You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1172 lines
26 KiB

/*
* auc - attendedsysUpgrade CLI
* Copyright (C) 2017 Daniel Golle <daniel@makrotopia.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 3
* as published by the Free Software Foundation
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
#define _GNU_SOURCE
#define AUC_VERSION "0.0.9"
#include <fcntl.h>
#include <dlfcn.h>
#include <glob.h>
#include <stdio.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <unistd.h>
#include <uci.h>
#include <uci_blob.h>
#include <json-c/json.h>
#include <libubox/ulog.h>
#include <libubox/list.h>
#include <libubox/vlist.h>
#include <libubox/blobmsg_json.h>
#include <libubox/avl-cmp.h>
#include <libubox/uclient.h>
#include <libubox/uclient-utils.h>
#include <libubus.h>
#define REQ_TIMEOUT 15
#define APIOBJ_CHECK "api/upgrade-check"
#define APIOBJ_REQUEST "api/upgrade-request"
#define PUBKEY_PATH "/etc/opkg/keys"
#ifdef AUC_DEBUG
#define DPRINTF(...) if (debug) fprintf(stderr, __VA_ARGS__)
#else
#define DPRINTF(...)
#endif
static const char server_issues[]="https://github.com/aparcar/attendedsysupgrade-server/issues";
static char user_agent[80];
static char *serverurl;
static int upgrade_packages;
static struct ustream_ssl_ctx *ssl_ctx;
static const struct ustream_ssl_ops *ssl_ops;
static off_t out_bytes;
static off_t out_len;
static off_t out_offset;
static bool cur_resume;
static int output_fd = -1;
static int retry, imagebuilder, building, ibready;
static char *board_name = NULL;
static char *target = NULL, *subtarget = NULL;
static char *distribution = NULL, *version = NULL;
static int uptodate;
static char *filename = NULL;
static int rc;
#ifdef AUC_DEBUG
static int debug = 0;
#endif
/*
* policy for ubus call system board
* see procd/system.c
*/
enum {
BOARD_BOARD_NAME,
BOARD_RELEASE,
__BOARD_MAX,
};
static const struct blobmsg_policy board_policy[__BOARD_MAX] = {
[BOARD_BOARD_NAME] = { .name = "board_name", .type = BLOBMSG_TYPE_STRING },
[BOARD_RELEASE] = { .name = "release", .type = BLOBMSG_TYPE_TABLE },
};
/*
* policy for release information in system board reply
* see procd/system.c
*/
enum {
RELEASE_DISTRIBUTION,
RELEASE_VERSION,
RELEASE_TARGET,
__RELEASE_MAX,
};
static const struct blobmsg_policy release_policy[__RELEASE_MAX] = {
[RELEASE_DISTRIBUTION] = { .name = "distribution", .type = BLOBMSG_TYPE_STRING },
[RELEASE_VERSION] = { .name = "version", .type = BLOBMSG_TYPE_STRING },
[RELEASE_TARGET] = { .name = "target", .type = BLOBMSG_TYPE_STRING },
};
/*
* policy for packagelist
* see rpcd/sys.c
*/
enum {
PACKAGELIST_PACKAGES,
__PACKAGELIST_MAX,
};
static const struct blobmsg_policy packagelist_policy[__PACKAGELIST_MAX] = {
[PACKAGELIST_PACKAGES] = { .name = "packages", .type = BLOBMSG_TYPE_TABLE },
};
/*
* policy for upgrade_test
* see rpcd/sys.c
*/
enum {
UPGTEST_CODE,
UPGTEST_STDOUT,
__UPGTEST_MAX,
};
static const struct blobmsg_policy upgtest_policy[__UPGTEST_MAX] = {
[UPGTEST_CODE] = { .name = "code", .type = BLOBMSG_TYPE_INT32 },
[UPGTEST_STDOUT] = { .name = "stdout", .type = BLOBMSG_TYPE_STRING },
};
/*
* policy to extract version from upgrade-check response
*/
enum {
CHECK_VERSION,
CHECK_UPGRADES,
__CHECK_MAX,
};
static const struct blobmsg_policy check_policy[__CHECK_MAX] = {
[CHECK_VERSION] = { .name = "version", .type = BLOBMSG_TYPE_STRING },
[CHECK_UPGRADES] = { .name = "upgrades", .type = BLOBMSG_TYPE_TABLE },
};
static const struct blobmsg_policy pkg_upgrades_policy[2] = {
{ .type = BLOBMSG_TYPE_STRING },
{ .type = BLOBMSG_TYPE_STRING },
};
/*
* policy for upgrade-request response
* parse download information for the ready image.
