1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
|
<?php
/**
*
* Renamed from "CHD OpenWRT" to "CHD LEDE" on 2017-06-21
*
* Copyright 2016-2017 Ludovic Pouzenc <ludovic@pouzenc.fr>
* Copyright 2017 Nicolas Goaziou <mail@nicolasgoaziou.fr>
*
* CHD LEDE is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* CHD LEDE is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with CHD LEDE. If not, see <http://www.gnu.org/licenses/>.
**/
function validate($regex, $index, $message, &$errors) {
if (isset($_POST[$index]) && 1 === preg_match($regex, $_POST[$index])) {
return true;
}
if (is_array($errors)) $errors[$index] = $message . ' (' . (isset($_POST[$index])?$_POST[$index]:'vide') . ')';
return false;
}
function checksame($index1, $index2, $message, &$errors) {
if (
isset($_POST[$index1])
&& isset($_POST[$index2])
&& ($_POST[$index1] === $_POST[$index2])
) {
return true;
}
$errors[$index] = $message;
return false;
}
$pattern_ipv4_optionnal='/(^|((^|\.)((25[0-5])|(2[0-4]\d)|(1\d\d)|([1-9]?\d))){4})$/';
$pattern_ipv4='/((^|\.)((25[0-5])|(2[0-4]\d)|(1\d\d)|([1-9]?\d))){4}$/';
$pattern_ipv6='/^(((?=.*(::))(?!.*\3.+\3))\3?|([\dA-F]{1,4}(\3|:\b|$)|\2))(?4){5}((?4){2}|(((2[0-4]|1\d|[1-9])?\d|25[0-5])\.?\b){4})\z/i';
$pattern_pass6='/^[^\']{6,64}$/u';
$pattern_pass8='/^[^\']{8,64}$/u';
$pattern_ssid='/^[\w._-]{1,32}$/';
$pattern_iden='/^[\w._-]*$/';
$pattern_rev='/^\d[\d.]*$/';
$pattern_int='/^-?\d+$/';
$errors=array();
$ignore=NULL;
$res = validate($pattern_iden, 'profile', 'Profil matériel du routeur incorrect', $errors);
$res &= validate($pattern_rev, 'revision', 'Révision matérielle du routeur incorrecte', $errors);
$res &= validate($pattern_ipv4, 'ip4pub', 'Adresse IPv4 publique du routeur incorrecte', $errors);
$res &= validate($pattern_ipv4_optionnal, 'ip4wan', 'Adresse IPv4 WAN du routeur incorrecte', $errors);
$res &= validate($pattern_ipv4, 'ip4lan', 'Adresse IPv4 LAN du routeur incorrecte', $errors);
$res &= validate($pattern_ipv6, 'ip6prefix', 'Préfixe IPv6 du routeur incorrect', $errors);
//$res &= validate($pattern_ipv6, 'ip6wanll', 'Adresse IPv6 WAN Link Local incorrecte', $errors);
$res &= validate($pattern_pass6, 'pwd1', 'Mot de passe du routeur incorrect', $errors);
$res &= validate($pattern_pass6, 'pwd2', 'Mot de passe du routeur incorrect', $ignore);
$res &= validate($pattern_ssid, 'ssid', 'Nom du réseau WiFi (SSID) incorrect', $errors);
$res &= validate($pattern_pass8, 'key1', 'Mot de passe du WiFi incorrect', $errors);
$res &= validate($pattern_pass8, 'key2', 'Mot de passe du WiFi incorrect', $ignore);
$res &= validate($pattern_int, 'txpower', 'Puissance d\'émission WiFi incorrecte', $errors);
$res &= checksame('pwd1', 'pwd2', 'Les mots de passes ne correspondent pas', $errors);
$res &= checksame('key1', 'key2', 'Les mots de passes ne correspondent pas', $errors);
$region="";
switch ($_POST['profile']) {
case 'TLWR740':
switch($_POST['revision']) {
case '51':
$target="tl-wr740n-v5";
break;
case '4':
case '5':
/* case '6': # PAS TESTE, on en a pas */
$target="tl-wr740n-v" . $_POST['revision'];
break;
default:
$errors['revision'] = 'Pas de mise à jour disponible pour l\'instant (' . (isset($_POST['revision'])?$_POST[$index]:'vide') . ')';
$res = false;
}
break;
