2004 to 2020 Mazda 3 Forum and Mazdaspeed 3 Forums banner
421 - 440 of 6500 Posts

·
Registered
Joined
·
285 Posts
Hi guys,
a different way to connect via SSH is Ethernet over USB.

I have killed my system (main menu with continuous loop) after a long research I have found a solution :)

With this adapter, you get SSH access via USB.

Greetings from Germany.
Greetings from canada,,

unfortunately with your cmu continuously rebooting i don't think this is going to do anything for you..sorry to be the bearer of bad news..
 

·
Registered
Joined
·
285 Posts
damn ur sayin it wont work at all? for anyone? :001_unsure: :death:
Im just saying if the systems constantly rebooting.. it will reboot before it loads the usb driver..
But im pretty sure this wont work for anyone .. from what i understand, the networks turned off in version 31. Which means no network service available to the CMU (wont be able to get an IP static or dhcp)
I would think network and ssh are both disabled in that version. From a developers perspective.. why enable it if it cant be used (less to go wro ng, and it helps troubleshooting issues the IFS has had)
Only one way to know for sure ..

Experienced users would be better off looking for ssh access through bluetooth on a rooted phone.. to see if its even available..

If people in the forum hadn't badgered @Babie to the point she left the forum.. we would likely have the answers to these questions. She was an EXCELLENT source for this and provided lots of usefull posts. (BIG THANKS ladies and gents >>you know who you are)
 

·
Registered
Joined
·
355 Posts
If people in the forum hadn't badgered @Babie to the point she left the forum.. we would likely have the answers to these questions. She was an EXCELLENT source for this and provided lots of usefull posts. (BIG THANKS ladies and gents >>you know who you are)
Did she really have credible info?

I mean, I think I had seen something once or twice that was useful from her, but I remember seeing something she wrote thinking that maybe she didn't really know what she was talking about / she may have been jumping to conclusions too quickly about things.... along with a lot of complaining about stuff.

It just seemed like she was quick to accept what other people had told her with out any critical analysis of the information, and then immediately pass that info along as if it were an undeniable fact....

I dunno, I never really said anything to her... was her information really actually useful?
 

·
Registered
Joined
·
285 Posts
Although her info didnt apply to all, for those of us that were plagued with issues her posts def helped. Im on version 29.. with no issues at all now. (Thanks to her posts, and tweaking I've done to the OS) Running a TB usb harddrive, 32GB USB stick, nav, bluetooth..and wifi.None of which i unplug or turn off.
I admit she wasn't an expert in the tech field.and was a little hastey to jump to conclusions (young), but her sources were solid..
 

·
Registered
Joined
·
476 Posts
Did she really have credible info?

I mean, I think I had seen something once or twice that was useful from her, but I remember seeing something she wrote thinking that maybe she didn't really know what she was talking about / she may have been jumping to conclusions too quickly about things.... along with a lot of complaining about stuff.

It just seemed like she was quick to accept what other people had told her with out any critical analysis of the information, and then immediately pass that info along as if it were an undeniable fact....

I dunno, I never really said anything to her... was her information really actually useful?
Although her info didnt apply to all, for those of us that were plagued with issues her posts def helped. Im on version 29.. with no issues at all now. (Thanks to her posts, and tweaking I've done to the OS) Running a TB usb harddrive, 32GB USB stick, nav, bluetooth..and wifi.None of which i unplug or turn off.
I admit she wasn't an expert in the tech field.and was a little hastey to jump to conclusions (young), but her sources were solid..
I have to agree with you on that. Seemed like a nice young girl, but some info was hearsay from sources she had to keep private. That bothered, and sometimes made me leary, of some of the info. We're not talking about state secrets, here. I wasn't concerned about names, just wondered how is this person "wired in" to gather the information. The last thing her secret source told her was something about a major software update by the end of July, if I remember right. It never happened. I would certainly never call her out on anything, and if it helped someone, great! That's what this forum is all about. It just never did much from me.

The way it sounded, she was enjoying the summer and getting ready to enter college, and wasn't necessarily "taking her ball and going home" because people were mean to her. I hope that was the case, I hate to see anyone feel they're being picked on and decide to log off permanently. We all have varying viewpoints, and that's what makes it interesting. If you all thought the same as me, I'd be very bored. LOL
 

·
Registered
Joined
·
5 Posts
For me currently running V29. I had made ​​a mistake when patching a js file, which led to reboot, so I gotten no WiFi.

