diff options
| -rw-r--r-- | etc/inc/globals.inc | 1 | ||||
| -rwxr-xr-x | usr/local/www/system_firmware_auto.php | 30 | ||||
| -rwxr-xr-x | usr/local/www/system_firmware_settings.php | 24 |
3 files changed, 51 insertions, 4 deletions
diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index c21c954..91214c2 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -75,6 +75,7 @@ $g = array( "xmlrpcpath" => "/pfSense/xmlrpc.php", "embeddedbootupslice" => "/dev/ad0a", "update_url" => "http://updates.pfSense.com/_updaters", + "update_manifest" => "http://updates.pfSense.com/manifest", "wireless_regex" => "/^(ndis|wi|ath|an|ral|ural|wai|iwi|awi|wlan)/", "vlan_native_supp" => array("vge", "bfe", "dc", "fxp", "gem", "hme", "rl", "sis", "ste", "tl", "tx", "xl"), "vlan_long_frame" => array("vge", "bfe", "bge", "dc", "em", "fxp", "gem", "hme", "ixgb", "le", "nge", "re", "rl", "sis", "sk", "ste", "ti", "tl", "tx", "txp", "vr", "xl") diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php index 6994be6..aef4a71 100755 --- a/usr/local/www/system_firmware_auto.php +++ b/usr/local/www/system_firmware_auto.php @@ -1,4 +1,3 @@ -#!/usr/local/bin/php <?php /* $Id$ */ /* @@ -135,11 +134,38 @@ if($needs_system_upgrade == true) $downloaded_latest_tgz_sha256 = str_replace("\n", "", `sha256 /tmp/latest.tgz | awk '{ print $4 }'`); $upgrade_latest_tgz_sha256 = str_replace("\n", "", `cat /tmp/latest.tgz.sha256 | awk '{ print $4 }'`); +$sigchk = 0; + +if(!isset($curcfg['alturl']['enable'])) + $sigchk = verify_digital_signature("/tmp/latest.tgz"); + +if ($sigchk == 1) + $sig_warning = "The digital signature on this image is invalid."; +else if ($sigchk == 2) + $sig_warning = "This image is not digitally signed."; +else if (($sigchk == 3) || ($sigchk == 4)) + $sig_warning = "There has been an error verifying the signature on this image."; + +if (!verify_gzip_file("/tmp/latest.tgz")) { + update_status("The image file is corrupt."); + update_output_window("Update cannot continue"); + unlink("{$g['upload_path']}/latest.tgz"); + require("fend.inc"); + exit; +} + +if ($sigchk) { + update_status($sig_warning); + update_output_window("Update cannot continue"); + unlink("{$g['upload_path']}/latest.tgz"); + require("fend.inc"); + exit; +} + if($downloaded_latest_tgz_sha256 <> $upgrade_latest_tgz_sha256) { update_status("Downloading complete but sha256 does not match."); update_output_window("Auto upgrade aborted. \n\nDownloaded SHA256: $downloaded_latest_tgz_sha256 \n\nNeeded SHA256: $upgrade_latest_tgz_sha256"); } else { - update_status("Downloading complete."); update_output_window("{$g['product_name']} is now upgrading.\\n\\nThe firewall will reboot once the operation is completed."); echo "\n<script language=\"JavaScript\">document.progressbar.style.visibility='hidden';\n</script>"; exec_rc_script_async("{$external_upgrade_helper_text}"); diff --git a/usr/local/www/system_firmware_settings.php b/usr/local/www/system_firmware_settings.php index 9f7d32f..916a3c2 100755 --- a/usr/local/www/system_firmware_settings.php +++ b/usr/local/www/system_firmware_settings.php @@ -49,8 +49,13 @@ $curcfg = $config['system']['firmware']; $pgtitle = array("System","Firmware","Settings"); include("head.inc"); -?> +exec("fetch -q -o /tmp/manifest \"{$g['update_manifest']}\""); +if(file_exists("/tmp/manifest")) { + $preset_urls_split = split("\n", file_get_contents("/tmp/manifest")); +} +?> +<script src="/javascript/scriptaculous/prototype.js" type="text/javascript"></script> <script language="JavaScript"> <!-- @@ -88,7 +93,22 @@ function enable_altfirmwareurl(enable_over) { <tr> <td colspan="2" valign="top" class="listtopic">Firmware Branch</td> </tr> - +<?php if(is_array($preset_urls_split)): ?> + <tr> + <td valign="top" class="vncell">Default Auto Update URLs</td> + <td class="vtable"> + <select name='preseturls' id='preseturls' onChange="firmwareurl.value = preseturls.value; document.iform.firmwareurl.disabled = 0; alturlenable.checked=true;"> + <option></option> + <?php + foreach($preset_urls_split as $pus) { + $pus_text = split("\t", $pus); + echo "<option value='{$pus_text[1]}'>{$pus_text[0]}</option>"; + } + ?> + </select> + </td> + </tr> +<?php endif; ?> <tr> <td valign="top" class="vncell">Firmware Auto Update URL</td> <td class="vtable"> |
