autoupdater: use set -e for safety

gluon/gluon-autoupdater/files/usr/sbin/autoupdater

@@ -1,5 +1,8 @@
 #!/bin/sh
 
+# abort on error
+set -e
+
 if test $(uci get autoupdater.settings.enabled) != 1; then
   echo "autoupdater is disabled"
   exit 0
@@ -18,7 +21,8 @@ if test "a$1" != "a-f"; then
 fi
 
 BASE=$(uci get autoupdater.${BRANCH}.url)
-PUBKEYS=$(uci get autoupdater.${BRANCH}.pubkey)
+# if no signatures are needed, no pubkeys need to be defined, so don't fail
+PUBKEYS=$(uci get autoupdater.${BRANCH}.pubkey) || true
 GOOD_SIGNATURES=$(uci get autoupdater.${BRANCH}.good_signatures)
 
 VERSION_FILE=/lib/gluon/release
@@ -35,6 +39,11 @@ cleanup() {
   rm -f $manifest_lower
 }
 
+fail() {
+  echo "$@" >&2
+  exit 1
+}
+
 trap cleanup INT TERM EXIT PIPE
 
 . /lib/ar71xx.sh
@@ -51,10 +60,7 @@ case "$my_model" in
     ;;
 esac
 
-if [ ! -f "$VERSION_FILE" ]; then
-  echo "Couldn't determine firmware version!" >&2
-  exit 1
-fi
+[ -f "$VERSION_FILE" ] || fail "Couldn't determine firmware version!"
 
 my_version="$(cat "$VERSION_FILE")"
 
@@ -63,19 +69,10 @@ manifest=$(mktemp)
 manifest_upper=$(mktemp)
 manifest_lower=$(mktemp)
 
-wget -O$manifest "$BASE"/manifest
+wget -O$manifest "$BASE"/manifest || fail "Couldn't fetch manifest"
 
-if test $? -ne 0; then
-  echo "Couldn't fetch manifest" >&2
-  exit 1
-fi
-
-seperator_line=$(cat $manifest|grep -n "^---$"|cut -d: -f1|head -n1)
-
-if test -z "$seperator_line"; then
-  echo "Couldn't find --- marker!" >&2
-  exit 1
-fi
+seperator_line=$(cat $manifest|grep -n "^---$"|cut -d: -f1|head -n1) || \
+  fail "Could't find --- marker!"
 
 head -n$(($seperator_line-1)) $manifest > $manifest_upper
 tail -n+$(($seperator_line+1)) $manifest > $manifest_lower
@@ -94,26 +91,12 @@ for key in $PUBKEYS; do
   pubkeys="$pubkeys -p $key"
 done
 
-ecdsaverify -n $GOOD_SIGNATURES $pubkeys $signatures $manifest_upper
+ecdsaverify -n $GOOD_SIGNATURES $pubkeys $signatures $manifest_upper || \
+  fail "Not enough valid signatures!"
 
-if test $? -ne 0; then
-  echo "Not enough valid signatures!" >&2
-  exit 1
-fi
+grep -q "^BRANCH=${BRANCH}$" $manifest_upper || fail "Wrong branch. We'are on ${BRANCH}"
 
-grep -q "^BRANCH=${BRANCH}$" $manifest_upper
-
-if test $? -ne 0; then
-  echo "Wrong branch. We'are on ${BRANCH}" >&2
-  exit 1
-fi
-
-my_firmware=$(grep "^${my_model} " $manifest_upper)
-
-if test $? -ne 0; then
-  echo "No matching firmware found (model ${my_model})" >&2
-  exit 1
-fi
+my_firmware=$(grep "^${my_model} " $manifest_upper) || fail "No matching firmware found (model ${my_model})"
 
 fw_version=$(echo "${my_firmware}"|cut -d' ' -f2)
 fw_md5=$(echo "${my_firmware}"|cut -d' ' -f3)
@@ -121,16 +104,11 @@ fw_file=$(echo "${my_firmware}"|cut -d' ' -f4)
 
 if newer_than "$fw_version" "$my_version"; then
   echo "New version available"
-  wget -O$fw_image "${BASE}/${fw_file}"
-  if test $? -ne 0; then
-    echo "Error downloading image" >&2
-    exit 1
-  fi
+  wget -O$fw_image "${BASE}/${fw_file}" || fail "Error downloading image"
 
   image_md5=$(md5sum "$fw_image"|cut -b-32)
   if test "$image_md5" != "$fw_md5"; then
-    echo "Invalid image checksum" >&2
-    exit 1
+    fail "Invalid image checksum"
   fi
 
   echo "Upgrading firmware."