#!/usr/bin/perl =for commnet Part of AREDN -- Used for creating Amateur Radio Emergency Data Networks Copyright (C) 2015 Conrad Lara See Contributors file for additional contributors Copyright (c) 2013 David Rivenburg et al. BroadBand-HamNet This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 3 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Additional Terms: Additional use restrictions exist on the AREDN(TM) trademark and logo. See AREDNLicense.txt for more info. Attributions to the AREDN Project must be retained in the source code. If importing this code into a new or existing project attribution to the AREDN project must be added to the source code. You must not misrepresent the origin of the material conained within. Modified versions must be modified to attribute to the original source and be marked in reasonable ways as differentiate it from the original version. =cut BEGIN {push @INC, '/www/cgi-bin'}; use perlfunc; sub firmware_list_gen { @fw_images = (); chomp($fw_version = `cat /etc/mesh-release`); foreach(`cat /tmp/web/firmware.list 2>/dev/null`) { my($md5, $fw, $tag) = /^(\S+) (\S+) (.*)/; next unless $tag; next if $tag eq "none"; next unless ($tag eq "all") or ($tag eq "dev" and $parms{dev}) or ($fw_version =~ /$tag/); push @fw_images, $fw; $fw_md5{$fw} = $md5; } } $debug = 0; $| = 1; read_postdata(); read_query_string(); $node = nvram_get("node"); $tmpdir = "/tmp/web/admin"; system "mkdir -p $tmpdir"; # make developer mode stick system "touch /tmp/developer_mode" if $parms{dev}; $parms{dev} = 1 if -e "/tmp/developer_mode"; # set the wget command options $wget = "wget -U 'node: $node'"; # # handle firmware updates # $fw_install = 0; $patch_install = 0; @fw_output = (); @fw_images = (); %fw_md5 = (); @serverpaths = ( "http://downloads.aredn.org/firmware/ubnt" ); # refresh fw if($parms{button_refresh_fw}) { if(get_default_gw() ne "none") { push @fw_output, "Downloading firmware list...\n"; unlink "/tmp/web/firmware.list"; $ok = 0; $hardwaretype = `/usr/local/bin/get_hardwaretype`; chomp($hardwaretype); foreach $serverpath (@serverpaths) { system "$wget -O /tmp/web/firmware.list $serverpath/firmware.$hardwaretype.list >/dev/null 2>>$tmpdir/wget.err"; unless($?) { $ok = 1; last } } if($ok) { push @fw_output, "Done.\n" } else { push @fw_output, `cat $tmpdir/wget.err` } unlink "$tmpdir/wget.err"; } else { push @fw_output, "Error: no route to the Internet\n"; unlink "/tmp/web/firmware.list"; } } # generate data structures # and set $fw_version firmware_list_gen(); # upload fw if($parms{button_ul_fw} and -f "/tmp/web/upload/file") { system "mv -f /tmp/web/upload/file $tmpdir/firmware"; if($parms{firmfile} =~ /sysupgrade\.bin$/) # full firmware { $fw_install = 1; # check firmware header if(system "/usr/local/bin/firmwarecheck.sh $tmpdir/firmware") { push @fw_output, "Firmware CANNOT be updated\n"; push @fw_output, "firmware file is not valid\n"; $fw_install = 0; } } elsif($parms{firmfile} =~ /^patch\S+\.tgz$/) # firmware patch { $patch_install = 1; } else { push @fw_output, "Firmware CANNOT be updated\n"; push @fw_output, "the uploaded file is not recognized\n"; } } # download fw if($parms{button_dl_fw} and $parms{dl_fw} ne "default") { if(get_default_gw() ne "none") { unlink "$tmpdir/firmware"; $ok = 0; foreach $serverpath (@serverpaths) { system "$wget -O $tmpdir/firmware $serverpath/$parms{dl_fw} >/dev/null 2>>$tmpdir/wget.err"; unless($?) { $ok = 1; last } } if($parms{dl_fw} =~ /sysupgrade\.bin$/) # full firmware { $fw_install = 1; unless($ok) { push @fw_output, "Downloading firmware image...\n"; push @fw_output, `cat $tmpdir/wget.err`; } unlink "$tmpdir/wget.err"; # check md5sum $fw = $parms{dl_fw}; chdir $tmpdir; if(system "echo '$fw_md5{$fw} firmware' | md5sum -cs") { push @fw_output, "Firmware CANNOT be updated\n"; push @fw_output, "firmware file is not valid\n"; $fw_install = 0; } } elsif($parms{dl_fw} =~ /^patch\S+\.tgz$/) # firmware patch { $patch_install = 1; unless($ok) { push @fw_output, "Downloading patch file...\n"; push @fw_output, `cat $tmpdir/wget.err`; } unlink "$tmpdir/wget.err"; # check md5sum $fw = $parms{dl_fw}; chdir $tmpdir; if(system "echo '$fw_md5{$fw} firmware' | md5sum -cs") { push @fw_output, "Firmware CANNOT be updated\n"; push @fw_output, "patch file is not valid\n"; $patch_install = 0; } } else { push @fw_output, "Firmware CANNOT be updated\n"; push @fw_output, "the downloaded file is not recognized\n"; } } else { push @fw_output, "Error: no route to the Internet\n"; unlink "/tmp/web/firmware.list"; } } # install fw if($fw_install and -f "$tmpdir/firmware") { my $junk; http_header(); html_header("FIRMWARE UPDATE IN PROGRESS", 0); print ""; print "\n"; print "
\n"; print "

