diff --git a/data/ssh_install.sh b/data/ssh_install.sh index c039746..183558e 100644 --- a/data/ssh_install.sh +++ b/data/ssh_install.sh @@ -2,14 +2,8 @@ DIR_PATCH=/etc/crontabs/patches -if [ "$( grep 'ssh_patch.sh' /etc/crontabs/root )" != "" ]; then - if [ -e "/tmp/ssh_uninstall.sh" ]; then - sh /tmp/ssh_uninstall.sh - fi -fi - if [ ! -d $DIR_PATCH ]; then - mkdir $DIR_PATCH + mkdir -p $DIR_PATCH chown root $DIR_PATCH chmod 0755 $DIR_PATCH fi @@ -20,7 +14,20 @@ chmod +x $DIR_PATCH/ssh_patch.sh nvram set ssh_en=1 nvram commit -grep -v "/ssh_patch.sh" /etc/crontabs/root > /etc/crontabs/root.new -echo "*/1 * * * * /etc/crontabs/patches/ssh_patch.sh >/dev/null 2>&1" >> /etc/crontabs/root.new -mv /etc/crontabs/root.new /etc/crontabs/root -/etc/init.d/cron restart +INSTALL_METHOD=2 + +if [ $INSTALL_METHOD = 1 ]; then + FILE_FOR_EDIT=/etc/crontabs/root + grep -v "/ssh_patch.sh" $FILE_FOR_EDIT > $FILE_FOR_EDIT.new + echo "*/1 * * * * /etc/crontabs/patches/ssh_patch.sh >/dev/null 2>&1" >> $FILE_FOR_EDIT.new + mv $FILE_FOR_EDIT.new $FILE_FOR_EDIT + /etc/init.d/cron restart +fi + +if [ $INSTALL_METHOD = 2 ]; then + uci set firewall.auto_ssh_patch=include + uci set firewall.auto_ssh_patch.type='script' + uci set firewall.auto_ssh_patch.path="$DIR_PATCH/ssh_patch.sh" + uci set firewall.auto_ssh_patch.enabled='1' + uci commit firewall +fi diff --git a/data/ssh_patch.sh b/data/ssh_patch.sh index 2567622..007931c 100644 --- a/data/ssh_patch.sh +++ b/data/ssh_patch.sh @@ -2,12 +2,15 @@ [ -e "/tmp/ssh_patch.log" ] && return 0 -HAVE_PATCH=$( grep '= "release"' /etc/init.d/dropbear ) -if [ -z "$HAVE_PATCH" ]; then - return 0 +SSH_EN=`nvram get ssh_en` +if [ "$SSH_EN" != "1" ]; then + nvram set ssh_en=1 + nvram commit fi -sed -i 's/= "release"/= "XXXXXX"/g' /etc/init.d/dropbear +if grep -q '= "release"' /etc/init.d/dropbear ; then + sed -i 's/= "release"/= "XXXXXX"/g' /etc/init.d/dropbear +fi /etc/init.d/dropbear enable /etc/init.d/dropbear restart diff --git a/data/ssh_uninstall.sh b/data/ssh_uninstall.sh index 6ecb8c6..a731682 100644 --- a/data/ssh_uninstall.sh +++ b/data/ssh_uninstall.sh @@ -1,9 +1,16 @@ #!/bin/sh -grep -v "/ssh_patch.sh" /etc/crontabs/root > /etc/crontabs/root.new -mv /etc/crontabs/root.new /etc/crontabs/root -/etc/init.d/cron restart +DIR_PATCH=/etc/crontabs/patches -rm -f /etc/crontabs/patches/ssh_patch.sh +if grep -q '/ssh_patch.sh' /etc/crontabs/root ; then + # remove older version of patch + grep -v "/ssh_patch.sh" /etc/crontabs/root > /etc/crontabs/root.new + mv /etc/crontabs/root.new /etc/crontabs/root + /etc/init.d/cron restart +fi +uci delete firewall.auto_ssh_patch +uci commit firewall + +rm -f $DIR_PATCH/ssh_patch.sh rm -f /tmp/ssh_patch.log diff --git a/install_ssh.py b/install_ssh.py index 55664a6..989584b 100644 --- a/install_ssh.py +++ b/install_ssh.py @@ -1,53 +1,41 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- - -import os -import sys - -import xmir_base -import gateway -from gateway import die - - -gw = gateway.Gateway() - -fn_dir = 'data/' -fn_local = 'data/ssh_patch.sh' -fn_remote = '/tmp/ssh_patch.sh' -fn_local_i = 'data/ssh_install.sh' -fn_remote_i = '/tmp/ssh_install.sh' -fn_local_u = 'data/ssh_uninstall.sh' -fn_remote_u = '/tmp/ssh_uninstall.sh' - -action = 'install' -if len(sys.argv) > 1: - if sys.argv[1].startswith('u') or sys.argv[1].startswith('r'): - action = 'uninstall' - -if action == 'install': - gw.upload(fn_local, fn_remote) - gw.upload(fn_local_i, fn_remote_i) - -gw.upload(fn_local_u, fn_remote_u) - -print("All files uploaded!") -''' -if action == 'install': - gw.ssh_close() - import passw - gw = gateway.Gateway() - if not gw.ping(): - die('SSH not active!') -''' - -print("Run scripts...") -if action == 'install': - gw.run_cmd("sh " + fn_remote_i) -else: - gw.run_cmd("sh " + fn_remote_u) - -gw.run_cmd("rm -f " + fn_remote) -gw.run_cmd("rm -f " + fn_remote_i) -gw.run_cmd("rm -f " + fn_remote_u) - -print("Ready! The SSH patch installed.") +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- + +import os +import sys +import time + +import xmir_base +from gateway import * + +gw = Gateway() + +FN_patch = 'data/ssh_patch.sh' +fn_patch = '/tmp/ssh_patch.sh' +FN_install = 'data/ssh_install.sh' +fn_install = '/tmp/ssh_install.sh' +FN_uninstall = 'data/ssh_uninstall.sh' +fn_uninstall = '/tmp/ssh_uninstall.sh' + +action = 'install' +if len(sys.argv) > 1: + if sys.argv[1].startswith('u') or sys.argv[1].startswith('r'): + action = 'uninstall' + +if action == 'install': + gw.upload(FN_patch, fn_patch) + gw.upload(FN_install, fn_install) + +gw.upload(FN_uninstall, fn_uninstall) + +print("All files uploaded!") + +print("Run scripts...") +run_script = fn_install if action == 'install' else fn_uninstall +gw.run_cmd(f"chmod +x {run_script} ; {run_script}") + +time.sleep(1.5) + +gw.run_cmd(f"rm -f {fn_patch} ; rm -f {fn_install} ; rm -f {fn_uninstall}") + +print("Ready! The Permanent SSH patch installed.")