Was fiddling around with the AC Lite https://wiki.openwrt.org/toh/ubiquiti/u … rt_2_right and it looks like they've enabled the RSA check in U-boot

Firmware Version: BZ.qca956x.v3.4.7.3284.150911.1650
RSA Signed Firmware. Verfiying please wait...

Decrypted hash: f8 2b 45 72 9f e4 5f 46 a0 96 43 37 57 4f 49 ab 43 dc 1e 8c
Image hash    : f8 2b 45 72 9f e4 5f 46 a0 96 43 37 57 4f 49 ab 43 dc 1e 8c

Not cool.
If the FCC "lockdown" rules actually goes forwards, I bet they will push this to the entire UniFi range.

This is a string output from the AC firmware.
https://gist.github.com/AndrewMargarit/ … deaf96c508

This looks like the output above

https://gist.github.com/AndrewMargarit/ … -L922-L923

A coment from the mailing list
"
Hi,

i contacted UBNT customer support. they specifically stated that they do
not want users to install openwrt and prefer not to cooperate with us.
it is a concious decision to *not* support the free software movement
and be capitalist pigs. the reasoning given to me was not related to FCC
ruling but specifically stated that they dont like users installing free
software on their routers. they prefer to have submissive users that
will do as they are told.
John
"

Which may be one of the reasons they are now flagrantly violating the GPL and refusing to provide their source code changes to U-boot!  If they provided source to U-boot this wouldn't be an issue as we could easily provide a replacement U-boot without the RSA check.

True, however, I've seen this on the wiki and I'm confused.
https://wiki.openwrt.org/toh/ubiquiti/u … rt_support

Can't find  p.wassi , who wrote the post.

> Can't find  p.wassi , who wrote the post.

Here I am

Indeed, it seems that U-Boot and the original binary used to do sysupgrades do some cryptographic checks
on the firmware images. However, there are two possibilities to get a new image to the device:
-) copy it using mtd (writing directly to flash)
-) in U-Boot: first load it into RAM and then copy it directly to flash (using cp.b)
Both methods are described in the Wiki.

The status of the port can be seen on my site:
https://pwassi.privatedns.org/openwrt/unifiac/
At the moment the only real problem is with the Ethernet phy, as it only
works on GBit links. The problem is decribed in more detail on this site.
Any hints on this issue are highly appreciated.

P.Wassi

Here's some cool news:
Roman Yeryomin, who is working for Ubiquiti, has posted some patches to
the mailinglist for better support of the QCA956x.
Part of these patches is a new function, which sets the PLL values
on the QCA956x SoC according to the different speeds of the link (10/100/1000).
I think this function is the key point which was missing in my changes.

I'm currently doing a fresh clone of the git + make, will then add the patches
and report back whether this has turned out to resolve the issue.

Here we go.
Everything is working fine by now.
My site is updated with a new image and new patch info.

There's just a little thing, which has to be clarified; then I'll proceed in
preparing and submitting patches for official support of the device.

In the meantime, you can fetch prebuilt images (and also the patches) at
https://pwassi.privatedns.org/openwrt/unifiac/

P.Wassi

Hello P.Wassi

I have the newest version of AP AC Lite. I tried to install OpenWrt, but I am stuck in the process.

I did exactly as told in your website

, but after rebooting the router seems to not apply the upgrade. I am able to see the openwrt files through ssh, but nothing more, no luci interface, no root user, nothing.

Is there any step I am missing ?

Thank you

Hi Miguel,

Trunk builds usually have no luci built in, however, you can install that package afterwards.
(See https://wiki.openwrt.org/doc/howto/luci.essentials for details)
Today, the first successful build has been done by the build system, so this should
directly work.

How do you login? From what I know, current OpenWrt builds have no default password
at all, which means you can directly login as root via ssh without a password.
Use the

passwd

command to set a new password.

Could you describe what you are missing (in more detail)?

P.Wassi

Hi P. Wassi,

I have already installed OpenWrt in others routers, but this is the first time I don't have a Luci interface after installation.  And when I connect to it by ssh, there is no OpenWrt welcome message...

