#! /bin/sh
#
# smartmontools drive database update script
#
# Home page of code is: http://www.smartmontools.org
#
# Copyright (C) 2010-17 Christian Franke
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# You should have received a copy of the GNU General Public License
# (for example COPYING); If not, see .
#
# $Id: update-smart-drivedb.in 4584 2017-11-03 22:43:32Z chrfranke $
#
set -e
# Set by config.status
@ENABLE_SCRIPTPATH_TRUE@export PATH="@scriptpath@"
PACKAGE="@PACKAGE@"
VERSION="@VERSION@"
prefix="@prefix@"
exec_prefix="@exec_prefix@"
sbindir="@sbindir@"
datarootdir="@datarootdir@"
datadir="@datadir@"
drivedbdir="@drivedbdir@"
# Download tools
os_dltools="@os_dltools@"
# drivedb.h update branch
BRANCH="@DRIVEDB_BRANCH@"
# Default drivedb location
DRIVEDB="$drivedbdir/drivedb.h"
# GnuPG used to verify signature (disabled if empty)
GPG="@gnupg@"
# Smartctl used for syntax check
SMARTCTL="$sbindir/smartctl"
myname=$0
usage()
{
cat <&2
exit 1
}
warning()
{
echo "$myname: (Warning) $*" >&2
}
selecturl()
{
case $1 in
sf) url='https://sourceforge.net/p/smartmontools/code/HEAD/tree/trunk/smartmontools/drivedb.h?format=raw' ;;
svn) url='https://svn.code.sf.net/p/smartmontools/code/trunk/smartmontools/drivedb.h' ;;
svni) url='http://svn.code.sf.net/p/smartmontools/code/trunk/smartmontools/drivedb.h' ;;
trac) url='https://www.smartmontools.org/export/HEAD/trunk/smartmontools/drivedb.h' ;;
*) usage ;;
esac
}
inpath()
{
local d rc save
rc=1
save=$IFS
IFS=':'
for d in $PATH; do
test -f "$d/$1" || continue
test -x "$d/$1" || continue
rc=0
break
done
IFS=$save
return $rc
}
vecho()
{
test -n "$q" || echo "$*"
}
# vrun COMMAND ARGS...
vrun()
{
if [ -n "$dryrun" ]; then
echo "$*"
elif [ -n "$q" ]; then
"$@" 2>/dev/null
else
echo "$*"
"$@"
fi
}
# vrun2 OUTFILE COMMAND ARGS...
vrun2()
{
local f err rc
f=$1; shift
rc=0
if [ -n "$dryrun" ]; then
echo "$* > $f"
else
vecho "$* > $f"
err=`"$@" 2>&1 > $f` || rc=$?
if [ -n "$err" ]; then
vecho "$err" >&2
test $rc != 0 || rc=42
fi
fi
return $rc
}
# download URL FILE
download()
{
local f u rc
u=$1; f=$2
rc=0
case $tool in
curl)
vrun curl ${q:+-s} -f --max-redirs 0 \
${cacert:+--cacert "$cacert"} \
${capath:+--capath "$capath"} \
${insecure:+--insecure} \
-o "$f" "$u" || rc=$?
;;
wget)
vrun wget $q --max-redirect=0 \
${cacert:+--ca-certificate="$cacert"} \
${capath:+--ca-directory="$capath"} \
${insecure:+--no-check-certificate} \
-O "$f" "$u" || rc=$?
;;
lynx)
test -z "$cacert" || vrun export SSL_CERT_FILE="$cacert"
test -z "$capath" || vrun export SSL_CERT_DIR="$capath"
# Check also stderr as lynx does not return != 0 on HTTP error
vrun2 "$f" lynx -stderr -noredir -source "$u" || rc=$?
;;
svn)
vrun svn $q export \
--non-interactive --no-auth-cache \
${cacert:+--config-option "servers:global:ssl-trust-default-ca=no"} \
${cacert:+--config-option "servers:global:ssl-authority-files=$cacert"} \
${insecure:+--trust-server-cert} \
"$u" "$f" || rc=$?
;;
fetch) # FreeBSD
vrun fetch $q --no-redirect \
${cacert:+--ca-cert "$cacert"} \
${capath:+--ca-path "$capath"} \
${insecure:+--no-verify-hostname} \
-o "$f" "$u" || rc=$?
;;
ftp) # OpenBSD
vrun ftp \
${cacert:+-S cafile="$cacert"} \
${capath:+-S capath="$capath"} \
${insecure:+-S dont} \
-o "$f" "$u" || rc=$?