*/
enum {
IMAGE_REQHASH,
IMAGE_FILESIZE,
IMAGE_URL,
IMAGE_CHECKSUM,
IMAGE_FILES,
IMAGE_SYSUPGRADE,
__IMAGE_MAX,
};
static const struct blobmsg_policy image_policy[__IMAGE_MAX] = {
[IMAGE_REQHASH] = { .name = "request_hash", .type = BLOBMSG_TYPE_STRING },
[IMAGE_URL] = { .name = "url", .type = BLOBMSG_TYPE_STRING },
[IMAGE_FILES] = { .name = "files", .type = BLOBMSG_TYPE_STRING },
[IMAGE_SYSUPGRADE] = { .name = "sysupgrade", .type = BLOBMSG_TYPE_STRING },
};
/*
* policy for HTTP headers received from server
*/
enum {
H_RANGE,
H_LEN,
H_IBSTATUS,
H_IBQUEUEPOS,
H_UNKNOWN_PACKAGE,
__H_MAX
};
static const struct blobmsg_policy policy[__H_MAX] = {
[H_RANGE] = { .name = "content-range", .type = BLOBMSG_TYPE_STRING },
[H_LEN] = { .name = "content-length", .type = BLOBMSG_TYPE_STRING },
[H_IBSTATUS] = { .name = "x-imagebuilder-status", .type = BLOBMSG_TYPE_STRING },
[H_IBQUEUEPOS] = { .name = "x-build-queue-position", .type = BLOBMSG_TYPE_STRING },
[H_UNKNOWN_PACKAGE] = { .name = "x-unknown-package", .type = BLOBMSG_TYPE_STRING },
};
/*
* load serverurl from UCI
*/
static int load_config() {
struct uci_context *uci_ctx;
struct uci_package *uci_attendedsysupgrade;
struct uci_section *uci_s;
uci_ctx = uci_alloc_context();
if (!uci_ctx)
return -1;
uci_ctx->flags &= ~UCI_FLAG_STRICT;
if (uci_load(uci_ctx, "attendedsysupgrade", &uci_attendedsysupgrade) ||
!uci_attendedsysupgrade) {
fprintf(stderr, "Failed to load attendedsysupgrade config\n");
return -1;
}
uci_s = uci_lookup_section(uci_ctx, uci_attendedsysupgrade, "server");
if (!uci_s) {
fprintf(stderr, "Failed to read server url from config\n");
return -1;
}
serverurl = strdup(uci_lookup_option_string(uci_ctx, uci_s, "url"));
uci_s = uci_lookup_section(uci_ctx, uci_attendedsysupgrade, "client");
if (!uci_s) {
fprintf(stderr, "Failed to read client config\n");
return -1;
}
upgrade_packages = atoi(uci_lookup_option_string(uci_ctx, uci_s, "upgrade_packages"));
uci_free_context(uci_ctx);
return 0;
}
/**
* UBUS response callbacks
*/
/*
* rpc-sys packagelist
* append packagelist response to blobbuf given in req->priv
*/
static void pkglist_check_cb(struct ubus_request *req, int type, struct blob_attr *msg) {
struct blob_buf *buf = (struct blob_buf *)req->priv;
struct blob_attr *tb[__PACKAGELIST_MAX];
blobmsg_parse(packagelist_policy, __PACKAGELIST_MAX, tb, blob_data(msg), blob_len(msg));
if (!tb[PACKAGELIST_PACKAGES]) {
fprintf(stderr, "No packagelist received\n");
rc=-1;
return;
}
blobmsg_add_field(buf, BLOBMSG_TYPE_TABLE, "packages", blobmsg_data(tb[PACKAGELIST_PACKAGES]), blobmsg_data_len(tb[PACKAGELIST_PACKAGES]));
};
/*
* rpc-sys packagelist
* append array of package names to blobbuf given in req->priv
*/
static void pkglist_req_cb(struct ubus_request *req, int type, struct blob_attr *msg) {
struct blob_buf *buf = (struct blob_buf *)req->priv;
struct blob_attr *tb[__PACKAGELIST_MAX];
struct blob_attr *cur;
int rem;
void *array;
blobmsg_parse(packagelist_policy, __PACKAGELIST_MAX, tb, blob_data(msg), blob_len(msg));
if (!tb[PACKAGELIST_PACKAGES]) {
fprintf(stderr, "No packagelist received\n");
