Project

General

Profile

Download (5.21 KB) Statistics
| Branch: | Tag: | Revision:
1 cb7d18d5 Renato Botelho
#!/usr/local/bin/php-cgi -f
2 f4feb493 Scott Ullrich
3
<?php
4
5 5b6eac01 Scott Ullrich
require("globals.inc");
6 45e63af1 Scott Ullrich
require("config.inc");
7
require("functions.inc");
8 5f2d078e Scott Ullrich
9 5b6eac01 Scott Ullrich
echo "Starting the {$g['product_name']} console firmware update system";
10
11 f4feb493 Scott Ullrich
require("functions.inc");
12
echo ".";
13
14 086cf944 Phil Davis
if (isset($config['system']['firmware']['alturl']['enable'])) {
15 b043503a jim-p
	$updater_url = "{$config['system']['firmware']['alturl']['firmwareurl']}";
16 e173dd74 Phil Davis
} else {
17 b043503a jim-p
	$updater_url = $g['update_url'];
18 e173dd74 Phil Davis
}
19 b043503a jim-p
20
$nanosize = "";
21
if ($g['platform'] == "nanobsd") {
22 03b56525 Renato Botelho
	if (!isset($g['enableserial_force'])) {
23 b043503a jim-p
		$nanosize = "-nanobsd-vga-";
24 e173dd74 Phil Davis
	} else {
25 b043503a jim-p
		$nanosize = "-nanobsd-";
26 e173dd74 Phil Davis
	}
27 b043503a jim-p
28
	$nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt")));
29
	$update_filename = "latest{$nanosize}.img.gz";
30
} else {
31
	$update_filename = "latest.tgz";
32
}
33
$autoupdateurl = "{$updater_url}/{$update_filename}";
34
35 f4feb493 Scott Ullrich
$fp = fopen('php://stdin', 'r');
36
37
echo ".\n\n";
38
39
$shell_active = true;
40
41
echo "1) Update from a URL\n";
42
echo "2) Update from a local file\n";
43
echo "Q) Quit\n";
44
45
echo "\nPlease select an option to continue: ";
46
47 1c52509c Renato Botelho
$pkg_interface = 'console';
48 f4feb493 Scott Ullrich
$command = strtoupper(chop(fgets($fp)));
49
50
switch ($command) {
51
	case "q":
52
	case "quit":
53
		echo "\n";
54 31210184 Scott Ullrich
		fclose($fp);
55 f4feb493 Scott Ullrich
		die;
56
	break;
57
	case "1":
58 b043503a jim-p
		echo "\nEnter the URL to the .tgz or .img.gz update file. \nType 'auto' to use {$autoupdateurl}\n> ";
59 f4feb493 Scott Ullrich
		$url = chop(fgets($fp));
60 e173dd74 Phil Davis
		if (!$url) {
61 31210184 Scott Ullrich
			fclose($fp);
62 9b5d2d24 Scott Ullrich
			die;
63 31210184 Scott Ullrich
		}
64 e173dd74 Phil Davis
		if ($url == "auto") {
65 b043503a jim-p
			$url = $autoupdateurl;
66
		}
67 f4feb493 Scott Ullrich
		$status = does_url_exist($url);
68 e173dd74 Phil Davis
		if ($status) {
69 8e57ecdf Scott Ullrich
			conf_mount_rw();
70 a368a026 Ermal Lu?i
			mark_subsystem_dirty('firmware');
71 1c52509c Renato Botelho
			unlink_if_exists("/root/firmware.tgz");
72
			echo "\nFetching file... ";
73
			download_file_with_progress_bar($url, '/root/firmware.tgz');
74 e173dd74 Phil Davis
			if (!file_exists("/root/firmware.tgz")) {
75 e1f1691f Scott Ullrich
				echo "Something went wrong during file transfer.  Exiting.\n\n";