The firmware is being updated.

\n"; print "

DO NOT REMOVE POWER UNTIL UPDATE IS FINISHED

\n"; print "

\n"; unless($debug) { if ( $parms{checkbox_keep_settings} ) { nvram_set("nodeupgraded","1"); print "

Firmware will be written in the background.

If you are connected to the LAN of this node you may need to acquire a new
DHCP lease and reset any name service caches you may be using.

The node will reboot twice while the configuration is applied
Wait for the Status 4 LED to start blinking, then stop blinking twice.
When the Status 4 LED is solid on you can get your new DHCP lease and reconnect with
http://$node.local.mesh:8080/
(This page will automatically reload in 2½ minutes)

"; open(FILE, "/sbin/sysupgrade -q $tmpdir/firmware 2>&1 |") or die; } else { print "Writing firmware

\n"; open(FILE, "/sbin/mtd write $tmpdir/firmware firmware 2>&1 |") or die; while(read FILE, $junk, 7) { print "|" } print "

The node is rebooting

If you are connected to the LAN of this node you may need to acquire a new
DHCP lease and reset any name service caches you may be using.

Wait for the Status 4 LED to start blinking, then stop blinking.
When the Status 4 LED is solid on you can get your new DHCP lease and reconnect with
http://localnode.local.mesh:8080/
(This page will automatically reload in 2½ minutes)