return;
}
array = blobmsg_open_array(buf, "packages");
blobmsg_for_each_attr(cur, tb[PACKAGELIST_PACKAGES], rem)
blobmsg_add_string(buf, NULL, blobmsg_name(cur));
blobmsg_close_array(buf, array);
};
/*
* system board
* append append board information to blobbuf given in req->priv
* populate board and release global strings
*/
static void board_cb(struct ubus_request *req, int type, struct blob_attr *msg) {
struct blob_buf *buf = (struct blob_buf *)req->priv;
struct blob_attr *tb[__BOARD_MAX];
struct blob_attr *rel[__RELEASE_MAX];
blobmsg_parse(board_policy, __BOARD_MAX, tb, blob_data(msg), blob_len(msg));
if (!tb[BOARD_BOARD_NAME]) {
fprintf(stderr, "No board name received\n");
rc=-1;
return;
}
board_name = strdup(blobmsg_get_string(tb[BOARD_BOARD_NAME]));
if (!tb[BOARD_RELEASE]) {
fprintf(stderr, "No release received\n");
rc=-1;
return;
}
blobmsg_parse(release_policy, __RELEASE_MAX, rel,
blobmsg_data(tb[BOARD_RELEASE]), blobmsg_data_len(tb[BOARD_RELEASE]));
if (!rel[RELEASE_TARGET]) {
fprintf(stderr, "No target received\n");
rc=-1;
return;
}
target = strdup(blobmsg_get_string(rel[RELEASE_TARGET]));
subtarget = strchr(target, '/');
*subtarget++ = '\0';
distribution = strdup(blobmsg_get_string(rel[RELEASE_DISTRIBUTION]));
version = strdup(blobmsg_get_string(rel[RELEASE_VERSION]));
blobmsg_add_string(buf, "distro", distribution);
blobmsg_add_string(buf, "target", target);
blobmsg_add_string(buf, "subtarget", subtarget);
blobmsg_add_string(buf, "version", version);
}
/*
* rpc-sys upgrade_test
* check if downloaded file is accepted by sysupgrade
*/
static void upgtest_cb(struct ubus_request *req, int type, struct blob_attr *msg) {
int *valid = (int *)req->priv;
struct blob_attr *tb[__UPGTEST_MAX];
blobmsg_parse(upgtest_policy, __UPGTEST_MAX, tb, blob_data(msg), blob_len(msg));
if (!tb[UPGTEST_CODE]) {
fprintf(stderr, "No sysupgrade test return code received\n");
return;
}
*valid = (blobmsg_get_u32(tb[UPGTEST_CODE]) == 0)?1:0;
if (*valid == 0)
fprintf(stderr, "%s", blobmsg_get_string(tb[UPGTEST_STDOUT]));
};
/**
* uclient stuff
*/
static int open_output_file(const char *path, uint64_t resume_offset)
{
char *filename = NULL;
int flags;
int ret;
if (cur_resume)
flags = O_RDWR;
else
flags = O_WRONLY | O_EXCL;
flags |= O_CREAT;
filename = uclient_get_url_filename(path, "firmware.bin");
fprintf(stderr, "Writing to '%s'\n", filename);
ret = open(filename, flags, 0644);
if (ret < 0)
goto free;
if (resume_offset &&
lseek(ret, resume_offset, SEEK_SET) < 0) {
fprintf(stderr, "Failed to seek %"PRIu64" bytes in output file\n", resume_offset);
close(ret);
ret = -1;
goto free;
}
out_offset = resume_offset;
out_bytes += resume_offset;
free:
free(filename);
return ret;
}
struct jsonblobber {
json_tokener *tok;
struct blob_buf *outbuf;
};
static void request_done(struct uclient *cl)
{
struct jsonblobber *jsb = (struct jsonblobber *)cl->priv;
if (jsb) {
json_tokener_free(jsb->tok);
free(jsb);
};
uclient_disconnect(cl);
uloop_end();
}
static void header_done_cb(struct uclient *cl)
{
struct blob_attr *tb[__H_MAX];
