You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5e5e92b7c3
This adds a "factory" image for the aircube-isp devices. Note that the firmware can't be uploaded without prior special preparation. For the most recent instructions on how to do that, visit the OpenWRT wiki page of the Ubiquiti airCube ISP for details: https://openwrt.org/toh/ubiquiti/ubiquiti_aircube_isp Current procedure: With the original firmware 2.5.0 it is possible to upload and execute a script via the configuration. To do that download and unpack the original configuration, adapt uhttpd config to execute another lua handler (placed in the config directory) and pack and upload it again. The lua handler can call a script that mounts an overlayfs and modifies the "fwupdate.real" binary so that an unsigned image is accepted. The overlayfs is necessary because a security system (called tomoyo) doesn't allow binaries in other locations than /sbin/fwupdate.real (and maybe some more) to access the flash when executed via network. A big thanks to Torvald Menningen (Snap) from the OpenWRT forum for finding out how to patch the binary so that it accepts an unsigned image. The current step-by-step procedure is: - Use a version 2.5.0 of the original firmware. This is important because a binary file will be modified. - Download a configuration. - Unpack it (it's just a tar gz file without an ending). - Add the following to uhttpd: `````` config 'uhttpd' 'other' list listen_http 0.0.0.0:8080 list listen_http [::]:8080 option 'home' '/tmp/persistent/config/patch/www' option lua_prefix '/lua' option lua_handler '/tmp/persistent/config/patch/handler.lua' `````` - Create a `patch` subfolder. - Create a `patch/www` subfolder. - Create a `patch/handler.lua` with the following content: `````` function handle_request(env) uhttpd.send("Status: 200 OK\r\n") uhttpd.send("Content-Type: text/plain\r\n\r\n") local command = "/bin/sh /tmp/persistent/config/patch/patch.sh 2>&1" local proc = assert(io.popen(command)) for line in proc:lines() do uhttpd.send(line.."\r\n") end proc:close() end `````` - Create a `patch/patch.sh` with the following content: `````` #!/bin/sh -x set -e set -u set -x UBNTBOX_PATCHED="/tmp/fwupdate.real" MD5FILE="/tmp/patchmd5" cat <<EOF > ${MD5FILE} c33235322da5baca5a7b237c09bc8df1 /sbin/fwupdate.real EOF # check md5 of files that will be patched if ! md5sum -c ${MD5FILE} then echo "******** Error when checking files. Refuse to do anything. ********" exit 0 fi # prepare some overlay functionality LOWERDIR="/tmp/lower_root" mkdir -p ${LOWERDIR} mount -t squashfs -oro /dev/mtdblock3 ${LOWERDIR} overlay_some_path() { PATH_TO_OVERLAY=$1 ALIAS=$2 UPPERDIR="/tmp/over_${ALIAS}" WORKDIR="/tmp/over_${ALIAS}_work" mkdir -p ${UPPERDIR} mkdir -p ${WORKDIR} mount -t overlay -o lowerdir=${LOWERDIR}${PATH_TO_OVERLAY},upperdir=${UPPERDIR},workdir=${WORKDIR} overlay ${PATH_TO_OVERLAY} } # patch the ubntbox binary. overlay_some_path "/sbin" "sbin" echo -en '\x10' | dd of=/sbin/fwupdate.real conv=notrunc bs=1 count=1 seek=24598 echo "******** Done ********" `````` - Repack the configuration. - Upload it via the normal web interface. - Wait about a minute. The webserver should restart. - Now there is a second web server at port 8080 which can call the lua script. Visit the page with a web browser. Link is for example http://192.168.1.1:8080/lua - You should see the output of the script with a "*** Done ***" at the end. Note that the patches are not permanent. If you restart the router you have to re-visit the link (but not re-upload the config). - Now you can upload an unsigned binary via the normal web interface. Signed-off-by: Christian Mauderer <oss@c-mauderer.de> |
5 years ago | |
|---|---|---|
| .. | ||
| apm821xx | 5 years ago | |
| ar7 | 5 years ago | |
| ar71xx | 5 years ago | |
| arc770 | 5 years ago | |
| archs38 | 5 years ago | |
| armvirt | 5 years ago | |
| at91 | 5 years ago | |
| ath25 | 5 years ago | |
| ath79 | 5 years ago | |
| bcm53xx | 5 years ago | |
| brcm47xx | 5 years ago | |
| brcm63xx | 5 years ago | |
| brcm2708 | 5 years ago | |
| cns3xxx | 5 years ago | |
| gemini | 5 years ago | |
| generic | 5 years ago | |
| imx6 | 5 years ago | |
| ipq40xx | 5 years ago | |
| ipq806x | 5 years ago | |
| ixp4xx | 5 years ago | |
| kirkwood | 5 years ago | |
| lantiq | 5 years ago | |
| layerscape | 5 years ago | |
| malta | 5 years ago | |
| mediatek | 5 years ago | |
| mpc85xx | 5 years ago | |
| mvebu | 5 years ago | |
| mxs | 5 years ago | |
| octeon | 5 years ago | |
| octeontx | 5 years ago | |
| omap | 5 years ago | |
| orion | 5 years ago | |
| oxnas | 5 years ago | |
| pistachio | 5 years ago | |
| ramips | 5 years ago | |
| rb532 | 5 years ago | |
| samsung | 5 years ago | |
| sunxi | 5 years ago | |
| tegra | 5 years ago | |
| uml | 5 years ago | |
| x86 | 5 years ago | |
| zynq | 5 years ago | |
| Makefile | ||