About USB Ethernet, it was possible for me within 3 seconds to correct the error.

Yes the Developer Mode was on, is out now and it still goes via USB.

I have the USB once operated on another PC, so that the router can assign an IP before and remembers all.

Beyond the previously assigned IP, I was able to SSH into the box on the CMU.

The Key to the USB Ethernet adapter is not the manufacturer of the chipset AX88772B - ASIX

cu
 

·
Registered
Joined
·
355 Posts
The last thing her secret source told her was something about a major software update by the end of July, if I remember right. It never happened. I would certainly never call her out on anything, and if it helped someone, great! That's what this forum is all about. It just never did much from me.
lmao... yea... the sort of information that you would spread "with a grain of salt" she was talking it up like front page news... I dunno if it was just for attention, or if she really believed what she was saying or whatever.... but yea I think she seemed nice enough... I do remember seeing some replies to her posts that I honestly laughed at though

Someone had replied like "Oh, indeed, another top notch post babie, thanks for the info" when it seemed like all really useless info... I dunno, I dont really have any examples to argue with though so I don't want to bash too much.... it is whatever... :detective::stuart::biggrin:
 

·
Registered
Joined
·
12 Posts
Wifi is present for me in version 31

Hi, i have been following this large tread with interest.

I just received my Mazda 3 and it is delivered with version 31. However, I can still enable the wifi, and the car connects fine with my home network via wifi.
I was under impression that this version (version 31) had no wifi, so why is that possible for me?

Steen
 

·
Registered
Joined
·
6 Posts
Hi, i have been following this large tread with interest.

I just received my Mazda 3 and it is delivered with version 31. However, I can still enable the wifi, and the car connects fine with my home network via wifi.
I was under impression that this version (version 31) had no wifi, so why is that possible for me?

Steen
WIFI is only disabled for NA and Japan, are you in these regions? If not, you should not be affected.
 

·
Registered
Joined
·
12 Posts
WIFI is only disabled for NA and Japan, are you in these regions? If not, you should not be affected.
Thank you for the answer. You are right, I'm located in Europa (Denmark). So that is the reason.

So now I have wifi, is it safe to make the hacks described in this tread for removing the speed restriction for the use of the touch screen on the 31 version, even though they seems to be developed for previous versions?
 

·
Registered
Joined
·
25 Posts
SSL Certificate Status

Hello All,

A review post.

I've been playing with OpenSSL and the various certificates found around the system. Here is my status...
The calls the system uses for certificate validation are as shown below. You'll find many of these calls inside of libjcisecurity.so and svcjciupdates.so
  • PEM_read_X509 - This call takes a file pointer to a PEM file and returns the X509 certificate.
  • X509_get_pubkey - This call takes the cert and returns the public key attached to it.
  • EVP_PKEY_type - used to validate that the public key is an RSA key... EVP_PKEY_RSA (6)
  • X509_get_issuer_name - returns issuer field from certificate
  • X509_get_subject_name - returns subject from certificate
  • X509_NAME_oneline - converts the two above values into strings
  • X509_verify - takes a certificate and a public key and verifys the cert is valid.

There is a waterfall of verification for the certificates:
  1. The system uses the certificate found in jci\certificates\jci_root_cert.pem as a master certificate. The public key stored in this certificate will be used to verify both the master cert (itself) as well as subordinate certificates.
  2. The subordinate certifciate is stored in the highest level of the upgrade files. "jci_subord_cert.pem" This public key used in this file will be used to verify the publisher certificate.
  3. The publisher certificate is also stored in the highest level of the upgrade files. (publisher_cert.pem)
So we have: jci_root_cert.pem->public key verifys -> jci_subord_cert.pem -> public key verifys -> publisher_cert.pem

My best guess is the public key off the publisher cert is used to validate the last 256 bytes of the upgrade files. I've been concentrating more on getting my certificates to validate within the system. I'll come back to verify this later.

