• April 22, 2018, 04:40:07 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes  (Read 242 times)

GreenBay42

  • Administrator
  • Level 6 Member
  • *
  • Posts: 827

Official firmware released - included KRACK patch and DNSmasq fixes.

You have to upgrade to v1.04B02 first, and then upgrade to 1.10B02 (both files are in the ZIP file).

After you upgrade to 1.04, DO NOT install through the notification (ie when you go to the firmware page it says new available). Install manually.

You do not have to reset the router after upgrading to 1.10, but it is strongly recommended.

Firmware - ftp://FTP2.DLINK.COM/PRODUCTS/DIR-882/REVA/DIR-882_REVA_FIRMWARE_v1.10B02.zip

Release Notes:

Problems Resolved:
1. Update WPA2 security patch (KRACK)
2. Upgrade dnsmasq to 2.78

Enhancements:
1. Supports D-Link Wi-Fi App (QRS mobile won’t be supported from firmware version v1.10 or later version)
2. Support image with encryption
3. Support EU VLAN @ EU country code
4. Support VLAN profile @ SG country code

Logged

Broly

  • Level 1 Member
  • *
  • Posts: 3
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #1 on: April 16, 2018, 01:14:39 PM »

Hi GreenBay42,

I'm one of the few who are able to produce a very useful aftermarket FW for this device, and I'm wondering if this firmware upgrade affects the ability to load aftermarket firmwares on the device.

I am quite reticent to update my router because I am worried I will not be able to use DD-WRT afterwards. Is it possible you can provide a guarantee that this firmware update does not limit the end-user's ability to use aftermarket firmwares (where the user is responsible for the consequences of loading such firmware).

I just don't want to flash this firmware and learn that I cannot flash DD-WRT afterwards.

Also: is the bootloader updated? I would assume (or hope) so, given that there is a two-pass update process?

Thanks.
Logged

GreenBay42

  • Administrator
  • Level 6 Member
  • *
  • Posts: 827
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #2 on: April 16, 2018, 02:28:25 PM »

D-Link does not support 3rd party firmware (i.e. D-Link  helping you setup/configure/fix 3rd party firmware). The source code is public and D-Link does not stop users from using 3rd party firmware such as DD-WRT, but the user is always responsible for loading non-D-Link firmware. D-Link cannot control or be responsible for what a user does with the source code (obviously  :) ).

That being said, if you plan on using DD-WRT do not upgrade the D-Link firmware since DD-WRT will over-ride it. The bootloader is very rarely flashed on D-Link routers, only the firmware gets upgraded. I do not know specifically for the 1.10B02 firmware.

If you are looking for KRACK and DNSmasq fixes, make sure DD-WRT (or whatever 3rd party firmware) has it.

You may want to contact tech support if you have more concerns or need more technical information.
Logged

Broly

  • Level 1 Member
  • *
  • Posts: 3
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #3 on: April 16, 2018, 03:27:36 PM »

D-Link does not support 3rd party firmware (i.e. D-Link  helping you setup/configure/fix 3rd party firmware). The source code is public and D-Link does not stop users from using 3rd party firmware such as DD-WRT, but the user is always responsible for loading non-D-Link firmware. D-Link cannot control or be responsible for what a user does with the source code (obviously  :) ).

That being said, if you plan on using DD-WRT do not upgrade the D-Link firmware since DD-WRT will over-ride it. The bootloader is very rarely flashed on D-Link routers, only the firmware gets upgraded. I do not know specifically for the 1.10B02 firmware.

If you are looking for KRACK and DNSmasq fixes, make sure DD-WRT (or whatever 3rd party firmware) has it.

You may want to contact tech support if you have more concerns or need more technical information.

Hi GreenBay,

this makes sense, but i was curious as to why there are two firmwares. if the bootloader has not changed, i don't think D-Link would need to have two separate FWs that need to be flashed. I have never seen such a situation until now.

The reason I ask about the bootloader is because usually when the kernel is updated (which in this case would contain the driver/programs effected by the KRACK exploit), a two-firmware flash is hardly needed. It could be a single firmware and the root file system contained on the MTD could simply be updated to patch the files that are effected.

Is there any way users can find out what exactly changes when flashing to 1.10B2? If there is no bootloader update, why are two firmware flashes required?

It seems there is more than just a simple root filesystem (containing the stuff that would be effected by KRACK) update, and I was hoping you or someone could ask about it.

