version 1.10, 2021/10/17 03:05:29 |
version 1.11, 2021/10/17 03:07:48 |
|
|
PKGDIR=${DESTDIR}/var/db/pkg |
PKGDIR=${DESTDIR}/var/db/pkg |
PATTERNS="file:${0%/*}/firmware_patterns" |
PATTERNS="file:${0%/*}/firmware_patterns" |
|
|
drivers=$( |
fw_update() { |
last='' |
local _tmpsrc _f _remove _r |
ftp -D "Detecting" -Vmo- $PATTERNS | |
local _src=$FWURL _t=Get _cfile="$_tmpsrc/SHA256" _srclocal=false |
while read d m; do |
local _drivers=$( |
grep=grep |
last='' |
[ "$last" = "$d" ] && continue |
ftp -D "Detecting" -Vmo- $PATTERNS | |
[ "$m" ] || m="^$d[0-9][0-9]* at " |
while read d m; do |
[ "$m" = "${m#^}" ] && grep=fgrep |
grep=grep |
$grep -q "$m" /var/run/dmesg.boot || continue |
[ "$last" = "$d" ] && continue |
echo $d |
[ "$m" ] || m="^$d[0-9][0-9]* at " |
last=$d |
[ "$m" = "${m#^}" ] && grep=fgrep |
done |
$grep -q "$m" /var/run/dmesg.boot || continue |
) |
echo $d |
|
last=$d |
|
done |
|
) |
|
|
if [ -z "$drivers" ]; then |
if [ -z "$_drivers" ]; then |
echo "No devices found which need firmware files to be downloaded." >&2 |
echo "No devices found which need firmware files to be downloaded." >&2 |
exit 0 |
return |
fi |
fi |
|
|
_src=$FWURL |
if _tmpsrc=$( tmpdir "${DESTDIR}/tmp/fw_update" ); then |
if _tmpsrc=$( tmpdir "${DESTDIR}/tmp/fw_update" ); then |
( |
( |
>$_tmpsrc/t && |
>$_tmpsrc/t && |
$_unpriv cat $_tmpsrc/t |
$_unpriv cat $_tmpsrc/t |
) >/dev/null 2>&1 || |
) >/dev/null 2>&1 || |
rm -r $_tmpsrc |
rm -r $_tmpsrc |
fi |
fi |
|
|
|
[[ ! -d $_tmpsrc ]] && |
[[ ! -d $_tmpsrc ]] && |
_issue="Cannot create prefetch area" && fail |
_issue="Cannot create prefetch area" && fail |
|
|
cd "$_tmpsrc" |
cd "$_tmpsrc" |
|
|
_t=Get |
! $_unpriv ftp -D "$_t" -Vmo - "$_src/SHA256.sig" >"$_cfile.sig" && |
_cfile="$_tmpsrc/SHA256" |
_issue="Cannot fetch SHA256.sig" && fail |
_srclocal=false |
|
|
|
! $_unpriv ftp -D "$_t" -Vmo - "$_src/SHA256.sig" >"$_cfile.sig" && |
# Verify signature file with public keys. |
_issue="Cannot fetch SHA256.sig" && fail |
! unpriv -f "$_cfile" \ |
|
signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" && |
|
_issue="Signature check of SHA256.sig failed" && fail |
|
|
# Verify signature file with public keys. |
for d in $_drivers; do |
! unpriv -f "$_cfile" \ |
_f=$( sed -n "s/.*(\($d-firmware-.*\.tgz\)).*/\1/p" "$_cfile" ) |
signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" && |
installed=$( installed_firmware "$d" ) |
_issue="Signature check of SHA256.sig failed" && fail |
|
|
|
for d in $drivers; do |
for i in $installed; do |
_f=$( sed -n "s/.*(\($d-firmware-.*\.tgz\)).*/\1/p" "$_cfile" ) |
if [ "$_f" = "$i.tgz" ]; then |
installed=$( installed_firmware "$d" ) |
echo "Firmware for $d already installed ($installed)" |
|
continue 2 |
|
fi |
|
done |
|
|
for i in $installed; do |
rm -f /tmp/h /tmp/fail |
if [ "$_f" = "$i.tgz" ]; then |
|
echo "Firmware for $d already installed ($installed)" |
|
continue 2 |
|
fi |
|
done |
|
|
|
rm -f /tmp/h /tmp/fail |
_t=Get/Verify |
|
# Fetch firmware file and create a checksum by piping through |
|
# sha256. Create a flag file in case ftp failed. Firmware |
|
# from net is written to the prefetch area. |
|
( $_unpriv ftp -D "$_t" -Vmo - "$_src/$_f" || >/tmp/fail ) | |
|
( $_srclocal && unpriv2 sha256 -b >/tmp/h || |
|
unpriv2 -f /tmp/h sha256 -bph /tmp/h >"$_tmpsrc/$_f" ) |
|
|
_t=Get/Verify |
