diff options
author | Renato Botelho <renato@netgate.com> | 2015-11-18 08:01:16 -0200 |
---|---|---|
committer | Renato Botelho <renato@netgate.com> | 2015-11-18 08:02:43 -0200 |
commit | 988542d213d60cae3712b815c1255a5b8db99ce6 (patch) | |
tree | 0f570f3280e126229e475387183c15a763da8103 /src/etc/rc.initial.firmware_update | |
parent | 5e55bf55f2a77367d604adcd08598db951a57368 (diff) | |
download | pfsense-988542d213d60cae3712b815c1255a5b8db99ce6.zip pfsense-988542d213d60cae3712b815c1255a5b8db99ce6.tar.gz |
Retire rc.initial.firmware_update
Diffstat (limited to 'src/etc/rc.initial.firmware_update')
-rwxr-xr-x | src/etc/rc.initial.firmware_update | 190 |
1 files changed, 0 insertions, 190 deletions
diff --git a/src/etc/rc.initial.firmware_update b/src/etc/rc.initial.firmware_update deleted file mode 100755 index 143dbbd..0000000 --- a/src/etc/rc.initial.firmware_update +++ /dev/null @@ -1,190 +0,0 @@ -#!/usr/local/bin/php-cgi -f - -<?php - -require("globals.inc"); -require("config.inc"); -require("functions.inc"); - -echo "Starting the {$g['product_name']} console firmware update system"; - -require("functions.inc"); -echo "."; - -if (isset($config['system']['firmware']['alturl']['enable'])) { - $updater_url = "{$config['system']['firmware']['alturl']['firmwareurl']}"; -} else { - $updater_url = $g['update_url']; -} - -$nanosize = ""; -if ($g['platform'] == "nanobsd") { - if (!isset($g['enableserial_force'])) { - $nanosize = "-nanobsd-vga-"; - } else { - $nanosize = "-nanobsd-"; - } - - $nanosize .= strtolower(trim(file_get_contents("/etc/nanosize.txt"))); - $update_filename = "latest{$nanosize}.img.gz"; -} else { - $update_filename = "latest.tgz"; -} -$autoupdateurl = "{$updater_url}/{$update_filename}"; - -$fp = fopen('php://stdin', 'r'); - -echo ".\n\n"; - -$shell_active = true; - -echo "1) Update from a URL\n"; -echo "2) Update from a local file\n"; -echo "Q) Quit\n"; - -echo "\nPlease select an option to continue: "; - -$pkg_interface = 'console'; -$command = strtoupper(chop(fgets($fp))); - -switch ($command) { - case "q": - case "quit": - echo "\n"; - fclose($fp); - die; - break; - case "1": - echo "\nEnter the URL to the .tgz or .img.gz update file. \nType 'auto' to use {$autoupdateurl}\n> "; - $url = chop(fgets($fp)); - if (!$url) { - fclose($fp); - die; - } - if ($url == "auto") { - $url = $autoupdateurl; - } - $status = does_url_exist($url); - if ($status) { - conf_mount_rw(); - mark_subsystem_dirty('firmware'); - unlink_if_exists("/root/firmware.tgz"); - echo "\nFetching file... "; - download_file_with_progress_bar($url, '/root/firmware.tgz'); - if (!file_exists("/root/firmware.tgz")) { - echo "Something went wrong during file transfer. Exiting.\n\n"; - fclose($fp); - clear_subsystem_dirty('firmware'); - die; - } - $status = does_url_exist("$url.sha256"); - if ($status) { - echo "\nFetching sha256... "; - download_file_with_progress_bar($url . ".sha256", '/root/firmware.tgz.sha256'); - echo "\n"; - } else { - echo "\n\nWARNING.\n"; - echo "\nCould not locate a sha256 file. We cannot verify the download once completed.\n\n"; - echo "Do you still want to proceed with the upgrade [n]? "; - $answer = strtoupper(chop(fgets($fp))); - if ($answer == "Y" or $answer == "YES") { - echo "\nContinuing upgrade..."; - } else { - echo "\nUpgrade cancelled.\n\n"; - die; - } - } - if (file_exists("/root/firmware.tgz.sha256")) { - $source_sha256 = trim(`cat /root/firmware.tgz.sha256 | awk '{ print \$4 }'`, "\r"); - $file_sha256 = trim(`sha256 /root/firmware.tgz | awk '{ print \$4 }'`, "\r"); - echo "URL sha256: $source_sha256\n"; - echo "Downloaded file sha256: $file_sha256\n"; - if ($source_sha256 <> $file_sha256) { - echo "\n\nsha256 checksum does not match. Cancelling upgrade.\n\n"; - unlink_if_exists("/root/firmware.tgz.sha256"); - fclose($fp); - clear_subsystem_dirty('firmware'); - die -1; - } - echo "\nsha256 checksum matches.\n"; - unlink_if_exists("/root/firmware.tgz.sha256"); - } - if (strstr($url, "nanobsd")) { - echo "NanoBSD upgrade file detected...\n"; - $type = "nanobsd"; - } else { - $type = "normal"; - } - do_upgrade("/root/firmware.tgz", $type); - clear_subsystem_dirty('firmware'); - exit; - } - case "2": - echo "\nEnter the complete path to the .tgz or .img.gz update file: "; - $path = chop(fgets($fp)); - if (!$path) { - fclose($fp); - die; - } - if (stristr($path, "nanobsd")) { - $type = "nanobsd"; - } - if (file_exists($path)) { - mark_subsystem_dirty('firmware'); - do_upgrade($path, $type); - clear_subsystem_dirty('firmware'); - } else { - echo "\nCould not find file.\n\n"; - fclose($fp); - die -1; - } -} - -function do_upgrade($path, $type) { - global $g, $fp; - - $sigchk = verify_digital_signature($path); - if ($sigchk == 1) { - $sig_warning = "The digital signature on this image is invalid."; - } elseif ($sigchk == 2) { - $sig_warning = "This image is not digitally signed."; - } elseif (($sigchk == 3) || ($sigchk == 4)) { - $sig_warning = "There has been an error verifying the signature on this image."; - } - if ($sig_warning) { - $sig_warning = "\nWARNING! ACHTUNG! DANGER!\n\n{$sig_warning}\n\n" . - "This means that the image you uploaded is not an official/supported image and\n" . - "may lead to unexpected behavior or security compromises.\n\n" . - "Only install images that come from sources that you trust, and make sure\n". - "that the image has not been tampered with.\n\n". - "Do you want to install this image anyway at your own risk [n]?"; - echo $sig_warning; - $command = strtoupper(chop(fgets($fp))); - if (strtoupper($command) == "Y" or strtoupper($command) == "Y" or strtoupper($command) == "YES") { - echo "\nContinuing upgrade..."; - } else { - echo "\nUpgrade cancelled.\n\n"; - die; - } - } - mark_subsystem_dirty('firmwarelock'); - echo "\nOne moment please...\nInvoking firmware upgrade..."; - if ($type == "nanobsd") { - mwexec_bg("/etc/rc.firmware pfSenseNanoBSDupgrade $path"); - } else { - mwexec_bg("/etc/rc.firmware pfSenseupgrade $path"); - } - sleep(10); - while (is_subsystem_dirty('firmwarelock')) { - sleep(1); - echo "."; - } - sleep(10); - echo "Done. Rebooting...\n\n"; - clear_subsystem_dirty('firmwarelock'); -} - -exec("rm -f /root/*.sha256"); -fclose($fp); - -?> |