firmware: add other pkg mirrors to CRL check and connectivity audit

2026-03-13 08:09:41 +00:00 · 2024-10-09 10:21:33 +02:00 · 2024-10-09 10:21:33 +02:00 · a890e5f6e2
commit a890e5f6e2
parent d3a655f76b
1 changed files with 26 additions and 4 deletions
--- a/src/opnsense/scripts/firmware/hostnames.sh
+++ b/src/opnsense/scripts/firmware/hostnames.sh
@ -27,15 +27,37 @@
 # collect HTTPS URLs related to firmware and provide the
 # deduplicated host names thereof for further processing

-# XXX add other URLs here from pkg repo configurations
 URLS=$(opnsense-update -M; opnsense-update -X)

+# Make a few assumptions about plugged pkg repositories:
+#
+# * grab the "url" key, delimited with double quotes
+# * remove the spurious "pkg+" prefix to treat it as raw HTTP(S)
+# * match config name against known enabled repos
+
+REPOS=$(opnsense-verify -l | awk '{ print $1 }')
+
+for CONF in $(find /etc/pkg /usr/local/etc/pkg/repos -name '*.conf' -type f); do
+	for REPO in ${REPOS}; do
+		if [ "${REPO}.conf" = "$(basename ${CONF})" ]; then
+			URL=$(grep 'url:.*"' ${CONF})
+			if [ -n "${URL}" ]; then
+				URL=${URL#*'"'}
+				URL=${URL#pkg+}
+				URLS="${URLS}
+${URL%%'"'*}"
+			fi
+			continue 2
+		fi
+	done
+done
+
 for HOST in $( (for URL in ${URLS}; do
 	if [ -n "${URL##https://*}" ]; then
 		continue
 	fi
-	HOST=${URL#*://}
-	HOST=${HOST%%/*}

-	echo ${HOST}
+	HOST=${URL#*://}
+	echo ${HOST%%/*}
+
 done) | sort -u); do echo ${HOST}; done