Re: [fonosfera] Failed to identify upload.

[Matthijs Kooijman]

Hi Iurgi,

> I think that limitation is only for non-developer versions.
That is true for plugins, but I don't think it holds for firmware upgrades. At
the very least, it didn't work with my developer firmware. Furthermore, I think
it also shows from the code (unless there is a completely different codepath
I'm missing).  Look at the following code from action_plugin in 
/luci/modules/admin-fon/luasrc/controller/fon_admin/fon_index.lua:

            local verify = require("luci.fon.pkg.verify")
            local str, key, err = verify.fonidentify(tmpfile)
            local uci = require("luci.model.uci").cursor()
            local allow_unsigned = false
            local dev = uci:get("registered", "fonreg", "dev")
            if dev == "1" then
                allow_unsigned = true
            end
            if str ~= "hotfix" and str ~= "plugin" and str ~= "unsigned" then
                ret = "Failed to identify upload."
            else
                local dir, str = verify.fonverify(tmpfile, "/etc/fon/keyring/", 
allow_unsigned)
                if dir == nil then
                    ret = i18n.translate("plugin_verify", "Failed to verify 
plugin.")
                else
                    local res, str = verify.fonupgrade(dir)
                    if res == 0 then
                        ret = i18n.translate("plugin_installed", "Plugin 
successfully installed.")
                        if redir then
                            return http.redirect(redir)
                        end
                    elseif res == 256 then
                        ret = i18n.translate("plugin_already", "Plugin is 
already installed")
                    elseif res == 512 then
                        ret = i18n.translate("plugin_no_space", "Not enough 
space to install plugin.")
                    else
                        ret = str
                    end
                end
            end

Here, allow_unsigned is set depending on dev mode and passed to fonverify.

In contrast, look at this part of action_upgrade in
/luci/modules/admin-fon/luasrc/controller/fon_admin/fon_admin.lua:

            local verify = require("luci.fon.pkg.verify")
            local str, key, err = verify.fonidentify(tmpfile)
            if str ~= "reflash" then
                ret = luci.i18n.translate("failed_identify", "Failed to 
identify upload.")
            else
                local dir, str = verify.fonverify(tmpfile, "/etc/fon/keyring/", 
false)
                if dir == nil then
                    ret = luci.i18n.translate("failed_verify", "Failed to 
verify upload.")
                else
                    local uci = require("luci.model.uci").cursor_state()
                    uci:set("fon", "state", "upgrade", dir)
                    uci:save("fon")
                    require("luci.fon.event").new("FlashDevice")
                    return 
luci.http.redirect(luci.dispatcher.build_url("upgrading"))
                end
            end

Here, the third argument to fonverify is always "false", meaning unsigned
images are never allowed. Additionally, there is a check for str ~= "reflash",
while unsigned images return str == "unsigned".

Gr.

Matthijs

signature.asc
Description: Digital signature

_______________________________________________
Development mailing list
Development@fonosfera.org
http://fonosfera.org/mailman/listinfo/development