#!/bin/sh

. /lib/functions.sh
. /lib/functions/system.sh
. /usr/share/libubox/jshn.sh

# initialize defaults
export MTD_ARGS=""
export MTD_CONFIG_ARGS=""
export INTERACTIVE=0
export VERBOSE=1
export SAVE_CONFIG=1
export SAVE_OVERLAY=0
export SAVE_OVERLAY_PATH=
export SAVE_PARTITIONS=1
export SAVE_INSTALLED_PKGS=0
export SKIP_UNCHANGED=0
export CONF_IMAGE=
export CONF_BACKUP_LIST=0
export CONF_BACKUP_VALIDATE=0
export CONF_BACKUP=
export CONF_RESTORE=
export CONF_PASSWORD=
export NEED_IMAGE=
export HELP=0
export FORCE=0
export TEST=0
export UMOUNT_ETCBACKUP_DIR=0

# parse options
while [ -n "$1" ]; do
	case "$1" in
		-i) export INTERACTIVE=1;;
		-v) export VERBOSE="$(($VERBOSE + 1))";;
		-q) export VERBOSE="$(($VERBOSE - 1))";;
		-n) export SAVE_CONFIG=0;;
		-c) export SAVE_OVERLAY=1 SAVE_OVERLAY_PATH=/etc;;
		-o) export SAVE_OVERLAY=1 SAVE_OVERLAY_PATH=/;;
		-p) export SAVE_PARTITIONS=0;;
		-k) export SAVE_INSTALLED_PKGS=1;;
		-u) export SKIP_UNCHANGED=1;;
		-b|--create-backup) export CONF_BACKUP="$2" NEED_IMAGE=1; shift;;
		-r|--restore-backup) export CONF_RESTORE="$2" NEED_IMAGE=1; shift;;
		--password) export CONF_PASSWORD="$2"; shift;;
		-l|--list-backup) export CONF_BACKUP_LIST=1;;
		-V|--validate) export CONF_BACKUP_VALIDATE=1;;
		-f) export CONF_IMAGE="$2"; shift;;
		-F|--force) export FORCE=1;;
		-T|--test) export TEST=1;;
		-h|--help) export HELP=1; break;;
		-*)
			echo "Invalid option: $1" >&2
			exit 1
		;;
		*) break;;
	esac
	shift;
done

export CONFFILES=/tmp/sysupgrade.conffiles
export CONF_TAR=/tmp/sysupgrade.tgz
export ETCBACKUP_DIR=/etc/backup
export INSTALLED_PACKAGES=${ETCBACKUP_DIR}/installed_packages.txt

IMAGE="$1"

[ -z "$IMAGE" -a -z "$NEED_IMAGE" -a $CONF_BACKUP_LIST -eq 0 -o $HELP -gt 0 ] && {
	cat <<EOF
Usage: $0 [<upgrade-option>...] <image file or URL>
       $0 [-q] [-i] [-c] [-u] [-o] [-k] <backup-command> <file>

upgrade-option:
	-f <config>  restore configuration from .tar.gz (file or url)
	-i           interactive mode
	-c           attempt to preserve all changed files in /etc/
	-o           attempt to preserve all changed files in /, except those
	             from packages but including changed confs.
	-u           skip from backup files that are equal to those in /rom
	-n           do not save configuration over reflash
	-p           do not attempt to restore the partition table after flash.
	-k           include in backup a list of current installed packages at
	             $INSTALLED_PACKAGES
	-T | --test
	             Verify image and config .tar.gz but do not actually flash.
	-F | --force
	             Flash image/restore backup even if image checks fail, this is dangerous!
	-q           less verbose
	-v           more verbose
	-h | --help  display this help

backup-command:
	-b | --create-backup <file>
	             create .tar.gz of files specified in sysupgrade.conf
	             then exit. Does not flash an image. If file is '-',
	             i.e. stdout, verbosity is set to 0 (i.e. quiet). If --password flag is used,
	             file should be provided as <filename>.tar.zip
	-r | --restore-backup <file>
	             restore a .tar.gz created with sysupgrade -b
	             then exit. Does not flash an image. If file is '-',
	             the archive is read from stdin. If --password flag is used,
	             file should be provided as <filename>.tar.zip
	--password <password>
	             provide password that encrypts backup file with AES 256
	             encryption and archives it as .tar.zip
	-l | --list-backup
	             list the files that would be backed up when calling
	             sysupgrade -b. Does not create a backup file.
	-V | --validate
				 validate backup file set with -r option and exit.

