From a0116247ddcb7ac1ffc37a2d1ac967952171f4f3 Mon Sep 17 00:00:00 2001
From: Ermal <eri@pfsense.org>
Date: Wed, 24 Mar 2010 17:00:39 +0000
Subject: Ticket #318. Add an option to updater settings to allow updates for
 images with no signature. This makes auto-updater work and will not display
 an confirmation message during manual update.

---
 usr/local/www/system_firmware.php          |  4 ++--
 usr/local/www/system_firmware_auto.php     | 11 +++++++++--
 usr/local/www/system_firmware_settings.php | 19 +++++++++++++++++++
 3 files changed, 30 insertions(+), 4 deletions(-)

(limited to 'usr')

diff --git a/usr/local/www/system_firmware.php b/usr/local/www/system_firmware.php
index 93fe96b..ed40a97 100755
--- a/usr/local/www/system_firmware.php
+++ b/usr/local/www/system_firmware.php
@@ -160,9 +160,9 @@ if ($_POST && !is_subsystem_dirty('firmwarelock')) {
 
 					if ($sigchk == 1)
 						$sig_warning = "The digital signature on this image is invalid.";
-					else if ($sigchk == 2)
+					else if ($sigchk == 2 && !isset($config['system']['firmware']['allowinvalidsig']))
 						$sig_warning = "This image is not digitally signed.";
-					else if (($sigchk == 3) || ($sigchk == 4))
+					else if (($sigchk >= 3))
 						$sig_warning = "There has been an error verifying the signature on this image.";
 
 					if (!verify_gzip_file("{$g['upload_path']}/firmware.tgz")) {
diff --git a/usr/local/www/system_firmware_auto.php b/usr/local/www/system_firmware_auto.php
index a777d18..938f5b0 100755
--- a/usr/local/www/system_firmware_auto.php
+++ b/usr/local/www/system_firmware_auto.php
@@ -178,8 +178,13 @@ if ($sigchk == 1)
 	$sig_warning = "The digital signature on this image is invalid.";
 else if ($sigchk == 2)
 	$sig_warning = "This image is not digitally signed.";
-else if (($sigchk == 3) || ($sigchk == 4))
+else if (($sigchk >= 3)) {
 	$sig_warning = "There has been an error verifying the signature on this image.";
+	update_status($sig_warning);
+        update_output_window("Update cannot continue");
+	require("fend.inc");
+        exit;
+}
 
 if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) {
 	update_status("The image file is corrupt.");
@@ -193,7 +198,9 @@ if (!verify_gzip_file("{$g['upload_path']}/latest.tgz")) {
 	exit;
 }
 
-if ($sigchk) {
+if ($sigchk == 2 && isset($config['system']['firmware']['allowinvalidsig']))
+	update_output_window("\nrImage has no signature but the system configured to allow unsigned images.\n");
+else if ($sigchk) {
 	update_status($sig_warning);
 	update_output_window("Update cannot continue");
 	if (file_exists("{$g['upload_path']}/latest.tgz")) {
diff --git a/usr/local/www/system_firmware_settings.php b/usr/local/www/system_firmware_settings.php
index 622e355..8fa06ec 100755
--- a/usr/local/www/system_firmware_settings.php
+++ b/usr/local/www/system_firmware_settings.php
@@ -52,6 +52,11 @@ if ($_POST) {
 			unset($config['system']['firmware']['alturl']);
 			unset($config['system']['firmware']);			
 		}
+		if($_POST['allowinvalidsig'] == "yes")
+                        $config['system']['firmware']['allowinvalidsig'] = true;
+                else
+                        unset($config['system']['firmware']['allowinvalidsig']);
+
 		write_config();
 	}
 }
@@ -137,6 +142,20 @@ function enable_altfirmwareurl(enable_over) {
 				</span>
 				</td>
 	</tr>
+	<tr>
+		<td colspan="2" class="list" height="12">&nbsp;</td>
+	</tr>
+	<tr>
+		<td colspan="2" valign="top" class="listtopic">Updates</td>
+	</tr>
+	<tr>
+		<td width="22%" valign="top" class="vncell">Not signed images.</td>
+		<td width="78%" class="vtable">
+			<input name="allowinvalidsig" type="checkbox" id="allowinvalidsig" value="yes" <?php if (isset($curcfg['allowinvalidsig'])) echo "checked"; ?> />
+			<br />
+			Allow to update the system with auto-updater and images with no signature.
+		</td>
+	</tr>
 	<script>enable_altfirmwareurl();</script>
                 <tr>
                   <td width="22%" valign="top">&nbsp;</td>
-- 
cgit v1.1