Project

General

Profile

Download (9.21 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
	system_firmware_auto.php
5
	Copyright (C) 2005 Scott Ullrich
6
	Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com>
7
	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
8

    
9
	Based originally on system_firmware.php
10
	(C)2003-2004 Manuel Kasper
11
	All rights reserved.
12

    
13
	Redistribution and use in source and binary forms, with or without
14
	modification, are permitted provided that the following conditions are met:
15

    
16
	1. Redistributions of source code must retain the above copyright notice,
17
	   this list of conditions and the following disclaimer.
18

    
19
	2. Redistributions in binary form must reproduce the above copyright
20
	   notice, this list of conditions and the following disclaimer in the
21
	   documentation and/or other materials provided with the distribution.
22

    
23
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
25
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
27
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32
	POSSIBILITY OF SUCH DAMAGE.
33
*/
34
/*
35
	pfSense_BUILDER_BINARIES:	/usr/bin/tar	/usr/bin/nohup	/bin/cat	/sbin/sha256
36
	pfSense_MODULE: firmware
37
*/
38

    
39
##|+PRIV
40
##|*IDENT=page-system-firmware-checkforupdate
41
##|*NAME=System: Firmware: Check For Update page
42
##|*DESCR=Allow access to the 'System: Firmware: Check For Update' page.
43
##|*MATCH=system_firmware_auto.php*
44
##|-PRIV
45

    
46
$nocsrf = true;
47

    
48
require("guiconfig.inc");
49
require_once("pfsense-utils.inc");
50

    
51
$curcfg = $config['system']['firmware'];
52

    
53
if(isset($curcfg['alturl']['enable']))
54
	$updater_url = "{$config['system']['firmware']['alturl']['firmwareurl']}";
55
else
56
	$updater_url = $g['update_url'];
57

    
58
if($_POST['backupbeforeupgrade'])
59
	touch("/tmp/perform_full_backup.txt");
60

    
61
$closehead = false;
62
$pgtitle = array(gettext("Diagnostics"),gettext("Firmware"),gettext("Auto Update"));
63
include("head.inc");
64

    
65
$tab_array = array();
66
$tab_array[] = array(gettext("Manual Update"), false, "system_firmware.php");
67
$tab_array[] = array(gettext("Auto Update"), true, "system_firmware_check.php");
68
$tab_array[] = array(gettext("Updater Settings"), false, "system_firmware_settings.php");
69
if($g['hidedownloadbackup'] == false)
70
	$tab_array[] = array(gettext("Restore Full Backup"), false, "system_firmware_restorefullbackup.php");
71

    
72
display_top_tabs($tab_array);
73
?>
74

    
75

    
76
<div id="statusheading" name="statusheading" class="panel panel-default">
77
   <div	 class="panel-heading" id="status" name="status"><?=gettext("Beginning firmware upgrade")?></div>
78
   <div id='output' name='output' class="panel-body"></div>
79
</div>
80

    
81

    
82
<?php
83
include("foot.inc"); ?>
84

    
85
<?php
86

    
87
panel_heading_text(gettext("Downloading current version information") . "...");
88
panel_heading_class('info');
89

    
90
$nanosize = "";
91
if ($g['platform'] == "nanobsd") {
92
	if (file_exists("/etc/nano_use_vga.txt"))
93
		$nanosize = "-nanobsd-vga-";
94
	else
95
		$nanosize = "-nanobsd-";
96

    
97
	$nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt")));
98
}
99

    
100
@unlink("/tmp/{$g['product_name']}_version");
101
download_file_with_progress_bar("{$updater_url}/version{$nanosize}", "/tmp/{$g['product_name']}_version");
102
$latest_version = str_replace("\n", "", @file_get_contents("/tmp/{$g['product_name']}_version"));
103

    
104
if(!$latest_version) {
105
	update_output_window(gettext("Unable to check for updates."));
106
	require("foot.inc");
107
	exit;
108
} else {
109
	$current_installed_buildtime = trim(file_get_contents("/etc/version.buildtime"));
110
	$current_installed_version = trim(file_get_contents("/etc/version"));
111
	$latest_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version"));
112
	$latest_version_pfsense = strtotime($latest_version);
113
	if(!$latest_version) {
114
		panel_heading_class('danger');
115
		panel_heading_text(gettext('Version check'));
116
		update_output_window(gettext("Unable to check for updates."));
117
		require("foot.inc");
118
		exit;
119
	} else {
120
		if (pfs_version_compare($current_installed_buildtime, $current_installed_version, $latest_version) == -1) {
121
			panel_heading_text(gettext("Downloading updates") . '...');
122
			panel_heading_class('info');
123

    
124
			conf_mount_rw();
125
			if ($g['platform'] == "nanobsd") {
126
				$update_filename = "latest{$nanosize}.img.gz";
127
			} else {
128
				$update_filename = "latest.tgz";
129
			}
130

    
131
			$status = download_file_with_progress_bar("{$updater_url}/{$update_filename}", "{$g['upload_path']}/latest.tgz", "read_body_firmware");
132
			$status = download_file_with_progress_bar("{$updater_url}/{$update_filename}.sha256", "{$g['upload_path']}/latest.tgz.sha256");
133
			conf_mount_ro();
134
			update_output_window("{$g['product_name']} " . gettext("download complete."));
135
		} else {
136
			panel_heading_class('success');
137
			panel_heading_text(gettext('Version check complete'));
138
			update_output_window(gettext("You are on the latest version."));
139
			require("foot.inc");
140
			exit;
141
		}
142
	}
143
}
144