EOF
	exit 1
}

[ -n "$IMAGE" -a -n "$NEED_IMAGE" ] && {
	cat <<-EOF
		-b|--create-backup and -r|--restore-backup do not perform a firmware upgrade.
		Do not specify both -b|-r and a firmware image.
	EOF
	exit 1
}

# prevent messages from clobbering the tarball when using stdout
[ "$CONF_BACKUP" = "-" ] && export VERBOSE=0


list_conffiles() {
	awk '
		BEGIN { conffiles = 0 }
		/^Conffiles:/ { conffiles = 1; next }
		!/^ / { conffiles = 0; next }
		conffiles == 1 { print }
	' /usr/lib/opkg/status
}

list_changed_conffiles() {
	# Cannot handle spaces in filenames - but opkg cannot either...
	list_conffiles | while read file csum; do
		[ -r "$file" ] || continue

		echo "${csum}  ${file}" | busybox sha256sum -sc - || echo "$file"
	done
}

list_static_conffiles() {
	local filter=$1

	find $(sed -ne '/^[[:space:]]*$/d; /^#/d; p' \
		/etc/sysupgrade.conf /lib/upgrade/keep.d/* 2>/dev/null) \
		\( -type f -o -type l \) $filter 2>/dev/null
}

add_conffiles() {
	local file="$1"

	( list_static_conffiles "$find_filter"; list_changed_conffiles ) |
		sort -u > "$file"
	return 0
}

add_overlayfiles() {
	local file="$1"

	local packagesfiles=$1.packagesfiles
	touch "$packagesfiles"

	if [ "$SAVE_OVERLAY_PATH" = / ]; then
		local conffiles=$1.conffiles
		local keepfiles=$1.keepfiles

		list_conffiles | cut -f2 -d ' ' | sort -u > "$conffiles"

		# backup files from /etc/sysupgrade.conf and /lib/upgrade/keep.d, but
		# ignore those aready controlled by opkg conffiles
		list_static_conffiles | sort -u |
			grep -h -v -x -F -f $conffiles > "$keepfiles"

		# backup conffiles, but only those changed if '-u'
		[ $SKIP_UNCHANGED = 1 ] &&
			list_changed_conffiles | sort -u > "$conffiles"

		# do not backup files from packages, except those listed
		# in conffiles and keep.d
		{
			find /usr/lib/opkg/info -type f -name "*.list" -exec cat {} \;
			find /usr/lib/opkg/info -type f -name "*.control" -exec sed \
				-ne '/^Alternatives/{s/^Alternatives: //;s/, /\n/g;p}' {} \; |
				cut -f2 -d:
		} |  grep -v -x -F -f $conffiles |
		     grep -v -x -F -f $keepfiles | sort -u > "$packagesfiles"
		rm -f "$keepfiles" "$conffiles"
	fi

	# busybox grep bug when file is empty
	[ -s "$packagesfiles" ] || echo > $packagesfiles

	( cd /overlay/upper/; find .$SAVE_OVERLAY_PATH \( -type f -o -type l \) $find_filter | sed \
		-e 's,^\.,,' \
		-e '\,^/etc/board.json$,d' \
		-e '\,/[^/]*-opkg$,d' \
		-e '\,^/etc/urandom.seed$,d' \
		-e "\,^$INSTALLED_PACKAGES$,d" \
		-e '\,^/usr/lib/opkg/.*,d' \
	) | grep -v -x -F -f $packagesfiles > "$file"

	rm -f "$packagesfiles"

	return 0
}

if [ $SAVE_OVERLAY = 1 ]; then
	[ ! -d /overlay/upper/etc ] && {
		echo "Cannot find '/overlay/upper/etc', required for '-c'" >&2
		exit 1
	}
	sysupgrade_init_conffiles="add_overlayfiles"
else
	sysupgrade_init_conffiles="add_conffiles"
fi

find_filter=""
if [ $SKIP_UNCHANGED = 1 ]; then
	[ ! -d /rom/ ] && {
		echo "'/rom/' is required by '-u'"
		exit 1
	}
	find_filter='( ( -exec test -e /rom/{} ; -exec cmp -s /{} /rom/{} ; ) -o -print )'
fi

include /lib/upgrade

do_save_conffiles() {
	local conf_tar="$1"