The system also checks the issuer and subject of all certificates...
jci_root_cert.pem
X509 Issuer : /DC=com/DC=johnsoncontrols/CN=JohnsonControlsRoot
X509 Subject: /DC=com/DC=johnsoncontrols/CN=JohnsonControlsRoot

jci_subord_cert.pem
X509 Issuer : /DC=com/DC=johnsoncontrols/CN=JohnsonControlsRoot
X509 Subject: /DC=com/DC=johnsoncontrols/CN=JohnsonControlsRoot

publisher_cert.pem
X509 Issuer : /DC=com/DC=johnsoncontrols/CN=EXTIssuingCA1
X509 Subject: /DC=com/DC=johnsoncontrols/CN=EXTIssuingCA1​


I have tried crafting my own certificates but run into issues when X509_verify tries to verify my cert using the public key from an upper level cert. It looks like to create our own certs we would need to replace all of the certificates. (Root cert already in the system and 2x in the upgrade files.) In order to do that we would already need filesystem access on the system... which makes this path unfeasible (for now) for anyone not running my modded v31.

Unfortunately we're back to... we need the private key... but now I know we need the private key associated with jci_root_cert.pem. Before anyone points it out, I have tried the key in "ssh_host_rsa_key" (beginning in: "MIIEogIBAAKCAQEA8VVu..."). It still looks like our only current viable option is to downgrade to v29 and then use my mods to get back to v31.

I'm going to continue to play for awhile... but it feels like I'm hitting a wall here. Throw me a shout if anyone else is working on this issue.

-Duck
 

·
Registered
Joined
·
153 Posts
Hello All,
... but it feels like I'm hitting a wall here. Throw me a shout if anyone else is working on this issue.
-Duck

Kudo!

No progress here, though SSH was lucky,
Signing rightfully is a better guarded secret!.

Thanks for your thorough analysis: agreed, if somebody could just certify that downgrading to V29 (from the image published elsewhere in this thread) is fail safe, than upgrading to your modded V31 should suffice for now.

Then the problem becomes how to acquire (though) and re-patch (easier) V31+ future files...
 

·
Registered
Joined
·
355 Posts
Kudo!

No progress here, though SSH was lucky,
Signing rightfully is a better guarded secret!.

Thanks for your thorough analysis: agreed, if somebody could just certify that downgrading to V29 (from the image published elsewhere in this thread) is fail safe, than upgrading to your modded V31 should suffice for now.

Then the problem becomes how to acquire (though) and re-patch (easier) V31+ future files...
Well... I dunno how much help I can be, but I have the normal version 31 and if someone can prepare the files needed to downgrade... I'd be willing to be a ginny pig to try the downgrade... kinda I guess.... if u guys think its safe... :stuart:

lmao... thats kinda what I needed to do anyway to get wifi... and having a modded version 31 would be even better since I want the bug fix for the sound mute issue with the GPS voice nav....

so if the files are collected to perform the down grade from normal v31 to v29 and then from v29 to Duck's modded v31, I supposed I wouldn't, mind putting them on a USB to test them... :blush 1:
 

·
Registered
Joined
·
83 Posts
Well... I dunno how much help I can be, but I have the normal version 31 and if someone can prepare the files needed to downgrade... I'd be willing to be a ginny pig to try the downgrade... kinda I guess.... if u guys think its safe... :stuart:

lmao... thats kinda what I needed to do anyway to get wifi... and having a modded version 31 would be even better since I want the bug fix for the sound mute issue with the GPS voice nav....

so if the files are collected to perform the down grade from normal v31 to v29 and then from v29 to Duck's modded v31, I supposed I wouldn't, mind putting them on a USB to test them... :blush 1:
I'm on v31 and would be willing to test the downgrade also.
 

·
Registered
Joined
·
285 Posts
I'm still looking as well..
I really don't think you would be able to get the downgrade to V29 to work,.it's been modded so I'm pretty sure the systems not going to accept it..
There is a EU v30 posted the system would probably take though, which would give you the WIFI so you could update to Ducks 31 . It's probaly the safest route we have at the moment, but this is just a theory.The folders /files look the same and i "think" the hardware is the same (no dvd ect)
maybe others can chime in with their thoughts on this?


I've been lookin here >>IBM Initiate Master Data Service and it has me wondering if the comment on the zip file isn't the "iv =" portion (under 256 "IV=7E892875A52C59A3B588306B13C31FBD")
one things for sure.. they definately wanted to make this tough..LoL.

