Split parts not Gluon-specific out of gluon-autoupdater

2014-07-11 14:06:42 +02:00 · 2014-07-11 14:06:42 +02:00 · 4d80b7a62d
commit 4d80b7a62d
parent 58ced87261
5 changed files with 2 additions and 255 deletions
--- a/package/gluon-autoupdater/Makefile
+++ b/package/gluon-autoupdater/Makefile
@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=gluon-autoupdater
-PKG_VERSION:=3
+PKG_VERSION:=4
 PKG_RELEASE:=$(GLUON_BRANCH)
 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
@ -11,7 +11,7 @@ include $(GLUONDIR)/include/package.mk
 define Package/gluon-autoupdater
  SECTION:=gluon
  CATEGORY:=Gluon
-  DEPENDS:=+gluon-core +gluon-cron +opkg +ecdsautils +!BUSYBOX_CONFIG_SHA512SUM:coreutils-sha512sum
+  DEPENDS:=+gluon-core +gluon-cron +autoupdater
  TITLE:=Automatically update firmware
 endef
--- a/package/gluon-autoupdater/README.md
+++ b/package/gluon-autoupdater/README.md
@ -1,35 +0,0 @@
 Models
 ======
 Ubiquity
 --------
 ubiquity-nanostation-m (dual ethernet)
 ubiquity-bullet-m (single ethernet: Bullet M, NanoStation Loco M, PicoStation M)
 TP-Link
 -------
 tp-link-tl-mr3020
 tp-link-tl-mr3040
 tp-link-tl-mr3220
 tp-link-tl-mr3420
 tp-link-tl-wdr3600-v1
 tp-link-tl-wdr4300-v1
 tp-link-tl-wdr4310-v1
 tp-link-tl-wr740n-nd-v1
 tp-link-tl-wr740n-nd-v3
 tp-link-tl-wr740n-nd-v4
 tp-link-tl-wr741n-nd-v1
 tp-link-tl-wr741n-nd-v2
 tp-link-tl-wr741n-nd-v4
 tp-link-tl-wr841n-nd-v8
 tp-link-tl-wr841n-nd-v1.5
 tp-link-tl-wr841n-nd-v3
 tp-link-tl-wr841n-nd-v5
 tp-link-tl-wr841n-nd-v7
 tp-link-tl-wr842n-nd-v1
 tp-link-tl-wr941n-nd-v2
 tp-link-tl-wr941n-nd-v3
 tp-link-tl-wr941n-nd-v4
 tp-link-tl-wr1043n-nd-v1
--- a/package/gluon-autoupdater/files/etc/config/autoupdater
+++ b/package/gluon-autoupdater/files/etc/config/autoupdater
@ -1,24 +0,0 @@
 #config autoupdater settings
 #	option enabled 1
 #	option branch "stable"
 #config branch stable
 	# The branch name given in the manifest
 #	option name 'stable'
 #	list mirror 'http://[fdef:ffc0:3dd7::8]/~freifunk/firmware/autoupdate'
 	# The updater will run once per hour and perform an update with a certain
 	# probability.
 	# 1.0 - perform an update every hour
 	# 0.5 - on average, perform an update every two hours
 	# 0.0 - inhibit any automatic updates
 #	option probability 0.5
 	# Minimum valid signatures required to perform the update
 #	option good_signatures 2
 	# List of public keys
 #	list pubkey 'beea7da92ed0c19563b6c259162b4cb471aa2fdf9d3939d05fea2cf498ea7642'
 #	list pubkey 'c75c9390cf5d7cc49a388d35f831ca379060cf7bca8c6e3d2d1ea31604597c42'
 #	list pubkey '03e9514f137f0467c0f0ac108892c0da2b71f1039b30f863331cbd5701abd042'
--- a/package/gluon-autoupdater/files/usr/sbin/autoupdater
+++ b/package/gluon-autoupdater/files/usr/sbin/autoupdater
@ -1,186 +0,0 @@
 #!/bin/sh
 BRANCH=$(uci get autoupdater.settings.branch)
 PROBABILITY=$(uci get autoupdater.${BRANCH}.probability)
 if test "a$1" != "a-f"; then
  if test $(uci get autoupdater.settings.enabled) != 1; then
    echo "autoupdater is disabled"
    exit 0
  fi
  # get one random byte from /dev/urandom, convert it to decimal and check
  # against update_probability*255
  hexdump -n1 -e '/1 "%d"' /dev/urandom | awk "{exit \$1 > $PROBABILITY * 255}"
  if test $? -ne 0; then
    echo "No autoupdate this time. Use -f to override"
    exit 0
  fi
 fi
 BRANCH_NAME=$(uci get autoupdater.${BRANCH}.name)
 MIRRORS=$(for mirror in $(uci get autoupdater.${BRANCH}.mirror); do \
            hexdump -n1 -e '/1 "%d '"$mirror"'\n"' /dev/urandom; \
          done | sort -n | cut -d' ' -f2)
 PUBKEYS=$(uci get autoupdater.${BRANCH}.pubkey)
 GOOD_SIGNATURES=$(uci get autoupdater.${BRANCH}.good_signatures)
 VERSION_FILE=/lib/gluon/release
 # returns 0 when $1 is a higher version number than $2
 newer_than() {
 	# negate the return value as opkg returns 1 when the proposition is true
 	! opkg compare-versions "$1" '>>' "$2"
