-
-
Notifications
You must be signed in to change notification settings - Fork 38
Expand file tree
/
Copy pathupdate_all.sh
More file actions
executable file
·228 lines (199 loc) · 7.33 KB
/
update_all.sh
File metadata and controls
executable file
·228 lines (199 loc) · 7.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
#!/bin/bash
# Copyright (c) 2022-2026 José Manuel Barroso Galindo <theypsilon@gmail.com>
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# You can download the latest version of this tool from:
# https://github.com/theypsilon/Update_All_MiSTer
set -euo pipefail
LOCATION_STR="${LOCATION_STR:-/media/fat}"
RUN_TOOL_PATH="/tmp/update_all.sh"
REMOTE_TOOL_URL="https://raw.githubusercontent.com/theypsilon/Update_All_MiSTer/master/dont_download2.sh"
LATEST_TOOL_PATH="${LOCATION_STR}/Scripts/.config/update_all/update_all.pyz"
MIRROR_FILE_PATH="${LOCATION_STR}/Scripts/update_all.mirror"
CACERT_PEM_0="/etc/ssl/certs/cacert.pem"
CACERT_PEM_1="${LOCATION_STR}/Scripts/.config/downloader/cacert.pem"
CACERT_PEM_INSTALL_URL="https://curl.se/ca/cacert.pem"
CACERT_PEM_SIG_URL="https://curl.se/ca/cacert.pem.sha256"
NTP_SERVERS=(
"time.apple.com"
"time.amazonaws.cn"
"ntp.ntsc.ac.cn"
"cn.pool.ntp.org"
"ntp.aliyun.com"
"ntp.tencent.com"
"ntp.rt.ru"
)
# MIRROR SETUP
if [ -s "${MIRROR_FILE_PATH}" ] ; then
TEMP_MIRROR_TOOL_URL=$(grep -o '"mirror_tool_url"[[:space:]]*:[[:space:]]*"[^"]*"' "${MIRROR_FILE_PATH}" | cut -d'"' -f4 || true)
TEMP_MIRROR_ID=$(grep -o '"mirror_id"[[:space:]]*:[[:space:]]*"[^"]*"' "${MIRROR_FILE_PATH}" | cut -d'"' -f4 || true)
TEMP_EXTRA_NTP_SERVERS=$(grep -o '"extra_ntp_servers"[[:space:]]*:[[:space:]]*"[^"]*"' "${MIRROR_FILE_PATH}" | cut -d'"' -f4 || true)
if [ -n "${TEMP_MIRROR_TOOL_URL}" ] && [ -n "${TEMP_MIRROR_ID}" ] ; then
export MIRROR_TOOL_URL="${TEMP_MIRROR_TOOL_URL}"
export MIRROR_ID="${TEMP_MIRROR_ID}"
REMOTE_TOOL_URL="${MIRROR_TOOL_URL}"
else
echo "WARNING: ${MIRROR_FILE_PATH} is invalid."
echo " Please replace it with a valid mirror file."
echo " Falling back to default download source."
echo
fi
if [ -n "${TEMP_EXTRA_NTP_SERVERS}" ] ; then
EXTRA_NTP_SERVERS=()
IFS=',' read -ra EXTRA_NTP_SERVERS <<< "${TEMP_EXTRA_NTP_SERVERS// /}" || true
NTP_SERVERS=("${EXTRA_NTP_SERVERS[@]}" "${NTP_SERVERS[@]}")
fi
fi
# NTP SETUP
if (( 10#$(date +%Y) < 2000 )) ; then
NTP_CONF="/etc/ntp.conf"
for server in "${NTP_SERVERS[@]}"; do
if ! grep -qF "${server}" "${NTP_CONF}"; then
{ echo "server $server iburst" >> "${NTP_CONF}" ; } 2>>/tmp/ua_launcher_errors.log || true
fi
done
NTP_PID="/var/run/ntpd.pid"
start-stop-daemon -K -p "${NTP_PID}" || true
rm -f "${NTP_PID}" 2>>/tmp/ua_launcher_errors.log || true
start-stop-daemon -S -q -p "${NTP_PID}" -x "/usr/sbin/ntpd" -- -g -p "${NTP_PID}" || true
connected=0
for ((i=1; i<=10; i++)); do
if ntpq -c "rv 0" 2>&1 | grep -qiE "connection refused|sync_unspec" ; then
printf "."
sleep 3
else
connected=1
break
fi
done
printf "\n"
if (( connected )); then
echo "Date and time is:"
date
echo
elif [[ "${CURL_SSL:-}" != "--insecure" ]] ; then
echo "Unable to sync."
echo "Please, try again later."