Duck, it looks like your tackling a reinstall file? (3 PEM files.)

"We also missed the running_log directory! This directory holds messages from any function that calls "COMMON_Log_Write". I don't remember the path offhand but its somthing like /var/user/logs/running_logs/. This directory shows us a bit more info about what is going on during validation of the signature and includes the expected SHA256 hash for the .up file minus 256 bytes. I'll attach relevant parts of the log below."

I havent been able to find this file..can you confirm the path to it , incuding file name?I'm on version 29>and I found a couple of log files, but nothing that looks like yours.

I'm going after the gracenotes file to see if i can mod it and resign.
It only uses 2 PEM files to validate -- and so far no luck.

edit: added > if you look in the crypto file, it does look like their salting :-S
 

·
Registered
Joined
·
285 Posts
rename the attatchent libcrypt-2.11.1.so.doc to libcrypt-2.11.1.so
i had to add the .DOC to be able to upload it..
with a bit of luck im hoping to be able to use JCI's code to resign my zip..
 

Attachments

·
Registered
Joined
·
25 Posts
Duck, it looks like your tackling a reinstall file? (3 PEM files.)
Correct, I'm currently playing with both install files and gracenotes updates. The first PEM is embedded in the OS itself. (jci\certificates\jci_root_cert.pem). This file is used to validate the subordinate certificate in the .up files. (jci_subord_cert.pem) In turn, that file is used to validate the publisher cert in the .up files. (publisher_cert.pem)

"We also missed the running_log directory! This directory holds messages from any function that calls "COMMON_Log_Write". I don't remember the path offhand but its something like /var/user/logs/running_logs/. This directory shows us a bit more info about what is going on during validation of the signature and includes the expected SHA256 hash for the .up file minus 256 bytes. I'll attach relevant parts of the log below."

I havent been able to find this file..can you confirm the path to it , including file name?I'm on version 29>and I found a couple of log files, but nothing that looks like yours.
No problem, the path is linked here. Re-posted below for clarity...
Here is the Running log directory:

Anytime you find a branch to "COMMON_Log_Write" it will write information to:
/tmp/var/log/running_log/​
Directory Listing:
/tmp/var/log/running_log # ls -l
total 1276
-rw-rw-rw- 1 root root 224689 Jan 1 00:13 log
-rw-rw-rw- 1 root root 525255 Jan 1 00:04 log_oldest
-rw-rw-rw- 1 root root 524531 Jan 1 00:10 log_previous
/tmp/var/log/running_log #
The writes will start in /log. After it writes approx 520,000 bytes it copies /log_previous to /log_oldest.... /log to /log_previous and then starts a new /log

A useful linux command:
tail -f log​
Command will constantly update the screen with the last written info to /log. This system writes a lot of info to the log. Watch the log or copy it as you perform an update and you'll see the trace of function calls it makes.
I've found these logs to be immensely useful when debugging issues / progress. Just be aware, the system dumps a lot of data in these logs! It can take some digging to get what you want. I've used WinSCP to copy files locally so I can go through them. Throw me a shout if you don't see the directory. I've seen it on my orig v27 and it still exists in mod v31.

I'm going after the gracenotes file to see if i can mod it and resign.
It only uses 2 PEM files to validate -- and so far no luck.

edit: added > if you look in the crypto file, it does look like their salting :-S
Good to know, I'll play with that file in a bit. Thanks for continuing to work on this. Good luck!

-Duck
 

·
Registered
Joined
·
4 Posts
Quick question for everyone.

I'm running V29 and have disabled the speed limiting functions like many of you have. It looks like this may have disabled my compass as well. From what I can remember prior to disabling those functions, the compass would appear disabled while the vehicle was at a complete stop, but re-activate once it was moving. I'm thinking it might have toggled based on those speed limiting functions. Is this happening to any of you?

Thanks
 

·
Registered
Joined
·
4 Posts
Internet connection without Wifi possible?

In here (EU, Germany) as you know Wifi is still active. With this connection the navigation software can access online services like actual traffic or weather. It doesn't work with blutooth or USB connection even my phone could do tethering.

So how it would work in the US without wifi?

Can we enable internet acces over blutooth or usb?
 
421 - 440 of 6500 Posts
Top