;;
*) error "$tool: unknown (internal error)" ;;
esac
return $rc
}
# check_file FILE FIRST_CHAR MIN_SIZE MAX_SIZE
check_file()
{
local firstchar f maxsize minsize size
test -z "$dryrun" || return 0
f=$1; firstchar=$2; minsize=$3; maxsize=$4
# Check first chars
case `dd if="$f" bs=1 count=1 2>/dev/null` in
$firstchar) ;;
\<) echo "HTML error message"; return 1 ;;
*) echo "unknown file contents"; return 1 ;;
esac
# Check file size
size=`wc -c < "$f"`
if test "$size" -lt $minsize; then
echo "too small file size $size bytes"
return 1
fi
if test "$size" -gt $maxsize; then
echo "too large file size $size bytes"
return 1
fi
return 0
}
# unexpand_svn_id < INFILE > OUTFILE
unexpand_svn_id()
{
sed 's,\$''Id'': drivedb\.h [0-9][0-9]* 2[-0-9]* [012][:0-9]*Z [a-z][a-z]* \$,$''Id''$,'
}
# Smartmontools Signing Key (through 2018)
#
# Key ID DFD22559
public_key="\
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBFgOYoEBCAC93841SlFmpp6640hKUvZ8PbZR6OGnZnMXD6QRVzpibXGZXUDB
f6unujun5Ql4ObAWt6QuRqz5Gk2gF8tcOfN6edR/uK5gyX2rlWVLoZKOV91a3aDI
iIDh018tLWOpHg3VxgHL6f0iMcFogUYnD5zhC5Z2GVhFb/cVpj+ocZWcxQLQGPVv
uZPUQWrvdpFEzcnxPMtJJDqXEChzhrdFTXGm69ERxULOro7yDmG1Y5xWmhdGnPPM
cuCXVVlADz/Gh1w+ay7RqFnzPjqjQmHAuggns467TJEcS0yiX4LJnEoKLyPGen9L
FH6z38xHCNt4Da05/OeRgXwVLH9M95lu8d6TABEBAAG0U1NtYXJ0bW9udG9vbHMg
U2lnbmluZyBLZXkgKHRocm91Z2ggMjAxOCkgPHNtYXJ0bW9udG9vbHMtZGF0YWJh
c2VAbGlzdGkuanBiZXJsaW4uZGU+iQFBBBMBAgArAhsDBQkEHA0ABgsJCAcDAgYV
CAIJCgsEFgIDAQIeAQIXgAUCWe5KCQIZAQAKCRDzh2PO39IlWbM5CAC6GNFXkJEu
Beu1TV2e3N47IwZDsQXypn8DGBVh5VmhFGVHPO5dgBBGXEHBcpiFk6RGXOqyLQar
bZd0qmGaTCuakUU5MipCB/fPEpOm15CSPzJIAAHz0HiDgJc8YW+JfGUA6P4EHa+r
OyYcfCu66NNYTjBQJ/wHcwcuIY1xNzEMhb4TCEcM/Nex9zZ7d0+WTWsK4U8m3ui3
IDESRssCzTTjc5gH/tMz8KuEwY3v91mHc0/vNYVQZx9atWOuuj3JJKqdr8oll/qo
/33gIadY66dgArQhqybdPFCEKckhoHvlPxoqg7XPKSw6oyBxM/0wf/gM5MGsUImD
qu1djwVlKH7xiQEcBBMBAgAGBQJZ7kylAAoJEC/N7AvTrxqroQQH/jrZAGT5t8uy
zRTzJCf3Bco8FqwKcfw8hhpF1Uaypa+quxkpYz9PtP+3e9lGxl0XSEzOwHjfgGWX
ISUOM1ufVxo2hSLG87yO7naFAtylL8l0Zny8Fb6kmT9f3vMktbHdXHUTDNrCUkoE
lEwwDK3qaur8IPUaIKeSTC3C8E/DVnasLs9cpOs2LPIKr3ishbqbHNeWOgGyHbA4
KCtvQzBhun9drmtQJW6OyCC9FcIoqPSFM/bs2KHf7qATNu9kSMg/YWw7WLAD4GPq
H9us1GigQ0h6Y4KG5EgmkFvuQFPLHvT4rtqv51zzs1iwFh4+GIagFp+HJ2jnlp+G
cZcySlwfnem0V1NtYXJ0bW9udG9vbHMgU2lnbmluZyBLZXkgKHRocm91Z2ggMjAx
OCkgPHNtYXJ0bW9udG9vbHMtZGF0YWJhc2VAbGlzdHMuc291cmNlZm9yZ2UubmV0
PokBPgQTAQIAKAUCWA5igQIbAwUJBBwNAAYLCQgHAwIGFQgCCQoLBBYCAwECHgEC
F4AACgkQ84djzt/SJVldMQf+MxE3PM70mnIr/Dcrubt8AA3JeMkThNV2xFe9Rdkl
4tJ1ogU8T5PCgMqJ4Gei9mUmbiQu1CKLSf9k/oxBRcLZK8Fav+BMj0+4YERfZx7J
Qzou3f0RX8u3pc/+pRXLE6lH/Luk453NzqM3tCFyWgw89dEzFlwYpWx7AfxiFwvH
ShEPNKZdEp+aBAu8oW9lSKiwLNFsembSGVh+5+3yMiKK02oOdC/NPKTnxxDgvzl4