exit 1
fi
fi
# CERTS SETUP
check_pem_shape() {
awk '
/^-----BEGIN CERTIFICATE-----$/ {depth++; begin++; next}
/^-----END CERTIFICATE-----$/ {if (depth == 0) exit 1; depth--; end++}
END {exit !(begin > 0 && begin == end && depth == 0)}
' "$1" >/dev/null 2>&1
}
if check_pem_shape "${CACERT_PEM_1}" ; then
export SSL_CERT_FILE="${CACERT_PEM_1}"
elif check_pem_shape "${CACERT_PEM_0}" ; then
export SSL_CERT_FILE="${CACERT_PEM_0}"
elif [[ "${CURL_SSL:-}" != "--insecure" ]] ; then
set +e
curl "${REMOTE_TOOL_URL}" > /dev/null 2>&1
CURL_RET=$?
set -e
case $CURL_RET in
0)
;;
*)
if ! which dialog > /dev/null 2>&1 ; then
echo "ERROR: CURL returned error code ${CURL_RET}."
exit $CURL_RET
fi
set +e
dialog --keep-window --title "Bad Certificates" --defaultno \
--yesno "CA certificates need to be fixed, do you want me to fix them?\n\nNOTE: This operation will delete files at /etc/ssl/certs" \
7 65
DIALOG_RET=$?
set -e
if [[ "${DIALOG_RET}" != "0" ]] ; then
echo "No secure connection is possible without fixing the certificates."
echo "Please fix the certificates and try again."
exit 1
fi
RO_ROOT="false"
if mount | grep "on / .*[(,]ro[,$]" -q ; then
RO_ROOT="true"
fi
[ "${RO_ROOT}" == "true" ] && mount / -o remount,rw
rm -f /etc/ssl/certs/* 2>>/tmp/ua_launcher_errors.log || true
echo
echo "Installing cacert.pem from ${CACERT_PEM_INSTALL_URL}"
curl --insecure --location -o /tmp/cacert.pem "${CACERT_PEM_INSTALL_URL}"
curl --insecure --location -o /tmp/cacert.pem.sha256 "${CACERT_PEM_SIG_URL}"
DOWNLOAD_SHA256=$(cat /tmp/cacert.pem.sha256 | awk '{print $1}')
CALCULATED_SHA256=$(sha256sum /tmp/cacert.pem | awk '{print $1}')
if [[ "${DOWNLOAD_SHA256}" == "${CALCULATED_SHA256}" ]]; then
mv /tmp/cacert.pem "${CACERT_PEM_0}"
sync
else
echo "Checksum validation for downloaded CA certificate failed."
echo "Please try again later."
exit 0
fi
[ "${RO_ROOT}" == "true" ] && mount / -o remount,ro
export SSL_CERT_FILE="${CACERT_PEM_0}"
;;
esac
fi
# LAUNCHER
download_file() {
local DOWNLOAD_PATH="${1}"
local DOWNLOAD_URL="${2}"
set +e
curl ${CURL_SSL:-} --silent --fail --location -o "${DOWNLOAD_PATH}" "${DOWNLOAD_URL}"
local CMD_RET=$?
set -e
case ${CMD_RET} in
0)
return
;;
60|77|35|51|58|59|82|83)
echo
echo "Could not establish a secure connection."
echo "There may be a problem with the certificates."
echo "Please check the certificates and try again."
exit 1
;;
*)
echo ; echo "No internet connection, please try again later."
exit 1
;;
esac
}
rm -f ${RUN_TOOL_PATH} 2>>/tmp/ua_launcher_errors.log || true
if [ -s "${LATEST_TOOL_PATH}" ] ; then
cp "${LATEST_TOOL_PATH}" "${RUN_TOOL_PATH}"
else
echo "${REMOTE_TOOL_URL}" ; echo
download_file "${RUN_TOOL_PATH}" "${REMOTE_TOOL_URL}"
fi
echo "Launching Update All" ; echo
chmod +x "${RUN_TOOL_PATH}"
set +e
${RUN_TOOL_PATH}
UA_RET=$?
set -e
if [[ ${UA_RET} -eq 2 ]] && [ -s "${LATEST_TOOL_PATH}" ] ; then
cp "${LATEST_TOOL_PATH}" "${RUN_TOOL_PATH}"
set +e
${RUN_TOOL_PATH} --continue
UA_RET=$?
set -e
fi
if [[ ${UA_RET} -ne 0 ]] ; then
echo -e "Update All failed!\n"
exit 1
fi
rm -f ${RUN_TOOL_PATH} 2>>/tmp/ua_launcher_errors.log || true
exit 0