From 155bc1fbd34ed53b0063c06285b891c59ec99f63 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Fri, 29 Mar 2013 11:46:21 -0400
Subject: Add "auto apply" bit to system patches which will attempt to apply a
 patch during earlyshellcmd at boot time, to help patches survive across
 reboots and upgrades.

---
 config/systempatches/apply_patches.php       | 11 ++++++
 config/systempatches/patches.inc             | 59 ++++++++++++++++++++++++++++
 config/systempatches/system_patches.php      |  6 ++-
 config/systempatches/system_patches_edit.php |  4 +-
 config/systempatches/systempatches.xml       | 14 ++++++-
 5 files changed, 90 insertions(+), 4 deletions(-)
 create mode 100644 config/systempatches/apply_patches.php

(limited to 'config/systempatches')

diff --git a/config/systempatches/apply_patches.php b/config/systempatches/apply_patches.php
new file mode 100644
index 00000000..3ac0d671
--- /dev/null
+++ b/config/systempatches/apply_patches.php
@@ -0,0 +1,11 @@
+#!/usr/local/bin/php
+<?php
+require_once("config.inc");
+require_once("patches.inc");
+
+global $g, $config;
+
+echo "Applying patches...";
+bootup_apply_patches();
+echo "Done.\n";
+?>
\ No newline at end of file
diff --git a/config/systempatches/patches.inc b/config/systempatches/patches.inc
index e9bd2814..9b347620 100644
--- a/config/systempatches/patches.inc
+++ b/config/systempatches/patches.inc
@@ -34,6 +34,14 @@ $patch_suffix = ".patch";
 $patch_dir = "/var/patches";
 $patch_cmd = "/usr/bin/patch";
 
+function patch_package_install() {
+	patch_add_shellcmd();
+}
+
+function patch_package_deinstall() {
+	patch_remove_shellcmd();
+}
+
 function patch_commit($patch, $action, $test=false, $fulldetail=false) {
 	global $patch_dir, $patch_cmd, $patch_suffix;
 	$directory = empty($patch['basedir']) ? "/" : $patch['basedir'];
@@ -139,4 +147,55 @@ function is_github_url($url) {
 	$urlbits = explode("/", $url);
 	return (substr($urlbits[2], -10) == "github.com");
 }
+
+function bootup_apply_patches() {
+	global $config;
+
+	$a_patches = &$config['installedpackages']['patches']['item'];
+
+	foreach ($a_patches as $patch) {
+		/* Skip the patch if it should not be automatically applied. */
+		if (!isset($patch['autoapply']))
+			continue;
+		/* If the patch can be reverted it is already applied, so skip it. */
+		if (!patch_test_revert($patch)) {
+			/* Only attempt to apply if it can be applied. */
+			if (patch_test_apply($patch)) {
+				patch_apply($patch);
+			}
+		}
+	}
+}
+
+function patch_add_shellcmd() {
+	global $config;
+	$a_earlyshellcmd = &$config['system']['earlyshellcmd'];
+	if (!is_array($a_earlyshellcmd))
+		$a_earlyshellcmd = array();
+	$found = false;
+	foreach ($a_earlyshellcmd as $idx => $cmd)
+		if (stristr($cmd, "apply_patches.php"))
+			$found = true;
+	if (!$found) {
+		$a_earlyshellcmd[] = "/usr/local/bin/php -f /usr/local/bin/apply_patches.php";
+		write_config("System Patches package added a shellcmd");
+	}
+}
+
+function patch_remove_shellcmd() {
+	global $config;
+	$a_earlyshellcmd = &$config['system']['earlyshellcmd'];
+	if (!is_array($a_earlyshellcmd))
+		$a_earlyshellcmd = array();
+	$removed = false;
+	foreach ($a_earlyshellcmd as $idx => $cmd) {
+		if (stristr($cmd, "apply_patches.php")) {
+			unset($a_earlyshellcmd[$idx]);
+			$removed = true;
+		}
+	}
+	if ($removed)
+		write_config("System Patches package removed a shellcmd");
+}
+
 ?>
diff --git a/config/systempatches/system_patches.php b/config/systempatches/system_patches.php
index 1dd6470b..70260e4b 100644
--- a/config/systempatches/system_patches.php
+++ b/config/systempatches/system_patches.php
@@ -179,11 +179,12 @@ include("head.inc");
 <tr id="frheader">
 <td width="5%" class="list">&nbsp;</td>
 <td width="5%" class="listhdrr"><?=gettext("Description");?></td>
-<td width="65%" class="listhdrr"><?=gettext("URL/ID");?></td>
+<td width="60%" class="listhdrr"><?=gettext("URL/ID");?></td>
 <td width="5%" class="listhdrr"><?=gettext("Fetch");?></td>
 <td width="5%" class="listhdrr"><?=gettext("Test");?></td>
 <td width="5%" class="listhdrr"><?=gettext("Apply");?></td>
 <td width="5%" class="listhdr"><?=gettext("Revert");?></td>
+<td width="5%" class="listhdr"><?=gettext("Auto Apply");?></td>
 <td width="5%" class="list">
 <table border="0" cellspacing="0" cellpadding="1" summary="buttons">
 	<tr><td width="17">
@@ -242,6 +243,9 @@ foreach ($a_patches as $thispatch):
 		<a href="system_patches.php?id=<?=$i;?>&amp;act=revert"><?php echo gettext("Revert"); ?></a>
 	<?php endif; ?>
 	</td>
+	<td class="listr" onclick="fr_toggle(<?=$npatches;?>)" id="frd<?=$npatches;?>" ondblclick="document.location='system_patches_edit.php?id=<?=$npatches;?>';">
+		<?= isset($thispatch['autoapply']) ? "Yes" : "No" ?>
+	</td>
 	<td valign="middle" class="list" nowrap>
 		<table border="0" cellspacing="0" cellpadding="1" summary="edit">
 		<tr>
diff --git a/config/systempatches/system_patches_edit.php b/config/systempatches/system_patches_edit.php
index 3dd5e349..5b30c9c5 100644
--- a/config/systempatches/system_patches_edit.php
+++ b/config/systempatches/system_patches_edit.php
@@ -127,6 +127,8 @@ if ($_POST) {
 		}
 
