#!/bin/sh

# /etc/rc.firmware_auto
# Copyright (C) 2005-2015 Electric Sheep Fencing LLC
# Part of pfSense

# $Id$

FMBASEURL=$1
FMFILENAME=$2
FETCHFILENAME=$1/$2

globals_inc="/etc/inc/globals.inc"
if [ -f /etc/inc/globals_override.inc ]; then
	globals_inc="/etc/inc/globals_override.inc ${globals_inc}"
fi
product=$(cat ${globals_inc} | \
	grep product_name | \
	head -n 1 | \
	sed 's/^.*=>* *//; s/["\;,]*//g')

# product cannot be blank
product=${product:-"pfSense"}

# wait 5 seconds before beginning
sleep 5

logger -p daemon.info -i -t AutoUpgrade "Auto Upgrade started"

HTTP_AUTH=""

# if username and password is passed, let fetch utilize.
if [ $# -gt 3 ]; then
HTTP_AUTH="basic:*:$3:$4"
fi

if [ $# -gt 1 ]; then
	echo "Downloading $FMFILENAME from $FMBASEURL ..." | logger -p daemon.info -i -t AutoUpgrade
	/usr/bin/fetch -o /tmp/latest.tgz $FETCHFILENAME | logger -p daemon.info -i -t AutoUpgrade
	echo "Downloading $FMFILENAME.sha256 from $FMBASEURL ..." | logger -p daemon.info -i -t AutoUpgrade
	/usr/bin/fetch -o /tmp/latest.tgz.sha256 $FETCHFILENAME.sha256 | logger -p daemon.info -i -t AutoUpgrade
fi

DLHASH=`/bin/cat /tmp/latest.tgz.sha256 | cut -d" " -f4 `
FILEHASH=`/sbin/sha256 /tmp/latest.tgz | cut -d" " -f4`

PLATFORM=`cat /etc/platform`

echo "   Package sha256: ${DLHASH}" | logger -p daemon.info -i -t AutoUpgrade
echo "Downloaded sha256: ${FILEHASH}" | logger -p daemon.info -i -t AutoUpgrade

if [ "$DLHASH" = "" ]; then
	echo "Downloaded sha256 is null. Require proxy auth?" | logger -p daemon.info -i -t AutoUpgrade
	exit 1
fi

if [ "$FILEHASH" = "" ]; then
	echo "Downloaded file's sha256 is null." | logger -p daemon.info -i -t AutoUpgrade
	exit 1
fi

if [ "$DLHASH" = "$FILEHASH" ]; then
	echo "sha256 hashes match." | logger -p daemon.info -i -t AutoUpgrade
	echo "Beginning ${product} upgrade." | wall
	if [ "$PLATFORM" = "nanobsd" ]; then
		/usr/local/bin/php-cgi /etc/rc.conf_mount_rw
	fi
	if [ -r "/tmp/custom.tgz" ]; then
		sh /etc/rc.firmware ${product}upgrade /tmp/latest.tgz /tmp/custom.tgz
	else
		if [ "$PLATFORM" = "nanobsd" ]; then
			sh /etc/rc.firmware ${product}NanoBSDupgrade /tmp/latest.tgz
		else
			sh /etc/rc.firmware ${product}upgrade /tmp/latest.tgz
		fi
	fi
	exit 0
fi

echo "sha256 hashes do not match. Upgrade aborted." | logger -p daemon.info -i -t AutoUpgrade
rm /tmp/latest*
exit 1