maybe found the bug...

There was an error in the netgear's addition add_headers() function code:
the length of the buffer was not updated in the headers involved above causing the issues.

mini_httpd_null_headers_malformed_fix.zip

this package fixes the problem

package available as mini_httpd-1.17beta1-072.ipk

opkg update && opkg install mini_httpd

or through the web gui package manager (install or upgrade packages)

Tried with chromium pc & android mobile 72.0.3626.121 access is full after login.

At this point I don't think there are nulls on the headers of the original mini_httpd code.

from ancistrus.

Thank you! I can confirm this works, I had to manually kill the mini_httpd process as rc http stop didn't work

from ancistrus.

Perfect, thanks! Yes, ssl was hanging on my first try. I reinstalled a fresh fw, the script completed without error then "opkg update && opkg install mini_httpd " Excellent - no more Chrome errors! ;)

from ancistrus.

the first try you made failed because the script was inadequately adapted to partition info/status creation

it was a long time bug discovered now

now startup.sh has been fixed

from ancistrus.

negan .. Huuuuge thank you 👍

I have just installed the Firmware image build #552
( https://github.com/negan07/ancistrus/releases )

Had to use MS Edge to update the Firmware .. But now I have no problems accessing 192.168.0.1 with Chromium Version 72.0.3626.121 (Official Build) (64-bit).

Screenshot - https://i.imgur.com/4yoRkWH.png

And so many new options I have no clue about - I think I need to restrain myself from clicking too many things until I have some idea about all the capabilities therein :)

One final question : On the Ancistrus / Core setup / Service Inhibitions - Is the Telnet Daemon on by default on these routers (its something I have never had access to before, and noticed it is ticked enabled by default after installing this firmware, so wonder if that has always been the case even before installing your firmware) ?. I have turned that off for now, as its something I will not use personally and I have a feeling that makes the router more secure if its disabled, which is desirable in my case.

Edit: PS that closes the issue as far as I am concerned - Thank you very much for your help giving this superb router a few more years life. Will be checking in here and using any future builds and hope to offer more useful info for the project.

Edit 2: The Release file Build #552 was named D7000-V1.0.1.68_1.0.1-ancistrus_negan07-build-552.zip
Its no problem as the content of the zip is correct, but ought to be named D7000-V1.0.1.70_1.0.1-ancistrus_negan07-build-552.zip

from ancistrus.

@negan07 I know this is closed and you may never read it again, but if you do I would just like to say I have now updated again to #592 and continue to be amazed at the superb unpaid work you are doing here.

Also note, with the official netgear firmware my family used to occasionally experience what seemed to be the router locking up. It used to happen maybe once every couple of weeks, or sometimes it would be a few month before it happened, but when it happened we needed to restart the router to clear the issue.

We have not experienced that issue at all since starting using your firmware updates, and regularly we can have up to 16 devices connected by WIFI plus a WIFI extender upstairs.

You have clearly fixed a lot more underlying issues with this firmware, that we would not have received from Netgear.

Many thanks again, its very much appreciated :).

from ancistrus.

I know this is closed and you may never read it again

notifications are still active for this but it seems the problem to be fixed

i don't know if the other problems mentioned are firmware related but the monolithic has a deflated size and resource usage in the average and will help adding more features in the future

from ancistrus.

the problem resides on mini_httpd headers string creation code

https://acme.com/software/mini_httpd/

all the router with this web server daemon are affected I think

the problem is that netgear uses a very old and customized version of it named 1.17beta1, the latest is the 1.30

in the latest version the add_headers() is different, the piece of code involved above has been removed but this doesn't mean it fixes the issues

bumping the version, will break all the readycloud readyshare parental control & genie support without the necessary patches

from ancistrus.

I sent an email to someone at the mini_httpd project, and the response was ..

"Thanks for the report! I was not aware there were NULs in the headers,
that definitely sounds like a bug. I'll take a look soon."

So keep an eye out for updates to mini_httpd I reckon :)

from ancistrus.

I'm using the official 1.0.1.70_1.0.1 firmware image from Netgear available here https://www.netgear.com/support/product/D7000.aspx#Firmware%20Version%201.0.1.70

The patch you have linked in a zip, I do not know how to use it, but if the fix comes out in a firmware image I am willing to test - If its a case of you have too much on though and want to do other things before providing any firmware image I will keep popping in to check periodically for updates.

Good to see the label "Fixed" though :) .. If its working with chromium 72.0.3626.121 that is proof positive the fix works.