uint64_t resume_offset = 0, resume_end, resume_size;
char *ibstatus;
unsigned int queuepos = 0;
if (uclient_http_redirect(cl)) {
fprintf(stderr, "Redirected to %s on %s\n", cl->url->location, cl->url->host);
return;
}
if (cl->status_code == 204 && cur_resume) {
/* Resume attempt failed, try normal download */
cur_resume = false;
//init_request(cl);
return;
}
DPRINTF("headers:\n%s\n", blobmsg_format_json_indent(cl->meta, true, 0));
blobmsg_parse(policy, __H_MAX, tb, blob_data(cl->meta), blob_len(cl->meta));
switch (cl->status_code) {
case 400:
request_done(cl);
rc=-1;
break;
case 412:
fprintf(stderr, "%s target %s/%s (%s) not found. Please report this at %s\n",
distribution, target, subtarget, board_name, server_issues);
request_done(cl);
rc=-2;
break;
case 413:
fprintf(stderr, "image too big.\n");
rc=-1;
request_done(cl);
break;
case 416:
fprintf(stderr, "File download already fully retrieved; nothing to do.\n");
request_done(cl);
break;
case 422:
fprintf(stderr, "unknown package '%s' requested.\n",
blobmsg_get_string(tb[H_UNKNOWN_PACKAGE]));
rc=-1;
request_done(cl);
break;
case 501:
fprintf(stderr, "ImageBuilder didn't produce sysupgrade file.\n");
rc=-2;
request_done(cl);
break;
case 204:
fprintf(stdout, "system is up to date.\n");
uptodate=1;
request_done(cl);
break;
case 206:
if (!cur_resume) {
fprintf(stderr, "Error: Partial content received, full content requested\n");
request_done(cl);
break;
}
if (!tb[H_RANGE]) {
fprintf(stderr, "Content-Range header is missing\n");
break;
}
if (sscanf(blobmsg_get_string(tb[H_RANGE]),
"bytes %"PRIu64"-%"PRIu64"/%"PRIu64,
&resume_offset, &resume_end, &resume_size) != 3) {
fprintf(stderr, "Content-Range header is invalid\n");
break;
}
case 202:
if (!tb[H_IBSTATUS])
break;
ibstatus = blobmsg_get_string(tb[H_IBSTATUS]);
if (!strncmp(ibstatus, "queue", 6)) {
if (!imagebuilder) {
fprintf(stderr, "server is dispatching build job\n");
imagebuilder=1;
} else {
if (tb[H_IBQUEUEPOS]) {
queuepos = atoi(blobmsg_get_string(tb[H_IBQUEUEPOS]));
fprintf(stderr, "build is in queue position %u.\n", queuepos);
}
}
retry=1;
} else if (!strncmp(ibstatus, "building", 9)) {
if (!building) {
fprintf(stderr, "server is now building image...\n");
building=1;
}
retry=1;
} else if (!strncmp(ibstatus, "initialize", 11)) {
if (!ibready) {
fprintf(stderr, "server is setting up ImageBuilder...\n");
ibready=1;
}
retry=1;
} else {
fprintf(stderr, "unrecognized remote imagebuilder status '%s'\n", ibstatus);
rc=-2;
}
// fall through
case 200:
if (cl->priv)
break;
if (tb[H_LEN])
out_len = strtoul(blobmsg_get_string(tb[H_LEN]), NULL, 10);
output_fd = open_output_file(cl->url->location, resume_offset);
if (output_fd < 0) {
perror("Cannot open output file");
request_done(cl);
}
break;
default:
fprintf(stderr, "HTTP error %d\n", cl->status_code);
request_done(cl);
break;
}
}
static void read_data_cb(struct uclient *cl)
{
char buf[256];
int len;
json_object *jsobj;
struct blob_buf *outbuf = NULL;
json_tokener *tok = NULL;
struct jsonblobber *jsb = (struct jsonblobber *)cl->priv;
if (!jsb) {
while (1) {
len = uclient_read(cl, buf, sizeof(buf));
