Here's an updated patch that applies after recent commits. I'll commit
this sometime this weekend unless someone has other ideas.
On Sat, Jan 08, 2022 at 08:30:09PM -0800, Andrew Hewus Fresh wrote:
> That last patch I committed made it so that if you specify a local path
> to install from with -p, while it will look in the SHA256.sig file for
> the filename it didn't actually verify the checksum.
>
> In any case, this patch means we verify the checksum unless someone
> specified a local filename on the command line. If we translate a
> driver name into a filename we verify the checksum.
>
> This also adjusts so that if the existing file fails the checksum and
> we're downloading (with -F for example) it will rm the file and
> re-download it.
>
> It _doesn't_ try again for a file that is downloaded and fails
> validation, either right after having rm'd a file that failed or if it
> didn't previously exist and it does leave the successfully downloaded
> (but failed validation) file on disk. I haven't decided if that's the
> right choice yet.
>
> Comments, OK?
Index: fw_update.sh
===================================================================
RCS file: /cvs/src/usr.sbin/fw_update/fw_update.sh,v
retrieving revision 1.31
diff -u -p -r1.31 fw_update.sh
--- fw_update.sh 22 Jan 2022 05:03:47 -0000 1.31
+++ fw_update.sh 22 Jan 2022 05:27:58 -0000
@@ -433,7 +433,7 @@ kept=''
for f in "${devices[@]}"; do
d="$( firmware_devicename "$f" )"
- verify_existing="$DOWNLOAD"
+ verify_existing=true
if [ "$f" = "$d" ]; then
f=$( firmware_filename "$d" || true )
[ "$f" ] || continue
@@ -459,24 +459,27 @@ for f in "${devices[@]}"; do
fi
pending_status=false
- if [ -e "$f" ]; then
- if "$verify_existing" && ! "$DRYRUN"; then
- if ((VERBOSE == 1)); then
- echo -n "Verify ${f##*/} ..."
- pending_status=true
- fi
- ((VERBOSE > 1)) && ! "$INSTALL" &&
- echo "Keep/Verify ${f##*/}"
- verify "$f" || {
- "$pending_status" && echo " failed."
- continue
- }
- "$pending_status" && ! "$INSTALL" && echo " done."
- else
- ((VERBOSE > 1)) && ! "$INSTALL" &&
- echo "Keep ${f##*/}"
+ if "$verify_existing" && [ -e "$f" ]; then
+ if ((VERBOSE == 1)); then
+ echo -n "Verify ${f##*/} ..."
+ pending_status=true
+ elif ((VERBOSE > 1)) && ! "$INSTALL"; then
+ echo "Keep/Verify ${f##*/}"
fi
- "$INSTALL" || kept="$kept,$d"
+
+ if "$DRYRUN" || verify "$f"; then
+ "$INSTALL" || kept="$kept,$d"
+ elif "$DOWNLOAD"; then
+ ((VERBOSE > 1)) && echo "Refetching $f"
+ rm -f $f
+ else
+ "$pending_status" && echo " failed."
+ continue
+ fi
+ fi
+
+ if [ -e "$f" ]; then
+ "$pending_status" && ! "$INSTALL" && echo " done."
elif "$DOWNLOAD"; then
if "$DRYRUN"; then
((VERBOSE)) && echo "Get/Verify ${f##*/}"