	[ "$(rootfs_type)" = "tmpfs" ] && {
		echo "Cannot save config while running from ramdisk." >&2
		ask_bool 0 "Abort" && exit
		rm -f "$conf_tar"
		return 0
	}
	run_hooks "$CONFFILES" $sysupgrade_init_conffiles

	[ -d /etc/profiles ] && echo "/etc/profiles" >>"$CONFFILES"

	ask_bool 0 "Edit config file list" && vi "$CONFFILES"

	third_party_pkg=$(uci_get package_restore package_restore 3rd_party_pkg)
	opkg_packets=$(grep -l "Router:" /usr/lib/opkg/info/*.control)
	[ -f /etc/package_restore.txt ] && cp /etc/package_restore.txt /etc/package_restore.tmp

	for i in $opkg_packets; do
		tlt_name=$(grep "tlt_name:" "$i" | awk -F ": " '{print $2}')
		pkg_name=$(grep "AppName:" "$i" | awk -F ": " '{print $2}')
		[ -z "$pkg_name" ] && pkg_name=$(grep "Package:" "$i" | awk -F ": " '{print $2}')
		echo "$pkg_name - $tlt_name" >> /etc/package_restore.txt
	done

	[ -f /etc/package_restore.txt ] && {
		sorted="$(sort -u /etc/package_restore.txt)"
		echo "$sorted" > /etc/package_restore.txt
	}

	[ "$third_party_pkg" = "1" ] && {
		opkg_packets=$(find /overlay/upper/usr/lib/opkg/info/ -type f -name \
			       '*.control' -exec basename {} .control ';')
		[ -n "$opkg_packets" ] && echo "$opkg_packets" >> /etc/package_restore.txt
	}

	[ -f /etc/package_restore.txt ] && {
		echo "/etc/package_restore.txt" >> "$CONFFILES"
	}

	if [ "$SAVE_INSTALLED_PKGS" -eq 1 ]; then
		echo "${INSTALLED_PACKAGES}" >> "$CONFFILES"
		mkdir -p "$ETCBACKUP_DIR"
		# Avoid touching filesystem on each backup
		RAMFS="$(mktemp -d -t sysupgrade.XXXXXX)"
		mkdir -p "$RAMFS/upper" "$RAMFS/work"
		mount -t overlay overlay -o lowerdir=$ETCBACKUP_DIR,upperdir=$RAMFS/upper,workdir=$RAMFS/work $ETCBACKUP_DIR &&
			UMOUNT_ETCBACKUP_DIR=1 || {
				echo "Cannot mount '$ETCBACKUP_DIR' as tmpfs to avoid touching disk while saving the list of installed packages." >&2
				ask_bool 0 "Abort" && exit
			}

		# Format: pkg-name<TAB>{rom,overlay,unkown}
		# rom is used for pkgs in /rom, even if updated later
		find /usr/lib/opkg/info -name "*.control" \( \
			\( -exec test -f /rom/{} \; -exec echo {} rom \; \) -o \
			\( -exec test -f /overlay/upper/{} \; -exec echo {} overlay \; \) -o \
			\( -exec echo {} unknown \; \) \
			\) | sed -e 's,.*/,,;s/\.control /\t/' > ${INSTALLED_PACKAGES}
	fi

	v "Saving config files..."
	[ "$VERBOSE" -gt 1 ] && TAR_V="v" || TAR_V=""
	if [ -z "$CONF_PASSWORD" ]; then
		tar c${TAR_V}zf "$conf_tar" -T "$CONFFILES" 2>/dev/null
	else
		which minizip >/dev/null || {
			echo "Could not create $conf_tar - minizip package is not installed";
			exit 1
		}
		local conf_tar_trimmed=$(echo "$conf_tar" | sed 's/\.zip$//')
		tar -cf "$conf_tar_trimmed" -T "$CONFFILES" 2>/dev/null
		minizip -s -p "$CONF_PASSWORD" "$conf_tar" "$conf_tar_trimmed" >/dev/null 2>&1
		rm "$conf_tar_trimmed"
	fi

	if [ "$?" -ne 0 ]; then
		echo "Failed to create the configuration backup."
		rm -f "$conf_tar"
		exit 1
	fi