76 31210184 Scott Ullrich
				fclose($fp);
77 1c52509c Renato Botelho
				clear_subsystem_dirty('firmware');
78 e1f1691f Scott Ullrich
				die;
79
			}
80 2ab2d8fb PiBa-NL
			$status = does_url_exist("$url.sha256");
81 e173dd74 Phil Davis
			if ($status) {
82 1c52509c Renato Botelho
				echo "\nFetching sha256... ";
83
				download_file_with_progress_bar($url . ".sha256", '/root/firmware.tgz.sha256');
84
				echo "\n";
85 4cc6345e Scott Ullrich
			} else {
86
				echo "\n\nWARNING.\n";
87 2ab2d8fb PiBa-NL
				echo "\nCould not locate a sha256 file.  We cannot verify the download once completed.\n\n";
88 6d951458 Renato Botelho
				echo "Do you still want to proceed with the upgrade [n]? ";
89
				$answer = strtoupper(chop(fgets($fp)));
90
				if ($answer == "Y" or $answer == "YES") {
91
					echo "\nContinuing upgrade...";
92
				} else {
93
					echo "\nUpgrade cancelled.\n\n";
94
					die;
95
				}
96 1d2ac3a5 Scott Ullrich
			}
97 e173dd74 Phil Davis
			if (file_exists("/root/firmware.tgz.sha256")) {
98 086cf944 Phil Davis
				$source_sha256 = trim(`cat /root/firmware.tgz.sha256 | awk '{ print \$4 }'`, "\r");
99
				$file_sha256 = trim(`sha256 /root/firmware.tgz | awk '{ print \$4 }'`, "\r");
100 2ab2d8fb PiBa-NL
				echo "URL sha256: $source_sha256\n";
101
				echo "Downloaded file sha256: $file_sha256\n";
102 e173dd74 Phil Davis
				if ($source_sha256 <> $file_sha256) {
103 2ab2d8fb PiBa-NL
					echo "\n\nsha256 checksum does not match.  Cancelling upgrade.\n\n";
104 1c52509c Renato Botelho
					unlink_if_exists("/root/firmware.tgz.sha256");
105 31210184 Scott Ullrich
					fclose($fp);
106 1c52509c Renato Botelho
					clear_subsystem_dirty('firmware');
107 1d2ac3a5 Scott Ullrich
					die -1;
108
				}
109 2ab2d8fb PiBa-NL
				echo "\nsha256 checksum matches.\n";
110 1c52509c Renato Botelho
				unlink_if_exists("/root/firmware.tgz.sha256");
111 1d2ac3a5 Scott Ullrich
			}
112 687631c6 Renato Botelho
			if (strstr($url, "nanobsd")) {
113 873b2f0c jim-p
				echo "NanoBSD upgrade file detected...\n";
114
				$type = "nanobsd";
115 d2fdbd6f Scott Ullrich
			} else {
116 873b2f0c jim-p
				$type = "normal";
117 9875b318 Scott Ullrich
			}
118 873b2f0c jim-p
			do_upgrade("/root/firmware.tgz", $type);
119 1c52509c Renato Botelho
			clear_subsystem_dirty('firmware');
120 873b2f0c jim-p
			exit;
121 11da95a6 Scott Ullrich
		}
122 f4feb493 Scott Ullrich
	case "2":
123 873b2f0c jim-p
		echo "\nEnter the complete path to the .tgz or .img.gz update file: ";
124 f4feb493 Scott Ullrich
		$path = chop(fgets($fp));
125 e173dd74 Phil Davis
		if (!$path) {
126 31210184 Scott Ullrich
			fclose($fp);
127 9b5d2d24 Scott Ullrich
			die;
128 31210184 Scott Ullrich
		}
129 086cf944 Phil Davis
		if (stristr($path, "nanobsd")) {
130 e173dd74 Phil Davis
			$type = "nanobsd";
131
		}
132
		if (file_exists($path)) {
133 a368a026 Ermal Lu?i