I think OpenWrt is installed since I can see all that:

BZ.v3.4.10# ls -l
lrwxrwxrwx    1 ubnt     admin            6 Nov 25  2015 bin -> ../bin
drwxr-xr-x    7 ubnt     admin            0 Nov 25  2015 etc
lrwxrwxrwx    1 ubnt     admin            6 Nov 25  2015 lib -> ../lib
lrwxrwxrwx    1 ubnt     admin            6 Nov 25  2015 sbin -> ../bin
drwxr-xr-x    5 ubnt     admin            0 Nov 25  2015 share
drwxr-xr-x    2 ubnt     admin            0 Nov 25  2015 www

And inside /etc/

-rw-r--r--    1 ubnt     admin            4 Jan  1 00:00 TZ
-rw-r--r--    1 ubnt     admin          205 Jan  1 00:00 aaa1.cfg
drwxr-xr-x    2 ubnt     admin            0 Nov 25  2015 ath
-rw-r--r--    1 ubnt     admin           16 Jan  1 00:00 atheros.conf
-rw-r--r--    1 ubnt     admin          889 Jan  1 00:00 board.info
drwxr-xr-x    2 ubnt     admin            0 Nov 25  2015 config
-rw-r--r--    1 ubnt     admin         1368 Nov 25  2015 dnsmasq.conf
drwxr-xr-x    2 ubnt     admin            0 Jan  1 00:00 dropbear
lrwxrwxrwx    1 ubnt     admin           19 Jan  1 00:00 ethertypes -> /usr/etc/ethertypes
-rw-r--r--    1 ubnt     admin          352 Nov 25  2015 firewall.user
-rw-r--r--    1 ubnt     admin            0 Jan  1 00:00 fstab
-rw-r--r--    1 ubnt     admin           38 Jan  1 00:00 group
-rw-r--r--    1 ubnt     admin           26 Jan  1 00:00 host.conf
-rw-r--r--    1 ubnt     admin           42 Jan  1 00:00 hosts
drwxr-xr-x    6 ubnt     admin            0 Nov 25  2015 hotplug.d
-rw-r--r--    1 ubnt     admin          833 Nov 18  2015 hotplug2-common.rules
-rw-r--r--    1 ubnt     admin          242 Nov 25  2015 hotplug2.rules
drwxr-xr-x    2 ubnt     admin            0 Jan  1 00:00 httpd
lrwxrwxrwx    1 ubnt     admin           15 Jan  1 00:00 init.d -> /usr/etc/init.d
-rw-r--r--    1 ubnt     admin          990 Jan  1 00:00 inittab
-rw-r--r--    1 ubnt     admin           12 Jan  1 00:00 login.defs
lrwxrwxrwx    1 ubnt     admin           19 Jan  1 00:00 mime.types -> /usr/etc/mime.types
lrwxrwxrwx    1 ubnt     admin           18 Jan  1 00:00 modules.d -> /usr/etc/modules.d
-rw-------    1 ubnt     admin        10661 Nov 25  2015 monitrc
-rw-r--r--    1 ubnt     admin          184 Nov 25  2015 opkg.conf
-rw-r--r--    1 ubnt     admin           61 Jan  1 00:00 passwd
drwxr-xr-x    3 ubnt     admin            0 Jan  1 00:00 persistent
-rw-r--r--    1 ubnt     admin          412 Jan  1 00:00 profile
lrwxrwxrwx    1 ubnt     admin           18 Jan  1 00:00 protocols -> /usr/etc/protocols
-rwxr-xr-x    1 ubnt     admin         1602 Nov 18  2015 rc.common
drwxr-xr-x    2 ubnt     admin            0 Jan  1 00:00 rc.d
-rw-r--r--    1 ubnt     admin           24 Jan  1 00:00 resolv.conf
lrwxrwxrwx    1 ubnt     admin           17 Jan  1 00:00 services -> /usr/etc/services
lrwxrwxrwx    1 ubnt     admin           15 Jan  1 00:00 shells -> /usr/etc/shells
-rw-r--r--    1 ubnt     admin          155 Jan  1 00:00 startup.list
drwxr-xr-x    2 ubnt     admin            0 Jan  1 00:00 sysinit
drwxr-xr-x    2 ubnt     admin            0 Nov 25  2015 uci-defaults
drwxr-xr-x    2 ubnt     admin            0 Jan  1 00:00 udhcpc
-rw-r--r--    1 ubnt     admin            0 Jan  1 00:00 udhcpc_services
-rw-r--r--    1 ubnt     admin           11 Jan  1 00:00 version

