/usr/local/www/system_firmware_auto.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_firmware_auto.php @ cffc7ec1

1	25682561	Scott Ullrich	<?php
2			/* $Id$ */
3			/*
4			system_firmware_auto.php
5	da55e467	Scott Ullrich	Copyright (C) 2005 Scott Ullrich
6	29aef6c4	Jim Thompson	Copyright (C) 2008 Scott Ullrich <sullrich@gmail.com>
7	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
8	5c59c339	Scott Ullrich
9	4b805dbc	Renato Botelho	Based originally on system_firmware.php
10			(C)2003-2004 Manuel Kasper
11	25682561	Scott Ullrich	All rights reserved.
12
13			Redistribution and use in source and binary forms, with or without
14			modification, are permitted provided that the following conditions are met:
15
16			1. Redistributions of source code must retain the above copyright notice,
17			this list of conditions and the following disclaimer.
18
19			2. Redistributions in binary form must reproduce the above copyright
20			notice, this list of conditions and the following disclaimer in the
21			documentation and/or other materials provided with the distribution.
22
23			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
24			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
25			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
26			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
27			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
28			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
29			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
30			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
31			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
32			POSSIBILITY OF SUCH DAMAGE.
33			*/
34	1d333258	Scott Ullrich	/*
35			pfSense_BUILDER_BINARIES: /usr/bin/tar /usr/bin/nohup /bin/cat /sbin/sha256
36	727047a6	sbeaver	pfSense_MODULE: firmware
37	1d333258	Scott Ullrich	*/
38	25682561	Scott Ullrich
39	6b07c15a	Matthew Grooms	##\|+PRIV
40			##\|*IDENT=page-system-firmware-checkforupdate
41			##\|*NAME=System: Firmware: Check For Update page
42			##\|*DESCR=Allow access to the 'System: Firmware: Check For Update' page.
43			##\|MATCH=system_firmware_auto.php
44			##\|-PRIV
45
46	7385a6b4	Scott Ullrich	$nocsrf = true;
47
48	da55e467	Scott Ullrich	require("guiconfig.inc");
49	4e6593de	jim-p	require_once("pfsense-utils.inc");
50	da55e467	Scott Ullrich
51			$curcfg = $config['system']['firmware'];
52	9b7d7aa9	Scott Ullrich
53	ef794b01	Scott Ullrich	if(isset($curcfg['alturl']['enable']))
54	da55e467	Scott Ullrich	$updater_url = "{$config['system']['firmware']['alturl']['firmwareurl']}";
55	ef794b01	Scott Ullrich	else
56			$updater_url = $g['update_url'];
57	a30afe0e	Scott Ullrich
58	4b805dbc	Renato Botelho	if($_POST['backupbeforeupgrade'])
59	a30afe0e	Scott Ullrich	touch("/tmp/perform_full_backup.txt");
60	4b805dbc	Renato Botelho
61	a18b04d8	Colin Fleming	$closehead = false;
62	499fea07	Carlos Eduardo Ramos	$pgtitle = array(gettext("Diagnostics"),gettext("Firmware"),gettext("Auto Update"));
63	52380979	Scott Ullrich	include("head.inc");
64
65	727047a6	sbeaver	$tab_array = array();
66			$tab_array[] = array(gettext("Manual Update"), false, "system_firmware.php");
67			$tab_array[] = array(gettext("Auto Update"), true, "system_firmware_check.php");
68			$tab_array[] = array(gettext("Updater Settings"), false, "system_firmware_settings.php");
69			if($g['hidedownloadbackup'] == false)
70			$tab_array[] = array(gettext("Restore Full Backup"), false, "system_firmware_restorefullbackup.php");
71
72			display_top_tabs($tab_array);
73	25682561	Scott Ullrich	?>
74
75	727047a6	sbeaver
76			<div id="statusheading" name="statusheading" class="panel panel-default">
77			<div class="panel-heading" id="status" name="status"><?=gettext("Beginning firmware upgrade")?></div>
78			<div id='output' name='output' class="panel-body"></div>
79			</div>
80
81	25682561	Scott Ullrich
82			<?php
83	727047a6	sbeaver	include("foot.inc"); ?>
84
85			<?php
86
87			panel_heading_text(gettext("Downloading current version information") . "...");
88			panel_heading_class('info');
89	25682561	Scott Ullrich
90	414053da	jim-p	$nanosize = "";
91			if ($g['platform'] == "nanobsd") {
92	0d7715eb	Renato Botelho	if (file_exists("/etc/nano_use_vga.txt"))
93			$nanosize = "-nanobsd-vga-";
