Proceeding:Steck AVM

From FOSS Users


This lawsuit was funded by Software Freedom Conservancy. Please donate to Conservancy to refill the litigation funds. Thank you!

In these proceedings before the District Court of Berlin, the plaintiff, Sebastian Steck, argued that AVM had made him an offer for source code and that this offer now obliges AVM to supply the complete source code. Only LGPL-licensed libraries were in dispute. The dispute was mainly over the installation of the modified libraries on the router manufactured by AVM. The lawsuit was moot after AVM provided the requested installation information.

More details can be found in the press release and on the information page of the Software Freedom Conservancy.

The originally provided source code can be found at https://osp.avm.de/fritzbox/fritzbox-4020/ ; the firmware image is available at https://download.avm.de/fritzbox/fritzbox-4020/deutschland/fritz.os/ . The compilation scripts below are created from information obtained by reverse engineering and from AVM. The additional installation script provided during litigation can be downloaded and is licensed under LGPLv2.1. Its translation can be found below.

Compilation Script for Version 6.83

This script is licensed under LGPLv2.1.
# This installation script consists of the installation information received from AVM during litigation filled with reverse engineering and guesswork.
# This installation script was tested to run on Ubuntu 14.04.6
set -e
sudo apt install gcc g++ quilt python make unzip autoconf m4 perl libtool ncurses-dev
cd ~
wget https://osp.avm.de/fritzbox/fritzbox-4020/source-files-FRITZ.Box_4020-drgfly-06.83.tar.gz
tar -xif source-files-FRITZ.Box_4020-drgfly-06.83.tar.gz 
cd GPL
mkdir kernel
(cd kernel; tar -xif ../GPL-release_kernel.tar.gz )&
mkdir gcc
(cd gcc; tar -xif ../GPL-gcc.tar.gz )&
wait
cd gcc
mv Makefile Makefile.orig
sed s/oldconfig/menuconfig/ < Makefile.orig > Makefile
export KERNEL_LAYOUT=drgfly
# accept provided default configuration
make
cd ..
export PATH=$PATH:~/GPL/gcc/prefix_sehr_sehr_sehr_sehr_sehr_sehr_sehr_sehr_sehr_lang_buildroot-2014.08/output/host/usr/bin/
mkdir libexif
cd libexif
tar -xif ../LGPL-libexif.tar.gz 
./configure --host=mips-linux
make
cd ..
mkdir -p libosip2/h
cd libosip2/h
tar -xif ../../LGPL-libosip.tar.gz 
./autogen.sh --enable
./configure --host=mips-linux --enable-pthread
make
cd ../..
file gcc/prefix_sehr_sehr_sehr_sehr_sehr_sehr_sehr_sehr_sehr_lang_buildroot-2014.08/output/target/lib/libuClibc-0.9.33.2.so 
file gcc/prefix_sehr_sehr_sehr_sehr_sehr_sehr_sehr_sehr_sehr_lang_buildroot-2014.08/output/target/lib/libblkid.so.1.1.0 
file libexif/libexif/.libs/libexif.so.12.3.1
file libosip2/h/src/osip2/.libs/libosip2.so.4.0.0

Compilation Script for Version 7.02

This script is licensed under LGPLv2.1.
# This installation script consists of the installation information received from AVM during litigation filled with reverse engineering and guesswork.
# This installation script was tested to run on Ubuntu 14.04.6
set -e
cd ~
sudo apt install gcc g++ quilt python make unzip autoconf m4 perl libtool
wget https://osp.avm.de/fritzbox/fritzbox-4020/source-files-FRITZ.Box_4020-drgfly-07.02.tar.gz
tar -xif source-files-FRITZ.Box_4020-drgfly-07.02.tar.gz 
sudo mkdir -p /GU/archiv/tmp--release_kernel
sudo chown -R $USER.$USER /GU
cd /GU/archiv/tmp--release_kernel
tar -xif ~/GPL/GPL-kernel.tar.gz 
mv linux build
mkdir ~/GPL/gcc
cd ~/GPL/gcc
tar -xif ../GPL-gcc.tar.gz
# use bash as standard sh
sudo dpkg-reconfigure dash
export FRITZ_BOX_BUILD_DIR=/GU
export KERNEL_LAYOUT=drgfly
export LINUX_KERNEL_VERSION=4.4
export LINUX_VERSION_EXT=.60
make
export PATH=$PATH:/GU/archiv/tmp-drgfly-gcc_x86_64/usr/bin
cd ..
mkdir libexif
cd libexif
tar -xif ../LGPL-libexif.tar.gz 
./configure --host=mips-linux
make
cd ..
mkdir -p libosip2/h
cd libosip2/h
tar -xif ../../LGPL-libosip.tar.gz 
./autogen.sh --enable
./configure --host=mips-linux --enable-pthread
make
cd ../..
file gcc/tmp_buildroot-2016.05/output/target/lib/libuClibc-1.0.14.so 
file gcc/tmp_buildroot-2016.05/output/target/lib/libblkid.so.1.1.0 
file libexif/libexif/.libs/libexif.so.12.3.1 
file libosip2/h/src/osip2/.libs/libosip2.so.4.0.0

Installation Script

This script is licensed under LGPLv2.1 and a translation of the German original received from AVM during litigation.