if (!len)
return;
out_bytes += len;
write(output_fd, buf, len);
}
return;
}
outbuf = jsb->outbuf;
tok = jsb->tok;
while (1) {
len = uclient_read(cl, buf, sizeof(buf));
if (!len)
break;
out_bytes += len;
jsobj = json_tokener_parse_ex(tok, buf, len);
if (json_tokener_get_error(tok) == json_tokener_continue)
continue;
if (json_tokener_get_error(tok) != json_tokener_success)
break;
if (jsobj)
{
if (json_object_get_type(jsobj) == json_type_object)
blobmsg_add_object(outbuf, jsobj);
json_object_put(jsobj);
break;
}
}
}
static void eof_cb(struct uclient *cl)
{
if (!cl->data_eof && !uptodate) {
fprintf(stderr, "Connection reset prematurely\n");
}
request_done(cl);
}
static void handle_uclient_error(struct uclient *cl, int code)
{
const char *type = "Unknown error";
switch(code) {
case UCLIENT_ERROR_CONNECT:
type = "Connection failed";
break;
case UCLIENT_ERROR_TIMEDOUT:
type = "Connection timed out";
break;
case UCLIENT_ERROR_SSL_INVALID_CERT:
type = "Invalid SSL certificate";
break;
case UCLIENT_ERROR_SSL_CN_MISMATCH:
type = "Server hostname does not match SSL certificate";
break;
default:
break;
}
fprintf(stderr, "Connection error: %s\n", type);
request_done(cl);
}
static const struct uclient_cb check_cb = {
.header_done = header_done_cb,
.data_read = read_data_cb,
.data_eof = eof_cb,
.error = handle_uclient_error,
};
static int server_request(const char *url, struct blob_buf *inbuf, struct blob_buf *outbuf) {
struct uclient *ucl;
struct jsonblobber *jsb = NULL;
int rc = -1;
char *post_data;
out_offset = 0;
out_bytes = 0;
out_len = 0;
uloop_init();
ucl = uclient_new(url, NULL, &check_cb);
if (outbuf) {
jsb = malloc(sizeof(struct jsonblobber));
jsb->outbuf = outbuf;
jsb->tok = json_tokener_new();
};
uclient_http_set_ssl_ctx(ucl, ssl_ops, ssl_ctx, 1);
ucl->timeout_msecs = REQ_TIMEOUT * 1000;
ucl->priv = jsb;
rc = uclient_connect(ucl);
if (rc)
return rc;
rc = uclient_http_set_request_type(ucl, inbuf?"POST":"GET");
if (rc)
return rc;
uclient_http_reset_headers(ucl);
uclient_http_set_header(ucl, "User-Agent", user_agent);
if (inbuf) {
uclient_http_set_header(ucl, "Content-Type", "text/json");
post_data = blobmsg_format_json(inbuf->head, true);
uclient_write(ucl, post_data, strlen(post_data));
}
rc = uclient_request(ucl);
if (rc)
return rc;
uloop_run();
uloop_done();
uclient_free(ucl);
return 0;
}
/**
* ustream-ssl
*/
static int init_ustream_ssl(void) {
void *dlh;
glob_t gl;
int i;
dlh = dlopen("libustream-ssl.so", RTLD_LAZY | RTLD_LOCAL);
if (!dlh)
return -1;
ssl_ops = dlsym(dlh, "ustream_ssl_ops");
if (!ssl_ops)
return -1;
ssl_ctx = ssl_ops->context_new(false);
glob("/etc/ssl/certs/*.crt", 0, NULL, &gl);
if (!gl.gl_pathc)
return -2;
for (i = 0; i < gl.gl_pathc; i++)
ssl_ops->context_add_ca_crt_file(ssl_ctx, gl.gl_pathv[i]);
return 0;
}
/**
* use busybox sha256sum to verify sha256sums file
*/
static int sha256sum_v(const char *sha256file, const char *msgfile) {
pid_t pid;
int fds[2];
int status;
FILE *f = fopen(sha256file, "r");
char sumline[512] = {};
char *fname;
unsigned int fnlen;
unsigned int cnt = 0;
if (pipe(fds))