Ulm3dNjI3uuBtFNFvs6qKk8CXV9AfM2993QxaCtRMph/ymqX4zXcecvJYpn3vulF
bAzDTzge7TVhkmaupzDNLeE8IS5sgUjSOM1x3+2SkBiVSYkBHAQTAQIABgUCWA5k
YwAKCRDfDxpJxKSQOp+/CADTlsgisoXI6b+0oohRaD4ZVl5eBtkvTrxNQf6EF7Z1
uPkVOqi1OLWFGyAmbeLcRmN6c4/DVcaa6GAG7GA+KQwVPRCyC+9Ibsn/+uG6ZFXA
ez+0eG9NxOfkCnYH8ZP8o2VH+9uKJlGGujh9o5r1SNGVifoLGTc8NkWCW+MAKj8d
w8WW+wDc80YrdCRrSyLrRU9NLTSE4pIJWKcHLwG63xkXHQPPR1lsJgzdAalfEv1T
QdIF3sM+GXp4lZ6buahFDiILBh1vj+5C9TdpWZAlqHDYFICa7Rv/MvQa4O9UUl3S
lN3sed8zwAmL3HeoXE5tBu8iatMaS9e3BmSsVYlhd/q+iQEcBBMBAgAGBQJYDmSW
AAoJEC/N7AvTrxqr8HsH+QGQuhHYt9Syccd8AF36psyT03mqgbGLMZL8H9ngoa9Z
qVMq7O8Aqz23SGTtuNuw6EyrcHo7Dy1311GftshI6arsFNJxE2ZNGIfGocRxu9m3
Ez+AysWT9sxz/haHE+d58NTg+/7R8YWS1q+Tk6m8dA0Xyf3tMBsIJfj0zJvuGMbC
Lmd93Yw4nk76qtSn9UHbnf76UJN5SctAd8+gK3uO6O4XDcZqC06xkWKl193lzcC8
sZJBdI15NszC3y/epnILDDMBUNQMBm/XlCYQUetyrJnAVzFGXurtjEXQ/DDnbfy2
Z8efoG8rtq7v3fxS1TC5jSVOIEqOE4TwzRz1Y/dfqSU=
=CNK4
-----END PGP PUBLIC KEY BLOCK-----
"
# gpg_verify FILE.asc FILE
gpg_verify()
{
local gnupgtmp opts out rc
opts="--quiet ${q:+--no-secmem-warnin} --batch --no-tty"
# Create temp home dir
gnupgtmp="$tmpdir/.gnupg.$$.tmp"
rm -f -r "$gnupgtmp"
mkdir "$gnupgtmp" || exit 1
chmod 0700 "$gnupgtmp"
# Import public key
"$GPG" $opts --homedir="$gnupgtmp" --import <&1` || rc=1
vecho "$out"
rm -f -r "$gnupgtmp"
return $rc
}
# mv_all PREFIX OLD NEW
mv_all()
{
mv "${1}${2}" "${1}${3}"
mv "${1}${2}.raw" "${1}${3}.raw"
mv "${1}${2}.raw.asc" "${1}${3}.raw.asc"
}
# Parse options
smtctl=$SMARTCTL
tool=
url=
q="-q"
dryrun=
trunk=
cacert=
capath=
insecure=
no_verify=
while true; do case $1 in
-s)
shift; test -n "$1" || usage
smtctl=$1 ;;
-t)
shift
case $1 in *\ *) usage ;; esac
case " $os_dltools " in *\ $1\ *) ;; *) usage ;; esac
tool=$1 ;;
-u)
shift; selecturl "$1" ;;
-v)
q= ;;
--dryrun)
dryrun=t ;;
--trunk)
trunk=trunk ;;
--cacert)
shift; test -n "$1" || usage
cacert=$1 ;;
--capath)
shift; test -n "$1" || usage
capath=$1 ;;
--insecure)
insecure=t ;;
--no-verify)
no_verify=t ;;
--export-key)
cat </dev/null 2>&1 \
|| error "$smtctl: not found ('-s -' to ignore)"
fi
# Check for GnuPG
if [ -z "$no_verify" ]; then
test -n "$GPG" \
|| error "GnuPG is not available ('--no-verify' to ignore)"
"$GPG" --version >/dev/null 2>&1 \
|| error "$GPG: not found ('--no-verify' to ignore)"
fi
# Use destination directory as temp directory for gpg
tmpdir=`dirname "$DEST"`
# Adjust URLs
src=`echo "$url" | sed "s,/trunk/,/branches/$BRANCH/,"`
src_asc=`echo "$src" | sed "s,/drivedb\.h,/drivedb.h.raw.asc,"`
test -z "$trunk" || src=$url
# Download
test -n "$dryrun" || rm -f "$DEST.new" "$DEST.new.raw" "$DEST.new.raw.asc"
vecho "Download ${trunk:-branches/$BRANCH}/drivedb.h with $tool"
rc=0
download "$src" "$DEST.new" || rc=$?