Thanks.
Logged

GreenBay42

  • Administrator
  • Level 6 Member
  • *
  • Posts: 827
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #4 on: April 16, 2018, 03:42:29 PM »

I understand what you are saying. I was told the first firmware was to add the encryption to the firmware file (thus making downgrading firmware not possible without a crash recovery) and the 2nd file having the actual security patches.  But since you can crash recover and load old firmware I do not believe the bootloader is affected.

I will need to send this to the router guys to send to the engineers to hopefully get an answer for you. I will do what I can but it may take a few days.

I will also try loading DD-WRT on the 882 with the latest firmware tomorrow to see if it works and see if we can downgrade without issues.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 44898
  • D-Link Global Forum Moderator
    • New DIR-890L Router with SmartConnect™ Technology
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #5 on: April 16, 2018, 03:59:02 PM »

You'll find DD-WRT forum posts regarding this model over on there forum located here as well for additional help and information:
https://www.dd-wrt.com/phpBB2/viewforum.php?f=50

Logged
Cable:200mb/10Mb>Motorola MB7420>COVR3902>HP 24pt Gb Switch. 3xDGL-4500s,DIR-857,835,827,815,890L,880L,868L,865L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L and 960L.
Go Here>Router Troubleshooting

Gattsu

  • Technical Engineer
  • Level 3 Member
  • *
  • Posts: 104
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #6 on: April 17, 2018, 07:34:41 AM »

D-Link does not support 3rd party firmware (i.e. D-Link  helping you setup/configure/fix 3rd party firmware). The source code is public and D-Link does not stop users from using 3rd party firmware such as DD-WRT, but the user is always responsible for loading non-D-Link firmware. D-Link cannot control or be responsible for what a user does with the source code (obviously  :) ).

That being said, if you plan on using DD-WRT do not upgrade the D-Link firmware since DD-WRT will over-ride it. The bootloader is very rarely flashed on D-Link routers, only the firmware gets upgraded. I do not know specifically for the 1.10B02 firmware.

If you are looking for KRACK and DNSmasq fixes, make sure DD-WRT (or whatever 3rd party firmware) has it.

You may want to contact tech support if you have more concerns or need more technical information.

Hi GreenBay,

this makes sense, but i was curious as to why there are two firmwares. if the bootloader has not changed, i don't think D-Link would need to have two separate FWs that need to be flashed. I have never seen such a situation until now.

The reason I ask about the bootloader is because usually when the kernel is updated (which in this case would contain the driver/programs effected by the KRACK exploit), a two-firmware flash is hardly needed. It could be a single firmware and the root file system contained on the MTD could simply be updated to patch the files that are effected.

Is there any way users can find out what exactly changes when flashing to 1.10B2? If there is no bootloader update, why are two firmware flashes required?

It seems there is more than just a simple root filesystem (containing the stuff that would be effected by KRACK) update, and I was hoping you or someone could ask about it.

Thanks.

The "unencrypt" file will remove the overwrite protection to allow a firmware upgrade and nothing else.
Logged

GreenBay42

  • Administrator
  • Level 6 Member
  • *
  • Posts: 827
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #7 on: April 17, 2018, 10:38:14 AM »

I loaded DD-WRT without issues from v1.10B02 and then put the D-Link firmware back on (1.04 first then 1.10). Seems to be working normally.

http://forums.dlink.com/index.php?topic=73607.0
Logged

Broly

  • Level 1 Member
  • *
  • Posts: 3
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #8 on: April 17, 2018, 03:20:19 PM »

D-Link does not support 3rd party firmware (i.e. D-Link  helping you setup/configure/fix 3rd party firmware). The source code is public and D-Link does not stop users from using 3rd party firmware such as DD-WRT, but the user is always responsible for loading non-D-Link firmware. D-Link cannot control or be responsible for what a user does with the source code (obviously  :) ).

That being said, if you plan on using DD-WRT do not upgrade the D-Link firmware since DD-WRT will over-ride it. The bootloader is very rarely flashed on D-Link routers, only the firmware gets upgraded. I do not know specifically for the 1.10B02 firmware.

If you are looking for KRACK and DNSmasq fixes, make sure DD-WRT (or whatever 3rd party firmware) has it.

You may want to contact tech support if you have more concerns or need more technical information.