But there is no /etc/config/network or /etc/config/wireless, so I don't know if I need to create them, or maybe I am missing something. All I need is be able to connect to the internet.

When i try

opkg update

it tries to connect to

http://downloads.openwrt.org/attitude_adjustment/12.09-rc1/qca956x/generic/packages/Packages.gz.

I don't need the Luci interface, just the network and wireless, but I don't know how to initialize them.

Thank you.

Uh...
You're stuck at Ubiquiti's firmware.
Someone already reported me that he had to downgrade (from 3.4.14) to 3.4.7 first, before
flashing OpenWrt was possible/accepted.

Maybe Ubiquiti introduced some more protection mechanisms to prevent third party firmware installations.
In the release notes of 3.4.14, Ubnt wrote:

The old (unprotected?) firmware 3.4.7 was shipped with the UniFi Controller 4.7.5.
Let's see if we can find that somehow.

P.Wassi

@Miguel:
I've found something
Please send me a mail, so we can try this out.
You can find my mail address on the bottom of the website mentioned earlier in this thread.

P.Wassi has found the issue, the problem was that my Ubiquiti had the 3.4.10 version, so I needed to downgrade to the version 3.4.7 

After that everything worked as expected.

Not sure if you all are familiar with something similar that happened with the unify UAP.
You could not upgrade from a certain ubnt revision.
I remember seeing that someone submitted a patch for that in the trunk.

Will try to dig it out to see if is relevant to what is happening here.

---
 target/linux/ar71xx/image/Makefile | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/target/linux/ar71xx/image/Makefile b/target/linux/ar71xx/image/Makefile
index d12ad8b..be82cb3 100644
--- a/target/linux/ar71xx/image/Makefile
+++ b/target/linux/ar71xx/image/Makefile
@@ -1030,6 +1030,19 @@ define Device/ubnt-bz
   IMAGE/sysupgrade.bin = append-kernel $$$$(BLOCKSIZE) | append-rootfs | pad-rootfs | check-size $$$$(IMAGE_SIZE)
 endef
 
+define Device/ubnt-bz7
+  DEVICE_PROFILE := UBNT
+  IMAGE_SIZE := 7552k
+  MTDPARTS = spi0.0:256k(u-boot)ro,64k(u-boot-env)ro,7552k(firmware),256k(cfg)ro,64k(EEPROM)ro
+  UBNT_TYPE := BZ
+  UBNT_BOARD := XM
+  UBNT_CHIP := ar7240
+  IMAGES := sysupgrade.bin factory.bin
+  IMAGE/factory.bin = $$(IMAGE/sysupgrade.bin) | mkubntimage-split
+  IMAGE/sysupgrade.bin = append-kernel $$$$(BLOCKSIZE) | append-rootfs | pad-rootfs | check-size $$$$(IMAGE_SIZE)
+endef
+
+
 define Device/rw2458n
   $(Device/ubnt-xm)
   BOARDNAME := RW2458N
@@ -1057,7 +1070,7 @@ endef
 TARGET_DEVICES += rw2458n ubnt-airrouter ubnt-bullet-m ubnt-rocket-m ubnt-nano-m
 
 define Device/ubnt-unifi
-  $(Device/ubnt-bz)
+  $(Device/ubnt-bz7)
   BOARDNAME := UBNT-UF
   DEVICE_PROFILE := UBNT UBNTUNIFI
 endef
-- 

This was the patch for the unifi.

