42 lines
1.1 KiB
Bash
Executable File
42 lines
1.1 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
if [[ -z $key ]]; then
|
|
/bin/echo "Usage: sudo key=<update_key> -E update.sh"
|
|
exit 1
|
|
fi
|
|
|
|
password=`/bin/cat /etc/update_key | /usr/bin/sha512sum | /usr/bin/cut -d' ' -f 1`
|
|
auth=`/bin/echo -n $key | /usr/bin/sha512sum | /usr/bin/cut -d' ' -f 1`
|
|
|
|
if [[ "$auth" != "$password" ]]; then
|
|
/bin/echo "Wrong password"
|
|
exit 1
|
|
fi
|
|
|
|
pubkey="/pub.pem"
|
|
file="/tmp/update.tar.cc"
|
|
sig="/tmp/sig"
|
|
/bin/echo "### ccOS Update Script ###"
|
|
/bin/echo "[+] Starting"
|
|
/bin/echo "[+] Extracting Signature"
|
|
skip=$(expr $(stat -c '%s' $file) - 256)
|
|
if [[ -L $file ]]
|
|
then
|
|
exit 0
|
|
fi
|
|
/bin/dd if=/tmp/update.tar.cc of=$sig bs=1 count=256 skip=$skip
|
|
/usr/bin/truncate -s $skip $file
|
|
/bin/echo "[+] Checking Signature"
|
|
check=`/usr/bin/openssl dgst -sha256 -verify $pubkey -signature $sig $file`
|
|
if [ "$check" == "Verified OK" ]
|
|
then
|
|
/bin/echo "[+] Signature is valid!"
|
|
/bin/echo "[+] Upgrading..."
|
|
/bin/tar -xvf $file -C /
|
|
/bin/rm $sig
|
|
/bin/echo "[+] Done"
|
|
else
|
|
/bin/echo "[-] Signature error, exiting..."
|
|
/bin/rm $sig
|
|
fi
|