=================================================================== RCS file: /cvs/openbsd/fw_update/fw_install.sh,v retrieving revision 1.60 retrieving revision 1.67 diff -u -r1.60 -r1.67 --- openbsd/fw_update/fw_install.sh 2021/12/09 02:09:52 1.60 +++ openbsd/fw_update/fw_install.sh 2021/12/11 03:25:09 1.67 @@ -1,5 +1,5 @@ #!/bin/ksh -# $OpenBSD: fw_install.sh,v 1.60 2021/12/09 02:09:52 afresh1 Exp $ +# $OpenBSD: fw_install.sh,v 1.67 2021/12/11 03:25:09 afresh1 Exp $ # # Copyright (c) 2021 Andrew Hewus Fresh # @@ -61,20 +61,17 @@ fetch() { local _file=$1 _user=_file _exit - >"$_file" - chown "$_user" "$_file" - # If we're not in the installer, we have su(1) # and doas(1) is unlikely to be configured. if [ -x /usr/bin/su ]; then /usr/bin/su -s /bin/ksh "$_user" -c \ "/usr/bin/ftp -D 'Get/Verify' -Vm \ - -o '$_file' '${FWURL}/${_file}'" + -o- '${FWURL}/${_file}'" > "$_file" _exit="$?" else /usr/bin/doas -u "$_user" \ ftp -D 'Get/Verify' -Vm \ - -o "$_file" "${FWURL}/${_file}" + -o- "${FWURL}/${_file}" > "$_file" _exit="$?" fi @@ -83,8 +80,6 @@ echo "Cannot fetch $_file" >&2 return 1 fi - - chown root "$_file" } verify() { @@ -187,26 +182,33 @@ } usage() { - echo "Usage: fw_install [ -d dir ] [ driver | file [ ... ] ]" + echo "usage: fw_install [-d dir | -L dir] [driver | file [...]]" exit 2 } DOWNLOADDIR= -while getopts d: name +LOCALDIR= +while getopts d:L: name do case "$name" in d) DOWNLOADDIR=$OPTARG ;; + L) LOCALDIR=$OPTARG ;; ?) usage 2 ;; esac done shift $((OPTIND - 1)) +if [[ -n "$DOWNLOADDIR" && -n "$LOCALDIR" ]]; then + echo "Cannot use -d and -L" >&2 + usage 2 +fi + set -A devices -- "$@" [ "${devices[*]:-}" ] || set -A devices -- $( devices_needing_firmware ) -if [ ! "${devices:-}" ]; then +if [ ! "${devices[*]:-}" ]; then echo "No devices found which need firmware files to be downloaded." exit fi @@ -217,9 +219,8 @@ while (( i < "${#devices[@]}" )); do f="${devices[$i]}" d=$( firmware_devicename "$f" ) - [ "$f" = "$d" ] && f="$( echo "$f"-firmware-*.tgz | sed '$!d' )" if [ -e "$f" ]; then - if [ "${DOWNLOADDIR:-}" ]; then + if [ "$DOWNLOADDIR" ]; then echo "Cannot download local file $f" >&2 exit 2 fi @@ -233,31 +234,35 @@ echo "Unable to use $DOWNLOADDIR, make sure it is a directory" exit 2 fi +elif [ "$LOCALDIR" ]; then + if ! cd "$LOCALDIR"; then + echo "Unable to use $LOCALDIR, make sure it is a directory" + exit 2 + fi else TMPDIR=$( tmpdir "${DESTDIR}/tmp/fw_install" ) cd "$TMPDIR" fi -# To unpriv we need to let the unpriv user into this dir -chmod go+x . +if ! [[ -n "$LOCALDIR" && -e "$CFILE" ]]; then + fetch "$CFILE" + ! signify -qVep "$FWPUB_KEY" -x "$CFILE" -m "$CFILE" && + echo "Signature check of SHA256.sig failed" >&2 && exit 1 +fi -fetch "$CFILE" -! signify -qVep "$FWPUB_KEY" -x "$CFILE" -m "$CFILE" && - echo "Signature check of SHA256.sig failed" >&2 && exit 1 - for d in "${devices[@]}"; do f="${d##*:}" if [ "$f" = "$d" ]; then f=$( firmware_filename "$d" || true ) [ "$f" ] || continue else - d="${d%:*}" + d="${d%:*}" fi set -A installed -- $( installed_firmware "$d" ) - if [ ! "${DOWNLOADDIR:-}" ] && [ "${installed:-}" ]; then - for i in "${installed[@]:-}"; do + if [ ! "$DOWNLOADDIR" ] && [ "${installed[*]:-}" ]; then + for i in "${installed[@]}"; do if [ "${f##*/}" = "$i.tgz" ]; then echo "$i already installed" continue 2 @@ -266,15 +271,17 @@ fi if [ ! -e "$f" ]; then + [ "$LOCALDIR" ] && echo "Cannot install $f, not found" >&2 && continue fetch "$f" || continue verify "$f" || continue - elif [ "${DOWNLOADDIR:-}" ]; then + elif [ "$DOWNLOADDIR" ]; then echo "Already have $f" + verify "$f" || continue fi - [ "${DOWNLOADDIR:-}" ] && continue + [ "$DOWNLOADDIR" ] && continue - if [ "${installed:-}" ]; then + if [ "${installed[*]:-}" ]; then for i in "${installed[@]}"; do delete_firmware "$i" done