certificates: improve the certupdate script

Signed-off-by: John Crispin <john@phrozen.org>

feeds/tip/luci/luci-mod-ucentral/root/sbin/certupdate

@@ -3,31 +3,33 @@
 # make sure we have a tar file
 [ -f /tmp/certs.tar ] || exit 1
 
-# check if there is a certificates partition
 . /lib/functions.sh
-mtd="$(find_mtd_index certificates)"
-[ -z "$mtd" ] && exit 1
 
-# check if this is ubi or squashfs
-ubi="$(ubinfo -a | grep certificates)"
+# amke sure the cert partition is mounted
+mount_certs
+
+# make sure that this is a UBI volume
+ubi=$(grep certificates /proc/mounts  | tail -n 1 | grep ubi)
+[ -z "$ubi" ] && exit 1
 
 # extract the certificates
-mkdir /tmp/certs
-cd /tmp/certs
-tar xf /tmp/certs.tar
+mkdir -p /tmp/certs
+tar x -C /tmp/certs -f /tmp/certs.tar
+
+# make sure the required files exist
+[ -f /tmp/certs/cas.pem -a -f /tmp/certs/key.pem -a -f /tmp/certs/cert.pem ] || exit 1
+[ -f /tmp/certs/gateway.json -o -f /tmp/certs/dev-id ] || exit 1
 
 # copy the certificates to /etc
-cp *.pem dev-id /etc/ucentral/
+cp /tmp/certs/*.pem /certificates
 
-# persistently store the certificates
-if [ -z "$ubi" ]; then
-# squashfs
-	mtd write /tmp/certs/squashfs /dev/mtd$mtd
-else
-# ubi
-	[ -e /dev/ubi0 ] && mount -t ubifs ubi0:certificates /certificates
-	[ -e /dev/ubi1 ] && mount -t ubifs ubi1:certificates /certificates
-	cp *.pem dev-id /certificates/
-fi
+# copy dev-id or gateway.json
+for a in dev-id gateway.json; do
+	if [ -f /tmp/certs/$a ]; then
+		cp /tmp/certs/$a /certificates
+	else
+		rm -f /certificates/$a
+	fi
+done
 
 exit 0