=================================================================== RCS file: /cvs/openbsd/fw_update/fw_install.sh,v retrieving revision 1.145 retrieving revision 1.149 diff -u -r1.145 -r1.149 --- openbsd/fw_update/fw_install.sh 2022/01/07 02:18:52 1.145 +++ openbsd/fw_update/fw_install.sh 2022/01/14 04:25:46 1.149 @@ -1,5 +1,5 @@ #!/bin/ksh -# $OpenBSD: fw_install.sh,v 1.145 2022/01/07 02:18:52 afresh1 Exp $ +# $OpenBSD: fw_install.sh,v 1.149 2022/01/14 04:25:46 afresh1 Exp $ # # Copyright (c) 2021 Andrew Hewus Fresh # @@ -55,8 +55,7 @@ tmpdir() { local _i=1 _dir - # If we're not in the installer, - # we have mktemp and a more hostile environment. + # The installer lacks mktemp(1), do it by hand if [ -x /usr/bin/mktemp ]; then _dir=$( mktemp -d "${1}-XXXXXXXXX" ) else @@ -71,8 +70,7 @@ fetch() { local _src="${FWURL}/${1##*/}" _dst=$1 _user=_file _exit _error='' - # If we're not in the installer, - # we have su(1) and doas(1) is unlikely to be configured. + # The installer uses a limited doas(1) as a tiny su(1) set -o monitor # make sure ftp gets its own process group ( _flags=-vm @@ -120,6 +118,8 @@ echo "Cannot fetch $_src$_error" >&2 return 1 fi + + return 0 } fetch_cfile() { @@ -133,22 +133,25 @@ echo "${0##*/}: $CFILE: No such file or directory" >&2 return 2 fi + + return 0 } verify() { - [ -e "$CFILE" ] || fetch_cfile - # On the installer we don't get sha256 -C, so fake it. + [ -e "$CFILE" ] || fetch_cfile || return 1 + # The installer sha256 lacks -C, do it by hand if ! fgrep -qx "SHA256 (${1##*/}) = $( /bin/sha256 -qb "$1" )" "$CFILE"; then echo "Checksum test for ${1##*/} failed." >&2 return 1 fi + + return 0 } firmware_in_dmesg() { local _d _m _line _dmesgtail _last='' _nl=$( echo ) - # When we're not in the installer, the dmesg.boot can - # contain multiple boots, so only look in the last one + # The dmesg can contain multiple boots, only look in the last one _dmesgtail="$( echo ; sed -n 'H;/^OpenBSD/h;${g;p;}' /var/run/dmesg.boot )" grep -v '^[[:space:]]*#' "$FWPATTERNS" | @@ -166,7 +169,7 @@ firmware_filename() { local _f - [ -e "$CFILE" ] || fetch_cfile + [ -e "$CFILE" ] || fetch_cfile || return 1 _f="$( sed -n "s/.*(\($1-firmware-.*\.tgz\)).*/\1/p" "$CFILE" | sed '$!d' )" ! [ "$_f" ] && echo "Unable to find firmware for $1" >&2 && return 1 echo "$_f" @@ -235,7 +238,6 @@ return 1 fi - # TODO: Should we mark these so real fw_update can -Drepair? ed -s "${FWPKGTMP}/+CONTENTS" <&2 exit 2 + else + # Don't verify files specified on the command-line + verify_existing=false fi set -A installed -- $( installed_firmware '' "$d-firmware-" '*' ) @@ -453,14 +458,24 @@ done fi - if [ -e "$f" ]; then - if "$DOWNLOAD"; then - [ "$VERBOSE" -gt 1 ] && ! "$INSTALL" && - echo "Keep/Verify ${f##*/}" - "$DRYRUN" || verify "$f" || continue + if "$verify_existing" && [ -e "$f" ]; then + msg="Keep/Verify" + "$INSTALL" && msg="Verify" + [ "$VERBOSE" -gt 1 ] && ! "$INSTALL" && + echo "$msg ${f##*/}" + + if "$DRYRUN" || verify "$f"; then "$INSTALL" || kept="$kept,$d" - # else assume it was verified when downloaded + elif "$DOWNLOAD"; then + [ "$VERBOSE" -gt 0 ] && echo "Refetching $f" + rm -f $f + else + continue fi + fi + + if [ -e "$f" ]; then + true # verified above elif "$DOWNLOAD"; then if "$DRYRUN"; then [ "$VERBOSE" -gt 0 ] && echo "Get/Verify ${f##*/}"