94			else
95			$nanosize = "-nanobsd-";
96
97			$nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt")));
98	414053da	jim-p	}
99
100	bd2b98c9	Ermal	@unlink("/tmp/{$g['product_name']}_version");
101	414053da	jim-p	download_file_with_progress_bar("{$updater_url}/version{$nanosize}", "/tmp/{$g['product_name']}_version");
102	773c99bc	Ermal	$latest_version = str_replace("\n", "", @file_get_contents("/tmp/{$g['product_name']}_version"));
103	727047a6	sbeaver
104	773c99bc	Ermal	if(!$latest_version) {
105	89f0ac4c	Renato Botelho	update_output_window(gettext("Unable to check for updates."));
106	727047a6	sbeaver	require("foot.inc");
107	773c99bc	Ermal	exit;
108			} else {
109	4e6593de	jim-p	$current_installed_buildtime = trim(file_get_contents("/etc/version.buildtime"));
110			$current_installed_version = trim(file_get_contents("/etc/version"));
111			$latest_version = trim(@file_get_contents("/tmp/{$g['product_name']}_version"));
112	773c99bc	Ermal	$latest_version_pfsense = strtotime($latest_version);
113			if(!$latest_version) {
114	727047a6	sbeaver	panel_heading_class('danger');
115			panel_heading_text(gettext('Version check'));
116	89f0ac4c	Renato Botelho	update_output_window(gettext("Unable to check for updates."));
117	727047a6	sbeaver	require("foot.inc");
118	773c99bc	Ermal	exit;
119			} else {
120	4e6593de	jim-p	if (pfs_version_compare($current_installed_buildtime, $current_installed_version, $latest_version) == -1) {
121	727047a6	sbeaver	panel_heading_text(gettext("Downloading updates") . '...');
122			panel_heading_class('info');
123
124	773c99bc	Ermal	conf_mount_rw();
125	087d875c	jim-p	if ($g['platform'] == "nanobsd") {
126			$update_filename = "latest{$nanosize}.img.gz";
127			} else {
128			$update_filename = "latest.tgz";
129			}
130	727047a6	sbeaver
131	4b805dbc	Renato Botelho	$status = download_file_with_progress_bar("{$updater_url}/{$update_filename}", "{$g['upload_path']}/latest.tgz", "read_body_firmware");
132	087d875c	jim-p	$status = download_file_with_progress_bar("{$updater_url}/{$update_filename}.sha256", "{$g['upload_path']}/latest.tgz.sha256");
133	773c99bc	Ermal	conf_mount_ro();
134	b7596b80	Carlos Eduardo Ramos	update_output_window("{$g['product_name']} " . gettext("download complete."));
135	773c99bc	Ermal	} else {
136	727047a6	sbeaver	panel_heading_class('success');
137			panel_heading_text(gettext('Version check complete'));
138	89f0ac4c	Renato Botelho	update_output_window(gettext("You are on the latest version."));
139	727047a6	sbeaver	require("foot.inc");
140	773c99bc	Ermal	exit;
141			}
142			}
143	da55e467	Scott Ullrich	}
144
145			/* launch external upgrade helper */
146	61ffe8b8	Renato Botelho	$external_upgrade_helper_text = "/etc/rc.firmware ";
147
148			if($g['platform'] == "nanobsd")
149			$external_upgrade_helper_text .= "pfSenseNanoBSDupgrade ";
150			else
151			$external_upgrade_helper_text .= "pfSenseupgrade ";
152
153	4e6593de	jim-p	$external_upgrade_helper_text .= "{$g['upload_path']}/latest.tgz";
154	da55e467	Scott Ullrich
155	1d333258	Scott Ullrich	$downloaded_latest_tgz_sha256 = str_replace("\n", "", `/sbin/sha256 -q {$g['upload_path']}/latest.tgz`);
156			$upgrade_latest_tgz_sha256 = str_replace("\n", "", `/bin/cat {$g['upload_path']}/latest.tgz.sha256 \| awk '{ print $4 }'`);
157	da55e467	Scott Ullrich
158	563f5b51	Scott Ullrich	$sigchk = 0;
159
160			if(!isset($curcfg['alturl']['enable']))
161	0ba45a79	Renato Botelho	$sigchk = verify_digital_signature("{$g['upload_path']}/latest.tgz");
162	563f5b51	Scott Ullrich
163	4b798102	Ermal	$exitstatus = 0;
164			if ($sigchk == 1) {
165	89f0ac4c	Renato Botelho	$sig_warning = gettext("The digital signature on this image is invalid.");
166	4b798102	Ermal	$exitstatus = 1;
167			} else if ($sigchk == 2) {
168	89f0ac4c	Renato Botelho	$sig_warning = gettext("This image is not digitally signed.");
169	4b798102	Ermal	if (!isset($config['system']['firmware']['allowinvalidsig']))
170			$exitstatus = 1;
171			} else if (($sigchk >= 3)) {
172	89f0ac4c	Renato Botelho	$sig_warning = gettext("There has been an error verifying the signature on this image.");
173	4b798102	Ermal	$exitstatus = 1;
174			}
175
176			if ($exitstatus) {
177	727047a6	sbeaver	panel_heading_text($sig_warning);