return -1;
if (!f)
return -1;
pid = fork();
switch (pid) {
case -1:
return -1;
case 0:
uloop_done();
dup2(fds[0], 0);
close(1);
close(2);
close(fds[0]);
close(fds[1]);
if (execl("/bin/busybox", "/bin/busybox", "sha256sum", "-s", "-c", NULL));
return -1;
break;
default:
while (fgets(sumline, sizeof(sumline), f)) {
fname = &sumline[66];
fnlen = strlen(fname);
fname[fnlen-1] = '\0';
if (!strcmp(fname, msgfile)) {
fname[fnlen-1] = '\n';
write(fds[1], sumline, strlen(sumline));
cnt++;
}
}
fclose(f);
close(fds[1]);
waitpid(pid, &status, 0);
close(fds[0]);
if (cnt == 1)
return WEXITSTATUS(status);
else
return -1;
}
return -1;
}
/**
* use usign to verify sha256sums.sig
*/
static int usign_v(const char *file) {
pid_t pid;
int status;
pid = fork();
switch (pid) {
case -1:
return -1;
case 0:
uloop_done();
if (execl("/usr/bin/usign", "/usr/bin/usign",
"-V", "-q", "-P", PUBKEY_PATH, "-m", file, NULL));
return -1;
break;
default:
waitpid(pid, &status, 0);
return WEXITSTATUS(status);
}
return -1;
}
static int ask_user(void)
{
fprintf(stderr, "Are you sure you want to continue the upgrade process? [N/y] ");
if (getchar() != 'y')
return -1;
return 0;
}
static void print_package_updates(struct blob_attr *upgrades) {
struct blob_attr *cur;
struct blob_attr *tb[2];
int rem;
blobmsg_for_each_attr(cur, upgrades, rem) {
blobmsg_parse_array(pkg_upgrades_policy, ARRAY_SIZE(policy), tb, blobmsg_data(cur), blobmsg_data_len(cur));
if (!tb[0] || !tb[1])
continue;
fprintf(stdout, "\t%s (%s -> %s)\n", blobmsg_name(cur),
blobmsg_get_string(tb[1]), blobmsg_get_string(tb[0]));
};
}
/* this main function is too big... todo: split */
int main(int args, char *argv[]) {
static struct blob_buf allpkg, checkbuf, infobuf, reqbuf, imgbuf, upgbuf;
struct ubus_context *ctx = ubus_connect(NULL);
uint32_t id;
int valid, use_get;
char url[256];
char *newversion = NULL;
struct blob_attr *tb[__IMAGE_MAX];
struct blob_attr *tbc[__CHECK_MAX];
char *tmp;
struct stat imgstat;
int check_only = 0;
int ignore_sig = 0;
unsigned char argc = 1;
snprintf(user_agent, sizeof(user_agent), "%s (%s)", argv[0], AUC_VERSION);
fprintf(stdout, "%s\n", user_agent);
while (argc<args) {
if (!strncmp(argv[argc], "-h", 3) ||
!strncmp(argv[argc], "--help", 7)) {
fprintf(stdout, "%s: Attended sysUpgrade CLI client\n", argv[0]);
fprintf(stdout, "Usage: auc [-d] [-h]\n");
fprintf(stdout, " -c\tonly check if system is up-to-date\n");
fprintf(stdout, " -F\tignore result of signature verification\n");
#ifdef AUC_DEBUG
fprintf(stdout, " -d\tenable debugging output\n");
#endif
fprintf(stdout, " -h\toutput help\n");
return 0;
}
#ifdef AUC_DEBUG
if (!strncmp(argv[argc], "-d", 3))
debug = 1;
#endif
if (!strncmp(argv[argc], "-c", 3))
check_only = 1;
if (!strncmp(argv[argc], "-F", 3))
ignore_sig = 1;
argc++;
};
if (!ctx) {
fprintf(stderr, "failed to connect to ubus.\n");
return -1;
}
if (load_config()) {
rc=-1;
goto freeubus;
}
if (chdir("/tmp")) {
rc=-1;
goto freeconfig;
}
rc = init_ustream_ssl();
if (rc == -2) {
fprintf(stderr, "No CA certificates loaded, please install ca-certificates\n");
rc=-1;