 }
 fetch_manifest() {
  local MIRROR=$1
  local manifest=$2
  wget -O$manifest "$MIRROR"/manifest
  if test $? -ne 0; then
    echo "Couldn't fetch manifest from $MIRROR" >&2
    return 1
  fi
  return 0
 }
 verify_manifest() {
  local manifest=$1
  local manifest_upper=$2
  local manifest_lower=$(mktemp)
  awk "BEGIN    { sep=0 }
     /^---\$/ { sep=1; next }
              { if(sep==0) print > \"$manifest_upper\";
                else       print > \"$manifest_lower\"}" \
    $manifest
  local signatures=""
  while read sig; do
    echo "$sig" | grep -q "^[0-9a-f]\{128\}$"
    if test $? -ne 0; then
      continue
    fi
    signatures="$signatures -s $sig"
  done < $manifest_lower
  local pubkeys=""
  for key in $PUBKEYS; do
    pubkeys="$pubkeys -p $key"
  done
  rm -f $manifest_lower
  ecdsaverify -n $GOOD_SIGNATURES $pubkeys $signatures $manifest_upper
  if test $? -ne 0; then
    echo "Not enough valid signatures!" >&2
    return 1
  fi
  return 0
 }
 analyse_manifest() {
  local manifest_upper=$1
  grep -q "^BRANCH=${BRANCH_NAME}$" $manifest_upper
  if test $? -ne 0; then
    echo "Wrong branch. We are on ${BRANCH_NAME}" >&2
    return 1
  fi
  local my_firmware
  my_firmware=$(grep "^${my_model} " $manifest_upper)
  if test $? -ne 0; then
    echo "No matching firmware found (model ${my_model})" >&2
    return 1
  fi
  fw_version=$(echo "${my_firmware}"|cut -d' ' -f2)
  fw_checksum=$(echo "${my_firmware}"|cut -d' ' -f3)
  fw_file=$(echo "${my_firmware}"|cut -d' ' -f4)
  return 0
 }
 fetch_firmware() {
  local MIRROR=$1
  local fw_image=$2
  wget -O$fw_image "${MIRROR}/${fw_file}"
  if test $? -ne 0; then
    echo "Error downloading image from $MIRROR" >&2
    return 1
  fi
  return 0
 }
 autoupdate() {
  local MIRROR=$1
  local manifest=$(mktemp)
  fetch_manifest $MIRROR $manifest || { rm -f $manifest; return 1; }
  local manifest_upper=$(mktemp)
  verify_manifest $manifest $manifest_upper || { rm -f $manifest $manifest_upper; return 1; }
  rm -f $manifest
  analyse_manifest $manifest_upper || { rm -f $manifest_upper; return 1; }
  rm -f $manifest_upper
  if newer_than "$fw_version" "$my_version"; then
    echo "New version available"
    # drop caches to make room for firmware image
    sync
    sysctl -w vm.drop_caches=3
    local fw_image=$(mktemp)
    fetch_firmware $MIRROR $fw_image || { rm -f $fw_image; return 1; }
    image_sha512=$(sha512sum "$fw_image" | awk '{print $1}')
    image_md5=$(md5sum "$fw_image" | awk '{print $1}')
    if [ "$image_sha512" != "$fw_checksum" -a "$image_md5" != "$fw_checksum" ]; then
      echo "Invalid image checksum" >&2
      rm -f $fw_image
      return 1
    fi
    echo "Upgrading firmware."
    sysupgrade "${fw_image}"
  else
    echo "No new firmware available"
  fi
  return 0
 }
 trap 'echo Signal ignored.' INT TERM PIPE
 my_model="$(lua -e 'print(require("platform_info").get_image_name())')"
 if [ ! -f "$VERSION_FILE" ]; then
  echo "Couldn't determine firmware version!" >&2
  exit 1
 fi
 my_version="$(cat "$VERSION_FILE")"
 for mirror in $MIRRORS; do
  autoupdate $mirror && exit 0
  unset fw_version
  unset fw_checksum
  unset fw_file
 done
--- a/package/gluon-autoupdater/manifest.sample
+++ b/package/gluon-autoupdater/manifest.sample
@ -1,8 +0,0 @@
 BRANCH=stable
 # model               ver sha512sum                                                                                                                        filename
 tp-link-tl-wdr4300-v1 0.4 c300c2b80a8863506cf3b19359873c596d87af3183c4826462dfb5aa69bec7ce65e3db23a9f6f779fd0f3cc50db5d57070c2b62942abf4fb0e08ae4cb48191a0 gluon-0.4-tp-link-tl-wdr4300-v1-sysupgrade.bin
 # after three dashes follow the ecdsa signatures of everything above the dashes
 ---
 49030b7b394e0bd204e0faf17f2d2b2756b503c9d682b135deea42b34a09010bff139cbf7513be3f9f8aae126b7f6ff3a7bfe862a798eae9b005d75abbba770a