"; page_footer(); print ""; system "/sbin/reboot" unless $debug; exit; } } } # install patch if($patch_install and -f "$tmpdir/firmware") { @fw_output = (); for($fail = 1; ; ) { # check available space chomp ($size = `gunzip -c $tmpdir/firmware | wc -c`); $size = int(($size + 1023) / 1024); if(get_free_space("/tmp") - $size < 100) { push @fw_output, "Firmware CANNOT be patched\n"; push @fw_output, "insufficient /tmp space\n"; push @fw_output, "try again after a reboot\n"; last; } elsif(get_free_space("/overlay") - $size < 100) { push @fw_output, "Firmware CANNOT be patched\n"; push @fw_output, "insufficient flash space\n"; push @fw_output, "a full firmware install is required\n"; last; } # make it so unlink "$tmpdir/patch.err"; unlink "$tmpdir/patch.out"; last if system "mkdir -p $tmpdir/patch 2>>$tmpdir/patch.err"; last if not chdir "$tmpdir/patch"; last if system "tar xzf $tmpdir/firmware 2>>$tmpdir/patch.err"; unless(-f "files.tar") { push @fw_output, "Firmware CANNOT be updated\n"; push @fw_output, "patch file is not valid\n"; last; } last if -x "pre-install" and system "./pre-install >>$tmpdir/patch.out 2>>$tmpdir/patch.err"; last if system "tar xvf files.tar -C / >>$tmpdir/patch.out 2>>$tmpdir/patch.err"; last if -x "post-install" and system "./post-install >>$tmpdir/patch.out 2>>$tmpdir/patch.err"; reboot_page("/cgi-bin/status") if -f "reboot"; firmware_list_gen(); # mesh-release has changed so regenerate the firmware list $fail = 0; last; } if($fail) { unless(@fw_output) { push @fw_output, "Firmware patch failed. This is very bad.\n"; push @fw_output, "You should probably reinstall the full firmware.\n"; push @fw_output, `cat $tmpdir/patch.err 2>/dev/null`; } } else { push @fw_output, "Installing patch...\n"; push(@fw_output, `cat $tmpdir/patch.out`) if $parms{dev}; push @fw_output, "Done.\n"; } } # # handle package actions # @pkg_output = (); # load permanent package list foreach(`cat /etc/permpkg 2>/dev/null`) { next if /^#/; chomp; $permpkg{$_} = 1; } # upload package if($parms{button_ul_pkg} and -f "/tmp/web/upload/file") { system "mv -f /tmp/web/upload/file /tmp/web/upload/newpkg.ipk"; push @pkg_output, `opkg -force-overwrite install /tmp/web/upload/newpkg.ipk 2>&1`; system "rm -rf /tmp/opkg-*"; } # download package if($parms{button_dl_pkg} and $parms{dl_pkg} ne "default") { if(get_default_gw() ne "none") { push @pkg_output, `opkg -force-overwrite install $parms{dl_pkg} 2>&1`; } else { push @pkg_output, "Error: no route to the Internet\n"; } } # refresh package list if($parms{button_refresh_pkg}) { if(get_default_gw() ne "none") { @pkg_output = `opkg update 2>&1`; system "opkg list | grep -v '^ ' | cut -f1,3 -d' ' | gzip -c > /etc/opkg.list.gz"; } else { push @pkg_output, "Error: no route to the Internet\n"; } } # remove package if($parms{button_rm_pkg} and $parms{rm_pkg} ne "default" and not $permpkg{$parms{rm_pkg}}) { @pkg_output = `opkg remove $parms{rm_pkg} 2>&1`; } # generate data structures @pkgs = (); %pkgver = (); foreach(`opkg list_installed | cut -f1,3 -d' '`) { ($pkg, $ver) = split /\s/, $_; next unless $ver; push @pkgs, $pkg; $pkgver{$pkg} = $ver; } @dl_pkgs = (); %dlpkgver = (); foreach(`zcat /etc/opkg.list.gz 2>/dev/null`) { ($pkg, $ver) = split /\s/, $_; next unless $ver; next if $pkgver{$pkg} and $pkgver{$pkg} eq $ver; push @dl_pkgs, $pkg; $dlpkgver{$pkg} = $ver; } # # handle ssh key actions # @key_output = (); $keyfile = "/etc/dropbear/authorized_keys"; # upload key if($parms{button_ul_key} and -f "/tmp/web/upload/file") { $count = `wc -l $keyfile 2>/dev/null`; system "grep ^ssh- /tmp/web/upload/file >> $keyfile"; if($count eq `wc -l $keyfile`) { push @key_output, "Error: file does not appear to be an ssh key file\n"; push @key_output, "Authorized keys not changed.\n"; } else { push @key_output, "Key installed.\n"; } } # remove key if($parms{button_rm_key} and $parms{rm_key} ne "default" and -f $keyfile) { $count = `wc -l $keyfile`; system "grep -v '$parms{rm_key}' $keyfile > $tmpdir/keys"; system "mv -f $tmpdir/keys $keyfile"; if($count eq `wc -l $keyfile`) { push @key_output, "Error: authorized keys were not changed.\n"; } else { push @key_output, "Key $parms{rm_key} removed.\n"; } } # generate data structures @keys = (); open(FILE, ">$tmpdir/newkeys"); foreach(`cat $keyfile 2>/dev/null`) { ($type, $key, $who, $extra) = split /\s+/, $_; next if $extra; next unless $who =~ /.\@./; next unless $type =~ /^ssh-/; push @keys, $who; print FILE "$type $key $who\n"; } close(FILE); # sanitize the key file if(-f $keyfile and system "diff $keyfile $tmpdir/newkeys >/dev/null 2>&1") { system "mv -f $tmpdir/newkeys $keyfile"; push @key_output, "Info: key file sanitized.\n"; } # clean up system "rm -rf /tmp/web/upload $tmpdir" unless $debug; # # generate the page # http_header(); html_header("$node administration", 1); print "
\n"; alert_banner(); print "
\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "
\n"; navbar("admin"); print "
Help
\n"; print "\n"; # # firmware # print "\n"; print "\n"; # # packages # print "\n"; print "\n"; # # ssh keys # print "\n"; print "\n"; print "
\n"; print "\n"; print "\n"; if(@fw_output) { print "\n"; } print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "
Firmware Update
\n";
    print word_wrap(80, @fw_output);
    print "
current version: $fw_version
Upload Firmware
Download Firmware\n"; print "\n"; print "Keep Settings

\n"; print "\n"; print "\n"; if(@pkg_output) { # opkg can produce duplicate first lines, remove them here while(defined $pkg_output[1] and $pkg_output[0] eq $pkg_output[1]) { shift @pkg_output; } print "\n"; } print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "
Package Management
\n";
    print word_wrap(80, @pkg_output);
    print "
Upload Package
Download Package\n"; print "\n"; print "
Remove Package

\n"; print "\n"; print "\n"; if(@key_output) { print "\n"; } print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "
Authorized SSH Keys
\n";
    print word_wrap(80, @key_output);
    print "
Upload Key
Remove Key\n"; print "

\n"; print "
\n"; print "\n" if $parms{dev}; print "
\n"; print "
\n"; show_debug_info(); show_parse_errors(); page_footer(); print "\n"; print "\n";