goto freessl;
}
if (rc || !ssl_ctx) {
fprintf(stderr, "SSL support not available, please install ustream-ssl\n");
rc=-1;
goto freessl;
}
blobmsg_buf_init(&checkbuf);
blobmsg_buf_init(&infobuf);
blobmsg_buf_init(&reqbuf);
blobmsg_buf_init(&imgbuf);
/* ubus requires BLOBMSG_TYPE_UNSPEC */
blob_buf_init(&allpkg, 0);
blob_buf_init(&upgbuf, 0);
if (ubus_lookup_id(ctx, "system", &id) ||
ubus_invoke(ctx, id, "board", NULL, board_cb, &checkbuf, 3000)) {
fprintf(stderr, "cannot request board info from procd\n");
rc=-1;
goto freebufs;
}
if (rc)
goto freebufs;
blobmsg_add_u8(&allpkg, "all", 1);
blobmsg_add_string(&allpkg, "dummy", "foo");
if (ubus_lookup_id(ctx, "rpc-sys", &id) ||
ubus_invoke(ctx, id, "packagelist", allpkg.head, pkglist_check_cb, &checkbuf, 3000)) {
fprintf(stderr, "cannot request packagelist from rpcd\n");
rc=-1;
goto freeboard;
}
if (rc)
goto freeboard;
blobmsg_add_u32(&checkbuf, "upgrade_packages", upgrade_packages);
fprintf(stdout, "running %s %s on %s/%s (%s)\n", distribution,
version, target, subtarget, board_name);
fprintf(stdout, "checking %s for release upgrade%s\n", serverurl,
upgrade_packages?" or updated packages":"");
snprintf(url, sizeof(url), "%s/%s", serverurl, APIOBJ_CHECK);
uptodate=0;
do {
retry=0;
DPRINTF("requesting:\n%s\n", blobmsg_format_json_indent(checkbuf.head, true, 0));
if (server_request(url, &checkbuf, &infobuf)) {
fprintf(stderr, "failed to connect to server\n");
rc=-1;
goto freeboard;
};
if (retry)
sleep(3);
} while(retry);
DPRINTF("reply:\n%s\n", blobmsg_format_json_indent(infobuf.head, true, 0));
blobmsg_parse(check_policy, __CHECK_MAX, tbc, blob_data(infobuf.head), blob_len(infobuf.head));
if (!tbc[CHECK_VERSION] && !tbc[CHECK_UPGRADES]) {
if (uptodate) {
rc=0;
} else if (!rc) {
fprintf(stderr, "server reply invalid.\n");
rc=-2;
}
goto freeboard;
}
if (tbc[CHECK_VERSION]) {
newversion = blobmsg_get_string(tbc[CHECK_VERSION]);
fprintf(stdout, "new %s release %s found.\n", distribution, newversion);
} else {
newversion = version;
fprintf(stdout, "staying on %s release version %s\n", distribution, version);
};
blobmsg_add_string(&reqbuf, "version", newversion);
if (tbc[CHECK_UPGRADES]) {
fprintf(stdout, "package updates:\n");
print_package_updates(tbc[CHECK_UPGRADES]);
}
if (check_only) {
rc=1;
goto freeboard;
};
rc = ask_user();
if (rc)
goto freeboard;
blobmsg_add_string(&reqbuf, "distro", distribution);
blobmsg_add_string(&reqbuf, "target", target);
blobmsg_add_string(&reqbuf, "subtarget", subtarget);
blobmsg_add_string(&reqbuf, "board", board_name);
blob_buf_init(&allpkg, 0);
blobmsg_add_u8(&allpkg, "all", 0);
blobmsg_add_string(&allpkg, "dummy", "foo");
if (ubus_invoke(ctx, id, "packagelist", allpkg.head, pkglist_req_cb, &reqbuf, 3000)) {
fprintf(stderr, "cannot request packagelist from rpcd\n");
rc=-1;
goto freeboard;
}
snprintf(url, sizeof(url), "%s/%s", serverurl, APIOBJ_REQUEST);
imagebuilder = 0;
building = 0;
use_get = 0;
do {
retry = 0;
DPRINTF("requesting:\n%s\n", use_get?"":blobmsg_format_json_indent(reqbuf.head, true, 0));
server_request(url, use_get?NULL:&reqbuf, &imgbuf);