178			panel_heading_class('danger');
179
180	4b805dbc	Renato Botelho	update_output_window(gettext("Update cannot continue. You can disable this check on the Updater Settings tab."));
181	727047a6	sbeaver	require("foot.inc");
182	4b805dbc	Renato Botelho	exit;
183	2646434b	Scott Ullrich	} else if ($sigchk == 2) {
184	727047a6	sbeaver	panel_heading_text(gettext('Upgrade in progress...'));
185			panel_heading_class('info');
186
187	4b805dbc	Renato Botelho	update_output_window("\n" . gettext("Upgrade Image does not contain a signature but the system has been configured to allow unsigned images. One moment please...") . "\n");
188	2646434b	Scott Ullrich	}
189	563f5b51	Scott Ullrich
190	0ba45a79	Renato Botelho	if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) {
191	727047a6	sbeaver	panel_heading_text(gettext("The image file is corrupt."));
192			panel_heading_class('danger');
193
194	89f0ac4c	Renato Botelho	update_output_window(gettext("Update cannot continue"));
195	0ba45a79	Renato Botelho	if (file_exists("{$g['upload_path']}/latest.tgz")) {
196			conf_mount_rw();
197	7dde365c	Renato Botelho	unlink("{$g['upload_path']}/latest.tgz");
198	0ba45a79	Renato Botelho	conf_mount_ro();
199			}
200	727047a6	sbeaver	require("foot.inc");
201	563f5b51	Scott Ullrich	exit;
202			}
203
204	da55e467	Scott Ullrich	if($downloaded_latest_tgz_sha256 <> $upgrade_latest_tgz_sha256) {
205	727047a6	sbeaver	panel_heading_text(gettext("Downloading complete but sha256 does not match."));
206			panel_heading_class('danger');
207
208	89f0ac4c	Renato Botelho	update_output_window(gettext("Auto upgrade aborted.") . " \n\n" . gettext("Downloaded SHA256") . ": " . $downloaded_latest_tgz_sha256 . "\n\n" . gettext("Needed SHA256") . ": " . $upgrade_latest_tgz_sha256);
209	d40b3c36	Colin Smith	} else {
210	89f0ac4c	Renato Botelho	update_output_window($g['product_name'] . " " . gettext("is now upgrading.") . "\\n\\n" . gettext("The firewall will reboot once the operation is completed."));
211	22ef0a3d	Ermal	mwexec_bg($external_upgrade_helper_text);
212	d40b3c36	Colin Smith	}
213	cdb0117c	Scott Ullrich
214	da55e467	Scott Ullrich	/*
215			Helper functions
216			*/
217	d40b3c36	Colin Smith
218	9140757d	Bill Marquette	function read_body_firmware($ch, $string) {
219	4e6593de	jim-p	global $fout, $file_size, $downloaded, $counter, $version, $latest_version, $current_installed_version;
220	da55e467	Scott Ullrich	$length = strlen($string);
221			$downloaded += intval($length);
222			$downloadProgress = round(100 * (1 - $downloaded / $file_size), 0);
223			$downloadProgress = 100 - $downloadProgress;
224			$a = $file_size;
225			$b = $downloaded;
226			$c = $downloadProgress;
227	727047a6	sbeaver	$text = " " . gettext("Auto Update Download Status") . "\\n";
228	5924fa0f	Scott Ullrich	$text .= "----------------------------------------------------\\n";
229	727047a6	sbeaver	$text .= " " . gettext("Current Version") . " : {$current_installed_version}\\n";
230			$text .= " " . gettext("Latest Version") . " : {$latest_version}\\n";
231			$text .= " " . gettext("File size") . " : {$a}\\n";
232			$text .= " " . gettext("Downloaded") . " : {$b}\\n";
233			$text .= " " . gettext("Percent") . " : {$c}%\\n";
234	5924fa0f	Scott Ullrich	$text .= "----------------------------------------------------\\n";
235	da55e467	Scott Ullrich	$counter++;
236			if($counter > 150) {
237			update_output_window($text);
238			update_progress_bar($downloadProgress);
239			$counter = 0;
240			}
241			fwrite($fout, $string);
242			return $length;
243	ebe916cf	Colin Smith	}
244	853167d2	Colin Smith
245	727047a6	sbeaver	// Update the text in the panel-heading
246			function panel_heading_text($text) {
247			?>
248			<script>
249			events.push(function(){
250			$('#status').html('<?=$text?>');
251			});
252			</script>
253			<?php
254			}
255
256			// Update the class of the message panel so that it's color changes
257			// Use danger, success, info, warning, default etc
258			function panel_heading_class($newclass = 'default') {
259			?>
260			<script>
261			events.push(function(){
262			$('#statusheading').removeClass().addClass('panel panel-' + '<?=$newclass?>');
263			});
264			</script>
265			<?php
266			}
267
268	773c99bc	Ermal	?>

Project

General

Profile

pfSense