From 4b7981025b664bdadafd66ba3922becbbbe09985 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Thu, 25 Mar 2010 17:16:03 +0000
Subject: Fix code to show warnings properly.

---
 usr/local/www/system_firmware_auto.php | 33 ++++++++++++++-------------------
 1 file changed, 14 insertions(+), 19 deletions(-)

diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php
index 938f5b0..6a9a609 100755
--- a/usr/local/www/system_firmware_auto.php
+++ b/usr/local/www/system_firmware_auto.php
@@ -174,17 +174,26 @@ $sigchk = 0;
 if(!isset($curcfg['alturl']['enable']))
 	$sigchk = verify_digital_signature("{$g['upload_path']}/latest.tgz");
 
-if ($sigchk == 1)
+$exitstatus = 0;
+if ($sigchk == 1) {
 	$sig_warning = "The digital signature on this image is invalid.";
-else if ($sigchk == 2)
+	$exitstatus = 1;
+} else if ($sigchk == 2) {
 	$sig_warning = "This image is not digitally signed.";
-else if (($sigchk >= 3)) {
+	if (!isset($config['system']['firmware']['allowinvalidsig']))
+		$exitstatus = 1;
+} else if (($sigchk >= 3)) {
 	$sig_warning = "There has been an error verifying the signature on this image.";
-	update_status($sig_warning);
+	$exitstatus = 1;
+}
+
+if ($exitstatus) {
+        update_status($sig_warning);
         update_output_window("Update cannot continue");
 	require("fend.inc");
         exit;
-}
+} else if ($sigchk == 2)
+        update_output_window("\nrImage has no signature but the system configured to allow unsigned images.\n");
 
 if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) {
 	update_status("The image file is corrupt.");
@@ -198,20 +207,6 @@ if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) {
 	exit;
 }
 
-if ($sigchk == 2 && isset($config['system']['firmware']['allowinvalidsig']))
-	update_output_window("\nrImage has no signature but the system configured to allow unsigned images.\n");
-else if ($sigchk) {
-	update_status($sig_warning);
-	update_output_window("Update cannot continue");
-	if (file_exists("{$g['upload_path']}/latest.tgz")) {
-		conf_mount_rw();
-		unlink("{$g['upload_path']}/latest.tgz");
-		conf_mount_ro();
-	}
-	require("fend.inc");
-	exit;
-}
-
 if($downloaded_latest_tgz_sha256 <> $upgrade_latest_tgz_sha256) {
 	update_status("Downloading complete but sha256 does not match.");
 	update_output_window("Auto upgrade aborted.  \n\nDownloaded SHA256: $downloaded_latest_tgz_sha256 \n\nNeeded SHA256: $upgrade_latest_tgz_sha256");	
-- 
cgit v1.1