if [ $rc != 0 ]; then
rm -f "$DEST.new"
error "${trunk:-$BRANCH}/drivedb.h: download failed ($tool: exit $rc)"
fi
if ! errmsg=`check_file "$DEST.new" '/' 10000 1000000`; then
mv "$DEST.new" "$DEST.error"
error "$DEST.error: $errmsg"
fi
vecho "Download branches/$BRANCH/drivedb.h.raw.asc with $tool"
rc=0
download "$src_asc" "$DEST.new.raw.asc" || rc=$?
if [ $rc != 0 ]; then
rm -f "$DEST.new" "$DEST.new.raw.asc"
error "$BRANCH/drivedb.h.raw.asc: download failed ($tool: exit $rc)"
fi
if ! errmsg=`check_file "$DEST.new.raw.asc" '-' 200 2000`; then
rm -f "$DEST.new"
mv "$DEST.new.raw.asc" "$DEST.error.raw.asc"
error "$DEST.error.raw.asc: $errmsg"
fi
test -z "$dryrun" || exit 0
# Create raw file with unexpanded SVN Id
# (This assumes newlines are LF and not CR/LF)
unexpand_svn_id < "$DEST.new" > "$DEST.new.raw"
# Adjust timestamps and permissions
touch "$DEST.new" "$DEST.new.raw" "$DEST.new.raw.asc"
chmod 0644 "$DEST.new" "$DEST.new.raw" "$DEST.new.raw.asc"
if [ -z "$no_verify" ]; then
# Verify raw file
if ! gpg_verify "$DEST.new.raw.asc" "$DEST.new.raw"; then
mv_all "$DEST" ".new" ".error"
test -n "$trunk" || error "$DEST.error.raw: *** BAD signature ***"
error "$DEST.error.raw: signature from branch no longer valid ('--no-verify' to ignore)"
fi
fi
if [ "$smtctl" != "-" ]; then
# Check syntax
if ! "$smtctl" -B "$DEST.new" -P showall >/dev/null; then
mv_all "$DEST" ".new" ".error"
error "$DEST.error: rejected by $smtctl, probably no longer compatible"
fi
vecho "$smtctl: syntax OK"
fi
# Keep old file if identical, ignore missing Id keyword expansion in new file
rm -f "$DEST.lastcheck"
if [ -f "$DEST" ]; then
if [ -f "$DEST.raw" ] && [ -f "$DEST.raw.asc" ]; then
if cmp "$DEST.raw" "$DEST.new.raw" >/dev/null 2>&1 \
&& cmp "$DEST.raw.asc" "$DEST.new.raw.asc" >/dev/null 2>&1 \
&& { cmp "$DEST" "$DEST.new" >/dev/null 2>&1 \
|| cmp "$DEST.raw" "$DEST.new" >/dev/null 2>&1; }
then
rm -f "$DEST.new" "$DEST.new.raw" "$DEST.new.raw.asc"
touch "$DEST.lastcheck"
echo "$DEST is already up to date"
exit 0
fi
mv_all "$DEST" "" ".old"
else
mv "$DEST" "$DEST.old"
fi
fi
mv_all "$DEST" ".new" ""
echo "$DEST updated from ${trunk:-branches/$BRANCH}${no_verify:+ (NOT VERIFIED)}"