case 'TLWR841':
switch($_POST['revision']) {
case '9':
case '10':
$target="tl-wr841-v" . $_POST['revision'];
break;
case '11':
$target="tl-wr841-v" . $_POST['revision'];
$region="-eu";
break;
default:
$errors['revision'] = 'Pas de mise à jour disponible pour l\'instant (' . (isset($_POST['revision'])?$_POST[$index]:'vide') . ')';
$res = false;
}
break;
default:
$errors['profile'] = 'Pas de mise à jour disponible pour l\'instant (' . (isset($_POST[$index])?$_POST['profile']:'vide') . ')';
$res = false;
}
$profile="DEVICE_$target";
$user_filename="mise-a-jour-routeur-$target.bin";
$gen_fileglob="bin/targets/ar71xx/generic/lede-*-ar71xx-generic-$target-squashfs-factory$region.bin";
if ( !$res ) {
echo "<!DOCTYPE html>\n<html>\n<head>\n<meta charset=\"utf-8\" />\n</head>\n<body>\n<h2>Oops, une erreur s'est produite</h2><div>Il y a un problème avec les renseignements fournis<br><ul>\n";
foreach ($errors as $k=>$v) {
echo "<li>$v</li>\n";
}
echo '</ul><input action="action" type="button" value="Revenir au formulaire" onclick="history.go(-1);" />'."</div>\n</body>\n</html>\n";
exit();
}
// Prevent escapeshellarg to eat UTF-8 non ASCII chars
setlocale(LC_CTYPE, "fr_FR.UTF-8");
$basepath='/var/cache/build-openwrt';
$scriptfile='build-openwrt.sh';
$lockfile='/run/lock/build-openwrt.lock';
// Escape everything and build command-line
$ip4pub=escapeshellarg($_POST['ip4pub']);
$lanip4addr=escapeshellarg($_POST['ip4lan']);
$ip6prefix=escapeshellarg($_POST['ip6prefix']);
//$wanip6ll=escapeshellarg($_POST['ip6wanll']);
$root_passwd=escapeshellarg($_POST['pwd1']);
$wireless_ssid=escapeshellarg($_POST['ssid']);
$wireless_key=escapeshellarg($_POST['key1']);
$wireless_txpower=escapeshellarg($_POST['txpower']);
$wanip4addr=escapeshellarg($_POST['ip4wan']);
# build-openwrt <profile> <ip4pub> <lanip4addr> <ip6prefix> <root_passwd> <wireless_ssid> <wireless_key> <wireless_txpower> [ip4wan]
$command=escapeshellcmd($scriptfile);
$command .= " $profile $ip4pub $lanip4addr $ip6prefix $root_passwd $wireless_ssid $wireless_key $wireless_txpower $wanip4addr 2>&1";
// Prevent multiple parallel executions of the generation part
$fh=fopen($lockfile, 'w+');
if ( ! is_resource($fh) ) {
echo "PROBLEM opening lock file\n";
exit();
}
if ( ! flock($fh, LOCK_EX) ) {
echo "PROBLEM acquiring lock file\n";
exit();
}
// Run the imagebuilder make command
putenv("CACHE_DIR=$basepath/");
putenv("BUILD_DIR=$basepath/build/");
exec($command, $output, $return_val);
// Match produced file against expected filename
$gen_matchedfiles = glob("$basepath/build/$gen_fileglob");
// Dump script output in /tmp for troobleshooting
file_put_contents(tempnam('/tmp' , $scriptfile.'_'), array($command, "\n", print_r($output,true), "\n",$return_val,"\n"));
if ( $return_val === 0 && count($gen_matchedfiles) === 1) {
header('Content-Type: application/octet-stream');
header("Content-Disposition: attachment; filename=$user_filename");
readfile($gen_matchedfiles[0]);
} else {
echo "<pre>\n$command\n\n";
echo join($output, "\n") . "\n\n";
echo "Expected file pattern : '$basepath/build/$gen_fileglob'"; echo "\n";
echo "Matched files : "; print_r($gen_matchedfiles); echo "\n";
echo "Command return value : "; var_dump($return_val); echo "\n";
}
fclose($fh);
|