blobmsg_parse(image_policy, __IMAGE_MAX, tb, blob_data(imgbuf.head), blob_len(imgbuf.head));
if (!use_get && tb[IMAGE_REQHASH]) {
snprintf(url, sizeof(url), "%s/%s/%s", serverurl,
APIOBJ_REQUEST,
blobmsg_get_string(tb[IMAGE_REQHASH]));
DPRINTF("polling via GET %s\n", url);
retry=1;
use_get=1;
}
if (retry) {
blob_buf_free(&imgbuf);
blobmsg_buf_init(&imgbuf);
sleep(3);
}
} while(retry);
DPRINTF("reply:\n%s\n", blobmsg_format_json_indent(imgbuf.head, true, 0));
if (!tb[IMAGE_SYSUPGRADE]) {
if (!rc) {
fprintf(stderr, "no sysupgrade image returned\n");
rc=-1;
}
goto freeboard;
}
strncpy(url, blobmsg_get_string(tb[IMAGE_SYSUPGRADE]), sizeof(url));
server_request(url, NULL, NULL);
filename = uclient_get_url_filename(url, "firmware.bin");
if (stat(filename, &imgstat)) {
fprintf(stderr, "image download failed\n");
rc=-1;
goto freeboard;
}
if ((intmax_t)imgstat.st_size != out_len) {
fprintf(stderr, "file size mismatch\n");
unlink(filename);
rc=-1;
goto freeboard;
}
tmp=strrchr(url, '/');
strcpy(tmp, "/sha256sums");
server_request(url, NULL, NULL);
if (stat("sha256sums", &imgstat)) {
fprintf(stderr, "sha256sums download failed\n");
rc=-1;
goto freeboard;
}
if ((intmax_t)imgstat.st_size != out_len) {
fprintf(stderr, "sha256sums download incomplete\n");
unlink("sha256sums");
rc=-1;
goto freeboard;
}
if (out_len < 68) {
fprintf(stderr, "sha256sums size mismatch\n");
unlink("sha256sums");
rc=-1;
goto freeboard;
}
if (sha256sum_v("sha256sums", filename)) {
fprintf(stderr, "checksum verification failed\n");
unlink(filename);
unlink("sha256sums");
rc=-1;
goto freeboard;
}
strcpy(tmp, "/sha256sums.sig");
server_request(url, NULL, NULL);
if (stat("sha256sums.sig", &imgstat)) {
fprintf(stderr, "sha256sums.sig download failed\n");
rc=-1;
goto freeboard;
}
if ((intmax_t)imgstat.st_size != out_len) {
fprintf(stderr, "sha256sums.sig download incomplete\n");
unlink("sha256sums.sig");
rc=-1;
goto freeboard;
}
if (out_len < 16) {
fprintf(stderr, "sha256sums.sig size mismatch\n");
unlink("sha256sums.sig");
rc=-1;
goto freeboard;
}
if (usign_v("sha256sums")) {
fprintf(stderr, "signature verification failed\n");
if (!ignore_sig) {
unlink(filename);
unlink("sha256sums");
unlink("sha256sums.sig");
rc=-1;
goto freeboard;
}
};
if (strcmp(filename, "firmware.bin")) {
if (rename(filename, "firmware.bin")) {
fprintf(stderr, "can't rename to firmware.bin\n");
unlink(filename);
rc=-1;
goto freeboard;
}
}
valid = 0;
ubus_invoke(ctx, id, "upgrade_test", NULL, upgtest_cb, &valid, 3000);
if (!valid) {
rc=-1;
goto freeboard;
}
blobmsg_add_u8(&upgbuf, "keep", 1);
fprintf(stdout, "invoking sysupgrade\n");
ubus_invoke(ctx, id, "upgrade_start", upgbuf.head, NULL, NULL, 3000);
freeboard:
free(board_name);
free(target);
/* subtarget is a pointer within target, don't free */
free(distribution);
free(version);
freebufs:
blob_buf_free(&checkbuf);
blob_buf_free(&infobuf);
blob_buf_free(&reqbuf);
blob_buf_free(&imgbuf);
blob_buf_free(&upgbuf);
freessl:
if (ssl_ctx)
ssl_ops->context_free(ssl_ctx);
freeconfig:
free(serverurl);
freeubus:
ubus_free(ctx);
return rc;
}