			mark_subsystem_dirty('firmware');
134 e1aea2cd Scott Ullrich
			do_upgrade($path, $type);
135 1c52509c Renato Botelho
			clear_subsystem_dirty('firmware');
136 f4feb493 Scott Ullrich
		} else {
137
			echo "\nCould not find file.\n\n";
138 31210184 Scott Ullrich
			fclose($fp);
139 f4feb493 Scott Ullrich
			die -1;
140
		}
141
}
142
143 e1aea2cd Scott Ullrich
function do_upgrade($path, $type) {
144 71ed7da5 Scott Ullrich
	global $g, $fp;
145 e173dd74 Phil Davis
146 71ed7da5 Scott Ullrich
	$sigchk = verify_digital_signature($path);
147 e173dd74 Phil Davis
	if ($sigchk == 1) {
148 71ed7da5 Scott Ullrich
		$sig_warning = "The digital signature on this image is invalid.";
149 e173dd74 Phil Davis
	} elseif ($sigchk == 2) {
150 71ed7da5 Scott Ullrich
		$sig_warning = "This image is not digitally signed.";
151 e173dd74 Phil Davis
	} elseif (($sigchk == 3) || ($sigchk == 4)) {
152 71ed7da5 Scott Ullrich
		$sig_warning = "There has been an error verifying the signature on this image.";
153 e173dd74 Phil Davis
	}
154
	if ($sig_warning) {
155 dbbc0fc8 Scott Ullrich
		$sig_warning = "\nWARNING! ACHTUNG! DANGER!\n\n{$sig_warning}\n\n" .
156 71ed7da5 Scott Ullrich
			"This means that the image you uploaded is not an official/supported image and\n" .
157
			"may lead to unexpected behavior or security compromises.\n\n" .
158
			"Only install images that come from sources that you trust, and make sure\n".
159
			"that the image has not been tampered with.\n\n".
160
			"Do you want to install this image anyway at your own risk [n]?";
161
		echo $sig_warning;
162
		$command = strtoupper(chop(fgets($fp)));
163 e173dd74 Phil Davis
		if (strtoupper($command) == "Y" or strtoupper($command) == "Y" or strtoupper($command) == "YES") {
164 7615c951 Scott Ullrich
			echo "\nContinuing upgrade...";
165 71ed7da5 Scott Ullrich
		} else {
166
			echo "\nUpgrade cancelled.\n\n";
167
			die;
168
		}
169
	}
170 a368a026 Ermal Lu?i
	mark_subsystem_dirty('firmwarelock');
171 dfd6af96 Scott Ullrich
	echo "\nOne moment please...\nInvoking firmware upgrade...";
172 687631c6 Renato Botelho
	if ($type == "nanobsd") {
173 9fab6391 Scott Ullrich
		mwexec_bg("/etc/rc.firmware pfSenseNanoBSDupgrade $path");
174 e173dd74 Phil Davis
	} else {
175 6e75ac00 Scott Ullrich
		mwexec_bg("/etc/rc.firmware pfSenseupgrade $path");
176 e173dd74 Phil Davis
	}
177 b30f4ba1 Scott Ullrich
	sleep(10);
178 e173dd74 Phil Davis
	while (is_subsystem_dirty('firmwarelock')) {
179 6e75ac00 Scott Ullrich
		sleep(1);
180 dfd6af96 Scott Ullrich
		echo ".";
181
	}
182 1a4075a9 Scott Ullrich
	sleep(10);
183 6e75ac00 Scott Ullrich
	echo "Done.  Rebooting...\n\n";
184 a368a026 Ermal Lu?i
	clear_subsystem_dirty('firmwarelock');
185 f4feb493 Scott Ullrich
}
186
187 2ab2d8fb PiBa-NL
exec("rm -f /root/*.sha256");
188 1939b5ce Scott Ullrich
fclose($fp);
189
190 ce387866 Ermal
?>