diff --git a/feeds/tip/certificates/files/etc/init.d/certificates b/feeds/tip/certificates/files/etc/init.d/certificates index c810644d1..bdab43bee 100755 --- a/feeds/tip/certificates/files/etc/init.d/certificates +++ b/feeds/tip/certificates/files/etc/init.d/certificates @@ -3,13 +3,13 @@ START=80 copy_certificates() { - [ -f /certificates/dev-id ] || return + [ -f /certificates/key.pem ] || return cp /certificates/*.pem /etc/ucentral/ - cp /certificates/dev-id /etc/ucentral/ + [ -f /certificates/dev-id ] && cp /certificates/dev-id /etc/ucentral/ chown root.network /etc/ucentral/*.pem chmod 0440 root.network /etc/ucentral/*.pem - chmod 0400 /etc/ucentral/dev-id + [ -f /etc/ucentral/dev-id] && chmod 0400 /etc/ucentral/dev-id [ -f /certificates/restrictions.json ] && cp /certificates/restrictions.json /etc/ucentral/ [ -f /certificates/sign_pubkey.pem ] && cp /certificates/sign_pubkey.pem /etc/ucentral/ exit 0 @@ -17,80 +17,6 @@ copy_certificates() { boot() { [ -f /etc/ucentral/dev-id ] && return - . /lib/functions.sh - mkdir -p /certificates /etc/ucentral/ - local mtd=$(find_mtd_index certificates) - - if [ "$(head -c 4 /dev/mtd$mtd)" == "hsqs" ]; then - mount -t squashfs /dev/mtdblock$mtd /certificates - else - [ -n "$mtd" -a -f /sys/class/mtd/mtd$mtd/oobsize ] && ubiattach -p /dev/mtd$mtd - if [ -n "$(ubinfo -a | grep certificates)" ]; then - [ -e /dev/ubi0 ] && mount -t ubifs ubi0:certificates /certificates - [ -e /dev/ubi1 ] && mount -t ubifs ubi1:certificates /certificates - fi - fi - - case "$(board_name)" in - cig,wf660a) - mmc_dev=$(echo $(find_mmc_part "0:ETHPHYFW") | sed 's/^.\{5\}//') - [ -n "$mmc_dev" ] && mount -t ext4 /dev/$mmc_dev /certificates - ;; - esac - - copy_certificates - - # if we get here no valid certificates were found - - local PART_NAME - - case "$(board_name)" in - actiontec,web7200) - if grep -q bootselect=0 /proc/cmdline; then - PART_NAME=firmware2 - else - PART_NAME=firmware1 - fi - ;; - edgecore,ecw5211|\ - edgecore,eap101|\ - edgecore,eap102) - if grep -q rootfs1 /proc/cmdline; then - PART_NAME=rootfs2 - else - PART_NAME=rootfs1 - fi - ;; - hfcl,ion4xi|\ - hfcl,ion4xi_w|\ - hfcl,ion4x_w|\ - hfcl,ion4xi_HMR|\ - hfcl,ion4x|\ - hfcl,ion4x_2|\ - hfcl,ion4xi_wp|\ - hfcl,ion4xe) - if grep -q rootfs_1 /proc/cmdline; then - PART_NAME=rootfs - else - PART_NAME=rootfs_1 - fi - ;; - cig,wf186w|\ - cig,wf186h|\ - yuncore,ax840|\ - yuncore,fap655) - PART_NAME=rootfs_1 - ;; - *) - return 1 - ;; - esac - - local MTD=$(find_mtd_index $PART_NAME) - - [ -z "$MTD" ] && return 1 - - ubiattach -m $MTD -d 3 - [ -e /dev/ubi3 ] && mount -t ubifs ubi3:certificates /certificates + /usr/bin/mount_certs copy_certificates } diff --git a/feeds/tip/certificates/files/usr/bin/mount_certs b/feeds/tip/certificates/files/usr/bin/mount_certs index 022d3c055..1a0b1281e 100755 --- a/feeds/tip/certificates/files/usr/bin/mount_certs +++ b/feeds/tip/certificates/files/usr/bin/mount_certs @@ -1,7 +1,11 @@ #!/bin/sh +check_certificates() { + [ -f /certificates/cas.pem -a -f /certificates/cert.pem -a -f /certificates/key.pem ] && exit 0 +} + . /lib/functions.sh -mkdir -p /certificates +mkdir -p /certificates /etc/ucentral/ mtd=$(find_mtd_index certificates) if [ "$(head -c 4 /dev/mtd$mtd)" == "hsqs" ]; then @@ -13,3 +17,66 @@ else [ -e /dev/ubi1 ] && mount -t ubifs ubi1:certificates /certificates fi fi + +case "$(board_name)" in +cig,wf660a) + mmc_dev=$(echo $(find_mmc_part "0:ETHPHYFW") | sed 's/^.\{5\}//') + [ -n "$mmc_dev" ] && mount -t ext4 /dev/$mmc_dev /certificates + ;; +esac + +check_certificates + +# if we get here no valid certificates were found + +PART_NAME= + +case "$(board_name)" in +actiontec,web7200) + if grep -q bootselect=0 /proc/cmdline; then + PART_NAME=firmware2 + else + PART_NAME=firmware1 + fi + ;; +edgecore,ecw5211|\ +edgecore,eap101|\ +edgecore,eap102) + if grep -q rootfs1 /proc/cmdline; then + PART_NAME=rootfs2 + else + PART_NAME=rootfs1 + fi + ;; +hfcl,ion4xi|\ +hfcl,ion4xi_w|\ +hfcl,ion4x_w|\ +hfcl,ion4xi_HMR|\ +hfcl,ion4x|\ +hfcl,ion4x_2|\ +hfcl,ion4xi_wp|\ +hfcl,ion4xe) + if grep -q rootfs_1 /proc/cmdline; then + PART_NAME=rootfs + else + PART_NAME=rootfs_1 + fi + ;; +cig,wf186w|\ +cig,wf186h|\ +yuncore,ax840|\ +yuncore,fap655) + PART_NAME=rootfs_1 + ;; +*) + return 1 + ;; +esac + +MTD=$(find_mtd_index $PART_NAME) + +[ -z "$MTD" ] && return 1 + +ubiattach -m $MTD -d 3 +[ -e /dev/ubi3 ] && mount -t ubifs ubi3:certificates /certificates +check_certificates