    
145
/* launch external upgrade helper */
146
$external_upgrade_helper_text = "/etc/rc.firmware ";
147

    
148
if($g['platform'] == "nanobsd")
149
	$external_upgrade_helper_text .= "pfSenseNanoBSDupgrade ";
150
else
151
	$external_upgrade_helper_text .= "pfSenseupgrade ";
152

    
153
$external_upgrade_helper_text .= "{$g['upload_path']}/latest.tgz";
154

    
155
$downloaded_latest_tgz_sha256 = str_replace("\n", "", `/sbin/sha256 -q {$g['upload_path']}/latest.tgz`);
156
$upgrade_latest_tgz_sha256 = str_replace("\n", "", `/bin/cat {$g['upload_path']}/latest.tgz.sha256 | awk '{ print $4 }'`);
157

    
158
$sigchk = 0;
159

    
160
if(!isset($curcfg['alturl']['enable']))
161
	$sigchk = verify_digital_signature("{$g['upload_path']}/latest.tgz");
162

    
163
$exitstatus = 0;
164
if ($sigchk == 1) {
165
	$sig_warning = gettext("The digital signature on this image is invalid.");
166
	$exitstatus = 1;
167
} else if ($sigchk == 2) {
168
	$sig_warning = gettext("This image is not digitally signed.");
169
	if (!isset($config['system']['firmware']['allowinvalidsig']))
170
		$exitstatus = 1;
171
} else if (($sigchk >= 3)) {
172
	$sig_warning = gettext("There has been an error verifying the signature on this image.");
173
	$exitstatus = 1;
174
}
175

    
176
if ($exitstatus) {
177
	panel_heading_text($sig_warning);
178
	panel_heading_class('danger');
179

    
180
	update_output_window(gettext("Update cannot continue.  You can disable this check on the Updater Settings tab."));
181
	require("foot.inc");
182
	exit;
183
} else if ($sigchk == 2) {
184
	panel_heading_text(gettext('Upgrade in progress...'));
185
	panel_heading_class('info');
186

    
187
	update_output_window("\n" . gettext("Upgrade Image does not contain a signature but the system has been configured to allow unsigned images. One moment please...") . "\n");
188
}
189

    
190
if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) {
191
	panel_heading_text(gettext("The image file is corrupt."));
192
	panel_heading_class('danger');
193

    
194
	update_output_window(gettext("Update cannot continue"));
195
	if (file_exists("{$g['upload_path']}/latest.tgz")) {
196
		conf_mount_rw();
197
		unlink("{$g['upload_path']}/latest.tgz");
198
		conf_mount_ro();
199
	}
200
	require("foot.inc");
201
	exit;
202
}
203

    
204
if($downloaded_latest_tgz_sha256 <> $upgrade_latest_tgz_sha256) {
205
	panel_heading_text(gettext("Downloading complete but sha256 does not match."));
206
	panel_heading_class('danger');
207

    
208
	update_output_window(gettext("Auto upgrade aborted.") . "  \n\n" . gettext("Downloaded SHA256") . ": " . $downloaded_latest_tgz_sha256 . "\n\n" . gettext("Needed SHA256") . ": " . $upgrade_latest_tgz_sha256);
209
} else {
210
	update_output_window($g['product_name'] . " " . gettext("is now upgrading.") . "\\n\\n" . gettext("The firewall will reboot once the operation is completed."));
211
	mwexec_bg($external_upgrade_helper_text);
212
}
213

    
214
/*
215
	Helper functions
216
*/
217

    
218
function read_body_firmware($ch, $string) {
219
	global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_version;
220
	$length = strlen($string);
221
	$downloaded += intval($length);
222
	$downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
223
	$downloadProgress = 100 - $downloadProgress;
224
	$a = $file_size;
225
	$b = $downloaded;
226
	$c = $downloadProgress;
227
	$text  = "	" . gettext("Auto Update Download Status") . "\\n";
228
	$text .= "----------------------------------------------------\\n";
229
	$text .= "	" . gettext("Current Version") . " : {$current_installed_version}\\n";
230
	$text .= "	" . gettext("Latest Version") . "  : {$latest_version}\\n";
231
	$text .= "	" . gettext("File size") . "	   : {$a}\\n";
232
	$text .= "	" . gettext("Downloaded") . "	   : {$b}\\n";
233
	$text .= "	" . gettext("Percent") . "		   : {$c}%\\n";
234
	$text .= "----------------------------------------------------\\n";
235
	$counter++;
236
	if($counter > 150) {
237
		update_output_window($text);
238
		update_progress_bar($downloadProgress);
239
		$counter = 0;
240
	}
241
	fwrite($fout, $string);
242
	return $length;
243
}
244

    
245
// Update the text in the panel-heading
246
function panel_heading_text($text) {
247
?>
248
	<script>
249
	events.push(function(){
250
		$('#status').html('<?=$text?>');
251
	});
252
	</script>
253
<?php
254
}
255

    
256
// Update the class of the message panel so that it's color changes
257
// Use danger, success, info, warning, default etc
258
function panel_heading_class($newclass = 'default') {
259
?>
260
	<script>
261
	events.push(function(){
262
		$('#statusheading').removeClass().addClass('panel panel-' + '<?=$newclass?>');
263
	});
264
	</script>
265
<?php
266
}
267

    
268
?>
269

    
(198-198/237)