From 1841c74d16b06af23b6deeb739041d386564db65 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Wed, 20 Sep 2023 17:14:13 +0200 Subject: [PATCH] certificates: improve the certupdate script Signed-off-by: John Crispin --- .../luci-mod-ucentral/root/sbin/certupdate | 40 ++++++++++--------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/feeds/tip/luci/luci-mod-ucentral/root/sbin/certupdate b/feeds/tip/luci/luci-mod-ucentral/root/sbin/certupdate index f4ca04618..91270aba8 100755 --- a/feeds/tip/luci/luci-mod-ucentral/root/sbin/certupdate +++ b/feeds/tip/luci/luci-mod-ucentral/root/sbin/certupdate @@ -3,31 +3,33 @@ # make sure we have a tar file [ -f /tmp/certs.tar ] || exit 1 -# check if there is a certificates partition . /lib/functions.sh -mtd="$(find_mtd_index certificates)" -[ -z "$mtd" ] && exit 1 -# check if this is ubi or squashfs -ubi="$(ubinfo -a | grep certificates)" +# amke sure the cert partition is mounted +mount_certs + +# make sure that this is a UBI volume +ubi=$(grep certificates /proc/mounts | tail -n 1 | grep ubi) +[ -z "$ubi" ] && exit 1 # extract the certificates -mkdir /tmp/certs -cd /tmp/certs -tar xf /tmp/certs.tar +mkdir -p /tmp/certs +tar x -C /tmp/certs -f /tmp/certs.tar + +# make sure the required files exist +[ -f /tmp/certs/cas.pem -a -f /tmp/certs/key.pem -a -f /tmp/certs/cert.pem ] || exit 1 +[ -f /tmp/certs/gateway.json -o -f /tmp/certs/dev-id ] || exit 1 # copy the certificates to /etc -cp *.pem dev-id /etc/ucentral/ +cp /tmp/certs/*.pem /certificates -# persistently store the certificates -if [ -z "$ubi" ]; then -# squashfs - mtd write /tmp/certs/squashfs /dev/mtd$mtd -else -# ubi - [ -e /dev/ubi0 ] && mount -t ubifs ubi0:certificates /certificates - [ -e /dev/ubi1 ] && mount -t ubifs ubi1:certificates /certificates - cp *.pem dev-id /certificates/ -fi +# copy dev-id or gateway.json +for a in dev-id gateway.json; do + if [ -f /tmp/certs/$a ]; then + cp /tmp/certs/$a /certificates + else + rm -f /certificates/$a + fi +done exit 0