	[ "$UMOUNT_ETCBACKUP_DIR" -eq 1 ] && {
		umount "$ETCBACKUP_DIR"
		rm -rf "$RAMFS"
	}

	if [ -f /etc/package_restore.tmp ]; then
		mv /etc/package_restore.tmp /etc/package_restore.txt
	else
		rm -rf /etc/package_restore.txt
	fi

	rm -f "$CONFFILES"
}

if [ $CONF_BACKUP_LIST -eq 1 ]; then
	run_hooks "$CONFFILES" $sysupgrade_init_conffiles
	[ "$SAVE_INSTALLED_PKGS" -eq 1 ] && echo ${INSTALLED_PACKAGES} >> "$CONFFILES"
	cat "$CONFFILES"
	rm -f "$CONFFILES"
	exit 0
fi

remove_section() {
	local section="$1"
	local config="$2"
	local option="$3"
	local value

	config_get value "$section" "$option" ""
	[ -n "$value" ] && uci_remove "$config" "$section"
}

remove_option() {
	local section="$1"
	local config="$2"
	local option="$3"
	local value

	config_get value "$section" "$option" ""
	[ -n "$value" ] && uci_remove "$config" "$section" "$option"
}

remove_option_if_exists() {
	CONFIG_PATH="${UCI_CONFIG_DIR:-"/etc/config"}"
	TMP_CONFIG_PATH="/tmp/original_config"

	local config="$1"
	local section="$2"
	local option="$3"

	mkdir -p "$TMP_CONFIG_PATH"
	cp -f "${CONFIG_PATH}/${config}" "${TMP_CONFIG_PATH}/"

	config_load "$config"
	config_foreach remove_option "$section" "$config" "$option"
	uci_commit "$config"
}

restore_configs() {
	for config in "$@"; do
		mv -f "${TMP_CONFIG_PATH}/${config}" "${CONFIG_PATH}/"
	done
}

missing_lines() {
	local file1 file2 line
	file1="$1"
	file2="$2"
	oIFS="$IFS"
	IFS=":"
	while read -r line; do
		set -- $line
		grep -q "^$1:" "$file2" || echo "$line"
	done < "$file1"
	IFS="$oIFS"
}

restore_rms_auth_code() {
	local config="rms_mqtt"

	[ -s "/etc/config/$config" ] || return
	[ -s "/tmp/new_config_dir/etc/config/$config" ] || return

	local auth_code="$(uci -q get $config.rms_connect_mqtt.auth_code)"
	uci -c "/tmp/new_config_dir/etc/config" batch <<-EOF
		set $config.rms_connect_mqtt.auth_code="$auth_code"
		commit $config
	EOF
}

restore_rms_ids() {
	local opts="rms_id demo_rms_id local_rms_id"
	for opt_name in $opts; do
		local opt_val_file=$(cat "/log/$opt_name" 2>/dev/null)

		[ -n "$opt_val_file" ] && {
			uci -q -c "/tmp/new_config_dir/etc/config" set "rms_mqtt.rms_mqtt.$opt_name=$opt_val_file"
		} || {
			uci -q -c "/tmp/new_config_dir/etc/config" delete "rms_mqtt.rms_mqtt.$opt_name"
		}
	done
	uci -c "/tmp/new_config_dir/etc/config" commit rms_mqtt
}

apply_backup() {
	restore_rms_ids
	restore_rms_auth_code
	rm -f /tmp/new_config_dir/etc/config/hwinfo /tmp/new_config_dir/etc/inittab 2>/dev/null
	cp -rf /tmp/new_config_dir/etc/ / 2>/dev/null
	cp -rf /tmp/new_config_dir/usr/ / 2>/dev/null
	cp -r /rom/etc/uci-defaults/* /etc/uci-defaults/ 2>/dev/null
	rm -rf /tmp/new_config_dir
	cp /rom/etc/shadow /rom/etc/passwd /rom/etc/group /tmp/
	missing_lines /tmp/passwd /etc/passwd >> /etc/passwd
	missing_lines /tmp/group /etc/group >> /etc/group
	missing_lines /tmp/shadow /etc/shadow >> /etc/shadow
	rm /tmp/passwd /tmp/shadow /tmp/group
}

backup_size_validation() {
	local file="$1"
	local password="$2"
	local free_fmem="$(df -k | grep /overlay | awk '{print $4; exit}')"

