version 1.43, 2021/12/02 02:56:37 |
version 1.47, 2021/12/02 03:48:13 |
|
|
echo "${DESTDIR}/tmp" |
echo "${DESTDIR}/tmp" |
} |
} |
|
|
# tmpdir, do_as, unpriv, and unpriv2 are from install.sub |
# tmpdir, do_as, and unpriv are from install.sub |
# modified to use su(1) when not in the installer. |
# modified to use su(1) when not in the installer. |
|
# modified to use mktemp(1) when not in the installer. |
|
|
# Create a temporary directory based on the supplied directory name prefix. |
# Create a temporary directory based on the supplied directory name prefix. |
tmpdir() { |
tmpdir() { |
local _i=1 _dir |
local _i=1 _dir |
|
if [[ -z $1 ]]; then |
|
echo No tmpdir >&2 |
|
exit 1 |
|
fi |
|
|
until _dir="${1?}.$_i.$RANDOM" && mkdir -- "$_dir" 2>/dev/null; do |
if [[ -e /usr/bin/mktemp ]]; then |
((++_i < 10000)) || return 1 |
_dir=$( /usr/bin/mktemp -d $1 ) |
done |
chown _sndio "$_dir" |
|
else |
|
until _dir="${1%-+(X)}.$_i.$RANDOM" && mkdir -- "$_dir" 2>/dev/null; do |
|
((++_i < 10000)) || return 1 |
|
done |
|
fi |
echo "$_dir" |
echo "$_dir" |
} |
} |
|
|
|
|
do_as _sndio "$@" |
do_as _sndio "$@" |
} |
} |
|
|
unpriv2() { |
|
do_as _file "$@" |
|
} |
|
|
|
VNAME=${VNAME:-$(sysctl -n kern.osrelease)} |
VNAME=${VNAME:-$(sysctl -n kern.osrelease)} |
VERSION=${VERSION:-"${VNAME%.*}${VNAME#*.}"} |
VERSION=${VERSION:-"${VNAME%.*}${VNAME#*.}"} |
FWDIR=${FWDIR:-$VNAME} |
FWDIR=${FWDIR:-$VNAME} |
|
|
# Create a download directory for the firmware and |
# Create a download directory for the firmware and |
# check that the _sndio user can read files from |
# check that the _sndio user can read files from |
# it. Otherwise cleanup and skip the filesystem. |
# it. Otherwise cleanup and skip the filesystem. |
if _tmpsrc=$(tmpdir "$_tmpfs/firmware"); then |
if _tmpsrc=$(tmpdir "$_tmpfs/firmware-XXXXXXXXX"); then |
( |
( |
>$_tmpsrc/t && |
>$_tmpsrc/t && |
$_unpriv cat $_tmpsrc/t |
$_unpriv cat $_tmpsrc/t |
|
|
echo "Cannot fetch SHA256.sig" >&2 && return 1 |
echo "Cannot fetch SHA256.sig" >&2 && return 1 |
|
|
# Verify signature file with public keys. |
# Verify signature file with public keys. |
! $_unpriv -f "$_cfile" \ |
! signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" && |
signify -Vep $FWPUB_KEY -x "$_cfile.sig" -m "$_cfile" && |
|
echo "Signature check of SHA256.sig failed" >&2 && return 1 |
echo "Signature check of SHA256.sig failed" >&2 && return 1 |
|
|
for _d in $_drivers; do |
for _d in $_drivers; do |
|
|
# sha256. Create a flag file in case ftp failed. Firmware |
# sha256. Create a flag file in case ftp failed. Firmware |
# from net is written to the prefetch area. |
# from net is written to the prefetch area. |
( $_unpriv ftp -D "$_t" -Vmo - "$_src/$_f" || >/tmp/fail ) | |
( $_unpriv ftp -D "$_t" -Vmo - "$_src/$_f" || >/tmp/fail ) | |
( $_srclocal && unpriv2 sha256 -b >/tmp/h || |
( $_srclocal && sha256 -b >/tmp/h || |
unpriv2 -f /tmp/h sha256 -bph /tmp/h >"$_tmpsrc/$_f" ) |
sha256 -bph /tmp/h >"$_tmpsrc/$_f" ) |
|
|
# Handle failed transfer. |
# Handle failed transfer. |
if [[ -f /tmp/fail ]]; then |
if [[ -f /tmp/fail ]]; then |