_version']}\\n";
234	89f0ac4c	Renato Botelho	$text .= " " . gettext("Latest Version") . " : {$latest_version}\\n";
235			$text .= " " . gettext("File size") . " : {$a}\\n";
236			$text .= " " . gettext("Downloaded") . " : {$b}\\n";
237			$text .= " " . gettext("Percent") . " : {$c}%\\n";
238	5924fa0f	Scott Ullrich	$text .= "----------------------------------------------------\\n";
239	da55e467	Scott Ullrich	$counter++;
240	0e88de0c	Phil Davis	if ($counter > 150) {
241	da55e467	Scott Ullrich	update_output_window($text);
242			update_progress_bar($downloadProgress);
243			$counter = 0;
244			}
245			fwrite($fout, $string);
246			return $length;
247	ebe916cf	Colin Smith	}
248	853167d2	Colin Smith
249	727047a6	sbeaver	// Update the text in the panel-heading
250			function panel_heading_text($text) {
251			?>
252			<script>
253			events.push(function(){
254			$('#status').html('<?=$text?>');
255			});
256			</script>
257			<?php
258			}
259
260			// Update the class of the message panel so that it's color changes
261			// Use danger, success, info, warning, default etc
262			function panel_heading_class($newclass = 'default') {
263			?>
264			<script>
265			events.push(function(){
266			$('#statusheading').removeClass().addClass('panel panel-' + '<?=$newclass?>');
267			});
268			</script>
269			<?php
270			}
271
272	773c99bc	Ermal	?>

Project

General

Profile

pfSense