	# Add aditional 40 KB for reserve
	local file_size
	if [ -n "$password" ]; then
		file_size=$(minizip -l -p "$password" "$file" | tail -1 | awk '{print ($2 / 1024) + 40}')
	else
		file_size=$(zcat "$file" | wc -c | awk '{print ($1 / 1024) + 40 }')
	fi

	local validation="$(echo "$file_size $free_fmem" | awk '{if ($1 < $2) print 0; else print 1}')"
	[ "$validation" -eq 0 ] || return 1

	return 0
}

clean_tmp_dir() {
	for file in /tmp/*.bin; do
		if [ "$file" != "$IMAGE" ]; then
			rm -f "$file"
		fi
	done

	rm -f /tmp/sysupgrade.meta
	rm -f /tmp/sysupgrade.ucert
}

if [ -n "$CONF_BACKUP" ]; then
	ubus call rpc-profile update &>/dev/null
	[ -f /usr/sbin/profile.sh ] && {
		profile_path="$(uci_get profiles general path)"
		TMP_PROFILE_PATH="/tmp/backup_profiles/"
		mkdir -p "$TMP_PROFILE_PATH" && cp -af "$profile_path"* "$TMP_PROFILE_PATH" && /usr/sbin/profile.sh -f
	}
	remove_option_if_exists "network" "device" "macaddr"
	remove_option_if_exists "tswconfig" "switch_port" "macaddr"
	remove_option_if_exists "rms_mqtt" "rms_connect_mqtt" "auth_code"
	do_save_conffiles "$CONF_BACKUP"
	save_conffile_code=$?
	restore_configs "network" "rms_mqtt"
	[ -n "$TMP_PROFILE_PATH" ] && mv -f "$TMP_PROFILE_PATH"* "$profile_path"

	exit $save_conffile_code
fi

if [ -n "$CONF_RESTORE" ]; then
	if [ "$CONF_RESTORE" != "-" ] && [ ! -f "$CONF_RESTORE" ]; then
		echo "Backup archive '$CONF_RESTORE' not found." >&2
		exit 1
	fi

	if [ -n "$CONF_PASSWORD" ]; then
		which minizip >/dev/null || {
			echo "Can not decrypt backup archive '$CONF_RESTORE' - minizip package is not installed" >&2
			exit 1
		}
	fi

	backup_size_validation "$CONF_RESTORE" "$CONF_PASSWORD" || exit 1

	[ "$VERBOSE" -gt 1 ] && TAR_V="v" || TAR_V=""

	mkdir -p /tmp/new_config_dir
	if [ -z "$CONF_PASSWORD" ]; then
		echo 'etc/rc.d/*' > /tmp/exclusions
		echo 'etc/profile' >> /tmp/exclusions
		tar -C /tmp/new_config_dir -x${TAR_V}zf "$CONF_RESTORE" -X '/tmp/exclusions'
		rm /tmp/exclusions
	else
		conf_tar_dirname=$(dirname "$CONF_RESTORE")
		minizip -x -o -s -d "$conf_tar_dirname" -p "$CONF_PASSWORD" "$CONF_RESTORE"
		conf_tar_trimmed=$(echo "$CONF_RESTORE" | sed "s/\.${CONF_RESTORE##*.}$//")
		tar -C /tmp/new_config_dir -x${TAR_V}f "$conf_tar_trimmed"
		rm -rf /tmp/new_config_dir/etc/rc.d/*
		rm -rf /tmp/new_config_dir/etc/profile
		rm -rf "$conf_tar_trimmed"
	fi

	ret=$?
	[ "$ret" -ne 0 ] && {
		v "Error restoring backup"
		exit "$ret"
	}

	fwtool_check_backup /tmp/new_config_dir
	backup_valid=$?
	#Just validate and exit
	[ "$CONF_BACKUP_VALIDATE" -eq 1 ] && {
		rm -rf /tmp/new_config_dir
		echo "$backup_valid"
		exit $backup_valid
	}
	[ "$backup_valid" -gt 0 ] && {
		if [ $FORCE -eq 1 ]; then
			v "Backup check failed but --force given - will restore anyway!" >&2
		else
			rm -rf /tmp/new_config_dir
			v "Backup archive is not valid."
			echo "$backup_valid"
			exit $backup_valid
		fi
	}