Annex B14

Additional Instruction For Installation Of Modified Software Into The Flash-Memory Of The FRITZ!Box 4020

The following step-by-step instruction summarizes basically the content of the public sources (1.) https://github.com/Freetz-NG/freetz-ng/blob/master/README.md as well as (2.) https://freetz.github.io/wiki/help/howtos/development/repack_fw.html . Please meake sure to execute the steps completely and in the correct order.

  1. First of all a development environment must be set up. To this end, for the sake of convenience, it can be resort to the instructions at source (1.). It suggests itself to use the preconfigured virtual Ubuntu machine ("Gismotro's Freetz-Linux"), which is provided by Freetz. However, a normal Ubuntu installation can also be used if desired. We ourselves have carried out the installation according to these instructions under Ubuntu 22.04.4.
  2. The following commands are now executed on the Ubuntu machine:
  3. Execute the command 'make menuconfig' and select the appropriate router model (here thus 4020) and save the configuration.
  4. Now some more tools have to be installed by executing 'make tools' once
  5. For the next step, the original firmware image is required for. The current image can be downloaded directly from the AVM download server, e.g. directly by executing the command 'wget http://download.avm.de/fritzbox/fritzbox-4020/deutschland/fritz.os/FRITZ.Box_4020.07.03.image'.
    Please note that the outdated firmware versions 6.83 and 7.02 can currently no longer be easily accessed there. The reason for this is a serious security volunerability that became known in September 2023 and was closed with version 7.03. AVM wants to prevent users from inadvertently installing a version for which the aforementioned security vulnerability has not yet been fixed. We assume that you have already saved versions 6.83 and 7.02 as part of your project. If, contrary to expectations, you no longer have them we will of course be happy to send them to you again.
  6. The original firmware image must now be unpacked into a new folder using the commands:
    • mkdir unpacked_firmware
    • ./fwmod -u -d unpacked_firmware FRITZ.Box_4020.07.03.image
  7. Within the directory './unpacked_firmware/original/filesystem' we now replace the desired files with specially generated files (we have replaced uClibc here, as you intended by you in your project) with the following command:
    • cp path-to-custom-file/ld-uClibc-1.0.14.so ./unpacked_firmware/original/filesystem/lib/ld-uClibc-1.0.14.so
      (Please make sure you enter the correct path to your own file instead of the placeholder)
  8. The firmware must now be packed back into an image file by entering the following command:
    • ./fwmod -p -d unpacked_firmware FRITZ.Box_4020.07.03.image
  9. Look up now in the output of fsmod (which appear in the command lind after correct execution of step 8) in STEP 3, how the just newly packed firmware-image-file is named and where it resides.
    Sample output with underlined name of the firmware-image-file:
    "[...]
    packing unpacked_firmware/4020_07.03.ger_20240315-102855.image
    [...]"
  10. The new firmware image is now written to the flash memory of the FRITZ!Box 4020. The new firmware image is unsigned, but this does not matter for the flash method used. In contrast to the Tivo case, there is no signature check in the boot loader. This circumstance has been known for over a decade in various open source projects for the FRITZ!Box and has been in use for over a decade. Carry out the following sub-steps:
    • Connect the FRITZ!Box 4020 to the Ubuntu PC via Ethernet, but keep it disconnected from the power supply.
    • Use 'ifconfig' to check whether an IPv4 address from the subnet 192.168.178.0/255 is configured on the Ethernet adapter; if necessary, catch up on this, e.g. in the Ubuntu network settings.
    • Call up the flash tool of the Freetz project: 'sudo tools/push_firmware unpacked_firmware/4020_07.03.ger_20240315-102855.image'
    • Supply the FRITZ!Box 4020 with power.
    Note: During our tests, it occasionally happened that the boot loader of the FRITZ!Box 4020 continued the boot process before the push_firmware tool started the write process via TFTP (this can be seen, among other signs, by the brief illumination of all LEDs on the device or by the the output on the serial console). The NcFTP used in the Freetz tool 'push_firmware' sometimes, for reasons we do not know, created a relatively long pause between finding the FRITZ!Box and the start of the flash process, up to 10s. Here, it was helpful to use a serial connection to the UART port of the FRITZ!Box to stop the bootloader by pressing a key (e.g. Enter). The flash process also worked without stopping, but the timing is often a bit tricky and it only worked after several boot attempts.