# Handle failed transfer. |
# Fetch firmware file and create a checksum by piping through |
if [[ -f /tmp/fail ]]; then |
# sha256. Create a flag file in case ftp failed. Firmware |
rm -f "$_tmpsrc/$_f" |
# from net is written to the prefetch area. |
_issue="Fetching of $_f failed!" |
( $_unpriv ftp -D "$_t" -Vmo - "$_src/$_f" || >/tmp/fail ) | |
fail |
( $_srclocal && unpriv2 sha256 -b >/tmp/h || |
fi |
unpriv2 -f /tmp/h sha256 -bph /tmp/h >"$_tmpsrc/$_f" ) |
|
|
|
# Handle failed transfer. |
# Verify firmware by comparing its checksum with SHA256. |
if [[ -f /tmp/fail ]]; then |
if fgrep -qx "SHA256 ($_f) = $(</tmp/h)" "$_cfile"; then |
rm -f "$_tmpsrc/$_f" |
#_unver=$(rmel $_f $_unver) |
_issue="Fetching of $_f failed!" |
true |
fail |
else |
fi |
[[ -d "$_tmpsrc" ]] && rm -rf "$_tmpsrc" |
|
_issue="Checksum test for $_f failed." |
|
fail |
|
fi |
|
|
# Verify firmware by comparing its checksum with SHA256. |
# TODO: Check hash for files before deleting |
if fgrep -qx "SHA256 ($_f) = $(</tmp/h)" "$_cfile"; then |
if [ "$installed" ] && [ -e "${PKGDIR}/$installed/+CONTENTS" ]; then |
#_unver=$(rmel $_f $_unver) |
echo "Uninstalling $installed" |
true |
cwd=${PKGDIR}/$installed |
else |
|
[[ -d "$_tmpsrc" ]] && rm -rf "$_tmpsrc" |
|
_issue="Checksum test for $_f failed." |
|
fail |
|
fi |
|
|
|
# TODO: Check hash for files before deleting |
set -A _remove -- "${cwd}/+CONTENTS" "${cwd}" |
if [ "$installed" ] && [ -e "${PKGDIR}/$installed/+CONTENTS" ]; then |
|
echo "Uninstalling $installed" |
|
cwd=${PKGDIR}/$installed |
|
|
|
set -A _remove -- "${cwd}/+CONTENTS" "${cwd}" |
while read c g; do |
|
case $c in |
|
@cwd) cwd=$g |
|
;; |
|
@*) continue |
|
;; |
|
*) set -A _remove -- "$cwd/$c" "${_remove[@]}" |
|
;; |
|
esac |
|
done < "${PKGDIR}/$installed/+CONTENTS" |
|
|
while read c g; do |
for _r in "${_remove[@]}" ; do |
case $c in |
if [ -d "$_r" ]; then |
@cwd) cwd=$g |
# Try hard not to actually remove recursively |
;; |
# without rmdir on the install media. |
@*) continue |
[ "$_r/*" = $( echo "$_r"/* ) ] && rm -rf "$_r" |
;; |
else |
*) set -A _remove -- "$cwd/$c" "${_remove[@]}" |
rm -f "$_r" |
;; |
fi |
esac |
done |
done < "${PKGDIR}/$installed/+CONTENTS" |
fi |
|
|
for _r in "${_remove[@]}"; do |
# TODO: Add some details about the install to +CONTENTS like pkg_add |
if [ -d "$_r" ]; then |
# TODO: Or, maybe we save the firmware someplace and make pkg_add reinstall |
# Try hard not to actually remove recursively |
echo "Installing $_f" |
# without rmdir on the install media. |
tar -zxphf "$_f" -C /etc "firmware/*" |
[ "$_r/*" = $( echo "$_r"/* ) ] && rm -rf "$_r" |
mkdir -p ${PKGDIR}/${_f%.tgz}/ |
else |
tar -zxphf "$_f" -C "${PKGDIR}/${_f%.tgz}" "+*" |
rm -f "$_r" |
ed -s "${PKGDIR}/${_f%.tgz}/+CONTENTS" <<EOL |
fi |
|
done |
|
fi |
|
|
|
# TODO: Add some details about the install to +CONTENTS like pkg_add |
|
# TODO: Or, maybe we save the firmware someplace and make pkg_add reinstall |
|
echo "Installing $_f" |
|
tar -zxphf "$_f" -C /etc "firmware/*" |
|
mkdir -p ${PKGDIR}/${_f%.tgz}/ |
|
tar -zxphf "$_f" -C "${PKGDIR}/${_f%.tgz}" "+*" |
|
ed -s "${PKGDIR}/${_f%.tgz}/+CONTENTS" <<EOL |
|
/^@comment pkgpath/ -1a |
/^@comment pkgpath/ -1a |
@option manual-installation |
@option manual-installation |
@option firmware |
@option firmware |
|
|
. |
. |
w |
w |
EOL |
EOL |
done |
done |
|
} |
|
|
|
fw_update |