	v "Restoring config files..."
	apply_backup

	exit "$ret"
fi

type platform_check_image >/dev/null 2>/dev/null || {
	echo "Firmware upgrade is not implemented for this platform." >&2
	exit 1
}

case "$IMAGE" in
	http://*|\
	https://*)
		wget -O/tmp/sysupgrade.img "$IMAGE" || exit 1
		IMAGE=/tmp/sysupgrade.img
		;;
esac

IMAGE="$(readlink -f "$IMAGE")"

case "$IMAGE" in
	'')
		echo "Image file not found." >&2
		exit 1
		;;
	/tmp/*)	;;
	*)
		v "Image not in /tmp, copying..."
		cp -f "$IMAGE" /tmp/sysupgrade.img
		IMAGE=/tmp/sysupgrade.img
		;;
esac

json_load "$(/usr/libexec/validate_firmware_image "$IMAGE")" || {
	echo "Failed to check image"
	clean_tmp_dir
	exit 1
}

json_get_var hw_support "hw_support"
[ "$hw_support" -eq 0 ] && {
	if [ $FORCE -eq 1 ]; then
		echo "This firmware is unsupported by hardware but --force given - will update anyway!" >&2
	else
		echo "This firmware is unsupported by hardware" >&2
		echo "Image check failed." >&2
		clean_tmp_dir
		exit 2
	fi
}

json_get_var valid "valid"
[ "$valid" -eq 0 ] && {
	if [ $FORCE -eq 1 ]; then
		echo "Image check failed but --force given - will update anyway!" >&2
	else
		echo "Image check failed." >&2
		clean_tmp_dir
		exit 1
	fi
}

json_get_var is_downgrade "is_downgrade"
[ "$is_downgrade" -eq 1 ] && {
	v "Detected firmware downgrade"
}

json_get_var allow_backup "allow_backup"
[ "$allow_backup" -eq 0 ] && {
	v "Cannot restore config due to firmware incompatibility"
	export SAVE_CONFIG=0
}

if [ -n "$CONF_IMAGE" ]; then
	case "$(get_magic_word $CONF_IMAGE cat)" in
		# .gz files
		1f8b) ;;
		*)
			echo "Invalid config file. Please use only .tar.gz files" >&2
			clean_tmp_dir
			exit 1
		;;
	esac
	get_image "$CONF_IMAGE" "cat" > "$CONF_TAR"
	export SAVE_CONFIG=1
elif ask_bool $SAVE_CONFIG "Keep config files over reflash"; then
	[ $TEST -eq 1 ] || do_save_conffiles "$CONF_TAR"
	export SAVE_CONFIG=1
else
	[ $TEST -eq 1 ] || rm -f "$CONF_TAR"
	export SAVE_CONFIG=0
fi

if [ $TEST -eq 1 ]; then
	clean_tmp_dir
	exit 0
fi

run_hooks "" $fwtool_pre_upgrade

install_bin /sbin/upgraded
v "Commencing upgrade. Closing all shell sessions."

COMMAND='/lib/upgrade/do_stage2'

if [ -n "$FAILSAFE" ]; then
	printf '%s\x00%s\x00%s' "$RAM_ROOT" "$IMAGE" "$COMMAND" >/tmp/sysupgrade
	lock -u /tmp/.failsafe
else
	ubus call log write_ext "{
		\"event\": \"Request after FW upgrade\",
		\"sender\": \"Reboot\",
		\"table\": 1,
		\"write_db\": 1,
	}"

	json_init
	json_add_string prefix "$RAM_ROOT"
	json_add_string path "$IMAGE"
	[ $FORCE -eq 1 ] && json_add_boolean force 1
	[ $SAVE_CONFIG -eq 1 ] && json_add_string backup "$CONF_TAR"
	json_add_string command "$COMMAND"
	json_add_object options
	json_add_int save_partitions "$SAVE_PARTITIONS"
	json_close_object

	ubus call system sysupgrade "$(json_dump)"
fi
