123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140 |
- #!/bin/sh
- if test $(uci get autoupdater.@autoupdater[0].enabled) != 1; then
- echo "autoupdater is disabled"
- exit 0
- fi
- PROBABILITY=$(uci get autoupdater.@autoupdater[0].probability)
- if test "a$1" != "a-f"; then
- echo | awk "END{srand();exit rand() > $PROBABILITY}"
- if test $? -ne 0; then
- echo "No autoupdate this time. Use -f to override"
- exit 0
- fi
- fi
- BASE=$(uci get autoupdater.@autoupdater[0].url)
- PUBKEYS=$(uci get autoupdater.@autoupdater[0].pubkey)
- GOOD_SIGNATURES=$(uci get autoupdater.@autoupdater[0].good_signatures)
- BRANCH=$(uci get autoupdater.@autoupdater[0].branch)
- VERSION_FILE=/etc/firmware_version
- newer_than() {
- local old="$(printf '%s\n%s\n' "$1" "$2" | sort -n | head -n 1)"
- test "$1" != "$old"
- }
- cleanup() {
- rm -f $manifest
- rm -f $fw_image
- rm -f $manifest_upper
- rm -f $manifest_lower
- }
- trap cleanup INT TERM EXIT PIPE
- my_model="$(cat /tmp/sysinfo/model | sed 's/ /-/g' | tr '[A-Z]' '[a-z]')"
- case "$my_model" in
- "tl-wdr4300")
- case "$(tplink_get_hwid)" in
- "360000"*)
- my_model="tl-wdr3600"
- ;;
- esac
- ;;
- esac
- if [ ! -f "$VERSION_FILE" ]; then
- echo "Couldn't determine firmware version!" >&2
- exit 1
- fi
- my_version="$(cat "$VERSION_FILE")"
- fw_image=$(mktemp)
- manifest=$(mktemp)
- manifest_upper=$(mktemp)
- manifest_lower=$(mktemp)
- wget -O$manifest "$BASE"/manifest
- if test $? -ne 0; then
- echo "Couldn't fetch manifest" >&2
- exit 1
- fi
- seperator_line=$(cat $manifest|grep -n "^---$"|cut -d: -f1|head -n1)
- if test -z "$seperator_line"; then
- echo "Couldn't find --- marker!" >&2
- exit 1
- fi
- head -n$(($seperator_line-1)) $manifest > $manifest_upper
- tail -n+$(($seperator_line+1)) $manifest > $manifest_lower
- signatures=""
- while read sig; do
- echo "$sig" | grep -q "^[0-9a-f]\{128\}$"
- if test $? -ne 0; then
- continue
- fi
- signatures="$signatures -s $sig"
- done < $manifest_lower
- pubkeys=""
- for key in $PUBKEYS; do
- pubkeys="$pubkeys -p $key"
- done
- ecdsaverify -n $GOOD_SIGNATURES $pubkeys $signatures $manifest_upper
- if test $? -ne 0; then
- echo "Not enough valid signatures!" >&2
- exit 1
- fi
- grep -q "^BRANCH=${BRANCH}$" $manifest_upper
- if test $? -ne 0; then
- echo "Wrong branch. We'are on ${BRANCH}" >&2
- exit 1
- fi
- my_firmware=$(grep "^${my_model} " $manifest_upper)
- if test $? -ne 0; then
- echo "No matching firmware found (model ${my_model})" >&2
- exit 1
- fi
- fw_version=$(echo "${my_firmware}"|cut -d' ' -f2)
- fw_md5=$(echo "${my_firmware}"|cut -d' ' -f3)
- fw_file=$(echo "${my_firmware}"|cut -d' ' -f4)
- if newer_than "$fw_version" "$my_version"; then
- echo "New version available"
- wget -O$fw_image "${BASE}/${fw_file}"
- if test $? -ne 0; then
- echo "Error downloading image" >&2
- exit 1
- fi
- image_md5=$(md5sum "$fw_image"|cut -b-32)
- if test "$image_md5" != "$fw_md5"; then
- echo "Invalid image checksum" >&2
- exit 1
- fi
- echo "Upgrading firmware."
- sysupgrade "${fw_image}"
- else
- echo "No new firmware available"
- fi
- exit 0
|