diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2009-07-05 19:17:20 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2009-07-05 19:17:20 -0400 |
commit | 71ed7da53078e87c18552d5c1cfd463cae627fcc (patch) | |
tree | c5c5df8c9e8bd1fcab32ad35f66f84603b4b9028 | |
parent | bfed48a4d50891cec6f93c6944267ab93ca6f530 (diff) | |
download | pfsense-71ed7da53078e87c18552d5c1cfd463cae627fcc.zip pfsense-71ed7da53078e87c18552d5c1cfd463cae627fcc.tar.gz |
Add digital secutiry signature check to console upgrades.
-rwxr-xr-x | etc/rc.initial.firmware_update | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/etc/rc.initial.firmware_update b/etc/rc.initial.firmware_update index 68cce86..563f16d 100755 --- a/etc/rc.initial.firmware_update +++ b/etc/rc.initial.firmware_update @@ -3,6 +3,7 @@ <?php require("globals.inc"); +require("util.inc"); $g['booting'] = true; echo "Starting the {$g['product_name']} console firmware update system"; @@ -159,7 +160,31 @@ function check_for_kernel_file() { } function do_upgrade($path, $type) { - global $g; + global $g, $fp; + + $sigchk = verify_digital_signature($path); + if ($sigchk == 1) + $sig_warning = "The digital signature on this image is invalid."; + else if ($sigchk == 2) + $sig_warning = "This image is not digitally signed."; + else if (($sigchk == 3) || ($sigchk == 4)) + $sig_warning = "There has been an error verifying the signature on this image."; + if($sig_warning) { + $sig_warning = "WARNING! ACHTUNG! DANGER!\n\n{$sig_warning}\n\n" . + "This means that the image you uploaded is not an official/supported image and\n" . + "may lead to unexpected behavior or security compromises.\n\n" . + "Only install images that come from sources that you trust, and make sure\n". + "that the image has not been tampered with.\n\n". + "Do you want to install this image anyway at your own risk [n]?"; + echo $sig_warning; + $command = strtoupper(chop(fgets($fp))); + if(strtoupper($command) == "Y" or strtoupper($command) == "Y" or strtoupper($command) == "YES") { + echo "\nContinuing upgrade...\n"; + } else { + echo "\nUpgrade cancelled.\n\n"; + die; + } + } mark_subsystem_dirty('firmwarelock'); check_for_kernel_file(); echo "\nOne moment please...\nInvoking firmware upgrade..."; @@ -182,4 +207,4 @@ function do_upgrade($path, $type) { exec("rm -f /root/*.md5"); fclose($fp); -?> +?>
\ No newline at end of file |