Hi GreenBay,

this makes sense, but i was curious as to why there are two firmwares. if the bootloader has not changed, i don't think D-Link would need to have two separate FWs that need to be flashed. I have never seen such a situation until now.

The reason I ask about the bootloader is because usually when the kernel is updated (which in this case would contain the driver/programs effected by the KRACK exploit), a two-firmware flash is hardly needed. It could be a single firmware and the root file system contained on the MTD could simply be updated to patch the files that are effected.

Is there any way users can find out what exactly changes when flashing to 1.10B2? If there is no bootloader update, why are two firmware flashes required?

It seems there is more than just a simple root filesystem (containing the stuff that would be effected by KRACK) update, and I was hoping you or someone could ask about it.

Thanks.

The "unencrypt" file will remove the overwrite protection to allow a firmware upgrade and nothing else.

First off, I want to thank GreenBay42, FuzzyNuts and Gattsu for their prompt and informative responses.

One last inquiry: Gattsu, does the firmware update the bootloader at all, or no? I am still wondering why the overwrite protection thing is needed. For example, why could users upgrade from 1.00 to 1.01 (using stock DLINK Fw) without the intermediate? What would require the overwrite protection mentioned in this post?

Surely there is some sort of bootloader update?

edit: sorry one more thing: when will the GPL code for the 878/882 (fw 1.10 be posted)? thanks.
edit2: went ahead and loaded 1.04->1.10 myself, and i can still use DD-WRT. phew. sorry for being paranoid. would like to know when the 1.10GPL code will be posted though! thank you so much for your help. you guys are great!
« Last Edit: April 17, 2018, 04:26:19 PM by Broly »
Logged

Gattsu

  • Technical Engineer
  • Level 3 Member
  • *
  • Posts: 104
Re: DIR-882 firmware v1.10B02 Released - Official KRACK/DNSmasq fixes
« Reply #9 on: April 18, 2018, 07:41:26 AM »

D-Link does not support 3rd party firmware (i.e. D-Link  helping you setup/configure/fix 3rd party firmware). The source code is public and D-Link does not stop users from using 3rd party firmware such as DD-WRT, but the user is always responsible for loading non-D-Link firmware. D-Link cannot control or be responsible for what a user does with the source code (obviously  :) ).

That being said, if you plan on using DD-WRT do not upgrade the D-Link firmware since DD-WRT will over-ride it. The bootloader is very rarely flashed on D-Link routers, only the firmware gets upgraded. I do not know specifically for the 1.10B02 firmware.

If you are looking for KRACK and DNSmasq fixes, make sure DD-WRT (or whatever 3rd party firmware) has it.

You may want to contact tech support if you have more concerns or need more technical information.

Hi GreenBay,

this makes sense, but i was curious as to why there are two firmwares. if the bootloader has not changed, i don't think D-Link would need to have two separate FWs that need to be flashed. I have never seen such a situation until now.

The reason I ask about the bootloader is because usually when the kernel is updated (which in this case would contain the driver/programs effected by the KRACK exploit), a two-firmware flash is hardly needed. It could be a single firmware and the root file system contained on the MTD could simply be updated to patch the files that are effected.

Is there any way users can find out what exactly changes when flashing to 1.10B2? If there is no bootloader update, why are two firmware flashes required?

It seems there is more than just a simple root filesystem (containing the stuff that would be effected by KRACK) update, and I was hoping you or someone could ask about it.

Thanks.

The "unencrypt" file will remove the overwrite protection to allow a firmware upgrade and nothing else.

First off, I want to thank GreenBay42, FuzzyNuts and Gattsu for their prompt and informative responses.

One last inquiry: Gattsu, does the firmware update the bootloader at all, or no? I am still wondering why the overwrite protection thing is needed. For example, why could users upgrade from 1.00 to 1.01 (using stock DLINK Fw) without the intermediate? What would require the overwrite protection mentioned in this post?

Surely there is some sort of bootloader update?

edit: sorry one more thing: when will the GPL code for the 878/882 (fw 1.10 be posted)? thanks.
edit2: went ahead and loaded 1.04->1.10 myself, and i can still use DD-WRT. phew. sorry for being paranoid. would like to know when the 1.10GPL code will be posted though! thank you so much for your help. you guys are great!

Sorry no known timetable but usually it will take them 2-5 months to release the GPL code after the firmware.
Logged