System Upgrade Procedure internals

  1. Web interface show page to user with following form:
    <form method="POST" action="/upgrade.lua" enctype="multipart/form-data">
      <input type="file" name="firmware" />
      <input type="submit" value="Upgrade" />
  2. User input filename
  3. User activate submit
  4. Action page (can be other than "/upgrade.lua", depend on Web interface handler) receive request:
    1. Stop watchdog
    2. Stop Wireless
    3. Stop services not used in networking
    4. Stop IPSec? (maybe better to keep it running, for case when corporate admin update boxes remotely)
    5. Allocate memory storage with size of /dev/(map|redboot)/upgrade partition mdconfig -a -t malloc -s8m -o reserve
    6. Run upgrade utility on a separate port with current web interface login/password hash (so upgrade will be able to check it)
      upgrade -p 79 -H YWRtaW46YWRtaW4= -S /dev/md1
    7. Send redirect header to new port (79 in example)
  5. Browser made new connection to port that port and send form
  6. upgrade accept connection
    1. Verify storage presence (/dev/md1)
    2. Verify browser supplied Authentication hash
    3. Get multipart boundary key
    4. Search for Content-Disposition: form-data; name="firmware"; filename="${firmware name}"
    5. Parse filename to get Vendor, Model, H/W_Rev, Version? and md5 hash (D-Link_DIR-620-0.1-ALPHA.45c7222d56450210c701452833b83201.zimage)
    6. Check Vendor, Model, H/W_Rev
    7. Check Version?
    8. Fetch, md5, store (to /dev/md1) until boundary key
    9. Check if md5 hash equals
      1. if Bad - do reboot
    10. kill other services?
    11. write new firmware to /dev/(map|redboot)/upgrade
    12. reboot