blob: a45f3bbc731fdda2af38431b68a978e69b1b8107 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
fwtool_check_signature() {
[ $# -gt 1 ] && return 1
[ ! -x /usr/bin/ucert ] && {
if [ "$REQUIRE_IMAGE_SIGNATURE" = 1 ]; then
return 1
else
return 0
fi
}
if ! fwtool -q -s /tmp/sysupgrade.ucert "$1"; then
v "Image signature not present"
[ "$REQUIRE_IMAGE_SIGNATURE" = 1 -a "$FORCE" != 1 ] && {
v "Use sysupgrade -F to override this check when downgrading or flashing to vendor firmware"
}
[ "$REQUIRE_IMAGE_SIGNATURE" = 1 ] && return 1
return 0
fi
fwtool -q -T -s /dev/null "$1" | \
ucert -V -m - -c "/tmp/sysupgrade.ucert" -P /etc/opkg/keys
return $?
}
fwtool_check_image() {
[ $# -gt 1 ] && return 1
. /usr/share/libubox/jshn.sh
if ! fwtool -q -i /tmp/sysupgrade.meta "$1"; then
v "Image metadata not present"
[ "$REQUIRE_IMAGE_METADATA" = 1 -a "$FORCE" != 1 ] && {
v "Use sysupgrade -F to override this check when downgrading or flashing to vendor firmware"
}
[ "$REQUIRE_IMAGE_METADATA" = 1 ] && return 1
return 0
fi
json_load "$(cat /tmp/sysupgrade.meta)" || {
v "Invalid image metadata"
return 1
}
device="$(cat /tmp/sysinfo/board_name)"
devicecompat="$(uci -q get system.@system[0].compat_version)"
[ -n "$devicecompat" ] || devicecompat="1.0"
json_get_var imagecompat compat_version
json_get_var compatmessage compat_message
[ -n "$imagecompat" ] || imagecompat="1.0"
# select correct supported list based on compat_version
# (using this ensures that compatibility check works for devices
# not knowing about compat-version)
local supported=supported_devices
[ "$imagecompat" != "1.0" ] && supported=new_supported_devices
json_select $supported || return 1
json_get_keys dev_keys
for k in $dev_keys; do
json_get_var dev "$k"
if [ "$dev" = "$device" ]; then
# major compat version -> no sysupgrade
if [ "${devicecompat%.*}" != "${imagecompat%.*}" ]; then
v "The device is supported, but this image is incompatible for sysupgrade based on the image version ($devicecompat->$imagecompat)."
[ -n "$compatmessage" ] && v "$compatmessage"
return 1
fi
# minor compat version -> sysupgrade with -n required
if [ "${devicecompat#.*}" != "${imagecompat#.*}" ] && [ "$SAVE_CONFIG" = "1" ]; then
v "The device is supported, but the config is incompatible to the new image ($devicecompat->$imagecompat). Please upgrade without keeping config (sysupgrade -n)."
[ -n "$compatmessage" ] && v "$compatmessage"
return 1
fi
return 0
fi
done
v "Device $device not supported by this image"
local devices="Supported devices:"
for k in $dev_keys; do
json_get_var dev "$k"
devices="$devices $dev"
done
v "$devices"
return 1
}
|