Comparing that with the old unit-bz def the only difference is this

  UBNT_CHIP := ar934

(Last edited by Shogo on 11 Mar 2016, 17:46)

I think that is missing from the unifiac profile?
That the factory image uses that as well by adding the header.

I'm not sure if this applies here.
From what I've seen so far, the patch above takes care of correct file header info.
However, the unifiac has signed FW-updates, which we could never sign ourselves.
Therefore, flashing the unifiac is done by a direct call to "mtd write", s.t. the file is directly
written to flash without any additional checks (of matching header info, etc.)

For an (to me) unknown reason, mtd does not write to flash as it should,
or U-Boot restores the active flash partition from the passive one.

Hi guys,

on my new UAP-AC-Lite there's already 3.4.14 installed, unfortunately I couldn't find any older firmware versions on the web, maybe someone could help me out?

Thank you very much!!!

Hello,

I'm trying to load OpenWRT on the Unifi-AC-LR. I downgraded to 3.4.7 (I found it on an unofficial place) e followed the instructions (mtd method).

After the reboot I found the original firmware version 3.4.7.

Do you have some suggestions or can you give me direction to debug what's happening?

Thanks,
Andrea

hi andrea,

i would be glad if you could indicate me where to find that older firmware.

Grazie e saluti dall'Italia!

Hi,

google for "unifi installer 4.7.5"

If you are successful, please tell me

Andrea

Ok, found 4.7.5 now and downgraded firmware to 3.4.8. Then I flashed to firmware from https://pwassi.privatedns.org/openwrt/unifiac/ (version 3) and got OpenWRT on my UAP-AC-Lite. I set LAN to DHCP and could update package lists with opkg.
But package "luci" could not be installed (package not found), so I took the latest snapshot für unifiac (in stable builds I couldn't find any file for it) and flashed it with SYSUPGRADE. Upgrade was complete and successful (as it wrote at the end of the process) but after reboot I couldn't access to UAP anymore, neither on the internal dhcp-given IP nor on the static one (192.168.1.1), though I tried several cold starts.
So I installed the original firmware and flashed the snapshot version directly, but afterwards the AP was not accessible anymore (as before I couldn't even get a ping on any IP I tried).
So I re-installed the original UBNT firmware and flashed pwassi's firmware again, modified network settings and tried a sysupgrade to the latest snapshot again. Same result, no chance to get a access the UAP on any IP address I've tried.
Any hint?

Thanky to pwassi the last release works fine now, thank you very much.
The only thing I don't get to work is still the missing luci package:

root@OpenWrt:~# opkg install luci
Unknown package 'luci'.
Collected errors:
 * opkg_install_cmd: Cannot install package luci.

Is this a UAP problem or what?

to get luci to install

edit distfeeds.conf file in /etc/opkg

vi /etc/opkg/distfeeds.conf

it should something look like this by default (my results are truncated to 80 columns)

src/gz designated_driver_base http://downloads.openwrt.org/snapshots/trunk/ar71x
# src/gz designated_driver_packages http://downloads.openwrt.org/snapshots/trunk
# src/gz designated_driver_luci http://downloads.openwrt.org/snapshots/trunk/ar71x
# src/gz designated_driver_routing http://downloads.openwrt.org/snapshots/trunk/
# src/gz designated_driver_telephony http://downloads.openwrt.org/snapshots/trun
# src/gz designated_driver_management http://downloads.openwrt.org/snapshots/tru
# src/gz designated_driver_targets http://downloads.openwrt.org/snapshots/trunk/

Need to uncomment the line for luci by removing the # preceding that line

You can then

opkg update
and
opkg install luci

I believe you will need to do the same if you wish to install packages from the other categories that are precommented out in that file.

Also, Note that this was tested after flashing to the March 27th snapshot located here: https://downloads.openwrt.org/snapshots … /generic/. NOT from a clean install

(Last edited by mtindell on 28 Mar 2016, 22:35)