Thank you very much for looking into it, dedicated programmers with the knowledge to solve the issues left behind ought to be paid by Netgear, a full time wage.

from ancistrus.

fix confirmed also on chromium ipk mobile

package available as mini_httpd-1.17beta1-072.ipk

opkg update && opkg install mini_httpd

or through the web gui package manager (install or upgrade packages)

from ancistrus.

sorry

rc httpd stop

anyway package available as mini_httpd-1.17beta1-072.ipk

opkg update && opkg install mini_httpd

or through the web gui package manager (install or upgrade packages)

from ancistrus.

Apologies for the newbie question, but would someone explain the process of applying the patch to the firmware for the D7000, please?

from ancistrus.

if not done yet, enter the console and download then execute startup.sh

https://negan07.github.io/ancistrus/

then install the fixed package with:

opkg update && opkg install mini_httpd

from ancistrus.

Can anyone advise on the following:

Installing essential packages: zlib openssl curl ancistrus-core utelnetd opkg
Downloading https://raw.githubusercontent.com/negan07/ancistrus/gh-pages/ancistrus-arm-D7000/Packages.gz. /etc/opkg: can't resolve symbol 'SSL_CTX_set_next_proto_select_cb'
Collected errors: * opkg_prepare_url_for_install: Couldn't find anything to satisfy 'zlib'.
zlib installation failed: check repository urls on /etc/opkg.conf

more opkg.conf

src/gz ancistrus-arm-D7000 https://raw.githubusercontent.com/negan07/ancistrus/gh-pages/ancistrus-arm-D7000
#src/gz debug https://raw.githubusercontent.com/negan07/ancistrus/gh-pages/debug
#src/gz local file:///mnt/shares/U/local
#src/gz localdebug https://192.168.0.7/localdebug
arch armD7000 1
arch arm 6
arch all 11
arch any 16
arch noarch 21
dest root /
dest ram /tmp
option autoremove 1
option tmp_dir /tmp
option lock_file /tmp/opkg/run
option cache_dir /tmp/opkg/cache
option lists_dir /tmp/opkg/lists

many thanks.

from ancistrus.

it's an openssl version mismatch

which fw version are you starting with ?

from ancistrus.

V1.0.1.70_1.0.1

from ancistrus.

retry again from a clean reinstalled fw version

from ancistrus.

negan .. Huuuuge thank you 👍

I have just installed the Firmware image build #552
( https://github.com/negan07/ancistrus/releases )

Had to use MS Edge to update the Firmware .. But now I have no problems accessing 192.168.0.1 with Chromium Version 72.0.3626.121 (Official Build) (64-bit).

Screenshot - https://i.imgur.com/4yoRkWH.png

And so many new options I have no clue about - I think I need to restrain myself from clicking too many things until I have some idea about all the capabilities therein :)

Have a read to the wiki board to understand all the options and packages before usage and note that the web gui option names link every option to the related wiki paragraph.

One final question : On the Ancistrus / Core setup / Service Inhibitions - Is the Telnet Daemon on by default on these routers (its something I have never had access to before, and noticed it is ticked enabled by default after installing this firmware, so wonder if that has always been the case even before installing your firmware) ?. I have turned that off for now, as its something I will not use personally and I have a feeling that makes the router more secure if its disabled, which is desirable in my case.

It can be disabled if you plan to use web gui only or an ssh client as console terminal.

The choice was to enable telnet console as default because initially there wasn't a web GUI project addition and the only way to install/remove/interact with the new modifications was the terminal console only.

Now it's possible to use telnet or ssh/scp with openssh package and the more intuitive web gui.

Anyway for security reason telnet remote access is disabled because the external login would be unencrypted and exposed to traffic loggers while it's possible to setup a more secure ssh remote console login.

Edit: PS that closes the issue as far as I am concerned - Thank you very much for your help giving this superb router a few more years life. Will be checking in here and using any future builds and hope to offer more useful info for the project.

Edit 2: The Release file Build #552 was named D7000-V1.0.1.68_1.0.1-ancistrus_negan07-build-552.zip
Its no problem as the content of the zip is correct, but ought to be named D7000-V1.0.1.70_1.0.1-ancistrus_negan07-build-552.zip

Sorry my mistake

Also the previous monolithic version zip pack was badly named, now both corrected, thanks for the notification.

from ancistrus.

:) Thanks again, now that I know what the inhibits do they are a very welcome addition, some nice options there. For now I have inhibited Netgears xCloud because I will never use it.

from ancistrus.