 		write_config();
+		if ($thispatch['autoapply'])
+			patch_add_shellcmd();
 		header("Location: system_patches.php");
 		return;
 	}
@@ -192,7 +194,6 @@ include("head.inc");
 		<span class="vexpl"><?=gettext("Set this option to ignore whitespace in the patch."); ?></span>
 	</td>
 </tr>
-<!-- This isn't ready yet 
 <tr>
 	<td width="22%" valign="top" class="vncell"><?=gettext("Auto Apply"); ?></td>
 	<td width="78%" class="vtable">
@@ -201,7 +202,6 @@ include("head.inc");
 		<span class="vexpl"><?=gettext("Set this option to apply the patch automatically when possible, useful for patches to survive after firmware updates."); ?></span>
 	</td>
 </tr>
--->
 <tr>
 	<td width="22%" valign="top">&nbsp;</td>
 	<td width="78%">Patch id: <?php echo $pconfig['uniqid']; ?></td>
diff --git a/config/systempatches/systempatches.xml b/config/systempatches/systempatches.xml
index 3802ba58..ea0eee78 100644
--- a/config/systempatches/systempatches.xml
+++ b/config/systempatches/systempatches.xml
@@ -40,8 +40,9 @@
 	<requirements>None</requirements>
 	<faq>Applies patches supplied by the user to the firewall.</faq>
 	<name>System Patches</name>
-	<version>0.5.1</version>
+	<version>0.8</version>
 	<title>System: Patches</title>
+	<include_file>/usr/local/pkg/patches.inc</include_file>
 	<menu>
 		<name>Patches</name>
 		<tooltiptext></tooltiptext>
@@ -58,9 +59,20 @@
 		<chmod>644</chmod>
 		<item>http://www.pfsense.com/packages/config/systempatches/system_patches_edit.php</item>
 	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/usr/local/bin/</prefix>
+		<chmod>755</chmod>
+		<item>http://www.pfsense.com/packages/config/systempatches/apply_patches.php</item>
+	</additional_files_needed>
 	<additional_files_needed>
 		<prefix>/usr/local/pkg/</prefix>
 		<chmod>644</chmod>
 		<item>http://www.pfsense.com/packages/config/systempatches/patches.inc</item>
 	</additional_files_needed>
+	<custom_php_install_command>
+		patch_package_install();
+	</custom_php_install_command>
+	<custom_php_deinstall_command>
+		patch_package_deinstall();
+	</custom_php_deinstall_command>
 </packagegui>
\ No newline at end of file
-- 
cgit v1.2.3